From 2326d2036176d24d6098652c62fee9250fbc35da Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Thu, 6 Jun 2019 14:54:55 +0100
Subject: [PATCH] Validate consistency of certificate hash type and length in
 session

---
 library/ssl_tls.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 932580408..f2034a4a8 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -9498,6 +9498,13 @@ static int ssl_session_load( mbedtls_ssl_session *session,
 
     if( session->peer_cert_digest_len != 0 )
     {
+        const mbedtls_md_info_t *md_info =
+            mbedtls_md_info_from_type( session->peer_cert_digest_type );
+        if( md_info == NULL )
+            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+        if( session->peer_cert_digest_len != mbedtls_md_get_size( md_info ) )
+            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
         if( session->peer_cert_digest_len > (size_t)( end - p ) )
             return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );