commit 7220cae93c9dc5a820c18e1a9a2329f97c6256ec
author Paul Elliott <paul.elliott@arm.com> Tue Jun 22 17:25:57 2021 +0100
committer Paul Elliott <paul.elliott@arm.com> Tue Jun 22 22:14:47 2021 +0100
tree 7804838a01cc9221f29070030d89b56bcdf8d62e
parent 5e3bb131114fd6c72794ac46c3a050395ea9a3e9

Ensure generate nonce unavailable in decrypt

Signed-off-by: Paul Elliott <paul.elliott@arm.com>

library/psa_crypto.c

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 8dc6aad..aec22c7 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3469,7 +3469,10 @@
         status = unlock_status;
 
     if( status == PSA_SUCCESS )
+    {
         operation->alg = psa_aead_get_base_algorithm( alg );
+        operation->is_encrypt = 1;
+    }
     else
         psa_aead_abort( operation );
 
@@ -3531,7 +3534,10 @@
         status = unlock_status;
 
     if( status == PSA_SUCCESS )
+    {
         operation->alg = psa_aead_get_base_algorithm( alg );
+        operation->is_encrypt = 0;
+    }
     else
         psa_aead_abort( operation );
 
@@ -3556,7 +3562,7 @@
     }
 
     if( operation->nonce_set || operation->ad_started ||
-        operation->body_started )
+        operation->body_started  || operation->is_encrypt == 0 )
     {
         status = PSA_ERROR_BAD_STATE;
         goto exit;
@@ -3881,6 +3887,7 @@
     operation->lengths_set = 0;
     operation->ad_started = 0;
     operation->body_started = 0;
+    operation->is_encrypt = 0;
 
     return( status );
 }