Fixes the issues for p_local_crypt not being cleared.

ankk-css · ankk-css · commit 083cea80ea30 · 2024-07-02T16:33:39.000+08:00
diff --git a/src/platform/Infineon/crypto/trustm/CHIPCryptoPALHsm_P256_trustm.cpp b/src/platform/Infineon/crypto/trustm/CHIPCryptoPALHsm_P256_trustm.cpp
@@ -252,15 +252,16 @@ CHIP_ERROR P256Keypair::ECDH_derive_secret(const P256PublicKey & remote_public_k
 
     return_status = trustm_ecdh_derive_secret(OPTIGA_KEY_ID_E100, (uint8_t *) remote_key, (uint16_t) rem_pubKeyLen + 3,
                                               out_secret.Bytes(), (uint8_t) secret_length);
-
     VerifyOrExit(return_status == OPTIGA_LIB_SUCCESS, error = CHIP_ERROR_INTERNAL);
+    out_secret.SetLength(secret_length);
+    error = CHIP_NO_ERROR;
 
-exit:
+ exit:
     if (error != CHIP_NO_ERROR)
     {
         trustm_close();
     }
-    return out_secret.SetLength(secret_length);
+    return error;
 #endif
 }
 
diff --git a/src/platform/Infineon/crypto/trustm/CHIPCryptoPALHsm_utils_trustm.cpp b/src/platform/Infineon/crypto/trustm/CHIPCryptoPALHsm_utils_trustm.cpp
@@ -426,8 +426,9 @@ optiga_lib_status_t deriveKey_HKDF(const uint8_t * salt, uint16_t salt_length, c
             break;
         }
 
-        while (optiga_lib_status == OPTIGA_LIB_BUSY)
+        while (p_local_crypt->instance_state != OPTIGA_LIB_INSTANCE_FREE)
             ;
+
         if (OPTIGA_LIB_SUCCESS != optiga_lib_status)
         {
             // optiga_crypt_hkdf failed
@@ -539,8 +540,9 @@ optiga_lib_status_t hmac_sha256(optiga_hmac_type_t type, const uint8_t * input_d
             break;
         }
 
-        while (optiga_lib_status == OPTIGA_LIB_BUSY)
+        while (p_local_crypt->instance_state != OPTIGA_LIB_INSTANCE_FREE)
             ;
+
         if (OPTIGA_LIB_SUCCESS != optiga_lib_status)
         {
             // optiga_crypt_hkdf failed
@@ -578,8 +580,9 @@ optiga_lib_status_t optiga_crypt_rng(uint8_t * random_data, uint16_t random_data
             break;
         }
 
-        while (optiga_lib_status == OPTIGA_LIB_BUSY)
+        while (p_local_crypt->instance_state != OPTIGA_LIB_INSTANCE_FREE)
             ;
+
         if (OPTIGA_LIB_SUCCESS != optiga_lib_status)
         {
             // optiga_crypt_random failed
@@ -626,7 +629,7 @@ optiga_lib_status_t trustm_ecc_keygen(uint16_t optiga_key_id, uint8_t key_type,
             break;
         }
 
-        while (optiga_lib_status == OPTIGA_LIB_BUSY)
+        while (p_local_crypt->instance_state != OPTIGA_LIB_INSTANCE_FREE)
             ;
 
     } while (0);
@@ -696,8 +699,10 @@ optiga_lib_status_t trustm_hash(uint8_t * msg, uint16_t msg_length, uint8_t * di
             optiga_lib_print_message("optiga_crypt_hash api returns error !!!", OPTIGA_UTIL_SERVICE, OPTIGA_UTIL_SERVICE_COLOR);
             break;
         }
-        while (optiga_lib_status == OPTIGA_LIB_BUSY)
+
+        while (p_local_crypt->instance_state != OPTIGA_LIB_INSTANCE_FREE)
             ;
+
     } while (0);
 
     if (p_local_crypt)
@@ -729,7 +734,8 @@ optiga_lib_status_t trustm_ecdsa_sign(optiga_key_id_t optiga_key_id, uint8_t * d
                                      OPTIGA_UTIL_SERVICE_COLOR);
             break;
         }
-        while (optiga_lib_status == OPTIGA_LIB_BUSY)
+
+        while (p_local_crypt->instance_state != OPTIGA_LIB_INSTANCE_FREE)
             ;
 
         for (i = (*signature_length - 1); i >= 0; i--)
@@ -803,8 +809,10 @@ optiga_lib_status_t trustm_ecdsa_verify(uint8_t * digest, uint8_t digest_length,
                                      OPTIGA_UTIL_SERVICE_COLOR);
             break;
         }
-        while (optiga_lib_status == OPTIGA_LIB_BUSY)
+
+        while (p_local_crypt->instance_state != OPTIGA_LIB_INSTANCE_FREE)
             ;
+
     } while (0);
 
     if (p_local_crypt)
@@ -896,8 +904,10 @@ optiga_lib_status_t trustm_ecdh_derive_secret(optiga_key_id_t optiga_key_id, uin
             optiga_lib_print_message("optiga_crypt_ecdh api returns error !!!", OPTIGA_UTIL_SERVICE, OPTIGA_UTIL_SERVICE_COLOR);
             break;
         }
-        while (optiga_lib_status == OPTIGA_LIB_BUSY)
+
+        while (p_local_crypt->instance_state != OPTIGA_LIB_INSTANCE_FREE)
             ;
+
     } while (0);
 
     if (p_local_crypt)
@@ -957,9 +967,9 @@ optiga_lib_status_t trustm_PBKDF2_HMAC(const unsigned char * salt, size_t slen,
             }
         }
 
-        while (optiga_lib_status == OPTIGA_LIB_BUSY)
+        while (p_local_crypt->instance_state != OPTIGA_LIB_INSTANCE_FREE)
             ;
-
+            
         if (OPTIGA_LIB_SUCCESS != optiga_lib_status)
 
         {

Original file line number	Diff line number	Diff line change
`@@ -252,15 +252,16 @@ CHIP_ERROR P256Keypair::ECDH_derive_secret(const P256PublicKey & remote_public_k`
`252`	`252`
`253`	`253`	`return_status = trustm_ecdh_derive_secret(OPTIGA_KEY_ID_E100, (uint8_t *) remote_key, (uint16_t) rem_pubKeyLen + 3,`
`254`	`254`	`out_secret.Bytes(), (uint8_t) secret_length);`
`255`		`-`
`256`	`255`	`VerifyOrExit(return_status == OPTIGA_LIB_SUCCESS, error = CHIP_ERROR_INTERNAL);`
	`256`	`+ out_secret.SetLength(secret_length);`
	`257`	`+ error = CHIP_NO_ERROR;`
`257`	`258`
`258`		`-exit:`
	`259`	`+ exit:`
`259`	`260`	`if (error != CHIP_NO_ERROR)`
`260`	`261`	`{`
`261`	`262`	`trustm_close();`
`262`	`263`	`}`
`263`		`- return out_secret.SetLength(secret_length);`
	`264`	`+ return error;`
`264`	`265`	`#endif`
`265`	`266`	`}`
`266`	`267`
Original file line number	Diff line number	Diff line change
`@@ -426,8 +426,9 @@ optiga_lib_status_t deriveKey_HKDF(const uint8_t * salt, uint16_t salt_length, c`
`426`	`426`	`break;`
`427`	`427`	`}`
`428`	`428`
`429`		`- while (optiga_lib_status == OPTIGA_LIB_BUSY)`
	`429`	`+ while (p_local_crypt->instance_state != OPTIGA_LIB_INSTANCE_FREE)`
`430`	`430`	`;`
	`431`	`+`
`431`	`432`	`if (OPTIGA_LIB_SUCCESS != optiga_lib_status)`
`432`	`433`	`{`
`433`	`434`	`// optiga_crypt_hkdf failed`
`@@ -539,8 +540,9 @@ optiga_lib_status_t hmac_sha256(optiga_hmac_type_t type, const uint8_t * input_d`
`539`	`540`	`break;`
`540`	`541`	`}`
`541`	`542`
`542`		`- while (optiga_lib_status == OPTIGA_LIB_BUSY)`
	`543`	`+ while (p_local_crypt->instance_state != OPTIGA_LIB_INSTANCE_FREE)`
`543`	`544`	`;`
	`545`	`+`
`544`	`546`	`if (OPTIGA_LIB_SUCCESS != optiga_lib_status)`
`545`	`547`	`{`
`546`	`548`	`// optiga_crypt_hkdf failed`
`@@ -578,8 +580,9 @@ optiga_lib_status_t optiga_crypt_rng(uint8_t * random_data, uint16_t random_data`
`578`	`580`	`break;`
`579`	`581`	`}`
`580`	`582`
`581`		`- while (optiga_lib_status == OPTIGA_LIB_BUSY)`
	`583`	`+ while (p_local_crypt->instance_state != OPTIGA_LIB_INSTANCE_FREE)`
`582`	`584`	`;`
	`585`	`+`
`583`	`586`	`if (OPTIGA_LIB_SUCCESS != optiga_lib_status)`
`584`	`587`	`{`
`585`	`588`	`// optiga_crypt_random failed`
`@@ -626,7 +629,7 @@ optiga_lib_status_t trustm_ecc_keygen(uint16_t optiga_key_id, uint8_t key_type,`
`626`	`629`	`break;`
`627`	`630`	`}`
`628`	`631`
`629`		`- while (optiga_lib_status == OPTIGA_LIB_BUSY)`
	`632`	`+ while (p_local_crypt->instance_state != OPTIGA_LIB_INSTANCE_FREE)`
`630`	`633`	`;`
`631`	`634`
`632`	`635`	`} while (0);`
`@@ -696,8 +699,10 @@ optiga_lib_status_t trustm_hash(uint8_t * msg, uint16_t msg_length, uint8_t * di`
`696`	`699`	`optiga_lib_print_message("optiga_crypt_hash api returns error !!!", OPTIGA_UTIL_SERVICE, OPTIGA_UTIL_SERVICE_COLOR);`
`697`	`700`	`break;`
`698`	`701`	`}`
`699`		`- while (optiga_lib_status == OPTIGA_LIB_BUSY)`
	`702`	`+`
	`703`	`+ while (p_local_crypt->instance_state != OPTIGA_LIB_INSTANCE_FREE)`
`700`	`704`	`;`
	`705`	`+`
`701`	`706`	`} while (0);`
`702`	`707`
`703`	`708`	`if (p_local_crypt)`
`@@ -729,7 +734,8 @@ optiga_lib_status_t trustm_ecdsa_sign(optiga_key_id_t optiga_key_id, uint8_t * d`
`729`	`734`	`OPTIGA_UTIL_SERVICE_COLOR);`
`730`	`735`	`break;`
`731`	`736`	`}`
`732`		`- while (optiga_lib_status == OPTIGA_LIB_BUSY)`
	`737`	`+`
	`738`	`+ while (p_local_crypt->instance_state != OPTIGA_LIB_INSTANCE_FREE)`
`733`	`739`	`;`
`734`	`740`
`735`	`741`	`for (i = (*signature_length - 1); i >= 0; i--)`
`@@ -803,8 +809,10 @@ optiga_lib_status_t trustm_ecdsa_verify(uint8_t * digest, uint8_t digest_length,`
`803`	`809`	`OPTIGA_UTIL_SERVICE_COLOR);`
`804`	`810`	`break;`
`805`	`811`	`}`
`806`		`- while (optiga_lib_status == OPTIGA_LIB_BUSY)`
	`812`	`+`
	`813`	`+ while (p_local_crypt->instance_state != OPTIGA_LIB_INSTANCE_FREE)`
`807`	`814`	`;`
	`815`	`+`
`808`	`816`	`} while (0);`
`809`	`817`
`810`	`818`	`if (p_local_crypt)`
`@@ -896,8 +904,10 @@ optiga_lib_status_t trustm_ecdh_derive_secret(optiga_key_id_t optiga_key_id, uin`
`896`	`904`	`optiga_lib_print_message("optiga_crypt_ecdh api returns error !!!", OPTIGA_UTIL_SERVICE, OPTIGA_UTIL_SERVICE_COLOR);`
`897`	`905`	`break;`
`898`	`906`	`}`
`899`		`- while (optiga_lib_status == OPTIGA_LIB_BUSY)`
	`907`	`+`
	`908`	`+ while (p_local_crypt->instance_state != OPTIGA_LIB_INSTANCE_FREE)`
`900`	`909`	`;`
	`910`	`+`
`901`	`911`	`} while (0);`
`902`	`912`
`903`	`913`	`if (p_local_crypt)`
`@@ -957,9 +967,9 @@ optiga_lib_status_t trustm_PBKDF2_HMAC(const unsigned char * salt, size_t slen,`
`957`	`967`	`}`
`958`	`968`	`}`
`959`	`969`
`960`		`- while (optiga_lib_status == OPTIGA_LIB_BUSY)`
	`970`	`+ while (p_local_crypt->instance_state != OPTIGA_LIB_INSTANCE_FREE)`
`961`	`971`	`;`
`962`		`-`
	`972`	`+`
`963`	`973`	`if (OPTIGA_LIB_SUCCESS != optiga_lib_status)`
`964`	`974`
`965`	`975`	`{`