From be0c2f9183457702df1d33749e8f018e0d546dd9 Mon Sep 17 00:00:00 2001 From: Raef Coles Date: Fri, 7 Oct 2022 11:27:35 +0100 Subject: [PATCH] Update LMS local variable allocation To use a default failure value, and to avoid a call to psa_hash_operation_init() Signed-off-by: Raef Coles --- library/lmots.c | 22 ++++++++-------------- library/lms.c | 4 ++-- 2 files changed, 10 insertions(+), 16 deletions(-) diff --git a/library/lmots.c b/library/lmots.c index 055db8fb3..504da2e5d 100644 --- a/library/lmots.c +++ b/library/lmots.c @@ -152,13 +152,12 @@ static int create_digit_array_with_checksum( const mbedtls_lmots_parameters_t *p const unsigned char *C_random_value, unsigned char *out ) { - psa_hash_operation_t op; - psa_status_t status; + psa_hash_operation_t op = PSA_HASH_OPERATION_INIT; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; size_t output_hash_len; unsigned short checksum; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - op = psa_hash_operation_init( ); status = psa_hash_setup( &op, PSA_ALG_SHA_256 ); ret = mbedtls_lms_error_from_psa( status ); if( ret != 0 ) @@ -250,14 +249,12 @@ static int hash_digit_array( const mbedtls_lmots_parameters_t *params, unsigned char j_hash_idx_bytes[J_HASH_IDX_LEN]; unsigned int j_hash_idx_min; unsigned int j_hash_idx_max; - psa_hash_operation_t op; - psa_status_t status; + psa_hash_operation_t op = PSA_HASH_OPERATION_INIT; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; size_t output_hash_len; unsigned char tmp_hash[MBEDTLS_LMOTS_N_HASH_LEN_MAX]; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - op = psa_hash_operation_init( ); - for ( i_digit_idx = 0; i_digit_idx < MBEDTLS_LMOTS_P_SIG_DIGIT_COUNT(params->type); i_digit_idx++ ) @@ -361,12 +358,11 @@ static int public_key_from_hashed_digit_array( const mbedtls_lmots_parameters_t const unsigned char *y_hashed_digits, unsigned char *pub_key ) { - psa_hash_operation_t op; - psa_status_t status; + psa_hash_operation_t op = PSA_HASH_OPERATION_INIT; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; size_t output_hash_len; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - op = psa_hash_operation_init( ); status = psa_hash_setup( &op, PSA_ALG_SHA_256 ); ret = mbedtls_lms_error_from_psa( status ); if( ret != 0 ) @@ -587,8 +583,8 @@ int mbedtls_lmots_generate_private_key( mbedtls_lmots_private_t *ctx, const unsigned char *seed, size_t seed_size ) { - psa_hash_operation_t op; - psa_status_t status; + psa_hash_operation_t op = PSA_HASH_OPERATION_INIT; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; size_t output_hash_len; unsigned int i_digit_idx; unsigned char i_digit_idx_bytes[2]; @@ -605,8 +601,6 @@ int mbedtls_lmots_generate_private_key( mbedtls_lmots_private_t *ctx, return( MBEDTLS_ERR_LMS_BAD_INPUT_DATA ); } - op = psa_hash_operation_init( ); - ctx->params.type = type; memcpy( ctx->params.I_key_identifier, diff --git a/library/lms.c b/library/lms.c index 50e6434b7..93aaca1af 100644 --- a/library/lms.c +++ b/library/lms.c @@ -107,7 +107,7 @@ static int create_merkle_leaf_value( const mbedtls_lms_parameters_t *params, unsigned char *out ) { psa_hash_operation_t op; - psa_status_t status; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; size_t output_hash_len; unsigned char r_node_idx_bytes[4]; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -182,7 +182,7 @@ static int create_merkle_internal_value( const mbedtls_lms_parameters_t *params, unsigned char *out ) { psa_hash_operation_t op; - psa_status_t status; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; size_t output_hash_len; unsigned char r_node_idx_bytes[4]; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;