Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove transparent key check in psa_asymmetric_encrypt/decrypto() #8481

Closed
wants to merge 1 commit into from
Closed

Remove transparent key check in psa_asymmetric_encrypt/decrypto() #8481

wants to merge 1 commit into from

Conversation

michael2012z
Copy link

Description

In psa_asymmetric_encrypt() and psa_asymmetric_decrypt(), psa_get_and_lock_transparent_key_slot_with_policy() is called to check if the key is transparent. The check is incorrect, it always fails in the case of opaque driver.

The PR replaced psa_get_and_lock_transparent_key_slot_with_policy with psa_get_and_lock_key_slot_with_policy.

Fixes 8461

PR checklist

Please tick as appropriate and edit the reasons (e.g.: "backport: not needed because this is a new feature")

  • changelog not required
  • backport TODO
  • tests not required

@michael2012z
crypto: Remove transparent key check in psa_asymmetric_encrypt()
8c7f914 
In `psa_asymmetric_encrypt()` and `psa_asymmetric_decrypt()`,
`psa_get_and_lock_transparent_key_slot_with_policy()` is called to check
if the key is transparent. The check is incorrect, it always fails in
the case of opaque driver.

The commit replaced `psa_get_and_lock_transparent_key_slot_with_policy`
with `psa_get_and_lock_key_slot_with_policy`.

Signed-off-by: Michael Zhao <michael.zhao@arm.com>
@tgonzalezorlandoarm tgonzalezorlandoarm added bug needs-review Every commit must be reviewed by at least two team members, needs-reviewer This PR needs someone to pick it up for review size-s Estimated task size: small (~2d) component-psa PSA keystore/dispatch layer (storage, drivers, …) labels Nov 6, 2023
@tgonzalezorlandoarm tgonzalezorlandoarm added this to Mbed TLS 3.6 release in EPICs for Mbed TLS Nov 6, 2023
@gilles-peskine-arm gilles-peskine-arm moved this from Mbed TLS 3.6 release to Opaque driver support in EPICs for Mbed TLS Nov 6, 2023
@minosgalanakis minosgalanakis moved this from Opaque driver support to Mbed TLS 3.6 release in EPICs for Mbed TLS Nov 22, 2023
@minosgalanakis minosgalanakis added the priority-high High priority - will be reviewed soon label Nov 22, 2023
@valeriosetti
Copy link
Contributor

Closing as #8700 implements the same fix and it also adds testing for it.

@valeriosetti valeriosetti removed this from Mbed TLS 3.6 release in EPICs for Mbed TLS Jan 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
bug component-psa PSA keystore/dispatch layer (storage, drivers, …) needs-review Every commit must be reviewed by at least two team members, needs-reviewer This PR needs someone to pick it up for review priority-high High priority - will be reviewed soon size-s Estimated task size: small (~2d)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

psa_asymmetric_encrypt() doesn't work with opaque driver
4 participants
@michael2012z @valeriosetti @minosgalanakis @tgonzalezorlandoarm