mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 10:40:52 +02:00
Merge pull request #10122 from miyazakh/f-1370_SigGetSize
F-1370 : Tighten key_len check from `>=` to `==`
This commit is contained in:
@@ -4,13 +4,24 @@
|
||||
\brief This function returns the maximum size of the resulting signature.
|
||||
|
||||
\return Returns SIG_TYPE_E if sig_type is not supported. Returns
|
||||
BAD_FUNC_ARG if sig_type was invalid. A positive return value indicates
|
||||
BAD_FUNC_ARG if sig_type was invalid or key_len does not exactly match
|
||||
the size of the expected key structure. A positive return value indicates
|
||||
the maximum size of a signature.
|
||||
|
||||
\param sig_type A signature type enum value such as
|
||||
WC_SIGNATURE_TYPE_ECC or WC_SIGNATURE_TYPE_RSA.
|
||||
\param key Pointer to a key structure such as ecc_key or RsaKey.
|
||||
\param key_len Size of the key structure.
|
||||
\param key Pointer to the key structure corresponding to sig_type:
|
||||
pass an ecc_key* for WC_SIGNATURE_TYPE_ECC, or a RsaKey* for
|
||||
WC_SIGNATURE_TYPE_RSA / WC_SIGNATURE_TYPE_RSA_W_ENC.
|
||||
The caller is responsible for ensuring the pointer refers to the correct
|
||||
type; this function cannot verify the actual runtime type of the object.
|
||||
\param key_len If key is non-NULL, key_len must be exactly sizeof(ecc_key)
|
||||
or sizeof(RsaKey) matching the sig_type. Passing any other value
|
||||
causes the function to return BAD_FUNC_ARG without dereferencing key.
|
||||
Always pass the size of the concrete key type at the call site: if you
|
||||
have a typed pointer (e.g., ecc_key* k), use sizeof(*k); otherwise use
|
||||
sizeof(ecc_key) or sizeof(RsaKey) directly. Do not use sizeof(*key)
|
||||
on the const void* parameter itself, as dereferencing void is invalid.
|
||||
|
||||
_Example_
|
||||
\code
|
||||
@@ -43,16 +54,19 @@ int wc_SignatureGetSize(enum wc_SignatureType sig_type,
|
||||
\return BAD_FUNC_ARG -173, bad function argument provided
|
||||
\return BUFFER_E -132, output buffer too small or input too large.
|
||||
|
||||
\param hash_type A hash type from the “enum wc_HashType” such as
|
||||
“WC_HASH_TYPE_SHA256”.
|
||||
\param hash_type A hash type from the "enum wc_HashType" such as
|
||||
"WC_HASH_TYPE_SHA256".
|
||||
\param sig_type A signature type enum value such as
|
||||
WC_SIGNATURE_TYPE_ECC or WC_SIGNATURE_TYPE_RSA.
|
||||
\param data Pointer to buffer containing the data to hash.
|
||||
\param data_len Length of the data buffer.
|
||||
\param sig Pointer to buffer to output signature.
|
||||
\param sig_len Length of the signature output buffer.
|
||||
\param key Pointer to a key structure such as ecc_key or RsaKey.
|
||||
\param key_len Size of the key structure.
|
||||
\param key Pointer to the key structure corresponding to sig_type.
|
||||
See wc_SignatureGetSize() for the type-safety constraints that apply
|
||||
to this parameter.
|
||||
\param key_len Must be exactly sizeof(ecc_key) or
|
||||
sizeof(RsaKey) matching sig_type. See wc_SignatureGetSize().
|
||||
|
||||
_Example_
|
||||
\code
|
||||
@@ -93,16 +107,19 @@ int wc_SignatureVerify(
|
||||
\return BAD_FUNC_ARG -173, bad function argument provided
|
||||
\return BUFFER_E -132, output buffer too small or input too large.
|
||||
|
||||
\param hash_type A hash type from the “enum wc_HashType”
|
||||
such as “WC_HASH_TYPE_SHA256”.
|
||||
\param hash_type A hash type from the "enum wc_HashType"
|
||||
such as "WC_HASH_TYPE_SHA256".
|
||||
\param sig_type A signature type enum value such as
|
||||
WC_SIGNATURE_TYPE_ECC or WC_SIGNATURE_TYPE_RSA.
|
||||
\param data Pointer to buffer containing the data to hash.
|
||||
\param data_len Length of the data buffer.
|
||||
\param sig Pointer to buffer to output signature.
|
||||
\param sig_len Length of the signature output buffer.
|
||||
\param key Pointer to a key structure such as ecc_key or RsaKey.
|
||||
\param key_len Size of the key structure.
|
||||
\param key Pointer to the key structure corresponding to sig_type.
|
||||
See wc_SignatureGetSize() for the type-safety constraints that apply
|
||||
to this parameter.
|
||||
\param key_len Must be exactly sizeof(ecc_key) or
|
||||
sizeof(RsaKey) matching sig_type. See wc_SignatureGetSize().
|
||||
\param rng Pointer to an initialized RNG structure.
|
||||
|
||||
_Example_
|
||||
@@ -166,8 +183,11 @@ int wc_SignatureGenerate(
|
||||
\param hash_len Length of the hash buffer
|
||||
\param sig Pointer to buffer containing the signature
|
||||
\param sig_len Length of the signature buffer
|
||||
\param key Pointer to a key structure such as ecc_key or RsaKey
|
||||
\param key_len Size of the key structure
|
||||
\param key Pointer to the key structure corresponding to sig_type.
|
||||
See wc_SignatureGetSize() for the type-safety constraints that apply
|
||||
to this parameter.
|
||||
\param key_len Must be exactly sizeof(ecc_key) or
|
||||
sizeof(RsaKey) matching sig_type. See wc_SignatureGetSize().
|
||||
|
||||
_Example_
|
||||
\code
|
||||
@@ -216,8 +236,11 @@ int wc_SignatureVerifyHash(enum wc_HashType hash_type,
|
||||
\param hash_len Length of the hash buffer
|
||||
\param sig Pointer to buffer to output signature
|
||||
\param sig_len Pointer to length of signature output buffer
|
||||
\param key Pointer to a key structure such as ecc_key or RsaKey
|
||||
\param key_len Size of the key structure
|
||||
\param key Pointer to the key structure corresponding to sig_type.
|
||||
See wc_SignatureGetSize() for the type-safety constraints that apply
|
||||
to this parameter.
|
||||
\param key_len Must be exactly sizeof(ecc_key) or
|
||||
sizeof(RsaKey) matching sig_type. See wc_SignatureGetSize().
|
||||
\param rng Pointer to an initialized RNG structure
|
||||
|
||||
_Example_
|
||||
@@ -266,8 +289,11 @@ int wc_SignatureGenerateHash(enum wc_HashType hash_type,
|
||||
\param hash_len Length of the hash buffer
|
||||
\param sig Pointer to buffer to output signature
|
||||
\param sig_len Pointer to length of signature output buffer
|
||||
\param key Pointer to a key structure such as ecc_key or RsaKey
|
||||
\param key_len Size of the key structure
|
||||
\param key Pointer to the key structure corresponding to sig_type.
|
||||
See wc_SignatureGetSize() for the type-safety constraints that apply
|
||||
to this parameter.
|
||||
\param key_len Must be exactly sizeof(ecc_key) or
|
||||
sizeof(RsaKey) matching sig_type. See wc_SignatureGetSize().
|
||||
\param rng Pointer to an initialized RNG structure
|
||||
\param verify If non-zero, verify the signature after generation
|
||||
|
||||
@@ -317,8 +343,11 @@ int wc_SignatureGenerateHash_ex(enum wc_HashType hash_type,
|
||||
\param data_len Length of the data buffer
|
||||
\param sig Pointer to buffer to output signature
|
||||
\param sig_len Pointer to length of signature output buffer
|
||||
\param key Pointer to a key structure such as ecc_key or RsaKey
|
||||
\param key_len Size of the key structure
|
||||
\param key Pointer to the key structure corresponding to sig_type.
|
||||
See wc_SignatureGetSize() for the type-safety constraints that apply
|
||||
to this parameter.
|
||||
\param key_len Must be exactly sizeof(ecc_key) or
|
||||
sizeof(RsaKey) matching sig_type. See wc_SignatureGetSize().
|
||||
\param rng Pointer to an initialized RNG structure
|
||||
\param verify If non-zero, verify the signature after generation
|
||||
|
||||
|
||||
@@ -68,6 +68,13 @@ int test_wc_SignatureGetSize_ecc(void)
|
||||
sig_type = WC_SIGNATURE_TYPE_ECC;
|
||||
ExpectIntEQ(wc_SignatureGetSize(sig_type, NULL, key_len), 0);
|
||||
key_len = (word32)0;
|
||||
ExpectIntEQ(wc_SignatureGetSize(sig_type, &ecc, key_len),
|
||||
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
|
||||
/* key_len must be exactly sizeof(ecc_key): one less or one more is invalid */
|
||||
key_len = (word32)(sizeof(ecc_key) - 1);
|
||||
ExpectIntEQ(wc_SignatureGetSize(sig_type, &ecc, key_len),
|
||||
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
|
||||
key_len = (word32)(sizeof(ecc_key) + 1);
|
||||
ExpectIntEQ(wc_SignatureGetSize(sig_type, &ecc, key_len),
|
||||
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
|
||||
|
||||
@@ -138,6 +145,13 @@ int test_wc_SignatureGetSize_rsa(void)
|
||||
ExpectIntEQ(wc_SignatureGetSize(sig_type, NULL, key_len),
|
||||
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
|
||||
key_len = (word32)0;
|
||||
ExpectIntEQ(wc_SignatureGetSize(sig_type, &rsa_key, key_len),
|
||||
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
|
||||
/* key_len must be exactly sizeof(RsaKey): one less or one more is invalid */
|
||||
key_len = (word32)(sizeof(RsaKey) - 1);
|
||||
ExpectIntEQ(wc_SignatureGetSize(sig_type, &rsa_key, key_len),
|
||||
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
|
||||
key_len = (word32)(sizeof(RsaKey) + 1);
|
||||
ExpectIntEQ(wc_SignatureGetSize(sig_type, &rsa_key, key_len),
|
||||
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
|
||||
|
||||
|
||||
@@ -29,6 +29,6 @@ int test_wc_SignatureGetSize_rsa(void);
|
||||
|
||||
#define TEST_SIGNATURE_DECLS \
|
||||
TEST_DECL_GROUP("signature", test_wc_SignatureGetSize_ecc), \
|
||||
TEST_DECL_GROUP("signature", test_wc_SignatureGetSize_ecc)
|
||||
TEST_DECL_GROUP("signature", test_wc_SignatureGetSize_rsa)
|
||||
|
||||
#endif /* WOLFCRYPT_TEST_SIGNATURE_H */
|
||||
|
||||
@@ -93,8 +93,12 @@ int wc_SignatureGetSize(enum wc_SignatureType sig_type,
|
||||
switch(sig_type) {
|
||||
case WC_SIGNATURE_TYPE_ECC:
|
||||
#ifdef HAVE_ECC
|
||||
/* Sanity check that void* key is at least ecc_key in size */
|
||||
if (key_len >= sizeof(ecc_key)) {
|
||||
/* Verify that key_len matches exactly sizeof(ecc_key).
|
||||
* This is a necessary but not sufficient type check:
|
||||
* the const void* API cannot verify the actual runtime
|
||||
* type of the pointed-to object.
|
||||
* Callers must pass a valid ecc_key* cast to const void*. */
|
||||
if ((size_t)key_len == sizeof(ecc_key)) {
|
||||
#if defined(HAVE_SELFTEST) || (defined(HAVE_FIPS) && FIPS_VERSION3_LT(5,0,0))
|
||||
sig_len = wc_ecc_sig_size((ecc_key*)(wc_ptr_t)key);
|
||||
#else
|
||||
@@ -112,8 +116,10 @@ int wc_SignatureGetSize(enum wc_SignatureType sig_type,
|
||||
case WC_SIGNATURE_TYPE_RSA_W_ENC:
|
||||
case WC_SIGNATURE_TYPE_RSA:
|
||||
#ifndef NO_RSA
|
||||
/* Sanity check that void* key is at least RsaKey in size */
|
||||
if (key_len >= sizeof(RsaKey)) {
|
||||
/* Verify that key_len matches exactly sizeof(RsaKey).
|
||||
* Same caveat as the ECC case above: size equality is necessary
|
||||
* but not sufficient; the caller must pass a valid RsaKey*. */
|
||||
if ((size_t)key_len == sizeof(RsaKey)) {
|
||||
#if defined(HAVE_SELFTEST) || (defined(HAVE_FIPS) && FIPS_VERSION3_LT(5,0,0))
|
||||
sig_len = wc_RsaEncryptSize((RsaKey*)(wc_ptr_t)key);
|
||||
#else
|
||||
|
||||
Reference in New Issue
Block a user