Clarify usage of psa_key_policy_permits Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>

commit: d788fab4ff8a7e14841c8c372591fc71333fde67 [log] [tgz]
author: Steven Cooreman <steven.cooreman@silabs.com> Thu Feb 25 11:29:17 2021 +0100
committer: Steven Cooreman <steven.cooreman@silabs.com> Mon Mar 01 16:09:24 2021 +0100
tree: 5af7fafef90846540655bf938894249e54dca390
parent: 16a05f5881dcd7d68e188d7709df5a3890318762 [diff]
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c23d124..eff86bc 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c

@@ -811,6 +811,10 @@
 static psa_status_t psa_key_policy_permits( const psa_key_policy_t *policy,
                                             psa_algorithm_t alg )
 {
+    /* '0' is not a valid algorithm */
+    if( alg == 0 )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
     /* A requested algorithm cannot be a wildcard. */
     if( PSA_ALG_IS_WILDCARD( alg ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
@@ -856,7 +860,8 @@
  *  and lock it.
  *
  * The key must have allow all the usage flags set in \p usage. If \p alg is
- * nonzero, the key must allow operations with this algorithm.
+ * nonzero, the key must allow operations with this algorithm. If \p alg is
+ * zero, the algorithm is not checked.
  *
  * In case of a persistent key, the function loads the description of the key
  * into a key slot if not already done.
commit	d788fab4ff8a7e14841c8c372591fc71333fde67	[log] [tgz]
author	Steven Cooreman <steven.cooreman@silabs.com>	Thu Feb 25 11:29:17 2021 +0100
committer	Steven Cooreman <steven.cooreman@silabs.com>	Mon Mar 01 16:09:24 2021 +0100
tree	5af7fafef90846540655bf938894249e54dca390
parent	16a05f5881dcd7d68e188d7709df5a3890318762 [diff]