pk_wrap.c: tidy up signature extraction
Add a sanity check for signature length, remove superfluous bounds check.
This commit is contained in:
parent
e30ad542a1
commit
96cc1b3def
1 changed files with 10 additions and 11 deletions
|
@ -523,14 +523,6 @@ static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end,
|
||||||
int ret;
|
int ret;
|
||||||
size_t tmp_size;
|
size_t tmp_size;
|
||||||
|
|
||||||
if( ( end - *p ) < 1 )
|
|
||||||
{
|
|
||||||
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
|
|
||||||
}
|
|
||||||
|
|
||||||
if( sig == NULL )
|
|
||||||
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
|
|
||||||
|
|
||||||
if( ( ret = mbedtls_asn1_get_tag( p, end, &tmp_size,
|
if( ( ret = mbedtls_asn1_get_tag( p, end, &tmp_size,
|
||||||
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
|
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
@ -562,7 +554,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
|
||||||
psa_algorithm_t psa_sig_md, psa_md;
|
psa_algorithm_t psa_sig_md, psa_md;
|
||||||
psa_ecc_curve_t curve = mbedtls_psa_translate_ecc_group(
|
psa_ecc_curve_t curve = mbedtls_psa_translate_ecc_group(
|
||||||
( (mbedtls_ecdsa_context *) ctx )->grp.id );
|
( (mbedtls_ecdsa_context *) ctx )->grp.id );
|
||||||
size_t signature_part_size = ( ( (mbedtls_ecdsa_context *) ctx ) ->grp.nbits + 7 ) / 8;
|
const size_t signature_part_size = ( ( (mbedtls_ecdsa_context *) ctx )->grp.nbits + 7 ) / 8;
|
||||||
|
|
||||||
if( curve == 0 )
|
if( curve == 0 )
|
||||||
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
|
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
|
||||||
|
@ -599,19 +591,26 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Reuse the buffer of an already imported key */
|
/* We don't need the exported key anymore and can
|
||||||
|
* reuse its buffer for signature extraction. */
|
||||||
if( 2 * signature_part_size > sizeof( buf ) )
|
if( 2 * signature_part_size > sizeof( buf ) )
|
||||||
{
|
{
|
||||||
ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA;
|
ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA;
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
|
|
||||||
if( ( ret = extract_ecdsa_sig( &p, p + sig_len, buf,
|
if( ( ret = extract_ecdsa_sig( &p, sig + sig_len, buf,
|
||||||
signature_part_size ) ) != 0 )
|
signature_part_size ) ) != 0 )
|
||||||
{
|
{
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if( p != sig + sig_len )
|
||||||
|
{
|
||||||
|
ret = MBEDTLS_ERR_PK_SIG_LEN_MISMATCH;
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
|
|
||||||
if( psa_asymmetric_verify( key_slot, psa_sig_md,
|
if( psa_asymmetric_verify( key_slot, psa_sig_md,
|
||||||
hash, hash_len,
|
hash, hash_len,
|
||||||
buf, 2 * signature_part_size )
|
buf, 2 * signature_part_size )
|
||||||
|
|
Loading…
Reference in a new issue