Skip to content

/ mbedtls

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve psa_cipher_xxx() and psa_mac_xxx() robustness on error #4709

Open
yanesca opened this issue Jun 23, 2021 · 0 comments
Open

Improve psa_cipher_xxx() and psa_mac_xxx() robustness on error #4709

yanesca opened this issue Jun 23, 2021 · 0 comments
Assignees
@daverodgman
Labels
Product Backlog component: Crypto enhancement good first issue size:S
Projects
Product Backlog for Mbed TLS

Comments

@yanesca
Copy link
Contributor

@yanesca yanesca commented Jun 23, 2021

Suggested enhancement

Make the error handling in some psa_cipher_xxx() and psa_mac_xxx() functions more robust by aborting the operation before returning with and error.

The impacted functions are:
psa_mac_verify_finish(), psa_mac_sign_finish(), psa_cipher_generate_iv(), psa_cipher_set_iv(), psa_cipher_update(), psa_cipher_finish()

Justification

Mbed TLS needs this because this makes the implementation more robust in case the user makes a mistake and does not abort the operation as the PSA Crypto API specification requires them to do. Also, not aborting the operation on these errors provides little to no benefit.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@daverodgman daverodgman

Labels
Product Backlog component: Crypto enhancement good first issue size:S
Projects
Product Backlog for Mbed TLS
Incoming Items
Milestone
No milestone
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants
@daverodgman @yanesca