diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 8874e97a2d..bc56a4fa61 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -508,7 +508,7 @@ struct psa_sign_hash_interruptible_operation_s { psa_driver_sign_hash_interruptible_context_t MBEDTLS_PRIVATE(ctx); - size_t MBEDTLS_PRIVATE(num_ops); + uint32_t MBEDTLS_PRIVATE(num_ops); }; #define PSA_SIGN_HASH_INTERRUPTIBLE_OPERATION_INIT { 0, { 0 }, 0 } @@ -539,7 +539,7 @@ struct psa_verify_hash_interruptible_operation_s { psa_driver_verify_hash_interruptible_context_t MBEDTLS_PRIVATE(ctx); - size_t MBEDTLS_PRIVATE(num_ops); + uint32_t MBEDTLS_PRIVATE(num_ops); }; #define PSA_VERIFY_HASH_INTERRUPTIBLE_OPERATION_INIT { 0, { 0 }, 0 } diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b31d51b4b6..e3be65013b 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3146,13 +3146,13 @@ uint32_t psa_interruptible_get_max_ops(void) uint32_t psa_sign_hash_get_num_ops( const psa_sign_hash_interruptible_operation_t *operation) { - return psa_driver_wrapper_sign_hash_get_num_ops(operation); + return operation->num_ops; } uint32_t psa_verify_hash_get_num_ops( const psa_verify_hash_interruptible_operation_t *operation) { - return psa_driver_wrapper_verify_hash_get_num_ops(operation); + return operation->num_ops; } psa_status_t psa_sign_hash_start( @@ -3192,6 +3192,9 @@ psa_status_t psa_sign_hash_start( .core = slot->attr }; + /* Ensure ops count gets reset, in case of operation re-use. */ + operation->num_ops = 0; + status = psa_driver_wrapper_sign_hash_start(operation, &attributes, slot->key.data, slot->key.bytes, alg, @@ -3238,6 +3241,9 @@ psa_status_t psa_sign_hash_complete( signature_length); exit: + /* Update ops count with work done. */ + operation->num_ops += psa_driver_wrapper_sign_hash_get_num_ops(operation); + if (status != PSA_OPERATION_INCOMPLETE) { /* Fill the unused part of the output buffer (the whole buffer on error, * the trailing part on success) with something that isn't a valid @@ -3308,6 +3314,9 @@ psa_status_t psa_verify_hash_start( .core = slot->attr }; + /* Ensure ops count gets reset, in case of operation re-use. */ + operation->num_ops = 0; + status = psa_driver_wrapper_verify_hash_start(operation, &attributes, slot->key.data, slot->key.bytes, @@ -3340,6 +3349,10 @@ psa_status_t psa_verify_hash_complete( exit: + /* Update ops count with work done. */ + operation->num_ops += psa_driver_wrapper_verify_hash_get_num_ops( + operation); + if (status != PSA_OPERATION_INCOMPLETE) { psa_verify_hash_abort(operation); } diff --git a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja index 6093fdf816..2b2b02571a 100644 --- a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja +++ b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja @@ -448,6 +448,10 @@ uint32_t psa_driver_wrapper_sign_hash_get_num_ops( { switch( operation->id ) { + /* If uninitialised, return 0, as no work can have been done. */ + case 0: + return 0; + case PSA_CRYPTO_MBED_TLS_DRIVER_ID: return( mbedtls_psa_sign_hash_get_num_ops( &operation->ctx.mbedtls_ctx ) @@ -469,6 +473,10 @@ uint32_t psa_driver_wrapper_verify_hash_get_num_ops( { switch( operation->id ) { + /* If uninitialised, return 0, as no work can have been done. */ + case 0: + return 0; + case PSA_CRYPTO_MBED_TLS_DRIVER_ID: return( mbedtls_psa_verify_hash_get_num_ops( &operation->ctx.mbedtls_ctx )