From bc78ab2217481cf7aef43ad82f50df69df16c112 Mon Sep 17 00:00:00 2001 From: makejian Date: Mon, 28 Jul 2025 15:25:20 +0800 Subject: [PATCH] mbedtls-alt: aligned alternative implementation return value with mbedtls mbedtls interfaces overwritten by nuttx crypto driver, change return value of mbedtls interfaces from return value of nuttx crypto driver into starndard return value of mbedtls Signed-off-by: makejian --- crypto/mbedtls/source/cmac_alt.c | 12 +++++++++++- crypto/mbedtls/source/poly1305_alt.c | 19 +++++++++++++++++-- crypto/mbedtls/source/sha1_alt.c | 19 +++++++++++++++++-- crypto/mbedtls/source/sha256_alt.c | 24 ++++++++++++++++++++++-- crypto/mbedtls/source/sha512_alt.c | 24 ++++++++++++++++++++++-- 5 files changed, 89 insertions(+), 9 deletions(-) diff --git a/crypto/mbedtls/source/cmac_alt.c b/crypto/mbedtls/source/cmac_alt.c index a72ef94b02b..c17d4ebdc89 100644 --- a/crypto/mbedtls/source/cmac_alt.c +++ b/crypto/mbedtls/source/cmac_alt.c @@ -107,7 +107,12 @@ int mbedtls_cipher_cmac_update(FAR mbedtls_cipher_context_t *ctx, ctx->cmac_ctx->dev.crypt.flags |= COP_FLAG_UPDATE; ctx->cmac_ctx->dev.crypt.src = (caddr_t)input; ctx->cmac_ctx->dev.crypt.len = ilen; - return cryptodev_crypt(&ctx->cmac_ctx->dev); + if (cryptodev_crypt(&ctx->cmac_ctx->dev) != 0) + { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } + + return 0; } int mbedtls_cipher_cmac_finish(FAR mbedtls_cipher_context_t *ctx, @@ -123,6 +128,11 @@ int mbedtls_cipher_cmac_finish(FAR mbedtls_cipher_context_t *ctx, ctx->cmac_ctx->dev.crypt.flags = 0; ctx->cmac_ctx->dev.crypt.mac = (caddr_t)output; ret = cryptodev_crypt(&ctx->cmac_ctx->dev); + if (ret != 0) + { + ret = MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } + cryptodev_free_session(&ctx->cmac_ctx->dev); cryptodev_free(&ctx->cmac_ctx->dev); return ret; diff --git a/crypto/mbedtls/source/poly1305_alt.c b/crypto/mbedtls/source/poly1305_alt.c index 7c0e8110f66..0df9ddf3ea9 100644 --- a/crypto/mbedtls/source/poly1305_alt.c +++ b/crypto/mbedtls/source/poly1305_alt.c @@ -46,7 +46,12 @@ int mbedtls_poly1305_starts(FAR mbedtls_poly1305_context *ctx, ctx->session.mac = CRYPTO_POLY1305; ctx->session.mackey = (caddr_t)key; ctx->session.mackeylen = 32; - return cryptodev_get_session(ctx); + if (cryptodev_get_session(ctx) != 0) + { + return MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA; + } + + return 0; } int mbedtls_poly1305_update(FAR mbedtls_poly1305_context *ctx, @@ -57,7 +62,12 @@ int mbedtls_poly1305_update(FAR mbedtls_poly1305_context *ctx, ctx->crypt.flags |= COP_FLAG_UPDATE; ctx->crypt.src = (caddr_t)input; ctx->crypt.len = ilen; - return cryptodev_crypt(ctx); + if (cryptodev_crypt(ctx) != 0) + { + return MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA; + } + + return 0; } int mbedtls_poly1305_finish(FAR mbedtls_poly1305_context *ctx, @@ -69,6 +79,11 @@ int mbedtls_poly1305_finish(FAR mbedtls_poly1305_context *ctx, ctx->crypt.flags = 0; ctx->crypt.mac = (caddr_t)mac; ret = cryptodev_crypt(ctx); + if (ret != 0) + { + ret = MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA; + } + cryptodev_free_session(ctx); return ret; } diff --git a/crypto/mbedtls/source/sha1_alt.c b/crypto/mbedtls/source/sha1_alt.c index 8c3e6b353db..04e7c511a84 100644 --- a/crypto/mbedtls/source/sha1_alt.c +++ b/crypto/mbedtls/source/sha1_alt.c @@ -48,7 +48,12 @@ void mbedtls_sha1_free(FAR mbedtls_sha1_context *ctx) int mbedtls_sha1_starts(FAR mbedtls_sha1_context *ctx) { ctx->session.mac = CRYPTO_SHA1; - return cryptodev_get_session(ctx); + if (cryptodev_get_session(ctx) != 0) + { + return MBEDTLS_ERR_SHA1_BAD_INPUT_DATA; + } + + return 0; } int mbedtls_sha1_update(FAR mbedtls_sha1_context *ctx, @@ -59,7 +64,12 @@ int mbedtls_sha1_update(FAR mbedtls_sha1_context *ctx, ctx->crypt.flags |= COP_FLAG_UPDATE; ctx->crypt.src = (caddr_t)input; ctx->crypt.len = ilen; - return cryptodev_crypt(ctx); + if (cryptodev_crypt(ctx) != 0) + { + return MBEDTLS_ERR_SHA1_BAD_INPUT_DATA; + } + + return 0; } int mbedtls_sha1_finish(FAR mbedtls_sha1_context *ctx, @@ -71,6 +81,11 @@ int mbedtls_sha1_finish(FAR mbedtls_sha1_context *ctx, ctx->crypt.flags = 0; ctx->crypt.mac = (caddr_t)output; ret = cryptodev_crypt(ctx); + if (ret != 0) + { + ret = MBEDTLS_ERR_SHA1_BAD_INPUT_DATA; + } + cryptodev_free_session(ctx); return ret; } diff --git a/crypto/mbedtls/source/sha256_alt.c b/crypto/mbedtls/source/sha256_alt.c index 7b716acb869..4de03a342ca 100644 --- a/crypto/mbedtls/source/sha256_alt.c +++ b/crypto/mbedtls/source/sha256_alt.c @@ -47,6 +47,11 @@ void mbedtls_sha256_free(FAR mbedtls_sha256_context *ctx) int mbedtls_sha256_starts(FAR mbedtls_sha256_context *ctx, int is224) { + if (is224 != 0 && is224 != 1) + { + return MBEDTLS_ERR_SHA256_BAD_INPUT_DATA; + } + if (is224) { ctx->session.mac = CRYPTO_SHA2_224; @@ -56,7 +61,12 @@ int mbedtls_sha256_starts(FAR mbedtls_sha256_context *ctx, int is224) ctx->session.mac = CRYPTO_SHA2_256; } - return cryptodev_get_session(ctx); + if (cryptodev_get_session(ctx) != 0) + { + return MBEDTLS_ERR_SHA256_BAD_INPUT_DATA; + } + + return 0; } int mbedtls_sha256_update(FAR mbedtls_sha256_context *ctx, @@ -67,7 +77,12 @@ int mbedtls_sha256_update(FAR mbedtls_sha256_context *ctx, ctx->crypt.flags |= COP_FLAG_UPDATE; ctx->crypt.src = (caddr_t)input; ctx->crypt.len = ilen; - return cryptodev_crypt(ctx); + if (cryptodev_crypt(ctx) != 0) + { + return MBEDTLS_ERR_SHA256_BAD_INPUT_DATA; + } + + return 0; } int mbedtls_sha256_finish(FAR mbedtls_sha256_context *ctx, @@ -79,6 +94,11 @@ int mbedtls_sha256_finish(FAR mbedtls_sha256_context *ctx, ctx->crypt.flags = 0; ctx->crypt.mac = (caddr_t)output; ret = cryptodev_crypt(ctx); + if (ret != 0) + { + ret = MBEDTLS_ERR_SHA256_BAD_INPUT_DATA; + } + cryptodev_free_session(ctx); return ret; } diff --git a/crypto/mbedtls/source/sha512_alt.c b/crypto/mbedtls/source/sha512_alt.c index 2793b8426c1..4fb3ed85095 100644 --- a/crypto/mbedtls/source/sha512_alt.c +++ b/crypto/mbedtls/source/sha512_alt.c @@ -47,6 +47,11 @@ void mbedtls_sha512_free(FAR mbedtls_sha512_context *ctx) int mbedtls_sha512_starts(FAR mbedtls_sha512_context *ctx, int is384) { + if (is384 != 0 && is384 != 1) + { + return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA; + } + if (is384) { ctx->session.mac = CRYPTO_SHA2_384; @@ -56,7 +61,12 @@ int mbedtls_sha512_starts(FAR mbedtls_sha512_context *ctx, int is384) ctx->session.mac = CRYPTO_SHA2_512; } - return cryptodev_get_session(ctx); + if (cryptodev_get_session(ctx) != 0) + { + return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA; + } + + return 0; } int mbedtls_sha512_update(FAR mbedtls_sha512_context *ctx, @@ -67,7 +77,12 @@ int mbedtls_sha512_update(FAR mbedtls_sha512_context *ctx, ctx->crypt.flags |= COP_FLAG_UPDATE; ctx->crypt.src = (caddr_t)input; ctx->crypt.len = ilen; - return cryptodev_crypt(ctx); + if (cryptodev_crypt(ctx) != 0) + { + return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA; + } + + return 0; } int mbedtls_sha512_finish(FAR mbedtls_sha512_context *ctx, @@ -79,6 +94,11 @@ int mbedtls_sha512_finish(FAR mbedtls_sha512_context *ctx, ctx->crypt.flags = 0; ctx->crypt.mac = (caddr_t)output; ret = cryptodev_crypt(ctx); + if (ret != 0) + { + ret = MBEDTLS_ERR_SHA512_BAD_INPUT_DATA; + } + cryptodev_free_session(ctx); return ret; }