Merge pull request #4760 from gilles-peskine-arm/ecb-alt-ret-3.0

Catch failures of mbedtls_aes_crypt_ecb and its DES equivalents
2025-07-28 00:21:48 +03:00 · 2021-10-14 12:11:20 +02:00
parent 1c66bf8061 2aefc9ef2e
commit 2bb5e9c973
12 changed files with 306 additions and 60 deletions
--- a/programs/pkey/dh_client.c
+++ b/programs/pkey/dh_client.c
@ -270,7 +270,9 @@ int main( void )
    mbedtls_printf( "...\n  . Receiving and decrypting the ciphertext" );
    fflush( stdout );

-    mbedtls_aes_setkey_dec( &aes, buf, 256 );
+    ret = mbedtls_aes_setkey_dec( &aes, buf, 256 );
+    if( ret != 0 )
+        goto exit;

    memset( buf, 0, sizeof( buf ) );

@ -280,7 +282,9 @@ int main( void )
        goto exit;
    }

-    mbedtls_aes_crypt_ecb( &aes, MBEDTLS_AES_DECRYPT, buf, buf );
+    ret = mbedtls_aes_crypt_ecb( &aes, MBEDTLS_AES_DECRYPT, buf, buf );
+    if( ret != 0 )
+        goto exit;
    buf[16] = '\0';
    mbedtls_printf( "\n  . Plaintext is \"%s\"\n\n", (char *) buf );

--- a/programs/pkey/dh_server.c
+++ b/programs/pkey/dh_server.c
@ -290,9 +290,13 @@ int main( void )
    mbedtls_printf( "...\n  . Encrypting and sending the ciphertext" );
    fflush( stdout );

-    mbedtls_aes_setkey_enc( &aes, buf, 256 );
+    ret = mbedtls_aes_setkey_enc( &aes, buf, 256 );
+    if( ret != 0 )
+        goto exit;
    memcpy( buf, PLAINTEXT, 16 );
-    mbedtls_aes_crypt_ecb( &aes, MBEDTLS_AES_ENCRYPT, buf, buf );
+    ret = mbedtls_aes_crypt_ecb( &aes, MBEDTLS_AES_ENCRYPT, buf, buf );
+    if( ret != 0 )
+        goto exit;

    if( ( ret = mbedtls_net_send( &client_fd, buf, 16 ) ) != 16 )
    {
--- a/programs/test/benchmark.c
+++ b/programs/test/benchmark.c
@ -674,7 +674,8 @@ int main( int argc, char *argv[] )
    {
        mbedtls_des3_context des3;
        mbedtls_des3_init( &des3 );
-        mbedtls_des3_set3key_enc( &des3, tmp );
+        if( mbedtls_des3_set3key_enc( &des3, tmp ) != 0 )
+            mbedtls_exit( 1 );
        TIME_AND_TSC( "3DES",
                mbedtls_des3_crypt_cbc( &des3, MBEDTLS_DES_ENCRYPT, BUFSIZE, tmp, buf, buf ) );
        mbedtls_des3_free( &des3 );
@ -684,7 +685,8 @@ int main( int argc, char *argv[] )
    {
        mbedtls_des_context des;
        mbedtls_des_init( &des );
-        mbedtls_des_setkey_enc( &des, tmp );
+        if( mbedtls_des_setkey_enc( &des, tmp ) != 0 )
+            mbedtls_exit( 1 );
        TIME_AND_TSC( "DES",
                mbedtls_des_crypt_cbc( &des, MBEDTLS_DES_ENCRYPT, BUFSIZE, tmp, buf, buf ) );
        mbedtls_des_free( &des );
@ -722,7 +724,7 @@ int main( int argc, char *argv[] )

            memset( buf, 0, sizeof( buf ) );
            memset( tmp, 0, sizeof( tmp ) );
-            mbedtls_aes_setkey_enc( &aes, tmp, keysize );
+            CHECK_AND_CONTINUE( mbedtls_aes_setkey_enc( &aes, tmp, keysize ) );

            TIME_AND_TSC( title,
                mbedtls_aes_crypt_cbc( &aes, MBEDTLS_AES_ENCRYPT, BUFSIZE, tmp, buf, buf ) );
@ -743,7 +745,7 @@ int main( int argc, char *argv[] )

            memset( buf, 0, sizeof( buf ) );
            memset( tmp, 0, sizeof( tmp ) );
-            mbedtls_aes_xts_setkey_enc( &ctx, tmp, keysize * 2 );
+            CHECK_AND_CONTINUE( mbedtls_aes_xts_setkey_enc( &ctx, tmp, keysize * 2 ) );

            TIME_AND_TSC( title,
                    mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, BUFSIZE,