commit 1aca2605713e3242f72297932409dd58ecfb782f
author Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Wed Dec 12 12:56:55 2018 +0100
committer Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Tue Dec 18 12:22:40 2018 +0100
tree 60836a74ca52c0d64b4f107cab032b6c9bdca79f
parent 68e3dff3f1924f308610d32253eb34ccb78ba8be

Add parameter validation for mbedtls_aes_crypt_ecb()

include/mbedtls/aes.h

diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h
index 197d4db..90d5bba 100644
--- a/include/mbedtls/aes.h
+++ b/include/mbedtls/aes.h
@@ -246,10 +246,13 @@
  *                 call to this API with the same context.
  *
  * \param ctx      The AES context to use for encryption or decryption.
+ *                 It must be initialized and bound to a key.
  * \param mode     The AES operation: #MBEDTLS_AES_ENCRYPT or
  *                 #MBEDTLS_AES_DECRYPT.
- * \param input    The 16-Byte buffer holding the input data.
- * \param output   The 16-Byte buffer holding the output data.
+ * \param input    The buffer holding the input data.
+ *                 It must be readable and at least 16 Bytes long.
+ * \param output   The buffer where the output data will be written.
+ *                 It must be writeable and at least 16 Bytes long.
 
  * \return         \c 0 on success.
  */

library/aes.c

diff --git a/library/aes.c b/library/aes.c
index 4d9a56a..9f20744 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -1006,6 +1006,12 @@
                     const unsigned char input[16],
                     unsigned char output[16] )
 {
+    AES_VALIDATE_RET( ctx != NULL );
+    AES_VALIDATE_RET( input != NULL );
+    AES_VALIDATE_RET( output != NULL );
+    AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT ||
+                      mode == MBEDTLS_AES_DECRYPT );
+
 #if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
     if( mbedtls_aesni_has_support( MBEDTLS_AESNI_AES ) )
         return( mbedtls_aesni_crypt_ecb( ctx, mode, input, output ) );

tests/suites/test_suite_aes.function

diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function
index 576e5be..0d0e515 100644
--- a/tests/suites/test_suite_aes.function
+++ b/tests/suites/test_suite_aes.function
@@ -379,6 +379,8 @@
     mbedtls_aes_xts_context xts_ctx;
 #endif
     const unsigned char key[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 };
+    const unsigned char in[16] = { 0 };
+    unsigned char out[16];
 
     TEST_INVALID_PARAM( mbedtls_aes_init( NULL ) );
 #if defined(MBEDTLS_CIPHER_MODE_XTS)
@@ -406,6 +408,20 @@
     TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
                             mbedtls_aes_xts_setkey_dec( &xts_ctx, NULL, 128 ) );
 #endif
+
+
+    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                            mbedtls_aes_crypt_ecb( NULL,
+                                                   MBEDTLS_AES_ENCRYPT, in, out ) );
+    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                            mbedtls_aes_crypt_ecb( &aes_ctx,
+                                                   42, in, out ) );
+    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                            mbedtls_aes_crypt_ecb( &aes_ctx,
+                                                   MBEDTLS_AES_ENCRYPT, NULL, out ) );
+    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                            mbedtls_aes_crypt_ecb( &aes_ctx,
+                                                   MBEDTLS_AES_ENCRYPT, in, NULL ) );
 }
 /* END_CASE */