From b54979a297702014f12f50bf3b2652f2671737bb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Jun 2018 09:32:47 +0200 Subject: [PATCH] Refuse non-byte-sized raw data keys Since the key size is stored in bytes, we can't have a key whose size isn't a whole number of bytes. --- library/psa_crypto.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 90b43549c..ba80912dd 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -420,6 +420,8 @@ static psa_status_t prepare_raw_data_slot( psa_key_type_t type, default: return( PSA_ERROR_NOT_SUPPORTED ); } + if( bits % 8 != 0 ) + return( PSA_ERROR_INVALID_ARGUMENT ); /* Allocate memory for the key */ raw->bytes = PSA_BITS_TO_BYTES( bits );