Detect invalid tag lengths in psa_aead_setup

Read tag lengths from the driver and validate against preset values. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2025-07-28 00:21:48 +03:00 · 2021-12-19 17:00:12 +01:00
parent d2da19b8eb
commit f881601c91
5 changed files with 207 additions and 31 deletions
--- a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja
+++ b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja
@ -1615,6 +1615,22 @@ psa_status_t psa_driver_wrapper_aead_decrypt(
    }
 }

+psa_status_t psa_driver_get_tag_len( psa_aead_operation_t *operation,
+                                     uint8_t *tag_len )
+{
+    if( operation == NULL || tag_len == NULL )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+    *tag_len = operation->ctx.transparent_test_driver_ctx.tag_length;
+    return ( PSA_SUCCESS );
+#endif
+#endif
+    *tag_len = operation->ctx.mbedtls_ctx.tag_length;
+    return ( PSA_SUCCESS );
+}
+
 psa_status_t psa_driver_wrapper_aead_encrypt_setup(
   psa_aead_operation_t *operation,
   const psa_key_attributes_t *attributes,