psa_util: improve convert_raw_to_der_single_int()

Allow the function to support DER buffers than what it is nominally required by the provided coordinates. In other words let's ignore padding zeros in the raw number. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2025-08-01 10:06:53 +03:00 · 2024-02-05 12:06:46 +01:00
parent 315e4afc0a
commit 954ef4bbd5
4 changed files with 33 additions and 16 deletions
--- a/library/psa_util.c
+++ b/library/psa_util.c
@ -365,9 +365,21 @@ static int convert_raw_to_der_single_int(const unsigned char *raw_buf, size_t ra
                                         unsigned char *der_buf_end)
 {
    unsigned char *p = der_buf_end;
-    int len = (int) raw_len;
+    int len;
    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;

+    /* ASN.1 DER encoding requires minimal length, so skip leading 0s.
+     * Provided input MPIs should not be 0, but as a failsafe measure, still
+     * detect that and return error in case. */
+    while (*raw_buf == 0x00) {
+        ++raw_buf;
+        --raw_len;
+        if (raw_len == 0) {
+            return MBEDTLS_ERR_ASN1_INVALID_DATA;
+        }
+    }
+    len = (int) raw_len;
+
    /* Copy the raw coordinate to the end of der_buf. */
    if ((p - der_buf_start) < len) {
        return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
@ -375,17 +387,6 @@ static int convert_raw_to_der_single_int(const unsigned char *raw_buf, size_t ra
    p -= len;
    memcpy(p, raw_buf, len);

-    /* ASN.1 DER encoding requires minimal length, so skip leading 0s.
-     * Provided input MPIs should not be 0, but as a failsafe measure, still
-     * detect that and return error in case. */
-    while (*p == 0x00) {
-        ++p;
-        --len;
-        if (len == 0) {
-            return MBEDTLS_ERR_ASN1_INVALID_DATA;
-        }
-    }
-
    /* If MSb is 1, ASN.1 requires that we prepend a 0. */
    if (*p & 0x80) {
        if ((p - der_buf_start) < 1) {