From fc9c5561273c1b18431612f7aaaa2f77999c42c4 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 15 Oct 2020 19:24:49 +0200 Subject: [PATCH] Forbid volatile key identifiers for non volatile keys Volatile key identifiers in the vendor range are reserved to volatile keys thus don't allow them for persistent keys when creating a key. Signed-off-by: Ronald Cron --- library/psa_crypto.c | 2 +- library/psa_crypto_slot_management.c | 12 +++++++++--- library/psa_crypto_slot_management.h | 12 ++++++++---- .../suites/test_suite_psa_crypto_se_driver_hal.data | 13 +++++++++++-- .../test_suite_psa_crypto_se_driver_hal.function | 1 + 5 files changed, 30 insertions(+), 10 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a437aeec9..17cec9756 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1792,7 +1792,7 @@ static psa_status_t psa_validate_key_attributes( { status = psa_validate_key_id( psa_get_key_id( attributes ), - psa_key_lifetime_is_external( lifetime ) ); + psa_key_lifetime_is_external( lifetime ), 0 ); if( status != PSA_SUCCESS ) return( status ); diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 6471591b5..1e521d174 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -51,7 +51,8 @@ typedef struct static psa_global_data_t global_data; -psa_status_t psa_validate_key_id( mbedtls_svc_key_id_t key, int vendor_ok ) +psa_status_t psa_validate_key_id( + mbedtls_svc_key_id_t key, int vendor_ok, int volatile_ok ) { psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ); @@ -61,7 +62,12 @@ psa_status_t psa_validate_key_id( mbedtls_svc_key_id_t key, int vendor_ok ) if( vendor_ok && ( PSA_KEY_ID_VENDOR_MIN <= key_id ) && - ( key_id <= PSA_KEY_ID_VENDOR_MAX ) ) + ( key_id < PSA_KEY_ID_VOLATILE_MIN ) ) + return( PSA_SUCCESS ); + + if( volatile_ok && + ( PSA_KEY_ID_VOLATILE_MIN <= key_id ) && + ( key_id <= PSA_KEY_ID_VOLATILE_MAX ) ) return( PSA_SUCCESS ); return( PSA_ERROR_INVALID_HANDLE ); @@ -191,7 +197,7 @@ psa_status_t psa_get_key_slot( mbedtls_svc_key_id_t key, if( ! global_data.key_slots_initialized ) return( PSA_ERROR_BAD_STATE ); - status = psa_validate_key_id( key, 1 ); + status = psa_validate_key_id( key, 1, 1 ); if( status != PSA_SUCCESS ) return( status ); diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index 98a1ce753..b1d66e4ee 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -155,13 +155,17 @@ psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime ); /** Validate a key identifier. * - * \param[in] key The key identifier. - * \param[in] vendor_ok Non-zero to indicate that key identifiers in the - * vendor range are allowed, \c 0 otherwise. + * \param[in] key The key identifier. + * \param[in] vendor_ok Non-zero to indicate that key identifiers in the + * vendor range are allowed, volatile key identifiers + * excepted \c 0 otherwise. + * \param[in] volatile_ok Non-zero to indicate that volatile key identifiers + * are allowed \c 0 otherwise. * * \retval #PSA_SUCCESS The identifier is valid. * \retval #PSA_ERROR_INVALID_ARGUMENT The key identifier is not valid. */ -psa_status_t psa_validate_key_id( mbedtls_svc_key_id_t key, int vendor_ok ); +psa_status_t psa_validate_key_id( + mbedtls_svc_key_id_t key, int vendor_ok, int volatile_ok ); #endif /* PSA_CRYPTO_SLOT_MANAGEMENT_H */ diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data index 645e27d3c..239a68f2a 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data @@ -150,8 +150,17 @@ register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:1:-1:PSA_ERROR_NOT_SUPPORT Key registration: key id out of range register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VENDOR_MAX+1:-1:PSA_ERROR_INVALID_HANDLE -Key registration: key id in vendor range -register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VENDOR_MAX:1:PSA_SUCCESS +Key registration: key id min vendor +register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VENDOR_MIN:1:PSA_SUCCESS + +Key registration: key id max vendor except volatile +register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VOLATILE_MIN-1:1:PSA_SUCCESS + +Key registration: key id min volatile +register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VOLATILE_MIN:1:PSA_ERROR_INVALID_HANDLE + +Key registration: key id max volatile +register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VOLATILE_MAX:1:PSA_ERROR_INVALID_HANDLE Import-sign-verify: sign in driver, ECDSA depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index e5f87e08b..28ab03f24 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -3,6 +3,7 @@ #include "psa/crypto_se_driver.h" #include "psa_crypto_se.h" +#include "psa_crypto_slot_management.h" #include "psa_crypto_storage.h" /* Invasive peeking: check the persistent data */