From: Lukasz Pawelczyk <l.pawelczyk@samsung.com>
Date: Wed, 29 Jun 2016 11:43:09 +0000 (+0200)
Subject: Handle invalid params properly for simple sign/verify/cmac/hmac
X-Git-Tag: accepted/tizen/common/20160810.161523~36
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=87db6df29c3dd37d75cb3d059944a701b4c7f588;p=platform%2Fcore%2Fsecurity%2Fyaca.git

Handle invalid params properly for simple sign/verify/cmac/hmac

Change-Id: I86f0c4d3d1e7766b064fdba3822432569db1283c
---

diff --git a/src/simple.c b/src/simple.c
index f8f5537..f1ee20a 100644
--- a/src/simple.c
+++ b/src/simple.c
@@ -242,9 +242,11 @@ static int sign(const yaca_context_h ctx, const char *data, size_t data_len,
 	assert(signature != NULL);
 	assert(signature_len != NULL);
 
-	ret = yaca_sign_update(ctx, data, data_len);
-	if (ret != YACA_ERROR_NONE)
-		return ret;
+	if (data_len > 0) {
+		ret = yaca_sign_update(ctx, data, data_len);
+		if (ret != YACA_ERROR_NONE)
+			return ret;
+	}
 
 	ret = yaca_context_get_output_length(ctx, 0, signature_len);
 	if (ret != YACA_ERROR_NONE)
@@ -275,6 +277,10 @@ API int yaca_simple_calculate_signature(yaca_digest_algorithm_e algo,
 	int ret;
 	yaca_context_h ctx = YACA_CONTEXT_NULL;
 
+	if ((data == NULL && data_len > 0) || (data != NULL && data_len == 0) ||
+	    signature == NULL || signature_len == NULL)
+		return YACA_ERROR_INVALID_PARAMETER;
+
 	ret = yaca_sign_initialize(&ctx, algo, key);
 	if (ret != YACA_ERROR_NONE)
 		return ret;
@@ -296,13 +302,19 @@ API int yaca_simple_verify_signature(yaca_digest_algorithm_e algo,
 	int ret;
 	yaca_context_h ctx = YACA_CONTEXT_NULL;
 
+	if ((data == NULL && data_len > 0) || (data != NULL && data_len == 0) ||
+	    signature == NULL || signature_len == 0)
+		return YACA_ERROR_INVALID_PARAMETER;
+
 	ret = yaca_verify_initialize(&ctx, algo, key);
 	if (ret != YACA_ERROR_NONE)
 		return ret;
 
-	ret = yaca_verify_update(ctx, data, data_len);
-	if (ret != YACA_ERROR_NONE)
-		goto exit;
+	if (data_len > 0) {
+		ret = yaca_verify_update(ctx, data, data_len);
+		if (ret != YACA_ERROR_NONE)
+			goto exit;
+	}
 
 	ret = yaca_verify_finalize(ctx, signature, signature_len);
 
@@ -322,6 +334,10 @@ API int yaca_simple_calculate_hmac(yaca_digest_algorithm_e algo,
 	int ret;
 	yaca_context_h ctx = YACA_CONTEXT_NULL;
 
+	if ((data == NULL && data_len > 0) || (data != NULL && data_len == 0) ||
+	    mac == NULL || mac_len == NULL)
+		return YACA_ERROR_INVALID_PARAMETER;
+
 	ret = yaca_sign_initialize_hmac(&ctx, algo, key);
 	if (ret != YACA_ERROR_NONE)
 		return ret;
@@ -343,6 +359,10 @@ API int yaca_simple_calculate_cmac(yaca_encrypt_algorithm_e algo,
 	int ret;
 	yaca_context_h ctx = YACA_CONTEXT_NULL;
 
+	if ((data == NULL && data_len > 0) || (data != NULL && data_len == 0) ||
+	    mac == NULL || mac_len == NULL)
+		return YACA_ERROR_INVALID_PARAMETER;
+
 	ret = yaca_sign_initialize_cmac(&ctx, algo, key);
 	if (ret != YACA_ERROR_NONE)
 		return ret;