From 1b26e0d5f248e1564f7f4103adba5e3b547f6d43 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Wed, 20 Mar 2019 17:33:23 +0200 Subject: [PATCH 01/15] Fix crypto service abort functionality - cipher Also refactor cipher setup function to one common function. --- .../COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c | 47 +++++--- .../COMPONENT_SPE/psa_crypto_partition.c | 100 ++++++++++-------- 2 files changed, 84 insertions(+), 63 deletions(-) diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c b/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c index 1ccb160b9e..4c2ad31d2b 100644 --- a/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c +++ b/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c @@ -1055,12 +1055,17 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator) /****************************************************************/ /* SYMMETRIC */ /****************************************************************/ -psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, - psa_key_handle_t key_handle, - psa_algorithm_t alg) +static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation, + psa_key_handle_t key_handle, + psa_algorithm_t alg, + psa_sec_function_t func) { + if (operation->handle != PSA_NULL_HANDLE) { + return (PSA_ERROR_BAD_STATE); + } + psa_crypto_ipc_t psa_crypto_ipc = { - .func = PSA_CIPHER_ENCRYPT_SETUP, + .func = func, .handle = key_handle, .alg = alg }; @@ -1072,6 +1077,17 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, return (status); } status = ipc_call(&operation->handle, &in_vec, 1, NULL, 0, false); + if (status != PSA_SUCCESS) { + ipc_close(&operation->handle); + } + return (status); +} + +psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, + psa_key_handle_t key_handle, + psa_algorithm_t alg) +{ + psa_status_t status = psa_cipher_setup(operation, key_handle, alg, PSA_CIPHER_ENCRYPT_SETUP); return (status); } @@ -1079,19 +1095,7 @@ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, psa_key_handle_t key_handle, psa_algorithm_t alg) { - psa_crypto_ipc_t psa_crypto_ipc = { - .func = PSA_CIPHER_DECRYPT_SETUP, - .handle = key_handle, - .alg = alg - }; - - psa_invec in_vec = { &psa_crypto_ipc, sizeof(psa_crypto_ipc) }; - - psa_status_t status = ipc_connect(PSA_SYMMETRIC_ID, &operation->handle); - if (status != PSA_SUCCESS) { - return (status); - } - status = ipc_call(&operation->handle, &in_vec, 1, NULL, 0, false); + psa_status_t status = psa_cipher_setup(operation, key_handle, alg, PSA_CIPHER_DECRYPT_SETUP); return (status); } @@ -1114,6 +1118,9 @@ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, }; psa_status_t status = ipc_call(&operation->handle, &in_vec, 1, out_vec, 2, false); + if (status != PSA_SUCCESS) { + ipc_close(&operation->handle); + } return (status); } @@ -1133,6 +1140,9 @@ psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, }; psa_status_t status = ipc_call(&operation->handle, in_vec, 2, NULL, 0, false); + if (status != PSA_SUCCESS) { + ipc_close(&operation->handle); + } return (status); } @@ -1160,6 +1170,9 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, }; psa_status_t status = ipc_call(&operation->handle, in_vec, 2, out_vec, 2, false); + if (status != PSA_SUCCESS) { + ipc_close(&operation->handle); + } return (status); } diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c index 55c9ff5270..d7b6ab4b95 100644 --- a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c +++ b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c @@ -919,28 +919,30 @@ static void psa_symmetric_operation(void) switch (psa_crypto_ipc.func) { case PSA_CIPHER_ENCRYPT_SETUP: { - if (!psa_crypto_access_control_is_handle_permitted(psa_crypto_ipc.handle, - msg.client_id)) { + if (psa_crypto_access_control_is_handle_permitted(psa_crypto_ipc.handle, msg.client_id)) { + status = psa_cipher_encrypt_setup(msg.rhandle, psa_crypto_ipc.handle, psa_crypto_ipc.alg); + } else { status = PSA_ERROR_INVALID_HANDLE; - break; } - status = psa_cipher_encrypt_setup(msg.rhandle, - psa_crypto_ipc.handle, - psa_crypto_ipc.alg); + if (status != PSA_SUCCESS) { + mbedtls_free(msg.rhandle); + psa_set_rhandle(msg.handle, NULL); + } break; } case PSA_CIPHER_DECRYPT_SETUP: { - if (!psa_crypto_access_control_is_handle_permitted(psa_crypto_ipc.handle, - msg.client_id)) { + if (psa_crypto_access_control_is_handle_permitted(psa_crypto_ipc.handle, msg.client_id)) { + status = psa_cipher_decrypt_setup(msg.rhandle, psa_crypto_ipc.handle, psa_crypto_ipc.alg); + } else { status = PSA_ERROR_INVALID_HANDLE; - break; } - status = psa_cipher_decrypt_setup(msg.rhandle, - psa_crypto_ipc.handle, - psa_crypto_ipc.alg); + if (status != PSA_SUCCESS) { + mbedtls_free(msg.rhandle); + psa_set_rhandle(msg.handle, NULL); + } break; } @@ -955,6 +957,9 @@ static void psa_symmetric_operation(void) psa_write(msg.handle, 0, iv, iv_length); psa_write(msg.handle, 1, &iv_length, sizeof(iv_length)); + } else { + mbedtls_free(msg.rhandle); + psa_set_rhandle(msg.handle, NULL); } break; } @@ -968,7 +973,10 @@ static void psa_symmetric_operation(void) SPM_PANIC("SPM read length mismatch"); } status = psa_cipher_set_iv(msg.rhandle, iv, iv_length); - + if (status != PSA_SUCCESS) { + mbedtls_free(msg.rhandle); + psa_set_rhandle(msg.handle, NULL); + } break; } @@ -976,38 +984,35 @@ static void psa_symmetric_operation(void) size_t input_length = msg.in_size[1]; size_t output_size = msg.out_size[0]; size_t output_length = 0; - uint8_t *input; - unsigned char *output; + uint8_t *input = NULL; + unsigned char *output = NULL; input = mbedtls_calloc(1, input_length); - if (input == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - - bytes_read = psa_read(msg.handle, 1, input, - input_length); - if (bytes_read != input_length) { - SPM_PANIC("SPM read length mismatch"); - } - output = mbedtls_calloc(1, output_size); - if (output == NULL) { - mbedtls_free(input); + if (input == NULL || output == NULL) { + psa_cipher_abort(msg.rhandle); status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } + } else { + bytes_read = psa_read(msg.handle, 1, input, input_length); + if (bytes_read != input_length) { + SPM_PANIC("SPM read length mismatch"); + } + + status = psa_cipher_update(msg.rhandle, input, input_length, output, output_size, + &output_length); + if (status == PSA_SUCCESS) { + psa_write(msg.handle, 0, output, output_length); + psa_write(msg.handle, 1, &output_length, sizeof(output_length)); + } - status = psa_cipher_update(msg.rhandle, input, - input_length, output, output_size, &output_length); - if (status == PSA_SUCCESS) { - psa_write(msg.handle, 0, output, output_length); - psa_write(msg.handle, 1, - &output_length, sizeof(output_length)); } mbedtls_free(input); mbedtls_free(output); + if (status != PSA_SUCCESS) { + mbedtls_free(msg.rhandle); + psa_set_rhandle(msg.handle, NULL); + } break; } @@ -1018,23 +1023,26 @@ static void psa_symmetric_operation(void) output = mbedtls_calloc(1, output_size); if (output == NULL) { + psa_cipher_abort(msg.rhandle); status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; + } else { + status = psa_cipher_finish(msg.rhandle, output, output_size, &output_length); + if (status == PSA_SUCCESS) { + psa_write(msg.handle, 0, output, output_length); + psa_write(msg.handle, 1, &output_length, sizeof(output_length)); + } + mbedtls_free(output); } - status = psa_cipher_finish(msg.rhandle, output, - output_size, &output_length); - if (status == PSA_SUCCESS) { - psa_write(msg.handle, 0, output, output_length); - psa_write(msg.handle, 1, - &output_length, sizeof(output_length)); - } - mbedtls_free(output); + mbedtls_free(msg.rhandle); + psa_set_rhandle(msg.handle, NULL); break; } case PSA_CIPHER_ABORT: { status = psa_cipher_abort(msg.rhandle); + mbedtls_free(msg.rhandle); + psa_set_rhandle(msg.handle, NULL); break; } @@ -1048,8 +1056,8 @@ static void psa_symmetric_operation(void) } case PSA_IPC_DISCONNECT: { - psa_cipher_abort(msg.rhandle); if (msg.rhandle != NULL) { + psa_cipher_abort(msg.rhandle); mbedtls_free(msg.rhandle); } From da999c694691d52810eb4b017df1dba867f39a19 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Wed, 20 Mar 2019 18:18:33 +0200 Subject: [PATCH 02/15] Fix crypto service abort functionality - hash --- .../COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c | 10 ++ .../COMPONENT_SPE/psa_crypto_partition.c | 95 +++++++++++-------- 2 files changed, 64 insertions(+), 41 deletions(-) diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c b/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c index 4c2ad31d2b..d0fafb8b6a 100644 --- a/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c +++ b/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c @@ -240,6 +240,10 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation) psa_status_t psa_hash_setup(psa_hash_operation_t *operation, psa_algorithm_t alg) { + if (operation->handle != PSA_NULL_HANDLE) { + return (PSA_ERROR_BAD_STATE); + } + psa_crypto_ipc_t psa_crypto_ipc = { .func = PSA_HASH_SETUP, .handle = 0, @@ -253,6 +257,9 @@ psa_status_t psa_hash_setup(psa_hash_operation_t *operation, return (status); } status = ipc_call(&operation->handle, &in_vec, 1, NULL, 0, false); + if (status != PSA_SUCCESS) { + ipc_close(&operation->handle); + } return (status); } @@ -272,6 +279,9 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation, }; psa_status_t status = ipc_call(&operation->handle, in_vec, 2, NULL, 0, false); + if (status != PSA_SUCCESS) { + ipc_close(&operation->handle); + } return (status); } diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c index d7b6ab4b95..84208a6401 100644 --- a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c +++ b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c @@ -414,6 +414,10 @@ static void psa_hash_operation(void) case PSA_HASH_SETUP: { status = psa_hash_setup(msg.rhandle, psa_crypto.alg); + if (status != PSA_SUCCESS) { + mbedtls_free(msg.rhandle); + psa_set_rhandle(msg.handle, NULL); + } break; } @@ -425,32 +429,32 @@ static void psa_hash_operation(void) input_buffer = mbedtls_calloc(1, allocation_size); if (input_buffer == NULL) { + psa_hash_abort(msg.rhandle); status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; + } else { + while (data_remaining > 0) { + size_to_read = MIN(data_remaining, MAX_DATA_CHUNK_SIZE_IN_BYTES); + bytes_read = psa_read(msg.handle, 1, input_buffer, size_to_read); + + if (bytes_read != size_to_read) { + SPM_PANIC("SPM read length mismatch"); + } + + status = psa_hash_update(msg.rhandle, input_buffer, bytes_read); + // stop on error + if (status != PSA_SUCCESS) { + break; + } + data_remaining = data_remaining - bytes_read; + } + mbedtls_free(input_buffer); } - while (data_remaining > 0) { - size_to_read = MIN(data_remaining, MAX_DATA_CHUNK_SIZE_IN_BYTES); - bytes_read = psa_read(msg.handle, 1, input_buffer, - size_to_read); - - if (bytes_read != size_to_read) { - SPM_PANIC("SPM read length mismatch"); - } - - status = psa_hash_update(msg.rhandle, - input_buffer, - bytes_read); - - // stop on error - if (status != PSA_SUCCESS) { - break; - } - data_remaining = data_remaining - bytes_read; + if (status != PSA_SUCCESS) { + destroy_hash_clone(msg.rhandle); + mbedtls_free(msg.rhandle); + psa_set_rhandle(msg.handle, NULL); } - - mbedtls_free(input_buffer); - break; } @@ -465,20 +469,20 @@ static void psa_hash_operation(void) size_t hash_length = 0; uint8_t *hash = mbedtls_calloc(1, hash_size); if (hash == NULL) { + psa_hash_abort(msg.rhandle); status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; + } else { + status = psa_hash_finish(msg.rhandle, hash, hash_size, &hash_length); + if (status == PSA_SUCCESS) { + psa_write(msg.handle, 0, hash, hash_length); + psa_write(msg.handle, 1, &hash_length, sizeof(hash_length)); + } + mbedtls_free(hash); } - status = psa_hash_finish(msg.rhandle, hash, hash_size, - &hash_length); - if (status == PSA_SUCCESS) { - psa_write(msg.handle, 0, hash, hash_length); - psa_write(msg.handle, 1, &hash_length, - sizeof(hash_length)); - } - - mbedtls_free(hash); destroy_hash_clone(msg.rhandle); + mbedtls_free(msg.rhandle); + psa_set_rhandle(msg.handle, NULL); break; } @@ -493,24 +497,29 @@ static void psa_hash_operation(void) uint8_t *hash = mbedtls_calloc(1, hash_length); if (hash == NULL) { + psa_hash_abort(msg.rhandle); status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; + } else { + bytes_read = psa_read(msg.handle, 2, hash, msg.in_size[2]); + if (bytes_read != msg.in_size[2]) { + SPM_PANIC("SPM read length mismatch"); + } + + status = psa_hash_verify(msg.rhandle, hash, hash_length); + mbedtls_free(hash); } - bytes_read = psa_read(msg.handle, 2, hash, msg.in_size[2]); - if (bytes_read != msg.in_size[2]) { - SPM_PANIC("SPM read length mismatch"); - } - - status = psa_hash_verify(msg.rhandle, hash, hash_length); - mbedtls_free(hash); destroy_hash_clone(msg.rhandle); + mbedtls_free(msg.rhandle); + psa_set_rhandle(msg.handle, NULL); break; } case PSA_HASH_ABORT: { status = psa_hash_abort(msg.rhandle); destroy_hash_clone(msg.rhandle); + mbedtls_free(msg.rhandle); + psa_set_rhandle(msg.handle, NULL); break; } @@ -537,6 +546,10 @@ static void psa_hash_operation(void) status = psa_hash_clone(hash_clone->source_operation, msg.rhandle); release_hash_clone(hash_clone); } + if (status != PSA_SUCCESS) { + mbedtls_free(msg.rhandle); + psa_set_rhandle(msg.handle, NULL); + } break; } @@ -550,8 +563,8 @@ static void psa_hash_operation(void) } case PSA_IPC_DISCONNECT: { - psa_hash_abort(msg.rhandle); if (msg.rhandle != NULL) { + psa_hash_abort(msg.rhandle); destroy_hash_clone(msg.rhandle); mbedtls_free(msg.rhandle); } From 545e669c88f7373d9705ffe499d7e95ebf3a2395 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Wed, 20 Mar 2019 18:32:39 +0200 Subject: [PATCH 03/15] Fix crypto service abort functionality - mac --- .../COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c | 10 ++ .../COMPONENT_SPE/psa_crypto_partition.c | 107 ++++++++++-------- 2 files changed, 67 insertions(+), 50 deletions(-) diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c b/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c index d0fafb8b6a..e04fa0caf8 100644 --- a/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c +++ b/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c @@ -120,6 +120,10 @@ static psa_status_t psa_mac_setup(psa_mac_operation_t *operation, psa_algorithm_t alg, psa_sec_function_t func) { + if (operation->handle != PSA_NULL_HANDLE) { + return (PSA_ERROR_BAD_STATE); + } + psa_crypto_ipc_t psa_crypto_ipc = { .func = func, .handle = key_handle, @@ -133,6 +137,9 @@ static psa_status_t psa_mac_setup(psa_mac_operation_t *operation, return (status); } status = ipc_call(&operation->handle, &in_vec, 1, NULL, 0, false); + if (status != PSA_SUCCESS) { + ipc_close(&operation->handle); + } return (status); } @@ -168,6 +175,9 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation, }; psa_status_t status = ipc_call(&operation->handle, in_vec, 2, NULL, 0, false); + if (status != PSA_SUCCESS) { + ipc_close(&operation->handle); + } return (status); } diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c index 84208a6401..c4dcf00062 100644 --- a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c +++ b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c @@ -227,28 +227,30 @@ static void psa_mac_operation(void) switch (psa_crypto.func) { case PSA_MAC_SIGN_SETUP: { - if (!psa_crypto_access_control_is_handle_permitted(psa_crypto.handle, - msg.client_id)) { + if (psa_crypto_access_control_is_handle_permitted(psa_crypto.handle, msg.client_id)) { + status = psa_mac_sign_setup(msg.rhandle, psa_crypto.handle, psa_crypto.alg); + } else { status = PSA_ERROR_INVALID_HANDLE; - break; } - status = psa_mac_sign_setup(msg.rhandle, - psa_crypto.handle, - psa_crypto.alg); + if (status != PSA_SUCCESS) { + mbedtls_free(msg.rhandle); + psa_set_rhandle(msg.handle, NULL); + } break; } case PSA_MAC_VERIFY_SETUP: { - if (!psa_crypto_access_control_is_handle_permitted(psa_crypto.handle, - msg.client_id)) { + if (psa_crypto_access_control_is_handle_permitted(psa_crypto.handle, msg.client_id)) { + status = psa_mac_verify_setup(msg.rhandle, psa_crypto.handle, psa_crypto.alg); + } else { status = PSA_ERROR_INVALID_HANDLE; - break; } - status = psa_mac_verify_setup(msg.rhandle, - psa_crypto.handle, - psa_crypto.alg); + if (status != PSA_SUCCESS) { + mbedtls_free(msg.rhandle); + psa_set_rhandle(msg.handle, NULL); + } break; } @@ -261,32 +263,32 @@ static void psa_mac_operation(void) input_buffer = mbedtls_calloc(1, allocation_size); if (input_buffer == NULL) { + psa_mac_abort(msg.rhandle); status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } + } else { + while (data_remaining > 0) { + size_to_read = MIN(data_remaining, MAX_DATA_CHUNK_SIZE_IN_BYTES); + bytes_read = psa_read(msg.handle, 1, input_buffer, size_to_read); - while (data_remaining > 0) { - size_to_read = MIN(data_remaining, MAX_DATA_CHUNK_SIZE_IN_BYTES); - bytes_read = psa_read(msg.handle, 1, input_buffer, - size_to_read); + if (bytes_read != size_to_read) { + SPM_PANIC("SPM read length mismatch"); + } - if (bytes_read != size_to_read) { - SPM_PANIC("SPM read length mismatch"); + status = psa_mac_update(msg.rhandle, input_buffer, bytes_read); + // stop on error + if (status != PSA_SUCCESS) { + break; + } + data_remaining = data_remaining - bytes_read; } - status = psa_mac_update(msg.rhandle, - input_buffer, - bytes_read); - - // stop on error - if (status != PSA_SUCCESS) { - break; - } - data_remaining = data_remaining - bytes_read; + mbedtls_free(input_buffer); } - mbedtls_free(input_buffer); - + if (status != PSA_SUCCESS) { + mbedtls_free(msg.rhandle); + psa_set_rhandle(msg.handle, NULL); + } break; } @@ -301,19 +303,19 @@ static void psa_mac_operation(void) size_t mac_length = 0; uint8_t *mac = mbedtls_calloc(1, mac_size); if (mac == NULL) { + psa_mac_abort(msg.rhandle); status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; + } else { + status = psa_mac_sign_finish(msg.rhandle, mac, mac_size, &mac_length); + if (status == PSA_SUCCESS) { + psa_write(msg.handle, 0, mac, mac_length); + psa_write(msg.handle, 1, &mac_length, sizeof(mac_length)); + } + mbedtls_free(mac); } - status = psa_mac_sign_finish(msg.rhandle, mac, mac_size, - &mac_length); - if (status == PSA_SUCCESS) { - psa_write(msg.handle, 0, mac, mac_length); - psa_write(msg.handle, 1, &mac_length, - sizeof(mac_length)); - } - - mbedtls_free(mac); + mbedtls_free(msg.rhandle); + psa_set_rhandle(msg.handle, NULL); break; } @@ -328,22 +330,27 @@ static void psa_mac_operation(void) uint8_t *mac = mbedtls_calloc(1, mac_length); if (mac == NULL) { + psa_mac_abort(msg.rhandle); status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; + } else { + bytes_read = psa_read(msg.handle, 2, mac, msg.in_size[2]); + if (bytes_read != msg.in_size[2]) { + SPM_PANIC("SPM read length mismatch"); + } + + status = psa_mac_verify_finish(msg.rhandle, mac, mac_length); + mbedtls_free(mac); } - bytes_read = psa_read(msg.handle, 2, mac, msg.in_size[2]); - if (bytes_read != msg.in_size[2]) { - SPM_PANIC("SPM read length mismatch"); - } - - status = psa_mac_verify_finish(msg.rhandle, mac, mac_length); - mbedtls_free(mac); + mbedtls_free(msg.rhandle); + psa_set_rhandle(msg.handle, NULL); break; } case PSA_MAC_ABORT: { status = psa_mac_abort(msg.rhandle); + mbedtls_free(msg.rhandle); + psa_set_rhandle(msg.handle, NULL); break; } @@ -359,8 +366,8 @@ static void psa_mac_operation(void) } case PSA_IPC_DISCONNECT: { - psa_mac_abort(msg.rhandle); if (msg.rhandle != NULL) { + psa_mac_abort(msg.rhandle); mbedtls_free(msg.rhandle); } From 8044f6d03827a1b5bcbf457370efd31b33b2cc00 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Sun, 24 Mar 2019 16:35:52 +0200 Subject: [PATCH 04/15] Fix crypto service abort functionality - generators --- .../COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c | 14 ++++ .../COMPONENT_SPE/psa_crypto_partition.c | 84 ++++++++++--------- 2 files changed, 58 insertions(+), 40 deletions(-) diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c b/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c index e04fa0caf8..a4b6c10090 100644 --- a/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c +++ b/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c @@ -1006,6 +1006,10 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, size_t label_length, size_t capacity) { + if (generator->handle != PSA_NULL_HANDLE) { + return (PSA_ERROR_BAD_STATE); + } + psa_crypto_derivation_ipc_t psa_crypto_ipc = { .func = PSA_KEY_DERIVATION, .handle = key_handle, @@ -1024,6 +1028,9 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, return (status); } status = ipc_call(&generator->handle, in_vec, 3, NULL, 0, false); + if (status != PSA_SUCCESS) { + ipc_close(&generator->handle); + } return (status); } @@ -1033,6 +1040,10 @@ psa_status_t psa_key_agreement(psa_crypto_generator_t *generator, size_t peer_key_length, psa_algorithm_t alg) { + if (generator->handle != PSA_NULL_HANDLE) { + return (PSA_ERROR_BAD_STATE); + } + psa_crypto_derivation_ipc_t psa_crypto_ipc = { .func = PSA_KEY_AGREEMENT, .handle = private_key_handle, @@ -1050,6 +1061,9 @@ psa_status_t psa_key_agreement(psa_crypto_generator_t *generator, return (status); } status = ipc_call(&generator->handle, in_vec, 2, NULL, 0, false); + if (status != PSA_SUCCESS) { + ipc_close(&generator->handle); + } return (status); } diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c index c4dcf00062..484570ecfb 100644 --- a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c +++ b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c @@ -1622,11 +1622,14 @@ void psa_crypto_generator_operations(void) case PSA_GENERATOR_ABORT: { status = psa_generator_abort(msg.rhandle); + mbedtls_free(msg.rhandle); + psa_set_rhandle(msg.handle, NULL); break; } case PSA_KEY_DERIVATION: { uint8_t *salt = NULL; + uint8_t *label = NULL; if (!psa_crypto_access_control_is_handle_permitted(psa_crypto_ipc.handle, msg.client_id)) { @@ -1635,39 +1638,36 @@ void psa_crypto_generator_operations(void) } salt = mbedtls_calloc(1, msg.in_size[1]); - if (salt == NULL) { + label = mbedtls_calloc(1, msg.in_size[2]); + if (salt == NULL || label == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; + } else { + bytes_read = psa_read(msg.handle, 1, salt, msg.in_size[1]); + if (bytes_read != msg.in_size[1]) { + SPM_PANIC("SPM read length mismatch"); + } + + bytes_read = psa_read(msg.handle, 2, label, msg.in_size[2]); + if (bytes_read != msg.in_size[2]) { + SPM_PANIC("SPM read length mismatch"); + } + + status = psa_key_derivation(msg.rhandle, psa_crypto_ipc.handle, + psa_crypto_ipc.alg, + salt, + msg.in_size[1],//salt length + label, + msg.in_size[2],//label length + psa_crypto_ipc.capacity); + } - bytes_read = psa_read(msg.handle, 1, salt, - msg.in_size[1]); - if (bytes_read != msg.in_size[1]) { - SPM_PANIC("SPM read length mismatch"); - } - - uint8_t *label = mbedtls_calloc(1, msg.in_size[2]); - if (label == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - mbedtls_free(salt); - break; - } - - bytes_read = psa_read(msg.handle, 2, label, - msg.in_size[2]); - if (bytes_read != msg.in_size[2]) { - SPM_PANIC("SPM read length mismatch"); - } - - status = psa_key_derivation(msg.rhandle, psa_crypto_ipc.handle, - psa_crypto_ipc.alg, - salt, - msg.in_size[1],//salt length - label, - msg.in_size[2],//label length - psa_crypto_ipc.capacity); - mbedtls_free(label); mbedtls_free(salt); + mbedtls_free(label); + if (status != PSA_SUCCESS) { + mbedtls_free(msg.rhandle); + psa_set_rhandle(msg.handle, NULL); + } break; } @@ -1684,20 +1684,24 @@ void psa_crypto_generator_operations(void) private_key = mbedtls_calloc(1, msg.in_size[1]); if (private_key == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; + } else { + bytes_read = psa_read(msg.handle, 1, private_key, msg.in_size[1]); + if (bytes_read != msg.in_size[1]) { + SPM_PANIC("SPM read length mismatch"); + } + + status = psa_key_agreement(msg.rhandle, psa_crypto_ipc.handle, + private_key, + msg.in_size[1],//private_key length + psa_crypto_ipc.alg); + mbedtls_free(private_key); } - bytes_read = psa_read(msg.handle, 1, private_key, - msg.in_size[1]); - if (bytes_read != msg.in_size[1]) { - SPM_PANIC("SPM read length mismatch"); + if (status != PSA_SUCCESS) { + mbedtls_free(msg.rhandle); + psa_set_rhandle(msg.handle, NULL); } - status = psa_key_agreement(msg.rhandle, psa_crypto_ipc.handle, - private_key, - msg.in_size[1],//private_key length - psa_crypto_ipc.alg); - mbedtls_free(private_key); break; } @@ -1710,8 +1714,8 @@ void psa_crypto_generator_operations(void) break; } case PSA_IPC_DISCONNECT: { - psa_generator_abort(msg.rhandle); if (msg.rhandle != NULL) { + psa_generator_abort(msg.rhandle); mbedtls_free(msg.rhandle); } From 7b35e763dd646cdbc059b6fefdba479795235073 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Wed, 27 Mar 2019 12:24:01 +0200 Subject: [PATCH 05/15] Do not allocate zero sized buffers - mac --- .../COMPONENT_SPE/psa_crypto_partition.c | 93 +++++++++++-------- 1 file changed, 53 insertions(+), 40 deletions(-) diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c index 484570ecfb..50e584acf4 100644 --- a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c +++ b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c @@ -255,34 +255,37 @@ static void psa_mac_operation(void) } case PSA_MAC_UPDATE: { - uint8_t *input_buffer = NULL; size_t data_remaining = msg.in_size[1]; size_t allocation_size = MIN(data_remaining, MAX_DATA_CHUNK_SIZE_IN_BYTES); size_t size_to_read = 0; - input_buffer = mbedtls_calloc(1, allocation_size); - if (input_buffer == NULL) { - psa_mac_abort(msg.rhandle); - status = PSA_ERROR_INSUFFICIENT_MEMORY; - } else { - while (data_remaining > 0) { - size_to_read = MIN(data_remaining, MAX_DATA_CHUNK_SIZE_IN_BYTES); - bytes_read = psa_read(msg.handle, 1, input_buffer, size_to_read); + if (allocation_size > 0) { + input_buffer = mbedtls_calloc(1, allocation_size); + if (input_buffer == NULL) { + psa_mac_abort(msg.rhandle); + status = PSA_ERROR_INSUFFICIENT_MEMORY; + } else { + while (data_remaining > 0) { + size_to_read = MIN(data_remaining, MAX_DATA_CHUNK_SIZE_IN_BYTES); - if (bytes_read != size_to_read) { - SPM_PANIC("SPM read length mismatch"); + bytes_read = psa_read(msg.handle, 1, input_buffer, size_to_read); + if (bytes_read != size_to_read) { + SPM_PANIC("SPM read length mismatch"); + } + + status = psa_mac_update(msg.rhandle, input_buffer, bytes_read); + // stop on error + if (status != PSA_SUCCESS) { + break; + } + data_remaining = data_remaining - bytes_read; } - status = psa_mac_update(msg.rhandle, input_buffer, bytes_read); - // stop on error - if (status != PSA_SUCCESS) { - break; - } - data_remaining = data_remaining - bytes_read; + mbedtls_free(input_buffer); } - - mbedtls_free(input_buffer); + } else { + status = psa_mac_update(msg.rhandle, input_buffer, allocation_size); } if (status != PSA_SUCCESS) { @@ -293,25 +296,30 @@ static void psa_mac_operation(void) } case PSA_MAC_SIGN_FINISH: { - size_t mac_size = 0; - bytes_read = psa_read(msg.handle, 1, &mac_size, - msg.in_size[1]); + uint8_t *mac = NULL; + size_t mac_size = 0, mac_length = 0; + + bytes_read = psa_read(msg.handle, 1, &mac_size, msg.in_size[1]); if (bytes_read != msg.in_size[1]) { SPM_PANIC("SPM read length mismatch"); } - size_t mac_length = 0; - uint8_t *mac = mbedtls_calloc(1, mac_size); - if (mac == NULL) { - psa_mac_abort(msg.rhandle); - status = PSA_ERROR_INSUFFICIENT_MEMORY; - } else { + if (mac_size > 0) { + mac = mbedtls_calloc(1, mac_size); + if (mac == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + } + } + + if (status == PSA_SUCCESS) { status = psa_mac_sign_finish(msg.rhandle, mac, mac_size, &mac_length); if (status == PSA_SUCCESS) { psa_write(msg.handle, 0, mac, mac_length); psa_write(msg.handle, 1, &mac_length, sizeof(mac_length)); } mbedtls_free(mac); + } else { + psa_mac_abort(msg.rhandle); } mbedtls_free(msg.rhandle); @@ -320,26 +328,31 @@ static void psa_mac_operation(void) } case PSA_MAC_VERIFY_FINISH: { + uint8_t *mac = NULL; size_t mac_length = 0; - bytes_read = psa_read(msg.handle, 1, &mac_length, - msg.in_size[1]); - if (bytes_read != msg.in_size[1] || - mac_length != msg.in_size[2]) { + + bytes_read = psa_read(msg.handle, 1, &mac_length, msg.in_size[1]); + if (bytes_read != msg.in_size[1] || mac_length != msg.in_size[2]) { SPM_PANIC("SPM read length mismatch"); } - uint8_t *mac = mbedtls_calloc(1, mac_length); - if (mac == NULL) { - psa_mac_abort(msg.rhandle); - status = PSA_ERROR_INSUFFICIENT_MEMORY; - } else { - bytes_read = psa_read(msg.handle, 2, mac, msg.in_size[2]); - if (bytes_read != msg.in_size[2]) { - SPM_PANIC("SPM read length mismatch"); + if (mac_length > 0) { + mac = mbedtls_calloc(1, mac_length); + if (mac == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + } else { + bytes_read = psa_read(msg.handle, 2, mac, mac_length); + if (bytes_read != mac_length) { + SPM_PANIC("SPM read length mismatch"); + } } + } + if (status == PSA_SUCCESS) { status = psa_mac_verify_finish(msg.rhandle, mac, mac_length); mbedtls_free(mac); + } else { + psa_mac_abort(msg.rhandle); } mbedtls_free(msg.rhandle); From 979ca1ee55917d7abc29aa6864b5153bd775ee91 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Wed, 27 Mar 2019 12:58:29 +0200 Subject: [PATCH 06/15] Do not allocate zero sized buffers - hash --- .../COMPONENT_SPE/psa_crypto_partition.c | 91 +++++++++++-------- 1 file changed, 53 insertions(+), 38 deletions(-) diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c index 50e584acf4..5097fa5273 100644 --- a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c +++ b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c @@ -447,27 +447,32 @@ static void psa_hash_operation(void) size_t size_to_read = 0; size_t allocation_size = MIN(data_remaining, MAX_DATA_CHUNK_SIZE_IN_BYTES); - input_buffer = mbedtls_calloc(1, allocation_size); - if (input_buffer == NULL) { - psa_hash_abort(msg.rhandle); - status = PSA_ERROR_INSUFFICIENT_MEMORY; - } else { - while (data_remaining > 0) { - size_to_read = MIN(data_remaining, MAX_DATA_CHUNK_SIZE_IN_BYTES); - bytes_read = psa_read(msg.handle, 1, input_buffer, size_to_read); + if (allocation_size > 0) { + input_buffer = mbedtls_calloc(1, allocation_size); + if (input_buffer == NULL) { + psa_hash_abort(msg.rhandle); + status = PSA_ERROR_INSUFFICIENT_MEMORY; + } else { + while (data_remaining > 0) { + size_to_read = MIN(data_remaining, MAX_DATA_CHUNK_SIZE_IN_BYTES); - if (bytes_read != size_to_read) { - SPM_PANIC("SPM read length mismatch"); + bytes_read = psa_read(msg.handle, 1, input_buffer, size_to_read); + if (bytes_read != size_to_read) { + SPM_PANIC("SPM read length mismatch"); + } + + status = psa_hash_update(msg.rhandle, input_buffer, bytes_read); + // stop on error + if (status != PSA_SUCCESS) { + break; + } + data_remaining = data_remaining - bytes_read; } - status = psa_hash_update(msg.rhandle, input_buffer, bytes_read); - // stop on error - if (status != PSA_SUCCESS) { - break; - } - data_remaining = data_remaining - bytes_read; + mbedtls_free(input_buffer); } - mbedtls_free(input_buffer); + } else { + status = psa_hash_update(msg.rhandle, input_buffer, allocation_size); } if (status != PSA_SUCCESS) { @@ -479,25 +484,30 @@ static void psa_hash_operation(void) } case PSA_HASH_FINISH: { - size_t hash_size = 0; - bytes_read = psa_read(msg.handle, 1, &hash_size, - msg.in_size[1]); + uint8_t *hash = NULL; + size_t hash_size = 0, hash_length = 0; + + bytes_read = psa_read(msg.handle, 1, &hash_size, msg.in_size[1]); if (bytes_read != msg.in_size[1]) { SPM_PANIC("SPM read length mismatch"); } - size_t hash_length = 0; - uint8_t *hash = mbedtls_calloc(1, hash_size); - if (hash == NULL) { - psa_hash_abort(msg.rhandle); - status = PSA_ERROR_INSUFFICIENT_MEMORY; - } else { + if (hash_size > 0) { + hash = mbedtls_calloc(1, hash_size); + if (hash == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + } + } + + if (status == PSA_SUCCESS) { status = psa_hash_finish(msg.rhandle, hash, hash_size, &hash_length); if (status == PSA_SUCCESS) { psa_write(msg.handle, 0, hash, hash_length); psa_write(msg.handle, 1, &hash_length, sizeof(hash_length)); } mbedtls_free(hash); + } else { + psa_hash_abort(msg.rhandle); } destroy_hash_clone(msg.rhandle); @@ -507,26 +517,31 @@ static void psa_hash_operation(void) } case PSA_HASH_VERIFY: { + uint8_t *hash = NULL; size_t hash_length = 0; - bytes_read = psa_read(msg.handle, 1, &hash_length, - msg.in_size[1]); - if (bytes_read != msg.in_size[1] || - hash_length != msg.in_size[2]) { + + bytes_read = psa_read(msg.handle, 1, &hash_length, msg.in_size[1]); + if (bytes_read != msg.in_size[1] || hash_length != msg.in_size[2]) { SPM_PANIC("SPM read length mismatch"); } - uint8_t *hash = mbedtls_calloc(1, hash_length); - if (hash == NULL) { - psa_hash_abort(msg.rhandle); - status = PSA_ERROR_INSUFFICIENT_MEMORY; - } else { - bytes_read = psa_read(msg.handle, 2, hash, msg.in_size[2]); - if (bytes_read != msg.in_size[2]) { - SPM_PANIC("SPM read length mismatch"); + if (hash_length > 0) { + hash = mbedtls_calloc(1, hash_length); + if (hash == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + } else { + bytes_read = psa_read(msg.handle, 2, hash, hash_length); + if (bytes_read != hash_length) { + SPM_PANIC("SPM read length mismatch"); + } } + } + if (status == PSA_SUCCESS) { status = psa_hash_verify(msg.rhandle, hash, hash_length); mbedtls_free(hash); + } else { + psa_hash_abort(msg.rhandle); } destroy_hash_clone(msg.rhandle); From 18feb26ca7511bed4c6f56514556d0ba1dda8f3e Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Wed, 27 Mar 2019 13:59:05 +0200 Subject: [PATCH 07/15] Do not allocate zero sized buffers - asymmetric --- .../COMPONENT_SPE/psa_crypto_partition.c | 202 +++++++++--------- 1 file changed, 96 insertions(+), 106 deletions(-) diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c index 5097fa5273..2977a80010 100644 --- a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c +++ b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c @@ -652,82 +652,81 @@ static void psa_asymmetric_operation(void) switch (psa_crypto.func) { case PSA_ASYMMETRIC_SIGN: { - uint8_t *signature; - uint8_t *hash; - size_t signature_length = 0; + uint8_t *signature = NULL; + uint8_t *hash = NULL; + size_t signature_length = 0, + signature_size = msg.out_size[0], + hash_size = msg.in_size[1]; - signature = mbedtls_calloc(1, msg.out_size[0]); - if (signature == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; + if (signature_size > 0) { + signature = mbedtls_calloc(1, signature_size); + if (signature == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + } } - - hash = mbedtls_calloc(1, msg.in_size[1]); - if (hash == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - mbedtls_free(signature); - break; + if (status == PSA_SUCCESS && hash_size > 0) { + hash = mbedtls_calloc(1, hash_size); + if (hash == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + } else { + bytes_read = psa_read(msg.handle, 1, hash, hash_size); + if (bytes_read != hash_size) { + SPM_PANIC("SPM read length mismatch"); + } + } } - bytes_read = psa_read(msg.handle, 1, - hash, msg.in_size[1]); - if (bytes_read != msg.in_size[1]) { - SPM_PANIC("SPM read length mismatch"); - } - - status = psa_asymmetric_sign(psa_crypto.handle, - psa_crypto.alg, - hash, - msg.in_size[1], - signature, - msg.out_size[0], - &signature_length); - if (status == PSA_SUCCESS) { - psa_write(msg.handle, 0, signature, signature_length); + status = psa_asymmetric_sign(psa_crypto.handle, psa_crypto.alg, + hash, hash_size, + signature, signature_size, &signature_length); + + if (status == PSA_SUCCESS) { + psa_write(msg.handle, 0, signature, signature_length); + } + psa_write(msg.handle, 1, &signature_length, sizeof(signature_length)); } - psa_write(msg.handle, 1, - &signature_length, sizeof(signature_length)); mbedtls_free(hash); mbedtls_free(signature); break; } case PSA_ASYMMETRIC_VERIFY: { - uint8_t *signature; - uint8_t *hash; - signature = mbedtls_calloc(1, msg.in_size[1]); - if (signature == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; + uint8_t *signature = NULL; + uint8_t *hash = NULL; + size_t signature_size = msg.in_size[1], + hash_size = msg.in_size[2]; + + if (signature_size > 0) { + signature = mbedtls_calloc(1, signature_size); + if (signature == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + } else { + bytes_read = psa_read(msg.handle, 1, signature, signature_size); + if (bytes_read != signature_size) { + SPM_PANIC("SPM read length mismatch"); + } + } + } + if (status == PSA_SUCCESS && hash_size > 0) { + hash = mbedtls_calloc(1, hash_size); + if (hash == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + } else { + bytes_read = psa_read(msg.handle, 2, hash, hash_size); + if (bytes_read != hash_size) { + SPM_PANIC("SPM read length mismatch"); + } + } } - bytes_read = psa_read(msg.handle, 1, - signature, msg.in_size[1]); - if (bytes_read != msg.in_size[1]) { - SPM_PANIC("SPM read length mismatch"); + if (status == PSA_SUCCESS) { + status = psa_asymmetric_verify(psa_crypto.handle, psa_crypto.alg, + hash, hash_size, + signature, signature_size); } - hash = mbedtls_calloc(1, msg.in_size[2]); - if (hash == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - mbedtls_free(signature); - break; - } - - bytes_read = psa_read(msg.handle, 2, - hash, msg.in_size[2]); - if (bytes_read != msg.in_size[2]) { - SPM_PANIC("SPM read length mismatch"); - } - - status = psa_asymmetric_verify(psa_crypto.handle, - psa_crypto.alg, - hash, - msg.in_size[2], - signature, - msg.in_size[1]); mbedtls_free(signature); mbedtls_free(hash); break; @@ -735,59 +734,50 @@ static void psa_asymmetric_operation(void) case PSA_ASYMMETRIC_ENCRYPT: case PSA_ASYMMETRIC_DECRYPT: { - uint8_t *input; - uint8_t *salt; - uint8_t *output; - size_t output_length = 0; + uint8_t *input = NULL, *salt = NULL, *output = NULL, *buffer = NULL; + size_t output_length = 0, + buffer_size = msg.in_size[1], + output_size = msg.out_size[0]; - uint8_t *buffer = mbedtls_calloc(1, msg.in_size[1]); - if (buffer == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; + if (buffer_size > 0) { + buffer = mbedtls_calloc(1, buffer_size); + if (buffer == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + } else { + bytes_read = psa_read(msg.handle, 1, buffer, buffer_size); + if (bytes_read != buffer_size) { + SPM_PANIC("SPM read length mismatch"); + } + + input = buffer; + salt = buffer + psa_crypto.input_length; + } } - - bytes_read = psa_read(msg.handle, 1, buffer, - msg.in_size[1]); - if (bytes_read != msg.in_size[1]) { - SPM_PANIC("SPM read length mismatch"); + if (status == PSA_SUCCESS && output_size > 0) { + output = mbedtls_calloc(1, output_size); + if (output == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + } } - input = buffer; - salt = buffer + psa_crypto.input_length; - output = mbedtls_calloc(1, msg.out_size[0]); - if (output == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - mbedtls_free(buffer); - break; - } - - if (psa_crypto.func == PSA_ASYMMETRIC_ENCRYPT) - status = psa_asymmetric_encrypt(psa_crypto.handle, - psa_crypto.alg, - input, - psa_crypto.input_length, - salt, - psa_crypto.salt_length, - output, - msg.out_size[0], - &output_length); - else - status = psa_asymmetric_decrypt(psa_crypto.handle, - psa_crypto.alg, - input, - psa_crypto.input_length, - salt, - psa_crypto.salt_length, - output, - msg.out_size[0], - &output_length); - if (status == PSA_SUCCESS) { - psa_write(msg.handle, 0, output, output_length); - } + if (psa_crypto.func == PSA_ASYMMETRIC_ENCRYPT) { + status = psa_asymmetric_encrypt(psa_crypto.handle, psa_crypto.alg, + input, psa_crypto.input_length, + salt, psa_crypto.salt_length, + output, output_size, &output_length); + } else { + status = psa_asymmetric_decrypt(psa_crypto.handle, psa_crypto.alg, + input, psa_crypto.input_length, + salt, psa_crypto.salt_length, + output, output_size, &output_length); + } - psa_write(msg.handle, 1, - &output_length, sizeof(output_length)); + if (status == PSA_SUCCESS) { + psa_write(msg.handle, 0, output, output_length); + } + psa_write(msg.handle, 1, &output_length, sizeof(output_length)); + } mbedtls_free(output); mbedtls_free(buffer); From 19952d990cd999b9e6f2c64546c9d81f49afdc92 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Wed, 27 Mar 2019 14:10:30 +0200 Subject: [PATCH 08/15] Do not allocate zero sized buffers - aead --- .../COMPONENT_SPE/psa_crypto_partition.c | 92 +++++++++---------- 1 file changed, 41 insertions(+), 51 deletions(-) diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c index 2977a80010..c6920271bc 100644 --- a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c +++ b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c @@ -839,63 +839,53 @@ static void psa_aead_operation() switch (psa_crypto.func) { case PSA_AEAD_ENCRYPT: case PSA_AEAD_DECRYPT: { - uint8_t *input; - uint8_t *additional_data; - uint8_t *output; - size_t output_length = 0; + uint8_t *input = NULL, *additional_data = NULL, *output = NULL, *buffer = NULL; + size_t output_length = 0, + buffer_size = msg.in_size[1], + output_size = msg.out_size[0]; - uint8_t *buffer = mbedtls_calloc(1, msg.in_size[1]); - if (buffer == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; + if (buffer_size > 0) { + buffer = mbedtls_calloc(1, buffer_size); + if (buffer == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + } else { + bytes_read = psa_read(msg.handle, 1, buffer, buffer_size); + if (bytes_read != buffer_size) { + SPM_PANIC("SPM read length mismatch"); + } + + additional_data = buffer; + input = buffer + psa_crypto.additional_data_length; + } } - - bytes_read = psa_read(msg.handle, 1, buffer, - msg.in_size[1]); - if (bytes_read != msg.in_size[1]) { - SPM_PANIC("SPM read length mismatch"); + if (status == PSA_SUCCESS && output_size > 0) { + output = mbedtls_calloc(1, output_size); + if (output == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + } } - additional_data = buffer; - input = buffer + psa_crypto.additional_data_length; - - output = mbedtls_calloc(1, msg.out_size[0]); - if (output == NULL) { - mbedtls_free(buffer); - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } - - if (psa_crypto.func == PSA_AEAD_ENCRYPT) - status = psa_aead_encrypt(psa_crypto.handle, - psa_crypto.alg, - psa_crypto.nonce, - (size_t)psa_crypto.nonce_size, - additional_data, - psa_crypto.additional_data_length, - input, - psa_crypto.input_length, - output, - msg.out_size[0], - &output_length); - else - status = psa_aead_decrypt(psa_crypto.handle, - psa_crypto.alg, - psa_crypto.nonce, - (size_t)psa_crypto.nonce_size, - additional_data, - psa_crypto.additional_data_length, - input, - psa_crypto.input_length, - output, - msg.out_size[0], - &output_length); - if (status == PSA_SUCCESS) { - psa_write(msg.handle, 0, output, output_length); - psa_write(msg.handle, 1, - &output_length, sizeof(output_length)); + if (psa_crypto.func == PSA_AEAD_ENCRYPT) { + status = psa_aead_encrypt(psa_crypto.handle, psa_crypto.alg, + psa_crypto.nonce, (size_t)psa_crypto.nonce_size, + additional_data, psa_crypto.additional_data_length, + input, psa_crypto.input_length, + output, output_size, &output_length); + } else { + status = psa_aead_decrypt(psa_crypto.handle, psa_crypto.alg, + psa_crypto.nonce, (size_t)psa_crypto.nonce_size, + additional_data, psa_crypto.additional_data_length, + input, psa_crypto.input_length, + output, output_size, &output_length); + } + + if (status == PSA_SUCCESS) { + psa_write(msg.handle, 0, output, output_length); + psa_write(msg.handle, 1, &output_length, sizeof(output_length)); + } } + mbedtls_free(buffer); mbedtls_free(output); break; From f3294ef33839651e848109d3080eb7f8c5f59448 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Wed, 27 Mar 2019 14:37:29 +0200 Subject: [PATCH 09/15] Do not allocate zero sized buffers - cipher --- .../COMPONENT_SPE/psa_crypto_partition.c | 56 ++++++++++++------- 1 file changed, 35 insertions(+), 21 deletions(-) diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c index c6920271bc..dd0385d430 100644 --- a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c +++ b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c @@ -1009,30 +1009,39 @@ static void psa_symmetric_operation(void) } case PSA_CIPHER_UPDATE: { - size_t input_length = msg.in_size[1]; - size_t output_size = msg.out_size[0]; - size_t output_length = 0; + size_t input_length = msg.in_size[1], + output_size = msg.out_size[0], + output_length = 0; uint8_t *input = NULL; unsigned char *output = NULL; - input = mbedtls_calloc(1, input_length); - output = mbedtls_calloc(1, output_size); - if (input == NULL || output == NULL) { - psa_cipher_abort(msg.rhandle); - status = PSA_ERROR_INSUFFICIENT_MEMORY; - } else { - bytes_read = psa_read(msg.handle, 1, input, input_length); - if (bytes_read != input_length) { - SPM_PANIC("SPM read length mismatch"); + if (input_length > 0) { + input = mbedtls_calloc(1, input_length); + if (input == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + } else { + bytes_read = psa_read(msg.handle, 1, input, input_length); + if (bytes_read != input_length) { + SPM_PANIC("SPM read length mismatch"); + } } + } + if (status == PSA_SUCCESS && output_size > 0) { + output = mbedtls_calloc(1, output_size); + if (output == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + } + } + if (status == PSA_SUCCESS) { status = psa_cipher_update(msg.rhandle, input, input_length, output, output_size, &output_length); if (status == PSA_SUCCESS) { psa_write(msg.handle, 0, output, output_length); psa_write(msg.handle, 1, &output_length, sizeof(output_length)); } - + } else { + psa_cipher_abort(msg.rhandle); } mbedtls_free(input); @@ -1045,21 +1054,26 @@ static void psa_symmetric_operation(void) } case PSA_CIPHER_FINISH: { - uint8_t *output; - size_t output_size = msg.out_size[0]; - size_t output_length = 0; + uint8_t *output = NULL; + size_t output_size = msg.out_size[0], + output_length = 0; - output = mbedtls_calloc(1, output_size); - if (output == NULL) { - psa_cipher_abort(msg.rhandle); - status = PSA_ERROR_INSUFFICIENT_MEMORY; - } else { + if (output_size > 0) { + output = mbedtls_calloc(1, output_size); + if (output == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + } + } + + if (status == PSA_SUCCESS) { status = psa_cipher_finish(msg.rhandle, output, output_size, &output_length); if (status == PSA_SUCCESS) { psa_write(msg.handle, 0, output, output_length); psa_write(msg.handle, 1, &output_length, sizeof(output_length)); } mbedtls_free(output); + } else { + psa_cipher_abort(msg.rhandle); } mbedtls_free(msg.rhandle); From 19b83812d4c3ece94f4e94be90954f6913edbf3e Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Wed, 27 Mar 2019 15:14:37 +0200 Subject: [PATCH 10/15] Do not allocate zero sized buffers - keys --- .../COMPONENT_SPE/psa_crypto_partition.c | 55 +++++++++---------- 1 file changed, 26 insertions(+), 29 deletions(-) diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c index dd0385d430..1657a21333 100644 --- a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c +++ b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c @@ -1212,16 +1212,17 @@ static void psa_key_management_operation(void) size_t key_length = msg.in_size[1]; uint8_t *key = NULL; - if (!psa_crypto_access_control_is_handle_permitted(psa_key_mng.handle, - partition_id)) { + if (!psa_crypto_access_control_is_handle_permitted(psa_key_mng.handle, partition_id)) { status = PSA_ERROR_INVALID_HANDLE; break; } - key = mbedtls_calloc(1, key_length); - if (key == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; + if (key_length > 0) { + key = mbedtls_calloc(1, key_length); + if (key == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + break; + } } bytes_read = psa_read(msg.handle, 1, key, key_length); @@ -1229,9 +1230,7 @@ static void psa_key_management_operation(void) SPM_PANIC("SPM read length mismatch"); } - status = psa_import_key(psa_key_mng.handle, - psa_key_mng.type, - key, key_length); + status = psa_import_key(psa_key_mng.handle, psa_key_mng.type, key, key_length); mbedtls_free(key); break; } @@ -1277,26 +1276,25 @@ static void psa_key_management_operation(void) size_t data_length; uint8_t *key = NULL; - if (!psa_crypto_access_control_is_handle_permitted(psa_key_mng.handle, - partition_id)) { + if (!psa_crypto_access_control_is_handle_permitted(psa_key_mng.handle, partition_id)) { status = PSA_ERROR_INVALID_HANDLE; break; } - key = mbedtls_calloc(1, key_length); - if (key == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; + if (key_length > 0) { + key = mbedtls_calloc(1, key_length); + if (key == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + break; + } } - status = psa_export_key(psa_key_mng.handle, key, - key_length, &data_length); + status = psa_export_key(psa_key_mng.handle, key, key_length, &data_length); if (status == PSA_SUCCESS) { psa_write(msg.handle, 0, key, data_length); } + psa_write(msg.handle, 1, &data_length, sizeof(size_t)); - psa_write(msg.handle, 1, - &data_length, sizeof(size_t)); mbedtls_free(key); break; } @@ -1306,26 +1304,25 @@ static void psa_key_management_operation(void) size_t data_length; uint8_t *key = NULL; - if (!psa_crypto_access_control_is_handle_permitted(psa_key_mng.handle, - partition_id)) { + if (!psa_crypto_access_control_is_handle_permitted(psa_key_mng.handle, partition_id)) { status = PSA_ERROR_INVALID_HANDLE; break; } - key = mbedtls_calloc(1, key_length); - if (key == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; + if (key_length > 0) { + key = mbedtls_calloc(1, key_length); + if (key == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + break; + } } - status = psa_export_public_key(psa_key_mng.handle, key, - key_length, &data_length); + status = psa_export_public_key(psa_key_mng.handle, key, key_length, &data_length); if (status == PSA_SUCCESS) { psa_write(msg.handle, 0, key, data_length); } + psa_write(msg.handle, 1, &data_length, sizeof(size_t)); - psa_write(msg.handle, 1, - &data_length, sizeof(size_t)); mbedtls_free(key); break; } From abd9c661ce66a609669df77798248a70ddf8e9d0 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Wed, 27 Mar 2019 15:16:49 +0200 Subject: [PATCH 11/15] Do not allocate zero sized buffers - entropy --- .../crypto/COMPONENT_SPE/psa_crypto_partition.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c index 1657a21333..fbad1f8fd4 100644 --- a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c +++ b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c @@ -1467,6 +1467,7 @@ static void psa_entropy_operation(void) case PSA_IPC_CALL: { #if (defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO)) + unsigned char *seed = NULL; uint32_t bytes_read; size_t seed_size = msg.in_size[0]; if (MBEDTLS_ENTROPY_MAX_SEED_SIZE < seed_size) { @@ -1474,10 +1475,12 @@ static void psa_entropy_operation(void) break; } - unsigned char *seed = mbedtls_calloc(1, seed_size); - if (seed == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; + if (seed_size > 0) { + seed = mbedtls_calloc(1, seed_size); + if (seed == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + break; + } } bytes_read = psa_read(msg.handle, 0, seed, seed_size); From 749b1e30bb747a99fc231ee66e7c2c07ad65983a Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Wed, 27 Mar 2019 15:18:45 +0200 Subject: [PATCH 12/15] Do not allocate zero sized buffers - rng --- .../crypto/COMPONENT_SPE/psa_crypto_partition.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c index fbad1f8fd4..8f907527c9 100644 --- a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c +++ b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c @@ -1522,10 +1522,14 @@ static void psa_rng_operation(void) case PSA_IPC_CALL: { size_t random_size = msg.out_size[0]; - unsigned char *random = mbedtls_calloc(1, random_size); - if (random == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; + unsigned char *random = NULL; + + if (random_size > 0) { + random = mbedtls_calloc(1, random_size); + if (random == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + break; + } } status = psa_generate_random(random, random_size); From b26890e62d4dddabc0c0b437c670d39ffd0d82bc Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Wed, 27 Mar 2019 15:35:50 +0200 Subject: [PATCH 13/15] Do not allocate zero sized buffers - generators --- .../COMPONENT_SPE/psa_crypto_partition.c | 92 ++++++++++--------- 1 file changed, 48 insertions(+), 44 deletions(-) diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c index 8f907527c9..80ef5d8c72 100644 --- a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c +++ b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c @@ -1603,14 +1603,15 @@ void psa_crypto_generator_operations(void) uint8_t *output = NULL; size_t output_length = msg.out_size[0]; - output = mbedtls_calloc(1, output_length); - if (output == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; + if (output_length > 0) { + output = mbedtls_calloc(1, output_length); + if (output == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + break; + } } - status = psa_generator_read(msg.rhandle, - output, output_length); + status = psa_generator_read(msg.rhandle, output, output_length); if (status == PSA_SUCCESS) { psa_write(msg.handle, 0, output, output_length); } @@ -1654,38 +1655,41 @@ void psa_crypto_generator_operations(void) } case PSA_KEY_DERIVATION: { - uint8_t *salt = NULL; - uint8_t *label = NULL; + uint8_t *salt = NULL, *label = NULL; + size_t salt_size = msg.in_size[1], + label_size = msg.in_size[2]; - if (!psa_crypto_access_control_is_handle_permitted(psa_crypto_ipc.handle, - msg.client_id)) { + if (!psa_crypto_access_control_is_handle_permitted(psa_crypto_ipc.handle, msg.client_id)) { status = PSA_ERROR_INVALID_HANDLE; break; } - salt = mbedtls_calloc(1, msg.in_size[1]); - label = mbedtls_calloc(1, msg.in_size[2]); - if (salt == NULL || label == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - } else { - bytes_read = psa_read(msg.handle, 1, salt, msg.in_size[1]); - if (bytes_read != msg.in_size[1]) { - SPM_PANIC("SPM read length mismatch"); + if (salt_size > 0) { + salt = mbedtls_calloc(1, salt_size); + if (salt == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + } else { + bytes_read = psa_read(msg.handle, 1, salt, salt_size); + if (bytes_read != salt_size) { + SPM_PANIC("SPM read length mismatch"); + } } - - bytes_read = psa_read(msg.handle, 2, label, msg.in_size[2]); - if (bytes_read != msg.in_size[2]) { - SPM_PANIC("SPM read length mismatch"); + } + if (status == PSA_SUCCESS && label_size > 0) { + label = mbedtls_calloc(1, label_size); + if (label == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + } else { + bytes_read = psa_read(msg.handle, 2, label, label_size); + if (bytes_read != label_size) { + SPM_PANIC("SPM read length mismatch"); + } } + } - status = psa_key_derivation(msg.rhandle, psa_crypto_ipc.handle, - psa_crypto_ipc.alg, - salt, - msg.in_size[1],//salt length - label, - msg.in_size[2],//label length - psa_crypto_ipc.capacity); - + if (status == PSA_SUCCESS) { + status = psa_key_derivation(msg.rhandle, psa_crypto_ipc.handle, psa_crypto_ipc.alg, + salt, salt_size, label, label_size, psa_crypto_ipc.capacity); } mbedtls_free(salt); @@ -1694,32 +1698,33 @@ void psa_crypto_generator_operations(void) mbedtls_free(msg.rhandle); psa_set_rhandle(msg.handle, NULL); } - break; } case PSA_KEY_AGREEMENT: { uint8_t *private_key = NULL; + size_t private_key_size = msg.in_size[1]; - if (!psa_crypto_access_control_is_handle_permitted(psa_crypto_ipc.handle, - msg.client_id)) { + if (!psa_crypto_access_control_is_handle_permitted(psa_crypto_ipc.handle, msg.client_id)) { status = PSA_ERROR_INVALID_HANDLE; break; } - private_key = mbedtls_calloc(1, msg.in_size[1]); - if (private_key == NULL) { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - } else { - bytes_read = psa_read(msg.handle, 1, private_key, msg.in_size[1]); - if (bytes_read != msg.in_size[1]) { - SPM_PANIC("SPM read length mismatch"); + if (private_key_size > 0) { + private_key = mbedtls_calloc(1, private_key_size); + if (private_key == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + } else { + bytes_read = psa_read(msg.handle, 1, private_key, private_key_size); + if (bytes_read != private_key_size) { + SPM_PANIC("SPM read length mismatch"); + } } + } + if (status == PSA_SUCCESS) { status = psa_key_agreement(msg.rhandle, psa_crypto_ipc.handle, - private_key, - msg.in_size[1],//private_key length - psa_crypto_ipc.alg); + private_key, private_key_size, psa_crypto_ipc.alg); mbedtls_free(private_key); } @@ -1727,7 +1732,6 @@ void psa_crypto_generator_operations(void) mbedtls_free(msg.rhandle); psa_set_rhandle(msg.handle, NULL); } - break; } From a446ee63c72e2619273f9a0d095d6ef2001268fe Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Wed, 27 Mar 2019 16:13:46 +0200 Subject: [PATCH 14/15] Rename internal function destroy_hash_clone to clear_hash_clone --- .../crypto/COMPONENT_SPE/psa_crypto_partition.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c index 80ef5d8c72..e376639184 100644 --- a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c +++ b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c @@ -89,7 +89,7 @@ static inline void release_hash_clone(psa_spm_hash_clone_t *hash_clone) } } -static void destroy_hash_clone(void *source_operation) +static void clear_hash_clone(void *source_operation) { for (size_t i = 0; i < MAX_CONCURRENT_HASH_CLONES; i++) { if (psa_spm_hash_clones[i].source_operation == source_operation) { @@ -476,7 +476,7 @@ static void psa_hash_operation(void) } if (status != PSA_SUCCESS) { - destroy_hash_clone(msg.rhandle); + clear_hash_clone(msg.rhandle); mbedtls_free(msg.rhandle); psa_set_rhandle(msg.handle, NULL); } @@ -510,7 +510,7 @@ static void psa_hash_operation(void) psa_hash_abort(msg.rhandle); } - destroy_hash_clone(msg.rhandle); + clear_hash_clone(msg.rhandle); mbedtls_free(msg.rhandle); psa_set_rhandle(msg.handle, NULL); break; @@ -544,7 +544,7 @@ static void psa_hash_operation(void) psa_hash_abort(msg.rhandle); } - destroy_hash_clone(msg.rhandle); + clear_hash_clone(msg.rhandle); mbedtls_free(msg.rhandle); psa_set_rhandle(msg.handle, NULL); break; @@ -552,7 +552,7 @@ static void psa_hash_operation(void) case PSA_HASH_ABORT: { status = psa_hash_abort(msg.rhandle); - destroy_hash_clone(msg.rhandle); + clear_hash_clone(msg.rhandle); mbedtls_free(msg.rhandle); psa_set_rhandle(msg.handle, NULL); break; @@ -600,7 +600,7 @@ static void psa_hash_operation(void) case PSA_IPC_DISCONNECT: { if (msg.rhandle != NULL) { psa_hash_abort(msg.rhandle); - destroy_hash_clone(msg.rhandle); + clear_hash_clone(msg.rhandle); mbedtls_free(msg.rhandle); } From 2b81588664743a395f0b89a07d915ccc507f87d3 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Thu, 28 Mar 2019 12:53:11 +0200 Subject: [PATCH 15/15] Add message context cleanup helper function --- .../COMPONENT_SPE/psa_crypto_partition.c | 80 ++++++++----------- 1 file changed, 32 insertions(+), 48 deletions(-) diff --git a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c index e376639184..13c6a06a4a 100644 --- a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c +++ b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c @@ -114,6 +114,12 @@ static inline psa_status_t get_hash_clone(size_t index, int32_t partition_id, return PSA_SUCCESS; } +static void free_message_context(psa_msg_t *msg) +{ + mbedtls_free(msg->rhandle); + psa_set_rhandle(msg->handle, NULL); +} + // ------------------------- Partition's Main Thread --------------------------- static void psa_crypto_init_operation(void) { @@ -234,8 +240,7 @@ static void psa_mac_operation(void) } if (status != PSA_SUCCESS) { - mbedtls_free(msg.rhandle); - psa_set_rhandle(msg.handle, NULL); + free_message_context(&msg); } break; } @@ -248,8 +253,7 @@ static void psa_mac_operation(void) } if (status != PSA_SUCCESS) { - mbedtls_free(msg.rhandle); - psa_set_rhandle(msg.handle, NULL); + free_message_context(&msg); } break; } @@ -289,8 +293,7 @@ static void psa_mac_operation(void) } if (status != PSA_SUCCESS) { - mbedtls_free(msg.rhandle); - psa_set_rhandle(msg.handle, NULL); + free_message_context(&msg); } break; } @@ -322,8 +325,7 @@ static void psa_mac_operation(void) psa_mac_abort(msg.rhandle); } - mbedtls_free(msg.rhandle); - psa_set_rhandle(msg.handle, NULL); + free_message_context(&msg); break; } @@ -355,15 +357,13 @@ static void psa_mac_operation(void) psa_mac_abort(msg.rhandle); } - mbedtls_free(msg.rhandle); - psa_set_rhandle(msg.handle, NULL); + free_message_context(&msg); break; } case PSA_MAC_ABORT: { status = psa_mac_abort(msg.rhandle); - mbedtls_free(msg.rhandle); - psa_set_rhandle(msg.handle, NULL); + free_message_context(&msg); break; } @@ -381,7 +381,7 @@ static void psa_mac_operation(void) case PSA_IPC_DISCONNECT: { if (msg.rhandle != NULL) { psa_mac_abort(msg.rhandle); - mbedtls_free(msg.rhandle); + free_message_context(&msg); } break; @@ -435,8 +435,7 @@ static void psa_hash_operation(void) status = psa_hash_setup(msg.rhandle, psa_crypto.alg); if (status != PSA_SUCCESS) { - mbedtls_free(msg.rhandle); - psa_set_rhandle(msg.handle, NULL); + free_message_context(&msg); } break; } @@ -477,8 +476,7 @@ static void psa_hash_operation(void) if (status != PSA_SUCCESS) { clear_hash_clone(msg.rhandle); - mbedtls_free(msg.rhandle); - psa_set_rhandle(msg.handle, NULL); + free_message_context(&msg); } break; } @@ -511,8 +509,7 @@ static void psa_hash_operation(void) } clear_hash_clone(msg.rhandle); - mbedtls_free(msg.rhandle); - psa_set_rhandle(msg.handle, NULL); + free_message_context(&msg); break; } @@ -545,16 +542,14 @@ static void psa_hash_operation(void) } clear_hash_clone(msg.rhandle); - mbedtls_free(msg.rhandle); - psa_set_rhandle(msg.handle, NULL); + free_message_context(&msg); break; } case PSA_HASH_ABORT: { status = psa_hash_abort(msg.rhandle); clear_hash_clone(msg.rhandle); - mbedtls_free(msg.rhandle); - psa_set_rhandle(msg.handle, NULL); + free_message_context(&msg); break; } @@ -582,8 +577,7 @@ static void psa_hash_operation(void) release_hash_clone(hash_clone); } if (status != PSA_SUCCESS) { - mbedtls_free(msg.rhandle); - psa_set_rhandle(msg.handle, NULL); + free_message_context(&msg); } break; } @@ -601,7 +595,7 @@ static void psa_hash_operation(void) if (msg.rhandle != NULL) { psa_hash_abort(msg.rhandle); clear_hash_clone(msg.rhandle); - mbedtls_free(msg.rhandle); + free_message_context(&msg); } break; @@ -954,8 +948,7 @@ static void psa_symmetric_operation(void) } if (status != PSA_SUCCESS) { - mbedtls_free(msg.rhandle); - psa_set_rhandle(msg.handle, NULL); + free_message_context(&msg); } break; } @@ -968,8 +961,7 @@ static void psa_symmetric_operation(void) } if (status != PSA_SUCCESS) { - mbedtls_free(msg.rhandle); - psa_set_rhandle(msg.handle, NULL); + free_message_context(&msg); } break; } @@ -986,8 +978,7 @@ static void psa_symmetric_operation(void) psa_write(msg.handle, 1, &iv_length, sizeof(iv_length)); } else { - mbedtls_free(msg.rhandle); - psa_set_rhandle(msg.handle, NULL); + free_message_context(&msg); } break; } @@ -1002,8 +993,7 @@ static void psa_symmetric_operation(void) } status = psa_cipher_set_iv(msg.rhandle, iv, iv_length); if (status != PSA_SUCCESS) { - mbedtls_free(msg.rhandle); - psa_set_rhandle(msg.handle, NULL); + free_message_context(&msg); } break; } @@ -1047,8 +1037,7 @@ static void psa_symmetric_operation(void) mbedtls_free(input); mbedtls_free(output); if (status != PSA_SUCCESS) { - mbedtls_free(msg.rhandle); - psa_set_rhandle(msg.handle, NULL); + free_message_context(&msg); } break; } @@ -1076,15 +1065,13 @@ static void psa_symmetric_operation(void) psa_cipher_abort(msg.rhandle); } - mbedtls_free(msg.rhandle); - psa_set_rhandle(msg.handle, NULL); + free_message_context(&msg); break; } case PSA_CIPHER_ABORT: { status = psa_cipher_abort(msg.rhandle); - mbedtls_free(msg.rhandle); - psa_set_rhandle(msg.handle, NULL); + free_message_context(&msg); break; } @@ -1100,7 +1087,7 @@ static void psa_symmetric_operation(void) case PSA_IPC_DISCONNECT: { if (msg.rhandle != NULL) { psa_cipher_abort(msg.rhandle); - mbedtls_free(msg.rhandle); + free_message_context(&msg); } break; @@ -1649,8 +1636,7 @@ void psa_crypto_generator_operations(void) case PSA_GENERATOR_ABORT: { status = psa_generator_abort(msg.rhandle); - mbedtls_free(msg.rhandle); - psa_set_rhandle(msg.handle, NULL); + free_message_context(&msg); break; } @@ -1695,8 +1681,7 @@ void psa_crypto_generator_operations(void) mbedtls_free(salt); mbedtls_free(label); if (status != PSA_SUCCESS) { - mbedtls_free(msg.rhandle); - psa_set_rhandle(msg.handle, NULL); + free_message_context(&msg); } break; } @@ -1729,8 +1714,7 @@ void psa_crypto_generator_operations(void) } if (status != PSA_SUCCESS) { - mbedtls_free(msg.rhandle); - psa_set_rhandle(msg.handle, NULL); + free_message_context(&msg); } break; } @@ -1746,7 +1730,7 @@ void psa_crypto_generator_operations(void) case PSA_IPC_DISCONNECT: { if (msg.rhandle != NULL) { psa_generator_abort(msg.rhandle); - mbedtls_free(msg.rhandle); + free_message_context(&msg); } break;