psa: aead: Remove key slot from operation context

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2021-03-16 16:36:37 +01:00
parent 7dbd800f42
commit 9f31017956

View File

@ -563,17 +563,6 @@ static psa_status_t validate_unstructured_key_bit_size( psa_key_type_t type,
return( PSA_SUCCESS ); return( PSA_SUCCESS );
} }
/** Return the size of the key in the given slot, in bits.
*
* \param[in] slot A key slot.
*
* \return The key size in bits, read from the metadata in the slot.
*/
static inline size_t psa_get_key_slot_bits( const psa_key_slot_t *slot )
{
return( slot->attr.bits );
}
/** Check whether a given key type is valid for use with a given MAC algorithm /** Check whether a given key type is valid for use with a given MAC algorithm
* *
* Upon successful return of this function, the behavior of #PSA_MAC_LENGTH * Upon successful return of this function, the behavior of #PSA_MAC_LENGTH
@ -3522,7 +3511,6 @@ psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation )
typedef struct typedef struct
{ {
psa_key_slot_t *slot;
const mbedtls_cipher_info_t *cipher_info; const mbedtls_cipher_info_t *cipher_info;
union union
{ {
@ -3542,7 +3530,7 @@ typedef struct
uint8_t tag_length; uint8_t tag_length;
} aead_operation_t; } aead_operation_t;
#define AEAD_OPERATION_INIT {0, 0, {0}, 0, 0, 0} #define AEAD_OPERATION_INIT {0, {0}, 0, 0, 0}
static void psa_aead_abort_internal( aead_operation_t *operation ) static void psa_aead_abort_internal( aead_operation_t *operation )
{ {
@ -3561,17 +3549,20 @@ static void psa_aead_abort_internal( aead_operation_t *operation )
} }
} }
static psa_status_t psa_aead_setup( aead_operation_t *operation, static psa_status_t psa_aead_setup(
aead_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer,
psa_algorithm_t alg ) psa_algorithm_t alg )
{ {
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
size_t key_bits; size_t key_bits;
mbedtls_cipher_id_t cipher_id; mbedtls_cipher_id_t cipher_id;
key_bits = psa_get_key_slot_bits( operation->slot ); key_bits = attributes->core.bits;
operation->cipher_info = operation->cipher_info =
mbedtls_cipher_info_from_psa( alg, operation->slot->attr.type, key_bits, mbedtls_cipher_info_from_psa( alg, attributes->core.type, key_bits,
&cipher_id ); &cipher_id );
if( operation->cipher_info == NULL ) if( operation->cipher_info == NULL )
return( PSA_ERROR_NOT_SUPPORTED ); return( PSA_ERROR_NOT_SUPPORTED );
@ -3585,14 +3576,13 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation,
/* CCM allows the following tag lengths: 4, 6, 8, 10, 12, 14, 16. /* CCM allows the following tag lengths: 4, 6, 8, 10, 12, 14, 16.
* The call to mbedtls_ccm_encrypt_and_tag or * The call to mbedtls_ccm_encrypt_and_tag or
* mbedtls_ccm_auth_decrypt will validate the tag length. */ * mbedtls_ccm_auth_decrypt will validate the tag length. */
if( PSA_BLOCK_CIPHER_BLOCK_LENGTH( operation->slot->attr.type ) != 16 ) if( PSA_BLOCK_CIPHER_BLOCK_LENGTH( attributes->core.type ) != 16 )
return( PSA_ERROR_INVALID_ARGUMENT ); return( PSA_ERROR_INVALID_ARGUMENT );
mbedtls_ccm_init( &operation->ctx.ccm ); mbedtls_ccm_init( &operation->ctx.ccm );
status = mbedtls_to_psa_error( status = mbedtls_to_psa_error(
mbedtls_ccm_setkey( &operation->ctx.ccm, cipher_id, mbedtls_ccm_setkey( &operation->ctx.ccm, cipher_id,
operation->slot->key.data, key_buffer, (unsigned int) key_bits ) );
(unsigned int) key_bits ) );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
return( status ); return( status );
break; break;
@ -3605,14 +3595,13 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation,
/* GCM allows the following tag lengths: 4, 8, 12, 13, 14, 15, 16. /* GCM allows the following tag lengths: 4, 8, 12, 13, 14, 15, 16.
* The call to mbedtls_gcm_crypt_and_tag or * The call to mbedtls_gcm_crypt_and_tag or
* mbedtls_gcm_auth_decrypt will validate the tag length. */ * mbedtls_gcm_auth_decrypt will validate the tag length. */
if( PSA_BLOCK_CIPHER_BLOCK_LENGTH( operation->slot->attr.type ) != 16 ) if( PSA_BLOCK_CIPHER_BLOCK_LENGTH( attributes->core.type ) != 16 )
return( PSA_ERROR_INVALID_ARGUMENT ); return( PSA_ERROR_INVALID_ARGUMENT );
mbedtls_gcm_init( &operation->ctx.gcm ); mbedtls_gcm_init( &operation->ctx.gcm );
status = mbedtls_to_psa_error( status = mbedtls_to_psa_error(
mbedtls_gcm_setkey( &operation->ctx.gcm, cipher_id, mbedtls_gcm_setkey( &operation->ctx.gcm, cipher_id,
operation->slot->key.data, key_buffer, (unsigned int) key_bits ) );
(unsigned int) key_bits ) );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
return( status ); return( status );
break; break;
@ -3629,7 +3618,7 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation,
mbedtls_chachapoly_init( &operation->ctx.chachapoly ); mbedtls_chachapoly_init( &operation->ctx.chachapoly );
status = mbedtls_to_psa_error( status = mbedtls_to_psa_error(
mbedtls_chachapoly_setkey( &operation->ctx.chachapoly, mbedtls_chachapoly_setkey( &operation->ctx.chachapoly,
operation->slot->key.data ) ); key_buffer ) );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
return( status ); return( status );
break; break;
@ -3660,17 +3649,22 @@ psa_status_t psa_aead_encrypt( mbedtls_svc_key_id_t key,
size_t *ciphertext_length ) size_t *ciphertext_length )
{ {
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot;
aead_operation_t operation = AEAD_OPERATION_INIT; aead_operation_t operation = AEAD_OPERATION_INIT;
uint8_t *tag; uint8_t *tag;
*ciphertext_length = 0; *ciphertext_length = 0;
status = psa_get_and_lock_transparent_key_slot_with_policy( status = psa_get_and_lock_transparent_key_slot_with_policy(
key, &operation.slot, PSA_KEY_USAGE_ENCRYPT, alg ); key, &slot, PSA_KEY_USAGE_ENCRYPT, alg );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
return( status ); return( status );
status = psa_aead_setup( &operation, alg ); psa_key_attributes_t attributes = {
.core = slot->attr
};
status = psa_aead_setup( &operation, &attributes, slot->key.data, alg );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
goto exit; goto exit;
@ -3740,9 +3734,8 @@ psa_status_t psa_aead_encrypt( mbedtls_svc_key_id_t key,
memset( ciphertext, 0, ciphertext_size ); memset( ciphertext, 0, ciphertext_size );
exit: exit:
psa_unlock_key_slot( operation.slot );
psa_aead_abort_internal( &operation ); psa_aead_abort_internal( &operation );
psa_unlock_key_slot( slot );
if( status == PSA_SUCCESS ) if( status == PSA_SUCCESS )
*ciphertext_length = plaintext_length + operation.tag_length; *ciphertext_length = plaintext_length + operation.tag_length;
@ -3783,17 +3776,22 @@ psa_status_t psa_aead_decrypt( mbedtls_svc_key_id_t key,
size_t *plaintext_length ) size_t *plaintext_length )
{ {
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot;
aead_operation_t operation = AEAD_OPERATION_INIT; aead_operation_t operation = AEAD_OPERATION_INIT;
const uint8_t *tag = NULL; const uint8_t *tag = NULL;
*plaintext_length = 0; *plaintext_length = 0;
status = psa_get_and_lock_transparent_key_slot_with_policy( status = psa_get_and_lock_transparent_key_slot_with_policy(
key, &operation.slot, PSA_KEY_USAGE_DECRYPT, alg ); key, &slot, PSA_KEY_USAGE_DECRYPT, alg );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
return( status ); return( status );
status = psa_aead_setup( &operation, alg ); psa_key_attributes_t attributes = {
.core = slot->attr
};
status = psa_aead_setup( &operation, &attributes, slot->key.data, alg );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
goto exit; goto exit;
@ -3859,8 +3857,8 @@ psa_status_t psa_aead_decrypt( mbedtls_svc_key_id_t key,
memset( plaintext, 0, plaintext_size ); memset( plaintext, 0, plaintext_size );
exit: exit:
psa_unlock_key_slot( operation.slot );
psa_aead_abort_internal( &operation ); psa_aead_abort_internal( &operation );
psa_unlock_key_slot( slot );
if( status == PSA_SUCCESS ) if( status == PSA_SUCCESS )
*plaintext_length = ciphertext_length - operation.tag_length; *plaintext_length = ciphertext_length - operation.tag_length;