[Pki-devel] Review Request: TMS ECC Key Recovery
John Magne
jmagne at redhat.com
Thu Sep 27 01:39:04 UTC 2012
Couple Questions:
In the following piece of the patch:
+ SECITEM_FreeItem(&der, PR_FALSE);
81 SECKEY_DestroySubjectPublicKeyInfo(spki);
82
It looks like both are executed , even when the call to
spki = SECKEY_DecodeDERSubjectPublicKeyInfo(&der);
Fails and spki is NULL. Does the DestroySubjectPublicKeyInfo handle this? Also Will "der" be in a state to harm the call to SECITEM_FreeItem?
Index: tps/src/engine/RA.cpp
187 ===================================================================
188 --- tps/src/engine/RA.cpp (revision 2497)
189 +++ tps/src/engine/RA.cpp (working copy)
190 @@ -1238,7 +1238,10 @@
191 goto loser;
192 } else {
193 RA::Debug(LL_PER_PDU, "RecoverKey", "got public key =%s", tmp);
194 - *publicKey_s = PL_strdup(tmp);
195 + char *tmp_publicKey_s = PL_strdup(tmp);
196 + Buffer *decodePubKey = Util::URLDecode(tmp_publicKey_s);
197 + *publicKey_s =
198 + BTOA_DataToAscii(decodePubKey->getBuf(), decodePubKey->getLen());
199 }
200
201 tmp = NULL;
202 @@ -1256,7 +1259,7 @@
203 RA::Error(LL_PER_PDU, "RecoverKey",
204 "did not get iv_param for recovered key in DRM response");
205 } else {
206 - RA::Debug(LL_PER_PDU, "ServerSideKeyGen", "got iv_param for recovered key =%s", tmp);
207 + RA::Debug(LL_PER_PDU, "RecoverKey", "got iv_param for recovered key =%s", tmp);
208 *ivParam_s = PL_strdup(tmp);
209 }
In the above code we are doing a strdup giving publicKey_s.
Are we freeing that string anywhere?
----- Original Message -----
From: "Christina Fu" <cfu at redhat.com>
To: "pki-devel" <pki-devel at redhat.com>
Sent: Monday, September 24, 2012 4:06:32 PM
Subject: [Pki-devel] Review Request: TMS ECC Key Recovery
https://fedorahosted.org/pki/ticket/252 - TMS - ECC Key Recovery
patch for review:
https://fedorahosted.org/pki/attachment/ticket/252/TMS-ECC-Recovery.patchForReview
This patch provides code to allow ECC key recovery in the TMS environment.
It was tested to work with tpsclient. The key injection part of
implementation for the actual smart card tokens is scheduled to be done
in #235 at a later time.
I can do a demo tomorrow in office.
thanks,
Christina
_______________________________________________
Pki-devel mailing list
Pki-devel at redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel
More information about the Pki-devel
mailing list