| Brad Bishop | bec4ebc | 2022-08-03 09:55:16 -0400 | [diff] [blame] | 1 | From 43388a8e071980d9146f935f486a859d0a04322b Mon Sep 17 00:00:00 2001 |
| 2 | From: Julian Hall <julian.hall@arm.com> |
| 3 | Date: Tue, 15 Feb 2022 15:46:58 +0000 |
| 4 | Subject: [PATCH] Add IV generation to one-shot cipher operation |
| 5 | |
| 6 | The functions psa_cipher_encrypt and psa_cipher_decrypt are |
| 7 | one-shot operations that can take an arbitrary sized input. |
| 8 | These operations are implemented as client-side functions |
| 9 | that use multi-part cipher operations to allow large inputs |
| 10 | to be handled. The existing implementations were missing the |
| 11 | generation and setting of the IV at the start of the data. |
| 12 | This was leading to PSA Arch test failures (248 & 249). This |
| 13 | commit adds the missing IV handling and resolves the test |
| 14 | failures. |
| 15 | |
| 16 | Signed-off-by: Julian Hall <julian.hall@arm.com> |
| 17 | Change-Id: I4afb555ee7062ebb387e5bb27fb1e082288ad8c7 |
| 18 | |
| 19 | Upstream-Status: Pending [Not submitted to upstream yet] |
| 20 | Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com> |
| 21 | |
| 22 | |
| 23 | --- |
| 24 | .../service/crypto/client/psa/psa_cipher.c | 40 +++++++++++++++---- |
| 25 | 1 file changed, 33 insertions(+), 7 deletions(-) |
| 26 | |
| 27 | diff --git a/components/service/crypto/client/psa/psa_cipher.c b/components/service/crypto/client/psa/psa_cipher.c |
| 28 | index 3ab8ea21..111af829 100644 |
| 29 | --- a/components/service/crypto/client/psa/psa_cipher.c |
| 30 | +++ b/components/service/crypto/client/psa/psa_cipher.c |
| 31 | @@ -8,7 +8,6 @@ |
| 32 | #include "psa_crypto_client.h" |
| 33 | #include "crypto_caller_selector.h" |
| 34 | |
| 35 | - |
| 36 | psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, |
| 37 | psa_key_id_t key, |
| 38 | psa_algorithm_t alg) |
| 39 | @@ -171,9 +170,16 @@ psa_status_t psa_cipher_encrypt(psa_key_id_t key, |
| 40 | |
| 41 | if (psa_status == PSA_SUCCESS) { |
| 42 | |
| 43 | + size_t ciphertext_len = 0; |
| 44 | + size_t iv_len = 0; |
| 45 | + |
| 46 | + psa_cipher_generate_iv(&operation, output, output_size, &iv_len); |
| 47 | + |
| 48 | psa_status = multi_cipher_update(&operation, |
| 49 | input, input_length, |
| 50 | - output, output_size, output_length); |
| 51 | + &output[iv_len], output_size - iv_len, &ciphertext_len); |
| 52 | + |
| 53 | + *output_length = iv_len + ciphertext_len; |
| 54 | } |
| 55 | |
| 56 | return psa_status; |
| 57 | @@ -187,14 +193,34 @@ psa_status_t psa_cipher_decrypt(psa_key_id_t key, |
| 58 | size_t output_size, |
| 59 | size_t *output_length) |
| 60 | { |
| 61 | - psa_cipher_operation_t operation = psa_cipher_operation_init(); |
| 62 | - psa_status_t psa_status = psa_cipher_decrypt_setup(&operation, key, alg); |
| 63 | + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; |
| 64 | + psa_status_t psa_status = psa_get_key_attributes(key, &attributes); |
| 65 | |
| 66 | if (psa_status == PSA_SUCCESS) { |
| 67 | |
| 68 | - psa_status = multi_cipher_update(&operation, |
| 69 | - input, input_length, |
| 70 | - output, output_size, output_length); |
| 71 | + psa_cipher_operation_t operation = psa_cipher_operation_init(); |
| 72 | + psa_status = psa_cipher_decrypt_setup(&operation, key, alg); |
| 73 | + |
| 74 | + if (psa_status == PSA_SUCCESS) { |
| 75 | + |
| 76 | + size_t iv_len = PSA_CIPHER_IV_LENGTH(psa_get_key_type(&attributes), alg); |
| 77 | + |
| 78 | + if (input_length >= iv_len) { |
| 79 | + |
| 80 | + psa_cipher_set_iv(&operation, input, iv_len); |
| 81 | + |
| 82 | + psa_status = multi_cipher_update(&operation, |
| 83 | + &input[iv_len], input_length - iv_len, |
| 84 | + output, output_size, output_length); |
| 85 | + } |
| 86 | + else { |
| 87 | + |
| 88 | + psa_cipher_abort(&operation); |
| 89 | + psa_status = PSA_ERROR_INVALID_ARGUMENT; |
| 90 | + } |
| 91 | + } |
| 92 | + |
| 93 | + psa_reset_key_attributes(&attributes); |
| 94 | } |
| 95 | |
| 96 | return psa_status; |