fixup! core: crypto: add Ed25519 support

Refactor parameters handling boilerplate.
OP-TEE · Sep 6, 2022 · 9f65a72 · 9f65a72
1 parent a520052
commit 9f65a72
Showing 1 changed file with 54 additions and 48 deletions.
diff --git a/core/tee/tee_svc_cryp.c b/core/tee/tee_svc_cryp.c
@@ -2171,44 +2171,71 @@ tee_svc_obj_generate_key_ed25519(struct tee_obj *o,
 }
 
 static TEE_Result
-tee_svc_obj_ed25519_sign(struct ed25519_keypair *key,
-			 const uint8_t *msg, size_t msg_len,
-			 uint8_t *sig, size_t *sig_len,
-			 const TEE_Attribute *params, size_t num_params)
+tee_svc_obj_ed25519_parse_params(const TEE_Attribute *params, size_t num_params,
+				 bool *ph_flag, uint8_t **ctx, size_t *ctx_len)
 {
 	TEE_Result err = TEE_ERROR_GENERIC;
 	size_t n = 0;
-	size_t ctx_len = 0;
-	uint8_t *ctx = NULL;
-	bool ph_flag = false;
-	bool cx_flag = false;
 
-	for (n = 0; n < num_params; n++) {
+	*ctx = NULL;
+
+	for (; n < num_params; n++) {
 		switch (params[n].attributeID) {
 		case TEE_ATTR_EDDSA_PREHASH:
-			ph_flag = true;
+			*ph_flag = true;
 			break;
 
 		case TEE_ATTR_EDDSA_CTX:
-			/* only first provided context if effective */
-			if (cx_flag)
-				break;
-			ctx_len = params[n].content.ref.length;
-			if (ctx_len > TEE_ED25519_CTX_MAX_LENGTH)
+			/* several provided contexts are treated as error */
+			if (*ctx) {
+				err = TEE_ERROR_BAD_PARAMETERS;
+				goto error;
+			}
+
+			*ctx_len = params[n].content.ref.length;
+			if (*ctx_len > TEE_ED25519_CTX_MAX_LENGTH)
 				return TEE_ERROR_BAD_PARAMETERS;
-			ctx = mempool_calloc(mempool_default, 1, ctx_len + 1);
-			if (!ctx)
+
+			if (*ctx_len == 0)
+				break;
+
+			*ctx = mempool_alloc(mempool_default, *ctx_len);
+			if (*ctx == NULL)
 				return TEE_ERROR_OUT_OF_MEMORY;
-			memcpy(ctx, params[n].content.ref.buffer, ctx_len);
-			cx_flag = true;
+
+			memcpy(*ctx, params[n].content.ref.buffer, *ctx_len);
 			break;
 
 		default:
-			return TEE_ERROR_BAD_PARAMETERS;
+			err = TEE_ERROR_BAD_PARAMETERS;
+			goto error;
 		}
 	}
 
-	if (ph_flag || cx_flag) {
+	return TEE_SUCCESS;
+error:
+	if (*ctx)
+		mempool_free(mempool_default, *ctx);
+	return err;
+}
+
+static TEE_Result
+tee_svc_obj_ed25519_sign(struct ed25519_keypair *key,
+			 const uint8_t *msg, size_t msg_len,
+			 uint8_t *sig, size_t *sig_len,
+			 const TEE_Attribute *params, size_t num_params)
+{
+	TEE_Result err = TEE_ERROR_GENERIC;
+	size_t ctx_len = 0;
+	uint8_t *ctx = NULL;
+	bool ph_flag = false;
+
+	err = tee_svc_obj_ed25519_parse_params(params, num_params, &ph_flag,
+					       &ctx, &ctx_len);
+	if (err != TEE_SUCCESS)
+		return err;
+
+	if (ph_flag || ctx) {
 		err = crypto_acipher_ed25519ctx_sign(key, msg, msg_len, sig,
 						     sig_len, ph_flag,
 						     ctx, ctx_len);
@@ -2226,38 +2253,17 @@ tee_svc_obj_ed25519_verify(struct ed25519_keypair *key,
 			   const uint8_t *sig, size_t sig_len,
 			   const TEE_Attribute *params, size_t num_params)
 {
-	TEE_Result err;
-	size_t n;
+	TEE_Result err = TEE_ERROR_GENERIC;
 	size_t ctx_len = 0;
 	uint8_t *ctx = NULL;
 	bool ph_flag = false;
-	bool cx_flag = false;
 
-	for (n = 0; n < num_params; n++) {
-		switch (params[n].attributeID) {
-		case TEE_ATTR_EDDSA_PREHASH:
-			ph_flag = true;
-			break;
-
-		case TEE_ATTR_EDDSA_CTX:
-			/* only first provided context if effective */
-			if (cx_flag)
-				break;
-			ctx_len = params[n].content.ref.length;
-			if (ctx_len > TEE_ED25519_CTX_MAX_LENGTH)
-				return TEE_ERROR_BAD_PARAMETERS;
-			ctx = mempool_calloc(mempool_default, 1, ctx_len + 1);
-			if (!ctx)
-				return TEE_ERROR_OUT_OF_MEMORY;
-			memcpy(ctx, params[n].content.ref.buffer, ctx_len);
-			cx_flag = true;
-			break;
+	err = tee_svc_obj_ed25519_parse_params(params, num_params, &ph_flag,
+					       &ctx, &ctx_len);
+	if (err)
+		return err;
 
-		default:
-			return TEE_ERROR_BAD_PARAMETERS;
-		}
-	}
-	if (ph_flag || cx_flag) {
+	if (ph_flag || ctx) {
 		err = crypto_acipher_ed25519ctx_verify(key, msg, msg_len, sig,
 						       sig_len, ph_flag,
 						       ctx, ctx_len);