yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-22 16:25:43 +01:00
Code Issues Packages Projects Releases Wiki Activity

Implement parameter validation for Blowfish module

Browse Source
This commit is contained in:
Hanno Becker 2018-12-12 18:46:09 +00:00
parent 3b4d6c6925
commit 541aa69de4
1 changed files with 50 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
library/blowfish.c
View File

@ -40,6 +40,12 @@
#if !defined(MBEDTLS_BLOWFISH_ALT) #if !defined(MBEDTLS_BLOWFISH_ALT)
/* Parameter validation macros */
#define BLOWFISH_VALIDATE_RET( cond ) \
MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA )
#define BLOWFISH_VALIDATE( cond ) \
MBEDTLS_INTERNAL_VALIDATE( cond )
/* /*
* 32-bit integer manipulation macros (big endian) * 32-bit integer manipulation macros (big endian)
*/ */
@ -153,6 +159,7 @@ static void blowfish_dec( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t
void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx ) void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx )
{ {
BLOWFISH_VALIDATE( ctx != NULL );
memset( ctx, 0, sizeof( mbedtls_blowfish_context ) ); memset( ctx, 0, sizeof( mbedtls_blowfish_context ) );
} }
@ -167,14 +174,18 @@ void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx )
/* /*
* Blowfish key schedule * Blowfish key schedule
*/ */
int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, const unsigned char *key, int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx,
unsigned int keybits ) const unsigned char *key,
unsigned int keybits )
{ {
unsigned int i, j, k; unsigned int i, j, k;
uint32_t data, datal, datar; uint32_t data, datal, datar;
BLOWFISH_VALIDATE_RET( ctx != NULL );
BLOWFISH_VALIDATE_RET( key != NULL );
if( keybits < MBEDTLS_BLOWFISH_MIN_KEY_BITS || keybits > MBEDTLS_BLOWFISH_MAX_KEY_BITS || if( keybits < MBEDTLS_BLOWFISH_MIN_KEY_BITS ||
( keybits % 8 ) ) keybits > MBEDTLS_BLOWFISH_MAX_KEY_BITS ||
keybits % 8 != 0 )
{ {
return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA ); return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA );
} }
@ -231,6 +242,11 @@ int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx,
unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE] ) unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE] )
{ {
uint32_t X0, X1; uint32_t X0, X1;
BLOWFISH_VALIDATE_RET( ctx != NULL );
BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT ||
mode == MBEDTLS_BLOWFISH_DECRYPT );
BLOWFISH_VALIDATE_RET( input != NULL );
BLOWFISH_VALIDATE_RET( output != NULL );
GET_UINT32_BE( X0, input, 0 ); GET_UINT32_BE( X0, input, 0 );
GET_UINT32_BE( X1, input, 4 ); GET_UINT32_BE( X1, input, 4 );
@ -263,6 +279,12 @@ int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx,
{ {
int i; int i;
unsigned char temp[MBEDTLS_BLOWFISH_BLOCKSIZE]; unsigned char temp[MBEDTLS_BLOWFISH_BLOCKSIZE];
BLOWFISH_VALIDATE_RET( ctx != NULL );
BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT ||
mode == MBEDTLS_BLOWFISH_DECRYPT );
BLOWFISH_VALIDATE_RET( iv != NULL );
BLOWFISH_VALIDATE_RET( length == 0 || input != NULL );
BLOWFISH_VALIDATE_RET( length == 0 || output != NULL );
if( length % MBEDTLS_BLOWFISH_BLOCKSIZE ) if( length % MBEDTLS_BLOWFISH_BLOCKSIZE )
return( MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH ); return( MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH );
@ -317,7 +339,19 @@ int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx,
unsigned char *output ) unsigned char *output )
{ {
int c; int c;
size_t n = *iv_off; size_t n;
BLOWFISH_VALIDATE_RET( ctx != NULL );
BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT ||
mode == MBEDTLS_BLOWFISH_DECRYPT );
BLOWFISH_VALIDATE_RET( iv != NULL );
BLOWFISH_VALIDATE_RET( iv_off != NULL );
BLOWFISH_VALIDATE_RET( length == 0 || input != NULL );
BLOWFISH_VALIDATE_RET( length == 0 || output != NULL );
n = *iv_off;
if( n >= 8 )
return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA );
if( mode == MBEDTLS_BLOWFISH_DECRYPT ) if( mode == MBEDTLS_BLOWFISH_DECRYPT )
{ {
@ -365,7 +399,17 @@ int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx,
unsigned char *output ) unsigned char *output )
{ {
int c, i; int c, i;
size_t n = *nc_off; size_t n;
BLOWFISH_VALIDATE_RET( ctx != NULL );
BLOWFISH_VALIDATE_RET( nonce_counter != NULL );
BLOWFISH_VALIDATE_RET( stream_block != NULL );
BLOWFISH_VALIDATE_RET( nc_off != NULL );
BLOWFISH_VALIDATE_RET( length == 0 || input != NULL );
BLOWFISH_VALIDATE_RET( length == 0 || output != NULL );
n = *nc_off;
if( n >= 8 )
return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA );
while( length-- ) while( length-- )
{ {