Lines Matching full:if
12 #if defined(MBEDTLS_PSA_CRYPTO_C)
14 #if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
32 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
76 #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \
127 #if defined(MBEDTLS_THREADING_C) in psa_get_initialized()
133 #if defined(MBEDTLS_THREADING_C) in psa_get_initialized()
137 #if defined(MBEDTLS_THREADING_C) in psa_get_initialized()
144 #if defined(MBEDTLS_THREADING_C) in psa_get_initialized()
155 #if defined(MBEDTLS_THREADING_C) in psa_get_drivers_initialized()
161 #if defined(MBEDTLS_THREADING_C) in psa_get_drivers_initialized()
169 if (psa_get_initialized() == 0) \
172 #if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS)
201 if (status != PSA_SUCCESS) { \
243 if (status != PSA_SUCCESS) { \
261 if (local_output_status != PSA_SUCCESS) { \
298 #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT) || \
304 #if defined(PSA_WANT_DH_RFC7919_2048) in psa_is_dh_key_size_valid()
308 #if defined(PSA_WANT_DH_RFC7919_3072) in psa_is_dh_key_size_valid()
312 #if defined(PSA_WANT_DH_RFC7919_4096) in psa_is_dh_key_size_valid()
316 #if defined(PSA_WANT_DH_RFC7919_6144) in psa_is_dh_key_size_valid()
320 #if defined(PSA_WANT_DH_RFC7919_8192) in psa_is_dh_key_size_valid()
342 #if defined(MBEDTLS_AES_C) in mbedtls_to_psa_error()
350 #if defined(MBEDTLS_ASN1_PARSE_C) || defined(MBEDTLS_ASN1_WRITE_C) in mbedtls_to_psa_error()
363 #if defined(MBEDTLS_CAMELLIA_C) in mbedtls_to_psa_error()
369 #if defined(MBEDTLS_CCM_C) in mbedtls_to_psa_error()
376 #if defined(MBEDTLS_CHACHA20_C) in mbedtls_to_psa_error()
381 #if defined(MBEDTLS_CHACHAPOLY_C) in mbedtls_to_psa_error()
388 #if defined(MBEDTLS_CIPHER_C) in mbedtls_to_psa_error()
405 #if !(defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) || \ in mbedtls_to_psa_error()
407 /* Only check CTR_DRBG error codes if underlying mbedtls_xxx in mbedtls_to_psa_error()
418 #if defined(MBEDTLS_DES_C) in mbedtls_to_psa_error()
428 #if defined(MBEDTLS_GCM_C) in mbedtls_to_psa_error()
437 #if !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) && \ in mbedtls_to_psa_error()
439 /* Only check HMAC_DRBG error codes if underlying mbedtls_xxx in mbedtls_to_psa_error()
450 #if defined(MBEDTLS_MD_LIGHT) in mbedtls_to_psa_error()
457 #if defined(MBEDTLS_FS_IO) in mbedtls_to_psa_error()
463 #if defined(MBEDTLS_BIGNUM_C) in mbedtls_to_psa_error()
464 #if defined(MBEDTLS_FS_IO) in mbedtls_to_psa_error()
484 #if defined(MBEDTLS_PK_C) in mbedtls_to_psa_error()
490 #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) || defined(MBEDTLS_FS_IO) || \ in mbedtls_to_psa_error()
520 #if defined(MBEDTLS_RSA_C) in mbedtls_to_psa_error()
540 #if defined(MBEDTLS_ECP_LIGHT) in mbedtls_to_psa_error()
556 #if defined(MBEDTLS_ECP_RESTARTABLE) in mbedtls_to_psa_error()
585 * \param output_buffer_size Size of output buffer. If zero, \p output_buffer
595 if (output_buffer_size == 0) { in psa_wipe_tag_output_buffer()
596 /* If output_buffer_size is 0 then we have nothing to do. We must not in psa_wipe_tag_output_buffer()
601 if (status == PSA_SUCCESS) { in psa_wipe_tag_output_buffer()
620 #if defined(PSA_WANT_KEY_TYPE_AES) in psa_validate_unstructured_key_bit_size()
622 if (bits != 128 && bits != 192 && bits != 256) { in psa_validate_unstructured_key_bit_size()
627 #if defined(PSA_WANT_KEY_TYPE_ARIA) in psa_validate_unstructured_key_bit_size()
629 if (bits != 128 && bits != 192 && bits != 256) { in psa_validate_unstructured_key_bit_size()
634 #if defined(PSA_WANT_KEY_TYPE_CAMELLIA) in psa_validate_unstructured_key_bit_size()
636 if (bits != 128 && bits != 192 && bits != 256) { in psa_validate_unstructured_key_bit_size()
641 #if defined(PSA_WANT_KEY_TYPE_DES) in psa_validate_unstructured_key_bit_size()
643 if (bits != 64 && bits != 128 && bits != 192) { in psa_validate_unstructured_key_bit_size()
648 #if defined(PSA_WANT_KEY_TYPE_CHACHA20) in psa_validate_unstructured_key_bit_size()
650 if (bits != 256) { in psa_validate_unstructured_key_bit_size()
658 if (bits % 8 != 0) { in psa_validate_unstructured_key_bit_size()
683 if (PSA_ALG_IS_HMAC(algorithm)) { in psa_mac_key_can_do()
684 if (key_type == PSA_KEY_TYPE_HMAC) { in psa_mac_key_can_do()
689 if (PSA_ALG_IS_BLOCK_CIPHER_MAC(algorithm)) { in psa_mac_key_can_do()
692 if ((key_type & PSA_KEY_TYPE_CATEGORY_MASK) == in psa_mac_key_can_do()
696 if (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) > 1) { in psa_mac_key_can_do()
708 if (slot->key.data != NULL) { in psa_allocate_buffer_to_slot()
713 if (slot->key.data == NULL) { in psa_allocate_buffer_to_slot()
727 if (status != PSA_SUCCESS) { in psa_copy_key_material_into_slot()
745 if (data_length == 0) { in psa_import_key_into_slot()
749 if (key_type_is_raw_bytes(type)) { in psa_import_key_into_slot()
754 if (status != PSA_SUCCESS) { in psa_import_key_into_slot()
764 } else if (PSA_KEY_TYPE_IS_ASYMMETRIC(type)) { in psa_import_key_into_slot()
765 #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT) || \ in psa_import_key_into_slot()
767 if (PSA_KEY_TYPE_IS_DH(type)) { in psa_import_key_into_slot()
768 if (psa_is_dh_key_size_valid(PSA_BYTES_TO_BITS(data_length)) == 0) { in psa_import_key_into_slot()
779 #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ in psa_import_key_into_slot()
781 if (PSA_KEY_TYPE_IS_ECC(type)) { in psa_import_key_into_slot()
790 #if (defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) && \ in psa_import_key_into_slot()
793 if (PSA_KEY_TYPE_IS_RSA(type)) { in psa_import_key_into_slot()
818 if (alg1 == alg2) { in psa_key_policy_algorithm_intersection()
821 /* If the policies are from the same hash-and-sign family, check in psa_key_policy_algorithm_intersection()
822 * if one is a wildcard. If so the other has the specific algorithm. */ in psa_key_policy_algorithm_intersection()
823 if (PSA_ALG_IS_SIGN_HASH(alg1) && in psa_key_policy_algorithm_intersection()
826 if (PSA_ALG_SIGN_GET_HASH(alg1) == PSA_ALG_ANY_HASH) { in psa_key_policy_algorithm_intersection()
829 if (PSA_ALG_SIGN_GET_HASH(alg2) == PSA_ALG_ANY_HASH) { in psa_key_policy_algorithm_intersection()
833 /* If the policies are from the same AEAD family, check whether in psa_key_policy_algorithm_intersection()
836 if (PSA_ALG_IS_AEAD(alg1) && PSA_ALG_IS_AEAD(alg2) && in psa_key_policy_algorithm_intersection()
843 /* If both are wildcards, return most restrictive wildcard */ in psa_key_policy_algorithm_intersection()
844 if (((alg1 & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0) && in psa_key_policy_algorithm_intersection()
849 /* If only one is a wildcard, return specific algorithm if compatible. */ in psa_key_policy_algorithm_intersection()
850 if (((alg1 & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0) && in psa_key_policy_algorithm_intersection()
854 if (((alg2 & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0) && in psa_key_policy_algorithm_intersection()
859 /* If the policies are from the same MAC family, check whether one in psa_key_policy_algorithm_intersection()
862 if (PSA_ALG_IS_MAC(alg1) && PSA_ALG_IS_MAC(alg2) && in psa_key_policy_algorithm_intersection()
867 if (PSA_SUCCESS != psa_mac_key_can_do(alg1, key_type)) { in psa_key_policy_algorithm_intersection()
883 /* If both are wildcards, return most restrictive wildcard */ in psa_key_policy_algorithm_intersection()
884 if (((alg1 & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0) && in psa_key_policy_algorithm_intersection()
889 /* If only one is an at-least-this-length policy, the intersection would in psa_key_policy_algorithm_intersection()
892 if ((alg1 & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0) { in psa_key_policy_algorithm_intersection()
895 if ((alg2 & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0) { in psa_key_policy_algorithm_intersection()
899 /* If none of them are wildcards, check whether they define the same tag in psa_key_policy_algorithm_intersection()
903 if (alg1_len == alg2_len) { in psa_key_policy_algorithm_intersection()
907 /* If the policies are incompatible, allow nothing. */ in psa_key_policy_algorithm_intersection()
916 if (requested_alg == policy_alg) { in psa_key_algorithm_permits()
919 /* If policy_alg is a hash-and-sign with a wildcard for the hash, in psa_key_algorithm_permits()
922 if (PSA_ALG_IS_SIGN_HASH(requested_alg) && in psa_key_algorithm_permits()
927 /* If policy_alg is a wildcard AEAD algorithm of the same base as in psa_key_algorithm_permits()
930 if (PSA_ALG_IS_AEAD(policy_alg) && in psa_key_algorithm_permits()
938 /* If policy_alg is a MAC algorithm of the same base as the requested in psa_key_algorithm_permits()
940 if (PSA_ALG_IS_MAC(policy_alg) && in psa_key_algorithm_permits()
946 if (PSA_SUCCESS != psa_mac_key_can_do(policy_alg, key_type)) { in psa_key_algorithm_permits()
961 /* If the policy is default-length, only allow an algorithm with in psa_key_algorithm_permits()
963 if (PSA_MAC_TRUNCATED_LENGTH(policy_alg) == 0) { in psa_key_algorithm_permits()
967 /* If the requested algorithm is default-length, allow it if the policy in psa_key_algorithm_permits()
969 if (PSA_MAC_TRUNCATED_LENGTH(requested_alg) == 0 && in psa_key_algorithm_permits()
974 /* If policy_alg is an at-least-this-length wildcard MAC algorithm, in psa_key_algorithm_permits()
977 if ((policy_alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0) { in psa_key_algorithm_permits()
982 /* If policy_alg is a generic key agreement operation, then using it for in psa_key_algorithm_permits()
985 if (PSA_ALG_IS_RAW_KEY_AGREEMENT(policy_alg) && in psa_key_algorithm_permits()
990 /* If it isn't explicitly permitted, it's forbidden. */ in psa_key_algorithm_permits()
1014 if (alg == 0) { in psa_key_policy_permits()
1019 if (PSA_ALG_IS_WILDCARD(alg)) { in psa_key_policy_permits()
1023 if (psa_key_algorithm_permits(key_type, policy->alg, alg) || in psa_key_policy_permits()
1060 if (intersection_alg == 0 && policy->alg != 0 && constraint->alg != 0) { in psa_restrict_key_policy()
1063 if (intersection_alg2 == 0 && policy->alg2 != 0 && constraint->alg2 != 0) { in psa_restrict_key_policy()
1075 * The key must have allow all the usage flags set in \p usage. If \p alg is
1076 * nonzero, the key must allow operations with this algorithm. If \p alg is
1080 * into a key slot if not already done.
1087 * if and only if the caller already holds the global key slot mutex
1101 if (status != PSA_SUCCESS) { in psa_get_and_lock_key_slot_with_policy()
1109 * if they had the export flag. */ in psa_get_and_lock_key_slot_with_policy()
1110 if (PSA_KEY_TYPE_IS_PUBLIC_KEY(slot->attr.type)) { in psa_get_and_lock_key_slot_with_policy()
1114 if ((slot->attr.policy.usage & usage) != usage) { in psa_get_and_lock_key_slot_with_policy()
1120 if (alg != 0) { in psa_get_and_lock_key_slot_with_policy()
1124 if (status != PSA_SUCCESS) { in psa_get_and_lock_key_slot_with_policy()
1153 * if and only if the caller already holds the global key slot mutex
1165 if (status != PSA_SUCCESS) { in psa_get_and_lock_transparent_key_slot_with_policy()
1169 if (psa_key_lifetime_is_external((*p_slot)->attr.lifetime)) { in psa_get_and_lock_transparent_key_slot_with_policy()
1180 if (slot->key.data != NULL) { in psa_remove_key_data_from_memory()
1202 * if the MBEDTLS_TEST_HOOKS configuration option is enabled and the in psa_wipe_key_slot()
1204 * execution of the test suite is stopped in error if the assertion fails. in psa_wipe_key_slot()
1208 /* In this state psa_wipe_key_slot() must only be called if the in psa_wipe_key_slot()
1211 /* In this state psa_wipe_key_slot() must only be called if the in psa_wipe_key_slot()
1213 if (slot->registered_readers != 1) { in psa_wipe_key_slot()
1220 if (slot->registered_readers != 0) { in psa_wipe_key_slot()
1237 * the key slot: if they need to access the key after the setup in psa_wipe_key_slot()
1253 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) in psa_destroy_key()
1257 if (mbedtls_svc_key_id_is_null(key)) { in psa_destroy_key()
1264 * from persistent memory if not done yet. in psa_destroy_key()
1265 * We cannot avoid this loading as without it we don't know if in psa_destroy_key()
1269 if (status != PSA_SUCCESS) { in psa_destroy_key()
1273 #if defined(MBEDTLS_THREADING_C) in psa_destroy_key()
1281 if (slot->state == PSA_SLOT_PENDING_DELETION) { in psa_destroy_key()
1297 * If the key is persistent, we can now delete the copy of the key in psa_destroy_key()
1298 * from memory. If the key is opaque, we require the driver to in psa_destroy_key()
1303 if (overall_status != PSA_SUCCESS) { in psa_destroy_key()
1307 if (PSA_KEY_LIFETIME_IS_READ_ONLY(slot->attr.lifetime)) { in psa_destroy_key()
1309 * if we attempt it, depending on whether the key is merely read-only in psa_destroy_key()
1317 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) in psa_destroy_key()
1319 if (driver != NULL) { in psa_destroy_key()
1330 if (status != PSA_SUCCESS) { in psa_destroy_key()
1334 * important if the error is that the storage is full. in psa_destroy_key()
1345 if (overall_status == PSA_SUCCESS) { in psa_destroy_key()
1351 #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) in psa_destroy_key()
1352 if (!PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) { in psa_destroy_key()
1357 if (overall_status == PSA_SUCCESS) { in psa_destroy_key()
1363 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) in psa_destroy_key()
1364 if (driver != NULL) { in psa_destroy_key()
1366 if (overall_status == PSA_SUCCESS) { in psa_destroy_key()
1370 if (overall_status == PSA_SUCCESS) { in psa_destroy_key()
1377 /* Unregister from reading the slot. If we are the last active reader in psa_destroy_key()
1382 if (status != PSA_SUCCESS) { in psa_destroy_key()
1386 #if defined(MBEDTLS_THREADING_C) in psa_destroy_key()
1387 /* Don't overwrite existing errors if the unlock fails. */ in psa_destroy_key()
1407 if (status != PSA_SUCCESS) { in psa_get_key_attributes()
1413 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) in psa_get_key_attributes()
1414 if (psa_get_se_driver_entry(slot->attr.lifetime) != NULL) { in psa_get_key_attributes()
1423 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
1428 if (attributes->has_slot_number) { in psa_get_key_slot_number()
1443 if (key_buffer_size > data_size) { in psa_export_key_buffer_internal()
1460 if (key_type_is_raw_bytes(type) || in psa_export_key_internal()
1488 if (data_size == 0) { in psa_export_key()
1504 if (status != PSA_SUCCESS) { in psa_export_key()
1514 #if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) in psa_export_key()
1533 if (PSA_KEY_TYPE_IS_PUBLIC_KEY(type) && in psa_export_public_key_internal()
1540 } else if (PSA_KEY_TYPE_IS_RSA(type)) { in psa_export_public_key_internal()
1541 #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT) || \ in psa_export_public_key_internal()
1554 } else if (PSA_KEY_TYPE_IS_ECC(type)) { in psa_export_public_key_internal()
1555 #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \ in psa_export_public_key_internal()
1568 } else if (PSA_KEY_TYPE_IS_DH(type)) { in psa_export_public_key_internal()
1569 #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_EXPORT) || \ in psa_export_public_key_internal()
1604 if (data_size == 0) { in psa_export_public_key()
1616 if (status != PSA_SUCCESS) { in psa_export_public_key()
1622 if (!PSA_KEY_TYPE_IS_ASYMMETRIC(slot->attr.type)) { in psa_export_public_key()
1646 if ((policy->usage & ~(PSA_KEY_USAGE_EXPORT | in psa_validate_key_policy()
1664 * This function only rejects invalid attribute values. If does not
1671 * \param[out] p_drv On any return, the driver for the key, if any.
1684 if (status != PSA_SUCCESS) { in psa_validate_key_attributes()
1689 if (status != PSA_SUCCESS) { in psa_validate_key_attributes()
1693 if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) { in psa_validate_key_attributes()
1694 if (MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key) != 0) { in psa_validate_key_attributes()
1698 if (!psa_is_valid_key_id(psa_get_key_id(attributes), 0)) { in psa_validate_key_attributes()
1704 if (status != PSA_SUCCESS) { in psa_validate_key_attributes()
1709 * Note that this doesn't trigger on import if the attributes don't in psa_validate_key_attributes()
1712 if (psa_get_key_bits(attributes) > PSA_MAX_KEY_BITS) { in psa_validate_key_attributes()
1723 * If this function fails, call psa_fail_key_creation().
1741 * \param[out] p_drv On any return, the driver for the key, if any.
1746 * \return If this function fails, the key slot is an invalid state.
1763 if (status != PSA_SUCCESS) { in psa_start_key_creation()
1767 #if defined(MBEDTLS_THREADING_C) in psa_start_key_creation()
1772 #if defined(MBEDTLS_THREADING_C) in psa_start_key_creation()
1776 if (status != PSA_SUCCESS) { in psa_start_key_creation()
1790 if (PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) { in psa_start_key_creation()
1791 #if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) in psa_start_key_creation()
1798 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) in psa_start_key_creation()
1810 * transaction data. It will be needed to recover if the power in psa_start_key_creation()
1814 * save the driver's persistent state, so that if the power fails, in psa_start_key_creation()
1816 if (*p_drv != NULL) { in psa_start_key_creation()
1820 if (status != PSA_SUCCESS) { in psa_start_key_creation()
1824 if (!PSA_KEY_LIFETIME_IS_VOLATILE(attributes->lifetime)) { in psa_start_key_creation()
1830 if (status != PSA_SUCCESS) { in psa_start_key_creation()
1840 if (*p_drv == NULL && method == PSA_KEY_CREATION_REGISTER) { in psa_start_key_creation()
1853 * If this function fails, call psa_fail_key_creation().
1857 * If the finalization succeeds, the function sets the key slot's state to
1876 * \return If this function fails, the key slot is an invalid state.
1888 #if defined(MBEDTLS_THREADING_C) in psa_finish_key_creation()
1893 #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) in psa_finish_key_creation()
1894 if (!PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) { in psa_finish_key_creation()
1895 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) in psa_finish_key_creation()
1896 if (driver != NULL) { in psa_finish_key_creation()
1921 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) in psa_finish_key_creation()
1927 if (driver != NULL && in psa_finish_key_creation()
1930 if (status != PSA_SUCCESS) { in psa_finish_key_creation()
1933 #if defined(MBEDTLS_THREADING_C) in psa_finish_key_creation()
1943 if (status == PSA_SUCCESS) { in psa_finish_key_creation()
1947 if (status != PSA_SUCCESS) { in psa_finish_key_creation()
1952 #if defined(MBEDTLS_THREADING_C) in psa_finish_key_creation()
1976 if (slot == NULL) { in psa_fail_key_creation()
1980 #if defined(MBEDTLS_THREADING_C) in psa_fail_key_creation()
1981 /* If the lock operation fails we still wipe the slot. in psa_fail_key_creation()
1987 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) in psa_fail_key_creation()
1988 /* TODO: If the key has already been created in the secure in psa_fail_key_creation()
1995 /* Abort the ongoing transaction if any (there may not be one if in psa_fail_key_creation()
1996 * the creation process failed before starting one, or if the in psa_fail_key_creation()
2006 #if defined(MBEDTLS_THREADING_C) in psa_fail_key_creation()
2013 * Some key attributes are optional during key creation. If they are
2024 if (attributes->type != 0) { in psa_validate_optional_attributes()
2025 if (attributes->type != slot->attr.type) { in psa_validate_optional_attributes()
2030 if (attributes->bits != 0) { in psa_validate_optional_attributes()
2031 if (attributes->bits != slot->attr.bits) { in psa_validate_optional_attributes()
2056 if (data_length == 0) { in psa_import_key()
2061 if (data_length > SIZE_MAX / 8) { in psa_import_key()
2069 if (status != PSA_SUCCESS) { in psa_import_key()
2077 if (slot->key.data == NULL) { in psa_import_key()
2078 if (psa_key_lifetime_is_external(attributes->lifetime)) { in psa_import_key()
2081 if (status != PSA_SUCCESS) { in psa_import_key()
2086 if (status != PSA_SUCCESS) { in psa_import_key()
2097 if (status != PSA_SUCCESS) { in psa_import_key()
2101 if (slot->attr.bits == 0) { in psa_import_key()
2103 } else if (bits != slot->attr.bits) { in psa_import_key()
2110 if (bits > PSA_MAX_KEY_BITS) { in psa_import_key()
2115 if (status != PSA_SUCCESS) { in psa_import_key()
2122 if (status != PSA_SUCCESS) { in psa_import_key()
2129 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
2142 if (psa_get_key_type(attributes) == PSA_KEY_TYPE_NONE) { in mbedtls_psa_register_se_key()
2145 if (psa_get_key_bits(attributes) == 0) { in mbedtls_psa_register_se_key()
2151 if (status != PSA_SUCCESS) { in mbedtls_psa_register_se_key()
2158 if (status != PSA_SUCCESS) { in mbedtls_psa_register_se_key()
2184 if (status != PSA_SUCCESS) { in psa_copy_key()
2190 if (status != PSA_SUCCESS) { in psa_copy_key()
2206 if (status != PSA_SUCCESS) { in psa_copy_key()
2212 if (status != PSA_SUCCESS) { in psa_copy_key()
2215 if (PSA_KEY_LIFETIME_GET_LOCATION(target_slot->attr.lifetime) != in psa_copy_key()
2218 * If the source and target keys are stored in different locations, in psa_copy_key()
2222 * appropriate API invocations from the application, if needed. in psa_copy_key()
2233 if (psa_key_lifetime_is_external(actual_attributes.lifetime)) { in psa_copy_key()
2236 if (status != PSA_SUCCESS) { in psa_copy_key()
2241 if (status != PSA_SUCCESS) { in psa_copy_key()
2251 if (status != PSA_SUCCESS) { in psa_copy_key()
2258 if (status != PSA_SUCCESS) { in psa_copy_key()
2264 if (status != PSA_SUCCESS) { in psa_copy_key()
2282 if (operation->id == 0) { in psa_hash_abort()
2298 if (operation->id != 0) { in psa_hash_setup()
2303 if (!PSA_ALG_IS_HASH(alg)) { in psa_hash_setup()
2315 if (status != PSA_SUCCESS) { in psa_hash_setup()
2329 if (operation->id == 0) { in psa_hash_update()
2336 if (input_length == 0) { in psa_hash_update()
2344 if (status != PSA_SUCCESS) { in psa_hash_update()
2360 if (operation->id == 0) { in psa_hash_finish_internal()
2382 #if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) in psa_hash_finish()
2403 if (status != PSA_SUCCESS) { in psa_hash_verify()
2407 if (actual_hash_length != hash_length) { in psa_hash_verify()
2413 if (mbedtls_ct_memcmp(hash, actual_hash, actual_hash_length) != 0) { in psa_hash_verify()
2419 if (status != PSA_SUCCESS) { in psa_hash_verify()
2436 if (!PSA_ALG_IS_HASH(alg)) { in psa_hash_compute()
2445 #if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) in psa_hash_compute()
2464 if (!PSA_ALG_IS_HASH(alg)) { in psa_hash_compare()
2474 if (status != PSA_SUCCESS) { in psa_hash_compare()
2477 if (actual_hash_length != hash_length) { in psa_hash_compare()
2483 if (mbedtls_ct_memcmp(hash, actual_hash, actual_hash_length) != 0) { in psa_hash_compare()
2499 if (source_operation->id == 0 || in psa_hash_clone()
2506 if (status != PSA_SUCCESS) { in psa_hash_clone()
2521 if (operation->id == 0) { in psa_mac_abort()
2542 if (!PSA_ALG_IS_MAC(alg)) { in psa_mac_finalize_alg_and_key_validation()
2548 if (status != PSA_SUCCESS) { in psa_mac_finalize_alg_and_key_validation()
2555 if (*mac_size < 4) { in psa_mac_finalize_alg_and_key_validation()
2563 if (*mac_size > PSA_MAC_LENGTH(key_type, key_bits, in psa_mac_finalize_alg_and_key_validation()
2570 if (*mac_size > PSA_MAC_MAX_SIZE) { in psa_mac_finalize_alg_and_key_validation()
2596 if (operation->id != 0) { in psa_mac_setup()
2606 if (status != PSA_SUCCESS) { in psa_mac_setup()
2612 if (status != PSA_SUCCESS) { in psa_mac_setup()
2618 if (is_sign) { in psa_mac_setup()
2633 if (status != PSA_SUCCESS) { in psa_mac_setup()
2663 if (operation->id == 0) { in psa_mac_update()
2670 if (input_length == 0) { in psa_mac_update()
2678 if (status != PSA_SUCCESS) { in psa_mac_update()
2682 #if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) in psa_mac_update()
2700 if (operation->id == 0) { in psa_mac_sign_finish()
2705 if (!operation->is_sign) { in psa_mac_sign_finish()
2712 if (operation->mac_size == 0) { in psa_mac_sign_finish()
2717 if (mac_size < operation->mac_size) { in psa_mac_sign_finish()
2734 if (status != PSA_SUCCESS) { in psa_mac_sign_finish()
2739 if (mac != NULL) { in psa_mac_sign_finish()
2757 if (operation->id == 0) { in psa_mac_verify_finish()
2762 if (operation->is_sign) { in psa_mac_verify_finish()
2767 if (operation->mac_size != mac_length) { in psa_mac_verify_finish()
2802 if (status != PSA_SUCCESS) { in psa_mac_compute_internal()
2808 if (status != PSA_SUCCESS) { in psa_mac_compute_internal()
2812 if (mac_size < operation_mac_size) { in psa_mac_compute_internal()
2831 if (status != PSA_SUCCESS) { in psa_mac_compute_internal()
2861 #if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) in psa_mac_compute()
2888 if (status != PSA_SUCCESS) { in psa_mac_verify()
2892 if (mac_length != actual_mac_length) { in psa_mac_verify()
2898 if (mbedtls_ct_memcmp(mac, actual_mac, actual_mac_length) != 0) { in psa_mac_verify()
2918 if (input_is_message) { in psa_sign_verify_check_alg()
2919 if (!PSA_ALG_IS_SIGN_MESSAGE(alg)) { in psa_sign_verify_check_alg()
2923 if (PSA_ALG_IS_SIGN_HASH(alg)) { in psa_sign_verify_check_alg()
2924 if (!PSA_ALG_IS_HASH(PSA_ALG_SIGN_GET_HASH(alg))) { in psa_sign_verify_check_alg()
2929 if (!PSA_ALG_IS_SIGN_HASH(alg)) { in psa_sign_verify_check_alg()
2953 if (status != PSA_SUCCESS) { in psa_sign_internal()
2961 if (signature_size == 0) { in psa_sign_internal()
2971 if (status != PSA_SUCCESS) { in psa_sign_internal()
2975 if (!PSA_KEY_TYPE_IS_KEY_PAIR(slot->attr.type)) { in psa_sign_internal()
2980 if (input_is_message) { in psa_sign_internal()
3016 if (status != PSA_SUCCESS) { in psa_verify_internal()
3026 if (status != PSA_SUCCESS) { in psa_verify_internal()
3030 if (input_is_message) { in psa_verify_internal()
3061 if (PSA_ALG_IS_SIGN_HASH(alg)) { in psa_sign_message_builtin()
3070 if (status != PSA_SUCCESS) { in psa_sign_message_builtin()
3100 #if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) in psa_sign_message()
3120 if (PSA_ALG_IS_SIGN_HASH(alg)) { in psa_verify_message_builtin()
3129 if (status != PSA_SUCCESS) { in psa_verify_message_builtin()
3158 #if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) in psa_verify_message()
3173 if (attributes->type == PSA_KEY_TYPE_RSA_KEY_PAIR) { in psa_sign_hash_builtin()
3174 if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || in psa_sign_hash_builtin()
3176 #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ in psa_sign_hash_builtin()
3188 } else if (PSA_KEY_TYPE_IS_ECC(attributes->type)) { in psa_sign_hash_builtin()
3189 if (PSA_ALG_IS_ECDSA(alg)) { in psa_sign_hash_builtin()
3190 #if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ in psa_sign_hash_builtin()
3232 #if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) in psa_sign_hash()
3247 if (PSA_KEY_TYPE_IS_RSA(attributes->type)) { in psa_verify_hash_builtin()
3248 if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || in psa_verify_hash_builtin()
3250 #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ in psa_verify_hash_builtin()
3262 } else if (PSA_KEY_TYPE_IS_ECC(attributes->type)) { in psa_verify_hash_builtin()
3263 if (PSA_ALG_IS_ECDSA(alg)) { in psa_verify_hash_builtin()
3264 #if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ in psa_verify_hash_builtin()
3304 #if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) in psa_verify_hash()
3339 if (!PSA_ALG_IS_RSA_OAEP(alg) && salt_length != 0) { in psa_asymmetric_encrypt()
3345 if (status != PSA_SUCCESS) { in psa_asymmetric_encrypt()
3348 if (!(PSA_KEY_TYPE_IS_PUBLIC_KEY(slot->attr.type) || in psa_asymmetric_encrypt()
3398 if (!PSA_ALG_IS_RSA_OAEP(alg) && salt_length != 0) { in psa_asymmetric_decrypt()
3404 if (status != PSA_SUCCESS) { in psa_asymmetric_decrypt()
3407 if (!PSA_KEY_TYPE_IS_KEY_PAIR(slot->attr.type)) { in psa_asymmetric_decrypt()
3462 if (operation->id == 0) { in psa_sign_hash_abort_internal()
3495 if (operation->id != 0 || operation->error_occurred) { in psa_sign_hash_start()
3500 if (status != PSA_SUCCESS) { in psa_sign_hash_start()
3509 if (status != PSA_SUCCESS) { in psa_sign_hash_start()
3513 if (!PSA_KEY_TYPE_IS_KEY_PAIR(slot->attr.type)) { in psa_sign_hash_start()
3529 if (status != PSA_SUCCESS) { in psa_sign_hash_start()
3536 if (unlock_status != PSA_SUCCESS) { in psa_sign_hash_start()
3559 if (operation->id == 0 || operation->error_occurred) { in psa_sign_hash_complete()
3566 if (signature_size == 0) { in psa_sign_hash_complete()
3582 if (signature != NULL) { in psa_sign_hash_complete()
3587 if (status != PSA_OPERATION_INCOMPLETE) { in psa_sign_hash_complete()
3588 if (status != PSA_SUCCESS) { in psa_sign_hash_complete()
3620 if (operation->id == 0) { in psa_verify_hash_abort_internal()
3655 if (operation->id != 0 || operation->error_occurred) { in psa_verify_hash_start()
3660 if (status != PSA_SUCCESS) { in psa_verify_hash_start()
3669 if (status != PSA_SUCCESS) { in psa_verify_hash_start()
3685 #if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) in psa_verify_hash_start()
3689 if (status != PSA_SUCCESS) { in psa_verify_hash_start()
3696 if (unlock_status != PSA_SUCCESS) { in psa_verify_hash_start()
3713 if (operation->id == 0 || operation->error_occurred) { in psa_verify_hash_complete()
3726 if (status != PSA_OPERATION_INCOMPLETE) { in psa_verify_hash_complete()
3727 if (status != PSA_SUCCESS) { in psa_verify_hash_complete()
3762 #if (defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ in mbedtls_psa_interruptible_set_max_ops()
3768 if (max_ops == 0) { in mbedtls_psa_interruptible_set_max_ops()
3783 #if (defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ in mbedtls_psa_sign_hash_get_num_ops()
3799 #if (defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ in mbedtls_psa_verify_hash_get_num_ops()
3821 if (!PSA_KEY_TYPE_IS_ECC(attributes->type)) { in mbedtls_psa_sign_hash_start()
3825 if (!PSA_ALG_IS_ECDSA(alg)) { in mbedtls_psa_sign_hash_start()
3829 #if (defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ in mbedtls_psa_sign_hash_start()
3844 if (status != PSA_SUCCESS) { in mbedtls_psa_sign_hash_start()
3860 if (required_hash_length > sizeof(operation->hash)) { in mbedtls_psa_sign_hash_start()
3891 #if (defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ in mbedtls_psa_sign_hash_complete()
3905 if (signature_size < 2 * operation->coordinate_bytes) { in mbedtls_psa_sign_hash_complete()
3910 if (PSA_ALG_ECDSA_IS_DETERMINISTIC(operation->alg)) { in mbedtls_psa_sign_hash_complete()
3912 #if defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) in mbedtls_psa_sign_hash_complete()
3947 if (status == PSA_SUCCESS) { in mbedtls_psa_sign_hash_complete()
3954 if (status != PSA_SUCCESS) { in mbedtls_psa_sign_hash_complete()
3965 if (status != PSA_SUCCESS) { in mbedtls_psa_sign_hash_complete()
3998 #if (defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ in mbedtls_psa_sign_hash_abort()
4002 if (operation->ctx) { in mbedtls_psa_sign_hash_abort()
4037 if (!PSA_KEY_TYPE_IS_ECC(attributes->type)) { in mbedtls_psa_verify_hash_start()
4041 if (!PSA_ALG_IS_ECDSA(alg)) { in mbedtls_psa_verify_hash_start()
4045 #if (defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ in mbedtls_psa_verify_hash_start()
4062 if (status != PSA_SUCCESS) { in mbedtls_psa_verify_hash_start()
4068 if (signature_length != 2 * coordinate_bytes) { in mbedtls_psa_verify_hash_start()
4077 if (status != PSA_SUCCESS) { in mbedtls_psa_verify_hash_start()
4087 if (status != PSA_SUCCESS) { in mbedtls_psa_verify_hash_start()
4093 if (status != PSA_SUCCESS) { in mbedtls_psa_verify_hash_start()
4102 if (required_hash_length > sizeof(operation->hash)) { in mbedtls_psa_verify_hash_start()
4134 #if (defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ in mbedtls_psa_verify_hash_complete()
4171 #if (defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ in mbedtls_psa_verify_hash_abort()
4175 if (operation->ctx) { in mbedtls_psa_verify_hash_abort()
4205 #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) in psa_generate_random_internal()
4212 if (status != PSA_SUCCESS) { in psa_generate_random_internal()
4217 if (output_length != output_size) { in psa_generate_random_internal()
4230 #if defined(MBEDTLS_CTR_DRBG_C) in psa_generate_random_internal()
4235 if (ret != 0) { in psa_generate_random_internal()
4263 if (operation->id != 0) { in psa_cipher_setup()
4268 if (!PSA_ALG_IS_CIPHER(alg)) { in psa_cipher_setup()
4274 if (status != PSA_SUCCESS) { in psa_cipher_setup()
4283 if (alg == PSA_ALG_ECB_NO_PADDING) { in psa_cipher_setup()
4291 if (cipher_operation == MBEDTLS_ENCRYPT) { in psa_cipher_setup()
4306 if (status != PSA_SUCCESS) { in psa_cipher_setup()
4339 if (operation->id == 0) { in psa_cipher_generate_iv()
4344 if (operation->iv_set || !operation->iv_required) { in psa_cipher_generate_iv()
4350 if (iv_size < default_iv_length) { in psa_cipher_generate_iv()
4355 if (default_iv_length > PSA_CIPHER_IV_MAX_SIZE) { in psa_cipher_generate_iv()
4363 if (status != PSA_SUCCESS) { in psa_cipher_generate_iv()
4371 if (status == PSA_SUCCESS) { in psa_cipher_generate_iv()
4377 if (iv != NULL) { in psa_cipher_generate_iv()
4394 if (operation->id == 0) { in psa_cipher_set_iv()
4399 if (operation->iv_set || !operation->iv_required) { in psa_cipher_set_iv()
4404 if (iv_length > PSA_CIPHER_IV_MAX_SIZE) { in psa_cipher_set_iv()
4416 if (status == PSA_SUCCESS) { in psa_cipher_set_iv()
4439 if (operation->id == 0) { in psa_cipher_update()
4444 if (operation->iv_required && !operation->iv_set) { in psa_cipher_update()
4460 if (status != PSA_SUCCESS) { in psa_cipher_update()
4479 if (operation->id == 0) { in psa_cipher_finish()
4484 if (operation->iv_required && !operation->iv_set) { in psa_cipher_finish()
4497 if (status == PSA_SUCCESS) { in psa_cipher_finish()
4511 if (operation->id == 0) { in psa_cipher_abort()
4544 if (!PSA_ALG_IS_CIPHER(alg)) { in psa_cipher_encrypt()
4552 if (status != PSA_SUCCESS) { in psa_cipher_encrypt()
4557 if (default_iv_length > PSA_CIPHER_IV_MAX_SIZE) { in psa_cipher_encrypt()
4562 if (default_iv_length > 0) { in psa_cipher_encrypt()
4563 if (output_size < default_iv_length) { in psa_cipher_encrypt()
4569 if (status != PSA_SUCCESS) { in psa_cipher_encrypt()
4585 if (status == PSA_SUCCESS) { in psa_cipher_encrypt()
4589 if (status == PSA_SUCCESS) { in psa_cipher_encrypt()
4590 if (default_iv_length > 0) { in psa_cipher_encrypt()
4619 if (!PSA_ALG_IS_CIPHER(alg)) { in psa_cipher_decrypt()
4627 if (status != PSA_SUCCESS) { in psa_cipher_decrypt()
4631 if (alg == PSA_ALG_CCM_STAR_NO_TAG && in psa_cipher_decrypt()
4635 } else if (input_length < PSA_CIPHER_IV_LENGTH(slot->attr.type, alg)) { in psa_cipher_decrypt()
4650 if (status == PSA_SUCCESS) { in psa_cipher_decrypt()
4654 if (status != PSA_SUCCESS) { in psa_cipher_decrypt()
4682 #if defined(PSA_WANT_ALG_GCM) in psa_aead_check_nonce_length()
4688 * size, which can then lead to collisions if you encrypt a very in psa_aead_check_nonce_length()
4690 if (nonce_length != 0) { in psa_aead_check_nonce_length()
4695 #if defined(PSA_WANT_ALG_CCM) in psa_aead_check_nonce_length()
4697 if (nonce_length >= 7 && nonce_length <= 13) { in psa_aead_check_nonce_length()
4702 #if defined(PSA_WANT_ALG_CHACHA20_POLY1305) in psa_aead_check_nonce_length()
4704 if (nonce_length == 12) { in psa_aead_check_nonce_length()
4706 } else if (nonce_length == 8) { in psa_aead_check_nonce_length()
4721 if (!PSA_ALG_IS_AEAD(alg) || PSA_ALG_IS_WILDCARD(alg)) { in psa_aead_check_algorithm()
4751 if (status != PSA_SUCCESS) { in psa_aead_encrypt()
4757 if (status != PSA_SUCCESS) { in psa_aead_encrypt()
4767 if (status != PSA_SUCCESS) { in psa_aead_encrypt()
4779 if (status != PSA_SUCCESS && ciphertext_size != 0) { in psa_aead_encrypt()
4817 if (status != PSA_SUCCESS) { in psa_aead_decrypt()
4823 if (status != PSA_SUCCESS) { in psa_aead_decrypt()
4834 if (status != PSA_SUCCESS) { in psa_aead_decrypt()
4846 if (status != PSA_SUCCESS && plaintext_size != 0) { in psa_aead_decrypt()
4866 #if defined(PSA_WANT_ALG_CCM) in psa_validate_tag_length()
4869 if (tag_len < 4 || tag_len > 16 || tag_len % 2) { in psa_validate_tag_length()
4875 #if defined(PSA_WANT_ALG_GCM) in psa_validate_tag_length()
4878 if (tag_len != 4 && tag_len != 8 && (tag_len < 12 || tag_len > 16)) { in psa_validate_tag_length()
4884 #if defined(PSA_WANT_ALG_CHACHA20_POLY1305) in psa_validate_tag_length()
4887 if (tag_len != 16) { in psa_validate_tag_length()
4912 if (status != PSA_SUCCESS) { in psa_aead_setup()
4916 if (operation->id != 0) { in psa_aead_setup()
4921 if (operation->nonce_set || operation->lengths_set || in psa_aead_setup()
4927 if (is_encrypt) { in psa_aead_setup()
4935 if (status != PSA_SUCCESS) { in psa_aead_setup()
4939 if ((status = psa_validate_tag_length(alg)) != PSA_SUCCESS) { in psa_aead_setup()
4943 if (is_encrypt) { in psa_aead_setup()
4956 if (status != PSA_SUCCESS) { in psa_aead_setup()
4965 if (status == PSA_SUCCESS) { in psa_aead_setup()
4998 if (operation->id == 0) { in psa_aead_set_nonce_internal()
5003 if (operation->nonce_set) { in psa_aead_set_nonce_internal()
5009 if (status != PSA_SUCCESS) { in psa_aead_set_nonce_internal()
5018 if (status == PSA_SUCCESS) { in psa_aead_set_nonce_internal()
5042 if (operation->id == 0) { in psa_aead_generate_nonce()
5047 if (operation->nonce_set || !operation->is_encrypt) { in psa_aead_generate_nonce()
5063 if (nonce_size < required_nonce_size) { in psa_aead_generate_nonce()
5069 if (status != PSA_SUCCESS) { in psa_aead_generate_nonce()
5077 if (status == PSA_SUCCESS) { in psa_aead_generate_nonce()
5103 #if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) in psa_aead_set_nonce()
5119 if (operation->id == 0) { in psa_aead_set_lengths()
5124 if (operation->lengths_set || operation->ad_started || in psa_aead_set_lengths()
5131 #if defined(PSA_WANT_ALG_GCM) in psa_aead_set_lengths()
5133 /* Lengths can only be too large for GCM if size_t is bigger than 32 in psa_aead_set_lengths()
5136 #if SIZE_MAX > UINT32_MAX in psa_aead_set_lengths()
5137 if (((uint64_t) ad_length) >> 61 != 0 || in psa_aead_set_lengths()
5145 #if defined(PSA_WANT_ALG_CCM) in psa_aead_set_lengths()
5147 if (ad_length > 0xFF00) { in psa_aead_set_lengths()
5153 #if defined(PSA_WANT_ALG_CHACHA20_POLY1305) in psa_aead_set_lengths()
5166 if (status == PSA_SUCCESS) { in psa_aead_set_lengths()
5187 if (operation->id == 0) { in psa_aead_update_ad()
5192 if (!operation->nonce_set || operation->body_started) { in psa_aead_update_ad()
5197 if (operation->lengths_set) { in psa_aead_update_ad()
5198 if (operation->ad_remaining < input_length) { in psa_aead_update_ad()
5205 #if defined(PSA_WANT_ALG_CCM) in psa_aead_update_ad()
5206 else if (operation->alg == PSA_ALG_CCM) { in psa_aead_update_ad()
5216 if (status == PSA_SUCCESS) { in psa_aead_update_ad()
5247 if (operation->id == 0) { in psa_aead_update()
5252 if (!operation->nonce_set) { in psa_aead_update()
5257 if (operation->lengths_set) { in psa_aead_update()
5260 if (operation->ad_remaining != 0) { in psa_aead_update()
5266 if (operation->body_remaining < input_length) { in psa_aead_update()
5273 #if defined(PSA_WANT_ALG_CCM) in psa_aead_update()
5274 else if (operation->alg == PSA_ALG_CCM) { in psa_aead_update()
5285 if (status == PSA_SUCCESS) { in psa_aead_update()
5299 if (operation->id == 0 || !operation->nonce_set) { in psa_aead_final_checks()
5303 if (operation->lengths_set && (operation->ad_remaining != 0 || in psa_aead_final_checks()
5332 if (status != PSA_SUCCESS) { in psa_aead_finish()
5336 if (!operation->is_encrypt) { in psa_aead_finish()
5351 * Even if the operation succeeds, make sure we clear the rest of the in psa_aead_finish()
5384 if (status != PSA_SUCCESS) { in psa_aead_verify()
5388 if (operation->is_encrypt) { in psa_aead_verify()
5412 if (operation->id == 0) { in psa_aead_abort()
5430 #if defined(BUILTIN_ALG_ANY_HKDF) || \
5438 #if defined(BUILTIN_ALG_ANY_HKDF) || \
5474 if (PSA_ALG_IS_KEY_AGREEMENT(operation->alg)) { in psa_key_derivation_get_kdf_alg()
5485 if (kdf_alg == 0) { in psa_key_derivation_abort()
5490 #if defined(BUILTIN_ALG_ANY_HKDF) in psa_key_derivation_abort()
5491 if (PSA_ALG_IS_ANY_HKDF(kdf_alg)) { in psa_key_derivation_abort()
5496 #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \ in psa_key_derivation_abort()
5498 if (PSA_ALG_IS_TLS12_PRF(kdf_alg) || in psa_key_derivation_abort()
5501 if (operation->ctx.tls12_prf.secret != NULL) { in psa_key_derivation_abort()
5506 if (operation->ctx.tls12_prf.seed != NULL) { in psa_key_derivation_abort()
5511 if (operation->ctx.tls12_prf.label != NULL) { in psa_key_derivation_abort()
5515 #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) in psa_key_derivation_abort()
5516 if (operation->ctx.tls12_prf.other_secret != NULL) { in psa_key_derivation_abort()
5528 #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS) in psa_key_derivation_abort()
5529 if (kdf_alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) { in psa_key_derivation_abort()
5534 #if defined(PSA_HAVE_SOFT_PBKDF2) in psa_key_derivation_abort()
5535 if (PSA_ALG_IS_PBKDF2(kdf_alg)) { in psa_key_derivation_abort()
5536 if (operation->ctx.pbkdf2.salt != NULL) { in psa_key_derivation_abort()
5554 if (operation->alg == 0) { in psa_key_derivation_get_capacity()
5566 if (operation->alg == 0) { in psa_key_derivation_set_capacity()
5569 if (capacity > operation->capacity) { in psa_key_derivation_set_capacity()
5576 #if defined(BUILTIN_ALG_ANY_HKDF)
5587 #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) in psa_key_derivation_hkdf_read()
5593 if (hkdf->state < HKDF_STATE_KEYED || in psa_key_derivation_hkdf_read()
5595 #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) in psa_key_derivation_hkdf_read()
5606 if (n > output_length) { in psa_key_derivation_hkdf_read()
5613 if (output_length == 0) { in psa_key_derivation_hkdf_read()
5618 * prevented this call. It could happen only if the operation in psa_key_derivation_hkdf_read()
5619 * object was corrupted or if this function is called directly in psa_key_derivation_hkdf_read()
5621 if (hkdf->block_number == last_block) { in psa_key_derivation_hkdf_read()
5633 if (status != PSA_SUCCESS) { in psa_key_derivation_hkdf_read()
5637 if (hkdf->block_number != 1) { in psa_key_derivation_hkdf_read()
5641 if (status != PSA_SUCCESS) { in psa_key_derivation_hkdf_read()
5648 if (status != PSA_SUCCESS) { in psa_key_derivation_hkdf_read()
5653 if (status != PSA_SUCCESS) { in psa_key_derivation_hkdf_read()
5660 if (status != PSA_SUCCESS) { in psa_key_derivation_hkdf_read()
5669 #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
5683 * prevented this call. It could happen only if the operation in psa_key_derivation_tls12_prf_generate_next_block()
5684 * object was corrupted or if this function is called directly in psa_key_derivation_tls12_prf_generate_next_block()
5686 if (tls12_prf->block_number == 0xff) { in psa_key_derivation_tls12_prf_generate_next_block()
5715 if (status != PSA_SUCCESS) { in psa_key_derivation_tls12_prf_generate_next_block()
5720 if (tls12_prf->block_number == 1) { in psa_key_derivation_tls12_prf_generate_next_block()
5727 if (status != PSA_SUCCESS) { in psa_key_derivation_tls12_prf_generate_next_block()
5733 if (status != PSA_SUCCESS) { in psa_key_derivation_tls12_prf_generate_next_block()
5739 if (status != PSA_SUCCESS) { in psa_key_derivation_tls12_prf_generate_next_block()
5747 if (hmac_output_length != hash_length) { in psa_key_derivation_tls12_prf_generate_next_block()
5750 if (status != PSA_SUCCESS) { in psa_key_derivation_tls12_prf_generate_next_block()
5759 if (status != PSA_SUCCESS) { in psa_key_derivation_tls12_prf_generate_next_block()
5763 if (status != PSA_SUCCESS) { in psa_key_derivation_tls12_prf_generate_next_block()
5767 if (status != PSA_SUCCESS) { in psa_key_derivation_tls12_prf_generate_next_block()
5771 if (status != PSA_SUCCESS) { in psa_key_derivation_tls12_prf_generate_next_block()
5777 if (status != PSA_SUCCESS) { in psa_key_derivation_tls12_prf_generate_next_block()
5784 if (status == PSA_SUCCESS && cleanup_status != PSA_SUCCESS) { in psa_key_derivation_tls12_prf_generate_next_block()
5813 /* Check if we have fully processed the current block. */ in psa_key_derivation_tls12_prf_read()
5814 if (tls12_prf->left_in_block == 0) { in psa_key_derivation_tls12_prf_read()
5817 if (status != PSA_SUCCESS) { in psa_key_derivation_tls12_prf_read()
5824 if (tls12_prf->left_in_block > output_length) { in psa_key_derivation_tls12_prf_read()
5842 #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS)
5851 if (output_length != 32) { in psa_key_derivation_tls12_ecjpake_to_pms_read()
5858 if (status != PSA_SUCCESS) { in psa_key_derivation_tls12_ecjpake_to_pms_read()
5862 if (output_size != output_length) { in psa_key_derivation_tls12_ecjpake_to_pms_read()
5870 #if defined(PSA_HAVE_SOFT_PBKDF2)
5894 if (status != PSA_SUCCESS) { in psa_key_derivation_pbkdf2_generate_block()
5898 if (status != PSA_SUCCESS) { in psa_key_derivation_pbkdf2_generate_block()
5902 if (status != PSA_SUCCESS) { in psa_key_derivation_pbkdf2_generate_block()
5907 if (status != PSA_SUCCESS) { in psa_key_derivation_pbkdf2_generate_block()
5911 if (mac_output_length != prf_output_length) { in psa_key_derivation_pbkdf2_generate_block()
5928 if (status != PSA_SUCCESS) { in psa_key_derivation_pbkdf2_generate_block()
5954 if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg)) { in psa_key_derivation_pbkdf2_read()
5958 } else if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) { in psa_key_derivation_pbkdf2_read()
5980 if (n > output_length) { in psa_key_derivation_pbkdf2_read()
5988 if (output_length == 0) { in psa_key_derivation_pbkdf2_read()
5999 if (status != PSA_SUCCESS) { in psa_key_derivation_pbkdf2_read()
6018 if (operation->alg == 0) { in psa_key_derivation_output_bytes()
6023 if (output_length == 0 && operation->capacity == 0) { in psa_key_derivation_output_bytes()
6034 if (output_length > operation->capacity) { in psa_key_derivation_output_bytes()
6044 #if defined(BUILTIN_ALG_ANY_HKDF) in psa_key_derivation_output_bytes()
6045 if (PSA_ALG_IS_ANY_HKDF(kdf_alg)) { in psa_key_derivation_output_bytes()
6050 #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \ in psa_key_derivation_output_bytes()
6052 if (PSA_ALG_IS_TLS12_PRF(kdf_alg) || in psa_key_derivation_output_bytes()
6060 #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS) in psa_key_derivation_output_bytes()
6061 if (kdf_alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) { in psa_key_derivation_output_bytes()
6066 #if defined(PSA_HAVE_SOFT_PBKDF2) in psa_key_derivation_output_bytes()
6067 if (PSA_ALG_IS_PBKDF2(kdf_alg)) { in psa_key_derivation_output_bytes()
6082 if (status != PSA_SUCCESS) { in psa_key_derivation_output_bytes()
6090 if (output != NULL) { in psa_key_derivation_output_bytes()
6099 #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES)
6102 if (data_size >= 8) { in psa_des_set_key_parity()
6105 if (data_size >= 16) { in psa_des_set_key_parity()
6108 if (data_size >= 24) { in psa_des_set_key_parity()
6125 * 2. If m is not a multiple of 8, set the most significant
6128 * 4. If k > N - 2, discard the result and return to step 1.
6143 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE)
6144 #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE)
6168 if (grp_id == MBEDTLS_ECP_DP_NONE) { in psa_generate_derived_ecc_key_weierstrass_helper()
6190 if (*data == NULL) { in psa_generate_derived_ecc_key_weierstrass_helper()
6197 if ((status = psa_key_derivation_output_bytes(operation, *data, m_bytes)) != 0) { in psa_generate_derived_ecc_key_weierstrass_helper()
6201 /* 2. If m is not a multiple of 8 */ in psa_generate_derived_ecc_key_weierstrass_helper()
6202 if (m % 8 != 0) { in psa_generate_derived_ecc_key_weierstrass_helper()
6216 /* 4. If k > N - 2, discard the result and return to step 1. in psa_generate_derived_ecc_key_weierstrass_helper()
6227 if (ret != 0) { in psa_generate_derived_ecc_key_weierstrass_helper()
6230 if (status != PSA_SUCCESS) { in psa_generate_derived_ecc_key_weierstrass_helper()
6276 if (*data == NULL) { in psa_generate_derived_ecc_key_montgomery_helper()
6282 if (status != PSA_SUCCESS) { in psa_generate_derived_ecc_key_montgomery_helper()
6336 if (PSA_KEY_TYPE_IS_PUBLIC_KEY(slot->attr.type)) { in psa_generate_derived_key_internal()
6340 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) || \ in psa_generate_derived_key_internal()
6342 if (PSA_KEY_TYPE_IS_ECC(slot->attr.type)) { in psa_generate_derived_key_internal()
6344 if (PSA_ECC_FAMILY_IS_WEIERSTRASS(curve)) { in psa_generate_derived_key_internal()
6347 if (status != PSA_SUCCESS) { in psa_generate_derived_key_internal()
6353 if (status != PSA_SUCCESS) { in psa_generate_derived_key_internal()
6360 if (key_type_is_raw_bytes(slot->attr.type)) { in psa_generate_derived_key_internal()
6361 if (bits % 8 != 0) { in psa_generate_derived_key_internal()
6365 if (data == NULL) { in psa_generate_derived_key_internal()
6370 if (status != PSA_SUCCESS) { in psa_generate_derived_key_internal()
6373 #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES) in psa_generate_derived_key_internal()
6374 if (slot->attr.type == PSA_KEY_TYPE_DES) { in psa_generate_derived_key_internal()
6384 if (psa_key_lifetime_is_external(slot->attr.lifetime)) { in psa_generate_derived_key_internal()
6387 if (status != PSA_SUCCESS) { in psa_generate_derived_key_internal()
6392 if (status != PSA_SUCCESS) { in psa_generate_derived_key_internal()
6401 if (bits != slot->attr.bits) { in psa_generate_derived_key_internal()
6417 if (params->flags != 0) { in psa_key_production_parameters_are_default()
6420 if (params_data_length != 0) { in psa_key_production_parameters_are_default()
6441 if (psa_get_key_bits(attributes) == 0) { in psa_key_derivation_output_key_ext()
6445 if (!psa_key_production_parameters_are_default(params, params_data_length)) { in psa_key_derivation_output_key_ext()
6449 if (operation->alg == PSA_ALG_NONE) { in psa_key_derivation_output_key_ext()
6453 if (!operation->can_output_key) { in psa_key_derivation_output_key_ext()
6459 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) in psa_key_derivation_output_key_ext()
6460 if (driver != NULL) { in psa_key_derivation_output_key_ext()
6465 if (status == PSA_SUCCESS) { in psa_key_derivation_output_key_ext()
6470 if (status == PSA_SUCCESS) { in psa_key_derivation_output_key_ext()
6473 if (status != PSA_SUCCESS) { in psa_key_derivation_output_key_ext()
6495 #if defined(AT_LEAST_ONE_BUILTIN_KDF)
6498 #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) in is_kdf_alg_supported()
6499 if (PSA_ALG_IS_HKDF(kdf_alg)) { in is_kdf_alg_supported()
6503 #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) in is_kdf_alg_supported()
6504 if (PSA_ALG_IS_HKDF_EXTRACT(kdf_alg)) { in is_kdf_alg_supported()
6508 #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND) in is_kdf_alg_supported()
6509 if (PSA_ALG_IS_HKDF_EXPAND(kdf_alg)) { in is_kdf_alg_supported()
6513 #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) in is_kdf_alg_supported()
6514 if (PSA_ALG_IS_TLS12_PRF(kdf_alg)) { in is_kdf_alg_supported()
6518 #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) in is_kdf_alg_supported()
6519 if (PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) { in is_kdf_alg_supported()
6523 #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS) in is_kdf_alg_supported()
6524 if (kdf_alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) { in is_kdf_alg_supported()
6528 #if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC) in is_kdf_alg_supported()
6529 if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg)) { in is_kdf_alg_supported()
6533 #if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128) in is_kdf_alg_supported()
6534 if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) { in is_kdf_alg_supported()
6553 #if defined(PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS) in psa_key_derivation_set_maximum_capacity()
6554 if (kdf_alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) { in psa_key_derivation_set_maximum_capacity()
6559 #if defined(PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128) in psa_key_derivation_set_maximum_capacity()
6560 if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) { in psa_key_derivation_set_maximum_capacity()
6561 #if (SIZE_MAX > UINT32_MAX) in psa_key_derivation_set_maximum_capacity()
6573 /* After this point, if kdf_alg is not valid then value of hash_alg may be in psa_key_derivation_set_maximum_capacity()
6577 if (hash_size == 0) { in psa_key_derivation_set_maximum_capacity()
6585 if (status != PSA_SUCCESS) { in psa_key_derivation_set_maximum_capacity()
6589 #if defined(PSA_WANT_ALG_HKDF) in psa_key_derivation_set_maximum_capacity()
6590 if (PSA_ALG_IS_HKDF(kdf_alg)) { in psa_key_derivation_set_maximum_capacity()
6594 #if defined(PSA_WANT_ALG_HKDF_EXTRACT) in psa_key_derivation_set_maximum_capacity()
6595 if (PSA_ALG_IS_HKDF_EXTRACT(kdf_alg)) { in psa_key_derivation_set_maximum_capacity()
6599 #if defined(PSA_WANT_ALG_HKDF_EXPAND) in psa_key_derivation_set_maximum_capacity()
6600 if (PSA_ALG_IS_HKDF_EXPAND(kdf_alg)) { in psa_key_derivation_set_maximum_capacity()
6604 #if defined(PSA_WANT_ALG_TLS12_PRF) in psa_key_derivation_set_maximum_capacity()
6605 if (PSA_ALG_IS_TLS12_PRF(kdf_alg) && in psa_key_derivation_set_maximum_capacity()
6610 #if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS) in psa_key_derivation_set_maximum_capacity()
6611 if (PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg) && in psa_key_derivation_set_maximum_capacity()
6618 #if defined(PSA_WANT_ALG_PBKDF2_HMAC) in psa_key_derivation_set_maximum_capacity()
6619 if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg)) { in psa_key_derivation_set_maximum_capacity()
6620 #if (SIZE_MAX > UINT32_MAX) in psa_key_derivation_set_maximum_capacity()
6643 if (!is_kdf_alg_supported(kdf_alg)) { in psa_key_derivation_setup_kdf()
6654 #if defined(PSA_WANT_ALG_ECDH) in psa_key_agreement_try_support()
6655 if (alg == PSA_ALG_ECDH) { in psa_key_agreement_try_support()
6659 #if defined(PSA_WANT_ALG_FFDH) in psa_key_agreement_try_support()
6660 if (alg == PSA_ALG_FFDH) { in psa_key_agreement_try_support()
6671 #if defined(PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS) in psa_key_derivation_allows_free_form_secret_input()
6672 if (kdf_alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) { in psa_key_derivation_allows_free_form_secret_input()
6686 if (operation->alg != 0) { in psa_key_derivation_setup()
6690 if (PSA_ALG_IS_RAW_KEY_AGREEMENT(alg)) { in psa_key_derivation_setup()
6692 } else if (PSA_ALG_IS_KEY_AGREEMENT(alg)) { in psa_key_derivation_setup()
6693 #if defined(AT_LEAST_ONE_BUILTIN_KDF) in psa_key_derivation_setup()
6697 if (status != PSA_SUCCESS) { in psa_key_derivation_setup()
6700 if (!psa_key_derivation_allows_free_form_secret_input(kdf_alg)) { in psa_key_derivation_setup()
6707 } else if (PSA_ALG_IS_KEY_DERIVATION(alg)) { in psa_key_derivation_setup()
6708 #if defined(AT_LEAST_ONE_BUILTIN_KDF) in psa_key_derivation_setup()
6717 if (status == PSA_SUCCESS) { in psa_key_derivation_setup()
6723 #if defined(BUILTIN_ALG_ANY_HKDF)
6734 #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND) in psa_hkdf_input()
6735 if (PSA_ALG_IS_HKDF_EXPAND(kdf_alg)) { in psa_hkdf_input()
6739 if (hkdf->state != HKDF_STATE_INIT) { in psa_hkdf_input()
6745 if (status != PSA_SUCCESS) { in psa_hkdf_input()
6752 #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND) in psa_hkdf_input()
6753 if (PSA_ALG_IS_HKDF_EXPAND(kdf_alg)) { in psa_hkdf_input()
6756 * the state. It could happen only if the hkdf in psa_hkdf_input()
6758 if (hkdf->state != HKDF_STATE_INIT) { in psa_hkdf_input()
6763 if (data_length != PSA_HASH_LENGTH(hash_alg)) { in psa_hkdf_input()
6771 /* HKDF: If no salt was provided, use an empty salt. in psa_hkdf_input()
6773 if (hkdf->state == HKDF_STATE_INIT) { in psa_hkdf_input()
6774 #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) in psa_hkdf_input()
6775 if (PSA_ALG_IS_HKDF_EXTRACT(kdf_alg)) { in psa_hkdf_input()
6782 if (status != PSA_SUCCESS) { in psa_hkdf_input()
6787 if (hkdf->state != HKDF_STATE_STARTED) { in psa_hkdf_input()
6792 if (status != PSA_SUCCESS) { in psa_hkdf_input()
6799 if (status != PSA_SUCCESS) { in psa_hkdf_input()
6806 #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) in psa_hkdf_input()
6807 if (PSA_ALG_IS_HKDF_EXTRACT(kdf_alg)) { in psa_hkdf_input()
6821 #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) in psa_hkdf_input()
6822 if (PSA_ALG_IS_HKDF_EXTRACT(kdf_alg)) { in psa_hkdf_input()
6826 #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND) in psa_hkdf_input()
6827 if (PSA_ALG_IS_HKDF_EXPAND(kdf_alg) && in psa_hkdf_input()
6832 if (hkdf->state == HKDF_STATE_OUTPUT) { in psa_hkdf_input()
6835 if (hkdf->info_set) { in psa_hkdf_input()
6839 if (data_length != 0) { in psa_hkdf_input()
6841 if (hkdf->info == NULL) { in psa_hkdf_input()
6854 #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
6860 if (prf->state != PSA_TLS12_PRF_STATE_INIT) { in psa_tls12_prf_set_seed()
6864 if (data_length != 0) { in psa_tls12_prf_set_seed()
6866 if (prf->seed == NULL) { in psa_tls12_prf_set_seed()
6883 if (prf->state != PSA_TLS12_PRF_STATE_SEED_SET && in psa_tls12_prf_set_key()
6888 if (data_length != 0) { in psa_tls12_prf_set_key()
6890 if (prf->secret == NULL) { in psa_tls12_prf_set_key()
6907 if (prf->state != PSA_TLS12_PRF_STATE_KEY_SET) { in psa_tls12_prf_set_label()
6911 if (data_length != 0) { in psa_tls12_prf_set_label()
6913 if (prf->label == NULL) { in psa_tls12_prf_set_label()
6945 #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
6956 if (data_length > PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE) { in psa_tls12_prf_psk_to_ms_set_key()
6961 if (pms == NULL) { in psa_tls12_prf_psk_to_ms_set_key()
6969 * The premaster secret is formed as follows: if the PSK is N octets in psa_tls12_prf_psk_to_ms_set_key()
6984 if (prf->state == PSA_TLS12_PRF_STATE_OTHER_KEY_SET) { in psa_tls12_prf_psk_to_ms_set_key()
6987 if (prf->other_secret_length != 0) { in psa_tls12_prf_psk_to_ms_set_key()
7015 if (prf->state != PSA_TLS12_PRF_STATE_SEED_SET) { in psa_tls12_prf_psk_to_ms_set_other_key()
7019 if (data_length != 0) { in psa_tls12_prf_psk_to_ms_set_other_key()
7021 if (prf->other_secret == NULL) { in psa_tls12_prf_psk_to_ms_set_other_key()
7060 #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS)
7067 if (data_length != PSA_TLS12_ECJPAKE_TO_PMS_INPUT_SIZE || in psa_tls12_ecjpake_to_pms_input()
7072 /* Check if the passed point is in an uncompressed form */ in psa_tls12_ecjpake_to_pms_input()
7073 if (data[0] != 0x04) { in psa_tls12_ecjpake_to_pms_input()
7084 #if defined(PSA_HAVE_SOFT_PBKDF2)
7090 if (step != PSA_KEY_DERIVATION_INPUT_COST) { in psa_pbkdf2_set_input_cost()
7094 if (pbkdf2->state != PSA_PBKDF2_STATE_INIT) { in psa_pbkdf2_set_input_cost()
7098 if (data > PSA_VENDOR_PBKDF2_MAX_ITERATIONS) { in psa_pbkdf2_set_input_cost()
7102 if (data == 0) { in psa_pbkdf2_set_input_cost()
7116 if (pbkdf2->state == PSA_PBKDF2_STATE_INPUT_COST_SET) { in psa_pbkdf2_set_salt()
7118 } else if (pbkdf2->state == PSA_PBKDF2_STATE_SALT_SET) { in psa_pbkdf2_set_salt()
7124 if (data_length == 0) { in psa_pbkdf2_set_salt()
7130 if (next_salt == NULL) { in psa_pbkdf2_set_salt()
7134 if (pbkdf2->salt_length != 0) { in psa_pbkdf2_set_salt()
7145 #if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC)
7153 if (input_len > PSA_HASH_BLOCK_LENGTH(hash_alg)) { in psa_pbkdf2_hmac_set_password()
7156 } else if (input_len > 0) { in psa_pbkdf2_hmac_set_password()
7164 #if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128)
7171 if (input_len != PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, 128U, PSA_ALG_CMAC)) { in psa_pbkdf2_cmac_set_password()
7202 if (pbkdf2->state != PSA_PBKDF2_STATE_SALT_SET) { in psa_pbkdf2_set_password()
7206 #if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC) in psa_pbkdf2_set_password()
7207 if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg)) { in psa_pbkdf2_set_password()
7214 #if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128) in psa_pbkdf2_set_password()
7215 if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) { in psa_pbkdf2_set_password()
7262 if (key_type == PSA_KEY_TYPE_DERIVE) { in psa_key_derivation_check_input_type()
7265 if (key_type == PSA_KEY_TYPE_NONE) { in psa_key_derivation_check_input_type()
7270 if (key_type == PSA_KEY_TYPE_DERIVE) { in psa_key_derivation_check_input_type()
7273 if (key_type == PSA_KEY_TYPE_NONE) { in psa_key_derivation_check_input_type()
7281 if (key_type == PSA_KEY_TYPE_RAW_DATA) { in psa_key_derivation_check_input_type()
7284 if (key_type == PSA_KEY_TYPE_NONE) { in psa_key_derivation_check_input_type()
7289 if (key_type == PSA_KEY_TYPE_PASSWORD) { in psa_key_derivation_check_input_type()
7292 if (key_type == PSA_KEY_TYPE_DERIVE) { in psa_key_derivation_check_input_type()
7295 if (key_type == PSA_KEY_TYPE_NONE) { in psa_key_derivation_check_input_type()
7314 if (status != PSA_SUCCESS) { in psa_key_derivation_input_internal()
7318 #if defined(BUILTIN_ALG_ANY_HKDF) in psa_key_derivation_input_internal()
7319 if (PSA_ALG_IS_ANY_HKDF(kdf_alg)) { in psa_key_derivation_input_internal()
7324 #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) in psa_key_derivation_input_internal()
7325 if (PSA_ALG_IS_TLS12_PRF(kdf_alg)) { in psa_key_derivation_input_internal()
7330 #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) in psa_key_derivation_input_internal()
7331 if (PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) { in psa_key_derivation_input_internal()
7336 #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS) in psa_key_derivation_input_internal()
7337 if (kdf_alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) { in psa_key_derivation_input_internal()
7342 #if defined(PSA_HAVE_SOFT_PBKDF2) in psa_key_derivation_input_internal()
7343 if (PSA_ALG_IS_PBKDF2(kdf_alg)) { in psa_key_derivation_input_internal()
7357 if (status != PSA_SUCCESS) { in psa_key_derivation_input_internal()
7371 #if defined(PSA_HAVE_SOFT_PBKDF2) in psa_key_derivation_input_integer_internal()
7372 if (PSA_ALG_IS_PBKDF2(kdf_alg)) { in psa_key_derivation_input_integer_internal()
7384 if (status != PSA_SUCCESS) { in psa_key_derivation_input_integer_internal()
7404 #if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) in psa_key_derivation_input_bytes()
7430 if (status != PSA_SUCCESS) { in psa_key_derivation_input_key()
7437 if (step == PSA_KEY_DERIVATION_INPUT_SECRET || in psa_key_derivation_input_key()
7469 #if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) in psa_key_agreement_raw_builtin()
7479 #if defined(MBEDTLS_PSA_BUILTIN_ALG_FFDH) in psa_key_agreement_raw_builtin()
7506 * to the driver's implementation if a driver is present.
7518 if (!PSA_ALG_IS_RAW_KEY_AGREEMENT(alg)) { in psa_key_agreement_raw_internal()
7531 /* Note that if this function fails, you must call psa_key_derivation_abort()
7553 if (status != PSA_SUCCESS) { in psa_key_agreement_internal()
7580 if (!PSA_ALG_IS_KEY_AGREEMENT(operation->alg)) { in psa_key_derivation_key_agreement()
7585 if (status != PSA_SUCCESS) { in psa_key_derivation_key_agreement()
7594 #if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) in psa_key_derivation_key_agreement()
7597 if (status != PSA_SUCCESS) { in psa_key_derivation_key_agreement()
7600 /* If a private key has been added as SECRET, we allow the derived in psa_key_derivation_key_agreement()
7602 if (step == PSA_KEY_DERIVATION_INPUT_SECRET) { in psa_key_derivation_key_agreement()
7629 if (!PSA_ALG_IS_KEY_AGREEMENT(alg)) { in psa_raw_key_agreement()
7635 if (status != PSA_SUCCESS) { in psa_raw_key_agreement()
7641 * function works if output_size >= PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(...), in psa_raw_key_agreement()
7642 * but it might be nice to allow smaller buffers if the output fits. in psa_raw_key_agreement()
7645 * If FFDH is implemented, PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE() can easily in psa_raw_key_agreement()
7649 if (output_size < expected_length) { in psa_raw_key_agreement()
7663 if (output != NULL && status != PSA_SUCCESS) { in psa_raw_key_agreement()
7664 /* If an error happens and is not handled properly, the output in psa_raw_key_agreement()
7675 if (output == NULL) { in psa_raw_key_agreement()
7692 #if defined(MBEDTLS_PSA_INJECT_ENTROPY)
7699 * this function if mutexes are enabled.
7703 #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) in mbedtls_psa_random_init()
7707 /* Set default configuration if in mbedtls_psa_random_init()
7709 if (rng->entropy_init == NULL) { in mbedtls_psa_random_init()
7712 if (rng->entropy_free == NULL) { in mbedtls_psa_random_init()
7717 #if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \ in mbedtls_psa_random_init()
7734 * this function if mutexes are enabled.
7738 #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) in mbedtls_psa_random_free()
7750 #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) in mbedtls_psa_random_seed()
7772 #if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) in psa_generate_random()
7779 #if defined(MBEDTLS_PSA_INJECT_ENTROPY)
7783 if (psa_get_initialized()) { in mbedtls_psa_inject_entropy()
7787 if (((seed_size < MBEDTLS_ENTROPY_MIN_PLATFORM) || in mbedtls_psa_inject_entropy()
7815 if (key_type_is_raw_bytes(type)) { in psa_validate_key_type_and_size_for_key_generation()
7817 if (status != PSA_SUCCESS) { in psa_validate_key_type_and_size_for_key_generation()
7821 #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE) in psa_validate_key_type_and_size_for_key_generation()
7822 if (PSA_KEY_TYPE_IS_RSA(type) && PSA_KEY_TYPE_IS_KEY_PAIR(type)) { in psa_validate_key_type_and_size_for_key_generation()
7823 if (bits > PSA_VENDOR_RSA_MAX_KEY_BITS) { in psa_validate_key_type_and_size_for_key_generation()
7826 if (bits < PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS) { in psa_validate_key_type_and_size_for_key_generation()
7832 if (bits % 8 != 0) { in psa_validate_key_type_and_size_for_key_generation()
7838 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE) in psa_validate_key_type_and_size_for_key_generation()
7839 if (PSA_KEY_TYPE_IS_ECC(type) && PSA_KEY_TYPE_IS_KEY_PAIR(type)) { in psa_validate_key_type_and_size_for_key_generation()
7845 #if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE) in psa_validate_key_type_and_size_for_key_generation()
7846 if (PSA_KEY_TYPE_IS_DH(type) && PSA_KEY_TYPE_IS_KEY_PAIR(type)) { in psa_validate_key_type_and_size_for_key_generation()
7847 if (psa_is_dh_key_size_valid(bits) == 0) { in psa_validate_key_type_and_size_for_key_generation()
7871 if (key_type_is_raw_bytes(type)) { in psa_generate_key_internal()
7873 if (status != PSA_SUCCESS) { in psa_generate_key_internal()
7877 #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES) in psa_generate_key_internal()
7878 if (type == PSA_KEY_TYPE_DES) { in psa_generate_key_internal()
7884 #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE) in psa_generate_key_internal()
7885 if (type == PSA_KEY_TYPE_RSA_KEY_PAIR) { in psa_generate_key_internal()
7894 #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE) in psa_generate_key_internal()
7895 if (PSA_KEY_TYPE_IS_ECC(type) && PSA_KEY_TYPE_IS_KEY_PAIR(type)) { in psa_generate_key_internal()
7903 #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE) in psa_generate_key_internal()
7904 if (PSA_KEY_TYPE_IS_DH(type) && PSA_KEY_TYPE_IS_KEY_PAIR(type)) { in psa_generate_key_internal()
7933 if (psa_get_key_bits(attributes) == 0) { in psa_generate_key_ext()
7938 if (PSA_KEY_TYPE_IS_PUBLIC_KEY(attributes->type)) { in psa_generate_key_ext()
7942 #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE) in psa_generate_key_ext()
7943 if (attributes->type == PSA_KEY_TYPE_RSA_KEY_PAIR) { in psa_generate_key_ext()
7944 if (params->flags != 0) { in psa_generate_key_ext()
7949 if (!psa_key_production_parameters_are_default(params, params_data_length)) { in psa_generate_key_ext()
7955 if (status != PSA_SUCCESS) { in psa_generate_key_ext()
7963 if (slot->key.data == NULL) { in psa_generate_key_ext()
7964 if (PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime) == in psa_generate_key_ext()
7968 if (status != PSA_SUCCESS) { in psa_generate_key_ext()
7978 if (status != PSA_SUCCESS) { in psa_generate_key_ext()
7984 if (status != PSA_SUCCESS) { in psa_generate_key_ext()
7993 if (status != PSA_SUCCESS) { in psa_generate_key_ext()
7998 if (status == PSA_SUCCESS) { in psa_generate_key_ext()
8001 if (status != PSA_SUCCESS) { in psa_generate_key_ext()
8020 #if !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
8027 #if defined(MBEDTLS_THREADING_C) in mbedtls_psa_crypto_configure_entropy_sources()
8031 if (global_data.rng_state != RNG_NOT_INITIALIZED) { in mbedtls_psa_crypto_configure_entropy_sources()
8039 #if defined(MBEDTLS_THREADING_C) in mbedtls_psa_crypto_configure_entropy_sources()
8050 #if defined(MBEDTLS_THREADING_C) in mbedtls_psa_crypto_free()
8055 if (global_data.initialized & PSA_CRYPTO_SUBSYSTEM_TRANSACTION_INITIALIZED) { in mbedtls_psa_crypto_free()
8059 if (global_data.initialized & PSA_CRYPTO_SUBSYSTEM_KEY_SLOTS_INITIALIZED) { in mbedtls_psa_crypto_free()
8064 #if defined(MBEDTLS_THREADING_C) in mbedtls_psa_crypto_free()
8068 #if defined(MBEDTLS_THREADING_C) in mbedtls_psa_crypto_free()
8072 if (global_data.rng_state != RNG_NOT_INITIALIZED) { in mbedtls_psa_crypto_free()
8078 #if defined(MBEDTLS_THREADING_C) in mbedtls_psa_crypto_free()
8082 #if defined(MBEDTLS_THREADING_C) in mbedtls_psa_crypto_free()
8087 if (global_data.initialized & PSA_CRYPTO_SUBSYSTEM_DRIVER_WRAPPERS_INITIALIZED) { in mbedtls_psa_crypto_free()
8092 #if defined(MBEDTLS_THREADING_C) in mbedtls_psa_crypto_free()
8098 #if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS)
8102 * returns. If this function returns a failure status, the initialization
8131 #if defined(MBEDTLS_THREADING_C) in mbedtls_psa_crypto_init_subsystem()
8135 if (!(global_data.initialized & PSA_CRYPTO_SUBSYSTEM_DRIVER_WRAPPERS_INITIALIZED)) { in mbedtls_psa_crypto_init_subsystem()
8144 #if defined(MBEDTLS_THREADING_C) in mbedtls_psa_crypto_init_subsystem()
8153 #if defined(MBEDTLS_THREADING_C) in mbedtls_psa_crypto_init_subsystem()
8157 if (!(global_data.initialized & PSA_CRYPTO_SUBSYSTEM_KEY_SLOTS_INITIALIZED)) { in mbedtls_psa_crypto_init_subsystem()
8160 /* Need to wipe keys even if initialization fails. */ in mbedtls_psa_crypto_init_subsystem()
8164 #if defined(MBEDTLS_THREADING_C) in mbedtls_psa_crypto_init_subsystem()
8173 #if defined(MBEDTLS_THREADING_C) in mbedtls_psa_crypto_init_subsystem()
8180 #if defined(MBEDTLS_THREADING_C) in mbedtls_psa_crypto_init_subsystem()
8188 #if defined(MBEDTLS_THREADING_C) in mbedtls_psa_crypto_init_subsystem()
8193 if (global_data.rng_state == RNG_NOT_INITIALIZED && driver_wrappers_initialized) { in mbedtls_psa_crypto_init_subsystem()
8198 if (status == PSA_SUCCESS) { in mbedtls_psa_crypto_init_subsystem()
8203 #if defined(MBEDTLS_THREADING_C) in mbedtls_psa_crypto_init_subsystem()
8212 #if defined(MBEDTLS_THREADING_C) in mbedtls_psa_crypto_init_subsystem()
8216 if (!(global_data.initialized & PSA_CRYPTO_SUBSYSTEM_TRANSACTION_INITIALIZED)) { in mbedtls_psa_crypto_init_subsystem()
8217 #if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS) in mbedtls_psa_crypto_init_subsystem()
8219 if (status == PSA_SUCCESS) { in mbedtls_psa_crypto_init_subsystem()
8221 if (status == PSA_SUCCESS) { in mbedtls_psa_crypto_init_subsystem()
8225 } else if (status == PSA_ERROR_DOES_NOT_EXIST) { in mbedtls_psa_crypto_init_subsystem()
8236 #if defined(MBEDTLS_THREADING_C) in mbedtls_psa_crypto_init_subsystem()
8248 #if defined(MBEDTLS_THREADING_C) in mbedtls_psa_crypto_init_subsystem()
8259 /* Double initialization is explicitly allowed. Early out if everything is in psa_crypto_init()
8261 if (psa_get_initialized()) { in psa_crypto_init()
8266 if (status != PSA_SUCCESS) { in psa_crypto_init()
8271 if (status != PSA_SUCCESS) { in psa_crypto_init()
8276 if (status != PSA_SUCCESS) { in psa_crypto_init()
8284 if (status != PSA_SUCCESS) { in psa_crypto_init()
8291 #if defined(PSA_WANT_ALG_SOME_PAKE)
8296 if (inputs->password_len == 0) { in psa_crypto_driver_pake_get_password_len()
8309 if (inputs->password_len == 0) { in psa_crypto_driver_pake_get_password()
8313 if (buffer_size < inputs->password_len) { in psa_crypto_driver_pake_get_password()
8327 if (inputs->user_len == 0) { in psa_crypto_driver_pake_get_user_len()
8340 if (inputs->user_len == 0) { in psa_crypto_driver_pake_get_user()
8344 if (user_id_size < inputs->user_len) { in psa_crypto_driver_pake_get_user()
8358 if (inputs->peer_len == 0) { in psa_crypto_driver_pake_get_peer_len()
8371 if (inputs->peer_len == 0) { in psa_crypto_driver_pake_get_peer()
8375 if (peer_id_size < inputs->peer_len) { in psa_crypto_driver_pake_get_peer()
8389 if (inputs->cipher_suite.algorithm == PSA_ALG_NONE) { in psa_crypto_driver_pake_get_cipher_suite()
8404 if (operation->stage != PSA_PAKE_OPERATION_STAGE_SETUP) { in psa_pake_setup()
8409 if (PSA_ALG_IS_PAKE(cipher_suite->algorithm) == 0 || in psa_pake_setup()
8422 #if defined(PSA_WANT_ALG_JPAKE) in psa_pake_setup()
8423 if (operation->alg == PSA_ALG_JPAKE) { in psa_pake_setup()
8453 if (operation->stage != PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) { in psa_pake_set_password_key()
8461 if (status != PSA_SUCCESS) { in psa_pake_set_password_key()
8467 if (type != PSA_KEY_TYPE_PASSWORD && in psa_pake_set_password_key()
8474 if (operation->data.inputs.password == NULL) { in psa_pake_set_password_key()
8484 if (status != PSA_SUCCESS) { in psa_pake_set_password_key()
8499 if (operation->stage != PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) { in psa_pake_set_user()
8504 if (user_id_len == 0) { in psa_pake_set_user()
8509 if (operation->data.inputs.user_len != 0) { in psa_pake_set_user()
8515 if (operation->data.inputs.user == NULL) { in psa_pake_set_user()
8529 if (status != PSA_SUCCESS) { in psa_pake_set_user()
8543 if (operation->stage != PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) { in psa_pake_set_peer()
8548 if (peer_id_len == 0) { in psa_pake_set_peer()
8553 if (operation->data.inputs.peer_len != 0) { in psa_pake_set_peer()
8559 if (operation->data.inputs.peer == NULL) { in psa_pake_set_peer()
8573 if (status != PSA_SUCCESS) { in psa_pake_set_peer()
8585 if (operation->stage != PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) { in psa_pake_set_role()
8591 #if defined(PSA_WANT_ALG_JPAKE) in psa_pake_set_role()
8593 if (role == PSA_PAKE_ROLE_NONE) { in psa_pake_set_role()
8610 #if defined(PSA_WANT_ALG_JPAKE)
8615 if (stage->round == PSA_JPAKE_FIRST) { in convert_jpake_computation_stage_to_driver_step()
8618 if (stage->io_mode == PSA_JPAKE_OUTPUT) { in convert_jpake_computation_stage_to_driver_step()
8627 } else if (stage->round == PSA_JPAKE_SECOND) { in convert_jpake_computation_stage_to_driver_step()
8646 if (inputs.password_len == 0) { in psa_pake_complete_inputs()
8650 if (operation->alg == PSA_ALG_JPAKE) { in psa_pake_complete_inputs()
8651 if (inputs.user_len == 0 || inputs.peer_len == 0) { in psa_pake_complete_inputs()
8668 if (status == PSA_SUCCESS) { in psa_pake_complete_inputs()
8669 #if defined(PSA_WANT_ALG_JPAKE) in psa_pake_complete_inputs()
8670 if (operation->alg == PSA_ALG_JPAKE) { in psa_pake_complete_inputs()
8681 #if defined(PSA_WANT_ALG_JPAKE)
8687 if (step != PSA_PAKE_STEP_KEY_SHARE && in psa_jpake_prologue()
8696 if (computation_stage->round != PSA_JPAKE_FIRST && in psa_jpake_prologue()
8702 if (step != computation_stage->step) { in psa_jpake_prologue()
8706 if (step == PSA_PAKE_STEP_KEY_SHARE && in psa_jpake_prologue()
8712 } else if (computation_stage->io_mode != io_mode) { in psa_jpake_prologue()
8728 if (stage->step == PSA_PAKE_STEP_ZK_PROOF) { in psa_jpake_epilogue()
8730 if (io_mode == PSA_JPAKE_INPUT) { in psa_jpake_epilogue()
8732 if (stage->inputs == PSA_JPAKE_EXPECTED_INPUTS(stage->round)) { in psa_jpake_epilogue()
8736 if (io_mode == PSA_JPAKE_OUTPUT) { in psa_jpake_epilogue()
8738 if (stage->outputs == PSA_JPAKE_EXPECTED_OUTPUTS(stage->round)) { in psa_jpake_epilogue()
8742 if (stage->inputs == PSA_JPAKE_EXPECTED_INPUTS(stage->round) && in psa_jpake_epilogue()
8770 if (operation->stage == PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) { in psa_pake_output()
8772 if (status != PSA_SUCCESS) { in psa_pake_output()
8777 if (operation->stage != PSA_PAKE_OPERATION_STAGE_COMPUTATION) { in psa_pake_output()
8782 if (output_size == 0) { in psa_pake_output()
8788 #if defined(PSA_WANT_ALG_JPAKE) in psa_pake_output()
8791 if (status != PSA_SUCCESS) { in psa_pake_output()
8809 if (status != PSA_SUCCESS) { in psa_pake_output()
8814 #if defined(PSA_WANT_ALG_JPAKE) in psa_pake_output()
8817 if (status != PSA_SUCCESS) { in psa_pake_output()
8829 if (status != PSA_SUCCESS) { in psa_pake_output()
8848 if (operation->stage == PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) { in psa_pake_input()
8850 if (status != PSA_SUCCESS) { in psa_pake_input()
8855 if (operation->stage != PSA_PAKE_OPERATION_STAGE_COMPUTATION) { in psa_pake_input()
8860 if (input_length == 0 || input_length > max_input_length) { in psa_pake_input()
8866 #if defined(PSA_WANT_ALG_JPAKE) in psa_pake_input()
8869 if (status != PSA_SUCCESS) { in psa_pake_input()
8886 if (status != PSA_SUCCESS) { in psa_pake_input()
8891 #if defined(PSA_WANT_ALG_JPAKE) in psa_pake_input()
8894 if (status != PSA_SUCCESS) { in psa_pake_input()
8906 if (status != PSA_SUCCESS) { in psa_pake_input()
8921 if (operation->stage != PSA_PAKE_OPERATION_STAGE_COMPUTATION) { in psa_pake_get_implicit_key()
8926 #if defined(PSA_WANT_ALG_JPAKE) in psa_pake_get_implicit_key()
8927 if (operation->alg == PSA_ALG_JPAKE) { in psa_pake_get_implicit_key()
8930 if (computation_stage->round != PSA_JPAKE_FINISHED) { in psa_pake_get_implicit_key()
8946 if (status != PSA_SUCCESS) { in psa_pake_get_implicit_key()
8966 if (operation->stage == PSA_PAKE_OPERATION_STAGE_COMPUTATION) { in psa_pake_abort()
8970 if (operation->stage == PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) { in psa_pake_abort()
8971 if (operation->data.inputs.password != NULL) { in psa_pake_abort()
8975 if (operation->data.inputs.user != NULL) { in psa_pake_abort()
8978 if (operation->data.inputs.peer != NULL) { in psa_pake_abort()
8992 #if defined(MBEDTLS_TEST_HOOKS)
9005 * \return #PSA_SUCCESS, if the buffer was successfully
9007 * \return #PSA_ERROR_CORRUPTION_DETECTED, if the local
9015 if (input_len > input_copy_len) { in psa_crypto_copy_input()
9019 #if defined(MBEDTLS_TEST_HOOKS) in psa_crypto_copy_input()
9020 if (psa_input_pre_copy_hook != NULL) { in psa_crypto_copy_input()
9025 if (input_len > 0) { in psa_crypto_copy_input()
9029 #if defined(MBEDTLS_TEST_HOOKS) in psa_crypto_copy_input()
9030 if (psa_input_post_copy_hook != NULL) { in psa_crypto_copy_input()
9044 * \return #PSA_SUCCESS, if the buffer was successfully
9046 * \return #PSA_ERROR_BUFFER_TOO_SMALL, if the
9054 if (output_len < output_copy_len) { in psa_crypto_copy_output()
9058 #if defined(MBEDTLS_TEST_HOOKS) in psa_crypto_copy_output()
9059 if (psa_output_pre_copy_hook != NULL) { in psa_crypto_copy_output()
9064 if (output_copy_len > 0) { in psa_crypto_copy_output()
9068 #if defined(MBEDTLS_TEST_HOOKS) in psa_crypto_copy_output()
9069 if (psa_output_post_copy_hook != NULL) { in psa_crypto_copy_output()
9084 if (input_len == 0) { in psa_crypto_local_input_alloc()
9089 if (local_input->buffer == NULL) { in psa_crypto_local_input_alloc()
9100 if (status != PSA_SUCCESS) { in psa_crypto_local_input_alloc()
9125 if (output_len == 0) { in psa_crypto_local_output_alloc()
9129 if (local_output->buffer == NULL) { in psa_crypto_local_output_alloc()
9144 if (local_output->buffer == NULL) { in psa_crypto_local_output_free()
9148 if (local_output->original == NULL) { in psa_crypto_local_output_free()
9155 if (status != PSA_SUCCESS) { in psa_crypto_local_output_free()