Add output size parameter to signature functions

The functions mbedtls_pk_sign(), mbedtls_pk_sign_restartable(), mbedtls_ecdsa_write_signature() and mbedtls_ecdsa_write_signature_restartable() now take an extra parameter indicating the size of the output buffer for the signature. No change to RSA because for RSA, the output size is trivial to calculate. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2025-07-28 00:21:48 +03:00 · 2021-06-22 00:09:00 +02:00
parent 1fed4b8324
commit f00f152444
19 changed files with 131 additions and 81 deletions
--- a/library/pk.c
+++ b/library/pk.c
@ -396,7 +396,7 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
 int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx,
             mbedtls_md_type_t md_alg,
             const unsigned char *hash, size_t hash_len,
-             unsigned char *sig, size_t *sig_len,
+             unsigned char *sig, size_t sig_size, size_t *sig_len,
             int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
             mbedtls_pk_restart_ctx *rs_ctx )
 {
@ -421,7 +421,9 @@ int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx,
            return( ret );

        ret = ctx->pk_info->sign_rs_func( ctx->pk_ctx, md_alg,
-                hash, hash_len, sig, sig_len, f_rng, p_rng, rs_ctx->rs_ctx );
+                                          hash, hash_len,
+                                          sig, sig_size, sig_len,
+                                          f_rng, p_rng, rs_ctx->rs_ctx );

        if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS )
            mbedtls_pk_restart_free( rs_ctx );
@ -435,8 +437,10 @@ int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx,
    if( ctx->pk_info->sign_func == NULL )
        return( MBEDTLS_ERR_PK_TYPE_MISMATCH );

-    return( ctx->pk_info->sign_func( ctx->pk_ctx, md_alg, hash, hash_len,
-                                     sig, sig_len, f_rng, p_rng ) );
+    return( ctx->pk_info->sign_func( ctx->pk_ctx, md_alg,
+                                     hash, hash_len,
+                                     sig, sig_size, sig_len,
+                                     f_rng, p_rng ) );
 }

 /*
@ -444,11 +448,12 @@ int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx,
 */
 int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
             const unsigned char *hash, size_t hash_len,
-             unsigned char *sig, size_t *sig_len,
+             unsigned char *sig, size_t sig_size, size_t *sig_len,
             int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
 {
    return( mbedtls_pk_sign_restartable( ctx, md_alg, hash, hash_len,
-                                         sig, sig_len, f_rng, p_rng, NULL ) );
+                                         sig, sig_size, sig_len,
+                                         f_rng, p_rng, NULL ) );
 }

 /*