mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-29 22:20:30 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Split handling of memory allocation for password between core and driver

Browse Source 
Driver is now responsible for creating its own copy of the password in the setup function.
After calling pake setup driver entry point core frees memory for password.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
This commit is contained in:
Przemek Stekiel 2022-12-22 11:19:22 +01:00
parent e12ed36a6c
commit 2797d37424
2 changed files with 54 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

88
library/psa_crypto.c
View File

@ -7333,6 +7333,44 @@ psa_status_t psa_pake_set_role(
return PSA_SUCCESS;
}
static psa_status_t psa_pake_complete_inputs(
psa_pake_operation_t *operation)
{
psa_jpake_computation_stage_t *computation_stage =
&operation->computation_stage.data.jpake_computation_stage;
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
uint8_t *password = operation->data.inputs.password;
size_t password_len = operation->data.inputs.password_len;
if (operation->alg == PSA_ALG_NONE ||
operation->data.inputs.password_len == 0 ||
operation->data.inputs.role == PSA_PAKE_ROLE_NONE) {
return PSA_ERROR_BAD_STATE;
}
status = psa_driver_wrapper_pake_setup(operation,
&operation->data.inputs);
/* Driver is responsible for creating its own copy of the password. */
mbedtls_platform_zeroize(password, password_len);
mbedtls_free(password);
if (status == PSA_SUCCESS) {
operation->stage = PSA_PAKE_OPERATION_STAGE_COMPUTATION;
if (operation->alg == PSA_ALG_JPAKE) {
computation_stage->state = PSA_PAKE_STATE_READY;
computation_stage->sequence = PSA_PAKE_SEQ_INVALID;
computation_stage->input_step = PSA_PAKE_STEP_X1_X2;
computation_stage->output_step = PSA_PAKE_STEP_X1_X2;
}
} else {
operation->data.inputs.password_len = 0;
operation->data.inputs.password = NULL;
}
return status;
}
static psa_status_t psa_jpake_output_prologue(
psa_pake_operation_t *operation,
psa_pake_step_t step)
@ -7433,28 +7471,10 @@ psa_status_t psa_pake_output(
size_t *output_length)
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_jpake_computation_stage_t *computation_stage =
&operation->computation_stage.data.jpake_computation_stage;
if (operation->stage == PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) {
if (operation->alg == PSA_ALG_NONE ||
operation->data.inputs.password_len == 0 ||
operation->data.inputs.role == PSA_PAKE_ROLE_NONE) {
return PSA_ERROR_BAD_STATE;
}
status = psa_driver_wrapper_pake_setup(operation,
&operation->data.inputs);
if (status == PSA_SUCCESS) {
operation->stage = PSA_PAKE_OPERATION_STAGE_COMPUTATION;
if (operation->alg == PSA_ALG_JPAKE) {
computation_stage->state = PSA_PAKE_STATE_READY;
computation_stage->sequence = PSA_PAKE_SEQ_INVALID;
computation_stage->input_step = PSA_PAKE_STEP_X1_X2;
computation_stage->output_step = PSA_PAKE_STEP_X1_X2;
}
} else {
status = psa_pake_complete_inputs(operation);
if (status != PSA_SUCCESS) {
return status;
}
}
@ -7612,28 +7632,10 @@ psa_status_t psa_pake_input(
size_t input_length)
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_jpake_computation_stage_t *computation_stage =
&operation->computation_stage.data.jpake_computation_stage;
if (operation->stage == PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) {
if (operation->alg == PSA_ALG_NONE ||
operation->data.inputs.password_len == 0 ||
operation->data.inputs.role == PSA_PAKE_ROLE_NONE) {
return PSA_ERROR_BAD_STATE;
}
status = psa_driver_wrapper_pake_setup(operation,
&operation->data.inputs);
if (status == PSA_SUCCESS) {
operation->stage = PSA_PAKE_OPERATION_STAGE_COMPUTATION;
if (operation->alg == PSA_ALG_JPAKE) {
computation_stage->state = PSA_PAKE_STATE_READY;
computation_stage->sequence = PSA_PAKE_SEQ_INVALID;
computation_stage->input_step = PSA_PAKE_STEP_X1_X2;
computation_stage->output_step = PSA_PAKE_STEP_X1_X2;
}
} else {
status = psa_pake_complete_inputs(operation);
if (status != PSA_SUCCESS) {
return status;
}
}
@ -7736,7 +7738,11 @@ psa_status_t psa_pake_abort(
/* If we are in collecting inputs stage clear inputs. */
if (operation->stage == PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) {
mbedtls_free(operation->data.inputs.password);
if (operation->data.inputs.password_len > 0) {
mbedtls_platform_zeroize(operation->data.inputs.password,
operation->data.inputs.password_len);
mbedtls_free(operation->data.inputs.password);
}
memset(&operation->data.inputs, 0, sizeof(psa_crypto_driver_pake_inputs_t));
return PSA_SUCCESS;
}

9
library/psa_crypto_pake.c
View File

@ -230,8 +230,14 @@ psa_status_t mbedtls_psa_pake_setup(mbedtls_psa_pake_operation_t *operation,
mbedtls_ecjpake_init(&operation->ctx.pake);
operation->password = mbedtls_calloc(1, password_len);
if (operation->password == NULL) {
status = PSA_ERROR_INSUFFICIENT_MEMORY;
goto error;
}
memcpy(operation->password, password, password_len);
operation->password_len = password_len;
operation->password = password;
operation->role = role;
operation->alg = cipher_suite.algorithm;
@ -254,7 +260,6 @@ psa_status_t mbedtls_psa_pake_setup(mbedtls_psa_pake_operation_t *operation,
{ status = PSA_ERROR_NOT_SUPPORTED; }
error:
mbedtls_free(password);
mbedtls_psa_pake_abort(operation);
return status;
}