eden-emu/mbedtls
19
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

psa: Disallow use of invalid MAC contexts

Browse source 
Ensure that when doing MAC operations out of order, PSA_ERROR_BAD_STATE
is returned as documented in crypto.h and the PSA Crypto specification.
This commit is contained in:
Jaeden Amero 2019-02-15 14:05:35 +00:00
parent b281f74284
commit 252ef28dac
3 changed files with 143 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

10
library/psa_crypto.c
View file

@ -2238,6 +2238,11 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation,
{
psa_status_t status;
if( operation->alg == 0 )
{
return( PSA_ERROR_BAD_STATE );
}
/* Fill the output buffer with something that isn't a valid mac
* (barring an attack on the mac and deliberately-crafted input),
* in case the caller doesn't check the return status properly. */
@ -2276,6 +2281,11 @@ psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation,
uint8_t actual_mac[PSA_MAC_MAX_SIZE];
psa_status_t status;
if( operation->alg == 0 )
{
return( PSA_ERROR_BAD_STATE );
}
if( operation->is_sign )
{
status = PSA_ERROR_BAD_STATE;