Crypto: Check ownership of context
This patch introduces additional checks in the Crypto service
to make sure that a multipart operation context user is consistent
between calls. The same concept is extended to key handles which
are allocated subsequently and can be easily guessed.
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
Change-Id: I16a9469682f203083a07ec623127fea71fd9f1e6
diff --git a/secure_fw/services/crypto/crypto_cipher.c b/secure_fw/services/crypto/crypto_cipher.c
index aa61025c..590b457 100644
--- a/secure_fw/services/crypto/crypto_cipher.c
+++ b/secure_fw/services/crypto/crypto_cipher.c
@@ -135,6 +135,11 @@
psa_key_handle_t key_handle = iov->key_handle;
psa_algorithm_t alg = iov->alg;
+ status = tfm_crypto_check_handle_owner(key_handle, NULL);
+ if (status != PSA_SUCCESS) {
+ return status;
+ }
+
/* Allocate the operation context in the secure world */
status = tfm_crypto_operation_alloc(TFM_CRYPTO_CIPHER_OPERATION,
&handle,
@@ -177,6 +182,11 @@
psa_key_handle_t key_handle = iov->key_handle;
psa_algorithm_t alg = iov->alg;
+ status = tfm_crypto_check_handle_owner(key_handle, NULL);
+ if (status != PSA_SUCCESS) {
+ return status;
+ }
+
/* Allocate the operation context in the secure world */
status = tfm_crypto_operation_alloc(TFM_CRYPTO_CIPHER_OPERATION,
&handle,