Print this page
9642 PKCS#11 softtoken should use explicit_bzero
Reviewed by: Dan McDonald <danmcd@joyent.com>
Reviewed by: Alex Wilson <alex.wilson@joyent.com>
*** 20,33 ****
*/
/*
* Copyright 2007 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
- #pragma ident "%Z%%M% %I% %E% SMI"
-
#include <pthread.h>
#include <errno.h>
#include <stdio.h>
#include <strings.h>
#include <sys/crypto/ioctl.h>
--- 20,32 ----
*/
/*
* Copyright 2007 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
+ * Copyright (c) 2018, Joyent, Inc.
*/
#include <pthread.h>
#include <errno.h>
#include <stdio.h>
#include <strings.h>
#include <sys/crypto/ioctl.h>
*** 232,257 ****
session_p = (soft_session_t *)s;
if (session_p == NULL)
return;
if (opflag & OP_SIGN) {
! if (session_p->sign.context == NULL)
! return;
! bzero(session_p->sign.context, sizeof (soft_hmac_ctx_t));
! free(session_p->sign.context);
session_p->sign.context = NULL;
session_p->sign.flags = 0;
} else if (opflag & OP_VERIFY) {
! if (session_p->verify.context == NULL)
! return;
! bzero(session_p->verify.context, sizeof (soft_hmac_ctx_t));
! free(session_p->verify.context);
session_p->verify.context = NULL;
session_p->verify.flags = 0;
} else {
- if (session_p->digest.context == NULL)
- return;
free(session_p->digest.context);
session_p->digest.context = NULL;
session_p->digest.flags = 0;
}
}
--- 231,250 ----
session_p = (soft_session_t *)s;
if (session_p == NULL)
return;
if (opflag & OP_SIGN) {
! freezero(session_p->sign.context,
! sizeof (soft_hmac_ctx_t));
session_p->sign.context = NULL;
session_p->sign.flags = 0;
} else if (opflag & OP_VERIFY) {
! freezero(session_p->verify.context,
! sizeof (soft_hmac_ctx_t));
session_p->verify.context = NULL;
session_p->verify.flags = 0;
} else {
free(session_p->digest.context);
session_p->digest.context = NULL;
session_p->digest.flags = 0;
}
}