Add Tropic01_Deinit call in wolfCrypt_Cleanup for proper resource management

wolfcrypt/src/port/tropicsquare/tropic01.c

@@ -24,10 +24,11 @@
     #include <config.h>
 #endif
 
+#include <wolfssl/wolfcrypt/settings.h>
+
 #ifdef WOLFSSL_TROPIC01
 
 #include <wolfssl/wolfcrypt/types.h>
-#include <wolfssl/wolfcrypt/settings.h>
 #include <wolfssl/wolfcrypt/cryptocb.h>
 #include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/wolfcrypt/logging.h>
@@ -60,7 +61,6 @@ static int Tropic01_GetRandom(byte* out, word32 sz)
     ret = lt_random_get(&g_h, out, sz);
     if (ret != LT_OK) {
         WOLFSSL_MSG_EX("TROPIC01: GetKey: Failed to retrieve key, ret=%d", ret);
-        Tropic01_Deinit();
         return WC_HW_E;
     }
 
@@ -84,14 +84,12 @@ static int Tropic01_GenerateKeyED25519(byte* pubkey, int keySlot, word32 sz)
     ret = lt_ecc_key_erase(&g_h, keySlot);
     if (ret != LT_OK) {
         WOLFSSL_MSG_EX("TROPIC01: GetKey: Failed to erase key, ret=%d", ret);
-        Tropic01_Deinit();
         return WC_HW_E;
     }
 
     ret = lt_ecc_key_generate(&g_h, keySlot, CURVE_ED25519);
     if (ret != LT_OK) {
         WOLFSSL_MSG_EX("TROPIC01: GetKey: Failed to generate key, ret=%d", ret);
-        Tropic01_Deinit();
         return WC_HW_E;
     }
     lt_ecc_curve_type_t curve = CURVE_ED25519;
@@ -99,7 +97,6 @@ static int Tropic01_GenerateKeyED25519(byte* pubkey, int keySlot, word32 sz)
     ret = lt_ecc_key_read(&g_h, keySlot, pubkey, sz, &curve, &origin);
     if (ret != LT_OK) {
         WOLFSSL_MSG_EX("TROPIC01: GetKey: Failed to read pub key, ret=%d", ret);
-        Tropic01_Deinit();
         return WC_HW_E;
     }
 
@@ -143,7 +140,6 @@ static int Tropic01_GetKeyAES(Aes* aes, int keySlot, word32 keySz)
             "TROPIC01: Get AES Key: Failed to retrieve key, ret=%d",
             rett
         );
-        Tropic01_Deinit();
         return WC_HW_E;
     }
 
@@ -185,7 +181,6 @@ static int Tropic01_GetKeyECC(byte* ecckey, int keySlot, word32 keySz)
             "TROPIC01: Get ECC Key: Failed to retrieve key, ret=%d",
             rett
         );
-        Tropic01_Deinit();
         return WC_HW_E;
     }
 
@@ -226,17 +221,18 @@ int Tropic01_CryptoCb(int devId, wc_CryptoInfo* info, void* ctx)
             ret = Tropic01_GetRandom(info->seed.seed, info->seed.sz);
             break;
         case WC_ALGO_TYPE_PK:
-#if defined(HAVE_ED25519) && defined(HAVE_ED25519_MAKE_KEY)
+#ifdef HAVE_ED25519
+    #ifdef HAVE_ED25519_MAKE_KEY
         if (info->pk.type == WC_PK_TYPE_ED25519_KEYGEN) {
             WOLFSSL_MSG("TROPIC01: CryptoCB: ED25519 key generation request");
             ret = Tropic01_GenerateKeyED25519(
                 info->pk.ed25519kg.key->p,
                 TROPIC01_ED25519_ECC_SLOT_DEFAULT,
                 info->pk.ed25519kg.size);
-
         }
+    #endif /* HAVE_ED25519_MAKE_KEY */
     #ifdef HAVE_ED25519_SIGN
-        else if (info->pk.type == WC_PK_TYPE_ED25519_SIGN) {
+        if (info->pk.type == WC_PK_TYPE_ED25519_SIGN) {
 
             WOLFSSL_MSG("TROPIC01: CryptoCB: ED25519 signing request");
             /* retrieve private key from TROPIC01 secure R memory */
@@ -263,9 +259,9 @@ int Tropic01_CryptoCb(int devId, wc_CryptoInfo* info, void* ctx)
             /* reset devId */
             info->pk.ed25519sign.key->devId = devId;
         }
-        #endif
+    #endif /* HAVE_ED25519_SIGN */
     #ifdef HAVE_ED25519_VERIFY
-        else if (info->pk.type == WC_PK_TYPE_ED25519_VERIFY) {
+        if (info->pk.type == WC_PK_TYPE_ED25519_VERIFY) {
             WOLFSSL_MSG("TROPIC01: CryptoCB: ED25519 verification request");
             /* retrieve public key from TROPIC01 secure R memory */
             ret = Tropic01_GetKeyECC(
@@ -297,7 +293,7 @@ int Tropic01_CryptoCb(int devId, wc_CryptoInfo* info, void* ctx)
         case WC_ALGO_TYPE_CIPHER:
             WOLFSSL_MSG("TROPIC01: CryptoCB: AES request ");
 
-#if !defined(NO_AES) || !defined(NO_DES3)
+#if !defined(NO_AES)
     #ifdef HAVE_AESGCM
             if (info->cipher.type == WC_CIPHER_AES_GCM) {
                 if (info->cipher.enc) {
@@ -410,7 +406,7 @@ int Tropic01_CryptoCb(int devId, wc_CryptoInfo* info, void* ctx)
             }
         }
     #endif /* HAVE_AES_CBC */
-#endif /* !NO_AES || !NO_DES3 */
+#endif /* !NO_AES */
             break;
 
         default:
@@ -423,6 +419,7 @@ int Tropic01_CryptoCb(int devId, wc_CryptoInfo* info, void* ctx)
 /* Set TROPIC01 pairing keys */
 int Tropic01_SetPairingKeys(int kIndex, const byte* kPub, const byte* kPriv)
 {
+    int i;
 
     if (kPub == NULL || kPriv == NULL || kIndex < 0 || kIndex > 3) {
         WOLFSSL_MSG_EX("TROPIC01: SetPairingKeys: Invalid arguments");
@@ -433,7 +430,7 @@ int Tropic01_SetPairingKeys(int kIndex, const byte* kPub, const byte* kPriv)
         "TROPIC01: SetPairingKeys: Setting pairing key in slot %d",
         kIndex);
 
-    for (int i = 0; i < TROPIC01_PAIRING_KEY_SIZE; i++) {
+    for (i = 0; i < TROPIC01_PAIRING_KEY_SIZE; i++) {
 
         sh0priv[i] = kPriv[i];
         sh0pub[i] = kPub[i];

wolfcrypt/src/wc_port.c

@@ -524,6 +524,9 @@ int wolfCrypt_Cleanup(void)
     #ifdef WOLFSSL_SILABS_SE_ACCEL
         ret = sl_se_deinit();
     #endif
+    #if defined(WOLFSSL_TROPIC01)
+        Tropic01_Deinit();
+    #endif
     #if defined(WOLFSSL_RENESAS_TSIP)
         tsip_Close();
     #endif