diff options
author | Shawn Willden <swillden@google.com> | 2015-06-22 05:25:59 -0600 |
---|---|---|
committer | Shawn Willden <swillden@google.com> | 2015-06-22 15:34:23 -0600 |
commit | d530305019e1ccc1e30a4f8edeb88db3d126e235 (patch) | |
tree | cdd74425a31da12f69c32ca9b3eb6882a134d2d0 /ecdsa_operation.cpp | |
parent | 0f906ec40f6ade7955c6b967ea522aade54ea2e4 (diff) | |
download | android_system_keymaster-d530305019e1ccc1e30a4f8edeb88db3d126e235.tar.gz android_system_keymaster-d530305019e1ccc1e30a4f8edeb88db3d126e235.tar.bz2 android_system_keymaster-d530305019e1ccc1e30a4f8edeb88db3d126e235.zip |
Validate input sizes for RSA and ECDSA signing/verification ops.
Bug: 21955742
Change-Id: I4385a6539229b174facd5f04ce0391e2e8c3608d
Diffstat (limited to 'ecdsa_operation.cpp')
-rw-r--r-- | ecdsa_operation.cpp | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/ecdsa_operation.cpp b/ecdsa_operation.cpp index 89bcfa1..5833716 100644 --- a/ecdsa_operation.cpp +++ b/ecdsa_operation.cpp @@ -93,9 +93,15 @@ keymaster_error_t EcdsaOperation::InitDigest() { } keymaster_error_t EcdsaOperation::StoreData(const Buffer& input, size_t* input_consumed) { - if (!data_.reserve(data_.available_read() + input.available_read()) || - !data_.write(input.peek_read(), input.available_read())) + if (!data_.reserve(EVP_PKEY_bits(ecdsa_key_) / 8)) return KM_ERROR_MEMORY_ALLOCATION_FAILED; + + // If the write fails, it's because input length exceeds key size. + if (!data_.write(input.peek_read(), input.available_read())) { + LOG_E("Input too long: cannot sign %u bytes of data with %u-bit ECDSA key", + input.available_read() + data_.available_read(), EVP_PKEY_bits(ecdsa_key_)); + return KM_ERROR_INVALID_INPUT_LENGTH; + } *input_consumed = input.available_read(); return KM_ERROR_OK; } |