yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-26 05:01:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'psa/pr/67' into feature-psa

Browse source
This commit is contained in:
Gilles Peskine 2018-06-28 18:43:27 +02:00 committed by itayzafrir
parent 4ac56baa3a bbf97e3cf1
commit 0c938be967
1 changed files with 42 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

56
library/psa_crypto.c
View file

@ -1163,7 +1163,8 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
if( cipher_id != NULL ) if( cipher_id != NULL )
*cipher_id = cipher_id_tmp; *cipher_id = cipher_id_tmp;
return( mbedtls_cipher_info_from_values( cipher_id_tmp, key_bits, mode ) ); return( mbedtls_cipher_info_from_values( cipher_id_tmp,
(int) key_bits, mode ) );
} }
static size_t psa_get_hash_block_size( psa_algorithm_t alg ) static size_t psa_get_hash_block_size( psa_algorithm_t alg )
@ -1253,7 +1254,7 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
#if defined(MBEDTLS_MD_C) #if defined(MBEDTLS_MD_C)
if( PSA_ALG_IS_HMAC( operation->alg ) ) if( PSA_ALG_IS_HMAC( operation->alg ) )
{ {
unsigned int block_size = size_t block_size =
psa_get_hash_block_size( PSA_ALG_HMAC_HASH( operation->alg ) ); psa_get_hash_block_size( PSA_ALG_HMAC_HASH( operation->alg ) );
if( block_size == 0 ) if( block_size == 0 )
@ -1660,6 +1661,15 @@ static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa,
if( signature_size < rsa->len ) if( signature_size < rsa->len )
return( PSA_ERROR_BUFFER_TOO_SMALL ); return( PSA_ERROR_BUFFER_TOO_SMALL );
/* The Mbed TLS RSA module uses an unsigned int for hash_length. See if
* hash_length will fit and return an error if it doesn't. */
#if defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21)
#if SIZE_MAX > UINT_MAX
if( hash_length > UINT_MAX )
return( PSA_ERROR_NOT_SUPPORTED );
#endif
#endif
#if defined(MBEDTLS_PKCS1_V15) #if defined(MBEDTLS_PKCS1_V15)
if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
{ {
@ -1669,7 +1679,9 @@ static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa,
mbedtls_ctr_drbg_random, mbedtls_ctr_drbg_random,
&global_data.ctr_drbg, &global_data.ctr_drbg,
MBEDTLS_RSA_PRIVATE, MBEDTLS_RSA_PRIVATE,
md_alg, hash_length, hash, md_alg,
(unsigned int) hash_length,
hash,
signature ); signature );
} }
else else
@ -1682,7 +1694,9 @@ static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa,
mbedtls_ctr_drbg_random, mbedtls_ctr_drbg_random,
&global_data.ctr_drbg, &global_data.ctr_drbg,
MBEDTLS_RSA_PRIVATE, MBEDTLS_RSA_PRIVATE,
md_alg, hash_length, hash, md_alg,
(unsigned int) hash_length,
hash,
signature ); signature );
} }
else else
@ -1714,6 +1728,15 @@ static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa,
if( signature_length < rsa->len ) if( signature_length < rsa->len )
return( PSA_ERROR_BUFFER_TOO_SMALL ); return( PSA_ERROR_BUFFER_TOO_SMALL );
#if defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21)
#if SIZE_MAX > UINT_MAX
/* The Mbed TLS RSA module uses an unsigned int for hash_length. See if
* hash_length will fit and return an error if it doesn't. */
if( hash_length > UINT_MAX )
return( PSA_ERROR_NOT_SUPPORTED );
#endif
#endif
#if defined(MBEDTLS_PKCS1_V15) #if defined(MBEDTLS_PKCS1_V15)
if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
{ {
@ -1724,7 +1747,7 @@ static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa,
&global_data.ctr_drbg, &global_data.ctr_drbg,
MBEDTLS_RSA_PUBLIC, MBEDTLS_RSA_PUBLIC,
md_alg, md_alg,
hash_length, (unsigned int) hash_length,
hash, hash,
signature ); signature );
} }
@ -1738,7 +1761,9 @@ static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa,
mbedtls_ctr_drbg_random, mbedtls_ctr_drbg_random,
&global_data.ctr_drbg, &global_data.ctr_drbg,
MBEDTLS_RSA_PUBLIC, MBEDTLS_RSA_PUBLIC,
md_alg, hash_length, hash, md_alg,
(unsigned int) hash_length,
hash,
signature ); signature );
} }
else else
@ -2188,7 +2213,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
{ {
ret = mbedtls_cipher_setkey( &operation->ctx.cipher, ret = mbedtls_cipher_setkey( &operation->ctx.cipher,
slot->data.raw.data, slot->data.raw.data,
key_bits, cipher_operation ); (int) key_bits, cipher_operation );
} }
if( ret != 0 ) if( ret != 0 )
{ {
@ -2513,7 +2538,7 @@ psa_status_t psa_get_key_lifetime( psa_key_slot_t key,
} }
psa_status_t psa_set_key_lifetime( psa_key_slot_t key, psa_status_t psa_set_key_lifetime( psa_key_slot_t key,
const psa_key_lifetime_t lifetime ) psa_key_lifetime_t lifetime )
{ {
key_slot_t *slot; key_slot_t *slot;
@ -2604,7 +2629,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
mbedtls_gcm_init( &gcm ); mbedtls_gcm_init( &gcm );
ret = mbedtls_gcm_setkey( &gcm, cipher_id, ret = mbedtls_gcm_setkey( &gcm, cipher_id,
slot->data.raw.data, slot->data.raw.data,
key_bits ); (unsigned int) key_bits );
if( ret != 0 ) if( ret != 0 )
{ {
mbedtls_gcm_free( &gcm ); mbedtls_gcm_free( &gcm );
@ -2637,7 +2662,8 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
mbedtls_ccm_init( &ccm ); mbedtls_ccm_init( &ccm );
ret = mbedtls_ccm_setkey( &ccm, cipher_id, ret = mbedtls_ccm_setkey( &ccm, cipher_id,
slot->data.raw.data, key_bits ); slot->data.raw.data,
(unsigned int) key_bits );
if( ret != 0 ) if( ret != 0 )
{ {
mbedtls_ccm_free( &ccm ); mbedtls_ccm_free( &ccm );
@ -2743,7 +2769,8 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
mbedtls_gcm_init( &gcm ); mbedtls_gcm_init( &gcm );
ret = mbedtls_gcm_setkey( &gcm, cipher_id, ret = mbedtls_gcm_setkey( &gcm, cipher_id,
slot->data.raw.data, key_bits ); slot->data.raw.data,
(unsigned int) key_bits );
if( ret != 0 ) if( ret != 0 )
{ {
mbedtls_gcm_free( &gcm ); mbedtls_gcm_free( &gcm );
@ -2775,7 +2802,8 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
mbedtls_ccm_init( &ccm ); mbedtls_ccm_init( &ccm );
ret = mbedtls_ccm_setkey( &ccm, cipher_id, ret = mbedtls_ccm_setkey( &ccm, cipher_id,
slot->data.raw.data, key_bits ); slot->data.raw.data,
(unsigned int) key_bits );
if( ret != 0 ) if( ret != 0 )
{ {
mbedtls_ccm_free( &ccm ); mbedtls_ccm_free( &ccm );
@ -2882,7 +2910,7 @@ psa_status_t psa_generate_key( psa_key_slot_t key,
ret = mbedtls_rsa_gen_key( rsa, ret = mbedtls_rsa_gen_key( rsa,
mbedtls_ctr_drbg_random, mbedtls_ctr_drbg_random,
&global_data.ctr_drbg, &global_data.ctr_drbg,
bits, (unsigned int) bits,
exponent ); exponent );
if( ret != 0 ) if( ret != 0 )
{ {
@ -2941,7 +2969,7 @@ psa_status_t psa_generate_key( psa_key_slot_t key,
void mbedtls_psa_crypto_free( void ) void mbedtls_psa_crypto_free( void )
{ {
size_t key; psa_key_slot_t key;
for( key = 1; key < PSA_KEY_SLOT_COUNT; key++ ) for( key = 1; key < PSA_KEY_SLOT_COUNT; key++ )
psa_destroy_key( key ); psa_destroy_key( key );
mbedtls_ctr_drbg_free( &global_data.ctr_drbg ); mbedtls_ctr_drbg_free( &global_data.ctr_drbg );