Print this page
9642 PKCS#11 softtoken should use explicit_bzero
Reviewed by: Dan McDonald <danmcd@joyent.com>
Reviewed by: Alex Wilson <alex.wilson@joyent.com>
*** 19,28 ****
--- 19,29 ----
* CDDL HEADER END
*/
/*
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
+ * Copyright 2018, Joyent, Inc.
*/
#include <strings.h>
#include <errno.h>
#include <ecc_impl.h>
*** 341,365 ****
if (rv != CRYPTO_SUCCESS) {
goto failed_exit;
}
new_objp->is_lib_obj = B_TRUE;
new_objp->session_handle = (CK_SESSION_HANDLE)session_p;
! (void) free(newTemplate);
! bzero(key_buf, key_len);
! (void) free(key_buf);
return (CKR_OK);
failed_exit:
free_attributes(obj_ngk.ngk_in_attributes, &obj_ngk.ngk_in_count);
free_attributes(obj_ngk.ngk_out_attributes, &obj_ngk.ngk_out_count);
! if (key_buf != NULL) {
! bzero(key_buf, key_len);
! (void) free(key_buf);
! }
! if (newTemplate != NULL) {
! (void) free(newTemplate);
! }
return (rv);
}
CK_RV
C_GenerateKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
--- 342,360 ----
if (rv != CRYPTO_SUCCESS) {
goto failed_exit;
}
new_objp->is_lib_obj = B_TRUE;
new_objp->session_handle = (CK_SESSION_HANDLE)session_p;
! free(newTemplate);
! freezero(key_buf, key_len);
return (CKR_OK);
failed_exit:
free_attributes(obj_ngk.ngk_in_attributes, &obj_ngk.ngk_in_count);
free_attributes(obj_ngk.ngk_out_attributes, &obj_ngk.ngk_out_count);
! freezero(key_buf, key_len);
! free(newTemplate);
return (rv);
}
CK_RV
C_GenerateKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,