fix(auth): reject padding after BIT STRING in signatures

It is forbidden by ASN.1 DER. Change-Id: Id8a48e14bb8a1a17a6481ea3fde0803723c05e31 Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
2 years ago · a8c8c5ef2a
1 changed files with 1 additions and 1 deletions
--- a/drivers/auth/mbedtls/mbedtls_crypto.c
+++ b/drivers/auth/mbedtls/mbedtls_crypto.c
@ -115,7 +115,7 @@ static int verify_signature(void *data_ptr, unsigned int data_len,
 	end = (unsigned char *)(p + sig_len);
 	signature.tag = *p;
 	rc = mbedtls_asn1_get_bitstring_null(&p, end, &signature.len);
-	if (rc != 0) {
+	if ((rc != 0) || ((size_t)(end - p) != signature.len)) {
 		rc = CRYPTO_ERR_SIGNATURE;
 		goto end1;
 	}