refactor wc_AesDelete, wc_curve25519_delete, wc_ed25519_delete, wc_HashDelete, and wc_DeleteRsaKey to take two arguments, the first a required pointer to the object, the second an optional pointer to the pointer to be zeroed upon successful deletion, for the benefit of calling from C# without unsafe code.

wrapper/CSharp/wolfSSL_CSharp/wolfCrypt.cs: update for new calling conventions around wc_AesNew, wc_curve25519_new, wc_ed25519_new, wc_HashNew, and wc_NewRsaKey, and the corresponding delete functions.

wolfcrypt/src/aes.c

@@ -10542,7 +10542,7 @@ int wc_Gmac(const byte* key, word32 keySz, byte* iv, word32 ivSz,
                                   authTag, authTagSz, authIn, authInSz);
 
 #ifdef WOLFSSL_SMALL_STACK
-    wc_AesDelete(&aes);
+    wc_AesDelete(aes, NULL);
 #else
     wc_AesFree(aes);
 #endif
@@ -10582,7 +10582,7 @@ int wc_GmacVerify(const byte* key, word32 keySz,
 
     }
 #ifdef WOLFSSL_SMALL_STACK
-    wc_AesDelete(&aes);
+    wc_AesDelete(aes, NULL);
 #else
     wc_AesFree(aes);
 #endif
@@ -11318,13 +11318,14 @@ Aes* wc_AesNew(void* heap, int devId, int *result_code)
     return aes;
 }
 
-int wc_AesDelete(Aes** aes)
+int wc_AesDelete(Aes *aes, Aes** aes_p)
 {
-    if ((aes == NULL) || (*aes == NULL))
+    if (aes == NULL)
         return BAD_FUNC_ARG;
-    wc_AesFree(*aes);
+    wc_AesFree(aes);
-    XFREE(*aes, (*aes)->heap, DYNAMIC_TYPE_AES);
+    XFREE(aes, aes->heap, DYNAMIC_TYPE_AES);
-    *aes = NULL;
+    if (aes_p != NULL)
+        *aes_p = NULL;
     return 0;
 }
 #endif /* !WC_NO_CONSTRUCTORS */
@@ -14028,7 +14029,7 @@ static WARN_UNUSED_RESULT int AesSivCipher(
     }
 
 #ifdef WOLFSSL_SMALL_STACK
-    wc_AesDelete(&aes);
+    wc_AesDelete(aes, NULL);
 #else
     wc_AesFree(aes);
 #endif

wolfcrypt/src/curve25519.c

@@ -678,12 +678,13 @@ curve25519_key* wc_curve25519_new(void* heap, int devId, int *result_code)
     return key;
 }
 
-int wc_curve25519_delete(curve25519_key** key) {
+int wc_curve25519_delete(curve25519_key* key, curve25519_key** key_p) {
-    if ((key == NULL) || (*key == NULL))
+    if (key == NULL)
         return BAD_FUNC_ARG;
-    wc_curve25519_free(*key);
+    wc_curve25519_free(key);
-    XFREE(*key, (*key)->heap, DYNAMIC_TYPE_CURVE25519);
+    XFREE(key, key->heap, DYNAMIC_TYPE_CURVE25519);
-    *key = NULL;
+    if (key_p != NULL)
+        *key_p = NULL;
     return 0;
 }
 #endif /* !WC_NO_CONSTRUCTORS */

wolfcrypt/src/ed25519.c

@@ -991,12 +991,13 @@ ed25519_key* wc_ed25519_new(void* heap, int devId, int *result_code)
     return key;
 }
 
-int wc_ed25519_delete(ed25519_key** key) {
+int wc_ed25519_delete(ed25519_key* key, ed25519_key** key_p) {
-    if ((key == NULL) || (*key == NULL))
+    if (key == NULL)
         return BAD_FUNC_ARG;
-    wc_ed25519_free(*key);
+    wc_ed25519_free(key);
-    XFREE(*key, (*key)->heap, DYNAMIC_TYPE_ED25519);
+    XFREE(key, key->heap, DYNAMIC_TYPE_ED25519);
-    *key = NULL;
+    if (key_p != NULL)
+        *key_p = NULL;
     return 0;
 }
 #endif /* !WC_NO_CONSTRUCTORS */

wolfcrypt/src/hash.c

@@ -710,15 +710,16 @@ wc_HashAlg* wc_HashNew(enum wc_HashType type, void* heap, int devId,
     return hash;
 }
 
-int wc_HashDelete(wc_HashAlg **hash) {
+int wc_HashDelete(wc_HashAlg *hash, wc_HashAlg **hash_p) {
     int ret;
-    if ((hash == NULL) || (*hash == NULL))
+    if (hash == NULL)
         return BAD_FUNC_ARG;
-    ret = wc_HashFree(*hash, (*hash)->type);
+    ret = wc_HashFree(hash, hash->type);
     if (ret < 0)
         return ret;
-    XFREE(*hash, (*hash)->heap, DYNAMIC_TYPE_HASHES);
+    XFREE(hash, hash->heap, DYNAMIC_TYPE_HASHES);
-    *hash = NULL;
+    if (hash_p != NULL)
+        *hash_p = NULL;
     return 0;
 }
 #endif /* !WC_NO_CONSTRUCTORS */

wolfcrypt/src/rsa.c

@@ -176,13 +176,14 @@ RsaKey* wc_NewRsaKey(void* heap, int devId, int *result_code)
     return key;
 }
 
-int wc_DeleteRsaKey(RsaKey** key)
+int wc_DeleteRsaKey(RsaKey* key, RsaKey** key_p)
 {
-    if ((key == NULL) || (*key == NULL))
+    if (key == NULL)
         return BAD_FUNC_ARG;
-    wc_FreeRsaKey(*key);
+    wc_FreeRsaKey(key);
-    XFREE(*key, (*key)->heap, DYNAMIC_TYPE_RSA);
+    XFREE(key, key->heap, DYNAMIC_TYPE_RSA);
-    *key = NULL;
+    if (key_p != NULL)
+        *key_p = NULL;
     return 0;
 }
 #endif /* !WC_NO_CONSTRUCTORS */

wolfcrypt/test/test.c

@@ -938,7 +938,7 @@ static void myFipsCb(int ok, int err, const char* hash)
 #if defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) && !defined(WC_NO_CONSTRUCTORS)
 
 #if !defined(NO_AES)
-static WC_MAYBE_UNUSED Aes* wc_AesNew(void* heap, int devId, int *result_code)
+static WC_MAYBE_UNUSED Aes* wc_AesNew(void* heap, int thisDevId, int *result_code)
 {
     int ret;
     Aes* aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_AES);
@@ -946,7 +946,7 @@ static WC_MAYBE_UNUSED Aes* wc_AesNew(void* heap, int devId, int *result_code)
         ret = MEMORY_E;
     }
     else {
-        ret = wc_AesInit(aes, heap, devId);
+        ret = wc_AesInit(aes, heap, thisDevId);
         if (ret != 0) {
             XFREE(aes, heap, DYNAMIC_TYPE_AES);
             aes = NULL;
@@ -958,27 +958,28 @@ static WC_MAYBE_UNUSED Aes* wc_AesNew(void* heap, int devId, int *result_code)
 
     return aes;
 }
-static WC_MAYBE_UNUSED int wc_AesDelete(Aes** aes)
+static WC_MAYBE_UNUSED int wc_AesDelete(Aes *aes, Aes** aes_p)
 {
-    if ((aes == NULL) || (*aes == NULL))
+    if (aes == NULL)
         return BAD_FUNC_ARG;
-    wc_AesFree(*aes);
+    wc_AesFree(aes);
-    XFREE(*aes, (*aes)->heap, DYNAMIC_TYPE_AES);
+    XFREE(aes, aes->heap, DYNAMIC_TYPE_AES);
-    *aes = NULL;
+    if (aes_p != NULL)
+        *aes_p = NULL;
     return 0;
 }
 #endif /* !NO_AES */
 
 #if !defined(NO_RSA)
-static WC_MAYBE_UNUSED RsaKey* wc_NewRsaKey(void* heap, int devId, int *result_code)
+static WC_MAYBE_UNUSED RsaKey* wc_NewRsaKey(void* heap, int thisDevId, int *result_code)
 {
     int ret;
     RsaKey* key = (RsaKey*)XMALLOC(sizeof(RsaKey), heap, DYNAMIC_TYPE_RSA);
-    if (key = NULL) {
+    if (key == NULL) {
         ret = MEMORY_E;
     }
     else {
-        ret = wc_InitRsaKey_ex(key, heap, devId);
+        ret = wc_InitRsaKey_ex(key, heap, thisDevId);
         if (ret != 0) {
             XFREE(key, heap, DYNAMIC_TYPE_RSA);
             key = NULL;
@@ -990,120 +991,18 @@ static WC_MAYBE_UNUSED RsaKey* wc_NewRsaKey(void* heap, int devId, int *result_c
 
     return key;
 }
-static WC_MAYBE_UNUSED int wc_DeleteRsaKey(RsaKey** key)
+static WC_MAYBE_UNUSED int wc_DeleteRsaKey(RsaKey* key, RsaKey** key_p)
 {
-    if ((key == NULL) || (*key == NULL))
+    if (key == NULL)
         return BAD_FUNC_ARG;
-    wc_FreeRsaKey(*key);
+    wc_FreeRsaKey(key);
-    XFREE(*key, (*key)->heap, DYNAMIC_TYPE_RSA);
+    XFREE(key, key->heap, DYNAMIC_TYPE_RSA);
-    *key = NULL;
+    if (key_p != NULL)
+        *key_p = NULL;
     return 0;
 }
 #endif /* !NO_RSA */
 
-#if !defined(NO_HASH_WRAPPER)
-static WC_MAYBE_UNUSED wc_HashAlg* wc_HashNew(enum wc_HashType type, void* heap, int devId,
-                       int *result_code)
-{
-    int ret;
-    wc_HashAlg* hash = (wc_HashAlg*)XMALLOC(sizeof(wc_HashAlg), heap,
-                        DYNAMIC_TYPE_HASHES);
-    if (hash == NULL) {
-        ret = MEMORY_E;
-    }
-    else {
-        ret = wc_HashInit_ex(hash, type, heap, devId);
-        if (ret != 0) {
-            XFREE(hash, heap, DYNAMIC_TYPE_HASHES);
-            hash = NULL;
-        }
-    }
-
-    if (result_code != NULL)
-        *result_code = ret;
-
-    return hash;
-}
-
-static WC_MAYBE_UNUSED int wc_HashDelete(wc_HashAlg **hash) {
-    int ret;
-    if ((hash == NULL) || (*hash == NULL))
-        return BAD_FUNC_ARG;
-    ret = wc_HashFree(*hash, (*hash)->type);
-    if (ret < 0)
-        return ret;
-    XFREE(*hash, (*hash)->heap, DYNAMIC_TYPE_HASHES);
-    *hash = NULL;
-    return 0;
-}
-#endif  /* !NO_HASH_WRAPPER */
-
-#if defined(HAVE_CURVE25519)
-static WC_MAYBE_UNUSED curve25519_key* wc_curve25519_new(void* heap, int devId, int *result_code)
-{
-    int ret;
-    curve25519_key* key = (curve25519_key*)XMALLOC(sizeof(curve25519_key), heap,
-                           DYNAMIC_TYPE_CURVE25519);
-    if (key == NULL) {
-        ret = MEMORY_E;
-    }
-    else {
-        ret = wc_curve25519_init_ex(key, heap, devId);
-        if (ret != 0) {
-            XFREE(key, heap, DYNAMIC_TYPE_CURVE25519);
-            key = NULL;
-        }
-    }
-
-    if (result_code != NULL)
-        *result_code = ret;
-
-    return key;
-}
-
-static WC_MAYBE_UNUSED int wc_curve25519_delete(curve25519_key** key) {
-    if ((key == NULL) || (*key == NULL))
-        return BAD_FUNC_ARG;
-    wc_curve25519_free(*key);
-    XFREE(*key, (*key)->heap, DYNAMIC_TYPE_CURVE25519);
-    *key = NULL;
-    return 0;
-}
-#endif /* HAVE_CURVE25519 */
-
-#if defined(HAVE_ED25519)
-static WC_MAYBE_UNUSED ed25519_key* wc_ed25519_new(void* heap, int devId, int *result_code)
-{
-    int ret;
-    ed25519_key* key = (ed25519_key*)XMALLOC(sizeof(ed25519_key), heap,
-                        DYNAMIC_TYPE_ED25519);
-    if (key == NULL) {
-        ret = MEMORY_E;
-    }
-    else {
-        ret = wc_ed25519_init_ex(key, heap, devId);
-        if (ret != 0) {
-            XFREE(key, heap, DYNAMIC_TYPE_ED25519);
-            key = NULL;
-        }
-    }
-
-    if (result_code != NULL)
-        *result_code = ret;
-
-    return key;
-}
-
-static WC_MAYBE_UNUSED int wc_ed25519_delete(ed25519_key** key) {
-    if ((key == NULL) || (*key == NULL))
-        return BAD_FUNC_ARG;
-    wc_ed25519_free(*key);
-    XFREE(*key, (*key)->heap, DYNAMIC_TYPE_ED25519);
-    *key = NULL;
-    return 0;
-}
-#endif /* HAVE_ED25519 */
-
 #endif /* FIPS_VERSION3_LT(6,0,0) && !WC_NO_CONSTRUCTORS */
 
 #ifdef WOLFSSL_STATIC_MEMORY
@@ -6457,7 +6356,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hash_test(void)
 #endif
 
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    (void)wc_HashDelete(&hash);
+    (void)wc_HashDelete(hash, &hash);
 #endif
 
     return 0;
@@ -9680,14 +9579,14 @@ EVP_TEST_END:
     out:
 
     #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-        wc_AesDelete(&enc);
+        wc_AesDelete(enc, &enc);
     #else
         wc_AesFree(enc);
     #endif
 
     #ifdef HAVE_AES_DECRYPT
     #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-        wc_AesDelete(&dec);
+        wc_AesDelete(dec, &dec);
     #else
         wc_AesFree(dec);
     #endif
@@ -10010,13 +9909,13 @@ EVP_TEST_END:
   out:
 
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    wc_AesDelete(&enc);
+    wc_AesDelete(enc, &enc);
 #else
     wc_AesFree(enc);
 #endif
 #ifdef HAVE_AES_DECRYPT
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    wc_AesDelete(&dec);
+    wc_AesDelete(dec, &dec);
 #else
     wc_AesFree(dec);
 #endif
@@ -10272,13 +10171,13 @@ EVP_TEST_END:
   out:
 
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-        wc_AesDelete(&enc);
+        wc_AesDelete(enc, &enc);
 #else
         wc_AesFree(enc);
 #endif
     #ifdef HAVE_AES_DECRYPT
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-        wc_AesDelete(&dec);
+        wc_AesDelete(dec, &dec);
 #else
         wc_AesFree(dec);
 #endif
@@ -10484,13 +10383,13 @@ EVP_TEST_END:
       out:
 
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-        wc_AesDelete(&enc);
+        wc_AesDelete(enc, &enc);
 #else
         wc_AesFree(enc);
 #endif
     #ifdef HAVE_AES_DECRYPT
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-        wc_AesDelete(&dec);
+        wc_AesDelete(dec, &dec);
 #else
         wc_AesFree(dec);
 #endif
@@ -10629,7 +10528,7 @@ static wc_test_ret_t aes_key_size_test(void)
   out:
 
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    wc_AesDelete(&aes);
+    wc_AesDelete(aes, &aes);
 #else
     wc_AesFree(aes);
 #endif
@@ -13670,13 +13569,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_ctr_test(void)
 
 out:
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    wc_AesDelete(&enc);
+    wc_AesDelete(enc, &enc);
 #else
     wc_AesFree(enc);
 #endif
 #ifdef HAVE_AES_DECRYPT
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    wc_AesDelete(&dec);
+    wc_AesDelete(dec, &dec);
 #else
     wc_AesFree(dec);
 #endif
@@ -14246,13 +14145,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_cbc_test(void)
   out:
 
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    wc_AesDelete(&enc);
+    wc_AesDelete(enc, &enc);
 #else
     wc_AesFree(enc);
 #endif
 #ifdef HAVE_AES_DECRYPT
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    wc_AesDelete(&dec);
+    wc_AesDelete(dec, &dec);
 #else
     wc_AesFree(dec);
 #endif
@@ -14324,8 +14223,8 @@ static wc_test_ret_t aes_ecb_direct_test(void)
   out:
 
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    wc_AesDelete(&enc);
+    wc_AesDelete(enc, &enc);
-    wc_AesDelete(&dec);
+    wc_AesDelete(dec, &dec);
 #else
     wc_AesFree(enc);
     wc_AesFree(dec);
@@ -14521,13 +14420,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes192_test(void)
   out:
 
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    wc_AesDelete(&enc);
+    wc_AesDelete(enc, &enc);
 #else
     wc_AesFree(enc);
 #endif
 #ifdef HAVE_AES_DECRYPT
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    wc_AesDelete(&dec);
+    wc_AesDelete(dec, &dec);
 #else
     wc_AesFree(dec);
 #endif
@@ -14728,13 +14627,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes256_test(void)
   out:
 
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    wc_AesDelete(&enc);
+    wc_AesDelete(enc, &enc);
 #else
     wc_AesFree(enc);
 #endif
 #ifdef HAVE_AES_DECRYPT
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    wc_AesDelete(&dec);
+    wc_AesDelete(dec, &dec);
 #else
     wc_AesFree(dec);
 #endif
@@ -14865,8 +14764,8 @@ static wc_test_ret_t aesgcm_default_test_helper(byte* key, int keySz, byte* iv,
   out:
 
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    wc_AesDelete(&enc);
+    wc_AesDelete(enc, &enc);
-    wc_AesDelete(&dec);
+    wc_AesDelete(dec, &dec);
 #else
     wc_AesFree(enc);
     wc_AesFree(dec);
@@ -15802,8 +15701,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesgcm_test(void)
 #endif
 
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    wc_AesDelete(&enc);
+    wc_AesDelete(enc, &enc);
-    wc_AesDelete(&dec);
+    wc_AesDelete(dec, &dec);
 #else
     wc_AesFree(enc);
     wc_AesFree(dec);
@@ -16026,7 +15925,7 @@ static wc_test_ret_t aesccm_256_test(void)
 #endif
 
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    wc_AesDelete(&aes);
+    wc_AesDelete(aes, &aes);
 #else
     wc_AesFree(aes);
 #endif
@@ -16319,7 +16218,7 @@ static wc_test_ret_t aesccm_128_test(void)
   out:
 
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    wc_AesDelete(&enc);
+    wc_AesDelete(enc, &enc);
 #else
     wc_AesFree(enc);
 #endif
@@ -22278,9 +22177,9 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_test(void)
 exit_rsa:
 
     #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    wc_DeleteRsaKey(&key);
+    wc_DeleteRsaKey(key, &key);
     #if defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_CERT_GEN)
-    wc_DeleteRsaKey(&keypub);
+    wc_DeleteRsaKey(keypub, &keypub);
     #endif
     #ifdef WOLFSSL_TEST_CERT
     XFREE(cert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -35361,9 +35260,9 @@ cleanup:
 
     /* clean up keys when done */
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    wc_curve25519_delete(&pubKey);
+    wc_curve25519_delete(pubKey, &pubKey);
-    wc_curve25519_delete(&userB);
+    wc_curve25519_delete(userB, &userB);
-    wc_curve25519_delete(&userA);
+    wc_curve25519_delete(userA, &userA);
 #else
     wc_curve25519_free(pubKey);
     wc_curve25519_free(userB);
@@ -36544,7 +36443,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void)
         ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup);
 
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    wc_ed25519_delete(&key3);
+    wc_ed25519_delete(key3, &key3);
 #else
     wc_ed25519_free(key3);
 #endif
@@ -36569,8 +36468,8 @@ cleanup:
 
     /* clean up keys when done */
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    wc_ed25519_delete(&key);
+    wc_ed25519_delete(key, &key);
-    wc_ed25519_delete(&key2);
+    wc_ed25519_delete(key2, &key2);
 #else
     wc_ed25519_free(key);
     wc_ed25519_free(key2);

wolfssl/wolfcrypt/aes.h

@@ -729,7 +729,7 @@ WOLFSSL_API int  wc_AesInit_Label(Aes* aes, const char* label, void* heap,
 WOLFSSL_API void wc_AesFree(Aes* aes);
 #ifndef WC_NO_CONSTRUCTORS
 WOLFSSL_API Aes* wc_AesNew(void* heap, int devId, int *result_code);
-WOLFSSL_API int wc_AesDelete(Aes** aes);
+WOLFSSL_API int wc_AesDelete(Aes* aes, Aes** aes_p);
 #endif
 
 #ifdef WOLFSSL_AES_SIV

wolfssl/wolfcrypt/curve25519.h

@@ -143,7 +143,7 @@ void wc_curve25519_free(curve25519_key* key);
 WOLFSSL_API
 curve25519_key* wc_curve25519_new(void* heap, int devId, int *result_code);
 WOLFSSL_API
-int wc_curve25519_delete(curve25519_key** key);
+int wc_curve25519_delete(curve25519_key* key, curve25519_key** key_p);
 #endif
 WOLFSSL_API
 

wolfssl/wolfcrypt/ed25519.h

@@ -185,7 +185,7 @@ void wc_ed25519_free(ed25519_key* key);
 WOLFSSL_API
 ed25519_key* wc_ed25519_new(void* heap, int devId, int *result_code);
 WOLFSSL_API
-int wc_ed25519_delete(ed25519_key** key);
+int wc_ed25519_delete(ed25519_key* key, ed25519_key** key_p);
 #endif
 WOLFSSL_API
 

wolfssl/wolfcrypt/hash.h

@@ -195,7 +195,7 @@ WOLFSSL_API int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type);
 #ifndef WC_NO_CONSTRUCTORS
 WOLFSSL_API wc_HashAlg* wc_HashNew(enum wc_HashType type, void* heap,
                                    int devId, int *result_code);
-WOLFSSL_API int wc_HashDelete(wc_HashAlg **hash);
+WOLFSSL_API int wc_HashDelete(wc_HashAlg *hash, wc_HashAlg **hash_p);
 #endif
 
 #ifdef WOLFSSL_HASH_FLAGS

wolfssl/wolfcrypt/rsa.h

@@ -297,7 +297,7 @@ WOLFSSL_API int  wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId);
 WOLFSSL_API int  wc_FreeRsaKey(RsaKey* key);
 #ifndef WC_NO_CONSTRUCTORS
 WOLFSSL_API RsaKey* wc_NewRsaKey(void* heap, int devId, int *result_code);
-WOLFSSL_API int  wc_DeleteRsaKey(RsaKey** key);
+WOLFSSL_API int  wc_DeleteRsaKey(RsaKey* key, RsaKey** key_p);
 #endif
 
 #ifdef WOLF_PRIVATE_KEY_ID

wrapper/CSharp/wolfSSL_CSharp/wolfCrypt.cs

@@ -119,7 +119,9 @@ namespace wolfSSL.CSharp
          * RSA
          */
         [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)]
-        private static extern IntPtr wc_NewRsaKey(IntPtr heap, int devId);
+        private static extern IntPtr wc_NewRsaKey(IntPtr heap, int devId, IntPtr result_code);
+        [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)]
+        private static extern int wc_DeleteRsaKey(IntPtr key, IntPtr key_p);
         [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)]
         private extern static int wc_InitRsaKey(IntPtr key, IntPtr heap);
         [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)]
@@ -153,7 +155,9 @@ namespace wolfSSL.CSharp
          * ED25519
          */
         [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)]
-        private static extern IntPtr wc_ed25519_new(IntPtr heap, int devId);
+        private static extern IntPtr wc_ed25519_new(IntPtr heap, int devId, IntPtr result_code);
+        [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)]
+        private static extern int wc_ed25519_delete(IntPtr key, IntPtr key_p);
         [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)]
         private static extern int wc_ed25519_init(IntPtr key);
         [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)]
@@ -194,7 +198,9 @@ namespace wolfSSL.CSharp
          * Curve25519
          */
         [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)]
-        private static extern IntPtr wc_curve25519_new(IntPtr heap, int devId);
+        private static extern IntPtr wc_curve25519_new(IntPtr heap, int devId, IntPtr result_code);
+        [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)]
+        private static extern int wc_curve25519_delete(IntPtr key, IntPtr key_p);
         [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)]
         private extern static int wc_curve25519_init(IntPtr key);
         [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)]
@@ -235,7 +241,9 @@ namespace wolfSSL.CSharp
          * AES-GCM
          */
         [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)]
-        private extern static IntPtr wc_AesNew(IntPtr heap, int devId);
+        private extern static IntPtr wc_AesNew(IntPtr heap, int devId, IntPtr result_code);
+        [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)]
+        private extern static int wc_AesDelete(IntPtr aes, IntPtr aes_p);
         [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)]
         private extern static int wc_AesFree(IntPtr aes);
         [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)]
@@ -254,7 +262,9 @@ namespace wolfSSL.CSharp
          * HASH
          */
         [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)]
-        private extern static IntPtr wc_HashNew(uint hashType, IntPtr heap, int devId);
+        private extern static IntPtr wc_HashNew(uint hashType, IntPtr heap, int devId, IntPtr result_code);
+        [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)]
+        private extern static int wc_HashDelete(IntPtr hash, IntPtr hash_p);
         [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)]
         private extern static int wc_HashInit(IntPtr hash, uint hashType);
         [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)]
@@ -1322,7 +1332,7 @@ namespace wolfSSL.CSharp
             try
             {
                 /* Allocate and init new RSA key structure */
-                key = wc_NewRsaKey(heap, devId);
+                key = wc_NewRsaKey(heap, devId, IntPtr.Zero);
                 if (key != IntPtr.Zero)
                 {
                     rng = RandomNew();
@@ -1370,7 +1380,7 @@ namespace wolfSSL.CSharp
 
             try
             {
-                key = wc_NewRsaKey(IntPtr.Zero, INVALID_DEVID);
+                key = wc_NewRsaKey(IntPtr.Zero, INVALID_DEVID, IntPtr.Zero);
                 if (key != IntPtr.Zero)
                 {
                     IntPtr idx = Marshal.AllocHGlobal(sizeof(uint));
@@ -1548,7 +1558,8 @@ namespace wolfSSL.CSharp
         {
             if (key != IntPtr.Zero)
             {
-                wc_FreeRsaKey(key);
+                wc_DeleteRsaKey(key, IntPtr.Zero);
+                key = IntPtr.Zero;
             }
         }
         /* END RSA */
@@ -1578,7 +1589,7 @@ namespace wolfSSL.CSharp
                     throw new Exception("Failed to create RNG.");
                 }
 
-                key = wc_ed25519_new(heap, devId);
+                key = wc_ed25519_new(heap, devId, IntPtr.Zero);
                 if (key != IntPtr.Zero)
                 {
                     ret = wc_ed25519_make_key(rng, 32, key);
@@ -1595,7 +1606,7 @@ namespace wolfSSL.CSharp
                 if (rng != IntPtr.Zero) RandomFree(rng);
                 if (ret != 0)
                 {
-                    wc_ed25519_free(key);
+                    wc_ed25519_delete(key, IntPtr.Zero);
                     key = IntPtr.Zero;
                 }
             }
@@ -1700,7 +1711,7 @@ namespace wolfSSL.CSharp
 
             try
             {
-                key = wc_ed25519_new(IntPtr.Zero, INVALID_DEVID);
+                key = wc_ed25519_new(IntPtr.Zero, INVALID_DEVID, IntPtr.Zero);
                 if (key != IntPtr.Zero)
                 {
                     ret = wc_Ed25519PrivateKeyDecode(input, ref idx, key, (uint)input.Length);
@@ -1734,7 +1745,7 @@ namespace wolfSSL.CSharp
 
             try
             {
-                key = wc_ed25519_new(IntPtr.Zero, INVALID_DEVID);
+                key = wc_ed25519_new(IntPtr.Zero, INVALID_DEVID, IntPtr.Zero);
                 if (key != IntPtr.Zero)
                 {
                     ret = wc_Ed25519PublicKeyDecode(input, ref idx, key, (uint)input.Length);
@@ -1878,7 +1889,8 @@ namespace wolfSSL.CSharp
         /// <param name="key">Key to be freed</param>
         public static void Ed25519FreeKey(IntPtr key)
         {
-            wc_ed25519_free(key);
+            wc_ed25519_delete(key, IntPtr.Zero);
+            key = IntPtr.Zero;
         }
         /* END ED25519 */
 
@@ -2104,7 +2116,7 @@ namespace wolfSSL.CSharp
                     throw new Exception("Failed to create RNG.");
                 }
 
-                key = wc_curve25519_new(heap, devId);
+                key = wc_curve25519_new(heap, devId, IntPtr.Zero);
                 if (key != IntPtr.Zero)
                 {
                     ret = wc_curve25519_make_key(rng, 32, key);
@@ -2121,7 +2133,7 @@ namespace wolfSSL.CSharp
                 if (rng != IntPtr.Zero) RandomFree(rng);
                 if (ret != 0)
                 {
-                    wc_curve25519_free(key);
+                    wc_curve25519_delete(key, IntPtr.Zero);
                     key = IntPtr.Zero;
                 }
             }
@@ -2142,7 +2154,7 @@ namespace wolfSSL.CSharp
 
             try
             {
-                key = wc_ed25519_new(IntPtr.Zero, INVALID_DEVID);
+                key = wc_ed25519_new(IntPtr.Zero, INVALID_DEVID, IntPtr.Zero);
                 if (key != IntPtr.Zero)
                 {
                     ret = wc_Ed25519PrivateKeyDecode(input, ref idx, key, (uint)input.Length);
@@ -2176,7 +2188,7 @@ namespace wolfSSL.CSharp
 
             try
             {
-                key = wc_curve25519_new(IntPtr.Zero, INVALID_DEVID);
+                key = wc_curve25519_new(IntPtr.Zero, INVALID_DEVID, IntPtr.Zero);
                 if (key != IntPtr.Zero)
                 {
                     ret = wc_Curve25519PublicKeyDecode(input, ref idx, key, (uint)input.Length);
@@ -2280,7 +2292,8 @@ namespace wolfSSL.CSharp
         /// <param name="key">Key to be freed</param>
         public static void Curve25519FreeKey(IntPtr key)
         {
-            wc_curve25519_free(key);
+            wc_curve25519_delete(key, IntPtr.Zero);
+            key = IntPtr.Zero;
         }
         /* END Curve25519 */
 
@@ -2449,7 +2462,7 @@ namespace wolfSSL.CSharp
 
             try
             {
-                aesPtr = wc_AesNew(heap, devId);
+                aesPtr = wc_AesNew(heap, devId, IntPtr.Zero);
 
                 if (aesPtr == IntPtr.Zero)
                 {
@@ -2676,7 +2689,8 @@ namespace wolfSSL.CSharp
         {
             if (aes != IntPtr.Zero)
             {
-                wc_AesFree(aes);
+                wc_AesDelete(aes, IntPtr.Zero);
+                aes = IntPtr.Zero;
             }
         }
         /* END AES-GCM */
@@ -2700,7 +2714,7 @@ namespace wolfSSL.CSharp
             try
             {
                 /* Allocate new hash */
-                hash = wc_HashNew(hashType, heap, devId);
+                hash = wc_HashNew(hashType, heap, devId, IntPtr.Zero);
                 if (hash == IntPtr.Zero)
                 {
                     throw new Exception("Failed to allocate new hash context.");
@@ -2740,7 +2754,10 @@ namespace wolfSSL.CSharp
             {
                 /* Cleanup */
                 log(ERROR_LOG, "InitHash Exception: " + e.ToString());
-                if (hash != IntPtr.Zero) wc_HashFree(hash, hashType);
+                if (hash != IntPtr.Zero) {
+                    wc_HashDelete(hash, IntPtr.Zero);
+                    hash = IntPtr.Zero;
+                }
             }
 
             return ret;
@@ -2856,7 +2873,8 @@ namespace wolfSSL.CSharp
                     throw new Exception("Hash context is null, cannot free.");
 
                 /* Free hash */
-                ret = wc_HashFree(hash, hashType);
+                ret = wc_HashDelete(hash, IntPtr.Zero);
+                hash = IntPtr.Zero;
                 if (ret != 0)
                 {
                     throw new Exception($"Failed to free hash context. Error code: {ret}");