diff --git a/src/tls.c b/src/tls.c index 535b43826b..16df26167f 100644 --- a/src/tls.c +++ b/src/tls.c @@ -8579,8 +8579,15 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse) /* Cleanup on error, otherwise data owned by key share entry */ XFREE(kse->pubKey, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); kse->pubKey = NULL; - if (eccKey != NULL) + if (eccKey != NULL) { + #if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \ + defined(WC_ASYNC_ENABLE_ECC) + if (eccKey->nb_ctx != NULL) { + XFREE(eccKey->nb_ctx, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER); + } + #endif wc_ecc_free(eccKey); + } XFREE(kse->key, ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY); kse->key = NULL; } @@ -9817,8 +9824,14 @@ static int TLSX_KeyShare_ProcessEcc_ex(WOLFSSL* ssl, ssl->peerEccKey = NULL; ssl->peerEccKeyPresent = 0; } - if (keyShareEntry->key) { - wc_ecc_free((ecc_key*)keyShareEntry->key); + if (eccKey != NULL) { + #if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \ + defined(WC_ASYNC_ENABLE_ECC) + if (eccKey->nb_ctx != NULL) { + XFREE(eccKey->nb_ctx, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER); + } + #endif + wc_ecc_free(eccKey); XFREE(keyShareEntry->key, ssl->heap, DYNAMIC_TYPE_ECC); keyShareEntry->key = NULL; }