Move buffer size checks up to psa_crypto layer

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2025-11-04 04:32:24 -05:00 · 2021-06-24 20:37:32 +01:00 · 2021-06-24 20:37:32 +01:00 · ed68d7464d
commit ed68d7464d
parent c2b7144da0
3 changed files with 23 additions and 27 deletions
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@ -3749,8 +3749,11 @@ exit:
    return( status );
 }

-static psa_status_t psa_aead_final_checks( psa_aead_operation_t *operation )
+static psa_status_t psa_aead_final_checks( psa_aead_operation_t *operation,
+                                           size_t output_size )
 {
+    size_t finish_output_size;
+
    if( operation->id == 0 || !operation->nonce_set )
        return( PSA_ERROR_BAD_STATE );

@ -3758,6 +3761,13 @@ static psa_status_t psa_aead_final_checks( psa_aead_operation_t *operation )
                                   operation->body_remaining != 0 ) )
        return( PSA_ERROR_INVALID_ARGUMENT );

+    finish_output_size = operation->is_encrypt ?
+         PSA_AEAD_FINISH_OUTPUT_SIZE( operation->key_type, operation->alg ) :
+         PSA_AEAD_VERIFY_OUTPUT_SIZE( operation->key_type, operation->alg );
+
+    if( output_size < finish_output_size )
+        return( PSA_ERROR_BUFFER_TOO_SMALL );
+
    return( PSA_SUCCESS );
 }

@ -3775,7 +3785,7 @@ psa_status_t psa_aead_finish( psa_aead_operation_t *operation,
    *ciphertext_length = 0;
    *tag_length = tag_size;

-    status = psa_aead_final_checks( operation );
+    status = psa_aead_final_checks( operation, ciphertext_size );

    if( status != PSA_SUCCESS )
        goto exit;
@ -3816,7 +3826,7 @@ psa_status_t psa_aead_verify( psa_aead_operation_t *operation,

    *plaintext_length = 0;

-    status = psa_aead_final_checks( operation );
+    status = psa_aead_final_checks( operation, plaintext_size );

    if( status != PSA_SUCCESS )
        goto exit;
--- a/library/psa_crypto_aead.c
+++ b/library/psa_crypto_aead.c
@ -603,21 +603,11 @@ psa_status_t mbedtls_psa_aead_update(
   mbedtls_psa_aead_verify() */
 static psa_status_t mbedtls_psa_aead_finish_checks(
    mbedtls_psa_aead_operation_t *operation,
-    size_t output_size,
    size_t tag_size )
 {
-    size_t finish_output_size;
-
    if( tag_size < operation->tag_length )
        return ( PSA_ERROR_BUFFER_TOO_SMALL );

-    finish_output_size = operation->is_encrypt ?
-        PSA_AEAD_FINISH_OUTPUT_SIZE( operation->key_type, operation->alg ) :
-        PSA_AEAD_VERIFY_OUTPUT_SIZE( operation->key_type, operation->alg );
-
-    if( output_size < finish_output_size )
-        return ( PSA_ERROR_BUFFER_TOO_SMALL );
-
    return ( PSA_SUCCESS );
 }

@ -634,8 +624,7 @@ psa_status_t mbedtls_psa_aead_finish(
    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
    size_t finish_output_size = 0;

-    status = mbedtls_psa_aead_finish_checks( operation, ciphertext_size,
-                                             tag_size );
+    status = mbedtls_psa_aead_finish_checks( operation, tag_size );

    if( status != PSA_SUCCESS )
        return status;
@ -690,8 +679,7 @@ psa_status_t mbedtls_psa_aead_verify(
    int do_tag_check = 1;
    uint8_t check_tag[PSA_AEAD_TAG_MAX_SIZE];

-    status = mbedtls_psa_aead_finish_checks( operation, plaintext_size,
-                                             tag_length );
+    status = mbedtls_psa_aead_finish_checks( operation, tag_length );

    if( status != PSA_SUCCESS )
        return status;
--- a/library/psa_crypto_aead.h
+++ b/library/psa_crypto_aead.h
@ -477,12 +477,10 @@ psa_status_t mbedtls_psa_aead_update(
 * \retval #PSA_SUCCESS
 *         Success.
 * \retval #PSA_ERROR_BUFFER_TOO_SMALL
- *         The size of the \p ciphertext or \p tag buffer is too small.
- *         #PSA_AEAD_FINISH_OUTPUT_SIZE(\c key_type, \c alg) or
- *         #PSA_AEAD_FINISH_OUTPUT_MAX_SIZE can be used to determine the
- *         required \p ciphertext buffer size. #PSA_AEAD_TAG_LENGTH(\c key_type,
- *         \c key_bits, \c alg) or #PSA_AEAD_TAG_MAX_SIZE can be used to
- *         determine the required \p tag buffer size.
+ *         The size of the \p tag buffer is too small.
+ *         #PSA_AEAD_TAG_LENGTH(\c key_type, key_bits, \c alg) or
+ *         #PSA_AEAD_TAG_MAX_SIZE can be used to determine the required \p tag
+ *         buffer size.
 */
 psa_status_t mbedtls_psa_aead_finish(
    mbedtls_psa_aead_operation_t *operation,
@ -551,10 +549,10 @@ psa_status_t mbedtls_psa_aead_finish(
 *         The calculations were successful, but the authentication tag is
 *         not correct.
 * \retval #PSA_ERROR_BUFFER_TOO_SMALL
- *         The size of the \p plaintext buffer is too small.
- *         #PSA_AEAD_VERIFY_OUTPUT_SIZE(\c key_type, \c alg) or
- *         #PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE can be used to determine the
- *         required buffer size.
+ *         The size of the \p tag buffer is too small.
+ *         #PSA_AEAD_TAG_LENGTH(\c key_type, key_bits, \c alg) or
+ *         #PSA_AEAD_TAG_MAX_SIZE can be used to determine the required \p tag
+ *         buffer size.
 */
 psa_status_t mbedtls_psa_aead_verify(
    mbedtls_psa_aead_operation_t *operation,