os400qc3: Slave descriptor for key encryption key

The Qc3 library requires the key encryption key to exist as long as the encrypted key is used. Its descriptor token is then kept as an "encrypted key slave" for recursive release.
2015-12-09 14:20:16 +01:00 · 2015-12-09 14:20:16 +01:00 · 0f15724e72
commit 0f15724e72
parent 57692b6b10
2 changed files with 17 additions and 5 deletions
--- a/src/os400qc3.c
+++ b/src/os400qc3.c
@ -956,6 +956,8 @@ null_token(const char *token)
 void
 _libssh2_os400qc3_crypto_dtor(_libssh2_os400qc3_crypto_ctx *x)
 {
+    if (!x)
+        return;
    if (!null_token(x->hash.Alg_Context_Token)) {
        Qc3DestroyAlgorithmContext(x->hash.Alg_Context_Token, (char *) &ecnull);
        memset(x->hash.Alg_Context_Token, 0, sizeof x->hash.Alg_Context_Token);
@ -964,6 +966,11 @@ _libssh2_os400qc3_crypto_dtor(_libssh2_os400qc3_crypto_ctx *x)
        Qc3DestroyKeyContext(x->key.Key_Context_Token, (char *) &ecnull);
        memset(x->key.Key_Context_Token, 0, sizeof x->key.Key_Context_Token);
    }
+    if (x->kek) {
+        _libssh2_os400qc3_crypto_dtor(x->kek);
+        free((char *) x->kek);
+        x->kek = NULL;
+    }
 }

 /*******************************************************************
--- a/src/os400qc3.h
+++ b/src/os400qc3.h
@ -189,10 +189,13 @@
 *
 *******************************************************************/

-typedef struct {        /* HMAC & private key algorithms support structure. */
-    Qc3_Format_ALGD0100_T   hash;           /* Hash algorithm. */
-    Qc3_Format_KEYD0100_T   key;            /* Key. */
-}       _libssh2_os400qc3_crypto_ctx;
+/* HMAC & private key algorithms support structure. */
+typedef struct _libssh2_os400qc3_crypto_ctx _libssh2_os400qc3_crypto_ctx;
+struct _libssh2_os400qc3_crypto_ctx {
+    Qc3_Format_ALGD0100_T           hash;           /* Hash algorithm. */
+    Qc3_Format_KEYD0100_T           key;            /* Key. */
+    _libssh2_os400qc3_crypto_ctx *  kek;            /* Key encryption. */
+};

 typedef struct {        /* Big number. */
    unsigned char *         bignum;         /* Number bits, little-endian. */
@ -240,7 +243,9 @@ typedef struct {        /* Algorithm description. */
                                libssh2_os400qc3_hash_update(&(ctx), data, len)
 #define libssh2_md5_final(ctx, out)                                         \
                                libssh2_os400qc3_hash_final(&(ctx), out)
-#define libssh2_hmac_ctx_init(ctx)
+#define libssh2_hmac_ctx_init(ctx)                                          \
+                                memset((char *) &(ctx), 0,                  \
+                                       sizeof(libssh2_hmac_ctx))
 #define libssh2_hmac_md5_init(ctx, key, keylen)                             \
                                libssh2_os400qc3_hmac_init(ctx, Qc3_MD5,    \
                                                           key, keylen)