Skip to content

Commit d2e3fd0

Browse files
JeremiahM37JeremiahM37
committed
validate preconditions at public API boundary
1 parent 31278ee commit d2e3fd0

6 files changed

Lines changed: 20 additions & 1 deletion

File tree

wolfcrypt/src/cmac.c

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -71,6 +71,8 @@
7171
*/
7272
int wc_CMAC_Grow(Cmac* cmac, const byte* in, int inSz)
7373
{
74+
if ((cmac == NULL) || (in == NULL && inSz != 0))
75+
return BAD_FUNC_ARG;
7476
return _wc_Hash_Grow(&cmac->msg, &cmac->used, &cmac->len, in, inSz, cmac->aes.heap);
7577
}
7678
#endif /* WOLFSSL_HASH_KEEP */

wolfcrypt/src/curve25519.c

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -971,6 +971,9 @@ int wc_curve25519_export_private_raw_ex(curve25519_key* key, byte* out,
971971
if (key == NULL || out == NULL || outLen == NULL)
972972
return BAD_FUNC_ARG;
973973

974+
if (!key->privSet)
975+
return ECC_BAD_ARG_E;
976+
974977
/* check size of outgoing buffer */
975978
if (*outLen < CURVE25519_KEYSIZE) {
976979
*outLen = CURVE25519_KEYSIZE;

wolfcrypt/src/curve448.c

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -478,6 +478,10 @@ int wc_curve448_export_private_raw_ex(curve448_key* key, byte* out,
478478
ret = BAD_FUNC_ARG;
479479
}
480480

481+
if ((ret == 0) && (!key->privSet)) {
482+
ret = ECC_BAD_ARG_E;
483+
}
484+
481485
/* check size of outgoing buffer */
482486
if ((ret == 0) && (*outLen < CURVE448_KEY_SIZE)) {
483487
*outLen = CURVE448_KEY_SIZE;

wolfcrypt/src/ed25519.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1414,7 +1414,7 @@ int wc_ed25519_import_private_key(const byte* priv, word32 privSz,
14141414
int wc_ed25519_export_private_only(const ed25519_key* key, byte* out, word32* outLen)
14151415
{
14161416
/* sanity checks on arguments */
1417-
if (key == NULL || out == NULL || outLen == NULL)
1417+
if (key == NULL || !key->privKeySet || out == NULL || outLen == NULL)
14181418
return BAD_FUNC_ARG;
14191419

14201420
if (*outLen < ED25519_KEY_SIZE) {

wolfcrypt/src/ed448.c

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1266,6 +1266,10 @@ int wc_ed448_export_private_only(const ed448_key* key, byte* out, word32* outLen
12661266
ret = BAD_FUNC_ARG;
12671267
}
12681268

1269+
if ((ret == 0) && (!key->privKeySet)) {
1270+
ret = BAD_FUNC_ARG;
1271+
}
1272+
12691273
if ((ret == 0) && (*outLen < ED448_KEY_SIZE)) {
12701274
*outLen = ED448_KEY_SIZE;
12711275
ret = BUFFER_E;
@@ -1298,6 +1302,10 @@ int wc_ed448_export_private(const ed448_key* key, byte* out, word32* outLen)
12981302
ret = BAD_FUNC_ARG;
12991303
}
13001304

1305+
if ((ret == 0) && (!key->privKeySet)) {
1306+
ret = BAD_FUNC_ARG;
1307+
}
1308+
13011309
if ((ret == 0) && (*outLen < ED448_PRV_KEY_SIZE)) {
13021310
*outLen = ED448_PRV_KEY_SIZE;
13031311
ret = BUFFER_E;

wolfcrypt/src/rng_bank.c

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -883,6 +883,8 @@ WOLFSSL_API int wc_BankRef_Release(WC_RNG *rng)
883883
{
884884
int isZero = 0;
885885
int ret = 0;
886+
if (rng == NULL)
887+
return BAD_FUNC_ARG;
886888
if (rng->bankref == NULL)
887889
return BAD_FUNC_ARG;
888890
wolfSSL_RefDec(&rng->bankref->refcount, &isZero, &ret);

0 commit comments

Comments
 (0)