Merge pull request #9758 from NirSonnenschein/large_buffer_support_for_hash_and_mac

allow hash or mac on large buffers with less memory use
2019-02-25 10:34:14 -06:00 · 2019-02-25 10:34:14 -06:00 · ed350dc533
parent afeab0f77d 1d4c280d2a
commit ed350dc533
1 changed files with 63 additions and 20 deletions
--- a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c
+++ b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c
@ -23,6 +23,11 @@
 #define mbedtls_free   free
 #endif
 // ---------------------------------- Macros -----------------------------------
 #if !defined(MIN)
 #define MIN( a, b ) ( ( ( a ) < ( b ) ) ? ( a ) : ( b ) )
 #endif
 // -------------------------------- Structures ---------------------------------
 typedef struct psa_spm_hash_clone_s {
    int32_t partition_id;
@ -33,6 +38,12 @@ typedef struct psa_spm_hash_clone_s {
 // ---------------------------------- Globals ----------------------------------
 static int psa_spm_init_refence_counter = 0;
 /* maximal memory allocation for reading large hash or mac input buffers.
 the data will be read in chunks of size */
 #if !defined (MAX_DATA_CHUNK_SIZE_IN_BYTES)
 #define MAX_DATA_CHUNK_SIZE_IN_BYTES 400
 #endif
 #ifndef MAX_CONCURRENT_HASH_CLONES
 #define MAX_CONCURRENT_HASH_CLONES 2
 #endif
@ -221,24 +232,40 @@ static void psa_mac_operation(void)
                }
                case PSA_MAC_UPDATE: {
-                    uint8_t *input_ptr = mbedtls_calloc(1, msg.in_size[1]);
+
-                    if (input_ptr == NULL) {
+                    uint8_t *input_buffer = NULL;
                    size_t data_remaining = msg.in_size[1];
                    size_t allocation_size = MIN(data_remaining, MAX_DATA_CHUNK_SIZE_IN_BYTES);
                    size_t size_to_read = 0;
                    input_buffer = mbedtls_calloc(1, allocation_size);
                    if (input_buffer == NULL) {
                        status = PSA_ERROR_INSUFFICIENT_MEMORY;
                        break;
                    }
-                    bytes_read = psa_read(msg.handle, 1, input_ptr,
+                    while (data_remaining > 0) {
-                                          msg.in_size[1]);
+                        size_to_read = MIN(data_remaining, MAX_DATA_CHUNK_SIZE_IN_BYTES);
                        bytes_read = psa_read(msg.handle, 1, input_buffer,
                                              size_to_read);
-                    if (bytes_read != msg.in_size[1]) {
+                        if (bytes_read != size_to_read) {
                            SPM_PANIC("SPM read length mismatch");
                        }
                        status = psa_mac_update(msg.rhandle,
-                                            input_ptr,
+                                                input_buffer,
-                                            msg.in_size[1]);
+                                                bytes_read);
                        // stop on error
                        if (status != PSA_SUCCESS) {
                            break;
                        }
                        data_remaining = data_remaining - bytes_read;
                    }
                    mbedtls_free(input_buffer);
                    mbedtls_free(input_ptr);
                    break;
                }
@ -368,23 +395,39 @@ static void psa_hash_operation(void)
                }
                case PSA_HASH_UPDATE: {
-                    uint8_t *input_ptr = mbedtls_calloc(1, msg.in_size[1]);
+                    uint8_t *input_buffer = NULL;
-                    if (input_ptr == NULL) {
+                    size_t data_remaining = msg.in_size[1];
                    size_t size_to_read = 0;
                    size_t allocation_size = MIN(data_remaining, MAX_DATA_CHUNK_SIZE_IN_BYTES);
                    input_buffer = mbedtls_calloc(1, allocation_size);
                    if (input_buffer == NULL) {
                        status = PSA_ERROR_INSUFFICIENT_MEMORY;
                        break;
                    }
-                    bytes_read = psa_read(msg.handle, 1, input_ptr,
+                    while (data_remaining > 0) {
-                                          msg.in_size[1]);
+                        size_to_read = MIN(data_remaining, MAX_DATA_CHUNK_SIZE_IN_BYTES);
                        bytes_read = psa_read(msg.handle, 1, input_buffer,
                                              size_to_read);
-                    if (bytes_read != msg.in_size[1]) {
+                        if (bytes_read != size_to_read) {
                            SPM_PANIC("SPM read length mismatch");
                        }
                        status = psa_hash_update(msg.rhandle,
-                                             input_ptr,
+                                                 input_buffer,
-                                             msg.in_size[1]);
+                                                 bytes_read);
-                    mbedtls_free(input_ptr);
+
                        // stop on error
                        if (status != PSA_SUCCESS) {
                            break;
                        }
                        data_remaining = data_remaining - bytes_read;
                    }
                    mbedtls_free(input_buffer);
                    break;
                }