Print this page
9642 PKCS#11 softtoken should use explicit_bzero
Reviewed by: Dan McDonald <danmcd@joyent.com>
Reviewed by: Alex Wilson <alex.wilson@joyent.com>
*** 18,27 ****
--- 18,28 ----
*
* CDDL HEADER END
*/
/*
* Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright 2018, Joyent, Inc.
*/
#include <crypt.h>
#include <cryptoutil.h>
#include <pwd.h>
*** 96,107 ****
return (-1);
}
}
if ((*result = crypt((char *)pPin, *salt)) == NULL) {
! if (new_salt)
! free(*salt);
return (-1);
}
return (0);
}
--- 97,111 ----
return (-1);
}
}
if ((*result = crypt((char *)pPin, *salt)) == NULL) {
! if (new_salt) {
! size_t saltlen = strlen(*salt) + 1;
!
! freezero(*salt, saltlen);
! }
return (-1);
}
return (0);
}
*** 117,126 ****
--- 121,131 ----
char *ks_cryptpin = NULL;
char *salt = NULL;
uchar_t *tmp_pin = NULL;
boolean_t pin_initialized = B_FALSE;
CK_RV rv = CKR_OK;
+ size_t len = 0;
/*
* Check to see if keystore is initialized.
*/
rv = soft_keystore_pin_initialized(&pin_initialized, &ks_cryptpin,
*** 187,203 ****
soft_slot.userpin_change_needed = 1;
rv = CKR_OK;
}
cleanup:
! if (salt)
! free(salt);
! if (tmp_pin)
! free(tmp_pin);
! if (ks_cryptpin)
! free(ks_cryptpin);
!
return (rv);
}
/*
* The second level C_SetPIN function.
--- 192,213 ----
soft_slot.userpin_change_needed = 1;
rv = CKR_OK;
}
cleanup:
! if (salt) {
! len = strlen(salt) + 1;
! freezero(salt, len);
! }
! if (tmp_pin) {
! len = strlen((char *)tmp_pin) + 1;
! freezero(tmp_pin, len);
! }
! if (ks_cryptpin) {
! len = strlen(ks_cryptpin) + 1;
! freezero(ks_cryptpin, len);
! }
return (rv);
}
/*
* The second level C_SetPIN function.
*** 211,220 ****
--- 221,231 ----
char *ks_cryptpin = NULL;
char *salt = NULL;
boolean_t pin_initialized = B_FALSE;
uchar_t *tmp_old_pin = NULL, *tmp_new_pin = NULL;
CK_RV rv = CKR_OK;
+ size_t len = 0;
/*
* Check to see if keystore is initialized.
*/
rv = soft_keystore_pin_initialized(&pin_initialized, &ks_cryptpin,
*** 288,305 ****
(void) pthread_mutex_unlock(&soft_giant_mutex);
rv = CKR_OK;
}
cleanup:
! if (salt)
! free(salt);
! if (ks_cryptpin)
! free(ks_cryptpin);
! if (tmp_old_pin)
! free(tmp_old_pin);
! if (tmp_new_pin)
! free(tmp_new_pin);
return (rv);
}
/*
--- 299,324 ----
(void) pthread_mutex_unlock(&soft_giant_mutex);
rv = CKR_OK;
}
cleanup:
! if (salt) {
! len = strlen(salt) + 1;
! freezero(salt, len);
! }
! if (ks_cryptpin) {
! len = strlen(ks_cryptpin) + 1;
! freezero(ks_cryptpin, len);
! }
! if (tmp_old_pin) {
! len = strlen((char *)tmp_old_pin) + 1;
! freezero(tmp_old_pin, len);
! }
! if (tmp_new_pin) {
! len = strlen((char *)tmp_new_pin) + 1;
! freezero(tmp_new_pin, len);
! }
return (rv);
}
/*
*** 473,485 ****
(void) memcpy(template.pValue, buf,
template.ulValueLen);
}
rv = soft_add_extra_attr(&template, obj);
! if (template.pValue) {
! free(template.pValue);
! }
if (rv != CKR_OK) {
return (rv);
}
--- 492,502 ----
(void) memcpy(template.pValue, buf,
template.ulValueLen);
}
rv = soft_add_extra_attr(&template, obj);
! freezero(template.pValue, template.ulValueLen);
if (rv != CKR_OK) {
return (rv);
}
*** 541,551 ****
rv = get_cert_attr_from_template(cert_dest, &template);
} else {
rv = get_bigint_attr_from_template(key_dest, &template);
}
! free(template.pValue);
if (rv != CKR_OK) {
return (rv);
}
*offset = sizeof (uint64_t) + template.ulValueLen;
--- 558,568 ----
rv = get_cert_attr_from_template(cert_dest, &template);
} else {
rv = get_bigint_attr_from_template(key_dest, &template);
}
! freezero(template.pValue, template.ulValueLen);
if (rv != CKR_OK) {
return (rv);
}
*offset = sizeof (uint64_t) + template.ulValueLen;
*** 1855,1883 ****
rv = soft_keystore_pack_obj(objp, &buf, &len);
if (rv != CKR_OK)
return (rv);
(void) pthread_mutex_lock(&soft_slot.slot_mutex);
! if (objp->object_type == TOKEN_PUBLIC) {
! if ((soft_keystore_put_new_obj(buf, len, B_TRUE,
! B_FALSE, &objp->ks_handle)) == -1) {
! (void) pthread_mutex_unlock(&soft_slot.slot_mutex);
! free(buf);
! return (CKR_FUNCTION_FAILED);
}
- } else {
- if ((soft_keystore_put_new_obj(buf, len, B_FALSE,
- B_FALSE, &objp->ks_handle)) == -1) {
(void) pthread_mutex_unlock(&soft_slot.slot_mutex);
- free(buf);
- return (CKR_FUNCTION_FAILED);
- }
- }
- (void) pthread_mutex_unlock(&soft_slot.slot_mutex);
- free(buf);
- return (CKR_OK);
}
/*
* Modify the in-core token object and then write it to
* a keystore file.
--- 1872,1890 ----
rv = soft_keystore_pack_obj(objp, &buf, &len);
if (rv != CKR_OK)
return (rv);
(void) pthread_mutex_lock(&soft_slot.slot_mutex);
! if (soft_keystore_put_new_obj(buf, len,
! !!(objp->object_type == TOKEN_PUBLIC), B_FALSE,
! &objp->ks_handle) == -1) {
! rv = CKR_FUNCTION_FAILED;
}
(void) pthread_mutex_unlock(&soft_slot.slot_mutex);
+ freezero(buf, len);
+ return (rv);
}
/*
* Modify the in-core token object and then write it to
* a keystore file.
*** 1895,1909 ****
return (rv);
/* B_TRUE: caller has held a writelock on the keystore */
if (soft_keystore_modify_obj(&objp->ks_handle, buf, len,
B_TRUE) < 0) {
! return (CKR_FUNCTION_FAILED);
}
! free(buf);
! return (CKR_OK);
}
/*
* Read the token object from the keystore file.
--- 1902,1916 ----
return (rv);
/* B_TRUE: caller has held a writelock on the keystore */
if (soft_keystore_modify_obj(&objp->ks_handle, buf, len,
B_TRUE) < 0) {
! rv = CKR_FUNCTION_FAILED;
}
! freezero(buf, len);
! return (rv);
}
/*
* Read the token object from the keystore file.
*** 1940,1961 ****
soft_add_token_object_to_slot(new_objp);
/* Free the ks_obj list */
ks_obj_next = ks_obj->next;
! if (ks_obj->buf)
! free(ks_obj->buf);
free(ks_obj);
ks_obj = ks_obj_next;
}
return (CKR_OK);
cleanup:
while (ks_obj) {
ks_obj_next = ks_obj->next;
! free(ks_obj->buf);
free(ks_obj);
ks_obj = ks_obj_next;
}
return (rv);
}
--- 1947,1967 ----
soft_add_token_object_to_slot(new_objp);
/* Free the ks_obj list */
ks_obj_next = ks_obj->next;
! freezero(ks_obj->buf, ks_obj->size);
free(ks_obj);
ks_obj = ks_obj_next;
}
return (CKR_OK);
cleanup:
while (ks_obj) {
ks_obj_next = ks_obj->next;
! freezero(ks_obj->buf, ks_obj->size);
free(ks_obj);
ks_obj = ks_obj_next;
}
return (rv);
}
*** 2302,2314 ****
soft_aes_ctx->aes_cbc = (void *)aes_cbc_ctx_init(
soft_aes_ctx->key_sched, soft_aes_ctx->keysched_len,
soft_aes_ctx->ivec);
if (soft_aes_ctx->aes_cbc == NULL) {
! bzero(soft_aes_ctx->key_sched,
soft_aes_ctx->keysched_len);
- free(soft_aes_ctx->key_sched);
if (encrypt) {
free(token_session.encrypt.context);
token_session.encrypt.context = NULL;
} else {
free(token_session.encrypt.context);
--- 2308,2319 ----
soft_aes_ctx->aes_cbc = (void *)aes_cbc_ctx_init(
soft_aes_ctx->key_sched, soft_aes_ctx->keysched_len,
soft_aes_ctx->ivec);
if (soft_aes_ctx->aes_cbc == NULL) {
! freezero(soft_aes_ctx->key_sched,
soft_aes_ctx->keysched_len);
if (encrypt) {
free(token_session.encrypt.context);
token_session.encrypt.context = NULL;
} else {
free(token_session.encrypt.context);