From f90e3019dd35da3e9979a337d30c7a14d1be6be7 Mon Sep 17 00:00:00 2001 From: Fredrik Strupe Date: Mon, 28 Sep 2020 16:11:33 +0200 Subject: [PATCH 1/3] Use PSA_ERROR_INVALID_ARGUMENT for invalid cipher input sizes ... as opposed to PSA_ERROR_BAD_STATE. The spec on psa_cipher_finish() states that PSA_ERROR_INVALID_ARGUMENT should be returned when: "The total input size passed to this operation is not valid for this particular algorithm. For example, the algorithm is a based on block cipher and requires a whole number of blocks, but the total input size is not a multiple of the block size." Currently, there is a distinction between encryption and decryption on whether INVALID_ARGUMENT or BAD_STATE is returned, but this is not a part of the spec. This fix ensures that PSA_ERROR_INVALID_ARGUMENT is returned consistently on invalid cipher input sizes. Signed-off-by: Fredrik Strupe --- library/psa_crypto.c | 5 ++--- tests/suites/test_suite_psa_crypto.data | 4 ++-- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 931e2e915..08b89d0c3 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -199,7 +199,7 @@ psa_status_t mbedtls_to_psa_error( int ret ) case MBEDTLS_ERR_CIPHER_INVALID_PADDING: return( PSA_ERROR_INVALID_PADDING ); case MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED: - return( PSA_ERROR_BAD_STATE ); + return( PSA_ERROR_INVALID_ARGUMENT ); case MBEDTLS_ERR_CIPHER_AUTH_FAILED: return( PSA_ERROR_INVALID_SIGNATURE ); case MBEDTLS_ERR_CIPHER_INVALID_CONTEXT: @@ -4473,8 +4473,7 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation, if( operation->ctx.cipher.unprocessed_len != 0 ) { if( operation->alg == PSA_ALG_ECB_NO_PADDING || - ( operation->alg == PSA_ALG_CBC_NO_PADDING && - operation->ctx.cipher.operation == MBEDTLS_ENCRYPT ) ) + operation->alg == PSA_ALG_CBC_NO_PADDING ) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 2c6924a4d..8bdc64f38 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1240,7 +1240,7 @@ cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4 PSA symmetric decrypt: AES-CBC-PKCS#7, input too short (15 bytes) depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_BAD_STATE +cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_INVALID_ARGUMENT PSA symmetric decrypt: AES-CTR, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR @@ -1252,7 +1252,7 @@ cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf71588 PSA symmetric decrypt: AES-CBC-nopad, input too short (5 bytes) depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE +cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT PSA symmetric decrypt: DES-CBC-nopad, 8 bytes, good depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC From 9d3391483cc0cf77017adf6962520b78cb5a3ddc Mon Sep 17 00:00:00 2001 From: Fredrik Strupe Date: Thu, 1 Oct 2020 10:44:46 +0200 Subject: [PATCH 2/3] Add changelog entry Signed-off-by: Fredrik Strupe --- ...a_error_invalid_argument_for_invalid_cipher_input_sizes.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/psa_error_invalid_argument_for_invalid_cipher_input_sizes.txt diff --git a/ChangeLog.d/psa_error_invalid_argument_for_invalid_cipher_input_sizes.txt b/ChangeLog.d/psa_error_invalid_argument_for_invalid_cipher_input_sizes.txt new file mode 100644 index 000000000..9d18e5d11 --- /dev/null +++ b/ChangeLog.d/psa_error_invalid_argument_for_invalid_cipher_input_sizes.txt @@ -0,0 +1,3 @@ +Bugfix + * Consistently return PSA_ERROR_INVALID_ARGUMENT on invalid cipher input + sizes, as opposed to PSA_ERROR_BAD_STATE in some cases. From dd9ec1c57329bfdf84725dd6704cb7e620a86df0 Mon Sep 17 00:00:00 2001 From: Fredrik Strupe Date: Thu, 1 Oct 2020 13:22:57 +0200 Subject: [PATCH 3/3] Update changelog entry to mention PSA API compliance Signed-off-by: Fredrik Strupe --- ...a_error_invalid_argument_for_invalid_cipher_input_sizes.txt | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ChangeLog.d/psa_error_invalid_argument_for_invalid_cipher_input_sizes.txt b/ChangeLog.d/psa_error_invalid_argument_for_invalid_cipher_input_sizes.txt index 9d18e5d11..85c363bef 100644 --- a/ChangeLog.d/psa_error_invalid_argument_for_invalid_cipher_input_sizes.txt +++ b/ChangeLog.d/psa_error_invalid_argument_for_invalid_cipher_input_sizes.txt @@ -1,3 +1,4 @@ Bugfix * Consistently return PSA_ERROR_INVALID_ARGUMENT on invalid cipher input - sizes, as opposed to PSA_ERROR_BAD_STATE in some cases. + sizes (instead of PSA_ERROR_BAD_STATE in some cases) to make the + psa_cipher_* functions compliant with the PSA Crypto API specification.