mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-31 10:20:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix logic issues with state checks

Browse Source 
Also fix missing return values.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
This commit is contained in:
Paul Elliott 2021-04-23 19:02:16 +01:00
parent c4e1dcf006
commit 72c10082dd
1 changed files with 36 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
library/psa_crypto_aead.c
View File

@ -535,7 +535,7 @@ psa_status_t mbedtls_psa_aead_update_ad( psa_aead_operation_t *operation,
* one contigious buffer, so until that is re-done, we have to enforce * one contigious buffer, so until that is re-done, we have to enforce
* this, as we cannot allocate a buffer to collate multiple calls into. * this, as we cannot allocate a buffer to collate multiple calls into.
*/ */
if( input_length != operation->ad_remaining ) if( operation->ad_remaining != 0 )
{ {
return ( PSA_ERROR_INVALID_ARGUMENT ); return ( PSA_ERROR_INVALID_ARGUMENT );
} }
@ -556,7 +556,7 @@ psa_status_t mbedtls_psa_aead_update_ad( psa_aead_operation_t *operation,
{ {
/* CCM requires all additional data to be passed in in one go at the /* CCM requires all additional data to be passed in in one go at the
minute, as we are basically operating in oneshot mode. */ minute, as we are basically operating in oneshot mode. */
if( !operation->lengths_set || operation->ad_started ) if( operation->ad_started )
{ {
return( PSA_ERROR_BAD_STATE ); return( PSA_ERROR_BAD_STATE );
} }
@ -569,6 +569,7 @@ psa_status_t mbedtls_psa_aead_update_ad( psa_aead_operation_t *operation,
{ {
memcpy( operation->ad_buffer, input, input_length ); memcpy( operation->ad_buffer, input, input_length );
operation->ad_length = input_length; operation->ad_length = input_length;
status = PSA_SUCCESS;
} }
else else
{ {
@ -613,10 +614,20 @@ psa_status_t mbedtls_psa_aead_update( psa_aead_operation_t *operation,
size_t update_output_size; size_t update_output_size;
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
update_output_size = PSA_AEAD_UPDATE_OUTPUT_SIZE(operation->key_type, #if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
operation->alg, input_length); if( operation->alg == PSA_ALG_CCM )
{
/* CCM will currently not output anything until finish. */
update_output_size = 0;
}
else
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) */
{
update_output_size = input_length;
}
if(update_output_size > output_size ) if( PSA_AEAD_UPDATE_OUTPUT_SIZE( operation->key_type, operation->alg,
input_length ) > output_size )
{ {
return ( PSA_ERROR_BUFFER_TOO_SMALL ); return ( PSA_ERROR_BUFFER_TOO_SMALL );
} }
@ -651,7 +662,7 @@ psa_status_t mbedtls_psa_aead_update( psa_aead_operation_t *operation,
return( PSA_ERROR_BAD_STATE ); return( PSA_ERROR_BAD_STATE );
} }
if( operation->ad_started ) if( !operation->ad_started )
{ {
return( PSA_ERROR_BAD_STATE ); return( PSA_ERROR_BAD_STATE );
} }
@ -668,7 +679,7 @@ psa_status_t mbedtls_psa_aead_update( psa_aead_operation_t *operation,
{ {
/* CCM dooes not support multipart yet, so all the input has to be /* CCM dooes not support multipart yet, so all the input has to be
passed in in one go. Store the data for the final step.*/ passed in in one go. Store the data for the final step.*/
if( operation->ad_started ) if( operation->body_started )
{ {
return( PSA_ERROR_BAD_STATE ); return( PSA_ERROR_BAD_STATE );
} }
@ -681,6 +692,7 @@ psa_status_t mbedtls_psa_aead_update( psa_aead_operation_t *operation,
{ {
memcpy( operation->data_buffer, input, input_length ); memcpy( operation->data_buffer, input, input_length );
operation->data_length = input_length; operation->data_length = input_length;
status = PSA_SUCCESS;
} }
else else
{ {
@ -739,15 +751,25 @@ static psa_status_t mbedtls_psa_aead_finish_checks( psa_aead_operation_t *operat
return ( PSA_ERROR_BUFFER_TOO_SMALL ); return ( PSA_ERROR_BUFFER_TOO_SMALL );
} }
if( operation->is_encrypt ) #if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
if( operation->alg == PSA_ALG_CCM )
{ {
*finish_output_size = PSA_AEAD_FINISH_OUTPUT_SIZE(operation->key_type, /* CCM will output all data at this step. */
operation->alg); *finish_output_size = operation->data_length;
} }
else else
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
{ {
*finish_output_size = PSA_AEAD_VERIFY_OUTPUT_SIZE(operation->key_type, if( operation->is_encrypt )
operation->alg); {
*finish_output_size = PSA_AEAD_FINISH_OUTPUT_SIZE( operation->key_type,
operation->alg );
}
else
{
*finish_output_size = PSA_AEAD_VERIFY_OUTPUT_SIZE( operation->key_type,
operation->alg );
}
} }
if( output_size < *finish_output_size ) if( output_size < *finish_output_size )
@ -946,6 +968,8 @@ psa_status_t mbedtls_psa_aead_verify( psa_aead_operation_t *operation,
if( status == PSA_SUCCESS ) if( status == PSA_SUCCESS )
{ {
*plaintext_length = finish_output_size;
if( do_tag_check && safer_memcmp(tag, check_tag, tag_length) != 0 ) if( do_tag_check && safer_memcmp(tag, check_tag, tag_length) != 0 )
{ {
status = PSA_ERROR_INVALID_SIGNATURE; status = PSA_ERROR_INVALID_SIGNATURE;