psa: Disallow use of invalid cipher contexts

Patater · Patater · commit 748949f7a268 · 2019-02-15T15:28:27.000Z
A cipher context must have a setup function called on it in order to
make the cipher context usable. Return PSA_ERROR_BAD_STATE for use of
cipher contexts that haven't been set up. Test that blank cipher
contexts are not usable.
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
@@ -3075,6 +3075,13 @@ psa_status_t psa_cipher_update( psa_cipher_operation_t *operation,
     psa_status_t status;
     int ret;
     size_t expected_output_size;
+
+    if( operation->alg == 0)
+    {
+        status = PSA_ERROR_BAD_STATE;
+        goto exit;
+    }
+
     if( ! PSA_ALG_IS_STREAM_CIPHER( operation->alg ) )
     {
         /* Take the unprocessed partial block left over from previous
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
@@ -2345,6 +2345,9 @@ exit:
 /* BEGIN_CASE */
 void cipher_operation_init( )
 {
+    const uint8_t input[1];
+    unsigned char output[1];
+    size_t output_length;
     /* Test each valid way of initializing the object, except for `= {0}`, as
      * Clang 5 complains when `-Wmissing-field-initializers` is used, even
      * though it's OK by the C standard. We could test for this, but we'd need
@@ -2355,6 +2358,23 @@ void cipher_operation_init( )
 
     memset( &zero, 0, sizeof( zero ) );
 
+    /* A default cipher operation should not be usable. */
+    TEST_EQUAL( psa_cipher_update( &func,
+                                   input, sizeof( input ),
+                                   output, sizeof( output ),
+                                   &output_length ),
+                PSA_ERROR_BAD_STATE );
+    TEST_EQUAL( psa_cipher_update( &init,
+                                   input, sizeof( input ),
+                                   output, sizeof( output ),
+                                   &output_length ),
+                PSA_ERROR_BAD_STATE );
+    TEST_EQUAL( psa_cipher_update( &zero,
+                                   input, sizeof( input ),
+                                   output, sizeof( output ),
+                                   &output_length ),
+                PSA_ERROR_BAD_STATE );
+
     /* A default cipher operation should be abortable without error. */
     PSA_ASSERT( psa_cipher_abort( &func ) );
     PSA_ASSERT( psa_cipher_abort( &init ) );
