Merge pull request #7934 from AgathiyanB/move-declarations-to-top
Move declarations to top of functions
diff --git a/library/bignum.c b/library/bignum.c
index 5b92932..d559c9e 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -900,6 +900,8 @@
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t j;
+ mbedtls_mpi_uint *p;
+ mbedtls_mpi_uint c;
MPI_VALIDATE_RET(X != NULL);
MPI_VALIDATE_RET(A != NULL);
MPI_VALIDATE_RET(B != NULL);
@@ -933,9 +935,9 @@
/* j is the number of non-zero limbs of B. Add those to X. */
- mbedtls_mpi_uint *p = X->p;
+ p = X->p;
- mbedtls_mpi_uint c = mbedtls_mpi_core_add(p, p, B->p, j);
+ c = mbedtls_mpi_core_add(p, p, B->p, j);
p += j;
diff --git a/library/ecp_curves.c b/library/ecp_curves.c
index 3d3ec60..e3b3376 100644
--- a/library/ecp_curves.c
+++ b/library/ecp_curves.c
@@ -5658,6 +5658,7 @@
size_t shift = bits % biL;
size_t adjust = (shift + biL - 1) / biL;
size_t P_limbs = bits / biL + adjust;
+ mbedtls_mpi_uint mask = 0;
mbedtls_mpi_uint *A1 = mbedtls_calloc(P_limbs, ciL);
if (A1 == NULL) {
@@ -5673,7 +5674,6 @@
goto cleanup;
}
- mbedtls_mpi_uint mask = 0;
if (adjust != 0) {
mask = ((mbedtls_mpi_uint) 1 << shift) - 1;
}
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index a2a6755..5e8d0d0 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1535,6 +1535,7 @@
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot;
+ psa_key_attributes_t attributes;
/* Reject a zero-length output buffer now, since this can never be a
* valid key representation. This way we know that data must be a valid
@@ -1560,7 +1561,7 @@
goto exit;
}
- psa_key_attributes_t attributes = {
+ attributes = (psa_key_attributes_t) {
.core = slot->attr
};
status = psa_driver_wrapper_export_public_key(
@@ -2509,6 +2510,7 @@
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot = NULL;
+ psa_key_attributes_t attributes;
/* A context must be freshly initialized before it can be set up. */
if (operation->id != 0) {
@@ -2525,7 +2527,7 @@
goto exit;
}
- psa_key_attributes_t attributes = {
+ attributes = (psa_key_attributes_t) {
.core = slot->attr
};
@@ -2695,6 +2697,7 @@
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot;
uint8_t operation_mac_size = 0;
+ psa_key_attributes_t attributes;
status = psa_get_and_lock_key_slot_with_policy(
key,
@@ -2705,7 +2708,7 @@
goto exit;
}
- psa_key_attributes_t attributes = {
+ attributes = (psa_key_attributes_t) {
.core = slot->attr
};
@@ -2831,6 +2834,7 @@
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot;
+ psa_key_attributes_t attributes;
*signature_length = 0;
@@ -2862,7 +2866,7 @@
goto exit;
}
- psa_key_attributes_t attributes = {
+ attributes = (psa_key_attributes_t) {
.core = slot->attr
};
@@ -3165,6 +3169,7 @@
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot;
+ psa_key_attributes_t attributes;
(void) input;
(void) input_length;
@@ -3189,7 +3194,7 @@
goto exit;
}
- psa_key_attributes_t attributes = {
+ attributes = (psa_key_attributes_t) {
.core = slot->attr
};
@@ -3216,6 +3221,7 @@
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot;
+ psa_key_attributes_t attributes;
(void) input;
(void) input_length;
@@ -3239,7 +3245,7 @@
goto exit;
}
- psa_key_attributes_t attributes = {
+ attributes = (psa_key_attributes_t) {
.core = slot->attr
};
@@ -3313,6 +3319,7 @@
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot;
+ psa_key_attributes_t attributes;
/* Check that start has not been previously called, or operation has not
* previously errored. */
@@ -3339,7 +3346,7 @@
goto exit;
}
- psa_key_attributes_t attributes = {
+ attributes = (psa_key_attributes_t) {
.core = slot->attr
};
@@ -4020,6 +4027,7 @@
psa_key_usage_t usage = (cipher_operation == MBEDTLS_ENCRYPT ?
PSA_KEY_USAGE_ENCRYPT :
PSA_KEY_USAGE_DECRYPT);
+ psa_key_attributes_t attributes;
/* A context must be freshly initialized before it can be set up. */
if (operation->id != 0) {
@@ -4049,7 +4057,7 @@
}
operation->default_iv_length = PSA_CIPHER_IV_LENGTH(slot->attr.type, alg);
- psa_key_attributes_t attributes = {
+ attributes = (psa_key_attributes_t) {
.core = slot->attr
};
@@ -4275,6 +4283,7 @@
psa_key_slot_t *slot = NULL;
uint8_t local_iv[PSA_CIPHER_IV_MAX_SIZE];
size_t default_iv_length = 0;
+ psa_key_attributes_t attributes;
if (!PSA_ALG_IS_CIPHER(alg)) {
status = PSA_ERROR_INVALID_ARGUMENT;
@@ -4288,7 +4297,7 @@
goto exit;
}
- psa_key_attributes_t attributes = {
+ attributes = (psa_key_attributes_t) {
.core = slot->attr
};
@@ -4345,6 +4354,7 @@
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot = NULL;
+ psa_key_attributes_t attributes;
if (!PSA_ALG_IS_CIPHER(alg)) {
status = PSA_ERROR_INVALID_ARGUMENT;
@@ -4358,7 +4368,7 @@
goto exit;
}
- psa_key_attributes_t attributes = {
+ attributes = (psa_key_attributes_t) {
.core = slot->attr
};
@@ -4612,6 +4622,7 @@
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot = NULL;
psa_key_usage_t key_usage = 0;
+ psa_key_attributes_t attributes;
status = psa_aead_check_algorithm(alg);
if (status != PSA_SUCCESS) {
@@ -4641,7 +4652,7 @@
goto exit;
}
- psa_key_attributes_t attributes = {
+ attributes = (psa_key_attributes_t) {
.core = slot->attr
};
@@ -5789,6 +5800,8 @@
mbedtls_mpi diff_N_2;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ size_t m;
+ size_t m_bytes;
mbedtls_mpi_init(&k);
mbedtls_mpi_init(&diff_N_2);
@@ -5810,9 +5823,9 @@
/* N is the boundary of the private key domain (ecp_group.N). */
/* Let m be the bit size of N. */
- size_t m = ecp_group.nbits;
+ m = ecp_group.nbits;
- size_t m_bytes = PSA_BITS_TO_BYTES(m);
+ m_bytes = PSA_BITS_TO_BYTES(m);
/* Calculate N - 2 - it will be needed later. */
MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&diff_N_2, &ecp_group.N, 2));
@@ -5965,6 +5978,7 @@
size_t bytes = PSA_BITS_TO_BYTES(bits);
size_t storage_size = bytes;
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_attributes_t attributes;
if (PSA_KEY_TYPE_IS_PUBLIC_KEY(slot->attr.type)) {
return PSA_ERROR_INVALID_ARGUMENT;
@@ -6013,7 +6027,7 @@
}
slot->attr.bits = (psa_key_bits_t) bits;
- psa_key_attributes_t attributes = {
+ attributes = (psa_key_attributes_t) {
.core = slot->attr
};
@@ -7114,6 +7128,7 @@
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot = NULL;
+ size_t expected_length;
if (!PSA_ALG_IS_KEY_AGREEMENT(alg)) {
status = PSA_ERROR_INVALID_ARGUMENT;
@@ -7133,7 +7148,7 @@
* PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE() is exact so the point is moot.
* If FFDH is implemented, PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE() can easily
* be exact for it as well. */
- size_t expected_length =
+ expected_length =
PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(slot->attr.type, slot->attr.bits);
if (output_size < expected_length) {
status = PSA_ERROR_BUFFER_TOO_SMALL;
@@ -7789,6 +7804,8 @@
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot = NULL;
+ psa_key_attributes_t attributes;
+ psa_key_type_t type;
if (operation->stage != PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) {
status = PSA_ERROR_BAD_STATE;
@@ -7802,11 +7819,11 @@
goto exit;
}
- psa_key_attributes_t attributes = {
+ attributes = (psa_key_attributes_t) {
.core = slot->attr
};
- psa_key_type_t type = psa_get_key_type(&attributes);
+ type = psa_get_key_type(&attributes);
if (type != PSA_KEY_TYPE_PASSWORD &&
type != PSA_KEY_TYPE_PASSWORD_HASH) {
diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c
index 5f203ab..761d877 100644
--- a/tests/src/test_helpers/ssl_helpers.c
+++ b/tests/src/test_helpers/ssl_helpers.c
@@ -930,13 +930,14 @@
int *written,
const int expected_fragments)
{
+ int ret;
/* Verify that calling mbedtls_ssl_write with a NULL buffer and zero length is
* a valid no-op for TLS connections. */
if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
TEST_ASSERT(mbedtls_ssl_write(ssl, NULL, 0) == 0);
}
- int ret = mbedtls_ssl_write(ssl, buf + *written, buf_len - *written);
+ ret = mbedtls_ssl_write(ssl, buf + *written, buf_len - *written);
if (ret > 0) {
*written += ret;
}
@@ -976,13 +977,14 @@
int *read, int *fragments,
const int expected_fragments)
{
+ int ret;
/* Verify that calling mbedtls_ssl_write with a NULL buffer and zero length is
* a valid no-op for TLS connections. */
if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
TEST_ASSERT(mbedtls_ssl_read(ssl, NULL, 0) == 0);
}
- int ret = mbedtls_ssl_read(ssl, buf + *read, buf_len - *read);
+ ret = mbedtls_ssl_read(ssl, buf + *read, buf_len - *read);
if (ret > 0) {
(*fragments)++;
*read += ret;