Musca B1: BL2: Fix public key stack corruption
Since thin psa crypto layer in BL2 does not copy the key data while
importing, its contents are corrupted by the following code. Hence
statically allocate key buffer instead.
Signed-off-by: Maulik Patel <maulik.patel@arm.com>
Change-Id: Idc7506b90eb0bc7cb6f4e6146e2db1c009a7e7ac
diff --git a/psa_crypto/CMakeLists.txt b/psa_crypto/CMakeLists.txt
index 37747f5..9e1b262 100644
--- a/psa_crypto/CMakeLists.txt
+++ b/psa_crypto/CMakeLists.txt
@@ -25,3 +25,8 @@
PRIVATE
psa_adac_psa_crypto
)
+
+target_compile_definitions(psa_adac_psa_crypto
+ PRIVATE
+ $<$<BOOL:${PSA_ADAC_USE_STATIC_PUB_KEYS}>:ADAC_STATIC_PUB_KEYS>
+)
diff --git a/psa_crypto/adac_crypto_psa_pk.c b/psa_crypto/adac_crypto_psa_pk.c
index d78d0af..b5dab4b 100644
--- a/psa_crypto/adac_crypto_psa_pk.c
+++ b/psa_crypto/adac_crypto_psa_pk.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2023, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2024, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -11,8 +11,14 @@
#include <string.h>
-#define PSA_ADAC_RSA3072
-#define PSA_ADAC_RSA4096
+#ifdef ADAC_STATIC_PUB_KEYS
+/* Since thin psa crypto layer in BL2 does not copy the key data, statically
+ * allocate key buffer
+ */
+#define ADAC_STATIC static
+#else
+#define ADAC_STATIC
+#endif /* ADAC_STATIC_PUB_KEYS */
#if defined(PSA_ADAC_RSA3072) || defined(PSA_ADAC_RSA4096)
#define ENCODED_EXPONENT_SIZE 5U
@@ -51,7 +57,7 @@
psa_key_handle_t *handle)
{
psa_status_t ret;
- uint8_t pub_key[RSA3072_ENCODED_PUB_KEY_MAX_SIZE];
+ ADAC_STATIC uint8_t pub_key[RSA3072_ENCODED_PUB_KEY_MAX_SIZE];
size_t offset = RSA3072_HEADER_SIZE;
size_t pub_size = RSA3072_ENCODED_PUB_KEY_SIZE;
@@ -123,7 +129,7 @@
psa_key_handle_t *handle)
{
psa_status_t ret;
- uint8_t pub_key[RSA4096_ENCODED_PUB_KEY_MAX_SIZE];
+ ADAC_STATIC uint8_t pub_key[RSA4096_ENCODED_PUB_KEY_MAX_SIZE];
size_t offset = RSA4096_HEADER_SIZE;
size_t pub_size = RSA4096_ENCODED_PUB_KEY_SIZE;
@@ -172,7 +178,7 @@
psa_key_handle_t *handle)
{
psa_status_t ret;
- uint8_t pub_key[ECDSA_P256_PUBLIC_KEY_SIZE + 1] = {0x04};
+ ADAC_STATIC uint8_t pub_key[ECDSA_P256_PUBLIC_KEY_SIZE + 1] = {0x04};
if (ECDSA_P256_PUBLIC_KEY_SIZE == key_size) {
@@ -202,7 +208,7 @@
psa_key_handle_t *handle)
{
psa_status_t ret;
- uint8_t pub_key[ECDSA_P521_PUBLIC_KEY_SIZE + 1] = {0x04};
+ ADAC_STATIC uint8_t pub_key[ECDSA_P521_PUBLIC_KEY_SIZE + 1] = {0x04};
if (ECDSA_P521_PUBLIC_KEY_SIZE == key_size) {
diff --git a/target/trusted-firmware-m/platform/arm/musca_b1/config.cmake b/target/trusted-firmware-m/platform/arm/musca_b1/config.cmake
index e42fe79..0f6a2bb 100644
--- a/target/trusted-firmware-m/platform/arm/musca_b1/config.cmake
+++ b/target/trusted-firmware-m/platform/arm/musca_b1/config.cmake
@@ -10,5 +10,6 @@
set(PSA_ADAC_EC_P256 ON CACHE BOOL "Enable support for ECDSA P-256")
set(PSA_ADAC_EC_P521 OFF CACHE BOOL "Enable support for ECDSA P-521")
set(PSA_ADAC_HW_CRYPTO OFF CACHE BOOL "Support for hardware cryptography")
+set(PSA_ADAC_USE_STATIC_PUB_KEYS ON CACHE BOOL "Use statically allocated buffer for public keys")
set(PSA_ADAC_USE_CRYPTOCELL On)