AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Ensure the module is initialized in psa_generate_random

Browse Source
This commit is contained in:
itayzafrir 2018-09-06 16:24:41 +03:00
parent e852df8466
commit 0adf0fc31c
4 changed files with 22 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
include/psa/crypto.h
View File

@ -2902,6 +2902,7 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator,
* \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_BAD_STATE
*/ */
psa_status_t psa_generate_random(uint8_t *output, psa_status_t psa_generate_random(uint8_t *output,
size_t output_size); size_t output_size);

10
library/psa_crypto.c
View File

@ -148,6 +148,10 @@ typedef struct
static psa_global_data_t global_data; static psa_global_data_t global_data;
#define GUARD_MODULE_INITIALIZED \
if( global_data.initialized == 0 ) \
return( PSA_ERROR_BAD_STATE );
static psa_status_t mbedtls_to_psa_error( int ret ) static psa_status_t mbedtls_to_psa_error( int ret )
{ {
/* If there's both a high-level code and low-level code, dispatch on /* If there's both a high-level code and low-level code, dispatch on
@ -3360,8 +3364,10 @@ psa_status_t psa_key_derivation( psa_crypto_generator_t *generator,
psa_status_t psa_generate_random( uint8_t *output, psa_status_t psa_generate_random( uint8_t *output,
size_t output_size ) size_t output_size )
{ {
int ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, int ret;
output, output_size ); GUARD_MODULE_INITIALIZED;
ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, output, output_size );
return( mbedtls_to_psa_error( ret ) ); return( mbedtls_to_psa_error( ret ) );
} }

3
tests/suites/test_suite_psa_crypto.data
View File

@ -1178,3 +1178,6 @@ generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE
PSA generate key: ECC, SECP256R1, incorrect bit size PSA generate key: ECC, SECP256R1, incorrect bit size
depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
PSA validate module initialization: random
validate_module_init_generate_random:

10
tests/suites/test_suite_psa_crypto.function
View File

@ -3451,3 +3451,13 @@ exit:
mbedtls_psa_crypto_free( ); mbedtls_psa_crypto_free( );
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE */
void validate_module_init_generate_random( )
{
psa_status_t status;
uint8_t random[10] = { 0 };
status = psa_generate_random( random, sizeof( random ) );
TEST_ASSERT( status == PSA_ERROR_BAD_STATE );
}
/* END_CASE */