Add check for pake operation buffer overflow
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
diff --git a/library/psa_crypto_pake.c b/library/psa_crypto_pake.c
index c6f9e89..538df87 100644
--- a/library/psa_crypto_pake.c
+++ b/library/psa_crypto_pake.c
@@ -430,11 +430,26 @@
3, /* named_curve */
0, 23 /* secp256r1 */
};
+
+ if (operation->buffer_length + sizeof(ecparameters) > sizeof(operation->buffer)) {
+ return PSA_ERROR_BUFFER_TOO_SMALL;
+ }
+
memcpy(operation->buffer + operation->buffer_length,
ecparameters, sizeof(ecparameters));
operation->buffer_length += sizeof(ecparameters);
}
+ /*
+ * The core has checked that input_length is smaller than
+ * PSA_PAKE_INPUT_SIZE(PSA_ALG_JPAKE, primitive, step)
+ * where primitive is the JPAKE algorithm primitive and step
+ * the PSA API level input step. Thus no risk of integer overflow here.
+ */
+ if (operation->buffer_length + input_length + 1 > sizeof(operation->buffer)) {
+ return PSA_ERROR_BUFFER_TOO_SMALL;
+ }
+
/* Write the length byte */
operation->buffer[operation->buffer_length] = (uint8_t) input_length;
operation->buffer_length += 1;
diff --git a/library/psa_crypto_pake.h b/library/psa_crypto_pake.h
index 9bdcc33..eb30881 100644
--- a/library/psa_crypto_pake.h
+++ b/library/psa_crypto_pake.h
@@ -96,6 +96,12 @@
* entry point as defined in the PSA driver interface specification for
* transparent drivers.
*
+ * \note The core has checked that input_length is smaller than
+ PSA_PAKE_INPUT_SIZE(PSA_ALG_JPAKE, primitive, step)
+ where primitive is the JPAKE algorithm primitive and step
+ the PSA API level input step. Thus no risk of integer overflow while
+ checking operation buffer overflow.
+ *
* \param[in,out] operation Active PAKE operation.
* \param step The driver step for which the input is provided.
* \param[in] input Buffer containing the input in the format