forked from pool/openCryptoki
f41ca9bf97
- Added patch for compile errors * ocki-3.19.0-0035-Fix-compile-error-error-initializer-element-is-not-c.patch - Changed spec file to use %autosetup instead of %setup. - Updated the package openCryptoki 3.19.0 (jsc#PED-616, bsc#1207760), added the following patches: * ocki-3.19.0-0001-EP11-Unify-key-pair-generation-functions.patch * ocki-3.19.0-0002-EP11-Do-not-report-DSA-DH-parameter-generation-as-be.patch * ocki-3.19.0-0003-EP11-Do-not-pass-empty-CKA_PUBLIC_KEY_INFO-to-EP11-h.patch * ocki-3.19.0-0004-Mechtable-CKM_IBM_DILITHIUM-can-also-be-used-for-key.patch * ocki-3.19.0-0005-EP11-Remove-DSA-DH-parameter-generation-mechanisms-f.patch * ocki-3.19.0-0006-EP11-Pass-back-chain-code-for-CKM_IBM_BTC_DERIVE.patch * ocki-3.19.0-0007-EP11-Supply-CKA_PUBLIC_KEY_INFO-with-CKM_IBM_BTC_DER.patch * ocki-3.19.0-0008-EP11-Supply-CKA_PUBLIC_KEY_INFO-when-importing-priva.patch * ocki-3.19.0-0009-EP11-Fix-memory-leak-introduced-with-recent-commit.patch * ocki-3.19.0-0010-p11sak-Fix-segfault-when-dilithium-version-is-not-sp.patch * ocki-3.19.0-0011-EP11-remove-dead-code-and-unused-variables.patch * ocki-3.19.0-0012-EP11-Update-EP11-host-library-header-files.patch * ocki-3.19.0-0013-EP11-Support-EP11-host-library-version-4.patch * ocki-3.19.0-0014-EP11-Add-new-control-points.patch * ocki-3.19.0-0015-EP11-Default-unknown-CPs-to-ON.patch * ocki-3.19.0-0016-COMMON-Add-defines-for-Dilithium-round-2-and-3-varia.patch * ocki-3.19.0-0017-COMMON-Add-defines-for-Kyber.patch * ocki-3.19.0-0018-COMMON-Add-post-quantum-algorithm-OIDs.patch * ocki-3.19.0-0019-COMMON-Dilithium-key-BER-encoding-decoding-allow-dif.patch * ocki-3.19.0-0020-COMMON-EP11-Add-CKA_VALUE-holding-SPKI-PKCS-8-of-key.patch * ocki-3.19.0-0021-COMMON-EP11-Allow-to-select-Dilithium-variant-via-mo.patch * ocki-3.19.0-0022-EP11-Query-supported-PQC-variants-and-restrict-usage.patch * ocki-3.19.0-0023-POLICY-Dilithium-strength-and-signature-size-depends.patch * ocki-3.19.0-0024-TESTCASES-Test-Dilithium-variants.patch * ocki-3.19.0-0025-COMMON-EP11-Add-Kyber-key-type-and-mechanism.patch * ocki-3.19.0-0026-EP11-Add-support-for-generating-and-importing-Kyber-.patch * ocki-3.19.0-0027-EP11-Add-support-for-encrypt-decrypt-and-KEM-operati.patch * ocki-3.19.0-0028-POLICY-STATISTICS-Check-for-Kyber-KEM-KDFs-and-count.patch * ocki-3.19.0-0029-TESTCASES-Add-tests-for-CKM_IBM_KYBER.patch * ocki-3.19.0-0030-p11sak-Support-additional-Dilithium-variants.patch * ocki-3.19.0-0031-p11sak-Add-support-for-IBM-Kyber-key-type.patch * ocki-3.19.0-0032-testcase-Enhance-p11sak-testcase-to-generate-IBM-Kyb.patch * ocki-3.19.0-0033-EP11-Supply-CKA_PUBLIC_KEY_INFO-with-CKM_IBM_BTC_DER.patch * ocki-3.19.0-0034-EP11-Fix-setting-unknown-CPs-to-ON.patch OBS-URL: https://build.opensuse.org/request/show/1063652 OBS-URL: https://build.opensuse.org/package/show/security/openCryptoki?expand=0&rev=128
119 lines
4.5 KiB
Diff
119 lines
4.5 KiB
Diff
From ee3464dff7536c98fd64c80d87c765f703dff0f0 Mon Sep 17 00:00:00 2001
|
|
From: Ingo Franzki <ifranzki@linux.ibm.com>
|
|
Date: Fri, 18 Nov 2022 10:44:56 +0100
|
|
Subject: [PATCH 11/34] EP11: remove dead code and unused variables
|
|
|
|
Some variables are declared and initialized to NULL, but never used or set.
|
|
The attempt to free them at the end of the function is dead code.
|
|
|
|
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
|
|
---
|
|
usr/lib/ep11_stdll/ep11_specific.c | 28 ----------------------------
|
|
1 file changed, 28 deletions(-)
|
|
|
|
diff --git a/usr/lib/ep11_stdll/ep11_specific.c b/usr/lib/ep11_stdll/ep11_specific.c
|
|
index 9e320503..1dbfe0f5 100644
|
|
--- a/usr/lib/ep11_stdll/ep11_specific.c
|
|
+++ b/usr/lib/ep11_stdll/ep11_specific.c
|
|
@@ -3575,7 +3575,6 @@ static CK_RV import_IBM_Dilithium_key(STDLL_TokData_t *tokdata, SESSION *sess,
|
|
unsigned char *ep11_pin_blob = NULL;
|
|
CK_ULONG ep11_pin_blob_len = 0;
|
|
ep11_session_t *ep11_session = (ep11_session_t *) sess->private_data;
|
|
- CK_BYTE *pubkey = NULL;
|
|
|
|
memcpy(iv, "1234567812345678", AES_BLOCK_SIZE);
|
|
|
|
@@ -3734,9 +3733,6 @@ static CK_RV import_IBM_Dilithium_key(STDLL_TokData_t *tokdata, SESSION *sess,
|
|
}
|
|
|
|
done:
|
|
-
|
|
- if (pubkey)
|
|
- free(pubkey);
|
|
if (data) {
|
|
OPENSSL_cleanse(data, data_len);
|
|
free(data);
|
|
@@ -5486,7 +5482,6 @@ static CK_RV dh_generate_keypair(STDLL_TokData_t *tokdata,
|
|
CK_ATTRIBUTE *opaque_attr = NULL;
|
|
CK_ATTRIBUTE *value_attr = NULL;
|
|
CK_ATTRIBUTE *attr = NULL;
|
|
- CK_ATTRIBUTE *pPublicKeyTemplate_new = NULL;
|
|
CK_ATTRIBUTE_PTR dh_pPublicKeyTemplate = NULL;
|
|
CK_ULONG dh_ulPublicKeyAttributeCount = 0;
|
|
CK_ATTRIBUTE_PTR dh_pPrivateKeyTemplate = NULL;
|
|
@@ -5746,7 +5741,6 @@ static CK_RV dh_generate_keypair(STDLL_TokData_t *tokdata,
|
|
}
|
|
|
|
dh_generate_keypair_end:
|
|
- free(pPublicKeyTemplate_new);
|
|
if (dh_pgs.pg != NULL)
|
|
free(dh_pgs.pg);
|
|
if (dh_pPublicKeyTemplate)
|
|
@@ -5778,7 +5772,6 @@ static CK_RV dsa_generate_keypair(STDLL_TokData_t *tokdata,
|
|
CK_ATTRIBUTE *opaque_attr = NULL;
|
|
CK_ATTRIBUTE *value_attr = NULL;
|
|
CK_ATTRIBUTE *attr = NULL;
|
|
- CK_ATTRIBUTE *pPublicKeyTemplate_new = NULL;
|
|
CK_BYTE *key;
|
|
CK_BYTE *data, *oid, *parm;
|
|
CK_ULONG data_len, field_len, bit_str_len, oid_len, parm_len;
|
|
@@ -6047,7 +6040,6 @@ static CK_RV dsa_generate_keypair(STDLL_TokData_t *tokdata,
|
|
}
|
|
|
|
dsa_generate_keypair_end:
|
|
- free(pPublicKeyTemplate_new);
|
|
if (dsa_pqgs.pqg != NULL)
|
|
free(dsa_pqgs.pqg);
|
|
if (dsa_pPublicKeyTemplate)
|
|
@@ -6080,10 +6072,6 @@ static CK_RV rsa_ec_generate_keypair(STDLL_TokData_t *tokdata,
|
|
CK_BYTE *data, *oid, *parm;
|
|
CK_ULONG data_len, oid_len, parm_len;
|
|
CK_ULONG field_len;
|
|
- CK_ATTRIBUTE_PTR new_pPublicKeyTemplate = NULL;
|
|
- CK_ULONG new_ulPublicKeyAttributeCount = 0;
|
|
- CK_ATTRIBUTE_PTR new_pPrivateKeyTemplate = NULL;
|
|
- CK_ULONG new_ulPrivateKeyAttributeCount = 0;
|
|
CK_ULONG ktype;
|
|
unsigned char *ep11_pin_blob = NULL;
|
|
CK_ULONG ep11_pin_blob_len = 0;
|
|
@@ -6399,12 +6387,6 @@ static CK_RV rsa_ec_generate_keypair(STDLL_TokData_t *tokdata,
|
|
}
|
|
|
|
error:
|
|
- if (new_pPrivateKeyTemplate)
|
|
- free_attribute_array(new_pPrivateKeyTemplate,
|
|
- new_ulPrivateKeyAttributeCount);
|
|
- if (new_pPublicKeyTemplate)
|
|
- free_attribute_array(new_pPublicKeyTemplate,
|
|
- new_ulPublicKeyAttributeCount);
|
|
if (new_publ_attrs)
|
|
free_attribute_array(new_publ_attrs, new_publ_attrs_len);
|
|
if (new_priv_attrs)
|
|
@@ -6432,10 +6414,6 @@ static CK_RV ibm_dilithium_generate_keypair(STDLL_TokData_t *tokdata,
|
|
CK_BYTE *data, *oid, *parm;
|
|
CK_ULONG data_len, oid_len, parm_len;
|
|
CK_ULONG field_len;
|
|
- CK_ATTRIBUTE_PTR new_pPublicKeyTemplate = NULL;
|
|
- CK_ULONG new_ulPublicKeyAttributeCount = 0;
|
|
- CK_ATTRIBUTE_PTR new_pPrivateKeyTemplate = NULL;
|
|
- CK_ULONG new_ulPrivateKeyAttributeCount = 0;
|
|
CK_ULONG ktype = CKK_IBM_PQC_DILITHIUM;
|
|
unsigned char *ep11_pin_blob = NULL;
|
|
CK_ULONG ep11_pin_blob_len = 0;
|
|
@@ -6679,12 +6657,6 @@ static CK_RV ibm_dilithium_generate_keypair(STDLL_TokData_t *tokdata,
|
|
}
|
|
|
|
error:
|
|
- if (new_pPrivateKeyTemplate)
|
|
- free_attribute_array(new_pPrivateKeyTemplate,
|
|
- new_ulPrivateKeyAttributeCount);
|
|
- if (new_pPublicKeyTemplate)
|
|
- free_attribute_array(new_pPublicKeyTemplate,
|
|
- new_ulPublicKeyAttributeCount);
|
|
if (new_publ_attrs)
|
|
free_attribute_array(new_publ_attrs, new_publ_attrs_len);
|
|
if (new_priv_attrs)
|
|
--
|
|
2.16.2.windows.1
|
|
|