| From 800627f054959aac0dd3527495ee3fad0137600a Mon Sep 17 00:00:00 2001 |
| From: Jihwan Park <jihwp@amazon.com> |
| Date: Mon, 3 Jul 2023 08:51:47 +0200 |
| Subject: [PATCH] core: crypto_bignum_free(): add indirection and set pointer |
| to NULL |
| |
| To prevent human mistake, crypto_bignum_free() sets the location of the |
| bignum pointer to NULL after freeing it. |
| |
| Signed-off-by: Jihwan Park <jihwp@amazon.com> |
| Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> |
| Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> |
| Reviewed-by: Joakim Bech <joakim.bech@linaro.org> |
| Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com> |
| |
| CVE: CVE-2023-41325 |
| Upstream-Status: Backport |
| Signed-off-by: Ross Burton <ross.burton@arm.com> |
| --- |
| core/crypto/crypto.c | 4 +-- |
| core/drivers/crypto/caam/acipher/caam_dh.c | 8 ++--- |
| core/drivers/crypto/caam/acipher/caam_dsa.c | 14 ++++---- |
| core/drivers/crypto/caam/acipher/caam_ecc.c | 10 +++--- |
| core/drivers/crypto/caam/acipher/caam_rsa.c | 24 ++++++------- |
| core/drivers/crypto/se050/core/ecc.c | 14 ++++---- |
| core/drivers/crypto/se050/core/rsa.c | 38 ++++++++++----------- |
| core/drivers/crypto/versal/ecc.c | 6 ++-- |
| core/include/crypto/crypto.h | 2 +- |
| core/lib/libtomcrypt/dh.c | 8 ++--- |
| core/lib/libtomcrypt/dsa.c | 14 ++++---- |
| core/lib/libtomcrypt/ecc.c | 10 +++--- |
| core/lib/libtomcrypt/mpi_desc.c | 9 +++-- |
| core/lib/libtomcrypt/rsa.c | 22 ++++++------ |
| core/tee/tee_svc_cryp.c | 7 ++-- |
| lib/libmbedtls/core/bignum.c | 9 +++-- |
| lib/libmbedtls/core/dh.c | 8 ++--- |
| lib/libmbedtls/core/ecc.c | 10 +++--- |
| lib/libmbedtls/core/rsa.c | 22 ++++++------ |
| 19 files changed, 122 insertions(+), 117 deletions(-) |
| |
| diff --git a/core/crypto/crypto.c b/core/crypto/crypto.c |
| index 9f7d35097..60cb89a31 100644 |
| --- a/core/crypto/crypto.c |
| +++ b/core/crypto/crypto.c |
| @@ -498,9 +498,9 @@ void crypto_bignum_copy(struct bignum *to __unused, |
| bignum_cant_happen(); |
| } |
| |
| -void crypto_bignum_free(struct bignum *a) |
| +void crypto_bignum_free(struct bignum **a) |
| { |
| - if (a) |
| + if (a && *a) |
| panic(); |
| } |
| |
| diff --git a/core/drivers/crypto/caam/acipher/caam_dh.c b/core/drivers/crypto/caam/acipher/caam_dh.c |
| index 6131ff0ef..35fc44541 100644 |
| --- a/core/drivers/crypto/caam/acipher/caam_dh.c |
| +++ b/core/drivers/crypto/caam/acipher/caam_dh.c |
| @@ -195,10 +195,10 @@ static TEE_Result do_allocate_keypair(struct dh_keypair *key, size_t size_bits) |
| err: |
| DH_TRACE("Allocation error"); |
| |
| - crypto_bignum_free(key->g); |
| - crypto_bignum_free(key->p); |
| - crypto_bignum_free(key->x); |
| - crypto_bignum_free(key->y); |
| + crypto_bignum_free(&key->g); |
| + crypto_bignum_free(&key->p); |
| + crypto_bignum_free(&key->x); |
| + crypto_bignum_free(&key->y); |
| |
| return TEE_ERROR_OUT_OF_MEMORY; |
| } |
| diff --git a/core/drivers/crypto/caam/acipher/caam_dsa.c b/core/drivers/crypto/caam/acipher/caam_dsa.c |
| index 2696f0b3c..d60bb8e89 100644 |
| --- a/core/drivers/crypto/caam/acipher/caam_dsa.c |
| +++ b/core/drivers/crypto/caam/acipher/caam_dsa.c |
| @@ -309,10 +309,10 @@ static TEE_Result do_allocate_keypair(struct dsa_keypair *key, size_t l_bits, |
| err: |
| DSA_TRACE("Allocation error"); |
| |
| - crypto_bignum_free(key->g); |
| - crypto_bignum_free(key->p); |
| - crypto_bignum_free(key->q); |
| - crypto_bignum_free(key->x); |
| + crypto_bignum_free(&key->g); |
| + crypto_bignum_free(&key->p); |
| + crypto_bignum_free(&key->q); |
| + crypto_bignum_free(&key->x); |
| |
| return TEE_ERROR_OUT_OF_MEMORY; |
| } |
| @@ -358,9 +358,9 @@ static TEE_Result do_allocate_publickey(struct dsa_public_key *key, |
| err: |
| DSA_TRACE("Allocation error"); |
| |
| - crypto_bignum_free(key->g); |
| - crypto_bignum_free(key->p); |
| - crypto_bignum_free(key->q); |
| + crypto_bignum_free(&key->g); |
| + crypto_bignum_free(&key->p); |
| + crypto_bignum_free(&key->q); |
| |
| return TEE_ERROR_OUT_OF_MEMORY; |
| } |
| diff --git a/core/drivers/crypto/caam/acipher/caam_ecc.c b/core/drivers/crypto/caam/acipher/caam_ecc.c |
| index 90e87c20a..6b12b6cbe 100644 |
| --- a/core/drivers/crypto/caam/acipher/caam_ecc.c |
| +++ b/core/drivers/crypto/caam/acipher/caam_ecc.c |
| @@ -169,8 +169,8 @@ static TEE_Result do_allocate_keypair(struct ecc_keypair *key, size_t size_bits) |
| err: |
| ECC_TRACE("Allocation error"); |
| |
| - crypto_bignum_free(key->d); |
| - crypto_bignum_free(key->x); |
| + crypto_bignum_free(&key->d); |
| + crypto_bignum_free(&key->x); |
| |
| return TEE_ERROR_OUT_OF_MEMORY; |
| } |
| @@ -204,7 +204,7 @@ static TEE_Result do_allocate_publickey(struct ecc_public_key *key, |
| err: |
| ECC_TRACE("Allocation error"); |
| |
| - crypto_bignum_free(key->x); |
| + crypto_bignum_free(&key->x); |
| |
| return TEE_ERROR_OUT_OF_MEMORY; |
| } |
| @@ -216,8 +216,8 @@ err: |
| */ |
| static void do_free_publickey(struct ecc_public_key *key) |
| { |
| - crypto_bignum_free(key->x); |
| - crypto_bignum_free(key->y); |
| + crypto_bignum_free(&key->x); |
| + crypto_bignum_free(&key->y); |
| } |
| |
| /* |
| diff --git a/core/drivers/crypto/caam/acipher/caam_rsa.c b/core/drivers/crypto/caam/acipher/caam_rsa.c |
| index e860c641c..b59ab0b6e 100644 |
| --- a/core/drivers/crypto/caam/acipher/caam_rsa.c |
| +++ b/core/drivers/crypto/caam/acipher/caam_rsa.c |
| @@ -86,14 +86,14 @@ static uint8_t caam_era; |
| */ |
| static void do_free_keypair(struct rsa_keypair *key) |
| { |
| - crypto_bignum_free(key->e); |
| - crypto_bignum_free(key->d); |
| - crypto_bignum_free(key->n); |
| - crypto_bignum_free(key->p); |
| - crypto_bignum_free(key->q); |
| - crypto_bignum_free(key->qp); |
| - crypto_bignum_free(key->dp); |
| - crypto_bignum_free(key->dq); |
| + crypto_bignum_free(&key->e); |
| + crypto_bignum_free(&key->d); |
| + crypto_bignum_free(&key->n); |
| + crypto_bignum_free(&key->p); |
| + crypto_bignum_free(&key->q); |
| + crypto_bignum_free(&key->qp); |
| + crypto_bignum_free(&key->dp); |
| + crypto_bignum_free(&key->dq); |
| } |
| |
| /* |
| @@ -435,8 +435,8 @@ static TEE_Result do_allocate_publickey(struct rsa_public_key *key, |
| err_alloc_publickey: |
| RSA_TRACE("Allocation error"); |
| |
| - crypto_bignum_free(key->e); |
| - crypto_bignum_free(key->n); |
| + crypto_bignum_free(&key->e); |
| + crypto_bignum_free(&key->n); |
| |
| return TEE_ERROR_OUT_OF_MEMORY; |
| } |
| @@ -448,8 +448,8 @@ err_alloc_publickey: |
| */ |
| static void do_free_publickey(struct rsa_public_key *key) |
| { |
| - crypto_bignum_free(key->e); |
| - crypto_bignum_free(key->n); |
| + crypto_bignum_free(&key->e); |
| + crypto_bignum_free(&key->n); |
| } |
| |
| /* |
| diff --git a/core/drivers/crypto/se050/core/ecc.c b/core/drivers/crypto/se050/core/ecc.c |
| index d74334760..52f82c69d 100644 |
| --- a/core/drivers/crypto/se050/core/ecc.c |
| +++ b/core/drivers/crypto/se050/core/ecc.c |
| @@ -752,9 +752,9 @@ static TEE_Result do_alloc_keypair(struct ecc_keypair *s, |
| goto err; |
| return TEE_SUCCESS; |
| err: |
| - crypto_bignum_free(s->d); |
| - crypto_bignum_free(s->x); |
| - crypto_bignum_free(s->y); |
| + crypto_bignum_free(&s->d); |
| + crypto_bignum_free(&s->x); |
| + crypto_bignum_free(&s->y); |
| return TEE_ERROR_OUT_OF_MEMORY; |
| } |
| |
| @@ -768,8 +768,8 @@ static TEE_Result do_alloc_publickey(struct ecc_public_key *s, |
| goto err; |
| return TEE_SUCCESS; |
| err: |
| - crypto_bignum_free(s->x); |
| - crypto_bignum_free(s->y); |
| + crypto_bignum_free(&s->x); |
| + crypto_bignum_free(&s->y); |
| return TEE_ERROR_OUT_OF_MEMORY; |
| } |
| |
| @@ -778,8 +778,8 @@ static void do_free_publickey(struct ecc_public_key *s) |
| if (!s) |
| return; |
| |
| - crypto_bignum_free(s->x); |
| - crypto_bignum_free(s->y); |
| + crypto_bignum_free(&s->x); |
| + crypto_bignum_free(&s->y); |
| } |
| |
| static struct drvcrypt_ecc driver_ecc = { |
| diff --git a/core/drivers/crypto/se050/core/rsa.c b/core/drivers/crypto/se050/core/rsa.c |
| index 815abb3cd..475d2b99a 100644 |
| --- a/core/drivers/crypto/se050/core/rsa.c |
| +++ b/core/drivers/crypto/se050/core/rsa.c |
| @@ -537,14 +537,14 @@ static TEE_Result do_alloc_keypair(struct rsa_keypair *s, |
| |
| return TEE_SUCCESS; |
| err: |
| - crypto_bignum_free(s->e); |
| - crypto_bignum_free(s->d); |
| - crypto_bignum_free(s->n); |
| - crypto_bignum_free(s->p); |
| - crypto_bignum_free(s->q); |
| - crypto_bignum_free(s->qp); |
| - crypto_bignum_free(s->dp); |
| - crypto_bignum_free(s->dq); |
| + crypto_bignum_free(&s->e); |
| + crypto_bignum_free(&s->d); |
| + crypto_bignum_free(&s->n); |
| + crypto_bignum_free(&s->p); |
| + crypto_bignum_free(&s->q); |
| + crypto_bignum_free(&s->qp); |
| + crypto_bignum_free(&s->dp); |
| + crypto_bignum_free(&s->dq); |
| |
| return TEE_ERROR_OUT_OF_MEMORY; |
| } |
| @@ -556,7 +556,7 @@ static TEE_Result do_alloc_publickey(struct rsa_public_key *s, |
| if (!bn_alloc_max(&s->e)) |
| return TEE_ERROR_OUT_OF_MEMORY; |
| if (!bn_alloc_max(&s->n)) { |
| - crypto_bignum_free(s->e); |
| + crypto_bignum_free(&s->e); |
| return TEE_ERROR_OUT_OF_MEMORY; |
| } |
| |
| @@ -566,8 +566,8 @@ static TEE_Result do_alloc_publickey(struct rsa_public_key *s, |
| static void do_free_publickey(struct rsa_public_key *s) |
| { |
| if (s) { |
| - crypto_bignum_free(s->n); |
| - crypto_bignum_free(s->e); |
| + crypto_bignum_free(&s->n); |
| + crypto_bignum_free(&s->e); |
| } |
| } |
| |
| @@ -587,14 +587,14 @@ static void do_free_keypair(struct rsa_keypair *s) |
| sss_se05x_key_store_erase_key(se050_kstore, &k_object); |
| } |
| |
| - crypto_bignum_free(s->e); |
| - crypto_bignum_free(s->d); |
| - crypto_bignum_free(s->n); |
| - crypto_bignum_free(s->p); |
| - crypto_bignum_free(s->q); |
| - crypto_bignum_free(s->qp); |
| - crypto_bignum_free(s->dp); |
| - crypto_bignum_free(s->dq); |
| + crypto_bignum_free(&s->e); |
| + crypto_bignum_free(&s->d); |
| + crypto_bignum_free(&s->n); |
| + crypto_bignum_free(&s->p); |
| + crypto_bignum_free(&s->q); |
| + crypto_bignum_free(&s->qp); |
| + crypto_bignum_free(&s->dp); |
| + crypto_bignum_free(&s->dq); |
| } |
| |
| static TEE_Result do_gen_keypair(struct rsa_keypair *key, size_t kb) |
| diff --git a/core/drivers/crypto/versal/ecc.c b/core/drivers/crypto/versal/ecc.c |
| index 3d5454509..18ec4f78d 100644 |
| --- a/core/drivers/crypto/versal/ecc.c |
| +++ b/core/drivers/crypto/versal/ecc.c |
| @@ -284,9 +284,9 @@ static TEE_Result sign(uint32_t algo, struct ecc_keypair *key, |
| |
| versal_mbox_alloc(bytes, NULL, &k); |
| crypto_bignum_bn2bin_eswap(key->curve, ephemeral.d, k.buf); |
| - crypto_bignum_free(ephemeral.d); |
| - crypto_bignum_free(ephemeral.x); |
| - crypto_bignum_free(ephemeral.y); |
| + crypto_bignum_free(&ephemeral.d); |
| + crypto_bignum_free(&ephemeral.x); |
| + crypto_bignum_free(&ephemeral.y); |
| |
| /* Private key*/ |
| versal_mbox_alloc(bytes, NULL, &d); |
| diff --git a/core/include/crypto/crypto.h b/core/include/crypto/crypto.h |
| index 71a287ec6..0e6c139ce 100644 |
| --- a/core/include/crypto/crypto.h |
| +++ b/core/include/crypto/crypto.h |
| @@ -98,7 +98,7 @@ size_t crypto_bignum_num_bytes(struct bignum *a); |
| size_t crypto_bignum_num_bits(struct bignum *a); |
| void crypto_bignum_bn2bin(const struct bignum *from, uint8_t *to); |
| void crypto_bignum_copy(struct bignum *to, const struct bignum *from); |
| -void crypto_bignum_free(struct bignum *a); |
| +void crypto_bignum_free(struct bignum **a); |
| void crypto_bignum_clear(struct bignum *a); |
| |
| /* return -1 if a<b, 0 if a==b, +1 if a>b */ |
| diff --git a/core/lib/libtomcrypt/dh.c b/core/lib/libtomcrypt/dh.c |
| index 4eb9916f2..b1d0a4d00 100644 |
| --- a/core/lib/libtomcrypt/dh.c |
| +++ b/core/lib/libtomcrypt/dh.c |
| @@ -28,10 +28,10 @@ TEE_Result crypto_acipher_alloc_dh_keypair(struct dh_keypair *s, |
| goto err; |
| return TEE_SUCCESS; |
| err: |
| - crypto_bignum_free(s->g); |
| - crypto_bignum_free(s->p); |
| - crypto_bignum_free(s->y); |
| - crypto_bignum_free(s->x); |
| + crypto_bignum_free(&s->g); |
| + crypto_bignum_free(&s->p); |
| + crypto_bignum_free(&s->y); |
| + crypto_bignum_free(&s->x); |
| return TEE_ERROR_OUT_OF_MEMORY; |
| } |
| |
| diff --git a/core/lib/libtomcrypt/dsa.c b/core/lib/libtomcrypt/dsa.c |
| index a2dc720ed..d6243c469 100644 |
| --- a/core/lib/libtomcrypt/dsa.c |
| +++ b/core/lib/libtomcrypt/dsa.c |
| @@ -30,10 +30,10 @@ TEE_Result crypto_acipher_alloc_dsa_keypair(struct dsa_keypair *s, |
| goto err; |
| return TEE_SUCCESS; |
| err: |
| - crypto_bignum_free(s->g); |
| - crypto_bignum_free(s->p); |
| - crypto_bignum_free(s->q); |
| - crypto_bignum_free(s->y); |
| + crypto_bignum_free(&s->g); |
| + crypto_bignum_free(&s->p); |
| + crypto_bignum_free(&s->q); |
| + crypto_bignum_free(&s->y); |
| return TEE_ERROR_OUT_OF_MEMORY; |
| } |
| |
| @@ -52,9 +52,9 @@ TEE_Result crypto_acipher_alloc_dsa_public_key(struct dsa_public_key *s, |
| goto err; |
| return TEE_SUCCESS; |
| err: |
| - crypto_bignum_free(s->g); |
| - crypto_bignum_free(s->p); |
| - crypto_bignum_free(s->q); |
| + crypto_bignum_free(&s->g); |
| + crypto_bignum_free(&s->p); |
| + crypto_bignum_free(&s->q); |
| return TEE_ERROR_OUT_OF_MEMORY; |
| } |
| |
| diff --git a/core/lib/libtomcrypt/ecc.c b/core/lib/libtomcrypt/ecc.c |
| index 938378247..fa645e17a 100644 |
| --- a/core/lib/libtomcrypt/ecc.c |
| +++ b/core/lib/libtomcrypt/ecc.c |
| @@ -18,8 +18,8 @@ static void _ltc_ecc_free_public_key(struct ecc_public_key *s) |
| if (!s) |
| return; |
| |
| - crypto_bignum_free(s->x); |
| - crypto_bignum_free(s->y); |
| + crypto_bignum_free(&s->x); |
| + crypto_bignum_free(&s->y); |
| } |
| |
| /* |
| @@ -465,8 +465,8 @@ TEE_Result crypto_asym_alloc_ecc_keypair(struct ecc_keypair *s, |
| err: |
| s->ops = NULL; |
| |
| - crypto_bignum_free(s->d); |
| - crypto_bignum_free(s->x); |
| + crypto_bignum_free(&s->d); |
| + crypto_bignum_free(&s->x); |
| |
| return TEE_ERROR_OUT_OF_MEMORY; |
| } |
| @@ -541,7 +541,7 @@ TEE_Result crypto_asym_alloc_ecc_public_key(struct ecc_public_key *s, |
| err: |
| s->ops = NULL; |
| |
| - crypto_bignum_free(s->x); |
| + crypto_bignum_free(&s->x); |
| |
| return TEE_ERROR_OUT_OF_MEMORY; |
| } |
| diff --git a/core/lib/libtomcrypt/mpi_desc.c b/core/lib/libtomcrypt/mpi_desc.c |
| index 235fbe630..ff8dd13c7 100644 |
| --- a/core/lib/libtomcrypt/mpi_desc.c |
| +++ b/core/lib/libtomcrypt/mpi_desc.c |
| @@ -763,10 +763,13 @@ struct bignum *crypto_bignum_allocate(size_t size_bits) |
| return (struct bignum *)bn; |
| } |
| |
| -void crypto_bignum_free(struct bignum *s) |
| +void crypto_bignum_free(struct bignum **s) |
| { |
| - mbedtls_mpi_free((mbedtls_mpi *)s); |
| - free(s); |
| + assert(s); |
| + |
| + mbedtls_mpi_free((mbedtls_mpi *)*s); |
| + free(*s); |
| + *s = NULL; |
| } |
| |
| void crypto_bignum_clear(struct bignum *s) |
| diff --git a/core/lib/libtomcrypt/rsa.c b/core/lib/libtomcrypt/rsa.c |
| index 8d0443f36..13ed23934 100644 |
| --- a/core/lib/libtomcrypt/rsa.c |
| +++ b/core/lib/libtomcrypt/rsa.c |
| @@ -131,7 +131,7 @@ TEE_Result sw_crypto_acipher_alloc_rsa_public_key(struct rsa_public_key *s, |
| goto err; |
| return TEE_SUCCESS; |
| err: |
| - crypto_bignum_free(s->e); |
| + crypto_bignum_free(&s->e); |
| return TEE_ERROR_OUT_OF_MEMORY; |
| } |
| |
| @@ -143,8 +143,8 @@ void sw_crypto_acipher_free_rsa_public_key(struct rsa_public_key *s) |
| { |
| if (!s) |
| return; |
| - crypto_bignum_free(s->n); |
| - crypto_bignum_free(s->e); |
| + crypto_bignum_free(&s->n); |
| + crypto_bignum_free(&s->e); |
| } |
| |
| |
| @@ -155,14 +155,14 @@ void sw_crypto_acipher_free_rsa_keypair(struct rsa_keypair *s) |
| { |
| if (!s) |
| return; |
| - crypto_bignum_free(s->e); |
| - crypto_bignum_free(s->d); |
| - crypto_bignum_free(s->n); |
| - crypto_bignum_free(s->p); |
| - crypto_bignum_free(s->q); |
| - crypto_bignum_free(s->qp); |
| - crypto_bignum_free(s->dp); |
| - crypto_bignum_free(s->dq); |
| + crypto_bignum_free(&s->e); |
| + crypto_bignum_free(&s->d); |
| + crypto_bignum_free(&s->n); |
| + crypto_bignum_free(&s->p); |
| + crypto_bignum_free(&s->q); |
| + crypto_bignum_free(&s->qp); |
| + crypto_bignum_free(&s->dp); |
| + crypto_bignum_free(&s->dq); |
| } |
| |
| TEE_Result crypto_acipher_gen_rsa_key(struct rsa_keypair *key, |
| diff --git a/core/tee/tee_svc_cryp.c b/core/tee/tee_svc_cryp.c |
| index 534e5ac39..880809753 100644 |
| --- a/core/tee/tee_svc_cryp.c |
| +++ b/core/tee/tee_svc_cryp.c |
| @@ -869,8 +869,7 @@ static void op_attr_bignum_free(void *attr) |
| { |
| struct bignum **bn = attr; |
| |
| - crypto_bignum_free(*bn); |
| - *bn = NULL; |
| + crypto_bignum_free(bn); |
| } |
| |
| static TEE_Result op_attr_value_from_user(void *attr, const void *buffer, |
| @@ -3445,8 +3444,8 @@ TEE_Result syscall_cryp_derive_key(unsigned long state, |
| } else { |
| res = TEE_ERROR_OUT_OF_MEMORY; |
| } |
| - crypto_bignum_free(pub); |
| - crypto_bignum_free(ss); |
| + crypto_bignum_free(&pub); |
| + crypto_bignum_free(&ss); |
| } else if (TEE_ALG_GET_MAIN_ALG(cs->algo) == TEE_MAIN_ALGO_ECDH) { |
| struct ecc_public_key key_public; |
| uint8_t *pt_secret; |
| diff --git a/lib/libmbedtls/core/bignum.c b/lib/libmbedtls/core/bignum.c |
| index 61f6c5c60..dea30f61a 100644 |
| --- a/lib/libmbedtls/core/bignum.c |
| +++ b/lib/libmbedtls/core/bignum.c |
| @@ -87,10 +87,13 @@ struct bignum *crypto_bignum_allocate(size_t size_bits) |
| return (struct bignum *)bn; |
| } |
| |
| -void crypto_bignum_free(struct bignum *s) |
| +void crypto_bignum_free(struct bignum **s) |
| { |
| - mbedtls_mpi_free((mbedtls_mpi *)s); |
| - free(s); |
| + assert(s); |
| + |
| + mbedtls_mpi_free((mbedtls_mpi *)*s); |
| + free(*s); |
| + *s = NULL; |
| } |
| |
| void crypto_bignum_clear(struct bignum *s) |
| diff --git a/lib/libmbedtls/core/dh.c b/lib/libmbedtls/core/dh.c |
| index b3415aaa7..e95aa1495 100644 |
| --- a/lib/libmbedtls/core/dh.c |
| +++ b/lib/libmbedtls/core/dh.c |
| @@ -35,10 +35,10 @@ TEE_Result crypto_acipher_alloc_dh_keypair(struct dh_keypair *s, |
| goto err; |
| return TEE_SUCCESS; |
| err: |
| - crypto_bignum_free(s->g); |
| - crypto_bignum_free(s->p); |
| - crypto_bignum_free(s->y); |
| - crypto_bignum_free(s->x); |
| + crypto_bignum_free(&s->g); |
| + crypto_bignum_free(&s->p); |
| + crypto_bignum_free(&s->y); |
| + crypto_bignum_free(&s->x); |
| return TEE_ERROR_OUT_OF_MEMORY; |
| } |
| |
| diff --git a/lib/libmbedtls/core/ecc.c b/lib/libmbedtls/core/ecc.c |
| index fd4a51b9d..46cd9fd1c 100644 |
| --- a/lib/libmbedtls/core/ecc.c |
| +++ b/lib/libmbedtls/core/ecc.c |
| @@ -40,8 +40,8 @@ static void ecc_free_public_key(struct ecc_public_key *s) |
| if (!s) |
| return; |
| |
| - crypto_bignum_free(s->x); |
| - crypto_bignum_free(s->y); |
| + crypto_bignum_free(&s->x); |
| + crypto_bignum_free(&s->y); |
| } |
| |
| /* |
| @@ -484,8 +484,8 @@ TEE_Result crypto_asym_alloc_ecc_keypair(struct ecc_keypair *s, |
| return TEE_SUCCESS; |
| |
| err: |
| - crypto_bignum_free(s->d); |
| - crypto_bignum_free(s->x); |
| + crypto_bignum_free(&s->d); |
| + crypto_bignum_free(&s->x); |
| |
| return TEE_ERROR_OUT_OF_MEMORY; |
| } |
| @@ -581,7 +581,7 @@ TEE_Result crypto_asym_alloc_ecc_public_key(struct ecc_public_key *s, |
| return TEE_SUCCESS; |
| |
| err: |
| - crypto_bignum_free(s->x); |
| + crypto_bignum_free(&s->x); |
| |
| return TEE_ERROR_OUT_OF_MEMORY; |
| } |
| diff --git a/lib/libmbedtls/core/rsa.c b/lib/libmbedtls/core/rsa.c |
| index c3b5be509..a8aeb2c04 100644 |
| --- a/lib/libmbedtls/core/rsa.c |
| +++ b/lib/libmbedtls/core/rsa.c |
| @@ -183,7 +183,7 @@ TEE_Result sw_crypto_acipher_alloc_rsa_public_key(struct rsa_public_key *s, |
| goto err; |
| return TEE_SUCCESS; |
| err: |
| - crypto_bignum_free(s->e); |
| + crypto_bignum_free(&s->e); |
| return TEE_ERROR_OUT_OF_MEMORY; |
| } |
| |
| @@ -194,8 +194,8 @@ void sw_crypto_acipher_free_rsa_public_key(struct rsa_public_key *s) |
| { |
| if (!s) |
| return; |
| - crypto_bignum_free(s->n); |
| - crypto_bignum_free(s->e); |
| + crypto_bignum_free(&s->n); |
| + crypto_bignum_free(&s->e); |
| } |
| |
| void crypto_acipher_free_rsa_keypair(struct rsa_keypair *s) |
| @@ -205,14 +205,14 @@ void sw_crypto_acipher_free_rsa_keypair(struct rsa_keypair *s) |
| { |
| if (!s) |
| return; |
| - crypto_bignum_free(s->e); |
| - crypto_bignum_free(s->d); |
| - crypto_bignum_free(s->n); |
| - crypto_bignum_free(s->p); |
| - crypto_bignum_free(s->q); |
| - crypto_bignum_free(s->qp); |
| - crypto_bignum_free(s->dp); |
| - crypto_bignum_free(s->dq); |
| + crypto_bignum_free(&s->e); |
| + crypto_bignum_free(&s->d); |
| + crypto_bignum_free(&s->n); |
| + crypto_bignum_free(&s->p); |
| + crypto_bignum_free(&s->q); |
| + crypto_bignum_free(&s->qp); |
| + crypto_bignum_free(&s->dp); |
| + crypto_bignum_free(&s->dq); |
| } |
| |
| TEE_Result crypto_acipher_gen_rsa_key(struct rsa_keypair *key, |
| -- |
| 2.34.1 |
| |