mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-31 01:20:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

tls: psa_pake: fixing mbedtls_psa_ecjpake_write_round()

Browse Source 
It might happen that the psa_pake_output() function returns
elements which are not exactly 32 or 65 bytes as expected, but
1 bytes less.
As a consequence, insted of hardcoding the expected value for
the length in the output buffer, we write the correct one as
obtained from psa_pake_output()

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
This commit is contained in:
Valerio Setti 2022-11-21 14:17:03 +01:00
parent 61ea17d30a
commit 79f6b6bb1b
1 changed files with 14 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
library/ssl_tls.c
View File

@ -8259,20 +8259,27 @@ int mbedtls_psa_ecjpake_write_round(
step <= PSA_PAKE_STEP_ZK_PROOF;
++step )
{
/* For each step, prepend 1 byte with the length of the data */
*(buf + output_offset) = MBEDTLS_SSL_ECJPAKE_OUTPUT_SIZE( step );
output_offset += 1;
/*
* For each step, prepend 1 byte with the length of the data.
*
* NOTE = psa_pake_output() sometimes output elements which are
* NOT 32 or 65 bytes as expected, but 1 byte less. So, instead
* of hardcoding the expected length, we
* - get the output first
* - then write the length of this output
*/
status = psa_pake_output( pake_ctx, step,
buf + output_offset,
len - output_offset,
buf + output_offset + 1,
len - output_offset - 1,
&output_len );
if( status != PSA_SUCCESS )
{
return( psa_ssl_status_to_mbedtls( status ) );
}
output_offset += output_len;
*(buf + output_offset) = output_len;
output_offset += output_len + 1;
}
}