Validate input sizes for RSA and ECDSA signing/verification ops.

Bug: 21955742
Change-Id: I4385a6539229b174facd5f04ce0391e2e8c3608d

1 files changed, 8 insertions, 2 deletions

diff --git a/ecdsa_operation.cpp b/ecdsa_operation.cpp
index 89bcfa1..5833716 100644
--- a/ecdsa_operation.cpp
+++ b/ecdsa_operation.cpp
@@ -93,9 +93,15 @@ keymaster_error_t EcdsaOperation::InitDigest() {
 }
 
 keymaster_error_t EcdsaOperation::StoreData(const Buffer& input, size_t* input_consumed) {
-    if (!data_.reserve(data_.available_read() + input.available_read()) ||
-        !data_.write(input.peek_read(), input.available_read()))
+    if (!data_.reserve(EVP_PKEY_bits(ecdsa_key_) / 8))
         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
+
+    // If the write fails, it's because input length exceeds key size.
+    if (!data_.write(input.peek_read(), input.available_read())) {
+        LOG_E("Input too long: cannot sign %u bytes of data with %u-bit ECDSA key",
+              input.available_read() + data_.available_read(), EVP_PKEY_bits(ecdsa_key_));
+        return KM_ERROR_INVALID_INPUT_LENGTH;
+    }
     *input_consumed = input.available_read();
     return KM_ERROR_OK;
 }