From 37e58c70fb213c73d2572b1846dbeb87133b79d4 Mon Sep 17 00:00:00 2001 From: Wenxing Hou Date: Thu, 10 Nov 2022 11:52:38 +0800 Subject: [PATCH] Fix memory leak for set raw data key Signed-off-by: Wenxing Hou --- os_stub/cryptlib_mbedtls/pk/rsa_basic.c | 2 ++ os_stub/spdm_device_secret_lib_sample/lib.c | 12 +++++++++++- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/os_stub/cryptlib_mbedtls/pk/rsa_basic.c b/os_stub/cryptlib_mbedtls/pk/rsa_basic.c index bc3e54231e7..50525ea858c 100644 --- a/os_stub/cryptlib_mbedtls/pk/rsa_basic.c +++ b/os_stub/cryptlib_mbedtls/pk/rsa_basic.c @@ -97,6 +97,7 @@ bool libspdm_rsa_set_key(void *rsa_context, const libspdm_rsa_key_tag_t key_tag, if (big_number) { ret = mbedtls_mpi_read_binary(&value, big_number, bn_size); if (ret != 0) { + mbedtls_mpi_free(&value); return false; } } @@ -130,6 +131,7 @@ bool libspdm_rsa_set_key(void *rsa_context, const libspdm_rsa_key_tag_t key_tag, break; } + mbedtls_mpi_free(&value); return ret == 0; } #endif /* (LIBSPDM_RSA_SSA_SUPPORT) || (LIBSPDM_RSA_PSS_SUPPORT) */ diff --git a/os_stub/spdm_device_secret_lib_sample/lib.c b/os_stub/spdm_device_secret_lib_sample/lib.c index e25fe562f07..087462db1b7 100644 --- a/os_stub/spdm_device_secret_lib_sample/lib.c +++ b/os_stub/spdm_device_secret_lib_sample/lib.c @@ -29,7 +29,7 @@ #include "spdm_device_secret_lib_internal.h" #ifndef LIBSPDM_PRIVATE_KEY_USE_PEM -#define LIBSPDM_PRIVATE_KEY_USE_PEM 0 +#define LIBSPDM_PRIVATE_KEY_USE_PEM 1 #endif #if !LIBSPDM_PRIVATE_KEY_USE_PEM @@ -538,6 +538,7 @@ bool libspdm_get_responder_private_key_from_raw_data(uint32_t base_asym_algo, vo #endif /*LIBSPDM_ECDSA_SUPPORT*/ switch (base_asym_algo) { +#if (LIBSPDM_RSA_SSA_SUPPORT) || (LIBSPDM_RSA_PSS_SUPPORT) case SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048: case SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSAPSS_2048: rsa_n = m_libspdm_rsa2048_res_n; @@ -565,6 +566,9 @@ bool libspdm_get_responder_private_key_from_raw_data(uint32_t base_asym_algo, vo rsa_e_size = sizeof(m_libspdm_rsa4096_res_e); rsa_d_size = sizeof(m_libspdm_rsa4096_res_d); break; +#endif /* (LIBSPDM_RSA_SSA_SUPPORT) || (LIBSPDM_RSA_PSS_SUPPORT) */ + +#if LIBSPDM_ECDSA_SUPPORT case SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P256: ec_nid = LIBSPDM_CRYPTO_NID_ECDSA_NIST_P256; ec_public = m_libspdm_ec256_responder_public_key; @@ -586,6 +590,7 @@ bool libspdm_get_responder_private_key_from_raw_data(uint32_t base_asym_algo, vo ec_public_size = sizeof(m_libspdm_ec521_responder_public_key); ec_private_size = sizeof(m_libspdm_ec521_responder_private_key); break; +#endif /*LIBSPDM_ECDSA_SUPPORT*/ default: LIBSPDM_ASSERT(false); return false; @@ -677,6 +682,7 @@ bool libspdm_get_requester_private_key_from_raw_data(uint32_t base_asym_algo, vo #endif /*LIBSPDM_ECDSA_SUPPORT*/ switch (base_asym_algo) { +#if (LIBSPDM_RSA_SSA_SUPPORT) || (LIBSPDM_RSA_PSS_SUPPORT) case SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048: case SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSAPSS_2048: rsa_n = m_libspdm_rsa2048_req_n; @@ -704,6 +710,9 @@ bool libspdm_get_requester_private_key_from_raw_data(uint32_t base_asym_algo, vo rsa_e_size = sizeof(m_libspdm_rsa4096_req_e); rsa_d_size = sizeof(m_libspdm_rsa4096_req_d); break; +#endif /* (LIBSPDM_RSA_SSA_SUPPORT) || (LIBSPDM_RSA_PSS_SUPPORT) */ + +#if LIBSPDM_ECDSA_SUPPORT case SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P256: ec_nid = LIBSPDM_CRYPTO_NID_ECDSA_NIST_P256; ec_public = m_libspdm_ec256_requester_public_key; @@ -725,6 +734,7 @@ bool libspdm_get_requester_private_key_from_raw_data(uint32_t base_asym_algo, vo ec_public_size = sizeof(m_libspdm_ec521_requester_public_key); ec_private_size = sizeof(m_libspdm_ec521_requester_private_key); break; +#endif /*LIBSPDM_ECDSA_SUPPORT*/ default: LIBSPDM_ASSERT(false); return false;