From 3a25faea6015aac4a86b5355d2162f46ce439023 Mon Sep 17 00:00:00 2001 From: Sean Parkinson Date: Tue, 25 Aug 2020 09:50:51 +1000 Subject: [PATCH] AES-CBC check for input size of 0 Don't need to do anything when size is 0. --- tests/api.c | 21 +++++++++++++++++++++ wolfcrypt/src/aes.c | 20 ++++++++++++++------ 2 files changed, 35 insertions(+), 6 deletions(-) diff --git a/tests/api.c b/tests/api.c index 774a33296..5b9c97afc 100644 --- a/tests/api.c +++ b/tests/api.c @@ -11934,6 +11934,7 @@ static int test_wc_AesCbcEncryptDecrypt (void) int cbcD = WOLFSSL_FATAL_ERROR; int cbcDWK = WOLFSSL_FATAL_ERROR; byte dec2[sizeof(vector)]; + int i; /* Init stack variables. */ XMEMSET(enc, 0, sizeof(enc)); @@ -11989,6 +11990,16 @@ static int test_wc_AesCbcEncryptDecrypt (void) cbcE = WOLFSSL_FATAL_ERROR; } } + if (cbcE == 0) { + /* Test passing in size of 0 */ + XMEMSET(enc, 0, sizeof(enc)); + cbcE = wc_AesCbcEncrypt(&aes, enc, vector, 0); + if (cbcE == 0) { + /* Check enc was not modified */ + for (i = 0; i < (int)sizeof(enc); i++) + cbcE |= enc[0]; + } + } printf(resultFmt, cbcE == 0 ? passed : failed); if (cbcE != 0) { wc_AesFree(&aes); @@ -12013,6 +12024,16 @@ static int test_wc_AesCbcEncryptDecrypt (void) cbcD = WOLFSSL_FATAL_ERROR; } } + if (cbcD == 0) { + /* Test passing in size of 0 */ + XMEMSET(dec, 0, sizeof(dec)); + cbcD = wc_AesCbcDecrypt(&aes, dec, enc, 0); + if (cbcD == 0) { + /* Check dec was not modified */ + for (i = 0; i < (int)sizeof(dec); i++) + cbcD |= dec[0]; + } + } printf(resultFmt, cbcD == 0 ? passed : failed); if (cbcD != 0) { wc_AesFree(&aes); diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index 865a5a807..69e457dbc 100644 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -2925,7 +2925,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv) #elif defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES) - + /* Allow direct access to one block encrypt */ void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in) { @@ -3538,6 +3538,10 @@ int wc_AesSetIV(Aes* aes, const byte* iv) return BAD_FUNC_ARG; } + if (sz == 0) { + return 0; + } + #ifdef WOLF_CRYPTO_CB if (aes->devId != INVALID_DEVID) { int ret = wc_CryptoCb_AesCbcEncrypt(aes, out, in, sz); @@ -3637,6 +3641,10 @@ int wc_AesSetIV(Aes* aes, const byte* iv) return BAD_FUNC_ARG; } + if (sz == 0) { + return 0; + } + #ifdef WOLF_CRYPTO_CB if (aes->devId != INVALID_DEVID) { int ret = wc_CryptoCb_AesCbcDecrypt(aes, out, in, sz); @@ -3897,7 +3905,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv) #elif defined(WOLFSSL_DEVCRYPTO_AES) /* implemented in wolfcrypt/src/port/devcrypt/devcrypto_aes.c */ - + #elif defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES) /* esp32 doesn't support CRT mode by hw. */ @@ -7628,7 +7636,7 @@ int wc_AesEcbEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) if ((in == NULL) || (out == NULL) || (aes == NULL)) return BAD_FUNC_ARG; - return AES_ECB_encrypt(aes, in, out, sz); + return AES_ECB_encrypt(aes, in, out, sz); } @@ -7637,7 +7645,7 @@ int wc_AesEcbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz) if ((in == NULL) || (out == NULL) || (aes == NULL)) return BAD_FUNC_ARG; - return AES_ECB_decrypt(aes, in, out, sz); + return AES_ECB_decrypt(aes, in, out, sz); } #else @@ -7649,7 +7657,7 @@ int wc_AesEcbEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) if ((in == NULL) || (out == NULL) || (aes == NULL)) return BAD_FUNC_ARG; - while (blocks>0) { + while (blocks > 0) { wc_AesEncryptDirect(aes, out, in); out += AES_BLOCK_SIZE; in += AES_BLOCK_SIZE; @@ -7666,7 +7674,7 @@ int wc_AesEcbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz) if ((in == NULL) || (out == NULL) || (aes == NULL)) return BAD_FUNC_ARG; - while (blocks>0) { + while (blocks > 0) { wc_AesDecryptDirect(aes, out, in); out += AES_BLOCK_SIZE; in += AES_BLOCK_SIZE;