convert all variable length array to malloc/free

fix astyle fixed all memory errors
open-quantum-safe · Oct 20, 2023 · 77668b9 · 77668b9
1 parent b05776c
commit 77668b9
Show file tree

Hide file tree

Showing 5 changed files with 133 additions and 70 deletions.
diff --git a/src/sig_stfl/xmss/external/hash.c b/src/sig_stfl/xmss/external/hash.c
@@ -30,13 +30,17 @@ int prf(const xmss_params *params,
         unsigned char *out, const unsigned char in[32],
         const unsigned char *key)
 {
-    unsigned char buf[params->padding_len + params->n + 32];
+    unsigned char* buf = malloc(params->padding_len + params->n + 32);
 
     ull_to_bytes(buf, params->padding_len, XMSS_HASH_PADDING_PRF);
     memcpy(buf + params->padding_len, key, params->n);
     memcpy(buf + params->padding_len + params->n, in, 32);
 
-    return core_hash(params, out, buf, params->padding_len + params->n + 32);
+    int ret = core_hash(params, out, buf, params->padding_len + params->n + 32);
+
+    OQS_MEM_insecure_free(buf);
+
+    return ret;
 }
 
 /*
@@ -47,13 +51,17 @@ int prf_keygen(const xmss_params *params,
         unsigned char *out, const unsigned char *in,
         const unsigned char *key)
 {
-    unsigned char buf[params->padding_len + 2*params->n + 32];
+    unsigned char *buf = malloc(params->padding_len + 2*params->n + 32);
 
     ull_to_bytes(buf, params->padding_len, XMSS_HASH_PADDING_PRF_KEYGEN);
     memcpy(buf + params->padding_len, key, params->n);
     memcpy(buf + params->padding_len + params->n, in, params->n + 32);
 
-    return core_hash(params, out, buf, params->padding_len + 2*params->n + 32);
+    int ret = core_hash(params, out, buf, params->padding_len + 2*params->n + 32);
+
+    OQS_MEM_insecure_free(buf);
+
+    return ret;
 }
 
 /*
@@ -85,8 +93,11 @@ int thash_h(const xmss_params *params,
             unsigned char *out, const unsigned char *in,
             const unsigned char *pub_seed, uint32_t addr[8])
 {
-    unsigned char buf[params->padding_len + 3 * params->n];
-    unsigned char bitmask[2 * params->n];
+    unsigned char *tmp = malloc(params->padding_len + 3 * params->n + 2 * params->n);
+
+    unsigned char *buf = tmp;
+    unsigned char *bitmask = tmp + (params->padding_len + 3 * params->n);
+
     unsigned char addr_as_bytes[32];
     unsigned int i;
 
@@ -110,15 +121,21 @@ int thash_h(const xmss_params *params,
     for (i = 0; i < 2 * params->n; i++) {
         buf[params->padding_len + params->n + i] = in[i] ^ bitmask[i];
     }
-    return core_hash(params, out, buf, params->padding_len + 3 * params->n);
+    int ret = core_hash(params, out, buf, params->padding_len + 3 * params->n);
+
+    OQS_MEM_insecure_free(tmp);
+
+    return ret;
 }
 
 int thash_f(const xmss_params *params,
             unsigned char *out, const unsigned char *in,
             const unsigned char *pub_seed, uint32_t addr[8])
 {
-    unsigned char buf[params->padding_len + 2 * params->n];
-    unsigned char bitmask[params->n];
+    unsigned char *tmp = malloc(params->padding_len + 2 * params->n + params->n);
+    unsigned char *buf = tmp;
+    unsigned char *bitmask = tmp + (params->padding_len + 2 * params->n);
+
     unsigned char addr_as_bytes[32];
     unsigned int i;
 
@@ -138,5 +155,9 @@ int thash_f(const xmss_params *params,
     for (i = 0; i < params->n; i++) {
         buf[params->padding_len + params->n + i] = in[i] ^ bitmask[i];
     }
-    return core_hash(params, out, buf, params->padding_len + 2 * params->n);
+    int ret = core_hash(params, out, buf, params->padding_len + 2 * params->n);
+
+    OQS_MEM_insecure_free(tmp);
+
+    return ret;
 }
diff --git a/src/sig_stfl/xmss/external/utils.h b/src/sig_stfl/xmss/external/utils.h
@@ -2,7 +2,7 @@
 #define XMSS_UTILS_H
 
 #include "namespace.h"
-
+#include <oqs/common.h>
 /**
  * Converts the value of 'in' to 'outlen' bytes in big-endian byte order.
  */

diff --git a/src/sig_stfl/xmss/external/wots.c b/src/sig_stfl/xmss/external/wots.c
@@ -12,11 +12,11 @@
  * Expands an n-byte array into a len*n byte array using the `prf_keygen` function.
  */
 static void expand_seed(const xmss_params *params,
-                        unsigned char *outseeds, const unsigned char *inseed, 
+                        unsigned char *outseeds, const unsigned char *inseed,
                         const unsigned char *pub_seed, uint32_t addr[8])
 {
     unsigned int i;
-    unsigned char buf[params->n + 32];
+    unsigned char *buf = malloc(params->n + 32);
 
     set_hash_addr(addr, 0);
     set_key_and_mask(addr, 0);
@@ -26,6 +26,8 @@ static void expand_seed(const xmss_params *params,
         addr_to_bytes(buf + params->n, addr);
         prf_keygen(params, outseeds + i*params->n, buf, inseed);
     }
+
+    OQS_MEM_insecure_free(buf);
 }
 
 /**
@@ -83,7 +85,8 @@ static void wots_checksum(const xmss_params *params,
                           unsigned int *csum_base_w, const unsigned int *msg_base_w)
 {
     int csum = 0;
-    unsigned char csum_bytes[(params->wots_len2 * params->wots_log_w + 7) / 8];
+    unsigned int csum_bytes_length =  (params->wots_len2 * params->wots_log_w + 7) / 8;
+    unsigned char *csum_bytes = malloc(csum_bytes_length);
     unsigned int i;
 
     /* Compute checksum. */
@@ -94,8 +97,10 @@ static void wots_checksum(const xmss_params *params,
     /* Convert checksum to base_w. */
     /* Make sure expected empty zero bits are the least significant bits. */
     csum = csum << (8 - ((params->wots_len2 * params->wots_log_w) % 8));
-    ull_to_bytes(csum_bytes, sizeof(csum_bytes), csum);
+    ull_to_bytes(csum_bytes, csum_bytes_length, csum);
     base_w(params, csum_base_w, params->wots_len2, csum_bytes);
+
+    OQS_MEM_insecure_free(csum_bytes);
 }
 
 /* Takes a message and derives the matching chain lengths. */
@@ -139,11 +144,9 @@ void wots_sign(const xmss_params *params,
                const unsigned char *seed, const unsigned char *pub_seed,
                uint32_t addr[8])
 {
-    unsigned int lengths[params->wots_len];
+    unsigned int *lengths = calloc(params->wots_len, sizeof(unsigned int));
     unsigned int i;
 
-    memset(lengths, 0, sizeof(unsigned int)*params->wots_len);
-
     chain_lengths(params, lengths, msg);
 
     /* The WOTS+ private key is derived from the seed. */
@@ -154,6 +157,8 @@ void wots_sign(const xmss_params *params,
         gen_chain(params, sig + i*params->n, sig + i*params->n,
                   0, lengths[i], pub_seed, addr);
     }
+
+    OQS_MEM_insecure_free(lengths);
 }
 
 /**
@@ -165,16 +170,16 @@ void wots_pk_from_sig(const xmss_params *params, unsigned char *pk,
                       const unsigned char *sig, const unsigned char *msg,
                       const unsigned char *pub_seed, uint32_t addr[8])
 {
-    unsigned int lengths[params->wots_len];
+    unsigned int *lengths = calloc(params->wots_len, sizeof(unsigned int ));
     unsigned int i;
 
-    memset(lengths, 0, sizeof(unsigned int)*params->wots_len);
-
     chain_lengths(params, lengths, msg);
 
     for (i = 0; i < params->wots_len; i++) {
         set_chain_addr(addr, i);
         gen_chain(params, pk + i*params->n, sig + i*params->n,
                   lengths[i], params->wots_w - 1 - lengths[i], pub_seed, addr);
     }
+
+    OQS_MEM_insecure_free(lengths);
 }
diff --git a/src/sig_stfl/xmss/external/xmss_commons.c b/src/sig_stfl/xmss/external/xmss_commons.c
@@ -57,7 +57,7 @@ static void compute_root(const xmss_params *params, unsigned char *root,
                          const unsigned char *pub_seed, uint32_t addr[8])
 {
     uint32_t i;
-    unsigned char buffer[2*params->n];
+    unsigned char *buffer = malloc(2*params->n);
 
     /* If leafidx is odd (last bit = 1), current path element is a right child
        and auth_path has to go left. Otherwise it is the other way around. */
@@ -93,6 +93,8 @@ static void compute_root(const xmss_params *params, unsigned char *root,
     leafidx >>= 1;
     set_tree_index(addr, leafidx);
     thash_h(params, root, buffer, pub_seed, addr);
+
+    OQS_MEM_insecure_free(buffer);
 }
 
 
@@ -105,11 +107,13 @@ void gen_leaf_wots(const xmss_params *params, unsigned char *leaf,
                    const unsigned char *sk_seed, const unsigned char *pub_seed,
                    uint32_t ltree_addr[8], uint32_t ots_addr[8])
 {
-    unsigned char pk[params->wots_sig_bytes];
+    unsigned char *pk = malloc(params->wots_sig_bytes);
 
     wots_pkgen(params, pk, sk_seed, pub_seed, ots_addr);
 
     l_tree(params, leaf, pk, pub_seed, ltree_addr);
+
+    OQS_MEM_insecure_free(pk);
 }
 
 
@@ -140,16 +144,18 @@ int xmssmt_core_sign_open(const xmss_params *params,
 {
     const unsigned char *pub_root = pk;
     const unsigned char *pub_seed = pk + params->n;
-    unsigned char wots_pk[params->wots_sig_bytes];
-    unsigned char leaf[params->n];
-    unsigned char root[params->n];
+
+    unsigned char *tmp = malloc(params->wots_sig_bytes + params->n + params->n);
+    unsigned char *wots_pk = tmp;
+    unsigned char *leaf = tmp + params->wots_sig_bytes;
+    unsigned char *root = leaf + params->n;
 
     unsigned long long prefix_length = params->padding_len + 3*params->n;
     unsigned char m_with_prefix[mlen + prefix_length];
-    
+
     unsigned char *mhash = root;
     unsigned long long idx = 0;
-    unsigned int i;
+    unsigned int i, ret;
     uint32_t idx_leaf;
 
     uint32_t ots_addr[8] = {0};
@@ -209,8 +215,12 @@ int xmssmt_core_sign_open(const xmss_params *params,
     /* Check if the root node equals the root node in the public key. */
     if (memcmp(root, pub_root, params->n)) {
         /* If not, return fail */
-        return -1;
+        ret = -1;
+        goto fail;
     }
+    ret = 0;
+fail:
+    OQS_MEM_insecure_free(tmp);
+    return ret;
 
-    return 0;
 }