Fixed Potential leak of memory
This commit is contained in:
parent
c2cc83754e
commit
fdb0e6d581
|
@ -479,6 +479,9 @@ int list_insert_at(list_t *simclist_restrict l, const void *data, unsigned int p
|
|||
size_t datalen = l->attrs.meter(data);
|
||||
lent->data = (struct list_entry_s *)malloc(datalen);
|
||||
if (lent->data == NULL) {
|
||||
if (!(l->spareelsnum > 0)) {
|
||||
free(lent);
|
||||
}
|
||||
return -1;
|
||||
}
|
||||
memcpy(lent->data, data, datalen);
|
||||
|
|
|
@ -1775,28 +1775,28 @@ authentic_manage_sdo_encode(struct sc_card *card, struct sc_authentic_sdo *sdo,
|
|||
|
||||
rv = authentic_update_blob(ctx, AUTHENTIC_TAG_DOCP_MECH, &sdo->docp.mech, sizeof(sdo->docp.mech),
|
||||
&data, &data_len);
|
||||
LOG_TEST_RET(ctx, rv, "DOCP MECH encode error");
|
||||
LOG_TEST_GOTO_ERR(ctx, rv, "DOCP MECH encode error");
|
||||
|
||||
rv = authentic_update_blob(ctx, AUTHENTIC_TAG_DOCP_ID, &sdo->docp.id, sizeof(sdo->docp.id),
|
||||
&data, &data_len);
|
||||
LOG_TEST_RET(ctx, rv, "DOCP ID encode error");
|
||||
LOG_TEST_GOTO_ERR(ctx, rv, "DOCP ID encode error");
|
||||
|
||||
if (cmd == SC_CARDCTL_AUTHENTIC_SDO_CREATE) {
|
||||
rv = authentic_update_blob(ctx, AUTHENTIC_TAG_DOCP_ACLS, sdo->docp.acl_data, sdo->docp.acl_data_len,
|
||||
&data, &data_len);
|
||||
LOG_TEST_RET(ctx, rv, "DOCP ACLs encode error");
|
||||
LOG_TEST_GOTO_ERR(ctx, rv, "DOCP ACLs encode error");
|
||||
|
||||
if (sdo->docp.security_parameter) {
|
||||
rv = authentic_update_blob(ctx, AUTHENTIC_TAG_DOCP_SCP,
|
||||
&sdo->docp.security_parameter, sizeof(sdo->docp.security_parameter),
|
||||
&data, &data_len);
|
||||
LOG_TEST_RET(ctx, rv, "DOCP ACLs encode error");
|
||||
LOG_TEST_GOTO_ERR(ctx, rv, "DOCP ACLs encode error");
|
||||
}
|
||||
if (sdo->docp.usage_counter[0] || sdo->docp.usage_counter[1]) {
|
||||
rv = authentic_update_blob(ctx, AUTHENTIC_TAG_DOCP_USAGE_COUNTER,
|
||||
sdo->docp.usage_counter, sizeof(sdo->docp.usage_counter),
|
||||
&data, &data_len);
|
||||
LOG_TEST_RET(ctx, rv, "DOCP ACLs encode error");
|
||||
LOG_TEST_GOTO_ERR(ctx, rv, "DOCP ACLs encode error");
|
||||
}
|
||||
}
|
||||
else if (cmd == SC_CARDCTL_AUTHENTIC_SDO_STORE) {
|
||||
|
@ -1806,10 +1806,10 @@ authentic_manage_sdo_encode(struct sc_card *card, struct sc_authentic_sdo *sdo,
|
|||
|| sdo->docp.mech == AUTHENTIC_MECH_CRYPTO_RSA1792
|
||||
|| sdo->docp.mech == AUTHENTIC_MECH_CRYPTO_RSA2048) {
|
||||
rv = authentic_manage_sdo_encode_prvkey(card, sdo->data.prvkey, &data, &data_len);
|
||||
LOG_TEST_RET(ctx, rv, "SDO RSA encode error");
|
||||
LOG_TEST_GOTO_ERR(ctx, rv, "SDO RSA encode error");
|
||||
}
|
||||
else {
|
||||
LOG_TEST_RET(ctx, SC_ERROR_NOT_SUPPORTED, "Cryptographic object unsupported for encoding");
|
||||
LOG_TEST_GOTO_ERR(ctx, SC_ERROR_NOT_SUPPORTED, "Cryptographic object unsupported for encoding");
|
||||
}
|
||||
}
|
||||
else if (cmd == SC_CARDCTL_AUTHENTIC_SDO_GENERATE) {
|
||||
|
@ -1817,21 +1817,23 @@ authentic_manage_sdo_encode(struct sc_card *card, struct sc_authentic_sdo *sdo,
|
|||
rv = authentic_update_blob(ctx, AUTHENTIC_TAG_RSA_PUBLIC_EXPONENT,
|
||||
sdo->data.prvkey->u.rsa.exponent.data, sdo->data.prvkey->u.rsa.exponent.len,
|
||||
&data, &data_len);
|
||||
LOG_TEST_RET(ctx, rv, "SDO RSA Exponent encode error");
|
||||
LOG_TEST_GOTO_ERR(ctx, rv, "SDO RSA Exponent encode error");
|
||||
}
|
||||
|
||||
data_tag = AUTHENTIC_TAG_RSA_GENERATE_DATA;
|
||||
}
|
||||
else if (cmd != SC_CARDCTL_AUTHENTIC_SDO_DELETE) {
|
||||
LOG_TEST_RET(ctx, SC_ERROR_INVALID_DATA, "Invalid SDO operation");
|
||||
LOG_TEST_GOTO_ERR(ctx, SC_ERROR_INVALID_DATA, "Invalid SDO operation");
|
||||
}
|
||||
|
||||
rv = authentic_update_blob(ctx, data_tag, data, data_len, out, out_len);
|
||||
LOG_TEST_RET(ctx, rv, "SDO DOCP encode error");
|
||||
|
||||
free(data);
|
||||
LOG_TEST_GOTO_ERR(ctx, rv, "SDO DOCP encode error");
|
||||
|
||||
sc_log_hex(ctx, "encoded SDO operation data", *out, *out_len);
|
||||
|
||||
err:
|
||||
free(data);
|
||||
|
||||
LOG_FUNC_RETURN(ctx, rv);
|
||||
}
|
||||
|
||||
|
|
|
@ -1007,7 +1007,7 @@ static int dnie_fill_cache(sc_card_t * card)
|
|||
size_t count = 0;
|
||||
size_t len = 0;
|
||||
u8 *buffer = NULL;
|
||||
u8 *pt = NULL;
|
||||
u8 *pt = NULL, *p;
|
||||
sc_context_t *ctx = NULL;
|
||||
|
||||
if (!card || !card->ctx)
|
||||
|
@ -1056,19 +1056,22 @@ static int dnie_fill_cache(sc_card_t * card)
|
|||
}
|
||||
if (r == SC_ERROR_INCORRECT_PARAMETERS)
|
||||
goto read_done;
|
||||
free(buffer);
|
||||
if (apdu.resp != tmp)
|
||||
free(apdu.resp);
|
||||
LOG_FUNC_RETURN(ctx, r); /* arriving here means response error */
|
||||
}
|
||||
/* copy received data into buffer. realloc() if not enough space */
|
||||
count = apdu.resplen;
|
||||
buffer = realloc(buffer, len + count);
|
||||
if (!buffer) {
|
||||
p = realloc(buffer, len + count);
|
||||
if (!p) {
|
||||
free(buffer);
|
||||
free((void *)apdu.data);
|
||||
if (apdu.resp != tmp)
|
||||
free(apdu.resp);
|
||||
LOG_FUNC_RETURN(ctx, SC_ERROR_OUT_OF_MEMORY);
|
||||
}
|
||||
buffer = p;
|
||||
memcpy(buffer + len, apdu.resp, count);
|
||||
if (apdu.resp != tmp) {
|
||||
free(apdu.resp);
|
||||
|
|
|
@ -3406,12 +3406,13 @@ iasecc_read_public_key(struct sc_card *card, unsigned type,
|
|||
|
||||
sc_log(ctx, "read public kay(ref:%i;size:%i)", ref, size);
|
||||
|
||||
memset(&bn, 0, sizeof bn);
|
||||
memset(&sdo, 0, sizeof(sdo));
|
||||
sdo.sdo_class = IASECC_SDO_CLASS_RSA_PUBLIC;
|
||||
sdo.sdo_ref = ref & ~IASECC_OBJECT_REF_LOCAL;
|
||||
|
||||
rv = iasecc_sdo_get_data(card, &sdo);
|
||||
LOG_TEST_RET(ctx, rv, "failed to read public key: cannot get RSA SDO data");
|
||||
LOG_TEST_GOTO_ERR(ctx, rv, "failed to read public key: cannot get RSA SDO data");
|
||||
|
||||
if (out)
|
||||
*out = NULL;
|
||||
|
@ -3420,13 +3421,13 @@ iasecc_read_public_key(struct sc_card *card, unsigned type,
|
|||
|
||||
bn[0].data = (unsigned char *) malloc(sdo.data.pub_key.n.size);
|
||||
if (!bn[0].data)
|
||||
LOG_TEST_RET(ctx, SC_ERROR_OUT_OF_MEMORY, "failed to read public key: cannot allocate modulus");
|
||||
LOG_TEST_GOTO_ERR(ctx, SC_ERROR_OUT_OF_MEMORY, "failed to read public key: cannot allocate modulus");
|
||||
bn[0].len = sdo.data.pub_key.n.size;
|
||||
memcpy(bn[0].data, sdo.data.pub_key.n.value, sdo.data.pub_key.n.size);
|
||||
|
||||
bn[1].data = (unsigned char *) malloc(sdo.data.pub_key.e.size);
|
||||
if (!bn[1].data)
|
||||
LOG_TEST_RET(ctx, SC_ERROR_OUT_OF_MEMORY, "failed to read public key: cannot allocate exponent");
|
||||
LOG_TEST_GOTO_ERR(ctx, SC_ERROR_OUT_OF_MEMORY, "failed to read public key: cannot allocate exponent");
|
||||
bn[1].len = sdo.data.pub_key.e.size;
|
||||
memcpy(bn[1].data, sdo.data.pub_key.e.value, sdo.data.pub_key.e.size);
|
||||
|
||||
|
@ -3434,11 +3435,12 @@ iasecc_read_public_key(struct sc_card *card, unsigned type,
|
|||
rsa_key.exponent = bn[1];
|
||||
|
||||
rv = sc_pkcs15_encode_pubkey_rsa(ctx, &rsa_key, out, out_len);
|
||||
LOG_TEST_RET(ctx, rv, "failed to read public key: cannot encode RSA public key");
|
||||
LOG_TEST_GOTO_ERR(ctx, rv, "failed to read public key: cannot encode RSA public key");
|
||||
|
||||
if (out && out_len)
|
||||
sc_log(ctx, "encoded public key: %s", sc_dump_hex(*out, *out_len));
|
||||
|
||||
err:
|
||||
if (bn[0].data)
|
||||
free(bn[0].data);
|
||||
if (bn[1].data)
|
||||
|
|
|
@ -558,8 +558,10 @@ iasecc_parse_keyset(struct sc_card *card, unsigned char *data, size_t data_len,
|
|||
|
||||
if (tlv.tag == IASECC_SDO_KEYSET_TAG_COMPULSORY)
|
||||
keyset->compulsory = tlv;
|
||||
else
|
||||
else {
|
||||
free(tlv.value);
|
||||
LOG_TEST_RET(ctx, SC_ERROR_UNKNOWN_DATA_RECEIVED, "parse error: non KeySet SDO tag");
|
||||
}
|
||||
|
||||
offs += rv;
|
||||
}
|
||||
|
@ -668,43 +670,48 @@ iasecc_sdo_parse_data(struct sc_card *card, unsigned char *data, struct iasecc_s
|
|||
sdo->docp.tries_remaining = tlv;
|
||||
}
|
||||
else if (tlv.tag == IASECC_SDO_CHV_TAG) {
|
||||
if (sdo->sdo_class != IASECC_SDO_CLASS_CHV)
|
||||
if (sdo->sdo_class != IASECC_SDO_CLASS_CHV) {
|
||||
free(tlv.value);
|
||||
LOG_TEST_RET(ctx, SC_ERROR_INVALID_DATA, "parse error: IASECC_SDO_CHV_TAG tag in non User CHV SDO");
|
||||
}
|
||||
|
||||
rv = iasecc_parse_chv(card, tlv.value, tlv.size, &sdo->data.chv);
|
||||
LOG_TEST_RET(ctx, rv, "parse error: cannot parse SDO CHV data");
|
||||
|
||||
free(tlv.value);
|
||||
LOG_TEST_RET(ctx, rv, "parse error: cannot parse SDO CHV data");
|
||||
}
|
||||
else if (tlv.tag == IASECC_SDO_PUBKEY_TAG) {
|
||||
if (sdo->sdo_class != IASECC_SDO_CLASS_RSA_PUBLIC)
|
||||
if (sdo->sdo_class != IASECC_SDO_CLASS_RSA_PUBLIC) {
|
||||
free(tlv.value);
|
||||
LOG_TEST_RET(ctx, SC_ERROR_INVALID_DATA, "parse error: SDO_PUBLIC_KEY tag in non PUBLIC_KEY SDO");
|
||||
}
|
||||
|
||||
rv = iasecc_parse_pubkey(card, tlv.value, tlv.size, &sdo->data.pub_key);
|
||||
LOG_TEST_RET(ctx, rv, "parse error: cannot parse SDO PUBLIC KEY data");
|
||||
|
||||
free(tlv.value);
|
||||
LOG_TEST_RET(ctx, rv, "parse error: cannot parse SDO PUBLIC KEY data");
|
||||
}
|
||||
else if (tlv.tag == IASECC_SDO_PRVKEY_TAG) {
|
||||
if (sdo->sdo_class != IASECC_SDO_CLASS_RSA_PRIVATE)
|
||||
if (sdo->sdo_class != IASECC_SDO_CLASS_RSA_PRIVATE) {
|
||||
free(tlv.value);
|
||||
LOG_TEST_RET(ctx, SC_ERROR_INVALID_DATA, "parse error: SDO_PRIVATE_KEY tag in non PRIVATE_KEY SDO");
|
||||
}
|
||||
|
||||
rv = iasecc_parse_prvkey(card, tlv.value, tlv.size, &sdo->data.prv_key);
|
||||
LOG_TEST_RET(ctx, rv, "parse error: cannot parse SDO PRIVATE KEY data");
|
||||
|
||||
free(tlv.value);
|
||||
LOG_TEST_RET(ctx, rv, "parse error: cannot parse SDO PRIVATE KEY data");
|
||||
}
|
||||
else if (tlv.tag == IASECC_SDO_KEYSET_TAG) {
|
||||
if (sdo->sdo_class != IASECC_SDO_CLASS_KEYSET)
|
||||
if (sdo->sdo_class != IASECC_SDO_CLASS_KEYSET) {
|
||||
free(tlv.value);
|
||||
LOG_TEST_RET(ctx, SC_ERROR_INVALID_DATA, "parse error: SDO_KEYSET tag in non KEYSET SDO");
|
||||
}
|
||||
|
||||
rv = iasecc_parse_keyset(card, tlv.value, tlv.size, &sdo->data.keyset);
|
||||
LOG_TEST_RET(ctx, rv, "parse error: cannot parse SDO KEYSET data");
|
||||
|
||||
free(tlv.value);
|
||||
LOG_TEST_RET(ctx, rv, "parse error: cannot parse SDO KEYSET data");
|
||||
}
|
||||
else {
|
||||
sc_log(ctx, "iasecc_sdo_parse_data() non supported tag 0x%X", tlv.tag);
|
||||
free(tlv.value);
|
||||
LOG_FUNC_RETURN(ctx, SC_ERROR_NOT_SUPPORTED);
|
||||
}
|
||||
|
||||
|
@ -878,7 +885,7 @@ static int
|
|||
iasecc_encode_docp(struct sc_context *ctx, struct iasecc_sdo_docp *docp, unsigned char **out, size_t *out_len)
|
||||
{
|
||||
struct iasecc_extended_tlv tlv, tlv_st;
|
||||
unsigned char *st_blob, *tmp_blob, *docp_blob;
|
||||
unsigned char *st_blob = NULL, *tmp_blob = NULL, *docp_blob = NULL;
|
||||
size_t blob_size;
|
||||
int rv;
|
||||
|
||||
|
@ -889,63 +896,64 @@ iasecc_encode_docp(struct sc_context *ctx, struct iasecc_sdo_docp *docp, unsigne
|
|||
memset(&tlv, 0, sizeof(tlv));
|
||||
memset(&tlv_st, 0, sizeof(tlv_st));
|
||||
|
||||
st_blob = NULL;
|
||||
blob_size = 0;
|
||||
rv = iasecc_update_blob(ctx, &docp->acls_contact, &st_blob, &blob_size);
|
||||
LOG_TEST_RET(ctx, rv, "ECC: cannot add contact ACLs to blob");
|
||||
LOG_TEST_GOTO_ERR(ctx, rv, "ECC: cannot add contact ACLs to blob");
|
||||
|
||||
rv = iasecc_update_blob(ctx, &docp->acls_contactless, &st_blob, &blob_size);
|
||||
LOG_TEST_RET(ctx, rv, "ECC: cannot add contactless ACLs to blob");
|
||||
LOG_TEST_GOTO_ERR(ctx, rv, "ECC: cannot add contactless ACLs to blob");
|
||||
|
||||
tlv.tag = IASECC_DOCP_TAG_ACLS;
|
||||
tlv.size = blob_size;
|
||||
tlv.value = st_blob;
|
||||
|
||||
tmp_blob = NULL;
|
||||
blob_size = 0;
|
||||
rv = iasecc_update_blob(ctx, &tlv, &tmp_blob, &blob_size);
|
||||
LOG_TEST_RET(ctx, rv, "ECC: cannot add ACLs template to blob");
|
||||
LOG_TEST_GOTO_ERR(ctx, rv, "ECC: cannot add ACLs template to blob");
|
||||
|
||||
rv = iasecc_update_blob(ctx, &docp->name, &tmp_blob, &blob_size);
|
||||
LOG_TEST_RET(ctx, rv, "ECC: cannot add NAME to blob");
|
||||
LOG_TEST_GOTO_ERR(ctx, rv, "ECC: cannot add NAME to blob");
|
||||
|
||||
rv = iasecc_update_blob(ctx, &docp->tries_maximum, &tmp_blob, &blob_size);
|
||||
LOG_TEST_RET(ctx, rv, "ECC: cannot add TRIES MAXIMUM to blob");
|
||||
LOG_TEST_GOTO_ERR(ctx, rv, "ECC: cannot add TRIES MAXIMUM to blob");
|
||||
|
||||
rv = iasecc_update_blob(ctx, &docp->tries_remaining, &tmp_blob, &blob_size);
|
||||
LOG_TEST_RET(ctx, rv, "ECC: cannot add TRIES REMAINING to blob");
|
||||
LOG_TEST_GOTO_ERR(ctx, rv, "ECC: cannot add TRIES REMAINING to blob");
|
||||
|
||||
rv = iasecc_update_blob(ctx, &docp->usage_maximum, &tmp_blob, &blob_size);
|
||||
LOG_TEST_RET(ctx, rv, "ECC: cannot add USAGE MAXIMUM to blob");
|
||||
LOG_TEST_GOTO_ERR(ctx, rv, "ECC: cannot add USAGE MAXIMUM to blob");
|
||||
|
||||
rv = iasecc_update_blob(ctx, &docp->usage_remaining, &tmp_blob, &blob_size);
|
||||
LOG_TEST_RET(ctx, rv, "ECC: cannot add USAGE REMAINING to blob");
|
||||
LOG_TEST_GOTO_ERR(ctx, rv, "ECC: cannot add USAGE REMAINING to blob");
|
||||
|
||||
rv = iasecc_update_blob(ctx, &docp->non_repudiation, &tmp_blob, &blob_size);
|
||||
LOG_TEST_RET(ctx, rv, "ECC: cannot add NON REPUDIATION to blob");
|
||||
LOG_TEST_GOTO_ERR(ctx, rv, "ECC: cannot add NON REPUDIATION to blob");
|
||||
|
||||
rv = iasecc_update_blob(ctx, &docp->size, &tmp_blob, &blob_size);
|
||||
LOG_TEST_RET(ctx, rv, "ECC: cannot add SIZE to blob");
|
||||
LOG_TEST_GOTO_ERR(ctx, rv, "ECC: cannot add SIZE to blob");
|
||||
|
||||
rv = iasecc_update_blob(ctx, &docp->issuer_data, &tmp_blob, &blob_size);
|
||||
LOG_TEST_RET(ctx, rv, "ECC: cannot add IDATA to blob");
|
||||
LOG_TEST_GOTO_ERR(ctx, rv, "ECC: cannot add IDATA to blob");
|
||||
|
||||
tlv.tag = IASECC_DOCP_TAG;
|
||||
tlv.size = blob_size;
|
||||
tlv.value = tmp_blob;
|
||||
|
||||
docp_blob = NULL;
|
||||
blob_size = 0;
|
||||
rv = iasecc_update_blob(ctx, &tlv, &docp_blob, &blob_size);
|
||||
LOG_TEST_RET(ctx, rv, "ECC: cannot add ACLs to blob");
|
||||
|
||||
free(tmp_blob);
|
||||
LOG_TEST_GOTO_ERR(ctx, rv, "ECC: cannot add ACLs to blob");
|
||||
|
||||
if (out && out_len) {
|
||||
*out = docp_blob;
|
||||
*out_len = blob_size;
|
||||
docp_blob = NULL;
|
||||
}
|
||||
|
||||
err:
|
||||
free(docp_blob);
|
||||
free(tmp_blob);
|
||||
free(st_blob);
|
||||
|
||||
LOG_FUNC_RETURN(ctx, SC_SUCCESS);
|
||||
}
|
||||
|
||||
|
|
|
@ -233,9 +233,11 @@ static int sc_pkcs15emu_actalis_init(sc_pkcs15_card_t * p15card)
|
|||
|
||||
sc_read_binary(card, 4, compCert, compLen, 0);
|
||||
|
||||
if (uncompress(cert, &len,
|
||||
compCert, compLen) != Z_OK)
|
||||
if (uncompress(cert, &len, compCert, compLen) != Z_OK) {
|
||||
free(cert);
|
||||
free(compCert);
|
||||
return SC_ERROR_INTERNAL;
|
||||
}
|
||||
cpath.index = 0;
|
||||
cpath.count = len;
|
||||
|
||||
|
@ -251,6 +253,9 @@ static int sc_pkcs15emu_actalis_init(sc_pkcs15_card_t * p15card)
|
|||
j++;
|
||||
cert_obj.flags = SC_PKCS15_CO_FLAG_MODIFIABLE;
|
||||
sc_pkcs15emu_add_x509_cert(p15card, &cert_obj, &cert_info);
|
||||
|
||||
free(cert);
|
||||
free(compCert);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
|
|
@ -2348,9 +2348,10 @@ pkcs15_create_secret_key(struct sc_pkcs11_slot *slot, struct sc_profile *profile
|
|||
break;
|
||||
case CKA_VALUE:
|
||||
if (attr->pValue) {
|
||||
free(args.key.data);
|
||||
args.key.data = calloc(1,attr->ulValueLen);
|
||||
if (!args.key.data)
|
||||
return CKR_HOST_MEMORY;
|
||||
return CKR_HOST_MEMORY;
|
||||
memcpy(args.key.data, attr->pValue, attr->ulValueLen);
|
||||
args.key.data_len = attr->ulValueLen;
|
||||
}
|
||||
|
|
|
@ -1569,28 +1569,26 @@ awp_update_df_create_data(struct sc_pkcs15_card *p15card, struct sc_profile *pro
|
|||
int rv;
|
||||
|
||||
LOG_FUNC_CALLED(ctx);
|
||||
memset(&idata, 0, sizeof(idata));
|
||||
|
||||
der = obj->content;
|
||||
path = ((struct sc_pkcs15_data_info *)obj->data)->path;
|
||||
obj_id = (path.value[path.len-1] & 0xFF) + (path.value[path.len-2] & 0xFF) * 0x100;
|
||||
|
||||
rv = awp_new_file(p15card, profile, obj_type, obj_id & 0xFF, &info_file, &obj_file);
|
||||
LOG_TEST_RET(ctx, rv, "COSM new file error");
|
||||
LOG_TEST_GOTO_ERR(ctx, rv, "COSM new file error");
|
||||
|
||||
memset(&idata, 0, sizeof(idata));
|
||||
sc_log(ctx,
|
||||
"Data Der(%p,%"SC_FORMAT_LEN_SIZE_T"u)", der.value, der.len);
|
||||
rv = awp_encode_data_info(p15card, obj, &idata);
|
||||
LOG_TEST_RET(ctx, rv, "'Create Data' update DF failed: cannot encode info");
|
||||
LOG_TEST_GOTO_ERR(ctx, rv, "'Create Data' update DF failed: cannot encode info");
|
||||
|
||||
rv = awp_set_data_info(p15card, profile, info_file, &idata);
|
||||
LOG_TEST_RET(ctx, rv, "'Create Data' update DF failed: cannot set info");
|
||||
LOG_TEST_GOTO_ERR(ctx, rv, "'Create Data' update DF failed: cannot set info");
|
||||
|
||||
rv = awp_update_object_list(p15card, profile, obj_type, obj_id & 0xFF);
|
||||
LOG_TEST_RET(ctx, rv, "'Create Data' update DF failed: cannot update list");
|
||||
LOG_TEST_GOTO_ERR(ctx, rv, "'Create Data' update DF failed: cannot update list");
|
||||
|
||||
err:
|
||||
awp_free_data_info(&idata);
|
||||
|
||||
sc_file_free(info_file);
|
||||
sc_file_free(obj_file);
|
||||
|
||||
|
|
|
@ -99,9 +99,7 @@ static scconf_item *scconf_item_add_internal(scconf_parser * parser, int type)
|
|||
/* if item with same key already exists, use it */
|
||||
item = scconf_item_find(parser);
|
||||
if (item) {
|
||||
if (parser->key) {
|
||||
free(parser->key);
|
||||
}
|
||||
free(parser->key);
|
||||
parser->key = NULL;
|
||||
parser->current_item = item;
|
||||
return item;
|
||||
|
@ -147,8 +145,7 @@ scconf_item *scconf_item_add(scconf_context * config, scconf_block * block, scco
|
|||
scconf_block_copy((const scconf_block *) data, &dst);
|
||||
scconf_list_copy(dst->name, &parser.name);
|
||||
}
|
||||
scconf_item_add_internal(&parser, type);
|
||||
if (parser.current_item) {
|
||||
if (scconf_item_add_internal(&parser, type)) {
|
||||
switch (parser.current_item->type) {
|
||||
case SCCONF_ITEM_TYPE_COMMENT:
|
||||
parser.current_item->value.comment = strdup((const char *) data);
|
||||
|
@ -167,6 +164,7 @@ scconf_item *scconf_item_add(scconf_context * config, scconf_block * block, scco
|
|||
} else {
|
||||
/* FIXME is it an error if item is NULL? */
|
||||
free(parser.key);
|
||||
parser.key = NULL;
|
||||
}
|
||||
return parser.current_item;
|
||||
}
|
||||
|
|
|
@ -1092,6 +1092,7 @@ do_store_private_key(struct sc_profile *profile)
|
|||
for (i = 0; i < ncerts && r >= 0; i++) {
|
||||
struct sc_pkcs15init_certargs cargs;
|
||||
char namebuf[SC_PKCS15_MAX_LABEL_SIZE-1];
|
||||
int cargs_label_needs_free = 0;
|
||||
|
||||
if (i && opt_ignore_ca_certs)
|
||||
break;
|
||||
|
@ -1108,14 +1109,20 @@ do_store_private_key(struct sc_profile *profile)
|
|||
cargs.label = cert_common_name(cert[i]);
|
||||
if (!cargs.label)
|
||||
cargs.label = X509_NAME_oneline(X509_get_subject_name(cert[i]), namebuf, sizeof(namebuf));
|
||||
else
|
||||
cargs_label_needs_free = 1;
|
||||
|
||||
/* Just the first certificate gets the same ID
|
||||
* as the private key. All others get
|
||||
* an ID of their own */
|
||||
if (i == 0) {
|
||||
cargs.id = args.id;
|
||||
if (opt_cert_label != 0)
|
||||
if (opt_cert_label != 0) {
|
||||
if (cargs_label_needs_free)
|
||||
free((char *) cargs.label);
|
||||
cargs.label = opt_cert_label;
|
||||
cargs_label_needs_free = 0;
|
||||
}
|
||||
} else {
|
||||
if (is_cacert_already_present(&cargs)) {
|
||||
printf("Certificate #%d already present, not stored.\n", i);
|
||||
|
@ -1128,6 +1135,8 @@ do_store_private_key(struct sc_profile *profile)
|
|||
|
||||
r = sc_pkcs15init_store_certificate(g_p15card, profile, &cargs, NULL);
|
||||
next_cert:
|
||||
if (cargs_label_needs_free)
|
||||
free((char *) cargs.label);
|
||||
free(cargs.der_encoded.value);
|
||||
}
|
||||
|
||||
|
@ -1242,18 +1251,23 @@ do_store_secret_key(struct sc_profile *profile)
|
|||
}
|
||||
|
||||
r = do_read_data_object(opt_infile, &args.key.data, &args.key.data_len, (keybits+7) / 8);
|
||||
if (r < 0)
|
||||
if (r < 0) {
|
||||
free(args.key.data);
|
||||
return r;
|
||||
}
|
||||
|
||||
args.algorithm = algorithm;
|
||||
args.value_len = keybits;
|
||||
args.access_flags |= SC_PKCS15_PRKEY_ACCESS_SENSITIVE;
|
||||
|
||||
r = sc_lock(g_p15card->card);
|
||||
if (r < 0)
|
||||
if (r < 0) {
|
||||
free(args.key.data);
|
||||
return r;
|
||||
}
|
||||
r = sc_pkcs15init_store_secret_key(g_p15card, profile, &args, NULL);
|
||||
sc_unlock(g_p15card->card);
|
||||
free(args.key.data);
|
||||
return r;
|
||||
}
|
||||
|
||||
|
@ -1455,8 +1469,7 @@ do_store_data_object(struct sc_profile *profile)
|
|||
sc_unlock(g_p15card->card);
|
||||
}
|
||||
|
||||
if (data)
|
||||
free(data);
|
||||
free(data);
|
||||
return r;
|
||||
}
|
||||
|
||||
|
@ -2485,17 +2498,17 @@ do_read_data_object(const char *name, u8 **out, size_t *outlen, size_t expected)
|
|||
inf = fopen(name, "rb");
|
||||
if (inf == NULL) {
|
||||
fprintf(stderr, "Unable to open '%s' for reading.\n", name);
|
||||
return -1;
|
||||
return SC_ERROR_FILE_NOT_FOUND;
|
||||
}
|
||||
c = fread(*out, 1, filesize, inf);
|
||||
fclose(inf);
|
||||
if (c < 0) {
|
||||
perror("read");
|
||||
return -1;
|
||||
return SC_ERROR_FILE_NOT_FOUND;
|
||||
}
|
||||
|
||||
*outlen = filesize;
|
||||
return 0;
|
||||
return SC_SUCCESS;
|
||||
}
|
||||
|
||||
static char *
|
||||
|
@ -3161,25 +3174,25 @@ static int verify_pin(struct sc_pkcs15_card *p15card, char *auth_id_str)
|
|||
pin = (char *) opt_pins[0];
|
||||
}
|
||||
else {
|
||||
sc_ui_hints_t hints;
|
||||
sc_ui_hints_t hints;
|
||||
|
||||
if (opt_use_pinpad)
|
||||
if (opt_use_pinpad)
|
||||
return SC_ERROR_OBJECT_NOT_FOUND;
|
||||
|
||||
if (pin_obj->label[0])
|
||||
snprintf(pin_label, sizeof(pin_label), "User PIN [%.*s]",
|
||||
(int) sizeof pin_obj->label, pin_obj->label);
|
||||
(int) sizeof pin_obj->label, pin_obj->label);
|
||||
else
|
||||
snprintf(pin_label, sizeof(pin_label), "User PIN");
|
||||
memset(&hints, 0, sizeof(hints));
|
||||
hints.dialog_name = "pkcs15init.get_pin";
|
||||
hints.prompt = "User PIN required";
|
||||
hints.obj_label = pin_label;
|
||||
hints.usage = SC_UI_USAGE_OTHER;
|
||||
hints.card = g_card;
|
||||
hints.p15card = p15card;
|
||||
memset(&hints, 0, sizeof(hints));
|
||||
hints.dialog_name = "pkcs15init.get_pin";
|
||||
hints.prompt = "User PIN required";
|
||||
hints.obj_label = pin_label;
|
||||
hints.usage = SC_UI_USAGE_OTHER;
|
||||
hints.card = g_card;
|
||||
hints.p15card = p15card;
|
||||
|
||||
get_pin(&hints, &pin);
|
||||
get_pin(&hints, &pin);
|
||||
}
|
||||
|
||||
r = sc_pkcs15_verify_pin(p15card, pin_obj, (unsigned char *)pin, pin ? strlen((char *) pin) : 0);
|
||||
|
|
|
@ -1110,7 +1110,13 @@ static int generate_pwd_shares(sc_card_t *card, char **pwd, int *pwdlen, int pas
|
|||
// Allocate data buffer for the generated shares
|
||||
shares = malloc(password_shares_total * sizeof(secret_share_t));
|
||||
|
||||
createShares(secret, password_shares_threshold, password_shares_total, prime, shares);
|
||||
if (!shares || 0 > createShares(secret, password_shares_threshold, password_shares_total, prime, shares)) {
|
||||
printf("Error generating Shares. Please try again.");
|
||||
OPENSSL_cleanse(*pwd, *pwdlen);
|
||||
free(*pwd);
|
||||
free(shares);
|
||||
return -1;
|
||||
}
|
||||
|
||||
sp = shares;
|
||||
for (i = 0; i < password_shares_total; i++) {
|
||||
|
|
Loading…
Reference in New Issue