ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Do not allocate zero sized buffers - asymmetric

pull/10469/head
itayzafrir 2019-03-27 13:59:05 +02:00 committed by adbridge
parent 0807687966
commit bbf7e77b2c
1 changed files with 96 additions and 106 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

202
components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c
View File

@ -652,82 +652,81 @@ static void psa_asymmetric_operation(void)
switch (psa_crypto.func) { switch (psa_crypto.func) {
case PSA_ASYMMETRIC_SIGN: { case PSA_ASYMMETRIC_SIGN: {
uint8_t *signature; uint8_t *signature = NULL;
uint8_t *hash; uint8_t *hash = NULL;
size_t signature_length = 0; size_t signature_length = 0,
signature_size = msg.out_size[0],
hash_size = msg.in_size[1];
signature = mbedtls_calloc(1, msg.out_size[0]); if (signature_size > 0) {
if (signature == NULL) { signature = mbedtls_calloc(1, signature_size);
status = PSA_ERROR_INSUFFICIENT_MEMORY; if (signature == NULL) {
break; status = PSA_ERROR_INSUFFICIENT_MEMORY;
}
} }
if (status == PSA_SUCCESS && hash_size > 0) {
hash = mbedtls_calloc(1, msg.in_size[1]); hash = mbedtls_calloc(1, hash_size);
if (hash == NULL) { if (hash == NULL) {
status = PSA_ERROR_INSUFFICIENT_MEMORY; status = PSA_ERROR_INSUFFICIENT_MEMORY;
mbedtls_free(signature); } else {
break; bytes_read = psa_read(msg.handle, 1, hash, hash_size);
if (bytes_read != hash_size) {
SPM_PANIC("SPM read length mismatch");
}
}
} }
bytes_read = psa_read(msg.handle, 1,
hash, msg.in_size[1]);
if (bytes_read != msg.in_size[1]) {
SPM_PANIC("SPM read length mismatch");
}
status = psa_asymmetric_sign(psa_crypto.handle,
psa_crypto.alg,
hash,
msg.in_size[1],
signature,
msg.out_size[0],
&signature_length);
if (status == PSA_SUCCESS) { if (status == PSA_SUCCESS) {
psa_write(msg.handle, 0, signature, signature_length); status = psa_asymmetric_sign(psa_crypto.handle, psa_crypto.alg,
hash, hash_size,
signature, signature_size, &signature_length);
if (status == PSA_SUCCESS) {
psa_write(msg.handle, 0, signature, signature_length);
}
psa_write(msg.handle, 1, &signature_length, sizeof(signature_length));
} }
psa_write(msg.handle, 1,
&signature_length, sizeof(signature_length));
mbedtls_free(hash); mbedtls_free(hash);
mbedtls_free(signature); mbedtls_free(signature);
break; break;
} }
case PSA_ASYMMETRIC_VERIFY: { case PSA_ASYMMETRIC_VERIFY: {
uint8_t *signature; uint8_t *signature = NULL;
uint8_t *hash; uint8_t *hash = NULL;
signature = mbedtls_calloc(1, msg.in_size[1]); size_t signature_size = msg.in_size[1],
if (signature == NULL) { hash_size = msg.in_size[2];
status = PSA_ERROR_INSUFFICIENT_MEMORY;
break; if (signature_size > 0) {
signature = mbedtls_calloc(1, signature_size);
if (signature == NULL) {
status = PSA_ERROR_INSUFFICIENT_MEMORY;
} else {
bytes_read = psa_read(msg.handle, 1, signature, signature_size);
if (bytes_read != signature_size) {
SPM_PANIC("SPM read length mismatch");
}
}
}
if (status == PSA_SUCCESS && hash_size > 0) {
hash = mbedtls_calloc(1, hash_size);
if (hash == NULL) {
status = PSA_ERROR_INSUFFICIENT_MEMORY;
} else {
bytes_read = psa_read(msg.handle, 2, hash, hash_size);
if (bytes_read != hash_size) {
SPM_PANIC("SPM read length mismatch");
}
}
} }
bytes_read = psa_read(msg.handle, 1, if (status == PSA_SUCCESS) {
signature, msg.in_size[1]); status = psa_asymmetric_verify(psa_crypto.handle, psa_crypto.alg,
if (bytes_read != msg.in_size[1]) { hash, hash_size,
SPM_PANIC("SPM read length mismatch"); signature, signature_size);
} }
hash = mbedtls_calloc(1, msg.in_size[2]);
if (hash == NULL) {
status = PSA_ERROR_INSUFFICIENT_MEMORY;
mbedtls_free(signature);
break;
}
bytes_read = psa_read(msg.handle, 2,
hash, msg.in_size[2]);
if (bytes_read != msg.in_size[2]) {
SPM_PANIC("SPM read length mismatch");
}
status = psa_asymmetric_verify(psa_crypto.handle,
psa_crypto.alg,
hash,
msg.in_size[2],
signature,
msg.in_size[1]);
mbedtls_free(signature); mbedtls_free(signature);
mbedtls_free(hash); mbedtls_free(hash);
break; break;
@ -735,59 +734,50 @@ static void psa_asymmetric_operation(void)
case PSA_ASYMMETRIC_ENCRYPT: case PSA_ASYMMETRIC_ENCRYPT:
case PSA_ASYMMETRIC_DECRYPT: { case PSA_ASYMMETRIC_DECRYPT: {
uint8_t *input; uint8_t *input = NULL, *salt = NULL, *output = NULL, *buffer = NULL;
uint8_t *salt; size_t output_length = 0,
uint8_t *output; buffer_size = msg.in_size[1],
size_t output_length = 0; output_size = msg.out_size[0];
uint8_t *buffer = mbedtls_calloc(1, msg.in_size[1]); if (buffer_size > 0) {
if (buffer == NULL) { buffer = mbedtls_calloc(1, buffer_size);
status = PSA_ERROR_INSUFFICIENT_MEMORY; if (buffer == NULL) {
break; status = PSA_ERROR_INSUFFICIENT_MEMORY;
} else {
bytes_read = psa_read(msg.handle, 1, buffer, buffer_size);
if (bytes_read != buffer_size) {
SPM_PANIC("SPM read length mismatch");
}
input = buffer;
salt = buffer + psa_crypto.input_length;
}
} }
if (status == PSA_SUCCESS && output_size > 0) {
bytes_read = psa_read(msg.handle, 1, buffer, output = mbedtls_calloc(1, output_size);
msg.in_size[1]); if (output == NULL) {
if (bytes_read != msg.in_size[1]) { status = PSA_ERROR_INSUFFICIENT_MEMORY;
SPM_PANIC("SPM read length mismatch"); }
} }
input = buffer;
salt = buffer + psa_crypto.input_length;
output = mbedtls_calloc(1, msg.out_size[0]);
if (output == NULL) {
status = PSA_ERROR_INSUFFICIENT_MEMORY;
mbedtls_free(buffer);
break;
}
if (psa_crypto.func == PSA_ASYMMETRIC_ENCRYPT)
status = psa_asymmetric_encrypt(psa_crypto.handle,
psa_crypto.alg,
input,
psa_crypto.input_length,
salt,
psa_crypto.salt_length,
output,
msg.out_size[0],
&output_length);
else
status = psa_asymmetric_decrypt(psa_crypto.handle,
psa_crypto.alg,
input,
psa_crypto.input_length,
salt,
psa_crypto.salt_length,
output,
msg.out_size[0],
&output_length);
if (status == PSA_SUCCESS) { if (status == PSA_SUCCESS) {
psa_write(msg.handle, 0, output, output_length); if (psa_crypto.func == PSA_ASYMMETRIC_ENCRYPT) {
} status = psa_asymmetric_encrypt(psa_crypto.handle, psa_crypto.alg,
input, psa_crypto.input_length,
salt, psa_crypto.salt_length,
output, output_size, &output_length);
} else {
status = psa_asymmetric_decrypt(psa_crypto.handle, psa_crypto.alg,
input, psa_crypto.input_length,
salt, psa_crypto.salt_length,
output, output_size, &output_length);
}
psa_write(msg.handle, 1, if (status == PSA_SUCCESS) {
&output_length, sizeof(output_length)); psa_write(msg.handle, 0, output, output_length);
}
psa_write(msg.handle, 1, &output_length, sizeof(output_length));
}
mbedtls_free(output); mbedtls_free(output);
mbedtls_free(buffer); mbedtls_free(buffer);