From 374fe5b8d2da303166dffaa27ddcc47f8367471e Mon Sep 17 00:00:00 2001 From: Archana Date: Wed, 8 Sep 2021 15:50:28 +0530 Subject: [PATCH] Handle zeroed attributes key bits and type in copy The target attributes for key copy could have key bits and type zeroed. If so, they need to be overwritten/ inherited from the source key. This is now forcefully overwritten after validating the optional attributes. As a result assigning attributes type and bits after copy are no longer necessary. Signed-off-by: Archana --- library/psa_crypto.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b105890fb..906e9b457 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2000,9 +2000,6 @@ static psa_status_t psa_copy_key_material( const psa_key_slot_t *source, if( status != PSA_SUCCESS ) return( status ); - target->attr.type = source->attr.type; - target->attr.bits = source->attr.bits; - return( PSA_SUCCESS ); } @@ -2030,6 +2027,15 @@ psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, if( status != PSA_SUCCESS ) goto exit; + /* The actual attributes that we received from the user could have + * zero values for key bits and type.These optional attributes + * have been validated and so it is safe to inherit these + * from the source key. + * */ + actual_attributes.core.bits = source_slot->attr.bits; + actual_attributes.core.type = source_slot->attr.type; + + status = psa_restrict_key_policy( source_slot->attr.type, &actual_attributes.core.policy, &source_slot->attr.policy ); @@ -2065,9 +2071,11 @@ psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, &storage_size ); if( status != PSA_SUCCESS ) goto exit; + status = psa_allocate_buffer_to_slot( target_slot, storage_size ); if( status != PSA_SUCCESS ) goto exit; + status = psa_driver_wrapper_copy_key( &actual_attributes, source_slot->key.data, source_slot->key.bytes,