wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 18:57:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fixes for buffers when testing with Intel QAT hardware and fsanitize=address:

Browse Source 
* PKCS7 should use allocated buffer for RSA.
* PKCS7 small stack typo for `keyAlgArray` size in `wc_PKCS7_AddRecipient_KTRI`.
* Fix for use of `free`, which should be `XFREE` in api.c.
* Cleanup old RSA benchmarking MDK5/WINCE code no longer needed with `WC_DECLARE_ARRAY_DYNAMIC_DEC` and `WC_DECLARE_ARRAY_DYNAMIC_EXE`.
This commit is contained in:
David Garske
2022-06-01 10:51:59 -07:00
parent cced5bd700
commit 5672e2a885
3 changed files with 49 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
tests/api.c
View File

@ -48194,7 +48194,8 @@ static void test_wolfSSL_PKCS7_sign(void)
tmpPtr = NULL;
AssertIntEQ(i2d_X509(signCert, &tmpPtr), p7Ver->verifyCertSz);
AssertIntEQ(XMEMCMP(tmpPtr, p7Ver->verifyCert, p7Ver->verifyCertSz), 0);
free(tmpPtr);
XFREE(tmpPtr, NULL, DYNAMIC_TYPE_OPENSSL);
tmpPtr = NULL;
wc_PKCS7_Free(p7Ver);

10
wolfcrypt/benchmark/benchmark.c
View File

@ -5233,22 +5233,12 @@ static void bench_rsa_helper(int useDeviceID, RsaKey rsaKey[BENCH_MAX_PENDING],
#ifndef WOLFSSL_RSA_VERIFY_ONLY
WC_DECLARE_VAR(message, byte, TEST_STRING_SZ, HEAP_HINT);
#endif
#if !defined(WOLFSSL_MDK5_COMPLv5) && !defined(_WIN32_WCE)
/* MDK5 compiler regard this as a executable statement, and does not allow declarations after the line. */
WC_DECLARE_ARRAY_DYNAMIC_DEC(enc, byte, BENCH_MAX_PENDING, rsaKeySz, HEAP_HINT);
#else
byte* enc[BENCH_MAX_PENDING];
#endif
#if !defined(WOLFSSL_RSA_VERIFY_INLINE) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)
#if !defined(WOLFSSL_MDK5_COMPLv5) && !defined(_WIN32_WCE)
/* MDK5 compiler regard this as a executable statement, and does not allow declarations after the line. */
WC_DECLARE_ARRAY_DYNAMIC_DEC(out, byte, BENCH_MAX_PENDING, rsaKeySz, HEAP_HINT);
#else
byte* out[BENCH_MAX_PENDING];
#endif
#else
byte* out[BENCH_MAX_PENDING];
#endif
WC_DECLARE_ARRAY_DYNAMIC_EXE(enc, byte, BENCH_MAX_PENDING, rsaKeySz, HEAP_HINT);
#if !defined(WOLFSSL_RSA_VERIFY_INLINE) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)

84
wolfcrypt/src/pkcs7.c
View File

@ -6435,42 +6435,45 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
byte issuerSKID[MAX_LENGTH_SZ];
word32 issuerSKIDSz = 0;
byte* encryptedKey;
#ifdef WOLFSSL_SMALL_STACK
byte* serial;
byte* keyAlgArray;
byte* encryptedKey;
RsaKey* pubKey;
DecodedCert* decoded;
serial = (byte*)XMALLOC(MAX_SN_SZ, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
keyAlgArray = (byte*)XMALLOC(MAX_SN_SZ, pkcs7->heap,
DYNAMIC_TYPE_TMP_BUFFER);
encryptedKey = (byte*)XMALLOC(MAX_ENCRYPTED_KEY_SZ, pkcs7->heap,
keyAlgArray = (byte*)XMALLOC(MAX_ALGO_SZ, pkcs7->heap,
DYNAMIC_TYPE_TMP_BUFFER);
decoded = (DecodedCert*)XMALLOC(sizeof(DecodedCert), pkcs7->heap,
DYNAMIC_TYPE_TMP_BUFFER);
if (decoded == NULL || serial == NULL ||
encryptedKey == NULL || keyAlgArray == NULL) {
if (serial)
if (decoded == NULL || serial == NULL || keyAlgArray == NULL) {
XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (keyAlgArray)
XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (encryptedKey)
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (decoded)
XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
return MEMORY_E;
}
#else
byte serial[MAX_SN_SZ];
byte keyAlgArray[MAX_ALGO_SZ];
byte encryptedKey[MAX_ENCRYPTED_KEY_SZ];
RsaKey pubKey[1];
DecodedCert decoded[1];
#endif
/* Always allocate to ensure aligned use with RSA */
encryptedKey = (byte*)XMALLOC(MAX_ENCRYPTED_KEY_SZ, pkcs7->heap,
DYNAMIC_TYPE_WOLF_BIGINT);
if (encryptedKey == NULL) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return MEMORY_E;
}
encryptedKeySz = MAX_ENCRYPTED_KEY_SZ;
XMEMSET(encryptedKey, 0, encryptedKeySz);
@ -6495,9 +6498,9 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
#ifdef WOLFSSL_SMALL_STACK
XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
return MEMORY_E;
}
XMEMSET(recip, 0, sizeof(Pkcs7EncodedRecip));
@ -6508,9 +6511,9 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
#ifdef WOLFSSL_SMALL_STACK
XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return blockKeySz;
}
@ -6521,9 +6524,9 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
#ifdef WOLFSSL_SMALL_STACK
XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return ret;
}
@ -6535,9 +6538,9 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
#ifdef WOLFSSL_SMALL_STACK
XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return ret;
}
@ -6555,9 +6558,9 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
#ifdef WOLFSSL_SMALL_STACK
XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return -1;
}
@ -6570,9 +6573,9 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
#ifdef WOLFSSL_SMALL_STACK
XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return -1;
}
@ -6584,9 +6587,9 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
#ifdef WOLFSSL_SMALL_STACK
XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return -1;
}
@ -6604,9 +6607,9 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
#ifdef WOLFSSL_SMALL_STACK
XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return PKCS7_RECIP_E;
}
@ -6619,9 +6622,9 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
#ifdef WOLFSSL_SMALL_STACK
XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return ALGO_ID_E;
}
@ -6632,9 +6635,9 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
#ifdef WOLFSSL_SMALL_STACK
XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return BAD_FUNC_ARG;
}
@ -6646,7 +6649,7 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
FreeDecodedCert(decoded);
XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return MEMORY_E;
@ -6661,9 +6664,9 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
XFREE(pubKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return ret;
}
@ -6677,9 +6680,9 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
XFREE(pubKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return PUBLIC_KEY_E;
}
@ -6692,9 +6695,9 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
XFREE(pubKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return MEMORY_E;
}
@ -6726,9 +6729,9 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
#ifdef WOLFSSL_SMALL_STACK
XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return ret;
}
@ -6749,9 +6752,9 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
#ifdef WOLFSSL_SMALL_STACK
XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return BUFFER_E;
}
@ -6768,9 +6771,9 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
#ifdef WOLFSSL_SMALL_STACK
XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return BUFFER_E;
}
@ -6810,9 +6813,9 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
#ifdef WOLFSSL_SMALL_STACK
XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
/* store recipient size */
recip->recipSz = idx;
@ -8483,13 +8486,13 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
WC_RNG rng;
#endif
byte* encryptedKey = NULL;
#ifdef WOLFSSL_SMALL_STACK
mp_int* serialNum = NULL;
byte* encryptedKey = NULL;
RsaKey* privKey = NULL;
#else
mp_int serialNum[1];
byte encryptedKey[MAX_ENCRYPTED_KEY_SZ];
RsaKey privKey[1];
#endif
@ -8683,12 +8686,11 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
encryptedKeySz = pkcs7->stream->expected;
#endif
#ifdef WOLFSSL_SMALL_STACK
/* Always allocate to ensure aligned use with RSA */
encryptedKey = (byte*)XMALLOC(encryptedKeySz, pkcs7->heap,
DYNAMIC_TYPE_TMP_BUFFER);
DYNAMIC_TYPE_WOLF_BIGINT);
if (encryptedKey == NULL)
return MEMORY_E;
#endif
if (*recipFound == 1)
XMEMCPY(encryptedKey, &pkiMsg[*idx], encryptedKeySz);
@ -8699,15 +8701,15 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
privKey = (RsaKey*)XMALLOC(sizeof(RsaKey), pkcs7->heap,
DYNAMIC_TYPE_TMP_BUFFER);
if (privKey == NULL) {
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
return MEMORY_E;
}
#endif
ret = wc_InitRsaKey_ex(privKey, pkcs7->heap, pkcs7->devId);
if (ret != 0) {
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
#ifdef WOLFSSL_SMALL_STACK
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
@ -8724,8 +8726,8 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
if (ret != 0) {
WOLFSSL_MSG("Failed to decode RSA private key");
wc_FreeRsaKey(privKey);
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
#ifdef WOLFSSL_SMALL_STACK
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
@ -8765,8 +8767,8 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
if (keySz <= 0 || outKey == NULL) {
ForceZero(encryptedKey, encryptedKeySz);
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
#ifdef WOLFSSL_SMALL_STACK
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return keySz;
@ -8776,8 +8778,8 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
ForceZero(encryptedKey, encryptedKeySz);
}
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
#ifdef WOLFSSL_SMALL_STACK
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif