Skip to content

Commit 0851501

Browse files
bigbrettbigbrett
authored
Merge pull request #241 from AlexLanzano/keywrap-argument-change
Change wrap object size argument to be in/out instead of in
2 parents cea490a + b240c30 commit 0851501

File tree

8 files changed

+178
-125
lines changed

8 files changed

+178
-125
lines changed

examples/demo/client/wh_demo_client_keywrap.c

Lines changed: 8 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -79,6 +79,7 @@ int wh_DemoClient_AesGcmKeyWrap(whClientContext* client)
7979
WC_RNG rng[1];
8080
uint8_t key[WH_DEMO_KEYWRAP_AES_KEYSIZE];
8181
uint8_t exportedKey[WH_DEMO_KEYWRAP_AES_KEYSIZE];
82+
uint16_t exportedKeySz = sizeof(exportedKey);
8283
whNvmMetadata metadata = {
8384
.id = WH_CLIENT_KEYID_MAKE_WRAPPED_META(
8485
client->comm->client_id, WH_DEMO_KEYWRAP_AESGCM_WRAPKEY_ID),
@@ -88,6 +89,7 @@ int wh_DemoClient_AesGcmKeyWrap(whClientContext* client)
8889
.len = WH_DEMO_KEYWRAP_AES_KEYSIZE};
8990
whNvmMetadata exportedMetadata;
9091
uint8_t wrappedKey[WH_DEMO_KEYWRAP_AES_WRAPPED_KEYSIZE];
92+
uint16_t wrappedKeySz = sizeof(wrappedKey);
9193
whKeyId wrappedKeyId;
9294

9395
const uint8_t plaintext[] = "hello, wolfSSL AES-GCM!";
@@ -131,9 +133,9 @@ int wh_DemoClient_AesGcmKeyWrap(whClientContext* client)
131133

132134
/* Now we request the server to wrap the key using the KEK we
133135
* establish above in the first step. */
134-
ret = wh_Client_KeyWrap(client, WC_CIPHER_AES_GCM, WH_DEMO_KEYWRAP_KEKID,
135-
key, sizeof(key), &metadata, wrappedKey,
136-
sizeof(wrappedKey));
136+
ret =
137+
wh_Client_KeyWrap(client, WC_CIPHER_AES_GCM, WH_DEMO_KEYWRAP_KEKID, key,
138+
sizeof(key), &metadata, wrappedKey, &wrappedKeySz);
137139
if (ret != 0) {
138140
WOLFHSM_CFG_PRINTF("Failed to wh_Client_KeyWrap %d\n", ret);
139141
goto cleanup_rng;
@@ -212,10 +214,9 @@ int wh_DemoClient_AesGcmKeyWrap(whClientContext* client)
212214
/* Exporting a wrapped key */
213215

214216
/* Request the server to unwrap and export the wrapped key we created */
215-
ret = wh_Client_KeyUnwrapAndExport(client, WC_CIPHER_AES_GCM,
216-
WH_DEMO_KEYWRAP_KEKID, wrappedKey,
217-
sizeof(wrappedKey), &exportedMetadata,
218-
exportedKey, sizeof(exportedKey));
217+
ret = wh_Client_KeyUnwrapAndExport(
218+
client, WC_CIPHER_AES_GCM, WH_DEMO_KEYWRAP_KEKID, wrappedKey,
219+
sizeof(wrappedKey), &exportedMetadata, exportedKey, &exportedKeySz);
219220
if (ret != 0) {
220221
WOLFHSM_CFG_PRINTF("Failed to wh_Client_KeyUnwrapAndCache %d\n", ret);
221222
goto cleanup_aes;

src/wh_client_keywrap.c

Lines changed: 46 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -50,7 +50,7 @@ int wh_Client_KeyWrapRequest(whClientContext* ctx,
5050

5151
int wh_Client_KeyWrapResponse(whClientContext* ctx,
5252
enum wc_CipherType cipherType,
53-
void* wrappedKeyOut, uint16_t wrappedKeySz)
53+
void* wrappedKeyOut, uint16_t* wrappedKeyInOutSz)
5454
{
5555
int ret;
5656
uint16_t group;
@@ -59,7 +59,7 @@ int wh_Client_KeyWrapResponse(whClientContext* ctx,
5959
whMessageKeystore_KeyWrapResponse* resp = NULL;
6060
uint8_t* respData;
6161

62-
if (ctx == NULL || wrappedKeyOut == NULL) {
62+
if (ctx == NULL || wrappedKeyOut == NULL || wrappedKeyInOutSz == NULL) {
6363
return WH_ERROR_BADARGS;
6464
}
6565

@@ -77,31 +77,35 @@ int wh_Client_KeyWrapResponse(whClientContext* ctx,
7777
}
7878

7979
if (group != WH_MESSAGE_GROUP_KEY || action != WH_KEY_KEYWRAP ||
80-
size < sizeof(*resp) || size > sizeof(*resp) + wrappedKeySz ||
80+
size < sizeof(*resp) || size > sizeof(*resp) + resp->wrappedKeySz ||
8181
resp->cipherType != cipherType) {
8282
return WH_ERROR_ABORTED;
8383
}
8484

8585
if (resp->rc != 0) {
8686
return resp->rc;
8787
}
88+
else if (resp->wrappedKeySz > *wrappedKeyInOutSz) {
89+
return WH_ERROR_BUFFER_SIZE;
90+
}
8891

8992
/* Copy the wrapped key from the response data into wrappedKeyOut */
9093
respData = (uint8_t*)(resp + 1);
91-
memcpy(wrappedKeyOut, respData, wrappedKeySz);
94+
memcpy(wrappedKeyOut, respData, resp->wrappedKeySz);
95+
*wrappedKeyInOutSz = resp->wrappedKeySz;
9296

9397
return WH_ERROR_OK;
9498
}
9599

96100
int wh_Client_KeyWrap(whClientContext* ctx, enum wc_CipherType cipherType,
97101
uint16_t serverKeyId, void* keyIn, uint16_t keySz,
98102
whNvmMetadata* metadataIn, void* wrappedKeyOut,
99-
uint16_t wrappedKeySz)
103+
uint16_t* wrappedKeySz)
100104
{
101105
int ret = WH_ERROR_OK;
102106

103107
if (ctx == NULL || keyIn == NULL || metadataIn == NULL ||
104-
wrappedKeyOut == NULL) {
108+
wrappedKeyOut == NULL || wrappedKeySz == NULL) {
105109
return WH_ERROR_BADARGS;
106110
}
107111

@@ -159,7 +163,7 @@ int wh_Client_KeyUnwrapAndExportRequest(whClientContext* ctx,
159163
int wh_Client_KeyUnwrapAndExportResponse(whClientContext* ctx,
160164
enum wc_CipherType cipherType,
161165
whNvmMetadata* metadataOut,
162-
void* keyOut, uint16_t keySz)
166+
void* keyOut, uint16_t* keyInOutSz)
163167
{
164168
int ret;
165169
uint16_t group;
@@ -168,7 +172,8 @@ int wh_Client_KeyUnwrapAndExportResponse(whClientContext* ctx,
168172
whMessageKeystore_KeyUnwrapAndExportResponse* resp = NULL;
169173
uint8_t* respData;
170174

171-
if (ctx == NULL || metadataOut == NULL || keyOut == NULL) {
175+
if (ctx == NULL || metadataOut == NULL || keyOut == NULL ||
176+
keyInOutSz == NULL) {
172177
return WH_ERROR_BADARGS;
173178
}
174179

@@ -188,23 +193,24 @@ int wh_Client_KeyUnwrapAndExportResponse(whClientContext* ctx,
188193

189194
if (group != WH_MESSAGE_GROUP_KEY || action != WH_KEY_KEYUNWRAPEXPORT ||
190195
size < sizeof(*resp) ||
191-
size > sizeof(*resp) + sizeof(*metadataOut) + keySz ||
196+
size > sizeof(*resp) + sizeof(*metadataOut) + resp->keySz ||
192197
resp->cipherType != cipherType) {
193198
return WH_ERROR_ABORTED;
194199
}
195200

196201
if (resp->rc != WH_ERROR_OK) {
197202
return resp->rc;
198203
}
199-
else if (resp->keySz != keySz) {
204+
else if (resp->keySz > *keyInOutSz) {
200205
return WH_ERROR_BUFFER_SIZE;
201206
}
202207

203208
/* Copy the metadata and key from the response data into metadataOut and
204209
* keyOut */
205210
respData = (uint8_t*)(resp + 1);
206211
memcpy(metadataOut, respData, sizeof(*metadataOut));
207-
memcpy(keyOut, respData + sizeof(*metadataOut), keySz);
212+
memcpy(keyOut, respData + sizeof(*metadataOut), resp->keySz);
213+
*keyInOutSz = resp->keySz;
208214

209215
return WH_ERROR_OK;
210216
}
@@ -214,12 +220,12 @@ int wh_Client_KeyUnwrapAndExport(whClientContext* ctx,
214220
uint16_t serverKeyId, void* wrappedKeyIn,
215221
uint16_t wrappedKeySz,
216222
whNvmMetadata* metadataOut, void* keyOut,
217-
uint16_t keySz)
223+
uint16_t* keyInOutSz)
218224
{
219225
int ret = WH_ERROR_OK;
220226

221227
if (ctx == NULL || wrappedKeyIn == NULL || metadataOut == NULL ||
222-
keyOut == NULL)
228+
keyOut == NULL || keyInOutSz == NULL)
223229
return WH_ERROR_BADARGS;
224230

225231
ret = wh_Client_KeyUnwrapAndExportRequest(ctx, cipherType, serverKeyId,
@@ -230,7 +236,7 @@ int wh_Client_KeyUnwrapAndExport(whClientContext* ctx,
230236

231237
do {
232238
ret = wh_Client_KeyUnwrapAndExportResponse(ctx, cipherType, metadataOut,
233-
keyOut, keySz);
239+
keyOut, keyInOutSz);
234240
} while (ret == WH_ERROR_NOTREADY);
235241

236242
return ret;
@@ -372,7 +378,7 @@ int wh_Client_DataWrapRequest(whClientContext* ctx,
372378

373379
int wh_Client_DataWrapResponse(whClientContext* ctx,
374380
enum wc_CipherType cipherType,
375-
void* wrappedDataOut, uint32_t wrappedDataSz)
381+
void* wrappedDataOut, uint32_t* wrappedDataSz)
376382
{
377383
int ret;
378384
uint16_t group;
@@ -381,7 +387,7 @@ int wh_Client_DataWrapResponse(whClientContext* ctx,
381387
whMessageKeystore_DataWrapResponse* resp = NULL;
382388
uint8_t* respData;
383389

384-
if (ctx == NULL || wrappedDataOut == NULL) {
390+
if (ctx == NULL || wrappedDataOut == NULL || wrappedDataSz == NULL) {
385391
return WH_ERROR_BADARGS;
386392
}
387393

@@ -399,29 +405,33 @@ int wh_Client_DataWrapResponse(whClientContext* ctx,
399405
}
400406

401407
if (group != WH_MESSAGE_GROUP_KEY || action != WH_KEY_DATAWRAP ||
402-
size < sizeof(*resp) || size > sizeof(*resp) + wrappedDataSz ||
403-
resp->wrappedDataSz != wrappedDataSz ||
408+
size < sizeof(*resp) || size > sizeof(*resp) + resp->wrappedDataSz ||
404409
resp->cipherType != cipherType) {
405410
return WH_ERROR_ABORTED;
406411
}
407412

408413
if (resp->rc != 0) {
409414
return resp->rc;
410415
}
416+
else if (resp->wrappedDataSz > *wrappedDataSz) {
417+
return WH_ERROR_BUFFER_SIZE;
418+
}
411419

412420
/* Copy the wrapped key from the response data into wrappedKeyOut */
413421
respData = (uint8_t*)(resp + 1);
414-
memcpy(wrappedDataOut, respData, wrappedDataSz);
422+
memcpy(wrappedDataOut, respData, resp->wrappedDataSz);
423+
*wrappedDataSz = resp->wrappedDataSz;
415424

416425
return WH_ERROR_OK;
417426
}
418427

419428
int wh_Client_DataWrap(whClientContext* ctx, enum wc_CipherType cipherType,
420429
uint16_t serverKeyId, void* dataIn, uint32_t dataInSz,
421-
void* wrappedDataOut, uint32_t wrappedDataOutSz)
430+
void* wrappedDataOut, uint32_t* wrappedDataInOutSz)
422431
{
423432
int ret;
424-
if (ctx == NULL || wrappedDataOut == NULL || dataIn == NULL) {
433+
if (ctx == NULL || wrappedDataOut == NULL || dataIn == NULL ||
434+
wrappedDataInOutSz == NULL) {
425435
return WH_ERROR_BADARGS;
426436
}
427437

@@ -433,7 +443,7 @@ int wh_Client_DataWrap(whClientContext* ctx, enum wc_CipherType cipherType,
433443

434444
do {
435445
ret = wh_Client_DataWrapResponse(ctx, cipherType, wrappedDataOut,
436-
wrappedDataOutSz);
446+
wrappedDataInOutSz);
437447

438448
} while (ret == WH_ERROR_NOTREADY);
439449

@@ -476,7 +486,7 @@ int wh_Client_DataUnwrapRequest(whClientContext* ctx,
476486

477487
int wh_Client_DataUnwrapResponse(whClientContext* ctx,
478488
enum wc_CipherType cipherType, void* dataOut,
479-
uint32_t dataSz)
489+
uint32_t* dataSz)
480490
{
481491
int ret;
482492
uint16_t group;
@@ -485,7 +495,7 @@ int wh_Client_DataUnwrapResponse(whClientContext* ctx,
485495
whMessageKeystore_DataUnwrapResponse* resp = NULL;
486496
uint8_t* respData;
487497

488-
if (ctx == NULL || dataOut == NULL) {
498+
if (ctx == NULL || dataOut == NULL || dataSz == NULL) {
489499
return WH_ERROR_BADARGS;
490500
}
491501

@@ -503,28 +513,33 @@ int wh_Client_DataUnwrapResponse(whClientContext* ctx,
503513
}
504514

505515
if (group != WH_MESSAGE_GROUP_KEY || action != WH_KEY_DATAUNWRAP ||
506-
size < sizeof(*resp) || size > sizeof(*resp) + dataSz ||
507-
resp->dataSz != dataSz || resp->cipherType != cipherType) {
516+
size < sizeof(*resp) || size > sizeof(*resp) + resp->dataSz ||
517+
resp->cipherType != cipherType) {
508518
return WH_ERROR_ABORTED;
509519
}
510520

511521
if (resp->rc != 0) {
512522
return resp->rc;
513523
}
524+
else if (resp->dataSz > *dataSz) {
525+
return WH_ERROR_BUFFER_SIZE;
526+
}
514527

515528
/* Copy the wrapped key from the response data into wrappedKeyOut */
516529
respData = (uint8_t*)(resp + 1);
517-
memcpy(dataOut, respData, dataSz);
530+
memcpy(dataOut, respData, resp->dataSz);
531+
*dataSz = resp->dataSz;
518532

519533
return WH_ERROR_OK;
520534
}
521535
int wh_Client_DataUnwrap(whClientContext* ctx, enum wc_CipherType cipherType,
522536
uint16_t serverKeyId, void* wrappedDataIn,
523537
uint32_t wrappedDataInSz, void* dataOut,
524-
uint32_t dataOutSz)
538+
uint32_t* dataInOutSz)
525539
{
526540
int ret;
527-
if (ctx == NULL || wrappedDataIn == NULL || dataOut == NULL) {
541+
if (ctx == NULL || wrappedDataIn == NULL || dataOut == NULL ||
542+
dataInOutSz == NULL) {
528543
return WH_ERROR_BADARGS;
529544
}
530545

@@ -535,7 +550,8 @@ int wh_Client_DataUnwrap(whClientContext* ctx, enum wc_CipherType cipherType,
535550
}
536551

537552
do {
538-
ret = wh_Client_DataUnwrapResponse(ctx, cipherType, dataOut, dataOutSz);
553+
ret =
554+
wh_Client_DataUnwrapResponse(ctx, cipherType, dataOut, dataInOutSz);
539555

540556
} while (ret == WH_ERROR_NOTREADY);
541557

0 commit comments

Comments
 (0)