lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-01 10:06:53 +03:00
Code Activity

Merge pull request #6138 from Zaya-dyno/validation_remove_change_key_agree

Browse Source 
Validation remove change key agree
This commit is contained in:
Gilles Peskine
2022-09-23 17:04:20 +02:00
committed by GitHub
parent f70f4ead7f 7714368667
commit 12a1e85caa
3 changed files with 100 additions and 126 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
library/dhm.c
View File

@ -55,11 +55,6 @@
#if !defined(MBEDTLS_DHM_ALT) #if !defined(MBEDTLS_DHM_ALT)
#define DHM_VALIDATE_RET( cond ) \
MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_DHM_BAD_INPUT_DATA )
#define DHM_VALIDATE( cond ) \
MBEDTLS_INTERNAL_VALIDATE( cond )
/* /*
* helper to validate the mbedtls_mpi size and import it * helper to validate the mbedtls_mpi size and import it
*/ */
@ -120,7 +115,6 @@ cleanup:
void mbedtls_dhm_init( mbedtls_dhm_context *ctx ) void mbedtls_dhm_init( mbedtls_dhm_context *ctx )
{ {
DHM_VALIDATE( ctx != NULL );
memset( ctx, 0, sizeof( mbedtls_dhm_context ) ); memset( ctx, 0, sizeof( mbedtls_dhm_context ) );
} }
@ -173,9 +167,6 @@ int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx,
const unsigned char *end ) const unsigned char *end )
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
DHM_VALIDATE_RET( ctx != NULL );
DHM_VALIDATE_RET( p != NULL && *p != NULL );
DHM_VALIDATE_RET( end != NULL );
if( ( ret = dhm_read_bignum( &ctx->P, p, end ) ) != 0 || if( ( ret = dhm_read_bignum( &ctx->P, p, end ) ) != 0 ||
( ret = dhm_read_bignum( &ctx->G, p, end ) ) != 0 || ( ret = dhm_read_bignum( &ctx->G, p, end ) ) != 0 ||
@ -252,10 +243,6 @@ int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size,
int ret; int ret;
size_t n1, n2, n3; size_t n1, n2, n3;
unsigned char *p; unsigned char *p;
DHM_VALIDATE_RET( ctx != NULL );
DHM_VALIDATE_RET( output != NULL );
DHM_VALIDATE_RET( olen != NULL );
DHM_VALIDATE_RET( f_rng != NULL );
ret = dhm_make_common( ctx, x_size, f_rng, p_rng ); ret = dhm_make_common( ctx, x_size, f_rng, p_rng );
if( ret != 0 ) if( ret != 0 )
@ -300,9 +287,6 @@ int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx,
const mbedtls_mpi *G ) const mbedtls_mpi *G )
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
DHM_VALIDATE_RET( ctx != NULL );
DHM_VALIDATE_RET( P != NULL );
DHM_VALIDATE_RET( G != NULL );
if( ( ret = mbedtls_mpi_copy( &ctx->P, P ) ) != 0 || if( ( ret = mbedtls_mpi_copy( &ctx->P, P ) ) != 0 ||
( ret = mbedtls_mpi_copy( &ctx->G, G ) ) != 0 ) ( ret = mbedtls_mpi_copy( &ctx->G, G ) ) != 0 )
@ -320,8 +304,6 @@ int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx,
const unsigned char *input, size_t ilen ) const unsigned char *input, size_t ilen )
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
DHM_VALIDATE_RET( ctx != NULL );
DHM_VALIDATE_RET( input != NULL );
if( ilen < 1 || ilen > mbedtls_dhm_get_len( ctx ) ) if( ilen < 1 || ilen > mbedtls_dhm_get_len( ctx ) )
return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
@ -341,9 +323,6 @@ int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size,
void *p_rng ) void *p_rng )
{ {
int ret; int ret;
DHM_VALIDATE_RET( ctx != NULL );
DHM_VALIDATE_RET( output != NULL );
DHM_VALIDATE_RET( f_rng != NULL );
if( olen < 1 || olen > mbedtls_dhm_get_len( ctx ) ) if( olen < 1 || olen > mbedtls_dhm_get_len( ctx ) )
return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
@ -440,9 +419,6 @@ int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx,
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_mpi GYb; mbedtls_mpi GYb;
DHM_VALIDATE_RET( ctx != NULL );
DHM_VALIDATE_RET( output != NULL );
DHM_VALIDATE_RET( olen != NULL );
if( f_rng == NULL ) if( f_rng == NULL )
return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
@ -518,9 +494,6 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin,
mbedtls_pem_context pem; mbedtls_pem_context pem;
#endif /* MBEDTLS_PEM_PARSE_C */ #endif /* MBEDTLS_PEM_PARSE_C */
DHM_VALIDATE_RET( dhm != NULL );
DHM_VALIDATE_RET( dhmin != NULL );
#if defined(MBEDTLS_PEM_PARSE_C) #if defined(MBEDTLS_PEM_PARSE_C)
mbedtls_pem_init( &pem ); mbedtls_pem_init( &pem );
@ -667,8 +640,6 @@ int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path )
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t n; size_t n;
unsigned char *buf; unsigned char *buf;
DHM_VALIDATE_RET( dhm != NULL );
DHM_VALIDATE_RET( path != NULL );
if( ( ret = load_file( path, &buf, &n ) ) != 0 ) if( ( ret = load_file( path, &buf, &n ) ) != 0 )
return( ret ); return( ret );

111
library/rsa.c
View File

@ -74,19 +74,12 @@
#if !defined(MBEDTLS_RSA_ALT) #if !defined(MBEDTLS_RSA_ALT)
/* Parameter validation macros */
#define RSA_VALIDATE_RET( cond ) \
MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_RSA_BAD_INPUT_DATA )
#define RSA_VALIDATE( cond ) \
MBEDTLS_INTERNAL_VALIDATE( cond )
int mbedtls_rsa_import( mbedtls_rsa_context *ctx, int mbedtls_rsa_import( mbedtls_rsa_context *ctx,
const mbedtls_mpi *N, const mbedtls_mpi *N,
const mbedtls_mpi *P, const mbedtls_mpi *Q, const mbedtls_mpi *P, const mbedtls_mpi *Q,
const mbedtls_mpi *D, const mbedtls_mpi *E ) const mbedtls_mpi *D, const mbedtls_mpi *E )
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
RSA_VALIDATE_RET( ctx != NULL );
if( ( N != NULL && ( ret = mbedtls_mpi_copy( &ctx->N, N ) ) != 0 ) || if( ( N != NULL && ( ret = mbedtls_mpi_copy( &ctx->N, N ) ) != 0 ) ||
( P != NULL && ( ret = mbedtls_mpi_copy( &ctx->P, P ) ) != 0 ) || ( P != NULL && ( ret = mbedtls_mpi_copy( &ctx->P, P ) ) != 0 ) ||
@ -111,7 +104,6 @@ int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx,
unsigned char const *E, size_t E_len ) unsigned char const *E, size_t E_len )
{ {
int ret = 0; int ret = 0;
RSA_VALIDATE_RET( ctx != NULL );
if( N != NULL ) if( N != NULL )
{ {
@ -241,8 +233,6 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx )
#endif #endif
int n_missing, pq_missing, d_missing, is_pub, is_priv; int n_missing, pq_missing, d_missing, is_pub, is_priv;
RSA_VALIDATE_RET( ctx != NULL );
have_N = ( mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 ); have_N = ( mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 );
have_P = ( mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 ); have_P = ( mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 );
have_Q = ( mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 ); have_Q = ( mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 );
@ -345,7 +335,6 @@ int mbedtls_rsa_export_raw( const mbedtls_rsa_context *ctx,
{ {
int ret = 0; int ret = 0;
int is_priv; int is_priv;
RSA_VALIDATE_RET( ctx != NULL );
/* Check if key is private or public */ /* Check if key is private or public */
is_priv = is_priv =
@ -390,7 +379,6 @@ int mbedtls_rsa_export( const mbedtls_rsa_context *ctx,
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int is_priv; int is_priv;
RSA_VALIDATE_RET( ctx != NULL );
/* Check if key is private or public */ /* Check if key is private or public */
is_priv = is_priv =
@ -434,7 +422,6 @@ int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx,
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int is_priv; int is_priv;
RSA_VALIDATE_RET( ctx != NULL );
/* Check if key is private or public */ /* Check if key is private or public */
is_priv = is_priv =
@ -471,8 +458,6 @@ int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx,
*/ */
void mbedtls_rsa_init( mbedtls_rsa_context *ctx ) void mbedtls_rsa_init( mbedtls_rsa_context *ctx )
{ {
RSA_VALIDATE( ctx != NULL );
memset( ctx, 0, sizeof( mbedtls_rsa_context ) ); memset( ctx, 0, sizeof( mbedtls_rsa_context ) );
ctx->padding = MBEDTLS_RSA_PKCS_V15; ctx->padding = MBEDTLS_RSA_PKCS_V15;
@ -549,8 +534,6 @@ int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx,
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_mpi H, G, L; mbedtls_mpi H, G, L;
int prime_quality = 0; int prime_quality = 0;
RSA_VALIDATE_RET( ctx != NULL );
RSA_VALIDATE_RET( f_rng != NULL );
/* /*
* If the modulus is 1024 bit long or shorter, then the security strength of * If the modulus is 1024 bit long or shorter, then the security strength of
@ -663,8 +646,6 @@ cleanup:
*/ */
int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx ) int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx )
{ {
RSA_VALIDATE_RET( ctx != NULL );
if( rsa_check_context( ctx, 0 /* public */, 0 /* no blinding */ ) != 0 ) if( rsa_check_context( ctx, 0 /* public */, 0 /* no blinding */ ) != 0 )
return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
@ -688,8 +669,6 @@ int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx )
*/ */
int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx ) int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx )
{ {
RSA_VALIDATE_RET( ctx != NULL );
if( mbedtls_rsa_check_pubkey( ctx ) != 0 || if( mbedtls_rsa_check_pubkey( ctx ) != 0 ||
rsa_check_context( ctx, 1 /* private */, 1 /* blinding */ ) != 0 ) rsa_check_context( ctx, 1 /* private */, 1 /* blinding */ ) != 0 )
{ {
@ -719,9 +698,6 @@ int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx )
int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub, int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub,
const mbedtls_rsa_context *prv ) const mbedtls_rsa_context *prv )
{ {
RSA_VALIDATE_RET( pub != NULL );
RSA_VALIDATE_RET( prv != NULL );
if( mbedtls_rsa_check_pubkey( pub ) != 0 || if( mbedtls_rsa_check_pubkey( pub ) != 0 ||
mbedtls_rsa_check_privkey( prv ) != 0 ) mbedtls_rsa_check_privkey( prv ) != 0 )
{ {
@ -747,9 +723,6 @@ int mbedtls_rsa_public( mbedtls_rsa_context *ctx,
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t olen; size_t olen;
mbedtls_mpi T; mbedtls_mpi T;
RSA_VALIDATE_RET( ctx != NULL );
RSA_VALIDATE_RET( input != NULL );
RSA_VALIDATE_RET( output != NULL );
if( rsa_check_context( ctx, 0 /* public */, 0 /* no blinding */ ) ) if( rsa_check_context( ctx, 0 /* public */, 0 /* no blinding */ ) )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
@ -917,10 +890,6 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx,
* checked result; should be the same in the end. */ * checked result; should be the same in the end. */
mbedtls_mpi I, C; mbedtls_mpi I, C;
RSA_VALIDATE_RET( ctx != NULL );
RSA_VALIDATE_RET( input != NULL );
RSA_VALIDATE_RET( output != NULL );
if( f_rng == NULL ) if( f_rng == NULL )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
@ -1308,11 +1277,6 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
unsigned char *p = output; unsigned char *p = output;
unsigned int hlen; unsigned int hlen;
RSA_VALIDATE_RET( ctx != NULL );
RSA_VALIDATE_RET( output != NULL );
RSA_VALIDATE_RET( ilen == 0 || input != NULL );
RSA_VALIDATE_RET( label_len == 0 || label != NULL );
if( f_rng == NULL ) if( f_rng == NULL )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
@ -1374,10 +1338,6 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char *p = output; unsigned char *p = output;
RSA_VALIDATE_RET( ctx != NULL );
RSA_VALIDATE_RET( output != NULL );
RSA_VALIDATE_RET( ilen == 0 || input != NULL );
olen = ctx->len; olen = ctx->len;
/* first comparison checks for overflow */ /* first comparison checks for overflow */
@ -1426,10 +1386,6 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output )
{ {
RSA_VALIDATE_RET( ctx != NULL );
RSA_VALIDATE_RET( output != NULL );
RSA_VALIDATE_RET( ilen == 0 || input != NULL );
switch( ctx->padding ) switch( ctx->padding )
{ {
#if defined(MBEDTLS_PKCS1_V15) #if defined(MBEDTLS_PKCS1_V15)
@ -1469,12 +1425,6 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx,
unsigned char lhash[MBEDTLS_HASH_MAX_SIZE]; unsigned char lhash[MBEDTLS_HASH_MAX_SIZE];
unsigned int hlen; unsigned int hlen;
RSA_VALIDATE_RET( ctx != NULL );
RSA_VALIDATE_RET( output_max_len == 0 || output != NULL );
RSA_VALIDATE_RET( label_len == 0 || label != NULL );
RSA_VALIDATE_RET( input != NULL );
RSA_VALIDATE_RET( olen != NULL );
/* /*
* Parameters sanity checks * Parameters sanity checks
*/ */
@ -1595,11 +1545,6 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx,
size_t ilen; size_t ilen;
unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
RSA_VALIDATE_RET( ctx != NULL );
RSA_VALIDATE_RET( output_max_len == 0 || output != NULL );
RSA_VALIDATE_RET( input != NULL );
RSA_VALIDATE_RET( olen != NULL );
ilen = ctx->len; ilen = ctx->len;
if( ctx->padding != MBEDTLS_RSA_PKCS_V15 ) if( ctx->padding != MBEDTLS_RSA_PKCS_V15 )
@ -1634,11 +1579,6 @@ int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx,
unsigned char *output, unsigned char *output,
size_t output_max_len) size_t output_max_len)
{ {
RSA_VALIDATE_RET( ctx != NULL );
RSA_VALIDATE_RET( output_max_len == 0 || output != NULL );
RSA_VALIDATE_RET( input != NULL );
RSA_VALIDATE_RET( olen != NULL );
switch( ctx->padding ) switch( ctx->padding )
{ {
#if defined(MBEDTLS_PKCS1_V15) #if defined(MBEDTLS_PKCS1_V15)
@ -1676,11 +1616,8 @@ static int rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t msb; size_t msb;
RSA_VALIDATE_RET( ctx != NULL ); if( ( md_alg != MBEDTLS_MD_NONE || hashlen != 0 ) && hash == NULL )
RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
hashlen == 0 ) ||
hash != NULL );
RSA_VALIDATE_RET( sig != NULL );
if( ctx->padding != MBEDTLS_RSA_PKCS_V21 ) if( ctx->padding != MBEDTLS_RSA_PKCS_V21 )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
@ -1952,11 +1889,8 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx,
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char *sig_try = NULL, *verif = NULL; unsigned char *sig_try = NULL, *verif = NULL;
RSA_VALIDATE_RET( ctx != NULL ); if( ( md_alg != MBEDTLS_MD_NONE || hashlen != 0 ) && hash == NULL )
RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
hashlen == 0 ) ||
hash != NULL );
RSA_VALIDATE_RET( sig != NULL );
if( ctx->padding != MBEDTLS_RSA_PKCS_V15 ) if( ctx->padding != MBEDTLS_RSA_PKCS_V15 )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
@ -2020,11 +1954,8 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx,
const unsigned char *hash, const unsigned char *hash,
unsigned char *sig ) unsigned char *sig )
{ {
RSA_VALIDATE_RET( ctx != NULL ); if( ( md_alg != MBEDTLS_MD_NONE || hashlen != 0 ) && hash == NULL )
RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
hashlen == 0 ) ||
hash != NULL );
RSA_VALIDATE_RET( sig != NULL );
switch( ctx->padding ) switch( ctx->padding )
{ {
@ -2066,11 +1997,8 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
size_t observed_salt_len, msb; size_t observed_salt_len, msb;
unsigned char buf[MBEDTLS_MPI_MAX_SIZE] = {0}; unsigned char buf[MBEDTLS_MPI_MAX_SIZE] = {0};
RSA_VALIDATE_RET( ctx != NULL ); if( ( md_alg != MBEDTLS_MD_NONE || hashlen != 0 ) && hash == NULL )
RSA_VALIDATE_RET( sig != NULL ); return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE &&
hashlen == 0 ) ||
hash != NULL );
siglen = ctx->len; siglen = ctx->len;
@ -2165,11 +2093,8 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx,
const unsigned char *sig ) const unsigned char *sig )
{ {
mbedtls_md_type_t mgf1_hash_id; mbedtls_md_type_t mgf1_hash_id;
RSA_VALIDATE_RET( ctx != NULL ); if( ( md_alg != MBEDTLS_MD_NONE || hashlen != 0 ) && hash == NULL )
RSA_VALIDATE_RET( sig != NULL ); return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE &&
hashlen == 0 ) ||
hash != NULL );
mgf1_hash_id = ( ctx->hash_id != MBEDTLS_MD_NONE ) mgf1_hash_id = ( ctx->hash_id != MBEDTLS_MD_NONE )
? (mbedtls_md_type_t) ctx->hash_id ? (mbedtls_md_type_t) ctx->hash_id
@ -2198,11 +2123,8 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx,
size_t sig_len; size_t sig_len;
unsigned char *encoded = NULL, *encoded_expected = NULL; unsigned char *encoded = NULL, *encoded_expected = NULL;
RSA_VALIDATE_RET( ctx != NULL ); if( ( md_alg != MBEDTLS_MD_NONE || hashlen != 0 ) && hash == NULL )
RSA_VALIDATE_RET( sig != NULL ); return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE &&
hashlen == 0 ) ||
hash != NULL );
sig_len = ctx->len; sig_len = ctx->len;
@ -2267,11 +2189,8 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx,
const unsigned char *hash, const unsigned char *hash,
const unsigned char *sig ) const unsigned char *sig )
{ {
RSA_VALIDATE_RET( ctx != NULL ); if( ( md_alg != MBEDTLS_MD_NONE || hashlen != 0 ) && hash == NULL )
RSA_VALIDATE_RET( sig != NULL ); return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE &&
hashlen == 0 ) ||
hash != NULL );
switch( ctx->padding ) switch( ctx->padding )
{ {
@ -2298,8 +2217,6 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx,
int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src ) int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src )
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
RSA_VALIDATE_RET( dst != NULL );
RSA_VALIDATE_RET( src != NULL );
dst->len = src->len; dst->len = src->len;

86
tests/suites/test_suite_rsa.function
View File

@ -16,6 +16,8 @@ void rsa_invalid_param( )
mbedtls_rsa_context ctx; mbedtls_rsa_context ctx;
const int invalid_padding = 42; const int invalid_padding = 42;
const int invalid_hash_id = 0xff; const int invalid_hash_id = 0xff;
unsigned char buf[] = {0x00,0x01,0x02,0x03,0x04,0x05};
size_t buf_len = sizeof( buf );
mbedtls_rsa_init( &ctx ); mbedtls_rsa_init( &ctx );
@ -29,6 +31,28 @@ void rsa_invalid_param( )
invalid_hash_id ), invalid_hash_id ),
MBEDTLS_ERR_RSA_INVALID_PADDING ); MBEDTLS_ERR_RSA_INVALID_PADDING );
TEST_EQUAL( mbedtls_rsa_pkcs1_sign(&ctx, NULL,
NULL, MBEDTLS_MD_NONE,
buf_len,
NULL, buf),
MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
TEST_EQUAL( mbedtls_rsa_pkcs1_sign(&ctx, NULL,
NULL, MBEDTLS_MD_SHA256,
0,
NULL, buf),
MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
TEST_EQUAL( mbedtls_rsa_pkcs1_verify(&ctx, MBEDTLS_MD_NONE,
buf_len,
NULL, buf),
MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
TEST_EQUAL( mbedtls_rsa_pkcs1_verify(&ctx, MBEDTLS_MD_SHA256,
0,
NULL, buf),
MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
#if !defined(MBEDTLS_PKCS1_V15) #if !defined(MBEDTLS_PKCS1_V15)
TEST_EQUAL( mbedtls_rsa_set_padding( &ctx, TEST_EQUAL( mbedtls_rsa_set_padding( &ctx,
MBEDTLS_RSA_PKCS_V15, MBEDTLS_RSA_PKCS_V15,
@ -36,6 +60,32 @@ void rsa_invalid_param( )
MBEDTLS_ERR_RSA_INVALID_PADDING ); MBEDTLS_ERR_RSA_INVALID_PADDING );
#endif #endif
#if defined(MBEDTLS_PKCS1_V15)
TEST_EQUAL( mbedtls_rsa_rsassa_pkcs1_v15_sign(&ctx, NULL,
NULL, MBEDTLS_MD_NONE,
buf_len,
NULL, buf),
MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
TEST_EQUAL( mbedtls_rsa_rsassa_pkcs1_v15_sign(&ctx, NULL,
NULL, MBEDTLS_MD_SHA256,
0,
NULL, buf),
MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
TEST_EQUAL( mbedtls_rsa_rsassa_pkcs1_v15_verify(&ctx, MBEDTLS_MD_NONE,
buf_len,
NULL, buf),
MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
TEST_EQUAL( mbedtls_rsa_rsassa_pkcs1_v15_verify(&ctx, MBEDTLS_MD_SHA256,
0,
NULL, buf),
MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
#endif
#if !defined(MBEDTLS_PKCS1_V21) #if !defined(MBEDTLS_PKCS1_V21)
TEST_EQUAL( mbedtls_rsa_set_padding( &ctx, TEST_EQUAL( mbedtls_rsa_set_padding( &ctx,
MBEDTLS_RSA_PKCS_V21, MBEDTLS_RSA_PKCS_V21,
@ -43,6 +93,42 @@ void rsa_invalid_param( )
MBEDTLS_ERR_RSA_INVALID_PADDING ); MBEDTLS_ERR_RSA_INVALID_PADDING );
#endif #endif
#if defined(MBEDTLS_PKCS1_V21)
TEST_EQUAL( mbedtls_rsa_rsassa_pss_sign_ext(&ctx, NULL, NULL,
MBEDTLS_MD_NONE, buf_len,
NULL, buf_len,
buf ),
MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
TEST_EQUAL( mbedtls_rsa_rsassa_pss_sign_ext(&ctx, NULL, NULL,
MBEDTLS_MD_SHA256, 0,
NULL, buf_len,
buf ),
MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
TEST_EQUAL( mbedtls_rsa_rsassa_pss_verify_ext(&ctx, MBEDTLS_MD_NONE,
buf_len, NULL,
MBEDTLS_MD_NONE,
buf_len, buf),
MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
TEST_EQUAL( mbedtls_rsa_rsassa_pss_verify_ext(&ctx, MBEDTLS_MD_SHA256,
0, NULL,
MBEDTLS_MD_NONE,
buf_len, buf),
MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
TEST_EQUAL( mbedtls_rsa_rsassa_pss_verify(&ctx, MBEDTLS_MD_NONE,
buf_len,
NULL, buf),
MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
TEST_EQUAL( mbedtls_rsa_rsassa_pss_verify(&ctx, MBEDTLS_MD_SHA256,
0,
NULL, buf),
MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
#endif
exit: exit:
mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx );
} }