From d4d049b88fba28ee6397d063e34b08d3837b42b6 Mon Sep 17 00:00:00 2001 From: Przemek Stekiel Date: Wed, 19 Apr 2023 13:47:43 +0200 Subject: [PATCH] Add guards for mbedtls_psa_crypto_free() Signed-off-by: Przemek Stekiel --- programs/fuzz/fuzz_client.c | 2 ++ programs/fuzz/fuzz_dtlsclient.c | 2 ++ programs/fuzz/fuzz_dtlsserver.c | 2 ++ programs/fuzz/fuzz_privkey.c | 4 +++- programs/fuzz/fuzz_pubkey.c | 4 +++- programs/fuzz/fuzz_x509crl.c | 4 +++- programs/fuzz/fuzz_x509crt.c | 4 +++- programs/fuzz/fuzz_x509csr.c | 4 +++- programs/pkey/gen_key.c | 2 ++ programs/pkey/key_app.c | 2 ++ programs/pkey/key_app_writer.c | 2 ++ programs/pkey/pk_decrypt.c | 2 ++ programs/pkey/pk_encrypt.c | 2 ++ programs/pkey/pk_sign.c | 2 ++ programs/pkey/pk_verify.c | 2 ++ programs/pkey/rsa_sign_pss.c | 2 ++ programs/pkey/rsa_verify_pss.c | 2 ++ programs/ssl/dtls_client.c | 2 ++ programs/ssl/dtls_server.c | 2 ++ programs/ssl/mini_client.c | 2 ++ programs/ssl/ssl_client1.c | 2 ++ programs/ssl/ssl_context_info.c | 2 ++ programs/ssl/ssl_fork_server.c | 2 ++ programs/ssl/ssl_mail_client.c | 2 ++ programs/ssl/ssl_pthread_server.c | 2 ++ programs/ssl/ssl_server.c | 2 ++ programs/x509/cert_app.c | 2 ++ programs/x509/cert_req.c | 2 ++ programs/x509/cert_write.c | 2 ++ programs/x509/crl_app.c | 2 ++ programs/x509/load_roots.c | 2 ++ programs/x509/req_app.c | 2 ++ 32 files changed, 69 insertions(+), 5 deletions(-) diff --git a/programs/fuzz/fuzz_client.c b/programs/fuzz/fuzz_client.c index 3776b8ae9a..2de51a6e9b 100644 --- a/programs/fuzz/fuzz_client.c +++ b/programs/fuzz/fuzz_client.c @@ -191,7 +191,9 @@ exit: mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_ssl_config_free(&conf); mbedtls_ssl_free(&ssl); +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #else (void) Data; diff --git a/programs/fuzz/fuzz_dtlsclient.c b/programs/fuzz/fuzz_dtlsclient.c index f8f5840d80..d414bb3b05 100644 --- a/programs/fuzz/fuzz_dtlsclient.c +++ b/programs/fuzz/fuzz_dtlsclient.c @@ -126,7 +126,9 @@ exit: mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_ssl_config_free(&conf); mbedtls_ssl_free(&ssl); +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #else (void) Data; diff --git a/programs/fuzz/fuzz_dtlsserver.c b/programs/fuzz/fuzz_dtlsserver.c index 9b8ebe7ac8..df4087a155 100644 --- a/programs/fuzz/fuzz_dtlsserver.c +++ b/programs/fuzz/fuzz_dtlsserver.c @@ -166,7 +166,9 @@ exit: mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_ssl_config_free(&conf); mbedtls_ssl_free(&ssl); +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #else (void) Data; diff --git a/programs/fuzz/fuzz_privkey.c b/programs/fuzz/fuzz_privkey.c index e51ee3010c..d1da5890ac 100644 --- a/programs/fuzz/fuzz_privkey.c +++ b/programs/fuzz/fuzz_privkey.c @@ -71,9 +71,11 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) abort(); } } +#if defined(MBEDTLS_USE_PSA_CRYPTO) exit: - mbedtls_pk_free(&pk); mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + mbedtls_pk_free(&pk); #else (void) Data; (void) Size; diff --git a/programs/fuzz/fuzz_pubkey.c b/programs/fuzz/fuzz_pubkey.c index 16d9d83568..199f8e6899 100644 --- a/programs/fuzz/fuzz_pubkey.c +++ b/programs/fuzz/fuzz_pubkey.c @@ -70,9 +70,11 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) abort(); } } +#if defined(MBEDTLS_USE_PSA_CRYPTO) exit: - mbedtls_pk_free(&pk); mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ +mbedtls_pk_free(&pk); #else (void) Data; (void) Size; diff --git a/programs/fuzz/fuzz_x509crl.c b/programs/fuzz/fuzz_x509crl.c index 21d9700b5e..1140c3d7d3 100644 --- a/programs/fuzz/fuzz_x509crl.c +++ b/programs/fuzz/fuzz_x509crl.c @@ -19,9 +19,11 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) if (ret == 0) { ret = mbedtls_x509_crl_info((char *) buf, sizeof(buf) - 1, " ", &crl); } +#if defined(MBEDTLS_USE_PSA_CRYPTO) exit: - mbedtls_x509_crl_free(&crl); mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + mbedtls_x509_crl_free(&crl); #else (void) Data; (void) Size; diff --git a/programs/fuzz/fuzz_x509crt.c b/programs/fuzz/fuzz_x509crt.c index f3175796b6..3593236148 100644 --- a/programs/fuzz/fuzz_x509crt.c +++ b/programs/fuzz/fuzz_x509crt.c @@ -19,9 +19,11 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) if (ret == 0) { ret = mbedtls_x509_crt_info((char *) buf, sizeof(buf) - 1, " ", &crt); } +#if defined(MBEDTLS_USE_PSA_CRYPTO) exit: - mbedtls_x509_crt_free(&crt); mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + mbedtls_x509_crt_free(&crt); #else (void) Data; (void) Size; diff --git a/programs/fuzz/fuzz_x509csr.c b/programs/fuzz/fuzz_x509csr.c index 6ac695f9d5..25d68b033e 100644 --- a/programs/fuzz/fuzz_x509csr.c +++ b/programs/fuzz/fuzz_x509csr.c @@ -19,9 +19,11 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) if (ret == 0) { ret = mbedtls_x509_csr_info((char *) buf, sizeof(buf) - 1, " ", &csr); } +#if defined(MBEDTLS_USE_PSA_CRYPTO) exit: - mbedtls_x509_csr_free(&csr); mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ +mbedtls_x509_csr_free(&csr); #else (void) Data; (void) Size; diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c index 20fc17f90d..cd21743fb4 100644 --- a/programs/pkey/gen_key.c +++ b/programs/pkey/gen_key.c @@ -420,7 +420,9 @@ exit: mbedtls_pk_free(&key); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) mbedtls_printf(" + Press Enter to exit this program.\n"); diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c index 82a4de12a5..2f308304bc 100644 --- a/programs/pkey/key_app.c +++ b/programs/pkey/key_app.c @@ -284,7 +284,9 @@ cleanup: #endif mbedtls_pk_free(&pk); +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP); mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP); diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c index 4da4f653a2..e986ada826 100644 --- a/programs/pkey/key_app_writer.c +++ b/programs/pkey/key_app_writer.c @@ -409,7 +409,9 @@ exit: mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP); mbedtls_pk_free(&key); +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) mbedtls_printf(" + Press Enter to exit this program.\n"); diff --git a/programs/pkey/pk_decrypt.c b/programs/pkey/pk_decrypt.c index 9ab01ecc90..c3ff53d9f1 100644 --- a/programs/pkey/pk_decrypt.c +++ b/programs/pkey/pk_decrypt.c @@ -151,7 +151,9 @@ exit: mbedtls_pk_free(&pk); mbedtls_entropy_free(&entropy); mbedtls_ctr_drbg_free(&ctr_drbg); +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_ERROR_C) if (exit_code != MBEDTLS_EXIT_SUCCESS) { diff --git a/programs/pkey/pk_encrypt.c b/programs/pkey/pk_encrypt.c index f3c3274652..5f5a424fed 100644 --- a/programs/pkey/pk_encrypt.c +++ b/programs/pkey/pk_encrypt.c @@ -153,7 +153,9 @@ exit: mbedtls_pk_free(&pk); mbedtls_entropy_free(&entropy); mbedtls_ctr_drbg_free(&ctr_drbg); +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_ERROR_C) if (exit_code != MBEDTLS_EXIT_SUCCESS) { diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c index a52584a386..2a8b7a4cf5 100644 --- a/programs/pkey/pk_sign.c +++ b/programs/pkey/pk_sign.c @@ -150,7 +150,9 @@ exit: mbedtls_pk_free(&pk); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_ERROR_C) if (exit_code != MBEDTLS_EXIT_SUCCESS) { diff --git a/programs/pkey/pk_verify.c b/programs/pkey/pk_verify.c index 49b520489a..96a5d28f1c 100644 --- a/programs/pkey/pk_verify.c +++ b/programs/pkey/pk_verify.c @@ -126,7 +126,9 @@ int main(int argc, char *argv[]) exit: mbedtls_pk_free(&pk); +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_ERROR_C) if (exit_code != MBEDTLS_EXIT_SUCCESS) { diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c index 63bc755f31..effff259b9 100644 --- a/programs/pkey/rsa_sign_pss.c +++ b/programs/pkey/rsa_sign_pss.c @@ -158,7 +158,9 @@ exit: mbedtls_pk_free(&pk); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) mbedtls_printf(" + Press Enter to exit this program.\n"); diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c index 9fb0401d1e..a9c75ef704 100644 --- a/programs/pkey/rsa_verify_pss.c +++ b/programs/pkey/rsa_verify_pss.c @@ -136,7 +136,9 @@ int main(int argc, char *argv[]) exit: mbedtls_pk_free(&pk); +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) mbedtls_printf(" + Press Enter to exit this program.\n"); diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c index c35c4e2654..beac5d5d98 100644 --- a/programs/ssl/dtls_client.c +++ b/programs/ssl/dtls_client.c @@ -339,7 +339,9 @@ exit: mbedtls_ssl_config_free(&conf); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) mbedtls_printf(" + Press Enter to exit this program.\n"); diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c index 568ef1fe1b..2128d02c9a 100644 --- a/programs/ssl/dtls_server.c +++ b/programs/ssl/dtls_server.c @@ -404,7 +404,9 @@ exit: #endif mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) printf(" Press Enter to exit this program.\n"); diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c index 6208859634..27154d8f82 100644 --- a/programs/ssl/mini_client.c +++ b/programs/ssl/mini_client.c @@ -281,7 +281,9 @@ exit: #if defined(MBEDTLS_X509_CRT_PARSE_C) mbedtls_x509_crt_free(&ca); #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_exit(ret); } diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c index 6d8ff0bb8b..933ae7555f 100644 --- a/programs/ssl/ssl_client1.c +++ b/programs/ssl/ssl_client1.c @@ -289,7 +289,9 @@ exit: mbedtls_ssl_config_free(&conf); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) mbedtls_printf(" + Press Enter to exit this program.\n"); diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c index be8dee525a..d503fab569 100644 --- a/programs/ssl/ssl_context_info.c +++ b/programs/ssl/ssl_context_info.c @@ -1017,7 +1017,9 @@ int main(int argc, char *argv[]) printf("Finished. No valid base64 code found\n"); } +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ return 0; } diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c index efa9ad1e01..adba12aabe 100644 --- a/programs/ssl/ssl_fork_server.c +++ b/programs/ssl/ssl_fork_server.c @@ -384,7 +384,9 @@ exit: mbedtls_ssl_config_free(&conf); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) mbedtls_printf(" Press Enter to exit this program.\n"); diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index 27bf137be2..89a26fc70a 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -801,7 +801,9 @@ exit: mbedtls_ssl_config_free(&conf); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) mbedtls_printf(" + Press Enter to exit this program.\n"); diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c index e57c63ec84..b4a718d7a2 100644 --- a/programs/ssl/ssl_pthread_server.c +++ b/programs/ssl/ssl_pthread_server.c @@ -492,7 +492,9 @@ exit: #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) mbedtls_memory_buffer_alloc_free(); #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) mbedtls_printf(" Press Enter to exit this program.\n"); diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c index 0da0f87054..69fd0bb065 100644 --- a/programs/ssl/ssl_server.c +++ b/programs/ssl/ssl_server.c @@ -366,7 +366,9 @@ exit: #endif mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) mbedtls_printf(" Press Enter to exit this program.\n"); diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c index 721de84a9c..294e994c7d 100644 --- a/programs/x509/cert_app.c +++ b/programs/x509/cert_app.c @@ -461,7 +461,9 @@ exit: #endif mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) mbedtls_printf(" + Press Enter to exit this program.\n"); diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c index 43b1eb1e91..db200d9b11 100644 --- a/programs/x509/cert_req.c +++ b/programs/x509/cert_req.c @@ -374,7 +374,9 @@ exit: mbedtls_pk_free(&key); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) mbedtls_printf(" + Press Enter to exit this program.\n"); diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index bf46799a07..02ff836aaf 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -726,7 +726,9 @@ exit: mbedtls_mpi_free(&serial); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) mbedtls_printf(" + Press Enter to exit this program.\n"); diff --git a/programs/x509/crl_app.c b/programs/x509/crl_app.c index f99d9ac685..e3e0577735 100644 --- a/programs/x509/crl_app.c +++ b/programs/x509/crl_app.c @@ -136,7 +136,9 @@ usage: exit: mbedtls_x509_crl_free(&crl); +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) mbedtls_printf(" + Press Enter to exit this program.\n"); diff --git a/programs/x509/load_roots.c b/programs/x509/load_roots.c index bca6e883ac..e28f35a79d 100644 --- a/programs/x509/load_roots.c +++ b/programs/x509/load_roots.c @@ -200,7 +200,9 @@ int main(int argc, char *argv[]) exit_code = MBEDTLS_EXIT_SUCCESS; exit: +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_exit(exit_code); } #endif /* necessary configuration */ diff --git a/programs/x509/req_app.c b/programs/x509/req_app.c index b1fc98ca76..b447c6aa1b 100644 --- a/programs/x509/req_app.c +++ b/programs/x509/req_app.c @@ -136,7 +136,9 @@ usage: exit: mbedtls_x509_csr_free(&csr); +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) mbedtls_printf(" + Press Enter to exit this program.\n");