lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-30 22:43:08 +03:00
Code Activity

Merge pull request #1133 from davidhorstmann-arm/copying-aead-2.28

Browse Source 
[Backport 2.28] Copy buffers in AEAD
This commit is contained in:
David Horstmann
2024-02-20 16:07:36 +00:00
committed by GitHub
parent a9cc4cd1cb 90b94ff85f
commit 0ce9589e36
4 changed files with 76 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
library/gcm.c
View File

@ -241,7 +241,7 @@ int mbedtls_gcm_starts(mbedtls_gcm_context *ctx,
uint64_t iv_bits;
GCM_VALIDATE_RET(ctx != NULL);
GCM_VALIDATE_RET(iv != NULL);
GCM_VALIDATE_RET(iv_len == 0 || iv != NULL);
GCM_VALIDATE_RET(add_len == 0 || add != NULL);
/* IV and AD are limited to 2^64 bits, so 2^61 bytes */
@ -433,7 +433,7 @@ int mbedtls_gcm_crypt_and_tag(mbedtls_gcm_context *ctx,
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
GCM_VALIDATE_RET(ctx != NULL);
GCM_VALIDATE_RET(iv != NULL);
GCM_VALIDATE_RET(iv_len == 0 || iv != NULL);
GCM_VALIDATE_RET(add_len == 0 || add != NULL);
GCM_VALIDATE_RET(length == 0 || input != NULL);
GCM_VALIDATE_RET(length == 0 || output != NULL);
@ -470,7 +470,7 @@ int mbedtls_gcm_auth_decrypt(mbedtls_gcm_context *ctx,
int diff;
GCM_VALIDATE_RET(ctx != NULL);
GCM_VALIDATE_RET(iv != NULL);
GCM_VALIDATE_RET(iv_len == 0 || iv != NULL);
GCM_VALIDATE_RET(add_len == 0 || add != NULL);
GCM_VALIDATE_RET(tag != NULL);
GCM_VALIDATE_RET(length == 0 || input != NULL);

55
library/psa_crypto.c
View File

@ -3931,19 +3931,24 @@ exit:
psa_status_t psa_aead_encrypt(mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
const uint8_t *nonce,
const uint8_t *nonce_external,
size_t nonce_length,
const uint8_t *additional_data,
const uint8_t *additional_data_external,
size_t additional_data_length,
const uint8_t *plaintext,
const uint8_t *plaintext_external,
size_t plaintext_length,
uint8_t *ciphertext,
uint8_t *ciphertext_external,
size_t ciphertext_size,
size_t *ciphertext_length)
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot;
LOCAL_INPUT_DECLARE(nonce_external, nonce);
LOCAL_INPUT_DECLARE(additional_data_external, additional_data);
LOCAL_INPUT_DECLARE(plaintext_external, plaintext);
LOCAL_OUTPUT_DECLARE(ciphertext_external, ciphertext);
*ciphertext_length = 0;
if (!PSA_ALG_IS_AEAD(alg) || PSA_ALG_IS_WILDCARD(alg)) {
@ -3960,6 +3965,11 @@ psa_status_t psa_aead_encrypt(mbedtls_svc_key_id_t key,
.core = slot->attr
};
LOCAL_INPUT_ALLOC(nonce_external, nonce_length, nonce);
LOCAL_INPUT_ALLOC(additional_data_external, additional_data_length, additional_data);
LOCAL_INPUT_ALLOC(plaintext_external, plaintext_length, plaintext);
LOCAL_OUTPUT_ALLOC(ciphertext_external, ciphertext_size, ciphertext);
status = psa_driver_wrapper_aead_encrypt(
&attributes, slot->key.data, slot->key.bytes,
alg,
@ -3972,6 +3982,15 @@ psa_status_t psa_aead_encrypt(mbedtls_svc_key_id_t key,
memset(ciphertext, 0, ciphertext_size);
}
/* Exit label is only used for buffer copying, prevent unused warnings. */
#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
exit:
#endif
LOCAL_INPUT_FREE(nonce_external, nonce);
LOCAL_INPUT_FREE(additional_data_external, additional_data);
LOCAL_INPUT_FREE(plaintext_external, plaintext);
LOCAL_OUTPUT_FREE(ciphertext_external, ciphertext);
psa_unlock_key_slot(slot);
return status;
@ -3979,19 +3998,24 @@ psa_status_t psa_aead_encrypt(mbedtls_svc_key_id_t key,
psa_status_t psa_aead_decrypt(mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
const uint8_t *nonce,
const uint8_t *nonce_external,
size_t nonce_length,
const uint8_t *additional_data,
const uint8_t *additional_data_external,
size_t additional_data_length,
const uint8_t *ciphertext,
const uint8_t *ciphertext_external,
size_t ciphertext_length,
uint8_t *plaintext,
uint8_t *plaintext_external,
size_t plaintext_size,
size_t *plaintext_length)
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot;
LOCAL_INPUT_DECLARE(nonce_external, nonce);
LOCAL_INPUT_DECLARE(additional_data_external, additional_data);
LOCAL_INPUT_DECLARE(ciphertext_external, ciphertext);
LOCAL_OUTPUT_DECLARE(plaintext_external, plaintext);
*plaintext_length = 0;
if (!PSA_ALG_IS_AEAD(alg) || PSA_ALG_IS_WILDCARD(alg)) {
@ -4008,6 +4032,12 @@ psa_status_t psa_aead_decrypt(mbedtls_svc_key_id_t key,
.core = slot->attr
};
LOCAL_INPUT_ALLOC(nonce_external, nonce_length, nonce);
LOCAL_INPUT_ALLOC(additional_data_external, additional_data_length,
additional_data);
LOCAL_INPUT_ALLOC(ciphertext_external, ciphertext_length, ciphertext);
LOCAL_OUTPUT_ALLOC(plaintext_external, plaintext_size, plaintext);
status = psa_driver_wrapper_aead_decrypt(
&attributes, slot->key.data, slot->key.bytes,
alg,
@ -4020,6 +4050,15 @@ psa_status_t psa_aead_decrypt(mbedtls_svc_key_id_t key,
memset(plaintext, 0, plaintext_size);
}
/* Exit label is only used for buffer copying, prevent unused warnings. */
#if defined(MBEDTLS_PSA_COPY_CALLER_BUFFERS)
exit:
#endif
LOCAL_INPUT_FREE(nonce_external, nonce);
LOCAL_INPUT_FREE(additional_data_external, additional_data);
LOCAL_INPUT_FREE(ciphertext_external, ciphertext);
LOCAL_OUTPUT_FREE(plaintext_external, plaintext);
psa_unlock_key_slot(slot);
return status;