Print this page
9642 PKCS#11 softtoken should use explicit_bzero
Reviewed by: Dan McDonald <danmcd@joyent.com>
Reviewed by: Alex Wilson <alex.wilson@joyent.com>
*** 20,29 ****
--- 20,30 ----
*/
/*
* Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
* Copyright 2015 Nexenta Systems, Inc. All rights reserved.
+ * Copyright (c) 2018, Joyent, Inc.
*/
#include <pthread.h>
#include <stdlib.h>
#include <string.h>
*** 173,186 ****
soft_des_ctx->des_cbc = (void *)des_cbc_ctx_init(
soft_des_ctx->key_sched, soft_des_ctx->keysched_len,
soft_des_ctx->ivec, key_p->key_type);
if (soft_des_ctx->des_cbc == NULL) {
! bzero(soft_des_ctx->key_sched,
soft_des_ctx->keysched_len);
! free(soft_des_ctx->key_sched);
! free(session_p->encrypt.context);
session_p->encrypt.context = NULL;
rv = CKR_HOST_MEMORY;
}
(void) pthread_mutex_unlock(&session_p->session_mutex);
--- 174,187 ----
soft_des_ctx->des_cbc = (void *)des_cbc_ctx_init(
soft_des_ctx->key_sched, soft_des_ctx->keysched_len,
soft_des_ctx->ivec, key_p->key_type);
if (soft_des_ctx->des_cbc == NULL) {
! freezero(soft_des_ctx->key_sched,
soft_des_ctx->keysched_len);
! freezero(session_p->encrypt.context,
! sizeof (soft_des_ctx_t));
session_p->encrypt.context = NULL;
rv = CKR_HOST_MEMORY;
}
(void) pthread_mutex_unlock(&session_p->session_mutex);
*** 237,250 ****
soft_aes_ctx->key_sched,
soft_aes_ctx->keysched_len,
soft_aes_ctx->ivec);
}
if (soft_aes_ctx->aes_cbc == NULL) {
! bzero(soft_aes_ctx->key_sched,
soft_aes_ctx->keysched_len);
! free(soft_aes_ctx->key_sched);
! free(session_p->encrypt.context);
session_p->encrypt.context = NULL;
rv = CKR_HOST_MEMORY;
}
(void) pthread_mutex_unlock(&session_p->session_mutex);
--- 238,251 ----
soft_aes_ctx->key_sched,
soft_aes_ctx->keysched_len,
soft_aes_ctx->ivec);
}
if (soft_aes_ctx->aes_cbc == NULL) {
! freezero(soft_aes_ctx->key_sched,
soft_aes_ctx->keysched_len);
! freezero(session_p->encrypt.context,
! sizeof (soft_aes_ctx_t));
session_p->encrypt.context = NULL;
rv = CKR_HOST_MEMORY;
}
(void) pthread_mutex_unlock(&session_p->session_mutex);
*** 276,289 ****
soft_aes_ctx->aes_cbc = aes_ctr_ctx_init(
soft_aes_ctx->key_sched, soft_aes_ctx->keysched_len,
pMechanism->pParameter);
if (soft_aes_ctx->aes_cbc == NULL) {
! bzero(soft_aes_ctx->key_sched,
soft_aes_ctx->keysched_len);
! free(soft_aes_ctx->key_sched);
! free(session_p->encrypt.context);
session_p->encrypt.context = NULL;
rv = CKR_HOST_MEMORY;
}
(void) pthread_mutex_unlock(&session_p->session_mutex);
--- 277,290 ----
soft_aes_ctx->aes_cbc = aes_ctr_ctx_init(
soft_aes_ctx->key_sched, soft_aes_ctx->keysched_len,
pMechanism->pParameter);
if (soft_aes_ctx->aes_cbc == NULL) {
! freezero(soft_aes_ctx->key_sched,
soft_aes_ctx->keysched_len);
! freezero(session_p->encrypt.context,
! sizeof (soft_aes_ctx_t));
session_p->encrypt.context = NULL;
rv = CKR_HOST_MEMORY;
}
(void) pthread_mutex_unlock(&session_p->session_mutex);
*** 339,352 ****
(void *)blowfish_cbc_ctx_init(soft_blowfish_ctx->key_sched,
soft_blowfish_ctx->keysched_len,
soft_blowfish_ctx->ivec);
if (soft_blowfish_ctx->blowfish_cbc == NULL) {
! bzero(soft_blowfish_ctx->key_sched,
soft_blowfish_ctx->keysched_len);
! free(soft_blowfish_ctx->key_sched);
! free(session_p->encrypt.context);
session_p->encrypt.context = NULL;
rv = CKR_HOST_MEMORY;
}
(void) pthread_mutex_unlock(&session_p->session_mutex);
--- 340,353 ----
(void *)blowfish_cbc_ctx_init(soft_blowfish_ctx->key_sched,
soft_blowfish_ctx->keysched_len,
soft_blowfish_ctx->ivec);
if (soft_blowfish_ctx->blowfish_cbc == NULL) {
! freezero(soft_blowfish_ctx->key_sched,
soft_blowfish_ctx->keysched_len);
! freezero(session_p->encrypt.context,
! sizeof (soft_blowfish_ctx_t));
session_p->encrypt.context = NULL;
rv = CKR_HOST_MEMORY;
}
(void) pthread_mutex_unlock(&session_p->session_mutex);
*** 626,638 ****
rv = CKR_FUNCTION_FAILED;
}
/* Cleanup memory space. */
free(soft_des_ctx->des_cbc);
! bzero(soft_des_ctx->key_sched,
soft_des_ctx->keysched_len);
- free(soft_des_ctx->key_sched);
}
break;
}
case CKM_DES_CBC:
--- 627,638 ----
rv = CKR_FUNCTION_FAILED;
}
/* Cleanup memory space. */
free(soft_des_ctx->des_cbc);
! freezero(soft_des_ctx->key_sched,
soft_des_ctx->keysched_len);
}
break;
}
case CKM_DES_CBC:
*** 657,668 ****
goto clean1;
}
/* Cleanup memory space. */
free(soft_des_ctx->des_cbc);
! bzero(soft_des_ctx->key_sched, soft_des_ctx->keysched_len);
! free(soft_des_ctx->key_sched);
break;
}
case CKM_AES_CBC_PAD:
{
--- 657,668 ----
goto clean1;
}
/* Cleanup memory space. */
free(soft_des_ctx->des_cbc);
! freezero(soft_des_ctx->key_sched,
! soft_des_ctx->keysched_len);
break;
}
case CKM_AES_CBC_PAD:
{
*** 721,733 ****
rv = CKR_FUNCTION_FAILED;
}
/* Cleanup memory space. */
free(soft_aes_ctx->aes_cbc);
! bzero(soft_aes_ctx->key_sched,
soft_aes_ctx->keysched_len);
- free(soft_aes_ctx->key_sched);
}
break;
}
case CKM_AES_CMAC:
--- 721,732 ----
rv = CKR_FUNCTION_FAILED;
}
/* Cleanup memory space. */
free(soft_aes_ctx->aes_cbc);
! freezero(soft_aes_ctx->key_sched,
soft_aes_ctx->keysched_len);
}
break;
}
case CKM_AES_CMAC:
*** 761,773 ****
rv = CKR_FUNCTION_FAILED;
}
/* Cleanup memory space. */
free(soft_aes_ctx->aes_cbc);
! bzero(soft_aes_ctx->key_sched,
soft_aes_ctx->keysched_len);
- free(soft_aes_ctx->key_sched);
}
break;
}
case CKM_AES_CBC:
--- 760,771 ----
rv = CKR_FUNCTION_FAILED;
}
/* Cleanup memory space. */
free(soft_aes_ctx->aes_cbc);
! freezero(soft_aes_ctx->key_sched,
soft_aes_ctx->keysched_len);
}
break;
}
case CKM_AES_CBC:
*** 789,800 ****
goto clean1;
}
/* Cleanup memory space. */
free(soft_aes_ctx->aes_cbc);
! bzero(soft_aes_ctx->key_sched, soft_aes_ctx->keysched_len);
! free(soft_aes_ctx->key_sched);
break;
}
case CKM_AES_CTR:
{
--- 787,798 ----
goto clean1;
}
/* Cleanup memory space. */
free(soft_aes_ctx->aes_cbc);
! freezero(soft_aes_ctx->key_sched,
! soft_aes_ctx->keysched_len);
break;
}
case CKM_AES_CTR:
{
*** 825,836 ****
goto clean1;
}
/* Cleanup memory space. */
free(ctr_ctx);
! bzero(soft_aes_ctx->key_sched, soft_aes_ctx->keysched_len);
! free(soft_aes_ctx->key_sched);
break;
}
case CKM_BLOWFISH_CBC:
{
--- 823,834 ----
goto clean1;
}
/* Cleanup memory space. */
free(ctr_ctx);
! freezero(soft_aes_ctx->key_sched,
! soft_aes_ctx->keysched_len);
break;
}
case CKM_BLOWFISH_CBC:
{
*** 850,862 ****
if (pLastEncryptedPart == NULL)
goto clean1;
}
free(soft_blowfish_ctx->blowfish_cbc);
! bzero(soft_blowfish_ctx->key_sched,
soft_blowfish_ctx->keysched_len);
- free(soft_blowfish_ctx->key_sched);
break;
}
case CKM_RC4:
{
--- 848,859 ----
if (pLastEncryptedPart == NULL)
goto clean1;
}
free(soft_blowfish_ctx->blowfish_cbc);
! freezero(soft_blowfish_ctx->key_sched,
soft_blowfish_ctx->keysched_len);
break;
}
case CKM_RC4:
{
*** 863,873 ****
ARCFour_key *key = (ARCFour_key *)session_p->encrypt.context;
/* Remaining data size is always zero for RC4. */
*pulLastEncryptedPartLen = 0;
if (pLastEncryptedPart == NULL)
goto clean1;
! bzero(key, sizeof (*key));
break;
}
default:
/* PKCS11: The mechanism only supports single-part operation. */
rv = CKR_MECHANISM_INVALID;
--- 860,870 ----
ARCFour_key *key = (ARCFour_key *)session_p->encrypt.context;
/* Remaining data size is always zero for RC4. */
*pulLastEncryptedPartLen = 0;
if (pLastEncryptedPart == NULL)
goto clean1;
! explicit_bzero(key, sizeof (*key));
break;
}
default:
/* PKCS11: The mechanism only supports single-part operation. */
rv = CKR_MECHANISM_INVALID;
*** 919,935 ****
des_ctx_t *des_ctx;
if (soft_des_ctx != NULL) {
des_ctx = (des_ctx_t *)soft_des_ctx->des_cbc;
if (des_ctx != NULL) {
! bzero(des_ctx->dc_keysched,
des_ctx->dc_keysched_len);
free(soft_des_ctx->des_cbc);
}
! bzero(soft_des_ctx->key_sched,
soft_des_ctx->keysched_len);
- free(soft_des_ctx->key_sched);
}
break;
}
case CKM_AES_CBC_PAD:
--- 916,931 ----
des_ctx_t *des_ctx;
if (soft_des_ctx != NULL) {
des_ctx = (des_ctx_t *)soft_des_ctx->des_cbc;
if (des_ctx != NULL) {
! explicit_bzero(des_ctx->dc_keysched,
des_ctx->dc_keysched_len);
free(soft_des_ctx->des_cbc);
}
! freezero(soft_des_ctx->key_sched,
soft_des_ctx->keysched_len);
}
break;
}
case CKM_AES_CBC_PAD:
*** 942,958 ****
aes_ctx_t *aes_ctx;
if (soft_aes_ctx != NULL) {
aes_ctx = (aes_ctx_t *)soft_aes_ctx->aes_cbc;
if (aes_ctx != NULL) {
! bzero(aes_ctx->ac_keysched,
aes_ctx->ac_keysched_len);
free(soft_aes_ctx->aes_cbc);
}
! bzero(soft_aes_ctx->key_sched,
soft_aes_ctx->keysched_len);
- free(soft_aes_ctx->key_sched);
}
break;
}
case CKM_BLOWFISH_CBC:
--- 938,953 ----
aes_ctx_t *aes_ctx;
if (soft_aes_ctx != NULL) {
aes_ctx = (aes_ctx_t *)soft_aes_ctx->aes_cbc;
if (aes_ctx != NULL) {
! explicit_bzero(aes_ctx->ac_keysched,
aes_ctx->ac_keysched_len);
free(soft_aes_ctx->aes_cbc);
}
! freezero(soft_aes_ctx->key_sched,
soft_aes_ctx->keysched_len);
}
break;
}
case CKM_BLOWFISH_CBC:
*** 963,990 ****
if (soft_blowfish_ctx != NULL) {
blowfish_ctx =
(blowfish_ctx_t *)soft_blowfish_ctx->blowfish_cbc;
if (blowfish_ctx != NULL) {
! bzero(blowfish_ctx->bc_keysched,
blowfish_ctx->bc_keysched_len);
free(soft_blowfish_ctx->blowfish_cbc);
}
! bzero(soft_blowfish_ctx->key_sched,
soft_blowfish_ctx->keysched_len);
- free(soft_blowfish_ctx->key_sched);
}
break;
}
case CKM_RC4:
{
ARCFour_key *key = (ARCFour_key *)active_op->context;
if (key != NULL)
! bzero(key, sizeof (*key));
break;
}
case CKM_RSA_X_509:
case CKM_RSA_PKCS:
--- 958,984 ----
if (soft_blowfish_ctx != NULL) {
blowfish_ctx =
(blowfish_ctx_t *)soft_blowfish_ctx->blowfish_cbc;
if (blowfish_ctx != NULL) {
! explicit_bzero(blowfish_ctx->bc_keysched,
blowfish_ctx->bc_keysched_len);
free(soft_blowfish_ctx->blowfish_cbc);
}
! freezero(soft_blowfish_ctx->key_sched,
soft_blowfish_ctx->keysched_len);
}
break;
}
case CKM_RC4:
{
ARCFour_key *key = (ARCFour_key *)active_op->context;
if (key != NULL)
! explicit_bzero(key, sizeof (*key));
break;
}
case CKM_RSA_X_509:
case CKM_RSA_PKCS: