giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fixed compiler warnings 

fixed warnings introduced with b18c86e646

fixes memory leaks in pkcs15-init and pkcs15-tool
This commit is contained in:
Frank Morgner 2014-12-07 17:19:57 +01:00
parent e137396d56
commit 73715e37d9
4 changed files with 83 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
src/tools/pkcs15-init.c
View File

@ -348,8 +348,9 @@ static char * opt_puk_label = NULL;
static char * opt_pubkey_label = NULL;
static char * opt_cert_label = NULL;
static const char * opt_pins[4];
static char * pins[4];
static char * opt_serial = NULL;
static char * opt_passphrase = NULL;
static const char * opt_passphrase = NULL;
static char * opt_newkey = NULL;
static char * opt_outkey = NULL;
static char * opt_application_id = NULL;
@ -458,6 +459,10 @@ main(int argc, char **argv)
return 1;
}
for (n = 0; n < sizeof pins; n++) {
pins[n] = NULL;
}
for (n = 0; n < ACTION_MAX; n++) {
unsigned int action = n;
@ -577,6 +582,10 @@ main(int argc, char **argv)
}
}
for (n = 0; n < sizeof pins; n++) {
free(pins[n]);
}
out:
if (profile) {
sc_pkcs15init_unbind(profile);
@ -754,9 +763,10 @@ do_init_app(struct sc_profile *profile)
if (!opt_pins[2] && !opt_no_prompt && !opt_no_sopin) {
r = get_new_pin(&hints, role, "pin", &opt_pins[2]);
r = get_new_pin(&hints, role, "pin", &pins[2]);
if (r < 0)
goto failed;
opt_pins[2] = pins[2];
}
if (!so_puk_disabled && opt_pins[2] && !opt_pins[3] && !opt_no_prompt) {
@ -766,9 +776,10 @@ do_init_app(struct sc_profile *profile)
role = "user";
hints.flags |= SC_UI_PIN_OPTIONAL;
r = get_new_pin(&hints, role, "puk", &opt_pins[3]);
r = get_new_pin(&hints, role, "puk", &pins[3]);
if (r < 0)
goto failed;
opt_pins[3] = pins[3];
}
args.so_pin = (const u8 *) opt_pins[2];
@ -819,9 +830,11 @@ do_store_pin(struct sc_profile *profile)
}
sc_pkcs15init_get_pin_info(profile, SC_PKCS15INIT_USER_PIN, &info);
if (opt_pins[0] == NULL)
if ((r = get_new_pin(&hints, "user", "pin", &opt_pins[0])) < 0)
if (opt_pins[0] == NULL) {
if ((r = get_new_pin(&hints, "user", "pin", &pins[0])) < 0)
goto failed;
opt_pins[0] = pins[0];
}
if (*opt_pins[0] == '\0') {
util_error("You must specify a PIN\n");
@ -839,9 +852,9 @@ do_store_pin(struct sc_profile *profile)
sc_pkcs15init_get_pin_info(profile, SC_PKCS15INIT_USER_PUK, &info);
hints.flags |= SC_UI_PIN_OPTIONAL;
if ((r = get_new_pin(&hints, "user", "puk", &opt_pins[1])) < 0)
if ((r = get_new_pin(&hints, "user", "puk", &pins[1])) < 0)
goto failed;
opt_pins[1] = pins[1];
}
if (opt_puk_authid && opt_pins[1])
@ -1693,19 +1706,19 @@ get_pin_callback(struct sc_profile *profile,
switch (id) {
case SC_PKCS15INIT_USER_PIN:
name = "User PIN";
secret = opt_pins[OPT_PIN1 & 3];
secret = (char *) opt_pins[OPT_PIN1 & 3];
break;
case SC_PKCS15INIT_USER_PUK:
name = "User PIN unlock key";
secret = opt_pins[OPT_PUK1 & 3];
secret = (char *) opt_pins[OPT_PUK1 & 3];
break;
case SC_PKCS15INIT_SO_PIN:
name = "Security officer PIN";
secret = opt_pins[OPT_PIN2 & 3];
secret = (char *) opt_pins[OPT_PIN2 & 3];
break;
case SC_PKCS15INIT_SO_PUK:
name = "Security officer PIN unlock key";
secret = opt_pins[OPT_PUK2 & 3];
secret = (char *) opt_pins[OPT_PUK2 & 3];
break;
}
}
@ -1713,22 +1726,22 @@ get_pin_callback(struct sc_profile *profile,
if (!(info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN)
&& !(info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)) {
name = "User PIN";
secret = opt_pins[OPT_PIN1 & 3];
secret = (char *) opt_pins[OPT_PIN1 & 3];
}
else if (!(info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN)
&& (info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)) {
name = "User PUK";
secret = opt_pins[OPT_PUK1 & 3];
secret = (char *) opt_pins[OPT_PUK1 & 3];
}
else if ((info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN)
&& !(info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)) {
name = "Security officer PIN";
secret = opt_pins[OPT_PIN2 & 3];
secret = (char *) opt_pins[OPT_PIN2 & 3];
}
else if ((info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN)
&& (info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)) {
name = "Security officer PIN unlock key";
secret = opt_pins[OPT_PUK2 & 3];
secret = (char *) opt_pins[OPT_PUK2 & 3];
}
}
if (secret)
@ -1997,7 +2010,7 @@ do_read_private_key(const char *filename, const char *format,
int r;
if (opt_passphrase)
passphrase = opt_passphrase;
passphrase = (char *) opt_passphrase;
if (!format || !strcasecmp(format, "pem")) {
r = do_read_pem_private_key(filename, passphrase, pk);
@ -2026,8 +2039,12 @@ do_read_private_key(const char *filename, const char *format,
return SC_ERROR_NOT_SUPPORTED;
}
if (NULL == opt_passphrase)
free(passphrase);
if (r < 0)
util_fatal("Unable to read private key from %s\n", filename);
return r;
}
@ -2157,7 +2174,7 @@ static size_t determine_filesize(const char *filename)
static int
do_read_data_object(const char *name, u8 **out, size_t *outlen)
{
FILE *inf;
FILE *inf;
size_t filesize = determine_filesize(name);
int c;
@ -2452,8 +2469,6 @@ handle_option(const struct option *opt)
opt_serial = optarg;
break;
case OPT_PASSPHRASE:
free(opt_passphrase);
opt_passphrase = NULL;
util_get_pin(optarg, &opt_passphrase);
break;
case OPT_PUBKEY:
@ -2773,7 +2788,7 @@ static int verify_pin(struct sc_pkcs15_card *p15card, char *auth_id_str)
{
struct sc_pkcs15_object *pin_obj = NULL;
char pin_label[64];
char *pin;
char *pin = NULL;
int r;
if (!auth_id_str) {
@ -2817,7 +2832,7 @@ static int verify_pin(struct sc_pkcs15_card *p15card, char *auth_id_str)
}
if (opt_pins[0] != NULL) {
pin = opt_pins[0];
pin = (char *) opt_pins[0];
}
else {
sc_ui_hints_t hints;
@ -2844,5 +2859,8 @@ static int verify_pin(struct sc_pkcs15_card *p15card, char *auth_id_str)
if (r < 0)
fprintf(stderr, "Operation failed: %s\n", sc_strerror(r));
if (NULL == opt_pins[0])
free(pin);
return r;
}

50
src/tools/pkcs15-tool.c
View File

@ -52,9 +52,9 @@ static char * opt_data = NULL;
static char * opt_pubkey = NULL;
static char * opt_outfile = NULL;
static char * opt_bind_to_aid = NULL;
static const u8 * opt_newpin = NULL;
static const u8 * opt_pin = NULL;
static const u8 * opt_puk = NULL;
static const char * opt_newpin = NULL;
static const char * opt_pin = NULL;
static const char * opt_puk = NULL;
static int verbose = 0;
static int opt_no_prompt = 0;
@ -1116,7 +1116,7 @@ static int verify_pin(void)
}
if (opt_pin != NULL)
pin = opt_pin;
pin = (unsigned char *) opt_pin;
else
pin = get_pin("Please enter PIN", pin_obj);
@ -1127,13 +1127,16 @@ static int verify_pin(void)
return -1;
}
if (opt_pin == NULL)
free(pin);
return 0;
}
static int authenticate(sc_pkcs15_object_t *obj)
{
sc_pkcs15_object_t *pin_obj;
u8 *pin;
u8 *pin = NULL;
int r;
if (obj->auth_id.len == 0)
@ -1143,11 +1146,16 @@ static int authenticate(sc_pkcs15_object_t *obj)
return r;
if (opt_pin != NULL)
pin = opt_pin;
pin = (u8 *) opt_pin;
else
pin = get_pin("Please enter PIN", pin_obj);
return sc_pkcs15_verify_pin(p15card, pin_obj, pin, pin? strlen((char *) pin) : 0);
r = sc_pkcs15_verify_pin(p15card, pin_obj, pin, pin? strlen((char *) pin) : 0);
if (opt_pin == NULL)
free(pin);
return r;
}
static void print_pin_info(const struct sc_pkcs15_object *obj)
@ -1307,7 +1315,7 @@ static int unblock_pin(void)
if (pinfo->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN)
return 1;
puk = opt_puk;
puk = (u8 *) opt_puk;
if (puk == NULL) {
sc_pkcs15_object_t *puk_obj = NULL;
@ -1338,7 +1346,7 @@ static int unblock_pin(void)
printf("PUK value will be prompted with pinpad.\n");
/* FIXME should OPENSSL_cleanse on pin/puk data */
pin = opt_pin ? opt_pin : opt_newpin;
pin = opt_pin ? (u8 *) opt_pin : (u8 *) opt_newpin;
while (pin == NULL) {
u8 *pin2;
@ -1365,7 +1373,12 @@ static int unblock_pin(void)
r = sc_pkcs15_unblock_pin(p15card, pin_obj,
puk, puk ? strlen((char *) puk) : 0,
pin, pin ? strlen((char *) pin) : 0);
/* FIXME must free the puk somewhere */
if (NULL == opt_puk)
free(puk);
if (NULL == opt_pin && NULL == opt_newpin)
free(pin);
if (r == SC_ERROR_PIN_CODE_INCORRECT) {
fprintf(stderr, "PUK code incorrect; tries left: %d\n", pinfo->tries_left);
return 3;
@ -1405,7 +1418,7 @@ static int change_pin(void)
}
}
pincode = opt_pin;
pincode = (u8 *) opt_pin;
if (pincode == NULL) {
pincode = get_pin("Enter old PIN", pin_obj);
if (!pinpad_present && pincode == NULL)
@ -1420,7 +1433,7 @@ static int change_pin(void)
if (pincode == NULL && verbose)
printf("Old PIN value will be prompted with pinpad.\n");
newpin = opt_newpin;
newpin = (u8 *) opt_newpin;
while (newpin == NULL) {
u8 *newpin2;
@ -1459,7 +1472,12 @@ static int change_pin(void)
}
if (verbose)
printf("PIN code changed successfully.\n");
/* FIXME must free the pincode somewhere */
if (opt_pin == NULL)
free(pincode);
if (opt_newpin == NULL)
free(newpin);
return 0;
}
@ -1890,13 +1908,13 @@ int main(int argc, char * const argv[])
opt_reader = optarg;
break;
case OPT_PIN:
util_get_pin(optarg, (const u8 **) &opt_pin);
util_get_pin(optarg, &opt_pin);
break;
case OPT_NEWPIN:
util_get_pin(optarg, (const u8 **) &opt_newpin);
util_get_pin(optarg, &opt_newpin);
break;
case OPT_PUK:
util_get_pin(optarg, (const u8 **) &opt_puk);
util_get_pin(optarg, &opt_puk);
break;
case 'o':
opt_outfile = optarg;

16
src/tools/sc-hsm-tool.c
View File

@ -664,7 +664,7 @@ static int recreate_password_from_shares(char **pwd, int *pwdlen, int num_of_pas
static int import_dkek_share(sc_card_t *card, const char *inf, int iter, char *password, int num_of_password_shares)
static int import_dkek_share(sc_card_t *card, const char *inf, int iter, const char *password, int num_of_password_shares)
{
sc_cardctl_sc_hsm_dkek_t dkekinfo;
EVP_CIPHER_CTX ctx;
@ -712,7 +712,7 @@ static int import_dkek_share(sc_card_t *card, const char *inf, int iter, char *p
}
} else {
pwd = password;
pwd = (char *) password;
pwdlen = strlen(password);
}
@ -904,7 +904,7 @@ static int generate_pwd_shares(sc_card_t *card, char **pwd, int *pwdlen, int pas
static int create_dkek_share(sc_card_t *card, const char *outf, int iter, char *password, int password_shares_threshold, int password_shares_total)
static int create_dkek_share(sc_card_t *card, const char *outf, int iter, const char *password, int password_shares_threshold, int password_shares_total)
{
EVP_CIPHER_CTX ctx;
FILE *out = NULL;
@ -927,7 +927,7 @@ static int create_dkek_share(sc_card_t *card, const char *outf, int iter, char *
}
} else {
pwd = password;
pwd = (char *) password;
pwdlen = strlen(password);
}
@ -1439,7 +1439,7 @@ int main(int argc, char * const argv[])
const char *opt_so_pin = NULL;
const char *opt_pin = NULL;
const char *opt_filename = NULL;
char *opt_password = NULL;
const char *opt_password = NULL;
int opt_retry_counter = 3;
int opt_dkek_shares = -1;
int opt_key_reference = -1;
@ -1484,18 +1484,12 @@ int main(int argc, char * const argv[])
action_count++;
break;
case OPT_PASSWORD:
free(opt_password);
opt_password = NULL;
util_get_pin(optarg, &opt_password);
break;
case OPT_SO_PIN:
free(opt_so_pin);
opt_so_pin = NULL;
util_get_pin(optarg, &opt_so_pin);
break;
case OPT_PIN:
free(opt_pin);
opt_pin = NULL;
util_get_pin(optarg, &opt_pin);
break;
case OPT_RETRY:

10
src/tools/westcos-tool.c
View File

@ -126,7 +126,7 @@ static void print_openssl_error(void)
printf("%s\n", ERR_error_string(r, NULL));
}
static int verify_pin(sc_card_t *card, int pin_reference, char *pin_value)
static int verify_pin(sc_card_t *card, int pin_reference, const char *pin_value)
{
int r, tries_left = -1;
struct sc_pin_cmd_data data;
@ -178,8 +178,8 @@ static int verify_pin(sc_card_t *card, int pin_reference, char *pin_value)
static int change_pin(sc_card_t *card,
int pin_reference,
char *pin_value1,
char *pin_value2)
const char *pin_value1,
const char *pin_value2)
{
int r, tries_left = -1;
struct sc_pin_cmd_data data;
@ -236,8 +236,8 @@ static int change_pin(sc_card_t *card,
static int unlock_pin(sc_card_t *card,
int pin_reference,
char *puk_value,
char *pin_value)
const char *puk_value,
const char *pin_value)
{
int r, tries_left = -1;
struct sc_pin_cmd_data data;