Skip to content

Commit

Permalink
drivers: crypto: stm32: Replace buffer len assert by error logic
Browse files Browse the repository at this point in the history 
In case asserts are deactivated, no check is done on buffers length.
Remove asserts and return an error when lengths are not correct.

Check error in case length is set by API user.

Signed-off-by: Erwan Gouriou <erwan.gouriou@st.com>
  • Loading branch information
@erwango @carlescufi
erwango authored and carlescufi committed Aug 30, 2023
1 parent d647a85 commit e35974c
Showing 1 changed file with 26 additions and 11 deletions.
37 changes: 26 additions & 11 deletions drivers/crypto/crypto_stm32.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,18 +50,22 @@ LOG_MODULE_REGISTER(crypto_stm32);

struct crypto_stm32_session crypto_stm32_sessions[CRYPTO_MAX_SESSION];

static void copy_reverse_words(uint8_t *dst_buf, int dst_len,
uint8_t *src_buf, int src_len)
static int copy_reverse_words(uint8_t *dst_buf, int dst_len,
uint8_t *src_buf, int src_len)
{
int i;

__ASSERT_NO_MSG(dst_len >= src_len);
__ASSERT_NO_MSG((dst_len % 4) == 0);
if ((dst_len < src_len) || ((dst_len % 4) != 0)) {
LOG_ERR("Buffer length error");
return -EINVAL;
}

memcpy(dst_buf, src_buf, src_len);
for (i = 0; i < dst_len; i += sizeof(uint32_t)) {
sys_mem_swap(&dst_buf[i], sizeof(uint32_t));
}

return 0;
}

static int do_encrypt(struct cipher_ctx *ctx, uint8_t *in_buf, int in_len,
Expand Down Expand Up @@ -175,7 +179,8 @@ static int crypto_stm32_cbc_encrypt(struct cipher_ctx *ctx,

struct crypto_stm32_session *session = CRYPTO_STM32_SESSN(ctx);

copy_reverse_words((uint8_t *)vec, sizeof(vec), iv, BLOCK_LEN_BYTES);
(void)copy_reverse_words((uint8_t *)vec, sizeof(vec), iv, BLOCK_LEN_BYTES);

session->config.pInitVect = vec;

if ((ctx->flags & CAP_NO_IV_PREFIX) == 0U) {
Expand All @@ -202,7 +207,8 @@ static int crypto_stm32_cbc_decrypt(struct cipher_ctx *ctx,

struct crypto_stm32_session *session = CRYPTO_STM32_SESSN(ctx);

copy_reverse_words((uint8_t *)vec, sizeof(vec), iv, BLOCK_LEN_BYTES);
(void)copy_reverse_words((uint8_t *)vec, sizeof(vec), iv, BLOCK_LEN_BYTES);

session->config.pInitVect = vec;

if ((ctx->flags & CAP_NO_IV_PREFIX) == 0U) {
Expand All @@ -227,7 +233,10 @@ static int crypto_stm32_ctr_encrypt(struct cipher_ctx *ctx,

struct crypto_stm32_session *session = CRYPTO_STM32_SESSN(ctx);

copy_reverse_words((uint8_t *)ctr, sizeof(ctr), iv, ivlen);
if (copy_reverse_words((uint8_t *)ctr, sizeof(ctr), iv, ivlen) != 0) {
return -EIO;
}

session->config.pInitVect = ctr;

ret = do_encrypt(ctx, pkt->in_buf, pkt->in_len, pkt->out_buf);
Expand All @@ -247,7 +256,10 @@ static int crypto_stm32_ctr_decrypt(struct cipher_ctx *ctx,

struct crypto_stm32_session *session = CRYPTO_STM32_SESSN(ctx);

copy_reverse_words((uint8_t *)ctr, sizeof(ctr), iv, ivlen);
if (copy_reverse_words((uint8_t *)ctr, sizeof(ctr), iv, ivlen) != 0) {
return -EIO;
}

session->config.pInitVect = ctr;

ret = do_decrypt(ctx, pkt->in_buf, pkt->in_len, pkt->out_buf);
Expand Down Expand Up @@ -285,7 +297,7 @@ static int crypto_stm32_session_setup(const struct device *dev,
enum cipher_mode mode,
enum cipher_op op_type)
{
int ctx_idx;
int ctx_idx, ret;
struct crypto_stm32_session *session;

struct crypto_stm32_data *data = CRYPTO_STM32_DATA(dev);
Expand Down Expand Up @@ -394,8 +406,11 @@ static int crypto_stm32_session_setup(const struct device *dev,
}
}

copy_reverse_words((uint8_t *)session->key, CRYPTO_STM32_AES_MAX_KEY_LEN,
ctx->key.bit_stream, ctx->keylen);
ret = copy_reverse_words((uint8_t *)session->key, CRYPTO_STM32_AES_MAX_KEY_LEN,
ctx->key.bit_stream, ctx->keylen);
if (ret != 0) {
return -EIO;
}

session->config.pKey = session->key;
session->config.DataType = CRYP_DATATYPE_8B;
Expand Down

0 comments on commit e35974c

Please sign in to comment.