commit a8ef1565bb38b707f49b917dbfe8381a2a16c977
author Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com> Fri Aug 05 15:31:57 2022 +0100
committer Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com> Wed Aug 31 10:14:57 2022 +0100
tree b2ce5f9f4d2336d7fa679fd1d23027c2a295f997
parent cac11d7797295ac9cab7085e5fd9a19af393c5ec

Re-introduce ENUM validation in aes.c

Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>

library/aes.c

diff --git a/library/aes.c b/library/aes.c
index 9ad12a6..03eccef 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -51,12 +51,6 @@
 
 #if !defined(MBEDTLS_AES_ALT)
 
-/* Parameter validation macros based on platform_util.h */
-#define AES_VALIDATE_RET( cond )    \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_AES_BAD_INPUT_DATA )
-#define AES_VALIDATE( cond )        \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
-
 #if defined(MBEDTLS_PADLOCK_C) &&                      \
     ( defined(MBEDTLS_HAVE_X86) || defined(MBEDTLS_PADLOCK_ALIGN16) )
 static int aes_padlock_ace = -1;
@@ -954,8 +948,8 @@
                            const unsigned char input[16],
                            unsigned char output[16] )
 {
-    AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT ||
-                      mode == MBEDTLS_AES_DECRYPT );
+    if( mode != MBEDTLS_AES_ENCRYPT && mode != MBEDTLS_AES_DECRYPT )
+        return MBEDTLS_ERR_AES_BAD_INPUT_DATA;
 
 #if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
     if( mbedtls_aesni_has_support( MBEDTLS_AESNI_AES ) )
@@ -995,8 +989,8 @@
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     unsigned char temp[16];
 
-    AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT ||
-                      mode == MBEDTLS_AES_DECRYPT );
+    if( mode != MBEDTLS_AES_ENCRYPT && mode != MBEDTLS_AES_DECRYPT )
+        return MBEDTLS_ERR_AES_BAD_INPUT_DATA;
 
     if( length % 16 )
         return( MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
@@ -1100,8 +1094,8 @@
     unsigned char prev_tweak[16];
     unsigned char tmp[16];
 
-    AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT ||
-                      mode == MBEDTLS_AES_DECRYPT );
+    if( mode != MBEDTLS_AES_ENCRYPT && mode != MBEDTLS_AES_DECRYPT )
+        return MBEDTLS_ERR_AES_BAD_INPUT_DATA;
 
     /* Data units must be at least 16 bytes long. */
     if( length < 16 )
@@ -1205,8 +1199,8 @@
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     size_t n;
 
-    AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT ||
-                      mode == MBEDTLS_AES_DECRYPT );
+    if( mode != MBEDTLS_AES_ENCRYPT && mode != MBEDTLS_AES_DECRYPT )
+        return MBEDTLS_ERR_AES_BAD_INPUT_DATA;
 
     n = *iv_off;
 
@@ -1269,8 +1263,8 @@
     unsigned char c;
     unsigned char ov[17];
 
-    AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT ||
-                      mode == MBEDTLS_AES_DECRYPT );
+    if( mode != MBEDTLS_AES_ENCRYPT && mode != MBEDTLS_AES_DECRYPT )
+        return MBEDTLS_ERR_AES_BAD_INPUT_DATA;
     while( length-- )
     {
         memcpy( ov, iv, 16 );