Skip to content

Commit 384eaa4

Browse files
dgarskedgarske
committed
Peer review fixes (thank you copilot)
1 parent 6549017 commit 384eaa4

1 file changed

Lines changed: 20 additions & 5 deletions

File tree

wolfcrypt/src/port/st/stsafe.c

Lines changed: 20 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -283,6 +283,10 @@ static int stsafe_create_key(stsafe_slot_t* pSlot, stsafe_curve_id_t curve_id,
283283
stse_ReturnCode_t ret;
284284
stsafe_slot_t slot = STSAFE_KEY_SLOT_1; /* Use dedicated key slot for persistent keys */
285285

286+
if (pPubKeyRaw == NULL) {
287+
return BAD_FUNC_ARG;
288+
}
289+
286290
/* Generate key pair - public key is X||Y concatenated
287291
* Note: stse_generate_ecc_key_pair expects stse_ecc_key_type_t,
288292
* but stsafe_curve_id_t values match stse_ecc_key_type_t enum values */
@@ -340,6 +344,10 @@ static int stsafe_sign(stsafe_slot_t slot, stsafe_curve_id_t curve_id,
340344
stse_ReturnCode_t ret;
341345
int key_sz = stsafe_get_key_size(curve_id);
342346

347+
if (pHash == NULL || pSigRS == NULL) {
348+
return BAD_FUNC_ARG;
349+
}
350+
343351
/* Sign hash - output is R || S concatenated */
344352
ret = stse_ecc_generate_signature(&g_stse_handler, slot, curve_id,
345353
pHash, (uint16_t)key_sz, pSigRS);
@@ -364,6 +372,11 @@ static int stsafe_verify(stsafe_curve_id_t curve_id, uint8_t* pHash,
364372
uint8_t pubKey[STSAFE_MAX_PUBKEY_RAW_LEN];
365373
uint8_t validity = 0;
366374

375+
if (pHash == NULL || pSigRS == NULL || pPubKeyX == NULL ||
376+
pPubKeyY == NULL || pResult == NULL) {
377+
return BAD_FUNC_ARG;
378+
}
379+
367380
/* Combine X and Y into single buffer (X||Y) */
368381
XMEMCPY(pubKey, pPubKeyX, key_sz);
369382
XMEMCPY(pubKey + key_sz, pPubKeyY, key_sz);
@@ -402,6 +415,11 @@ static int stsafe_shared_secret(stsafe_slot_t slot, stsafe_curve_id_t curve_id,
402415
int key_sz = stsafe_get_key_size(curve_id);
403416
uint8_t peerPubKey[STSAFE_MAX_PUBKEY_RAW_LEN];
404417

418+
if (pPubKeyX == NULL || pPubKeyY == NULL || pSharedSecret == NULL ||
419+
pSharedSecretLen == NULL) {
420+
return BAD_FUNC_ARG;
421+
}
422+
405423
/* Combine peer X and Y (X||Y format) */
406424
XMEMCPY(peerPubKey, pPubKeyX, key_sz);
407425
XMEMCPY(peerPubKey + key_sz, pPubKeyY, key_sz);
@@ -1558,22 +1576,19 @@ int wolfSSL_STSAFE_CryptoDevCb(int devId, wc_CryptoInfo* info, void* ctx)
15581576
pubKeyRaw);
15591577
if (ret != STSE_OK) {
15601578
STSAFE_INTERFACE_PRINTF("stse_generate_ecc_key_pair (slot 1) error: %d\n", ret);
1561-
rc = (int)ret;
1579+
rc = WC_HW_E;
15621580
} else {
15631581
rc = STSAFE_A_OK;
15641582
}
1565-
if (rc != STSAFE_A_OK) {
1566-
rc = WC_HW_E;
1567-
}
15681583
#else
15691584
/* Legacy A100/A110 uses slot-based key generation */
15701585
rc = stsafe_create_key(&slot, curve_id, pubKeyRaw);
1571-
#endif
15721586
if (rc != STSAFE_A_OK) {
15731587
STSAFE_INTERFACE_PRINTF("stsafe_create_key error: %d\n",
15741588
rc);
15751589
rc = WC_HW_E;
15761590
}
1591+
#endif
15771592
}
15781593

15791594
if (rc == 0) {

0 commit comments

Comments
 (0)