More abort() -> sodium_misuse()

7 years ago · ea9281cb03
2 changed files with 70 additions and 64 deletions
--- a/src/libsodium/crypto_generichash/blake2b/ref/blake2b-ref.c
+++ b/src/libsodium/crypto_generichash/blake2b/ref/blake2b-ref.c
@ -19,6 +19,7 @@
 #include <string.h>

 #include "blake2.h"
+#include "core.h"
 #include "private/common.h"
 #include "runtime.h"
 #include "utils.h"
@ -190,9 +191,9 @@ blake2b_init(blake2b_state *S, const uint8_t outlen)
 {
    blake2b_param P[1];

-    if ((!outlen) || (outlen > BLAKE2B_OUTBYTES))
-        abort();
-
+    if ((!outlen) || (outlen > BLAKE2B_OUTBYTES)) {
+        sodium_misuse("blake2b_init(): unsupported output length");
+    }
    P->digest_length = outlen;
    P->key_length    = 0;
    P->fanout        = 1;
@ -213,9 +214,9 @@ blake2b_init_salt_personal(blake2b_state *S, const uint8_t outlen,
 {
    blake2b_param P[1];

-    if ((!outlen) || (outlen > BLAKE2B_OUTBYTES))
-        abort();
-
+    if ((!outlen) || (outlen > BLAKE2B_OUTBYTES)) {
+        sodium_misuse("blake2b_init_salt_personal(): unsupported output length");
+    }
    P->digest_length = outlen;
    P->key_length    = 0;
    P->fanout        = 1;
@ -244,12 +245,12 @@ blake2b_init_key(blake2b_state *S, const uint8_t outlen, const void *key,
 {
    blake2b_param P[1];

-    if ((!outlen) || (outlen > BLAKE2B_OUTBYTES))
-        abort();
-
-    if (!key || !keylen || keylen > BLAKE2B_KEYBYTES)
-        abort();
-
+    if ((!outlen) || (outlen > BLAKE2B_OUTBYTES)) {
+        sodium_misuse("blake2b_init_key(): unsupported output length");
+    }
+    if (!key || !keylen || keylen > BLAKE2B_KEYBYTES) {
+        sodium_misuse("blake2b_init_key(): unsupported key length");
+    }
    P->digest_length = outlen;
    P->key_length    = keylen;
    P->fanout        = 1;
@ -262,9 +263,9 @@ blake2b_init_key(blake2b_state *S, const uint8_t outlen, const void *key,
    memset(P->salt, 0, sizeof(P->salt));
    memset(P->personal, 0, sizeof(P->personal));

-    if (blake2b_init_param(S, P) < 0)
-        abort();
-
+    if (blake2b_init_param(S, P) < 0) {
+        sodium_misuse("blake2b_init_key(): invalid parameters");
+    }
    {
        uint8_t block[BLAKE2B_BLOCKBYTES];
        memset(block, 0, BLAKE2B_BLOCKBYTES);
@ -282,12 +283,12 @@ blake2b_init_key_salt_personal(blake2b_state *S, const uint8_t outlen,
 {
    blake2b_param P[1];

-    if ((!outlen) || (outlen > BLAKE2B_OUTBYTES))
-        abort();
-
-    if (!key || !keylen || keylen > BLAKE2B_KEYBYTES)
-        abort();
-
+    if ((!outlen) || (outlen > BLAKE2B_OUTBYTES)) {
+        sodium_misuse("blake2b_init_key_salt_personal(): unsupported output length");
+    }
+    if (!key || !keylen || keylen > BLAKE2B_KEYBYTES) {
+        sodium_misuse("blake2b_init_key_salt_personal(): unsupported key length");
+    }
    P->digest_length = outlen;
    P->key_length    = keylen;
    P->fanout        = 1;
@ -308,9 +309,9 @@ blake2b_init_key_salt_personal(blake2b_state *S, const uint8_t outlen,
        memset(P->personal, 0, sizeof(P->personal));
    }

-    if (blake2b_init_param(S, P) < 0)
-        abort();
-
+    if (blake2b_init_param(S, P) < 0) {
+        sodium_misuse("blake2b_init_key_salt_personal(): invalid parameters");
+    }
    {
        uint8_t block[BLAKE2B_BLOCKBYTES];
        memset(block, 0, BLAKE2B_BLOCKBYTES);
@ -355,7 +356,7 @@ int
 blake2b_final(blake2b_state *S, uint8_t *out, uint8_t outlen)
 {
    if (!outlen || outlen > BLAKE2B_OUTBYTES) {
-        abort(); /* LCOV_EXCL_LINE */
+        sodium_misuse("blake2b_final(): unsupported output length");
    }
    if (blake2b_is_lastblock(S)) {
        return -1;
@ -398,27 +399,29 @@ blake2b(uint8_t *out, const void *in, const void *key, const uint8_t outlen,
    blake2b_state S[1];

    /* Verify parameters */
-    if (NULL == in && inlen > 0)
-        abort();
-
-    if (NULL == out)
-        abort();
-
-    if (!outlen || outlen > BLAKE2B_OUTBYTES)
-        abort();
-
-    if (NULL == key && keylen > 0)
-        abort();
-
-    if (keylen > BLAKE2B_KEYBYTES)
-        abort();
-
+    if (NULL == in && inlen > 0) {
+        sodium_misuse("blake2b(): NULL input, but length > 0");
+    }
+    if (NULL == out) {
+        sodium_misuse("blake2b(): NULL output pointer");
+    }
+    if (!outlen || outlen > BLAKE2B_OUTBYTES) {
+        sodium_misuse("blake2b(): unsupported output length");
+    }
+    if (NULL == key && keylen > 0) {
+        sodium_misuse("blake2b(): NULL key, but key length > 0");
+    }
+    if (keylen > BLAKE2B_KEYBYTES) {
+        sodium_misuse("blake2b(): unsupported key length");
+    }
    if (keylen > 0) {
-        if (blake2b_init_key(S, outlen, key, keylen) < 0)
-            abort();
+        if (blake2b_init_key(S, outlen, key, keylen) < 0) {
+            sodium_misuse("blake2b(): invalid parameters");
+        }
    } else {
-        if (blake2b_init(S, outlen) < 0)
-            abort();
+        if (blake2b_init(S, outlen) < 0) {
+            sodium_misuse("blake2b(): invalid parameters");
+        }
    }

    blake2b_update(S, (const uint8_t *) in, inlen);
@ -434,28 +437,30 @@ blake2b_salt_personal(uint8_t *out, const void *in, const void *key,
    blake2b_state S[1];

    /* Verify parameters */
-    if (NULL == in && inlen > 0)
-        abort();
-
-    if (NULL == out)
-        abort();
-
-    if (!outlen || outlen > BLAKE2B_OUTBYTES)
-        abort();
-
-    if (NULL == key && keylen > 0)
-        abort();
-
-    if (keylen > BLAKE2B_KEYBYTES)
-        abort();
-
+    if (NULL == in && inlen > 0) {
+        sodium_misuse("blake2b_salt_personal(): NULL input, but length > 0");
+    }
+    if (NULL == out) {
+        sodium_misuse("blake2b_salt_personal(): NULL output pointer");
+    }
+    if (!outlen || outlen > BLAKE2B_OUTBYTES) {
+        sodium_misuse("blake2b_salt_personal(): unsupported output length");
+    }
+    if (NULL == key && keylen > 0) {
+        sodium_misuse("blake2b_salt_personal(): NULL key, but key length > 0");
+    }
+    if (keylen > BLAKE2B_KEYBYTES) {
+        sodium_misuse("blake2b_salt_personal(): unsupported key length");
+    }
    if (keylen > 0) {
        if (blake2b_init_key_salt_personal(S, outlen, key, keylen, salt,
-                                           personal) < 0)
-            abort();
+                                           personal) < 0) {
+            sodium_misuse("blake2b_salt_personal(): invalid parameters");
+        }
    } else {
-        if (blake2b_init_salt_personal(S, outlen, salt, personal) < 0)
-            abort();
+        if (blake2b_init_salt_personal(S, outlen, salt, personal) < 0) {
+            sodium_misuse("blake2b_salt_personal(): invalid parameters");
+        }
    }

    blake2b_update(S, (const uint8_t *) in, inlen);
--- a/src/libsodium/randombytes/randombytes.c
+++ b/src/libsodium/randombytes/randombytes.c
@ -10,6 +10,7 @@
 # include <emscripten.h>
 #endif

+#include "core.h"
 #include "crypto_stream_chacha20.h"
 #include "randombytes.h"
 #ifdef RANDOMBYTES_DEFAULT_IMPLEMENTATION
@ -172,7 +173,7 @@ randombytes_buf_deterministic(void * const buf, const size_t size,
    COMPILER_ASSERT(randombytes_SEEDBYTES == crypto_stream_chacha20_ietf_KEYBYTES);
 #if SIZE_MAX > 0x4000000000ULL
    if (size > 0x4000000000ULL) {
-        abort();
+        sodium_misuse("randombytes_buf_deterministic(): length shouldn't exceed 0x4000000000");
    }
 #endif
    crypto_stream_chacha20_ietf((unsigned char *) buf, (unsigned long long) size,