commit 2384f7febdc0e8ad7c1cc10c3ecd28ce7b7ac410
author Unknown <andrzej.kurek@mobica.com> Mon Dec 24 05:10:59 2018 -0500
committer Unknown <andrzej.kurek@mobica.com> Mon Dec 24 05:10:59 2018 -0500
tree dce764ba8328921f267e6c65aa18220d2ead4a27
parent b1ab2db1820672de91a2e65705a29ee412e1954c

cmac: improve parameter validation

Rename validation macro to adhere to standards.

library/cmac.c

diff --git a/library/cmac.c b/library/cmac.c
index 9b7e8bf..dee4dfe 100644
--- a/library/cmac.c
+++ b/library/cmac.c
@@ -68,9 +68,8 @@
 
 #if !defined(MBEDTLS_CMAC_ALT) || defined(MBEDTLS_SELF_TEST)
 
-#define MBEDTLS_CMAC_VALIDATE_RET(cond) \
+#define CMAC_VALIDATE_RET(cond) \
         MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA )
-#define MBEDTLS_CMAC_VALIDATE(cond)    MBEDTLS_INTERNAL_VALIDATE( cond )
 
 /*
  * Multiplication by u in the Galois field of GF(2^n)
@@ -210,9 +209,9 @@
     mbedtls_cmac_context_t *cmac_ctx;
     int retval;
 
-    MBEDTLS_CMAC_VALIDATE_RET( ctx != NULL );
-    MBEDTLS_CMAC_VALIDATE_RET( ctx->cipher_info != NULL );
-    MBEDTLS_CMAC_VALIDATE_RET( key != NULL );
+    CMAC_VALIDATE_RET( ctx != NULL );
+    CMAC_VALIDATE_RET( ctx->cipher_info != NULL );
+    CMAC_VALIDATE_RET( key != NULL );
 
     if( ( retval = mbedtls_cipher_setkey( ctx, key, (int)keybits,
                                           MBEDTLS_ENCRYPT ) ) != 0 )
@@ -252,9 +251,9 @@
     int ret = 0;
     size_t n, j, olen, block_size;
 
-    MBEDTLS_CMAC_VALIDATE_RET( ctx != NULL );
-    MBEDTLS_CMAC_VALIDATE_RET( ctx->cipher_info != NULL );
-    MBEDTLS_CMAC_VALIDATE_RET( input != NULL );
+    CMAC_VALIDATE_RET( ctx != NULL );
+    CMAC_VALIDATE_RET( ctx->cipher_info != NULL );
+    CMAC_VALIDATE_RET( ilen == 0 || input != NULL );
 
     cmac_ctx = ctx->cmac_ctx;
     block_size = ctx->cipher_info->block_size;
@@ -323,9 +322,9 @@
     int ret;
     size_t olen, block_size;
 
-    MBEDTLS_CMAC_VALIDATE_RET( ctx != NULL );
-    MBEDTLS_CMAC_VALIDATE_RET( ctx->cipher_info != NULL );
-    MBEDTLS_CMAC_VALIDATE_RET( ctx->cmac_ctx != NULL );
+    CMAC_VALIDATE_RET( ctx != NULL );
+    CMAC_VALIDATE_RET( ctx->cipher_info != NULL );
+    CMAC_VALIDATE_RET( ctx->cmac_ctx != NULL );
 
     cmac_ctx = ctx->cmac_ctx;
     block_size = ctx->cipher_info->block_size;
@@ -377,9 +376,9 @@
 {
     mbedtls_cmac_context_t* cmac_ctx;
 
-    MBEDTLS_CMAC_VALIDATE_RET( ctx != NULL );
-    MBEDTLS_CMAC_VALIDATE_RET( ctx->cipher_info != NULL );
-    MBEDTLS_CMAC_VALIDATE_RET( ctx->cmac_ctx != NULL );
+    CMAC_VALIDATE_RET( ctx != NULL );
+    CMAC_VALIDATE_RET( ctx->cipher_info != NULL );
+    CMAC_VALIDATE_RET( ctx->cmac_ctx != NULL );
 
     cmac_ctx = ctx->cmac_ctx;
 
@@ -401,10 +400,10 @@
     mbedtls_cipher_context_t ctx;
     int ret;
 
-    MBEDTLS_CMAC_VALIDATE_RET( cipher_info != NULL );
-    MBEDTLS_CMAC_VALIDATE_RET( key != NULL );
-    MBEDTLS_CMAC_VALIDATE_RET( input != NULL );
-    MBEDTLS_CMAC_VALIDATE_RET( output != NULL );
+    CMAC_VALIDATE_RET( cipher_info != NULL );
+    CMAC_VALIDATE_RET( key != NULL );
+    CMAC_VALIDATE_RET( ilen == 0 || input != NULL );
+    CMAC_VALIDATE_RET( output != NULL );
 
     mbedtls_cipher_init( &ctx );
 
@@ -440,9 +439,9 @@
     unsigned char zero_key[MBEDTLS_AES_BLOCK_SIZE];
     unsigned char int_key[MBEDTLS_AES_BLOCK_SIZE];
 
-	MBEDTLS_CMAC_VALIDATE_RET( key != NULL );
-	MBEDTLS_CMAC_VALIDATE_RET( input != NULL );
-	MBEDTLS_CMAC_VALIDATE_RET( output != NULL );
+	CMAC_VALIDATE_RET( key != NULL );
+	CMAC_VALIDATE_RET( in_len == 0 || input != NULL );
+	CMAC_VALIDATE_RET( output != NULL );
 
     cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB );
     if( cipher_info == NULL )