Adjust error codes to key-manager

Depending on the context the failing GCM tag verification should return
different errors. Key-manager distinguishes 2 such situations:
1. Client performs GCM decryption and tag verification fails. In such case the
error returned to the client should indicate invalid parameter.
2. Client performs a cryptographic operation using a password protected key. If
password is wrong the GCM decryption of the key fails and should return an error
indication authentication failuire.

If GCM decryption requested by cliend fails with TEE_ERROR_MAC_INVALID, return
TEE_ERROR_BAD_PARAMETERS (case 1). If key decryption fails with
TEE_ERROR_MAC_INVALID (case 2) propagate it to key-manager unchanged. This way
key-manager will be able to distinguish both cases.

Change-Id: I8b5cc23281d71959fc89511e183e205deff170ad

diff --git a/ta/src/cmd_exec.c b/ta/src/cmd_exec.c
index 7ba1a4be84175b1f82640175d200a8a70ed972e1..2ca965c14b27ad7e90580c35a8614b54fe488344 100644 (file)
--- a/ta/src/cmd_exec.c
+++ b/ta/src/cmd_exec.c
@@ -970,6 +970,10 @@ TEE_Result KM_ExecCmdAuth(uint32_t commandID, TEE_Param param[4])
                                                        input_data->data_size, ae_data->aad.data,
                                                        ae_data->aad.data_size, tag_data->data, tag_data->data_size,
                                                        out, &out_size);
+
+               // key-manager expects TEE_ERROR_BAD_PARAMETERS error if MAC verification fails
+               if (ret == TEE_ERROR_MAC_INVALID)
+                       ret = TEE_ERROR_BAD_PARAMETERS;
        }
 
        if (TEE_SUCCESS != ret) {