yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add param validation for mbedtls_aes_crypt_xts()

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2018-12-13 10:15:30 +01:00
parent 3178d1a997
commit 191af1313a
3 changed files with 51 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
include/mbedtls/aes.h
View file

@ -325,6 +325,7 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
* returns #MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH. * returns #MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH.
* *
* \param ctx The AES XTS context to use for AES XTS operations. * \param ctx The AES XTS context to use for AES XTS operations.
* It must be initialized and bound to a key.
* \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or * \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or
* #MBEDTLS_AES_DECRYPT. * #MBEDTLS_AES_DECRYPT.
* \param length The length of a data unit in bytes. This can be any * \param length The length of a data unit in bytes. This can be any

6
library/aes.c
View file

@ -1182,6 +1182,12 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
unsigned char prev_tweak[16]; unsigned char prev_tweak[16];
unsigned char tmp[16]; unsigned char tmp[16];
AES_VALIDATE_RET( ctx != NULL );
AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT ||
mode == MBEDTLS_AES_DECRYPT );
AES_VALIDATE_RET( input != NULL );
AES_VALIDATE_RET( output != NULL );
/* Data units must be at least 16 bytes long. */ /* Data units must be at least 16 bytes long. */
if( length < 16 ) if( length < 16 )
return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH; return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;

52
tests/suites/test_suite_aes.function
View file

@ -194,8 +194,8 @@ exit:
void aes_crypt_xts_size( int size, int retval ) void aes_crypt_xts_size( int size, int retval )
{ {
mbedtls_aes_xts_context ctx; mbedtls_aes_xts_context ctx;
const unsigned char *src = NULL; const unsigned char src[16] = { 0 };
unsigned char *output = NULL; unsigned char output[16];
unsigned char data_unit[16]; unsigned char data_unit[16];
size_t length = size; size_t length = size;
@ -203,10 +203,8 @@ void aes_crypt_xts_size( int size, int retval )
memset( data_unit, 0x00, sizeof( data_unit ) ); memset( data_unit, 0x00, sizeof( data_unit ) );
/* Note that this function will most likely crash on failure, as NULL /* Valid pointers are passed for builds with MBEDTLS_CHECK_PARAMS, as
* parameters will be used. In the passing case, the length check in * otherwise we wouldn't get to the size check we're interested in. */
* mbedtls_aes_crypt_xts() will prevent any accesses to parameters by
* exiting the function early. */
TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, length, data_unit, src, output ) == retval ); TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, length, data_unit, src, output ) == retval );
} }
/* END_CASE */ /* END_CASE */
@ -445,6 +443,29 @@ void aes_check_params( )
MBEDTLS_AES_ENCRYPT, 16, MBEDTLS_AES_ENCRYPT, 16,
out, in, NULL ) ); out, in, NULL ) );
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_XTS)
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_xts( NULL,
MBEDTLS_AES_ENCRYPT, 16,
in, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_xts( &xts_ctx,
42, 16,
in, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_xts( &xts_ctx,
MBEDTLS_AES_ENCRYPT, 16,
NULL, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_xts( &xts_ctx,
MBEDTLS_AES_ENCRYPT, 16,
in, NULL, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_xts( &xts_ctx,
MBEDTLS_AES_ENCRYPT, 16,
in, in, NULL ) );
#endif /* MBEDTLS_CIPHER_MODE_XTS */
} }
/* END_CASE */ /* END_CASE */
@ -452,6 +473,9 @@ void aes_check_params( )
void aes_misc_params( ) void aes_misc_params( )
{ {
mbedtls_aes_context aes_ctx; mbedtls_aes_context aes_ctx;
#if defined(MBEDTLS_CIPHER_MODE_XTS)
mbedtls_aes_xts_context xts_ctx;
#endif
const unsigned char in[16] = { 0 }; const unsigned char in[16] = { 0 };
unsigned char out[16]; unsigned char out[16];
@ -463,13 +487,25 @@ void aes_misc_params( )
#if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
TEST_ASSERT( mbedtls_aes_crypt_cbc( &aes_ctx, MBEDTLS_AES_ENCRYPT, TEST_ASSERT( mbedtls_aes_crypt_cbc( &aes_ctx, MBEDTLS_AES_ENCRYPT,
15, out, in, out ) 15,
out, in, out )
== MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH ); == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
TEST_ASSERT( mbedtls_aes_crypt_cbc( &aes_ctx, MBEDTLS_AES_ENCRYPT, TEST_ASSERT( mbedtls_aes_crypt_cbc( &aes_ctx, MBEDTLS_AES_ENCRYPT,
17, out, in, out ) 17,
out, in, out )
== MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH ); == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
#endif #endif
#if defined(MBEDTLS_CIPHER_MODE_XTS)
TEST_ASSERT( mbedtls_aes_crypt_xts( &xts_ctx, MBEDTLS_AES_ENCRYPT,
15,
in, in, out )
== MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
TEST_ASSERT( mbedtls_aes_crypt_xts( &xts_ctx, MBEDTLS_AES_ENCRYPT,
(1 << 24) + 1,
in, in, out )
== MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
#endif
} }
/* END_CASE */ /* END_CASE */