AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Ensure tag lengths match in verification

Browse Source 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
This commit is contained in:
Paul Elliott 2021-05-21 18:03:15 +01:00
parent f47b0957ab
commit 3a16e014f2
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
library/psa_crypto_aead.c
View File

@ -733,8 +733,8 @@ psa_status_t mbedtls_psa_aead_verify(
{
*plaintext_length = finish_output_size;
if( do_tag_check &&
mbedtls_psa_safer_memcmp(tag, check_tag, tag_length) != 0 )
if( do_tag_check && ( tag_length != operation->tag_length ||
mbedtls_psa_safer_memcmp(tag, check_tag, tag_length) != 0 ) )
status = PSA_ERROR_INVALID_SIGNATURE;
}