TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TS / trusted-services / 464021a2435c3abf1ff3757ff3627d87b270ad1b^! / . / components / service / crypto / provider / crypto_provider.c
commit464021a2435c3abf1ff3757ff3627d87b270ad1b[log] [tgz]
authorJulian Hall <julian.hall@arm.com>Thu Jul 29 15:20:10 2021 +0100
committerGyorgy Szing <Gyorgy.Szing@arm.com>Wed Oct 06 00:48:52 2021 +0200
treec0a8dadca3b661ea79f15173ece0f563f532478a
parent3e61454ed2b9a50c6b62eb056d83b1d5d334cbd8 [diff] [blame]
Fix key export handling in crypto provider

Running PSA arch tests has identified a bug in the error handling
for the export key operation.  This commit fixes the error
handling.

Signed-off-by: Julian Hall <julian.hall@arm.com>
Change-Id: I8a6d10ebe7b50a8c02a6ed50a4fcb56e2f5708ad

diff --git a/components/service/crypto/provider/crypto_provider.c b/components/service/crypto/provider/crypto_provider.c
index ea9cce6..d0fc7ca 100644
--- a/components/service/crypto/provider/crypto_provider.c
+++ b/components/service/crypto/provider/crypto_provider.c

@@ -158,52 +158,29 @@
 
 	if (rpc_status == TS_RPC_CALL_ACCEPTED) {
 
-		psa_status_t psa_status;
-		psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+		size_t max_export_size = PSA_EXPORT_KEY_PAIR_MAX_SIZE;
+		uint8_t *key_buffer = malloc(max_export_size);
 
-		psa_status = psa_get_key_attributes(id, &attributes);
+		if (key_buffer) {
 
-		if (psa_status == PSA_SUCCESS) {
+			size_t export_size;
+			psa_status_t psa_status = psa_export_key(id, key_buffer,
+				max_export_size, &export_size);
 
-			size_t max_export_size = PSA_EXPORT_KEY_OUTPUT_SIZE(
-				psa_get_key_type(&attributes),
-				psa_get_key_bits(&attributes));
+			if (psa_status == PSA_SUCCESS) {
 
-			if (max_export_size) {
-
-				uint8_t *key_buffer = malloc(max_export_size);
-
-				if (key_buffer) {
-
-					size_t export_size;
-					psa_status_t psa_status = psa_export_key(id, key_buffer,
-						max_export_size, &export_size);
-
-					if (psa_status == PSA_SUCCESS) {
-
-						struct call_param_buf *resp_buf = call_req_get_resp_buf(req);
-						rpc_status = serializer->serialize_export_key_resp(resp_buf,
-							key_buffer, export_size);
-					}
-
-					free(key_buffer);
-				}
-				else {
-					/* Failed to allocate key buffer */
-					rpc_status = TS_RPC_ERROR_RESOURCE_FAILURE;
-				}
+				struct call_param_buf *resp_buf = call_req_get_resp_buf(req);
+				rpc_status = serializer->serialize_export_key_resp(resp_buf,
+					key_buffer, export_size);
 			}
-			else {
 
-				/* No sensible export size was returned so
-				 * key attributes must be in an invalid state.
-				 */
-				psa_status = PSA_ERROR_GENERIC_ERROR;
-			}
+			free(key_buffer);
+			call_req_set_opstatus(req, psa_status);
 		}
-
-		call_req_set_opstatus(req, psa_status);
-		psa_reset_key_attributes(&attributes);
+		else {
+			/* Failed to allocate key buffer */
+			rpc_status = TS_RPC_ERROR_RESOURCE_FAILURE;
+		}
 	}
 
 	return rpc_status;