commit cfeea8fa1e52cfc011031532daec710d1e0eca2a
author Steven Cooreman <steven.cooreman@silabs.com> Wed Sep 09 15:09:18 2020 +0200
committer Steven Cooreman <steven.cooreman@silabs.com> Mon Sep 14 16:32:50 2020 +0200
tree 0839aeb67bee6732e3e0469bc3c3e5e2dbf3aec9
parent 150c99b8842877e00bcc247739688e4f19d01069

Unify driver context struct handling

Added zeroization of the wrapper context on failure/abort, and reliance on
the crypto core to not call an uninitialised wrapper.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>

library/psa_crypto_driver_wrappers.c

diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c
index 268b47c..d41209b 100644
--- a/library/psa_crypto_driver_wrappers.c
+++ b/library/psa_crypto_driver_wrappers.c
@@ -525,10 +525,6 @@
       .core = slot->attr
     };
 
-    /* Check for operation already allocated */
-    if( operation->ctx != NULL || operation->id != 0 )
-        return( PSA_ERROR_BAD_STATE );
-
     switch( location )
     {
         case PSA_KEY_LOCATION_LOCAL_STORAGE:
@@ -549,6 +545,9 @@
                 operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
             else
             {
+                mbedtls_platform_zeroize(
+                    operation->ctx,
+                    sizeof( test_transparent_cipher_operation_t ) );
                 mbedtls_free( operation->ctx );
                 operation->ctx = NULL;
             }
@@ -573,6 +572,9 @@
                 operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID;
             else
             {
+                mbedtls_platform_zeroize(
+                    operation->ctx,
+                    sizeof( test_opaque_cipher_operation_t ) );
                 mbedtls_free( operation->ctx );
                 operation->ctx = NULL;
             }
@@ -604,10 +606,6 @@
       .core = slot->attr
     };
 
-    /* Check for operation already allocated */
-    if( operation->ctx != NULL )
-        return( PSA_ERROR_BAD_STATE );
-
     switch( location )
     {
         case PSA_KEY_LOCATION_LOCAL_STORAGE:
@@ -628,6 +626,9 @@
                 operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
             else
             {
+                mbedtls_platform_zeroize(
+                    operation->ctx,
+                    sizeof( test_transparent_cipher_operation_t ) );
                 mbedtls_free( operation->ctx );
                 operation->ctx = NULL;
             }
@@ -652,6 +653,9 @@
                 operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID;
             else
             {
+                mbedtls_platform_zeroize(
+                    operation->ctx,
+                    sizeof( test_opaque_cipher_operation_t ) );
                 mbedtls_free( operation->ctx );
                 operation->ctx = NULL;
             }
@@ -678,10 +682,6 @@
     size_t *iv_length )
 {
 #if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
-    /* Check for operation already allocated */
-    if( operation->ctx == NULL )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
     switch( operation->id )
     {
 #if defined(PSA_CRYPTO_DRIVER_TEST)
@@ -718,10 +718,6 @@
     size_t iv_length )
 {
 #if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
-    /* Check for operation already allocated */
-    if( operation->ctx == NULL )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
     switch( operation->id )
     {
 #if defined(PSA_CRYPTO_DRIVER_TEST)
@@ -758,10 +754,6 @@
     size_t *output_length )
 {
 #if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
-    /* Check for operation already allocated */
-    if( operation->ctx == NULL )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
     switch( operation->id )
     {
 #if defined(PSA_CRYPTO_DRIVER_TEST)
@@ -805,10 +797,6 @@
     size_t *output_length )
 {
 #if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
-    /* Check for operation already allocated */
-    if( operation->ctx == NULL )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
     switch( operation->id )
     {
 #if defined(PSA_CRYPTO_DRIVER_TEST)
@@ -844,16 +832,20 @@
 {
 #if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
     psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
-    /* Check for operation already allocated */
-    if( operation->ctx == NULL )
-        return( PSA_ERROR_INVALID_ARGUMENT );
+
+    /* The object has (apparently) been initialized but it is not in use. It's
+     * ok to call abort on such an object, and there's nothing to do. */
+    if( operation->ctx == NULL && operation->id == 0 )
+        return( PSA_SUCCESS );
 
     switch( operation->id )
     {
 #if defined(PSA_CRYPTO_DRIVER_TEST)
         case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
             status = test_transparent_cipher_abort( operation->ctx );
-
+            mbedtls_platform_zeroize(
+                operation->ctx,
+                sizeof( test_transparent_cipher_operation_t ) );
             mbedtls_free( operation->ctx );
             operation->ctx = NULL;
             operation->id = 0;
@@ -863,8 +855,12 @@
 #if defined(PSA_CRYPTO_DRIVER_TEST)
         case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
             status = test_opaque_cipher_abort( operation->ctx );
+            mbedtls_platform_zeroize(
+                operation->ctx,
+                sizeof( test_opaque_cipher_operation_t ) );
             mbedtls_free( operation->ctx );
             operation->ctx = NULL;
+            operation->id = 0;
 
             return( status );
 #endif /* PSA_CRYPTO_DRIVER_TEST */