From ddef3efd4cb73934fc90ccafe6f7ab98645d9848 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Wed, 9 Feb 2022 10:24:47 +0100 Subject: -fix use of uninitialized memory in test --- src/util/crypto_cs.c | 13 ++++++++++--- src/util/test_crypto_cs.c | 49 +++++++++++++++++++++++++++++++++++++++++++---- 2 files changed, 55 insertions(+), 7 deletions(-) (limited to 'src') diff --git a/src/util/crypto_cs.c b/src/util/crypto_cs.c index c89ba5d83..c4bc3380a 100644 --- a/src/util/crypto_cs.c +++ b/src/util/crypto_cs.c @@ -205,11 +205,16 @@ cs_full_domain_hash (const struct GNUNET_CRYPTO_CsRPublic *r_dash, memcpy (r_m_concat, r_dash, sizeof(struct GNUNET_CRYPTO_CsRPublic)); memcpy (r_m_concat + sizeof(struct GNUNET_CRYPTO_CsRPublic), msg, msg_len); struct GNUNET_HashCode prehash; - GNUNET_CRYPTO_hash (r_m_concat, r_m_concat_len, &prehash); + + GNUNET_CRYPTO_hash (r_m_concat, + r_m_concat_len, + &prehash); // modulus converted to MPI representation gcry_mpi_t l_mpi; - GNUNET_CRYPTO_mpi_scan_unsigned (&l_mpi, L_BIG_ENDIAN, sizeof(L_BIG_ENDIAN)); + GNUNET_CRYPTO_mpi_scan_unsigned (&l_mpi, + L_BIG_ENDIAN, + sizeof(L_BIG_ENDIAN)); // calculate full domain hash gcry_mpi_t c_mpi; @@ -224,7 +229,9 @@ cs_full_domain_hash (const struct GNUNET_CRYPTO_CsRPublic *r_dash, // convert c from mpi unsigned char c_big_endian[256 / 8]; - GNUNET_CRYPTO_mpi_print_unsigned (c_big_endian, sizeof(c_big_endian), c_mpi); + GNUNET_CRYPTO_mpi_print_unsigned (c_big_endian, + sizeof(c_big_endian), + c_mpi); gcry_mpi_release (c_mpi); for (size_t i = 0; i<32; i++) c->scalar.d[i] = c_big_endian[31 - i]; diff --git a/src/util/test_crypto_cs.c b/src/util/test_crypto_cs.c index f7ac10982..347d2e214 100644 --- a/src/util/test_crypto_cs.c +++ b/src/util/test_crypto_cs.c @@ -486,10 +486,19 @@ main (int argc, size_t message_len = strlen ("test message"); struct GNUNET_CRYPTO_CsPrivateKey priv; + + memset (&priv, + 42, + sizeof (priv)); test_create_priv (&priv); struct GNUNET_CRYPTO_CsPublicKey pub; - test_generate_pub (&priv, &pub); + + memset (&pub, + 42, + sizeof (pub)); + test_generate_pub (&priv, + &pub); // derive nonce struct GNUNET_CRYPTO_CsNonce nonce; @@ -505,22 +514,45 @@ main (int argc, // generate r, R struct GNUNET_CRYPTO_CsRSecret r_secrets[2]; - test_derive_rsecret (&nonce, &priv, r_secrets); + + memset (r_secrets, + 42, + sizeof (r_secrets)); + test_derive_rsecret (&nonce, + &priv, + r_secrets); struct GNUNET_CRYPTO_CsRPublic r_publics[2]; - test_generate_rpublic (&r_secrets[0], &r_publics[0]); - test_generate_rpublic (&r_secrets[1], &r_publics[1]); + + memset (r_publics, + 42, + sizeof (r_publics)); + test_generate_rpublic (&r_secrets[0], + &r_publics[0]); + test_generate_rpublic (&r_secrets[1], + &r_publics[1]); // ---------- actions performed by user // generate blinding secrets struct GNUNET_CRYPTO_CsBlindingSecret blindingsecrets[2]; + + memset (blindingsecrets, + 42, + sizeof (blindingsecrets)); test_derive_blindingsecrets (&nonce, blindingsecrets); // calculate blinded c's struct GNUNET_CRYPTO_CsC blinded_cs[2]; struct GNUNET_CRYPTO_CsRPublic blinded_r_pubs[2]; + + memset (blinded_cs, + 42, + sizeof (blinded_cs)); + memset (blinded_r_pubs, + 42, + sizeof (blinded_r_pubs)); test_calc_blindedc (blindingsecrets, r_publics, &pub, @@ -533,6 +565,10 @@ main (int argc, // sign blinded c's and get b and s in return unsigned int b; struct GNUNET_CRYPTO_CsBlindS blinded_s; + + memset (&blinded_s, + 42, + sizeof (blinded_s)); test_blind_sign (&b, &priv, r_secrets, @@ -542,6 +578,7 @@ main (int argc, // verify blinded signature struct GNUNET_CRYPTO_CsSignature blinded_signature; + blinded_signature.r_point = r_publics[b]; blinded_signature.s_scalar.scalar = blinded_s.scalar; test_blind_verify (&blinded_signature, @@ -550,6 +587,10 @@ main (int argc, // ---------- actions performed by user struct GNUNET_CRYPTO_CsS sig_scalar; + + memset (&sig_scalar, + 42, + sizeof (sig_scalar)); test_unblinds (&blinded_s, &blindingsecrets[b], &sig_scalar); -- cgit v1.2.3