wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 02:37:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

AES-CCM: allow null payload buffers in wc_AesCcmEncrypt() and wc_AesCcmDecrypt() when inSz is zero, and add to aesccm_test() a test for this, tolerating early BAD_FUNC_ARG (for FIPS and arch-specific 3rd party code), and a test for the zero-length string, that must succeed.

Browse Source
This commit is contained in:
Daniel Pouzzner
2021-02-04 22:48:00 -06:00
parent dda4c3b3c4
commit b8a019dedd
2 changed files with 50 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
wolfcrypt/src/aes.c
View File

@ -7640,7 +7640,7 @@ int wc_AesCcmCheckTagSize(int sz)
/* implemented in wolfcrypt/src/port/caam_aes.c */ /* implemented in wolfcrypt/src/port/caam_aes.c */
#elif defined(WOLFSSL_SILABS_SE_ACCEL) #elif defined(WOLFSSL_SILABS_SE_ACCEL)
/* implemented in wolfcrypt/src/port/silabs/silabs_hash.c */ /* implemented in wolfcrypt/src/port/silabs/silabs_aes.c */
int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz, int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
const byte* nonce, word32 nonceSz, const byte* nonce, word32 nonceSz,
byte* authTag, word32 authTagSz, byte* authTag, word32 authTagSz,
@ -7679,6 +7679,10 @@ int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
status_t status; status_t status;
/* sanity check on arguments */ /* sanity check on arguments */
/* note, LTC_AES_EncryptTagCcm() doesn't allow null src or dst
* ptrs even if inSz is zero (ltc_aes_ccm_check_input_args()), so
* don't allow it here either.
*/
if (aes == NULL || out == NULL || in == NULL || nonce == NULL if (aes == NULL || out == NULL || in == NULL || nonce == NULL
|| authTag == NULL || nonceSz < 7 || nonceSz > 13) { || authTag == NULL || nonceSz < 7 || nonceSz > 13) {
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
@ -7879,7 +7883,7 @@ int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
const word32 wordSz = (word32)sizeof(word32); const word32 wordSz = (word32)sizeof(word32);
/* sanity check on arguments */ /* sanity check on arguments */
if (aes == NULL || out == NULL || in == NULL || nonce == NULL if (aes == NULL || (inSz != 0 && (in == NULL || out == NULL)) || nonce == NULL
|| authTag == NULL || nonceSz < 7 || nonceSz > 13 || || authTag == NULL || nonceSz < 7 || nonceSz > 13 ||
authTagSz > AES_BLOCK_SIZE) authTagSz > AES_BLOCK_SIZE)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
@ -7981,7 +7985,7 @@ int wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
const word32 wordSz = (word32)sizeof(word32); const word32 wordSz = (word32)sizeof(word32);
/* sanity check on arguments */ /* sanity check on arguments */
if (aes == NULL || out == NULL || in == NULL || nonce == NULL if (aes == NULL || (inSz != 0 && (in == NULL || out == NULL)) || nonce == NULL
|| authTag == NULL || nonceSz < 7 || nonceSz > 13 || || authTag == NULL || nonceSz < 7 || nonceSz > 13 ||
authTagSz > AES_BLOCK_SIZE) authTagSz > AES_BLOCK_SIZE)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
@ -8075,7 +8079,8 @@ int wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
defined(ACVP_VECTOR_TESTING) defined(ACVP_VECTOR_TESTING)
WOLFSSL_MSG("Preserve output for vector responses"); WOLFSSL_MSG("Preserve output for vector responses");
#else #else
XMEMSET(out, 0, inSz); if (inSz > 0)
XMEMSET(out, 0, inSz);
#endif #endif
result = AES_CCM_AUTH_E; result = AES_CCM_AUTH_E;
} }

41
wolfcrypt/test/test.c
View File

@ -10233,6 +10233,12 @@ WOLFSSL_TEST_SUBROUTINE int aesccm_test(void)
0x89, 0xd8, 0xd2, 0x02, 0xc5, 0xcf, 0xae, 0xf4 0x89, 0xd8, 0xd2, 0x02, 0xc5, 0xcf, 0xae, 0xf4
}; };
/* tag - authentication - empty plaintext */
WOLFSSL_SMALL_STACK_STATIC const byte t_empty[] =
{
0xe4, 0x28, 0x8a, 0xc3, 0x78, 0x00, 0x0f, 0xf5
};
byte t2[sizeof(t)]; byte t2[sizeof(t)];
byte p2[sizeof(p)]; byte p2[sizeof(p)];
byte c2[sizeof(c)]; byte c2[sizeof(c)];
@ -10240,6 +10246,7 @@ WOLFSSL_TEST_SUBROUTINE int aesccm_test(void)
byte pl2[sizeof(pl)]; byte pl2[sizeof(pl)];
byte cl2[sizeof(cl)]; byte cl2[sizeof(cl)];
byte tl2[sizeof(tl)]; byte tl2[sizeof(tl)];
byte t_empty2[sizeof(t_empty)];
int result; int result;
@ -10343,6 +10350,40 @@ WOLFSSL_TEST_SUBROUTINE int aesccm_test(void)
if (XMEMCMP(pl, pl2, sizeof(pl2))) if (XMEMCMP(pl, pl2, sizeof(pl2)))
ERROR_OUT(-6520, out); ERROR_OUT(-6520, out);
/* test empty message as null input and output --
* must work, or fail early with BAD_FUNC_ARG.
*/
result = wc_AesCcmEncrypt(enc, NULL /* out */, NULL /* in */, 0 /* inSz */,
iv, sizeof(iv), t_empty2, sizeof(t_empty2),
a, sizeof(a));
if (result != BAD_FUNC_ARG) {
if (result != 0)
ERROR_OUT(-6521, out);
if (XMEMCMP(t_empty, t_empty2, sizeof(t_empty2)))
ERROR_OUT(-6522, out);
result = wc_AesCcmDecrypt(enc, NULL /* out */, NULL /* in */,
0 /* inSz */, iv, sizeof(iv), t_empty2,
sizeof(t_empty2), a, sizeof(a));
if (result != 0)
ERROR_OUT(-6523, out);
}
/* test empty message as zero-length string -- must work. */
result = wc_AesCcmEncrypt(enc, pl2, (const byte *)"", 0 /* inSz */, iv,
sizeof(iv), t_empty2, sizeof(t_empty2), a,
sizeof(a));
if (result != 0)
ERROR_OUT(-6524, out);
if (XMEMCMP(t_empty, t_empty2, sizeof(t_empty2)))
ERROR_OUT(-6525, out);
result = wc_AesCcmDecrypt(enc, pl2, (const byte *)"", 0 /* inSz */,
iv, sizeof(iv), t_empty2, sizeof(t_empty2), a,
sizeof(a));
if (result != 0)
ERROR_OUT(-6526, out);
ret = 0; ret = 0;
out: out: