ECDH: check that the keys are on the same curve
In psa_key_agreement_ecdh, check that the public key is on the same curve as the private key. The underlying mbedtls API doesn't check. If the curves don't match, psa_key_agreement_ecdh is practically guaranteed to return INVALID_ARGUMENT anyway, because way the code is written, the public point is interpreted on the curve of the private point, and it is rejected because the point is not on the curve. This is why the test case "PSA key agreement setup: ECDH, raw: public key on different curve" passed even before adding this check.
This commit is contained in:
parent
c7998b78b8
commit
b408661be9
1 changed files with 6 additions and 0 deletions
|
@ -3630,6 +3630,12 @@ static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key,
|
|||
goto exit;
|
||||
}
|
||||
their_key = mbedtls_pk_ec( pk );
|
||||
if( their_key->grp.id != our_key->grp.id )
|
||||
{
|
||||
ret = MBEDTLS_ERR_ECP_INVALID_KEY;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ret = mbedtls_ecdh_get_params( &ecdh, their_key, MBEDTLS_ECDH_THEIRS );
|
||||
if( ret != 0 )
|
||||
goto exit;
|
||||
|
|
Loading…
Reference in a new issue