Fix logic issues with state checks
Also fix missing return values.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
diff --git a/library/psa_crypto_aead.c b/library/psa_crypto_aead.c
index e92dac5..b559f7a 100644
--- a/library/psa_crypto_aead.c
+++ b/library/psa_crypto_aead.c
@@ -535,7 +535,7 @@
* one contigious buffer, so until that is re-done, we have to enforce
* this, as we cannot allocate a buffer to collate multiple calls into.
*/
- if( input_length != operation->ad_remaining )
+ if( operation->ad_remaining != 0 )
{
return ( PSA_ERROR_INVALID_ARGUMENT );
}
@@ -556,7 +556,7 @@
{
/* CCM requires all additional data to be passed in in one go at the
minute, as we are basically operating in oneshot mode. */
- if( !operation->lengths_set || operation->ad_started )
+ if( operation->ad_started )
{
return( PSA_ERROR_BAD_STATE );
}
@@ -569,6 +569,7 @@
{
memcpy( operation->ad_buffer, input, input_length );
operation->ad_length = input_length;
+ status = PSA_SUCCESS;
}
else
{
@@ -613,10 +614,20 @@
size_t update_output_size;
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
- update_output_size = PSA_AEAD_UPDATE_OUTPUT_SIZE(operation->key_type,
- operation->alg, input_length);
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
+ if( operation->alg == PSA_ALG_CCM )
+ {
+ /* CCM will currently not output anything until finish. */
+ update_output_size = 0;
+ }
+ else
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) */
+ {
+ update_output_size = input_length;
+ }
- if(update_output_size > output_size )
+ if( PSA_AEAD_UPDATE_OUTPUT_SIZE( operation->key_type, operation->alg,
+ input_length ) > output_size )
{
return ( PSA_ERROR_BUFFER_TOO_SMALL );
}
@@ -651,7 +662,7 @@
return( PSA_ERROR_BAD_STATE );
}
- if( operation->ad_started )
+ if( !operation->ad_started )
{
return( PSA_ERROR_BAD_STATE );
}
@@ -668,7 +679,7 @@
{
/* CCM dooes not support multipart yet, so all the input has to be
passed in in one go. Store the data for the final step.*/
- if( operation->ad_started )
+ if( operation->body_started )
{
return( PSA_ERROR_BAD_STATE );
}
@@ -681,6 +692,7 @@
{
memcpy( operation->data_buffer, input, input_length );
operation->data_length = input_length;
+ status = PSA_SUCCESS;
}
else
{
@@ -739,15 +751,25 @@
return ( PSA_ERROR_BUFFER_TOO_SMALL );
}
- if( operation->is_encrypt )
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
+ if( operation->alg == PSA_ALG_CCM )
{
- *finish_output_size = PSA_AEAD_FINISH_OUTPUT_SIZE(operation->key_type,
- operation->alg);
+ /* CCM will output all data at this step. */
+ *finish_output_size = operation->data_length;
}
else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
{
- *finish_output_size = PSA_AEAD_VERIFY_OUTPUT_SIZE(operation->key_type,
- operation->alg);
+ if( operation->is_encrypt )
+ {
+ *finish_output_size = PSA_AEAD_FINISH_OUTPUT_SIZE( operation->key_type,
+ operation->alg );
+ }
+ else
+ {
+ *finish_output_size = PSA_AEAD_VERIFY_OUTPUT_SIZE( operation->key_type,
+ operation->alg );
+ }
}
if( output_size < *finish_output_size )
@@ -946,6 +968,8 @@
if( status == PSA_SUCCESS )
{
+ *plaintext_length = finish_output_size;
+
if( do_tag_check && safer_memcmp(tag, check_tag, tag_length) != 0 )
{
status = PSA_ERROR_INVALID_SIGNATURE;