cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-11-03 12:11:27 -05:00
Code Issues Packages Projects Releases Wiki Activity

Refactor aead setup functions into single function

Browse Source 
Move common encrypt / decrypt code into common function, and roll in
previously refactored setup checks function, as this is now the only
place it is called.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
This commit is contained in:
Paul Elliott 2021-08-19 18:55:56 +01:00
parent 5d3a3c3ee4
commit e0a12bd852
1 changed files with 66 additions and 88 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

154
library/psa_crypto.c
View File

@ -3401,26 +3401,82 @@ static psa_algorithm_t psa_aead_get_base_algorithm( psa_algorithm_t alg )
return PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG( alg );
}
static psa_status_t psa_aead_setup_checks( psa_aead_operation_t *operation,
psa_algorithm_t alg )
/* Set the key for a multipart authenticated operation. */
static psa_status_t psa_aead_setup( psa_aead_operation_t *operation,
mbedtls_svc_key_id_t key,
psa_algorithm_t alg )
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot = NULL;
psa_key_usage_t key_usage = 0;
if( !PSA_ALG_IS_AEAD( alg ) || PSA_ALG_IS_WILDCARD( alg ) )
{
return( PSA_ERROR_INVALID_ARGUMENT );
status = PSA_ERROR_INVALID_ARGUMENT;
goto exit;
}
if( operation->id != 0 )
{
return( PSA_ERROR_BAD_STATE );
status = PSA_ERROR_BAD_STATE;
goto exit;
}
if( operation->nonce_set || operation->lengths_set ||
operation->ad_started || operation->body_started )
{
return( PSA_ERROR_BAD_STATE );
status = PSA_ERROR_BAD_STATE;
goto exit;
}
return( PSA_SUCCESS );
if( operation->is_encrypt )
key_usage = PSA_KEY_USAGE_ENCRYPT;
else
key_usage = PSA_KEY_USAGE_DECRYPT;
status = psa_get_and_lock_key_slot_with_policy( key, &slot, key_usage,
alg );
if( status != PSA_SUCCESS )
goto exit;
psa_key_attributes_t attributes = {
.core = slot->attr
};
if( operation->is_encrypt )
status = psa_driver_wrapper_aead_encrypt_setup( operation,
&attributes,
slot->key.data,
slot->key.bytes,
alg );
else
status = psa_driver_wrapper_aead_decrypt_setup( operation,
&attributes,
slot->key.data,
slot->key.bytes,
alg );
if( status != PSA_SUCCESS )
goto exit;
operation->key_type = psa_get_key_type( &attributes );
exit:
unlock_status = psa_unlock_key_slot( slot );
if( status == PSA_SUCCESS )
{
status = unlock_status;
operation->alg = psa_aead_get_base_algorithm( alg );
}
else
psa_aead_abort( operation );
return( status );
}
/* Set the key for a multipart authenticated encryption operation. */
@ -3428,48 +3484,9 @@ psa_status_t psa_aead_encrypt_setup( psa_aead_operation_t *operation,
mbedtls_svc_key_id_t key,
psa_algorithm_t alg )
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot = NULL;
operation->is_encrypt = 1;
status = psa_aead_setup_checks( operation, alg );
if( status != PSA_SUCCESS )
goto exit;
status = psa_get_and_lock_key_slot_with_policy(
key, &slot, PSA_KEY_USAGE_ENCRYPT, alg );
if( status != PSA_SUCCESS )
goto exit;
psa_key_attributes_t attributes = {
.core = slot->attr
};
status = psa_driver_wrapper_aead_encrypt_setup( operation,
&attributes, slot->key.data,
slot->key.bytes, alg );
if( status != PSA_SUCCESS )
goto exit;
operation->key_type = psa_get_key_type( &attributes );
exit:
unlock_status = psa_unlock_key_slot( slot );
if( status == PSA_SUCCESS )
{
status = unlock_status;
operation->alg = psa_aead_get_base_algorithm( alg );
operation->is_encrypt = 1;
}
else
psa_aead_abort( operation );
return( status );
return( psa_aead_setup( operation, key, alg ) );
}
/* Set the key for a multipart authenticated decryption operation. */
@ -3477,48 +3494,9 @@ psa_status_t psa_aead_decrypt_setup( psa_aead_operation_t *operation,
mbedtls_svc_key_id_t key,
psa_algorithm_t alg )
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot = NULL;
operation->is_encrypt = 0;
status = psa_aead_setup_checks( operation, alg );
if( status != PSA_SUCCESS )
goto exit;
status = psa_get_and_lock_key_slot_with_policy(
key, &slot, PSA_KEY_USAGE_DECRYPT, alg );
if( status != PSA_SUCCESS )
goto exit;
psa_key_attributes_t attributes = {
.core = slot->attr
};
status = psa_driver_wrapper_aead_decrypt_setup( operation,
&attributes, slot->key.data,
slot->key.bytes, alg );
if( status != PSA_SUCCESS )
goto exit;
operation->key_type = psa_get_key_type( &attributes );
exit:
unlock_status = psa_unlock_key_slot( slot );
if( status == PSA_SUCCESS )
{
status = unlock_status;
operation->alg = psa_aead_get_base_algorithm( alg );
operation->is_encrypt = 0;
}
else
psa_aead_abort( operation );
return( status );
return( psa_aead_setup( operation, key, alg ) );
}
/* Generate a random nonce / IV for multipart AEAD operation */