From 73d8591f7f4b5b963ae645fbd307f41127028dc4 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 28 Sep 2023 17:00:50 +0100 Subject: [PATCH 1/7] Fix IAR change of sign warning Signed-off-by: Dave Rodgman --- library/bignum.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/bignum.c b/library/bignum.c index 61353ca53d..bb2d44a8af 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -386,7 +386,7 @@ static inline mbedtls_mpi_uint mpi_sint_abs(mbedtls_mpi_sint z) /* Convert x to a sign, i.e. to 1, if x is positive, or -1, if x is negative. * This looks awkward but generates smaller code than (x < 0 ? -1 : 1) */ -#define TO_SIGN(x) ((((mbedtls_mpi_uint) x) >> (biL - 1)) * -2 + 1) +#define TO_SIGN(x) ((mbedtls_mpi_sint) (((mbedtls_mpi_uint) x) >> (biL - 1)) * -2 + 1) /* * Set value from integer From 7e9af05409e1e53ed1dd8d3697487bb7b08e3334 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 28 Sep 2023 17:08:16 +0100 Subject: [PATCH 2/7] Fix IAR control bypasses initialisation warning Signed-off-by: Dave Rodgman --- library/bignum.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index bb2d44a8af..70e751b534 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -131,15 +131,17 @@ int mbedtls_mpi_safe_cond_assign(mbedtls_mpi *X, MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, Y->n)); - mbedtls_ct_condition_t do_assign = mbedtls_ct_bool(assign); + { + mbedtls_ct_condition_t do_assign = mbedtls_ct_bool(assign); - X->s = (int) mbedtls_ct_uint_if(do_assign, Y->s, X->s); + X->s = (int) mbedtls_ct_uint_if(do_assign, Y->s, X->s); - mbedtls_mpi_core_cond_assign(X->p, Y->p, Y->n, do_assign); + mbedtls_mpi_core_cond_assign(X->p, Y->p, Y->n, do_assign); - mbedtls_ct_condition_t do_not_assign = mbedtls_ct_bool_not(do_assign); - for (size_t i = Y->n; i < X->n; i++) { - X->p[i] = mbedtls_ct_mpi_uint_if_else_0(do_not_assign, X->p[i]); + mbedtls_ct_condition_t do_not_assign = mbedtls_ct_bool_not(do_assign); + for (size_t i = Y->n; i < X->n; i++) { + X->p[i] = mbedtls_ct_mpi_uint_if_else_0(do_not_assign, X->p[i]); + } } cleanup: From 02a53d7bef411ef26cf00efacb6b08d9ead3f1c2 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 28 Sep 2023 17:17:07 +0100 Subject: [PATCH 3/7] Fix IAR pointless integer comparison Signed-off-by: Dave Rodgman --- library/pk.c | 2 ++ library/pk_wrap.c | 6 ++++++ library/psa_crypto_rsa.c | 2 ++ 3 files changed, 10 insertions(+) diff --git a/library/pk.c b/library/pk.c index 03c1e353bd..96b8ef9220 100644 --- a/library/pk.c +++ b/library/pk.c @@ -514,9 +514,11 @@ int mbedtls_pk_verify_ext(mbedtls_pk_type_t type, const void *options, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_pk_rsassa_pss_options *pss_opts; +#if SIZE_MAX > UINT_MAX if (md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } +#endif if (options == NULL) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; diff --git a/library/pk_wrap.c b/library/pk_wrap.c index e67138b26e..4a3fef7cec 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -262,9 +262,11 @@ static int rsa_verify_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) pk->pk_ctx; size_t rsa_len = mbedtls_rsa_get_len(rsa); +#if SIZE_MAX > UINT_MAX if (md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } +#endif if (sig_len < rsa_len) { return MBEDTLS_ERR_RSA_VERIFY_FAILED; @@ -382,9 +384,11 @@ static int rsa_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, { mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) pk->pk_ctx; +#if SIZE_MAX > UINT_MAX if (md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } +#endif *sig_len = mbedtls_rsa_get_len(rsa); if (sig_size < *sig_len) { @@ -1565,9 +1569,11 @@ static int rsa_alt_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, { mbedtls_rsa_alt_context *rsa_alt = pk->pk_ctx; +#if SIZE_MAX > UINT_MAX if (UINT_MAX < hash_len) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } +#endif *sig_len = rsa_alt->key_len_func(rsa_alt->key); if (*sig_len > MBEDTLS_PK_SIGNATURE_MAX_SIZE) { diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index 508a68b032..065e55af18 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -328,9 +328,11 @@ static psa_status_t psa_rsa_decode_md_type(psa_algorithm_t alg, /* The Mbed TLS RSA module uses an unsigned int for hash length * parameters. Validate that it fits so that we don't risk an * overflow later. */ +#if SIZE_MAX > UINT_MAX if (hash_length > UINT_MAX) { return PSA_ERROR_INVALID_ARGUMENT; } +#endif /* For signatures using a hash, the hash length must be correct. */ if (alg != PSA_ALG_RSA_PKCS1V15_SIGN_RAW) { From 90330a4a2d0722c52d94b379fbd6423e002199b7 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 28 Sep 2023 17:24:06 +0100 Subject: [PATCH 4/7] Fix IAR control bypasses initialisation warning Signed-off-by: Dave Rodgman --- library/sha256.c | 2 +- library/sha512.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index 5375255a8d..223badf00f 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -681,6 +681,7 @@ int mbedtls_sha256_finish(mbedtls_sha256_context *ctx, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint32_t used; uint32_t high, low; + int truncated = 0; /* * Add padding: 0x80 then 0x00 until 8 bytes remain for the length @@ -728,7 +729,6 @@ int mbedtls_sha256_finish(mbedtls_sha256_context *ctx, MBEDTLS_PUT_UINT32_BE(ctx->state[5], output, 20); MBEDTLS_PUT_UINT32_BE(ctx->state[6], output, 24); - int truncated = 0; #if defined(MBEDTLS_SHA224_C) truncated = ctx->is224; #endif diff --git a/library/sha512.c b/library/sha512.c index a91d7922ac..e739af2546 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -828,6 +828,7 @@ int mbedtls_sha512_finish(mbedtls_sha512_context *ctx, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned used; uint64_t high, low; + int truncated = 0; /* * Add padding: 0x80 then 0x00 until 16 bytes remain for the length @@ -874,7 +875,6 @@ int mbedtls_sha512_finish(mbedtls_sha512_context *ctx, sha512_put_uint64_be(ctx->state[4], output, 32); sha512_put_uint64_be(ctx->state[5], output, 40); - int truncated = 0; #if defined(MBEDTLS_SHA384_C) truncated = ctx->is384; #endif From 932925262067d65802196c69bd81c16fa70a2713 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 28 Sep 2023 17:48:51 +0100 Subject: [PATCH 5/7] Fix IAR statement is unreachable warning Signed-off-by: Dave Rodgman --- .../psa_crypto_driver_wrappers.h.jinja | 52 ++++++++----------- 1 file changed, 22 insertions(+), 30 deletions(-) diff --git a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja index 3d116b396d..e48963cb61 100644 --- a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja +++ b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja @@ -525,7 +525,13 @@ static inline psa_status_t psa_driver_wrapper_sign_hash_start( size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length ) { - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + ( void ) operation; + ( void ) key_buffer; + ( void ) key_buffer_size; + ( void ) alg; + ( void ) hash; + ( void ) hash_length; + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); @@ -558,18 +564,8 @@ static inline psa_status_t psa_driver_wrapper_sign_hash_start( default: /* Key is declared with a lifetime not known to us */ - ( void ) status; return( PSA_ERROR_INVALID_ARGUMENT ); } - - ( void ) operation; - ( void ) key_buffer; - ( void ) key_buffer_size; - ( void ) alg; - ( void ) hash; - ( void ) hash_length; - - return( status ); } static inline psa_status_t psa_driver_wrapper_sign_hash_complete( @@ -625,8 +621,15 @@ static inline psa_status_t psa_driver_wrapper_verify_hash_start( const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length ) { + ( void ) operation; + ( void ) key_buffer; + ( void ) key_buffer_size; + ( void ) alg; + ( void ) hash; + ( void ) hash_length; + ( void ) signature; + ( void ) signature_length; - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); @@ -660,20 +663,8 @@ static inline psa_status_t psa_driver_wrapper_verify_hash_start( default: /* Key is declared with a lifetime not known to us */ - ( void ) status; return( PSA_ERROR_INVALID_ARGUMENT ); } - - ( void ) operation; - ( void ) key_buffer; - ( void ) key_buffer_size; - ( void ) alg; - ( void ) hash; - ( void ) hash_length; - ( void ) signature; - ( void ) signature_length; - - return( status ); } static inline psa_status_t psa_driver_wrapper_verify_hash_complete( @@ -2724,6 +2715,7 @@ static inline psa_status_t psa_driver_wrapper_pake_setup( case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ + status = PSA_ERROR_NOT_SUPPORTED; #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) status = mbedtls_test_transparent_pake_setup( @@ -2741,9 +2733,8 @@ static inline psa_status_t psa_driver_wrapper_pake_setup( inputs ); if( status == PSA_SUCCESS ) operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; - return status; #endif - return( PSA_ERROR_NOT_SUPPORTED ); + return status; /* Add cases for opaque driver here */ default: /* Key is declared with a lifetime not known to us */ @@ -2761,6 +2752,11 @@ static inline psa_status_t psa_driver_wrapper_pake_output( size_t output_size, size_t *output_length ) { + (void) step; + (void) output; + (void) output_size; + (void) output_length; + switch( operation->id ) { #if defined(MBEDTLS_PSA_BUILTIN_PAKE) @@ -2778,10 +2774,6 @@ static inline psa_status_t psa_driver_wrapper_pake_output( #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: - (void) step; - (void) output; - (void) output_size; - (void) output_length; return( PSA_ERROR_INVALID_ARGUMENT ); } } From ed9c22d533d46780b3fabcdafa9d558276701b1f Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 29 Sep 2023 10:32:01 +0100 Subject: [PATCH 6/7] Remove redundant code Signed-off-by: Dave Rodgman --- .../psa_crypto_driver_wrappers.h.jinja | 21 +------------------ 1 file changed, 1 insertion(+), 20 deletions(-) diff --git a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja index e48963cb61..ac98c19fb0 100644 --- a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja +++ b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja @@ -525,15 +525,7 @@ static inline psa_status_t psa_driver_wrapper_sign_hash_start( size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length ) { - ( void ) operation; - ( void ) key_buffer; - ( void ) key_buffer_size; - ( void ) alg; - ( void ) hash; - ( void ) hash_length; - - psa_key_location_t location = - PSA_KEY_LIFETIME_GET_LOCATION( + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); switch( location ) @@ -621,15 +613,6 @@ static inline psa_status_t psa_driver_wrapper_verify_hash_start( const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length ) { - ( void ) operation; - ( void ) key_buffer; - ( void ) key_buffer_size; - ( void ) alg; - ( void ) hash; - ( void ) hash_length; - ( void ) signature; - ( void ) signature_length; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); @@ -2739,8 +2722,6 @@ static inline psa_status_t psa_driver_wrapper_pake_setup( default: /* Key is declared with a lifetime not known to us */ (void)operation; - (void)inputs; - (void)status; return( PSA_ERROR_INVALID_ARGUMENT ); } } From 9ac0e723868ac83680a1f7f24711e254e9bc1451 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 29 Sep 2023 10:39:31 +0100 Subject: [PATCH 7/7] Undo not-needed change Signed-off-by: Dave Rodgman --- .../driver_templates/psa_crypto_driver_wrappers.h.jinja | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja index ac98c19fb0..08d20df67b 100644 --- a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja +++ b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja @@ -2733,11 +2733,6 @@ static inline psa_status_t psa_driver_wrapper_pake_output( size_t output_size, size_t *output_length ) { - (void) step; - (void) output; - (void) output_size; - (void) output_length; - switch( operation->id ) { #if defined(MBEDTLS_PSA_BUILTIN_PAKE) @@ -2755,6 +2750,10 @@ static inline psa_status_t psa_driver_wrapper_pake_output( #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: + (void) step; + (void) output; + (void) output_size; + (void) output_length; return( PSA_ERROR_INVALID_ARGUMENT ); } }