yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add safety for keys larger than we currently support.

Browse source 
Prevent buffer overflow with keys whos grp.nbits is greater than
PSA_VENDOR_ECC_MAX_CURVE_BITS.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
This commit is contained in:
Paul Elliott 2023-02-15 18:23:53 +00:00
parent 93d9ca83ea
commit ba70ad4944
1 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
library/psa_crypto.c
View file

@ -3577,6 +3577,11 @@ psa_status_t mbedtls_psa_sign_hash_start(
required_hash_length = (hash_length < operation->coordinate_bytes ? required_hash_length = (hash_length < operation->coordinate_bytes ?
hash_length : operation->coordinate_bytes); hash_length : operation->coordinate_bytes);
if (required_hash_length > sizeof(operation->hash)) {
/* Shouldn't happen, but better safe than sorry. */
return PSA_ERROR_CORRUPTION_DETECTED;
}
memcpy(operation->hash, hash, required_hash_length); memcpy(operation->hash, hash, required_hash_length);
operation->hash_length = required_hash_length; operation->hash_length = required_hash_length;
@ -3812,6 +3817,11 @@ psa_status_t mbedtls_psa_verify_hash_start(
required_hash_length = (hash_length < coordinate_bytes ? hash_length : required_hash_length = (hash_length < coordinate_bytes ? hash_length :
coordinate_bytes); coordinate_bytes);
if (required_hash_length > sizeof(operation->hash)) {
/* Shouldn't happen, but better safe than sorry. */
return PSA_ERROR_CORRUPTION_DETECTED;
}
memcpy(operation->hash, hash, required_hash_length); memcpy(operation->hash, hash, required_hash_length);
operation->hash_length = required_hash_length; operation->hash_length = required_hash_length;