Skip to content

Commit da999c6

Browse files
author
itayzafrir
committed
Fix crypto service abort functionality - hash
1 parent 1b26e0d commit da999c6

File tree

2 files changed

+63
-40
lines changed

2 files changed

+63
-40
lines changed

components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -240,6 +240,10 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation)
240240
psa_status_t psa_hash_setup(psa_hash_operation_t *operation,
241241
psa_algorithm_t alg)
242242
{
243+
if (operation->handle != PSA_NULL_HANDLE) {
244+
return (PSA_ERROR_BAD_STATE);
245+
}
246+
243247
psa_crypto_ipc_t psa_crypto_ipc = {
244248
.func = PSA_HASH_SETUP,
245249
.handle = 0,
@@ -253,6 +257,9 @@ psa_status_t psa_hash_setup(psa_hash_operation_t *operation,
253257
return (status);
254258
}
255259
status = ipc_call(&operation->handle, &in_vec, 1, NULL, 0, false);
260+
if (status != PSA_SUCCESS) {
261+
ipc_close(&operation->handle);
262+
}
256263
return (status);
257264
}
258265

@@ -272,6 +279,9 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation,
272279
};
273280

274281
psa_status_t status = ipc_call(&operation->handle, in_vec, 2, NULL, 0, false);
282+
if (status != PSA_SUCCESS) {
283+
ipc_close(&operation->handle);
284+
}
275285
return (status);
276286
}
277287

components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c

Lines changed: 53 additions & 40 deletions
Original file line numberDiff line numberDiff line change
@@ -414,6 +414,10 @@ static void psa_hash_operation(void)
414414
case PSA_HASH_SETUP: {
415415
status = psa_hash_setup(msg.rhandle,
416416
psa_crypto.alg);
417+
if (status != PSA_SUCCESS) {
418+
mbedtls_free(msg.rhandle);
419+
psa_set_rhandle(msg.handle, NULL);
420+
}
417421
break;
418422
}
419423

@@ -425,32 +429,32 @@ static void psa_hash_operation(void)
425429

426430
input_buffer = mbedtls_calloc(1, allocation_size);
427431
if (input_buffer == NULL) {
432+
psa_hash_abort(msg.rhandle);
428433
status = PSA_ERROR_INSUFFICIENT_MEMORY;
429-
break;
430-
}
431-
432-
while (data_remaining > 0) {
433-
size_to_read = MIN(data_remaining, MAX_DATA_CHUNK_SIZE_IN_BYTES);
434-
bytes_read = psa_read(msg.handle, 1, input_buffer,
435-
size_to_read);
436-
437-
if (bytes_read != size_to_read) {
438-
SPM_PANIC("SPM read length mismatch");
439-
}
440-
441-
status = psa_hash_update(msg.rhandle,
442-
input_buffer,
443-
bytes_read);
444-
445-
// stop on error
446-
if (status != PSA_SUCCESS) {
447-
break;
434+
} else {
435+
while (data_remaining > 0) {
436+
size_to_read = MIN(data_remaining, MAX_DATA_CHUNK_SIZE_IN_BYTES);
437+
bytes_read = psa_read(msg.handle, 1, input_buffer, size_to_read);
438+
439+
if (bytes_read != size_to_read) {
440+
SPM_PANIC("SPM read length mismatch");
441+
}
442+
443+
status = psa_hash_update(msg.rhandle, input_buffer, bytes_read);
444+
// stop on error
445+
if (status != PSA_SUCCESS) {
446+
break;
447+
}
448+
data_remaining = data_remaining - bytes_read;
448449
}
449-
data_remaining = data_remaining - bytes_read;
450+
mbedtls_free(input_buffer);
450451
}
451452

452-
mbedtls_free(input_buffer);
453-
453+
if (status != PSA_SUCCESS) {
454+
destroy_hash_clone(msg.rhandle);
455+
mbedtls_free(msg.rhandle);
456+
psa_set_rhandle(msg.handle, NULL);
457+
}
454458
break;
455459
}
456460

@@ -465,20 +469,20 @@ static void psa_hash_operation(void)
465469
size_t hash_length = 0;
466470
uint8_t *hash = mbedtls_calloc(1, hash_size);
467471
if (hash == NULL) {
472+
psa_hash_abort(msg.rhandle);
468473
status = PSA_ERROR_INSUFFICIENT_MEMORY;
469-
break;
470-
}
471-
472-
status = psa_hash_finish(msg.rhandle, hash, hash_size,
473-
&hash_length);
474-
if (status == PSA_SUCCESS) {
475-
psa_write(msg.handle, 0, hash, hash_length);
476-
psa_write(msg.handle, 1, &hash_length,
477-
sizeof(hash_length));
474+
} else {
475+
status = psa_hash_finish(msg.rhandle, hash, hash_size, &hash_length);
476+
if (status == PSA_SUCCESS) {
477+
psa_write(msg.handle, 0, hash, hash_length);
478+
psa_write(msg.handle, 1, &hash_length, sizeof(hash_length));
479+
}
480+
mbedtls_free(hash);
478481
}
479482

480-
mbedtls_free(hash);
481483
destroy_hash_clone(msg.rhandle);
484+
mbedtls_free(msg.rhandle);
485+
psa_set_rhandle(msg.handle, NULL);
482486
break;
483487
}
484488

@@ -493,24 +497,29 @@ static void psa_hash_operation(void)
493497

494498
uint8_t *hash = mbedtls_calloc(1, hash_length);
495499
if (hash == NULL) {
500+
psa_hash_abort(msg.rhandle);
496501
status = PSA_ERROR_INSUFFICIENT_MEMORY;
497-
break;
498-
}
502+
} else {
503+
bytes_read = psa_read(msg.handle, 2, hash, msg.in_size[2]);
504+
if (bytes_read != msg.in_size[2]) {
505+
SPM_PANIC("SPM read length mismatch");
506+
}
499507

500-
bytes_read = psa_read(msg.handle, 2, hash, msg.in_size[2]);
501-
if (bytes_read != msg.in_size[2]) {
502-
SPM_PANIC("SPM read length mismatch");
508+
status = psa_hash_verify(msg.rhandle, hash, hash_length);
509+
mbedtls_free(hash);
503510
}
504511

505-
status = psa_hash_verify(msg.rhandle, hash, hash_length);
506-
mbedtls_free(hash);
507512
destroy_hash_clone(msg.rhandle);
513+
mbedtls_free(msg.rhandle);
514+
psa_set_rhandle(msg.handle, NULL);
508515
break;
509516
}
510517

511518
case PSA_HASH_ABORT: {
512519
status = psa_hash_abort(msg.rhandle);
513520
destroy_hash_clone(msg.rhandle);
521+
mbedtls_free(msg.rhandle);
522+
psa_set_rhandle(msg.handle, NULL);
514523
break;
515524
}
516525

@@ -537,6 +546,10 @@ static void psa_hash_operation(void)
537546
status = psa_hash_clone(hash_clone->source_operation, msg.rhandle);
538547
release_hash_clone(hash_clone);
539548
}
549+
if (status != PSA_SUCCESS) {
550+
mbedtls_free(msg.rhandle);
551+
psa_set_rhandle(msg.handle, NULL);
552+
}
540553
break;
541554
}
542555

@@ -550,8 +563,8 @@ static void psa_hash_operation(void)
550563
}
551564

552565
case PSA_IPC_DISCONNECT: {
553-
psa_hash_abort(msg.rhandle);
554566
if (msg.rhandle != NULL) {
567+
psa_hash_abort(msg.rhandle);
555568
destroy_hash_clone(msg.rhandle);
556569
mbedtls_free(msg.rhandle);
557570
}

0 commit comments

Comments
 (0)