blob: b7c2e6b04063722226d3e5a7af51fd5c5855f818 [file] [log] [blame]
/*
* PSA ITS simulator over stdio files.
*/
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "common.h"
#if defined(MBEDTLS_PSA_ITS_FILE_C)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#define mbedtls_snprintf snprintf
#endif
#if defined(_WIN32)
#include <windows.h>
#endif
#include "psa_crypto_its.h"
#include <limits.h>
#include <stdint.h>
#include <stdio.h>
#include <string.h>
#if !defined(PSA_ITS_STORAGE_PREFIX)
#define PSA_ITS_STORAGE_PREFIX ""
#endif
#define PSA_ITS_STORAGE_FILENAME_PATTERN "%08x%08x"
#define PSA_ITS_STORAGE_SUFFIX ".psa_its"
#define PSA_ITS_STORAGE_FILENAME_LENGTH \
( sizeof( PSA_ITS_STORAGE_PREFIX ) - 1 + /*prefix without terminating 0*/ \
16 + /*UID (64-bit number in hex)*/ \
sizeof( PSA_ITS_STORAGE_SUFFIX ) - 1 + /*suffix without terminating 0*/ \
1 /*terminating null byte*/ )
#define PSA_ITS_STORAGE_TEMP \
PSA_ITS_STORAGE_PREFIX "tempfile" PSA_ITS_STORAGE_SUFFIX
/* The maximum value of psa_storage_info_t.size */
#define PSA_ITS_MAX_SIZE 0xffffffff
#define PSA_ITS_MAGIC_STRING "PSA\0ITS\0"
#define PSA_ITS_MAGIC_LENGTH 8
/* As rename fails on Windows if the new filepath already exists,
* use MoveFileExA with the MOVEFILE_REPLACE_EXISTING flag instead.
* Returns 0 on success, nonzero on failure. */
#if defined(_WIN32)
#define rename_replace_existing( oldpath, newpath ) \
( ! MoveFileExA( oldpath, newpath, MOVEFILE_REPLACE_EXISTING ) )
#else
#define rename_replace_existing( oldpath, newpath ) rename( oldpath, newpath )
#endif
typedef struct
{
uint8_t magic[PSA_ITS_MAGIC_LENGTH];
uint8_t size[sizeof( uint32_t )];
uint8_t flags[sizeof( psa_storage_create_flags_t )];
} psa_its_file_header_t;
static void psa_its_fill_filename( psa_storage_uid_t uid, char *filename )
{
/* Break up the UID into two 32-bit pieces so as not to rely on
* long long support in snprintf. */
mbedtls_snprintf( filename, PSA_ITS_STORAGE_FILENAME_LENGTH,
"%s" PSA_ITS_STORAGE_FILENAME_PATTERN "%s",
PSA_ITS_STORAGE_PREFIX,
(unsigned) ( uid >> 32 ),
(unsigned) ( uid & 0xffffffff ),
PSA_ITS_STORAGE_SUFFIX );
}
static psa_status_t psa_its_read_file( psa_storage_uid_t uid,
struct psa_storage_info_t *p_info,
FILE **p_stream )
{
char filename[PSA_ITS_STORAGE_FILENAME_LENGTH];
psa_its_file_header_t header;
size_t n;
*p_stream = NULL;
psa_its_fill_filename( uid, filename );
*p_stream = fopen( filename, "rb" );
if( *p_stream == NULL )
return( PSA_ERROR_DOES_NOT_EXIST );
/* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */
mbedtls_setbuf( *p_stream, NULL );
n = fread( &header, 1, sizeof( header ), *p_stream );
if( n != sizeof( header ) )
return( PSA_ERROR_DATA_CORRUPT );
if( memcmp( header.magic, PSA_ITS_MAGIC_STRING,
PSA_ITS_MAGIC_LENGTH ) != 0 )
return( PSA_ERROR_DATA_CORRUPT );
p_info->size = ( header.size[0] |
header.size[1] << 8 |
header.size[2] << 16 |
header.size[3] << 24 );
p_info->flags = ( header.flags[0] |
header.flags[1] << 8 |
header.flags[2] << 16 |
header.flags[3] << 24 );
return( PSA_SUCCESS );
}
psa_status_t psa_its_get_info( psa_storage_uid_t uid,
struct psa_storage_info_t *p_info )
{
psa_status_t status;
FILE *stream = NULL;
status = psa_its_read_file( uid, p_info, &stream );
if( stream != NULL )
fclose( stream );
return( status );
}
psa_status_t psa_its_get( psa_storage_uid_t uid,
uint32_t data_offset,
uint32_t data_length,
void *p_data,
size_t *p_data_length )
{
psa_status_t status;
FILE *stream = NULL;
size_t n;
struct psa_storage_info_t info;
status = psa_its_read_file( uid, &info, &stream );
if( status != PSA_SUCCESS )
goto exit;
status = PSA_ERROR_INVALID_ARGUMENT;
if( data_offset + data_length < data_offset )
goto exit;
#if SIZE_MAX < 0xffffffff
if( data_offset + data_length > SIZE_MAX )
goto exit;
#endif
if( data_offset + data_length > info.size )
goto exit;
status = PSA_ERROR_STORAGE_FAILURE;
#if LONG_MAX < 0xffffffff
while( data_offset > LONG_MAX )
{
if( fseek( stream, LONG_MAX, SEEK_CUR ) != 0 )
goto exit;
data_offset -= LONG_MAX;
}
#endif
if( fseek( stream, data_offset, SEEK_CUR ) != 0 )
goto exit;
n = fread( p_data, 1, data_length, stream );
if( n != data_length )
goto exit;
status = PSA_SUCCESS;
if( p_data_length != NULL )
*p_data_length = n;
exit:
if( stream != NULL )
fclose( stream );
return( status );
}
psa_status_t psa_its_set( psa_storage_uid_t uid,
uint32_t data_length,
const void *p_data,
psa_storage_create_flags_t create_flags )
{
if( uid == 0 )
{
return( PSA_ERROR_INVALID_HANDLE );
}
psa_status_t status = PSA_ERROR_STORAGE_FAILURE;
char filename[PSA_ITS_STORAGE_FILENAME_LENGTH];
FILE *stream = NULL;
psa_its_file_header_t header;
size_t n;
memcpy( header.magic, PSA_ITS_MAGIC_STRING, PSA_ITS_MAGIC_LENGTH );
MBEDTLS_PUT_UINT32_LE( data_length, header.size, 0 );
MBEDTLS_PUT_UINT32_LE( create_flags, header.flags, 0 );
psa_its_fill_filename( uid, filename );
stream = fopen( PSA_ITS_STORAGE_TEMP, "wb" );
if( stream == NULL )
goto exit;
/* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */
mbedtls_setbuf( stream, NULL );
status = PSA_ERROR_INSUFFICIENT_STORAGE;
n = fwrite( &header, 1, sizeof( header ), stream );
if( n != sizeof( header ) )
goto exit;
if( data_length != 0 )
{
n = fwrite( p_data, 1, data_length, stream );
if( n != data_length )
goto exit;
}
status = PSA_SUCCESS;
exit:
if( stream != NULL )
{
int ret = fclose( stream );
if( status == PSA_SUCCESS && ret != 0 )
status = PSA_ERROR_INSUFFICIENT_STORAGE;
}
if( status == PSA_SUCCESS )
{
if( rename_replace_existing( PSA_ITS_STORAGE_TEMP, filename ) != 0 )
status = PSA_ERROR_STORAGE_FAILURE;
}
/* The temporary file may still exist, but only in failure cases where
* we're already reporting an error. So there's nothing we can do on
* failure. If the function succeeded, and in some error cases, the
* temporary file doesn't exist and so remove() is expected to fail.
* Thus we just ignore the return status of remove(). */
(void) remove( PSA_ITS_STORAGE_TEMP );
return( status );
}
psa_status_t psa_its_remove( psa_storage_uid_t uid )
{
char filename[PSA_ITS_STORAGE_FILENAME_LENGTH];
FILE *stream;
psa_its_fill_filename( uid, filename );
stream = fopen( filename, "rb" );
if( stream == NULL )
return( PSA_ERROR_DOES_NOT_EXIST );
fclose( stream );
if( remove( filename ) != 0 )
return( PSA_ERROR_STORAGE_FAILURE );
return( PSA_SUCCESS );
}
#endif /* MBEDTLS_PSA_ITS_FILE_C */