Print this page
9642 PKCS#11 softtoken should use explicit_bzero
Reviewed by: Dan McDonald <danmcd@joyent.com>
Reviewed by: Alex Wilson <alex.wilson@joyent.com>
*** 19,28 ****
--- 19,29 ----
* CDDL HEADER END
*/
/*
* Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2018, Joyent, Inc.
*/
#include <pthread.h>
#include <stdlib.h>
#include <string.h>
*** 149,162 ****
soft_des_ctx->des_cbc = (void *)des_cbc_ctx_init(
soft_des_ctx->key_sched, soft_des_ctx->keysched_len,
soft_des_ctx->ivec, key_p->key_type);
if (soft_des_ctx->des_cbc == NULL) {
! bzero(soft_des_ctx->key_sched,
soft_des_ctx->keysched_len);
! free(soft_des_ctx->key_sched);
! free(session_p->decrypt.context);
session_p->decrypt.context = NULL;
(void) pthread_mutex_unlock(&session_p->session_mutex);
return (CKR_HOST_MEMORY);
}
--- 150,163 ----
soft_des_ctx->des_cbc = (void *)des_cbc_ctx_init(
soft_des_ctx->key_sched, soft_des_ctx->keysched_len,
soft_des_ctx->ivec, key_p->key_type);
if (soft_des_ctx->des_cbc == NULL) {
! freezero(soft_des_ctx->key_sched,
soft_des_ctx->keysched_len);
! freezero(session_p->decrypt.context,
! sizeof (soft_des_ctx_t));
session_p->decrypt.context = NULL;
(void) pthread_mutex_unlock(&session_p->session_mutex);
return (CKR_HOST_MEMORY);
}
*** 205,218 ****
soft_aes_ctx->aes_cbc = (void *)aes_cbc_ctx_init(
soft_aes_ctx->key_sched, soft_aes_ctx->keysched_len,
soft_aes_ctx->ivec);
if (soft_aes_ctx->aes_cbc == NULL) {
! bzero(soft_aes_ctx->key_sched,
soft_aes_ctx->keysched_len);
! free(soft_aes_ctx->key_sched);
! free(session_p->decrypt.context);
session_p->decrypt.context = NULL;
(void) pthread_mutex_unlock(&session_p->session_mutex);
return (CKR_HOST_MEMORY);
}
--- 206,219 ----
soft_aes_ctx->aes_cbc = (void *)aes_cbc_ctx_init(
soft_aes_ctx->key_sched, soft_aes_ctx->keysched_len,
soft_aes_ctx->ivec);
if (soft_aes_ctx->aes_cbc == NULL) {
! freezero(soft_aes_ctx->key_sched,
soft_aes_ctx->keysched_len);
! freezero(session_p->decrypt.context,
! sizeof (soft_aes_ctx_t));
session_p->decrypt.context = NULL;
(void) pthread_mutex_unlock(&session_p->session_mutex);
return (CKR_HOST_MEMORY);
}
*** 245,258 ****
soft_aes_ctx->aes_cbc = aes_ctr_ctx_init(
soft_aes_ctx->key_sched, soft_aes_ctx->keysched_len,
pMechanism->pParameter);
if (soft_aes_ctx->aes_cbc == NULL) {
! bzero(soft_aes_ctx->key_sched,
soft_aes_ctx->keysched_len);
! free(soft_aes_ctx->key_sched);
! free(session_p->decrypt.context);
session_p->decrypt.context = NULL;
rv = CKR_HOST_MEMORY;
}
(void) pthread_mutex_unlock(&session_p->session_mutex);
--- 246,259 ----
soft_aes_ctx->aes_cbc = aes_ctr_ctx_init(
soft_aes_ctx->key_sched, soft_aes_ctx->keysched_len,
pMechanism->pParameter);
if (soft_aes_ctx->aes_cbc == NULL) {
! freezero(soft_aes_ctx->key_sched,
soft_aes_ctx->keysched_len);
! freezero(session_p->decrypt.context,
! sizeof (soft_aes_ctx_t));
session_p->decrypt.context = NULL;
rv = CKR_HOST_MEMORY;
}
(void) pthread_mutex_unlock(&session_p->session_mutex);
*** 290,303 ****
(void *)blowfish_cbc_ctx_init(soft_blowfish_ctx->key_sched,
soft_blowfish_ctx->keysched_len,
soft_blowfish_ctx->ivec);
if (soft_blowfish_ctx->blowfish_cbc == NULL) {
! bzero(soft_blowfish_ctx->key_sched,
soft_blowfish_ctx->keysched_len);
! free(soft_blowfish_ctx->key_sched);
! free(session_p->decrypt.context = NULL);
(void) pthread_mutex_unlock(&session_p->session_mutex);
return (CKR_HOST_MEMORY);
}
(void) pthread_mutex_unlock(&session_p->session_mutex);
--- 291,305 ----
(void *)blowfish_cbc_ctx_init(soft_blowfish_ctx->key_sched,
soft_blowfish_ctx->keysched_len,
soft_blowfish_ctx->ivec);
if (soft_blowfish_ctx->blowfish_cbc == NULL) {
! freezero(soft_blowfish_ctx->key_sched,
soft_blowfish_ctx->keysched_len);
! freezero(session_p->decrypt.context,
! sizeof (soft_blowfish_ctx_t));
! session_p->decrypt.context = NULL;
(void) pthread_mutex_unlock(&session_p->session_mutex);
return (CKR_HOST_MEMORY);
}
(void) pthread_mutex_unlock(&session_p->session_mutex);
*** 552,564 ****
if (soft_des_ctx->remain_len != DES_BLOCK_LEN) {
*pulLastPartLen = 0;
rv = CKR_ENCRYPTED_DATA_LEN_RANGE;
/* Cleanup memory space. */
free(soft_des_ctx->des_cbc);
! bzero(soft_des_ctx->key_sched,
soft_des_ctx->keysched_len);
- free(soft_des_ctx->key_sched);
goto clean1;
}
out_len = DES_BLOCK_LEN;
--- 554,565 ----
if (soft_des_ctx->remain_len != DES_BLOCK_LEN) {
*pulLastPartLen = 0;
rv = CKR_ENCRYPTED_DATA_LEN_RANGE;
/* Cleanup memory space. */
free(soft_des_ctx->des_cbc);
! freezero(soft_des_ctx->key_sched,
soft_des_ctx->keysched_len);
goto clean1;
}
out_len = DES_BLOCK_LEN;
*** 606,618 ****
rv = CKR_FUNCTION_FAILED;
}
/* Cleanup memory space. */
free(soft_des_ctx->des_cbc);
! bzero(soft_des_ctx->key_sched,
soft_des_ctx->keysched_len);
- free(soft_des_ctx->key_sched);
}
break;
}
--- 607,618 ----
rv = CKR_FUNCTION_FAILED;
}
/* Cleanup memory space. */
free(soft_des_ctx->des_cbc);
! freezero(soft_des_ctx->key_sched,
soft_des_ctx->keysched_len);
}
break;
}
*** 639,650 ****
goto clean2;
}
/* Cleanup memory space. */
free(soft_des_ctx->des_cbc);
! bzero(soft_des_ctx->key_sched, soft_des_ctx->keysched_len);
! free(soft_des_ctx->key_sched);
break;
}
case CKM_AES_CBC_PAD:
--- 639,650 ----
goto clean2;
}
/* Cleanup memory space. */
free(soft_des_ctx->des_cbc);
! freezero(soft_des_ctx->key_sched,
! soft_des_ctx->keysched_len);
break;
}
case CKM_AES_CBC_PAD:
*** 661,673 ****
if (soft_aes_ctx->remain_len != AES_BLOCK_LEN) {
*pulLastPartLen = 0;
rv = CKR_ENCRYPTED_DATA_LEN_RANGE;
/* Cleanup memory space. */
free(soft_aes_ctx->aes_cbc);
! bzero(soft_aes_ctx->key_sched,
soft_aes_ctx->keysched_len);
- free(soft_aes_ctx->key_sched);
goto clean1;
}
out_len = AES_BLOCK_LEN;
--- 661,672 ----
if (soft_aes_ctx->remain_len != AES_BLOCK_LEN) {
*pulLastPartLen = 0;
rv = CKR_ENCRYPTED_DATA_LEN_RANGE;
/* Cleanup memory space. */
free(soft_aes_ctx->aes_cbc);
! freezero(soft_aes_ctx->key_sched,
soft_aes_ctx->keysched_len);
goto clean1;
}
out_len = AES_BLOCK_LEN;
*** 715,727 ****
rv = CKR_FUNCTION_FAILED;
}
/* Cleanup memory space. */
free(soft_aes_ctx->aes_cbc);
! bzero(soft_aes_ctx->key_sched,
soft_aes_ctx->keysched_len);
- free(soft_aes_ctx->key_sched);
}
break;
}
--- 714,725 ----
rv = CKR_FUNCTION_FAILED;
}
/* Cleanup memory space. */
free(soft_aes_ctx->aes_cbc);
! freezero(soft_aes_ctx->key_sched,
soft_aes_ctx->keysched_len);
}
break;
}
*** 745,756 ****
goto clean2;
}
/* Cleanup memory space. */
free(soft_aes_ctx->aes_cbc);
! bzero(soft_aes_ctx->key_sched, soft_aes_ctx->keysched_len);
! free(soft_aes_ctx->key_sched);
break;
}
case CKM_AES_CTR:
{
--- 743,754 ----
goto clean2;
}
/* Cleanup memory space. */
free(soft_aes_ctx->aes_cbc);
! freezero(soft_aes_ctx->key_sched,
! soft_aes_ctx->keysched_len);
break;
}
case CKM_AES_CTR:
{
*** 782,793 ****
goto clean1;
}
/* Cleanup memory space. */
free(ctr_ctx);
! bzero(soft_aes_ctx->key_sched, soft_aes_ctx->keysched_len);
! free(soft_aes_ctx->key_sched);
break;
}
case CKM_BLOWFISH_CBC:
{
--- 780,791 ----
goto clean1;
}
/* Cleanup memory space. */
free(ctr_ctx);
! freezero(soft_aes_ctx->key_sched,
! soft_aes_ctx->keysched_len);
break;
}
case CKM_BLOWFISH_CBC:
{
*** 803,823 ****
if (pLastPart == NULL)
goto clean2;
}
free(soft_blowfish_ctx->blowfish_cbc);
! bzero(soft_blowfish_ctx->key_sched,
soft_blowfish_ctx->keysched_len);
- free(soft_blowfish_ctx->key_sched);
break;
}
case CKM_RC4:
{
ARCFour_key *key = (ARCFour_key *)session_p->decrypt.context;
! bzero(key, sizeof (*key));
*pulLastPartLen = 0;
break;
}
default:
--- 801,820 ----
if (pLastPart == NULL)
goto clean2;
}
free(soft_blowfish_ctx->blowfish_cbc);
! freezero(soft_blowfish_ctx->key_sched,
soft_blowfish_ctx->keysched_len);
break;
}
case CKM_RC4:
{
ARCFour_key *key = (ARCFour_key *)session_p->decrypt.context;
! explicit_bzero(key, sizeof (*key));
*pulLastPartLen = 0;
break;
}
default: