mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-07-06 07:10:40 +00:00
Reject keys of size 0
Implement the prohibition on keys of size 0.
This commit is contained in:
parent
a782b95806
commit
0f84d6245b
|
@ -1826,6 +1826,12 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes,
|
||||||
psa_key_slot_t *slot = NULL;
|
psa_key_slot_t *slot = NULL;
|
||||||
psa_se_drv_table_entry_t *driver = NULL;
|
psa_se_drv_table_entry_t *driver = NULL;
|
||||||
|
|
||||||
|
/* Reject zero-length symmetric keys (including raw data key objects).
|
||||||
|
* This also rejects any key which might be encoded as an empty string,
|
||||||
|
* which is never valid. */
|
||||||
|
if( data_length == 0 )
|
||||||
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
|
|
||||||
status = psa_start_key_creation( PSA_KEY_CREATION_IMPORT, attributes,
|
status = psa_start_key_creation( PSA_KEY_CREATION_IMPORT, attributes,
|
||||||
handle, &slot, &driver );
|
handle, &slot, &driver );
|
||||||
if( status != PSA_SUCCESS )
|
if( status != PSA_SUCCESS )
|
||||||
|
@ -4778,6 +4784,12 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut
|
||||||
psa_status_t status;
|
psa_status_t status;
|
||||||
psa_key_slot_t *slot = NULL;
|
psa_key_slot_t *slot = NULL;
|
||||||
psa_se_drv_table_entry_t *driver = NULL;
|
psa_se_drv_table_entry_t *driver = NULL;
|
||||||
|
|
||||||
|
/* Reject any attempt to create a zero-length key so that we don't
|
||||||
|
* risk tripping up later, e.g. on a malloc(0) that returns NULL. */
|
||||||
|
if( psa_get_key_bits( attributes ) == 0 )
|
||||||
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
|
|
||||||
status = psa_start_key_creation( PSA_KEY_CREATION_DERIVE,
|
status = psa_start_key_creation( PSA_KEY_CREATION_DERIVE,
|
||||||
attributes, handle, &slot, &driver );
|
attributes, handle, &slot, &driver );
|
||||||
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
|
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
|
||||||
|
@ -5512,6 +5524,11 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes,
|
||||||
psa_key_slot_t *slot = NULL;
|
psa_key_slot_t *slot = NULL;
|
||||||
psa_se_drv_table_entry_t *driver = NULL;
|
psa_se_drv_table_entry_t *driver = NULL;
|
||||||
|
|
||||||
|
/* Reject any attempt to create a zero-length key so that we don't
|
||||||
|
* risk tripping up later, e.g. on a malloc(0) that returns NULL. */
|
||||||
|
if( psa_get_key_bits( attributes ) == 0 )
|
||||||
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
|
|
||||||
status = psa_start_key_creation( PSA_KEY_CREATION_GENERATE,
|
status = psa_start_key_creation( PSA_KEY_CREATION_GENERATE,
|
||||||
attributes, handle, &slot, &driver );
|
attributes, handle, &slot, &driver );
|
||||||
if( status != PSA_SUCCESS )
|
if( status != PSA_SUCCESS )
|
||||||
|
|
Loading…
Reference in a new issue