Fix signature size checks in psa_asymmetric_verify for RSA The signature must have exactly the same length as the key, it can't be longer. Fix #258 If the signature doesn't have the correct size, that's an invalid signature, not a problem with an output buffer size. Fix the error code. Add test cases.

commit: 89cc74f44728ed929ee7388767070fdd02d514d4 [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Thu Sep 12 22:08:23 2019 +0200
committer: Gilles Peskine <Gilles.Peskine@arm.com> Fri Sep 13 11:39:11 2019 +0200
tree: 3dd0df45ce6b9dc929b66555d26b243efd0ccf5b
parent: 4019f0e914416ca6c80bfad51509404265b5bf45 [diff] [blame]
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c53d15b..09254b2 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c

@@ -3191,8 +3191,8 @@
     if( status != PSA_SUCCESS )
         return( status );
 
-    if( signature_length < mbedtls_rsa_get_len( rsa ) )
-        return( PSA_ERROR_BUFFER_TOO_SMALL );
+    if( signature_length != mbedtls_rsa_get_len( rsa ) )
+        return( PSA_ERROR_INVALID_SIGNATURE );
 
 #if defined(MBEDTLS_PKCS1_V15)
     if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
commit	89cc74f44728ed929ee7388767070fdd02d514d4	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Thu Sep 12 22:08:23 2019 +0200
committer	Gilles Peskine <Gilles.Peskine@arm.com>	Fri Sep 13 11:39:11 2019 +0200
tree	3dd0df45ce6b9dc929b66555d26b243efd0ccf5b
parent	4019f0e914416ca6c80bfad51509404265b5bf45 [diff] [blame]