337 lines
10 KiB
Diff
337 lines
10 KiB
Diff
diff --git a/usr/lib/pkcs11/common/encr_mgr.c b/usr/lib/pkcs11/common/encr_mgr.c
|
|
index 50fa661..e12aec8 100755
|
|
--- a/usr/lib/pkcs11/common/encr_mgr.c
|
|
+++ b/usr/lib/pkcs11/common/encr_mgr.c
|
|
@@ -764,7 +764,6 @@ encr_mgr_init( SESSION * sess,
|
|
break;
|
|
case CKM_AES_CTR:
|
|
{
|
|
- CK_AES_CTR_PARAMS aesctr;
|
|
if (mech->ulParameterLen != sizeof(CK_AES_CTR_PARAMS)){
|
|
TRACE_ERROR("%s\n", ock_err(ERR_MECHANISM_PARAM_INVALID));
|
|
return CKR_MECHANISM_PARAM_INVALID;
|
|
diff --git a/usr/lib/pkcs11/common/mech_aes.c b/usr/lib/pkcs11/common/mech_aes.c
|
|
index 453253d..4eacad5 100644
|
|
--- a/usr/lib/pkcs11/common/mech_aes.c
|
|
+++ b/usr/lib/pkcs11/common/mech_aes.c
|
|
@@ -2671,7 +2671,6 @@ aes_mac_verify_update( SESSION * sess,
|
|
{
|
|
CK_ULONG rc;
|
|
OBJECT * key_obj = NULL;
|
|
- CK_ULONG mac_len;
|
|
AES_DATA_CONTEXT * context = NULL;
|
|
CK_BYTE * cipher = NULL;
|
|
CK_ULONG total, remain, out_len;
|
|
diff --git a/usr/lib/pkcs11/common/mech_ec.c b/usr/lib/pkcs11/common/mech_ec.c
|
|
index 88bb08e..4817b45 100644
|
|
--- a/usr/lib/pkcs11/common/mech_ec.c
|
|
+++ b/usr/lib/pkcs11/common/mech_ec.c
|
|
@@ -143,7 +143,6 @@ ec_sign( SESSION *sess,
|
|
{
|
|
OBJECT *key_obj = NULL;
|
|
CK_ULONG plen;
|
|
- CK_BBOOL flag;
|
|
CK_RV rc;
|
|
|
|
if (!sess || !ctx || !out_data_len){
|
|
@@ -225,7 +224,6 @@ ec_verify(SESSION *sess,
|
|
{
|
|
OBJECT *key_obj = NULL;
|
|
CK_ULONG plen;
|
|
- CK_BBOOL flag;
|
|
CK_RV rc;
|
|
|
|
|
|
diff --git a/usr/lib/pkcs11/common/mech_rsa.c b/usr/lib/pkcs11/common/mech_rsa.c
|
|
index 60cac63..0430863 100755
|
|
--- a/usr/lib/pkcs11/common/mech_rsa.c
|
|
+++ b/usr/lib/pkcs11/common/mech_rsa.c
|
|
@@ -776,7 +776,7 @@ CK_RV rsa_oaep_crypt(SESSION *sess, CK_BBOOL length_only,
|
|
CK_ULONG *out_data_len, CK_BBOOL encrypt)
|
|
{
|
|
OBJECT *key_obj = NULL;
|
|
- CK_ULONG hlen, modulus_bytes, mgf_mech;
|
|
+ CK_ULONG hlen, modulus_bytes;
|
|
CK_OBJECT_CLASS keyclass;
|
|
CK_BYTE hash[MAX_SHA_HASH_SIZE];
|
|
CK_RV rc;
|
|
@@ -1536,9 +1536,8 @@ CK_RV rsa_pss_verify(SESSION *sess, SIGN_VERIFY_CONTEXT *ctx, CK_BYTE *in_data,
|
|
{
|
|
CK_RV rc;
|
|
OBJECT *key_obj = NULL;
|
|
- CK_ULONG modulus_bytes, hlen;
|
|
+ CK_ULONG modulus_bytes;
|
|
CK_OBJECT_CLASS keyclass;
|
|
- CK_RSA_PKCS_PSS_PARAMS_PTR pssParms = NULL;
|
|
|
|
rc = object_mgr_find_in_map1(ctx->key, &key_obj);
|
|
if (rc != CKR_OK) {
|
|
diff --git a/usr/lib/pkcs11/common/obj_mgr.c b/usr/lib/pkcs11/common/obj_mgr.c
|
|
index c275225..80f5998 100755
|
|
--- a/usr/lib/pkcs11/common/obj_mgr.c
|
|
+++ b/usr/lib/pkcs11/common/obj_mgr.c
|
|
@@ -1247,7 +1247,6 @@ CK_RV
|
|
object_mgr_find_in_map_nocache( CK_OBJECT_HANDLE handle,
|
|
OBJECT ** ptr )
|
|
{
|
|
- DL_NODE * node = NULL;
|
|
OBJECT_MAP * map = NULL;
|
|
OBJECT * obj = NULL;
|
|
CK_RV rc = CKR_OK;
|
|
diff --git a/usr/lib/pkcs11/common/sess_mgr.c b/usr/lib/pkcs11/common/sess_mgr.c
|
|
index 31607df..32d1081 100755
|
|
--- a/usr/lib/pkcs11/common/sess_mgr.c
|
|
+++ b/usr/lib/pkcs11/common/sess_mgr.c
|
|
@@ -317,7 +317,6 @@
|
|
SESSION *
|
|
session_mgr_find( CK_SESSION_HANDLE handle )
|
|
{
|
|
- struct btnode *n;
|
|
SESSION * result = NULL;
|
|
CK_RV rc;
|
|
|
|
@@ -351,7 +350,6 @@ CK_RV
|
|
session_mgr_new( CK_ULONG flags, CK_SLOT_ID slot_id, CK_SESSION_HANDLE_PTR phSession )
|
|
{
|
|
SESSION * new_session = NULL;
|
|
- SESSION * s = NULL;
|
|
CK_BBOOL user_session = FALSE;
|
|
CK_BBOOL so_session = FALSE;
|
|
CK_BBOOL pkcs_locked = TRUE;
|
|
@@ -560,7 +558,6 @@ session_mgr_readonly_session_exists( void )
|
|
CK_RV
|
|
session_mgr_close_session( CK_SESSION_HANDLE handle )
|
|
{
|
|
- struct btnode *n;
|
|
SESSION *sess;
|
|
CK_RV rc = CKR_OK;
|
|
|
|
@@ -709,8 +706,6 @@ CK_RV
|
|
session_mgr_close_all_sessions( void )
|
|
{
|
|
CK_RV rc = CKR_OK;
|
|
- SESSION *sess;
|
|
- unsigned long i;
|
|
|
|
rc = MY_LockMutex( &sess_list_mutex );
|
|
if (rc != CKR_OK){
|
|
@@ -759,9 +754,6 @@ session_login(void *node_value, unsigned long node_idx, void *p3)
|
|
CK_RV
|
|
session_mgr_login_all( CK_USER_TYPE user_type )
|
|
{
|
|
- struct btnode *n;
|
|
- unsigned long i;
|
|
- SESSION *s;
|
|
CK_RV rc = CKR_OK;
|
|
|
|
rc = MY_LockMutex( &sess_list_mutex );
|
|
@@ -805,8 +797,6 @@ session_logout(void *node_value, unsigned long node_idx, void *p3)
|
|
CK_RV
|
|
session_mgr_logout_all( void )
|
|
{
|
|
- unsigned long i;
|
|
- SESSION * s = NULL;
|
|
CK_RV rc = CKR_OK;
|
|
|
|
rc = MY_LockMutex( &sess_list_mutex );
|
|
diff --git a/usr/lib/pkcs11/icsf_stdll/icsf.c b/usr/lib/pkcs11/icsf_stdll/icsf.c
|
|
index e7712e7..5ec344f 100644
|
|
--- a/usr/lib/pkcs11/icsf_stdll/icsf.c
|
|
+++ b/usr/lib/pkcs11/icsf_stdll/icsf.c
|
|
@@ -2615,7 +2615,6 @@ int icsf_hmac_verify(LDAP *ld, int *reason, struct icsf_object_record *key,
|
|
char rule_array[2 * ICSF_RULE_ITEM_LEN];
|
|
BerElement *msg = NULL;
|
|
BerElement *result = NULL;
|
|
- struct berval bvHmac = { 0UL, NULL };
|
|
struct berval bvChain = { 0UL, NULL };
|
|
const char *rule_alg;
|
|
|
|
@@ -3209,7 +3208,6 @@ icsf_derive_multple_keys(LDAP *ld, int *p_reason, CK_MECHANISM_PTR mech,
|
|
struct icsf_object_record *server_iv)
|
|
{
|
|
int rc = 0;
|
|
- int reason = 0;
|
|
const char *rule_alg;
|
|
char handle[ICSF_HANDLE_LEN];
|
|
char rule_array[ICSF_RULE_ITEM_LEN];
|
|
diff --git a/usr/lib/pkcs11/icsf_stdll/icsf_specific.c b/usr/lib/pkcs11/icsf_stdll/icsf_specific.c
|
|
index 1158eb5..5c92454 100644
|
|
--- a/usr/lib/pkcs11/icsf_stdll/icsf_specific.c
|
|
+++ b/usr/lib/pkcs11/icsf_stdll/icsf_specific.c
|
|
@@ -1045,7 +1045,6 @@ CK_RV icsftok_login(SESSION *sess, CK_USER_TYPE userType, CK_CHAR_PTR pPin,
|
|
char *ca_dir = NULL;
|
|
CK_SLOT_ID slot_id = sess->session_info.slotID;
|
|
struct session_state *session_state;
|
|
- int sessions_locked = 0;
|
|
LDAP *ld;
|
|
|
|
/* Check Slot ID */
|
|
diff --git a/usr/lib/pkcs11/icsf_stdll/new_host.c b/usr/lib/pkcs11/icsf_stdll/new_host.c
|
|
index dc9790a..bf492c8 100644
|
|
--- a/usr/lib/pkcs11/icsf_stdll/new_host.c
|
|
+++ b/usr/lib/pkcs11/icsf_stdll/new_host.c
|
|
@@ -378,7 +378,6 @@ CK_RV valid_mech(CK_MECHANISM_PTR m, CK_FLAGS f)
|
|
CK_RV ST_Initialize(void **FunctionList, CK_SLOT_ID SlotNumber, char *conf_name,
|
|
struct trace_handle_t t)
|
|
{
|
|
- int i;
|
|
CK_RV rc = CKR_OK;
|
|
|
|
if ((rc = check_user_and_group()) != CKR_OK)
|
|
@@ -1626,7 +1625,6 @@ CK_RV SC_EncryptUpdate(ST_SESSION_HANDLE *sSession, CK_BYTE_PTR pPart,
|
|
CK_ULONG_PTR pulEncryptedPartLen)
|
|
{
|
|
SESSION *sess = NULL;
|
|
- CK_BBOOL length_only = FALSE;
|
|
CK_RV rc = CKR_OK;
|
|
|
|
if (initialized == FALSE) {
|
|
@@ -1654,9 +1652,6 @@ CK_RV SC_EncryptUpdate(ST_SESSION_HANDLE *sSession, CK_BYTE_PTR pPart,
|
|
goto done;
|
|
}
|
|
|
|
- if (!pEncryptedPart)
|
|
- length_only = TRUE;
|
|
-
|
|
rc = icsftok_encrypt_update(sess, pPart, ulPartLen, pEncryptedPart,
|
|
pulEncryptedPartLen);
|
|
if (rc != CKR_OK)
|
|
@@ -1837,7 +1832,6 @@ CK_RV SC_DecryptUpdate(ST_SESSION_HANDLE *sSession, CK_BYTE_PTR pEncryptedPart,
|
|
CK_ULONG_PTR pulPartLen)
|
|
{
|
|
SESSION *sess = NULL;
|
|
- CK_BBOOL length_only = FALSE;
|
|
CK_RV rc = CKR_OK;
|
|
|
|
if (initialized == FALSE) {
|
|
@@ -1865,9 +1859,6 @@ CK_RV SC_DecryptUpdate(ST_SESSION_HANDLE *sSession, CK_BYTE_PTR pEncryptedPart,
|
|
goto done;
|
|
}
|
|
|
|
- if (!pPart)
|
|
- length_only = TRUE;
|
|
-
|
|
rc = icsftok_decrypt_update(sess, pEncryptedPart, ulEncryptedPartLen,
|
|
pPart, pulPartLen);
|
|
if (rc != CKR_OK)
|
|
@@ -2835,7 +2826,6 @@ CK_RV SC_WrapKey(ST_SESSION_HANDLE *sSession, CK_MECHANISM_PTR pMechanism,
|
|
CK_BYTE_PTR pWrappedKey, CK_ULONG_PTR pulWrappedKeyLen)
|
|
{
|
|
SESSION *sess = NULL;
|
|
- CK_BBOOL length_only = FALSE;
|
|
CK_RV rc = CKR_OK;
|
|
|
|
if (initialized == FALSE) {
|
|
@@ -2854,9 +2844,6 @@ CK_RV SC_WrapKey(ST_SESSION_HANDLE *sSession, CK_MECHANISM_PTR pMechanism,
|
|
if (rc != CKR_OK)
|
|
goto done;
|
|
|
|
- if (!pWrappedKey)
|
|
- length_only = TRUE;
|
|
-
|
|
sess = session_mgr_find(sSession->sessionh);
|
|
if (!sess) {
|
|
TRACE_ERROR("%s\n", ock_err(ERR_SESSION_HANDLE_INVALID));
|
|
diff --git a/usr/lib/pkcs11/icsf_stdll/pbkdf.c b/usr/lib/pkcs11/icsf_stdll/pbkdf.c
|
|
index 33d36c8..fbbcb39 100644
|
|
--- a/usr/lib/pkcs11/icsf_stdll/pbkdf.c
|
|
+++ b/usr/lib/pkcs11/icsf_stdll/pbkdf.c
|
|
@@ -545,7 +545,6 @@ pbkdf(CK_BYTE *password, CK_ULONG len, CK_BYTE *salt, CK_BYTE *dkey, CK_ULONG kl
|
|
unsigned char *result;
|
|
unsigned int r, num_of_blocks;
|
|
unsigned int count, hashlen;
|
|
- unsigned char *ret;
|
|
CK_ULONG rc = CKR_OK;
|
|
int i, j, k;
|
|
|
|
diff --git a/usr/sbin/pkcsicsf/pkcsicsf.c b/usr/sbin/pkcsicsf/pkcsicsf.c
|
|
index ec05edf..dd31bbe 100644
|
|
--- a/usr/sbin/pkcsicsf/pkcsicsf.c
|
|
+++ b/usr/sbin/pkcsicsf/pkcsicsf.c
|
|
@@ -476,7 +476,6 @@ main(int argc, char **argv)
|
|
{
|
|
char *racfpwd = NULL;
|
|
size_t racflen;
|
|
- unsigned char *ret;
|
|
char *tokenname = NULL;
|
|
int c;
|
|
int rc = 0;
|
|
@@ -488,7 +487,7 @@ main(int argc, char **argv)
|
|
flags |= CFG_ADD;
|
|
if ((tokenname = strdup(optarg)) == NULL) {
|
|
rc = -1;
|
|
- fprintf(stderr, "strdup failed: line %s\n",
|
|
+ fprintf(stderr, "strdup failed: line %d\n",
|
|
__LINE__);
|
|
goto cleanup;
|
|
}
|
|
@@ -500,34 +499,34 @@ main(int argc, char **argv)
|
|
flags |= CFG_BINDDN;
|
|
if ((binddn = strdup(optarg)) == NULL) {
|
|
rc = -1;
|
|
- fprintf(stderr, "strdup failed: line %s\n",
|
|
+ fprintf(stderr, "strdup failed: line %d\n",
|
|
__LINE__);
|
|
goto cleanup;
|
|
}
|
|
break;
|
|
case 'c':
|
|
- flags != CFG_CERT;
|
|
+ flags |= CFG_CERT;
|
|
if ((cert = strdup(optarg)) == NULL) {
|
|
rc = -1;
|
|
- fprintf(stderr, "strdup failed: line %s\n",
|
|
+ fprintf(stderr, "strdup failed: line %d\n",
|
|
__LINE__);
|
|
goto cleanup;
|
|
}
|
|
break;
|
|
case 'k':
|
|
- flags != CFG_PRIVKEY;
|
|
+ flags |= CFG_PRIVKEY;
|
|
if ((privkey = strdup(optarg)) == NULL) {
|
|
rc = -1;
|
|
- fprintf(stderr, "strdup failed: line %s\n",
|
|
+ fprintf(stderr, "strdup failed: line %d\n",
|
|
__LINE__);
|
|
goto cleanup;
|
|
}
|
|
break;
|
|
case 'C':
|
|
- flags != CFG_CACERT;
|
|
+ flags |= CFG_CACERT;
|
|
if ((cacert = strdup(optarg)) == NULL) {
|
|
rc = -1;
|
|
- fprintf(stderr, "strdup failed: line %s\n",
|
|
+ fprintf(stderr, "strdup failed: line %d\n",
|
|
__LINE__);
|
|
goto cleanup;
|
|
}
|
|
@@ -536,7 +535,7 @@ main(int argc, char **argv)
|
|
flags |= CFG_URI;
|
|
if ((uri = strdup(optarg)) == NULL) {
|
|
rc = -1;
|
|
- fprintf(stderr, "strdup failed: line %s\n",
|
|
+ fprintf(stderr, "strdup failed: line %d\n",
|
|
__LINE__);
|
|
goto cleanup;
|
|
}
|
|
@@ -545,7 +544,7 @@ main(int argc, char **argv)
|
|
flags |= CFG_MECH;
|
|
if ((mech = strdup(optarg)) == NULL) {
|
|
rc = -1;
|
|
- fprintf(stderr, "strdup failed: line %s\n",
|
|
+ fprintf(stderr, "strdup failed: line %d\n",
|
|
__LINE__);
|
|
goto cleanup;
|
|
}
|
|
@@ -686,7 +685,7 @@ cleanup:
|
|
if (uri)
|
|
free(uri);
|
|
if (mech)
|
|
- mech;
|
|
+ free(mech);
|
|
if (racfpwd)
|
|
free(racfpwd);
|
|
return rc;
|