Merge pull request #593 from JacobBarthelmeh/ARMv8

ARMv8 : sanity checks
2016-10-12 11:23:27 -07:00
parent 11102b6726 eb9161d8a7
commit ffb2a8ff12
3 changed files with 395 additions and 356 deletions
--- a/wolfcrypt/benchmark/benchmark.c
+++ b/wolfcrypt/benchmark/benchmark.c
@ -120,7 +120,6 @@
    #include <sys/syscall.h>
    #include <unistd.h>

-    #define HAVE_GET_CYCLES
    static word64 begin_cycles;
    static word64 total_cycles;
    static int cycles = -1;
@ -2534,7 +2533,7 @@ void bench_ed25519KeySign(void)

 #endif /* _WIN32 */

-#ifdef HAVE_GET_CYCLES
+#if defined(HAVE_GET_CYCLES)

 static INLINE word64 get_intel_cycles(void)
 {
--- a/wolfcrypt/src/port/arm/armv8-aes.c
+++ b/wolfcrypt/src/port/arm/armv8-aes.c
@ -2511,10 +2511,10 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
 {
    /* sanity checks */
    if (aes == NULL || (iv == NULL && ivSz > 0) ||
-                       (authTag == NULL && authTagSz > 0) ||
-                       (authIn == NULL && authInSz > 0) ||
+                       (authTag == NULL) ||
+                       (authIn == NULL) ||
                       (in == NULL && sz > 0) ||
-                       (out == NULL && authTag == NULL)) {
+                       (out == NULL && sz > 0)) {
        WOLFSSL_MSG("a NULL parameter passed in when size is larger than 0");
        return BAD_FUNC_ARG;
    }
@ -2571,10 +2571,10 @@ int  wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,

    /* sanity checks */
    if (aes == NULL || (iv == NULL && ivSz > 0) ||
-                       (authTag == NULL && authTagSz > 0) ||
-                       (authIn == NULL && authInSz > 0) ||
+                       (authTag == NULL) ||
+                       (authIn == NULL) ||
                       (in  == NULL && sz > 0) ||
-                       (out == NULL && authTag == NULL)) {
+                       (out == NULL && sz > 0)) {
        WOLFSSL_MSG("a NULL parameter passed in when size is larger than 0");
        return BAD_FUNC_ARG;
    }
@ -2827,6 +2827,12 @@ int  wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
    if (partial != 0) {
        IncrementGcmCounter(ctr);
        wc_AesEncrypt(aes, ctr, scratch);
+
+        /* check if pointer is null after main AES-GCM blocks
+         * helps static analysis */
+        if (p == NULL || c == NULL) {
+            return BAD_STATE_E;
+        }
        xorbuf(scratch, c, partial);
        XMEMCPY(p, scratch, partial);
    }
@ -4157,10 +4163,10 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,

    /* sanity checks */
    if (aes == NULL || (iv == NULL && ivSz > 0) ||
-                       (authTag == NULL && authTagSz > 0) ||
-                       (authIn == NULL && authInSz > 0) ||
+                       (authTag == NULL) ||
+                       (authIn == NULL) ||
                       (in == NULL && sz > 0) ||
-                       (out == NULL && authTag == NULL)) {
+                       (out == NULL && sz > 0)) {
        WOLFSSL_MSG("a NULL parameter passed in when size is larger than 0");
        return BAD_FUNC_ARG;
    }
@ -4234,6 +4240,16 @@ int  wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
    byte scratch[AES_BLOCK_SIZE];
    ctr = counter ;

+    /* sanity checks */
+    if (aes == NULL || (iv == NULL && ivSz > 0) ||
+                       (authTag == NULL) ||
+                       (authIn == NULL) ||
+                       (in  == NULL && sz > 0) ||
+                       (out == NULL && sz > 0)) {
+        WOLFSSL_MSG("a NULL parameter passed in when size is larger than 0");
+        return BAD_FUNC_ARG;
+    }
+
    XMEMSET(initialCounter, 0, AES_BLOCK_SIZE);
    if (ivSz == NONCE_SZ) {
        XMEMCPY(initialCounter, iv, ivSz);
@ -4270,6 +4286,12 @@ int  wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
    if (partial != 0) {
        IncrementGcmCounter(ctr);
        wc_AesEncrypt(aes, ctr, scratch);
+
+        /* check if pointer is null after main AES-GCM blocks
+         * helps static analysis */
+        if (p == NULL || c == NULL) {
+            return BAD_STATE_E;
+        }
        xorbuf(scratch, c, partial);
        XMEMCPY(p, scratch, partial);
    }
--- a/wolfcrypt/src/port/arm/armv8-sha256.c
+++ b/wolfcrypt/src/port/arm/armv8-sha256.c
@ -80,6 +80,10 @@ int wc_InitSha256(Sha256* sha256)
 {
    int ret = 0;

+    if (sha256 == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
    sha256->digest[0] = 0x6A09E667L;
    sha256->digest[1] = 0xBB67AE85L;
    sha256->digest[2] = 0x3C6EF372L;
@ -116,6 +120,8 @@ int wc_Sha256Update(Sha256* sha256, const byte* data, word32 len)
        return BAD_FUNC_ARG;
    }

+    /* only perform actions if a buffer is passed in */
+    if (len > 0) {
        /* fill leftover buffer with data */
        add = min(len, SHA256_BLOCK_SIZE - sha256->buffLen);
        XMEMCPY((byte*)(sha256->buffer) + sha256->buffLen, data, add);
@ -308,6 +314,11 @@ int wc_Sha256Update(Sha256* sha256, const byte* data, word32 len)
            XMEMCPY(sha256->buffer, data, add);
            sha256->buffLen = add;
        }
+    }
+
+    /* account for possiblity of not used if len = 0 */
+    (void)add;
+    (void)numBlocks;

    return 0;
 }
@ -672,6 +683,8 @@ int wc_Sha256Update(Sha256* sha256, const byte* data, word32 len)
        return BAD_FUNC_ARG;
    }

+    /* only perform actions if a buffer is passed in */
+    if (len > 0) {
        /* fill leftover buffer with data */
        add = min(len, SHA256_BLOCK_SIZE - sha256->buffLen);
        XMEMCPY((byte*)(sha256->buffer) + sha256->buffLen, data, add);
@ -882,6 +895,11 @@ int wc_Sha256Update(Sha256* sha256, const byte* data, word32 len)
            XMEMCPY(sha256->buffer, data, add);
            sha256->buffLen = add;
        }
+    }
+
+    /* account for possiblity of not used if len = 0 */
+    (void)add;
+    (void)numBlocks;

    return 0;
 }