Fix struct initialization
Fix initialization of mbedtls_psa_cipher_operation_t by not initializing the mbedtls_cipher_context_t typed field completely. Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
This commit is contained in:
gabor-mezei-arm
parent
93ad276c29
commit
42cdb2a90b
2 changed files with 17 additions and 14 deletions
|
|
@ -104,7 +104,10 @@ typedef struct {
|
||||||
psa_algorithm_t MBEDTLS_PRIVATE(alg);
|
psa_algorithm_t MBEDTLS_PRIVATE(alg);
|
||||||
uint8_t MBEDTLS_PRIVATE(iv_length);
|
uint8_t MBEDTLS_PRIVATE(iv_length);
|
||||||
uint8_t MBEDTLS_PRIVATE(block_length);
|
uint8_t MBEDTLS_PRIVATE(block_length);
|
||||||
mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher);
|
union {
|
||||||
|
unsigned int MBEDTLS_PRIVATE(initialised);
|
||||||
|
mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher);
|
||||||
|
} MBEDTLS_PRIVATE(ctx);
|
||||||
} mbedtls_psa_cipher_operation_t;
|
} mbedtls_psa_cipher_operation_t;
|
||||||
|
|
||||||
#define MBEDTLS_PSA_CIPHER_OPERATION_INIT {0, 0, 0, {0}}
|
#define MBEDTLS_PSA_CIPHER_OPERATION_INIT {0, 0, 0, {0}}
|
||||||
|
|
|
||||||
|
|
@ -162,7 +162,7 @@ static psa_status_t cipher_setup(
|
||||||
|
|
||||||
/* Proceed with initializing an mbed TLS cipher context if no driver is
|
/* Proceed with initializing an mbed TLS cipher context if no driver is
|
||||||
* available for the given algorithm & key. */
|
* available for the given algorithm & key. */
|
||||||
mbedtls_cipher_init( &operation->cipher );
|
mbedtls_cipher_init( &operation->ctx.cipher );
|
||||||
|
|
||||||
operation->alg = alg;
|
operation->alg = alg;
|
||||||
key_bits = attributes->core.bits;
|
key_bits = attributes->core.bits;
|
||||||
|
|
@ -171,7 +171,7 @@ static psa_status_t cipher_setup(
|
||||||
if( cipher_info == NULL )
|
if( cipher_info == NULL )
|
||||||
return( PSA_ERROR_NOT_SUPPORTED );
|
return( PSA_ERROR_NOT_SUPPORTED );
|
||||||
|
|
||||||
ret = mbedtls_cipher_setup( &operation->cipher, cipher_info );
|
ret = mbedtls_cipher_setup( &operation->ctx.cipher, cipher_info );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
goto exit;
|
goto exit;
|
||||||
|
|
||||||
|
|
@ -182,14 +182,14 @@ static psa_status_t cipher_setup(
|
||||||
uint8_t keys[24];
|
uint8_t keys[24];
|
||||||
memcpy( keys, key_buffer, 16 );
|
memcpy( keys, key_buffer, 16 );
|
||||||
memcpy( keys + 16, key_buffer, 8 );
|
memcpy( keys + 16, key_buffer, 8 );
|
||||||
ret = mbedtls_cipher_setkey( &operation->cipher,
|
ret = mbedtls_cipher_setkey( &operation->ctx.cipher,
|
||||||
keys,
|
keys,
|
||||||
192, cipher_operation );
|
192, cipher_operation );
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
#endif
|
#endif
|
||||||
{
|
{
|
||||||
ret = mbedtls_cipher_setkey( &operation->cipher, key_buffer,
|
ret = mbedtls_cipher_setkey( &operation->ctx.cipher, key_buffer,
|
||||||
(int) key_bits, cipher_operation );
|
(int) key_bits, cipher_operation );
|
||||||
}
|
}
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
|
|
@ -200,11 +200,11 @@ static psa_status_t cipher_setup(
|
||||||
switch( alg )
|
switch( alg )
|
||||||
{
|
{
|
||||||
case PSA_ALG_CBC_NO_PADDING:
|
case PSA_ALG_CBC_NO_PADDING:
|
||||||
ret = mbedtls_cipher_set_padding_mode( &operation->cipher,
|
ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher,
|
||||||
MBEDTLS_PADDING_NONE );
|
MBEDTLS_PADDING_NONE );
|
||||||
break;
|
break;
|
||||||
case PSA_ALG_CBC_PKCS7:
|
case PSA_ALG_CBC_PKCS7:
|
||||||
ret = mbedtls_cipher_set_padding_mode( &operation->cipher,
|
ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher,
|
||||||
MBEDTLS_PADDING_PKCS7 );
|
MBEDTLS_PADDING_PKCS7 );
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
|
|
@ -253,7 +253,7 @@ static psa_status_t cipher_set_iv( mbedtls_psa_cipher_operation_t *operation,
|
||||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
|
|
||||||
return( mbedtls_to_psa_error(
|
return( mbedtls_to_psa_error(
|
||||||
mbedtls_cipher_set_iv( &operation->cipher,
|
mbedtls_cipher_set_iv( &operation->ctx.cipher,
|
||||||
iv, iv_length ) ) );
|
iv, iv_length ) ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -362,7 +362,7 @@ static psa_status_t cipher_update( mbedtls_psa_cipher_operation_t *operation,
|
||||||
* the last partial block, if any. You get the data that will be
|
* the last partial block, if any. You get the data that will be
|
||||||
* output in this call. */
|
* output in this call. */
|
||||||
expected_output_size =
|
expected_output_size =
|
||||||
( operation->cipher.unprocessed_len + input_length )
|
( operation->ctx.cipher.unprocessed_len + input_length )
|
||||||
/ operation->block_length * operation->block_length;
|
/ operation->block_length * operation->block_length;
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
|
@ -378,7 +378,7 @@ static psa_status_t cipher_update( mbedtls_psa_cipher_operation_t *operation,
|
||||||
/* mbedtls_cipher_update has an API inconsistency: it will only
|
/* mbedtls_cipher_update has an API inconsistency: it will only
|
||||||
* process a single block at a time in ECB mode. Abstract away that
|
* process a single block at a time in ECB mode. Abstract away that
|
||||||
* inconsistency here to match the PSA API behaviour. */
|
* inconsistency here to match the PSA API behaviour. */
|
||||||
status = psa_cipher_update_ecb( &operation->cipher,
|
status = psa_cipher_update_ecb( &operation->ctx.cipher,
|
||||||
input,
|
input,
|
||||||
input_length,
|
input_length,
|
||||||
output,
|
output,
|
||||||
|
|
@ -388,7 +388,7 @@ static psa_status_t cipher_update( mbedtls_psa_cipher_operation_t *operation,
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
status = mbedtls_to_psa_error(
|
status = mbedtls_to_psa_error(
|
||||||
mbedtls_cipher_update( &operation->cipher, input,
|
mbedtls_cipher_update( &operation->ctx.cipher, input,
|
||||||
input_length, output, output_length ) );
|
input_length, output, output_length ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -403,7 +403,7 @@ static psa_status_t cipher_finish( mbedtls_psa_cipher_operation_t *operation,
|
||||||
psa_status_t status = PSA_ERROR_GENERIC_ERROR;
|
psa_status_t status = PSA_ERROR_GENERIC_ERROR;
|
||||||
uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH];
|
uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH];
|
||||||
|
|
||||||
if( operation->cipher.unprocessed_len != 0 )
|
if( operation->ctx.cipher.unprocessed_len != 0 )
|
||||||
{
|
{
|
||||||
if( operation->alg == PSA_ALG_ECB_NO_PADDING ||
|
if( operation->alg == PSA_ALG_ECB_NO_PADDING ||
|
||||||
operation->alg == PSA_ALG_CBC_NO_PADDING )
|
operation->alg == PSA_ALG_CBC_NO_PADDING )
|
||||||
|
|
@ -414,7 +414,7 @@ static psa_status_t cipher_finish( mbedtls_psa_cipher_operation_t *operation,
|
||||||
}
|
}
|
||||||
|
|
||||||
status = mbedtls_to_psa_error(
|
status = mbedtls_to_psa_error(
|
||||||
mbedtls_cipher_finish( &operation->cipher,
|
mbedtls_cipher_finish( &operation->ctx.cipher,
|
||||||
temp_output_buffer,
|
temp_output_buffer,
|
||||||
output_length ) );
|
output_length ) );
|
||||||
if( status != PSA_SUCCESS )
|
if( status != PSA_SUCCESS )
|
||||||
|
|
@ -441,7 +441,7 @@ static psa_status_t cipher_abort( mbedtls_psa_cipher_operation_t *operation )
|
||||||
if( ! PSA_ALG_IS_CIPHER( operation->alg ) )
|
if( ! PSA_ALG_IS_CIPHER( operation->alg ) )
|
||||||
return( PSA_ERROR_BAD_STATE );
|
return( PSA_ERROR_BAD_STATE );
|
||||||
|
|
||||||
mbedtls_cipher_free( &operation->cipher );
|
mbedtls_cipher_free( &operation->ctx.cipher );
|
||||||
|
|
||||||
return( PSA_SUCCESS );
|
return( PSA_SUCCESS );
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue