diff --git a/tests/api/test_pkcs7.c b/tests/api/test_pkcs7.c index 6dee044e36..eeaeec1cf6 100644 --- a/tests/api/test_pkcs7.c +++ b/tests/api/test_pkcs7.c @@ -490,6 +490,9 @@ static int rsaSignRawDigestCb(PKCS7* pkcs7, byte* digest, word32 digestSz, /* ECC sign raw digest callback * This callback demonstrates HSM/secure element use case where the private * key is not passed through PKCS7 structure but obtained independently. + * Note: This example callback is hash-agnostic and will work with any + * hash algorithm. The hashOID parameter can be used to validate or select + * different signing behavior if needed. */ static int eccSignRawDigestCb(PKCS7* pkcs7, byte* digest, word32 digestSz, byte* out, word32 outSz, byte* privateKey, @@ -498,7 +501,11 @@ static int eccSignRawDigestCb(PKCS7* pkcs7, byte* digest, word32 digestSz, int ret; word32 idx = 0; word32 sigSz = outSz; - ecc_key ecc; +#ifdef WOLFSSL_SMALL_STACK + ecc_key* ecc = NULL; +#else + ecc_key ecc[1]; +#endif /* privateKey may be NULL in HSM/secure element use case - we load it * independently in this callback to simulate that scenario */ @@ -510,15 +517,25 @@ static int eccSignRawDigestCb(PKCS7* pkcs7, byte* digest, word32 digestSz, return -1; } +#ifdef WOLFSSL_SMALL_STACK + ecc = (ecc_key*)XMALLOC(sizeof(ecc_key), pkcs7->heap, DYNAMIC_TYPE_ECC); + if (ecc == NULL) { + return MEMORY_E; + } +#endif + /* set up ECC key */ - ret = wc_ecc_init_ex(&ecc, pkcs7->heap, devid); + ret = wc_ecc_init_ex(ecc, pkcs7->heap, devid); if (ret != 0) { + #ifdef WOLFSSL_SMALL_STACK + XFREE(ecc, pkcs7->heap, DYNAMIC_TYPE_ECC); + #endif return ret; } /* Load key from test buffer - simulates HSM/secure element access */ #if defined(USE_CERT_BUFFERS_256) - ret = wc_EccPrivateKeyDecode(ecc_clikey_der_256, &idx, &ecc, + ret = wc_EccPrivateKeyDecode(ecc_clikey_der_256, &idx, ecc, sizeof_ecc_clikey_der_256); #else { @@ -528,28 +545,37 @@ static int eccSignRawDigestCb(PKCS7* pkcs7, byte* digest, word32 digestSz, fp = XFOPEN("./certs/client-ecc-key.der", "rb"); if (fp == XBADFILE) { - wc_ecc_free(&ecc); + wc_ecc_free(ecc); + #ifdef WOLFSSL_SMALL_STACK + XFREE(ecc, pkcs7->heap, DYNAMIC_TYPE_ECC); + #endif return -1; } keySz = (int)XFREAD(keyBuf, 1, sizeof(keyBuf), fp); XFCLOSE(fp); if (keySz <= 0) { - wc_ecc_free(&ecc); + wc_ecc_free(ecc); + #ifdef WOLFSSL_SMALL_STACK + XFREE(ecc, pkcs7->heap, DYNAMIC_TYPE_ECC); + #endif return -1; } - ret = wc_EccPrivateKeyDecode(keyBuf, &idx, &ecc, (word32)keySz); + ret = wc_EccPrivateKeyDecode(keyBuf, &idx, ecc, (word32)keySz); } #endif /* sign digest */ if (ret == 0) { - ret = wc_ecc_sign_hash(digest, digestSz, out, &sigSz, pkcs7->rng, &ecc); + ret = wc_ecc_sign_hash(digest, digestSz, out, &sigSz, pkcs7->rng, ecc); if (ret == 0) { ret = (int)sigSz; } } - wc_ecc_free(&ecc); + wc_ecc_free(ecc); +#ifdef WOLFSSL_SMALL_STACK + XFREE(ecc, pkcs7->heap, DYNAMIC_TYPE_ECC); +#endif return ret; } diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 82efb9b10d..97d15a3937 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -2422,6 +2422,10 @@ static int wc_PKCS7_SignedDataBuildSignature(wc_PKCS7* pkcs7, if (pkcs7->eccSignRawDigestCb != NULL) { /* get hash OID */ int eccHashOID = wc_HashGetOID(esd->hashType); + if (eccHashOID < 0) { + ret = eccHashOID; + break; + } /* user signing plain digest */ ret = pkcs7->eccSignRawDigestCb(pkcs7, @@ -2429,6 +2433,10 @@ static int wc_PKCS7_SignedDataBuildSignature(wc_PKCS7* pkcs7, esd->encContentDigest, sizeof(esd->encContentDigest), pkcs7->privateKey, pkcs7->privateKeySz, pkcs7->devId, eccHashOID); + /* validate return value doesn't exceed buffer size */ + if (ret > 0 && (word32)ret > sizeof(esd->encContentDigest)) { + ret = BUFFER_E; + } break; } #endif