Skip to content

Commit

Permalink
drivers: crypto: add stubbed fault mitigation in crypto_acipher_rsass…
Browse files Browse the repository at this point in the history 
…a_verify()

Adds a stubbed fault mitigation for the drivers version of
crypto_acipher_rsassa_verify). End the function with FTMN_CALLEE_DONE()
to record that the function was indeed called and a redundant copy of
the return value.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
  • Loading branch information
@jenswi-linaro @jforissier
jenswi-linaro authored and jforissier committed Nov 25, 2022
1 parent 8f6ac97 commit b303be9
Showing 1 changed file with 10 additions and 5 deletions.
15 changes: 10 additions & 5 deletions core/drivers/crypto/crypto_api/acipher/rsa.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,10 @@
*
* Crypto RSA interface implementation to enable HW driver.
*/
#include <drvcrypt.h>
#include <crypto/crypto.h>
#include <crypto/crypto_impl.h>
#include <drvcrypt.h>
#include <fault_mitigation.h>
#include <tee_api_defines_extensions.h>
#include <tee/tee_cryp_utl.h>
#include <utee_defines.h>
Expand Down Expand Up @@ -436,7 +437,7 @@ TEE_Result crypto_acipher_rsassa_verify(uint32_t algo,

if (!key || !msg || !sig) {
CRYPTO_TRACE("Input parameters reference error");
return ret;
goto out;
}

if (algo != TEE_ALG_RSASSA_PKCS1_V1_5) {
Expand All @@ -447,12 +448,13 @@ TEE_Result crypto_acipher_rsassa_verify(uint32_t algo,
ret = tee_alg_get_digest_size(TEE_DIGEST_HASH_TO_ALGO(algo),
&rsa_ssa.digest_size);
if (ret != TEE_SUCCESS)
return ret;
goto out;

if (msg_len != rsa_ssa.digest_size) {
CRYPTO_TRACE("Input msg length (%zu expected %zu)",
msg_len, rsa_ssa.digest_size);
return TEE_ERROR_BAD_PARAMETERS;
ret = TEE_ERROR_BAD_PARAMETERS;
goto out;
}
} else {
rsa_ssa.hash_algo = 0;
Expand All @@ -467,7 +469,8 @@ TEE_Result crypto_acipher_rsassa_verify(uint32_t algo,
if (rsa_ssa.key.n_size > sig_len) {
CRYPTO_TRACE("Signature length expected %zu",
rsa_ssa.key.n_size);
return TEE_ERROR_SIGNATURE_INVALID;
ret = TEE_ERROR_SIGNATURE_INVALID;
goto out;
}

rsa = drvcrypt_get_ops(CRYPTO_RSA);
Expand Down Expand Up @@ -495,5 +498,7 @@ TEE_Result crypto_acipher_rsassa_verify(uint32_t algo,
CRYPTO_TRACE("Signature verif algo (0x%" PRIx32 ") returned 0x%" PRIx32,
algo, ret);

out:
FTMN_CALLEE_DONE(ret);
return ret;
}

0 comments on commit b303be9

Please sign in to comment.