meta-arm/meta-arm-bsp/recipes-security/trusted-services/secure-partitions/corstone1000/0040-Fix-multi-part-termination-on-error.patch

From 07277e2ab4b54e5844c28f0cb33e64a91aa5f492 Mon Sep 17 00:00:00 2001
From: Julian Hall <julian.hall@arm.com>
Date: Wed, 16 Feb 2022 10:37:04 +0000
Subject: [PATCH] Fix multi-part termination on error

For multi-part operations, the PSA Crypto API specifies that if
the final operation does not return PSA_SUCCESS, the abort
operaion must be called by a client to clean-up the operation.
This change modifies behaviour in-line with the API definition.

Signed-off-by: Julian Hall <julian.hall@arm.com>
Change-Id: Ia3d3ec004164647a7ab5988cac45c39c22e76e9a

Upstream-Status: Pending [Not submitted to upstream yet]
Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>


---
 components/service/crypto/client/psa/psa_aead.c       |  8 ++++++++
 components/service/crypto/client/psa/psa_cipher.c     |  4 ++++
 components/service/crypto/client/psa/psa_hash.c       | 10 ++++++++++
 components/service/crypto/client/psa/psa_mac.c        | 10 ++++++++++
 .../crypto/provider/extension/aead/aead_provider.c    | 10 +++++-----
 .../provider/extension/cipher/cipher_provider.c       |  6 +++---
 .../crypto/provider/extension/hash/hash_provider.c    |  6 +++---
 .../crypto/provider/extension/mac/mac_provider.c      | 11 +++++++----
 8 files changed, 50 insertions(+), 15 deletions(-)

diff --git a/components/service/crypto/client/psa/psa_aead.c b/components/service/crypto/client/psa/psa_aead.c
index e4579e63..559eb6a3 100644
--- a/components/service/crypto/client/psa/psa_aead.c
+++ b/components/service/crypto/client/psa/psa_aead.c
@@ -241,6 +241,10 @@ psa_status_t psa_aead_encrypt(psa_key_id_t key,
 
 			*aeadtext_length = bytes_output + remaining_aead_len + tag_len;
 		}
+		else {
+
+			psa_aead_abort(&operation);
+		}
 	}
 	else {
 
@@ -292,6 +296,10 @@ psa_status_t psa_aead_decrypt(psa_key_id_t key,
 
 			*plaintext_length = bytes_output + remaining_plaintext_len;
 		}
+		else {
+
+			psa_aead_abort(&operation);
+		}
 	}
 	else {
 
diff --git a/components/service/crypto/client/psa/psa_cipher.c b/components/service/crypto/client/psa/psa_cipher.c
index 111af829..4e4264b6 100644
--- a/components/service/crypto/client/psa/psa_cipher.c
+++ b/components/service/crypto/client/psa/psa_cipher.c
@@ -146,6 +146,10 @@ static psa_status_t multi_cipher_update(psa_cipher_operation_t *operation,
 
 				*output_length = bytes_output + finish_output_len;
 			}
+			else {
+
+				psa_cipher_abort(operation);
+			}
 		}
 		else {
 
diff --git a/components/service/crypto/client/psa/psa_hash.c b/components/service/crypto/client/psa/psa_hash.c
index 83278de6..e5dd0030 100644
--- a/components/service/crypto/client/psa/psa_hash.c
+++ b/components/service/crypto/client/psa/psa_hash.c
@@ -137,6 +137,11 @@ psa_status_t psa_hash_compare(psa_algorithm_t alg,
 	if (psa_status == PSA_SUCCESS) {
 
 		psa_status = psa_hash_verify(&operation, hash, hash_length);
+
+		if (psa_status != PSA_SUCCESS) {
+
+			psa_hash_abort(&operation);
+		}
 	}
 
 	return psa_status;
@@ -155,6 +160,11 @@ psa_status_t psa_hash_compute(psa_algorithm_t alg,
 	if (psa_status == PSA_SUCCESS) {
 
 		psa_status = psa_hash_finish(&operation, hash, hash_size, hash_length);
+
+		if (psa_status != PSA_SUCCESS) {
+
+			psa_hash_abort(&operation);
+		}
 	}
 
 	return psa_status;
diff --git a/components/service/crypto/client/psa/psa_mac.c b/components/service/crypto/client/psa/psa_mac.c
index 5c5eb32a..a3db8644 100644
--- a/components/service/crypto/client/psa/psa_mac.c
+++ b/components/service/crypto/client/psa/psa_mac.c
@@ -129,6 +129,11 @@ psa_status_t psa_mac_verify(psa_key_id_t key,
 	if (psa_status == PSA_SUCCESS) {
 
 		psa_status = psa_mac_verify_finish(&operation, mac, mac_length);
+
+		if (psa_status != PSA_SUCCESS) {
+
+			psa_mac_abort(&operation);
+		}
 	}
 
 	return psa_status;
@@ -153,6 +158,11 @@ psa_status_t psa_mac_compute(psa_key_id_t key,
 	if (psa_status == PSA_SUCCESS) {
 
 		psa_status = psa_mac_sign_finish(&operation, mac, mac_size, mac_length);
+
+		if (psa_status != PSA_SUCCESS) {
+
+			psa_mac_abort(&operation);
+		}
 	}
 
 	return psa_status;
diff --git a/components/service/crypto/provider/extension/aead/aead_provider.c b/components/service/crypto/provider/extension/aead/aead_provider.c
index f4e81a03..14a25436 100644
--- a/components/service/crypto/provider/extension/aead/aead_provider.c
+++ b/components/service/crypto/provider/extension/aead/aead_provider.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -369,9 +369,9 @@ static rpc_status_t aead_finish_handler(void *context, struct call_req *req)
 				rpc_status = serializer->serialize_aead_finish_resp(resp_buf,
 					ciphertext, ciphertext_len,
 					tag, tag_len);
-			}
 
-			crypto_context_pool_free(&this_instance->context_pool, crypto_context);
+				crypto_context_pool_free(&this_instance->context_pool, crypto_context);
+			}
 		}
 
 		call_req_set_opstatus(req, psa_status);
@@ -418,9 +418,9 @@ static rpc_status_t aead_verify_handler(void *context, struct call_req *req)
 				struct call_param_buf *resp_buf = call_req_get_resp_buf(req);
 				rpc_status = serializer->serialize_aead_verify_resp(resp_buf,
 					plaintext, plaintext_len);
-			}
 
-			crypto_context_pool_free(&this_instance->context_pool, crypto_context);
+				crypto_context_pool_free(&this_instance->context_pool, crypto_context);
+			}
 		}
 
 		call_req_set_opstatus(req, psa_status);
diff --git a/components/service/crypto/provider/extension/cipher/cipher_provider.c b/components/service/crypto/provider/extension/cipher/cipher_provider.c
index 8e7a86de..a5dd0371 100644
--- a/components/service/crypto/provider/extension/cipher/cipher_provider.c
+++ b/components/service/crypto/provider/extension/cipher/cipher_provider.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -283,9 +283,9 @@ static rpc_status_t cipher_finish_handler(void *context, struct call_req* req)
 
 				struct call_param_buf *resp_buf = call_req_get_resp_buf(req);
 				rpc_status = serializer->serialize_cipher_finish_resp(resp_buf, output, output_len);
-			}
 
-			crypto_context_pool_free(&this_instance->context_pool, crypto_context);
+				crypto_context_pool_free(&this_instance->context_pool, crypto_context);
+			}
 		}
 
 		call_req_set_opstatus(req, psa_status);
diff --git a/components/service/crypto/provider/extension/hash/hash_provider.c b/components/service/crypto/provider/extension/hash/hash_provider.c
index 2c560513..fd39d440 100644
--- a/components/service/crypto/provider/extension/hash/hash_provider.c
+++ b/components/service/crypto/provider/extension/hash/hash_provider.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -179,9 +179,9 @@ static rpc_status_t hash_finish_handler(void *context, struct call_req* req)
 
 				struct call_param_buf *resp_buf = call_req_get_resp_buf(req);
 				rpc_status = serializer->serialize_hash_finish_resp(resp_buf, hash, hash_len);
-			}
 
-			crypto_context_pool_free(&this_instance->context_pool, crypto_context);
+				crypto_context_pool_free(&this_instance->context_pool, crypto_context);
+			}
 		}
 
 		call_req_set_opstatus(req, psa_status);
diff --git a/components/service/crypto/provider/extension/mac/mac_provider.c b/components/service/crypto/provider/extension/mac/mac_provider.c
index 96fe4cf3..eef55586 100644
--- a/components/service/crypto/provider/extension/mac/mac_provider.c
+++ b/components/service/crypto/provider/extension/mac/mac_provider.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -181,9 +181,9 @@ static rpc_status_t mac_sign_finish_handler(void *context, struct call_req* req)
 
 				struct call_param_buf *resp_buf = call_req_get_resp_buf(req);
 				rpc_status = serializer->serialize_mac_sign_finish_resp(resp_buf, mac, mac_len);
-			}
 
-			crypto_context_pool_free(&this_instance->context_pool, crypto_context);
+				crypto_context_pool_free(&this_instance->context_pool, crypto_context);
+			}
 		}
 
 		call_req_set_opstatus(req, psa_status);
@@ -220,7 +220,10 @@ static rpc_status_t mac_verify_finish_handler(void *context, struct call_req* re
 
 			psa_status = psa_mac_verify_finish(&crypto_context->op.mac, mac, mac_len);
 
-			crypto_context_pool_free(&this_instance->context_pool, crypto_context);
+			if (psa_status == PSA_SUCCESS) {
+
+				crypto_context_pool_free(&this_instance->context_pool, crypto_context);
+			}
 		}
 
 		call_req_set_opstatus(req, psa_status);