From 2384f7febdc0e8ad7c1cc10c3ecd28ce7b7ac410 Mon Sep 17 00:00:00 2001 From: Unknown Date: Mon, 24 Dec 2018 05:10:59 -0500 Subject: [PATCH] cmac: improve parameter validation Rename validation macro to adhere to standards. --- library/cmac.c | 41 ++++++++++++++++++++--------------------- 1 file changed, 20 insertions(+), 21 deletions(-) diff --git a/library/cmac.c b/library/cmac.c index 9b7e8bf6b..dee4dfe86 100644 --- a/library/cmac.c +++ b/library/cmac.c @@ -68,9 +68,8 @@ #if !defined(MBEDTLS_CMAC_ALT) || defined(MBEDTLS_SELF_TEST) -#define MBEDTLS_CMAC_VALIDATE_RET(cond) \ +#define CMAC_VALIDATE_RET(cond) \ MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ) -#define MBEDTLS_CMAC_VALIDATE(cond) MBEDTLS_INTERNAL_VALIDATE( cond ) /* * Multiplication by u in the Galois field of GF(2^n) @@ -210,9 +209,9 @@ int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx, mbedtls_cmac_context_t *cmac_ctx; int retval; - MBEDTLS_CMAC_VALIDATE_RET( ctx != NULL ); - MBEDTLS_CMAC_VALIDATE_RET( ctx->cipher_info != NULL ); - MBEDTLS_CMAC_VALIDATE_RET( key != NULL ); + CMAC_VALIDATE_RET( ctx != NULL ); + CMAC_VALIDATE_RET( ctx->cipher_info != NULL ); + CMAC_VALIDATE_RET( key != NULL ); if( ( retval = mbedtls_cipher_setkey( ctx, key, (int)keybits, MBEDTLS_ENCRYPT ) ) != 0 ) @@ -252,9 +251,9 @@ int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx, int ret = 0; size_t n, j, olen, block_size; - MBEDTLS_CMAC_VALIDATE_RET( ctx != NULL ); - MBEDTLS_CMAC_VALIDATE_RET( ctx->cipher_info != NULL ); - MBEDTLS_CMAC_VALIDATE_RET( input != NULL ); + CMAC_VALIDATE_RET( ctx != NULL ); + CMAC_VALIDATE_RET( ctx->cipher_info != NULL ); + CMAC_VALIDATE_RET( ilen == 0 || input != NULL ); cmac_ctx = ctx->cmac_ctx; block_size = ctx->cipher_info->block_size; @@ -323,9 +322,9 @@ int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx, int ret; size_t olen, block_size; - MBEDTLS_CMAC_VALIDATE_RET( ctx != NULL ); - MBEDTLS_CMAC_VALIDATE_RET( ctx->cipher_info != NULL ); - MBEDTLS_CMAC_VALIDATE_RET( ctx->cmac_ctx != NULL ); + CMAC_VALIDATE_RET( ctx != NULL ); + CMAC_VALIDATE_RET( ctx->cipher_info != NULL ); + CMAC_VALIDATE_RET( ctx->cmac_ctx != NULL ); cmac_ctx = ctx->cmac_ctx; block_size = ctx->cipher_info->block_size; @@ -377,9 +376,9 @@ int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx ) { mbedtls_cmac_context_t* cmac_ctx; - MBEDTLS_CMAC_VALIDATE_RET( ctx != NULL ); - MBEDTLS_CMAC_VALIDATE_RET( ctx->cipher_info != NULL ); - MBEDTLS_CMAC_VALIDATE_RET( ctx->cmac_ctx != NULL ); + CMAC_VALIDATE_RET( ctx != NULL ); + CMAC_VALIDATE_RET( ctx->cipher_info != NULL ); + CMAC_VALIDATE_RET( ctx->cmac_ctx != NULL ); cmac_ctx = ctx->cmac_ctx; @@ -401,10 +400,10 @@ int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info, mbedtls_cipher_context_t ctx; int ret; - MBEDTLS_CMAC_VALIDATE_RET( cipher_info != NULL ); - MBEDTLS_CMAC_VALIDATE_RET( key != NULL ); - MBEDTLS_CMAC_VALIDATE_RET( input != NULL ); - MBEDTLS_CMAC_VALIDATE_RET( output != NULL ); + CMAC_VALIDATE_RET( cipher_info != NULL ); + CMAC_VALIDATE_RET( key != NULL ); + CMAC_VALIDATE_RET( ilen == 0 || input != NULL ); + CMAC_VALIDATE_RET( output != NULL ); mbedtls_cipher_init( &ctx ); @@ -440,9 +439,9 @@ int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_length, unsigned char zero_key[MBEDTLS_AES_BLOCK_SIZE]; unsigned char int_key[MBEDTLS_AES_BLOCK_SIZE]; - MBEDTLS_CMAC_VALIDATE_RET( key != NULL ); - MBEDTLS_CMAC_VALIDATE_RET( input != NULL ); - MBEDTLS_CMAC_VALIDATE_RET( output != NULL ); + CMAC_VALIDATE_RET( key != NULL ); + CMAC_VALIDATE_RET( in_len == 0 || input != NULL ); + CMAC_VALIDATE_RET( output != NULL ); cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB ); if( cipher_info == NULL )