TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / ba70ad49446e3e814cb3dc0413b3956ade0e3265^! / . / library
commitba70ad49446e3e814cb3dc0413b3956ade0e3265[log] [tgz]
authorPaul Elliott <paul.elliott@arm.com>Wed Feb 15 18:23:53 2023 +0000
committerPaul Elliott <paul.elliott@arm.com>Thu Feb 16 12:15:39 2023 +0000
tree4a4e6bd9ed38adb65a3d343f3c31fd7c2dd6f218
parent93d9ca83ea6e91c7d24c8da980af832448a4151a [diff]
Add safety for keys larger than we currently support.

Prevent buffer overflow with keys whos grp.nbits is greater than
PSA_VENDOR_ECC_MAX_CURVE_BITS.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 39da74b..36d48ad 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c

@@ -3577,6 +3577,11 @@
     required_hash_length = (hash_length < operation->coordinate_bytes ?
                             hash_length : operation->coordinate_bytes);
 
+    if (required_hash_length > sizeof(operation->hash)) {
+        /* Shouldn't happen, but better safe than sorry. */
+        return PSA_ERROR_CORRUPTION_DETECTED;
+    }
+
     memcpy(operation->hash, hash, required_hash_length);
     operation->hash_length = required_hash_length;
 
@@ -3812,6 +3817,11 @@
     required_hash_length = (hash_length < coordinate_bytes ? hash_length :
                             coordinate_bytes);
 
+    if (required_hash_length > sizeof(operation->hash)) {
+        /* Shouldn't happen, but better safe than sorry. */
+        return PSA_ERROR_CORRUPTION_DETECTED;
+    }
+
     memcpy(operation->hash, hash, required_hash_length);
     operation->hash_length = required_hash_length;