lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-30 22:43:08 +03:00
Code Activity

Make one shot operations thread safe

Browse Source 
These all follow a pattern of locking some key slot,
reading its contents, and then unregistering from reading the slot.
psa_copy_key also writes to another slot,
but calls the functions needed to be threadsafe.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
This commit is contained in:
Ryan Everett
2024-01-31 13:59:57 +00:00
parent fb792cad31
commit a103ec9ad4
1 changed files with 14 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
library/psa_crypto.c
View File

@ -1285,7 +1285,7 @@ psa_status_t psa_get_key_attributes(mbedtls_svc_key_id_t key,
psa_reset_key_attributes(attributes); psa_reset_key_attributes(attributes);
} }
unlock_status = psa_unregister_read(slot); unlock_status = psa_unregister_read_under_mutex(slot);
return (status == PSA_SUCCESS) ? unlock_status : status; return (status == PSA_SUCCESS) ? unlock_status : status;
} }
@ -1381,7 +1381,7 @@ psa_status_t psa_export_key(mbedtls_svc_key_id_t key,
slot->key.data, slot->key.bytes, slot->key.data, slot->key.bytes,
data, data_size, data_length); data, data_size, data_length);
unlock_status = psa_unregister_read(slot); unlock_status = psa_unregister_read_under_mutex(slot);
return (status == PSA_SUCCESS) ? unlock_status : status; return (status == PSA_SUCCESS) ? unlock_status : status;
} }
@ -1495,7 +1495,7 @@ psa_status_t psa_export_public_key(mbedtls_svc_key_id_t key,
data, data_size, data_length); data, data_size, data_length);
exit: exit:
unlock_status = psa_unregister_read(slot); unlock_status = psa_unregister_read_under_mutex(slot);
return (status == PSA_SUCCESS) ? unlock_status : status; return (status == PSA_SUCCESS) ? unlock_status : status;
} }
@ -2167,7 +2167,7 @@ exit:
psa_fail_key_creation(target_slot, driver); psa_fail_key_creation(target_slot, driver);
} }
unlock_status = psa_unregister_read(source_slot); unlock_status = psa_unregister_read_under_mutex(source_slot);
return (status == PSA_SUCCESS) ? unlock_status : status; return (status == PSA_SUCCESS) ? unlock_status : status;
} }
@ -2674,7 +2674,7 @@ exit:
psa_wipe_tag_output_buffer(mac, status, mac_size, *mac_length); psa_wipe_tag_output_buffer(mac, status, mac_size, *mac_length);
unlock_status = psa_unregister_read(slot); unlock_status = psa_unregister_read_under_mutex(slot);
return (status == PSA_SUCCESS) ? unlock_status : status; return (status == PSA_SUCCESS) ? unlock_status : status;
} }
@ -2818,7 +2818,7 @@ exit:
psa_wipe_tag_output_buffer(signature, status, signature_size, psa_wipe_tag_output_buffer(signature, status, signature_size,
*signature_length); *signature_length);
unlock_status = psa_unregister_read(slot); unlock_status = psa_unregister_read_under_mutex(slot);
return (status == PSA_SUCCESS) ? unlock_status : status; return (status == PSA_SUCCESS) ? unlock_status : status;
} }
@ -2866,7 +2866,7 @@ static psa_status_t psa_verify_internal(mbedtls_svc_key_id_t key,
signature, signature_length); signature, signature_length);
} }
unlock_status = psa_unregister_read(slot); unlock_status = psa_unregister_read_under_mutex(slot);
return (status == PSA_SUCCESS) ? unlock_status : status; return (status == PSA_SUCCESS) ? unlock_status : status;
@ -3133,7 +3133,7 @@ psa_status_t psa_asymmetric_encrypt(mbedtls_svc_key_id_t key,
alg, input, input_length, salt, salt_length, alg, input, input_length, salt, salt_length,
output, output_size, output_length); output, output_size, output_length);
exit: exit:
unlock_status = psa_unregister_read(slot); unlock_status = psa_unregister_read_under_mutex(slot);
return (status == PSA_SUCCESS) ? unlock_status : status; return (status == PSA_SUCCESS) ? unlock_status : status;
} }
@ -3185,7 +3185,7 @@ psa_status_t psa_asymmetric_decrypt(mbedtls_svc_key_id_t key,
output, output_size, output_length); output, output_size, output_length);
exit: exit:
unlock_status = psa_unregister_read(slot); unlock_status = psa_unregister_read_under_mutex(slot);
return (status == PSA_SUCCESS) ? unlock_status : status; return (status == PSA_SUCCESS) ? unlock_status : status;
} }
@ -4256,7 +4256,7 @@ psa_status_t psa_cipher_encrypt(mbedtls_svc_key_id_t key,
output_size - default_iv_length, output_length); output_size - default_iv_length, output_length);
exit: exit:
unlock_status = psa_unregister_read(slot); unlock_status = psa_unregister_read_under_mutex(slot);
if (status == PSA_SUCCESS) { if (status == PSA_SUCCESS) {
status = unlock_status; status = unlock_status;
} }
@ -4317,7 +4317,7 @@ psa_status_t psa_cipher_decrypt(mbedtls_svc_key_id_t key,
output, output_size, output_length); output, output_size, output_length);
exit: exit:
unlock_status = psa_unregister_read(slot); unlock_status = psa_unregister_read_under_mutex(slot);
if (status == PSA_SUCCESS) { if (status == PSA_SUCCESS) {
status = unlock_status; status = unlock_status;
} }
@ -4443,7 +4443,7 @@ psa_status_t psa_aead_encrypt(mbedtls_svc_key_id_t key,
} }
exit: exit:
psa_unregister_read(slot); psa_unregister_read_under_mutex(slot);
return status; return status;
} }
@ -4498,7 +4498,7 @@ psa_status_t psa_aead_decrypt(mbedtls_svc_key_id_t key,
} }
exit: exit:
psa_unregister_read(slot); psa_unregister_read_under_mutex(slot);
return status; return status;
} }
@ -7151,7 +7151,7 @@ exit:
*output_length = output_size; *output_length = output_size;
} }
unlock_status = psa_unregister_read(slot); unlock_status = psa_unregister_read_under_mutex(slot);
return (status == PSA_SUCCESS) ? unlock_status : status; return (status == PSA_SUCCESS) ? unlock_status : status;
} }