yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-03-26 06:25:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

cmac: add parameter validation

Browse source 
Improve documentation o
This commit is contained in:
Unknown 2018-12-14 05:37:29 -05:00
parent 0026080132
commit 1ad679e6e2
3 changed files with 57 additions and 57 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
include/mbedtls/cmac.h
View file

@ -77,7 +77,8 @@ struct mbedtls_cmac_context_t
* as one of the following types: MBEDTLS_CIPHER_AES_128_ECB,
* MBEDTLS_CIPHER_AES_192_ECB, MBEDTLS_CIPHER_AES_256_ECB,
* or MBEDTLS_CIPHER_DES_EDE3_ECB.
* \param key The CMAC key. This must not be \c NULL.
* \param key The CMAC key. This must be a readable buffer of length
* \p keybits Bits.
* \param keybits The length of the CMAC key in bits.
* Must be supported by the cipher.
*
@ -97,7 +98,9 @@ int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx,
*
* \param ctx The cipher context used for the CMAC operation.
* This must be initialized.
* \param input The buffer holding the input data. This must not be \c NULL.
* \param input The buffer holding the input data. This must be a
* readable buffer of length \p ilen Bytes. It may be
* \c NULL if ilen == 0.
* \param ilen The length of the input data.
*
* \return \c 0 on success.
@ -158,9 +161,12 @@ int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx );
* \param cipher_info The cipher information. This must not be \c NULL.
* \param key The CMAC key. This must not be \c NULL.
* \param keylen The length of the CMAC key in bits.
* \param input The buffer holding the input data. This must not be \c NULL.
* \param input The buffer holding the input data. This must be a
* readable buffer of length \p ilen Bytes. It may be
* \c NULL if ilen == 0.
* \param ilen The length of the input data.
* \param output The buffer for the generic CMAC result. This must not be \c NULL.
* \param output The buffer for the generic CMAC result.
* This must not be \c NULL.
*
* \return \c 0 on success.
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA

37
library/cmac.c
View file

@ -68,6 +68,10 @@
#if !defined(MBEDTLS_CMAC_ALT) || defined(MBEDTLS_SELF_TEST)
#define MBEDTLS_CMAC_VALIDATE_RET(cond) \
MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA )
#define MBEDTLS_CMAC_VALIDATE(cond) MBEDTLS_INTERNAL_VALIDATE( cond )
/*
* Multiplication by u in the Galois field of GF(2^n)
*
@ -206,8 +210,9 @@ int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx,
mbedtls_cmac_context_t *cmac_ctx;
int retval;
if( ctx == NULL || ctx->cipher_info == NULL || key == NULL )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
MBEDTLS_CMAC_VALIDATE_RET( ctx != NULL );
MBEDTLS_CMAC_VALIDATE_RET( ctx->cipher_info != NULL );
MBEDTLS_CMAC_VALIDATE_RET( key != NULL );
if( ( retval = mbedtls_cipher_setkey( ctx, key, (int)keybits,
MBEDTLS_ENCRYPT ) ) != 0 )
@ -247,9 +252,9 @@ int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx,
int ret = 0;
size_t n, j, olen, block_size;
if( ctx == NULL || ctx->cipher_info == NULL || input == NULL ||
ctx->cmac_ctx == NULL )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
MBEDTLS_CMAC_VALIDATE_RET( ctx != NULL );
MBEDTLS_CMAC_VALIDATE_RET( ctx->cipher_info != NULL );
MBEDTLS_CMAC_VALIDATE_RET( input != NULL );
cmac_ctx = ctx->cmac_ctx;
block_size = ctx->cipher_info->block_size;
@ -318,9 +323,9 @@ int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx,
int ret;
size_t olen, block_size;
if( ctx == NULL || ctx->cipher_info == NULL || ctx->cmac_ctx == NULL ||
output == NULL )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
MBEDTLS_CMAC_VALIDATE_RET( ctx != NULL );
MBEDTLS_CMAC_VALIDATE_RET( ctx->cipher_info != NULL );
MBEDTLS_CMAC_VALIDATE_RET( ctx->cmac_ctx != NULL );
cmac_ctx = ctx->cmac_ctx;
block_size = ctx->cipher_info->block_size;
@ -372,8 +377,9 @@ int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx )
{
mbedtls_cmac_context_t* cmac_ctx;
if( ctx == NULL || ctx->cipher_info == NULL || ctx->cmac_ctx == NULL )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
MBEDTLS_CMAC_VALIDATE_RET( ctx != NULL );
MBEDTLS_CMAC_VALIDATE_RET( ctx->cipher_info != NULL );
MBEDTLS_CMAC_VALIDATE_RET( ctx->cmac_ctx != NULL );
cmac_ctx = ctx->cmac_ctx;
@ -395,8 +401,10 @@ int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info,
mbedtls_cipher_context_t ctx;
int ret;
if( cipher_info == NULL || key == NULL || input == NULL || output == NULL )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
MBEDTLS_CMAC_VALIDATE_RET( cipher_info != NULL );
MBEDTLS_CMAC_VALIDATE_RET( key != NULL );
MBEDTLS_CMAC_VALIDATE_RET( input != NULL );
MBEDTLS_CMAC_VALIDATE_RET( output != NULL );
mbedtls_cipher_init( &ctx );
@ -432,8 +440,9 @@ int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_length,
unsigned char zero_key[MBEDTLS_AES_BLOCK_SIZE];
unsigned char int_key[MBEDTLS_AES_BLOCK_SIZE];
if( key == NULL || input == NULL || output == NULL )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
MBEDTLS_CMAC_VALIDATE_RET( key != NULL );
MBEDTLS_CMAC_VALIDATE_RET( input != NULL );
MBEDTLS_CMAC_VALIDATE_RET( output != NULL );
cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB );
if( cipher_info == NULL )

63
tests/suites/test_suite_cmac.function
View file

@ -15,7 +15,7 @@ void mbedtls_cmac_self_test( )
}
/* END_CASE */
/* BEGIN_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
void mbedtls_cmac_null_args( )
{
mbedtls_cipher_context_t ctx;
@ -27,71 +27,56 @@ void mbedtls_cmac_null_args( )
mbedtls_cipher_init( &ctx );
/* Test NULL cipher info */
TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, test_data, 16 ) ==
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
TEST_INVALID_PARAM( mbedtls_cipher_cmac_update( &ctx, test_data, 16 ) );
cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB );
TEST_ASSERT( mbedtls_cipher_setup( &ctx, cipher_info ) == 0 );
TEST_ASSERT( mbedtls_cipher_setup( &ctx, cipher_info ) == 0 );
TEST_ASSERT( mbedtls_cipher_cmac_starts( NULL, test_key, 128 ) ==
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
TEST_INVALID_PARAM( mbedtls_cipher_cmac_starts( NULL, test_key, 128 ) );
TEST_ASSERT( mbedtls_cipher_cmac_starts( &ctx, NULL, 128 ) ==
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
TEST_INVALID_PARAM( mbedtls_cipher_cmac_starts( &ctx, NULL, 128 ) );
TEST_ASSERT( mbedtls_cipher_cmac_update( NULL, test_data, 16 ) ==
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
TEST_INVALID_PARAM( mbedtls_cipher_cmac_update( NULL, test_data, 16 ) );
TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, NULL, 16 ) ==
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
TEST_INVALID_PARAM( mbedtls_cipher_cmac_update( &ctx, NULL, 16 ) );
TEST_ASSERT( mbedtls_cipher_cmac_finish( NULL, test_output ) ==
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
TEST_INVALID_PARAM( mbedtls_cipher_cmac_finish( NULL, test_output ) );
TEST_ASSERT( mbedtls_cipher_cmac_finish( &ctx, NULL ) ==
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
TEST_INVALID_PARAM( mbedtls_cipher_cmac_finish( &ctx, NULL ) );
TEST_ASSERT( mbedtls_cipher_cmac_reset( NULL ) ==
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
TEST_INVALID_PARAM( mbedtls_cipher_cmac_reset( NULL ) );
TEST_ASSERT( mbedtls_cipher_cmac( NULL,
TEST_INVALID_PARAM( mbedtls_cipher_cmac( NULL,
test_key, 128,
test_data, 16,
test_output ) ==
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
test_output ) );
TEST_ASSERT( mbedtls_cipher_cmac( cipher_info,
TEST_INVALID_PARAM( mbedtls_cipher_cmac( cipher_info,
NULL, 128,
test_data, 16,
test_output ) ==
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
test_output ) );
TEST_ASSERT( mbedtls_cipher_cmac( cipher_info,
TEST_INVALID_PARAM( mbedtls_cipher_cmac( cipher_info,
test_key, 128,
NULL, 16,
test_output ) ==
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
test_output ) );
TEST_ASSERT( mbedtls_cipher_cmac( cipher_info,
TEST_INVALID_PARAM( mbedtls_cipher_cmac( cipher_info,
test_key, 128,
test_data, 16,
NULL ) ==
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
NULL ) );
TEST_ASSERT( mbedtls_aes_cmac_prf_128( NULL, 16,
TEST_INVALID_PARAM( mbedtls_aes_cmac_prf_128( NULL, 16,
test_data, 16,
test_output ) ==
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
test_output ) );
TEST_ASSERT( mbedtls_aes_cmac_prf_128( test_key, 16,
TEST_INVALID_PARAM( mbedtls_aes_cmac_prf_128( test_key, 16,
NULL, 16,
test_output ) ==
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
test_output ) );
TEST_ASSERT( mbedtls_aes_cmac_prf_128( test_key, 16,
TEST_INVALID_PARAM( mbedtls_aes_cmac_prf_128( test_key, 16,
test_data, 16,
NULL ) ==
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
NULL ) );
exit:
mbedtls_cipher_free( &ctx );