Merge pull request #6229 from JacobBarthelmeh/Testing

fix for check on ecc public key size with FIPS and compressed keys
2023-03-23 08:25:31 -07:00 · 2023-03-23 08:25:31 -07:00 · 3ef7db8e1b
parent e9214e07cf 25577ab96c
commit 3ef7db8e1b
1 changed files with 12 additions and 0 deletions
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@ -24427,7 +24427,19 @@ static int SetEccPublicKey(byte* output, ecc_key* key, int outLen,
    if (ret == 0) {
        /* Calculate the size of the encoded public point. */
        PRIVATE_KEY_UNLOCK();
+    #if defined(HAVE_COMP_KEY) && defined(HAVE_FIPS) && \
+            defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION == 2)
+        /* in earlier versions of FIPS the get length functionality is not
+         * available with compressed keys */
+        pubSz = key->dp ? key->dp->size : MAX_ECC_BYTES;
+        if (comp)
+            pubSz = 1 + pubSz;
+        else
+            pubSz = 1 + 2 * pubSz;
+        ret = LENGTH_ONLY_E;
+    #else
        ret = wc_ecc_export_x963_ex(key, NULL, &pubSz, comp);
+    #endif
        PRIVATE_KEY_LOCK();
        /* LENGTH_ONLY_E on success. */
        if (ret == LENGTH_ONLY_E) {