Add check for pake operation buffer overflow Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>

commit: 4dc83d40af813fd7036198248722864c89f56c1f [log] [tgz]
author: Przemek Stekiel <przemyslaw.stekiel@mobica.com> Mon Feb 27 11:49:35 2023 +0100
committer: Przemek Stekiel <przemyslaw.stekiel@mobica.com> Tue Mar 07 10:50:00 2023 +0100
tree: c172adc5417e4b31e2880a48c57f4ec7ab63df95
parent: e3ef3a15cd472bdad2d57938a4a1a7855a190259 [diff] [blame]
diff --git a/library/psa_crypto_pake.h b/library/psa_crypto_pake.h
index 9bdcc33..eb30881 100644
--- a/library/psa_crypto_pake.h
+++ b/library/psa_crypto_pake.h

@@ -96,6 +96,12 @@
  *       entry point as defined in the PSA driver interface specification for
  *       transparent drivers.
  *
+ * \note The core has checked that input_length is smaller than
+         PSA_PAKE_INPUT_SIZE(PSA_ALG_JPAKE, primitive, step)
+         where primitive is the JPAKE algorithm primitive and step
+         the PSA API level input step. Thus no risk of integer overflow while
+         checking operation buffer overflow.
+ *
  * \param[in,out] operation    Active PAKE operation.
  * \param step                 The driver step for which the input is provided.
  * \param[in] input            Buffer containing the input in the format
commit	4dc83d40af813fd7036198248722864c89f56c1f	[log] [tgz]
author	Przemek Stekiel <przemyslaw.stekiel@mobica.com>	Mon Feb 27 11:49:35 2023 +0100
committer	Przemek Stekiel <przemyslaw.stekiel@mobica.com>	Tue Mar 07 10:50:00 2023 +0100
tree	c172adc5417e4b31e2880a48c57f4ec7ab63df95
parent	e3ef3a15cd472bdad2d57938a4a1a7855a190259 [diff] [blame]