From 529b6a1eb99d7b6836fbc0d1e12a3d8dca627eec Mon Sep 17 00:00:00 2001
From: Anthony Hu <anthony@wolfssl.com>
Date: Tue, 30 Apr 2024 11:06:30 -0400
Subject: [PATCH] Allow for zero length hash.  Its not an error.

Fixes ZD17910
---
 wolfcrypt/src/sha256.c | 20 +++++++++++++++++++-
 wolfcrypt/src/sha512.c | 41 +++++++++++++++++++++++++++++++++++++++--
 2 files changed, 58 insertions(+), 3 deletions(-)

diff --git a/wolfcrypt/src/sha256.c b/wolfcrypt/src/sha256.c
index 37a163f28f..3c66138ac4 100644
--- a/wolfcrypt/src/sha256.c
+++ b/wolfcrypt/src/sha256.c
@@ -777,7 +777,14 @@ static int InitSha256(wc_Sha256* sha256)
     {
         int ret = 0;
 
-        if (sha256 == NULL || (data == NULL && len > 0)) {
+        if (sha256 == NULL) {
+            return BAD_FUNC_ARG;
+        }
+        if (data == NULL && len == 0) {
+            /* valid, but do nothing */
+            return 0;
+        }
+        if (data == NULL) {
             return BAD_FUNC_ARG;
         }
 
@@ -828,6 +835,17 @@ static int InitSha256(wc_Sha256* sha256)
 
     int wc_Sha256Update(wc_Sha256* sha256, const byte* data, word32 len)
     {
+        if (sha256 == NULL) {
+            return BAD_FUNC_ARG;
+        }
+        if (data == NULL && len == 0) {
+            /* valid, but do nothing */
+            return 0;
+        }
+        if (data == NULL) {
+            return BAD_FUNC_ARG;
+        }
+
         return se050_hash_update(&sha256->se050Ctx, data, len);
     }
 
diff --git a/wolfcrypt/src/sha512.c b/wolfcrypt/src/sha512.c
index 50a5bb47ec..cabd59e5ca 100644
--- a/wolfcrypt/src/sha512.c
+++ b/wolfcrypt/src/sha512.c
@@ -167,6 +167,17 @@
     }
     int wc_Sha512Update(wc_Sha512* sha512, const byte* data, word32 len)
     {
+        if (sha512 == NULL) {
+            return BAD_FUNC_ARG;
+        }
+        if (data == NULL && len == 0) {
+            /* valid, but do nothing */
+            return 0;
+        }
+        if (data == NULL) {
+            return BAD_FUNC_ARG;
+        }
+
         return se050_hash_update(&sha512->se050Ctx, data, len);
     }
     int wc_Sha512Final(wc_Sha512* sha512, byte* hash)
@@ -1024,7 +1035,14 @@ static WC_INLINE int Sha512Update(wc_Sha512* sha512, const byte* data, word32 le
 
 int wc_Sha512Update(wc_Sha512* sha512, const byte* data, word32 len)
 {
-    if (sha512 == NULL || (data == NULL && len > 0)) {
+    if (sha512 == NULL) {
+        return BAD_FUNC_ARG;
+    }
+    if (data == NULL && len == 0) {
+        /* valid, but do nothing */
+        return 0;
+    }
+    if (data == NULL) {
         return BAD_FUNC_ARG;
     }
 
@@ -1414,6 +1432,17 @@ int wc_Sha512Transform(wc_Sha512* sha, const unsigned char* data)
     }
     int wc_Sha384Update(wc_Sha384* sha384, const byte* data, word32 len)
     {
+        if (sha384 == NULL) {
+            return BAD_FUNC_ARG;
+        }
+        if (data == NULL && len == 0) {
+            /* valid, but do nothing */
+            return 0;
+        }
+        if (data == NULL) {
+            return BAD_FUNC_ARG;
+        }
+
         return se050_hash_update(&sha384->se050Ctx, data, len);
 
     }
@@ -1489,7 +1518,15 @@ static int InitSha384(wc_Sha384* sha384)
 
 int wc_Sha384Update(wc_Sha384* sha384, const byte* data, word32 len)
 {
-    if (sha384 == NULL || (data == NULL && len > 0)) {
+
+    if (sha384 == NULL) {
+        return BAD_FUNC_ARG;
+    }
+    if (data == NULL && len == 0) {
+        /* valid, but do nothing */
+        return 0;
+    }
+    if (data == NULL) {
         return BAD_FUNC_ARG;
     }