Merge pull request #408 from tropicsquare/ETR01SDK-459-Enhance-deinitialization-on-errors

ETR01SDK-459: Enhance deinitialization on errors

Author: medexs

CHANGELOG.md

@@ -22,16 +22,20 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Logging: `lt_port_log` function for platform-specific logging mechanism; is used by the logging macros declared in `libtropic_logging.h`.
 - CAL: `lt_sha256_deinit` function to deinitialize the SHA-256 context. It is called after the SHA-256 operation is finalized, so it must do an exhaustive cleanup.
 - ESP-IDF HAL for Espressif SoCs.
+- Missing secure memory zeroing to `lt_in__session_start()` and `lt_hkdf()` (internal function).
+- Missing check of `lt_handle_t.l3.session_status` in `lt_in__ecc_key_generate()`.
 
 ### Fixed
 - `lt_print_bytes` function now returns `LT_PARAM_ERR` when incorrect parameters are passed instead of `LT_FAIL`.
 - `lt_print_fw_header` function now returns `LT_PARAM_ERR` when incorrect bank ID is used instead of `LT_FAIL`.
 - Linux SPI HAL: If SPI mode 0 is not supported, cleanup and return with an error.
+- If `lt_init()` fails, it performs the needed cleanup itself -> the user should call `lt_deinit()` only after `lt_init()` succeeds.
 
 ### Removed
 - Logging: Redundant/unused macros `LT_LOG`, `LT_LOG_RESULT`, `LT_LOG_VALUE`.
 - Arduino HAL: Removed `rng_seed` from `lt_dev_arduino_t`, as it should be user's responsibility to initialize the PRNG.
 - Arduino HAL: Removed `SPI.begin()` and `SPI.end()` calls (fixes [this](https://github.com/tropicsquare/libtropic-arduino/issues/15) issue). It is now expected that users initialize SPI in their code themselves.
+- Redundant checks of `lt_handle_t.l3.session_status` in `lt_l3_encrypt_request()` and `lt_l3_decrypt_response()`.
 
 ## [3.0.0]
 

src/libtropic.c

@@ -42,7 +42,7 @@ lt_ret_t lt_init(lt_handle_t *h)
         return LT_PARAM_ERR;
     }
 
-    lt_ret_t ret;
+    lt_ret_t ret, ret_unused;
 
     // When compiling libtropic with l3 buffer embedded into handle,
     // define buffer's length here (later used to prevent overflow during communication).
@@ -59,21 +59,31 @@ lt_ret_t lt_init(lt_handle_t *h)
 
     ret = lt_crypto_ctx_init(h->l3.crypto_ctx);
     if (ret != LT_OK) {
-        return ret;
+        goto l1_cleanup;
     }
 
     // Prevent usage of insufficient buffer.
     if (h->l3.buff_len < LT_SIZE_OF_L3_BUFF) {
-        return LT_L3_BUFFER_TOO_SMALL;
+        ret = LT_L3_BUFFER_TOO_SMALL;
+        goto crypto_ctx_cleanup;
     }
 
     // Initialize the TROPIC01 attributes based on its Application FW.
     ret = lt_init_tr01_attrs(h);
     if (ret != LT_OK) {
-        return ret;
+        goto crypto_ctx_cleanup;
     }
 
     return LT_OK;
+
+crypto_ctx_cleanup:
+    ret_unused = lt_crypto_ctx_deinit(&h->l3.crypto_ctx);
+
+l1_cleanup:
+    ret_unused = lt_l1_deinit(&h->l2);
+    LT_UNUSED(ret_unused);
+
+    return ret;
 }
 
 lt_ret_t lt_deinit(lt_handle_t *h)
@@ -415,21 +425,21 @@ lt_ret_t lt_session_start(lt_handle_t *h, const uint8_t *stpub, const lt_pkey_in
 
     lt_ret_t ret = lt_out__session_start(h, pkey_index, &host_eph_keys);
     if (ret != LT_OK) {
-        goto lt_session_start_cleanup;
+        goto cleanup;
     }
 
     ret = lt_l2_send(&h->l2);
     if (ret != LT_OK) {
-        goto lt_session_start_cleanup;
+        goto cleanup;
     }
     ret = lt_l2_receive(&h->l2);
     if (ret != LT_OK) {
-        goto lt_session_start_cleanup;
+        goto cleanup;
     }
 
     ret = lt_in__session_start(h, stpub, pkey_index, shipriv, shipub, &host_eph_keys);
 
-lt_session_start_cleanup:
+cleanup:
     lt_secure_memzero(&host_eph_keys, sizeof(lt_host_eph_keys_t));
     return ret;
 }