cmac: add parameter validation
Improve documentation o
diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h
index 7f989a0..f0316e5 100644
--- a/include/mbedtls/cmac.h
+++ b/include/mbedtls/cmac.h
@@ -77,7 +77,8 @@
* as one of the following types: MBEDTLS_CIPHER_AES_128_ECB,
* MBEDTLS_CIPHER_AES_192_ECB, MBEDTLS_CIPHER_AES_256_ECB,
* or MBEDTLS_CIPHER_DES_EDE3_ECB.
- * \param key The CMAC key. This must not be \c NULL.
+ * \param key The CMAC key. This must be a readable buffer of length
+ * \p keybits Bits.
* \param keybits The length of the CMAC key in bits.
* Must be supported by the cipher.
*
@@ -97,7 +98,9 @@
*
* \param ctx The cipher context used for the CMAC operation.
* This must be initialized.
- * \param input The buffer holding the input data. This must not be \c NULL.
+ * \param input The buffer holding the input data. This must be a
+ * readable buffer of length \p ilen Bytes. It may be
+ * \c NULL if ilen == 0.
* \param ilen The length of the input data.
*
* \return \c 0 on success.
@@ -158,9 +161,12 @@
* \param cipher_info The cipher information. This must not be \c NULL.
* \param key The CMAC key. This must not be \c NULL.
* \param keylen The length of the CMAC key in bits.
- * \param input The buffer holding the input data. This must not be \c NULL.
+ * \param input The buffer holding the input data. This must be a
+ * readable buffer of length \p ilen Bytes. It may be
+ * \c NULL if ilen == 0.
* \param ilen The length of the input data.
- * \param output The buffer for the generic CMAC result. This must not be \c NULL.
+ * \param output The buffer for the generic CMAC result.
+ * This must not be \c NULL.
*
* \return \c 0 on success.
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA
diff --git a/library/cmac.c b/library/cmac.c
index 5d101e1..9b7e8bf 100644
--- a/library/cmac.c
+++ b/library/cmac.c
@@ -68,6 +68,10 @@
#if !defined(MBEDTLS_CMAC_ALT) || defined(MBEDTLS_SELF_TEST)
+#define MBEDTLS_CMAC_VALIDATE_RET(cond) \
+ MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA )
+#define MBEDTLS_CMAC_VALIDATE(cond) MBEDTLS_INTERNAL_VALIDATE( cond )
+
/*
* Multiplication by u in the Galois field of GF(2^n)
*
@@ -206,8 +210,9 @@
mbedtls_cmac_context_t *cmac_ctx;
int retval;
- if( ctx == NULL || ctx->cipher_info == NULL || key == NULL )
- return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ MBEDTLS_CMAC_VALIDATE_RET( ctx != NULL );
+ MBEDTLS_CMAC_VALIDATE_RET( ctx->cipher_info != NULL );
+ MBEDTLS_CMAC_VALIDATE_RET( key != NULL );
if( ( retval = mbedtls_cipher_setkey( ctx, key, (int)keybits,
MBEDTLS_ENCRYPT ) ) != 0 )
@@ -247,9 +252,9 @@
int ret = 0;
size_t n, j, olen, block_size;
- if( ctx == NULL || ctx->cipher_info == NULL || input == NULL ||
- ctx->cmac_ctx == NULL )
- return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ MBEDTLS_CMAC_VALIDATE_RET( ctx != NULL );
+ MBEDTLS_CMAC_VALIDATE_RET( ctx->cipher_info != NULL );
+ MBEDTLS_CMAC_VALIDATE_RET( input != NULL );
cmac_ctx = ctx->cmac_ctx;
block_size = ctx->cipher_info->block_size;
@@ -318,9 +323,9 @@
int ret;
size_t olen, block_size;
- if( ctx == NULL || ctx->cipher_info == NULL || ctx->cmac_ctx == NULL ||
- output == NULL )
- return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ MBEDTLS_CMAC_VALIDATE_RET( ctx != NULL );
+ MBEDTLS_CMAC_VALIDATE_RET( ctx->cipher_info != NULL );
+ MBEDTLS_CMAC_VALIDATE_RET( ctx->cmac_ctx != NULL );
cmac_ctx = ctx->cmac_ctx;
block_size = ctx->cipher_info->block_size;
@@ -372,8 +377,9 @@
{
mbedtls_cmac_context_t* cmac_ctx;
- if( ctx == NULL || ctx->cipher_info == NULL || ctx->cmac_ctx == NULL )
- return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ MBEDTLS_CMAC_VALIDATE_RET( ctx != NULL );
+ MBEDTLS_CMAC_VALIDATE_RET( ctx->cipher_info != NULL );
+ MBEDTLS_CMAC_VALIDATE_RET( ctx->cmac_ctx != NULL );
cmac_ctx = ctx->cmac_ctx;
@@ -395,8 +401,10 @@
mbedtls_cipher_context_t ctx;
int ret;
- if( cipher_info == NULL || key == NULL || input == NULL || output == NULL )
- return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ MBEDTLS_CMAC_VALIDATE_RET( cipher_info != NULL );
+ MBEDTLS_CMAC_VALIDATE_RET( key != NULL );
+ MBEDTLS_CMAC_VALIDATE_RET( input != NULL );
+ MBEDTLS_CMAC_VALIDATE_RET( output != NULL );
mbedtls_cipher_init( &ctx );
@@ -432,8 +440,9 @@
unsigned char zero_key[MBEDTLS_AES_BLOCK_SIZE];
unsigned char int_key[MBEDTLS_AES_BLOCK_SIZE];
- if( key == NULL || input == NULL || output == NULL )
- return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ MBEDTLS_CMAC_VALIDATE_RET( key != NULL );
+ MBEDTLS_CMAC_VALIDATE_RET( input != NULL );
+ MBEDTLS_CMAC_VALIDATE_RET( output != NULL );
cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB );
if( cipher_info == NULL )
diff --git a/tests/suites/test_suite_cmac.function b/tests/suites/test_suite_cmac.function
index cabf107..a74e86a 100644
--- a/tests/suites/test_suite_cmac.function
+++ b/tests/suites/test_suite_cmac.function
@@ -15,7 +15,7 @@
}
/* END_CASE */
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
void mbedtls_cmac_null_args( )
{
mbedtls_cipher_context_t ctx;
@@ -27,71 +27,56 @@
mbedtls_cipher_init( &ctx );
/* Test NULL cipher info */
- TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, test_data, 16 ) ==
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ TEST_INVALID_PARAM( mbedtls_cipher_cmac_update( &ctx, test_data, 16 ) );
cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB );
- TEST_ASSERT( mbedtls_cipher_setup( &ctx, cipher_info ) == 0 );
+ TEST_ASSERT( mbedtls_cipher_setup( &ctx, cipher_info ) == 0 );
- TEST_ASSERT( mbedtls_cipher_cmac_starts( NULL, test_key, 128 ) ==
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ TEST_INVALID_PARAM( mbedtls_cipher_cmac_starts( NULL, test_key, 128 ) );
- TEST_ASSERT( mbedtls_cipher_cmac_starts( &ctx, NULL, 128 ) ==
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ TEST_INVALID_PARAM( mbedtls_cipher_cmac_starts( &ctx, NULL, 128 ) );
- TEST_ASSERT( mbedtls_cipher_cmac_update( NULL, test_data, 16 ) ==
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ TEST_INVALID_PARAM( mbedtls_cipher_cmac_update( NULL, test_data, 16 ) );
- TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, NULL, 16 ) ==
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ TEST_INVALID_PARAM( mbedtls_cipher_cmac_update( &ctx, NULL, 16 ) );
- TEST_ASSERT( mbedtls_cipher_cmac_finish( NULL, test_output ) ==
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ TEST_INVALID_PARAM( mbedtls_cipher_cmac_finish( NULL, test_output ) );
- TEST_ASSERT( mbedtls_cipher_cmac_finish( &ctx, NULL ) ==
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ TEST_INVALID_PARAM( mbedtls_cipher_cmac_finish( &ctx, NULL ) );
- TEST_ASSERT( mbedtls_cipher_cmac_reset( NULL ) ==
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ TEST_INVALID_PARAM( mbedtls_cipher_cmac_reset( NULL ) );
- TEST_ASSERT( mbedtls_cipher_cmac( NULL,
+ TEST_INVALID_PARAM( mbedtls_cipher_cmac( NULL,
test_key, 128,
test_data, 16,
- test_output ) ==
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ test_output ) );
- TEST_ASSERT( mbedtls_cipher_cmac( cipher_info,
+ TEST_INVALID_PARAM( mbedtls_cipher_cmac( cipher_info,
NULL, 128,
test_data, 16,
- test_output ) ==
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ test_output ) );
- TEST_ASSERT( mbedtls_cipher_cmac( cipher_info,
+ TEST_INVALID_PARAM( mbedtls_cipher_cmac( cipher_info,
test_key, 128,
NULL, 16,
- test_output ) ==
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ test_output ) );
- TEST_ASSERT( mbedtls_cipher_cmac( cipher_info,
+ TEST_INVALID_PARAM( mbedtls_cipher_cmac( cipher_info,
test_key, 128,
test_data, 16,
- NULL ) ==
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ NULL ) );
- TEST_ASSERT( mbedtls_aes_cmac_prf_128( NULL, 16,
+ TEST_INVALID_PARAM( mbedtls_aes_cmac_prf_128( NULL, 16,
test_data, 16,
- test_output ) ==
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ test_output ) );
- TEST_ASSERT( mbedtls_aes_cmac_prf_128( test_key, 16,
+ TEST_INVALID_PARAM( mbedtls_aes_cmac_prf_128( test_key, 16,
NULL, 16,
- test_output ) ==
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ test_output ) );
- TEST_ASSERT( mbedtls_aes_cmac_prf_128( test_key, 16,
+ TEST_INVALID_PARAM( mbedtls_aes_cmac_prf_128( test_key, 16,
test_data, 16,
- NULL ) ==
- MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ NULL ) );
exit:
mbedtls_cipher_free( &ctx );