Built-in lms driver: Added input guard
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
diff --git a/library/lms.c b/library/lms.c
index 7f7bec0..4bdfd43 100644
--- a/library/lms.c
+++ b/library/lms.c
@@ -242,6 +242,10 @@
mbedtls_lms_algorithm_type_t type;
mbedtls_lmots_algorithm_type_t otstype;
+ if (key_size < 4) {
+ return MBEDTLS_ERR_LMS_BAD_INPUT_DATA;
+ }
+
type = (mbedtls_lms_algorithm_type_t) MBEDTLS_GET_UINT32_BE(key, PUBLIC_KEY_TYPE_OFFSET);
if (type != MBEDTLS_LMS_SHA256_M32_H10) {
return MBEDTLS_ERR_LMS_BAD_INPUT_DATA;