From fbaf50f1d9811fa894eef7591b92234ffee57810 Mon Sep 17 00:00:00 2001
From: gauri patankar <gauri.patankar@espressif.com>
Date: Thu, 6 Oct 2022 16:40:57 +0530
Subject: [PATCH] esp_wifi:adding hash key length validation

---
 .../esp_supplicant/src/crypto/crypto_mbedtls-rsa.c           | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/components/wpa_supplicant/esp_supplicant/src/crypto/crypto_mbedtls-rsa.c b/components/wpa_supplicant/esp_supplicant/src/crypto/crypto_mbedtls-rsa.c
index fd80e5b96a..450f78b8fe 100644
--- a/components/wpa_supplicant/esp_supplicant/src/crypto/crypto_mbedtls-rsa.c
+++ b/components/wpa_supplicant/esp_supplicant/src/crypto/crypto_mbedtls-rsa.c
@@ -339,8 +339,11 @@ int  crypto_public_key_decrypt_pkcs1(struct crypto_public_key *key,
 	size_t len;
 	u8 *pos;
 	mbedtls_pk_context *pkey = (mbedtls_pk_context *)key;
+	len = mbedtls_pk_rsa(*pkey)->MBEDTLS_PRIVATE(len);
+	if (len != crypt_len) {
+		return -1;
+	}
 
-	len = *plain_len;
 	if (mbedtls_rsa_public(mbedtls_pk_rsa(*pkey), crypt, plain) < 0)
 		return -1;