Google Git
Sign in
pigweed / third_party / github / ARMmbed / mbedtls / 2391952a4c1ce7f973decdb2593fad9dc4748c03^! / .
commit2391952a4c1ce7f973decdb2593fad9dc4748c03[log] [tgz]
authorRonald Cron <ronald.cron@arm.com>Thu Jul 08 19:00:07 2021 +0200
committerRonald Cron <ronald.cron@arm.com>Fri Nov 26 15:46:20 2021 +0100
treef8550922ba148f1caf90c0638b9c0f3e23487174
parent2fb9052838d2395f25baf3fd4d8a4e7e9f4ec32c [diff]
psa: cipher: Align APIs execution flow

Align the execution of cipher one-shot APIs with
that of cipher multi-part APIs: always exit
through the exit-labelled section.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index e422133..6163de1 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c

@@ -3501,20 +3501,21 @@
 {
     psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
     psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_key_slot_t *slot;
+    psa_key_slot_t *slot = NULL;
     psa_key_type_t key_type;
     size_t iv_length;
 
-    *output_length = 0;
-
     if( ! PSA_ALG_IS_CIPHER( alg ) )
-        return( PSA_ERROR_INVALID_ARGUMENT );
+    {
+        status = PSA_ERROR_INVALID_ARGUMENT;
+        goto exit;
+    }
 
     status = psa_get_and_lock_key_slot_with_policy( key, &slot,
                                                     PSA_KEY_USAGE_ENCRYPT,
                                                     alg );
     if( status != PSA_SUCCESS )
-        return( status );
+        goto exit;
 
     psa_key_attributes_t attributes = {
       .core = slot->attr
@@ -3543,8 +3544,13 @@
 
 exit:
     unlock_status = psa_unlock_key_slot( slot );
+    if( status == PSA_SUCCESS )
+        status = unlock_status;
 
-    return( ( status == PSA_SUCCESS ) ? unlock_status : status );
+    if( status != PSA_SUCCESS )
+        *output_length = 0;
+
+    return( status );
 }
 
 psa_status_t psa_cipher_decrypt( mbedtls_svc_key_id_t key,
@@ -3557,18 +3563,19 @@
 {
     psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
     psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_key_slot_t *slot;
-
-    *output_length = 0;
+    psa_key_slot_t *slot = NULL;
 
     if( ! PSA_ALG_IS_CIPHER( alg ) )
-        return( PSA_ERROR_INVALID_ARGUMENT );
+    {
+        status = PSA_ERROR_INVALID_ARGUMENT;
+        goto exit;
+    }
 
     status = psa_get_and_lock_key_slot_with_policy( key, &slot,
                                                     PSA_KEY_USAGE_DECRYPT,
                                                     alg );
     if( status != PSA_SUCCESS )
-        return( status );
+        goto exit;
 
     psa_key_attributes_t attributes = {
       .core = slot->attr
@@ -3587,8 +3594,13 @@
 
 exit:
     unlock_status = psa_unlock_key_slot( slot );
+    if( status == PSA_SUCCESS )
+        status = unlock_status;
 
-    return( ( status == PSA_SUCCESS ) ? unlock_status : status );
+    if( status != PSA_SUCCESS )
+        *output_length = 0;
+
+    return( status );
 }