From 6f8d43df200c5b09134dedfe3fceafbef3e00fa5 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Tue, 29 Jun 2021 16:39:49 +0200 Subject: [PATCH] Remove invalid buffer overflow check Signed-off-by: gabor-mezei-arm --- library/psa_crypto.c | 14 -------------- library/psa_crypto_cipher.c | 5 ----- library/psa_crypto_cipher.h | 15 +-------------- 3 files changed, 1 insertion(+), 33 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 6e7a7b6ef..1ad109e3c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3511,13 +3511,6 @@ psa_status_t psa_cipher_encrypt( mbedtls_svc_key_id_t key, key_type = slot->attr.type; iv_length = PSA_CIPHER_IV_LENGTH( key_type, alg ); - if( output_size < PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, - input_length ) ) - { - status = PSA_ERROR_BUFFER_TOO_SMALL; - goto exit; - } - if( iv_length > 0 ) { if( output_size < iv_length ) @@ -3575,13 +3568,6 @@ psa_status_t psa_cipher_decrypt( mbedtls_svc_key_id_t key, goto exit; } - if( output_size < PSA_CIPHER_DECRYPT_OUTPUT_SIZE( slot->attr.type, alg, - input_length ) ) - { - status = PSA_ERROR_BUFFER_TOO_SMALL; - goto exit; - } - status = psa_driver_wrapper_cipher_decrypt( &attributes, slot->key.data, slot->key.bytes, alg, input, input_length, diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index b9bceff83..8e6389828 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -535,11 +535,6 @@ static psa_status_t cipher_decrypt( const psa_key_attributes_t *attributes, if( status != PSA_SUCCESS ) goto exit; - if( output_size < accumulated_length ) - { - status = PSA_ERROR_BUFFER_TOO_SMALL; - goto exit; - } status = cipher_finish( &operation, output + accumulated_length, output_size - accumulated_length, &olength ); diff --git a/library/psa_crypto_cipher.h b/library/psa_crypto_cipher.h index 39e5688c8..5971e8d3f 100644 --- a/library/psa_crypto_cipher.h +++ b/library/psa_crypto_cipher.h @@ -223,13 +223,7 @@ psa_status_t mbedtls_psa_cipher_abort( mbedtls_psa_cipher_operation_t *operation * \c key_type is the type of the key identified * by \p key and \p alg is the cipher algorithm * to compute. - * \param[in] output_size Size of the \p output buffer in bytes. The core - * has checked that this size is greater or equal to - * PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input_length ) - * where \c key_type is the type of the key - * identified by \p key, \p alg is the cipher - * algorithm to compute and \p input_length is the - * size of the \p input buffer. + * \param[in] output_size Size of the \p output buffer in bytes. * \param[out] output_length On success, the number of bytes that make up * the returned output. Initialized to zero * by the core. @@ -279,13 +273,6 @@ psa_status_t mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes, * \param[in] input_length Size of the \p input buffer in bytes. * \param[out] output Buffer where the output is to be written. * \param[in] output_size Size of the \p output buffer in bytes. - * The core has checked that this size is - * greater or equal to - * PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_length ) - * where \c key_type is the type of the key - * identified by \p key, \p alg is the cipher - * algorithm to compute and \p input_length is the - * size of the \p input buffer. * \param[out] output_length On success, the number of bytes that make up * the returned output. Initialized to zero * by the core.