[illumos-gate merge]

commit a8793c7605e0b82f2725537adafca6127cdbd6ce 9642 PKCS#11 softtoken should use explicit_bzero
author: Jerry Jelinek <jerry.jelinek@joyent.com> 2018-08-02 12:21:51 +0000
committer: Jerry Jelinek <jerry.jelinek@joyent.com> 2018-08-02 12:21:51 +0000
commit: 5ea2876c4c5ed6cd7890ab3ee48d6e0522b67e6d (patch)
tree: c3827d8408db5b8b73ec4c7d6f24ffe7a0d4cdd1 /usr/src
parent: 14aa584f6d005b787b096ab219055f12a41469bd (diff)
parent: a8793c7605e0b82f2725537adafca6127cdbd6ce (diff)
download: illumos-joyent-5ea2876c4c5ed6cd7890ab3ee48d6e0522b67e6d.tar.gz
15 files changed, 111 insertions, 111 deletions
diff --git a/usr/src/lib/pkcs11/libpkcs11/common/metaAttrManager.c b/usr/src/lib/pkcs11/libpkcs11/common/metaAttrManager.c
index 1b1aadff25..94d9733f9f 100644
--- a/usr/src/lib/pkcs11/libpkcs11/common/metaAttrManager.c
+++ b/usr/src/lib/pkcs11/libpkcs11/common/metaAttrManager.c
@@ -33,7 +33,7 @@
 
 static void
 find_attribute(CK_ATTRIBUTE_TYPE attrtype, generic_attr_t *attributes,
-	size_t num_attributes, generic_attr_t **found_attribute);
+    size_t num_attributes, generic_attr_t **found_attribute);
 
 /*
  * get_master_attributes_by_object
@@ -381,7 +381,7 @@ get_master_template_by_type(CK_OBJECT_CLASS class, CK_ULONG subtype,
  */
 CK_RV
 get_master_attributes_by_type(CK_OBJECT_CLASS class, CK_ULONG subtype,
-	generic_attr_t **attributes, size_t *num_attributes)
+    generic_attr_t **attributes, size_t *num_attributes)
 {
 	CK_RV rv;
 	generic_attr_t *master_template = NULL;
@@ -546,7 +546,7 @@ dealloc_attributes(generic_attr_t *attributes, size_t num_attributes)
  */
 CK_RV
 attribute_set_value(CK_ATTRIBUTE *new_attr,
-	generic_attr_t *attributes, size_t num_attributes)
+    generic_attr_t *attributes, size_t num_attributes)
 {
 	generic_attr_t *attr = NULL;
 
@@ -620,7 +620,7 @@ attribute_set_value(CK_ATTRIBUTE *new_attr,
  */
 static void
 find_attribute(CK_ATTRIBUTE_TYPE attrtype, generic_attr_t *attributes,
-	size_t num_attributes, generic_attr_t **found_attribute)
+    size_t num_attributes, generic_attr_t **found_attribute)
 {
 	generic_attr_t *attr;
 	boolean_t found = B_FALSE;
@@ -646,7 +646,7 @@ find_attribute(CK_ATTRIBUTE_TYPE attrtype, generic_attr_t *attributes,
  */
 boolean_t
 get_template_ulong(CK_ATTRIBUTE_TYPE type, CK_ATTRIBUTE *attributes,
-	CK_ULONG num_attributes, CK_ULONG *result)
+    CK_ULONG num_attributes, CK_ULONG *result)
 {
 	boolean_t found = B_FALSE;
 	CK_ULONG i;
@@ -673,7 +673,7 @@ get_template_ulong(CK_ATTRIBUTE_TYPE type, CK_ATTRIBUTE *attributes,
  */
 boolean_t
 get_template_boolean(CK_ATTRIBUTE_TYPE type, CK_ATTRIBUTE *attributes,
-	CK_ULONG num_attributes, boolean_t *result)
+    CK_ULONG num_attributes, boolean_t *result)
 {
 	boolean_t found = B_FALSE;
 	CK_ULONG i;
@@ -710,7 +710,7 @@ get_template_boolean(CK_ATTRIBUTE_TYPE type, CK_ATTRIBUTE *attributes,
  */
 int
 set_template_boolean(CK_ATTRIBUTE_TYPE type, CK_ATTRIBUTE *attributes,
-	CK_ULONG num_attributes, boolean_t local, CK_BBOOL *value)
+    CK_ULONG num_attributes, boolean_t local, CK_BBOOL *value)
 {
 	int i;
 
diff --git a/usr/src/lib/pkcs11/libpkcs11/common/metaObjectManager.c b/usr/src/lib/pkcs11/libpkcs11/common/metaObjectManager.c
index cb1b813097..45dfb8c45f 100644
--- a/usr/src/lib/pkcs11/libpkcs11/common/metaObjectManager.c
+++ b/usr/src/lib/pkcs11/libpkcs11/common/metaObjectManager.c
@@ -619,7 +619,8 @@ meta_object_dealloc(meta_session_t *session, meta_object_t *object,
  * meta_slot_object_alloc
  */
 CK_RV
-meta_slot_object_alloc(slot_object_t **object) {
+meta_slot_object_alloc(slot_object_t **object)
+{
 	slot_object_t *new_object;
 
 	new_object = calloc(1, sizeof (slot_object_t));
@@ -636,7 +637,7 @@ meta_slot_object_alloc(slot_object_t **object) {
  */
 void
 meta_slot_object_activate(slot_object_t *object,
-	slot_session_t *creator_session, boolean_t isToken)
+    slot_session_t *creator_session, boolean_t isToken)
 {
 	object->creator_session = creator_session;
 
@@ -1023,8 +1024,8 @@ clone_by_create(meta_object_t *object, slot_object_t *new_clone,
  */
 static CK_RV
 find_best_match_wrap_mech(wrap_info_t *wrap_info, int num_info,
-	CK_ULONG src_slotnum, CK_ULONG dst_slotnum, int *first_both_mech,
-	int *first_src_mech)
+    CK_ULONG src_slotnum, CK_ULONG dst_slotnum, int *first_both_mech,
+    int *first_src_mech)
 {
 
 	int i;
@@ -1516,8 +1517,7 @@ finish:
  */
 CK_RV
 meta_object_get_clone(meta_object_t *object,
-	CK_ULONG slot_num, slot_session_t *slot_session,
-	slot_object_t **clone)
+    CK_ULONG slot_num, slot_session_t *slot_session, slot_object_t **clone)
 {
 	CK_RV rv = CKR_OK;
 	slot_object_t *newclone = NULL;
diff --git a/usr/src/lib/pkcs11/pkcs11_kernel/common/kernelKeys.c b/usr/src/lib/pkcs11/pkcs11_kernel/common/kernelKeys.c
index 52de5fc359..1e35f0f5b4 100644
--- a/usr/src/lib/pkcs11/pkcs11_kernel/common/kernelKeys.c
+++ b/usr/src/lib/pkcs11/pkcs11_kernel/common/kernelKeys.c
@@ -1752,7 +1752,7 @@ C_UnwrapKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
 	CK_MECHANISM_INFO	info;
 	uint32_t		k_mi_flags;
 	CK_BYTE			*clear_key_val = NULL;
-	CK_ULONG 		ulDataLen;
+	CK_ULONG		ulDataLen;
 	CK_ATTRIBUTE_PTR	newTemplate = NULL;
 	crypto_mech_type_t	k_mech_type;
 	crypto_object_unwrap_key_t obj_unwrapkey;
diff --git a/usr/src/lib/pkcs11/pkcs11_kernel/common/kernelObjectUtil.c b/usr/src/lib/pkcs11/pkcs11_kernel/common/kernelObjectUtil.c
index a9c54adbcd..a10380d3bf 100644
--- a/usr/src/lib/pkcs11/pkcs11_kernel/common/kernelObjectUtil.c
+++ b/usr/src/lib/pkcs11/pkcs11_kernel/common/kernelObjectUtil.c
@@ -206,7 +206,7 @@ kernel_merge_object(kernel_object_t *old_object, kernel_object_t *new_object)
  */
 CK_RV
 kernel_add_object(CK_ATTRIBUTE_PTR pTemplate,  CK_ULONG ulCount,
-	CK_ULONG *objecthandle_p, kernel_session_t *sp)
+    CK_ULONG *objecthandle_p, kernel_session_t *sp)
 {
 	CK_RV rv = CKR_OK;
 	kernel_object_t *new_objp = NULL;
diff --git a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softASN1.c b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softASN1.c
index 5fe9105383..7fb3c7a6a4 100644
--- a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softASN1.c
+++ b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softASN1.c
@@ -50,7 +50,7 @@ static uchar_t	DH942_OID[] = {
 	0x2A, 0x86, 0x48, 0xCE, 0x3E, 0x01
 };
 
-#define	MAX_DSA_KEY	MAX_DSA_KEY_LEN 	/* bytes in DSA key */
+#define	MAX_DSA_KEY	MAX_DSA_KEY_LEN		/* bytes in DSA key */
 static uchar_t	DSA_OID[] = {
 	/* DSA algorithm OID:  1 . 2 . 840 . 10040 . 4 . 1  */
 	0x2A, 0x86, 0x48, 0xCE, 0x38, 0x04, 0x01
diff --git a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softAttributeUtil.c b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softAttributeUtil.c
index f015b4999f..7c81043e43 100644
--- a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softAttributeUtil.c
+++ b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softAttributeUtil.c
@@ -264,7 +264,7 @@ soft_lookup_attr(CK_ATTRIBUTE_TYPE type)
  */
 CK_RV
 soft_validate_attr(CK_ATTRIBUTE_PTR template, CK_ULONG ulAttrNum,
-	CK_OBJECT_CLASS *class)
+    CK_OBJECT_CLASS *class)
 {
 
 	CK_ULONG i;
@@ -487,7 +487,7 @@ soft_add_extra_attr(CK_ATTRIBUTE_PTR template, soft_object_t *object_p)
 
 CK_RV
 soft_copy_certificate(certificate_obj_t *oldcert, certificate_obj_t **newcert,
-		CK_CERTIFICATE_TYPE type)
+    CK_CERTIFICATE_TYPE type)
 {
 	CK_RV rv = CKR_OK;
 	certificate_obj_t	*cert;
@@ -641,7 +641,7 @@ get_extra_attr_from_object(soft_object_t *object_p, CK_ATTRIBUTE_PTR template)
  */
 CK_RV
 set_extra_attr_to_object(soft_object_t *object_p, CK_ATTRIBUTE_TYPE type,
-	CK_ATTRIBUTE_PTR template)
+    CK_ATTRIBUTE_PTR template)
 {
 
 	CK_ATTRIBUTE_INFO_PTR extra_attr;
@@ -767,7 +767,7 @@ get_bigint_attr_from_object(biginteger_t *big, CK_ATTRIBUTE_PTR template)
  */
 CK_RV
 get_bool_attr_from_object(soft_object_t *object_p, CK_ULONG bool_flag,
-	CK_ATTRIBUTE_PTR template)
+    CK_ATTRIBUTE_PTR template)
 {
 
 	if (template->pValue == NULL) {
@@ -803,7 +803,7 @@ get_bool_attr_from_object(soft_object_t *object_p, CK_ULONG bool_flag,
  */
 CK_RV
 set_bool_attr_to_object(soft_object_t *object_p, CK_ULONG bool_flag,
-	CK_ATTRIBUTE_PTR template)
+    CK_ATTRIBUTE_PTR template)
 {
 
 	if (*(CK_BBOOL *)template->pValue)
@@ -1271,13 +1271,13 @@ soft_parse_common_attrs(CK_ATTRIBUTE_PTR template, uchar_t *object_type)
  */
 CK_RV
 soft_build_public_key_object(CK_ATTRIBUTE_PTR template, CK_ULONG ulAttrNum,
-	soft_object_t *new_object, CK_ULONG mode, CK_KEY_TYPE key_type)
+    soft_object_t *new_object, CK_ULONG mode, CK_KEY_TYPE key_type)
 {
 
 	ulong_t		i;
 	CK_KEY_TYPE	keytype = (CK_KEY_TYPE)~0UL;
 	uint64_t	attr_mask = PUBLIC_KEY_DEFAULT;
-	CK_RV 		rv = CKR_OK;
+	CK_RV		rv = CKR_OK;
 	int		isLabel = 0;
 	/* Must set flags */
 	int		isModulus = 0;
@@ -1837,12 +1837,12 @@ fail_cleanup:
  */
 CK_RV
 soft_build_private_key_object(CK_ATTRIBUTE_PTR template, CK_ULONG ulAttrNum,
-	soft_object_t *new_object, CK_ULONG mode, CK_KEY_TYPE key_type)
+    soft_object_t *new_object, CK_ULONG mode, CK_KEY_TYPE key_type)
 {
 	ulong_t		i;
 	CK_KEY_TYPE	keytype = (CK_KEY_TYPE)~0UL;
 	uint64_t	attr_mask = PRIVATE_KEY_DEFAULT;
-	CK_RV 		rv = CKR_OK;
+	CK_RV		rv = CKR_OK;
 	int		isLabel = 0;
 	int		isECParam = 0;
 	/* Must set flags unless mode == SOFT_UNWRAP_KEY */
@@ -2505,14 +2505,14 @@ fail_cleanup:
  */
 CK_RV
 soft_build_secret_key_object(CK_ATTRIBUTE_PTR template, CK_ULONG ulAttrNum,
-	soft_object_t *new_object, CK_ULONG mode, CK_ULONG key_len,
-	CK_KEY_TYPE key_type)
+    soft_object_t *new_object, CK_ULONG mode, CK_ULONG key_len,
+    CK_KEY_TYPE key_type)
 {
 
 	ulong_t		i;
 	CK_KEY_TYPE	keytype = (CK_KEY_TYPE)~0UL;
 	uint64_t	attr_mask = SECRET_KEY_DEFAULT;
-	CK_RV 		rv = CKR_OK;
+	CK_RV		rv = CKR_OK;
 	int		isLabel = 0;
 	/* Must set flags if mode != SOFT_UNWRAP_KEY, else must not set */
 	int		isValue = 0;
@@ -3160,12 +3160,12 @@ fail_cleanup:
  */
 CK_RV
 soft_build_domain_parameters_object(CK_ATTRIBUTE_PTR template,
-	CK_ULONG ulAttrNum, soft_object_t *new_object)
+    CK_ULONG ulAttrNum, soft_object_t *new_object)
 {
 
 	ulong_t		i;
 	CK_KEY_TYPE	keytype = (CK_KEY_TYPE)~0UL;
-	CK_RV 		rv = CKR_OK;
+	CK_RV		rv = CKR_OK;
 	int		isLabel = 0;
 	/* Must set flags */
 	int		isPrime = 0;
@@ -3386,11 +3386,11 @@ fail_cleanup:
  */
 static CK_RV
 soft_build_certificate_object(CK_ATTRIBUTE_PTR template,
-	CK_ULONG ulAttrNum, soft_object_t *new_object,
-	CK_CERTIFICATE_TYPE cert_type)
+    CK_ULONG ulAttrNum, soft_object_t *new_object,
+    CK_CERTIFICATE_TYPE cert_type)
 {
 	uint64_t	attr_mask = 0;
-	CK_RV 		rv = CKR_OK;
+	CK_RV		rv = CKR_OK;
 	CK_ULONG	i;
 	int		owner_set = 0;
 	int		value_set = 0;
@@ -3581,11 +3581,11 @@ fail_cleanup:
  */
 CK_RV
 soft_build_object(CK_ATTRIBUTE_PTR template, CK_ULONG ulAttrNum,
-	soft_object_t *new_object)
+    soft_object_t *new_object)
 {
 
 	CK_OBJECT_CLASS class = (CK_OBJECT_CLASS)~0UL;
-	CK_RV 		rv = CKR_OK;
+	CK_RV		rv = CKR_OK;
 
 	if (template == NULL) {
 		return (CKR_ARGUMENTS_BAD);
@@ -3649,11 +3649,11 @@ soft_build_object(CK_ATTRIBUTE_PTR template, CK_ULONG ulAttrNum,
  */
 CK_RV
 soft_build_key(CK_ATTRIBUTE_PTR template, CK_ULONG ulAttrNum,
-	soft_object_t *new_object, CK_OBJECT_CLASS class, CK_KEY_TYPE key_type,
-	CK_ULONG key_len, CK_ULONG mode)
+    soft_object_t *new_object, CK_OBJECT_CLASS class, CK_KEY_TYPE key_type,
+    CK_ULONG key_len, CK_ULONG mode)
 {
 
-	CK_RV 		rv = CKR_OK;
+	CK_RV		rv = CKR_OK;
 	CK_OBJECT_CLASS temp_class = (CK_OBJECT_CLASS)~0UL;
 
 	/* Validate the attribute type in the template. */
@@ -3852,7 +3852,7 @@ soft_get_common_key_attrs(soft_object_t *object_p, CK_ATTRIBUTE_PTR template)
  */
 CK_RV
 soft_get_public_key_attribute(soft_object_t *object_p,
-	CK_ATTRIBUTE_PTR template)
+    CK_ATTRIBUTE_PTR template)
 {
 
 	CK_RV		rv = CKR_OK;
@@ -4025,7 +4025,7 @@ soft_get_public_key_attribute(soft_object_t *object_p,
  */
 CK_RV
 soft_get_private_key_attribute(soft_object_t *object_p,
-	CK_ATTRIBUTE_PTR template)
+    CK_ATTRIBUTE_PTR template)
 {
 
 	CK_RV		rv = CKR_OK;
@@ -4295,7 +4295,7 @@ soft_get_private_key_attribute(soft_object_t *object_p,
  */
 CK_RV
 soft_get_secret_key_attribute(soft_object_t *object_p,
-	CK_ATTRIBUTE_PTR template)
+    CK_ATTRIBUTE_PTR template)
 {
 
 	CK_RV		rv = CKR_OK;
@@ -4409,7 +4409,7 @@ soft_get_secret_key_attribute(soft_object_t *object_p,
  */
 CK_RV
 soft_get_domain_parameters_attribute(soft_object_t *object_p,
-	CK_ATTRIBUTE_PTR template)
+    CK_ATTRIBUTE_PTR template)
 {
 
 	CK_RV		rv = CKR_OK;
@@ -4527,7 +4527,7 @@ soft_get_domain_parameters_attribute(soft_object_t *object_p,
  */
 CK_RV
 soft_get_certificate_attribute(soft_object_t *object_p,
-	CK_ATTRIBUTE_PTR template)
+    CK_ATTRIBUTE_PTR template)
 {
 	CK_CERTIFICATE_TYPE certtype = object_p->cert_type;
 	cert_attr_t src;
@@ -4582,7 +4582,7 @@ soft_get_certificate_attribute(soft_object_t *object_p,
 
 CK_RV
 soft_set_certificate_attribute(soft_object_t *object_p,
-	CK_ATTRIBUTE_PTR template, boolean_t copy)
+    CK_ATTRIBUTE_PTR template, boolean_t copy)
 {
 	CK_CERTIFICATE_TYPE certtype = object_p->cert_type;
 
@@ -4682,7 +4682,7 @@ soft_get_attribute(soft_object_t *object_p, CK_ATTRIBUTE_PTR template)
 
 CK_RV
 soft_set_common_storage_attribute(soft_object_t *object_p,
-	CK_ATTRIBUTE_PTR template, boolean_t copy)
+    CK_ATTRIBUTE_PTR template, boolean_t copy)
 {
 
 	CK_RV rv = CKR_OK;
@@ -4758,7 +4758,7 @@ soft_set_common_storage_attribute(soft_object_t *object_p,
  */
 CK_RV
 soft_set_common_key_attribute(soft_object_t *object_p,
-	CK_ATTRIBUTE_PTR template, boolean_t copy)
+    CK_ATTRIBUTE_PTR template, boolean_t copy)
 {
 
 	switch (template->type) {
@@ -4809,7 +4809,7 @@ soft_set_common_key_attribute(soft_object_t *object_p,
  */
 CK_RV
 soft_set_public_key_attribute(soft_object_t *object_p,
-	CK_ATTRIBUTE_PTR template, boolean_t copy)
+    CK_ATTRIBUTE_PTR template, boolean_t copy)
 {
 	CK_KEY_TYPE	keytype = object_p->key_type;
 
@@ -4881,7 +4881,7 @@ soft_set_public_key_attribute(soft_object_t *object_p,
  */
 CK_RV
 soft_set_private_key_attribute(soft_object_t *object_p,
-	CK_ATTRIBUTE_PTR template, boolean_t copy)
+    CK_ATTRIBUTE_PTR template, boolean_t copy)
 {
 	CK_KEY_TYPE	keytype = object_p->key_type;
 
@@ -4989,7 +4989,7 @@ soft_set_private_key_attribute(soft_object_t *object_p,
  */
 CK_RV
 soft_set_secret_key_attribute(soft_object_t *object_p,
-	CK_ATTRIBUTE_PTR template, boolean_t copy)
+    CK_ATTRIBUTE_PTR template, boolean_t copy)
 {
 	CK_KEY_TYPE	keytype = object_p->key_type;
 
diff --git a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softBlowfishCrypt.c b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softBlowfishCrypt.c
index e903cee693..82fbc54e0e 100644
--- a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softBlowfishCrypt.c
+++ b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softBlowfishCrypt.c
@@ -37,8 +37,8 @@
 
 CK_RV
 soft_blowfish_crypt_init_common(soft_session_t *session_p,
-    CK_MECHANISM_PTR pMechanism, soft_object_t *key_p, boolean_t encrypt) {
-
+    CK_MECHANISM_PTR pMechanism, soft_object_t *key_p, boolean_t encrypt)
+{
 	size_t size;
 	soft_blowfish_ctx_t *soft_blowfish_ctx;
 
@@ -141,8 +141,8 @@ soft_blowfish_crypt_init_common(soft_session_t *session_p,
 CK_RV
 soft_blowfish_encrypt_common(soft_session_t *session_p, CK_BYTE_PTR pData,
     CK_ULONG ulDataLen, CK_BYTE_PTR pEncrypted, CK_ULONG_PTR pulEncryptedLen,
-    boolean_t update) {
-
+    boolean_t update)
+{
 	int rc = 0;
 	CK_RV rv = CKR_OK;
 	soft_blowfish_ctx_t *soft_blowfish_ctx =
@@ -272,8 +272,8 @@ soft_blowfish_encrypt_common(soft_session_t *session_p, CK_BYTE_PTR pData,
 
 	/* Encrypt multiple blocks of data. */
 	rc = blowfish_encrypt_contiguous_blocks(
-		(blowfish_ctx_t *)soft_blowfish_ctx->blowfish_cbc,
-		    (char *)in_buf, out_len, &out);
+	    (blowfish_ctx_t *)soft_blowfish_ctx->blowfish_cbc,
+	    (char *)in_buf, out_len, &out);
 
 	if (rc == 0) {
 		*pulEncryptedLen = out_len;
@@ -313,8 +313,8 @@ cleanup:
 CK_RV
 soft_blowfish_decrypt_common(soft_session_t *session_p, CK_BYTE_PTR pEncrypted,
     CK_ULONG ulEncryptedLen, CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen,
-    boolean_t update) {
-
+    boolean_t update)
+{
 	int rc = 0;
 	CK_RV rv = CKR_OK;
 	soft_blowfish_ctx_t *soft_blowfish_ctx =
@@ -435,8 +435,8 @@ soft_blowfish_decrypt_common(soft_session_t *session_p, CK_BYTE_PTR pEncrypted,
 
 	/* Decrypt multiple blocks of data. */
 	rc = blowfish_decrypt_contiguous_blocks(
-		(blowfish_ctx_t *)soft_blowfish_ctx->blowfish_cbc,
-		(char *)in_buf, out_len, &out);
+	    (blowfish_ctx_t *)soft_blowfish_ctx->blowfish_cbc,
+	    (char *)in_buf, out_len, &out);
 
 	if (rc == 0) {
 		*pulDataLen = out_len;
diff --git a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softDESCrypt.c b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softDESCrypt.c
index a6a40dc743..c6c8472f61 100644
--- a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softDESCrypt.c
+++ b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softDESCrypt.c
@@ -816,7 +816,7 @@ des_cbc_ctx_init(void *key_sched, size_t size, uint8_t *ivec, CK_KEY_TYPE type)
  */
 CK_RV
 soft_des_sign_verify_init_common(soft_session_t *session_p,
-	CK_MECHANISM_PTR pMechanism, soft_object_t *key_p, boolean_t sign_op)
+    CK_MECHANISM_PTR pMechanism, soft_object_t *key_p, boolean_t sign_op)
 {
 	soft_des_ctx_t	*soft_des_ctx;
 	CK_MECHANISM	encrypt_mech;
@@ -902,8 +902,8 @@ soft_des_sign_verify_init_common(soft_session_t *session_p,
  */
 CK_RV
 soft_des_sign_verify_common(soft_session_t *session_p, CK_BYTE_PTR pData,
-	CK_ULONG ulDataLen, CK_BYTE_PTR pSigned, CK_ULONG_PTR pulSignedLen,
-	boolean_t sign_op, boolean_t Final)
+    CK_ULONG ulDataLen, CK_BYTE_PTR pSigned, CK_ULONG_PTR pulSignedLen,
+    boolean_t sign_op, boolean_t Final)
 {
 	soft_des_ctx_t		*soft_des_ctx_sign_verify;
 	soft_des_ctx_t		*soft_des_ctx_encrypt;
@@ -1050,7 +1050,7 @@ clean_exit:
  */
 CK_RV
 soft_des_mac_sign_verify_update(soft_session_t *session_p, CK_BYTE_PTR pPart,
-	CK_ULONG ulPartLen)
+    CK_ULONG ulPartLen)
 {
 	/*
 	 * The DES MAC is calculated by taking the specified number of
diff --git a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softDecryptUtil.c b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softDecryptUtil.c
index 1896f1689b..27b8edf894 100644
--- a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softDecryptUtil.c
+++ b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softDecryptUtil.c
@@ -473,8 +473,7 @@ soft_decrypt(soft_session_t *session_p, CK_BYTE_PTR pEncryptedData,
  */
 CK_RV
 soft_decrypt_update(soft_session_t *session_p, CK_BYTE_PTR pEncryptedPart,
-	CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart,
-	CK_ULONG_PTR pulPartLen)
+    CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
 {
 	CK_MECHANISM_TYPE mechanism = session_p->decrypt.mech.mechanism;
 
@@ -522,7 +521,7 @@ soft_decrypt_update(soft_session_t *session_p, CK_BYTE_PTR pEncryptedPart,
  */
 CK_RV
 soft_decrypt_final(soft_session_t *session_p, CK_BYTE_PTR pLastPart,
-	CK_ULONG_PTR pulLastPartLen)
+    CK_ULONG_PTR pulLastPartLen)
 {
 
 	CK_MECHANISM_TYPE mechanism = session_p->decrypt.mech.mechanism;
diff --git a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softDigestUtil.c b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softDigestUtil.c
index d1d0dbd17b..8bf2eca6c6 100644
--- a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softDigestUtil.c
+++ b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softDigestUtil.c
@@ -47,7 +47,7 @@
  *
  * Description:
  *	called by C_DigestInit(). This function allocates space for
- *  	context, then calls the corresponding software provided digest
+ *	context, then calls the corresponding software provided digest
  *	init routine based on the mechanism.
  *
  * Returns:
@@ -167,7 +167,7 @@ soft_digest_init(soft_session_t *session_p, CK_MECHANISM_PTR pMechanism)
  */
 CK_RV
 soft_digest_common(soft_session_t *session_p, CK_BYTE_PTR pData,
-	CK_ULONG ulDataLen, CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen)
+    CK_ULONG ulDataLen, CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen)
 {
 
 	CK_ULONG digestLen = 0;
@@ -334,7 +334,7 @@ soft_digest_common(soft_session_t *session_p, CK_BYTE_PTR pData,
  */
 CK_RV
 soft_digest(soft_session_t *session_p, CK_BYTE_PTR pData, CK_ULONG ulDataLen,
-	CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen)
+    CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen)
 {
 
 	return (soft_digest_common(session_p, pData, ulDataLen,
@@ -360,7 +360,7 @@ soft_digest(soft_session_t *session_p, CK_BYTE_PTR pData, CK_ULONG ulDataLen,
  */
 CK_RV
 soft_digest_update(soft_session_t *session_p, CK_BYTE_PTR pPart,
-	CK_ULONG ulPartLen)
+    CK_ULONG ulPartLen)
 {
 
 	switch (session_p->digest.mech.mechanism) {
@@ -418,7 +418,7 @@ soft_digest_update(soft_session_t *session_p, CK_BYTE_PTR pPart,
  */
 CK_RV
 soft_digest_final(soft_session_t *session_p, CK_BYTE_PTR pDigest,
-	CK_ULONG_PTR pulDigestLen)
+    CK_ULONG_PTR pulDigestLen)
 {
 
 	return (soft_digest_common(session_p, NULL, 0,
@@ -434,8 +434,8 @@ soft_digest_final(soft_session_t *session_p, CK_BYTE_PTR pDigest,
  * its mutex taken.
  */
 CK_RV
-soft_digest_init_internal(soft_session_t *session_p, CK_MECHANISM_PTR
-	pMechanism)
+soft_digest_init_internal(soft_session_t *session_p,
+    CK_MECHANISM_PTR pMechanism)
 {
 
 	CK_RV rv;
diff --git a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeysUtil.c b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeysUtil.c
index c476752942..cb06623498 100644
--- a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeysUtil.c
+++ b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeysUtil.c
@@ -610,8 +610,7 @@ soft_key_derive_check_length(soft_object_t *secret_key, CK_ULONG max_keylen)
 
 static CK_RV
 soft_pkcs12_pbe(soft_session_t *session_p,
-		CK_MECHANISM_PTR pMechanism,
-		soft_object_t *derived_key)
+    CK_MECHANISM_PTR pMechanism, soft_object_t *derived_key)
 {
 	CK_RV rv = CKR_OK;
 	CK_PBE_PARAMS *params = pMechanism->pParameter;
@@ -1151,11 +1150,9 @@ soft_derive_enforce_flags(soft_object_t *basekey, soft_object_t *newkey)
  * Currently, PRF is always SHA_1_HMAC.
  */
 static CK_RV
-do_prf(soft_session_t *session_p,
-	CK_PKCS5_PBKD2_PARAMS_PTR params,
-	soft_object_t *hmac_key,
-	CK_BYTE *newsalt, CK_ULONG saltlen,
-	CK_BYTE *blockdata, CK_ULONG blocklen)
+do_prf(soft_session_t *session_p, CK_PKCS5_PBKD2_PARAMS_PTR params,
+    soft_object_t *hmac_key, CK_BYTE *newsalt, CK_ULONG saltlen,
+    CK_BYTE *blockdata, CK_ULONG blocklen)
 {
 	CK_RV rv = CKR_OK;
 	CK_MECHANISM digest_mech = {CKM_SHA_1_HMAC, NULL, 0};
@@ -1235,7 +1232,7 @@ cleanup:
 
 static CK_RV
 soft_create_hmac_key(soft_session_t *session_p,  CK_BYTE *passwd,
-		CK_ULONG passwd_len, CK_OBJECT_HANDLE_PTR phKey)
+    CK_ULONG passwd_len, CK_OBJECT_HANDLE_PTR phKey)
 {
 	CK_RV rv = CKR_OK;
 	CK_OBJECT_CLASS keyclass = CKO_SECRET_KEY;
@@ -1279,8 +1276,7 @@ soft_create_hmac_key(soft_session_t *session_p,  CK_BYTE *passwd,
 
 CK_RV
 soft_generate_pkcs5_pbkdf2_key(soft_session_t *session_p,
-		CK_MECHANISM_PTR pMechanism,
-		soft_object_t *secret_key)
+    CK_MECHANISM_PTR pMechanism, soft_object_t *secret_key)
 {
 	CK_RV rv = CKR_OK;
 	CK_PKCS5_PBKD2_PARAMS	*params =
@@ -1393,8 +1389,8 @@ soft_generate_pkcs5_pbkdf2_key(soft_session_t *session_p,
 
 CK_RV
 soft_wrapkey(soft_session_t *session_p, CK_MECHANISM_PTR pMechanism,
-		soft_object_t *wrappingKey_p, soft_object_t *hkey_p,
-		CK_BYTE_PTR pWrappedKey, CK_ULONG_PTR pulWrappedKeyLen)
+    soft_object_t *wrappingKey_p, soft_object_t *hkey_p,
+    CK_BYTE_PTR pWrappedKey, CK_ULONG_PTR pulWrappedKeyLen)
 {
 	CK_RV		rv = CKR_OK;
 	CK_ULONG	plain_len = 0;
@@ -1539,7 +1535,7 @@ cleanup_wrap:
  */
 static CK_RV
 soft_unwrap_secret_len_check(CK_KEY_TYPE keytype, CK_MECHANISM_TYPE mechtype,
-	CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount)
+    CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount)
 {
 	CK_ULONG	i;
 	boolean_t	isValueLen = B_FALSE;
@@ -1612,10 +1608,9 @@ soft_unwrap_secret_len_check(CK_KEY_TYPE keytype, CK_MECHANISM_TYPE mechtype,
 
 CK_RV
 soft_unwrapkey(soft_session_t *session_p, CK_MECHANISM_PTR pMechanism,
-		soft_object_t *unwrappingkey_p,
-		CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen,
-		CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
-		CK_OBJECT_HANDLE_PTR phKey)
+    soft_object_t *unwrappingkey_p, CK_BYTE_PTR pWrappedKey,
+    CK_ULONG ulWrappedKeyLen, CK_ATTRIBUTE_PTR pTemplate,
+    CK_ULONG ulAttributeCount, CK_OBJECT_HANDLE_PTR phKey)
 {
 	CK_RV			rv = CKR_OK;
 	CK_OBJECT_CLASS		new_obj_class = ~0UL;
diff --git a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeystore.c b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeystore.c
index 7bafbc1eea..be5b05aeeb 100644
--- a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeystore.c
+++ b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeystore.c
@@ -1359,7 +1359,7 @@ soft_unpack_object(soft_object_t *objp, uchar_t *buf)
 	biginteger_t	expo1;
 	biginteger_t	expo2;
 	biginteger_t	coef;
-	CK_RV 		rv = CKR_OK;
+	CK_RV		rv = CKR_OK;
 	ulong_t offset = 0;
 	uint64_t tmp_val;
 
@@ -2264,7 +2264,7 @@ soft_destroy_token_session(void)
  */
 CK_RV
 soft_keystore_crypt(soft_object_t *key_p, uchar_t *ivec, boolean_t encrypt,
-	CK_BYTE_PTR in, CK_ULONG in_len, CK_BYTE_PTR out, CK_ULONG_PTR out_len)
+    CK_BYTE_PTR in, CK_ULONG in_len, CK_BYTE_PTR out, CK_ULONG_PTR out_len)
 {
 	CK_MECHANISM	mech;
 	soft_aes_ctx_t *soft_aes_ctx;
@@ -2376,7 +2376,7 @@ soft_keystore_crypt(soft_object_t *key_p, uchar_t *ivec, boolean_t encrypt,
  */
 CK_RV
 soft_keystore_hmac(soft_object_t *key_p, boolean_t sign,
-	CK_BYTE_PTR in, CK_ULONG in_len, CK_BYTE_PTR out, CK_ULONG_PTR out_len)
+    CK_BYTE_PTR in, CK_ULONG in_len, CK_BYTE_PTR out, CK_ULONG_PTR out_len)
 {
 	CK_MECHANISM mech;
 	CK_RV rv;
diff --git a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeystoreUtil.c b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeystoreUtil.c
index 9023003b0d..a9505562f2 100644
--- a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeystoreUtil.c
+++ b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeystoreUtil.c
@@ -520,8 +520,8 @@ is_inode_same(int fd, char *fname, boolean_t *same)
 }
 
 static int
-acquire_file_lock(int *fd, char *fname, mode_t mode) {
-
+acquire_file_lock(int *fd, char *fname, mode_t mode)
+{
 	boolean_t read_lock = B_TRUE, same_inode;
 
 	if ((mode == O_RDWR) || (mode == O_WRONLY)) {
@@ -929,8 +929,8 @@ soft_keystore_readlock(boolean_t set_lock)
  *	FUNCTION: soft_keystore_writelock
  *
  *	ARGUMENTS:
- * 		set_lock: TRUE to set writelock on the keystore description file
- *		        FALSE to remove write lock on keystore description file.
+ *		set_lock: TRUE to set writelock on the keystore description file
+ *			FALSE to remove write lock on keystore description file.
  *
  *	RETURN VALUE:
  *
@@ -954,7 +954,7 @@ soft_keystore_writelock(boolean_t set_lock)
  *	ARGUMENTS:
  *
  *		ks_handle: handle of the keystore object file to be accessed.
- * 		read_lock: TRUE to set readlock on the keystore object file,
+ *		read_lock: TRUE to set readlock on the keystore object file,
  *			  FALSE to set writelock on keystore object file.
  *
  *	RETURN VALUE:
@@ -1243,8 +1243,8 @@ read_obj_data(int old_fd, char **buf, ssize_t *bytes_read)
  */
 static int
 reencrypt_obj(soft_object_t *new_enc_key, soft_object_t *new_hmac_key,
-    char *orig_obj_name, char *new_obj_name) {
-
+    char *orig_obj_name, char *new_obj_name)
+{
 	int old_fd, new_fd, version, ret_val = -1;
 	CK_BYTE iv[OBJ_IV_SIZE], old_iv[OBJ_IV_SIZE];
 	ssize_t nread;
diff --git a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softMAC.c b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softMAC.c
index 273d2b7603..ff452fe6f9 100644
--- a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softMAC.c
+++ b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softMAC.c
@@ -108,7 +108,7 @@ soft_hmac_sign_verify_init_common(soft_session_t *session_p,
 		if ((pMechanism->ulParameterLen !=
 		    sizeof (CK_MAC_GENERAL_PARAMS)) &&
 		    (*(CK_MAC_GENERAL_PARAMS *)pMechanism->pParameter >
-			MD5_HASH_SIZE)) {
+		    MD5_HASH_SIZE)) {
 				free(hmac_ctx);
 				return (CKR_MECHANISM_PARAM_INVALID);
 			}
@@ -121,7 +121,7 @@ soft_hmac_sign_verify_init_common(soft_session_t *session_p,
 		if ((pMechanism->ulParameterLen !=
 		    sizeof (CK_MAC_GENERAL_PARAMS)) &&
 		    (*(CK_MAC_GENERAL_PARAMS *)pMechanism->pParameter >
-			SHA1_HASH_SIZE)) {
+		    SHA1_HASH_SIZE)) {
 			free(hmac_ctx);
 			return (CKR_MECHANISM_PARAM_INVALID);
 		}
@@ -133,7 +133,7 @@ soft_hmac_sign_verify_init_common(soft_session_t *session_p,
 		if ((pMechanism->ulParameterLen !=
 		    sizeof (CK_MAC_GENERAL_PARAMS)) &&
 		    (*(CK_MAC_GENERAL_PARAMS *)pMechanism->pParameter >
-			SHA256_DIGEST_LENGTH)) {
+		    SHA256_DIGEST_LENGTH)) {
 			free(hmac_ctx);
 			return (CKR_MECHANISM_PARAM_INVALID);
 		}
@@ -146,7 +146,7 @@ soft_hmac_sign_verify_init_common(soft_session_t *session_p,
 		if ((pMechanism->ulParameterLen !=
 		    sizeof (CK_MAC_GENERAL_PARAMS)) &&
 		    (*(CK_MAC_GENERAL_PARAMS *)pMechanism->pParameter >
-			SHA512_DIGEST_LENGTH)) {
+		    SHA512_DIGEST_LENGTH)) {
 			free(hmac_ctx);
 			return (CKR_MECHANISM_PARAM_INVALID);
 		}
@@ -579,7 +579,7 @@ clean_exit:
  */
 CK_RV
 soft_hmac_sign_verify_update(soft_session_t *session_p, CK_BYTE_PTR pPart,
-	CK_ULONG ulPartLen, boolean_t sign_op)
+    CK_ULONG ulPartLen, boolean_t sign_op)
 {
 
 	soft_hmac_ctx_t	*hmac_ctx;
diff --git a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softSSL.c b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softSSL.c
index 8ba97d55ea..f836ddc009 100644
--- a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softSSL.c
+++ b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softSSL.c
@@ -585,7 +585,7 @@ out:
  * . mech_p:	key derivation mechanism. the mechanism parameter carries the
  *		client and mastter random from the Hello handshake messages,
  *		the specification of the key and IV sizes, and the location
- * 		for the resulting keys and IVs.
+ *		for the resulting keys and IVs.
  * . basekey_p: The master secret key.
  * . pTemplate & ulAttributeCount: Any extra attributes for the key to be
  *		created.
@@ -596,13 +596,13 @@ out:
  *	and server random.
  *	First a keyblock is generated usining the following formula:
  *	key_block =
- *      	MD5(master_secret + SHA(`A' + master_secret +
+ *		MD5(master_secret + SHA(`A' + master_secret +
  *					ServerHello.random +
  *					ClientHello.random)) +
- *      	MD5(master_secret + SHA(`BB' + master_secret +
+ *		MD5(master_secret + SHA(`BB' + master_secret +
  *					ServerHello.random +
  *					ClientHello.random)) +
- *      	MD5(master_secret + SHA(`CCC' + master_secret +
+ *		MD5(master_secret + SHA(`CCC' + master_secret +
  *					ServerHello.random +
  *					ClientHello.random)) + [...];
  *
@@ -866,12 +866,15 @@ soft_ssl_key_and_mac_derive(soft_session_t *sp, CK_MECHANISM_PTR mech,
 #ifdef	__sparcv9
 			/* LINTED */
 			soft_ssl_weaken_key(mech, kb, (uint_t)secret_key_bytes,
+			    random_data->pClientRandom, ClientRandomLen,
+			    random_data->pServerRandom, ServerRandomLen,
+			    export_keys, B_TRUE);
 #else	/* __sparcv9 */
 			soft_ssl_weaken_key(mech, kb, secret_key_bytes,
-#endif	/* __sparcv9 */
 			    random_data->pClientRandom, ClientRandomLen,
 			    random_data->pServerRandom, ServerRandomLen,
 			    export_keys, B_TRUE);
+#endif	/* __sparcv9 */
 			new_tmpl[n].pValue = export_keys;
 			new_tmpl[n].ulValueLen = MD5_HASH_SIZE;
 		} else {
@@ -897,12 +900,15 @@ soft_ssl_key_and_mac_derive(soft_session_t *sp, CK_MECHANISM_PTR mech,
 #ifdef	__sparcv9
 			/* LINTED */
 			soft_ssl_weaken_key(mech, kb, (uint_t)secret_key_bytes,
+			    random_data->pServerRandom, ServerRandomLen,
+			    random_data->pClientRandom, ClientRandomLen,
+			    export_keys + MD5_HASH_SIZE, B_FALSE);
 #else	/* __sparcv9 */
 			soft_ssl_weaken_key(mech, kb, secret_key_bytes,
-#endif	/* __sparcv9 */
 			    random_data->pServerRandom, ServerRandomLen,
 			    random_data->pClientRandom, ClientRandomLen,
 			    export_keys + MD5_HASH_SIZE, B_FALSE);
+#endif	/* __sparcv9 */
 			new_tmpl[n].pValue = export_keys + MD5_HASH_SIZE;
 		} else
 			new_tmpl[n].pValue = kb;
author	Jerry Jelinek <jerry.jelinek@joyent.com>	2018-08-02 12:21:51 +0000
committer	Jerry Jelinek <jerry.jelinek@joyent.com>	2018-08-02 12:21:51 +0000
commit	5ea2876c4c5ed6cd7890ab3ee48d6e0522b67e6d (patch)
tree	c3827d8408db5b8b73ec4c7d6f24ffe7a0d4cdd1 /usr/src
parent	14aa584f6d005b787b096ab219055f12a41469bd (diff)
parent	a8793c7605e0b82f2725537adafca6127cdbd6ce (diff)
download	illumos-joyent-5ea2876c4c5ed6cd7890ab3ee48d6e0522b67e6d.tar.gz