tests: psa: Reset key attributes where needed
After a call to psa_get_key_attributes() to retrieve
the attributes of a key into a psa_key_attributes_t
structure, a call to psa_reset_key_attributes() is
mandated to free the resources that may be
referenced by the psa_key_attributes_t structure.
Not calling psa_reset_key_attributes() may result in
a memory leak.
When a test function calls psa_get_key_parameters()
the associated key attributes are systematically
reset in the clean-up part of the function with a
comment to emphasize the need for the reset and make
it more visible.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 9803f90..98016c6 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -200,6 +200,12 @@
TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key ) );
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &attributes );
+
mbedtls_pk_free( &pk ); /* redundant except upon error */
mbedtls_pk_free( &pk2 );
PSA_DONE( );
@@ -1289,6 +1295,12 @@
hash, sizeof hash, sig, sig_len ) == 0 );
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &attributes );
+
mbedtls_pk_free( &pk );
PSA_DONE( );
}
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index b03df3d..8e71610 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -292,7 +292,12 @@
ok = 1;
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
return( ok );
}
@@ -445,6 +450,7 @@
iv_length = PSA_BLOCK_CIPHER_BLOCK_SIZE(
psa_get_key_type( &attributes ) );
maybe_invalid_padding = ! PSA_ALG_IS_STREAM_CIPHER( alg );
+ psa_reset_key_attributes( &attributes );
}
PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) );
PSA_ASSERT( psa_cipher_set_iv( &operation,
@@ -717,8 +723,13 @@
operation, PSA_KEY_DERIVATION_INPUT_SECRET, key,
public_key, public_key_length );
exit:
- mbedtls_free( public_key );
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
+ mbedtls_free( public_key );
return( status );
}
@@ -754,8 +765,13 @@
public_key, public_key_length,
output, sizeof( output ), &output_length );
exit:
- mbedtls_free( public_key );
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
+ mbedtls_free( public_key );
return( status );
}
@@ -1033,8 +1049,13 @@
exported, exported_length );
exit:
- mbedtls_free( exported );
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
+ mbedtls_free( exported );
return( ok );
}
@@ -1069,8 +1090,13 @@
exported, exported_length );
exit:
- mbedtls_free( exported );
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
+ mbedtls_free( exported );
return( ok );
}
@@ -1205,7 +1231,12 @@
ok = 1;
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
return( ok );
}
@@ -1479,8 +1510,13 @@
test_operations_on_invalid_key( key );
exit:
- psa_destroy_key( key );
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &got_attributes );
+
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
@@ -1518,8 +1554,13 @@
test_operations_on_invalid_key( key );
exit:
- psa_destroy_key( key );
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &got_attributes );
+
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
@@ -1567,6 +1608,12 @@
}
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &attributes );
+
psa_destroy_key( key );
PSA_DONE( );
mbedtls_free( buffer );
@@ -1696,9 +1743,14 @@
test_operations_on_invalid_key( key );
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &got_attributes );
+
mbedtls_free( exported );
mbedtls_free( reexported );
- psa_reset_key_attributes( &got_attributes );
PSA_DONE( );
}
/* END_CASE */
@@ -1749,9 +1801,14 @@
}
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &attributes );
+
mbedtls_free( exported );
psa_destroy_key( key );
- psa_reset_key_attributes( &attributes );
PSA_DONE( );
}
/* END_CASE */
@@ -1792,8 +1849,14 @@
test_operations_on_invalid_key( key );
exit:
- psa_destroy_key( key );
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &got_attributes );
+
+ psa_reset_key_attributes( &attributes );
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
@@ -1832,8 +1895,13 @@
TEST_EQUAL( psa_get_key_algorithm( &attributes ), expected_alg );
exit:
- psa_destroy_key( key );
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
@@ -2087,8 +2155,13 @@
TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
exit:
- psa_destroy_key( key );
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
+ psa_destroy_key( key );
PSA_DONE( );
mbedtls_free( buffer );
}
@@ -2265,6 +2338,12 @@
goto exit;
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &got_attributes );
+
psa_destroy_key( key );
PSA_DONE( );
}
@@ -2385,8 +2464,13 @@
PSA_ASSERT( psa_destroy_key( target_key ) );
exit:
+ /*
+ * Source and target key attributes may have been returned by
+ * psa_get_key_attributes() thus reset them as required.
+ */
psa_reset_key_attributes( &source_attributes );
psa_reset_key_attributes( &target_attributes );
+
PSA_DONE( );
mbedtls_free( export_buffer );
}
@@ -4138,7 +4222,12 @@
#endif /* MBEDTLS_TEST_DEPRECATED */
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
psa_destroy_key( key );
mbedtls_free( signature );
PSA_DONE( );
@@ -4259,7 +4348,12 @@
}
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
psa_destroy_key( key );
mbedtls_free( signature );
PSA_DONE( );
@@ -4409,7 +4503,12 @@
}
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
psa_destroy_key( key );
mbedtls_free( output );
PSA_DONE( );
@@ -4473,7 +4572,12 @@
output2, output2_length );
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
psa_destroy_key( key );
mbedtls_free( output );
mbedtls_free( output2 );
@@ -5080,8 +5184,13 @@
goto exit;
exit:
- psa_key_derivation_abort( &operation );
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &got_attributes );
+
+ psa_key_derivation_abort( &operation );
psa_destroy_key( base_key );
psa_destroy_key( derived_key );
PSA_DONE( );
@@ -5511,7 +5620,12 @@
goto exit;
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &got_attributes );
+
psa_destroy_key( key );
PSA_DONE( );
}
@@ -5612,7 +5726,12 @@
}
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes() or
+ * set by psa_set_key_domain_parameters() thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
psa_destroy_key( key );
PSA_DONE( );
mbedtls_free( e_read_buffer );
@@ -5741,7 +5860,12 @@
goto exit;
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
mbedtls_free( first_export );
mbedtls_free( second_export );
psa_key_derivation_abort( &operation );
diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function
index c4c2b75..8e10158 100644
--- a/tests/suites/test_suite_psa_crypto_persistent_key.function
+++ b/tests/suites/test_suite_psa_crypto_persistent_key.function
@@ -240,7 +240,12 @@
PSA_ASSERT( psa_destroy_key( key_id ) );
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
psa_destroy_persistent_key( key_id );
PSA_DONE();
}
@@ -308,7 +313,12 @@
TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 );
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
mbedtls_free( exported );
PSA_DONE( );
psa_destroy_persistent_key( key_id );
diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function
index 04aecb6..1add9b4 100644
--- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function
+++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function
@@ -578,6 +578,12 @@
ok = 1;
exit:
+ /*
+ * Actual key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &actual_attributes );
+
return( ok );
}
@@ -753,7 +759,12 @@
ok = 1;
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
return( ok );
}
@@ -1080,6 +1091,12 @@
TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST );
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &attributes );
+
PSA_DONE( );
ram_slots_reset( );
psa_purge_storage( );
@@ -1431,6 +1448,12 @@
PSA_ERROR_INVALID_SIGNATURE );
exit:
+ /*
+ * Driver key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &drv_attributes );
+
psa_destroy_key( id );
psa_destroy_key( sw_key );
PSA_DONE( );
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function
index edc1886..57d4789 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.function
+++ b/tests/suites/test_suite_psa_crypto_slot_management.function
@@ -226,6 +226,12 @@
TEST_EQUAL( psa_close_key( key ), PSA_ERROR_DOES_NOT_EXIST );
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &attributes );
+
PSA_DONE( );
}
/* END_CASE */
@@ -369,6 +375,13 @@
}
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &attributes );
+ psa_reset_key_attributes( &read_attributes );
+
PSA_DONE( );
psa_purge_key_storage( );
mbedtls_free( reexported );
@@ -437,6 +450,12 @@
PSA_ASSERT( psa_close_key( id ) );
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &attributes );
+
PSA_DONE( );
psa_purge_key_storage( );
}
@@ -626,6 +645,13 @@
PSA_ASSERT( psa_destroy_key( returned_target_id ) );
exit:
+ /*
+ * Source and target key attributes may have been returned by
+ * psa_get_key_attributes() thus reset them as required.
+ */
+ psa_reset_key_attributes( &source_attributes );
+ psa_reset_key_attributes( &target_attributes );
+
PSA_DONE( );
mbedtls_free( export_buffer );
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
@@ -737,6 +763,13 @@
PSA_ASSERT( psa_destroy_key( returned_target_id ) );
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &attributes1 );
+ psa_reset_key_attributes( &attributes2 );
+
PSA_DONE( );
mbedtls_free( export_buffer );
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
@@ -824,6 +857,12 @@
PSA_ASSERT( psa_close_key( valid_handle ) );
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &attributes );
+
PSA_DONE( );
}
/* END_CASE */
@@ -1059,6 +1098,12 @@
ASSERT_COMPARE( exported, exported_length,
(uint8_t *) &persistent_key, sizeof( persistent_key ) );
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &attributes );
+
psa_destroy_key( persistent_key );
PSA_DONE( );
mbedtls_free( keys );
