Add parameter validation for AES-OFB

This commit is contained in:
Manuel Pégourié-Gonnard 2018-12-13 11:00:56 +01:00
parent 1677cca54b
commit 8e41eb7187
3 changed files with 32 additions and 1 deletions

View file

@ -480,11 +480,16 @@ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
* will compromise security. * will compromise security.
* *
* \param ctx The AES context to use for encryption or decryption. * \param ctx The AES context to use for encryption or decryption.
* It must be initialized and bound to a key.
* \param length The length of the input data. * \param length The length of the input data.
* \param iv_off The offset in IV (updated after use). * \param iv_off The offset in IV (updated after use).
* It must point to a valid \c size_t.
* \param iv The initialization vector (updated after use). * \param iv The initialization vector (updated after use).
* It must be a readable and writeable buffer of 16 Bytes.
* \param input The buffer holding the input data. * \param input The buffer holding the input data.
* It must be readable and of size \p length.
* \param output The buffer holding the output data. * \param output The buffer holding the output data.
* It must be writeable and of size \p length.
* *
* \return \c 0 on success. * \return \c 0 on success.
*/ */

View file

@ -1382,7 +1382,15 @@ int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
unsigned char *output ) unsigned char *output )
{ {
int ret = 0; int ret = 0;
size_t n = *iv_off; size_t n;
AES_VALIDATE_RET( ctx != NULL );
AES_VALIDATE_RET( iv_off != NULL );
AES_VALIDATE_RET( iv != NULL );
AES_VALIDATE_RET( input != NULL );
AES_VALIDATE_RET( output != NULL );
n = *iv_off;
while( length-- ) while( length-- )
{ {

View file

@ -516,6 +516,24 @@ void aes_check_params( )
MBEDTLS_AES_ENCRYPT, 16, MBEDTLS_AES_ENCRYPT, 16,
out, in, NULL ) ); out, in, NULL ) );
#endif /* MBEDTLS_CIPHER_MODE_CFB */ #endif /* MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_OFB)
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_ofb( NULL, 16,
&size, out, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_ofb( &aes_ctx, 16,
NULL, out, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_ofb( &aes_ctx, 16,
&size, NULL, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_ofb( &aes_ctx, 16,
&size, out, NULL, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_ofb( &aes_ctx, 16,
&size, out, in, NULL ) );
#endif /* MBEDTLS_CIPHER_MODE_OFB */
} }
/* END_CASE */ /* END_CASE */