From da403b749e443908e9c930f459c76033c32d60ad Mon Sep 17 00:00:00 2001
From: Valerio Setti <valerio.setti@nordicsemi.no>
Date: Mon, 10 Jul 2023 14:31:39 +0200
Subject: [PATCH] =?UTF-8?q?tls:=20use=20already=20existing=20symbols=20to?=
 =?UTF-8?q?=20size=20the=20buffer=20for=20XXD=E1=B8=A6=20peer=20key?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
---
 library/ssl_misc.h         | 14 +-------------
 library/ssl_tls12_client.c | 16 +++-------------
 2 files changed, 4 insertions(+), 26 deletions(-)

diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 2b0b7f15ed..c08f5e1a80 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -757,24 +757,12 @@ struct mbedtls_ssl_handshake_params {
 #endif /* !MBEDTLS_USE_PSA_CRYPTO &&
           MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED */
 
-#if defined(PSA_WANT_ALG_ECDH) && defined(PSA_WANT_ALG_FFDH)
-#if (MBEDTLS_PSA_MAX_FFDH_PUBKEY_LENGTH >= MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH)
-#define SSL_XXDH_PSA_PEERKEY_SIZE MBEDTLS_PSA_MAX_FFDH_PUBKEY_LENGTH
-#else
-#define SSL_XXDH_PSA_PEERKEY_SIZE MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
-#endif
-#elif defined(PSA_WANT_ALG_ECDH)
-#define SSL_XXDH_PSA_PEERKEY_SIZE MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
-#else
-#define SSL_XXDH_PSA_PEERKEY_SIZE MBEDTLS_PSA_MAX_FFDH_PUBKEY_LENGTH
-#endif
-
 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_XXDH_ANY_PSA_ENABLED)
     psa_key_type_t xxdh_psa_type;
     size_t xxdh_bits;
     mbedtls_svc_key_id_t xxdh_psa_privkey;
     uint8_t xxdh_psa_privkey_is_external;
-    unsigned char xxdh_psa_peerkey[SSL_XXDH_PSA_PEERKEY_SIZE];
+    unsigned char xxdh_psa_peerkey[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE];
     size_t xxdh_psa_peerkey_len;
 #endif /* MBEDTLS_KEY_EXCHANGE_SOME_XXDH_ANY_PSA_ENABLED */
 
diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c
index a53ea03cd2..9574881096 100644
--- a/library/ssl_tls12_client.c
+++ b/library/ssl_tls12_client.c
@@ -1774,19 +1774,9 @@ static int ssl_parse_server_ecdh_params(mbedtls_ssl_context *ssl,
         return MBEDTLS_ERR_SSL_DECODE_ERROR;
     }
 
-    /* When FFDH is enabled, the array handshake->xxdh_psa_peer_key size takes into account
-       the sizes of the FFDH keys which are at least 2048 bits.
-       The size of the array is thus greater than 256 bytes which is greater than any
-       possible value of ecpoint_len (type uint8_t) and the check below can be skipped.*/
-#if !defined(PSA_WANT_ALG_FFDH)
-    if (ecpoint_len > sizeof(handshake->xxdh_psa_peerkey)) {
-        return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE;
-    }
-#else
-    MBEDTLS_STATIC_ASSERT(sizeof(handshake->xxdh_psa_peerkey) >= UINT8_MAX,
-                          "peer key buffer too small");
-#endif
-
+    /* xxdh_psa_peerkey is sized after maximum supported FFDH public key.
+     * PSA_VENDOR_FFDH_MAX_KEY_BITS is always larger than EC public key, so
+     * we can skip the buffer size check before the memcpy-ing data into it. */
     memcpy(handshake->xxdh_psa_peerkey, *p, ecpoint_len);
     handshake->xxdh_psa_peerkey_len = ecpoint_len;
     *p += ecpoint_len;