安全なNFKM_freekey処理

git-svn-id: file:///Volumes/Transfer/gigaleak_20231201/2020-09-30%20-%20paladin.7z/paladin/ctr_eFuse@67 ff987cc8-cf2f-4642-8568-d52cce064691
2025-11-02 00:11:04 -04:00 · 2009-12-23 08:06:51 +00:00 · 2009-12-23 08:06:51 +00:00 · 0a907f66eb
commit 0a907f66eb
parent 0c43773d1b
1 changed files with 17 additions and 18 deletions
--- a/cr_hsm_code.c
+++ b/cr_hsm_code.c
@ -303,7 +303,7 @@ int hsm_aes_load_key( NFKM_KeyIdent keyident, M_KeyID *keyid )
 	ret_code = NFKM_findkey( hsmHandle, keyident, &keyinfo, NULL );
 	if ( ret_code != CR_GENID_SUCCESS )
 	{
-		return ret_code;
+		goto end;
 	}

 	// get usable Module
@ -311,7 +311,7 @@ int hsm_aes_load_key( NFKM_KeyIdent keyident, M_KeyID *keyid )
 	ret_code = NFKM_getusablemodule( hsmWorld, HSM_MODULE_ID, &hsmModuleinfo );
 	if ( ret_code != CR_GENID_SUCCESS )
 	{
-		return ret_code;
+		goto end;
 	}

 	// load key blob
@ -321,12 +321,14 @@ int hsm_aes_load_key( NFKM_KeyIdent keyident, M_KeyID *keyid )
 								0, keyid, "loading aes key blob", NULL );
 	if ( ret_code != CR_GENID_SUCCESS )
 	{
-		return ret_code;
+		goto end;
 	}
-	
-	NFKM_freekey( hsmHandle, keyinfo, NULL );
-	
-	return CR_GENID_SUCCESS;
+
+end:
+	if ( keyinfo != NULL )
+		NFKM_freekey( hsmHandle, keyinfo, NULL );
+
+	return ret_code;
 }	// hsm_aes_load_key

 int hsm_aes_encrypt( unsigned char *dst_buf, unsigned char *org_buf, int size, u8 bondingOption )
@ -442,7 +444,7 @@ int hsm_rsa_load_keypair( NFKM_KeyIdent keyident, M_KeyID *privKeyid, M_KeyID *p
 	ret_code = NFKM_findkey( hsmHandle, keyident, &keyinfo, NULL );
 	if ( ret_code != CR_GENID_SUCCESS )
 	{
-		return ret_code;
+		goto end;
 	}

 	// get usable Module
@ -450,7 +452,7 @@ int hsm_rsa_load_keypair( NFKM_KeyIdent keyident, M_KeyID *privKeyid, M_KeyID *p
 	ret_code = NFKM_getusablemodule( hsmWorld, HSM_MODULE_ID, &hsmModuleinfo );
 	if ( ret_code != CR_GENID_SUCCESS )
 	{
-		return ret_code;
+		goto end;
 	}

 	// load private key blob
@ -461,12 +463,9 @@ int hsm_rsa_load_keypair( NFKM_KeyIdent keyident, M_KeyID *privKeyid, M_KeyID *p
 								"loading priv key blob", NULL );
 	if ( ret_code != CR_GENID_SUCCESS )
 	{
-		NFKM_freekey( hsmHandle, keyinfo, NULL );
-		return ret_code;
+		goto end;
 	}
 	
-	NFKM_freekey( hsmHandle, keyinfo, NULL );
-	
 	// load public key blob
 	blobPtr = &keyinfo->pubblob;
 	ret_code = NFKM_cmd_loadblob( hsmHandle, hsmConnection,
@ -475,13 +474,13 @@ int hsm_rsa_load_keypair( NFKM_KeyIdent keyident, M_KeyID *privKeyid, M_KeyID *p
 								"loading pub key blob", NULL );
 	if ( ret_code != CR_GENID_SUCCESS )
 	{
-		NFKM_freekey( hsmHandle, keyinfo, NULL );
-		return ret_code;
+		goto end;
 	}
-	
+
+end:
 	NFKM_freekey( hsmHandle, keyinfo, NULL );
-	
-	return CR_GENID_SUCCESS;
+
+	return ret_code;
 }	// hsm_rsa_load_keypair

 int hsm_rsa_encrypt( unsigned char *dst_buf, unsigned char *org_buf, int size, u8 bondingOption )