Clarify usage of psa_key_policy_permits
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c23d124..eff86bc 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -811,6 +811,10 @@
static psa_status_t psa_key_policy_permits( const psa_key_policy_t *policy,
psa_algorithm_t alg )
{
+ /* '0' is not a valid algorithm */
+ if( alg == 0 )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
/* A requested algorithm cannot be a wildcard. */
if( PSA_ALG_IS_WILDCARD( alg ) )
return( PSA_ERROR_INVALID_ARGUMENT );
@@ -856,7 +860,8 @@
* and lock it.
*
* The key must have allow all the usage flags set in \p usage. If \p alg is
- * nonzero, the key must allow operations with this algorithm.
+ * nonzero, the key must allow operations with this algorithm. If \p alg is
+ * zero, the algorithm is not checked.
*
* In case of a persistent key, the function loads the description of the key
* into a key slot if not already done.