psa: cipher: Align APIs execution flow
Align the execution of cipher one-shot APIs with
that of cipher multi-part APIs: always exit
through the exit-labelled section.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index e422133..6163de1 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3501,20 +3501,21 @@
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
- psa_key_slot_t *slot;
+ psa_key_slot_t *slot = NULL;
psa_key_type_t key_type;
size_t iv_length;
- *output_length = 0;
-
if( ! PSA_ALG_IS_CIPHER( alg ) )
- return( PSA_ERROR_INVALID_ARGUMENT );
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
+ }
status = psa_get_and_lock_key_slot_with_policy( key, &slot,
PSA_KEY_USAGE_ENCRYPT,
alg );
if( status != PSA_SUCCESS )
- return( status );
+ goto exit;
psa_key_attributes_t attributes = {
.core = slot->attr
@@ -3543,8 +3544,13 @@
exit:
unlock_status = psa_unlock_key_slot( slot );
+ if( status == PSA_SUCCESS )
+ status = unlock_status;
- return( ( status == PSA_SUCCESS ) ? unlock_status : status );
+ if( status != PSA_SUCCESS )
+ *output_length = 0;
+
+ return( status );
}
psa_status_t psa_cipher_decrypt( mbedtls_svc_key_id_t key,
@@ -3557,18 +3563,19 @@
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
- psa_key_slot_t *slot;
-
- *output_length = 0;
+ psa_key_slot_t *slot = NULL;
if( ! PSA_ALG_IS_CIPHER( alg ) )
- return( PSA_ERROR_INVALID_ARGUMENT );
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
+ }
status = psa_get_and_lock_key_slot_with_policy( key, &slot,
PSA_KEY_USAGE_DECRYPT,
alg );
if( status != PSA_SUCCESS )
- return( status );
+ goto exit;
psa_key_attributes_t attributes = {
.core = slot->attr
@@ -3587,8 +3594,13 @@
exit:
unlock_status = psa_unlock_key_slot( slot );
+ if( status == PSA_SUCCESS )
+ status = unlock_status;
- return( ( status == PSA_SUCCESS ) ? unlock_status : status );
+ if( status != PSA_SUCCESS )
+ *output_length = 0;
+
+ return( status );
}