Refactor: OCSP object allocation

Refactors OCSP object allocation and freeing:
- Introduces `wc_NewOCSP` to allocate and initialize `WOLFSSL_OCSP` objects with error handling.
- Introduces `wc_FreeOCSP` to free `WOLFSSL_OCSP` objects.
- Simplifies OCSP usage in tests by using the new allocation/freeing functions.
- Remove `wc_InitOCSP` since `WOLFSSL_OCSP` is an opaque struct

Author: julek-wolfssl

src/ocsp.c

@@ -44,15 +44,26 @@
     #include <wolfcrypt/src/misc.c>
 #endif
 
-
-int  wc_InitOCSP(WOLFSSL_OCSP* ocsp, WOLFSSL_CERT_MANAGER* cm)
+/* Allocates and initializes a WOLFSSL_OCSP object. Returns pointer on success, NULL on failure. */
+WOLFSSL_OCSP* wc_NewOCSP(WOLFSSL_CERT_MANAGER* cm)
 {
-    return InitOCSP(ocsp, cm);
+    WOLFSSL_OCSP* ocsp = NULL;
+    ocsp = (WOLFSSL_OCSP*)XMALLOC(sizeof(WOLFSSL_OCSP), cm ? cm->heap : NULL, DYNAMIC_TYPE_OCSP);
+    if (ocsp == NULL)
+        return NULL;
+    if (InitOCSP(ocsp, cm) != 0) {
+        XFREE(ocsp, cm ? cm->heap : NULL, DYNAMIC_TYPE_OCSP);
+        return NULL;
+    }
+    return ocsp;
 }
 
+/* Frees a WOLFSSL_OCSP object allocated by wc_NewOCSP. */
 void wc_FreeOCSP(WOLFSSL_OCSP* ocsp)
 {
-    FreeOCSP(ocsp, 0);
+    if (ocsp) {
+        FreeOCSP(ocsp, 1);
+    }
 }
 
 int wc_CheckCertOcspResponse(WOLFSSL_OCSP *ocsp, DecodedCert *cert,

tests/api/test_ocsp.c

@@ -765,8 +765,7 @@ static int test_ocsp_tls_cert_cb_verify_cb(int preverify,
         WOLFSSL_CERT_MANAGER* cm = NULL;
         DecodedCert cert;
         byte certInit = 0;
-        WOLFSSL_OCSP ocsp;
-        byte ocspInit = 0;
+        WOLFSSL_OCSP* ocsp = NULL;
 
         ret = 1;
         cm = wolfSSL_CertManagerNew();
@@ -798,19 +797,16 @@ static int test_ocsp_tls_cert_cb_verify_cb(int preverify,
             if (ret == 1 && (ocspStaple == NULL || ocspStaple->buffer == NULL ||
                     ocspStaple->length == 0))
                 ret = 0;
-            if (ret == 1 && wc_InitOCSP(&ocsp, cm) != 0)
+            if (ret == 1 && (ocsp = wc_NewOCSP(cm)) == NULL)
                 ret = 0;
-            if (ret == 1)
-                ocspInit = 1;
             if (ret == 1 &&
-                    wc_CheckCertOcspResponse(&ocsp, &cert, ocspStaple->buffer,
-                            ocspStaple->length, NULL) != 0)
+                wc_CheckCertOcspResponse(ocsp, &cert, ocspStaple->buffer,
+                        ocspStaple->length, NULL) != 0)
                 ret = 0;
         }
 #endif
 
-        if (ocspInit)
-            wc_FreeOCSP(&ocsp);
+        wc_FreeOCSP(ocsp);
         if (certInit)
             wc_FreeDecodedCert(&cert);
         wolfSSL_CertManagerFree(cm);
@@ -829,8 +825,7 @@ static int test_ocsp_tls_cert_cb_ocsp_verify_cb(WOLFSSL* ssl, int err,
         WOLFSSL_CERT_MANAGER* cm = NULL;
         DecodedCert cert;
         byte certInit = 0;
-        WOLFSSL_OCSP ocsp;
-        byte ocspInit = 0;
+        WOLFSSL_OCSP* ocsp = NULL;
         WOLFSSL_X509_CHAIN* peerCerts;
 
         cm = wolfSSL_CertManagerNew();
@@ -855,16 +850,14 @@ static int test_ocsp_tls_cert_cb_ocsp_verify_cb(WOLFSSL* ssl, int err,
         certInit = 1;
         if (wc_ParseCert(&cert, CERT_TYPE, VERIFY, cm) != 0)
             goto cleanup;
-        if (wc_InitOCSP(&ocsp, cm) != 0)
+        if ((ocsp = wc_NewOCSP(cm)) == NULL)
             goto cleanup;
-        ocspInit = 1;
-        if (wc_CheckCertOcspResponse(&ocsp, &cert, staple, stapleSz, NULL) != 0)
+        if (wc_CheckCertOcspResponse(ocsp, &cert, staple, stapleSz, NULL) != 0)
             goto cleanup;
 
         err = 0;
 cleanup:
-        if (ocspInit)
-            wc_FreeOCSP(&ocsp);
+        wc_FreeOCSP(ocsp);
         if (certInit)
             wc_FreeDecodedCert(&cert);
         wolfSSL_CertManagerFree(cm);

wolfssl/ocsp.h

@@ -77,7 +77,9 @@ WOLFSSL_LOCAL int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int resp
 WOLFSSL_LOCAL int CheckOcspResponder(OcspResponse *bs, DecodedCert *cert,
                                      void* vp);
 
-WOLFSSL_API int  wc_InitOCSP(WOLFSSL_OCSP* ocsp, WOLFSSL_CERT_MANAGER* cm);
+/* Allocates and initializes a WOLFSSL_OCSP object */
+WOLFSSL_API WOLFSSL_OCSP* wc_NewOCSP(WOLFSSL_CERT_MANAGER* cm);
+/* Frees a WOLFSSL_OCSP object allocated by wc_NewOCSP */
 WOLFSSL_API void wc_FreeOCSP(WOLFSSL_OCSP* ocsp);
 WOLFSSL_API int wc_CheckCertOcspResponse(WOLFSSL_OCSP *ocsp, DecodedCert *cert,
         byte *response, int responseSz, void* heap);