Plug pkey handle leak.

New keystore code requires slightly different cleanup to avoid leaking pkey handle table slots. Pricetag for reducing the amount of data duplicated between pkey and keystore layers.
author: Rob Austein <sra@hactrn.net> 2016-09-03 02:20:49 -0400
committer: Rob Austein <sra@hactrn.net> 2016-09-03 02:20:49 -0400
commit: 1e1604b3bd25c3214b95a4a3280e9041a86a55a2 (patch)
tree: 6a210bf99f0f8686b89d05d54c167542b9ce0612 /rpc_pkey.c
parent: 771f5c20bc9e350c52589b7d4a239ba50c5dc318 (diff)
1 files changed, 18 insertions, 6 deletions
diff --git a/rpc_pkey.c b/rpc_pkey.c
index 265076c..069a73b 100644
--- a/rpc_pkey.c
+++ b/rpc_pkey.c
@@ -203,8 +203,10 @@ static hal_error_t pkey_local_load(const hal_client_handle_t client,
   else if (ks != NULL)
     (void) hal_ks_close(ks);
 
-  if (err != HAL_OK)
+  if (err != HAL_OK) {
+    slot->type = HAL_KEY_TYPE_NONE;
     return err;
+  }
 
   *pkey = slot->pkey_handle;
   *name = slot->name;
@@ -242,8 +244,10 @@ static hal_error_t pkey_local_find(const hal_client_handle_t client,
   else if (ks != NULL)
     (void) hal_ks_close(ks);
 
-  if (err != HAL_OK)
+  if (err != HAL_OK) {
+    slot->type = HAL_KEY_TYPE_NONE;
     return err;
+  }
 
   *pkey = slot->pkey_handle;
   return HAL_OK;
@@ -282,8 +286,10 @@ static hal_error_t pkey_local_generate_rsa(const hal_client_handle_t client,
   slot->flags = flags;
 
   if ((err = hal_rsa_key_gen(NULL, &key, keybuf, sizeof(keybuf), key_length / 8,
-                             public_exponent, public_exponent_len)) != HAL_OK)
+                             public_exponent, public_exponent_len)) != HAL_OK) {
+    slot->type = HAL_KEY_TYPE_NONE;
     return err;
+  }
 
   uint8_t der[hal_rsa_private_key_to_der_len(key)];
   size_t der_len;
@@ -298,8 +304,10 @@ static hal_error_t pkey_local_generate_rsa(const hal_client_handle_t client,
   memset(keybuf, 0, sizeof(keybuf));
   memset(der, 0, sizeof(der));
 
-  if (err != HAL_OK)
+  if (err != HAL_OK) {
+    slot->type = HAL_KEY_TYPE_NONE;
     return err;
+  }
 
   *pkey = slot->pkey_handle;
   *name = slot->name;
@@ -338,8 +346,10 @@ static hal_error_t pkey_local_generate_ec(const hal_client_handle_t client,
   slot->curve = curve;
   slot->flags = flags;
 
-  if ((err = hal_ecdsa_key_gen(NULL, &key, keybuf, sizeof(keybuf), curve)) != HAL_OK)
+  if ((err = hal_ecdsa_key_gen(NULL, &key, keybuf, sizeof(keybuf), curve)) != HAL_OK) {
+    slot->type = HAL_KEY_TYPE_NONE;
     return err;
+  }
 
   uint8_t der[hal_ecdsa_private_key_to_der_len(key)];
   size_t der_len;
@@ -354,8 +364,10 @@ static hal_error_t pkey_local_generate_ec(const hal_client_handle_t client,
   memset(keybuf, 0, sizeof(keybuf));
   memset(der, 0, sizeof(der));
 
-  if (err != HAL_OK)
+  if (err != HAL_OK) {
+    slot->type = HAL_KEY_TYPE_NONE;
     return err;
+  }
 
   *pkey = slot->pkey_handle;
   *name = slot->name;
author	Rob Austein <sra@hactrn.net>	2016-09-03 02:20:49 -0400
committer	Rob Austein <sra@hactrn.net>	2016-09-03 02:20:49 -0400
commit	1e1604b3bd25c3214b95a4a3280e9041a86a55a2 (patch)
tree	6a210bf99f0f8686b89d05d54c167542b9ce0612 /rpc_pkey.c
parent	771f5c20bc9e350c52589b7d4a239ba50c5dc318 (diff)