Skip to content

Commit 3175c33

Browse files
JeremiahM37JeremiahM37
committed
add NULL validation to KDF APIs
1 parent 625ea89 commit 3175c33

3 files changed

Lines changed: 40 additions & 5 deletions

File tree

wolfcrypt/src/hmac.c

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1590,6 +1590,10 @@ int wolfSSL_GetHmacMaxSize(void)
15901590
const byte* localSalt; /* either points to user input or tmp */
15911591
word32 hashSz;
15921592

1593+
if (out == NULL || (inKey == NULL && inKeySz > 0)) {
1594+
return BAD_FUNC_ARG;
1595+
}
1596+
15931597
ret = wc_HmacSizeByType(type);
15941598
if (ret < 0) {
15951599
return ret;

wolfcrypt/src/kdf.c

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1009,7 +1009,8 @@ int wc_SRTP_KDF(const byte* key, word32 keySz, const byte* salt, word32 saltSz,
10091009

10101010
/* Validate parameters. */
10111011
if ((key == NULL) || (keySz > AES_256_KEY_SIZE) || (salt == NULL) ||
1012-
(saltSz > WC_SRTP_MAX_SALT) || (kdrIdx < -1) || (kdrIdx > 24)) {
1012+
(saltSz > WC_SRTP_MAX_SALT) || (kdrIdx < -1) || (kdrIdx > 24) ||
1013+
((kdrIdx >= 0) && (idx == NULL))) {
10131014
ret = BAD_FUNC_ARG;
10141015
}
10151016

@@ -1103,7 +1104,8 @@ int wc_SRTCP_KDF_ex(const byte* key, word32 keySz, const byte* salt, word32 salt
11031104

11041105
/* Validate parameters. */
11051106
if ((key == NULL) || (keySz > AES_256_KEY_SIZE) || (salt == NULL) ||
1106-
(saltSz > WC_SRTP_MAX_SALT) || (kdrIdx < -1) || (kdrIdx > 24)) {
1107+
(saltSz > WC_SRTP_MAX_SALT) || (kdrIdx < -1) || (kdrIdx > 24) ||
1108+
((kdrIdx >= 0) && (idx == NULL))) {
11071109
ret = BAD_FUNC_ARG;
11081110
}
11091111

@@ -1194,7 +1196,7 @@ int wc_SRTP_KDF_label(const byte* key, word32 keySz, const byte* salt,
11941196
/* Validate parameters. */
11951197
if ((key == NULL) || (keySz > AES_256_KEY_SIZE) || (salt == NULL) ||
11961198
(saltSz > WC_SRTP_MAX_SALT) || (kdrIdx < -1) || (kdrIdx > 24) ||
1197-
(outKey == NULL)) {
1199+
(outKey == NULL) || ((kdrIdx >= 0) && (idx == NULL))) {
11981200
ret = BAD_FUNC_ARG;
11991201
}
12001202

@@ -1267,7 +1269,7 @@ int wc_SRTCP_KDF_label(const byte* key, word32 keySz, const byte* salt,
12671269
/* Validate parameters. */
12681270
if ((key == NULL) || (keySz > AES_256_KEY_SIZE) || (salt == NULL) ||
12691271
(saltSz > WC_SRTP_MAX_SALT) || (kdrIdx < -1) || (kdrIdx > 24) ||
1270-
(outKey == NULL)) {
1272+
(outKey == NULL) || ((kdrIdx >= 0) && (idx == NULL))) {
12711273
ret = BAD_FUNC_ARG;
12721274
}
12731275

wolfcrypt/test/test.c

Lines changed: 30 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31466,7 +31466,18 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hkdf_test(void)
3146631466
#endif /* !NO_SHA256 */
3146731467
#endif /* !NO_SHA || !NO_SHA256 */
3146831468

31469-
return ret;
31469+
#ifndef NO_SHA256
31470+
/* wc_HKDF_Extract bad arg: NULL out */
31471+
ret = wc_HKDF_Extract(WC_SHA256, NULL, 0, ikm1, (word32)sizeof(ikm1), NULL);
31472+
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
31473+
return WC_TEST_RET_ENC_EC(ret);
31474+
/* wc_HKDF_Extract bad arg: NULL inKey with non-zero inKeySz */
31475+
ret = wc_HKDF_Extract(WC_SHA256, NULL, 0, NULL, 5, okm1);
31476+
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
31477+
return WC_TEST_RET_ENC_EC(ret);
31478+
#endif /* !NO_SHA256 */
31479+
31480+
return 0;
3147031481
}
3147131482

3147231483
#endif /* HAVE_HKDF */
@@ -33402,6 +33413,24 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srtpkdf_test(void)
3340233413
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
3340333414
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
3340433415

33416+
/* kdrIdx >= 0 requires non-NULL idx. */
33417+
ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
33418+
0, NULL, keyE, tv[i].keSz, keyA, tv[i].kaSz, keyS, tv[i].ksSz);
33419+
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
33420+
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
33421+
ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
33422+
0, NULL, keyE, tv[i].keSz, keyA, tv[i].kaSz, keyS, tv[i].ksSz);
33423+
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
33424+
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
33425+
ret = wc_SRTP_KDF_label(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
33426+
0, NULL, WC_SRTP_LABEL_ENCRYPTION, keyE, tv[i].keSz);
33427+
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
33428+
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
33429+
ret = wc_SRTCP_KDF_label(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
33430+
0, NULL, WC_SRTCP_LABEL_ENCRYPTION, keyE, tv[i].keSz);
33431+
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
33432+
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
33433+
3340533434
ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
3340633435
tv[i].kdfIdx, tv[i].index, NULL, tv[i].keSz, keyA, tv[i].kaSz,
3340733436
keyS, tv[i].ksSz);

0 commit comments

Comments
 (0)