From d56e6e008bb5979c68d8710b5a992b664dc9212c Mon Sep 17 00:00:00 2001
From: Gabor Mezei <gabor.mezei@arm.com>
Date: Wed, 17 May 2023 17:51:19 +0200
Subject: [PATCH] Add input parameter length check for the Koblitz reduction

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
---
 library/ecp_curves.c   | 13 +++++++++++++
 library/ecp_invasive.h |  6 ++++++
 2 files changed, 19 insertions(+)

diff --git a/library/ecp_curves.c b/library/ecp_curves.c
index 149697087e..6573f8954d 100644
--- a/library/ecp_curves.c
+++ b/library/ecp_curves.c
@@ -5643,6 +5643,10 @@ int mbedtls_ecp_mod_p192k1_raw(mbedtls_mpi_uint *X, size_t X_limbs)
                                   0x01, 0x00, 0x00, 0x00)
     };
 
+    if (X_limbs != 2 * ((192 + biL - 1) / biL)) {
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+
     return ecp_mod_koblitz(X, X_limbs, Rp, 192);
 }
 
@@ -5673,6 +5677,10 @@ int mbedtls_ecp_mod_p224k1_raw(mbedtls_mpi_uint *X, size_t X_limbs)
                                   0x01, 0x00, 0x00, 0x00)
     };
 
+    if (X_limbs != 2 * 224 / biL) {
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+
     return ecp_mod_koblitz(X, X_limbs, Rp, 224);
 }
 
@@ -5702,6 +5710,11 @@ int mbedtls_ecp_mod_p256k1_raw(mbedtls_mpi_uint *X, size_t X_limbs)
         MBEDTLS_BYTES_TO_T_UINT_8(0xD1, 0x03, 0x00, 0x00,
                                   0x01, 0x00, 0x00, 0x00)
     };
+
+    if (X_limbs != 2 * ((256 + biL - 1) / biL)) {
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+
     return ecp_mod_koblitz(X, X_limbs, Rp, 256);
 }
 
diff --git a/library/ecp_invasive.h b/library/ecp_invasive.h
index 16b7b61418..aadcdbc78e 100644
--- a/library/ecp_invasive.h
+++ b/library/ecp_invasive.h
@@ -184,6 +184,8 @@ int  mbedtls_ecp_mod_p384_raw(mbedtls_mpi_uint *X, size_t X_limbs);
  * \param[in]       X_limbs The length of \p X in limbs.
  *
  * \return          \c 0 on success.
+ * \return          #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if \p X does not have
+ *                  twice as many limbs as the modulus.
  * \return          #MBEDTLS_ERR_ECP_ALLOC_FAILED if memory allocation failed.
  */
 MBEDTLS_STATIC_TESTABLE
@@ -206,6 +208,8 @@ int mbedtls_ecp_mod_p192k1_raw(mbedtls_mpi_uint *X, size_t X_limbs);
  * \param[in]       X_limbs The length of \p X in limbs.
  *
  * \return          \c 0 on success.
+ * \return          #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if \p X does not have
+ *                  twice as many limbs as the modulus.
  * \return          #MBEDTLS_ERR_ECP_ALLOC_FAILED if memory allocation failed.
  */
 MBEDTLS_STATIC_TESTABLE
@@ -228,6 +232,8 @@ int mbedtls_ecp_mod_p224k1_raw(mbedtls_mpi_uint *X, size_t X_limbs);
  * \param[in]       X_limbs The length of \p X in limbs.
  *
  * \return          \c 0 on success.
+ * \return          #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if \p X does not have
+ *                  twice as many limbs as the modulus.
  * \return          #MBEDTLS_ERR_ECP_ALLOC_FAILED if memory allocation failed.
  */
 MBEDTLS_STATIC_TESTABLE