diff options
author | Jens Wiklander <jens.wiklander@linaro.org> | 2020-09-10 17:22:21 +0200 |
---|---|---|
committer | Jérôme Forissier <jerome@forissier.org> | 2020-09-25 12:03:11 +0200 |
commit | 8f7ffdb72b31ffe5bc58fcb0a1d53b73ee1b76cf (patch) | |
tree | c59226e252921064b3a5eac6520023fd179cca49 | |
parent | e16da89e5eee1af760e0f079b3c4c44025e4d464 (diff) | |
download | optee_test-8f7ffdb72b31ffe5bc58fcb0a1d53b73ee1b76cf.tar.gz |
ta/crypt: use private buffers where needed
The GP specification [1] requires buffer for certain functions to reside
in TA private memory. Fix this by allocating a temporary buffer where
needed.
[1] GlobalPlatform TEE Internal Core API Specification v1.1
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
-rw-r--r-- | ta/crypt/cryp_taf.c | 58 |
1 files changed, 48 insertions, 10 deletions
diff --git a/ta/crypt/cryp_taf.c b/ta/crypt/cryp_taf.c index b66ea01..d22696d 100644 --- a/ta/crypt/cryp_taf.c +++ b/ta/crypt/cryp_taf.c @@ -558,11 +558,19 @@ TEE_Result ta_entry_derive_key(uint32_t param_type, TEE_Param params[4]) TEE_Result ta_entry_random_number_generate(uint32_t param_type, TEE_Param params[4]) { + void *buf = NULL; + ASSERT_PARAM_TYPE(TEE_PARAM_TYPES (TEE_PARAM_TYPE_MEMREF_OUTPUT, TEE_PARAM_TYPE_NONE, TEE_PARAM_TYPE_NONE, TEE_PARAM_TYPE_NONE)); - TEE_GenerateRandom(params[0].memref.buffer, params[0].memref.size); + buf = TEE_Malloc(params[0].memref.size, 0); + if (!buf) + return TEE_ERROR_OUT_OF_MEMORY; + + TEE_GenerateRandom(buf, params[0].memref.size); + TEE_MemMove(params[0].memref.buffer, buf, params[0].memref.size); + TEE_Free(buf); return TEE_SUCCESS; } @@ -609,7 +617,9 @@ TEE_Result ta_entry_ae_update(uint32_t param_type, TEE_Param params[4]) TEE_Result ta_entry_ae_encrypt_final(uint32_t param_type, TEE_Param params[4]) { TEE_OperationHandle op = VAL2HANDLE(params[0].value.a); - TEE_Result res = TEE_ERROR_GENERIC; + TEE_Result res = TEE_ERROR_OUT_OF_MEMORY; + void *b2 = NULL; + void *b3 = NULL; ASSERT_PARAM_TYPE(TEE_PARAM_TYPES (TEE_PARAM_TYPE_VALUE_INPUT, @@ -617,16 +627,31 @@ TEE_Result ta_entry_ae_encrypt_final(uint32_t param_type, TEE_Param params[4]) TEE_PARAM_TYPE_MEMREF_OUTPUT, TEE_PARAM_TYPE_MEMREF_OUTPUT)); - res = TEE_AEEncryptFinal(op, - params[1].memref.buffer, params[1].memref.size, - params[2].memref.buffer, ¶ms[2].memref.size, - params[3].memref.buffer, ¶ms[3].memref.size); + b2 = TEE_Malloc(params[2].memref.size, 0); + b3 = TEE_Malloc(params[3].memref.size, 0); + if (!b2 || !b3) + goto out; + + res = TEE_AEEncryptFinal(op, params[1].memref.buffer, + params[1].memref.size, b2, + ¶ms[2].memref.size, b3, + ¶ms[3].memref.size); + if (!res) { + TEE_MemMove(params[2].memref.buffer, b2, params[2].memref.size); + TEE_MemMove(params[3].memref.buffer, b3, params[3].memref.size); + } +out: + TEE_Free(b2); + TEE_Free(b3); return res; } TEE_Result ta_entry_ae_decrypt_final(uint32_t param_type, TEE_Param params[4]) { TEE_OperationHandle op = VAL2HANDLE(params[0].value.a); + TEE_Result res = TEE_ERROR_OUT_OF_MEMORY; + void *b2 = NULL; + void *b3 = NULL; ASSERT_PARAM_TYPE(TEE_PARAM_TYPES (TEE_PARAM_TYPE_VALUE_INPUT, @@ -634,10 +659,23 @@ TEE_Result ta_entry_ae_decrypt_final(uint32_t param_type, TEE_Param params[4]) TEE_PARAM_TYPE_MEMREF_OUTPUT, TEE_PARAM_TYPE_MEMREF_INPUT)); - return TEE_AEDecryptFinal(op, - params[1].memref.buffer, params[1].memref.size, - params[2].memref.buffer, ¶ms[2].memref.size, - params[3].memref.buffer, params[3].memref.size); + b2 = TEE_Malloc(params[2].memref.size, 0); + b3 = TEE_Malloc(params[3].memref.size, 0); + if (!b2 || !b3) + goto out; + + TEE_MemMove(b3, params[3].memref.buffer, params[3].memref.size); + res = TEE_AEDecryptFinal(op, params[1].memref.buffer, + params[1].memref.size, b2, + ¶ms[2].memref.size, b3, + params[3].memref.size); + if (!res) + TEE_MemMove(params[2].memref.buffer, b2, params[2].memref.size); +out: + TEE_Free(b2); + TEE_Free(b3); + + return res; } TEE_Result ta_entry_get_object_buffer_attribute(uint32_t param_type, |