diff --git a/examples/client/client.c b/examples/client/client.c index e0cc24125..68625f020 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -1086,13 +1086,16 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) #ifdef SINGLE_THREADED if (wolfSSL_CTX_new_rng(ctx) != SSL_SUCCESS) { + wolfSSL_CTX_free(ctx); err_sys("Single Threaded new rng at CTX failed"); } #endif if (cipherList) { - if (wolfSSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS) + if (wolfSSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS) { + wolfSSL_CTX_free(ctx); err_sys("client can't set cipher list 1"); + } } #ifdef WOLFSSL_LEANPSK @@ -1127,8 +1130,10 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) defaultCipherList = "PSK-AES128-CBC-SHA256"; #endif if (wolfSSL_CTX_set_cipher_list(ctx,defaultCipherList) - !=SSL_SUCCESS) + !=SSL_SUCCESS) { + wolfSSL_CTX_free(ctx); err_sys("client can't set cipher list 2"); + } } #endif if (useClientCert) { @@ -1140,8 +1145,11 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) #ifdef HAVE_ANON if (cipherList == NULL) { wolfSSL_CTX_allow_anon_cipher(ctx); - if (wolfSSL_CTX_set_cipher_list(ctx,"ADH-AES128-SHA") != SSL_SUCCESS) + if (wolfSSL_CTX_set_cipher_list(ctx,"ADH-AES128-SHA") + != SSL_SUCCESS) { + wolfSSL_CTX_free(ctx); err_sys("client can't set cipher list 4"); + } } #endif if (useClientCert) { @@ -1162,6 +1170,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) if (cipherList == NULL) { /* don't use EDH, can't sniff tmp keys */ if (wolfSSL_CTX_set_cipher_list(ctx, "AES128-SHA") != SSL_SUCCESS) { + wolfSSL_CTX_free(ctx); err_sys("client can't set cipher list 3"); } } @@ -1189,14 +1198,19 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) #if !defined(NO_CERTS) if (useClientCert){ #if !defined(NO_FILESYSTEM) - if (wolfSSL_CTX_use_certificate_chain_file(ctx, ourCert) != SSL_SUCCESS) + if (wolfSSL_CTX_use_certificate_chain_file(ctx, ourCert) + != SSL_SUCCESS) { + wolfSSL_CTX_free(ctx); err_sys("can't load client cert file, check file and run from" " wolfSSL home dir"); + } if (wolfSSL_CTX_use_PrivateKey_file(ctx, ourKey, SSL_FILETYPE_PEM) - != SSL_SUCCESS) + != SSL_SUCCESS) { + wolfSSL_CTX_free(ctx); err_sys("can't load client private key file, check file and run " "from wolfSSL home dir"); + } #else load_buffer(ctx, ourCert, WOLFSSL_CERT_CHAIN); load_buffer(ctx, ourKey, WOLFSSL_KEY); @@ -1205,16 +1219,21 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) if (!usePsk && !useAnon) { #if !defined(NO_FILESYSTEM) - if (wolfSSL_CTX_load_verify_locations(ctx, verifyCert,0) != SSL_SUCCESS) + if (wolfSSL_CTX_load_verify_locations(ctx, verifyCert,0) + != SSL_SUCCESS) { + wolfSSL_CTX_free(ctx); err_sys("can't load ca file, Please run from wolfSSL home dir"); + } #else load_buffer(ctx, verifyCert, WOLFSSL_CA); #endif /* !defined(NO_FILESYSTEM) */ #ifdef HAVE_ECC /* load ecc verify too, echoserver uses it by default w/ ecc */ #if !defined(NO_FILESYSTEM) - if (wolfSSL_CTX_load_verify_locations(ctx, eccCert, 0) != SSL_SUCCESS) + if (wolfSSL_CTX_load_verify_locations(ctx, eccCert, 0) != SSL_SUCCESS) { + wolfSSL_CTX_free(ctx); err_sys("can't load ecc ca file, Please run from wolfSSL home dir"); + } #else load_buffer(ctx, eccCert, WOLFSSL_CA); #endif /* !defined(NO_FILESYSTEM) */ @@ -1223,6 +1242,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) if (trustCert) { if ((ret = wolfSSL_CTX_trust_peer_cert(ctx, trustCert, SSL_FILETYPE_PEM)) != SSL_SUCCESS) { + wolfSSL_CTX_free(ctx); err_sys("can't load trusted peer cert file"); } } @@ -1237,6 +1257,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) #ifdef WOLFSSL_ASYNC_CRYPT ret = wolfAsync_DevOpen(&devId); if (ret != 0) { + wolfSSL_CTX_free(ctx); err_sys("Async device open failed"); } wolfSSL_CTX_UseAsync(ctx, devId); @@ -1245,27 +1266,37 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) #ifdef HAVE_SNI if (sniHostName) if (wolfSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName)) - != SSL_SUCCESS) + != SSL_SUCCESS) { + wolfSSL_CTX_free(ctx); err_sys("UseSNI failed"); + } #endif #ifdef HAVE_MAX_FRAGMENT if (maxFragment) - if (wolfSSL_CTX_UseMaxFragment(ctx, maxFragment) != SSL_SUCCESS) + if (wolfSSL_CTX_UseMaxFragment(ctx, maxFragment) != SSL_SUCCESS) { + wolfSSL_CTX_free(ctx); err_sys("UseMaxFragment failed"); + } #endif #ifdef HAVE_TRUNCATED_HMAC if (truncatedHMAC) - if (wolfSSL_CTX_UseTruncatedHMAC(ctx) != SSL_SUCCESS) + if (wolfSSL_CTX_UseTruncatedHMAC(ctx) != SSL_SUCCESS) { + wolfSSL_CTX_free(ctx); err_sys("UseTruncatedHMAC failed"); + } #endif #ifdef HAVE_SESSION_TICKET - if (wolfSSL_CTX_UseSessionTicket(ctx) != SSL_SUCCESS) + if (wolfSSL_CTX_UseSessionTicket(ctx) != SSL_SUCCESS) { + wolfSSL_CTX_free(ctx); err_sys("UseSessionTicket failed"); + } #endif #ifdef HAVE_EXTENDED_MASTER if (disableExtMasterSecret) - if (wolfSSL_CTX_DisableExtendedMasterSecret(ctx) != SSL_SUCCESS) + if (wolfSSL_CTX_DisableExtendedMasterSecret(ctx) != SSL_SUCCESS) { + wolfSSL_CTX_free(ctx); err_sys("DisableExtendedMasterSecret failed"); + } #endif if (benchmark) { @@ -1290,16 +1321,20 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) #if defined(OPENSSL_EXTRA) if (wolfSSL_CTX_get_read_ahead(ctx) != 0) { + wolfSSL_CTX_free(ctx); err_sys("bad read ahead default value"); } if (wolfSSL_CTX_set_read_ahead(ctx, 1) != SSL_SUCCESS) { + wolfSSL_CTX_free(ctx); err_sys("error setting read ahead value"); } #endif ssl = wolfSSL_new(ctx); - if (ssl == NULL) + if (ssl == NULL) { + wolfSSL_CTX_free(ctx); err_sys("unable to get SSL object"); + } #ifdef OPENSSL_EXTRA wolfSSL_KeepArrays(ssl); @@ -1308,26 +1343,38 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) #ifdef HAVE_SUPPORTED_CURVES /* add curves to supported curves extension */ if (wolfSSL_UseSupportedCurve(ssl, WOLFSSL_ECC_SECP256R1) != SSL_SUCCESS) { + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); err_sys("unable to set curve secp256r1"); } if (wolfSSL_UseSupportedCurve(ssl, WOLFSSL_ECC_SECP384R1) != SSL_SUCCESS) { + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); err_sys("unable to set curve secp384r1"); } if (wolfSSL_UseSupportedCurve(ssl, WOLFSSL_ECC_SECP521R1) != SSL_SUCCESS) { + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); err_sys("unable to set curve secp521r1"); } if (wolfSSL_UseSupportedCurve(ssl, WOLFSSL_ECC_SECP224R1) != SSL_SUCCESS) { + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); err_sys("unable to set curve secp224r1"); } if (wolfSSL_UseSupportedCurve(ssl, WOLFSSL_ECC_SECP192R1) != SSL_SUCCESS) { + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); err_sys("unable to set curve secp192r1"); } if (wolfSSL_UseSupportedCurve(ssl, WOLFSSL_ECC_SECP160R1) != SSL_SUCCESS) { + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); err_sys("unable to set curve secp160r1"); } #endif @@ -1347,8 +1394,11 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) switch (statusRequest) { case WOLFSSL_CSR_OCSP: if (wolfSSL_UseOCSPStapling(ssl, WOLFSSL_CSR_OCSP, - WOLFSSL_CSR_OCSP_USE_NONCE) != SSL_SUCCESS) + WOLFSSL_CSR_OCSP_USE_NONCE) != SSL_SUCCESS) { + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); err_sys("UseCertificateStatusRequest failed"); + } break; } @@ -1362,14 +1412,20 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) case WOLFSSL_CSR2_OCSP: if (wolfSSL_UseOCSPStaplingV2(ssl, WOLFSSL_CSR2_OCSP, WOLFSSL_CSR2_OCSP_USE_NONCE) - != SSL_SUCCESS) + != SSL_SUCCESS) { + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); err_sys("UseCertificateStatusRequest failed"); + } break; case WOLFSSL_CSR2_OCSP_MULTI: if (wolfSSL_UseOCSPStaplingV2(ssl, WOLFSSL_CSR2_OCSP_MULTI, 0) - != SSL_SUCCESS) + != SSL_SUCCESS) { + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); err_sys("UseCertificateStatusRequest failed"); + } break; } @@ -1380,30 +1436,47 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) tcp_connect(&sockfd, host, port, dtlsUDP, dtlsSCTP, ssl); if (wolfSSL_set_fd(ssl, sockfd) != SSL_SUCCESS) { + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); err_sys("error in setting fd"); } /* STARTTLS */ if (doSTARTTLS) { if (StartTLS_Init(&sockfd) != SSL_SUCCESS) { + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); err_sys("error during STARTTLS protocol"); } } #ifdef HAVE_CRL if (disableCRL == 0) { - if (wolfSSL_EnableCRL(ssl, WOLFSSL_CRL_CHECKALL) != SSL_SUCCESS) + if (wolfSSL_EnableCRL(ssl, WOLFSSL_CRL_CHECKALL) != SSL_SUCCESS) { + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); err_sys("can't enable crl check"); - if (wolfSSL_LoadCRL(ssl, crlPemDir, SSL_FILETYPE_PEM, 0) != SSL_SUCCESS) + } + if (wolfSSL_LoadCRL(ssl, crlPemDir, SSL_FILETYPE_PEM, 0) + != SSL_SUCCESS) { + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); err_sys("can't load crl, check crlfile and date validity"); - if (wolfSSL_SetCRL_Cb(ssl, CRL_CallBack) != SSL_SUCCESS) + } + if (wolfSSL_SetCRL_Cb(ssl, CRL_CallBack) != SSL_SUCCESS) { + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); err_sys("can't set crl callback"); + } } #endif #ifdef HAVE_SECURE_RENEGOTIATION if (scr) { - if (wolfSSL_UseSecureRenegotiation(ssl) != SSL_SUCCESS) + if (wolfSSL_UseSecureRenegotiation(ssl) != SSL_SUCCESS) { + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); err_sys("can't enable secure renegotiation"); + } } #endif #ifdef ATOMIC_USER @@ -1440,6 +1513,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) if (ret != SSL_SUCCESS) { char buffer[WOLFSSL_MAX_ERROR_SZ]; printf("err = %d, %s\n", err, wolfSSL_ERR_error_string(err, buffer)); + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); err_sys("wolfSSL_connect failed"); /* see note at top of README */ /* if you're getting an error here */ @@ -1461,17 +1536,23 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) /* get size of buffer then print */ size = wolfSSL_get_client_random(NULL, NULL, 0); if (size == 0) { + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); err_sys("error getting client random buffer size"); } rnd = (byte*)XMALLOC(size, NULL, DYNAMIC_TYPE_TMP_BUFFER); if (rnd == NULL) { + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); err_sys("error creating client random buffer"); } size = wolfSSL_get_client_random(ssl, rnd, size); if (size == 0) { XFREE(rnd, NULL, DYNAMIC_TYPE_TMP_BUFFER); + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); err_sys("error getting client random buffer"); } @@ -1485,6 +1566,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) if (doSTARTTLS) { if (XSTRNCMP(starttlsProt, "smtp", 4) == 0) { if (SMTP_Shutdown(ssl, wc_shutdown) != SSL_SUCCESS) { + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); err_sys("error closing STARTTLS connection"); } } @@ -1525,6 +1608,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) err = wolfSSL_get_error(ssl, 0); printf("err = %d, %s\n", err, wolfSSL_ERR_error_string(err, buffer)); + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); err_sys("wolfSSL_Rehandshake failed"); } } @@ -1552,8 +1637,11 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) sleep(1); #endif #endif /* WOLFSSL_SESSION_EXPORT_DEBUG */ - if (wolfSSL_write(ssl, msg, msgSz) != msgSz) + if (wolfSSL_write(ssl, msg, msgSz) != msgSz) { + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); err_sys("SSL_write failed"); + } input = wolfSSL_read(ssl, reply, sizeof(reply)-1); if (input > 0) { @@ -1576,6 +1664,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) int readErr = wolfSSL_get_error(ssl, 0); if (readErr != SSL_ERROR_WANT_READ) { printf("wolfSSL_read error %d!\n", readErr); + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); err_sys("wolfSSL_read failed"); } } @@ -1584,8 +1674,11 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) if (resumeSession) { session = wolfSSL_get_session(ssl); sslResume = wolfSSL_new(ctx); - if (sslResume == NULL) + if (sslResume == NULL) { + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); err_sys("unable to get SSL object"); + } } #endif @@ -1614,6 +1707,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) } tcp_connect(&sockfd, host, port, dtlsUDP, dtlsSCTP, sslResume); if (wolfSSL_set_fd(sslResume, sockfd) != SSL_SUCCESS) { + wolfSSL_free(sslResume); + wolfSSL_CTX_free(ctx); err_sys("error in setting fd"); } #ifdef HAVE_ALPN @@ -1625,8 +1720,11 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) #endif #ifdef HAVE_SECURE_RENEGOTIATION if (scr) { - if (wolfSSL_UseSecureRenegotiation(sslResume) != SSL_SUCCESS) + if (wolfSSL_UseSecureRenegotiation(sslResume) != SSL_SUCCESS) { + wolfSSL_free(sslResume); + wolfSSL_CTX_free(ctx); err_sys("can't enable secure renegotiation"); + } } #endif wolfSSL_set_session(sslResume, session); @@ -1637,26 +1735,38 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) #ifdef HAVE_SUPPORTED_CURVES /* add curves to supported curves extension */ if (wolfSSL_UseSupportedCurve(sslResume, WOLFSSL_ECC_SECP256R1) != SSL_SUCCESS) { + wolfSSL_free(sslResume); + wolfSSL_CTX_free(ctx); err_sys("unable to set curve secp256r1"); } if (wolfSSL_UseSupportedCurve(sslResume, WOLFSSL_ECC_SECP384R1) != SSL_SUCCESS) { + wolfSSL_free(sslResume); + wolfSSL_CTX_free(ctx); err_sys("unable to set curve secp384r1"); } if (wolfSSL_UseSupportedCurve(sslResume, WOLFSSL_ECC_SECP521R1) != SSL_SUCCESS) { + wolfSSL_free(sslResume); + wolfSSL_CTX_free(ctx); err_sys("unable to set curve secp521r1"); } if (wolfSSL_UseSupportedCurve(sslResume, WOLFSSL_ECC_SECP224R1) != SSL_SUCCESS) { + wolfSSL_free(sslResume); + wolfSSL_CTX_free(ctx); err_sys("unable to set curve secp224r1"); } if (wolfSSL_UseSupportedCurve(sslResume, WOLFSSL_ECC_SECP192R1) != SSL_SUCCESS) { + wolfSSL_free(sslResume); + wolfSSL_CTX_free(ctx); err_sys("unable to set curve secp192r1"); } if (wolfSSL_UseSupportedCurve(sslResume, WOLFSSL_ECC_SECP160R1) != SSL_SUCCESS) { + wolfSSL_free(sslResume); + wolfSSL_CTX_free(ctx); err_sys("unable to set curve secp160r1"); } #endif @@ -1667,8 +1777,11 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) tcp_set_nonblocking(&sockfd); NonBlockingSSL_Connect(sslResume); } - else if (wolfSSL_connect(sslResume) != SSL_SUCCESS) + else if (wolfSSL_connect(sslResume) != SSL_SUCCESS) { + wolfSSL_free(sslResume); + wolfSSL_CTX_free(ctx); err_sys("SSL resume failed"); + } #else timeout.tv_sec = 2; timeout.tv_usec = 0; @@ -1710,8 +1823,11 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) #endif #endif /* WOLFSSL_SESSION_EXPORT_DEBUG */ - if (wolfSSL_write(sslResume, resumeMsg, resumeSz) != resumeSz) + if (wolfSSL_write(sslResume, resumeMsg, resumeSz) != resumeSz) { + wolfSSL_free(sslResume); + wolfSSL_CTX_free(ctx); err_sys("SSL_write failed"); + } if (nonBlocking) { /* give server a chance to bounce a message back to client */ @@ -1742,9 +1858,11 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) } } } else if (input < 0) { - int readErr = wolfSSL_get_error(ssl, 0); + int readErr = wolfSSL_get_error(sslResume, 0); if (readErr != SSL_ERROR_WANT_READ) { printf("wolfSSL_read error %d!\n", readErr); + wolfSSL_free(sslResume); + wolfSSL_CTX_free(ctx); err_sys("wolfSSL_read failed"); } } diff --git a/src/internal.c b/src/internal.c index d041268d4..1ee94d260 100644 --- a/src/internal.c +++ b/src/internal.c @@ -3573,6 +3573,7 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx) WOLFSSL_MSG("RNG Memory error"); return MEMORY_E; } + XMEMSET(ssl->rng, 0, sizeof(WC_RNG)); ssl->options.weOwnRng = 1; /* FIPS RNG API does not accept a heap hint */ diff --git a/src/ssl.c b/src/ssl.c index f1e9ccb59..26a4bdb76 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -422,6 +422,10 @@ int wolfSSL_set_fd(WOLFSSL* ssl, int fd) WOLFSSL_ENTER("SSL_set_fd"); + if (ssl == NULL) { + return BAD_FUNC_ARG; + } + ret = wolfSSL_set_read_fd(ssl, fd); if (ret == SSL_SUCCESS) { ret = wolfSSL_set_write_fd(ssl, fd); @@ -988,10 +992,14 @@ int wolfSSL_SetTmpDH(WOLFSSL* ssl, const unsigned char* p, int pSz, if (ssl->options.side != WOLFSSL_SERVER_END) return SIDE_ERROR; - if (ssl->buffers.serverDH_P.buffer && ssl->buffers.weOwnDH) + if (ssl->buffers.serverDH_P.buffer && ssl->buffers.weOwnDH) { XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, DYNAMIC_TYPE_DH); - if (ssl->buffers.serverDH_G.buffer && ssl->buffers.weOwnDH) + ssl->buffers.serverDH_P.buffer = NULL; + } + if (ssl->buffers.serverDH_G.buffer && ssl->buffers.weOwnDH) { XFREE(ssl->buffers.serverDH_G.buffer, ssl->heap, DYNAMIC_TYPE_DH); + ssl->buffers.serverDH_G.buffer = NULL; + } ssl->buffers.weOwnDH = 1; /* SSL owns now */ ssl->buffers.serverDH_P.buffer = (byte*)XMALLOC(pSz, ssl->heap, @@ -1003,6 +1011,7 @@ int wolfSSL_SetTmpDH(WOLFSSL* ssl, const unsigned char* p, int pSz, DYNAMIC_TYPE_DH); if (ssl->buffers.serverDH_G.buffer == NULL) { XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, DYNAMIC_TYPE_DH); + ssl->buffers.serverDH_P.buffer = NULL; return MEMORY_E; } @@ -4335,6 +4344,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, if (DecodeToKey(cert, 0) < 0) { WOLFSSL_MSG("Decode to key failed"); + FreeDecodedCert(cert); #ifdef WOLFSSL_SMALL_STACK XFREE(cert, heap, DYNAMIC_TYPE_TMP_BUFFER); #endif @@ -7674,6 +7684,9 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, errno = 0; #endif + if (ssl == NULL) + return BAD_FUNC_ARG; + if (ssl->options.side != WOLFSSL_CLIENT_END) { WOLFSSL_ERROR(ssl->error = SIDE_ERROR); return SSL_FATAL_ERROR; diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index cdd8d30fb..0570afc46 100644 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -1937,6 +1937,8 @@ int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const word32 max_key_len = (AES_MAX_KEY_SIZE / 8); #endif + if (aes == NULL) + return BAD_FUNC_ARG; if (!((keylen == 16) || (keylen == 24) || (keylen == 32))) return BAD_FUNC_ARG; diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 32f355455..4de38f355 100755 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -2481,6 +2481,7 @@ void InitDecodedCert(DecodedCert* cert, byte* source, word32 inSz, void* heap) cert->publicKey = 0; cert->pubKeySize = 0; cert->pubKeyStored = 0; + cert->keyOID = 0; cert->version = 0; cert->signature = 0; cert->subjectCN = 0; diff --git a/wolfcrypt/src/hmac.c b/wolfcrypt/src/hmac.c index 0519f8351..c8785883d 100644 --- a/wolfcrypt/src/hmac.c +++ b/wolfcrypt/src/hmac.c @@ -132,7 +132,7 @@ int wc_HmacSizeByType(int type) return SHA_DIGEST_SIZE; #endif - #ifdef WOLF_SHA224 + #ifdef WOLFSSL_SHA224 case SHA224: return SHA224_DIGEST_SIZE; #endif diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index c92733730..5b6b799a6 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -1465,7 +1465,7 @@ static int wc_PKCS7_KariGenerateKEK(WC_PKCS7_KARI* kari, kdfType = WC_HASH_TYPE_SHA; break; #endif - #ifndef WOLF_SHA224 + #ifndef WOLFSSL_SHA224 case dhSinglePass_stdDH_sha224kdf_scheme: kdfType = WC_HASH_TYPE_SHA224; break; diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c index 550d96503..5ea961538 100755 --- a/wolfcrypt/src/random.c +++ b/wolfcrypt/src/random.c @@ -834,6 +834,7 @@ int wc_InitRng(WC_RNG* rng) junk = (byte*)XMALLOC(256, NULL, DYNAMIC_TYPE_TMP_BUFFER); if (junk == NULL) { XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); + key = NULL; return MEMORY_E; } #endif diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index fba54b011..379aa0252 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -707,7 +707,7 @@ static int RsaUnPad_OAEP(byte *pkcsBlock, unsigned int pkcsBlockLen, /* find seedMask value */ if ((ret = RsaMGF(mgf, (byte*)(pkcsBlock + (hLen + 1)), pkcsBlockLen - hLen - 1, tmp, hLen, heap)) != 0) { - XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(tmp, heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 871f6f2eb..6512e2afb 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -4794,6 +4794,7 @@ int rsa_test(void) } while (ret == WC_PENDING_E); if (ret < 0) { XFREE(tmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -43; } @@ -4803,6 +4804,7 @@ int rsa_test(void) ret = wc_RsaSetRNG(&key, &rng); if (ret < 0) { XFREE(tmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -843; } ret = tmpret; @@ -4820,11 +4822,13 @@ int rsa_test(void) } while (ret == WC_PENDING_E); if (ret < 0) { XFREE(tmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -44; } if (XMEMCMP(plain, in, inLen)) { XFREE(tmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -45; } @@ -4838,6 +4842,7 @@ int rsa_test(void) } while (ret == WC_PENDING_E); if (ret < 0) { XFREE(tmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -46; } @@ -4853,11 +4858,13 @@ int rsa_test(void) } while (ret == WC_PENDING_E); if (ret < 0) { XFREE(tmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -47; } if (XMEMCMP(plain, in, ret)) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -48; } @@ -4879,6 +4886,7 @@ int rsa_test(void) } while (ret == WC_PENDING_E); if (ret < 0) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -143; } @@ -4894,11 +4902,13 @@ int rsa_test(void) } while (ret == WC_PENDING_E); if (ret < 0) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -144; } if (XMEMCMP(plain, in, inLen)) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -145; } #endif /* NO_SHA */ @@ -4916,6 +4926,7 @@ int rsa_test(void) } while (ret == WC_PENDING_E); if (ret < 0) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -243; } @@ -4931,11 +4942,13 @@ int rsa_test(void) } while (ret == WC_PENDING_E); if (ret < 0) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -244; } if (XMEMCMP(plain, in, inLen)) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -245; } @@ -4952,6 +4965,7 @@ int rsa_test(void) } while (ret == WC_PENDING_E); if (ret < 0) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -246; } @@ -4967,6 +4981,7 @@ int rsa_test(void) } while (ret == WC_PENDING_E); if (ret > 0) { /* in this case decrypt should fail */ XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -247; } ret = 0; @@ -4984,6 +4999,7 @@ int rsa_test(void) } while (ret == WC_PENDING_E); if (ret < 0) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -248; } @@ -4999,11 +5015,13 @@ int rsa_test(void) } while (ret == WC_PENDING_E); if (ret < 0) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -249; } if (XMEMCMP(plain, in, inLen)) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -250; } @@ -5021,6 +5039,7 @@ int rsa_test(void) } while (ret == WC_PENDING_E); if (ret < 0) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -251; } @@ -5036,6 +5055,7 @@ int rsa_test(void) } while (ret == WC_PENDING_E); if (ret > 0) { /* should fail */ XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -252; } ret = 0; @@ -5060,6 +5080,7 @@ int rsa_test(void) } while (ret == WC_PENDING_E); if (ret < 0) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -343; } @@ -5075,11 +5096,13 @@ int rsa_test(void) } while (ret == WC_PENDING_E); if (ret < 0) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -344; } if (XMEMCMP(plain, in, inLen)) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -345; } } @@ -5098,6 +5121,7 @@ int rsa_test(void) } while (ret == WC_PENDING_E); if (ret < 0) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -443; } @@ -5113,11 +5137,13 @@ int rsa_test(void) } while (ret == WC_PENDING_E); if (ret < 0) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -444; } if (XMEMCMP(plain, in, inLen)) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -445; } #endif /* !HAVE_FAST_RSA && !HAVE_FIPS */ @@ -5137,6 +5163,7 @@ int rsa_test(void) file2 = fopen(clientCert, "rb"); if (!file2) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -49; } @@ -5153,7 +5180,9 @@ int rsa_test(void) ret = ParseCert(&cert, CERT_TYPE, NO_VERIFY, 0); if (ret != 0) { - free(tmp); + FreeDecodedCert(&cert); + XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -491; } @@ -5176,6 +5205,7 @@ int rsa_test(void) err_sys("can't open ./certs/client-keyPub.der, " "Please run from wolfSSL home dir", -40); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -50; } @@ -5186,6 +5216,7 @@ int rsa_test(void) ret = wc_InitRsaKey(&keypub, HEAP_HINT); if (ret != 0) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -51; } idx = 0; @@ -5194,6 +5225,7 @@ int rsa_test(void) if (ret != 0) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_FreeRsaKey(&keypub); + wc_FreeRng(&rng); return -52; } #endif /* WOLFSSL_CERT_EXT */ @@ -5212,11 +5244,13 @@ int rsa_test(void) ret = wc_InitRsaKey(&genKey, HEAP_HINT); if (ret != 0) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -300; } ret = wc_MakeRsaKey(&genKey, 1024, 65537, &rng); if (ret != 0) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -301; } @@ -5224,6 +5258,7 @@ int rsa_test(void) if (der == NULL) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_FreeRsaKey(&genKey); + wc_FreeRng(&rng); return -307; } pem = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -5231,6 +5266,7 @@ int rsa_test(void) XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_FreeRsaKey(&genKey); + wc_FreeRng(&rng); return -308; } @@ -5239,6 +5275,7 @@ int rsa_test(void) XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -302; } @@ -5252,6 +5289,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_FreeRsaKey(&genKey); + wc_FreeRng(&rng); return -303; } ret = (int)fwrite(der, 1, derSz, keyFile); @@ -5261,6 +5299,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_FreeRsaKey(&genKey); + wc_FreeRng(&rng); return -313; } @@ -5270,6 +5309,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_FreeRsaKey(&genKey); + wc_FreeRng(&rng); return -304; } @@ -5283,6 +5323,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_FreeRsaKey(&genKey); + wc_FreeRng(&rng); return -305; } ret = (int)fwrite(pem, 1, pemSz, pemFile); @@ -5292,6 +5333,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_FreeRsaKey(&genKey); + wc_FreeRng(&rng); return -314; } @@ -5301,6 +5343,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_FreeRsaKey(&genKey); + wc_FreeRng(&rng); return -3060; } idx = 0; @@ -5311,6 +5354,7 @@ int rsa_test(void) XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_FreeRsaKey(&derIn); wc_FreeRsaKey(&genKey); + wc_FreeRng(&rng); return -306; } @@ -5339,12 +5383,14 @@ int rsa_test(void) DYNAMIC_TYPE_TMP_BUFFER); if (derCert == NULL) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -309; } pem = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,DYNAMIC_TYPE_TMP_BUFFER); if (pem == NULL) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -310; } @@ -5373,6 +5419,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -398; } @@ -5381,7 +5428,8 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - return -399; + wc_FreeRng(&rng); + return -399; } /* add Key Usage */ @@ -5389,6 +5437,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -400; } #endif /* WOLFSSL_CERT_EXT */ @@ -5398,6 +5447,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -401; } @@ -5408,6 +5458,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -402; } FreeDecodedCert(&decode); @@ -5422,6 +5473,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -403; } ret = (int)fwrite(derCert, 1, certSz, derFile); @@ -5430,6 +5482,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -414; } @@ -5438,6 +5491,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -404; } @@ -5450,6 +5504,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -405; } ret = (int)fwrite(pem, 1, pemSz, pemFile); @@ -5458,6 +5513,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -406; } XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -5484,12 +5540,14 @@ int rsa_test(void) DYNAMIC_TYPE_TMP_BUFFER); if (derCert == NULL) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -311; } pem = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,DYNAMIC_TYPE_TMP_BUFFER); if (pem == NULL) { XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -312; } @@ -5499,6 +5557,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -412; } @@ -5510,6 +5569,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -411; } ret = wc_RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3); @@ -5518,6 +5578,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_FreeRsaKey(&caKey); + wc_FreeRng(&rng); return -413; } @@ -5546,6 +5607,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -398; } @@ -5554,6 +5616,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -399; } @@ -5562,6 +5625,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -400; } #endif /* WOLFSSL_CERT_EXT */ @@ -5572,6 +5636,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_FreeRsaKey(&caKey); + wc_FreeRng(&rng); return -405; } @@ -5581,6 +5646,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_FreeRsaKey(&caKey); + wc_FreeRng(&rng); return -407; } @@ -5591,6 +5657,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_FreeRsaKey(&caKey); + wc_FreeRng(&rng); return -408; } @@ -5602,6 +5669,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_FreeRsaKey(&caKey); + wc_FreeRng(&rng); return -409; } FreeDecodedCert(&decode); @@ -5617,6 +5685,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_FreeRsaKey(&caKey); + wc_FreeRng(&rng); return -410; } ret = (int)fwrite(derCert, 1, certSz, derFile); @@ -5626,6 +5695,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_FreeRsaKey(&caKey); + wc_FreeRng(&rng); return -416; } @@ -5635,6 +5705,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_FreeRsaKey(&caKey); + wc_FreeRng(&rng); return -411; } @@ -5648,6 +5719,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_FreeRsaKey(&caKey); + wc_FreeRng(&rng); return -412; } ret = (int)fwrite(pem, 1, pemSz, pemFile); @@ -5657,6 +5729,7 @@ int rsa_test(void) XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); fclose(pemFile); wc_FreeRsaKey(&caKey); + wc_FreeRng(&rng); return -415; } fclose(pemFile); @@ -5689,12 +5762,14 @@ int rsa_test(void) DYNAMIC_TYPE_TMP_BUFFER); if (derCert == NULL) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -5311; } pem = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,DYNAMIC_TYPE_TMP_BUFFER); if (pem == NULL) { XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -5312; } @@ -5704,6 +5779,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -5412; } @@ -5716,6 +5792,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -5413; } @@ -5744,6 +5821,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -5500; } @@ -5755,6 +5833,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -5501; } @@ -5765,6 +5844,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_ecc_free(&caKeyPub); + wc_FreeRng(&rng); return -5502; } @@ -5774,6 +5854,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_ecc_free(&caKeyPub); + wc_FreeRng(&rng); return -5503; } @@ -5783,6 +5864,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_ecc_free(&caKeyPub); + wc_FreeRng(&rng); return -5504; } wc_ecc_free(&caKeyPub); @@ -5792,6 +5874,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -5505; } #endif /* WOLFSSL_CERT_EXT */ @@ -5802,6 +5885,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_ecc_free(&caKey); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -5405; } @@ -5811,6 +5895,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_ecc_free(&caKey); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -5407; } @@ -5821,6 +5906,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_ecc_free(&caKey); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -5408; } @@ -5832,6 +5918,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_ecc_free(&caKey); + wc_FreeRng(&rng); return -5409; } FreeDecodedCert(&decode); @@ -5847,6 +5934,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_ecc_free(&caKey); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -5410; } ret = (int)fwrite(derCert, 1, certSz, derFile); @@ -5856,6 +5944,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_ecc_free(&caKey); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -5414; } @@ -5865,6 +5954,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_ecc_free(&caKey); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -5411; } @@ -5878,6 +5968,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_ecc_free(&caKey); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -5412; } ret = (int)fwrite(pem, 1, pemSz, pemFile); @@ -5886,6 +5977,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_ecc_free(&caKey); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -5415; } @@ -5915,12 +6007,14 @@ int rsa_test(void) DYNAMIC_TYPE_TMP_BUFFER); if (derCert == NULL) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -311; } pem = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,DYNAMIC_TYPE_TMP_BUFFER); if (pem == NULL) { XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -312; } @@ -5938,6 +6032,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -448; } @@ -5948,6 +6043,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -449; } @@ -5958,6 +6054,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -450; } @@ -5967,6 +6064,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -451; } @@ -5976,6 +6074,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -452; } @@ -5987,6 +6086,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -453; } ret = wc_RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes); @@ -5994,6 +6094,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -454; } @@ -6016,6 +6117,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -496; } @@ -6024,6 +6126,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -495; } @@ -6033,6 +6136,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -494; } #endif /* WOLFSSL_CERT_EXT */ @@ -6043,6 +6147,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_FreeRsaKey(&caKey); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -455; } @@ -6053,6 +6158,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_FreeRsaKey(&caKey); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -456; } @@ -6063,6 +6169,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -457; } @@ -6074,6 +6181,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -458; } FreeDecodedCert(&decode); @@ -6083,6 +6191,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -459; } ret = (int)fwrite(derCert, 1, certSz, derFile); @@ -6091,6 +6200,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -473; } @@ -6099,6 +6209,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -460; } @@ -6107,6 +6218,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -461; } ret = (int)fwrite(pem, 1, pemSz, pemFile); @@ -6115,6 +6227,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -474; } @@ -6123,6 +6236,7 @@ int rsa_test(void) XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -462; } ret = (int)fwrite(private_key, 1, private_key_len, ntruPrivFile); @@ -6131,6 +6245,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -475; } XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -6149,12 +6264,14 @@ int rsa_test(void) der = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,DYNAMIC_TYPE_TMP_BUFFER); if (der == NULL) { XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -463; } pem = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,DYNAMIC_TYPE_TMP_BUFFER); if (pem == NULL) { XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -464; } @@ -6178,6 +6295,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -496; } @@ -6187,6 +6305,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -494; } #endif /* WOLFSSL_CERT_EXT */ @@ -6196,6 +6315,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -465; } @@ -6205,6 +6325,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -466; } @@ -6213,6 +6334,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -467; } @@ -6225,6 +6347,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -468; } @@ -6234,6 +6357,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -471; } @@ -6246,6 +6370,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -469; } ret = (int)fwrite(pem, 1, pemSz, reqFile); @@ -6254,6 +6379,7 @@ int rsa_test(void) XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + wc_FreeRng(&rng); return -470; }