commit 707caf76fd9563fce0a6d9c5cf342ae8b745c997
author Jamie Fox <jamie.fox@arm.com> Wed May 29 15:14:18 2019 +0100
committer Jamie Fox <jamie.fox@arm.com> Wed May 29 15:40:27 2019 +0100
tree b759a2e0b4219722df0c765ea93a2f38ac6e62c6
parent 3298664e6865a07b4022e80d533be6528df2a51c

Crypto: Fixes for PSA Crypto API compliance

Details:
 - Require that setup functions are called with handles initialised to
   0. Make 0 the invalid handle and number handles from 1.
 - Return PSA_ERROR_BUFFER_TOO_SMALL if the output buffer is too small
   in psa_asymmetric_encrypt.
 - Release generator operations if setup or abort operations fail.

Change-Id: Ic1da83e056a00364ef8eba3ea23cbf191f8886e4
Signed-off-by: Jamie Fox <jamie.fox@arm.com>

secure_fw/services/crypto/crypto_alloc.c

diff --git a/secure_fw/services/crypto/crypto_alloc.c b/secure_fw/services/crypto/crypto_alloc.c
index db9c6af..e8b95c9 100644
--- a/secure_fw/services/crypto/crypto_alloc.c
+++ b/secure_fw/services/crypto/crypto_alloc.c
@@ -94,6 +94,11 @@
 {
     uint32_t i = 0;
 
+    /* Handle must be initialised before calling a setup function */
+    if (*handle != TFM_CRYPTO_INVALID_HANDLE) {
+        return PSA_ERROR_BAD_STATE;
+    }
+
     /* Init to invalid values */
     if (ctx == NULL) {
         return PSA_ERROR_INVALID_ARGUMENT;
@@ -104,13 +109,12 @@
         if (operation[i].in_use == TFM_CRYPTO_NOT_IN_USE) {
             operation[i].in_use = TFM_CRYPTO_IN_USE;
             operation[i].type = type;
-            *handle = i;
+            *handle = i + 1;
             *ctx = (void *) &(operation[i].operation);
             return PSA_SUCCESS;
         }
     }
 
-    *handle = TFM_CRYPTO_INVALID_HANDLE;
     return PSA_ERROR_NOT_PERMITTED;
 }
 
@@ -119,12 +123,12 @@
     uint32_t h_val = *handle;
 
     if ( (h_val != TFM_CRYPTO_INVALID_HANDLE) &&
-         (h_val < TFM_CRYPTO_CONC_OPER_NUM) &&
-         (operation[h_val].in_use == TFM_CRYPTO_IN_USE) ) {
+         (h_val <= TFM_CRYPTO_CONC_OPER_NUM) &&
+         (operation[h_val - 1].in_use == TFM_CRYPTO_IN_USE) ) {
 
-        memset_operation_context(h_val);
-        operation[h_val].in_use = TFM_CRYPTO_NOT_IN_USE;
-        operation[h_val].type = TFM_CRYPTO_OPERATION_NONE;
+        memset_operation_context(h_val - 1);
+        operation[h_val - 1].in_use = TFM_CRYPTO_NOT_IN_USE;
+        operation[h_val - 1].type = TFM_CRYPTO_OPERATION_NONE;
         *handle = TFM_CRYPTO_INVALID_HANDLE;
         return PSA_SUCCESS;
     }
@@ -137,11 +141,11 @@
                                          void **ctx)
 {
     if ( (handle != TFM_CRYPTO_INVALID_HANDLE) &&
-         (handle < TFM_CRYPTO_CONC_OPER_NUM) &&
-         (operation[handle].in_use == TFM_CRYPTO_IN_USE) &&
-         (operation[handle].type == type) ) {
+         (handle <= TFM_CRYPTO_CONC_OPER_NUM) &&
+         (operation[handle - 1].in_use == TFM_CRYPTO_IN_USE) &&
+         (operation[handle - 1].type == type) ) {
 
-        *ctx = (void *) &(operation[handle].operation);
+        *ctx = (void *) &(operation[handle - 1].operation);
         return PSA_SUCCESS;
     }