Searched hist:"766 cff40c62945fa60d620aec8afcb79ce42ac13" (Results 1 – 1 of 1) sorted by relevance
| /optee_os/core/tee/ |
| H A D | tee_svc_cryp.c | 766cff40c62945fa60d620aec8afcb79ce42ac13 Fri Jan 21 12:04:52 UTC 2022 Jerome Forissier <jerome@forissier.org> core: crypto: TEE_PopulateTransientObject() should check key size
The GlobalPlatform TEE Internal Core API specification specifies the
panic reasons for TEE_PopulateTransientObject() as follows:
"If the implementation detects any other error associated with this
function that is not explicitly associated with a defined return code
for this function.". There is no explicit return code for the case of
an attribute that would be an invalid key length for the specified
algorithm, but it seems that panicking the TA would be permitted and
even desirable in order to prevent other issues with subsequent calls
using such a key.
Add a key size check to tee_svc_cryp_obj_populate_type() so that
syscall_cryp_obj_populate() will return TEE_ERROR_BAD_PARAMETER when
a key of invalid length is supplied. This error code is converted into
a panic by TEE_PopulateTransientObject().
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|