Increasing random buffer and checks.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
2024-09-20 11:20:08 +00:00 · 2022-03-10 00:13:13 +01:00 · 2022-03-10 00:13:13 +01:00 · f1c0b12f5c
commit f1c0b12f5c
parent 213b675b9f
2 changed files with 8 additions and 2 deletions
--- a/src/hsm/sc_hsm.c
+++ b/src/hsm/sc_hsm.c
@ -420,7 +420,10 @@ static int cmd_reset_retry() {
 }

 static int cmd_challenge() {
-    res_APDU = (uint8_t *)random_bytes_get(apdu.expected_res_size);
+    uint8_t *rb = (uint8_t *)random_bytes_get(apdu.expected_res_size);
+    if (!rb)
+        return SW_WRONG_LENGTH();
+    res_APDU = rb;
    res_APDU_size = apdu.expected_res_size;
    return SW_OK();
 }
--- a/src/rng/random.c
+++ b/src/rng/random.c
@ -49,9 +49,12 @@ void random_fini (void)
 * Return pointer to random 32-byte
 */
 void random_bytes_free (const uint8_t *p);
+#define MAX_RANDOM_BUFFER 1024
 const uint8_t * random_bytes_get (size_t len)
 {
-    static uint32_t return_word[512/sizeof(uint32_t)];
+    if (len > MAX_RANDOM_BUFFER)
+        return NULL;
+    static uint32_t return_word[MAX_RANDOM_BUFFER/sizeof(uint32_t)];
    for (int ix = 0; ix < len; ix += RANDOM_BYTES_LENGTH) {
        neug_wait_full ();
        memcpy(return_word+ix/sizeof(uint32_t), random_word, RANDOM_BYTES_LENGTH);