diff options
| author | Dongsun Lee <ds73.lee@samsung.com> | 2023-07-29 16:26:10 +0900 |
|---|---|---|
| committer | Dongsun Lee <ds73.lee@samsung.com> | 2023-07-29 16:28:03 +0900 |
| commit | f3f7d305fa4ccdd1d302f157497ebec76129bb41 (patch) | |
| tree | 7f51680725a4974b60191cb5167ef6ac62f5df06 | |
| parent | c5445678726f97a53d86dc2ec22b4fc0c5f0d7ef (diff) | |
| download | key-manager-f3f7d305fa4ccdd1d302f157497ebec76129bb41.tar.gz key-manager-f3f7d305fa4ccdd1d302f157497ebec76129bb41.tar.bz2 key-manager-f3f7d305fa4ccdd1d302f157497ebec76129bb41.zip | |
Fix bugs during exporting a wrapped key
- generous output size check
- enlarged encryption overhead for RSA
- use type of wrap to key
Change-Id: I64367edf00d58e67df62a682a05c58dae5e2327b
| -rw-r--r-- | src/manager/crypto/tz-backend/obj.cpp | 2 | ||||
| -rw-r--r-- | src/manager/crypto/tz-backend/tz-context.cpp | 6 |
2 files changed, 6 insertions, 2 deletions
diff --git a/src/manager/crypto/tz-backend/obj.cpp b/src/manager/crypto/tz-backend/obj.cpp index a8115576..a1fbbb7a 100644 --- a/src/manager/crypto/tz-backend/obj.cpp +++ b/src/manager/crypto/tz-backend/obj.cpp @@ -120,7 +120,7 @@ RawBuffer Key::wrap(const CryptoAlgorithm &alg, alg, keyToWrapId, Pwd(keyToWrapPass, keyToWrapIV, keyToWrapTag), - m_type); + keyToWrap.dataType); } RawBuffer SKey::encrypt(const CryptoAlgorithm &alg, const RawBuffer &data) diff --git a/src/manager/crypto/tz-backend/tz-context.cpp b/src/manager/crypto/tz-backend/tz-context.cpp index 87109821..fb05e3c5 100644 --- a/src/manager/crypto/tz-backend/tz-context.cpp +++ b/src/manager/crypto/tz-backend/tz-context.cpp @@ -770,9 +770,13 @@ RawBuffer TrustZoneContext::exportWrappedKey(const RawBuffer &wrappingKeyId, LogDebug("GetData data_size = [" << dataSize << "]"); + uint32_t enc_overhead = KM_ENCRYPTION_OVERHEAD; + if (algo == ALGO_RSA) + enc_overhead = KM_RSA_BLOCK_SIZE; + // encrypted data may be longer TZSerializer sOut; - sOut.Push(new TZSerializableBinary(dataSize + KM_ENCRYPTION_OVERHEAD)); + sOut.Push(new TZSerializableBinary(dataSize + enc_overhead, false)); TrustZoneMemory outMemory(m_Context, sOut.GetSize(), TEEC_MEM_OUTPUT); sOut.Serialize(outMemory); |