Add parameter validation for AES-CFB functions
diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h
index 1bfa434..4cc4d14 100644
--- a/include/mbedtls/aes.h
+++ b/include/mbedtls/aes.h
@@ -380,13 +380,18 @@
*
*
* \param ctx The AES context to use for encryption or decryption.
+ * It must be initialized and bound to a key.
* \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or
* #MBEDTLS_AES_DECRYPT.
* \param length The length of the input data.
* \param iv_off The offset in IV (updated after use).
+ * It must point to a valid \c size_t.
* \param iv The initialization vector (updated after use).
+ * It must be a readable and writeable buffer of 16 Bytes.
* \param input The buffer holding the input data.
+ * It must be readable and of size \p length.
* \param output The buffer holding the output data.
+ * It must be writeable and of size \p length.
*
* \return \c 0 on success.
*/
@@ -421,12 +426,16 @@
*
*
* \param ctx The AES context to use for encryption or decryption.
+ * It must be initialized and bound to a key.
* \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or
* #MBEDTLS_AES_DECRYPT
* \param length The length of the input data.
* \param iv The initialization vector (updated after use).
+ * It must be a readable and writeable buffer of 16 Bytes.
* \param input The buffer holding the input data.
+ * It must be readable and of size \p length.
* \param output The buffer holding the output data.
+ * It must be writeable and of size \p length.
*
* \return \c 0 on success.
*/
diff --git a/library/aes.c b/library/aes.c
index c15022b..b705290 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -1287,7 +1287,17 @@
unsigned char *output )
{
int c;
- size_t n = *iv_off;
+ size_t n;
+
+ AES_VALIDATE_RET( ctx != NULL );
+ AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT ||
+ mode == MBEDTLS_AES_DECRYPT );
+ AES_VALIDATE_RET( iv_off != NULL );
+ AES_VALIDATE_RET( iv != NULL );
+ AES_VALIDATE_RET( input != NULL );
+ AES_VALIDATE_RET( output != NULL );
+
+ n = *iv_off;
if( mode == MBEDTLS_AES_DECRYPT )
{
@@ -1334,6 +1344,12 @@
unsigned char c;
unsigned char ov[17];
+ AES_VALIDATE_RET( ctx != NULL );
+ AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT ||
+ mode == MBEDTLS_AES_DECRYPT );
+ AES_VALIDATE_RET( iv != NULL );
+ AES_VALIDATE_RET( input != NULL );
+ AES_VALIDATE_RET( output != NULL );
while( length-- )
{
memcpy( ov, iv, 16 );
diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function
index bcffe37..f581cbe 100644
--- a/tests/suites/test_suite_aes.function
+++ b/tests/suites/test_suite_aes.function
@@ -379,6 +379,7 @@
const unsigned char key[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 };
const unsigned char in[16] = { 0 };
unsigned char out[16];
+ size_t size;
TEST_INVALID_PARAM( mbedtls_aes_init( NULL ) );
#if defined(MBEDTLS_CIPHER_MODE_XTS)
@@ -466,6 +467,55 @@
MBEDTLS_AES_ENCRYPT, 16,
in, in, NULL ) );
#endif /* MBEDTLS_CIPHER_MODE_XTS */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+ mbedtls_aes_crypt_cfb128( NULL,
+ MBEDTLS_AES_ENCRYPT, 16,
+ &size, out, in, out ) );
+ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+ mbedtls_aes_crypt_cfb128( &aes_ctx,
+ 42, 16,
+ &size, out, in, out ) );
+ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+ mbedtls_aes_crypt_cfb128( &aes_ctx,
+ MBEDTLS_AES_ENCRYPT, 16,
+ NULL, out, in, out ) );
+ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+ mbedtls_aes_crypt_cfb128( &aes_ctx,
+ MBEDTLS_AES_ENCRYPT, 16,
+ &size, NULL, in, out ) );
+ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+ mbedtls_aes_crypt_cfb128( &aes_ctx,
+ MBEDTLS_AES_ENCRYPT, 16,
+ &size, out, NULL, out ) );
+ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+ mbedtls_aes_crypt_cfb128( &aes_ctx,
+ MBEDTLS_AES_ENCRYPT, 16,
+ &size, out, in, NULL ) );
+
+
+ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+ mbedtls_aes_crypt_cfb8( NULL,
+ MBEDTLS_AES_ENCRYPT, 16,
+ out, in, out ) );
+ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+ mbedtls_aes_crypt_cfb8( &aes_ctx,
+ 42, 16,
+ out, in, out ) );
+ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+ mbedtls_aes_crypt_cfb8( &aes_ctx,
+ MBEDTLS_AES_ENCRYPT, 16,
+ NULL, in, out ) );
+ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+ mbedtls_aes_crypt_cfb8( &aes_ctx,
+ MBEDTLS_AES_ENCRYPT, 16,
+ out, NULL, out ) );
+ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+ mbedtls_aes_crypt_cfb8( &aes_ctx,
+ MBEDTLS_AES_ENCRYPT, 16,
+ out, in, NULL ) );
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
}
/* END_CASE */