yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2026-04-20 22:05:15 +00:00
Code Issues Projects Releases Packages Wiki Activity

cipher_auth_xxcrypt(): fix some null pointer handling

Browse source 
Make sure that if a buffer is allowed to be empty, a null pointer is
accepted if the buffer length is 0. This was already the case for most
but not all arguments to mbedtls_cipher_auth_{en,de}crypt{,_ext}.

Make sure to pass NULL for an empty buffer in the tests.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2020-12-03 20:27:27 +01:00 committed by Manuel Pégourié-Gonnard
parent b23e31d86a
commit 70edd689a8
2 changed files with 22 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

19
tests/suites/test_suite_cipher.function
View file

@ -1155,6 +1155,16 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
unsigned char *tag_buf = NULL;
#endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */
/* Null pointers are documented as valid for inputs of length 0.
* The test framework passes non-null pointers, so set them to NULL.
* key, cipher and tag can't be empty. */
if( iv->len == 0 )
iv->x = NULL;
if( ad->len == 0 )
ad->x = NULL;
if( clear->len == 0 )
clear->x = NULL;
mbedtls_cipher_init( &ctx );
/* Initialize PSA Crypto */
@ -1345,8 +1355,7 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
* Authenticate and decrypt, and check result
*/
/* We can't pass a NULL output buffer to this function */
ASSERT_ALLOC( decrypt_buf, cipher->len ? cipher->len : 1 );
ASSERT_ALLOC( decrypt_buf, cipher->len );
outlen = 0;
ret = mbedtls_cipher_auth_decrypt( &ctx, iv->x, iv->len, ad->x, ad->len,
tmp_cipher, cipher->len, decrypt_buf, &outlen,
@ -1397,8 +1406,7 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
else
#endif /* MBEDTLS_USE_PSA_CRYPTO */
{
/* can't pass a NULL output buffer to this function */
ASSERT_ALLOC( encrypt_buf, cipher->len ? cipher->len : 1 );
ASSERT_ALLOC( encrypt_buf, cipher->len );
ASSERT_ALLOC( tag_buf, tag->len );
tmp_cipher = encrypt_buf;
tmp_tag = tag_buf;
@ -1421,7 +1429,8 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
TEST_ASSERT( ret == 0 );
TEST_ASSERT( outlen == cipher->len );
TEST_ASSERT( memcmp( tmp_cipher, cipher->x, cipher->len ) == 0 );
if( cipher->len != 0 )
TEST_ASSERT( memcmp( tmp_cipher, cipher->x, cipher->len ) == 0 );
TEST_ASSERT( memcmp( tmp_tag, tag->x, tag->len ) == 0 );
}
}