Add optional parameter validation to the AES module

This adds additional and optional parameter validation to the AES module that
can be used by enabling the MBEDTLS_CHECK_PARAMS config.h option.
This commit is contained in:
Simon Butcher 2018-12-06 17:40:14 +00:00 committed by Manuel Pégourié-Gonnard
parent b4868034dd
commit 5201e414aa
2 changed files with 38 additions and 8 deletions

View file

@ -67,6 +67,26 @@
/* MBEDTLS_ERR_AES_HW_ACCEL_FAILED is deprecated and should not be used. */ /* MBEDTLS_ERR_AES_HW_ACCEL_FAILED is deprecated and should not be used. */
#define MBEDTLS_ERR_AES_HW_ACCEL_FAILED -0x0025 /**< AES hardware accelerator failed. */ #define MBEDTLS_ERR_AES_HW_ACCEL_FAILED -0x0025 /**< AES hardware accelerator failed. */
#if defined( MBEDTLS_CHECK_PARAMS )
#define MBEDTLS_AES_VALIDATE_RET( cond ) do{ if( !(cond) ) { \
MBEDTLS_PARAM_FAILED( #cond, \
__FILE__, \
__LINE__ ); \
return MBEDTLS_ERR_AES_BAD_INPUT_DATA;} \
} while(0);
#define MBEDTLS_AES_VALIDATE( cond ) do{ if( !(cond) ) { \
MBEDTLS_PARAM_FAILED( #cond, \
__FILE__, \
__LINE__ ); \
return; } \
} while(0);
#else
/* No validation of parameters will be performed */
#define MBEDTLS_AES_VALIDATE_RET( cond )
#define MBEDTLS_AES_VALIDATE( cond)
#endif
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus) !defined(inline) && !defined(__cplusplus)
#define inline __inline #define inline __inline

View file

@ -511,6 +511,8 @@ static void aes_gen_tables( void )
void mbedtls_aes_init( mbedtls_aes_context *ctx ) void mbedtls_aes_init( mbedtls_aes_context *ctx )
{ {
MBEDTLS_AES_VALIDATE( ctx != NULL );
memset( ctx, 0, sizeof( mbedtls_aes_context ) ); memset( ctx, 0, sizeof( mbedtls_aes_context ) );
} }
@ -525,12 +527,16 @@ void mbedtls_aes_free( mbedtls_aes_context *ctx )
#if defined(MBEDTLS_CIPHER_MODE_XTS) #if defined(MBEDTLS_CIPHER_MODE_XTS)
void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx ) void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx )
{ {
MBEDTLS_AES_VALIDATE( ctx != NULL );
mbedtls_aes_init( &ctx->crypt ); mbedtls_aes_init( &ctx->crypt );
mbedtls_aes_init( &ctx->tweak ); mbedtls_aes_init( &ctx->tweak );
} }
void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx ) void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx )
{ {
MBEDTLS_AES_VALIDATE( ctx != NULL );
mbedtls_aes_free( &ctx->crypt ); mbedtls_aes_free( &ctx->crypt );
mbedtls_aes_free( &ctx->tweak ); mbedtls_aes_free( &ctx->tweak );
} }
@ -546,14 +552,7 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int i; unsigned int i;
uint32_t *RK; uint32_t *RK;
#if !defined(MBEDTLS_AES_ROM_TABLES) MBEDTLS_AES_VALIDATE_RET( ctx != NULL && key != NULL );
if( aes_init_done == 0 )
{
aes_gen_tables();
aes_init_done = 1;
}
#endif
switch( keybits ) switch( keybits )
{ {
@ -563,6 +562,15 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH ); default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH );
} }
#if !defined(MBEDTLS_AES_ROM_TABLES)
if( aes_init_done == 0 )
{
aes_gen_tables();
aes_init_done = 1;
}
#endif
#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_PADLOCK_ALIGN16) #if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_PADLOCK_ALIGN16)
if( aes_padlock_ace == -1 ) if( aes_padlock_ace == -1 )
aes_padlock_ace = mbedtls_padlock_has_support( MBEDTLS_PADLOCK_ACE ); aes_padlock_ace = mbedtls_padlock_has_support( MBEDTLS_PADLOCK_ACE );
@ -662,6 +670,8 @@ int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
uint32_t *RK; uint32_t *RK;
uint32_t *SK; uint32_t *SK;
MBEDTLS_AES_VALIDATE_RET( ctx != NULL && key != NULL );
mbedtls_aes_init( &cty ); mbedtls_aes_init( &cty );
#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_PADLOCK_ALIGN16) #if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_PADLOCK_ALIGN16)