ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-05-11 17:32:34 +08:00
Code Issues Releases Wiki Activity

Merge pull request #7934 from AgathiyanB/move-declarations-to-top

Browse Source 
Move declarations to top of functions
This commit is contained in:
Dave Rodgman 2023-07-19 15:25:27 +01:00 committed by GitHub
commit 8e8e6b9be3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 43 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
library/bignum.c
View File

@ -900,6 +900,8 @@ int mbedtls_mpi_add_abs(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t j; size_t j;
mbedtls_mpi_uint *p;
mbedtls_mpi_uint c;
MPI_VALIDATE_RET(X != NULL); MPI_VALIDATE_RET(X != NULL);
MPI_VALIDATE_RET(A != NULL); MPI_VALIDATE_RET(A != NULL);
MPI_VALIDATE_RET(B != NULL); MPI_VALIDATE_RET(B != NULL);
@ -933,9 +935,9 @@ int mbedtls_mpi_add_abs(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi
/* j is the number of non-zero limbs of B. Add those to X. */ /* j is the number of non-zero limbs of B. Add those to X. */
mbedtls_mpi_uint *p = X->p; p = X->p;
mbedtls_mpi_uint c = mbedtls_mpi_core_add(p, p, B->p, j); c = mbedtls_mpi_core_add(p, p, B->p, j);
p += j; p += j;

2
library/ecp_curves.c
View File

@ -5658,6 +5658,7 @@ static inline int ecp_mod_koblitz(mbedtls_mpi_uint *X,
size_t shift = bits % biL; size_t shift = bits % biL;
size_t adjust = (shift + biL - 1) / biL; size_t adjust = (shift + biL - 1) / biL;
size_t P_limbs = bits / biL + adjust; size_t P_limbs = bits / biL + adjust;
mbedtls_mpi_uint mask = 0;
mbedtls_mpi_uint *A1 = mbedtls_calloc(P_limbs, ciL); mbedtls_mpi_uint *A1 = mbedtls_calloc(P_limbs, ciL);
if (A1 == NULL) { if (A1 == NULL) {
@ -5673,7 +5674,6 @@ static inline int ecp_mod_koblitz(mbedtls_mpi_uint *X,
goto cleanup; goto cleanup;
} }
mbedtls_mpi_uint mask = 0;
if (adjust != 0) { if (adjust != 0) {
mask = ((mbedtls_mpi_uint) 1 << shift) - 1; mask = ((mbedtls_mpi_uint) 1 << shift) - 1;
} }

51
library/psa_crypto.c
View File

@ -1535,6 +1535,7 @@ psa_status_t psa_export_public_key(mbedtls_svc_key_id_t key,
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot; psa_key_slot_t *slot;
psa_key_attributes_t attributes;
/* Reject a zero-length output buffer now, since this can never be a /* Reject a zero-length output buffer now, since this can never be a
* valid key representation. This way we know that data must be a valid * valid key representation. This way we know that data must be a valid
@ -1560,7 +1561,7 @@ psa_status_t psa_export_public_key(mbedtls_svc_key_id_t key,
goto exit; goto exit;
} }
psa_key_attributes_t attributes = { attributes = (psa_key_attributes_t) {
.core = slot->attr .core = slot->attr
}; };
status = psa_driver_wrapper_export_public_key( status = psa_driver_wrapper_export_public_key(
@ -2509,6 +2510,7 @@ static psa_status_t psa_mac_setup(psa_mac_operation_t *operation,
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot = NULL; psa_key_slot_t *slot = NULL;
psa_key_attributes_t attributes;
/* A context must be freshly initialized before it can be set up. */ /* A context must be freshly initialized before it can be set up. */
if (operation->id != 0) { if (operation->id != 0) {
@ -2525,7 +2527,7 @@ static psa_status_t psa_mac_setup(psa_mac_operation_t *operation,
goto exit; goto exit;
} }
psa_key_attributes_t attributes = { attributes = (psa_key_attributes_t) {
.core = slot->attr .core = slot->attr
}; };
@ -2695,6 +2697,7 @@ static psa_status_t psa_mac_compute_internal(mbedtls_svc_key_id_t key,
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot; psa_key_slot_t *slot;
uint8_t operation_mac_size = 0; uint8_t operation_mac_size = 0;
psa_key_attributes_t attributes;
status = psa_get_and_lock_key_slot_with_policy( status = psa_get_and_lock_key_slot_with_policy(
key, key,
@ -2705,7 +2708,7 @@ static psa_status_t psa_mac_compute_internal(mbedtls_svc_key_id_t key,
goto exit; goto exit;
} }
psa_key_attributes_t attributes = { attributes = (psa_key_attributes_t) {
.core = slot->attr .core = slot->attr
}; };
@ -2831,6 +2834,7 @@ static psa_status_t psa_sign_internal(mbedtls_svc_key_id_t key,
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot; psa_key_slot_t *slot;
psa_key_attributes_t attributes;
*signature_length = 0; *signature_length = 0;
@ -2862,7 +2866,7 @@ static psa_status_t psa_sign_internal(mbedtls_svc_key_id_t key,
goto exit; goto exit;
} }
psa_key_attributes_t attributes = { attributes = (psa_key_attributes_t) {
.core = slot->attr .core = slot->attr
}; };
@ -3165,6 +3169,7 @@ psa_status_t psa_asymmetric_encrypt(mbedtls_svc_key_id_t key,
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot; psa_key_slot_t *slot;
psa_key_attributes_t attributes;
(void) input; (void) input;
(void) input_length; (void) input_length;
@ -3189,7 +3194,7 @@ psa_status_t psa_asymmetric_encrypt(mbedtls_svc_key_id_t key,
goto exit; goto exit;
} }
psa_key_attributes_t attributes = { attributes = (psa_key_attributes_t) {
.core = slot->attr .core = slot->attr
}; };
@ -3216,6 +3221,7 @@ psa_status_t psa_asymmetric_decrypt(mbedtls_svc_key_id_t key,
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot; psa_key_slot_t *slot;
psa_key_attributes_t attributes;
(void) input; (void) input;
(void) input_length; (void) input_length;
@ -3239,7 +3245,7 @@ psa_status_t psa_asymmetric_decrypt(mbedtls_svc_key_id_t key,
goto exit; goto exit;
} }
psa_key_attributes_t attributes = { attributes = (psa_key_attributes_t) {
.core = slot->attr .core = slot->attr
}; };
@ -3313,6 +3319,7 @@ psa_status_t psa_sign_hash_start(
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot; psa_key_slot_t *slot;
psa_key_attributes_t attributes;
/* Check that start has not been previously called, or operation has not /* Check that start has not been previously called, or operation has not
* previously errored. */ * previously errored. */
@ -3339,7 +3346,7 @@ psa_status_t psa_sign_hash_start(
goto exit; goto exit;
} }
psa_key_attributes_t attributes = { attributes = (psa_key_attributes_t) {
.core = slot->attr .core = slot->attr
}; };
@ -4020,6 +4027,7 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation,
psa_key_usage_t usage = (cipher_operation == MBEDTLS_ENCRYPT ? psa_key_usage_t usage = (cipher_operation == MBEDTLS_ENCRYPT ?
PSA_KEY_USAGE_ENCRYPT : PSA_KEY_USAGE_ENCRYPT :
PSA_KEY_USAGE_DECRYPT); PSA_KEY_USAGE_DECRYPT);
psa_key_attributes_t attributes;
/* A context must be freshly initialized before it can be set up. */ /* A context must be freshly initialized before it can be set up. */
if (operation->id != 0) { if (operation->id != 0) {
@ -4049,7 +4057,7 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation,
} }
operation->default_iv_length = PSA_CIPHER_IV_LENGTH(slot->attr.type, alg); operation->default_iv_length = PSA_CIPHER_IV_LENGTH(slot->attr.type, alg);
psa_key_attributes_t attributes = { attributes = (psa_key_attributes_t) {
.core = slot->attr .core = slot->attr
}; };
@ -4275,6 +4283,7 @@ psa_status_t psa_cipher_encrypt(mbedtls_svc_key_id_t key,
psa_key_slot_t *slot = NULL; psa_key_slot_t *slot = NULL;
uint8_t local_iv[PSA_CIPHER_IV_MAX_SIZE]; uint8_t local_iv[PSA_CIPHER_IV_MAX_SIZE];
size_t default_iv_length = 0; size_t default_iv_length = 0;
psa_key_attributes_t attributes;
if (!PSA_ALG_IS_CIPHER(alg)) { if (!PSA_ALG_IS_CIPHER(alg)) {
status = PSA_ERROR_INVALID_ARGUMENT; status = PSA_ERROR_INVALID_ARGUMENT;
@ -4288,7 +4297,7 @@ psa_status_t psa_cipher_encrypt(mbedtls_svc_key_id_t key,
goto exit; goto exit;
} }
psa_key_attributes_t attributes = { attributes = (psa_key_attributes_t) {
.core = slot->attr .core = slot->attr
}; };
@ -4345,6 +4354,7 @@ psa_status_t psa_cipher_decrypt(mbedtls_svc_key_id_t key,
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot = NULL; psa_key_slot_t *slot = NULL;
psa_key_attributes_t attributes;
if (!PSA_ALG_IS_CIPHER(alg)) { if (!PSA_ALG_IS_CIPHER(alg)) {
status = PSA_ERROR_INVALID_ARGUMENT; status = PSA_ERROR_INVALID_ARGUMENT;
@ -4358,7 +4368,7 @@ psa_status_t psa_cipher_decrypt(mbedtls_svc_key_id_t key,
goto exit; goto exit;
} }
psa_key_attributes_t attributes = { attributes = (psa_key_attributes_t) {
.core = slot->attr .core = slot->attr
}; };
@ -4612,6 +4622,7 @@ static psa_status_t psa_aead_setup(psa_aead_operation_t *operation,
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot = NULL; psa_key_slot_t *slot = NULL;
psa_key_usage_t key_usage = 0; psa_key_usage_t key_usage = 0;
psa_key_attributes_t attributes;
status = psa_aead_check_algorithm(alg); status = psa_aead_check_algorithm(alg);
if (status != PSA_SUCCESS) { if (status != PSA_SUCCESS) {
@ -4641,7 +4652,7 @@ static psa_status_t psa_aead_setup(psa_aead_operation_t *operation,
goto exit; goto exit;
} }
psa_key_attributes_t attributes = { attributes = (psa_key_attributes_t) {
.core = slot->attr .core = slot->attr
}; };
@ -5789,6 +5800,8 @@ static psa_status_t psa_generate_derived_ecc_key_weierstrass_helper(
mbedtls_mpi diff_N_2; mbedtls_mpi diff_N_2;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
size_t m;
size_t m_bytes;
mbedtls_mpi_init(&k); mbedtls_mpi_init(&k);
mbedtls_mpi_init(&diff_N_2); mbedtls_mpi_init(&diff_N_2);
@ -5810,9 +5823,9 @@ static psa_status_t psa_generate_derived_ecc_key_weierstrass_helper(
/* N is the boundary of the private key domain (ecp_group.N). */ /* N is the boundary of the private key domain (ecp_group.N). */
/* Let m be the bit size of N. */ /* Let m be the bit size of N. */
size_t m = ecp_group.nbits; m = ecp_group.nbits;
size_t m_bytes = PSA_BITS_TO_BYTES(m); m_bytes = PSA_BITS_TO_BYTES(m);
/* Calculate N - 2 - it will be needed later. */ /* Calculate N - 2 - it will be needed later. */
MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&diff_N_2, &ecp_group.N, 2)); MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&diff_N_2, &ecp_group.N, 2));
@ -5965,6 +5978,7 @@ static psa_status_t psa_generate_derived_key_internal(
size_t bytes = PSA_BITS_TO_BYTES(bits); size_t bytes = PSA_BITS_TO_BYTES(bits);
size_t storage_size = bytes; size_t storage_size = bytes;
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_attributes_t attributes;
if (PSA_KEY_TYPE_IS_PUBLIC_KEY(slot->attr.type)) { if (PSA_KEY_TYPE_IS_PUBLIC_KEY(slot->attr.type)) {
return PSA_ERROR_INVALID_ARGUMENT; return PSA_ERROR_INVALID_ARGUMENT;
@ -6013,7 +6027,7 @@ static psa_status_t psa_generate_derived_key_internal(
} }
slot->attr.bits = (psa_key_bits_t) bits; slot->attr.bits = (psa_key_bits_t) bits;
psa_key_attributes_t attributes = { attributes = (psa_key_attributes_t) {
.core = slot->attr .core = slot->attr
}; };
@ -7114,6 +7128,7 @@ psa_status_t psa_raw_key_agreement(psa_algorithm_t alg,
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot = NULL; psa_key_slot_t *slot = NULL;
size_t expected_length;
if (!PSA_ALG_IS_KEY_AGREEMENT(alg)) { if (!PSA_ALG_IS_KEY_AGREEMENT(alg)) {
status = PSA_ERROR_INVALID_ARGUMENT; status = PSA_ERROR_INVALID_ARGUMENT;
@ -7133,7 +7148,7 @@ psa_status_t psa_raw_key_agreement(psa_algorithm_t alg,
* PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE() is exact so the point is moot. * PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE() is exact so the point is moot.
* If FFDH is implemented, PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE() can easily * If FFDH is implemented, PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE() can easily
* be exact for it as well. */ * be exact for it as well. */
size_t expected_length = expected_length =
PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(slot->attr.type, slot->attr.bits); PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(slot->attr.type, slot->attr.bits);
if (output_size < expected_length) { if (output_size < expected_length) {
status = PSA_ERROR_BUFFER_TOO_SMALL; status = PSA_ERROR_BUFFER_TOO_SMALL;
@ -7789,6 +7804,8 @@ psa_status_t psa_pake_set_password_key(
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot = NULL; psa_key_slot_t *slot = NULL;
psa_key_attributes_t attributes;
psa_key_type_t type;
if (operation->stage != PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) { if (operation->stage != PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) {
status = PSA_ERROR_BAD_STATE; status = PSA_ERROR_BAD_STATE;
@ -7802,11 +7819,11 @@ psa_status_t psa_pake_set_password_key(
goto exit; goto exit;
} }
psa_key_attributes_t attributes = { attributes = (psa_key_attributes_t) {
.core = slot->attr .core = slot->attr
}; };
psa_key_type_t type = psa_get_key_type(&attributes); type = psa_get_key_type(&attributes);
if (type != PSA_KEY_TYPE_PASSWORD && if (type != PSA_KEY_TYPE_PASSWORD &&
type != PSA_KEY_TYPE_PASSWORD_HASH) { type != PSA_KEY_TYPE_PASSWORD_HASH) {

6
tests/src/test_helpers/ssl_helpers.c
View File

@ -930,13 +930,14 @@ int mbedtls_ssl_write_fragment(mbedtls_ssl_context *ssl,
int *written, int *written,
const int expected_fragments) const int expected_fragments)
{ {
int ret;
/* Verify that calling mbedtls_ssl_write with a NULL buffer and zero length is /* Verify that calling mbedtls_ssl_write with a NULL buffer and zero length is
* a valid no-op for TLS connections. */ * a valid no-op for TLS connections. */
if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
TEST_ASSERT(mbedtls_ssl_write(ssl, NULL, 0) == 0); TEST_ASSERT(mbedtls_ssl_write(ssl, NULL, 0) == 0);
} }
int ret = mbedtls_ssl_write(ssl, buf + *written, buf_len - *written); ret = mbedtls_ssl_write(ssl, buf + *written, buf_len - *written);
if (ret > 0) { if (ret > 0) {
*written += ret; *written += ret;
} }
@ -976,13 +977,14 @@ int mbedtls_ssl_read_fragment(mbedtls_ssl_context *ssl,
int *read, int *fragments, int *read, int *fragments,
const int expected_fragments) const int expected_fragments)
{ {
int ret;
/* Verify that calling mbedtls_ssl_write with a NULL buffer and zero length is /* Verify that calling mbedtls_ssl_write with a NULL buffer and zero length is
* a valid no-op for TLS connections. */ * a valid no-op for TLS connections. */
if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
TEST_ASSERT(mbedtls_ssl_read(ssl, NULL, 0) == 0); TEST_ASSERT(mbedtls_ssl_read(ssl, NULL, 0) == 0);
} }
int ret = mbedtls_ssl_read(ssl, buf + *read, buf_len - *read); ret = mbedtls_ssl_read(ssl, buf + *read, buf_len - *read);
if (ret > 0) { if (ret > 0) {
(*fragments)++; (*fragments)++;
*read += ret; *read += ret;