commit 6d9121381a8e170afab9a80aeafb11ff28e2a6a1
author Gilles Peskine <Gilles.Peskine@arm.com> Wed Mar 07 16:41:37 2018 +0100
committer itayzafrir <itay.zafrir@arm.com> Wed Sep 05 11:53:25 2018 +0300
tree 97f6df818774c5feb7b918ccc2d8414a644116ff
parent 03182e99b63baee25ca221715787409ad557b8b7

Add some comments to document some non-obvious coding choices

library/psa_crypto.c

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index ea25c49..cc631d9 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -305,6 +305,7 @@
 
     if( PSA_KEY_TYPE_IS_RAW_BYTES( type ) )
     {
+        /* Ensure that a bytes-to-bit conversion won't overflow. */
         if( data_length > SIZE_MAX / 8 )
             return( PSA_ERROR_NOT_SUPPORTED );
         slot->data.raw.data = mbedtls_calloc( 1, data_length );
@@ -396,7 +397,7 @@
 #endif /* defined(MBEDTLS_ECP_C) */
     {
         /* Shouldn't happen: the key type is not any type that we
-         * put it. */
+         * put in. */
         return( PSA_ERROR_TAMPERING_DETECTED );
     }
 
@@ -445,7 +446,7 @@
 #endif /* defined(MBEDTLS_ECP_C) */
     {
         /* Shouldn't happen: the key type is not any type that we
-         * put it. */
+         * put in. */
         return( PSA_ERROR_TAMPERING_DETECTED );
     }
 
@@ -503,8 +504,11 @@
         return( PSA_SUCCESS );
     }
     else
-#endif /* definedMBEDTLS_PK_WRITE_C) */
+#endif /* defined(MBEDTLS_PK_WRITE_C) */
     {
+        /* This shouldn't happen in the reference implementation, but
+           it is valid for a special-purpose implementation to omit
+           support for exporting certain key types. */
         return( PSA_ERROR_NOT_SUPPORTED );
     }
 }