lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-28 00:21:48 +03:00
Code Activity

EC key pair import: check the buffer size

Browse Source 
When importing a private elliptic curve key, require the input to have
exactly the right size. RFC 5915 requires the right size (you aren't
allow to omit leading zeros). A different buffer size likely means
that something is wrong, e.g. a mismatch between the declared key type
and the actual data.
This commit is contained in:
Gilles Peskine
2019-05-13 14:21:57 +02:00
parent 6c9514427b
commit c9d910bed6
2 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
library/psa_crypto.c
View File

@ -621,6 +621,9 @@ static psa_status_t psa_import_ec_private_key( psa_ecc_curve_t curve,
mbedtls_ecp_keypair *ecp = NULL;
mbedtls_ecp_group_id grp_id = mbedtls_ecc_group_of_psa( curve );
if( PSA_BITS_TO_BYTES( PSA_ECC_CURVE_BITS( curve ) ) != data_length )
return( PSA_ERROR_INVALID_ARGUMENT );
*p_ecp = NULL;
ecp = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) );
if( ecp == NULL )