From 637ca44e6afd9682ac4345843df21366ce669ba8 Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Wed, 26 Jul 2017 11:05:20 -0600 Subject: [PATCH] update sanity checks with ARMv8 port --- wolfcrypt/src/port/arm/armv8-aes.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/wolfcrypt/src/port/arm/armv8-aes.c b/wolfcrypt/src/port/arm/armv8-aes.c index 9b46f2d8b..535239647 100644 --- a/wolfcrypt/src/port/arm/armv8-aes.c +++ b/wolfcrypt/src/port/arm/armv8-aes.c @@ -677,7 +677,8 @@ void wc_AesFree(Aes* aes) { word32 numBlocks = sz / AES_BLOCK_SIZE; - if (aes == NULL || out == NULL || (in == NULL && sz > 0)) { + if (aes == NULL || out == NULL || (in == NULL && sz > 0) + || sz % AES_BLOCK_SIZE != 0) { return BAD_FUNC_ARG; } @@ -2545,8 +2546,8 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz, return BAD_FUNC_ARG; } - if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) { - WOLFSSL_MSG("GcmEncrypt authTagSz too small error"); + if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ || authTagSz > AES_BLOCK_SIZE) { + WOLFSSL_MSG("GcmEncrypt authTagSz error"); return BAD_FUNC_ARG; } @@ -3269,7 +3270,8 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, { word32 numBlocks = sz / AES_BLOCK_SIZE; - if (aes == NULL || out == NULL || (in == NULL && sz > 0)) { + if (aes == NULL || out == NULL || (in == NULL && sz > 0) + || sz % AES_BLOCK_SIZE != 0) { return BAD_FUNC_ARG; } @@ -4193,6 +4195,11 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz, return BAD_FUNC_ARG; } + if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ || authTagSz > AES_BLOCK_SIZE) { + WOLFSSL_MSG("GcmEncrypt authTagSz error"); + return BAD_FUNC_ARG; + } + XMEMSET(initialCounter, 0, AES_BLOCK_SIZE); if (ivSz == NONCE_SZ) { XMEMCPY(initialCounter, iv, ivSz);