diff options
author | Paul Bartell <pbartell@amazon.com> | 2022-12-06 12:26:49 -0800 |
---|---|---|
committer | Paul Bartell <paul.bartell@gmail.com> | 2022-12-07 17:21:43 -0800 |
commit | 0ca1ec886131c774a31ecc9c1fc8587ed4ae538f (patch) | |
tree | e571d66f6c195d71d2f387e8fcca6380e7193e2c /FreeRTOS-Plus | |
parent | 1fc1e01fb691e25eadaf3b030ec99f82acd42560 (diff) | |
download | freertos-git-0ca1ec886131c774a31ecc9c1fc8587ed4ae538f.tar.gz |
Fix memory leak in transport_mbedtls_pkcs11.c
Diffstat (limited to 'FreeRTOS-Plus')
4 files changed, 2 insertions, 71 deletions
diff --git a/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/pkcs11_operations.c b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/pkcs11_operations.c index 91fc5c2b7..d5ff833cf 100644 --- a/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/pkcs11_operations.c +++ b/FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/pkcs11_operations.c @@ -263,7 +263,7 @@ bool xGenerateKeyAndCsr( CK_SESSION_HANDLE xP11Session, mbedtls_x509write_csr_free( &xReq ); - lPKCS11PkMbedtlsCloseSessionAndFree( &xPrivKey ); + mbedtls_pk_free( &xPrivKey ); } *pxOutCsrLength = strlen( pcCsrBuffer ); diff --git a/FreeRTOS-Plus/Source/Application-Protocols/network_transport/mbedtls_pk_pkcs11.c b/FreeRTOS-Plus/Source/Application-Protocols/network_transport/mbedtls_pk_pkcs11.c index ef6acf0de..f4549666b 100644 --- a/FreeRTOS-Plus/Source/Application-Protocols/network_transport/mbedtls_pk_pkcs11.c +++ b/FreeRTOS-Plus/Source/Application-Protocols/network_transport/mbedtls_pk_pkcs11.c @@ -387,56 +387,6 @@ CK_RV xPKCS11_initMbedtlsPkContext( mbedtls_pk_context * pxMbedtlsPkCtx, /*-----------------------------------------------------------*/ -int lPKCS11PkMbedtlsCloseSessionAndFree( mbedtls_pk_context * pxMbedtlsPkCtx ) -{ - CK_RV xResult = CKR_OK; - P11PkCtx_t * pxP11Ctx = NULL; - CK_FUNCTION_LIST_PTR pxFunctionList = NULL; - - configASSERT( pxMbedtlsPkCtx ); - - if( pxMbedtlsPkCtx ) - { - if( pxMbedtlsPkCtx->pk_info->type == MBEDTLS_PK_ECKEY ) - { - pxP11Ctx = &( ( ( P11EcDsaCtx_t * ) ( pxMbedtlsPkCtx->pk_ctx ) )->xP11PkCtx ); - } - else if( pxMbedtlsPkCtx->pk_info->type == MBEDTLS_PK_RSA ) - { - pxP11Ctx = &( ( ( P11RsaCtx_t * ) ( pxMbedtlsPkCtx->pk_ctx ) )->xP11PkCtx ); - } - else - { - pxP11Ctx = NULL; - xResult = CKR_FUNCTION_FAILED; - } - } - else - { - xResult = CKR_FUNCTION_FAILED; - } - - if( xResult == CKR_OK ) - { - xResult = C_GetFunctionList( &pxFunctionList ); - } - - if( xResult == CKR_OK ) - { - configASSERT( pxFunctionList ); - xResult = pxFunctionList->C_CloseSession( pxP11Ctx->xSessionHandle ); - } - - if( xResult == CKR_OK ) - { - pxP11Ctx->xSessionHandle = CK_INVALID_HANDLE; - } - - return( xResult == CKR_OK ? 0 : -1 ); -} - -/*-----------------------------------------------------------*/ - int lPKCS11RandomCallback( void * pvCtx, unsigned char * pucOutput, size_t uxLen ) diff --git a/FreeRTOS-Plus/Source/Application-Protocols/network_transport/mbedtls_pk_pkcs11.h b/FreeRTOS-Plus/Source/Application-Protocols/network_transport/mbedtls_pk_pkcs11.h index 51093d7d9..d3c5105b1 100644 --- a/FreeRTOS-Plus/Source/Application-Protocols/network_transport/mbedtls_pk_pkcs11.h +++ b/FreeRTOS-Plus/Source/Application-Protocols/network_transport/mbedtls_pk_pkcs11.h @@ -47,15 +47,6 @@ CK_RV xPKCS11_initMbedtlsPkContext( mbedtls_pk_context * pxMbedtlsPkCtx, CK_OBJECT_HANDLE xPkHandle ); /** - * @brief Close the PKCS11 session and free the relevant pk context. - * - * @param pxMbedtlsPkCtx Pointer to the mbedtls_pk_context to free - * @return 0 on success - * @return A negative number on failure - */ -int lPKCS11PkMbedtlsCloseSessionAndFree( mbedtls_pk_context * pxMbedtlsPkCtx ); - -/** * @brief Callback to generate random data with the PKCS11 module. * * @param[in] pvCtx void pointer to the @@ -68,6 +59,4 @@ int lPKCS11RandomCallback( void * pvCtx, unsigned char * pucOutput, size_t uxLen ); - - #endif /* MBEDTLS_PK_PKCS11_H */ diff --git a/FreeRTOS-Plus/Source/Application-Protocols/network_transport/transport_mbedtls_pkcs11.c b/FreeRTOS-Plus/Source/Application-Protocols/network_transport/transport_mbedtls_pkcs11.c index 765a6ed3a..0fa3421df 100644 --- a/FreeRTOS-Plus/Source/Application-Protocols/network_transport/transport_mbedtls_pkcs11.c +++ b/FreeRTOS-Plus/Source/Application-Protocols/network_transport/transport_mbedtls_pkcs11.c @@ -180,13 +180,6 @@ static CK_RV initializeClientKeys( SSLContext_t * pxCtx, const char * pcLabelName ); /** - * @brief Stub function to satisfy mbedtls checks before sign operations - * - * @return 1. - */ -int canDoStub( mbedtls_pk_type_t type ); - -/** * @brief Sign a cryptographic hash with the private key. * * @param[in] pvContext Crypto context. @@ -237,8 +230,7 @@ static void sslContextFree( SSLContext_t * pSslContext ) mbedtls_x509_crt_free( &( pSslContext->clientCert ) ); mbedtls_ssl_config_free( &( pSslContext->config ) ); - - ( void ) lPKCS11PkMbedtlsCloseSessionAndFree( &( pSslContext->privKey ) ); + mbedtls_pk_free( &( pSslContext->privKey ) ); pSslContext->pxP11FunctionList->C_CloseSession( pSslContext->xP11Session ); } |