Merge pull request #4208 from dgarske/leaks

Fixes for possible leaks with ECCSI and DH test

wolfcrypt/src/eccsi.c

@@ -878,6 +878,8 @@ static int eccsi_make_pair(EccsiKey* key, WC_RNG* rng,
         }
 
         if (err == 0) {
+            wc_ecc_free(&key->pubkey);
+
             /* Step 1 and 2: Generate ephemeral key - v, PVT = [v]G */
             err = wc_ecc_make_key_ex(rng, key->ecc.dp->size, &key->pubkey,
                     key->ecc.dp->id);
@@ -1860,6 +1862,8 @@ static int eccsi_gen_sig(EccsiKey* key, WC_RNG* rng, enum wc_HashType hashType,
         }
 
         if (err == 0) {
+            wc_ecc_free(&key->pubkey);
+
             /* Step 1 and 2: Generate ephemeral key - j, J = [j]G, r = Jx */
             err = wc_ecc_make_key_ex(rng, sz, &key->pubkey, key->ecc.dp->id);
         }
@@ -2036,6 +2040,12 @@ static int eccsi_decode_sig_r_pvt(const EccsiKey* key, const byte* sig,
         err = mp_read_unsigned_bin(r, sig, sz);
     }
     if (err == 0) {
+        /* must free previous public point otherwise wc_ecc_import_point_der 
+         * could leak memory */
+        mp_clear(pvt->x);
+        mp_clear(pvt->y);
+        mp_clear(pvt->z);
+
         err = wc_ecc_import_point_der(sig + sz * 2, sz * 2 + 1,
                 wc_ecc_get_curve_idx(key->ecc.dp->id), pvt);
     }

wolfcrypt/test/test.c

@@ -16781,6 +16781,10 @@ WOLFSSL_TEST_SUBROUTINE int dh_test(void)
         bytes = (word32)XFREAD(tmp, 1, DH_TEST_TMP_SIZE, file);
         XFCLOSE(file);
 
+        /* for HAVE_WOLF_BIGINT prevent leak */
+        wc_FreeDhKey(key);
+        (void)wc_InitDhKey_ex(key, HEAP_HINT, devId);
+
         idx = 0;
         XMEMSET(tmp2, 0, DH_TEST_TMP_SIZE);