Merge pull request #1153 from tom-daubney-arm/asymmetric_encrypt_buffer_protection
Implement safe buffer copying in asymmetric encryption
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 7afd7fc..eab5aa5 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3377,11 +3377,11 @@
psa_status_t psa_asymmetric_encrypt(mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
- const uint8_t *input,
+ const uint8_t *input_external,
size_t input_length,
- const uint8_t *salt,
+ const uint8_t *salt_external,
size_t salt_length,
- uint8_t *output,
+ uint8_t *output_external,
size_t output_size,
size_t *output_length)
{
@@ -3389,6 +3389,9 @@
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot;
psa_key_attributes_t attributes;
+ LOCAL_INPUT_DECLARE(input_external, input);
+ LOCAL_INPUT_DECLARE(salt_external, salt);
+ LOCAL_OUTPUT_DECLARE(output_external, output);
(void) input;
(void) input_length;
@@ -3417,6 +3420,9 @@
.core = slot->attr
};
+ LOCAL_INPUT_ALLOC(input_external, input_length, input);
+ LOCAL_INPUT_ALLOC(salt_external, salt_length, salt);
+ LOCAL_OUTPUT_ALLOC(output_external, output_size, output);
status = psa_driver_wrapper_asymmetric_encrypt(
&attributes, slot->key.data, slot->key.bytes,
alg, input, input_length, salt, salt_length,
@@ -3424,16 +3430,20 @@
exit:
unlock_status = psa_unregister_read(slot);
+ LOCAL_INPUT_FREE(input_external, input);
+ LOCAL_INPUT_FREE(salt_external, salt);
+ LOCAL_OUTPUT_FREE(output_external, output);
+
return (status == PSA_SUCCESS) ? unlock_status : status;
}
psa_status_t psa_asymmetric_decrypt(mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
- const uint8_t *input,
+ const uint8_t *input_external,
size_t input_length,
- const uint8_t *salt,
+ const uint8_t *salt_external,
size_t salt_length,
- uint8_t *output,
+ uint8_t *output_external,
size_t output_size,
size_t *output_length)
{
@@ -3442,6 +3452,10 @@
psa_key_slot_t *slot;
psa_key_attributes_t attributes;
+ LOCAL_INPUT_DECLARE(input_external, input);
+ LOCAL_INPUT_DECLARE(salt_external, salt);
+ LOCAL_OUTPUT_DECLARE(output_external, output);
+
(void) input;
(void) input_length;
(void) salt;
@@ -3468,6 +3482,9 @@
.core = slot->attr
};
+ LOCAL_INPUT_ALLOC(input_external, input_length, input);
+ LOCAL_INPUT_ALLOC(salt_external, salt_length, salt);
+ LOCAL_OUTPUT_ALLOC(output_external, output_size, output);
status = psa_driver_wrapper_asymmetric_decrypt(
&attributes, slot->key.data, slot->key.bytes,
alg, input, input_length, salt, salt_length,
@@ -3476,6 +3493,10 @@
exit:
unlock_status = psa_unregister_read(slot);
+ LOCAL_INPUT_FREE(input_external, input);
+ LOCAL_INPUT_FREE(salt_external, salt);
+ LOCAL_OUTPUT_FREE(output_external, output);
+
return (status == PSA_SUCCESS) ? unlock_status : status;
}
diff --git a/tests/scripts/generate_psa_wrappers.py b/tests/scripts/generate_psa_wrappers.py
index 0918dcc..2418f47 100755
--- a/tests/scripts/generate_psa_wrappers.py
+++ b/tests/scripts/generate_psa_wrappers.py
@@ -171,6 +171,9 @@
'psa_mac_compute',
'psa_mac_verify'):
return True
+ if function_name in ('psa_asymmetric_encrypt',
+ 'psa_asymmetric_decrypt'):
+ return True
return False
def _write_function_call(self, out: typing_util.Writable,
diff --git a/tests/src/psa_test_wrappers.c b/tests/src/psa_test_wrappers.c
index 4824e38..d506924 100644
--- a/tests/src/psa_test_wrappers.c
+++ b/tests/src/psa_test_wrappers.c
@@ -271,7 +271,17 @@
size_t arg7_output_size,
size_t *arg8_output_length)
{
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg4_salt, arg5_salt_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg6_output, arg7_output_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
psa_status_t status = (psa_asymmetric_decrypt)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_salt, arg5_salt_length, arg6_output, arg7_output_size, arg8_output_length);
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg4_salt, arg5_salt_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg6_output, arg7_output_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
return status;
}
@@ -287,7 +297,17 @@
size_t arg7_output_size,
size_t *arg8_output_length)
{
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+ MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg4_salt, arg5_salt_length);
+ MBEDTLS_TEST_MEMORY_POISON(arg6_output, arg7_output_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
psa_status_t status = (psa_asymmetric_encrypt)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_salt, arg5_salt_length, arg6_output, arg7_output_size, arg8_output_length);
+#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg4_salt, arg5_salt_length);
+ MBEDTLS_TEST_MEMORY_UNPOISON(arg6_output, arg7_output_size);
+#endif /* defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS) */
return status;
}