From efe30760e5dad5c73f976cfefda5a11c5ab86a9a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 7 Oct 2024 11:11:32 +0200 Subject: [PATCH] Initialize CCM context before doing anything fallible Otherwise mbedtls_ccm_free() in cleanup could corrupt memory if a failure happens. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_ccm.function | 42 ++++++++++++++-------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function index dbb313b939..8c39d27a11 100644 --- a/tests/suites/test_suite_ccm.function +++ b/tests/suites/test_suite_ccm.function @@ -79,11 +79,11 @@ void mbedtls_ccm_self_test() void mbedtls_ccm_setkey(int cipher_id, int key_size, int result) { mbedtls_ccm_context ctx; + mbedtls_ccm_init(&ctx); unsigned char key[32]; int ret; BLOCK_CIPHER_PSA_INIT(); - mbedtls_ccm_init(&ctx); memset(key, 0x2A, sizeof(key)); TEST_ASSERT((unsigned) key_size <= 8 * sizeof(key)); @@ -101,6 +101,7 @@ exit: void ccm_lengths(int msg_len, int iv_len, int add_len, int tag_len, int res) { mbedtls_ccm_context ctx; + mbedtls_ccm_init(&ctx); unsigned char key[16]; unsigned char msg[10]; unsigned char iv[14]; @@ -110,7 +111,6 @@ void ccm_lengths(int msg_len, int iv_len, int add_len, int tag_len, int res) int decrypt_ret; BLOCK_CIPHER_PSA_INIT(); - mbedtls_ccm_init(&ctx); TEST_CALLOC_OR_SKIP(add, add_len); memset(key, 0, sizeof(key)); @@ -146,6 +146,7 @@ void ccm_star_lengths(int msg_len, int iv_len, int add_len, int tag_len, int res) { mbedtls_ccm_context ctx; + mbedtls_ccm_init(&ctx); unsigned char key[16]; unsigned char msg[10]; unsigned char iv[14]; @@ -155,7 +156,6 @@ void ccm_star_lengths(int msg_len, int iv_len, int add_len, int tag_len, int decrypt_ret; BLOCK_CIPHER_PSA_INIT(); - mbedtls_ccm_init(&ctx); memset(key, 0, sizeof(key)); memset(msg, 0, sizeof(msg)); @@ -191,6 +191,7 @@ void mbedtls_ccm_encrypt_and_tag(int cipher_id, data_t *key, data_t *add, data_t *result) { mbedtls_ccm_context ctx; + mbedtls_ccm_init(&ctx); size_t n1, n1_add; uint8_t *io_msg_buf = NULL; uint8_t *tag_buf = NULL; @@ -207,7 +208,6 @@ void mbedtls_ccm_encrypt_and_tag(int cipher_id, data_t *key, TEST_CALLOC(tag_buf, expected_tag_len); BLOCK_CIPHER_PSA_INIT(); - mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); /* Test with input == output */ TEST_EQUAL(mbedtls_ccm_encrypt_and_tag(&ctx, msg->len, iv->x, iv->len, add->x, add->len, @@ -248,11 +248,11 @@ void mbedtls_ccm_star_no_tag(int cipher_id, int mode, data_t *key, data_t *msg, data_t *iv, data_t *result) { mbedtls_ccm_context ctx; + mbedtls_ccm_init(&ctx); uint8_t *output = NULL; size_t olen; BLOCK_CIPHER_PSA_INIT(); - mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); TEST_EQUAL(0, mbedtls_ccm_set_lengths(&ctx, 0, msg->len, 0)); @@ -277,6 +277,7 @@ void mbedtls_ccm_auth_decrypt(int cipher_id, data_t *key, data_t *expected_msg) { mbedtls_ccm_context ctx; + mbedtls_ccm_init(&ctx); size_t n1, n1_add; const size_t expected_msg_len = msg->len - expected_tag_len; @@ -290,7 +291,6 @@ void mbedtls_ccm_auth_decrypt(int cipher_id, data_t *key, } BLOCK_CIPHER_PSA_INIT(); - mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); /* Test with input == output */ TEST_EQUAL(mbedtls_ccm_auth_decrypt(&ctx, expected_msg_len, iv->x, iv->len, add->x, add->len, @@ -343,6 +343,7 @@ void mbedtls_ccm_star_encrypt_and_tag(int cipher_id, { unsigned char iv[13]; mbedtls_ccm_context ctx; + mbedtls_ccm_init(&ctx); size_t iv_len, expected_tag_len; size_t n1, n1_add; uint8_t *io_msg_buf = NULL; @@ -379,7 +380,6 @@ void mbedtls_ccm_star_encrypt_and_tag(int cipher_id, iv_len = sizeof(iv); BLOCK_CIPHER_PSA_INIT(); - mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); /* Test with input == output */ @@ -430,6 +430,7 @@ void mbedtls_ccm_star_auth_decrypt(int cipher_id, { unsigned char iv[13]; mbedtls_ccm_context ctx; + mbedtls_ccm_init(&ctx); size_t iv_len, expected_tag_len; size_t n1, n1_add; @@ -460,7 +461,6 @@ void mbedtls_ccm_star_auth_decrypt(int cipher_id, iv_len = sizeof(iv); BLOCK_CIPHER_PSA_INIT(); - mbedtls_ccm_init(&ctx); TEST_ASSERT(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8) == 0); /* Test with input == output */ TEST_EQUAL(mbedtls_ccm_star_auth_decrypt(&ctx, expected_msg_len, iv, iv_len, @@ -507,6 +507,7 @@ void mbedtls_ccm_skip_ad(int cipher_id, int mode, data_t *result, data_t *tag) { mbedtls_ccm_context ctx; + mbedtls_ccm_init(&ctx); uint8_t *output = NULL; size_t olen; @@ -514,7 +515,6 @@ void mbedtls_ccm_skip_ad(int cipher_id, int mode, TEST_EQUAL(msg->len, result->len); BLOCK_CIPHER_PSA_INIT(); - mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); TEST_EQUAL(0, mbedtls_ccm_set_lengths(&ctx, 0, msg->len, tag->len)); @@ -547,10 +547,10 @@ void mbedtls_ccm_skip_update(int cipher_id, int mode, data_t *tag) { mbedtls_ccm_context ctx; + mbedtls_ccm_init(&ctx); uint8_t *output = NULL; BLOCK_CIPHER_PSA_INIT(); - mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); TEST_EQUAL(0, mbedtls_ccm_set_lengths(&ctx, add->len, 0, tag->len)); @@ -577,9 +577,9 @@ void mbedtls_ccm_overflow_ad(int cipher_id, int mode, data_t *add) { mbedtls_ccm_context ctx; + mbedtls_ccm_init(&ctx); BLOCK_CIPHER_PSA_INIT(); - mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); // use hardcoded values for msg length and tag length. They are not a part of this test @@ -600,9 +600,9 @@ void mbedtls_ccm_unexpected_ad(int cipher_id, int mode, data_t *add) { mbedtls_ccm_context ctx; + mbedtls_ccm_init(&ctx); BLOCK_CIPHER_PSA_INIT(); - mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); // use hardcoded values for msg length and tag length. They are not a part of this test @@ -622,11 +622,11 @@ void mbedtls_ccm_unexpected_text(int cipher_id, int mode, data_t *add) { mbedtls_ccm_context ctx; + mbedtls_ccm_init(&ctx); uint8_t *output = NULL; size_t olen; BLOCK_CIPHER_PSA_INIT(); - mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); // use hardcoded value for tag length. It is not a part of this test @@ -651,10 +651,10 @@ void mbedtls_ccm_incomplete_ad(int cipher_id, int mode, data_t *key, data_t *iv, data_t *add) { mbedtls_ccm_context ctx; + mbedtls_ccm_init(&ctx); uint8_t *output = NULL; BLOCK_CIPHER_PSA_INIT(); - mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); // use hardcoded values for msg length and tag length. They are not a part of this test @@ -680,9 +680,9 @@ void mbedtls_ccm_full_ad_and_overflow(int cipher_id, int mode, data_t *add) { mbedtls_ccm_context ctx; + mbedtls_ccm_init(&ctx); BLOCK_CIPHER_PSA_INIT(); - mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); // use hardcoded values for msg length and tag length. They are not a part of this test @@ -706,13 +706,13 @@ void mbedtls_ccm_incomplete_ad_and_overflow(int cipher_id, int mode, data_t *add) { mbedtls_ccm_context ctx; + mbedtls_ccm_init(&ctx); uint8_t add_second_buffer[2]; add_second_buffer[0] = add->x[add->len - 1]; add_second_buffer[1] = 0xAB; // some magic value BLOCK_CIPHER_PSA_INIT(); - mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); // use hardcoded values for msg length and tag length. They are not a part of this test @@ -735,11 +735,11 @@ void mbedtls_ccm_overflow_update(int cipher_id, int mode, data_t *add) { mbedtls_ccm_context ctx; + mbedtls_ccm_init(&ctx); uint8_t *output = NULL; size_t olen; BLOCK_CIPHER_PSA_INIT(); - mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); // use hardcoded value for tag length. It is a not a part of this test @@ -765,11 +765,11 @@ void mbedtls_ccm_incomplete_update(int cipher_id, int mode, data_t *add) { mbedtls_ccm_context ctx; + mbedtls_ccm_init(&ctx); uint8_t *output = NULL; size_t olen; BLOCK_CIPHER_PSA_INIT(); - mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); // use hardcoded value for tag length. It is not a part of this test @@ -801,11 +801,11 @@ void mbedtls_ccm_full_update_and_overflow(int cipher_id, int mode, data_t *add) { mbedtls_ccm_context ctx; + mbedtls_ccm_init(&ctx); uint8_t *output = NULL; size_t olen; BLOCK_CIPHER_PSA_INIT(); - mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); // use hardcoded value for tag length. It is a not a part of this test @@ -834,6 +834,7 @@ void mbedtls_ccm_incomplete_update_overflow(int cipher_id, int mode, data_t *add) { mbedtls_ccm_context ctx; + mbedtls_ccm_init(&ctx); uint8_t *output = NULL; size_t olen; uint8_t msg_second_buffer[2]; @@ -842,7 +843,6 @@ void mbedtls_ccm_incomplete_update_overflow(int cipher_id, int mode, msg_second_buffer[1] = 0xAB; // some magic value BLOCK_CIPHER_PSA_INIT(); - mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); // use hardcoded value for tag length. It is a not a part of this test @@ -869,10 +869,10 @@ void mbedtls_ccm_instant_finish(int cipher_id, int mode, data_t *key, data_t *iv) { mbedtls_ccm_context ctx; + mbedtls_ccm_init(&ctx); uint8_t *output = NULL; BLOCK_CIPHER_PSA_INIT(); - mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); // use hardcoded values for add length, msg length and tag length.