Add input parameter length check for the Koblitz reduction
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
diff --git a/library/ecp_curves.c b/library/ecp_curves.c
index 1496970..6573f89 100644
--- a/library/ecp_curves.c
+++ b/library/ecp_curves.c
@@ -5643,6 +5643,10 @@
0x01, 0x00, 0x00, 0x00)
};
+ if (X_limbs != 2 * ((192 + biL - 1) / biL)) {
+ return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+ }
+
return ecp_mod_koblitz(X, X_limbs, Rp, 192);
}
@@ -5673,6 +5677,10 @@
0x01, 0x00, 0x00, 0x00)
};
+ if (X_limbs != 2 * 224 / biL) {
+ return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+ }
+
return ecp_mod_koblitz(X, X_limbs, Rp, 224);
}
@@ -5702,6 +5710,11 @@
MBEDTLS_BYTES_TO_T_UINT_8(0xD1, 0x03, 0x00, 0x00,
0x01, 0x00, 0x00, 0x00)
};
+
+ if (X_limbs != 2 * ((256 + biL - 1) / biL)) {
+ return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+ }
+
return ecp_mod_koblitz(X, X_limbs, Rp, 256);
}
diff --git a/library/ecp_invasive.h b/library/ecp_invasive.h
index 16b7b61..aadcdbc 100644
--- a/library/ecp_invasive.h
+++ b/library/ecp_invasive.h
@@ -184,6 +184,8 @@
* \param[in] X_limbs The length of \p X in limbs.
*
* \return \c 0 on success.
+ * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if \p X does not have
+ * twice as many limbs as the modulus.
* \return #MBEDTLS_ERR_ECP_ALLOC_FAILED if memory allocation failed.
*/
MBEDTLS_STATIC_TESTABLE
@@ -206,6 +208,8 @@
* \param[in] X_limbs The length of \p X in limbs.
*
* \return \c 0 on success.
+ * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if \p X does not have
+ * twice as many limbs as the modulus.
* \return #MBEDTLS_ERR_ECP_ALLOC_FAILED if memory allocation failed.
*/
MBEDTLS_STATIC_TESTABLE
@@ -228,6 +232,8 @@
* \param[in] X_limbs The length of \p X in limbs.
*
* \return \c 0 on success.
+ * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if \p X does not have
+ * twice as many limbs as the modulus.
* \return #MBEDTLS_ERR_ECP_ALLOC_FAILED if memory allocation failed.
*/
MBEDTLS_STATIC_TESTABLE