Fix MD_PSA_INIT called before initializing some data structures
This fixes accesses to uninitialized memory in test code if
`psa_crypto_init()` fails.
A lot of those were pointed out by Coverity. I quickly reviewed all calls to
`MD_PSA_INIT()` manually, rather than follow any particular list.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function
index 6261979..a15d5d7 100644
--- a/tests/suites/test_suite_pkcs1_v21.function
+++ b/tests/suites/test_suite_pkcs1_v21.function
@@ -14,18 +14,18 @@
{
unsigned char output[256];
mbedtls_rsa_context ctx;
+ mbedtls_rsa_init(&ctx);
mbedtls_test_rnd_buf_info info;
mbedtls_mpi N, E;
-
- MD_PSA_INIT();
+ mbedtls_mpi_init(&N); mbedtls_mpi_init(&E);
info.fallback_f_rng = mbedtls_test_rnd_std_rand;
info.fallback_p_rng = NULL;
info.buf = rnd_buf->x;
info.length = rnd_buf->len;
- mbedtls_mpi_init(&N); mbedtls_mpi_init(&E);
- mbedtls_rsa_init(&ctx);
+ MD_PSA_INIT();
+
TEST_ASSERT(mbedtls_rsa_set_padding(&ctx,
MBEDTLS_RSA_PKCS_V21, hash) == 0);
memset(output, 0x00, sizeof(output));
@@ -66,17 +66,16 @@
{
unsigned char output[64];
mbedtls_rsa_context ctx;
+ mbedtls_rsa_init(&ctx);
size_t output_len;
mbedtls_test_rnd_pseudo_info rnd_info;
mbedtls_mpi N, P, Q, E;
+ mbedtls_mpi_init(&N); mbedtls_mpi_init(&P);
+ mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E);
((void) seed);
MD_PSA_INIT();
- mbedtls_mpi_init(&N); mbedtls_mpi_init(&P);
- mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E);
-
- mbedtls_rsa_init(&ctx);
TEST_ASSERT(mbedtls_rsa_set_padding(&ctx,
MBEDTLS_RSA_PKCS_V21, hash) == 0);
@@ -131,19 +130,19 @@
{
unsigned char output[512];
mbedtls_rsa_context ctx;
+ mbedtls_rsa_init(&ctx);
mbedtls_test_rnd_buf_info info;
mbedtls_mpi N, P, Q, E;
-
- MD_PSA_INIT();
+ mbedtls_mpi_init(&N); mbedtls_mpi_init(&P);
+ mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E);
info.fallback_f_rng = mbedtls_test_rnd_std_rand;
info.fallback_p_rng = NULL;
info.buf = rnd_buf->x;
info.length = rnd_buf->len;
- mbedtls_mpi_init(&N); mbedtls_mpi_init(&P);
- mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E);
- mbedtls_rsa_init(&ctx);
+ MD_PSA_INIT();
+
TEST_ASSERT(mbedtls_rsa_set_padding(&ctx,
MBEDTLS_RSA_PKCS_V21, hash) == 0);
@@ -196,13 +195,13 @@
char *salt, data_t *result_str, int result)
{
mbedtls_rsa_context ctx;
+ mbedtls_rsa_init(&ctx);
mbedtls_mpi N, E;
+ mbedtls_mpi_init(&N); mbedtls_mpi_init(&E);
((void) salt);
MD_PSA_INIT();
- mbedtls_mpi_init(&N); mbedtls_mpi_init(&E);
- mbedtls_rsa_init(&ctx);
TEST_ASSERT(mbedtls_rsa_set_padding(&ctx,
MBEDTLS_RSA_PKCS_V21, hash) == 0);
@@ -236,12 +235,12 @@
int result_full)
{
mbedtls_rsa_context ctx;
+ mbedtls_rsa_init(&ctx);
mbedtls_mpi N, E;
+ mbedtls_mpi_init(&N); mbedtls_mpi_init(&E);
MD_PSA_INIT();
- mbedtls_mpi_init(&N); mbedtls_mpi_init(&E);
- mbedtls_rsa_init(&ctx);
TEST_ASSERT(mbedtls_rsa_set_padding(&ctx,
MBEDTLS_RSA_PKCS_V21, ctx_hash) == 0);