[pkg-opensc-commit] [engine-pkcs11] 121/152: introduce zero_pin() to eliminate copied code
Eric Dorland
eric at moszumanska.debian.org
Mon Oct 19 03:11:24 UTC 2015
This is an automated email from the git hooks/post-receive script.
eric pushed a commit to branch master
in repository engine-pkcs11.
commit d99c01fb5ddfb40822a5d212c09dab081a00124f
Author: Nikos Mavrogiannopoulos <nmav at redhat.com>
Date: Tue Aug 25 16:05:11 2015 +0200
introduce zero_pin() to eliminate copied code
---
src/engine_pkcs11.c | 50 ++++++++++++++++----------------------------------
1 file changed, 16 insertions(+), 34 deletions(-)
diff --git a/src/engine_pkcs11.c b/src/engine_pkcs11.c
index dd3d76e..d4efe74 100644
--- a/src/engine_pkcs11.c
+++ b/src/engine_pkcs11.c
@@ -152,19 +152,24 @@ int set_init_args(const char *init_args_orig)
return 1;
}
-int pkcs11_finish(ENGINE * engine)
+static void zero_pin(void)
{
- if (ctx) {
- PKCS11_CTX_unload(ctx);
- PKCS11_CTX_free(ctx);
- ctx = NULL;
- }
if (pin != NULL) {
OPENSSL_cleanse(pin, pin_length);
free(pin);
pin = NULL;
pin_length = 0;
}
+}
+
+int pkcs11_finish(ENGINE * engine)
+{
+ if (ctx) {
+ PKCS11_CTX_unload(ctx);
+ PKCS11_CTX_free(ctx);
+ ctx = NULL;
+ }
+ zero_pin();
return 1;
}
@@ -190,12 +195,7 @@ int pkcs11_init(ENGINE * engine)
int pkcs11_rsa_finish(RSA * rsa)
{
- if (pin) {
- OPENSSL_cleanse(pin, pin_length);
- free(pin);
- pin = NULL;
- pin_length = 0;
- }
+ zero_pin();
if (module) {
free(module);
module = NULL;
@@ -668,12 +668,7 @@ static X509 *pkcs11_load_cert(ENGINE * e, const char *s_slot_cert_id)
/* Now login in with the (possibly NULL) pin */
if (PKCS11_login(slot, 0, pin)) {
/* Login failed, so free the PIN if present */
- if (pin != NULL) {
- OPENSSL_cleanse(pin, pin_length);
- free(pin);
- pin = NULL;
- pin_length = 0;
- }
+ zero_pin();
fail("Login failed\n");
}
}
@@ -925,12 +920,7 @@ static EVP_PKEY *pkcs11_load_key(ENGINE * e, const char *s_slot_key_id,
if (tok->secureLogin) {
/* Free the PIN if it has already been
assigned (i.e, cached by get_pin) */
- if (pin != NULL) {
- OPENSSL_cleanse(pin, pin_length);
- free(pin);
- pin = NULL;
- pin_length = 0;
- }
+ zero_pin();
} else if (pin == NULL) {
pin = (char *)calloc(MAX_PIN_LENGTH, sizeof(char));
pin_length = MAX_PIN_LENGTH;
@@ -938,10 +928,7 @@ static EVP_PKEY *pkcs11_load_key(ENGINE * e, const char *s_slot_key_id,
fail("Could not allocate memory for PIN");
}
if (!get_pin(ui_method, callback_data) ) {
- OPENSSL_cleanse(pin, pin_length);
- free(pin);
- pin = NULL;
- pin_length = 0;
+ zero_pin();
fail("No pin code was entered");
}
}
@@ -949,12 +936,7 @@ static EVP_PKEY *pkcs11_load_key(ENGINE * e, const char *s_slot_key_id,
/* Now login in with the (possibly NULL) pin */
if (PKCS11_login(slot, 0, pin)) {
/* Login failed, so free the PIN if present */
- if (pin != NULL) {
- OPENSSL_cleanse(pin, pin_length);
- free(pin);
- pin = NULL;
- pin_length = 0;
- }
+ zero_pin();
fail("Login failed\n");
}
/* Login successful, PIN retained in case further logins are
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/engine-pkcs11.git
More information about the pkg-opensc-commit
mailing list