From 1aca2605713e3242f72297932409dd58ecfb782f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 12 Dec 2018 12:56:55 +0100 Subject: [PATCH] Add parameter validation for mbedtls_aes_crypt_ecb() --- include/mbedtls/aes.h | 7 +++++-- library/aes.c | 6 ++++++ tests/suites/test_suite_aes.function | 16 ++++++++++++++++ 3 files changed, 27 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h index 197d4db10..90d5bba26 100644 --- a/include/mbedtls/aes.h +++ b/include/mbedtls/aes.h @@ -246,10 +246,13 @@ int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx, * call to this API with the same context. * * \param ctx The AES context to use for encryption or decryption. + * It must be initialized and bound to a key. * \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or * #MBEDTLS_AES_DECRYPT. - * \param input The 16-Byte buffer holding the input data. - * \param output The 16-Byte buffer holding the output data. + * \param input The buffer holding the input data. + * It must be readable and at least 16 Bytes long. + * \param output The buffer where the output data will be written. + * It must be writeable and at least 16 Bytes long. * \return \c 0 on success. */ diff --git a/library/aes.c b/library/aes.c index 4d9a56a5c..9f2074483 100644 --- a/library/aes.c +++ b/library/aes.c @@ -1006,6 +1006,12 @@ int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx, const unsigned char input[16], unsigned char output[16] ) { + AES_VALIDATE_RET( ctx != NULL ); + AES_VALIDATE_RET( input != NULL ); + AES_VALIDATE_RET( output != NULL ); + AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT || + mode == MBEDTLS_AES_DECRYPT ); + #if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64) if( mbedtls_aesni_has_support( MBEDTLS_AESNI_AES ) ) return( mbedtls_aesni_crypt_ecb( ctx, mode, input, output ) ); diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function index 576e5be08..0d0e51519 100644 --- a/tests/suites/test_suite_aes.function +++ b/tests/suites/test_suite_aes.function @@ -379,6 +379,8 @@ void aes_invalid_param( ) mbedtls_aes_xts_context xts_ctx; #endif const unsigned char key[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 }; + const unsigned char in[16] = { 0 }; + unsigned char out[16]; TEST_INVALID_PARAM( mbedtls_aes_init( NULL ) ); #if defined(MBEDTLS_CIPHER_MODE_XTS) @@ -406,6 +408,20 @@ void aes_invalid_param( ) TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, mbedtls_aes_xts_setkey_dec( &xts_ctx, NULL, 128 ) ); #endif + + + TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ecb( NULL, + MBEDTLS_AES_ENCRYPT, in, out ) ); + TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ecb( &aes_ctx, + 42, in, out ) ); + TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ecb( &aes_ctx, + MBEDTLS_AES_ENCRYPT, NULL, out ) ); + TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ecb( &aes_ctx, + MBEDTLS_AES_ENCRYPT, in, NULL ) ); } /* END_CASE */