From 0b4bda3f29f7501b5b2c2f88981cd3d3a91ea678 Mon Sep 17 00:00:00 2001 From: Songling Han Date: Wed, 18 Sep 2024 02:35:29 +0000 Subject: [PATCH] Add NULL check or SHA2 Signed-off-by: Songling Han --- src/common/sha2/sha2.c | 81 +++++++++++++++++------- src/common/sha2/sha2_armv8.c | 33 ++++++++++ src/common/sha2/sha2_c.c | 118 ++++++++++++++++++++++++++++++++--- src/common/sha2/sha2_impl.c | 94 +++++++++++++++++++--------- src/common/sha2/sha2_ossl.c | 61 +++++++++++++----- 5 files changed, 315 insertions(+), 72 deletions(-) diff --git a/src/common/sha2/sha2.c b/src/common/sha2/sha2.c index b34e61273e..47788c7e71 100644 --- a/src/common/sha2/sha2.c +++ b/src/common/sha2/sha2.c @@ -7,82 +7,121 @@ static struct OQS_SHA2_callbacks *callbacks = &sha2_default_callbacks; OQS_API void OQS_SHA2_set_callbacks(struct OQS_SHA2_callbacks *new_callbacks) { - callbacks = new_callbacks; + if (new_callbacks != NULL) { + callbacks = new_callbacks; + } } void OQS_SHA2_sha256_inc_init(OQS_SHA2_sha256_ctx *state) { - callbacks->SHA2_sha256_inc_init(state); + if (state != NULL && callbacks != NULL && callbacks->SHA2_sha256_inc_init != NULL) { + callbacks->SHA2_sha256_inc_init(state); + } } void OQS_SHA2_sha256_inc_ctx_clone(OQS_SHA2_sha256_ctx *dest, const OQS_SHA2_sha256_ctx *src) { - callbacks->SHA2_sha256_inc_ctx_clone(dest, src); + if (dest != NULL && src != NULL && callbacks != NULL && callbacks->SHA2_sha256_inc_ctx_clone != NULL) { + callbacks->SHA2_sha256_inc_ctx_clone(dest, src); + } } void OQS_SHA2_sha256_inc_blocks(OQS_SHA2_sha256_ctx *state, const uint8_t *in, size_t inblocks) { - callbacks->SHA2_sha256_inc_blocks(state, in, inblocks); + if (state != NULL && in != NULL && callbacks != NULL && callbacks->SHA2_sha256_inc_blocks != NULL) { + callbacks->SHA2_sha256_inc_blocks(state, in, inblocks); + } } void OQS_SHA2_sha256_inc(OQS_SHA2_sha256_ctx *state, const uint8_t *in, size_t len) { - callbacks->SHA2_sha256_inc(state, in, len); + if (state != NULL && in != NULL && callbacks != NULL && callbacks->SHA2_sha256_inc != NULL) { + callbacks->SHA2_sha256_inc(state, in, len); + } } void OQS_SHA2_sha256_inc_finalize(uint8_t *out, OQS_SHA2_sha256_ctx *state, const uint8_t *in, size_t inlen) { - callbacks->SHA2_sha256_inc_finalize(out, state, in, inlen); + if (out != NULL && state != NULL && in != NULL && callbacks != NULL && callbacks->SHA2_sha256_inc_finalize != NULL) { + callbacks->SHA2_sha256_inc_finalize(out, state, in, inlen); + } } void OQS_SHA2_sha256_inc_ctx_release(OQS_SHA2_sha256_ctx *state) { - callbacks->SHA2_sha256_inc_ctx_release(state); + if (state != NULL && callbacks != NULL && callbacks->SHA2_sha256_inc_ctx_release != NULL) { + callbacks->SHA2_sha256_inc_ctx_release(state); + } } void OQS_SHA2_sha384_inc_init(OQS_SHA2_sha384_ctx *state) { - callbacks->SHA2_sha384_inc_init(state); + if (state != NULL && callbacks != NULL && callbacks->SHA2_sha384_inc_init != NULL) { + callbacks->SHA2_sha384_inc_init(state); + } } void OQS_SHA2_sha384_inc_ctx_clone(OQS_SHA2_sha384_ctx *dest, const OQS_SHA2_sha384_ctx *src) { - callbacks->SHA2_sha384_inc_ctx_clone(dest, src); + if (dest != NULL && src != NULL && callbacks != NULL && callbacks->SHA2_sha384_inc_ctx_clone != NULL) { + callbacks->SHA2_sha384_inc_ctx_clone(dest, src); + } } void OQS_SHA2_sha384_inc_blocks(OQS_SHA2_sha384_ctx *state, const uint8_t *in, size_t inblocks) { - callbacks->SHA2_sha384_inc_blocks(state, in, inblocks); + if (state != NULL && in != NULL && callbacks != NULL && callbacks->SHA2_sha384_inc_blocks != NULL) { + callbacks->SHA2_sha384_inc_blocks(state, in, inblocks); + } } void OQS_SHA2_sha384_inc_finalize(uint8_t *out, OQS_SHA2_sha384_ctx *state, const uint8_t *in, size_t inlen) { - callbacks->SHA2_sha384_inc_finalize(out, state, in, inlen); + if (out != NULL && state != NULL && in != NULL && callbacks != NULL && callbacks->SHA2_sha384_inc_finalize != NULL) { + callbacks->SHA2_sha384_inc_finalize(out, state, in, inlen); + } } void OQS_SHA2_sha384_inc_ctx_release(OQS_SHA2_sha384_ctx *state) { - callbacks->SHA2_sha384_inc_ctx_release(state); + if (state != NULL && callbacks != NULL && callbacks->SHA2_sha384_inc_ctx_release != NULL) { + callbacks->SHA2_sha384_inc_ctx_release(state); + } } void OQS_SHA2_sha512_inc_init(OQS_SHA2_sha512_ctx *state) { - callbacks->SHA2_sha512_inc_init(state); + if (state != NULL && callbacks != NULL && callbacks->SHA2_sha512_inc_init != NULL) { + callbacks->SHA2_sha512_inc_init(state); + } } void OQS_SHA2_sha512_inc_ctx_clone(OQS_SHA2_sha512_ctx *dest, const OQS_SHA2_sha512_ctx *src) { - callbacks->SHA2_sha512_inc_ctx_clone(dest, src); + if (dest != NULL && src != NULL && callbacks != NULL && callbacks->SHA2_sha512_inc_ctx_clone != NULL) { + callbacks->SHA2_sha512_inc_ctx_clone(dest, src); + } } void OQS_SHA2_sha512_inc_blocks(OQS_SHA2_sha512_ctx *state, const uint8_t *in, size_t inblocks) { - callbacks->SHA2_sha512_inc_blocks(state, in, inblocks); + if (state != NULL && in != NULL && callbacks != NULL && callbacks->SHA2_sha512_inc_blocks != NULL) { + callbacks->SHA2_sha512_inc_blocks(state, in, inblocks); + } } void OQS_SHA2_sha512_inc_finalize(uint8_t *out, OQS_SHA2_sha512_ctx *state, const uint8_t *in, size_t inlen) { - callbacks->SHA2_sha512_inc_finalize(out, state, in, inlen); + if (out != NULL && state != NULL && in != NULL && callbacks != NULL && callbacks->SHA2_sha512_inc_finalize != NULL) { + callbacks->SHA2_sha512_inc_finalize(out, state, in, inlen); + } } void OQS_SHA2_sha512_inc_ctx_release(OQS_SHA2_sha512_ctx *state) { - callbacks->SHA2_sha512_inc_ctx_release(state); + if (state != NULL && callbacks != NULL && callbacks->SHA2_sha512_inc_ctx_release != NULL) { + callbacks->SHA2_sha512_inc_ctx_release(state); + } } void OQS_SHA2_sha256(uint8_t *out, const uint8_t *in, size_t inlen) { - callbacks->SHA2_sha256(out, in, inlen); + if (out != NULL && in != NULL && callbacks != NULL && callbacks->SHA2_sha256 != NULL) { + callbacks->SHA2_sha256(out, in, inlen); + } } void OQS_SHA2_sha384(uint8_t *out, const uint8_t *in, size_t inlen) { - callbacks->SHA2_sha384(out, in, inlen); + if (out != NULL && in != NULL && callbacks != NULL && callbacks->SHA2_sha384 != NULL) { + callbacks->SHA2_sha384(out, in, inlen); + } } void OQS_SHA2_sha512(uint8_t *out, const uint8_t *in, size_t inlen) { - callbacks->SHA2_sha512(out, in, inlen); + if (out != NULL && in != NULL && callbacks != NULL && callbacks->SHA2_sha512 != NULL) { + callbacks->SHA2_sha512(out, in, inlen); + } } - diff --git a/src/common/sha2/sha2_armv8.c b/src/common/sha2/sha2_armv8.c index 65ea6750c3..24f3001d0a 100644 --- a/src/common/sha2/sha2_armv8.c +++ b/src/common/sha2/sha2_armv8.c @@ -171,6 +171,10 @@ static size_t crypto_hashblocks_sha256_armv8(uint8_t *statebytes, void oqs_sha2_sha256_inc_finalize_armv8(uint8_t *out, sha256ctx *state, const uint8_t *in, size_t inlen) { uint8_t padded[128]; + if (state == NULL || out == NULL) { + return; + } + size_t new_inlen = state->data_len + inlen; size_t tmp_len = new_inlen; const uint8_t *new_in; @@ -181,6 +185,9 @@ void oqs_sha2_sha256_inc_finalize_armv8(uint8_t *out, sha256ctx *state, const ui } else { // Combine incremental data with final input tmp_in = OQS_MEM_checked_malloc(tmp_len); + if (tmp_in == NULL) { + return; + } memcpy(tmp_in, state->data, state->data_len); if (in && inlen) { @@ -238,6 +245,10 @@ void oqs_sha2_sha256_inc_finalize_armv8(uint8_t *out, sha256ctx *state, const ui } void oqs_sha2_sha224_inc_finalize_armv8(uint8_t *out, sha224ctx *state, const uint8_t *in, size_t inlen) { + if (out == NULL || state == NULL) { + return; + } + uint8_t tmp[32]; oqs_sha2_sha256_inc_finalize_armv8(tmp, (sha256ctx *)state, in, inlen); @@ -247,6 +258,10 @@ void oqs_sha2_sha224_inc_finalize_armv8(uint8_t *out, sha224ctx *state, const ui } void oqs_sha2_sha256_inc_blocks_armv8(sha256ctx *state, const uint8_t *in, size_t inblocks) { + if (state == NULL || in == NULL) { + return; + } + uint64_t bytes = load_bigendian_64(state->ctx + 32); const uint8_t *new_in; size_t buf_len = 64 * inblocks; @@ -255,6 +270,9 @@ void oqs_sha2_sha256_inc_blocks_armv8(sha256ctx *state, const uint8_t *in, size_ /* Process any existing incremental data first */ if (state->data_len) { tmp_in = OQS_MEM_checked_malloc(buf_len); + if (tmp_in == NULL) { + return; + } memcpy(tmp_in, state->data, state->data_len); memcpy(tmp_in + state->data_len, in, buf_len - state->data_len); @@ -274,6 +292,10 @@ void oqs_sha2_sha256_inc_blocks_armv8(sha256ctx *state, const uint8_t *in, size_ } void oqs_sha2_sha256_inc_armv8(sha256ctx *state, const uint8_t *in, size_t len) { + if (state == NULL || in == NULL) { + return; + } + while (len) { size_t incr = 64 - state->data_len; if (incr > len) { @@ -304,10 +326,17 @@ void oqs_sha2_sha256_inc_armv8(sha256ctx *state, const uint8_t *in, size_t len) } void oqs_sha2_sha224_inc_blocks_armv8(sha224ctx *state, const uint8_t *in, size_t inblocks) { + if (state == NULL || in == NULL) { + return; + } oqs_sha2_sha256_inc_blocks_armv8((sha256ctx *)state, in, inblocks); } void oqs_sha2_sha256_armv8(uint8_t *out, const uint8_t *in, size_t inlen) { + if (out == NULL || in == NULL) { + return; + } + sha256ctx state; oqs_sha2_sha256_inc_init_c(&state); @@ -315,6 +344,10 @@ void oqs_sha2_sha256_armv8(uint8_t *out, const uint8_t *in, size_t inlen) { } void oqs_sha2_sha224_armv8(uint8_t *out, const uint8_t *in, size_t inlen) { + if (out == NULL || in == NULL) { + return; + } + sha224ctx state; oqs_sha2_sha224_inc_init_c(&state); diff --git a/src/common/sha2/sha2_c.c b/src/common/sha2/sha2_c.c index 5ead4c1ee7..61035b3433 100644 --- a/src/common/sha2/sha2_c.c +++ b/src/common/sha2/sha2_c.c @@ -17,11 +17,17 @@ #include static uint32_t load_bigendian_32(const uint8_t *x) { + if (x == NULL) { + return 0; + } return (uint32_t)(x[3]) | (((uint32_t)(x[2])) << 8) | (((uint32_t)(x[1])) << 16) | (((uint32_t)(x[0])) << 24); } static uint64_t load_bigendian_64(const uint8_t *x) { + if (x == NULL) { + return 0; + } return (uint64_t)(x[7]) | (((uint64_t)(x[6])) << 8) | (((uint64_t)(x[5])) << 16) | (((uint64_t)(x[4])) << 24) | (((uint64_t)(x[3])) << 32) | (((uint64_t)(x[2])) << 40) | @@ -29,6 +35,9 @@ static uint64_t load_bigendian_64(const uint8_t *x) { } static void store_bigendian_32(uint8_t *x, uint64_t u) { + if (x == NULL) { + return; + } x[3] = (uint8_t) u; u >>= 8; x[2] = (uint8_t) u; @@ -39,6 +48,9 @@ static void store_bigendian_32(uint8_t *x, uint64_t u) { } static void store_bigendian_64(uint8_t *x, uint64_t u) { + if (x == NULL) { + return; + } x[7] = (uint8_t) u; u >>= 8; x[6] = (uint8_t) u; @@ -292,9 +304,12 @@ static size_t crypto_hashblocks_sha256_c(uint8_t *statebytes, return inlen; } - static size_t crypto_hashblocks_sha512_c(uint8_t *statebytes, const uint8_t *in, size_t inlen) { + if (statebytes == NULL || in == NULL) { + return 0; + } + uint64_t state[8]; uint64_t a; uint64_t b; @@ -500,9 +515,11 @@ static const uint8_t iv_512[64] = { 0x2b, 0x3e, 0x6c, 0x1f, 0x1f, 0x83, 0xd9, 0xab, 0xfb, 0x41, 0xbd, 0x6b, 0x5b, 0xe0, 0xcd, 0x19, 0x13, 0x7e, 0x21, 0x79 }; - void oqs_sha2_sha224_inc_init_c(sha224ctx *state) { state->ctx = OQS_MEM_checked_malloc(PQC_SHA256CTX_BYTES); + if (state->ctx == NULL) { + return; + } for (size_t i = 0; i < 32; ++i) { state->ctx[i] = iv_224[i]; @@ -517,6 +534,9 @@ void oqs_sha2_sha224_inc_init_c(sha224ctx *state) { void oqs_sha2_sha256_inc_init_c(sha256ctx *state) { state->data_len = 0; state->ctx = OQS_MEM_checked_malloc(PQC_SHA256CTX_BYTES); + if (state->ctx == NULL) { + return; + } for (size_t i = 0; i < 32; ++i) { state->ctx[i] = iv_256[i]; @@ -530,6 +550,9 @@ void oqs_sha2_sha256_inc_init_c(sha256ctx *state) { void oqs_sha2_sha384_inc_init_c(sha384ctx *state) { state->ctx = OQS_MEM_checked_malloc(PQC_SHA512CTX_BYTES); + if (state->ctx == NULL) { + return; + } for (size_t i = 0; i < 64; ++i) { state->ctx[i] = iv_384[i]; @@ -543,6 +566,9 @@ void oqs_sha2_sha384_inc_init_c(sha384ctx *state) { void oqs_sha2_sha512_inc_init_c(sha512ctx *state) { state->ctx = OQS_MEM_checked_malloc(PQC_SHA512CTX_BYTES); + if (state->ctx == NULL) { + return; + } for (size_t i = 0; i < 64; ++i) { state->ctx[i] = iv_512[i]; @@ -556,6 +582,9 @@ void oqs_sha2_sha512_inc_init_c(sha512ctx *state) { void oqs_sha2_sha224_inc_ctx_clone_c(sha224ctx *stateout, const sha224ctx *statein) { stateout->ctx = OQS_MEM_checked_malloc(PQC_SHA256CTX_BYTES); + if (stateout->ctx == NULL) { + return; + } stateout->data_len = statein->data_len; memcpy(stateout->data, statein->data, 128); @@ -564,6 +593,9 @@ void oqs_sha2_sha224_inc_ctx_clone_c(sha224ctx *stateout, const sha224ctx *state void oqs_sha2_sha256_inc_ctx_clone_c(sha256ctx *stateout, const sha256ctx *statein) { stateout->ctx = OQS_MEM_checked_malloc(PQC_SHA256CTX_BYTES); + if (stateout->ctx == NULL) { + return; + } stateout->data_len = statein->data_len; memcpy(stateout->data, statein->data, 128); @@ -572,6 +604,9 @@ void oqs_sha2_sha256_inc_ctx_clone_c(sha256ctx *stateout, const sha256ctx *state void oqs_sha2_sha384_inc_ctx_clone_c(sha384ctx *stateout, const sha384ctx *statein) { stateout->ctx = OQS_MEM_checked_malloc(PQC_SHA512CTX_BYTES); + if (stateout->ctx == NULL) { + return; + } stateout->data_len = statein->data_len; memcpy(stateout->data, statein->data, 128); @@ -580,6 +615,9 @@ void oqs_sha2_sha384_inc_ctx_clone_c(sha384ctx *stateout, const sha384ctx *state void oqs_sha2_sha512_inc_ctx_clone_c(sha512ctx *stateout, const sha512ctx *statein) { stateout->ctx = OQS_MEM_checked_malloc(PQC_SHA512CTX_BYTES); + if (stateout->ctx == NULL) { + return; + } stateout->data_len = statein->data_len; memcpy(stateout->data, statein->data, 128); @@ -588,25 +626,41 @@ void oqs_sha2_sha512_inc_ctx_clone_c(sha512ctx *stateout, const sha512ctx *state /* Destroy the hash state. */ void oqs_sha2_sha224_inc_ctx_release_c(sha224ctx *state) { - OQS_MEM_free(state->ctx); // IGNORE free-check + if (state->ctx != NULL) { + OQS_MEM_free(state->ctx); // IGNORE free-check + state->ctx = NULL; + } } /* Destroy the hash state. */ void oqs_sha2_sha256_inc_ctx_release_c(sha256ctx *state) { - OQS_MEM_free(state->ctx); // IGNORE free-check + if (state->ctx != NULL) { + OQS_MEM_free(state->ctx); // IGNORE free-check + state->ctx = NULL; + } } /* Destroy the hash state. */ void oqs_sha2_sha384_inc_ctx_release_c(sha384ctx *state) { - OQS_MEM_free(state->ctx); // IGNORE free-check + if (state->ctx != NULL) { + OQS_MEM_free(state->ctx); // IGNORE free-check + state->ctx = NULL; + } } /* Destroy the hash state. */ void oqs_sha2_sha512_inc_ctx_release_c(sha512ctx *state) { - OQS_MEM_free(state->ctx); // IGNORE free-check + if (state->ctx != NULL) { + OQS_MEM_free(state->ctx); // IGNORE free-check + state->ctx = NULL; + } } void oqs_sha2_sha256_inc_blocks_c(sha256ctx *state, const uint8_t *in, size_t inblocks) { + if (state == NULL || state->ctx == NULL || in == NULL) { + return; + } + uint64_t bytes = load_bigendian_64(state->ctx + 32); size_t tmp_buflen = 64 * inblocks; const uint8_t *new_in; @@ -615,6 +669,9 @@ void oqs_sha2_sha256_inc_blocks_c(sha256ctx *state, const uint8_t *in, size_t in /* Process any existing incremental data first */ if (state->data_len) { tmp_in = OQS_MEM_checked_malloc(tmp_buflen); + if (tmp_in == NULL) { + return; + } memcpy(tmp_in, state->data, state->data_len); memcpy(tmp_in + state->data_len, in, tmp_buflen - state->data_len); @@ -634,6 +691,10 @@ void oqs_sha2_sha256_inc_blocks_c(sha256ctx *state, const uint8_t *in, size_t in } void oqs_sha2_sha256_inc_c(sha256ctx *state, const uint8_t *in, size_t len) { + if (state == NULL || state->ctx == NULL || in == NULL) { + return; + } + while (len) { size_t incr = 64 - state->data_len; if (incr > len) { @@ -662,12 +723,17 @@ void oqs_sha2_sha256_inc_c(sha256ctx *state, const uint8_t *in, size_t len) { state->data_len = 0; } } - void oqs_sha2_sha224_inc_blocks_c(sha224ctx *state, const uint8_t *in, size_t inblocks) { + if (state == NULL || in == NULL) { + return; + } oqs_sha2_sha256_inc_blocks_c((sha256ctx *) state, in, inblocks); } void oqs_sha2_sha512_inc_blocks_c(sha512ctx *state, const uint8_t *in, size_t inblocks) { + if (state == NULL || in == NULL) { + return; + } uint64_t bytes = load_bigendian_64(state->ctx + 64); crypto_hashblocks_sha512_c(state->ctx, in, 128 * inblocks); @@ -677,10 +743,17 @@ void oqs_sha2_sha512_inc_blocks_c(sha512ctx *state, const uint8_t *in, size_t in } void oqs_sha2_sha384_inc_blocks_c(sha384ctx *state, const uint8_t *in, size_t inblocks) { + if (state == NULL || in == NULL) { + return; + } oqs_sha2_sha512_inc_blocks_c((sha512ctx *) state, in, inblocks); } void oqs_sha2_sha256_inc_finalize_c(uint8_t *out, sha256ctx *state, const uint8_t *in, size_t inlen) { + if (out == NULL || state == NULL) { + return; + } + uint8_t padded[128]; size_t new_inlen = state->data_len + inlen; @@ -692,6 +765,9 @@ void oqs_sha2_sha256_inc_finalize_c(uint8_t *out, sha256ctx *state, const uint8_ new_in = in; } else { //Combine incremental data with final input tmp_in = OQS_MEM_checked_malloc(tmp_len); + if (tmp_in == NULL) { + return; + } memcpy(tmp_in, state->data, state->data_len); if (in && inlen) { @@ -749,6 +825,10 @@ void oqs_sha2_sha256_inc_finalize_c(uint8_t *out, sha256ctx *state, const uint8_ } void oqs_sha2_sha224_inc_finalize_c(uint8_t *out, sha224ctx *state, const uint8_t *in, size_t inlen) { + if (out == NULL || state == NULL) { + return; + } + uint8_t tmp[32]; oqs_sha2_sha256_inc_finalize_c(tmp, (sha256ctx *)state, in, inlen); @@ -758,6 +838,10 @@ void oqs_sha2_sha224_inc_finalize_c(uint8_t *out, sha224ctx *state, const uint8_ } void oqs_sha2_sha512_inc_finalize_c(uint8_t *out, sha512ctx *state, const uint8_t *in, size_t inlen) { + if (out == NULL || state == NULL) { + return; + } + uint8_t padded[256]; uint64_t bytes = load_bigendian_64(state->ctx + 64) + inlen; @@ -808,6 +892,10 @@ void oqs_sha2_sha512_inc_finalize_c(uint8_t *out, sha512ctx *state, const uint8_ } void oqs_sha2_sha384_inc_finalize_c(uint8_t *out, sha384ctx *state, const uint8_t *in, size_t inlen) { + if (out == NULL || state == NULL) { + return; + } + uint8_t tmp[64]; oqs_sha2_sha512_inc_finalize_c(tmp, (sha512ctx *)state, in, inlen); @@ -817,6 +905,10 @@ void oqs_sha2_sha384_inc_finalize_c(uint8_t *out, sha384ctx *state, const uint8_ } void oqs_sha2_sha224_c(uint8_t *out, const uint8_t *in, size_t inlen) { + if (out == NULL) { + return; + } + sha224ctx state; oqs_sha2_sha224_inc_init_c(&state); @@ -824,6 +916,10 @@ void oqs_sha2_sha224_c(uint8_t *out, const uint8_t *in, size_t inlen) { } void oqs_sha2_sha256_c(uint8_t *out, const uint8_t *in, size_t inlen) { + if (out == NULL) { + return; + } + sha256ctx state; oqs_sha2_sha256_inc_init_c(&state); @@ -831,6 +927,10 @@ void oqs_sha2_sha256_c(uint8_t *out, const uint8_t *in, size_t inlen) { } void oqs_sha2_sha384_c(uint8_t *out, const uint8_t *in, size_t inlen) { + if (out == NULL) { + return; + } + sha384ctx state; oqs_sha2_sha384_inc_init_c(&state); @@ -838,6 +938,10 @@ void oqs_sha2_sha384_c(uint8_t *out, const uint8_t *in, size_t inlen) { } void oqs_sha2_sha512_c(uint8_t *out, const uint8_t *in, size_t inlen) { + if (out == NULL) { + return; + } + sha512ctx state; oqs_sha2_sha512_inc_init_c(&state); diff --git a/src/common/sha2/sha2_impl.c b/src/common/sha2/sha2_impl.c index 33805989e8..404c9e6bbe 100644 --- a/src/common/sha2/sha2_impl.c +++ b/src/common/sha2/sha2_impl.c @@ -24,88 +24,126 @@ #endif static void SHA2_sha256_inc_init(OQS_SHA2_sha256_ctx *state) { - oqs_sha2_sha256_inc_init_c((sha256ctx *) state); + if (state != NULL) { + oqs_sha2_sha256_inc_init_c((sha256ctx *) state); + } } static void SHA2_sha256_inc_ctx_clone(OQS_SHA2_sha256_ctx *dest, const OQS_SHA2_sha256_ctx *src) { - oqs_sha2_sha256_inc_ctx_clone_c((sha256ctx *) dest, (const sha256ctx *) src); + if (dest != NULL && src != NULL) { + oqs_sha2_sha256_inc_ctx_clone_c((sha256ctx *) dest, (const sha256ctx *) src); + } } static void SHA2_sha256_inc(OQS_SHA2_sha256_ctx *state, const uint8_t *in, size_t len) { - C_OR_ARM( - oqs_sha2_sha256_inc_c((sha256ctx *) state, in, len), - oqs_sha2_sha256_inc_armv8((sha256ctx *) state, in, len) - ); + if (state != NULL && in != NULL) { + C_OR_ARM( + oqs_sha2_sha256_inc_c((sha256ctx *) state, in, len), + oqs_sha2_sha256_inc_armv8((sha256ctx *) state, in, len) + ); + } } static void SHA2_sha256_inc_blocks(OQS_SHA2_sha256_ctx *state, const uint8_t *in, size_t inblocks) { - C_OR_ARM( - oqs_sha2_sha256_inc_blocks_c((sha256ctx *) state, in, inblocks), - oqs_sha2_sha256_inc_blocks_armv8((sha256ctx *) state, in, inblocks) - ); + if (state != NULL && in != NULL) { + C_OR_ARM( + oqs_sha2_sha256_inc_blocks_c((sha256ctx *) state, in, inblocks), + oqs_sha2_sha256_inc_blocks_armv8((sha256ctx *) state, in, inblocks) + ); + } } static void SHA2_sha256_inc_finalize(uint8_t *out, OQS_SHA2_sha256_ctx *state, const uint8_t *in, size_t inlen) { - oqs_sha2_sha256_inc_finalize_c(out, (sha256ctx *) state, in, inlen); + if (out != NULL && state != NULL) { + oqs_sha2_sha256_inc_finalize_c(out, (sha256ctx *) state, in, inlen); + } } static void SHA2_sha256_inc_ctx_release(OQS_SHA2_sha256_ctx *state) { - oqs_sha2_sha256_inc_ctx_release_c((sha256ctx *) state); + if (state != NULL) { + oqs_sha2_sha256_inc_ctx_release_c((sha256ctx *) state); + } } static void SHA2_sha384_inc_init(OQS_SHA2_sha384_ctx *state) { - oqs_sha2_sha384_inc_init_c((sha384ctx *)state); + if (state != NULL) { + oqs_sha2_sha384_inc_init_c((sha384ctx *)state); + } } static void SHA2_sha384_inc_ctx_clone(OQS_SHA2_sha384_ctx *dest, const OQS_SHA2_sha384_ctx *src) { - oqs_sha2_sha384_inc_ctx_clone_c((sha384ctx *) dest, (const sha384ctx *) src); + if (dest != NULL && src != NULL) { + oqs_sha2_sha384_inc_ctx_clone_c((sha384ctx *) dest, (const sha384ctx *) src); + } } static void SHA2_sha384_inc_blocks(OQS_SHA2_sha384_ctx *state, const uint8_t *in, size_t inblocks) { - oqs_sha2_sha384_inc_blocks_c((sha384ctx *) state, in, inblocks); + if (state != NULL && in != NULL) { + oqs_sha2_sha384_inc_blocks_c((sha384ctx *) state, in, inblocks); + } } static void SHA2_sha384_inc_finalize(uint8_t *out, OQS_SHA2_sha384_ctx *state, const uint8_t *in, size_t inlen) { - oqs_sha2_sha384_inc_finalize_c(out, (sha384ctx *) state, in, inlen); + if (out != NULL && state != NULL) { + oqs_sha2_sha384_inc_finalize_c(out, (sha384ctx *) state, in, inlen); + } } static void SHA2_sha384_inc_ctx_release(OQS_SHA2_sha384_ctx *state) { - oqs_sha2_sha384_inc_ctx_release_c((sha384ctx *) state); + if (state != NULL) { + oqs_sha2_sha384_inc_ctx_release_c((sha384ctx *) state); + } } static void SHA2_sha512_inc_init(OQS_SHA2_sha512_ctx *state) { - oqs_sha2_sha512_inc_init_c((sha512ctx *)state); + if (state != NULL) { + oqs_sha2_sha512_inc_init_c((sha512ctx *)state); + } } static void SHA2_sha512_inc_ctx_clone(OQS_SHA2_sha512_ctx *dest, const OQS_SHA2_sha512_ctx *src) { - oqs_sha2_sha512_inc_ctx_clone_c((sha512ctx *) dest, (const sha512ctx *) src); + if (dest != NULL && src != NULL) { + oqs_sha2_sha512_inc_ctx_clone_c((sha512ctx *) dest, (const sha512ctx *) src); + } } static void SHA2_sha512_inc_blocks(OQS_SHA2_sha512_ctx *state, const uint8_t *in, size_t inblocks) { - oqs_sha2_sha512_inc_blocks_c((sha512ctx *) state, in, inblocks); + if (state != NULL && in != NULL) { + oqs_sha2_sha512_inc_blocks_c((sha512ctx *) state, in, inblocks); + } } static void SHA2_sha512_inc_finalize(uint8_t *out, OQS_SHA2_sha512_ctx *state, const uint8_t *in, size_t inlen) { - oqs_sha2_sha512_inc_finalize_c(out, (sha512ctx *) state, in, inlen); + if (out != NULL && state != NULL) { + oqs_sha2_sha512_inc_finalize_c(out, (sha512ctx *) state, in, inlen); + } } static void SHA2_sha512_inc_ctx_release(OQS_SHA2_sha512_ctx *state) { - oqs_sha2_sha512_inc_ctx_release_c((sha512ctx *) state); + if (state != NULL) { + oqs_sha2_sha512_inc_ctx_release_c((sha512ctx *) state); + } } static void SHA2_sha256(uint8_t *out, const uint8_t *in, size_t inlen) { - C_OR_ARM ( - oqs_sha2_sha256_c(out, in, inlen), - oqs_sha2_sha256_armv8(out, in, inlen) - ); + if (out != NULL && in != NULL) { + C_OR_ARM ( + oqs_sha2_sha256_c(out, in, inlen), + oqs_sha2_sha256_armv8(out, in, inlen) + ); + } } static void SHA2_sha384(uint8_t *out, const uint8_t *in, size_t inlen) { - oqs_sha2_sha384_c(out, in, inlen); + if (out != NULL && in != NULL) { + oqs_sha2_sha384_c(out, in, inlen); + } } static void SHA2_sha512(uint8_t *out, const uint8_t *in, size_t inlen) { - oqs_sha2_sha512_c(out, in, inlen); + if (out != NULL && in != NULL) { + oqs_sha2_sha512_c(out, in, inlen); + } } struct OQS_SHA2_callbacks sha2_default_callbacks = { diff --git a/src/common/sha2/sha2_ossl.c b/src/common/sha2/sha2_ossl.c index 234d4b1e3b..54904e168c 100644 --- a/src/common/sha2/sha2_ossl.c +++ b/src/common/sha2/sha2_ossl.c @@ -17,7 +17,9 @@ static void do_hash(uint8_t *output, const uint8_t *input, size_t inplen, const EVP_MD_CTX *mdctx; unsigned int outlen; mdctx = OSSL_FUNC(EVP_MD_CTX_new)(); - OQS_EXIT_IF_NULLPTR(mdctx, "OpenSSL"); + if (mdctx == NULL) { + OQS_EXIT("OpenSSL"); + } OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestInit_ex)(mdctx, md, NULL)); OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestUpdate)(mdctx, input, inplen)); OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestFinal_ex)(mdctx, output, &outlen)); @@ -27,21 +29,27 @@ static void do_hash(uint8_t *output, const uint8_t *input, size_t inplen, const static void SHA2_sha256(uint8_t *output, const uint8_t *input, size_t inplen) { const EVP_MD *md; md = oqs_sha256(); - OQS_EXIT_IF_NULLPTR(md, "OpenSSL"); + if (md == NULL) { + OQS_EXIT("OpenSSL"); + } do_hash(output, input, inplen, md); } static void SHA2_sha384(uint8_t *output, const uint8_t *input, size_t inplen) { const EVP_MD *md; md = oqs_sha384(); - OQS_EXIT_IF_NULLPTR(md, "OpenSSL"); + if (md == NULL) { + OQS_EXIT("OpenSSL"); + } do_hash(output, input, inplen, md); } static void SHA2_sha512(uint8_t *output, const uint8_t *input, size_t inplen) { const EVP_MD *md; md = oqs_sha512(); - OQS_EXIT_IF_NULLPTR(md, "OpenSSL"); + if (md == NULL) { + OQS_EXIT("OpenSSL"); + } do_hash(output, input, inplen, md); } @@ -51,9 +59,13 @@ static void SHA2_sha256_inc_init(OQS_SHA2_sha256_ctx *state) { EVP_MD_CTX *mdctx; const EVP_MD *md = NULL; md = oqs_sha256(); - OQS_EXIT_IF_NULLPTR(md, "OpenSSL"); + if (md == NULL) { + OQS_EXIT("OpenSSL"); + } mdctx = OSSL_FUNC(EVP_MD_CTX_new)(); - OQS_EXIT_IF_NULLPTR(mdctx, "OpenSSL"); + if (mdctx == NULL) { + OQS_EXIT("OpenSSL"); + } OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestInit_ex)(mdctx, md, NULL)); state->ctx = mdctx; } @@ -73,11 +85,14 @@ static void SHA2_sha256_inc_finalize(uint8_t *out, OQS_SHA2_sha256_ctx *state, c } OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestFinal_ex)((EVP_MD_CTX *) state->ctx, out, &md_len)); OSSL_FUNC(EVP_MD_CTX_free)((EVP_MD_CTX *) state->ctx); + state->ctx = NULL; } static void SHA2_sha256_inc_ctx_release(OQS_SHA2_sha256_ctx *state) { - OSSL_FUNC(EVP_MD_CTX_free)((EVP_MD_CTX *) state->ctx); - state->ctx = NULL; + if (state->ctx != NULL) { + OSSL_FUNC(EVP_MD_CTX_free)((EVP_MD_CTX *) state->ctx); + state->ctx = NULL; + } } static void SHA2_sha256_inc_ctx_clone(OQS_SHA2_sha256_ctx *dest, const OQS_SHA2_sha256_ctx *src) { @@ -89,9 +104,13 @@ static void SHA2_sha384_inc_init(OQS_SHA2_sha384_ctx *state) { EVP_MD_CTX *mdctx; const EVP_MD *md = NULL; md = oqs_sha384(); - OQS_EXIT_IF_NULLPTR(md, "OpenSSL"); + if (md == NULL) { + OQS_EXIT("OpenSSL"); + } mdctx = OSSL_FUNC(EVP_MD_CTX_new)(); - OQS_EXIT_IF_NULLPTR(mdctx, "OpenSSL"); + if (mdctx == NULL) { + OQS_EXIT("OpenSSL"); + } OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestInit_ex)(mdctx, md, NULL)); state->ctx = mdctx; } @@ -107,11 +126,14 @@ static void SHA2_sha384_inc_finalize(uint8_t *out, OQS_SHA2_sha384_ctx *state, c } OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestFinal_ex)((EVP_MD_CTX *) state->ctx, out, &md_len)); OSSL_FUNC(EVP_MD_CTX_free)((EVP_MD_CTX *) state->ctx); + state->ctx = NULL; } static void SHA2_sha384_inc_ctx_release(OQS_SHA2_sha384_ctx *state) { - OSSL_FUNC(EVP_MD_CTX_free)((EVP_MD_CTX *) state->ctx); - state->ctx = NULL; + if (state->ctx != NULL) { + OSSL_FUNC(EVP_MD_CTX_free)((EVP_MD_CTX *) state->ctx); + state->ctx = NULL; + } } static void SHA2_sha384_inc_ctx_clone(OQS_SHA2_sha384_ctx *dest, const OQS_SHA2_sha384_ctx *src) { @@ -123,9 +145,13 @@ static void SHA2_sha512_inc_init(OQS_SHA2_sha512_ctx *state) { EVP_MD_CTX *mdctx; const EVP_MD *md = NULL; md = oqs_sha512(); - OQS_EXIT_IF_NULLPTR(md, "OpenSSL"); + if (md == NULL) { + OQS_EXIT("OpenSSL"); + } mdctx = OSSL_FUNC(EVP_MD_CTX_new)(); - OQS_EXIT_IF_NULLPTR(mdctx, "OpenSSL"); + if (mdctx == NULL) { + OQS_EXIT("OpenSSL"); + } OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestInit_ex)(mdctx, md, NULL)); state->ctx = mdctx; } @@ -141,11 +167,14 @@ static void SHA2_sha512_inc_finalize(uint8_t *out, OQS_SHA2_sha512_ctx *state, c } OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestFinal_ex)((EVP_MD_CTX *) state->ctx, out, &md_len)); OSSL_FUNC(EVP_MD_CTX_free)((EVP_MD_CTX *) state->ctx); + state->ctx = NULL; } static void SHA2_sha512_inc_ctx_release(OQS_SHA2_sha512_ctx *state) { - OSSL_FUNC(EVP_MD_CTX_free)((EVP_MD_CTX *) state->ctx); - state->ctx = NULL; + if (state->ctx != NULL) { + OSSL_FUNC(EVP_MD_CTX_free)((EVP_MD_CTX *) state->ctx); + state->ctx = NULL; + } } static void SHA2_sha512_inc_ctx_clone(OQS_SHA2_sha512_ctx *dest, const OQS_SHA2_sha512_ctx *src) {