From 0f6fef8384d1644d5ab5e32fd57e59fcbe657521 Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Tue, 5 May 2020 09:47:05 -0600
Subject: [PATCH] update armv8 aes gcm sanity checks

---
 wolfcrypt/src/port/arm/armv8-aes.c | 22 ++++++++--------------
 1 file changed, 8 insertions(+), 14 deletions(-)

diff --git a/wolfcrypt/src/port/arm/armv8-aes.c b/wolfcrypt/src/port/arm/armv8-aes.c
index 8999a6f74..8c3796e18 100644
--- a/wolfcrypt/src/port/arm/armv8-aes.c
+++ b/wolfcrypt/src/port/arm/armv8-aes.c
@@ -2534,8 +2534,7 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
     if (aes == NULL || (iv == NULL && ivSz > 0) ||
                        (authTag == NULL) ||
                        (authIn == NULL && authInSz > 0) ||
-                       (in == NULL && sz > 0) ||
-                       (out == NULL && sz > 0)) {
+                       (ivSz == 0)) {
         WOLFSSL_MSG("a NULL parameter passed in when size is larger than 0");
         return BAD_FUNC_ARG;
     }
@@ -2599,11 +2598,9 @@ int  wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
     ctr = counter ;
 
     /* sanity checks */
-    if (aes == NULL || (iv == NULL && ivSz > 0) ||
-                       (authTag == NULL) ||
-                       (authIn == NULL && authInSz > 0) ||
-                       (in  == NULL && sz > 0) ||
-                       (out == NULL && sz > 0)) {
+    if (aes == NULL || iv == NULL || (sz != 0 && (in == NULL || out == NULL)) ||
+        authTag == NULL || authTagSz > AES_BLOCK_SIZE || authTagSz == 0 ||
+        ivSz == 0) {
         WOLFSSL_MSG("a NULL parameter passed in when size is larger than 0");
         return BAD_FUNC_ARG;
     }
@@ -4199,8 +4196,7 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
     if (aes == NULL || (iv == NULL && ivSz > 0) ||
                        (authTag == NULL) ||
                        (authIn == NULL && authInSz > 0) ||
-                       (in == NULL && sz > 0) ||
-                       (out == NULL && sz > 0)) {
+                       (ivSz == 0)) {
         WOLFSSL_MSG("a NULL parameter passed in when size is larger than 0");
         return BAD_FUNC_ARG;
     }
@@ -4280,11 +4276,9 @@ int  wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
     ctr = counter ;
 
     /* sanity checks */
-    if (aes == NULL || (iv == NULL && ivSz > 0) ||
-                       (authTag == NULL) ||
-                       (authIn == NULL && authInSz > 0) ||
-                       (in  == NULL && sz > 0) ||
-                       (out == NULL && sz > 0)) {
+    if (aes == NULL || iv == NULL || (sz != 0 && (in == NULL || out == NULL)) ||
+        authTag == NULL || authTagSz > AES_BLOCK_SIZE || authTagSz == 0 ||
+        ivSz == 0) {
         WOLFSSL_MSG("a NULL parameter passed in when size is larger than 0");
         return BAD_FUNC_ARG;
     }