diff options
author | lubing <lubing@eswin.com> | 2021-11-11 10:30:45 +0800 |
---|---|---|
committer | Jérôme Forissier <jerome@forissier.org> | 2021-11-11 17:09:18 +0100 |
commit | c282ebd61200b0cb0830399c1c33514dbd129dfd (patch) | |
tree | 9181af942a634dbebf2db46650226850c884b1a6 | |
parent | 28bbb200bd30a638e575e01ea53207c6732d1d75 (diff) |
lib: mbebtls: correct return value in RSA-SSA signature verification
The value TEE_ERROR_MAC_INVALID returned by function
crypto_acipher_rsassa_verify() of mbedtls library will
cause TEE_AsymmetricVerifyDigest() to call TEE_Panic()
when it reports an invalid signature. Fix this by returning
TEE_ERROR_SIGNATURE_INVALID instead as specified by
the GPD TEE Internal Core API specifications.
Signed-off-by: lubing <lubing@eswin.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
-rw-r--r-- | lib/libmbedtls/core/rsa.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/libmbedtls/core/rsa.c b/lib/libmbedtls/core/rsa.c index ecbcef4f..4c82705b 100644 --- a/lib/libmbedtls/core/rsa.c +++ b/lib/libmbedtls/core/rsa.c @@ -627,7 +627,7 @@ TEE_Result crypto_acipher_rsassa_verify(uint32_t algo, bigint_size = crypto_bignum_num_bytes(key->n); if (sig_len < bigint_size) { - res = TEE_ERROR_MAC_INVALID; + res = TEE_ERROR_SIGNATURE_INVALID; goto err; } |