ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-06-25 06:39:04 +08:00
Code Issues Releases Wiki Activity

Change password ec j-pake operation fields to more suitable

Browse Source 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
This commit is contained in:
Przemek Stekiel 2022-11-17 13:24:36 +01:00
parent 1def5becc2
commit 152ae07682
2 changed files with 16 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
include/psa/crypto_extra.h
View File

@ -1920,8 +1920,8 @@ struct psa_pake_operation_s
#if defined(MBEDTLS_PSA_BUILTIN_PAKE) #if defined(MBEDTLS_PSA_BUILTIN_PAKE)
unsigned int MBEDTLS_PRIVATE(input_step); unsigned int MBEDTLS_PRIVATE(input_step);
unsigned int MBEDTLS_PRIVATE(output_step); unsigned int MBEDTLS_PRIVATE(output_step);
uint8_t* MBEDTLS_PRIVATE(password_data); uint8_t* MBEDTLS_PRIVATE(password);
size_t MBEDTLS_PRIVATE(password_bytes); size_t MBEDTLS_PRIVATE(password_len);
psa_pake_role_t MBEDTLS_PRIVATE(role); psa_pake_role_t MBEDTLS_PRIVATE(role);
uint8_t MBEDTLS_PRIVATE(buffer[MBEDTLS_PSA_PAKE_BUFFER_SIZE]); uint8_t MBEDTLS_PRIVATE(buffer[MBEDTLS_PSA_PAKE_BUFFER_SIZE]);
size_t MBEDTLS_PRIVATE(buffer_length); size_t MBEDTLS_PRIVATE(buffer_length);

28
library/psa_crypto_pake.c
View File

@ -286,20 +286,20 @@ psa_status_t psa_pake_set_password_key( psa_pake_operation_t *operation,
if( slot->key.data == NULL || slot->key.bytes == 0 ) if( slot->key.data == NULL || slot->key.bytes == 0 )
return( PSA_ERROR_INVALID_ARGUMENT ); return( PSA_ERROR_INVALID_ARGUMENT );
if( operation->password_data != NULL ) if( operation->password != NULL )
{ {
mbedtls_free( operation->password_data ); mbedtls_free( operation->password );
operation->password_bytes = 0; operation->password_len = 0;
} }
operation->password_data = mbedtls_calloc( 1, slot->key.bytes ); operation->password = mbedtls_calloc( 1, slot->key.bytes );
if( operation->password_data == NULL ) if( operation->password == NULL )
{ {
status = psa_unlock_key_slot( slot ); status = psa_unlock_key_slot( slot );
return( PSA_ERROR_INSUFFICIENT_MEMORY ); return( PSA_ERROR_INSUFFICIENT_MEMORY );
} }
memcpy( operation->password_data, slot->key.data, slot->key.bytes ); memcpy( operation->password, slot->key.data, slot->key.bytes );
operation->password_bytes = slot->key.bytes; operation->password_len = slot->key.bytes;
status = psa_unlock_key_slot( slot ); status = psa_unlock_key_slot( slot );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
@ -387,8 +387,8 @@ static psa_status_t psa_pake_ecjpake_setup( psa_pake_operation_t *operation )
else else
return( PSA_ERROR_BAD_STATE ); return( PSA_ERROR_BAD_STATE );
if (operation->password_data == NULL || if (operation->password == NULL ||
operation->password_bytes == 0 ) operation->password_len == 0 )
{ {
return( PSA_ERROR_BAD_STATE ); return( PSA_ERROR_BAD_STATE );
} }
@ -397,8 +397,8 @@ static psa_status_t psa_pake_ecjpake_setup( psa_pake_operation_t *operation )
role, role,
MBEDTLS_MD_SHA256, MBEDTLS_MD_SHA256,
MBEDTLS_ECP_DP_SECP256R1, MBEDTLS_ECP_DP_SECP256R1,
operation->password_data, operation->password,
operation->password_bytes ); operation->password_len );
if( ret != 0 ) if( ret != 0 )
return( mbedtls_ecjpake_to_psa_error( ret ) ); return( mbedtls_ecjpake_to_psa_error( ret ) );
@ -864,9 +864,9 @@ psa_status_t psa_pake_abort(psa_pake_operation_t * operation)
{ {
operation->input_step = PSA_PAKE_STEP_INVALID; operation->input_step = PSA_PAKE_STEP_INVALID;
operation->output_step = PSA_PAKE_STEP_INVALID; operation->output_step = PSA_PAKE_STEP_INVALID;
mbedtls_free( operation->password_data ); mbedtls_free( operation->password );
operation->password_data = NULL; operation->password = NULL;
operation->password_bytes = 0; operation->password_len = 0;
operation->role = PSA_PAKE_ROLE_NONE; operation->role = PSA_PAKE_ROLE_NONE;
mbedtls_platform_zeroize( operation->buffer, MBEDTLS_PSA_PAKE_BUFFER_SIZE ); mbedtls_platform_zeroize( operation->buffer, MBEDTLS_PSA_PAKE_BUFFER_SIZE );
operation->buffer_length = 0; operation->buffer_length = 0;