mirror of https://github.com/ARMmbed/mbed-os.git
Do not allocate zero sized buffers - asymmetric
itayzafrir
adbridge
parent
0807687966
commit
bbf7e77b2c
|
|
@ -652,82 +652,81 @@ static void psa_asymmetric_operation(void)
|
||||||
|
|
||||||
switch (psa_crypto.func) {
|
switch (psa_crypto.func) {
|
||||||
case PSA_ASYMMETRIC_SIGN: {
|
case PSA_ASYMMETRIC_SIGN: {
|
||||||
uint8_t *signature;
|
uint8_t *signature = NULL;
|
||||||
uint8_t *hash;
|
uint8_t *hash = NULL;
|
||||||
size_t signature_length = 0;
|
size_t signature_length = 0,
|
||||||
|
signature_size = msg.out_size[0],
|
||||||
|
hash_size = msg.in_size[1];
|
||||||
|
|
||||||
signature = mbedtls_calloc(1, msg.out_size[0]);
|
if (signature_size > 0) {
|
||||||
|
signature = mbedtls_calloc(1, signature_size);
|
||||||
if (signature == NULL) {
|
if (signature == NULL) {
|
||||||
status = PSA_ERROR_INSUFFICIENT_MEMORY;
|
status = PSA_ERROR_INSUFFICIENT_MEMORY;
|
||||||
break;
|
|
||||||
}
|
}
|
||||||
|
}
|
||||||
hash = mbedtls_calloc(1, msg.in_size[1]);
|
if (status == PSA_SUCCESS && hash_size > 0) {
|
||||||
|
hash = mbedtls_calloc(1, hash_size);
|
||||||
if (hash == NULL) {
|
if (hash == NULL) {
|
||||||
status = PSA_ERROR_INSUFFICIENT_MEMORY;
|
status = PSA_ERROR_INSUFFICIENT_MEMORY;
|
||||||
mbedtls_free(signature);
|
} else {
|
||||||
break;
|
bytes_read = psa_read(msg.handle, 1, hash, hash_size);
|
||||||
}
|
if (bytes_read != hash_size) {
|
||||||
|
|
||||||
bytes_read = psa_read(msg.handle, 1,
|
|
||||||
hash, msg.in_size[1]);
|
|
||||||
if (bytes_read != msg.in_size[1]) {
|
|
||||||
SPM_PANIC("SPM read length mismatch");
|
SPM_PANIC("SPM read length mismatch");
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
status = psa_asymmetric_sign(psa_crypto.handle,
|
if (status == PSA_SUCCESS) {
|
||||||
psa_crypto.alg,
|
status = psa_asymmetric_sign(psa_crypto.handle, psa_crypto.alg,
|
||||||
hash,
|
hash, hash_size,
|
||||||
msg.in_size[1],
|
signature, signature_size, &signature_length);
|
||||||
signature,
|
|
||||||
msg.out_size[0],
|
|
||||||
&signature_length);
|
|
||||||
|
|
||||||
if (status == PSA_SUCCESS) {
|
if (status == PSA_SUCCESS) {
|
||||||
psa_write(msg.handle, 0, signature, signature_length);
|
psa_write(msg.handle, 0, signature, signature_length);
|
||||||
}
|
}
|
||||||
|
psa_write(msg.handle, 1, &signature_length, sizeof(signature_length));
|
||||||
|
}
|
||||||
|
|
||||||
psa_write(msg.handle, 1,
|
|
||||||
&signature_length, sizeof(signature_length));
|
|
||||||
mbedtls_free(hash);
|
mbedtls_free(hash);
|
||||||
mbedtls_free(signature);
|
mbedtls_free(signature);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
case PSA_ASYMMETRIC_VERIFY: {
|
case PSA_ASYMMETRIC_VERIFY: {
|
||||||
uint8_t *signature;
|
uint8_t *signature = NULL;
|
||||||
uint8_t *hash;
|
uint8_t *hash = NULL;
|
||||||
signature = mbedtls_calloc(1, msg.in_size[1]);
|
size_t signature_size = msg.in_size[1],
|
||||||
|
hash_size = msg.in_size[2];
|
||||||
|
|
||||||
|
if (signature_size > 0) {
|
||||||
|
signature = mbedtls_calloc(1, signature_size);
|
||||||
if (signature == NULL) {
|
if (signature == NULL) {
|
||||||
status = PSA_ERROR_INSUFFICIENT_MEMORY;
|
status = PSA_ERROR_INSUFFICIENT_MEMORY;
|
||||||
break;
|
} else {
|
||||||
}
|
bytes_read = psa_read(msg.handle, 1, signature, signature_size);
|
||||||
|
if (bytes_read != signature_size) {
|
||||||
bytes_read = psa_read(msg.handle, 1,
|
|
||||||
signature, msg.in_size[1]);
|
|
||||||
if (bytes_read != msg.in_size[1]) {
|
|
||||||
SPM_PANIC("SPM read length mismatch");
|
SPM_PANIC("SPM read length mismatch");
|
||||||
}
|
}
|
||||||
|
}
|
||||||
hash = mbedtls_calloc(1, msg.in_size[2]);
|
}
|
||||||
|
if (status == PSA_SUCCESS && hash_size > 0) {
|
||||||
|
hash = mbedtls_calloc(1, hash_size);
|
||||||
if (hash == NULL) {
|
if (hash == NULL) {
|
||||||
status = PSA_ERROR_INSUFFICIENT_MEMORY;
|
status = PSA_ERROR_INSUFFICIENT_MEMORY;
|
||||||
mbedtls_free(signature);
|
} else {
|
||||||
break;
|
bytes_read = psa_read(msg.handle, 2, hash, hash_size);
|
||||||
}
|
if (bytes_read != hash_size) {
|
||||||
|
|
||||||
bytes_read = psa_read(msg.handle, 2,
|
|
||||||
hash, msg.in_size[2]);
|
|
||||||
if (bytes_read != msg.in_size[2]) {
|
|
||||||
SPM_PANIC("SPM read length mismatch");
|
SPM_PANIC("SPM read length mismatch");
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (status == PSA_SUCCESS) {
|
||||||
|
status = psa_asymmetric_verify(psa_crypto.handle, psa_crypto.alg,
|
||||||
|
hash, hash_size,
|
||||||
|
signature, signature_size);
|
||||||
|
}
|
||||||
|
|
||||||
status = psa_asymmetric_verify(psa_crypto.handle,
|
|
||||||
psa_crypto.alg,
|
|
||||||
hash,
|
|
||||||
msg.in_size[2],
|
|
||||||
signature,
|
|
||||||
msg.in_size[1]);
|
|
||||||
mbedtls_free(signature);
|
mbedtls_free(signature);
|
||||||
mbedtls_free(hash);
|
mbedtls_free(hash);
|
||||||
break;
|
break;
|
||||||
|
|
@ -735,59 +734,50 @@ static void psa_asymmetric_operation(void)
|
||||||
|
|
||||||
case PSA_ASYMMETRIC_ENCRYPT:
|
case PSA_ASYMMETRIC_ENCRYPT:
|
||||||
case PSA_ASYMMETRIC_DECRYPT: {
|
case PSA_ASYMMETRIC_DECRYPT: {
|
||||||
uint8_t *input;
|
uint8_t *input = NULL, *salt = NULL, *output = NULL, *buffer = NULL;
|
||||||
uint8_t *salt;
|
size_t output_length = 0,
|
||||||
uint8_t *output;
|
buffer_size = msg.in_size[1],
|
||||||
size_t output_length = 0;
|
output_size = msg.out_size[0];
|
||||||
|
|
||||||
uint8_t *buffer = mbedtls_calloc(1, msg.in_size[1]);
|
if (buffer_size > 0) {
|
||||||
|
buffer = mbedtls_calloc(1, buffer_size);
|
||||||
if (buffer == NULL) {
|
if (buffer == NULL) {
|
||||||
status = PSA_ERROR_INSUFFICIENT_MEMORY;
|
status = PSA_ERROR_INSUFFICIENT_MEMORY;
|
||||||
break;
|
} else {
|
||||||
}
|
bytes_read = psa_read(msg.handle, 1, buffer, buffer_size);
|
||||||
|
if (bytes_read != buffer_size) {
|
||||||
bytes_read = psa_read(msg.handle, 1, buffer,
|
|
||||||
msg.in_size[1]);
|
|
||||||
if (bytes_read != msg.in_size[1]) {
|
|
||||||
SPM_PANIC("SPM read length mismatch");
|
SPM_PANIC("SPM read length mismatch");
|
||||||
}
|
}
|
||||||
|
|
||||||
input = buffer;
|
input = buffer;
|
||||||
salt = buffer + psa_crypto.input_length;
|
salt = buffer + psa_crypto.input_length;
|
||||||
output = mbedtls_calloc(1, msg.out_size[0]);
|
}
|
||||||
|
}
|
||||||
|
if (status == PSA_SUCCESS && output_size > 0) {
|
||||||
|
output = mbedtls_calloc(1, output_size);
|
||||||
if (output == NULL) {
|
if (output == NULL) {
|
||||||
status = PSA_ERROR_INSUFFICIENT_MEMORY;
|
status = PSA_ERROR_INSUFFICIENT_MEMORY;
|
||||||
mbedtls_free(buffer);
|
}
|
||||||
break;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (psa_crypto.func == PSA_ASYMMETRIC_ENCRYPT)
|
if (status == PSA_SUCCESS) {
|
||||||
status = psa_asymmetric_encrypt(psa_crypto.handle,
|
if (psa_crypto.func == PSA_ASYMMETRIC_ENCRYPT) {
|
||||||
psa_crypto.alg,
|
status = psa_asymmetric_encrypt(psa_crypto.handle, psa_crypto.alg,
|
||||||
input,
|
input, psa_crypto.input_length,
|
||||||
psa_crypto.input_length,
|
salt, psa_crypto.salt_length,
|
||||||
salt,
|
output, output_size, &output_length);
|
||||||
psa_crypto.salt_length,
|
} else {
|
||||||
output,
|
status = psa_asymmetric_decrypt(psa_crypto.handle, psa_crypto.alg,
|
||||||
msg.out_size[0],
|
input, psa_crypto.input_length,
|
||||||
&output_length);
|
salt, psa_crypto.salt_length,
|
||||||
else
|
output, output_size, &output_length);
|
||||||
status = psa_asymmetric_decrypt(psa_crypto.handle,
|
}
|
||||||
psa_crypto.alg,
|
|
||||||
input,
|
|
||||||
psa_crypto.input_length,
|
|
||||||
salt,
|
|
||||||
psa_crypto.salt_length,
|
|
||||||
output,
|
|
||||||
msg.out_size[0],
|
|
||||||
&output_length);
|
|
||||||
|
|
||||||
if (status == PSA_SUCCESS) {
|
if (status == PSA_SUCCESS) {
|
||||||
psa_write(msg.handle, 0, output, output_length);
|
psa_write(msg.handle, 0, output, output_length);
|
||||||
}
|
}
|
||||||
|
psa_write(msg.handle, 1, &output_length, sizeof(output_length));
|
||||||
psa_write(msg.handle, 1,
|
}
|
||||||
&output_length, sizeof(output_length));
|
|
||||||
|
|
||||||
mbedtls_free(output);
|
mbedtls_free(output);
|
||||||
mbedtls_free(buffer);
|
mbedtls_free(buffer);
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue