Implement parameter validation for ARIA module

This commit is contained in:
Hanno Becker 2018-12-11 21:51:32 +00:00
parent 139d8313d9
commit b54ae0bc0d

View file

@ -55,6 +55,12 @@
#define inline __inline #define inline __inline
#endif #endif
/* Parameter validation macros */
#define ARIA_VALIDATE_RET( cond ) \
MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ARIA_BAD_INPUT_DATA )
#define ARIA_VALIDATE( cond ) \
MBEDTLS_INTERNAL_VALIDATE( cond )
/* /*
* 32-bit integer manipulation macros (little endian) * 32-bit integer manipulation macros (little endian)
*/ */
@ -449,6 +455,8 @@ int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx,
int i; int i;
uint32_t w[4][4], *w2; uint32_t w[4][4], *w2;
ARIA_VALIDATE_RET( ctx != NULL );
ARIA_VALIDATE_RET( key != NULL );
if( keybits != 128 && keybits != 192 && keybits != 256 ) if( keybits != 128 && keybits != 192 && keybits != 256 )
return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ); return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA );
@ -503,6 +511,8 @@ int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx,
const unsigned char *key, unsigned int keybits ) const unsigned char *key, unsigned int keybits )
{ {
int i, j, k, ret; int i, j, k, ret;
ARIA_VALIDATE_RET( ctx != NULL );
ARIA_VALIDATE_RET( key != NULL );
ret = mbedtls_aria_setkey_enc( ctx, key, keybits ); ret = mbedtls_aria_setkey_enc( ctx, key, keybits );
if( ret != 0 ) if( ret != 0 )
@ -539,6 +549,9 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx,
int i; int i;
uint32_t a, b, c, d; uint32_t a, b, c, d;
ARIA_VALIDATE_RET( ctx != NULL );
ARIA_VALIDATE_RET( input != NULL );
ARIA_VALIDATE_RET( output != NULL );
GET_UINT32_LE( a, input, 0 ); GET_UINT32_LE( a, input, 0 );
GET_UINT32_LE( b, input, 4 ); GET_UINT32_LE( b, input, 4 );
@ -586,6 +599,7 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx,
/* Initialize context */ /* Initialize context */
void mbedtls_aria_init( mbedtls_aria_context *ctx ) void mbedtls_aria_init( mbedtls_aria_context *ctx )
{ {
ARIA_VALIDATE( ctx != NULL );
memset( ctx, 0, sizeof( mbedtls_aria_context ) ); memset( ctx, 0, sizeof( mbedtls_aria_context ) );
} }
@ -612,6 +626,13 @@ int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx,
int i; int i;
unsigned char temp[MBEDTLS_ARIA_BLOCKSIZE]; unsigned char temp[MBEDTLS_ARIA_BLOCKSIZE];
ARIA_VALIDATE_RET( ctx != NULL );
ARIA_VALIDATE_RET( mode == MBEDTLS_ARIA_ENCRYPT ||
mode == MBEDTLS_ARIA_DECRYPT );
ARIA_VALIDATE_RET( length == 0 || input != NULL );
ARIA_VALIDATE_RET( length == 0 || output != NULL );
ARIA_VALIDATE_RET( iv != NULL );
if( length % MBEDTLS_ARIA_BLOCKSIZE ) if( length % MBEDTLS_ARIA_BLOCKSIZE )
return( MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH ); return( MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH );
@ -665,7 +686,23 @@ int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx,
unsigned char *output ) unsigned char *output )
{ {
unsigned char c; unsigned char c;
size_t n = *iv_off; size_t n;
ARIA_VALIDATE_RET( ctx != NULL );
ARIA_VALIDATE_RET( mode == MBEDTLS_ARIA_ENCRYPT ||
mode == MBEDTLS_ARIA_DECRYPT );
ARIA_VALIDATE_RET( length == 0 || input != NULL );
ARIA_VALIDATE_RET( length == 0 || output != NULL );
ARIA_VALIDATE_RET( iv != NULL );
ARIA_VALIDATE_RET( iv_off != NULL );
n = *iv_off;
/* An overly large value of n can lead to an unlimited
* buffer overflow. Therefore, guard against this
* outside of parameter validation. */
if( n >= MBEDTLS_ARIA_BLOCKSIZE )
return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA );
if( mode == MBEDTLS_ARIA_DECRYPT ) if( mode == MBEDTLS_ARIA_DECRYPT )
{ {
@ -713,7 +750,21 @@ int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx,
unsigned char *output ) unsigned char *output )
{ {
int c, i; int c, i;
size_t n = *nc_off; size_t n;
ARIA_VALIDATE_RET( ctx != NULL );
ARIA_VALIDATE_RET( length == 0 || input != NULL );
ARIA_VALIDATE_RET( length == 0 || output != NULL );
ARIA_VALIDATE_RET( nonce_counter != NULL );
ARIA_VALIDATE_RET( stream_block != NULL );
ARIA_VALIDATE_RET( nc_off != NULL );
n = *nc_off;
/* An overly large value of n can lead to an unlimited
* buffer overflow. Therefore, guard against this
* outside of parameter validation. */
if( n >= MBEDTLS_ARIA_BLOCKSIZE )
return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA );
while( length-- ) while( length-- )
{ {