mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-26 12:39:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Check LMS offsets are sane at runtime

Browse Source 
Signed-off-by: Raef Coles <raef.coles@arm.com>
This commit is contained in:
Raef Coles 2022-10-10 11:23:07 +01:00
parent e34e3c0e59
commit 1fb2f32ef5
No known key found for this signature in database
GPG Key ID: 1AAF1B43DF2086F4
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
library/lms.c
View File

@ -733,6 +733,12 @@ int mbedtls_lms_sign( mbedtls_lms_private_t *ctx,
*/
ctx->q_next_usable_key += 1;
if ( MBEDTLS_LMS_SIG_LEN(ctx->params.type, ctx->params.otstype)
< SIG_OTS_SIG_OFFSET )
{
return MBEDTLS_ERR_LMS_BAD_INPUT_DATA;
}
ret = mbedtls_lmots_sign( &ctx->ots_private_keys[q_leaf_identifier],
f_rng, p_rng, msg, msg_size,
sig + SIG_OTS_SIG_OFFSET,