cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-11-03 20:22:59 -05:00
Code Issues Packages Projects Releases Wiki Activity

PSA asymmetric signature: set *signature_length = 0 on failure

Browse Source
This commit is contained in:
Gilles Peskine 2018-02-03 23:58:03 +01:00 committed by itayzafrir
parent 0189e7512d
commit 93aa0334d9
2 changed files with 9 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
library/psa_crypto.c
View File

@ -446,6 +446,10 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
{ {
key_slot_t *slot; key_slot_t *slot;
*signature_length = 0;
(void) salt;
(void) salt_length;
if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
return( PSA_ERROR_EMPTY_SLOT ); return( PSA_ERROR_EMPTY_SLOT );
slot = &global_data.key_slots[key]; slot = &global_data.key_slots[key];
@ -454,9 +458,6 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
return( PSA_ERROR_INVALID_ARGUMENT ); return( PSA_ERROR_INVALID_ARGUMENT );
(void) salt;
(void) salt_length;
#if defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_RSA_C)
if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
{ {
@ -512,7 +513,8 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
{ {
return( PSA_ERROR_INVALID_ARGUMENT ); return( PSA_ERROR_INVALID_ARGUMENT );
} }
*signature_length = ( ret == 0 ? rsa->len : 0 ); if( ret == 0 )
*signature_length = rsa->len;
return( mbedtls_to_psa_error( ret ) ); return( mbedtls_to_psa_error( ret ) );
} }
else else

5
tests/suites/test_suite_psa_crypto.function
View File

@ -159,9 +159,9 @@ void sign_deterministic( int key_type_arg, char *key_hex,
size_t input_size; size_t input_size;
unsigned char *output_data = NULL; unsigned char *output_data = NULL;
size_t output_size; size_t output_size;
size_t signature_length;
unsigned char *signature = NULL; unsigned char *signature = NULL;
size_t signature_size; size_t signature_size;
size_t signature_length = 0xdeadbeef;
key_data = mbedtls_calloc( 1, strlen( key_hex ) / 2 ); key_data = mbedtls_calloc( 1, strlen( key_hex ) / 2 );
TEST_ASSERT( key_data != NULL ); TEST_ASSERT( key_data != NULL );
@ -219,7 +219,7 @@ void sign_fail( int key_type_arg, char *key_hex,
psa_status_t actual_status; psa_status_t actual_status;
psa_status_t expected_status = expected_status_arg; psa_status_t expected_status = expected_status_arg;
unsigned char *signature; unsigned char *signature;
size_t signature_length; size_t signature_length = 0xdeadbeef;
key_data = mbedtls_calloc( 1, strlen( key_hex ) / 2 ); key_data = mbedtls_calloc( 1, strlen( key_hex ) / 2 );
TEST_ASSERT( key_data != NULL ); TEST_ASSERT( key_data != NULL );
@ -241,6 +241,7 @@ void sign_fail( int key_type_arg, char *key_hex,
signature, signature_size, signature, signature_size,
&signature_length ); &signature_length );
TEST_ASSERT( actual_status == expected_status ); TEST_ASSERT( actual_status == expected_status );
TEST_ASSERT( signature_length == 0 );
exit: exit:
psa_destroy_key( slot ); psa_destroy_key( slot );