1. multi thread verify bignum AES and SHA

2016-08-15 21:04:57 +08:00 · 2016-08-15 21:04:57 +08:00 · 0f83831c74
commit 0f83831c74
parent 98021903a2
11 changed files with 238 additions and 150 deletions
--- a/components/esp32/aes.c
+++ b/components/esp32/aes.c
@ -24,16 +24,14 @@
 *  http://csrc.nist.gov/encryption/aes/rijndael/Rijndael.pdf
 *  http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
 */
 #include "aes.h"
 #include <string.h>
-#include "esp_thread.h"
+#include "aes.h"
 #include "esp_crypto.h"
 /* Implementation that should never be optimized out by the compiler */
-static void esp_aes_zeroize( void *v, size_t n ) {
+//static void bzero( void *v, size_t n ) {
-    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+//    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
-}
+//}
 void esp_aes_init( AES_CTX *ctx )
 {
@ -50,7 +48,7 @@ void esp_aes_free( AES_CTX *ctx )
    if( ctx == NULL )
        return;
-    esp_aes_zeroize( ctx, sizeof( AES_CTX ) );
+    bzero( ctx, sizeof( AES_CTX ) );
    AES_LOCK();
    AES_GIVE();
@ -84,8 +82,9 @@ int esp_aes_setkey_enc( AES_CTX *ctx, const unsigned char *key,
 		ctx->enc.keybites = keybits;
 		memset(ctx->enc.key, 0, sizeof(ctx->enc.key));
 		memcpy(ctx->enc.key, key, keybyte);
 	} else {
 		ets_aes_setkey_enc(key, keybit);
 	}
 	ets_aes_setkey_enc(key, keybit);
 	return 0;
 }
@ -114,8 +113,9 @@ int esp_aes_setkey_dec( AES_CTX *ctx, const unsigned char *key,
 		ctx->dec.keybites = keybits;
 		memset(ctx->dec.key, 0, sizeof(ctx->dec.key));
 		memcpy(ctx->dec.key, key, keybyte);
 	} else {
 		ets_aes_setkey_dec(key, keybit);
 	}
 	ets_aes_setkey_dec(key, keybit);
 	return 0;
 }
@ -169,10 +169,19 @@ int esp_aes_crypt_ecb( AES_CTX *ctx,
                    const unsigned char input[16],
                    unsigned char output[16] )
 {
 	AES_LOCK();
 	esp_aes_process_enable(ctx, mode);
 	if( mode == AES_ENCRYPT )
        esp_aes_encrypt( ctx, input, output );
    else
        esp_aes_decrypt( ctx, input, output );
 	esp_aes_process_disable(ctx, mode);
 	AES_UNLOCK();
 	return 0;
 }
@ -193,9 +202,6 @@ int esp_aes_crypt_cbc( AES_CTX *ctx,
    if( length % 16 )
        return( ERR_AES_INVALID_INPUT_LENGTH );
    AES_LOCK();
 	esp_aes_process_enable(ctx, mode);
 	if( mode == AES_DECRYPT )
    {
        while( length > 0 )
@ -228,9 +234,6 @@ int esp_aes_crypt_cbc( AES_CTX *ctx,
            length -= 16;
        }
    }
 	esp_aes_process_disable(ctx, mode);
 	AES_UNLOCK();
 	return 0;
 }
@ -249,9 +252,6 @@ int esp_aes_crypt_cfb128( AES_CTX *ctx,
 	int c;
 	size_t n = *iv_off;
 	AES_LOCK();
 	esp_aes_process_enable(ctx, mode);
 	if( mode == AES_DECRYPT )
 	{
 		while( length-- )
@ -280,9 +280,6 @@ int esp_aes_crypt_cfb128( AES_CTX *ctx,
 	}
 	*iv_off = n;
 	esp_aes_process_disable(ctx, mode);
 	AES_UNLOCK();
 	return 0;
 }
@ -300,9 +297,6 @@ int esp_aes_crypt_cfb8( AES_CTX *ctx,
 	unsigned char c;
 	unsigned char ov[17];
 	AES_LOCK();
 	esp_aes_process_enable(ctx, mode);
 	while( length-- )
 	{
 		memcpy( ov, iv, 16 );
@ -318,9 +312,6 @@ int esp_aes_crypt_cfb8( AES_CTX *ctx,
 		memcpy( iv, ov + 1, 16 );
 	}
 	esp_aes_process_disable(ctx, mode);
 	AES_UNLOCK();
 	return 0;
 }
@ -339,10 +330,6 @@ int esp_aes_crypt_ctr( AES_CTX *ctx,
 	int c, i;
    size_t n = *nc_off;
    AES_LOCK();
 	esp_aes_process_enable(ctx, AES_ENCRYPT);
    while( length-- )
    {
        if( n == 0 ) {
@ -359,9 +346,6 @@ int esp_aes_crypt_ctr( AES_CTX *ctx,
    }
    *nc_off = n;
 	esp_aes_process_disable(ctx, AES_ENCRYPT);
 	AES_UNLOCK();
 	return 0;
 }
--- a/components/esp32/bignum.c
+++ b/components/esp32/bignum.c
@ -33,17 +33,16 @@
 *      https://gmplib.org/manual/index.html
 *
 */
 #include "bignum.h"
 #if defined(ESP_BIGNUM_ALT)
 #include <string.h>
 #include <stdlib.h>
-#include "esp_thread.h"
+#include "bignum.h"
 #include "esp_crypto.h"
 /* Implementation that should never be optimized out by the compiler */
-static void esp_mpi_zeroize( void *v, size_t n ) {
+//static void bzero( void *v, size_t n ) {
-    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+//    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
-}
+//}
 #define ciL    (sizeof(esp_mpi_uint))         /* chars in limb  */
 #define biL    (ciL << 3)               /* bits  in limb  */
@ -85,7 +84,7 @@ void esp_mpi_free( mpi *X )
    if( X->p != NULL )
    {
-        esp_mpi_zeroize( X->p, X->n * ciL );
+        bzero( X->p, X->n * ciL );
        free( X->p );
    }
@ -117,7 +116,7 @@ int esp_mpi_grow( mpi *X, size_t nblimbs )
        if( X->p != NULL )
        {
            memcpy( p, X->p, X->n * ciL );
-            esp_mpi_zeroize( X->p, X->n * ciL );
+            bzero( X->p, X->n * ciL );
            free( X->p );
        }
@ -155,7 +154,7 @@ int esp_mpi_shrink( mpi *X, size_t nblimbs )
    if( X->p != NULL )
    {
        memcpy( p, X->p, i * ciL );
-        esp_mpi_zeroize( X->p, X->n * ciL );
+        bzero( X->p, X->n * ciL );
        free( X->p );
    }
@ -1015,11 +1014,76 @@ static void esp_mpi_mul_hlp( size_t i, esp_mpi_uint *s, esp_mpi_uint *d, esp_mpi
 /*
 * Baseline multiplication: X = A * B  (HAC 14.12)
 */
 static int mul_pram_alloc( mpi *X, const mpi *A, const mpi *B, char **pA, char **pB, char **pX, size_t *bites)
 {
    char *sa, *sb, *sx;
 	int algn;
 	int words, bytes;
 	int abytes, bbytes, cbytes;
 	if (A->n > B->n)
 		words = A->n;
 	else
 		words = B->n;
 	bytes = (words / 16 + ((words % 16) ? 1 : 0 )) * 16 * 4 * 2;
 	abytes = A->n * 4;	
 	bbytes = B->n * 4;
 	sa = malloc(bytes);
 	if (!sa) {
       return -1;
 	}
 	sb = malloc(bytes);
 	if (!sb) {
 	   free(sa);
       return -1;
 	}
 	sx = malloc(bytes);
 	if (!sx) {
 	   free(sa);
 	   free(sb);
       return -1;
 	}
 	memcpy(sa, A->p, abytes);
 	memset(sa + abytes, 0, bytes - abytes);
 	memcpy(sb, B->p, bbytes);
 	memset(sb + bbytes, 0, bytes - bbytes);
 	*pA = sa;
 	*pB = sb;
 	*pX = sx;
 	*bites = bytes * 4;
 	return 0;
 }
 void mul_pram_free(char **pA, char **pB, char **pX)
 {
    free(*pA);
 	*pA = NULL;
    free(*pB);
 	*pB = NULL;
 	free(*pX);
 	*pX = NULL;
 }
 int esp_mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B )
 {
-    int ret;
+    int ret = -1;
    size_t i, j;
-	size_t n = 0;
+	char *s1 = NULL, *s2 = NULL, *dest = NULL;
 	size_t bites;
    mpi TA, TB;
@ -1039,14 +1103,19 @@ int esp_mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B )
    MPI_CHK( esp_mpi_grow( X, i + j ) );
    MPI_CHK( esp_mpi_lset( X, 0 ) );
-	n = j;
+	if (mul_pram_alloc(X, A, B, &s1, &s2, &dest, &bites)) {
-//    for( i++; j > 0; j-- )
+       goto cleanup;
-    esp_mpi_mul_hlp( i - 1, A->p, X->p + j - 1, B->p[j - 1] );
+	}
    BIGNUM_LOCK(); 
-	if (ets_bigint_mult_prepare(A->p, B->p, n)){
+	if (ets_bigint_mult_prepare((uint32_t *)s1, (uint32_t *)s2, bites)){
 		ets_bigint_wait_finish();		
-		ets_bigint_mult_getz(X->p, n);
+		if (ets_bigint_mult_getz((uint32_t *)dest, bites) == true) {
 			memcpy(X->p, dest, (i + j) * 4);
 			ret = 0;
 		} else {
            esp_mpi_printf("ets_bigint_mult_getz failed\n");
 		}
 	} else{
 		esp_mpi_printf("Baseline multiplication failed\n");
 	}
@ -1054,6 +1123,8 @@ int esp_mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B )
    X->s = A->s * B->s;
 	mul_pram_free(&s1, &s2, &dest);
 cleanup:
    esp_mpi_free( &TB ); esp_mpi_free( &TA );
--- a/components/esp32/esp_crypto.c
+++ b/components/esp32/esp_crypto.c
@ -0,0 +1,64 @@
 #include "esp_crypto.h"
 #include "freertos/FreeRTOS.h"
 #include "freertos/semphr.h"
 static SemaphoreHandle_t esp_crypto_mutex[MUTEX_MAX_NUM];
 static int esp_crypto_sig[MUTEX_MAX_NUM];
 #if 0
    #define ESP_DEBUG ets_printf
 #else
    #define ESP_DEBUG(...)
 #endif
 int esp_crypto_init(void)
 {
 	int i;
 	for (i = 0; i < MUTEX_MAX_NUM; i++) {
 		esp_crypto_mutex[i] = xSemaphoreCreateMutex();
 		ESP_DEBUG("init num %d mutex %p\n", i, esp_crypto_mutex[i]);
 		if (!esp_crypto_mutex[i]) {
 			goto failed1;
 		}
 		esp_crypto_sig[i] = 0;
 	}
 	return 0;
 failed1:
 	ESP_DEBUG("esp_crypto_init failed\n");
 	for (i--; i >= 0; i--)
 		vQueueDelete(esp_crypto_mutex[i]);
 	return -1;
 }
 void esp_crypto_lock(unsigned int num)
 {
 	ESP_DEBUG("1num %d, mutex %p\n", num, esp_crypto_mutex[num]);
 	xSemaphoreTake(esp_crypto_mutex[num], portMAX_DELAY);
 }
 void esp_crypto_unlock(unsigned int num)
 {
 	ESP_DEBUG("2num %d, mutex %p\n", num, esp_crypto_mutex[num]);
 	xSemaphoreGive(esp_crypto_mutex[num]);
 }
 void esp_crypto_take(unsigned int num)
 {
 	esp_crypto_sig[num]++;
 }
 void esp_crypto_give(unsigned int num)
 {
 	if (esp_crypto_sig[num])
 	   esp_crypto_sig[num]--;
 }
 bool esp_crypto_is_used(unsigned int num)
 {
 	return (esp_crypto_sig[num] != 0) ? true : false;
 }
--- a/components/esp32/esp_thread.c
+++ b/components/esp32/esp_thread.c
@ -1,53 +0,0 @@
 #include "esp_thread.h"
 #include "freertos/FreeRTOS.h"
 #include "freertos/semphr.h"
 static xSemaphoreHandle esp_thread_mutex[MUTEX_MAX_NUM];
 static int esp_thread_sig[MUTEX_MAX_NUM];
 int esp_thread_init(void)
 {
 	int i;
 	for (i = 0; i < MUTEX_MAX_NUM; i++) {
 		esp_thread_mutex[i] = xSemaphoreCreateMutex();
 		if (!esp_thread_mutex[i]) {
 			goto failed1;
 		}
 		esp_thread_sig[i] = 0;
 	}
 	return 0;
 failed1:
 	for (i--; i >= 0; i--)
 		vQueueDelete(esp_thread_mutex[i]);
 	return -1;
 }
 void esp_thread_lock(unsigned int num)
 {
 	xSemaphoreTake(esp_thread_mutex[num], portMAX_DELAY);
 }
 void esp_thread_unlock(unsigned int num)
 {
 	xSemaphoreGive(esp_thread_mutex[num]);
 }
 void esp_thread_take(unsigned int num)
 {
 	esp_thread_sig[num]++;
 }
 void esp_thread_give(unsigned int num)
 {
 	esp_thread_sig[num]--;
 }
 bool esp_thread_is_used(unsigned int num)
 {
 	return (esp_thread_sig[num] != 0) ? true : false;
 }
--- a/components/esp32/include/bignum.h
+++ b/components/esp32/include/bignum.h
@ -27,9 +27,9 @@
 #include "rom/ets_sys.h"
 #include "rom/bigint.h"
-#define ESP_BIGNUM_ALT
+
 #define MPI_DEBUG_ALT
-#if defined(ESP_BIGNUM_ALT)
+
 #define ERR_MPI_FILE_IO_ERROR                     -0x0002  /**< An error occurred while reading from or writing to a file. */
 #define ERR_MPI_BAD_INPUT_DATA                    -0x0004  /**< Bad input parameters to function. */
@ -700,7 +700,7 @@ int esp_mpi_is_prime( const mpi *X,
 int esp_mpi_gen_prime( mpi *X, size_t nbits, int dh_flag,
                   int (*f_rng)(void *, unsigned char *, size_t),
                   void *p_rng );
-#endif
+
 #endif
--- a/components/esp32/include/esp_crypto.h
+++ b/components/esp32/include/esp_crypto.h
@ -1,5 +1,5 @@
-#ifndef _MULTI_THREAD_H_
+#ifndef _MULTI_CRYPTO_H_
-#define _MULTI_THREAD_H_
+#define _MULTI_CRYPTO_H_
 #include "c_types.h"
 #include "rom/ets_sys.h"
@ -16,21 +16,21 @@ enum {
 	MUTEX_MAX_NUM,
 };
-int esp_thread_init(void);
+int esp_crypto_init(void);
-void esp_thread_lock(unsigned int num);
+void esp_crypto_lock(unsigned int num);
-void esp_thread_unlock(unsigned int num);
+void esp_crypto_unlock(unsigned int num);
-void esp_thread_take(unsigned int num);
+void esp_crypto_take(unsigned int num);
-void esp_thread_give(unsigned int num);
+void esp_crypto_give(unsigned int num);
-bool esp_thread_is_used(unsigned int num);
+bool esp_crypto_is_used(unsigned int num);
-#define MUTEX_LOCK(num) esp_thread_lock(num)
+#define MUTEX_LOCK(num) esp_crypto_lock(num)
-#define MUTEX_UNLOCK(num) esp_thread_unlock(num)
+#define MUTEX_UNLOCK(num) esp_crypto_unlock(num)
-#define SIG_TAKE(num) esp_thread_take(num)
+#define SIG_TAKE(num) esp_crypto_take(num)
-#define SIG_GIVE(num) esp_thread_give(num)
+#define SIG_GIVE(num) esp_crypto_give(num)
-#define SIG_IS_USED(num) esp_thread_is_used(num)
+#define SIG_IS_USED(num) esp_crypto_is_used(num)
 #define AES_LOCK() MUTEX_LOCK(AES_MUTEX)
 #define AES_UNLOCK() MUTEX_UNLOCK(AES_MUTEX)
@ -53,4 +53,4 @@ bool esp_thread_is_used(unsigned int num);
 }
 #endif
-#endif /* esp_thread.h */
+#endif /* esp_crypto.h */
--- a/components/esp32/sha.c
+++ b/components/esp32/sha.c
@ -23,15 +23,14 @@
 *  http://www.itl.nist.gov/fipspubs/fip180-1.htm
 */
 #include "sha.h"
 #include <string.h>
-#include "esp_thread.h"
+#include "sha.h"
 #include "esp_crypto.h"
 /* Implementation that should never be optimized out by the compiler */
-static void esp_sha_zeroize( void *v, size_t n ) {
+//static void bzero( void *v, size_t n ) {
-    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+//    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
-}
+//}
 void esp_sha1_init( SHA1_CTX *ctx )
 {
@ -48,7 +47,7 @@ void esp_sha1_free( SHA1_CTX *ctx )
    if( ctx == NULL )
        return;
-    esp_sha_zeroize( ctx, sizeof( SHA1_CTX ) );
+    bzero( ctx, sizeof( SHA1_CTX ) );
    SHA_LOCK();
    SHA_GIVE();
@ -74,7 +73,6 @@ void esp_sha1_starts( SHA1_CTX *ctx )
 {
 	SHA_LOCK();
 	ets_sha_init(&ctx->context);
 	SHA_UNLOCK();
 	ctx->context_type = SHA1;
 }
@ -84,7 +82,6 @@ void esp_sha1_starts( SHA1_CTX *ctx )
 */
 void esp_sha1_update( SHA1_CTX *ctx, const unsigned char *input, size_t ilen )
 {
 	SHA_LOCK();
 	ets_sha_update(&ctx->context, ctx->context_type, input, ilen * 8);
 }
@ -133,7 +130,7 @@ void esp_sha256_free( SHA256_CTX *ctx )
    if( ctx == NULL )
        return;
-    esp_sha_zeroize( ctx, sizeof( SHA256_CTX ) );
+    bzero( ctx, sizeof( SHA256_CTX ) );
    SHA_LOCK();
    SHA_GIVE();
@ -154,7 +151,6 @@ void esp_sha256_starts( SHA256_CTX *ctx, int is224 )
 {
 	SHA_LOCK();
    ets_sha_init(&ctx->context);
    SHA_UNLOCK();
 	if( is224 == 0 )
    {
@ -171,7 +167,6 @@ void esp_sha256_starts( SHA256_CTX *ctx, int is224 )
 */
 void esp_sha256_update( SHA256_CTX *ctx, const unsigned char *input, size_t ilen )
 {
 	SHA_LOCK();
 	ets_sha_update(&ctx->context, ctx->context_type, input, ilen * 8);
 }
@ -215,7 +210,7 @@ void esp_sha512_free( SHA512_CTX *ctx )
    if( ctx == NULL )
        return;
-    esp_sha_zeroize( ctx, sizeof( SHA512_CTX ) );
+    bzero( ctx, sizeof( SHA512_CTX ) );
    SHA_LOCK();
    SHA_GIVE();
@ -236,7 +231,7 @@ void esp_sha512_starts( SHA512_CTX *ctx, int is384 )
 {
 	SHA_LOCK();
 	ets_sha_init(&ctx->context);
-	SHA_UNLOCK();
+
    if( is384 == 0 )
    {
        /* SHA-512 */
@ -254,7 +249,6 @@ void esp_sha512_starts( SHA512_CTX *ctx, int is384 )
 */
 void esp_sha512_update( SHA512_CTX *ctx, const unsigned char *input,size_t ilen )
 {
 	SHA_LOCK();
    ets_sha_update(&ctx->context, ctx->context_type, input, ilen * 8);
 }
--- a/components/mbedtls/library/aes.c
+++ b/components/mbedtls/library/aes.c
@ -1238,8 +1238,7 @@ int mbedtls_aes_self_test( int verbose )
 #endif
    mbedtls_aes_context ctx;
-    memset( key, 0, 32 );
+	memset( key, 0, 32 );
    mbedtls_aes_init( &ctx );
    /*
     * ECB mode
@ -1255,6 +1254,8 @@ int mbedtls_aes_self_test( int verbose )
        memset( buf, 0, 16 );
    	mbedtls_aes_init( &ctx );
        if( v == MBEDTLS_AES_DECRYPT )
        {
            mbedtls_aes_setkey_dec( &ctx, key, 128 + u * 64 );
@ -1267,6 +1268,7 @@ int mbedtls_aes_self_test( int verbose )
                if( verbose != 0 )
                    mbedtls_printf( "failed\n" );
 				mbedtls_aes_free( &ctx );
                ret = 1;
                goto exit;
            }
@ -1283,6 +1285,8 @@ int mbedtls_aes_self_test( int verbose )
                if( verbose != 0 )
                    mbedtls_printf( "failed\n" );
 				mbedtls_aes_free( &ctx );
                ret = 1;
                goto exit;
            }
@ -1290,6 +1294,8 @@ int mbedtls_aes_self_test( int verbose )
        if( verbose != 0 )
            mbedtls_printf( "passed\n" );
 		mbedtls_aes_free( &ctx );
    }
    if( verbose != 0 )
@ -1312,6 +1318,8 @@ int mbedtls_aes_self_test( int verbose )
        memset( prv, 0, 16 );
        memset( buf, 0, 16 );
 		mbedtls_aes_init( &ctx );
        if( v == MBEDTLS_AES_DECRYPT )
        {
            mbedtls_aes_setkey_dec( &ctx, key, 128 + u * 64 );
@ -1324,6 +1332,8 @@ int mbedtls_aes_self_test( int verbose )
                if( verbose != 0 )
                    mbedtls_printf( "failed\n" );
 				mbedtls_aes_free( &ctx );
                ret = 1;
                goto exit;
            }
@ -1348,6 +1358,8 @@ int mbedtls_aes_self_test( int verbose )
                if( verbose != 0 )
                    mbedtls_printf( "failed\n" );
 				mbedtls_aes_free( &ctx );
                ret = 1;
                goto exit;
            }
@ -1355,6 +1367,8 @@ int mbedtls_aes_self_test( int verbose )
        if( verbose != 0 )
            mbedtls_printf( "passed\n" );
 		mbedtls_aes_free( &ctx );
    }
    if( verbose != 0 )
@ -1377,6 +1391,8 @@ int mbedtls_aes_self_test( int verbose )
        memcpy( iv,  aes_test_cfb128_iv, 16 );
        memcpy( key, aes_test_cfb128_key[u], 16 + u * 8 );
 		mbedtls_aes_init( &ctx );
        offset = 0;
        mbedtls_aes_setkey_enc( &ctx, key, 128 + u * 64 );
@ -1433,6 +1449,8 @@ int mbedtls_aes_self_test( int verbose )
        memcpy( nonce_counter, aes_test_ctr_nonce_counter[u], 16 );
        memcpy( key, aes_test_ctr_key[u], 16 );
 		mbedtls_aes_init( &ctx );
        offset = 0;
        mbedtls_aes_setkey_enc( &ctx, key, 128 );
--- a/components/mbedtls/library/sha1.c
+++ b/components/mbedtls/library/sha1.c
@ -396,13 +396,13 @@ int mbedtls_sha1_self_test( int verbose )
    unsigned char sha1sum[20];
    mbedtls_sha1_context ctx;
    mbedtls_sha1_init( &ctx );
    /*
     * SHA-1
     */
    for( i = 0; i < 3; i++ )
    {
    	mbedtls_sha1_init( &ctx );
        if( verbose != 0 )
            mbedtls_printf( "  SHA-1 test #%d: ", i + 1 );
@ -426,19 +426,22 @@ int mbedtls_sha1_self_test( int verbose )
            if( verbose != 0 )
                mbedtls_printf( "failed\n" );
 			mbedtls_sha1_free( &ctx );
            ret = 1;
            goto exit;
        }
        if( verbose != 0 )
            mbedtls_printf( "passed\n" );
 		mbedtls_sha1_free( &ctx );
    }
    if( verbose != 0 )
        mbedtls_printf( "\n" );
 exit:
    mbedtls_sha1_free( &ctx );
    return( ret );
 }
--- a/components/mbedtls/library/sha256.c
+++ b/components/mbedtls/library/sha256.c
@ -393,13 +393,13 @@ int mbedtls_sha256_self_test( int verbose )
    unsigned char sha256sum[32];
    mbedtls_sha256_context ctx;
    mbedtls_sha256_init( &ctx );
    for( i = 0; i < 6; i++ )
    {
        j = i % 3;
        k = i < 3;
        mbedtls_sha256_init( &ctx );
        if( verbose != 0 )
            mbedtls_printf( "  SHA-%d test #%d: ", 256 - k * 32, j + 1 );
@ -423,19 +423,22 @@ int mbedtls_sha256_self_test( int verbose )
            if( verbose != 0 )
                mbedtls_printf( "failed\n" );
 			mbedtls_sha256_free( &ctx );
            ret = 1;
            goto exit;
        }
        if( verbose != 0 )
            mbedtls_printf( "passed\n" );
 		mbedtls_sha256_free( &ctx );
    }
    if( verbose != 0 )
        mbedtls_printf( "\n" );
 exit:
    mbedtls_sha256_free( &ctx );
    return( ret );
 }
--- a/components/mbedtls/library/sha512.c
+++ b/components/mbedtls/library/sha512.c
@ -449,13 +449,13 @@ int mbedtls_sha512_self_test( int verbose )
    unsigned char sha512sum[64];
    mbedtls_sha512_context ctx;
    mbedtls_sha512_init( &ctx );
    for( i = 0; i < 6; i++ )
    {
        j = i % 3;
        k = i < 3;
 		mbedtls_sha512_init( &ctx );
        if( verbose != 0 )
            mbedtls_printf( "  SHA-%d test #%d: ", 512 - k * 128, j + 1 );
@ -479,19 +479,23 @@ int mbedtls_sha512_self_test( int verbose )
            if( verbose != 0 )
                mbedtls_printf( "failed\n" );
 			mbedtls_sha512_free( &ctx );
            ret = 1;
            goto exit;
        }
        if( verbose != 0 )
            mbedtls_printf( "passed\n" );
 		mbedtls_sha512_free( &ctx );
    }
    if( verbose != 0 )
        mbedtls_printf( "\n" );
 exit:
-    mbedtls_sha512_free( &ctx );
+    
    return( ret );
 }