From 79e593f617e8862b0d5991ef048f3c57313d3c8c Mon Sep 17 00:00:00 2001 From: Andres Amaya Garcia Date: Sun, 9 Dec 2018 20:41:20 +0000 Subject: [PATCH] Add parameter validation to SHA-256 module --- ChangeLog | 2 ++ include/mbedtls/error.h | 2 +- include/mbedtls/sha256.h | 1 + library/sha256.c | 23 +++++++++++++++++++++++ 4 files changed, 27 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 66a8ce92f..5d6e40831 100644 --- a/ChangeLog +++ b/ChangeLog @@ -41,6 +41,8 @@ API Changes mbedtls_ctr_drbg_update() -> mbedtls_ctr_drbg_update_ret() mbedtls_hmac_drbg_update() -> mbedtls_hmac_drbg_update_ret() * Extend ECDH interface to enable alternative implementations. + * Add validation checks for input parameters to functions in the SHA-256 + module. New deprecations * Deprecate mbedtls_ctr_drbg_update and mbedtls_hmac_drbg_update diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 0c3888987..5f6e8efb9 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -75,7 +75,7 @@ * MD5 1 0x002F-0x002F * RIPEMD160 1 0x0031-0x0031 * SHA1 1 0x0035-0x0035 - * SHA256 1 0x0037-0x0037 + * SHA256 1 0x0037-0x0037 0x0074-0x0074 * SHA512 1 0x0039-0x0039 * CHACHA20 3 0x0051-0x0055 * POLY1305 3 0x0057-0x005B diff --git a/include/mbedtls/sha256.h b/include/mbedtls/sha256.h index 47a31e83a..bd323dd5b 100644 --- a/include/mbedtls/sha256.h +++ b/include/mbedtls/sha256.h @@ -38,6 +38,7 @@ /* MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED is deprecated and should not be used. */ #define MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED -0x0037 /**< SHA-256 hardware accelerator failed */ +#define MBEDTLS_ERR_SHA256_BAD_INPUT_DATA -0x0074 /**< Invalid input data. */ #ifdef __cplusplus extern "C" { diff --git a/library/sha256.c b/library/sha256.c index dbb4a8986..2f1968530 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -74,8 +74,14 @@ do { \ } while( 0 ) #endif +#define MBEDTLS_SHA256_VALIDATE_RET(cond) \ + MBEDTLS_VALIDATE_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, cond ) +#define MBEDTLS_SHA256_VALIDATE(cond) MBEDTLS_VALIDATE( cond ) + void mbedtls_sha256_init( mbedtls_sha256_context *ctx ) { + MBEDTLS_SHA256_VALIDATE( ctx != NULL ); + memset( ctx, 0, sizeof( mbedtls_sha256_context ) ); } @@ -90,6 +96,9 @@ void mbedtls_sha256_free( mbedtls_sha256_context *ctx ) void mbedtls_sha256_clone( mbedtls_sha256_context *dst, const mbedtls_sha256_context *src ) { + MBEDTLS_SHA256_VALIDATE( dst != NULL ); + MBEDTLS_SHA256_VALIDATE( src != NULL ); + *dst = *src; } @@ -98,6 +107,8 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst, */ int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ) { + MBEDTLS_SHA256_VALIDATE( ctx != NULL ); + ctx->total[0] = 0; ctx->total[1] = 0; @@ -192,6 +203,9 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, uint32_t A[8]; unsigned int i; + MBEDTLS_SHA256_VALIDATE_RET( ctx != NULL ); + MBEDTLS_SHA256_VALIDATE_RET( (const unsigned char *)data != NULL ); + for( i = 0; i < 8; i++ ) A[i] = ctx->state[i]; @@ -266,6 +280,9 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, if( ilen == 0 ) return( 0 ); + MBEDTLS_SHA256_VALIDATE_RET( ctx != NULL ); + MBEDTLS_SHA256_VALIDATE_RET( input != NULL ); + left = ctx->total[0] & 0x3F; fill = 64 - left; @@ -321,6 +338,9 @@ int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, uint32_t used; uint32_t high, low; + MBEDTLS_SHA256_VALIDATE_RET( ctx != NULL ); + MBEDTLS_SHA256_VALIDATE_RET( (unsigned char *)output != NULL ); + /* * Add padding: 0x80 then 0x00 until 8 bytes remain for the length */ @@ -395,6 +415,9 @@ int mbedtls_sha256_ret( const unsigned char *input, int ret; mbedtls_sha256_context ctx; + MBEDTLS_SHA256_VALIDATE_RET( ilen == 0 || input != NULL ); + MBEDTLS_SHA256_VALIDATE_RET( (unsigned char *)output != NULL ); + mbedtls_sha256_init( &ctx ); if( ( ret = mbedtls_sha256_starts_ret( &ctx, is224 ) ) != 0 )