Merge pull request #459 from ejohnstown/aes-cmac-fixes

AES-CMAC Fixes
2016-06-23 22:10:26 -06:00
parent 746ae2f4e5 ffb537c33f
commit 379af941a8
2 changed files with 22 additions and 5 deletions
--- a/wolfcrypt/src/cmac.c
+++ b/wolfcrypt/src/cmac.c
@ -165,10 +165,22 @@ int wc_AesCmacGenerate(byte* out, word32* outSz,
                       const byte* key, word32 keySz)
 {
    Cmac cmac;
+    int ret;

-    wc_InitCmac(&cmac, key, keySz, WC_CMAC_AES, NULL);
-    wc_CmacUpdate(&cmac, in, inSz);
-    wc_CmacFinal(&cmac, out, outSz);
+    if (out == NULL || (in == NULL && inSz > 0) || key == NULL || keySz == 0)
+        return BAD_FUNC_ARG;
+
+    ret = wc_InitCmac(&cmac, key, keySz, WC_CMAC_AES, NULL);
+    if (ret != 0)
+        return ret;
+
+    ret = wc_CmacUpdate(&cmac, in, inSz);
+    if (ret != 0)
+        return ret;
+
+    ret = wc_CmacFinal(&cmac, out, outSz);
+    if (ret != 0)
+        return ret;

    return 0;
 }
@ -183,6 +195,11 @@ int wc_AesCmacVerify(const byte* check, word32 checkSz,
    int result;
    int compareRet;

+    if (check == NULL || checkSz == 0 || (in == NULL && inSz != 0) ||
+        key == NULL || keySz == 0)
+
+        return BAD_FUNC_ARG;
+
    XMEMSET(a, 0, aSz);
    result = wc_AesCmacGenerate(a, &aSz, in, inSz, key, keySz);
    compareRet = ConstantCompare(check, a, min(checkSz, aSz));
--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@ -2906,7 +2906,7 @@ int aes_test(void)
    }
 #endif /* WOLFSSL_AES_COUNTER */

-#if defined(WOLFSSL_AESNI) && defined(WOLFSSL_AES_DIRECT)
+#ifdef WOLFSSL_AES_DIRECT
    {
        const byte niPlain[] =
        {
@ -2944,7 +2944,7 @@ int aes_test(void)
        if (XMEMCMP(plain, niPlain, AES_BLOCK_SIZE) != 0)
            return -20007;
    }
-#endif /* WOLFSSL_AESNI && WOLFSSL_AES_DIRECT */
+#endif /* WOLFSSL_AES_DIRECT */

    return ret;
 }