commit 3a4f0e3cc4bb8a289b724f415c10dd83cd2b9ffe
author Ronald Cron <ronald.cron@arm.com> Thu Nov 19 17:55:23 2020 +0100
committer Ronald Cron <ronald.cron@arm.com> Fri Nov 20 13:57:26 2020 +0100
tree 1b5b66f3057314e0f23bd1c898a88fa484fd8dde
parent 1d12d87d18d38db568b307c6971d41cc371367ef

tests: psa: Reset key attributes where needed

After a call to psa_get_key_attributes() to retrieve
the attributes of a key into a psa_key_attributes_t
structure, a call to psa_reset_key_attributes() is
mandated to free the resources that may be
referenced by the psa_key_attributes_t structure.
Not calling psa_reset_key_attributes() may result in
a memory leak.

When a test function calls psa_get_key_parameters()
the associated key attributes are systematically
reset in the clean-up part of the function with a
comment to emphasize the need for the reset and make
it more visible.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>

tests/suites/test_suite_psa_crypto.function

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index b03df3d..8e71610 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -292,7 +292,12 @@
     ok = 1;
 
 exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
     psa_reset_key_attributes( &attributes );
+
     return( ok );
 }
 
@@ -445,6 +450,7 @@
             iv_length = PSA_BLOCK_CIPHER_BLOCK_SIZE(
                 psa_get_key_type( &attributes ) );
             maybe_invalid_padding = ! PSA_ALG_IS_STREAM_CIPHER( alg );
+            psa_reset_key_attributes( &attributes );
         }
         PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) );
         PSA_ASSERT( psa_cipher_set_iv( &operation,
@@ -717,8 +723,13 @@
         operation, PSA_KEY_DERIVATION_INPUT_SECRET, key,
         public_key, public_key_length );
 exit:
-    mbedtls_free( public_key );
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
     psa_reset_key_attributes( &attributes );
+
+    mbedtls_free( public_key );
     return( status );
 }
 
@@ -754,8 +765,13 @@
                                     public_key, public_key_length,
                                     output, sizeof( output ), &output_length );
 exit:
-    mbedtls_free( public_key );
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
     psa_reset_key_attributes( &attributes );
+
+    mbedtls_free( public_key );
     return( status );
 }
 
@@ -1033,8 +1049,13 @@
                                     exported, exported_length );
 
 exit:
-    mbedtls_free( exported );
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
     psa_reset_key_attributes( &attributes );
+
+    mbedtls_free( exported );
     return( ok );
 }
 
@@ -1069,8 +1090,13 @@
                                     exported, exported_length );
 
 exit:
-    mbedtls_free( exported );
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
     psa_reset_key_attributes( &attributes );
+
+    mbedtls_free( exported );
     return( ok );
 }
 
@@ -1205,7 +1231,12 @@
     ok = 1;
 
 exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
     psa_reset_key_attributes( &attributes );
+
     return( ok );
 }
 
@@ -1479,8 +1510,13 @@
     test_operations_on_invalid_key( key );
 
 exit:
-    psa_destroy_key( key );
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
     psa_reset_key_attributes( &got_attributes );
+
+    psa_destroy_key( key );
     PSA_DONE( );
 }
 /* END_CASE */
@@ -1518,8 +1554,13 @@
     test_operations_on_invalid_key( key );
 
 exit:
-    psa_destroy_key( key );
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
     psa_reset_key_attributes( &got_attributes );
+
+    psa_destroy_key( key );
     PSA_DONE( );
 }
 /* END_CASE */
@@ -1567,6 +1608,12 @@
     }
 
 exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes( &attributes );
+
     psa_destroy_key( key );
     PSA_DONE( );
     mbedtls_free( buffer );
@@ -1696,9 +1743,14 @@
     test_operations_on_invalid_key( key );
 
 exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes( &got_attributes );
+
     mbedtls_free( exported );
     mbedtls_free( reexported );
-    psa_reset_key_attributes( &got_attributes );
     PSA_DONE( );
 }
 /* END_CASE */
@@ -1749,9 +1801,14 @@
     }
 
 exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes( &attributes );
+
     mbedtls_free( exported );
     psa_destroy_key( key );
-    psa_reset_key_attributes( &attributes );
     PSA_DONE( );
 }
 /* END_CASE */
@@ -1792,8 +1849,14 @@
     test_operations_on_invalid_key( key );
 
 exit:
-    psa_destroy_key( key );
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
     psa_reset_key_attributes( &got_attributes );
+
+    psa_reset_key_attributes( &attributes );
+    psa_destroy_key( key );
     PSA_DONE( );
 }
 /* END_CASE */
@@ -1832,8 +1895,13 @@
     TEST_EQUAL( psa_get_key_algorithm( &attributes ), expected_alg );
 
 exit:
-    psa_destroy_key( key );
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
     psa_reset_key_attributes( &attributes );
+
+    psa_destroy_key( key );
     PSA_DONE( );
 }
 /* END_CASE */
@@ -2087,8 +2155,13 @@
         TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
 
 exit:
-    psa_destroy_key( key );
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
     psa_reset_key_attributes( &attributes );
+
+    psa_destroy_key( key );
     PSA_DONE( );
     mbedtls_free( buffer );
 }
@@ -2265,6 +2338,12 @@
         goto exit;
 
 exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes( &got_attributes );
+
     psa_destroy_key( key );
     PSA_DONE( );
 }
@@ -2385,8 +2464,13 @@
     PSA_ASSERT( psa_destroy_key( target_key ) );
 
 exit:
+    /*
+     * Source and target key attributes may have been returned by
+     * psa_get_key_attributes() thus reset them as required.
+     */
     psa_reset_key_attributes( &source_attributes );
     psa_reset_key_attributes( &target_attributes );
+
     PSA_DONE( );
     mbedtls_free( export_buffer );
 }
@@ -4138,7 +4222,12 @@
 #endif /* MBEDTLS_TEST_DEPRECATED */
 
 exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
     psa_reset_key_attributes( &attributes );
+
     psa_destroy_key( key );
     mbedtls_free( signature );
     PSA_DONE( );
@@ -4259,7 +4348,12 @@
     }
 
 exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
     psa_reset_key_attributes( &attributes );
+
     psa_destroy_key( key );
     mbedtls_free( signature );
     PSA_DONE( );
@@ -4409,7 +4503,12 @@
     }
 
 exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
     psa_reset_key_attributes( &attributes );
+
     psa_destroy_key( key );
     mbedtls_free( output );
     PSA_DONE( );
@@ -4473,7 +4572,12 @@
                     output2, output2_length );
 
 exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
     psa_reset_key_attributes( &attributes );
+
     psa_destroy_key( key );
     mbedtls_free( output );
     mbedtls_free( output2 );
@@ -5080,8 +5184,13 @@
         goto exit;
 
 exit:
-    psa_key_derivation_abort( &operation );
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
     psa_reset_key_attributes( &got_attributes );
+
+    psa_key_derivation_abort( &operation );
     psa_destroy_key( base_key );
     psa_destroy_key( derived_key );
     PSA_DONE( );
@@ -5511,7 +5620,12 @@
         goto exit;
 
 exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
     psa_reset_key_attributes( &got_attributes );
+
     psa_destroy_key( key );
     PSA_DONE( );
 }
@@ -5612,7 +5726,12 @@
     }
 
 exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes() or
+     * set by psa_set_key_domain_parameters() thus reset them as required.
+     */
     psa_reset_key_attributes( &attributes );
+
     psa_destroy_key( key );
     PSA_DONE( );
     mbedtls_free( e_read_buffer );
@@ -5741,7 +5860,12 @@
         goto exit;
 
 exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
     psa_reset_key_attributes( &attributes );
+
     mbedtls_free( first_export );
     mbedtls_free( second_export );
     psa_key_derivation_abort( &operation );