mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-11 13:15:30 +00:00
Forbid keys of size 0
Keys of size 0 generally don't make sense: a key is supposed to be secret. There is one edge case which is "raw data" keys, which are useful to store non-key objects in the same storage location as keys. However those are also problematic because they involve a zero-length buffer. Manipulating zero-length buffers in C requires special cases with functions like malloc() and memcpy(). Additionally, 0 as a key size already has a meaning "unspecified", which does not always overlap seamlessly with the meaning "0". Therefore, forbid keys of size 0. No implementation may accept them.
This commit is contained in:
parent
a170d927dd
commit
05c900b576
|
@ -291,7 +291,8 @@ static void psa_set_key_type(psa_key_attributes_t *attributes,
|
||||||
* \param[out] attributes The attribute structure to write to.
|
* \param[out] attributes The attribute structure to write to.
|
||||||
* \param bits The key size in bits.
|
* \param bits The key size in bits.
|
||||||
* If this is 0, the key size in \p attributes
|
* If this is 0, the key size in \p attributes
|
||||||
* becomes unspecified.
|
* becomes unspecified. Keys of size 0 are
|
||||||
|
* not supported.
|
||||||
*/
|
*/
|
||||||
static void psa_set_key_bits(psa_key_attributes_t *attributes,
|
static void psa_set_key_bits(psa_key_attributes_t *attributes,
|
||||||
size_t bits);
|
size_t bits);
|
||||||
|
@ -468,6 +469,13 @@ psa_status_t psa_close_key(psa_key_handle_t handle);
|
||||||
* and to the documentation of psa_export_key() for the format for
|
* and to the documentation of psa_export_key() for the format for
|
||||||
* other key types.
|
* other key types.
|
||||||
*
|
*
|
||||||
|
* The key data determines the key size. The attributes may optionally
|
||||||
|
* specify a key size; in this case it must match the size determined
|
||||||
|
* from the key data. A key size of 0 in \p attributes indicates that
|
||||||
|
* the key size is solely determined by the key data.
|
||||||
|
*
|
||||||
|
* Implementations must reject an attempt to import a key of size 0.
|
||||||
|
*
|
||||||
* This specification supports a single format for each key type.
|
* This specification supports a single format for each key type.
|
||||||
* Implementations may support other formats as long as the standard
|
* Implementations may support other formats as long as the standard
|
||||||
* format is supported. Implementations that support other formats
|
* format is supported. Implementations that support other formats
|
||||||
|
@ -3092,6 +3100,8 @@ static psa_key_derivation_operation_t psa_key_derivation_operation_init(void);
|
||||||
* - Clean up the key derivation operation object with
|
* - Clean up the key derivation operation object with
|
||||||
* psa_key_derivation_abort().
|
* psa_key_derivation_abort().
|
||||||
*
|
*
|
||||||
|
* Implementations must reject an attempt to derive a key of size 0.
|
||||||
|
*
|
||||||
* \param[in,out] operation The key derivation operation object
|
* \param[in,out] operation The key derivation operation object
|
||||||
* to set up. It must
|
* to set up. It must
|
||||||
* have been initialized but not set up yet.
|
* have been initialized but not set up yet.
|
||||||
|
@ -3622,6 +3632,8 @@ psa_status_t psa_generate_random(uint8_t *output,
|
||||||
* The key is generated randomly.
|
* The key is generated randomly.
|
||||||
* Its location, usage policy, type and size are taken from \p attributes.
|
* Its location, usage policy, type and size are taken from \p attributes.
|
||||||
*
|
*
|
||||||
|
* Implementations must reject an attempt to generate a key of size 0.
|
||||||
|
*
|
||||||
* The following type-specific considerations apply:
|
* The following type-specific considerations apply:
|
||||||
* - For RSA keys (#PSA_KEY_TYPE_RSA_KEY_PAIR),
|
* - For RSA keys (#PSA_KEY_TYPE_RSA_KEY_PAIR),
|
||||||
* the public exponent is 65537.
|
* the public exponent is 65537.
|
||||||
|
|
Loading…
Reference in a new issue