From 1677cca54b51f0c82c6ec24825443ae0fc592a1f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 13 Dec 2018 10:27:13 +0100 Subject: [PATCH] Add parameter validation for AES-CFB functions --- include/mbedtls/aes.h | 9 +++++ library/aes.c | 18 +++++++++- tests/suites/test_suite_aes.function | 50 ++++++++++++++++++++++++++++ 3 files changed, 76 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h index 1bfa434c0..4cc4d143d 100644 --- a/include/mbedtls/aes.h +++ b/include/mbedtls/aes.h @@ -380,13 +380,18 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx, * * * \param ctx The AES context to use for encryption or decryption. + * It must be initialized and bound to a key. * \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or * #MBEDTLS_AES_DECRYPT. * \param length The length of the input data. * \param iv_off The offset in IV (updated after use). + * It must point to a valid \c size_t. * \param iv The initialization vector (updated after use). + * It must be a readable and writeable buffer of 16 Bytes. * \param input The buffer holding the input data. + * It must be readable and of size \p length. * \param output The buffer holding the output data. + * It must be writeable and of size \p length. * * \return \c 0 on success. */ @@ -421,12 +426,16 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx, * * * \param ctx The AES context to use for encryption or decryption. + * It must be initialized and bound to a key. * \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or * #MBEDTLS_AES_DECRYPT * \param length The length of the input data. * \param iv The initialization vector (updated after use). + * It must be a readable and writeable buffer of 16 Bytes. * \param input The buffer holding the input data. + * It must be readable and of size \p length. * \param output The buffer holding the output data. + * It must be writeable and of size \p length. * * \return \c 0 on success. */ diff --git a/library/aes.c b/library/aes.c index c15022b91..b70529011 100644 --- a/library/aes.c +++ b/library/aes.c @@ -1287,7 +1287,17 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx, unsigned char *output ) { int c; - size_t n = *iv_off; + size_t n; + + AES_VALIDATE_RET( ctx != NULL ); + AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT || + mode == MBEDTLS_AES_DECRYPT ); + AES_VALIDATE_RET( iv_off != NULL ); + AES_VALIDATE_RET( iv != NULL ); + AES_VALIDATE_RET( input != NULL ); + AES_VALIDATE_RET( output != NULL ); + + n = *iv_off; if( mode == MBEDTLS_AES_DECRYPT ) { @@ -1334,6 +1344,12 @@ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx, unsigned char c; unsigned char ov[17]; + AES_VALIDATE_RET( ctx != NULL ); + AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT || + mode == MBEDTLS_AES_DECRYPT ); + AES_VALIDATE_RET( iv != NULL ); + AES_VALIDATE_RET( input != NULL ); + AES_VALIDATE_RET( output != NULL ); while( length-- ) { memcpy( ov, iv, 16 ); diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function index bcffe37b6..f581cbe7f 100644 --- a/tests/suites/test_suite_aes.function +++ b/tests/suites/test_suite_aes.function @@ -379,6 +379,7 @@ void aes_check_params( ) const unsigned char key[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 }; const unsigned char in[16] = { 0 }; unsigned char out[16]; + size_t size; TEST_INVALID_PARAM( mbedtls_aes_init( NULL ) ); #if defined(MBEDTLS_CIPHER_MODE_XTS) @@ -466,6 +467,55 @@ void aes_check_params( ) MBEDTLS_AES_ENCRYPT, 16, in, in, NULL ) ); #endif /* MBEDTLS_CIPHER_MODE_XTS */ + +#if defined(MBEDTLS_CIPHER_MODE_CFB) + TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb128( NULL, + MBEDTLS_AES_ENCRYPT, 16, + &size, out, in, out ) ); + TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb128( &aes_ctx, + 42, 16, + &size, out, in, out ) ); + TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb128( &aes_ctx, + MBEDTLS_AES_ENCRYPT, 16, + NULL, out, in, out ) ); + TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb128( &aes_ctx, + MBEDTLS_AES_ENCRYPT, 16, + &size, NULL, in, out ) ); + TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb128( &aes_ctx, + MBEDTLS_AES_ENCRYPT, 16, + &size, out, NULL, out ) ); + TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb128( &aes_ctx, + MBEDTLS_AES_ENCRYPT, 16, + &size, out, in, NULL ) ); + + + TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb8( NULL, + MBEDTLS_AES_ENCRYPT, 16, + out, in, out ) ); + TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb8( &aes_ctx, + 42, 16, + out, in, out ) ); + TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb8( &aes_ctx, + MBEDTLS_AES_ENCRYPT, 16, + NULL, in, out ) ); + TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb8( &aes_ctx, + MBEDTLS_AES_ENCRYPT, 16, + out, NULL, out ) ); + TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb8( &aes_ctx, + MBEDTLS_AES_ENCRYPT, 16, + out, in, NULL ) ); +#endif /* MBEDTLS_CIPHER_MODE_CFB */ } /* END_CASE */