[Cryptech-Commits] [sw/libhal] branch ksng updated: Plug pkey handle leak.
git at cryptech.is
git at cryptech.is
Sat Sep 3 06:24:35 UTC 2016
This is an automated email from the git hooks/post-receive script.
sra at hactrn.net pushed a commit to branch ksng
in repository sw/libhal.
The following commit(s) were added to refs/heads/ksng by this push:
new 1e1604b Plug pkey handle leak.
1e1604b is described below
commit 1e1604b3bd25c3214b95a4a3280e9041a86a55a2
Author: Rob Austein <sra at hactrn.net>
AuthorDate: Sat Sep 3 02:20:49 2016 -0400
Plug pkey handle leak.
New keystore code requires slightly different cleanup to avoid leaking
pkey handle table slots. Pricetag for reducing the amount of data
duplicated between pkey and keystore layers.
---
rpc_pkey.c | 24 ++++++++++++++++++------
1 file changed, 18 insertions(+), 6 deletions(-)
diff --git a/rpc_pkey.c b/rpc_pkey.c
index 265076c..069a73b 100644
--- a/rpc_pkey.c
+++ b/rpc_pkey.c
@@ -203,8 +203,10 @@ static hal_error_t pkey_local_load(const hal_client_handle_t client,
else if (ks != NULL)
(void) hal_ks_close(ks);
- if (err != HAL_OK)
+ if (err != HAL_OK) {
+ slot->type = HAL_KEY_TYPE_NONE;
return err;
+ }
*pkey = slot->pkey_handle;
*name = slot->name;
@@ -242,8 +244,10 @@ static hal_error_t pkey_local_find(const hal_client_handle_t client,
else if (ks != NULL)
(void) hal_ks_close(ks);
- if (err != HAL_OK)
+ if (err != HAL_OK) {
+ slot->type = HAL_KEY_TYPE_NONE;
return err;
+ }
*pkey = slot->pkey_handle;
return HAL_OK;
@@ -282,8 +286,10 @@ static hal_error_t pkey_local_generate_rsa(const hal_client_handle_t client,
slot->flags = flags;
if ((err = hal_rsa_key_gen(NULL, &key, keybuf, sizeof(keybuf), key_length / 8,
- public_exponent, public_exponent_len)) != HAL_OK)
+ public_exponent, public_exponent_len)) != HAL_OK) {
+ slot->type = HAL_KEY_TYPE_NONE;
return err;
+ }
uint8_t der[hal_rsa_private_key_to_der_len(key)];
size_t der_len;
@@ -298,8 +304,10 @@ static hal_error_t pkey_local_generate_rsa(const hal_client_handle_t client,
memset(keybuf, 0, sizeof(keybuf));
memset(der, 0, sizeof(der));
- if (err != HAL_OK)
+ if (err != HAL_OK) {
+ slot->type = HAL_KEY_TYPE_NONE;
return err;
+ }
*pkey = slot->pkey_handle;
*name = slot->name;
@@ -338,8 +346,10 @@ static hal_error_t pkey_local_generate_ec(const hal_client_handle_t client,
slot->curve = curve;
slot->flags = flags;
- if ((err = hal_ecdsa_key_gen(NULL, &key, keybuf, sizeof(keybuf), curve)) != HAL_OK)
+ if ((err = hal_ecdsa_key_gen(NULL, &key, keybuf, sizeof(keybuf), curve)) != HAL_OK) {
+ slot->type = HAL_KEY_TYPE_NONE;
return err;
+ }
uint8_t der[hal_ecdsa_private_key_to_der_len(key)];
size_t der_len;
@@ -354,8 +364,10 @@ static hal_error_t pkey_local_generate_ec(const hal_client_handle_t client,
memset(keybuf, 0, sizeof(keybuf));
memset(der, 0, sizeof(der));
- if (err != HAL_OK)
+ if (err != HAL_OK) {
+ slot->type = HAL_KEY_TYPE_NONE;
return err;
+ }
*pkey = slot->pkey_handle;
*name = slot->name;
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Commits
mailing list