Rust wrapper: check for NUL-terminated slice in ECC::rs_hex_to_sig

Fixes F-3092
This commit is contained in:
Josh Holtrop
2026-04-24 09:16:01 -04:00
parent 79358fea80
commit 0cddbb25b2
2 changed files with 24 additions and 0 deletions
@@ -1219,6 +1219,9 @@ impl ECC {
/// }
/// ```
pub fn rs_hex_to_sig(r: &[u8], s: &[u8], dout: &mut [u8]) -> Result<usize, i32> {
if r[r.len() - 1] != 0 || s[s.len() - 1] != 0 {
return Err(sys::wolfCrypt_ErrorCodes_BAD_FUNC_ARG);
}
let mut dout_size = crate::buffer_len_to_u32(dout.len())?;
let r_ptr = r.as_ptr() as *const core::ffi::c_char;
let s_ptr = s.as_ptr() as *const core::ffi::c_char;
@@ -342,3 +342,24 @@ fn test_ecc_import() {
ECC::import_raw(qx, qy, d, b"SECP256R1\0", None, None).expect("Error with import_raw()");
ECC::import_raw_ex(qx, qy, d, ECC::SECP256R1, None, None).expect("Error with import_raw_ex()");
}
#[test]
fn test_ecc_rs_hex_to_sig_not_null_terminated() {
let r_hex = b"AABB\0";
let s_hex = b"CCDD\0";
let r_hex_no_nul = b"AABB";
let s_hex_no_nul = b"CCDD";
let mut sig_out = [0u8; 128];
// Both null-terminated should succeed
assert!(ECC::rs_hex_to_sig(r_hex, s_hex, &mut sig_out).is_ok());
// r not null-terminated should fail
assert!(ECC::rs_hex_to_sig(r_hex_no_nul, s_hex, &mut sig_out).is_err());
// s not null-terminated should fail
assert!(ECC::rs_hex_to_sig(r_hex, s_hex_no_nul, &mut sig_out).is_err());
// Both not null-terminated should fail
assert!(ECC::rs_hex_to_sig(r_hex_no_nul, s_hex_no_nul, &mut sig_out).is_err());
}