Merge remote-tracking branch 'upstream-public/pr/1268' into mbedtls-1.3

ChangeLog

@@ -45,6 +45,9 @@ Bugfix
      MilenkoMitrovic, #1104
    * Fix mbedtls_timing_alarm(0) on Unix.
    * Fix use of uninitialized memory in mbedtls_timing_get_timer when reset=1.
+   * Fix issue in RSA key generation program programs/x509/rsa_genkey
+     where the failure of CTR DRBG initialization lead to freeing an
+     RSA context without proper initialization beforehand.
 
 Changes
    * Extend cert_write example program by options to set the CRT version

programs/pkey/rsa_genkey.c

@@ -74,6 +74,7 @@ int main( void )
     fflush( stdout );
 
     entropy_init( &entropy );
+    rsa_init( &rsa, RSA_PKCS_V15, 0 );
     if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
                                (const unsigned char *) pers,
                                strlen( pers ) ) ) != 0 )
@@ -85,7 +86,6 @@ int main( void )
     polarssl_printf( " ok\n  . Generating the RSA key [ %d-bit ]...", KEY_SIZE );
     fflush( stdout );
 
-    rsa_init( &rsa, RSA_PKCS_V15, 0 );
 
     if( ( ret = rsa_gen_key( &rsa, ctr_drbg_random, &ctr_drbg, KEY_SIZE,
                              EXPONENT ) ) != 0 )

tests/suites/test_suite_mpi.function

@@ -823,7 +823,8 @@ void mpi_gen_prime( int bits, int safe, int ref_ret )
         TEST_ASSERT( mpi_is_prime( &X, rnd_std_rand, NULL ) == 0 );
         if( safe )
         {
-            mpi_shift_r( &X, 1 ); /* X = ( X - 1 ) / 2 */
+            /* X = ( X - 1 ) / 2 */
+            TEST_ASSERT( mpi_shift_r( &X, 1 ) == 0 );
             TEST_ASSERT( mpi_is_prime( &X, rnd_std_rand, NULL ) == 0 );
         }
     }