Merge pull request #2544 from JacobBarthelmeh/SanityChecks

add null checks (QSH and CRYPTOCELL)
2019-11-06 12:18:00 -08:00
parent cd7001904a a6e4926d2f
commit 969488434a
2 changed files with 8 additions and 5 deletions
--- a/src/internal.c
+++ b/src/internal.c
@@ -20770,7 +20770,7 @@ static int QSH_GenerateSerCliSecret(WOLFSSL* ssl, byte isServer)
    int offset   = 0;
    word32 tmpSz = 0;
    buffer* buf;
-    QSHKey* current = ssl->peerQSHKey;
+    QSHKey* current;
    QSHScheme* schmPre = NULL;
    QSHScheme* schm    = NULL;

@@ -20779,6 +20779,7 @@ static int QSH_GenerateSerCliSecret(WOLFSSL* ssl, byte isServer)

    WOLFSSL_MSG("Generating QSH secret key material");

+    current = ssl->peerQSHKey;
    /* get size of buffer needed */
    while (current) {
        if (current->pub.length != 0) {
@@ -20860,11 +20861,12 @@ static int QSH_GenerateSerCliSecret(WOLFSSL* ssl, byte isServer)
 static word32 QSH_KeyGetSize(WOLFSSL* ssl)
 {
    word32 sz = 0;
-    QSHKey* current = ssl->peerQSHKey;
+    QSHKey* current;

    if (ssl == NULL)
        return -1;

+    current = ssl->peerQSHKey;
    sz += OPAQUE16_LEN; /* type of extension ie 0x00 0x18 */
    sz += OPAQUE24_LEN;
    /* get size of buffer needed */
--- a/wolfcrypt/src/ecc.c
+++ b/wolfcrypt/src/ecc.c
@@ -4037,7 +4037,7 @@ int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, int curve_id)
    CRYS_ECPKI_KG_TempData_t    tempBuff;
    CRYS_ECPKI_KG_FipsContext_t fipsCtx;
    byte ucompressed_key[ECC_MAX_CRYPTO_HW_SIZE*2 + 1];
-    word32 raw_size = (word32) (key->dp->size)*2 + 1;
+    word32 raw_size = 0;
 #endif
    if (key == NULL || rng == NULL) {
        return BAD_FUNC_ARG;
@@ -4110,6 +4110,7 @@ int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, int curve_id)
 #elif defined(WOLFSSL_CRYPTOCELL)

    pDomain = CRYS_ECPKI_GetEcDomain(cc310_mapCurve(curve_id));
+    raw_size = (word32)(key->dp->size)*2 + 1;

    /* generate first key pair */
    err = CRYS_ECPKI_GenKeyPair(&wc_rndState,
@@ -7232,7 +7233,7 @@ static int wc_ecc_import_raw_private(ecc_key* key, const char* qx,
    const CRYS_ECPKI_Domain_t* pDomain;
    CRYS_ECPKI_BUILD_TempData_t tempBuff;
    byte key_raw[ECC_MAX_CRYPTO_HW_SIZE*2 + 1];
-    word32 keySz = key->dp->size;
+    word32 keySz = 0;
 #endif
    /* if d is NULL, only import as public key using Qx,Qy */
    if (key == NULL || qx == NULL || qy == NULL) {
@@ -7299,7 +7300,7 @@ static int wc_ecc_import_raw_private(ecc_key* key, const char* qx,
 #elif defined(WOLFSSL_CRYPTOCELL)
    if (err == MP_OKAY) {
        key_raw[0] = ECC_POINT_UNCOMP;
-        keySz = key->dp->size;
+        keySz = (word32)key->dp->size;
        err = wc_export_int(key->pubkey.x, &key_raw[1], &keySz, keySz,
            WC_TYPE_UNSIGNED_BIN);
        if (err == MP_OKAY)