Remove superfluous length check
The key passed to the driver has been imported by the PSA Core, meaning
its length has already been verified, and the driver can rely on the
buffer length and key attributes being consistent.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c
index 8e64741..a5ef9e5 100644
--- a/library/psa_crypto_mac.c
+++ b/library/psa_crypto_mac.c
@@ -196,8 +196,7 @@
#if defined(BUILTIN_ALG_CMAC)
static psa_status_t cmac_setup( mbedtls_psa_mac_operation_t *operation,
const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size )
+ const uint8_t *key_buffer )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
const mbedtls_cipher_info_t * cipher_info =
@@ -210,9 +209,6 @@
if( cipher_info == NULL )
return( PSA_ERROR_NOT_SUPPORTED );
- if( key_buffer_size < PSA_BITS_TO_BYTES( psa_get_key_bits( attributes ) ) )
- return( PSA_ERROR_INVALID_ARGUMENT );
-
ret = mbedtls_cipher_setup( &operation->ctx.cmac, cipher_info );
if( ret != 0 )
goto exit;
@@ -335,8 +331,10 @@
#if defined(BUILTIN_ALG_CMAC)
if( PSA_ALG_FULL_LENGTH_MAC( alg ) == PSA_ALG_CMAC )
{
- status = cmac_setup( operation, attributes,
- key_buffer, key_buffer_size );
+ /* Key buffer size for CMAC is dictated by the key bits set on the
+ * attributes, and previously validated by the core on key import. */
+ (void) key_buffer_size;
+ status = cmac_setup( operation, attributes, key_buffer );
}
else
#endif /* BUILTIN_ALG_CMAC */