Fix memory leak in transport_mbedtls_pkcs11.c

FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/pkcs11_operations.c

@@ -263,7 +263,7 @@ bool xGenerateKeyAndCsr( CK_SESSION_HANDLE xP11Session,
 
         mbedtls_x509write_csr_free( &xReq );
 
-        lPKCS11PkMbedtlsCloseSessionAndFree( &xPrivKey );
+        mbedtls_pk_free( &xPrivKey );
     }
 
     *pxOutCsrLength = strlen( pcCsrBuffer );

FreeRTOS-Plus/Source/Application-Protocols/network_transport/mbedtls_pk_pkcs11.c

@@ -387,56 +387,6 @@ CK_RV xPKCS11_initMbedtlsPkContext( mbedtls_pk_context * pxMbedtlsPkCtx,
 
 /*-----------------------------------------------------------*/
 
-int lPKCS11PkMbedtlsCloseSessionAndFree( mbedtls_pk_context * pxMbedtlsPkCtx )
-{
-    CK_RV xResult = CKR_OK;
-    P11PkCtx_t * pxP11Ctx = NULL;
-    CK_FUNCTION_LIST_PTR pxFunctionList = NULL;
-
-    configASSERT( pxMbedtlsPkCtx );
-
-    if( pxMbedtlsPkCtx )
-    {
-        if( pxMbedtlsPkCtx->pk_info->type == MBEDTLS_PK_ECKEY )
-        {
-            pxP11Ctx = &( ( ( P11EcDsaCtx_t * ) ( pxMbedtlsPkCtx->pk_ctx ) )->xP11PkCtx );
-        }
-        else if( pxMbedtlsPkCtx->pk_info->type == MBEDTLS_PK_RSA )
-        {
-            pxP11Ctx = &( ( ( P11RsaCtx_t * ) ( pxMbedtlsPkCtx->pk_ctx ) )->xP11PkCtx );
-        }
-        else
-        {
-            pxP11Ctx = NULL;
-            xResult = CKR_FUNCTION_FAILED;
-        }
-    }
-    else
-    {
-        xResult = CKR_FUNCTION_FAILED;
-    }
-
-    if( xResult == CKR_OK )
-    {
-        xResult = C_GetFunctionList( &pxFunctionList );
-    }
-
-    if( xResult == CKR_OK )
-    {
-        configASSERT( pxFunctionList );
-        xResult = pxFunctionList->C_CloseSession( pxP11Ctx->xSessionHandle );
-    }
-
-    if( xResult == CKR_OK )
-    {
-        pxP11Ctx->xSessionHandle = CK_INVALID_HANDLE;
-    }
-
-    return( xResult == CKR_OK ? 0 : -1 );
-}
-
-/*-----------------------------------------------------------*/
-
 int lPKCS11RandomCallback( void * pvCtx,
                            unsigned char * pucOutput,
                            size_t uxLen )

FreeRTOS-Plus/Source/Application-Protocols/network_transport/mbedtls_pk_pkcs11.h

@@ -46,15 +46,6 @@ CK_RV xPKCS11_initMbedtlsPkContext( mbedtls_pk_context * pxMbedtlsPkCtx,
                                     CK_SESSION_HANDLE xSessionHandle,
                                     CK_OBJECT_HANDLE xPkHandle );
 
-/**
- * @brief Close the PKCS11 session and free the relevant pk context.
- *
- * @param pxMbedtlsPkCtx Pointer to the mbedtls_pk_context to free
- * @return 0 on success
- * @return A negative number on failure
- */
-int lPKCS11PkMbedtlsCloseSessionAndFree( mbedtls_pk_context * pxMbedtlsPkCtx );
-
 /**
  * @brief Callback to generate random data with the PKCS11 module.
  *
@@ -68,6 +59,4 @@ int lPKCS11RandomCallback( void * pvCtx,
                            unsigned char * pucOutput,
                            size_t uxLen );
 
-
-
 #endif /* MBEDTLS_PK_PKCS11_H */

FreeRTOS-Plus/Source/Application-Protocols/network_transport/transport_mbedtls_pkcs11.c

@@ -179,13 +179,6 @@ static CK_RV readCertificateIntoContext( SSLContext_t * pSslContext,
 static CK_RV initializeClientKeys( SSLContext_t * pxCtx,
                                    const char * pcLabelName );
 
-/**
- * @brief Stub function to satisfy mbedtls checks before sign operations
- *
- * @return 1.
- */
-int canDoStub( mbedtls_pk_type_t type );
-
 /**
  * @brief Sign a cryptographic hash with the private key.
  *
@@ -237,8 +230,7 @@ static void sslContextFree( SSLContext_t * pSslContext )
     mbedtls_x509_crt_free( &( pSslContext->clientCert ) );
     mbedtls_ssl_config_free( &( pSslContext->config ) );
 
-
+    mbedtls_pk_free( &( pSslContext->privKey ) );
-    ( void ) lPKCS11PkMbedtlsCloseSessionAndFree( &( pSslContext->privKey ) );
 
     pSslContext->pxP11FunctionList->C_CloseSession( pSslContext->xP11Session );
 }