summaryrefslogtreecommitdiff
path: root/usr/src/lib/pkcs11/pkcs11_softtoken/common/softDecryptUtil.c
diff options
context:
space:
mode:
Diffstat (limited to 'usr/src/lib/pkcs11/pkcs11_softtoken/common/softDecryptUtil.c')
-rw-r--r--usr/src/lib/pkcs11/pkcs11_softtoken/common/softDecryptUtil.c60
1 files changed, 28 insertions, 32 deletions
diff --git a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softDecryptUtil.c b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softDecryptUtil.c
index 355c3b5bdd..27b8edf894 100644
--- a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softDecryptUtil.c
+++ b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softDecryptUtil.c
@@ -21,6 +21,7 @@
/*
* Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2018, Joyent, Inc.
*/
#include <pthread.h>
@@ -151,10 +152,10 @@ cbc_common:
soft_des_ctx->ivec, key_p->key_type);
if (soft_des_ctx->des_cbc == NULL) {
- bzero(soft_des_ctx->key_sched,
+ freezero(soft_des_ctx->key_sched,
soft_des_ctx->keysched_len);
- free(soft_des_ctx->key_sched);
- free(session_p->decrypt.context);
+ freezero(session_p->decrypt.context,
+ sizeof (soft_des_ctx_t));
session_p->decrypt.context = NULL;
(void) pthread_mutex_unlock(&session_p->session_mutex);
return (CKR_HOST_MEMORY);
@@ -207,10 +208,10 @@ cbc_common:
soft_aes_ctx->ivec);
if (soft_aes_ctx->aes_cbc == NULL) {
- bzero(soft_aes_ctx->key_sched,
+ freezero(soft_aes_ctx->key_sched,
soft_aes_ctx->keysched_len);
- free(soft_aes_ctx->key_sched);
- free(session_p->decrypt.context);
+ freezero(session_p->decrypt.context,
+ sizeof (soft_aes_ctx_t));
session_p->decrypt.context = NULL;
(void) pthread_mutex_unlock(&session_p->session_mutex);
return (CKR_HOST_MEMORY);
@@ -247,10 +248,10 @@ cbc_common:
pMechanism->pParameter);
if (soft_aes_ctx->aes_cbc == NULL) {
- bzero(soft_aes_ctx->key_sched,
+ freezero(soft_aes_ctx->key_sched,
soft_aes_ctx->keysched_len);
- free(soft_aes_ctx->key_sched);
- free(session_p->decrypt.context);
+ freezero(session_p->decrypt.context,
+ sizeof (soft_aes_ctx_t));
session_p->decrypt.context = NULL;
rv = CKR_HOST_MEMORY;
}
@@ -292,10 +293,11 @@ cbc_common:
soft_blowfish_ctx->ivec);
if (soft_blowfish_ctx->blowfish_cbc == NULL) {
- bzero(soft_blowfish_ctx->key_sched,
+ freezero(soft_blowfish_ctx->key_sched,
soft_blowfish_ctx->keysched_len);
- free(soft_blowfish_ctx->key_sched);
- free(session_p->decrypt.context = NULL);
+ freezero(session_p->decrypt.context,
+ sizeof (soft_blowfish_ctx_t));
+ session_p->decrypt.context = NULL;
(void) pthread_mutex_unlock(&session_p->session_mutex);
return (CKR_HOST_MEMORY);
}
@@ -471,8 +473,7 @@ soft_decrypt(soft_session_t *session_p, CK_BYTE_PTR pEncryptedData,
*/
CK_RV
soft_decrypt_update(soft_session_t *session_p, CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen)
+ CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
{
CK_MECHANISM_TYPE mechanism = session_p->decrypt.mech.mechanism;
@@ -520,7 +521,7 @@ soft_decrypt_update(soft_session_t *session_p, CK_BYTE_PTR pEncryptedPart,
*/
CK_RV
soft_decrypt_final(soft_session_t *session_p, CK_BYTE_PTR pLastPart,
- CK_ULONG_PTR pulLastPartLen)
+ CK_ULONG_PTR pulLastPartLen)
{
CK_MECHANISM_TYPE mechanism = session_p->decrypt.mech.mechanism;
@@ -554,9 +555,8 @@ soft_decrypt_final(soft_session_t *session_p, CK_BYTE_PTR pLastPart,
rv = CKR_ENCRYPTED_DATA_LEN_RANGE;
/* Cleanup memory space. */
free(soft_des_ctx->des_cbc);
- bzero(soft_des_ctx->key_sched,
+ freezero(soft_des_ctx->key_sched,
soft_des_ctx->keysched_len);
- free(soft_des_ctx->key_sched);
goto clean1;
}
@@ -608,9 +608,8 @@ soft_decrypt_final(soft_session_t *session_p, CK_BYTE_PTR pLastPart,
/* Cleanup memory space. */
free(soft_des_ctx->des_cbc);
- bzero(soft_des_ctx->key_sched,
+ freezero(soft_des_ctx->key_sched,
soft_des_ctx->keysched_len);
- free(soft_des_ctx->key_sched);
}
@@ -641,8 +640,8 @@ soft_decrypt_final(soft_session_t *session_p, CK_BYTE_PTR pLastPart,
/* Cleanup memory space. */
free(soft_des_ctx->des_cbc);
- bzero(soft_des_ctx->key_sched, soft_des_ctx->keysched_len);
- free(soft_des_ctx->key_sched);
+ freezero(soft_des_ctx->key_sched,
+ soft_des_ctx->keysched_len);
break;
}
@@ -663,9 +662,8 @@ soft_decrypt_final(soft_session_t *session_p, CK_BYTE_PTR pLastPart,
rv = CKR_ENCRYPTED_DATA_LEN_RANGE;
/* Cleanup memory space. */
free(soft_aes_ctx->aes_cbc);
- bzero(soft_aes_ctx->key_sched,
+ freezero(soft_aes_ctx->key_sched,
soft_aes_ctx->keysched_len);
- free(soft_aes_ctx->key_sched);
goto clean1;
}
@@ -717,9 +715,8 @@ soft_decrypt_final(soft_session_t *session_p, CK_BYTE_PTR pLastPart,
/* Cleanup memory space. */
free(soft_aes_ctx->aes_cbc);
- bzero(soft_aes_ctx->key_sched,
+ freezero(soft_aes_ctx->key_sched,
soft_aes_ctx->keysched_len);
- free(soft_aes_ctx->key_sched);
}
@@ -747,8 +744,8 @@ soft_decrypt_final(soft_session_t *session_p, CK_BYTE_PTR pLastPart,
/* Cleanup memory space. */
free(soft_aes_ctx->aes_cbc);
- bzero(soft_aes_ctx->key_sched, soft_aes_ctx->keysched_len);
- free(soft_aes_ctx->key_sched);
+ freezero(soft_aes_ctx->key_sched,
+ soft_aes_ctx->keysched_len);
break;
}
@@ -784,8 +781,8 @@ soft_decrypt_final(soft_session_t *session_p, CK_BYTE_PTR pLastPart,
/* Cleanup memory space. */
free(ctr_ctx);
- bzero(soft_aes_ctx->key_sched, soft_aes_ctx->keysched_len);
- free(soft_aes_ctx->key_sched);
+ freezero(soft_aes_ctx->key_sched,
+ soft_aes_ctx->keysched_len);
break;
}
@@ -805,9 +802,8 @@ soft_decrypt_final(soft_session_t *session_p, CK_BYTE_PTR pLastPart,
}
free(soft_blowfish_ctx->blowfish_cbc);
- bzero(soft_blowfish_ctx->key_sched,
+ freezero(soft_blowfish_ctx->key_sched,
soft_blowfish_ctx->keysched_len);
- free(soft_blowfish_ctx->key_sched);
break;
}
@@ -815,7 +811,7 @@ soft_decrypt_final(soft_session_t *session_p, CK_BYTE_PTR pLastPart,
case CKM_RC4:
{
ARCFour_key *key = (ARCFour_key *)session_p->decrypt.context;
- bzero(key, sizeof (*key));
+ explicit_bzero(key, sizeof (*key));
*pulLastPartLen = 0;
break;
}
generated by cgit v1.2.3 (git 2.46.0) at 2025-12-12 13:24:42 +0000