diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h index 93f9646ea..bf40e4b04 100644 --- a/include/mbedtls/sha512.h +++ b/include/mbedtls/sha512.h @@ -116,8 +116,7 @@ int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 ); * and have a hash operation started. * \param input The buffer holding the input data. This must * be a readable buffer of length \p ilen Bytes. - * It must not be \c NULL. - * \param ilen The length of the input data \p input in Bytes. + * \param ilen The length of the input data in Bytes. * * \return \c 0 on success. * \return A negative error code on failure. @@ -184,8 +183,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, * \param ctx The SHA-512 context. This must be initialized * and have a hash operation started. * \param input The buffer holding the data. This must be a readable - * buffer of length \p ilen Bytes. It must not be \c NULL. - * \param ilen The length of the input data \p input in Bytes. + * buffer of length \p ilen Bytes. + * \param ilen The length of the input data in Bytes. */ MBEDTLS_DEPRECATED void mbedtls_sha512_update( mbedtls_sha512_context *ctx, const unsigned char *input, @@ -235,9 +234,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha512_process( * output = SHA-512(input buffer). * * \param input The buffer holding the input data. This must be - * a readable buffer of length \p ilen Bytes. It - * must not be \c NULL. - * \param ilen The length of the input data \p input in Bytes. + * a readable buffer of length \p ilen Bytes. + * \param ilen The length of the input data in Bytes. * \param output The SHA-384 or SHA-512 checksum result. * This must be a writable buffer of length \c 64 Bytes. * \param is384 Determines which function to use. This must be either @@ -270,9 +268,8 @@ int mbedtls_sha512_ret( const unsigned char *input, * \deprecated Superseded by mbedtls_sha512_ret() in 2.7.0 * * \param input The buffer holding the data. This must be a - * readable buffer of length \p ilen Bytes. It - * must not be \c NULL. - * \param ilen The length of the input data \p input in Bytes. + * readable buffer of length \p ilen Bytes. + * \param ilen The length of the input data in Bytes. * \param output The SHA-384 or SHA-512 checksum result. This must * be a writable buffer of length \c 64 Bytes. * \param is384 Determines which function to use. This must be eiher diff --git a/library/sha512.c b/library/sha512.c index 7a99170c9..8260f32a6 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -89,8 +89,8 @@ #endif /* PUT_UINT64_BE */ #define MBEDTLS_SHA512_VALIDATE_RET(cond) \ - MBEDTLS_VALIDATE_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, cond ) -#define MBEDTLS_SHA512_VALIDATE(cond) MBEDTLS_VALIDATE( cond ) + MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_SHA512_BAD_INPUT_DATA ) +#define MBEDTLS_SHA512_VALIDATE(cond) MBEDTLS_INTERNAL_VALIDATE( cond ) void mbedtls_sha512_init( mbedtls_sha512_context *ctx ) { @@ -122,6 +122,7 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst, int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 ) { MBEDTLS_SHA512_VALIDATE_RET( ctx != NULL ); + MBEDTLS_SHA512_VALIDATE_RET( is384 == 0 || is384 == 1 ); ctx->total[0] = 0; ctx->total[1] = 0; @@ -308,12 +309,12 @@ int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx, size_t fill; unsigned int left; + MBEDTLS_SHA512_VALIDATE_RET( ctx != NULL ); + MBEDTLS_SHA512_VALIDATE_RET( ilen == 0 || input != NULL ); + if( ilen == 0 ) return( 0 ); - MBEDTLS_SHA512_VALIDATE_RET( ctx != NULL ); - MBEDTLS_SHA512_VALIDATE_RET( input != NULL ); - left = (unsigned int) (ctx->total[0] & 0x7F); fill = 128 - left; @@ -447,6 +448,7 @@ int mbedtls_sha512_ret( const unsigned char *input, int ret; mbedtls_sha512_context ctx; + MBEDTLS_SHA512_VALIDATE_RET( is384 == 0 || is384 == 1 ); MBEDTLS_SHA512_VALIDATE_RET( ilen == 0 || input != NULL ); MBEDTLS_SHA512_VALIDATE_RET( (unsigned char *)output != NULL );