@@ -161,13 +161,14 @@ CHIP_ERROR AES_CCM_encrypt(const uint8_t * plaintext, size_t plaintext_length, c
161161 // Add the aligned part of the plaintext
162162 status = psa_aead_update (&operation, plaintext, block_aligned_length, ciphertext, block_aligned_length, &out_length);
163163 VerifyOrReturnError (status == PSA_SUCCESS, CHIP_ERROR_INTERNAL);
164- VerifyOrReturnError (out_length = = block_aligned_length, CHIP_ERROR_INTERNAL);
164+ VerifyOrReturnError (out_length < = block_aligned_length, CHIP_ERROR_INTERNAL);
165165 ciphertext_length += out_length;
166166
167167 if (partial_block_length > 0 )
168168 {
169169 // The update output should fit in the temp buffer
170170 size_t max_output = PSA_AEAD_UPDATE_OUTPUT_SIZE (PSA_KEY_TYPE_AES, algorithm, partial_block_length);
171+ VerifyOrReturnError (max_output <= sizeof (temp), CHIP_ERROR_INTERNAL);
171172
172173 // Add the non-aligned end of the plaintext
173174 status =
@@ -254,13 +255,14 @@ CHIP_ERROR AES_CCM_decrypt(const uint8_t * ciphertext, size_t ciphertext_length,
254255 // Add the aligned part of the ciphertext
255256 status = psa_aead_update (&operation, ciphertext, block_aligned_length, plaintext, block_aligned_length, &out_length);
256257 VerifyOrReturnError (status == PSA_SUCCESS, CHIP_ERROR_INTERNAL);
257- VerifyOrReturnError (out_length = = block_aligned_length, CHIP_ERROR_INTERNAL);
258+ VerifyOrReturnError (out_length < = block_aligned_length, CHIP_ERROR_INTERNAL);
258259 plaintext_length += out_length;
259260
260261 if (partial_block_length > 0 )
261262 {
262263 // The update output should fit in the temp buffer
263264 size_t max_output = PSA_AEAD_UPDATE_OUTPUT_SIZE (PSA_KEY_TYPE_AES, algorithm, partial_block_length);
265+ VerifyOrReturnError (max_output <= sizeof (temp), CHIP_ERROR_INTERNAL);
264266
265267 // Add the non-aligned end of the ciphertext
266268 status =
0 commit comments