Skip to content

Commit 5273e1c

Browse files
AlexLanzanoAlexLanzano
authored
Merge pull request #284 from Frauschi/dma_fixes
Fix potential DMA buffer handling errors
2 parents 4e1a7d4 + 343568e commit 5273e1c

File tree

1 file changed

+22
-21
lines changed

1 file changed

+22
-21
lines changed

src/wh_client_crypto.c

Lines changed: 22 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -2495,8 +2495,9 @@ int wh_Client_Ed25519SignDma(whClientContext* ctx, ed25519_key* key,
24952495
uintptr_t msgAddr = 0;
24962496
uintptr_t sigAddr = 0;
24972497

2498-
whKeyId key_id = WH_DEVCTX_TO_KEYID(key->devCtx);
2499-
int evict = 0;
2498+
whKeyId key_id = WH_DEVCTX_TO_KEYID(key->devCtx);
2499+
int evict = 0;
2500+
uint32_t inSigLen = (inout_sig_len != NULL) ? *inout_sig_len : 0;
25002501

25012502
if ((ctx == NULL) || (key == NULL) || ((msg == NULL) && (msgLen > 0)) ||
25022503
(sig == NULL) || (inout_sig_len == NULL) ||
@@ -2557,7 +2558,7 @@ int wh_Client_Ed25519SignDma(whClientContext* ctx, ed25519_key* key,
25572558
req->type = type;
25582559
req->ctxSz = contextLen;
25592560
req->msg.sz = msgLen;
2560-
req->sig.sz = (inout_sig_len != NULL) ? *inout_sig_len : 0;
2561+
req->sig.sz = inSigLen;
25612562
if ((context != NULL) && (contextLen > 0)) {
25622563
memcpy(req_ctx, context, contextLen);
25632564
}
@@ -2611,10 +2612,10 @@ int wh_Client_Ed25519SignDma(whClientContext* ctx, ed25519_key* key,
26112612
}
26122613

26132614
(void)wh_Client_DmaProcessClientAddress(
2614-
ctx, (uintptr_t)sig, (void**)&sigAddr, req->sig.sz,
2615+
ctx, (uintptr_t)sig, (void**)&sigAddr, inSigLen,
26152616
WH_DMA_OPER_CLIENT_WRITE_POST, (whDmaFlags){0});
26162617
(void)wh_Client_DmaProcessClientAddress(
2617-
ctx, (uintptr_t)msg, (void**)&msgAddr, req->msg.sz,
2618+
ctx, (uintptr_t)msg, (void**)&msgAddr, msgLen,
26182619
WH_DMA_OPER_CLIENT_READ_POST, (whDmaFlags){0});
26192620
}
26202621

@@ -2756,10 +2757,10 @@ int wh_Client_Ed25519VerifyDma(whClientContext* ctx, ed25519_key* key,
27562757
}
27572758

27582759
(void)wh_Client_DmaProcessClientAddress(
2759-
ctx, (uintptr_t)msg, (void**)&msgAddr, req->msg.sz,
2760+
ctx, (uintptr_t)msg, (void**)&msgAddr, msgLen,
27602761
WH_DMA_OPER_CLIENT_READ_POST, (whDmaFlags){0});
27612762
(void)wh_Client_DmaProcessClientAddress(
2762-
ctx, (uintptr_t)sig, (void**)&sigAddr, req->sig.sz,
2763+
ctx, (uintptr_t)sig, (void**)&sigAddr, sigLen,
27632764
WH_DMA_OPER_CLIENT_READ_POST, (whDmaFlags){0});
27642765
}
27652766

@@ -4119,13 +4120,13 @@ int wh_Client_Sha256Dma(whClientContext* ctx, wc_Sha256* sha, const uint8_t* in,
41194120
if (in != NULL || out != NULL) {
41204121
/* post operation address translations */
41214122
(void)wh_Client_DmaProcessClientAddress(
4122-
ctx, (uintptr_t)sha256, (void**)&stateAddr, req->state.sz,
4123+
ctx, (uintptr_t)sha256, (void**)&stateAddr, sizeof(*sha256),
41234124
WH_DMA_OPER_CLIENT_WRITE_POST, (whDmaFlags){0});
41244125
(void)wh_Client_DmaProcessClientAddress(
4125-
ctx, (uintptr_t)in, (void**)&inAddr, req->input.sz,
4126+
ctx, (uintptr_t)in, (void**)&inAddr, inLen,
41264127
WH_DMA_OPER_CLIENT_READ_POST, (whDmaFlags){0});
41274128
(void)wh_Client_DmaProcessClientAddress(
4128-
ctx, (uintptr_t)out, (void**)&outAddr, req->output.sz,
4129+
ctx, (uintptr_t)out, (void**)&outAddr, WC_SHA256_DIGEST_SIZE,
41294130
WH_DMA_OPER_CLIENT_WRITE_POST, (whDmaFlags){0});
41304131
}
41314132

@@ -4401,13 +4402,13 @@ int wh_Client_Sha224Dma(whClientContext* ctx, wc_Sha224* sha, const uint8_t* in,
44014402

44024403
if (in != NULL || out != NULL) {
44034404
(void)wh_Client_DmaProcessClientAddress(
4404-
ctx, (uintptr_t)sha224, (void**)&stateAddr, req->state.sz,
4405+
ctx, (uintptr_t)sha224, (void**)&stateAddr, sizeof(*sha224),
44054406
WH_DMA_OPER_CLIENT_WRITE_POST, (whDmaFlags){0});
44064407
(void)wh_Client_DmaProcessClientAddress(
4407-
ctx, (uintptr_t)in, (void**)&inAddr, req->input.sz,
4408+
ctx, (uintptr_t)in, (void**)&inAddr, inLen,
44084409
WH_DMA_OPER_CLIENT_READ_POST, (whDmaFlags){0});
44094410
(void)wh_Client_DmaProcessClientAddress(
4410-
ctx, (uintptr_t)out, (void**)&outAddr, req->output.sz,
4411+
ctx, (uintptr_t)out, (void**)&outAddr, WC_SHA224_DIGEST_SIZE,
44114412
WH_DMA_OPER_CLIENT_WRITE_POST, (whDmaFlags){0});
44124413
}
44134414
return ret;
@@ -4682,13 +4683,13 @@ int wh_Client_Sha384Dma(whClientContext* ctx, wc_Sha384* sha, const uint8_t* in,
46824683

46834684
if (in != NULL || out != NULL) {
46844685
(void)wh_Client_DmaProcessClientAddress(
4685-
ctx, (uintptr_t)sha384, (void**)&stateAddr, req->state.sz,
4686+
ctx, (uintptr_t)sha384, (void**)&stateAddr, sizeof(*sha384),
46864687
WH_DMA_OPER_CLIENT_WRITE_POST, (whDmaFlags){0});
46874688
(void)wh_Client_DmaProcessClientAddress(
4688-
ctx, (uintptr_t)in, (void**)&inAddr, req->input.sz,
4689+
ctx, (uintptr_t)in, (void**)&inAddr, inLen,
46894690
WH_DMA_OPER_CLIENT_READ_POST, (whDmaFlags){0});
46904691
(void)wh_Client_DmaProcessClientAddress(
4691-
ctx, (uintptr_t)out, (void**)&outAddr, req->output.sz,
4692+
ctx, (uintptr_t)out, (void**)&outAddr, WC_SHA384_DIGEST_SIZE,
46924693
WH_DMA_OPER_CLIENT_WRITE_POST, (whDmaFlags){0});
46934694
}
46944695
return ret;
@@ -4975,13 +4976,13 @@ int wh_Client_Sha512Dma(whClientContext* ctx, wc_Sha512* sha, const uint8_t* in,
49754976

49764977
if (in != NULL || out != NULL) {
49774978
(void)wh_Client_DmaProcessClientAddress(
4978-
ctx, (uintptr_t)sha512, (void**)&stateAddr, req->state.sz,
4979+
ctx, (uintptr_t)sha512, (void**)&stateAddr, sizeof(*sha512),
49794980
WH_DMA_OPER_CLIENT_WRITE_POST, (whDmaFlags){0});
49804981
(void)wh_Client_DmaProcessClientAddress(
4981-
ctx, (uintptr_t)in, (void**)&inAddr, req->input.sz,
4982+
ctx, (uintptr_t)in, (void**)&inAddr, inLen,
49824983
WH_DMA_OPER_CLIENT_READ_POST, (whDmaFlags){0});
49834984
(void)wh_Client_DmaProcessClientAddress(
4984-
ctx, (uintptr_t)out, (void**)&outAddr, req->output.sz,
4985+
ctx, (uintptr_t)out, (void**)&outAddr, WC_SHA512_DIGEST_SIZE,
49854986
WH_DMA_OPER_CLIENT_WRITE_POST, (whDmaFlags){0});
49864987
}
49874988
return ret;
@@ -5776,10 +5777,10 @@ int wh_Client_MlDsaSignDma(whClientContext* ctx, const byte* in, word32 in_len,
57765777
}
57775778

57785779
(void)wh_Client_DmaProcessClientAddress(
5779-
ctx, (uintptr_t)out, (void**)&outAddr, req->sig.sz,
5780+
ctx, (uintptr_t)out, (void**)&outAddr, *out_len,
57805781
WH_DMA_OPER_CLIENT_WRITE_POST, (whDmaFlags){0});
57815782
(void)wh_Client_DmaProcessClientAddress(
5782-
ctx, (uintptr_t)in, (void**)&inAddr, req->msg.sz,
5783+
ctx, (uintptr_t)in, (void**)&inAddr, in_len,
57835784
WH_DMA_OPER_CLIENT_READ_POST, (whDmaFlags){0});
57845785
}
57855786
else {

0 commit comments

Comments
 (0)