From 1493b94b27b825d2bef88cf913ba23406ca00909 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Thu, 19 Sep 2019 11:34:59 -0700
Subject: [PATCH] Eliminate async NUMA allocation for `wc_ecc_gen_k`.
 Additional DECLARE_VAR checks. Improve `mp_rand` to avoid alloc in async
 case.

---
 wolfcrypt/src/ecc.c       |  7 -------
 wolfcrypt/src/random.c    | 10 +++++++++-
 wolfcrypt/src/wolfmath.c  | 20 +++++++-------------
 wolfssl/wolfcrypt/types.h |  0
 4 files changed, 16 insertions(+), 21 deletions(-)
 mode change 100755 => 100644 wolfssl/wolfcrypt/types.h

diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c
index 6eda8490b..06863a4a8 100644
--- a/wolfcrypt/src/ecc.c
+++ b/wolfcrypt/src/ecc.c
@@ -3815,11 +3815,7 @@ static int wc_ecc_gen_k(WC_RNG* rng, int size, mp_int* k, mp_int* order)
 {
 #ifndef WC_NO_RNG
     int err;
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC)
-    DECLARE_VAR(buf, byte, ECC_MAXSIZE_GEN, rng->heap);
-#else
     byte buf[ECC_MAXSIZE_GEN];
-#endif
 
     /*generate 8 extra bytes to mitigate bias from the modulo operation below*/
     /*see section A.1.2 in 'Suite B Implementor's Guide to FIPS 186-3 (ECDSA)'*/
@@ -3846,9 +3842,6 @@ static int wc_ecc_gen_k(WC_RNG* rng, int size, mp_int* k, mp_int* order)
     }
 
     ForceZero(buf, ECC_MAXSIZE);
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC)
-    FREE_VAR(buf, rng->heap);
-#endif
 
     return err;
 #else
diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c
index 6b0d5dafc..7718edbdc 100644
--- a/wolfcrypt/src/random.c
+++ b/wolfcrypt/src/random.c
@@ -311,6 +311,8 @@ static int Hash_df(DRBG* drbg, byte* out, word32 outSz, byte type,
 #endif
 #ifdef WC_ASYNC_ENABLE_SHA256
     DECLARE_VAR(digest, byte, WC_SHA256_DIGEST_SIZE, drbg->heap);
+    if (digest == NULL)
+        return MEMORY_E;
 #else
     byte digest[WC_SHA256_DIGEST_SIZE];
 #endif
@@ -443,6 +445,8 @@ static int Hash_gen(DRBG* drbg, byte* out, word32 outSz, const byte* V)
 #endif
 #ifdef WC_ASYNC_ENABLE_SHA256
     DECLARE_VAR(digest, byte, WC_SHA256_DIGEST_SIZE, drbg->heap);
+    if (digest == NULL)
+        return MEMORY_E;
 #else
     byte digest[WC_SHA256_DIGEST_SIZE];
 #endif
@@ -551,6 +555,8 @@ static int Hash_DRBG_Generate(DRBG* drbg, byte* out, word32 outSz)
     } else {
     #ifdef WC_ASYNC_ENABLE_SHA256
         DECLARE_VAR(digest, byte, WC_SHA256_DIGEST_SIZE, drbg->heap);
+        if (digest == NULL)
+            return MEMORY_E;
     #else
         byte digest[WC_SHA256_DIGEST_SIZE];
     #endif
@@ -749,6 +755,8 @@ static int _InitRng(WC_RNG* rng, byte* nonce, word32 nonceSz,
     if (wc_RNG_HealthTestLocal(0) == 0) {
     #ifdef WC_ASYNC_ENABLE_SHA256
         DECLARE_VAR(seed, byte, MAX_SEED_SZ, rng->heap);
+        if (seed == NULL)
+            return MEMORY_E;
     #else
         byte seed[MAX_SEED_SZ];
     #endif
@@ -2180,7 +2188,7 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
                 word32 len = sizeof(rand);
                 if (sz < len)
                     len = sz;
-                /* Get one random 32-bit word from hw RNG */  
+                /* Get one random 32-bit word from hw RNG */
                 rand = esp_random( );
                 XMEMCPY(output, &rand, len);
                 output += len;
diff --git a/wolfcrypt/src/wolfmath.c b/wolfcrypt/src/wolfmath.c
index 04863dc86..e3057c6a3 100644
--- a/wolfcrypt/src/wolfmath.c
+++ b/wolfcrypt/src/wolfmath.c
@@ -97,17 +97,13 @@ int get_rand_digit(WC_RNG* rng, mp_digit* d)
 int mp_rand(mp_int* a, int digits, WC_RNG* rng)
 {
     int ret = 0;
-    DECLARE_VAR(d, mp_digit, 1, rng ? rng->heap : NULL);
+    mp_digit d;
 
     if (rng == NULL) {
         ret = MISSING_RNG_E; goto exit;
     }
 
-    if (a == NULL
-    #ifdef WOLFSSL_ASYNC_CRYPT
-        || d == NULL
-    #endif
-    ) {
+    if (a == NULL) {
         ret = BAD_FUNC_ARG; goto exit;
     }
 
@@ -118,13 +114,13 @@ int mp_rand(mp_int* a, int digits, WC_RNG* rng)
 
     /* first place a random non-zero digit */
     do {
-        ret = get_rand_digit(rng, d);
+        ret = get_rand_digit(rng, &d);
         if (ret != 0) {
             goto exit;
         }
-    } while (*d == 0);
+    } while (d == 0);
 
-    if ((ret = mp_add_d(a, *d, a)) != MP_OKAY) {
+    if ((ret = mp_add_d(a, d, a)) != MP_OKAY) {
         goto exit;
     }
 
@@ -132,17 +128,15 @@ int mp_rand(mp_int* a, int digits, WC_RNG* rng)
         if ((ret = mp_lshd(a, 1)) != MP_OKAY) {
             goto exit;
         }
-        if ((ret = get_rand_digit(rng, d)) != 0) {
+        if ((ret = get_rand_digit(rng, &d)) != 0) {
             goto exit;
         }
-        if ((ret = mp_add_d(a, *d, a)) != MP_OKAY) {
+        if ((ret = mp_add_d(a, d, a)) != MP_OKAY) {
             goto exit;
         }
     }
 
 exit:
-    FREE_VAR(d, rng ? rng->heap : NULL);
-
     return ret;
 }
 #endif /* WC_RSA_BLINDING */
diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h
old mode 100755
new mode 100644