Add parameter validation to SHA-512 module

2024-11-22 11:45:42 +01:00 · 2018-12-09 20:58:36 +00:00 · 2018-12-09 20:58:36 +00:00 · ba519b94a5
commit ba519b94a5
parent af0c6cb9e0
4 changed files with 27 additions and 1 deletions
--- a/2
+++ b/2
@ -41,6 +41,8 @@ API Changes
     mbedtls_ctr_drbg_update() -> mbedtls_ctr_drbg_update_ret()
     mbedtls_hmac_drbg_update() -> mbedtls_hmac_drbg_update_ret()
   * Extend ECDH interface to enable alternative implementations.
+   * Add validation checks for input parameters to functions in the SHA-512
+     module.

 New deprecations
   * Deprecate mbedtls_ctr_drbg_update and mbedtls_hmac_drbg_update
--- a/include/mbedtls/error.h
+++ b/include/mbedtls/error.h
@ -76,7 +76,7 @@
 * RIPEMD160 1                  0x0031-0x0031
 * SHA1      1                  0x0035-0x0035
 * SHA256    1                  0x0037-0x0037
- * SHA512    1                  0x0039-0x0039
+ * SHA512    1                  0x0039-0x0039 0x0075-0x0075
 * CHACHA20  3                  0x0051-0x0055
 * POLY1305  3                  0x0057-0x005B
 * CHACHAPOLY 2 0x0054-0x0056
--- a/include/mbedtls/sha512.h
+++ b/include/mbedtls/sha512.h
@ -37,6 +37,7 @@

 /* MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED is deprecated and should not be used. */
 #define MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED                -0x0039  /**< SHA-512 hardware accelerator failed */
+#define MBEDTLS_ERR_SHA512_BAD_INPUT_DATA                 -0x0075  /**< Invalid input data. */

 #ifdef __cplusplus
 extern "C" {
--- a/library/sha512.c
+++ b/library/sha512.c
@ -88,8 +88,14 @@
 }
 #endif /* PUT_UINT64_BE */

+#define MBEDTLS_SHA512_VALIDATE_RET(cond)                           \
+    MBEDTLS_VALIDATE_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, cond )
+#define MBEDTLS_SHA512_VALIDATE(cond)               MBEDTLS_VALIDATE( cond )
+
 void mbedtls_sha512_init( mbedtls_sha512_context *ctx )
 {
+    MBEDTLS_SHA512_VALIDATE( ctx != NULL );
+
    memset( ctx, 0, sizeof( mbedtls_sha512_context ) );
 }

@ -104,6 +110,9 @@ void mbedtls_sha512_free( mbedtls_sha512_context *ctx )
 void mbedtls_sha512_clone( mbedtls_sha512_context *dst,
                           const mbedtls_sha512_context *src )
 {
+    MBEDTLS_SHA512_VALIDATE( dst != NULL );
+    MBEDTLS_SHA512_VALIDATE( src != NULL );
+
    *dst = *src;
 }

@ -112,6 +121,8 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst,
 */
 int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 )
 {
+    MBEDTLS_SHA512_VALIDATE_RET( ctx != NULL );
+
    ctx->total[0] = 0;
    ctx->total[1] = 0;

@ -209,6 +220,9 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx,
    uint64_t temp1, temp2, W[80];
    uint64_t A, B, C, D, E, F, G, H;

+    MBEDTLS_SHA512_VALIDATE_RET( ctx != NULL );
+    MBEDTLS_SHA512_VALIDATE_RET( (const unsigned char *)data != NULL );
+
 #define  SHR(x,n) (x >> n)
 #define ROTR(x,n) (SHR(x,n) | (x << (64 - n)))

@ -297,6 +311,9 @@ int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx,
    if( ilen == 0 )
        return( 0 );

+    MBEDTLS_SHA512_VALIDATE_RET( ctx != NULL );
+    MBEDTLS_SHA512_VALIDATE_RET( input != NULL );
+
    left = (unsigned int) (ctx->total[0] & 0x7F);
    fill = 128 - left;

@ -351,6 +368,9 @@ int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx,
    unsigned used;
    uint64_t high, low;

+    MBEDTLS_SHA512_VALIDATE_RET( ctx != NULL );
+    MBEDTLS_SHA512_VALIDATE_RET( (unsigned char *)output != NULL );
+
    /*
     * Add padding: 0x80 then 0x00 until 16 bytes remain for the length
     */
@ -427,6 +447,9 @@ int mbedtls_sha512_ret( const unsigned char *input,
    int ret;
    mbedtls_sha512_context ctx;

+    MBEDTLS_SHA512_VALIDATE_RET( ilen == 0 || input != NULL );
+    MBEDTLS_SHA512_VALIDATE_RET( (unsigned char *)output != NULL );
+
    mbedtls_sha512_init( &ctx );

    if( ( ret = mbedtls_sha512_starts_ret( &ctx, is384 ) ) != 0 )