commit 70edd689a8cc774e6359ebee982e0c8bcd504453
author Gilles Peskine <Gilles.Peskine@arm.com> Thu Dec 03 20:27:27 2020 +0100
committer Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Mon Dec 07 09:58:26 2020 +0100
tree 7890c9c91a92dbaa3ae58e463bf39bc80e77d3ff
parent b23e31d86ac58d160d1a236da4120d02800740c2

cipher_auth_xxcrypt(): fix some null pointer handling

Make sure that if a buffer is allowed to be empty, a null pointer is
accepted if the buffer length is 0. This was already the case for most
but not all arguments to mbedtls_cipher_auth_{en,de}crypt{,_ext}.

Make sure to pass NULL for an empty buffer in the tests.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

library/cipher.c

diff --git a/library/cipher.c b/library/cipher.c
index 44cba34..cf45446 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -1313,7 +1313,7 @@
 
         /* PSA Crypto API always writes the authentication tag
          * at the end of the encrypted message. */
-        if( tag != output + ilen )
+        if( output == NULL || tag != output + ilen )
             return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
 
         status = psa_aead_encrypt( cipher_psa->slot,
@@ -1393,7 +1393,7 @@
 
         /* PSA Crypto API always writes the authentication tag
          * at the end of the encrypted message. */
-        if( tag != input + ilen )
+        if( input == NULL || tag != input + ilen )
             return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
 
         status = psa_aead_decrypt( cipher_psa->slot,
@@ -1481,10 +1481,10 @@
                          unsigned char *tag, size_t tag_len )
 {
     CIPHER_VALIDATE_RET( ctx != NULL );
-    CIPHER_VALIDATE_RET( iv != NULL );
+    CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL );
     CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL );
     CIPHER_VALIDATE_RET( ilen == 0 || input != NULL );
-    CIPHER_VALIDATE_RET( output != NULL );
+    CIPHER_VALIDATE_RET( ilen == 0 || output != NULL );
     CIPHER_VALIDATE_RET( olen != NULL );
     CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL );
 
@@ -1515,10 +1515,10 @@
                          const unsigned char *tag, size_t tag_len )
 {
     CIPHER_VALIDATE_RET( ctx != NULL );
-    CIPHER_VALIDATE_RET( iv != NULL );
+    CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL );
     CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL );
     CIPHER_VALIDATE_RET( ilen == 0 || input != NULL );
-    CIPHER_VALIDATE_RET( output != NULL );
+    CIPHER_VALIDATE_RET( ilen == 0 || output != NULL );
     CIPHER_VALIDATE_RET( olen != NULL );
     CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL );
 
@@ -1552,7 +1552,7 @@
                          size_t *olen, size_t tag_len )
 {
     CIPHER_VALIDATE_RET( ctx != NULL );
-    CIPHER_VALIDATE_RET( iv != NULL );
+    CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL );
     CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL );
     CIPHER_VALIDATE_RET( ilen == 0 || input != NULL );
     CIPHER_VALIDATE_RET( output != NULL );
@@ -1601,7 +1601,7 @@
                          size_t *olen, size_t tag_len )
 {
     CIPHER_VALIDATE_RET( ctx != NULL );
-    CIPHER_VALIDATE_RET( iv != NULL );
+    CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL );
     CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL );
     CIPHER_VALIDATE_RET( ilen == 0 || input != NULL );
     CIPHER_VALIDATE_RET( output_len == 0 || output != NULL );