mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-24 15:02:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Return CORRUPTION_DETECTED instead of BAD_SLOT when the slot's state is wrong

Browse Source 
These error codes are only returned if the program has been tampered with,
so they should be CORRUPTION_DETECTED.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
This commit is contained in:
Ryan Everett 2024-01-12 17:45:05 +00:00
parent 4755e6bda4
commit dfe8bf86a8
6 changed files with 17 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
include/psa/crypto.h
View File

@ -415,9 +415,7 @@ void psa_reset_key_attributes(psa_key_attributes_t *attributes);
* \retval #PSA_ERROR_BAD_STATE * \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init(). * The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. Or, * results in this error code.
* this call was operating on a key slot and found the slot in
* an invalid state for the operation.
*/ */
psa_status_t psa_purge_key(mbedtls_svc_key_id_t key); psa_status_t psa_purge_key(mbedtls_svc_key_id_t key);
@ -557,9 +555,7 @@ psa_status_t psa_copy_key(mbedtls_svc_key_id_t source_key,
* \retval #PSA_ERROR_BAD_STATE * \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init(). * The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. Or, * results in this error code.
* this call was operating on a key slot and found the slot in
* an invalid state for the operation.
*/ */
psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key); psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key);

4
include/psa/crypto_compat.h
View File

@ -142,9 +142,7 @@ psa_status_t psa_open_key(mbedtls_svc_key_id_t key,
* \retval #PSA_ERROR_BAD_STATE * \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init(). * The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. Or, * results in this error code.
* this call was operating on a key slot and found the slot in
* an invalid state for the operation.
*/ */
psa_status_t psa_close_key(psa_key_handle_t handle); psa_status_t psa_close_key(psa_key_handle_t handle);

1
library/psa_crypto.c
View File

@ -1718,7 +1718,6 @@ static psa_status_t psa_start_key_creation(
* \retval #PSA_ERROR_DATA_INVALID \emptydescription * \retval #PSA_ERROR_DATA_INVALID \emptydescription
* \retval #PSA_ERROR_DATA_CORRUPT \emptydescription * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription
* \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
* \retval #PSA_ERROR_BAD_STATE \emptydescription
* *
* \return If this function fails, the key slot is an invalid state. * \return If this function fails, the key slot is an invalid state.
* You must call psa_fail_key_creation() to wipe and free the slot. * You must call psa_fail_key_creation() to wipe and free the slot.

2
library/psa_crypto_core.h
View File

@ -56,7 +56,7 @@ typedef struct {
* The state variable is used to help determine whether library functions * The state variable is used to help determine whether library functions
* which operate on the slot succeed. For example, psa_finish_key_creation, * which operate on the slot succeed. For example, psa_finish_key_creation,
* which transfers the state of a slot from PSA_SLOT_FILLING to * which transfers the state of a slot from PSA_SLOT_FILLING to
* PSA_SLOT_FULL, must fail with error code PSA_ERROR_BAD_STATE * PSA_SLOT_FULL, must fail with error code PSA_ERROR_CORRUPTION_DETECTED
* if the state of the slot is not PSA_SLOT_FILLING. * if the state of the slot is not PSA_SLOT_FILLING.
* *
* Library functions which traverse the array of key slots only consider * Library functions which traverse the array of key slots only consider

2
library/psa_crypto_slot_management.c
View File

@ -417,7 +417,7 @@ psa_status_t psa_unregister_read(psa_key_slot_t *slot)
} }
if ((slot->state != PSA_SLOT_FULL) && if ((slot->state != PSA_SLOT_FULL) &&
(slot->state != PSA_SLOT_PENDING_DELETION)) { (slot->state != PSA_SLOT_PENDING_DELETION)) {
return PSA_ERROR_BAD_STATE; return PSA_ERROR_CORRUPTION_DETECTED;
} }
/* If we are the last reader and the slot is marked for deletion, /* If we are the last reader and the slot is marked for deletion,

29
library/psa_crypto_slot_management.h
View File

@ -68,9 +68,7 @@ static inline int psa_key_id_is_volatile(psa_key_id_t key_id)
* description of the key identified by \p key. * description of the key identified by \p key.
* The key slot counter has been incremented. * The key slot counter has been incremented.
* \retval #PSA_ERROR_BAD_STATE * \retval #PSA_ERROR_BAD_STATE
* The library has not been initialized. Or, * The library has not been initialized.
* this call was operating on a key slot and found the slot in
* an invalid state for the operation.
* \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_INVALID_HANDLE
* \p key is not a valid key identifier. * \p key is not a valid key identifier.
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
@ -114,7 +112,8 @@ void psa_wipe_all_key_slots(void);
* \retval #PSA_SUCCESS \emptydescription * \retval #PSA_SUCCESS \emptydescription
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* There were no free key slots. * There were no free key slots.
* \retval #PSA_ERROR_BAD_STATE * \retval #PSA_ERROR_BAD_STATE \emptydescription
* \retval #PSA_ERROR_CORRUPTION_DETECTED
* This function attempted to operate on a key slot which was in an * This function attempted to operate on a key slot which was in an
* unexpected state. * unexpected state.
*/ */
@ -133,7 +132,7 @@ psa_status_t psa_reserve_free_key_slot(psa_key_id_t *volatile_key_id,
* *
* \retval #PSA_SUCCESS * \retval #PSA_SUCCESS
The key slot's state variable is new_state. The key slot's state variable is new_state.
* \retval #PSA_ERROR_BAD_STATE * \retval #PSA_ERROR_CORRUPTION_DETECTED
* The slot's state was not expected_state. * The slot's state was not expected_state.
*/ */
static inline psa_status_t psa_key_slot_state_transition( static inline psa_status_t psa_key_slot_state_transition(
@ -141,7 +140,7 @@ static inline psa_status_t psa_key_slot_state_transition(
psa_key_slot_state_t new_state) psa_key_slot_state_t new_state)
{ {
if (slot->state != expected_state) { if (slot->state != expected_state) {
return PSA_ERROR_BAD_STATE; return PSA_ERROR_CORRUPTION_DETECTED;
} }
slot->state = new_state; slot->state = new_state;
return PSA_SUCCESS; return PSA_SUCCESS;
@ -157,16 +156,12 @@ static inline psa_status_t psa_key_slot_state_transition(
The key slot registered reader counter was incremented. The key slot registered reader counter was incremented.
* \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_CORRUPTION_DETECTED
* The reader counter already reached its maximum value and was not * The reader counter already reached its maximum value and was not
* increased. * increased, or the slot's state was not PSA_SLOT_FULL.
* \retval #PSA_ERROR_BAD_STATE
* The slot's state was not PSA_SLOT_FULL.
*/ */
static inline psa_status_t psa_register_read(psa_key_slot_t *slot) static inline psa_status_t psa_register_read(psa_key_slot_t *slot)
{ {
if (slot->state != PSA_SLOT_FULL) { if ((slot->state != PSA_SLOT_FULL) ||
return PSA_ERROR_BAD_STATE; (slot->registered_readers >= SIZE_MAX)) {
}
if (slot->registered_readers >= SIZE_MAX) {
return PSA_ERROR_CORRUPTION_DETECTED; return PSA_ERROR_CORRUPTION_DETECTED;
} }
slot->registered_readers++; slot->registered_readers++;
@ -190,11 +185,11 @@ static inline psa_status_t psa_register_read(psa_key_slot_t *slot)
* \p slot is NULL or the key slot reader counter has been * \p slot is NULL or the key slot reader counter has been
* decremented (and potentially wiped) successfully. * decremented (and potentially wiped) successfully.
* \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_CORRUPTION_DETECTED
* registered_readers was equal to 0.
* \retval #PSA_ERROR_BAD_STATE
* The slot's state was neither PSA_SLOT_FULL nor * The slot's state was neither PSA_SLOT_FULL nor
* PSA_SLOT_PENDING_DELETION, or a wipe was attempted and * PSA_SLOT_PENDING_DELETION.
* the slot's state was not PSA_SLOT_PENDING_DELETION. * Or a wipe was attempted and the slot's state was not
* PSA_SLOT_PENDING_DELETION.
* Or registered_readers was equal to 0.
*/ */
psa_status_t psa_unregister_read(psa_key_slot_t *slot); psa_status_t psa_unregister_read(psa_key_slot_t *slot);