lib: mbebtls: correct return value in RSA-SSA signature verification

The value TEE_ERROR_MAC_INVALID returned by function crypto_acipher_rsassa_verify() of mbedtls library will cause TEE_AsymmetricVerifyDigest() to call TEE_Panic() when it reports an invalid signature. Fix this by returning TEE_ERROR_SIGNATURE_INVALID instead as specified by the GPD TEE Internal Core API specifications. Signed-off-by: lubing <lubing@eswin.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
author: lubing <lubing@eswin.com> 2021-11-11 10:30:45 +0800
committer: Jérôme Forissier <jerome@forissier.org> 2021-11-11 17:09:18 +0100
commit: c282ebd61200b0cb0830399c1c33514dbd129dfd (patch)
tree: 9181af942a634dbebf2db46650226850c884b1a6
parent: 28bbb200bd30a638e575e01ea53207c6732d1d75 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/libmbedtls/core/rsa.c b/lib/libmbedtls/core/rsa.c
index ecbcef4f..4c82705b 100644
--- a/lib/libmbedtls/core/rsa.c
+++ b/lib/libmbedtls/core/rsa.c
@@ -627,7 +627,7 @@ TEE_Result crypto_acipher_rsassa_verify(uint32_t algo,
 
 	bigint_size = crypto_bignum_num_bytes(key->n);
 	if (sig_len < bigint_size) {
-		res = TEE_ERROR_MAC_INVALID;
+		res = TEE_ERROR_SIGNATURE_INVALID;
 		goto err;
 	}
author	lubing <lubing@eswin.com>	2021-11-11 10:30:45 +0800
committer	Jérôme Forissier <jerome@forissier.org>	2021-11-11 17:09:18 +0100
commit	c282ebd61200b0cb0830399c1c33514dbd129dfd (patch)
tree	9181af942a634dbebf2db46650226850c884b1a6
parent	28bbb200bd30a638e575e01ea53207c6732d1d75 (diff)