diff --git a/docs/proposed/psa-driver-interface.md b/docs/proposed/psa-driver-interface.md
index ac6b8ded7..c00796a49 100644
--- a/docs/proposed/psa-driver-interface.md
+++ b/docs/proposed/psa-driver-interface.md
@@ -458,6 +458,10 @@ For `PSA_ALG_JPAKE` the following steps are available for input operation:
 * `PSA_JPAKE_X4S_STEP_ZK_PUBLIC`    Round 2: input Schnorr NIZKP public key for the X4S key
 * `PSA_JPAKE_X4S_STEP_ZK_PROOF`     Round 2: input Schnorr NIZKP proof for the X4S key
 
+The core has checked that input_length is smaller than PSA_PAKE_INPUT_SIZE(PSA_ALG_JPAKE, primitive, step)
+where primitive is the JPAKE algorithm primitive and step the PSA API level input step.
+Thus no risk of integer overflow while checking operation buffer overflow.
+
 ### PAKE driver get implicit key
 
 ```
diff --git a/library/psa_crypto_pake.c b/library/psa_crypto_pake.c
index c6f9e895b..538df8744 100644
--- a/library/psa_crypto_pake.c
+++ b/library/psa_crypto_pake.c
@@ -430,11 +430,26 @@ static psa_status_t mbedtls_psa_pake_input_internal(
                 3, /* named_curve */
                 0, 23 /* secp256r1 */
             };
+
+            if (operation->buffer_length + sizeof(ecparameters) > sizeof(operation->buffer)) {
+                return PSA_ERROR_BUFFER_TOO_SMALL;
+            }
+
             memcpy(operation->buffer + operation->buffer_length,
                    ecparameters, sizeof(ecparameters));
             operation->buffer_length += sizeof(ecparameters);
         }
 
+        /*
+         * The core has checked that input_length is smaller than
+         * PSA_PAKE_INPUT_SIZE(PSA_ALG_JPAKE, primitive, step)
+         * where primitive is the JPAKE algorithm primitive and step
+         * the PSA API level input step. Thus no risk of integer overflow here.
+         */
+        if (operation->buffer_length + input_length + 1 > sizeof(operation->buffer)) {
+            return PSA_ERROR_BUFFER_TOO_SMALL;
+        }
+
         /* Write the length byte */
         operation->buffer[operation->buffer_length] = (uint8_t) input_length;
         operation->buffer_length += 1;
diff --git a/library/psa_crypto_pake.h b/library/psa_crypto_pake.h
index 9bdcc3387..eb308813e 100644
--- a/library/psa_crypto_pake.h
+++ b/library/psa_crypto_pake.h
@@ -96,6 +96,12 @@ psa_status_t mbedtls_psa_pake_output(mbedtls_psa_pake_operation_t *operation,
  *       entry point as defined in the PSA driver interface specification for
  *       transparent drivers.
  *
+ * \note The core has checked that input_length is smaller than
+         PSA_PAKE_INPUT_SIZE(PSA_ALG_JPAKE, primitive, step)
+         where primitive is the JPAKE algorithm primitive and step
+         the PSA API level input step. Thus no risk of integer overflow while
+         checking operation buffer overflow.
+ *
  * \param[in,out] operation    Active PAKE operation.
  * \param step                 The driver step for which the input is provided.
  * \param[in] input            Buffer containing the input in the format