OrgACRN
/
acrn-hypervisor
mirror of https://github.com/projectacrn/acrn-hypervisor.git
1
0
Fork 0
Code Issues Releases Wiki Activity

HV: replace dynamic memory with static for crypto library 

Remove dynamic memory allocation in crypto lib, use array to
replace them.

Tracked-On: #1900
Reviewed-by: Bing Zhu <bing.zhu@intel.com>
Signed-off-by: Chen Gang G <gang.g.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This commit is contained in:
Chen Gang G 2018-11-19 10:02:28 +08:00 committed by lijinxia
parent 2afa7173ef
commit 0100b5a2e1
6 changed files with 19 additions and 61 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
hypervisor/lib/crypto/crypto_api.c
View File

@ -52,8 +52,8 @@ int hmac_sha256(uint8_t *out_key,
}
if (mbedtls_md_hmac(md,
salt, salt_len,
secret, secret_len,
salt, salt_len,
out_key) != 0) {
return 0;
}

2
hypervisor/lib/crypto/mbedtls/hkdf.c
View File

@ -121,7 +121,7 @@ int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk,
mbedtls_md_init( &ctx );
if( (ret = mbedtls_md_setup( &ctx, md, 1) ) != 0 )
if( (ret = mbedtls_md_setup( &ctx, md) ) != 0 )
{
goto exit;
}

29
hypervisor/lib/crypto/mbedtls/md.c
View File

@ -59,19 +59,9 @@ void mbedtls_md_init( mbedtls_md_context_t *ctx )
void mbedtls_md_free( mbedtls_md_context_t *ctx )
{
if( ctx == NULL || ctx->md_info == NULL )
if( ctx == NULL )
return;
if( ctx->md_ctx != NULL )
ctx->md_info->ctx_free_func( ctx->md_ctx );
if( ctx->hmac_ctx != NULL )
{
mbedtls_platform_zeroize( ctx->hmac_ctx,
2 * ctx->md_info->block_size );
mbedtls_free( ctx->hmac_ctx );
}
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md_context_t ) );
}
@ -90,24 +80,11 @@ int mbedtls_md_clone( mbedtls_md_context_t *dst,
return( 0 );
}
int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac )
int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info )
{
if( md_info == NULL || ctx == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
if( ( ctx->md_ctx = md_info->ctx_alloc_func() ) == NULL )
return( MBEDTLS_ERR_MD_ALLOC_FAILED );
if( hmac != 0 )
{
ctx->hmac_ctx = mbedtls_calloc( 2, md_info->block_size );
if( ctx->hmac_ctx == NULL )
{
md_info->ctx_free_func( ctx->md_ctx );
return( MBEDTLS_ERR_MD_ALLOC_FAILED );
}
}
ctx->md_info = md_info;
return( 0 );
@ -254,7 +231,7 @@ int mbedtls_md_hmac( const mbedtls_md_info_t *md_info,
mbedtls_md_init( &ctx );
if( ( ret = mbedtls_md_setup( &ctx, md_info, 1 ) ) != 0 )
if( ( ret = mbedtls_md_setup( &ctx, md_info ) ) != 0 )
goto cleanup;
if( ( ret = mbedtls_md_hmac_starts( &ctx, key, keylen ) ) != 0 )

23
hypervisor/lib/crypto/mbedtls/md.h
View File

@ -29,6 +29,7 @@
#define MBEDTLS_MD_H
#include <rtl.h>
#include "sha256.h"
#define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /**< The selected feature is not available. */
#define MBEDTLS_ERR_MD_BAD_INPUT_DATA -0x5100 /**< Bad input parameters to function. */
#define MBEDTLS_ERR_MD_ALLOC_FAILED -0x5180 /**< Failed to allocate memory. */
@ -36,8 +37,6 @@
#define MBEDTLS_ERR_MD_HW_ACCEL_FAILED -0x5280 /**< MD hardware accelerator failed. */
#define mbedtls_platform_zeroize(buf, len) memset(buf, 0, len)
#define mbedtls_calloc calloc
#define mbedtls_free free
/**
* \brief Supported message digests.
@ -62,11 +61,19 @@ typedef struct {
/** Information about the associated message digest. */
const mbedtls_md_info_t *md_info;
/** The digest-specific context. */
void *md_ctx;
/** The digest-specific context. Use array here to avoid dynamic memory
* allocation. The size of the array size is determined by this line
* in md_wrap.c
* void *ctx = mbedtls_calloc(1, sizeof( mbedtls_sha256_context ));
*/
unsigned char md_ctx[sizeof( mbedtls_sha256_context )];
/** The HMAC part of the context. */
void *hmac_ctx;
/** The HMAC part of the context. Use array here to avoid dynamic memory
* allocation. The hardcode value 128 is determined by 2 parts:
* 1. In md.c ctx->hmac_ctx=mbedtls_calloc(2, md_info->block_size);
* 2. block_size is 64 in md_wrap.c
*/
unsigned char hmac_ctx[128];
} mbedtls_md_context_t;
/**
@ -127,15 +134,13 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx );
* \param ctx The context to set up.
* \param md_info The information structure of the message-digest algorithm
* to use.
* \param hmac Defines if HMAC is used. 0: HMAC is not used (saves some memory),
* or non-zero: HMAC is used with this context.
*
* \return \c 0 on success.
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
* failure.
* \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure.
*/
int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac );
int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info );
/**
* \brief This function clones the state of an message-digest

6
hypervisor/lib/crypto/mbedtls/md_internal.h
View File

@ -62,12 +62,6 @@ struct mbedtls_md_info_t
int (*digest_func)( const unsigned char *input, size_t ilen,
unsigned char *output );
/** Allocate a new context */
void * (*ctx_alloc_func)( void );
/** Free the given context */
void (*ctx_free_func)( void *ctx );
/** Clone state from a context */
void (*clone_func)( void *dst, const void *src );

18
hypervisor/lib/crypto/mbedtls/md_wrap.c
View File

@ -45,22 +45,6 @@ static int sha256_finish_wrap( void *ctx, unsigned char *output )
output ) );
}
static void *sha256_ctx_alloc( void )
{
void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha256_context ) );
if( ctx != NULL )
mbedtls_sha256_init( (mbedtls_sha256_context *) ctx );
return( ctx );
}
static void sha256_ctx_free( void *ctx )
{
mbedtls_sha256_free( (mbedtls_sha256_context *) ctx );
mbedtls_free( ctx );
}
static void sha256_clone_wrap( void *dst, const void *src )
{
mbedtls_sha256_clone( (mbedtls_sha256_context *) dst,
@ -93,8 +77,6 @@ const mbedtls_md_info_t mbedtls_sha256_info = {
sha256_update_wrap,
sha256_finish_wrap,
sha256_wrap,
sha256_ctx_alloc,
sha256_ctx_free,
sha256_clone_wrap,
sha256_process_wrap,
};