feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Fix for ECC sign with hardware to ensure the input is truncated to the key order.

Browse Source
This commit is contained in:
David Garske
2019-02-22 15:29:45 -08:00
parent 9c9221432f
commit 712ecabf36
1 changed files with 14 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
wolfcrypt/src/ecc.c
View File

@ -4239,13 +4239,25 @@ static int wc_ecc_sign_hash_hw(const byte* in, word32 inlen,
#endif #endif
{ {
word32 keysize = (word32)key->dp->size; word32 keysize = (word32)key->dp->size;
word32 orderBits;
DECLARE_CURVE_SPECS(curve, 1);
/* Check args */ /* Check args */
if (keysize > ECC_MAX_CRYPTO_HW_SIZE || inlen != keysize || if (keysize > ECC_MAX_CRYPTO_HW_SIZE || *outlen < keysize*2) {
*outlen < keysize*2) {
return ECC_BAD_ARG_E; return ECC_BAD_ARG_E;
} }
/* if the input is larger than curve order, we must truncate */
ALLOC_CURVE_SPECS(1);
err = wc_ecc_curve_load(key->dp, &curve, ECC_CURVE_FIELD_ORDER);
if (err != 0)
return err;
orderBits = mp_count_bits(curve->order);
if ((inlen * WOLFSSL_BIT_SIZE) > orderBits) {
inlen = (orderBits + WOLFSSL_BIT_SIZE - 1) / WOLFSSL_BIT_SIZE;
}
FREE_CURVE_SPECS();
#if defined(WOLFSSL_ATECC508A) #if defined(WOLFSSL_ATECC508A)
key->slot = atmel_ecc_alloc(ATMEL_SLOT_DEVICE); key->slot = atmel_ecc_alloc(ATMEL_SLOT_DEVICE);
if (key->slot == ATECC_INVALID_SLOT) { if (key->slot == ATECC_INVALID_SLOT) {