Skip to content

Commit d982aa2

Browse files
dgarskedgarske
authored
Merge pull request #10467 from JacobBarthelmeh/static_analysis_2
Xilinx/AMD port fixes for sanity checks on return values and psoc6 sanity check on input arg
2 parents 0055eb5 + e32d5ad commit d982aa2

3 files changed

Lines changed: 51 additions & 9 deletions

File tree

wolfcrypt/src/port/cypress/psoc6_crypto.c

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -527,6 +527,9 @@ int wc_InitSha512_ex(wc_Sha512* sha, void* heap, int devid)
527527
int ret;
528528
(void)heap;
529529
(void)devid;
530+
if (sha == NULL) {
531+
return BAD_FUNC_ARG;
532+
}
530533
XMEMSET(sha, 0, sizeof(wc_Sha512));
531534
/* Lock the mutex to perform crypto operations */
532535
ret = wolfSSL_CryptHwMutexLock();

wolfcrypt/src/port/xilinx/xil-aesgcm.c

Lines changed: 17 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -558,9 +558,18 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out,
558558
tmp = out;
559559
#endif
560560

561-
XSecure_AesInitialize(&(aes->xilAes), &(aes->dma), aes->kup, (word32*)iv,
562-
aes->keyInit);
563-
XSecure_AesEncryptData(&(aes->xilAes), tmp, in, sz);
561+
ret = XSecure_AesInitialize(&(aes->xilAes), &(aes->dma), aes->kup,
562+
(word32*)iv, aes->keyInit);
563+
if (ret == XST_SUCCESS) {
564+
ret = XSecure_AesEncryptData(&(aes->xilAes), tmp, in, sz);
565+
}
566+
if (ret != XST_SUCCESS) {
567+
#ifndef NO_WOLFSSL_XILINX_TAG_MALLOC
568+
XFREE(tmp, aes->heap, DYNAMIC_TYPE_TMP_BUFFER);
569+
#endif
570+
WOLFSSL_MSG("Xilinx AES-GCM encrypt failed");
571+
return WC_HW_E;
572+
}
564573
XMEMCPY(authTag, tmp + sz, authTagSz);
565574
#ifndef NO_WOLFSSL_XILINX_TAG_MALLOC
566575
XMEMCPY(out, tmp, sz);
@@ -624,8 +633,12 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out,
624633
}
625634

626635
/* calls to hardened crypto */
627-
XSecure_AesInitialize(&(aes->xilAes), &(aes->dma), aes->kup,
636+
ret = XSecure_AesInitialize(&(aes->xilAes), &(aes->dma), aes->kup,
628637
(word32*)iv, aes->keyInit);
638+
if (ret != XST_SUCCESS) {
639+
WOLFSSL_MSG("XSecure_AesInitialize failed");
640+
return WC_HW_E;
641+
}
629642
ret = XSecure_AesDecryptData(&(aes->xilAes), out, in, sz, tag);
630643

631644
/* account for additional data */

wolfcrypt/src/port/xilinx/xil-sha3.c

Lines changed: 31 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -71,11 +71,16 @@ int wc_InitSha3_384(wc_Sha3* sha, void* heap, int devId)
7171
*/
7272
int wc_Sha3_384_Update(wc_Sha3* sha, const byte* data, word32 len)
7373
{
74+
int status;
7475
if (sha == NULL || (data == NULL && len > 0)) {
7576
return BAD_FUNC_ARG;
7677
}
7778
WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)data, len);
78-
XSecure_Sha3Update(&(sha->xSec.cinst), XIL_CAST_U64(data), len);
79+
status = XSecure_Sha3Update(&(sha->xSec.cinst), XIL_CAST_U64(data), len);
80+
if (status != XST_SUCCESS) {
81+
WOLFSSL_MSG("XSecure_Sha3Update failed");
82+
return WC_HW_E;
83+
}
7984

8085
return 0;
8186
}
@@ -88,11 +93,16 @@ int wc_Sha3_384_Update(wc_Sha3* sha, const byte* data, word32 len)
8893
*/
8994
int wc_Sha3_384_Final(wc_Sha3* sha, byte* out)
9095
{
96+
int status;
9197
if (sha == NULL || out == NULL) {
9298
return BAD_FUNC_ARG;
9399
}
94100
WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)out, WC_SHA3_384_DIGEST_SIZE);
95-
XSecure_Sha3Finish(&(sha->xSec.cinst), XIL_CAST_U64(out));
101+
status = XSecure_Sha3Finish(&(sha->xSec.cinst), XIL_CAST_U64(out));
102+
if (status != XST_SUCCESS) {
103+
WOLFSSL_MSG("XSecure_Sha3Finish failed");
104+
return WC_HW_E;
105+
}
96106

97107
return wc_InitSha3_384(sha, NULL, INVALID_DEVID);
98108
}
@@ -159,10 +169,15 @@ int wc_InitSha3_384(wc_Sha3* sha, void* heap, int devId)
159169
*/
160170
int wc_Sha3_384_Update(wc_Sha3* sha, const byte* data, word32 len)
161171
{
172+
int status;
162173
if (sha == NULL || (data == NULL && len > 0)) {
163174
return BAD_FUNC_ARG;
164175
}
165-
XSecure_Sha3Update(&(sha->hw), (byte*)data, len);
176+
status = XSecure_Sha3Update(&(sha->hw), (byte*)data, len);
177+
if (status != XST_SUCCESS) {
178+
WOLFSSL_MSG("XSecure_Sha3Update failed");
179+
return WC_HW_E;
180+
}
166181

167182
return 0;
168183
}
@@ -175,10 +190,15 @@ int wc_Sha3_384_Update(wc_Sha3* sha, const byte* data, word32 len)
175190
*/
176191
int wc_Sha3_384_Final(wc_Sha3* sha, byte* out)
177192
{
193+
int status;
178194
if (sha == NULL || out == NULL) {
179195
return BAD_FUNC_ARG;
180196
}
181-
XSecure_Sha3Finish(&(sha->hw), out);
197+
status = XSecure_Sha3Finish(&(sha->hw), out);
198+
if (status != XST_SUCCESS) {
199+
WOLFSSL_MSG("XSecure_Sha3Finish failed");
200+
return WC_HW_E;
201+
}
182202

183203
return wc_InitSha3_384(sha, NULL, INVALID_DEVID);
184204
}
@@ -204,6 +224,8 @@ int wc_Sha3_384_GetHash(wc_Sha3* sha, byte* out)
204224
{
205225
#ifdef WOLFSSL_XILINX_CRYPTO_OLD
206226
wc_Sha3 s;
227+
#else
228+
int status;
207229
#endif
208230

209231
if (sha == NULL || out == NULL) {
@@ -217,7 +239,11 @@ int wc_Sha3_384_GetHash(wc_Sha3* sha, byte* out)
217239

218240
return wc_Sha3_384_Final(&s, out);
219241
#else
220-
XSecure_Sha3_ReadHash(&(sha->hw), out);
242+
status = XSecure_Sha3_ReadHash(&(sha->hw), out);
243+
if (status != XST_SUCCESS) {
244+
WOLFSSL_MSG("XSecure_Sha3_ReadHash failed");
245+
return WC_HW_E;
246+
}
221247
return 0;
222248
#endif
223249
}

0 commit comments

Comments
 (0)