projects / platform / core / security / key-manager.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8ed5fc2)
Pass key length to KBKDF in TZ backend 93/296793/1
authorKrzysztof Jackiewicz <k.jackiewicz@samsung.com>
Thu, 20 Jul 2023 12:20:20 +0000 (14:20 +0200)
committerKrzysztof Jackiewicz <k.jackiewicz@samsung.com>
Fri, 4 Aug 2023 08:10:20 +0000 (10:10 +0200)
Change-Id: I5cd90b8754b7aa89371e515ffac79cd35c9b5004

src/manager/crypto/tz-backend/internals.cpp patch | blob | history
src/manager/crypto/tz-backend/tz-context.cpp patch | blob | history
src/manager/crypto/tz-backend/tz-context.h patch | blob | history

diff --git a/src/manager/crypto/tz-backend/internals.cpp b/src/manager/crypto/tz-backend/internals.cpp
index d0cc232..5a19cba 100644 (file)
--- a/src/manager/crypto/tz-backend/internals.cpp
+++ b/src/manager/crypto/tz-backend/internals.cpp
@@ -810,6 +810,8 @@ void deriveKBKDF(const RawBuffer &secretId,
                                 const RawBuffer &keyHash)
 {
        RawBuffer label, context, fixed;
+       size_t length;
+       alg.getParam(ParamName::KDF_LEN, length);
        alg.getParam(ParamName::KBKDF_LABEL, label);
        alg.getParam(ParamName::KBKDF_CONTEXT, context);
        alg.getParam(ParamName::KBKDF_FIXED_INPUT, fixed);
@@ -826,6 +828,7 @@ void deriveKBKDF(const RawBuffer &secretId,
 
        TrustZoneContext::Instance().executeKbkdf(secretId,
                                                                                          secretPwd,
+                                                                                         length,
                                                                                          label,
                                                                                          context,
                                                                                          fixed,
diff --git a/src/manager/crypto/tz-backend/tz-context.cpp b/src/manager/crypto/tz-backend/tz-context.cpp
index ad09c65..a457462 100644 (file)
--- a/src/manager/crypto/tz-backend/tz-context.cpp
+++ b/src/manager/crypto/tz-backend/tz-context.cpp
@@ -891,6 +891,7 @@ void TrustZoneContext::executeEcdh(const RawBuffer &prvKeyId,
 
 void TrustZoneContext::executeKbkdf(const RawBuffer& secretId,
                                                                        const Pwd& secretPwd,
+                                                                       size_t length,
                                                                        const RawBuffer& label,
                                                                        const RawBuffer& context,
                                                                        const RawBuffer& fixed,
@@ -910,6 +911,7 @@ void TrustZoneContext::executeKbkdf(const RawBuffer& secretId,
 
        auto sIn = makeSerializer(secretId,
                                                          secretPwd,
+                                                         length,
                                                          label,
                                                          context,
                                                          fixed,
diff --git a/src/manager/crypto/tz-backend/tz-context.h b/src/manager/crypto/tz-backend/tz-context.h
index 015b44b..51f9be1 100644 (file)
--- a/src/manager/crypto/tz-backend/tz-context.h
+++ b/src/manager/crypto/tz-backend/tz-context.h
@@ -184,6 +184,7 @@ public:
 
        void executeKbkdf(const RawBuffer& secretId,
                                          const Pwd& secretPwd,
+                                         size_t length,
                                          const RawBuffer& label,
                                          const RawBuffer& context,
                                          const RawBuffer& fixed,
Domain: Security / Utilities;