abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-06-29 01:03:38 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update API

Browse Source 
如果类型内部没有动态内存申请或外部Handle引用,不提供cleanup接口,仅用通用secure clear
This commit is contained in:
Zhi Guan
2026-06-22 15:31:30 +08:00
parent 84f92c0747
commit 14221eaeea
36 changed files with 87 additions and 168 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
tools/kyberdecap.c
View File

@@ -168,7 +168,7 @@ bad:
ret = 0;
end:
kyber_key_cleanup(&key);
gmssl_secure_clear(&key, sizeof(key));
gmssl_secure_clear(keybuf, sizeof(keybuf));
if (keyfp) fclose(keyfp);
if (infp && infp != stdin) fclose(infp);

2
tools/kyberkeygen.c
View File

@@ -123,7 +123,7 @@ bad:
ret = 0;
end:
kyber_key_cleanup(&key);
gmssl_secure_clear(&key, sizeof(key));
gmssl_secure_clear(out, outlen);
if (outfile && outfp) fclose(outfp);
if (puboutfile && puboutfp) fclose(puboutfp);

2
tools/sdfdecrypt.c
View File

@@ -215,11 +215,11 @@ bad:
ret = 0;
end:
gmssl_secure_clear(&ctx, sizeof(ctx));
(void)sdf_destroy_key(&key);
(void)sdf_close_device(&dev);
(void)sdf_unload_library();
gmssl_secure_clear(iv, sizeof(iv));
gmssl_secure_clear(&ctx, sizeof(ctx));
if (infile && infp) fclose(infp);
if (outfile && outfp) fclose(outfp);
return ret;

2
tools/sdfdigest.c
View File

@@ -82,6 +82,7 @@ int sdfdigest_main(int argc, char **argv)
uint8_t dgst[32];
int i;
memset(&dev, 0, sizeof(dev));
memset(&ctx, 0, sizeof(ctx));
argc--;
@@ -261,6 +262,7 @@ bad:
ret = 0;
end:
(void)sdf_digest_cleanup(&ctx);
(void)sdf_close_device(&dev);
if (pubkeyfp) fclose(pubkeyfp);
if (infile && infp) fclose(infp);
if (outfile && outfp) fclose(outfp);

2
tools/sdfencrypt.c
View File

@@ -223,11 +223,11 @@ bad:
ret = 0;
end:
gmssl_secure_clear(&ctx, sizeof(ctx));
(void)sdf_destroy_key(&key);
(void)sdf_close_device(&dev);
(void)sdf_unload_library();
gmssl_secure_clear(iv, sizeof(iv));
gmssl_secure_clear(&ctx, sizeof(ctx));
if (infile && infp) fclose(infp);
if (outfile && outfp) fclose(outfp);
return ret;

5
tools/sdfexport.c
View File

@@ -48,6 +48,8 @@ int sdfexport_main(int argc, char **argv)
SDF_DEVICE dev;
SM2_KEY sm2_key;
memset(&dev, 0, sizeof(dev));
argc--;
argv++;
@@ -141,10 +143,9 @@ bad:
goto end;
}
sdf_close_device(&dev);
ret = 0;
end:
(void)sdf_close_device(&dev);
if (lib) sdf_unload_library();
return ret;
}

12
tools/sdfsign.c
View File

@@ -57,6 +57,10 @@ int sdfsign_main(int argc, char **argv)
SDF_PRIVATE_KEY key;
SDF_SIGN_CTX ctx;
memset(&dev, 0, sizeof(dev));
memset(&key, 0, sizeof(key));
memset(&ctx, 0, sizeof(ctx));
argc--;
argv++;
@@ -136,19 +140,16 @@ bad:
}
if (sdf_load_private_key(&dev, &key, key_index, pass) != 1) {
(void)sdf_close_device(&dev);
fprintf(stderr, "gmssl %s: load signing key #%d failure\n", prog, key_index);
goto end;
}
if (sdf_sign_init(&ctx, &key, id, strlen(id)) != 1) {
(void)sdf_close_device(&dev);
fprintf(stderr, "gmssl %s: inner error\n", prog);
goto end;
}
while ((len = fread(buf, 1, sizeof(buf), infp)) > 0) {
if (sdf_sign_update(&ctx, buf, len) != 1) {
(void)sdf_close_device(&dev);
fprintf(stderr, "gmssl %s: inner error\n", prog);
goto end;
}
@@ -158,11 +159,9 @@ bad:
goto end;
}
if (sdf_sign_finish(&ctx, sig, &siglen) != 1) {
(void)sdf_close_device(&dev);
fprintf(stderr, "gmssl %s: inner error\n", prog);
goto end;
}
(void)sdf_close_device(&dev);
if (fwrite(sig, 1, siglen, outfp) != siglen) {
fprintf(stderr, "gmssl %s: output signature failed : %s\n", prog, strerror(errno));
@@ -171,6 +170,9 @@ bad:
ret = 0;
end:
gmssl_secure_clear(&ctx, sizeof(ctx));
(void)sdf_release_private_key(&key);
(void)sdf_close_device(&dev);
sdf_unload_library();
if (infile && infp) fclose(infp);
if (outfile && outfp) fclose(outfp);

2
tools/sdfutil.c
View File

@@ -211,7 +211,7 @@ bad:
end:
gmssl_secure_clear(buf, sizeof(buf));
if (key_opened) sdf_release_key(&key);
if (key_opened) sdf_destroy_key(&key);
if (dev_opened) sdf_close_device(&dev);
if (lib) sdf_unload_library();
if (infile && infp) fclose(infp);

2
tools/sphincskeygen.c
View File

@@ -124,7 +124,7 @@ bad:
ret = 0;
end:
sphincs_key_cleanup(&key);
gmssl_secure_clear(&key, sizeof(key));
gmssl_secure_clear(out, sizeof(out));
if (outfile && outfp) fclose(outfp);
if (puboutfile && puboutfp) fclose(puboutfp);

2
tools/sphincssign.c
View File

@@ -169,7 +169,7 @@ bad:
ret = 0;
end:
sphincs_key_cleanup(&key);
gmssl_secure_clear(&key, sizeof(key));
gmssl_secure_clear(keybuf, keylen);
gmssl_secure_clear(&ctx, sizeof(ctx));
if (keyfp) fclose(keyfp);

2
tools/tlcp_client.c
View File

@@ -238,6 +238,8 @@ int tlcp_client_main(int argc, char *argv[])
char send_buf[1024] = {0};
int read_stdin = 1;
memset(&conn, 0, sizeof(conn));
argc--;
argv++;
if (argc < 1) {

3
tools/tlcp_server.c
View File

@@ -170,6 +170,8 @@ int tlcp_server_main(int argc , char **argv)
tls_socklen_t client_addrlen;
size_t i;
memset(&conn, 0, sizeof(conn));
argc--;
argv++;
@@ -268,7 +270,6 @@ bad:
}
memset(&ctx, 0, sizeof(ctx));
memset(&conn, 0, sizeof(conn));
if (tls_ctx_init(&ctx, TLS_protocol_tlcp, TLS_server_mode) != 1
|| tls_ctx_set_cipher_suites(&ctx, cipher_suites, cipher_suites_cnt) != 1) {

2
tools/tls12_client.c
View File

@@ -227,6 +227,8 @@ int tls12_client_main(int argc, char *argv[])
size_t len = sizeof(buf);
char send_buf[1024] = {0};
memset(&conn, 0, sizeof(conn));
argc--;
argv++;
if (argc < 1) {

2
tools/tls12_server.c
View File

@@ -163,6 +163,8 @@ int tls12_server_main(int argc , char **argv)
size_t i;
memset(&conn, 0, sizeof(conn));
argc--;
argv++;

2
tools/tls13_client.c
View File

@@ -226,6 +226,8 @@ int tls13_client_main(int argc, char *argv[])
size_t sent_len = 0;
size_t sent_offset = 0;
memset(&conn, 0, sizeof(conn));
char *host = NULL;
int port = 443;