mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-11 04:25:31 +00:00
Implement parameter validation for ARIA module
This commit is contained in:
parent
139d8313d9
commit
b54ae0bc0d
|
@ -55,6 +55,12 @@
|
||||||
#define inline __inline
|
#define inline __inline
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* Parameter validation macros */
|
||||||
|
#define ARIA_VALIDATE_RET( cond ) \
|
||||||
|
MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ARIA_BAD_INPUT_DATA )
|
||||||
|
#define ARIA_VALIDATE( cond ) \
|
||||||
|
MBEDTLS_INTERNAL_VALIDATE( cond )
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* 32-bit integer manipulation macros (little endian)
|
* 32-bit integer manipulation macros (little endian)
|
||||||
*/
|
*/
|
||||||
|
@ -449,6 +455,8 @@ int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx,
|
||||||
|
|
||||||
int i;
|
int i;
|
||||||
uint32_t w[4][4], *w2;
|
uint32_t w[4][4], *w2;
|
||||||
|
ARIA_VALIDATE_RET( ctx != NULL );
|
||||||
|
ARIA_VALIDATE_RET( key != NULL );
|
||||||
|
|
||||||
if( keybits != 128 && keybits != 192 && keybits != 256 )
|
if( keybits != 128 && keybits != 192 && keybits != 256 )
|
||||||
return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA );
|
return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA );
|
||||||
|
@ -503,6 +511,8 @@ int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx,
|
||||||
const unsigned char *key, unsigned int keybits )
|
const unsigned char *key, unsigned int keybits )
|
||||||
{
|
{
|
||||||
int i, j, k, ret;
|
int i, j, k, ret;
|
||||||
|
ARIA_VALIDATE_RET( ctx != NULL );
|
||||||
|
ARIA_VALIDATE_RET( key != NULL );
|
||||||
|
|
||||||
ret = mbedtls_aria_setkey_enc( ctx, key, keybits );
|
ret = mbedtls_aria_setkey_enc( ctx, key, keybits );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
|
@ -539,6 +549,9 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx,
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
uint32_t a, b, c, d;
|
uint32_t a, b, c, d;
|
||||||
|
ARIA_VALIDATE_RET( ctx != NULL );
|
||||||
|
ARIA_VALIDATE_RET( input != NULL );
|
||||||
|
ARIA_VALIDATE_RET( output != NULL );
|
||||||
|
|
||||||
GET_UINT32_LE( a, input, 0 );
|
GET_UINT32_LE( a, input, 0 );
|
||||||
GET_UINT32_LE( b, input, 4 );
|
GET_UINT32_LE( b, input, 4 );
|
||||||
|
@ -586,6 +599,7 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx,
|
||||||
/* Initialize context */
|
/* Initialize context */
|
||||||
void mbedtls_aria_init( mbedtls_aria_context *ctx )
|
void mbedtls_aria_init( mbedtls_aria_context *ctx )
|
||||||
{
|
{
|
||||||
|
ARIA_VALIDATE( ctx != NULL );
|
||||||
memset( ctx, 0, sizeof( mbedtls_aria_context ) );
|
memset( ctx, 0, sizeof( mbedtls_aria_context ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -612,6 +626,13 @@ int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx,
|
||||||
int i;
|
int i;
|
||||||
unsigned char temp[MBEDTLS_ARIA_BLOCKSIZE];
|
unsigned char temp[MBEDTLS_ARIA_BLOCKSIZE];
|
||||||
|
|
||||||
|
ARIA_VALIDATE_RET( ctx != NULL );
|
||||||
|
ARIA_VALIDATE_RET( mode == MBEDTLS_ARIA_ENCRYPT ||
|
||||||
|
mode == MBEDTLS_ARIA_DECRYPT );
|
||||||
|
ARIA_VALIDATE_RET( length == 0 || input != NULL );
|
||||||
|
ARIA_VALIDATE_RET( length == 0 || output != NULL );
|
||||||
|
ARIA_VALIDATE_RET( iv != NULL );
|
||||||
|
|
||||||
if( length % MBEDTLS_ARIA_BLOCKSIZE )
|
if( length % MBEDTLS_ARIA_BLOCKSIZE )
|
||||||
return( MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH );
|
return( MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH );
|
||||||
|
|
||||||
|
@ -665,7 +686,23 @@ int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx,
|
||||||
unsigned char *output )
|
unsigned char *output )
|
||||||
{
|
{
|
||||||
unsigned char c;
|
unsigned char c;
|
||||||
size_t n = *iv_off;
|
size_t n;
|
||||||
|
|
||||||
|
ARIA_VALIDATE_RET( ctx != NULL );
|
||||||
|
ARIA_VALIDATE_RET( mode == MBEDTLS_ARIA_ENCRYPT ||
|
||||||
|
mode == MBEDTLS_ARIA_DECRYPT );
|
||||||
|
ARIA_VALIDATE_RET( length == 0 || input != NULL );
|
||||||
|
ARIA_VALIDATE_RET( length == 0 || output != NULL );
|
||||||
|
ARIA_VALIDATE_RET( iv != NULL );
|
||||||
|
ARIA_VALIDATE_RET( iv_off != NULL );
|
||||||
|
|
||||||
|
n = *iv_off;
|
||||||
|
|
||||||
|
/* An overly large value of n can lead to an unlimited
|
||||||
|
* buffer overflow. Therefore, guard against this
|
||||||
|
* outside of parameter validation. */
|
||||||
|
if( n >= MBEDTLS_ARIA_BLOCKSIZE )
|
||||||
|
return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA );
|
||||||
|
|
||||||
if( mode == MBEDTLS_ARIA_DECRYPT )
|
if( mode == MBEDTLS_ARIA_DECRYPT )
|
||||||
{
|
{
|
||||||
|
@ -713,7 +750,21 @@ int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx,
|
||||||
unsigned char *output )
|
unsigned char *output )
|
||||||
{
|
{
|
||||||
int c, i;
|
int c, i;
|
||||||
size_t n = *nc_off;
|
size_t n;
|
||||||
|
|
||||||
|
ARIA_VALIDATE_RET( ctx != NULL );
|
||||||
|
ARIA_VALIDATE_RET( length == 0 || input != NULL );
|
||||||
|
ARIA_VALIDATE_RET( length == 0 || output != NULL );
|
||||||
|
ARIA_VALIDATE_RET( nonce_counter != NULL );
|
||||||
|
ARIA_VALIDATE_RET( stream_block != NULL );
|
||||||
|
ARIA_VALIDATE_RET( nc_off != NULL );
|
||||||
|
|
||||||
|
n = *nc_off;
|
||||||
|
/* An overly large value of n can lead to an unlimited
|
||||||
|
* buffer overflow. Therefore, guard against this
|
||||||
|
* outside of parameter validation. */
|
||||||
|
if( n >= MBEDTLS_ARIA_BLOCKSIZE )
|
||||||
|
return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA );
|
||||||
|
|
||||||
while( length-- )
|
while( length-- )
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in a new issue