[nrf noup] ITS: fix aad_size parameter spelling

tomi-font · tomi-font · commit 05b73d202bb8 · 2025-04-23T16:09:02.000+03:00
This is a noup because the upstream commit 77aabb7 (from the main branch) does not apply cleanly. Fix the use of the aad_size struct parameter in Nordic's ITS encryption HAL. In addition, fix the remaining use of add/add_size as parameter names in the ITS partition code. Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
diff --git a/platform/ext/target/nordic_nrf/common/core/tfm_hal_its_encryption_cracen.c b/platform/ext/target/nordic_nrf/common/core/tfm_hal_its_encryption_cracen.c
@@ -103,7 +103,7 @@ static bool ctx_is_valid(struct tfm_hal_its_auth_crypt_ctx *ctx)
     }
 
     ret = (ctx->deriv_label == NULL && ctx->deriv_label_size != 0) ||
-          (ctx->aad == NULL && ctx->add_size != 0) ||
+          (ctx->aad == NULL && ctx->aad_size != 0) ||
           (ctx->nonce == NULL && ctx->nonce_size != 0);
 
     return !ret;
@@ -166,7 +166,7 @@ psa_status_t tfm_hal_its_get_aead(struct tfm_hal_its_auth_crypt_ctx *ctx,
         return status;
     }
 
-    status = cracen_aead_update_ad(&operation, ctx->aad, ctx->add_size);
+    status = cracen_aead_update_ad(&operation, ctx->aad, ctx->aad_size);
     if (status != PSA_SUCCESS) {
         return status;
     }
diff --git a/secure_fw/partitions/internal_trusted_storage/its_crypto_interface.c b/secure_fw/partitions/internal_trusted_storage/its_crypto_interface.c
@@ -20,25 +20,25 @@
 /**
  * \brief Fills the AEAD additional data used for the encryption/decryption
  *
- * \details The additional data are not encypted their integrity is checked.
+ * \details The additional data is not encrypted but its integrity is checked.
  *          For the ITS encryption we use the file id, the file flags and the
  *          data size of the file as addditional data.
  *
- * \param[out]  add       Additional data
- * \param[in]   add_size  Additional data size in bytes
+ * \param[out]  aad       Additional authenticated data
+ * \param[in]   aad_size  Additional authenticated data size in bytes
  * \param[in]   fid       Identifier of the file
  * \param[in]   fid_size  Identifier of the file size in bytes
  * \param[in]   flags     Flags of the file
  * \param[in]   data_size Data size in bytes
  *
  * \retval PSA_SUCCESS                On success
- * \retval PSA_ERROR_INVALID_ARGUMENT When the addditional data buffer does not
- *                                    have the correct size of the add/fid
+ * \retval PSA_ERROR_INVALID_ARGUMENT When the additional data buffer does not
+ *                                    have the correct size or the aad/fid
  *                                    buffers are NULL
  *
  */
-static psa_status_t tfm_its_fill_enc_add(uint8_t *add,
-                                         const size_t add_size,
+static psa_status_t tfm_its_fill_enc_add(uint8_t *aad,
+                                         const size_t aad_size,
                                          const uint8_t *fid,
                                          const size_t fid_size,
                                          const uint32_t flags,
@@ -49,22 +49,21 @@ static psa_status_t tfm_its_fill_enc_add(uint8_t *add,
      * gets the file info from ITS (see its_flash_fs_file_get_info).
      * We use the same flags for conformity.
      */
-    uint32_t user_flags = flags & ITS_FLASH_FS_USER_FLAGS_MASK;
+    const uint32_t user_flags = flags & ITS_FLASH_FS_USER_FLAGS_MASK;
 
     /* The additional data consist of the file id, the flags and the
      * data size of the file.
      */
-    size_t add_expected_size = ITS_FILE_ID_SIZE +
-                               sizeof(user_flags) +
-                               sizeof(data_size);
+    const size_t aad_expected_size =
+      ITS_FILE_ID_SIZE + sizeof(user_flags) + sizeof(data_size);
 
-    if (add_size != add_expected_size || add == NULL || fid == NULL) {
+    if ((aad_size != aad_expected_size) || (aad == NULL) || (fid == NULL)) {
         return PSA_ERROR_INVALID_ARGUMENT;
     }
 
-    memcpy(add, fid, fid_size);
-    memcpy(add + fid_size, &user_flags, sizeof(user_flags));
-    memcpy(add + fid_size + sizeof(user_flags),
+    memcpy(aad, fid, fid_size);
+    memcpy(aad + fid_size, &user_flags, sizeof(user_flags));
+    memcpy(aad + fid_size + sizeof(user_flags),
                &data_size,
                sizeof(data_size));
 
@@ -163,4 +162,3 @@ psa_status_t tfm_its_crypt_file(struct its_flash_fs_file_info_t *finfo,
 
     return PSA_SUCCESS;
 }
-

Original file line number	Diff line number	Diff line change
`@@ -103,7 +103,7 @@ static bool ctx_is_valid(struct tfm_hal_its_auth_crypt_ctx *ctx)`
`103`	`103`	`}`
`104`	`104`
`105`	`105`	`ret = (ctx->deriv_label == NULL && ctx->deriv_label_size != 0) \|\|`
`106`		`- (ctx->aad == NULL && ctx->add_size != 0) \|\|`
	`106`	`+ (ctx->aad == NULL && ctx->aad_size != 0) \|\|`
`107`	`107`	`(ctx->nonce == NULL && ctx->nonce_size != 0);`
`108`	`108`
`109`	`109`	`return !ret;`
`@@ -166,7 +166,7 @@ psa_status_t tfm_hal_its_get_aead(struct tfm_hal_its_auth_crypt_ctx *ctx,`
`166`	`166`	`return status;`
`167`	`167`	`}`
`168`	`168`
`169`		`- status = cracen_aead_update_ad(&operation, ctx->aad, ctx->add_size);`
	`169`	`+ status = cracen_aead_update_ad(&operation, ctx->aad, ctx->aad_size);`
`170`	`170`	`if (status != PSA_SUCCESS) {`
`171`	`171`	`return status;`
`172`	`172`	`}`