sanity checks on input and adjust return value

Author: JacobBarthelmeh

src/wh_auth.c

@@ -170,8 +170,10 @@ int wh_Auth_Logout(whAuthContext* context, whUserId user_id)
         rc = context->cb->Logout(context->context, context->user.user_id,
             user_id);
         if (rc == WH_ERROR_OK) {
-            /* Clear the user context */
-            memset(&context->user, 0, sizeof(whAuthUser));
+            /* Clear local session only when logging out the current user */
+            if (user_id == context->user.user_id) {
+                memset(&context->user, 0, sizeof(whAuthUser));
+            }
         }
 
         (void)WH_AUTH_UNLOCK(context);

src/wh_auth_base.c

@@ -263,6 +263,10 @@ int wh_Auth_BaseUserAdd(void* context, const char* username,
     int              i;
     int              userId = WH_USER_ID_INVALID;
 
+    if (username == NULL || out_user_id == NULL) {
+        return WH_ERROR_BADARGS;
+    }
+
     /* Validate method is supported if credentials are provided */
     if (credentials != NULL && credentials_len > 0) {
         if (method != WH_AUTH_METHOD_PIN

src/wh_message_auth.c

@@ -59,7 +59,7 @@ int wh_MessageAuth_TranslateLoginRequest(
     }
 
     if (src_size < header_size) {
-        return WH_ERROR_BADARGS;
+        return WH_ERROR_BUFFER_SIZE;
     }
 
     src_header = (const whMessageAuth_LoginRequest*)src_packet;
@@ -76,7 +76,7 @@ int wh_MessageAuth_TranslateLoginRequest(
     expected_size = (uint16_t)(header_size + dest_header->auth_data_len);
     if (dest_header->auth_data_len > WH_MESSAGE_AUTH_LOGIN_MAX_AUTH_DATA_LEN ||
         src_size < expected_size) {
-        return WH_ERROR_BADARGS;
+        return WH_ERROR_BUFFER_SIZE;
     }
 
     return 0;
@@ -230,7 +230,7 @@ int wh_MessageAuth_TranslateUserAddRequest(
     }
 
     if (src_size < header_size) {
-        return WH_ERROR_BADARGS;
+        return WH_ERROR_BUFFER_SIZE;
     }
 
     src_header = (const whMessageAuth_UserAddRequest*)src_packet;
@@ -339,7 +339,7 @@ int wh_MessageAuth_TranslateUserSetCredentialsRequest(
     }
 
     if (src_size < header_size) {
-        return WH_ERROR_BADARGS;
+        return WH_ERROR_BUFFER_SIZE;
     }
 
     src_header = (const whMessageAuth_UserSetCredentialsRequest*)src_packet;
@@ -363,7 +363,7 @@ int wh_MessageAuth_TranslateUserSetCredentialsRequest(
     expected_size = header_size + dest_header->current_credentials_len +
                     dest_header->new_credentials_len;
     if (src_size < expected_size) {
-        return WH_ERROR_BADARGS;
+        return WH_ERROR_BUFFER_SIZE;
     }
 
     return 0;

test/wh_test_auth.c

@@ -131,7 +131,7 @@ static whAuthCb default_auth_cb = {
 static whAuthContext auth_ctx = {0};
 
 #ifndef WOLFHSM_CFG_NO_CRYPTO
-static whServerCryptoContext crypto[1] = {{.devId = INVALID_DEVID}};
+static whServerCryptoContext crypto[1] = {0};
 #endif
 
 /* Setup helper for memory transport mode */
@@ -175,7 +175,7 @@ static int _whTest_Auth_SetupMemory(whClientContext** out_client)
 
 #ifndef WOLFHSM_CFG_NO_CRYPTO
     WH_TEST_RETURN_ON_FAIL(wolfCrypt_Init());
-    WH_TEST_RETURN_ON_FAIL(wc_InitRng_ex(crypto->rng, NULL, crypto->devId));
+    WH_TEST_RETURN_ON_FAIL(wc_InitRng_ex(crypto->rng, NULL, INVALID_DEVID));
 #endif
 
     /* Set up auth context following wh_posix_server pattern */
@@ -512,14 +512,14 @@ static int _whTest_Auth_MessageBadArgs(void)
     rc = wh_MessageAuth_TranslateLoginRequest(0, NULL, 0, &login_out);
     WH_TEST_ASSERT_RETURN(rc == WH_ERROR_BADARGS);
     rc = wh_MessageAuth_TranslateLoginRequest(0, &login_hdr, 0, &login_out);
-    WH_TEST_ASSERT_RETURN(rc == WH_ERROR_BADARGS);
+    WH_TEST_ASSERT_RETURN(rc == WH_ERROR_BUFFER_SIZE);
 
     memset(&login_hdr, 0, sizeof(login_hdr));
     login_hdr.auth_data_len =
         (uint16_t)(WH_MESSAGE_AUTH_LOGIN_MAX_AUTH_DATA_LEN + 1);
     rc = wh_MessageAuth_TranslateLoginRequest(0, &login_hdr, sizeof(login_hdr),
                                               &login_out);
-    WH_TEST_ASSERT_RETURN(rc == WH_ERROR_BADARGS);
+    WH_TEST_ASSERT_RETURN(rc == WH_ERROR_BUFFER_SIZE);
 
     rc = wh_MessageAuth_TranslateUserAddRequest(0, NULL, 0, &add_out);
     WH_TEST_ASSERT_RETURN(rc == WH_ERROR_BADARGS);
@@ -539,7 +539,7 @@ static int _whTest_Auth_MessageBadArgs(void)
     set_hdr.new_credentials_len     = 4;
     rc = wh_MessageAuth_TranslateUserSetCredentialsRequest(
         0, &set_hdr, sizeof(set_hdr), &set_hdr);
-    WH_TEST_ASSERT_RETURN(rc == WH_ERROR_BADARGS);
+    WH_TEST_ASSERT_RETURN(rc == WH_ERROR_BUFFER_SIZE);
 
     return WH_TEST_SUCCESS;
 }