Skip to content

Commit ae0cb6d

Browse files
Netanel Gonenmohammad1603
Netanel Gonen
authored and
mohammad1603
committed
Crypto SPM - fix - PART1
Fail fast on invalid handles before calling to SPM
1 parent bf852c1 commit ae0cb6d

File tree

1 file changed

+32
-0
lines changed

1 file changed

+32
-0
lines changed

components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -98,6 +98,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation,
9898
psa_invec_t in_vec = { &psa_crypto_ipc, sizeof( psa_crypto_ipc ) };
9999

100100
operation->handle = psa_connect( PSA_MAC_ID, MINOR_VER );
101+
101102
if( operation->handle <= 0 )
102103
return ( PSA_ERROR_COMMUNICATION_FAILURE );
103104

@@ -140,6 +141,9 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation,
140141
psa_invec_t in_vec[2] = { { &psa_crypto_ipc, sizeof( psa_crypto_ipc ) },
141142
{ input, input_length } };
142143

144+
if( operation->handle <= 0 )
145+
return( PSA_ERROR_INVALID_ARGUMENT );
146+
143147
err = psa_call( operation->handle, in_vec, 2, NULL, 0 );
144148
if( err < 0 )
145149
err = PSA_ERROR_COMMUNICATION_FAILURE;
@@ -161,6 +165,9 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation,
161165
{ &mac_size, sizeof( mac_size ) } };
162166
psa_outvec_t out_vec[2] = { { mac, mac_size }, { mac_length, sizeof( *mac_length ) } };
163167

168+
if( operation->handle <= 0 )
169+
return( PSA_ERROR_INVALID_ARGUMENT );
170+
164171
err_call = psa_call( operation->handle, in_vec, 2, out_vec, 2 );
165172
psa_close( operation->handle );
166173
operation->handle = PSA_NULL_HANDLE;
@@ -184,6 +191,9 @@ psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation,
184191
{ &mac_length, sizeof( mac_length ) },
185192
{ mac, mac_length } };
186193

194+
if( operation->handle <= 0 )
195+
return( PSA_ERROR_INVALID_ARGUMENT );
196+
187197
err_call = psa_call( operation->handle, in_vec, 3, NULL , 0 );
188198
psa_close( operation->handle );
189199
operation->handle = PSA_NULL_HANDLE;
@@ -255,6 +265,9 @@ psa_status_t psa_hash_update( psa_hash_operation_t *operation,
255265
psa_invec_t in_vec[2] = { {&psa_crypto_ipc, sizeof( psa_crypto_ipc ) },
256266
{ input, input_length } };
257267

268+
if( operation->handle <= 0 )
269+
return( PSA_ERROR_INVALID_ARGUMENT );
270+
258271
err = psa_call( operation->handle, in_vec, 2, NULL, 0 );
259272
if( err < 0 )
260273
err = PSA_ERROR_COMMUNICATION_FAILURE;
@@ -277,6 +290,9 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation,
277290
psa_outvec_t out_vec[2] = { { hash, hash_size },
278291
{ hash_length, sizeof( *hash_length ) } };
279292

293+
if( operation->handle <= 0 )
294+
return( PSA_ERROR_INVALID_ARGUMENT );
295+
280296
err_call = psa_call( operation->handle, in_vec, 2, out_vec, 2 );
281297
psa_close( operation->handle );
282298
operation->handle = PSA_NULL_HANDLE;
@@ -300,6 +316,9 @@ psa_status_t psa_hash_verify( psa_hash_operation_t *operation,
300316
{ &hash_length, sizeof( hash_length ) },
301317
{ hash, hash_length } };
302318

319+
if( operation->handle <= 0 )
320+
return( PSA_ERROR_INVALID_ARGUMENT );
321+
303322
err_call = psa_call( operation->handle, in_vec, 3, NULL, 0 );
304323
psa_close( operation->handle );
305324
operation->handle = PSA_NULL_HANDLE;
@@ -1117,6 +1136,7 @@ psa_status_t psa_cipher_decrypt_setup( psa_cipher_operation_t *operation,
11171136
in_vec = ( psa_invec_t ){ &psa_crypto_ipc, sizeof( psa_crypto_ipc ) };
11181137

11191138
operation->handle = psa_connect( PSA_SYMMETRIC_ID, MINOR_VER );
1139+
11201140
if( operation->handle <= 0 )
11211141
return ( PSA_ERROR_COMMUNICATION_FAILURE );
11221142

@@ -1143,6 +1163,9 @@ psa_status_t psa_cipher_generate_iv( psa_cipher_operation_t *operation,
11431163
out_vec[0] = ( psa_outvec_t ){ iv, iv_size };
11441164
out_vec[1] = ( psa_outvec_t ){ iv_length, sizeof( *iv_length ) };
11451165

1166+
if( operation->handle <= 0 )
1167+
return( PSA_ERROR_INVALID_ARGUMENT );
1168+
11461169
err = psa_call( operation->handle, &in_vec, 1, out_vec, 2 );
11471170
if( err < 0 )
11481171
err = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE;
@@ -1162,6 +1185,9 @@ psa_status_t psa_cipher_set_iv( psa_cipher_operation_t *operation,
11621185
in_vec[0] = ( psa_invec_t ){ &psa_crypto_ipc, sizeof( psa_crypto_ipc ) };
11631186
in_vec[1] = ( psa_invec_t ){ iv, iv_length };
11641187

1188+
if( operation->handle <= 0 )
1189+
return( PSA_ERROR_INVALID_ARGUMENT );
1190+
11651191
err = psa_call( operation->handle, in_vec, 2, NULL, 0 );
11661192
if( err < 0 )
11671193
err = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE;
@@ -1189,6 +1215,9 @@ psa_status_t psa_cipher_update( psa_cipher_operation_t *operation,
11891215
out_vec[1] = ( psa_outvec_t ){ output_length, ( output_length == NULL ? 0 :
11901216
sizeof( *output_length ) ) };
11911217

1218+
if( operation->handle <= 0 )
1219+
return( PSA_ERROR_INVALID_ARGUMENT );
1220+
11921221
err = psa_call( operation->handle, in_vec, 2, out_vec, 2 );
11931222
if( err < 0 )
11941223
err = ( psa_error_t ) PSA_ERROR_COMMUNICATION_FAILURE;
@@ -1213,6 +1242,9 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation,
12131242
out_vec[1] = ( psa_outvec_t ){ output_length, ( output_length == NULL ? 0 :
12141243
sizeof( *output_length ) ) };
12151244

1245+
if( operation->handle <= 0 )
1246+
return( PSA_ERROR_INVALID_ARGUMENT );
1247+
12161248
err_call = psa_call( operation->handle, &in_vec, 1, out_vec, 2 );
12171249
psa_close( operation->handle );
12181250
operation->handle = PSA_NULL_HANDLE;

0 commit comments

Comments
 (0)