lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Add check for pake operation buffer overflow

Browse Source 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
This commit is contained in:
Przemek Stekiel
2023-02-27 11:49:35 +01:00
parent e3ef3a15cd
commit 4dc83d40af
3 changed files with 25 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs/proposed/psa-driver-interface.md
View File

@ -458,6 +458,10 @@ For `PSA_ALG_JPAKE` the following steps are available for input operation:
* `PSA_JPAKE_X4S_STEP_ZK_PUBLIC`    Round 2: input Schnorr NIZKP public key for the X4S key
* `PSA_JPAKE_X4S_STEP_ZK_PROOF`     Round 2: input Schnorr NIZKP proof for the X4S key
The core has checked that input_length is smaller than PSA_PAKE_INPUT_SIZE(PSA_ALG_JPAKE, primitive, step)
where primitive is the JPAKE algorithm primitive and step the PSA API level input step.
Thus no risk of integer overflow while checking operation buffer overflow.
### PAKE driver get implicit key
```