fixes for

F-5335: ECDH overflow paths do not report the required output length
F-5336: RSA PKCS#1 overflow paths do not report the required output length
This commit is contained in:
Daniel Pouzzner
2026-06-08 18:15:51 -05:00
parent 67c1d65ef7
commit ad98438baa
2 changed files with 6 additions and 0 deletions
+2
View File
@@ -493,6 +493,7 @@ static int km_ecdh_gen_pub(struct kpp_request *req)
pr_err("error: dst_len too small: %d\n", req->dst_len);
#endif /* WOLFKM_DEBUG_ECDH */
err = -EOVERFLOW;
req->dst_len = raw_pub_len;
goto ecdh_gen_pub_end;
}
@@ -650,6 +651,7 @@ static int km_ecdh_compute_shared_secret(struct kpp_request *req)
if (req->dst_len < shared_secret_len) {
err = -EOVERFLOW;
req->dst_len = shared_secret_len;
goto ecdh_shared_secret_end;
}
+4
View File
@@ -832,6 +832,7 @@ static int km_direct_rsa_dec(struct akcipher_request *req)
if (out_len > req->dst_len) {
err = -EOVERFLOW;
req->dst_len = out_len;
goto rsa_dec_out;
}
@@ -1121,6 +1122,7 @@ static int km_pkcs1pad_sign(struct akcipher_request *req)
if (req->dst_len < ctx->key_len) {
err = -EOVERFLOW;
req->dst_len = ctx->key_len;
goto pkcs1pad_sign_out;
}
@@ -1688,6 +1690,7 @@ static int km_pkcs1pad_enc(struct akcipher_request *req)
if (req->dst_len < ctx->key_len) {
err = -EOVERFLOW;
req->dst_len = ctx->key_len;
goto pkcs1_enc_out;
}
@@ -1806,6 +1809,7 @@ static int km_pkcs1pad_dec(struct akcipher_request *req)
if (dec_len > req->dst_len) {
err = -EOVERFLOW;
req->dst_len = dec_len;
goto pkcs1_dec_out;
}