From a3cda2ac9e9f74eb265caafc5ae07c4536cb3d1d Mon Sep 17 00:00:00 2001
From: Kevin Albertson <kevin.albertson@mongodb.com>
Date: Fri, 13 Feb 2026 12:57:57 -0500
Subject: [PATCH] check resulting length of `SecKeyCreateSignature`

---
 kms-message/src/kms_crypto.h       | 1 +
 kms-message/src/kms_crypto_apple.c | 3 +++
 kms-message/src/kms_gcp_request.c  | 5 ++---
 3 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/kms-message/src/kms_crypto.h b/kms-message/src/kms_crypto.h
index 1045f279d..1244212af 100644
--- a/kms-message/src/kms_crypto.h
+++ b/kms-message/src/kms_crypto.h
@@ -58,6 +58,7 @@ kms_sha256_hmac (void *ctx,
                  size_t len,
                  unsigned char *hash_out);
 
+#define KMS_SIGN_RSAES_PKCS1_V1_5_OUTLEN 256
 /* signature_out must be a preallocated buffer of 256 bytes (or greater). */
 bool
 kms_sign_rsaes_pkcs1_v1_5 (void *sign_ctx,
diff --git a/kms-message/src/kms_crypto_apple.c b/kms-message/src/kms_crypto_apple.c
index d061416ff..c571294a8 100644
--- a/kms-message/src/kms_crypto_apple.c
+++ b/kms-message/src/kms_crypto_apple.c
@@ -142,6 +142,9 @@ kms_sign_rsaes_pkcs1_v1_5 (void *unused_ctx,
    if (!signature_ref) {
       goto cleanup;
    }
+   if (CFDataGetLength(signature_ref) != KMS_SIGN_RSAES_PKCS1_V1_5_OUTLEN) {
+      goto cleanup;
+   }
    memcpy (signature_out,
            CFDataGetBytePtr (signature_ref),
            (size_t) CFDataGetLength (signature_ref));
diff --git a/kms-message/src/kms_gcp_request.c b/kms-message/src/kms_gcp_request.c
index c94739739..b2111db99 100644
--- a/kms-message/src/kms_gcp_request.c
+++ b/kms-message/src/kms_gcp_request.c
@@ -23,7 +23,6 @@
 /* Set a default expiration of 5 minutes for JSON Web Tokens (GCP allows up to
  * one hour) */
 #define JWT_EXPIRATION_SECS 5 * 60
-#define SIGNATURE_LEN 256
 
 kms_request_t *
 kms_gcp_request_oauth_new (const char *host,
@@ -87,7 +86,7 @@ kms_gcp_request_oauth_new (const char *host,
       req->crypto.sign_ctx = opt->crypto.sign_ctx;
    }
 
-   jwt_signature = calloc (1, SIGNATURE_LEN);
+   jwt_signature = calloc (1, KMS_SIGN_RSAES_PKCS1_V1_5_OUTLEN);
    KMS_ASSERT (jwt_signature);
    if (!req->crypto.sign_rsaes_pkcs1_v1_5 (
           req->crypto.sign_ctx,
@@ -101,7 +100,7 @@ kms_gcp_request_oauth_new (const char *host,
    }
 
    jwt_signature_b64url =
-      kms_message_raw_to_b64url (jwt_signature, SIGNATURE_LEN);
+      kms_message_raw_to_b64url (jwt_signature, KMS_SIGN_RSAES_PKCS1_V1_5_OUTLEN);
    if (!jwt_signature_b64url) {
       KMS_ERROR (req, "Failed to base64url encode JWT signature");
       goto done;