TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / f00f15244428a917503182c16d1c2a5cd738f91a^! / . / library / ssl_srv.c
commitf00f15244428a917503182c16d1c2a5cd738f91a[log] [tgz]
authorGilles Peskine <Gilles.Peskine@arm.com>Tue Jun 22 00:09:00 2021 +0200
committerGilles Peskine <Gilles.Peskine@arm.com>Fri Jun 25 00:46:22 2021 +0200
tree5f772ca9e07e23a296f7641530eca1f2643ce982
parent1fed4b8324f640802e281504bfa4c8f1c0b276bb [diff] [blame]
Add output size parameter to signature functions

The functions mbedtls_pk_sign(), mbedtls_pk_sign_restartable(),
mbedtls_ecdsa_write_signature() and mbedtls_ecdsa_write_signature_restartable()
now take an extra parameter indicating the size of the output buffer for the
signature.

No change to RSA because for RSA, the output size is trivial to calculate.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 4715129..0746854 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c

@@ -2922,6 +2922,12 @@
     (void) signature_len;
 #endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */
 
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+    size_t out_buf_len = ssl->out_buf_len - ( ssl->out_msg - ssl->out_buf );
+#else
+    size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN - ( ssl->out_msg - ssl->out_buf );
+#endif
+
     ssl->out_msglen = 4; /* header (type:1, length:3) to be written later */
 
     /*
@@ -3224,6 +3230,7 @@
         if( ( ret = mbedtls_pk_sign( mbedtls_ssl_own_key( ssl ),
                                      md_alg, hash, hashlen,
                                      ssl->out_msg + ssl->out_msglen + 2,
+                                     out_buf_len - ssl->out_msglen - 2,
                                      signature_len,
                                      ssl->conf->f_rng,
                                      ssl->conf->p_rng ) ) != 0 )