yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

psa: aead: Isolate key slot unlock from operation abort

Browse source 
As we want to do Mbed TLS aead operations as a
driver does, aead operations should not access
the key slot as key slots are not available to
drivers.

Second step in this PR: do not unlock the key slot
as part of operation abort.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2021-03-16 16:30:42 +01:00
parent 197c2fd0a0
commit 7dbd800f42
1 changed files with 23 additions and 36 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

59
library/psa_crypto.c
View file

@ -3559,8 +3559,6 @@ static void psa_aead_abort_internal( aead_operation_t *operation )
break; break;
#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */ #endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
} }
psa_unlock_key_slot( operation->slot );
} }
static psa_status_t psa_aead_setup( aead_operation_t *operation, static psa_status_t psa_aead_setup( aead_operation_t *operation,
@ -3576,10 +3574,7 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation,
mbedtls_cipher_info_from_psa( alg, operation->slot->attr.type, key_bits, mbedtls_cipher_info_from_psa( alg, operation->slot->attr.type, key_bits,
&cipher_id ); &cipher_id );
if( operation->cipher_info == NULL ) if( operation->cipher_info == NULL )
{ return( PSA_ERROR_NOT_SUPPORTED );
status = PSA_ERROR_NOT_SUPPORTED;
goto cleanup;
}
switch( PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, 0 ) ) switch( PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, 0 ) )
{ {
@ -3591,17 +3586,15 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation,
* The call to mbedtls_ccm_encrypt_and_tag or * The call to mbedtls_ccm_encrypt_and_tag or
* mbedtls_ccm_auth_decrypt will validate the tag length. */ * mbedtls_ccm_auth_decrypt will validate the tag length. */
if( PSA_BLOCK_CIPHER_BLOCK_LENGTH( operation->slot->attr.type ) != 16 ) if( PSA_BLOCK_CIPHER_BLOCK_LENGTH( operation->slot->attr.type ) != 16 )
{ return( PSA_ERROR_INVALID_ARGUMENT );
status = PSA_ERROR_INVALID_ARGUMENT;
goto cleanup;
}
mbedtls_ccm_init( &operation->ctx.ccm ); mbedtls_ccm_init( &operation->ctx.ccm );
status = mbedtls_to_psa_error( status = mbedtls_to_psa_error(
mbedtls_ccm_setkey( &operation->ctx.ccm, cipher_id, mbedtls_ccm_setkey( &operation->ctx.ccm, cipher_id,
operation->slot->key.data, operation->slot->key.data,
(unsigned int) key_bits ) ); (unsigned int) key_bits ) );
if( status != 0 ) if( status != PSA_SUCCESS )
goto cleanup; return( status );
break; break;
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */ #endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
@ -3613,17 +3606,15 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation,
* The call to mbedtls_gcm_crypt_and_tag or * The call to mbedtls_gcm_crypt_and_tag or
* mbedtls_gcm_auth_decrypt will validate the tag length. */ * mbedtls_gcm_auth_decrypt will validate the tag length. */
if( PSA_BLOCK_CIPHER_BLOCK_LENGTH( operation->slot->attr.type ) != 16 ) if( PSA_BLOCK_CIPHER_BLOCK_LENGTH( operation->slot->attr.type ) != 16 )
{ return( PSA_ERROR_INVALID_ARGUMENT );
status = PSA_ERROR_INVALID_ARGUMENT;
goto cleanup;
}
mbedtls_gcm_init( &operation->ctx.gcm ); mbedtls_gcm_init( &operation->ctx.gcm );
status = mbedtls_to_psa_error( status = mbedtls_to_psa_error(
mbedtls_gcm_setkey( &operation->ctx.gcm, cipher_id, mbedtls_gcm_setkey( &operation->ctx.gcm, cipher_id,
operation->slot->key.data, operation->slot->key.data,
(unsigned int) key_bits ) ); (unsigned int) key_bits ) );
if( status != 0 ) if( status != PSA_SUCCESS )
goto cleanup; return( status );
break; break;
#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */ #endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
@ -3633,36 +3624,27 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation,
operation->full_tag_length = 16; operation->full_tag_length = 16;
/* We only support the default tag length. */ /* We only support the default tag length. */
if( alg != PSA_ALG_CHACHA20_POLY1305 ) if( alg != PSA_ALG_CHACHA20_POLY1305 )
{ return( PSA_ERROR_NOT_SUPPORTED );
status = PSA_ERROR_NOT_SUPPORTED;
goto cleanup;
}
mbedtls_chachapoly_init( &operation->ctx.chachapoly ); mbedtls_chachapoly_init( &operation->ctx.chachapoly );
status = mbedtls_to_psa_error( status = mbedtls_to_psa_error(
mbedtls_chachapoly_setkey( &operation->ctx.chachapoly, mbedtls_chachapoly_setkey( &operation->ctx.chachapoly,
operation->slot->key.data ) ); operation->slot->key.data ) );
if( status != 0 ) if( status != PSA_SUCCESS )
goto cleanup; return( status );
break; break;
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */ #endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
default: default:
status = PSA_ERROR_NOT_SUPPORTED; return( PSA_ERROR_NOT_SUPPORTED );
goto cleanup;
} }
if( PSA_AEAD_TAG_LENGTH( alg ) > operation->full_tag_length ) if( PSA_AEAD_TAG_LENGTH( alg ) > operation->full_tag_length )
{ return( PSA_ERROR_INVALID_ARGUMENT );
status = PSA_ERROR_INVALID_ARGUMENT;
goto cleanup;
}
operation->tag_length = PSA_AEAD_TAG_LENGTH( alg ); operation->tag_length = PSA_AEAD_TAG_LENGTH( alg );
return( PSA_SUCCESS ); return( PSA_SUCCESS );
cleanup:
psa_aead_abort_internal( operation );
return( status );
} }
psa_status_t psa_aead_encrypt( mbedtls_svc_key_id_t key, psa_status_t psa_aead_encrypt( mbedtls_svc_key_id_t key,
@ -3690,7 +3672,7 @@ psa_status_t psa_aead_encrypt( mbedtls_svc_key_id_t key,
status = psa_aead_setup( &operation, alg ); status = psa_aead_setup( &operation, alg );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
return( status ); goto exit;
/* For all currently supported modes, the tag is at the end of the /* For all currently supported modes, the tag is at the end of the
* ciphertext. */ * ciphertext. */
@ -3758,7 +3740,10 @@ psa_status_t psa_aead_encrypt( mbedtls_svc_key_id_t key,
memset( ciphertext, 0, ciphertext_size ); memset( ciphertext, 0, ciphertext_size );
exit: exit:
psa_unlock_key_slot( operation.slot );
psa_aead_abort_internal( &operation ); psa_aead_abort_internal( &operation );
if( status == PSA_SUCCESS ) if( status == PSA_SUCCESS )
*ciphertext_length = plaintext_length + operation.tag_length; *ciphertext_length = plaintext_length + operation.tag_length;
return( status ); return( status );
@ -3810,7 +3795,7 @@ psa_status_t psa_aead_decrypt( mbedtls_svc_key_id_t key,
status = psa_aead_setup( &operation, alg ); status = psa_aead_setup( &operation, alg );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
return( status ); goto exit;
status = psa_aead_unpadded_locate_tag( operation.tag_length, status = psa_aead_unpadded_locate_tag( operation.tag_length,
ciphertext, ciphertext_length, ciphertext, ciphertext_length,
@ -3874,7 +3859,9 @@ psa_status_t psa_aead_decrypt( mbedtls_svc_key_id_t key,
memset( plaintext, 0, plaintext_size ); memset( plaintext, 0, plaintext_size );
exit: exit:
psa_unlock_key_slot( operation.slot );
psa_aead_abort_internal( &operation ); psa_aead_abort_internal( &operation );
if( status == PSA_SUCCESS ) if( status == PSA_SUCCESS )
*plaintext_length = ciphertext_length - operation.tag_length; *plaintext_length = ciphertext_length - operation.tag_length;
return( status ); return( status );