mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
gpg: Avoid a double free on error in the key generation.
* g10/keygen.c (card_store_key_with_backup): Avoid double free and simplify error handling. -- This is part of GnuPG-bug-id: 7129 Co-authored-by: Jakub Jelen <jjelen@redhat.com> (cherry picked from commit bcc002cd45d1c6bd51c2b2093f92d396970c082e)
This commit is contained in:
parent
f46d75f0b2
commit
234e9db3c3
53
g10/keygen.c
53
g10/keygen.c
@ -5478,11 +5478,10 @@ static gpg_error_t
|
|||||||
card_store_key_with_backup (ctrl_t ctrl, PKT_public_key *sub_psk,
|
card_store_key_with_backup (ctrl_t ctrl, PKT_public_key *sub_psk,
|
||||||
const char *backup_dir)
|
const char *backup_dir)
|
||||||
{
|
{
|
||||||
|
gpg_error_t err;
|
||||||
PKT_public_key *sk;
|
PKT_public_key *sk;
|
||||||
gnupg_isotime_t timestamp;
|
gnupg_isotime_t timestamp;
|
||||||
gpg_error_t err;
|
char *hexgrip = NULL;
|
||||||
char *hexgrip;
|
|
||||||
int rc;
|
|
||||||
struct agent_card_info_s info;
|
struct agent_card_info_s info;
|
||||||
gcry_cipher_hd_t cipherhd = NULL;
|
gcry_cipher_hd_t cipherhd = NULL;
|
||||||
char *cache_nonce = NULL;
|
char *cache_nonce = NULL;
|
||||||
@ -5490,9 +5489,14 @@ card_store_key_with_backup (ctrl_t ctrl, PKT_public_key *sub_psk,
|
|||||||
size_t keklen;
|
size_t keklen;
|
||||||
char *ecdh_param_str = NULL;
|
char *ecdh_param_str = NULL;
|
||||||
|
|
||||||
|
memset (&info, 0, sizeof (info));
|
||||||
|
|
||||||
sk = copy_public_key (NULL, sub_psk);
|
sk = copy_public_key (NULL, sub_psk);
|
||||||
if (!sk)
|
if (!sk)
|
||||||
return gpg_error_from_syserror ();
|
{
|
||||||
|
err = gpg_error_from_syserror ();
|
||||||
|
goto leave;
|
||||||
|
}
|
||||||
|
|
||||||
epoch2isotime (timestamp, (time_t)sk->timestamp);
|
epoch2isotime (timestamp, (time_t)sk->timestamp);
|
||||||
if (sk->pubkey_algo == PUBKEY_ALGO_ECDH)
|
if (sk->pubkey_algo == PUBKEY_ALGO_ECDH)
|
||||||
@ -5500,37 +5504,23 @@ card_store_key_with_backup (ctrl_t ctrl, PKT_public_key *sub_psk,
|
|||||||
ecdh_param_str = ecdh_param_str_from_pk (sk);
|
ecdh_param_str = ecdh_param_str_from_pk (sk);
|
||||||
if (!ecdh_param_str)
|
if (!ecdh_param_str)
|
||||||
{
|
{
|
||||||
free_public_key (sk);
|
err = gpg_error_from_syserror ();
|
||||||
return gpg_error_from_syserror ();
|
goto leave;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
err = hexkeygrip_from_pk (sk, &hexgrip);
|
err = hexkeygrip_from_pk (sk, &hexgrip);
|
||||||
if (err)
|
if (err)
|
||||||
{
|
goto leave;
|
||||||
xfree (ecdh_param_str);
|
|
||||||
free_public_key (sk);
|
|
||||||
goto leave;
|
|
||||||
}
|
|
||||||
|
|
||||||
memset(&info, 0, sizeof (info));
|
err = agent_scd_getattr ("SERIALNO", &info);
|
||||||
rc = agent_scd_getattr ("SERIALNO", &info);
|
if (err)
|
||||||
if (rc)
|
goto leave;
|
||||||
{
|
|
||||||
xfree (ecdh_param_str);
|
|
||||||
free_public_key (sk);
|
|
||||||
err = (gpg_error_t)rc;
|
|
||||||
goto leave;
|
|
||||||
}
|
|
||||||
|
|
||||||
rc = agent_keytocard (hexgrip, 2, 1, info.serialno,
|
err = agent_keytocard (hexgrip, 2, 1, info.serialno,
|
||||||
timestamp, ecdh_param_str);
|
timestamp, ecdh_param_str);
|
||||||
xfree (info.serialno);
|
if (err)
|
||||||
if (rc)
|
goto leave;
|
||||||
{
|
|
||||||
err = (gpg_error_t)rc;
|
|
||||||
goto leave;
|
|
||||||
}
|
|
||||||
|
|
||||||
err = agent_keywrap_key (ctrl, 1, &kek, &keklen);
|
err = agent_keywrap_key (ctrl, 1, &kek, &keklen);
|
||||||
if (err)
|
if (err)
|
||||||
@ -5563,10 +5553,13 @@ card_store_key_with_backup (ctrl_t ctrl, PKT_public_key *sub_psk,
|
|||||||
if (err)
|
if (err)
|
||||||
log_error ("writing card key to backup file: %s\n", gpg_strerror (err));
|
log_error ("writing card key to backup file: %s\n", gpg_strerror (err));
|
||||||
else
|
else
|
||||||
/* Remove secret key data in agent side. */
|
{
|
||||||
agent_scd_learn (NULL, 1);
|
/* Remove secret key data in agent side. */
|
||||||
|
agent_scd_learn (NULL, 1);
|
||||||
|
}
|
||||||
|
|
||||||
leave:
|
leave:
|
||||||
|
xfree (info.serialno);
|
||||||
xfree (ecdh_param_str);
|
xfree (ecdh_param_str);
|
||||||
xfree (cache_nonce);
|
xfree (cache_nonce);
|
||||||
gcry_cipher_close (cipherhd);
|
gcry_cipher_close (cipherhd);
|
||||||
|
Loading…
x
Reference in New Issue
Block a user