Merge pull request #459 from ejohnstown/aes-cmac-fixes

AES-CMAC Fixes

wolfcrypt/src/cmac.c

@@ -165,10 +165,22 @@ int wc_AesCmacGenerate(byte* out, word32* outSz,
                        const byte* key, word32 keySz)
 {
     Cmac cmac;
+    int ret;
 
-    wc_InitCmac(&cmac, key, keySz, WC_CMAC_AES, NULL);
+    if (out == NULL || (in == NULL && inSz > 0) || key == NULL || keySz == 0)
-    wc_CmacUpdate(&cmac, in, inSz);
+        return BAD_FUNC_ARG;
-    wc_CmacFinal(&cmac, out, outSz);
+
+    ret = wc_InitCmac(&cmac, key, keySz, WC_CMAC_AES, NULL);
+    if (ret != 0)
+        return ret;
+
+    ret = wc_CmacUpdate(&cmac, in, inSz);
+    if (ret != 0)
+        return ret;
+
+    ret = wc_CmacFinal(&cmac, out, outSz);
+    if (ret != 0)
+        return ret;
 
     return 0;
 }
@@ -183,6 +195,11 @@ int wc_AesCmacVerify(const byte* check, word32 checkSz,
     int result;
     int compareRet;
 
+    if (check == NULL || checkSz == 0 || (in == NULL && inSz != 0) ||
+        key == NULL || keySz == 0)
+
+        return BAD_FUNC_ARG;
+
     XMEMSET(a, 0, aSz);
     result = wc_AesCmacGenerate(a, &aSz, in, inSz, key, keySz);
     compareRet = ConstantCompare(check, a, min(checkSz, aSz));

wolfcrypt/test/test.c

@@ -2906,7 +2906,7 @@ int aes_test(void)
     }
 #endif /* WOLFSSL_AES_COUNTER */
 
-#if defined(WOLFSSL_AESNI) && defined(WOLFSSL_AES_DIRECT)
+#ifdef WOLFSSL_AES_DIRECT
     {
         const byte niPlain[] =
         {
@@ -2944,7 +2944,7 @@ int aes_test(void)
         if (XMEMCMP(plain, niPlain, AES_BLOCK_SIZE) != 0)
             return -20007;
     }
-#endif /* WOLFSSL_AESNI && WOLFSSL_AES_DIRECT */
+#endif /* WOLFSSL_AES_DIRECT */
 
     return ret;
 }