From a8c560a799b27f87568f1f3b52fbab6a03f4f915 Mon Sep 17 00:00:00 2001 From: Przemek Stekiel Date: Wed, 19 Apr 2023 10:15:26 +0200 Subject: [PATCH] Free psa crypto at the end of programs when initialized Signed-off-by: Przemek Stekiel --- programs/ssl/dtls_client.c | 2 +- programs/ssl/dtls_server.c | 1 + programs/ssl/mini_client.c | 2 +- programs/ssl/ssl_client1.c | 2 +- programs/ssl/ssl_context_info.c | 2 ++ programs/ssl/ssl_fork_server.c | 2 +- programs/ssl/ssl_mail_client.c | 1 + programs/ssl/ssl_pthread_server.c | 4 +--- programs/ssl/ssl_server.c | 2 +- programs/x509/cert_app.c | 1 + programs/x509/cert_req.c | 1 + programs/x509/cert_write.c | 1 + programs/x509/crl_app.c | 1 + programs/x509/load_roots.c | 11 ++++++----- programs/x509/req_app.c | 1 + 15 files changed, 21 insertions(+), 13 deletions(-) diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c index 240e7ae54..030bc971e 100644 --- a/programs/ssl/dtls_client.c +++ b/programs/ssl/dtls_client.c @@ -334,12 +334,12 @@ exit: #endif mbedtls_net_free(&server_fd); - mbedtls_x509_crt_free(&cacert); mbedtls_ssl_free(&ssl); mbedtls_ssl_config_free(&conf); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); + mbedtls_psa_crypto_free(); /* Shell can not handle large exit numbers -> 1 for errors */ if (ret < 0) { diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c index a72eb1547..08f836813 100644 --- a/programs/ssl/dtls_server.c +++ b/programs/ssl/dtls_server.c @@ -404,6 +404,7 @@ exit: #endif mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); + mbedtls_psa_crypto_free(); /* Shell can not handle large exit numbers -> 1 for errors */ if (ret < 0) { diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c index 6454ede4f..91bc9e0f9 100644 --- a/programs/ssl/mini_client.c +++ b/programs/ssl/mini_client.c @@ -270,7 +270,6 @@ int main(void) exit: mbedtls_net_free(&server_fd); - mbedtls_ssl_free(&ssl); mbedtls_ssl_config_free(&conf); mbedtls_ctr_drbg_free(&ctr_drbg); @@ -278,6 +277,7 @@ exit: #if defined(MBEDTLS_X509_CRT_PARSE_C) mbedtls_x509_crt_free(&ca); #endif + mbedtls_psa_crypto_free(); mbedtls_exit(ret); } diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c index c7aaf49fe..b52ad2fc8 100644 --- a/programs/ssl/ssl_client1.c +++ b/programs/ssl/ssl_client1.c @@ -284,12 +284,12 @@ exit: #endif mbedtls_net_free(&server_fd); - mbedtls_x509_crt_free(&cacert); mbedtls_ssl_free(&ssl); mbedtls_ssl_config_free(&conf); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); + mbedtls_psa_crypto_free(); mbedtls_exit(exit_code); } diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c index 58ee91995..e2c4333ae 100644 --- a/programs/ssl/ssl_context_info.c +++ b/programs/ssl/ssl_context_info.c @@ -1011,6 +1011,8 @@ int main(int argc, char *argv[]) printf("Finished. No valid base64 code found\n"); } + mbedtls_psa_crypto_free(); + return 0; } diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c index 123091d25..d8cc85b2d 100644 --- a/programs/ssl/ssl_fork_server.c +++ b/programs/ssl/ssl_fork_server.c @@ -375,13 +375,13 @@ int main(void) exit: mbedtls_net_free(&client_fd); mbedtls_net_free(&listen_fd); - mbedtls_x509_crt_free(&srvcert); mbedtls_pk_free(&pkey); mbedtls_ssl_free(&ssl); mbedtls_ssl_config_free(&conf); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); + mbedtls_psa_crypto_free(); mbedtls_exit(exit_code); } diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index 5ac726f2f..ae5165c20 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -805,6 +805,7 @@ exit: mbedtls_ssl_config_free(&conf); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); + mbedtls_psa_crypto_free(); mbedtls_exit(exit_code); } diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c index 206d8f336..a4325fb5f 100644 --- a/programs/ssl/ssl_pthread_server.c +++ b/programs/ssl/ssl_pthread_server.c @@ -483,14 +483,12 @@ exit: mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); mbedtls_ssl_config_free(&conf); - mbedtls_net_free(&listen_fd); - mbedtls_mutex_free(&debug_mutex); - #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) mbedtls_memory_buffer_alloc_free(); #endif + mbedtls_psa_crypto_free(); mbedtls_exit(ret); } diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c index d70fdb1ee..e8ac67bea 100644 --- a/programs/ssl/ssl_server.c +++ b/programs/ssl/ssl_server.c @@ -353,7 +353,6 @@ exit: mbedtls_net_free(&client_fd); mbedtls_net_free(&listen_fd); - mbedtls_x509_crt_free(&srvcert); mbedtls_pk_free(&pkey); mbedtls_ssl_free(&ssl); @@ -363,6 +362,7 @@ exit: #endif mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); + mbedtls_psa_crypto_free(); mbedtls_exit(ret); } diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c index 13d96ea55..83a31ad35 100644 --- a/programs/x509/cert_app.c +++ b/programs/x509/cert_app.c @@ -457,6 +457,7 @@ exit: #endif mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); + mbedtls_psa_crypto_free(); mbedtls_exit(exit_code); } diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c index a3eafff31..1ca836241 100644 --- a/programs/x509/cert_req.c +++ b/programs/x509/cert_req.c @@ -469,6 +469,7 @@ exit: mbedtls_pk_free(&key); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); + mbedtls_psa_crypto_free(); cur = opt.san_list; while (cur != NULL) { diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index 7b47e5485..e3bd69ae6 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -894,6 +894,7 @@ exit: mbedtls_pk_free(&loaded_issuer_key); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); + mbedtls_psa_crypto_free(); mbedtls_exit(exit_code); } diff --git a/programs/x509/crl_app.c b/programs/x509/crl_app.c index f45d0b891..aa2e711a9 100644 --- a/programs/x509/crl_app.c +++ b/programs/x509/crl_app.c @@ -134,6 +134,7 @@ usage: exit: mbedtls_x509_crl_free(&crl); + mbedtls_psa_crypto_free(); mbedtls_exit(exit_code); } diff --git a/programs/x509/load_roots.c b/programs/x509/load_roots.c index 858a38246..43ca0be16 100644 --- a/programs/x509/load_roots.c +++ b/programs/x509/load_roots.c @@ -123,11 +123,6 @@ int main(int argc, char *argv[]) struct mbedtls_timing_hr_time timer; unsigned long ms; - if (argc <= 1) { - mbedtls_printf(USAGE); - goto exit; - } - #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_status_t status = psa_crypto_init(); if (status != PSA_SUCCESS) { @@ -137,6 +132,11 @@ int main(int argc, char *argv[]) } #endif /* MBEDTLS_USE_PSA_CRYPTO */ + if (argc <= 1) { + mbedtls_printf(USAGE); + goto exit; + } + opt.filenames = NULL; opt.iterations = DFL_ITERATIONS; opt.prime_cache = DFL_PRIME_CACHE; @@ -196,6 +196,7 @@ int main(int argc, char *argv[]) exit_code = MBEDTLS_EXIT_SUCCESS; exit: + mbedtls_psa_crypto_free(); mbedtls_exit(exit_code); } #endif /* necessary configuration */ diff --git a/programs/x509/req_app.c b/programs/x509/req_app.c index c63f896f1..f5fbc799d 100644 --- a/programs/x509/req_app.c +++ b/programs/x509/req_app.c @@ -134,6 +134,7 @@ usage: exit: mbedtls_x509_csr_free(&csr); + mbedtls_psa_crypto_free(); mbedtls_exit(exit_code); }