Shared code to free x509 structs
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
diff --git a/library/x509_crt.c b/library/x509_crt.c
index c4f97bb..81186fa 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -685,16 +685,7 @@
*/
if( ret != 0 && ret != MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE )
{
- mbedtls_x509_sequence *seq_cur = subject_alt_name->next;
- mbedtls_x509_sequence *seq_prv;
- while( seq_cur != NULL )
- {
- seq_prv = seq_cur;
- seq_cur = seq_cur->next;
- mbedtls_platform_zeroize( seq_prv,
- sizeof( mbedtls_x509_sequence ) );
- mbedtls_free( seq_prv );
- }
+ mbedtls_asn1_sequence_free( subject_alt_name->next );
subject_alt_name->next = NULL;
return( ret );
}
@@ -3300,15 +3291,8 @@
{
mbedtls_x509_crt *cert_cur = crt;
mbedtls_x509_crt *cert_prv;
- mbedtls_x509_name *name_cur;
- mbedtls_x509_name *name_prv;
- mbedtls_x509_sequence *seq_cur;
- mbedtls_x509_sequence *seq_prv;
- if( crt == NULL )
- return;
-
- do
+ while( cert_cur != NULL )
{
mbedtls_pk_free( &cert_cur->pk );
@@ -3316,53 +3300,11 @@
mbedtls_free( cert_cur->sig_opts );
#endif
- name_cur = cert_cur->issuer.next;
- while( name_cur != NULL )
- {
- name_prv = name_cur;
- name_cur = name_cur->next;
- mbedtls_platform_zeroize( name_prv, sizeof( mbedtls_x509_name ) );
- mbedtls_free( name_prv );
- }
-
- name_cur = cert_cur->subject.next;
- while( name_cur != NULL )
- {
- name_prv = name_cur;
- name_cur = name_cur->next;
- mbedtls_platform_zeroize( name_prv, sizeof( mbedtls_x509_name ) );
- mbedtls_free( name_prv );
- }
-
- seq_cur = cert_cur->ext_key_usage.next;
- while( seq_cur != NULL )
- {
- seq_prv = seq_cur;
- seq_cur = seq_cur->next;
- mbedtls_platform_zeroize( seq_prv,
- sizeof( mbedtls_x509_sequence ) );
- mbedtls_free( seq_prv );
- }
-
- seq_cur = cert_cur->subject_alt_names.next;
- while( seq_cur != NULL )
- {
- seq_prv = seq_cur;
- seq_cur = seq_cur->next;
- mbedtls_platform_zeroize( seq_prv,
- sizeof( mbedtls_x509_sequence ) );
- mbedtls_free( seq_prv );
- }
-
- seq_cur = cert_cur->certificate_policies.next;
- while( seq_cur != NULL )
- {
- seq_prv = seq_cur;
- seq_cur = seq_cur->next;
- mbedtls_platform_zeroize( seq_prv,
- sizeof( mbedtls_x509_sequence ) );
- mbedtls_free( seq_prv );
- }
+ mbedtls_asn1_free_named_data_list_shallow( cert_cur->issuer.next );
+ mbedtls_asn1_free_named_data_list_shallow( cert_cur->subject.next );
+ mbedtls_asn1_sequence_free( cert_cur->ext_key_usage.next );
+ mbedtls_asn1_sequence_free( cert_cur->subject_alt_names.next );
+ mbedtls_asn1_sequence_free( cert_cur->certificate_policies.next );
if( cert_cur->raw.p != NULL && cert_cur->own_buffer )
{
@@ -3370,13 +3312,6 @@
mbedtls_free( cert_cur->raw.p );
}
- cert_cur = cert_cur->next;
- }
- while( cert_cur != NULL );
-
- cert_cur = crt;
- do
- {
cert_prv = cert_cur;
cert_cur = cert_cur->next;
@@ -3384,7 +3319,6 @@
if( cert_prv != crt )
mbedtls_free( cert_prv );
}
- while( cert_cur != NULL );
}
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)