hmac_drbg: set_entropy_len can now return an error
Make mbedtls_hmac_drbg_set_entropy_len return an error
in case of a too long entropy length setting.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c
index 1336c7e..92d7ba4 100644
--- a/library/hmac_drbg.c
+++ b/library/hmac_drbg.c
@@ -390,9 +390,13 @@
/*
* Set entropy length grabbed for seeding
*/
-void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx, size_t len )
+int mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx, size_t len )
{
+ if( len > MBEDTLS_HMAC_DRBG_MAX_INPUT )
+ return( MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG );
+
ctx->entropy_len = len;
+ return 0;
}
/*