Skip to content

Commit a77e1ff

Browse files
JeremiahM37JeremiahM37
committed
reject non-block-aligned CBC cipher input
1 parent 362eda5 commit a77e1ff

3 files changed

Lines changed: 53 additions & 18 deletions

File tree

wolfcrypt/src/camellia.c

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -64,8 +64,7 @@
6464
#include <wolfcrypt/src/misc.c>
6565
#endif
6666

67-
/* u32 must be 32bit word */
68-
typedef unsigned int u32;
67+
typedef word32 u32;
6968
typedef unsigned char u8;
7069

7170
/* key constants */
@@ -1591,6 +1590,9 @@ int wc_CamelliaCbcEncrypt(wc_Camellia* cam, byte* out, const byte* in, word32 sz
15911590
if (cam == NULL || out == NULL || in == NULL) {
15921591
return BAD_FUNC_ARG;
15931592
}
1593+
if (sz % WC_CAMELLIA_BLOCK_SIZE != 0) {
1594+
return BAD_LENGTH_E;
1595+
}
15941596
blocks = sz / WC_CAMELLIA_BLOCK_SIZE;
15951597

15961598
while (blocks--) {
@@ -1613,6 +1615,9 @@ int wc_CamelliaCbcDecrypt(wc_Camellia* cam, byte* out, const byte* in, word32 sz
16131615
if (cam == NULL || out == NULL || in == NULL) {
16141616
return BAD_FUNC_ARG;
16151617
}
1618+
if (sz % WC_CAMELLIA_BLOCK_SIZE != 0) {
1619+
return BAD_LENGTH_E;
1620+
}
16161621
blocks = sz / WC_CAMELLIA_BLOCK_SIZE;
16171622

16181623
while (blocks--) {

wolfcrypt/src/des3.c

Lines changed: 32 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -1234,49 +1234,49 @@
12341234

12351235
int wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
12361236
{
1237-
word32 blocks = sz / DES_BLOCK_SIZE;
1238-
12391237
if (des == NULL || out == NULL || in == NULL)
12401238
return BAD_FUNC_ARG;
1239+
if (sz % DES_BLOCK_SIZE != 0)
1240+
return BAD_LENGTH_E;
12411241

12421242
return wc_Pic32DesCrypt(des->key, DES_KEYLEN, des->reg, DES_IVLEN,
1243-
out, in, (blocks * DES_BLOCK_SIZE),
1243+
out, in, sz,
12441244
PIC32_ENCRYPTION, PIC32_ALGO_DES, PIC32_CRYPTOALGO_CBC);
12451245
}
12461246

12471247
int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
12481248
{
1249-
word32 blocks = sz / DES_BLOCK_SIZE;
1250-
12511249
if (des == NULL || out == NULL || in == NULL)
12521250
return BAD_FUNC_ARG;
1251+
if (sz % DES_BLOCK_SIZE != 0)
1252+
return BAD_LENGTH_E;
12531253

12541254
return wc_Pic32DesCrypt(des->key, DES_KEYLEN, des->reg, DES_IVLEN,
1255-
out, in, (blocks * DES_BLOCK_SIZE),
1255+
out, in, sz,
12561256
PIC32_DECRYPTION, PIC32_ALGO_DES, PIC32_CRYPTOALGO_CBC);
12571257
}
12581258

12591259
int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
12601260
{
1261-
word32 blocks = sz / DES_BLOCK_SIZE;
1262-
12631261
if (des == NULL || out == NULL || in == NULL)
12641262
return BAD_FUNC_ARG;
1263+
if (sz % DES_BLOCK_SIZE != 0)
1264+
return BAD_LENGTH_E;
12651265

12661266
return wc_Pic32DesCrypt(des->key[0], DES3_KEYLEN, des->reg, DES3_IVLEN,
1267-
out, in, (blocks * DES_BLOCK_SIZE),
1267+
out, in, sz,
12681268
PIC32_ENCRYPTION, PIC32_ALGO_TDES, PIC32_CRYPTOALGO_TCBC);
12691269
}
12701270

12711271
int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz)
12721272
{
1273-
word32 blocks = sz / DES_BLOCK_SIZE;
1274-
12751273
if (des == NULL || out == NULL || in == NULL)
12761274
return BAD_FUNC_ARG;
1275+
if (sz % DES_BLOCK_SIZE != 0)
1276+
return BAD_LENGTH_E;
12771277

12781278
return wc_Pic32DesCrypt(des->key[0], DES3_KEYLEN, des->reg, DES3_IVLEN,
1279-
out, in, (blocks * DES_BLOCK_SIZE),
1279+
out, in, sz,
12801280
PIC32_DECRYPTION, PIC32_ALGO_TDES, PIC32_CRYPTOALGO_TCBC);
12811281
}
12821282

@@ -1734,12 +1734,17 @@
17341734

17351735
int wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
17361736
{
1737-
word32 blocks = sz / DES_BLOCK_SIZE;
1737+
word32 blocks;
17381738

17391739
if (des == NULL || out == NULL || in == NULL) {
17401740
return BAD_FUNC_ARG;
17411741
}
17421742

1743+
if (sz % DES_BLOCK_SIZE != 0) {
1744+
return BAD_LENGTH_E;
1745+
}
1746+
1747+
blocks = sz / DES_BLOCK_SIZE;
17431748
while (blocks--) {
17441749
xorbuf((byte*)des->reg, in, DES_BLOCK_SIZE);
17451750
DesProcessBlock(des, (byte*)des->reg, (byte*)des->reg);
@@ -1753,12 +1758,17 @@
17531758

17541759
int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
17551760
{
1756-
word32 blocks = sz / DES_BLOCK_SIZE;
1761+
word32 blocks;
17571762

17581763
if (des == NULL || out == NULL || in == NULL) {
17591764
return BAD_FUNC_ARG;
17601765
}
17611766

1767+
if (sz % DES_BLOCK_SIZE != 0) {
1768+
return BAD_LENGTH_E;
1769+
}
1770+
1771+
blocks = sz / DES_BLOCK_SIZE;
17621772
while (blocks--) {
17631773
XMEMCPY(des->tmp, in, DES_BLOCK_SIZE);
17641774
DesProcessBlock(des, (byte*)des->tmp, out);
@@ -1809,6 +1819,10 @@
18091819
}
18101820
#endif /* WOLFSSL_ASYNC_CRYPT */
18111821

1822+
if (sz % DES_BLOCK_SIZE != 0) {
1823+
return BAD_LENGTH_E;
1824+
}
1825+
18121826
blocks = sz / DES_BLOCK_SIZE;
18131827
while (blocks--) {
18141828
xorbuf((byte*)des->reg, in, DES_BLOCK_SIZE);
@@ -1860,6 +1874,10 @@
18601874
}
18611875
#endif /* WOLFSSL_ASYNC_CRYPT */
18621876

1877+
if (sz % DES_BLOCK_SIZE != 0) {
1878+
return BAD_LENGTH_E;
1879+
}
1880+
18631881
blocks = sz / DES_BLOCK_SIZE;
18641882
while (blocks--) {
18651883
XMEMCPY(des->tmp, in, DES_BLOCK_SIZE);

wolfcrypt/src/rc2.c

Lines changed: 14 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -279,7 +279,7 @@ int wc_Rc2EcbDecrypt(Rc2* rc2, byte* out, const byte* in, word32 sz)
279279
int wc_Rc2CbcEncrypt(Rc2* rc2, byte* out, const byte* in, word32 sz)
280280
{
281281
int ret;
282-
word32 blocks = (sz / RC2_BLOCK_SIZE);
282+
word32 blocks;
283283

284284
if (rc2 == NULL || out == NULL || in == NULL) {
285285
return BAD_FUNC_ARG;
@@ -289,6 +289,12 @@ int wc_Rc2CbcEncrypt(Rc2* rc2, byte* out, const byte* in, word32 sz)
289289
return 0;
290290
}
291291

292+
if (sz % RC2_BLOCK_SIZE != 0) {
293+
return BAD_LENGTH_E;
294+
}
295+
296+
blocks = sz / RC2_BLOCK_SIZE;
297+
292298
while (blocks--) {
293299
xorbuf((byte*)rc2->reg, in, RC2_BLOCK_SIZE);
294300
ret = wc_Rc2EcbEncrypt(rc2, (byte*)rc2->reg, (byte*)rc2->reg,
@@ -308,7 +314,7 @@ int wc_Rc2CbcEncrypt(Rc2* rc2, byte* out, const byte* in, word32 sz)
308314
int wc_Rc2CbcDecrypt(Rc2* rc2, byte* out, const byte* in, word32 sz)
309315
{
310316
int ret;
311-
word32 blocks = (sz / RC2_BLOCK_SIZE);
317+
word32 blocks;
312318

313319
if (rc2 == NULL || out == NULL || in == NULL) {
314320
return BAD_FUNC_ARG;
@@ -318,6 +324,12 @@ int wc_Rc2CbcDecrypt(Rc2* rc2, byte* out, const byte* in, word32 sz)
318324
return 0;
319325
}
320326

327+
if (sz % RC2_BLOCK_SIZE != 0) {
328+
return BAD_LENGTH_E;
329+
}
330+
331+
blocks = sz / RC2_BLOCK_SIZE;
332+
321333
while (blocks--) {
322334
XMEMCPY(rc2->tmp, in, RC2_BLOCK_SIZE);
323335
ret = wc_Rc2EcbDecrypt(rc2, out, (byte*)rc2->tmp, RC2_BLOCK_SIZE);

0 commit comments

Comments
 (0)