lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Check LMS offsets are sane at runtime

Browse Source 
Signed-off-by: Raef Coles <raef.coles@arm.com>
This commit is contained in:
Raef Coles
2022-10-10 11:23:07 +01:00
parent e34e3c0e59
commit 1fb2f32ef5
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
library/lms.c
View File

@ -733,6 +733,12 @@ int mbedtls_lms_sign( mbedtls_lms_private_t *ctx,
*/ */
ctx->q_next_usable_key += 1; ctx->q_next_usable_key += 1;
if ( MBEDTLS_LMS_SIG_LEN(ctx->params.type, ctx->params.otstype)
< SIG_OTS_SIG_OFFSET )
{
return MBEDTLS_ERR_LMS_BAD_INPUT_DATA;
}
ret = mbedtls_lmots_sign( &ctx->ots_private_keys[q_leaf_identifier], ret = mbedtls_lmots_sign( &ctx->ots_private_keys[q_leaf_identifier],
f_rng, p_rng, msg, msg_size, f_rng, p_rng, msg, msg_size,
sig + SIG_OTS_SIG_OFFSET, sig + SIG_OTS_SIG_OFFSET,