sOut.Deserialize(outMemory);
sOut.Pull(keyId);
sOut.Pull(pwdTag);
-
- if (keyId.size() != KM_KEY_ID_SIZE) {
- ThrowErr(Exc::Crypto::InternalError, "Deserialized incorrect key ID");
- }
-
- if (pwdTag.size() != Params::DEFAULT_AES_GCM_TAG_LEN_BYTES) {
- ThrowErr(Exc::Crypto::InternalError, "Deserialized incorrect key tag");
- }
}
void TrustZoneContext::GenerateAKey(tz_command commandId,
TZSerializer sOut;
sOut.Push(new TZSerializableBinary(KM_KEY_ID_SIZE));
- sOut.Push(new TZSerializableBinary(pubTagSize));
+ if (pubTagSize) {
+ sOut.Push(new TZSerializableBinary(pubTagSize));
+ }
sOut.Push(new TZSerializableBinary(KM_KEY_ID_SIZE));
- sOut.Push(new TZSerializableBinary(privTagSize));
+ if (privTagSize) {
+ sOut.Push(new TZSerializableBinary(privTagSize));
+ }
TrustZoneMemory outMemory(m_Context, sOut.GetSize(), TEEC_MEM_OUTPUT);
sOut.Deserialize(outMemory);
sOut.Pull(pubKeyId);
- if (pubKeyId.size() != KM_KEY_ID_SIZE) {
- ThrowErr(Exc::Crypto::InternalError, "Failed to deserialize public key ID");
- }
if (pubPwdExists) {
sOut.Pull(pubKeyTag);
}
sOut.Pull(privKeyId);
- if (privKeyId.size() != KM_KEY_ID_SIZE) {
- ThrowErr(Exc::Crypto::InternalError, "Failed to deserialize private key ID");
- }
if (privPwdExists) {
sOut.Pull(privKeyTag);
}
TZSerializer sOut;
- sOut.Push(new TZSerializableBinary(outMemorySize));
+ sOut.Push(new TZSerializableBinary(outMemorySize, false));
TrustZoneMemory outMemory(m_Context, sOut.GetSize(), TEEC_MEM_OUTPUT);
TEEC_Operation op;
uint32_t tagSizeBytes = (tagSizeBits + 7) / 8;
TZSerializer sOut;
- sOut.Push(new TZSerializableBinary(outMemorySize));
+ sOut.Push(new TZSerializableBinary(outMemorySize, false));
sOut.Push(new TZSerializableBinary(tagSizeBytes));
TrustZoneMemory outMemory(m_Context, sOut.GetSize(), TEEC_MEM_OUTPUT);
sIn.Serialize(inMemory);
TZSerializer sOut;
- sOut.Push(new TZSerializableBinary(MAX_KEY_SIZE.at(algo)));
+ sOut.Push(new TZSerializableBinary(MAX_KEY_SIZE.at(algo), false));
TrustZoneMemory outMemory(m_Context, sOut.GetSize(), TEEC_MEM_OUTPUT);
TEEC_Operation op;
// TZSerializableBinary
-TZSerializableBinary::TZSerializableBinary(uint32_t data_size)
+TZSerializableBinary::TZSerializableBinary(uint32_t data_size, bool is_size_fixed)
{
m_data.data = nullptr;
m_data.data_size = data_size;
+ m_isSizeFixed = is_size_fixed;
+ m_expectedSize = data_size;
}
TZSerializableBinary::TZSerializableBinary(const RawBuffer &data)
{
m_data.data = data.empty() ? nullptr : const_cast<unsigned char *>(data.data());
m_data.data_size = data.size();
+ m_isSizeFixed = true;
+ m_expectedSize = data.size();
}
uint32_t TZSerializableBinary::GetSize() const
int TZSerializableBinary::Deserialize(void **buffer, uint32_t *size_guard)
{
- return KM_DeserializeBinaryData(buffer, size_guard, &m_data);
+ int ret = KM_DeserializeBinaryData(buffer, size_guard, &m_data);
+ if (m_isSizeFixed) {
+ if (m_data.data_size != m_expectedSize) {
+ ThrowErr(Exc::Crypto::InternalError, "Size of deserialized data differ from size given in constructor.");
+ }
+ } else {
+ if (m_data.data_size > m_expectedSize) {
+ ThrowErr(Exc::Crypto::InternalError, "Size of deserialized data is bigger than size given in constructor.");
+ }
+ }
+ return ret;
}
void TZSerializableBinary::Pull(RawBuffer &buffer) const
class TZSerializableBinary : public TZSerializable {
public:
- explicit TZSerializableBinary(uint32_t data_size);
+ explicit TZSerializableBinary(uint32_t data_size, bool is_size_fixed = true);
explicit TZSerializableBinary(const RawBuffer &data);
uint32_t GetSize() const override;
int Serialize(void **buffer, uint32_t *size_guard) const override;
void Pull(RawBuffer &buffer) const override;
private:
KM_BinaryData m_data;
+ bool m_isSizeFixed;
+ uint32_t m_expectedSize;
};
projects / platform / core / security / key-manager.git / commitdiff