commit ce48702448e11bcd3ca702d7d784d84ecd0cdfd7
author Steven Cooreman <steven.cooreman@silabs.com> Wed Apr 07 18:09:53 2021 +0200
committer Steven Cooreman <steven.cooreman@silabs.com> Thu Apr 15 15:06:53 2021 +0200
tree 6160d553849510b0c11c932fc05a92e508d2c196
parent 7ddee7f7c58024ffbd3b129629985bd648a2169b

Get a builtin key's attributes in order to correctly get its size

Leverage the fact that the get_builtin_key entrypoint returns a key's
attributes, such that a proper size for the builtin key's buffer can
be calculated through the driver's get_key_buffer_size hook.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>

library/psa_crypto_slot_management.c

diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index f9ea369..7809c0c 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -302,6 +302,19 @@
     /* Set mapped lifetime on the attributes */
     psa_set_key_lifetime( &attributes, lifetime );
 
+    /* Get the full key attributes from the driver in order to be able to
+     * calculate the required buffer size. */
+    status = psa_driver_wrapper_get_builtin_key(
+                slot_number, &attributes,
+                NULL, 0, NULL );
+    if( status != PSA_ERROR_BUFFER_TOO_SMALL )
+    {
+        /* Builtin keys cannot be defined by the attributes alone */
+        if( status == PSA_SUCCESS )
+            status = PSA_ERROR_CORRUPTION_DETECTED;
+        goto exit;
+    }
+
     /* If the key should exist according to the platform, then ask the driver
      * what its expected size is. */
     status = psa_driver_wrapper_get_key_buffer_size( &attributes,
@@ -310,7 +323,7 @@
         return( status );
 
     /* Allocate a buffer of the required size and load the builtin key directly
-     * into the slot buffer. */
+     * into the (now properly sized) slot buffer. */
     status = psa_allocate_buffer_to_slot( slot, key_buffer_size );
     if( status != PSA_SUCCESS )
         return( status );