From a7cb845705163ee3c2fa396da5737df5b3daac65 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 22 May 2023 18:39:43 +0200 Subject: [PATCH] pk: add checks for the returned ECC family Signed-off-by: Valerio Setti --- library/pk.c | 3 +++ library/pk_wrap.c | 4 ++++ tests/suites/test_suite_pk.function | 4 ++++ 3 files changed, 11 insertions(+) diff --git a/library/pk.c b/library/pk.c index 826c29a8cb..9c4aa16a6b 100644 --- a/library/pk.c +++ b/library/pk.c @@ -224,6 +224,9 @@ int mbedtls_pk_update_public_key_from_keypair(mbedtls_pk_context *pk, pk->ec_family = mbedtls_ecc_group_to_psa(ecp_keypair->grp.id, &pk->ec_bits); + if (pk->ec_family == 0) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } return 0; } diff --git a/library/pk_wrap.c b/library/pk_wrap.c index e21ec2b307..3a3d3998b0 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -1150,6 +1150,10 @@ static int eckey_check_pair_psa(mbedtls_pk_context *pub, mbedtls_pk_context *prv #endif /* !MBEDTLS_PK_USE_PSA_EC_DATA */ const size_t curve_bytes = PSA_BITS_TO_BYTES(curve_bits); + if (curve == 0) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + psa_set_key_type(&key_attr, PSA_KEY_TYPE_ECC_KEY_PAIR(curve)); psa_set_key_usage_flags(&key_attr, PSA_KEY_USAGE_EXPORT); diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index d397374951..7227f92782 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -38,6 +38,10 @@ static int pk_genkey_ec(mbedtls_pk_context *pk, mbedtls_ecp_group_id grp_id) size_t key_len; int ret; + if (curve == 0) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + psa_set_key_type(&key_attr, PSA_KEY_TYPE_ECC_KEY_PAIR(curve)); psa_set_key_bits(&key_attr, curve_bits); psa_set_key_usage_flags(&key_attr, PSA_KEY_USAGE_EXPORT);