Skip to content

Commit 18feb26

Browse files
author
itayzafrir
committed
Do not allocate zero sized buffers - asymmetric
1 parent 979ca1e commit 18feb26

File tree

1 file changed

+94
-104
lines changed

1 file changed

+94
-104
lines changed

components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c

Lines changed: 94 additions & 104 deletions
Original file line numberDiff line numberDiff line change
@@ -652,142 +652,132 @@ static void psa_asymmetric_operation(void)
652652

653653
switch (psa_crypto.func) {
654654
case PSA_ASYMMETRIC_SIGN: {
655-
uint8_t *signature;
656-
uint8_t *hash;
657-
size_t signature_length = 0;
658-
659-
signature = mbedtls_calloc(1, msg.out_size[0]);
660-
if (signature == NULL) {
661-
status = PSA_ERROR_INSUFFICIENT_MEMORY;
662-
break;
663-
}
655+
uint8_t *signature = NULL;
656+
uint8_t *hash = NULL;
657+
size_t signature_length = 0,
658+
signature_size = msg.out_size[0],
659+
hash_size = msg.in_size[1];
664660

665-
hash = mbedtls_calloc(1, msg.in_size[1]);
666-
if (hash == NULL) {
667-
status = PSA_ERROR_INSUFFICIENT_MEMORY;
668-
mbedtls_free(signature);
669-
break;
661+
if (signature_size > 0) {
662+
signature = mbedtls_calloc(1, signature_size);
663+
if (signature == NULL) {
664+
status = PSA_ERROR_INSUFFICIENT_MEMORY;
665+
}
670666
}
671-
672-
bytes_read = psa_read(msg.handle, 1,
673-
hash, msg.in_size[1]);
674-
if (bytes_read != msg.in_size[1]) {
675-
SPM_PANIC("SPM read length mismatch");
667+
if (status == PSA_SUCCESS && hash_size > 0) {
668+
hash = mbedtls_calloc(1, hash_size);
669+
if (hash == NULL) {
670+
status = PSA_ERROR_INSUFFICIENT_MEMORY;
671+
} else {
672+
bytes_read = psa_read(msg.handle, 1, hash, hash_size);
673+
if (bytes_read != hash_size) {
674+
SPM_PANIC("SPM read length mismatch");
675+
}
676+
}
676677
}
677678

678-
status = psa_asymmetric_sign(psa_crypto.handle,
679-
psa_crypto.alg,
680-
hash,
681-
msg.in_size[1],
682-
signature,
683-
msg.out_size[0],
684-
&signature_length);
685-
686679
if (status == PSA_SUCCESS) {
687-
psa_write(msg.handle, 0, signature, signature_length);
680+
status = psa_asymmetric_sign(psa_crypto.handle, psa_crypto.alg,
681+
hash, hash_size,
682+
signature, signature_size, &signature_length);
683+
684+
if (status == PSA_SUCCESS) {
685+
psa_write(msg.handle, 0, signature, signature_length);
686+
}
687+
psa_write(msg.handle, 1, &signature_length, sizeof(signature_length));
688688
}
689689

690-
psa_write(msg.handle, 1,
691-
&signature_length, sizeof(signature_length));
692690
mbedtls_free(hash);
693691
mbedtls_free(signature);
694692
break;
695693
}
696694

697695
case PSA_ASYMMETRIC_VERIFY: {
698-
uint8_t *signature;
699-
uint8_t *hash;
700-
signature = mbedtls_calloc(1, msg.in_size[1]);
701-
if (signature == NULL) {
702-
status = PSA_ERROR_INSUFFICIENT_MEMORY;
703-
break;
704-
}
696+
uint8_t *signature = NULL;
697+
uint8_t *hash = NULL;
698+
size_t signature_size = msg.in_size[1],
699+
hash_size = msg.in_size[2];
705700

706-
bytes_read = psa_read(msg.handle, 1,
707-
signature, msg.in_size[1]);
708-
if (bytes_read != msg.in_size[1]) {
709-
SPM_PANIC("SPM read length mismatch");
701+
if (signature_size > 0) {
702+
signature = mbedtls_calloc(1, signature_size);
703+
if (signature == NULL) {
704+
status = PSA_ERROR_INSUFFICIENT_MEMORY;
705+
} else {
706+
bytes_read = psa_read(msg.handle, 1, signature, signature_size);
707+
if (bytes_read != signature_size) {
708+
SPM_PANIC("SPM read length mismatch");
709+
}
710+
}
710711
}
711-
712-
hash = mbedtls_calloc(1, msg.in_size[2]);
713-
if (hash == NULL) {
714-
status = PSA_ERROR_INSUFFICIENT_MEMORY;
715-
mbedtls_free(signature);
716-
break;
712+
if (status == PSA_SUCCESS && hash_size > 0) {
713+
hash = mbedtls_calloc(1, hash_size);
714+
if (hash == NULL) {
715+
status = PSA_ERROR_INSUFFICIENT_MEMORY;
716+
} else {
717+
bytes_read = psa_read(msg.handle, 2, hash, hash_size);
718+
if (bytes_read != hash_size) {
719+
SPM_PANIC("SPM read length mismatch");
720+
}
721+
}
717722
}
718723

719-
bytes_read = psa_read(msg.handle, 2,
720-
hash, msg.in_size[2]);
721-
if (bytes_read != msg.in_size[2]) {
722-
SPM_PANIC("SPM read length mismatch");
724+
if (status == PSA_SUCCESS) {
725+
status = psa_asymmetric_verify(psa_crypto.handle, psa_crypto.alg,
726+
hash, hash_size,
727+
signature, signature_size);
723728
}
724729

725-
status = psa_asymmetric_verify(psa_crypto.handle,
726-
psa_crypto.alg,
727-
hash,
728-
msg.in_size[2],
729-
signature,
730-
msg.in_size[1]);
731730
mbedtls_free(signature);
732731
mbedtls_free(hash);
733732
break;
734733
}
735734

736735
case PSA_ASYMMETRIC_ENCRYPT:
737736
case PSA_ASYMMETRIC_DECRYPT: {
738-
uint8_t *input;
739-
uint8_t *salt;
740-
uint8_t *output;
741-
size_t output_length = 0;
742-
743-
uint8_t *buffer = mbedtls_calloc(1, msg.in_size[1]);
744-
if (buffer == NULL) {
745-
status = PSA_ERROR_INSUFFICIENT_MEMORY;
746-
break;
747-
}
737+
uint8_t *input = NULL, *salt = NULL, *output = NULL, *buffer = NULL;
738+
size_t output_length = 0,
739+
buffer_size = msg.in_size[1],
740+
output_size = msg.out_size[0];
741+
742+
if (buffer_size > 0) {
743+
buffer = mbedtls_calloc(1, buffer_size);
744+
if (buffer == NULL) {
745+
status = PSA_ERROR_INSUFFICIENT_MEMORY;
746+
} else {
747+
bytes_read = psa_read(msg.handle, 1, buffer, buffer_size);
748+
if (bytes_read != buffer_size) {
749+
SPM_PANIC("SPM read length mismatch");
750+
}
748751

749-
bytes_read = psa_read(msg.handle, 1, buffer,
750-
msg.in_size[1]);
751-
if (bytes_read != msg.in_size[1]) {
752-
SPM_PANIC("SPM read length mismatch");
752+
input = buffer;
753+
salt = buffer + psa_crypto.input_length;
754+
}
753755
}
754-
755-
input = buffer;
756-
salt = buffer + psa_crypto.input_length;
757-
output = mbedtls_calloc(1, msg.out_size[0]);
758-
if (output == NULL) {
759-
status = PSA_ERROR_INSUFFICIENT_MEMORY;
760-
mbedtls_free(buffer);
761-
break;
756+
if (status == PSA_SUCCESS && output_size > 0) {
757+
output = mbedtls_calloc(1, output_size);
758+
if (output == NULL) {
759+
status = PSA_ERROR_INSUFFICIENT_MEMORY;
760+
}
762761
}
763762

764-
if (psa_crypto.func == PSA_ASYMMETRIC_ENCRYPT)
765-
status = psa_asymmetric_encrypt(psa_crypto.handle,
766-
psa_crypto.alg,
767-
input,
768-
psa_crypto.input_length,
769-
salt,
770-
psa_crypto.salt_length,
771-
output,
772-
msg.out_size[0],
773-
&output_length);
774-
else
775-
status = psa_asymmetric_decrypt(psa_crypto.handle,
776-
psa_crypto.alg,
777-
input,
778-
psa_crypto.input_length,
779-
salt,
780-
psa_crypto.salt_length,
781-
output,
782-
msg.out_size[0],
783-
&output_length);
784-
785763
if (status == PSA_SUCCESS) {
786-
psa_write(msg.handle, 0, output, output_length);
787-
}
764+
if (psa_crypto.func == PSA_ASYMMETRIC_ENCRYPT) {
765+
status = psa_asymmetric_encrypt(psa_crypto.handle, psa_crypto.alg,
766+
input, psa_crypto.input_length,
767+
salt, psa_crypto.salt_length,
768+
output, output_size, &output_length);
769+
} else {
770+
status = psa_asymmetric_decrypt(psa_crypto.handle, psa_crypto.alg,
771+
input, psa_crypto.input_length,
772+
salt, psa_crypto.salt_length,
773+
output, output_size, &output_length);
774+
}
788775

789-
psa_write(msg.handle, 1,
790-
&output_length, sizeof(output_length));
776+
if (status == PSA_SUCCESS) {
777+
psa_write(msg.handle, 0, output, output_length);
778+
}
779+
psa_write(msg.handle, 1, &output_length, sizeof(output_length));
780+
}
791781

792782
mbedtls_free(output);
793783
mbedtls_free(buffer);

0 commit comments

Comments
 (0)