RSA encryption: accept input=NULL if ilen=0 In mbedtls_rsa_rsaes_oaep_encrypt and mbedtls_rsa_rsaes_pkcs1_v15_encrypt, if the input length is 0 (which is unusual and mostly useless, but permitted) then it is fine for the input pointer to be NULL. Don't return an error in this case. When `input` is NULL, `memcpy( p, input, ilen )` has undefined behavior even if `ilen` is zero. So skip the `memcpy` call in this case. Likewise, in `mbedtls_rsa_rsaes_oaep_decrypt`, skip the `memcpy` call if `*olen` is zero.

commit: 004f87b98dd9e5fb685d46b7212f6ca1c82648b3 [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Fri Jul 06 15:47:54 2018 +0200
committer: Andrzej Kurek <andrzej.kurek@mobica.com> Mon Feb 11 03:39:21 2019 -0500
tree: f39d8b4c421da5a169bb4a52853b5c1123a73e22
parent: fb236739da03bc6c0673e6a87a210fd7d055623e [diff] [blame]
diff --git a/library/rsa.c b/library/rsa.c
index 389d747..c8244d3 100644
--- a/library/rsa.c
+++ b/library/rsa.c

@@ -1171,7 +1171,8 @@
     p += hlen;
     p += olen - 2 * hlen - 2 - ilen;
     *p++ = 1;
-    memcpy( p, input, ilen );
+    if( ilen != 0 )
+        memcpy( p, input, ilen );
 
     mbedtls_md_init( &md_ctx );
     if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 )
@@ -1263,7 +1264,8 @@
     }
 
     *p++ = 0;
-    memcpy( p, input, ilen );
+    if( ilen != 0 )
+        memcpy( p, input, ilen );
 
     return( ( mode == MBEDTLS_RSA_PUBLIC )
             ? mbedtls_rsa_public(  ctx, output, output )
@@ -1441,7 +1443,8 @@
     }
 
     *olen = ilen - (p - buf);
-    memcpy( output, p, *olen );
+    if( *olen != 0 )
+        memcpy( output, p, *olen );
     ret = 0;
 
 cleanup:
commit	004f87b98dd9e5fb685d46b7212f6ca1c82648b3	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Fri Jul 06 15:47:54 2018 +0200
committer	Andrzej Kurek <andrzej.kurek@mobica.com>	Mon Feb 11 03:39:21 2019 -0500
tree	f39d8b4c421da5a169bb4a52853b5c1123a73e22
parent	fb236739da03bc6c0673e6a87a210fd7d055623e [diff] [blame]