Merge remote-tracking branch 'upstream-public/pr/1543' into development-proposed

2025-12-24 00:06:32 +01:00 · 2018-04-04 09:03:25 +02:00 · 2018-04-04 09:03:25 +02:00 · 1fae860f0f
commit 1fae860f0f
parent 90a8b5219f cc78ac46e7
6 changed files with 19 additions and 11 deletions
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@ -400,6 +400,9 @@ int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx,
                              &ctx->Q, &r, &s ) ) != 0 )
        goto cleanup;

+    /* At this point we know that the buffer starts with a valid signature.
+     * Return 0 if the buffer just contains the signature, and a specific
+     * error code if the valid signature is followed by more data. */
    if( p != end )
        ret = MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH;

--- a/library/error.c
+++ b/library/error.c
@ -266,7 +266,7 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
        if( use_ret == -(MBEDTLS_ERR_ECP_INVALID_KEY) )
            mbedtls_snprintf( buf, buflen, "ECP - Invalid private or public key" );
        if( use_ret == -(MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH) )
-            mbedtls_snprintf( buf, buflen, "ECP - Signature is valid but shorter than the user-supplied length" );
+            mbedtls_snprintf( buf, buflen, "ECP - The buffer contains a valid signature followed by more data" );
        if( use_ret == -(MBEDTLS_ERR_ECP_HW_ACCEL_FAILED) )
            mbedtls_snprintf( buf, buflen, "ECP - ECP hardware accelerator failed" );
 #endif /* MBEDTLS_ECP_C */
@ -333,7 +333,7 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
        if( use_ret == -(MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE) )
            mbedtls_snprintf( buf, buflen, "PK - Unavailable feature, e.g. RSA disabled for RSA key" );
        if( use_ret == -(MBEDTLS_ERR_PK_SIG_LEN_MISMATCH) )
-            mbedtls_snprintf( buf, buflen, "PK - The signature is valid but its length is less than expected" );
+            mbedtls_snprintf( buf, buflen, "PK - The buffer contains a valid signature followed by more data" );
        if( use_ret == -(MBEDTLS_ERR_PK_HW_ACCEL_FAILED) )
            mbedtls_snprintf( buf, buflen, "PK - PK hardware accelerator failed" );
 #endif /* MBEDTLS_PK_C */
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@ -93,6 +93,11 @@ static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
                                  (unsigned int) hash_len, hash, sig ) ) != 0 )
        return( ret );

+    /* The buffer contains a valid signature followed by extra data.
+     * We have a special error code for that so that so that callers can
+     * use mbedtls_pk_verify() to check "Does the buffer start with a
+     * valid signature?" and not just "Does the buffer contain a valid
+     * signature?". */
    if( sig_len > rsa_len )
        return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );