feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

wolfcrypt/wolfssl: tests: adding missing wc_Aes*Free()

Browse Source 
In some Aes implementation this may leak resources
This commit is contained in:
Marco Oliverio
2021-12-29 14:20:24 +01:00
parent 67b27f64d0
commit 7edc916057
3 changed files with 32 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
tests/api.c
View File

@@ -14998,16 +14998,21 @@ static int test_wc_InitCmac (void)
ret = wc_InitCmac(&cmac1, key1, key1Sz, type, NULL); ret = wc_InitCmac(&cmac1, key1, key1Sz, type, NULL);
#endif #endif
#ifdef WOLFSSL_AES_192 #ifdef WOLFSSL_AES_192
if (ret == 0) if (ret == 0) {
wc_AesFree(&cmac1.aes);
ret = wc_InitCmac(&cmac2, key2, key2Sz, type, NULL); ret = wc_InitCmac(&cmac2, key2, key2Sz, type, NULL);
}
#endif #endif
#ifdef WOLFSSL_AES_256 #ifdef WOLFSSL_AES_256
if (ret == 0) if (ret == 0) {
wc_AesFree(&cmac2.aes);
ret = wc_InitCmac(&cmac3, key3, key3Sz, type, NULL); ret = wc_InitCmac(&cmac3, key3, key3Sz, type, NULL);
}
#endif #endif
/* Test bad args. */ /* Test bad args. */
if (ret == 0) { if (ret == 0) {
wc_AesFree(&cmac3.aes);
ret = wc_InitCmac(NULL, key3, key3Sz, type, NULL); ret = wc_InitCmac(NULL, key3, key3Sz, type, NULL);
if (ret == BAD_FUNC_ARG) { if (ret == BAD_FUNC_ARG) {
ret = wc_InitCmac(&cmac3, NULL, key3Sz, type, NULL); ret = wc_InitCmac(&cmac3, NULL, key3Sz, type, NULL);
@@ -15084,6 +15089,7 @@ static int test_wc_CmacUpdate (void)
} else if (ret == 0) { } else if (ret == 0) {
ret = WOLFSSL_FATAL_ERROR; ret = WOLFSSL_FATAL_ERROR;
} }
wc_AesFree(&cmac.aes);
} }
printf(resultFmt, ret == 0 ? passed : failed); printf(resultFmt, ret == 0 ? passed : failed);
@@ -15205,6 +15211,8 @@ static int test_wc_AesCmacGenerate (void)
ret = wc_CmacUpdate(&cmac, msg, msgSz); ret = wc_CmacUpdate(&cmac, msg, msgSz);
if (ret != 0) { if (ret != 0) {
return ret; return ret;
} else {
wc_AesFree(&cmac.aes);
} }
printf(testingFmt, "wc_AesCmacGenerate()"); printf(testingFmt, "wc_AesCmacGenerate()");
@@ -17489,7 +17497,9 @@ static int test_wc_GmacUpdate (void)
if (ret == 0) { if (ret == 0) {
ret = XMEMCMP(tag1, tagOut, sizeof(tag1)); ret = XMEMCMP(tag1, tagOut, sizeof(tag1));
} }
wc_AesFree(&gmac.aes);
} }
#endif #endif
#ifdef WOLFSSL_AES_192 #ifdef WOLFSSL_AES_192
@@ -17503,6 +17513,7 @@ static int test_wc_GmacUpdate (void)
} }
if (ret == 0) { if (ret == 0) {
ret = XMEMCMP(tagOut2, tag2, sizeof(tag2)); ret = XMEMCMP(tagOut2, tag2, sizeof(tag2));
wc_AesFree(&gmac.aes);
} }
#endif #endif

15
wolfcrypt/test/test.c
View File

@@ -7007,6 +7007,8 @@ EVP_TEST_END:
out: out:
wc_AesFree(enc);
wc_AesFree(dec);
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
if (enc) if (enc)
XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES); XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES);
@@ -8043,6 +8045,8 @@ static int aes_xts_128_test(void)
ERROR_OUT(-5402, out); ERROR_OUT(-5402, out);
XMEMSET(buf, 0, sizeof(buf)); XMEMSET(buf, 0, sizeof(buf));
wc_AesXtsFree(aes);
if (wc_AesXtsSetKey(aes, k1, sizeof(k1), AES_ENCRYPTION, if (wc_AesXtsSetKey(aes, k1, sizeof(k1), AES_ENCRYPTION,
HEAP_HINT, devId) != 0) HEAP_HINT, devId) != 0)
ERROR_OUT(-5403, out); ERROR_OUT(-5403, out);
@@ -8089,6 +8093,7 @@ static int aes_xts_128_test(void)
ERROR_OUT(-5410, out); ERROR_OUT(-5410, out);
if (XMEMCMP(p1, buf, AES_BLOCK_SIZE)) if (XMEMCMP(p1, buf, AES_BLOCK_SIZE))
ERROR_OUT(-5411, out); ERROR_OUT(-5411, out);
wc_AesXtsFree(aes);
/* fail case with decrypting using wrong key */ /* fail case with decrypting using wrong key */
XMEMSET(buf, 0, sizeof(buf)); XMEMSET(buf, 0, sizeof(buf));
@@ -8243,6 +8248,7 @@ static int aes_xts_256_test(void)
ERROR_OUT(-5501, out); ERROR_OUT(-5501, out);
if (XMEMCMP(c2, buf, sizeof(c2))) if (XMEMCMP(c2, buf, sizeof(c2)))
ERROR_OUT(-5502, out); ERROR_OUT(-5502, out);
wc_AesXtsFree(aes);
XMEMSET(buf, 0, sizeof(buf)); XMEMSET(buf, 0, sizeof(buf));
if (wc_AesXtsSetKey(aes, k1, sizeof(k1), AES_ENCRYPTION, if (wc_AesXtsSetKey(aes, k1, sizeof(k1), AES_ENCRYPTION,
@@ -8291,6 +8297,7 @@ static int aes_xts_256_test(void)
ERROR_OUT(-5510, out); ERROR_OUT(-5510, out);
if (XMEMCMP(p1, buf, AES_BLOCK_SIZE)) if (XMEMCMP(p1, buf, AES_BLOCK_SIZE))
ERROR_OUT(-5511, out); ERROR_OUT(-5511, out);
wc_AesXtsFree(aes);
XMEMSET(buf, 0, sizeof(buf)); XMEMSET(buf, 0, sizeof(buf));
if (wc_AesXtsSetKey(aes, k2, sizeof(k2), AES_DECRYPTION, if (wc_AesXtsSetKey(aes, k2, sizeof(k2), AES_DECRYPTION,
@@ -8398,6 +8405,7 @@ static int aes_xts_sector_test(void)
ERROR_OUT(-5601, out); ERROR_OUT(-5601, out);
if (XMEMCMP(c1, buf, AES_BLOCK_SIZE)) if (XMEMCMP(c1, buf, AES_BLOCK_SIZE))
ERROR_OUT(-5602, out); ERROR_OUT(-5602, out);
wc_AesXtsFree(aes);
/* decrypt test */ /* decrypt test */
XMEMSET(buf, 0, sizeof(buf)); XMEMSET(buf, 0, sizeof(buf));
@@ -8427,6 +8435,7 @@ static int aes_xts_sector_test(void)
ERROR_OUT(-5607, out); ERROR_OUT(-5607, out);
if (XMEMCMP(c2, buf, sizeof(c2))) if (XMEMCMP(c2, buf, sizeof(c2)))
ERROR_OUT(-5608, out); ERROR_OUT(-5608, out);
wc_AesXtsFree(aes);
/* decrypt test */ /* decrypt test */
XMEMSET(buf, 0, sizeof(buf)); XMEMSET(buf, 0, sizeof(buf));
@@ -10399,7 +10408,7 @@ WOLFSSL_TEST_SUBROUTINE int gmac_test(void)
#endif #endif
XMEMSET(gmac, 0, sizeof *gmac); /* clear context */ XMEMSET(gmac, 0, sizeof *gmac); /* clear context */
(void)wc_AesInit((Aes*)gmac, HEAP_HINT, INVALID_DEVID); /* Make sure devId updated */ (void)wc_AesInit(&gmac->aes, HEAP_HINT, INVALID_DEVID); /* Make sure devId updated */
XMEMSET(tag, 0, sizeof(tag)); XMEMSET(tag, 0, sizeof(tag));
wc_GmacSetKey(gmac, k1, sizeof(k1)); wc_GmacSetKey(gmac, k1, sizeof(k1));
wc_GmacUpdate(gmac, iv1, sizeof(iv1), a1, sizeof(a1), tag, sizeof(t1)); wc_GmacUpdate(gmac, iv1, sizeof(iv1), a1, sizeof(a1), tag, sizeof(t1));
@@ -10460,6 +10469,7 @@ WOLFSSL_TEST_SUBROUTINE int gmac_test(void)
ret = 0; ret = 0;
out: out:
wc_AesFree(&gmac->aes);
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
XFREE(gmac, HEAP_HINT, DYNAMIC_TYPE_AES); XFREE(gmac, HEAP_HINT, DYNAMIC_TYPE_AES);
#endif #endif
@@ -10613,6 +10623,7 @@ WOLFSSL_TEST_SUBROUTINE int aesccm_test(void)
XMEMSET(c2, 0, sizeof(c2)); XMEMSET(c2, 0, sizeof(c2));
if (XMEMCMP(p2, c2, sizeof(p2))) if (XMEMCMP(p2, c2, sizeof(p2)))
ERROR_OUT(-6507, out); ERROR_OUT(-6507, out);
wc_AesFree(enc);
XMEMSET(enc, 0, sizeof(Aes)); /* clear context */ XMEMSET(enc, 0, sizeof(Aes)); /* clear context */
XMEMSET(t2, 0, sizeof(t2)); XMEMSET(t2, 0, sizeof(t2));
@@ -10726,6 +10737,8 @@ WOLFSSL_TEST_SUBROUTINE int aesccm_test(void)
if (result != 0) if (result != 0)
ERROR_OUT(-6526, out); ERROR_OUT(-6526, out);
wc_AesFree(enc);
ret = 0; ret = 0;
out: out:

5
wolfssl/test.h
View File

@@ -3579,6 +3579,11 @@ static WC_INLINE void FreeAtomicUser(WOLFSSL* ssl)
/* Encrypt-Then-MAC callbacks use same contexts. */ /* Encrypt-Then-MAC callbacks use same contexts. */
if (encCtx->keySetup == 1)
wc_AesFree(&encCtx->aes);
if (decCtx->keySetup == 1)
wc_AesFree(&decCtx->aes);
free(decCtx); free(decCtx);
free(encCtx); free(encCtx);
} }