Simplify error handling of PSA mac operationsg in ssl_msg.c
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
This commit is contained in:
Neil Armstrong
parent
321116c755
commit
4313f55a13
1 changed files with 12 additions and 14 deletions
|
|
@ -730,14 +730,13 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
||||||
hmac_failed_etm_disabled:
|
hmac_failed_etm_disabled:
|
||||||
mbedtls_platform_zeroize( mac, transform->maclen );
|
mbedtls_platform_zeroize( mac, transform->maclen );
|
||||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
psa_mac_abort( &operation );
|
|
||||||
if( status != PSA_SUCCESS )
|
|
||||||
{
|
|
||||||
ret = psa_ssl_status_to_mbedtls( status );
|
ret = psa_ssl_status_to_mbedtls( status );
|
||||||
#else
|
status = psa_mac_abort( &operation );
|
||||||
|
if( ret == 0 && status != PSA_SUCCESS )
|
||||||
|
ret = psa_ssl_status_to_mbedtls( status );
|
||||||
|
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
|
||||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_hmac_xxx", ret );
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_hmac_xxx", ret );
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
@ -1102,14 +1101,13 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
||||||
hmac_failed_etm_enabled:
|
hmac_failed_etm_enabled:
|
||||||
mbedtls_platform_zeroize( mac, transform->maclen );
|
mbedtls_platform_zeroize( mac, transform->maclen );
|
||||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
psa_mac_abort( &operation );
|
|
||||||
if( status != PSA_SUCCESS )
|
|
||||||
{
|
|
||||||
ret = psa_ssl_status_to_mbedtls( status );
|
ret = psa_ssl_status_to_mbedtls( status );
|
||||||
#else
|
status = psa_mac_abort( &operation );
|
||||||
|
if( ret == 0 && status != PSA_SUCCESS )
|
||||||
|
ret = psa_ssl_status_to_mbedtls( status );
|
||||||
|
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
|
||||||
MBEDTLS_SSL_DEBUG_RET( 1, "HMAC calculation failed", ret );
|
MBEDTLS_SSL_DEBUG_RET( 1, "HMAC calculation failed", ret );
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
@ -1473,15 +1471,15 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
|
||||||
|
|
||||||
hmac_failed_etm_enabled:
|
hmac_failed_etm_enabled:
|
||||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
psa_mac_abort( &operation );
|
ret = psa_ssl_status_to_mbedtls( status );
|
||||||
if( status != PSA_SUCCESS )
|
status = psa_mac_abort( &operation );
|
||||||
{
|
if( ret == 0 && status != PSA_SUCCESS )
|
||||||
ret = psa_ssl_status_to_mbedtls( status );
|
ret = psa_ssl_status_to_mbedtls( status );
|
||||||
#else
|
#else
|
||||||
mbedtls_platform_zeroize( mac_expect, transform->maclen );
|
mbedtls_platform_zeroize( mac_expect, transform->maclen );
|
||||||
|
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
|
||||||
if( ret != MBEDTLS_ERR_SSL_INVALID_MAC )
|
if( ret != MBEDTLS_ERR_SSL_INVALID_MAC )
|
||||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_hmac_xxx", ret );
|
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_hmac_xxx", ret );
|
||||||
return( ret );
|
return( ret );
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue