cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-10-03 10:34:16 -04:00
Code Issues Packages Projects Releases Wiki Activity

pkcs5: improve error handling

Browse Source 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
This commit is contained in:
Andrzej Kurek 2022-09-01 12:59:05 -04:00
parent e3d544c58f
commit 216baca131
1 changed files with 9 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
library/pkcs5.c
View File

@ -329,7 +329,6 @@ exit:
mbedtls_md_free( &md_ctx ); mbedtls_md_free( &md_ctx );
return( ret ); return( ret );
#else #else
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int j; int j;
unsigned int i; unsigned int i;
unsigned char md1[PSA_HASH_MAX_SIZE]; unsigned char md1[PSA_HASH_MAX_SIZE];
@ -338,6 +337,7 @@ exit:
psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t status_destruction = PSA_ERROR_CORRUPTION_DETECTED;
size_t use_len, out_len; size_t use_len, out_len;
unsigned char *out_p = output; unsigned char *out_p = output;
unsigned char counter[4]; unsigned char counter[4];
@ -359,7 +359,7 @@ exit:
password, plen, password, plen,
&psa_hmac_key ) ) != PSA_SUCCESS ) &psa_hmac_key ) ) != PSA_SUCCESS )
{ {
return MBEDTLS_ERR_ERROR_GENERIC_ERROR; return MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA;
} }
#if UINT_MAX > 0xFFFFFFFF #if UINT_MAX > 0xFFFFFFFF
@ -396,11 +396,9 @@ exit:
goto cleanup; goto cleanup;
if( ( status = psa_mac_update( &operation, md1, md_size ) ) != PSA_SUCCESS ) if( ( status = psa_mac_update( &operation, md1, md_size ) ) != PSA_SUCCESS )
goto cleanup; goto cleanup;
if( ( status = psa_mac_sign_finish( &operation, md1, out_size, &out_len ) ) != PSA_SUCCESS ) if( ( status = psa_mac_sign_finish( &operation, md1, out_size, &out_len ) ) != PSA_SUCCESS )
goto cleanup; goto cleanup;
// U1 xor U2 // U1 xor U2
// //
for( j = 0; j < md_size; j++ ) for( j = 0; j < md_size; j++ )
@ -422,13 +420,14 @@ cleanup:
/* Zeroise buffers to clear sensitive data from memory. */ /* Zeroise buffers to clear sensitive data from memory. */
mbedtls_platform_zeroize( work, PSA_HASH_MAX_SIZE ); mbedtls_platform_zeroize( work, PSA_HASH_MAX_SIZE );
mbedtls_platform_zeroize( md1, PSA_HASH_MAX_SIZE ); mbedtls_platform_zeroize( md1, PSA_HASH_MAX_SIZE );
psa_destroy_key( psa_hmac_key ); status_destruction = psa_destroy_key( psa_hmac_key );
ret = (status != PSA_SUCCESS? MBEDTLS_ERR_ERROR_GENERIC_ERROR: 0); if( status == PSA_SUCCESS && status_destruction != PSA_SUCCESS )
status = psa_mac_abort( &operation ); status = status_destruction;
if( ret == 0 && status != PSA_SUCCESS ) status_destruction = psa_mac_abort( &operation );
ret = MBEDTLS_ERR_ERROR_GENERIC_ERROR; if( status == PSA_SUCCESS && status_destruction != PSA_SUCCESS )
status = status_destruction;
return ( ret ); return( mbedtls_md_error_from_psa( status ) );
#endif /* !MBEDTLS_MD_C */ #endif /* !MBEDTLS_MD_C */
} }