Skip to content

Commit 4fc6e7c

Browse files
ThePassionatexiaoxiang781216
ThePassionate
authored and
xiaoxiang781216
committed
mbedtls-alt/aes-alt: Illegal parameter detection for aes related functions
(1)aes-xts sets the key length to only 256 and 512 bits (2)when the key length of aes-xts is 512 bits, MAX_KEY_SIZE needs to be expanded to 64 bytes. (3)check invalid input length and mode Signed-off-by: makejian <[email protected]>
1 parent b05c967 commit 4fc6e7c

File tree

2 files changed

+82
-3
lines changed

2 files changed

+82
-3
lines changed

crypto/mbedtls/include/aes_alt.h

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,7 @@
3030
* Pre-processor Definitions
3131
****************************************************************************/
3232

33-
#define MAX_KEY_SIZE 36
33+
#define MAX_KEY_SIZE 64
3434

3535
typedef struct mbedtls_aes_context
3636
{

crypto/mbedtls/source/aes_alt.c

Lines changed: 81 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -51,6 +51,18 @@ int mbedtls_aes_setkey_enc(FAR mbedtls_aes_context *ctx,
5151
FAR const unsigned char *key,
5252
unsigned int keybits)
5353
{
54+
switch (keybits)
55+
{
56+
case 128:
57+
break;
58+
case 192:
59+
break;
60+
case 256:
61+
break;
62+
default:
63+
return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH;
64+
}
65+
5466
memcpy(ctx->key, key, keybits / 8);
5567
ctx->dev.session.key = (caddr_t)ctx->key;
5668
ctx->dev.session.keylen = keybits / 8;
@@ -74,6 +86,11 @@ int mbedtls_aes_crypt_ecb(FAR mbedtls_aes_context *ctx,
7486
int ret;
7587
unsigned char iv[16];
7688

89+
if (mode != MBEDTLS_AES_ENCRYPT && mode != MBEDTLS_AES_DECRYPT)
90+
{
91+
return MBEDTLS_ERR_AES_BAD_INPUT_DATA;
92+
}
93+
7794
ctx->dev.session.cipher = CRYPTO_AES_CBC;
7895
ret = cryptodev_get_session(&ctx->dev);
7996
if (ret != 0)
@@ -107,6 +124,16 @@ int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx,
107124
{
108125
int ret;
109126

127+
if (mode != MBEDTLS_AES_ENCRYPT && mode != MBEDTLS_AES_DECRYPT)
128+
{
129+
return MBEDTLS_ERR_AES_BAD_INPUT_DATA;
130+
}
131+
132+
if (length % 16)
133+
{
134+
return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
135+
}
136+
110137
ctx->dev.session.cipher = CRYPTO_AES_CBC;
111138
ret = cryptodev_get_session(&ctx->dev);
112139
if (ret != 0)
@@ -141,6 +168,11 @@ int mbedtls_aes_crypt_ctr(FAR mbedtls_aes_context *ctx,
141168
{
142169
int ret;
143170

171+
if (*nc_off > 0x0f)
172+
{
173+
return MBEDTLS_ERR_AES_BAD_INPUT_DATA;
174+
}
175+
144176
ctx->dev.session.cipher = CRYPTO_AES_CTR;
145177
memcpy(ctx->key + ctx->dev.session.keylen,
146178
nonce_counter, NONCE_LENGTH);
@@ -183,14 +215,22 @@ int mbedtls_aes_xts_setkey_enc(FAR mbedtls_aes_xts_context *ctx,
183215
FAR const unsigned char *key,
184216
unsigned int keybits)
185217
{
186-
return mbedtls_aes_setkey_enc(ctx, key, keybits);
218+
if (keybits != 256 && keybits != 512)
219+
{
220+
return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH;
221+
}
222+
223+
memcpy(ctx->key, key, keybits / 8);
224+
ctx->dev.session.key = (caddr_t)ctx->key;
225+
ctx->dev.session.keylen = keybits / 8;
226+
return 0;
187227
}
188228

189229
int mbedtls_aes_xts_setkey_dec(FAR mbedtls_aes_xts_context *ctx,
190230
FAR const unsigned char *key,
191231
unsigned int keybits)
192232
{
193-
return mbedtls_aes_setkey_dec(ctx, key, keybits);
233+
return mbedtls_aes_xts_setkey_enc(ctx, key, keybits);
194234
}
195235

196236
int mbedtls_aes_crypt_xts(FAR mbedtls_aes_xts_context *ctx,
@@ -203,6 +243,25 @@ int mbedtls_aes_crypt_xts(FAR mbedtls_aes_xts_context *ctx,
203243
int ret;
204244
unsigned char iv[16];
205245

246+
if (mode != MBEDTLS_AES_ENCRYPT && mode != MBEDTLS_AES_DECRYPT)
247+
{
248+
return MBEDTLS_ERR_AES_BAD_INPUT_DATA;
249+
}
250+
251+
/* Data units must be at least 16 bytes long. */
252+
253+
if (length < 16)
254+
{
255+
return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
256+
}
257+
258+
/* NIST SP 800-38E disallows data units larger than 2**20 blocks. */
259+
260+
if (length > (1 << 20) * 16)
261+
{
262+
return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
263+
}
264+
206265
ctx->dev.session.cipher = CRYPTO_AES_XTS;
207266
ret = cryptodev_get_session(&ctx->dev);
208267
if (ret != 0)
@@ -238,6 +297,16 @@ int mbedtls_aes_crypt_cfb128(FAR mbedtls_aes_context *ctx,
238297
{
239298
int ret;
240299

300+
if (mode != MBEDTLS_AES_ENCRYPT && mode != MBEDTLS_AES_DECRYPT)
301+
{
302+
return MBEDTLS_ERR_AES_BAD_INPUT_DATA;
303+
}
304+
305+
if (*iv_off > 15)
306+
{
307+
return MBEDTLS_ERR_AES_BAD_INPUT_DATA;
308+
}
309+
241310
ctx->dev.session.cipher = CRYPTO_AES_CFB_128;
242311
ret = cryptodev_get_session(&ctx->dev);
243312
if (ret != 0)
@@ -273,6 +342,11 @@ int mbedtls_aes_crypt_cfb8(FAR mbedtls_aes_context *ctx,
273342
{
274343
int ret;
275344

345+
if (mode != MBEDTLS_AES_ENCRYPT && mode != MBEDTLS_AES_DECRYPT)
346+
{
347+
return MBEDTLS_ERR_AES_BAD_INPUT_DATA;
348+
}
349+
276350
ctx->dev.session.cipher = CRYPTO_AES_CFB_8;
277351
ret = cryptodev_get_session(&ctx->dev);
278352
if (ret != 0)
@@ -306,6 +380,11 @@ int mbedtls_aes_crypt_ofb(FAR mbedtls_aes_context *ctx,
306380
{
307381
int ret;
308382

383+
if (*iv_off > 15)
384+
{
385+
return MBEDTLS_ERR_AES_BAD_INPUT_DATA;
386+
}
387+
309388
ctx->dev.session.cipher = CRYPTO_AES_OFB;
310389
ret = cryptodev_get_session(&ctx->dev);
311390
if (ret != 0)

0 commit comments

Comments
 (0)