Merge branch 'development-restricted' into mbedtls-3.1.0rc-pr
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index f257651..829ed45 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3362,8 +3362,8 @@
size_t *iv_length )
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-
- *iv_length = 0;
+ uint8_t local_iv[PSA_CIPHER_IV_MAX_SIZE];
+ size_t default_iv_length;
if( operation->id == 0 )
{
@@ -3377,28 +3377,38 @@
goto exit;
}
- if( iv_size < operation->default_iv_length )
+ default_iv_length = operation->default_iv_length;
+ if( iv_size < default_iv_length )
{
status = PSA_ERROR_BUFFER_TOO_SMALL;
goto exit;
}
- status = psa_generate_random( iv, operation->default_iv_length );
+ if( default_iv_length > PSA_CIPHER_IV_MAX_SIZE )
+ {
+ status = PSA_ERROR_GENERIC_ERROR;
+ goto exit;
+ }
+
+ status = psa_generate_random( local_iv, default_iv_length );
if( status != PSA_SUCCESS )
goto exit;
status = psa_driver_wrapper_cipher_set_iv( operation,
- iv,
- operation->default_iv_length );
+ local_iv, default_iv_length );
exit:
if( status == PSA_SUCCESS )
{
+ memcpy( iv, local_iv, default_iv_length );
+ *iv_length = default_iv_length;
operation->iv_set = 1;
- *iv_length = operation->default_iv_length;
}
else
+ {
+ *iv_length = 0;
psa_cipher_abort( operation );
+ }
return( status );
}
@@ -3539,50 +3549,67 @@
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
- psa_key_slot_t *slot;
- psa_key_type_t key_type;
- size_t iv_length;
-
- *output_length = 0;
+ psa_key_slot_t *slot = NULL;
+ uint8_t local_iv[PSA_CIPHER_IV_MAX_SIZE];
+ size_t default_iv_length = 0;
if( ! PSA_ALG_IS_CIPHER( alg ) )
- return( PSA_ERROR_INVALID_ARGUMENT );
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
+ }
status = psa_get_and_lock_key_slot_with_policy( key, &slot,
PSA_KEY_USAGE_ENCRYPT,
alg );
if( status != PSA_SUCCESS )
- return( status );
+ goto exit;
psa_key_attributes_t attributes = {
.core = slot->attr
};
- key_type = slot->attr.type;
- iv_length = PSA_CIPHER_IV_LENGTH( key_type, alg );
-
- if( iv_length > 0 )
+ default_iv_length = PSA_CIPHER_IV_LENGTH( slot->attr.type, alg );
+ if( default_iv_length > PSA_CIPHER_IV_MAX_SIZE )
{
- if( output_size < iv_length )
+ status = PSA_ERROR_GENERIC_ERROR;
+ goto exit;
+ }
+
+ if( default_iv_length > 0 )
+ {
+ if( output_size < default_iv_length )
{
status = PSA_ERROR_BUFFER_TOO_SMALL;
goto exit;
}
- status = psa_generate_random( output, iv_length );
+ status = psa_generate_random( local_iv, default_iv_length );
if( status != PSA_SUCCESS )
goto exit;
}
status = psa_driver_wrapper_cipher_encrypt(
&attributes, slot->key.data, slot->key.bytes,
- alg, input, input_length,
- output, output_size, output_length );
+ alg, local_iv, default_iv_length, input, input_length,
+ output + default_iv_length, output_size - default_iv_length,
+ output_length );
exit:
unlock_status = psa_unlock_key_slot( slot );
+ if( status == PSA_SUCCESS )
+ status = unlock_status;
- return( ( status == PSA_SUCCESS ) ? unlock_status : status );
+ if( status == PSA_SUCCESS )
+ {
+ if( default_iv_length > 0 )
+ memcpy( output, local_iv, default_iv_length );
+ *output_length += default_iv_length;
+ }
+ else
+ *output_length = 0;
+
+ return( status );
}
psa_status_t psa_cipher_decrypt( mbedtls_svc_key_id_t key,
@@ -3595,18 +3622,19 @@
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
- psa_key_slot_t *slot;
-
- *output_length = 0;
+ psa_key_slot_t *slot = NULL;
if( ! PSA_ALG_IS_CIPHER( alg ) )
- return( PSA_ERROR_INVALID_ARGUMENT );
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
+ }
status = psa_get_and_lock_key_slot_with_policy( key, &slot,
PSA_KEY_USAGE_DECRYPT,
alg );
if( status != PSA_SUCCESS )
- return( status );
+ goto exit;
psa_key_attributes_t attributes = {
.core = slot->attr
@@ -3630,8 +3658,13 @@
exit:
unlock_status = psa_unlock_key_slot( slot );
+ if( status == PSA_SUCCESS )
+ status = unlock_status;
- return( ( status == PSA_SUCCESS ) ? unlock_status : status );
+ if( status != PSA_SUCCESS )
+ *output_length = 0;
+
+ return( status );
}
@@ -3885,6 +3918,7 @@
size_t *nonce_length )
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ uint8_t local_nonce[PSA_AEAD_NONCE_MAX_SIZE];
size_t required_nonce_size;
*nonce_length = 0;
@@ -3918,15 +3952,18 @@
goto exit;
}
- status = psa_generate_random( nonce, required_nonce_size );
+ status = psa_generate_random( local_nonce, required_nonce_size );
if( status != PSA_SUCCESS )
goto exit;
- status = psa_aead_set_nonce( operation, nonce, required_nonce_size );
+ status = psa_aead_set_nonce( operation, local_nonce, required_nonce_size );
exit:
if( status == PSA_SUCCESS )
+ {
+ memcpy( nonce, local_nonce, required_nonce_size );
*nonce_length = required_nonce_size;
+ }
else
psa_aead_abort( operation );
diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c
index 09bd28c..ae30e5f 100644
--- a/library/psa_crypto_cipher.c
+++ b/library/psa_crypto_cipher.c
@@ -449,6 +449,8 @@
const uint8_t *key_buffer,
size_t key_buffer_size,
psa_algorithm_t alg,
+ const uint8_t *iv,
+ size_t iv_length,
const uint8_t *input,
size_t input_length,
uint8_t *output,
@@ -457,7 +459,7 @@
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT;
- size_t olength, accumulated_length;
+ size_t update_output_length, finish_output_length;
status = mbedtls_psa_cipher_encrypt_setup( &operation, attributes,
key_buffer, key_buffer_size,
@@ -465,33 +467,27 @@
if( status != PSA_SUCCESS )
goto exit;
- accumulated_length = 0;
- if( operation.iv_length > 0 )
+ if( iv_length > 0 )
{
- status = mbedtls_psa_cipher_set_iv( &operation,
- output, operation.iv_length );
+ status = mbedtls_psa_cipher_set_iv( &operation, iv, iv_length );
if( status != PSA_SUCCESS )
goto exit;
-
- accumulated_length = operation.iv_length;
}
status = mbedtls_psa_cipher_update( &operation, input, input_length,
- output + operation.iv_length,
- output_size - operation.iv_length,
- &olength );
+ output, output_size,
+ &update_output_length );
if( status != PSA_SUCCESS )
goto exit;
- accumulated_length += olength;
-
- status = mbedtls_psa_cipher_finish( &operation, output + accumulated_length,
- output_size - accumulated_length,
- &olength );
+ status = mbedtls_psa_cipher_finish( &operation,
+ output + update_output_length,
+ output_size - update_output_length,
+ &finish_output_length );
if( status != PSA_SUCCESS )
goto exit;
- *output_length = accumulated_length + olength;
+ *output_length = update_output_length + finish_output_length;
exit:
if( status == PSA_SUCCESS )
diff --git a/library/psa_crypto_cipher.h b/library/psa_crypto_cipher.h
index bb4657d..fae9847 100644
--- a/library/psa_crypto_cipher.h
+++ b/library/psa_crypto_cipher.h
@@ -213,16 +213,12 @@
* \param[in] alg The cipher algorithm to compute
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_CIPHER(\p alg) is true).
- * \param[in] input Buffer containing the message to encrypt.
- * \param[in] input_length Size of the \p input buffer in bytes.
+ * \param[in] iv Buffer containing the IV for encryption. The
+ * IV has been generated by the core.
+ * \param[in] iv_length Size of the \p iv in bytes.
+ * \param[in] input Buffer containing the message to encrypt.
+ * \param[in] input_length Size of the \p input buffer in bytes.
* \param[in,out] output Buffer where the output is to be written.
- * The core has generated and written the IV
- * at the beginning of this buffer before
- * this function is called. The size of the IV
- * is PSA_CIPHER_IV_LENGTH( key_type, alg ) where
- * \c key_type is the type of the key identified
- * by \p key and \p alg is the cipher algorithm
- * to compute.
* \param[in] output_size Size of the \p output buffer in bytes.
* \param[out] output_length On success, the number of bytes that make up
* the returned output. Initialized to zero
@@ -235,7 +231,7 @@
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
* The size of the \p output buffer is too small.
* \retval #PSA_ERROR_INVALID_ARGUMENT
- * The size of \p iv is not acceptable for the chosen algorithm,
+ * The size \p iv_length is not acceptable for the chosen algorithm,
* or the chosen algorithm does not use an IV.
* The total input size passed to this operation is not valid for
* this particular algorithm. For example, the algorithm is a based
@@ -249,6 +245,8 @@
const uint8_t *key_buffer,
size_t key_buffer_size,
psa_algorithm_t alg,
+ const uint8_t *iv,
+ size_t iv_length,
const uint8_t *input,
size_t input_length,
uint8_t *output,
diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c
index 9679715..20f1abd 100644
--- a/library/psa_crypto_driver_wrappers.c
+++ b/library/psa_crypto_driver_wrappers.c
@@ -873,6 +873,8 @@
const uint8_t *key_buffer,
size_t key_buffer_size,
psa_algorithm_t alg,
+ const uint8_t *iv,
+ size_t iv_length,
const uint8_t *input,
size_t input_length,
uint8_t *output,
@@ -894,6 +896,8 @@
key_buffer,
key_buffer_size,
alg,
+ iv,
+ iv_length,
input,
input_length,
output,
@@ -910,6 +914,8 @@
key_buffer,
key_buffer_size,
alg,
+ iv,
+ iv_length,
input,
input_length,
output,
@@ -927,6 +933,8 @@
key_buffer,
key_buffer_size,
alg,
+ iv,
+ iv_length,
input,
input_length,
output,
diff --git a/library/psa_crypto_driver_wrappers.h b/library/psa_crypto_driver_wrappers.h
index 6026b82..e09e4ed 100644
--- a/library/psa_crypto_driver_wrappers.h
+++ b/library/psa_crypto_driver_wrappers.h
@@ -119,6 +119,8 @@
const uint8_t *key_buffer,
size_t key_buffer_size,
psa_algorithm_t alg,
+ const uint8_t *iv,
+ size_t iv_length,
const uint8_t *input,
size_t input_length,
uint8_t *output,