Fix logic for signing with input digest smaller than key size. ZD 19869

dgarske · dgarske · commit 32332fd2bb57 · 2025-06-02T08:11:08.000-07:00
diff --git a/src/tpm2_wrap.c b/src/tpm2_wrap.c
@@ -3774,8 +3774,22 @@ int wolfTPM2_SignHashScheme(WOLFTPM2_DEV* dev, WOLFTPM2_KEY* key,
 
     XMEMSET(&signIn, 0, sizeof(signIn));
     signIn.keyHandle = key->handle.hndl;
-    signIn.digest.size = digestSz;
-    XMEMCPY(signIn.digest.buffer, digest, signIn.digest.size);
+    signIn.digest.size = TPM2_GetHashDigestSize(hashAlg);
+    if (signIn.digest.size <= 0) {
+        return BAD_FUNC_ARG;
+    }
+    /* truncate if too large */
+    if (signIn.digest.size > curveSize) {
+        signIn.digest.size = curveSize;
+    }
+    /* if digest provided is smaller than key size then zero pad leading */
+    if (signIn.digest.size > digestSz) {
+        XMEMCPY(&signIn.digest.buffer[signIn.digest.size - digestSz], digest,
+            digestSz);
+    }
+    else {
+        XMEMCPY(signIn.digest.buffer, digest, digestSz);
+    }
     signIn.inScheme.scheme = sigAlg;
     signIn.inScheme.details.any.hashAlg = hashAlg;
     signIn.validation.tag = TPM_ST_HASHCHECK;
