commit f00f15244428a917503182c16d1c2a5cd738f91a
author Gilles Peskine <Gilles.Peskine@arm.com> Tue Jun 22 00:09:00 2021 +0200
committer Gilles Peskine <Gilles.Peskine@arm.com> Fri Jun 25 00:46:22 2021 +0200
tree 5f772ca9e07e23a296f7641530eca1f2643ce982
parent 1fed4b8324f640802e281504bfa4c8f1c0b276bb

Add output size parameter to signature functions

The functions mbedtls_pk_sign(), mbedtls_pk_sign_restartable(),
mbedtls_ecdsa_write_signature() and mbedtls_ecdsa_write_signature_restartable()
now take an extra parameter indicating the size of the output buffer for the
signature.

No change to RSA because for RSA, the output size is trivial to calculate.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

programs/pkey/ecdsa.c

diff --git a/programs/pkey/ecdsa.c b/programs/pkey/ecdsa.c
index 31b4584..a21a544 100644
--- a/programs/pkey/ecdsa.c
+++ b/programs/pkey/ecdsa.c
@@ -184,7 +184,7 @@
 
     if( ( ret = mbedtls_ecdsa_write_signature( &ctx_sign, MBEDTLS_MD_SHA256,
                                        hash, sizeof( hash ),
-                                       sig, &sig_len,
+                                       sig, sizeof( sig ), &sig_len,
                                        mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
     {
         mbedtls_printf( " failed\n  ! mbedtls_ecdsa_write_signature returned %d\n", ret );

programs/pkey/pk_sign.c

diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c
index 422fa25..fe46c20 100644
--- a/programs/pkey/pk_sign.c
+++ b/programs/pkey/pk_sign.c
@@ -123,8 +123,9 @@
         goto exit;
     }
 
-    if( ( ret = mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, 0, buf, &olen,
-                         mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
+    if( ( ret = mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, 0,
+                                 buf, sizeof( buf ), &olen,
+                                 mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
     {
         mbedtls_printf( " failed\n  ! mbedtls_pk_sign returned -0x%04x\n", (unsigned int) -ret );
         goto exit;

programs/pkey/rsa_sign_pss.c

diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c
index bbbe0a9..50553ca 100644
--- a/programs/pkey/rsa_sign_pss.c
+++ b/programs/pkey/rsa_sign_pss.c
@@ -139,8 +139,9 @@
         goto exit;
     }
 
-    if( ( ret = mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, 0, buf, &olen,
-                         mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
+    if( ( ret = mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, 0,
+                                 buf, sizeof( buf ), &olen,
+                                 mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
     {
         mbedtls_printf( " failed\n  ! mbedtls_pk_sign returned %d\n\n", ret );
         goto exit;