drivers: crypto: stm32: Replace buffer len assert by error logic

erwango · carlescufi · commit e35974c80405 · 2023-08-30T10:19:07.000+02:00
In case asserts are deactivated, no check is done on buffers length.
Remove asserts and return an error when lengths are not correct.

Check error in case length is set by API user.

Signed-off-by: Erwan Gouriou &lt;erwan.gouriou@st.com&gt;
diff --git a/drivers/crypto/crypto_stm32.c b/drivers/crypto/crypto_stm32.c
@@ -50,18 +50,22 @@ LOG_MODULE_REGISTER(crypto_stm32);
 
 struct crypto_stm32_session crypto_stm32_sessions[CRYPTO_MAX_SESSION];
 
-static void copy_reverse_words(uint8_t *dst_buf, int dst_len,
-			       uint8_t *src_buf, int src_len)
+static int copy_reverse_words(uint8_t *dst_buf, int dst_len,
+			      uint8_t *src_buf, int src_len)
 {
 	int i;
 
-	__ASSERT_NO_MSG(dst_len >= src_len);
-	__ASSERT_NO_MSG((dst_len % 4) == 0);
+	if ((dst_len < src_len) || ((dst_len % 4) != 0)) {
+		LOG_ERR("Buffer length error");
+		return -EINVAL;
+	}
 
 	memcpy(dst_buf, src_buf, src_len);
 	for (i = 0; i < dst_len; i += sizeof(uint32_t)) {
 		sys_mem_swap(&dst_buf[i], sizeof(uint32_t));
 	}
+
+	return 0;
 }
 
 static int do_encrypt(struct cipher_ctx *ctx, uint8_t *in_buf, int in_len,
@@ -175,7 +179,8 @@ static int crypto_stm32_cbc_encrypt(struct cipher_ctx *ctx,
 
 	struct crypto_stm32_session *session = CRYPTO_STM32_SESSN(ctx);
 
-	copy_reverse_words((uint8_t *)vec, sizeof(vec), iv, BLOCK_LEN_BYTES);
+	(void)copy_reverse_words((uint8_t *)vec, sizeof(vec), iv, BLOCK_LEN_BYTES);
+
 	session->config.pInitVect = vec;
 
 	if ((ctx->flags & CAP_NO_IV_PREFIX) == 0U) {
@@ -202,7 +207,8 @@ static int crypto_stm32_cbc_decrypt(struct cipher_ctx *ctx,
 
 	struct crypto_stm32_session *session = CRYPTO_STM32_SESSN(ctx);
 
-	copy_reverse_words((uint8_t *)vec, sizeof(vec), iv, BLOCK_LEN_BYTES);
+	(void)copy_reverse_words((uint8_t *)vec, sizeof(vec), iv, BLOCK_LEN_BYTES);
+
 	session->config.pInitVect = vec;
 
 	if ((ctx->flags & CAP_NO_IV_PREFIX) == 0U) {
@@ -227,7 +233,10 @@ static int crypto_stm32_ctr_encrypt(struct cipher_ctx *ctx,
 
 	struct crypto_stm32_session *session = CRYPTO_STM32_SESSN(ctx);
 
-	copy_reverse_words((uint8_t *)ctr, sizeof(ctr), iv, ivlen);
+	if (copy_reverse_words((uint8_t *)ctr, sizeof(ctr), iv, ivlen) != 0) {
+		return -EIO;
+	}
+
 	session->config.pInitVect = ctr;
 
 	ret = do_encrypt(ctx, pkt->in_buf, pkt->in_len, pkt->out_buf);
@@ -247,7 +256,10 @@ static int crypto_stm32_ctr_decrypt(struct cipher_ctx *ctx,
 
 	struct crypto_stm32_session *session = CRYPTO_STM32_SESSN(ctx);
 
-	copy_reverse_words((uint8_t *)ctr, sizeof(ctr), iv, ivlen);
+	if (copy_reverse_words((uint8_t *)ctr, sizeof(ctr), iv, ivlen) != 0) {
+		return -EIO;
+	}
+
 	session->config.pInitVect = ctr;
 
 	ret = do_decrypt(ctx, pkt->in_buf, pkt->in_len, pkt->out_buf);
@@ -285,7 +297,7 @@ static int crypto_stm32_session_setup(const struct device *dev,
 				      enum cipher_mode mode,
 				      enum cipher_op op_type)
 {
-	int ctx_idx;
+	int ctx_idx, ret;
 	struct crypto_stm32_session *session;
 
 	struct crypto_stm32_data *data = CRYPTO_STM32_DATA(dev);
@@ -394,8 +406,11 @@ static int crypto_stm32_session_setup(const struct device *dev,
 		}
 	}
 
-	copy_reverse_words((uint8_t *)session->key, CRYPTO_STM32_AES_MAX_KEY_LEN,
-			   ctx->key.bit_stream, ctx->keylen);
+	ret = copy_reverse_words((uint8_t *)session->key, CRYPTO_STM32_AES_MAX_KEY_LEN,
+				 ctx->key.bit_stream, ctx->keylen);
+	if (ret != 0) {
+		return -EIO;
+	}
 
 	session->config.pKey = session->key;
 	session->config.DataType = CRYP_DATATYPE_8B;
