bootutil: Fix memory leak in HKDF implementation The bootutil_hmac_sha256_set_key routine performs some dynamic memory allocations when mbedTLS is used. To properly free the allocated memory, bootutil_hmac_sha256_drop must be called before reinitializing the HMAC context using bootutil_hmac_sha256_init. However, in the hkdf routine, the HMAC context was freed only once even though it was initialized multiple times. Signed-off-by: Thomas Altenbach <thomas.altenbach@legrand.com>

commit: 73315f7b51b148eed238c8fc51cea92a06fc082f [log] [tgz]
author: Thomas Altenbach <thomas.altenbach@legrand.com> Thu Apr 04 13:46:38 2024 +0200
committer: David Brown <davidb@davidb.org> Tue Apr 23 11:03:22 2024 -0600
tree: e5c5e420e0f078f2945eb7950218ede1c9932670
parent: 453096b17ddc3aac7bf6afb97c40591d5ea3aa9c [diff] [blame]
diff --git a/boot/bootutil/src/encrypted.c b/boot/bootutil/src/encrypted.c
index bc4d917..39e34db 100644
--- a/boot/bootutil/src/encrypted.c
+++ b/boot/bootutil/src/encrypted.c

@@ -276,6 +276,8 @@
         goto error;
     }
 
+    bootutil_hmac_sha256_drop(&hmac);
+
     /*
      * Expand
      */
@@ -315,6 +317,8 @@
             goto error;
         }
 
+        bootutil_hmac_sha256_drop(&hmac);
+
         if (len > BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE) {
             memcpy(&okm[off], T, BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE);
             len -= BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE;
@@ -324,7 +328,6 @@
         }
     }
 
-    bootutil_hmac_sha256_drop(&hmac);
     return 0;
 
 error:
commit	73315f7b51b148eed238c8fc51cea92a06fc082f	[log] [tgz]
author	Thomas Altenbach <thomas.altenbach@legrand.com>	Thu Apr 04 13:46:38 2024 +0200
committer	David Brown <davidb@davidb.org>	Tue Apr 23 11:03:22 2024 -0600
tree	e5c5e420e0f078f2945eb7950218ede1c9932670
parent	453096b17ddc3aac7bf6afb97c40591d5ea3aa9c [diff] [blame]