From e7dbc357e4f927150836fae68da133dd7de4da2f Mon Sep 17 00:00:00 2001 From: Summer Qin Date: Mon, 2 Jul 2018 14:19:42 +0800 Subject: core: add encrypt key length in AES encrypt API Adds size of expanded AES encryption key to crypto_aes_expand_enc_key() and crypto_aes_enc_block() to make the functions more safe to call. Reviewed-by: Jerome Forissier Signed-off-by: Summer Qin Signed-off-by: Jens Wiklander --- core/lib/libtomcrypt/src/tee_ltc_provider.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) (limited to 'core/lib/libtomcrypt/src') diff --git a/core/lib/libtomcrypt/src/tee_ltc_provider.c b/core/lib/libtomcrypt/src/tee_ltc_provider.c index cae91b7d..75373fac 100644 --- a/core/lib/libtomcrypt/src/tee_ltc_provider.c +++ b/core/lib/libtomcrypt/src/tee_ltc_provider.c @@ -1441,10 +1441,14 @@ TEE_Result hash_sha512_256_compute(uint8_t *digest, const uint8_t *data, #endif TEE_Result crypto_aes_expand_enc_key(const void *key, size_t key_len, - void *enc_key, unsigned int *rounds) + void *enc_key, size_t enc_keylen, + unsigned int *rounds) { symmetric_key skey; + if (enc_keylen < sizeof(skey.rijndael.eK)) + return TEE_ERROR_BAD_PARAMETERS; + if (aes_setup(key, key_len, 0, &skey)) return TEE_ERROR_BAD_PARAMETERS; @@ -1453,11 +1457,12 @@ TEE_Result crypto_aes_expand_enc_key(const void *key, size_t key_len, return TEE_SUCCESS; } -void crypto_aes_enc_block(const void *enc_key, unsigned int rounds, - const void *src, void *dst) +void crypto_aes_enc_block(const void *enc_key, size_t enc_keylen __maybe_unused, + unsigned int rounds, const void *src, void *dst) { symmetric_key skey; + assert(enc_keylen >= sizeof(skey.rijndael.eK)); memcpy(skey.rijndael.eK, enc_key, sizeof(skey.rijndael.eK)); skey.rijndael.Nr = rounds; if (aes_ecb_encrypt(src, dst, &skey)) -- cgit v1.2.3