aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRob Austein <sra@hactrn.net>2016-05-16 20:49:17 -0400
committerRob Austein <sra@hactrn.net>2016-05-16 20:49:17 -0400
commit87d20a89611e4a4367fc9ca87a817bb431c2a304 (patch)
tree63591cd58fccf0799ac1ec85dfc9d3be9382d5de
parent19de5cd21bde4dcee12c40cd53d5592cbd91bc7b (diff)
Round buffer size up to word boundary when verifying RSA signatures.
hsmbully tests strange RSA key sizes (eg, 3416 bits) which don't fall on word boundaries, at which point we have buffer padding and alignment issues when performing RSA signature verification.
-rw-r--r--rpc_pkey.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/rpc_pkey.c b/rpc_pkey.c
index da8bf58..dc8c808 100644
--- a/rpc_pkey.c
+++ b/rpc_pkey.c
@@ -715,7 +715,7 @@ static hal_error_t pkey_local_verify_rsa(uint8_t *keybuf, const size_t keybuf_le
const uint8_t * input, size_t input_len,
const uint8_t * const signature, const size_t signature_len)
{
- uint8_t expected[signature_len], received[signature_len];
+ uint8_t expected[signature_len], received[(signature_len + 3) & ~3];
hal_rsa_key_t *key = NULL;
hal_error_t err;
@@ -748,7 +748,7 @@ static hal_error_t pkey_local_verify_rsa(uint8_t *keybuf, const size_t keybuf_le
unsigned diff = 0;
for (int i = 0; i < signature_len; i++)
- diff |= expected[i] ^ received[i];
+ diff |= expected[i] ^ received[i + sizeof(received) - sizeof(expected)];
if (diff != 0)
return HAL_ERROR_INVALID_SIGNATURE;