commit 71f19ae6f8370f7f261f2c6979d0328a63deec27
author Moran Peker <moran.peker@arm.com> Sun Apr 22 20:23:16 2018 +0300
committer itayzafrir <itay.zafrir@arm.com> Wed Sep 05 12:14:28 2018 +0300
tree ba29b1fdd39cb0ebaddd4ef6addcae77d6629c67
parent 406008ab4c4a90e133b258ef0234997517876ed6

add missing call to psa_cipher_abort in cipher_setup func + iv_length check in cipher_set_iv func

library/psa_crypto.c

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 0e2d6da..b29b763 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1359,7 +1359,10 @@
         }
         ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher, mode );
         if (ret != 0)
+        {
+            psa_cipher_abort( operation );
             return( mbedtls_to_psa_error( ret ) );
+        }
     }
 #endif //MBEDTLS_CIPHER_MODE_WITH_PADDING
 
@@ -1424,6 +1427,13 @@
     int ret = PSA_SUCCESS;
     if( operation->iv_set )
         return( PSA_ERROR_BAD_STATE );
+    if (iv_length != operation->iv_size)
+    {
+        if (((operation->alg) & PSA_ALG_ARC4) == PSA_ALG_ARC4)
+            return(PSA_ERROR_BAD_STATE);
+        else
+            return (PSA_ERROR_INVALID_ARGUMENT);
+    }
     ret =  mbedtls_cipher_set_iv( &operation->ctx.cipher, iv, iv_length );
     if( ret != 0 )
     {
@@ -1466,7 +1476,6 @@
                                size_t *output_length)
 {
     int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
-    
     uint8_t temp_output_buffer[ MBEDTLS_MAX_BLOCK_LENGTH ];
 
     if( ! operation->key_set )