Add parameter validation for AES-CTR
diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h
index 93522e6..ae80e9d 100644
--- a/include/mbedtls/aes.h
+++ b/include/mbedtls/aes.h
@@ -561,15 +561,21 @@
* securely discarded as soon as it's no longer needed.
*
* \param ctx The AES context to use for encryption or decryption.
+ * It must be initialized and bound to a key.
* \param length The length of the input data.
* \param nc_off The offset in the current \p stream_block, for
* resuming within the current cipher stream. The
* offset pointer should be 0 at the start of a stream.
+ * It must point to a valid \c size_t.
* \param nonce_counter The 128-bit nonce and counter.
+ * It must be a readable-writeable buffer of 16 Bytes.
* \param stream_block The saved stream block for resuming. This is
* overwritten by the function.
+ * It must be a readable-writeable buffer of 16 Bytes.
* \param input The buffer holding the input data.
+ * It must be readable and of size \p length.
* \param output The buffer holding the output data.
+ * It must be writeable and of size \p length.
*
* \return \c 0 on success.
*/
diff --git a/library/aes.c b/library/aes.c
index 52fc74c..818c599 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -1425,7 +1425,16 @@
unsigned char *output )
{
int c, i;
- size_t n = *nc_off;
+ size_t n;
+
+ AES_VALIDATE_RET( ctx != NULL );
+ AES_VALIDATE_RET( nc_off != NULL );
+ AES_VALIDATE_RET( nonce_counter != NULL );
+ AES_VALIDATE_RET( stream_block != NULL );
+ AES_VALIDATE_RET( input != NULL );
+ AES_VALIDATE_RET( output != NULL );
+
+ n = *nc_off;
if ( n > 0x0F )
return( MBEDTLS_ERR_AES_BAD_INPUT_DATA );
diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function
index d585ffb..07040e5 100644
--- a/tests/suites/test_suite_aes.function
+++ b/tests/suites/test_suite_aes.function
@@ -534,6 +534,27 @@
mbedtls_aes_crypt_ofb( &aes_ctx, 16,
&size, out, in, NULL ) );
#endif /* MBEDTLS_CIPHER_MODE_OFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+ mbedtls_aes_crypt_ctr( NULL, 16, &size, out,
+ out, in, out ) );
+ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+ mbedtls_aes_crypt_ctr( &aes_ctx, 16, NULL, out,
+ out, in, out ) );
+ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+ mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, NULL,
+ out, in, out ) );
+ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+ mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, out,
+ NULL, in, out ) );
+ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+ mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, out,
+ out, NULL, out ) );
+ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+ mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, out,
+ out, in, NULL ) );
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
}
/* END_CASE */