@@ -120,7 +120,7 @@ int SSL_STSAFE_VerifyPeerCertCb(WOLFSSL* ssl,
120120{
121121 int err ;
122122 byte sigRS [STSAFE_MAX_SIG_LEN ];
123- byte * r , * s ;
123+ byte * r = NULL , * s = NULL ;
124124 word32 r_len = STSAFE_MAX_SIG_LEN /2 , s_len = STSAFE_MAX_SIG_LEN /2 ;
125125 byte pubKeyX [STSAFE_MAX_PUBKEY_RAW_LEN /2 ];
126126 byte pubKeyY [STSAFE_MAX_PUBKEY_RAW_LEN /2 ];
@@ -130,6 +130,7 @@ int SSL_STSAFE_VerifyPeerCertCb(WOLFSSL* ssl,
130130 word32 inOutIdx = 0 ;
131131 StSafeA_CurveId curve_id = STSAFE_A_NIST_P_256 ;
132132 int ecc_curve ;
133+ int key_sz = 0 ;
133134
134135 (void )ssl ;
135136 (void )ctx ;
@@ -151,23 +152,34 @@ int SSL_STSAFE_VerifyPeerCertCb(WOLFSSL* ssl,
151152 pubKeyY , & pubKeyY_len );
152153 }
153154 if (err == 0 ) {
154- int key_sz ;
155-
156155 /* determine curve */
157156 ecc_curve = key .dp -> id ;
158157 curve_id = stsafe_get_ecc_curve_id (ecc_curve );
159158 key_sz = stsafe_get_key_size (curve_id );
160-
159+ if (key_sz <= 0 || key_sz > STSAFE_MAX_KEY_LEN ) {
160+ err = BAD_FUNC_ARG ;
161+ }
162+ }
163+ if (err == 0 ) {
161164 /* Extract R and S from signature */
162165 XMEMSET (sigRS , 0 , sizeof (sigRS ));
163166 r = & sigRS [0 ];
164167 s = & sigRS [key_sz ];
165168 err = wc_ecc_sig_to_rs (sig , sigSz , r , & r_len , s , & s_len );
166- (void )r_len ;
167- (void )s_len ;
168169 }
169-
170170 if (err == 0 ) {
171+ /* make sure R and S are not too large */
172+ if (r_len > key_sz || s_len > key_sz ) {
173+ err = BAD_FUNC_ARG ;
174+ }
175+ }
176+ if (err == 0 ) {
177+ /* make sure R and S are zero padded on front */
178+ XMEMMOVE (& sigRS [key_sz - r_len ], r , r_len );
179+ XMEMSET (& sigRS [0 ], 0 , key_sz - r_len );
180+ XMEMMOVE (& sigRS [key_sz + (key_sz - s_len )], s , s_len );
181+ XMEMSET (& sigRS [key_sz ], 0 , key_sz - s_len );
182+
171183 /* Verify signature */
172184 err = stsafe_interface_verify (curve_id , (uint8_t * )hash , sigRS ,
173185 pubKeyX , pubKeyY , (int32_t * )result );
@@ -474,7 +486,7 @@ int wolfSSL_STSAFE_CryptoDevCb(int devId, wc_CryptoInfo* info, void* ctx)
474486 }
475487 else if (info -> pk .type == WC_PK_TYPE_ECDSA_VERIFY ) {
476488 byte sigRS [STSAFE_MAX_SIG_LEN ];
477- byte * r , * s ;
489+ byte * r = NULL , * s = NULL ;
478490 word32 r_len = STSAFE_MAX_SIG_LEN /2 , s_len = STSAFE_MAX_SIG_LEN /2 ;
479491 byte pubKeyX [STSAFE_MAX_PUBKEY_RAW_LEN /2 ];
480492 byte pubKeyY [STSAFE_MAX_PUBKEY_RAW_LEN /2 ];
@@ -485,13 +497,18 @@ int wolfSSL_STSAFE_CryptoDevCb(int devId, wc_CryptoInfo* info, void* ctx)
485497
486498 WOLFSSL_MSG ("STSAFE: ECC Verify" );
487499
488- if (info -> pk .eccverify .key == NULL )
500+ if (info -> pk .eccverify .key == NULL ||
501+ info -> pk .eccverify .key -> dp == NULL ) {
489502 return BAD_FUNC_ARG ;
503+ }
490504
491505 /* determine curve */
492506 ecc_curve = info -> pk .eccverify .key -> dp -> id ;
493507 curve_id = stsafe_get_ecc_curve_id (ecc_curve );
494508 key_sz = stsafe_get_key_size (curve_id );
509+ if (key_sz <= 0 || key_sz > STSAFE_MAX_KEY_LEN ) {
510+ return BAD_FUNC_ARG ;
511+ }
495512
496513 /* Extract Raw X and Y coordinates of the public key */
497514 rc = wc_ecc_export_public_raw (info -> pk .eccverify .key ,
@@ -504,10 +521,20 @@ int wolfSSL_STSAFE_CryptoDevCb(int devId, wc_CryptoInfo* info, void* ctx)
504521 s = & sigRS [key_sz ];
505522 rc = wc_ecc_sig_to_rs (info -> pk .eccverify .sig ,
506523 info -> pk .eccverify .siglen , r , & r_len , s , & s_len );
507- (void )r_len ;
508- (void )s_len ;
509524 }
510525 if (rc == 0 ) {
526+ /* make sure R and S are not too large */
527+ if (r_len > key_sz || s_len > key_sz ) {
528+ rc = BAD_FUNC_ARG ;
529+ }
530+ }
531+ if (rc == 0 ) {
532+ /* make sure R and S are zero padded on front */
533+ XMEMMOVE (& sigRS [key_sz - r_len ], r , r_len );
534+ XMEMSET (& sigRS [0 ], 0 , key_sz - r_len );
535+ XMEMMOVE (& sigRS [key_sz + (key_sz - s_len )], s , s_len );
536+ XMEMSET (& sigRS [key_sz ], 0 , key_sz - s_len );
537+
511538 /* Verify signature */
512539 rc = stsafe_interface_verify (curve_id ,
513540 (uint8_t * )info -> pk .eccverify .hash , sigRS , pubKeyX , pubKeyY ,
0 commit comments