fixed compiler warnings
fixed warnings introduced with b18c86e646
fixes memory leaks in pkcs15-init and pkcs15-tool
This commit is contained in:
parent
e137396d56
commit
73715e37d9
|
@ -348,8 +348,9 @@ static char * opt_puk_label = NULL;
|
|||
static char * opt_pubkey_label = NULL;
|
||||
static char * opt_cert_label = NULL;
|
||||
static const char * opt_pins[4];
|
||||
static char * pins[4];
|
||||
static char * opt_serial = NULL;
|
||||
static char * opt_passphrase = NULL;
|
||||
static const char * opt_passphrase = NULL;
|
||||
static char * opt_newkey = NULL;
|
||||
static char * opt_outkey = NULL;
|
||||
static char * opt_application_id = NULL;
|
||||
|
@ -458,6 +459,10 @@ main(int argc, char **argv)
|
|||
return 1;
|
||||
}
|
||||
|
||||
for (n = 0; n < sizeof pins; n++) {
|
||||
pins[n] = NULL;
|
||||
}
|
||||
|
||||
for (n = 0; n < ACTION_MAX; n++) {
|
||||
unsigned int action = n;
|
||||
|
||||
|
@ -577,6 +582,10 @@ main(int argc, char **argv)
|
|||
}
|
||||
}
|
||||
|
||||
for (n = 0; n < sizeof pins; n++) {
|
||||
free(pins[n]);
|
||||
}
|
||||
|
||||
out:
|
||||
if (profile) {
|
||||
sc_pkcs15init_unbind(profile);
|
||||
|
@ -754,9 +763,10 @@ do_init_app(struct sc_profile *profile)
|
|||
|
||||
|
||||
if (!opt_pins[2] && !opt_no_prompt && !opt_no_sopin) {
|
||||
r = get_new_pin(&hints, role, "pin", &opt_pins[2]);
|
||||
r = get_new_pin(&hints, role, "pin", &pins[2]);
|
||||
if (r < 0)
|
||||
goto failed;
|
||||
opt_pins[2] = pins[2];
|
||||
}
|
||||
|
||||
if (!so_puk_disabled && opt_pins[2] && !opt_pins[3] && !opt_no_prompt) {
|
||||
|
@ -766,9 +776,10 @@ do_init_app(struct sc_profile *profile)
|
|||
role = "user";
|
||||
|
||||
hints.flags |= SC_UI_PIN_OPTIONAL;
|
||||
r = get_new_pin(&hints, role, "puk", &opt_pins[3]);
|
||||
r = get_new_pin(&hints, role, "puk", &pins[3]);
|
||||
if (r < 0)
|
||||
goto failed;
|
||||
opt_pins[3] = pins[3];
|
||||
}
|
||||
|
||||
args.so_pin = (const u8 *) opt_pins[2];
|
||||
|
@ -819,9 +830,11 @@ do_store_pin(struct sc_profile *profile)
|
|||
}
|
||||
|
||||
sc_pkcs15init_get_pin_info(profile, SC_PKCS15INIT_USER_PIN, &info);
|
||||
if (opt_pins[0] == NULL)
|
||||
if ((r = get_new_pin(&hints, "user", "pin", &opt_pins[0])) < 0)
|
||||
if (opt_pins[0] == NULL) {
|
||||
if ((r = get_new_pin(&hints, "user", "pin", &pins[0])) < 0)
|
||||
goto failed;
|
||||
opt_pins[0] = pins[0];
|
||||
}
|
||||
|
||||
if (*opt_pins[0] == '\0') {
|
||||
util_error("You must specify a PIN\n");
|
||||
|
@ -839,9 +852,9 @@ do_store_pin(struct sc_profile *profile)
|
|||
sc_pkcs15init_get_pin_info(profile, SC_PKCS15INIT_USER_PUK, &info);
|
||||
|
||||
hints.flags |= SC_UI_PIN_OPTIONAL;
|
||||
if ((r = get_new_pin(&hints, "user", "puk", &opt_pins[1])) < 0)
|
||||
if ((r = get_new_pin(&hints, "user", "puk", &pins[1])) < 0)
|
||||
goto failed;
|
||||
|
||||
opt_pins[1] = pins[1];
|
||||
}
|
||||
|
||||
if (opt_puk_authid && opt_pins[1])
|
||||
|
@ -1693,19 +1706,19 @@ get_pin_callback(struct sc_profile *profile,
|
|||
switch (id) {
|
||||
case SC_PKCS15INIT_USER_PIN:
|
||||
name = "User PIN";
|
||||
secret = opt_pins[OPT_PIN1 & 3];
|
||||
secret = (char *) opt_pins[OPT_PIN1 & 3];
|
||||
break;
|
||||
case SC_PKCS15INIT_USER_PUK:
|
||||
name = "User PIN unlock key";
|
||||
secret = opt_pins[OPT_PUK1 & 3];
|
||||
secret = (char *) opt_pins[OPT_PUK1 & 3];
|
||||
break;
|
||||
case SC_PKCS15INIT_SO_PIN:
|
||||
name = "Security officer PIN";
|
||||
secret = opt_pins[OPT_PIN2 & 3];
|
||||
secret = (char *) opt_pins[OPT_PIN2 & 3];
|
||||
break;
|
||||
case SC_PKCS15INIT_SO_PUK:
|
||||
name = "Security officer PIN unlock key";
|
||||
secret = opt_pins[OPT_PUK2 & 3];
|
||||
secret = (char *) opt_pins[OPT_PUK2 & 3];
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
@ -1713,22 +1726,22 @@ get_pin_callback(struct sc_profile *profile,
|
|||
if (!(info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN)
|
||||
&& !(info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)) {
|
||||
name = "User PIN";
|
||||
secret = opt_pins[OPT_PIN1 & 3];
|
||||
secret = (char *) opt_pins[OPT_PIN1 & 3];
|
||||
}
|
||||
else if (!(info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN)
|
||||
&& (info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)) {
|
||||
name = "User PUK";
|
||||
secret = opt_pins[OPT_PUK1 & 3];
|
||||
secret = (char *) opt_pins[OPT_PUK1 & 3];
|
||||
}
|
||||
else if ((info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN)
|
||||
&& !(info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)) {
|
||||
name = "Security officer PIN";
|
||||
secret = opt_pins[OPT_PIN2 & 3];
|
||||
secret = (char *) opt_pins[OPT_PIN2 & 3];
|
||||
}
|
||||
else if ((info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN)
|
||||
&& (info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)) {
|
||||
name = "Security officer PIN unlock key";
|
||||
secret = opt_pins[OPT_PUK2 & 3];
|
||||
secret = (char *) opt_pins[OPT_PUK2 & 3];
|
||||
}
|
||||
}
|
||||
if (secret)
|
||||
|
@ -1997,7 +2010,7 @@ do_read_private_key(const char *filename, const char *format,
|
|||
int r;
|
||||
|
||||
if (opt_passphrase)
|
||||
passphrase = opt_passphrase;
|
||||
passphrase = (char *) opt_passphrase;
|
||||
|
||||
if (!format || !strcasecmp(format, "pem")) {
|
||||
r = do_read_pem_private_key(filename, passphrase, pk);
|
||||
|
@ -2026,8 +2039,12 @@ do_read_private_key(const char *filename, const char *format,
|
|||
return SC_ERROR_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
if (NULL == opt_passphrase)
|
||||
free(passphrase);
|
||||
|
||||
if (r < 0)
|
||||
util_fatal("Unable to read private key from %s\n", filename);
|
||||
|
||||
return r;
|
||||
}
|
||||
|
||||
|
@ -2157,7 +2174,7 @@ static size_t determine_filesize(const char *filename)
|
|||
static int
|
||||
do_read_data_object(const char *name, u8 **out, size_t *outlen)
|
||||
{
|
||||
FILE *inf;
|
||||
FILE *inf;
|
||||
size_t filesize = determine_filesize(name);
|
||||
int c;
|
||||
|
||||
|
@ -2452,8 +2469,6 @@ handle_option(const struct option *opt)
|
|||
opt_serial = optarg;
|
||||
break;
|
||||
case OPT_PASSPHRASE:
|
||||
free(opt_passphrase);
|
||||
opt_passphrase = NULL;
|
||||
util_get_pin(optarg, &opt_passphrase);
|
||||
break;
|
||||
case OPT_PUBKEY:
|
||||
|
@ -2773,7 +2788,7 @@ static int verify_pin(struct sc_pkcs15_card *p15card, char *auth_id_str)
|
|||
{
|
||||
struct sc_pkcs15_object *pin_obj = NULL;
|
||||
char pin_label[64];
|
||||
char *pin;
|
||||
char *pin = NULL;
|
||||
int r;
|
||||
|
||||
if (!auth_id_str) {
|
||||
|
@ -2817,7 +2832,7 @@ static int verify_pin(struct sc_pkcs15_card *p15card, char *auth_id_str)
|
|||
}
|
||||
|
||||
if (opt_pins[0] != NULL) {
|
||||
pin = opt_pins[0];
|
||||
pin = (char *) opt_pins[0];
|
||||
}
|
||||
else {
|
||||
sc_ui_hints_t hints;
|
||||
|
@ -2844,5 +2859,8 @@ static int verify_pin(struct sc_pkcs15_card *p15card, char *auth_id_str)
|
|||
if (r < 0)
|
||||
fprintf(stderr, "Operation failed: %s\n", sc_strerror(r));
|
||||
|
||||
if (NULL == opt_pins[0])
|
||||
free(pin);
|
||||
|
||||
return r;
|
||||
}
|
||||
|
|
|
@ -52,9 +52,9 @@ static char * opt_data = NULL;
|
|||
static char * opt_pubkey = NULL;
|
||||
static char * opt_outfile = NULL;
|
||||
static char * opt_bind_to_aid = NULL;
|
||||
static const u8 * opt_newpin = NULL;
|
||||
static const u8 * opt_pin = NULL;
|
||||
static const u8 * opt_puk = NULL;
|
||||
static const char * opt_newpin = NULL;
|
||||
static const char * opt_pin = NULL;
|
||||
static const char * opt_puk = NULL;
|
||||
static int verbose = 0;
|
||||
static int opt_no_prompt = 0;
|
||||
|
||||
|
@ -1116,7 +1116,7 @@ static int verify_pin(void)
|
|||
}
|
||||
|
||||
if (opt_pin != NULL)
|
||||
pin = opt_pin;
|
||||
pin = (unsigned char *) opt_pin;
|
||||
else
|
||||
pin = get_pin("Please enter PIN", pin_obj);
|
||||
|
||||
|
@ -1127,13 +1127,16 @@ static int verify_pin(void)
|
|||
return -1;
|
||||
}
|
||||
|
||||
if (opt_pin == NULL)
|
||||
free(pin);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int authenticate(sc_pkcs15_object_t *obj)
|
||||
{
|
||||
sc_pkcs15_object_t *pin_obj;
|
||||
u8 *pin;
|
||||
u8 *pin = NULL;
|
||||
int r;
|
||||
|
||||
if (obj->auth_id.len == 0)
|
||||
|
@ -1143,11 +1146,16 @@ static int authenticate(sc_pkcs15_object_t *obj)
|
|||
return r;
|
||||
|
||||
if (opt_pin != NULL)
|
||||
pin = opt_pin;
|
||||
pin = (u8 *) opt_pin;
|
||||
else
|
||||
pin = get_pin("Please enter PIN", pin_obj);
|
||||
|
||||
return sc_pkcs15_verify_pin(p15card, pin_obj, pin, pin? strlen((char *) pin) : 0);
|
||||
r = sc_pkcs15_verify_pin(p15card, pin_obj, pin, pin? strlen((char *) pin) : 0);
|
||||
|
||||
if (opt_pin == NULL)
|
||||
free(pin);
|
||||
|
||||
return r;
|
||||
}
|
||||
|
||||
static void print_pin_info(const struct sc_pkcs15_object *obj)
|
||||
|
@ -1307,7 +1315,7 @@ static int unblock_pin(void)
|
|||
if (pinfo->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN)
|
||||
return 1;
|
||||
|
||||
puk = opt_puk;
|
||||
puk = (u8 *) opt_puk;
|
||||
if (puk == NULL) {
|
||||
sc_pkcs15_object_t *puk_obj = NULL;
|
||||
|
||||
|
@ -1338,7 +1346,7 @@ static int unblock_pin(void)
|
|||
printf("PUK value will be prompted with pinpad.\n");
|
||||
|
||||
/* FIXME should OPENSSL_cleanse on pin/puk data */
|
||||
pin = opt_pin ? opt_pin : opt_newpin;
|
||||
pin = opt_pin ? (u8 *) opt_pin : (u8 *) opt_newpin;
|
||||
while (pin == NULL) {
|
||||
u8 *pin2;
|
||||
|
||||
|
@ -1365,7 +1373,12 @@ static int unblock_pin(void)
|
|||
r = sc_pkcs15_unblock_pin(p15card, pin_obj,
|
||||
puk, puk ? strlen((char *) puk) : 0,
|
||||
pin, pin ? strlen((char *) pin) : 0);
|
||||
/* FIXME must free the puk somewhere */
|
||||
|
||||
if (NULL == opt_puk)
|
||||
free(puk);
|
||||
if (NULL == opt_pin && NULL == opt_newpin)
|
||||
free(pin);
|
||||
|
||||
if (r == SC_ERROR_PIN_CODE_INCORRECT) {
|
||||
fprintf(stderr, "PUK code incorrect; tries left: %d\n", pinfo->tries_left);
|
||||
return 3;
|
||||
|
@ -1405,7 +1418,7 @@ static int change_pin(void)
|
|||
}
|
||||
}
|
||||
|
||||
pincode = opt_pin;
|
||||
pincode = (u8 *) opt_pin;
|
||||
if (pincode == NULL) {
|
||||
pincode = get_pin("Enter old PIN", pin_obj);
|
||||
if (!pinpad_present && pincode == NULL)
|
||||
|
@ -1420,7 +1433,7 @@ static int change_pin(void)
|
|||
if (pincode == NULL && verbose)
|
||||
printf("Old PIN value will be prompted with pinpad.\n");
|
||||
|
||||
newpin = opt_newpin;
|
||||
newpin = (u8 *) opt_newpin;
|
||||
while (newpin == NULL) {
|
||||
u8 *newpin2;
|
||||
|
||||
|
@ -1459,7 +1472,12 @@ static int change_pin(void)
|
|||
}
|
||||
if (verbose)
|
||||
printf("PIN code changed successfully.\n");
|
||||
/* FIXME must free the pincode somewhere */
|
||||
|
||||
if (opt_pin == NULL)
|
||||
free(pincode);
|
||||
if (opt_newpin == NULL)
|
||||
free(newpin);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -1890,13 +1908,13 @@ int main(int argc, char * const argv[])
|
|||
opt_reader = optarg;
|
||||
break;
|
||||
case OPT_PIN:
|
||||
util_get_pin(optarg, (const u8 **) &opt_pin);
|
||||
util_get_pin(optarg, &opt_pin);
|
||||
break;
|
||||
case OPT_NEWPIN:
|
||||
util_get_pin(optarg, (const u8 **) &opt_newpin);
|
||||
util_get_pin(optarg, &opt_newpin);
|
||||
break;
|
||||
case OPT_PUK:
|
||||
util_get_pin(optarg, (const u8 **) &opt_puk);
|
||||
util_get_pin(optarg, &opt_puk);
|
||||
break;
|
||||
case 'o':
|
||||
opt_outfile = optarg;
|
||||
|
|
|
@ -664,7 +664,7 @@ static int recreate_password_from_shares(char **pwd, int *pwdlen, int num_of_pas
|
|||
|
||||
|
||||
|
||||
static int import_dkek_share(sc_card_t *card, const char *inf, int iter, char *password, int num_of_password_shares)
|
||||
static int import_dkek_share(sc_card_t *card, const char *inf, int iter, const char *password, int num_of_password_shares)
|
||||
{
|
||||
sc_cardctl_sc_hsm_dkek_t dkekinfo;
|
||||
EVP_CIPHER_CTX ctx;
|
||||
|
@ -712,7 +712,7 @@ static int import_dkek_share(sc_card_t *card, const char *inf, int iter, char *p
|
|||
}
|
||||
|
||||
} else {
|
||||
pwd = password;
|
||||
pwd = (char *) password;
|
||||
pwdlen = strlen(password);
|
||||
}
|
||||
|
||||
|
@ -904,7 +904,7 @@ static int generate_pwd_shares(sc_card_t *card, char **pwd, int *pwdlen, int pas
|
|||
|
||||
|
||||
|
||||
static int create_dkek_share(sc_card_t *card, const char *outf, int iter, char *password, int password_shares_threshold, int password_shares_total)
|
||||
static int create_dkek_share(sc_card_t *card, const char *outf, int iter, const char *password, int password_shares_threshold, int password_shares_total)
|
||||
{
|
||||
EVP_CIPHER_CTX ctx;
|
||||
FILE *out = NULL;
|
||||
|
@ -927,7 +927,7 @@ static int create_dkek_share(sc_card_t *card, const char *outf, int iter, char *
|
|||
}
|
||||
|
||||
} else {
|
||||
pwd = password;
|
||||
pwd = (char *) password;
|
||||
pwdlen = strlen(password);
|
||||
}
|
||||
|
||||
|
@ -1439,7 +1439,7 @@ int main(int argc, char * const argv[])
|
|||
const char *opt_so_pin = NULL;
|
||||
const char *opt_pin = NULL;
|
||||
const char *opt_filename = NULL;
|
||||
char *opt_password = NULL;
|
||||
const char *opt_password = NULL;
|
||||
int opt_retry_counter = 3;
|
||||
int opt_dkek_shares = -1;
|
||||
int opt_key_reference = -1;
|
||||
|
@ -1484,18 +1484,12 @@ int main(int argc, char * const argv[])
|
|||
action_count++;
|
||||
break;
|
||||
case OPT_PASSWORD:
|
||||
free(opt_password);
|
||||
opt_password = NULL;
|
||||
util_get_pin(optarg, &opt_password);
|
||||
break;
|
||||
case OPT_SO_PIN:
|
||||
free(opt_so_pin);
|
||||
opt_so_pin = NULL;
|
||||
util_get_pin(optarg, &opt_so_pin);
|
||||
break;
|
||||
case OPT_PIN:
|
||||
free(opt_pin);
|
||||
opt_pin = NULL;
|
||||
util_get_pin(optarg, &opt_pin);
|
||||
break;
|
||||
case OPT_RETRY:
|
||||
|
|
|
@ -126,7 +126,7 @@ static void print_openssl_error(void)
|
|||
printf("%s\n", ERR_error_string(r, NULL));
|
||||
}
|
||||
|
||||
static int verify_pin(sc_card_t *card, int pin_reference, char *pin_value)
|
||||
static int verify_pin(sc_card_t *card, int pin_reference, const char *pin_value)
|
||||
{
|
||||
int r, tries_left = -1;
|
||||
struct sc_pin_cmd_data data;
|
||||
|
@ -178,8 +178,8 @@ static int verify_pin(sc_card_t *card, int pin_reference, char *pin_value)
|
|||
|
||||
static int change_pin(sc_card_t *card,
|
||||
int pin_reference,
|
||||
char *pin_value1,
|
||||
char *pin_value2)
|
||||
const char *pin_value1,
|
||||
const char *pin_value2)
|
||||
{
|
||||
int r, tries_left = -1;
|
||||
struct sc_pin_cmd_data data;
|
||||
|
@ -236,8 +236,8 @@ static int change_pin(sc_card_t *card,
|
|||
|
||||
static int unlock_pin(sc_card_t *card,
|
||||
int pin_reference,
|
||||
char *puk_value,
|
||||
char *pin_value)
|
||||
const char *puk_value,
|
||||
const char *pin_value)
|
||||
{
|
||||
int r, tries_left = -1;
|
||||
struct sc_pin_cmd_data data;
|
||||
|
|
Loading…
Reference in New Issue