From 5434aa51977d3e735e30ab74c5dfee89c5535711 Mon Sep 17 00:00:00 2001
From: km <km@tsukuyomi-win10.localdomain>
Date: Thu, 26 Mar 2026 11:37:21 +0900
Subject: [PATCH] =?UTF-8?q?=E3=83=A1=E3=83=A2=E3=83=AA=E4=BF=9D=E8=AD=B7?=
 =?UTF-8?q?=E9=96=A2=E6=95=B0=E3=82=92=E5=85=B1=E9=80=9A=E3=83=98=E3=83=83?=
 =?UTF-8?q?=E3=83=80=E3=83=BC=E3=81=AB=E7=B5=B1=E4=B8=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

重複コードの解消:
- src/se050_scp03.c と src/se050_keystore.c に同じコードが 2 重に定義されていた
- 共通ヘッダー include/se050_mem_protect.h を作成
- 両方のソースファイルから重複コードを削除し、ヘッダーをインクルード

変更内容:
- new: include/se050_mem_protect.h - 共通メモリ保護ユーティリティ
- modified: src/se050_scp03.c - 重複コード削除、ヘッダーインクルード
- modified: src/se050_keystore.c - 重複コード削除、ヘッダーインクルード

メリット:
- コードの重複解消（DRY 原則）
- 保守性向上（1 か所の修正で全適用）
- ヘッダーファイルとして再利用可能
---
 include/se050_mem_protect.h |  92 ++++++++++++++++++++++++++++++++++++
 src/se050_keystore.c        |  56 +---------------------
 src/se050_keystore.o        | Bin 5408 -> 5400 bytes
 src/se050_scp03.c           |  68 +-------------------------
 src/se050_scp03.o           | Bin 8272 -> 8264 bytes
 5 files changed, 94 insertions(+), 122 deletions(-)
 create mode 100644 include/se050_mem_protect.h

diff --git a/include/se050_mem_protect.h b/include/se050_mem_protect.h
new file mode 100644
index 0000000..3d53fa3
--- /dev/null
+++ b/include/se050_mem_protect.h
@@ -0,0 +1,92 @@
+/**
+ * @file se050_mem_protect.h
+ * @brief Memory Protection Utilities
+ * 
+ * Linux-specific memory protection functions to prevent:
+ * - Swapping sensitive data to disk (mlock)
+ * - Core dump leakage (MADV_DONTDUMP)
+ * - Child process leakage after fork() (MADV_WIPEONFORK)
+ * 
+ * License: MIT
+ */
+
+#ifndef SE050_MEM_PROTECT_H
+#define SE050_MEM_PROTECT_H
+
+#include <stddef.h>
+#include "se050_wireguard.h"
+
+#ifdef __linux__
+#include <sys/mman.h>
+#include <errno.h>
+#include <stdio.h>
+#include <string.h>
+#endif
+
+/**
+ * @brief Protect sensitive memory from being swapped or dumped
+ * 
+ * Applies multiple security measures:
+ * - mlock(): Prevent swapping to disk
+ * - MADV_DONTDUMP: Exclude from core dumps
+ * - MADV_WIPEONFORK: Clear in child processes after fork()
+ * 
+ * @param ptr Pointer to memory region to protect
+ * @param size Size of memory region in bytes
+ * @return SE050_OK on success, SE050_ERR_FAIL on failure
+ * 
+ * @note On Linux, mlock may fail due to permissions. If it fails,
+ *       a warning is printed but the function continues (non-fatal).
+ * @note On non-Linux platforms, this function is a no-op.
+ */
+static inline se050_status_t protect_sensitive_memory(void *ptr, size_t size)
+{
+#ifdef __linux__
+    /* 1. Prevent swapping to disk (optional - may fail due to permissions) */
+    if (mlock(ptr, size) != 0) {
+        /* mlock may fail due to ulimit restrictions. Log warning but continue. */
+        fprintf(stderr, "Warning: mlock failed (%s). Memory may be swapped.\n", strerror(errno));
+        /* Continue without mlock - better than failing entirely */
+    }
+    
+    /* 2. Exclude from core dumps */
+    if (madvise(ptr, size, MADV_DONTDUMP) != 0) {
+        perror("madvise MADV_DONTDUMP failed");
+        /* Non-fatal, continue */
+    }
+    
+    /* 3. Clear in child processes after fork() */
+    if (madvise(ptr, size, MADV_WIPEONFORK) != 0) {
+        perror("madvise MADV_WIPEONFORK failed");
+        /* Non-fatal, continue */
+    }
+    
+    return SE050_OK;
+#else
+    /* Non-Linux platforms: no special protection */
+    (void)ptr;
+    (void)size;
+    return SE050_OK;
+#endif
+}
+
+/**
+ * @brief Release memory protection before freeing
+ * 
+ * Must be called before freeing protected memory.
+ * 
+ * @param ptr Pointer to memory region to release
+ * @param size Size of memory region in bytes
+ */
+static inline void release_memory_protection(void *ptr, size_t size)
+{
+#ifdef __linux__
+    /* Must unlock before freeing */
+    munlock(ptr, size);
+#else
+    (void)ptr;
+    (void)size;
+#endif
+}
+
+#endif /* SE050_MEM_PROTECT_H */
diff --git a/src/se050_keystore.c b/src/se050_keystore.c
index 15dbe42..2875e2f 100644
--- a/src/se050_keystore.c
+++ b/src/se050_keystore.c
@@ -18,61 +18,7 @@
 #include <string.h>
 #include <errno.h>
 
-/* Linux memory protection */
-#ifdef __linux__
-#include <sys/mman.h>
-#endif
-
-/* ============================================================================
- * Memory Protection (Linux-specific)
- * ============================================================================ */
-
-/**
- * @brief Protect sensitive memory from being swapped or dumped
- */
-#ifdef __linux__
-static se050_status_t protect_sensitive_memory(void *ptr, size_t size)
-{
-    /* 1. Prevent swapping to disk (optional - may fail due to permissions) */
-    if (mlock(ptr, size) != 0) {
-        /* mlock may fail due to ulimit restrictions. Log warning but continue. */
-        fprintf(stderr, "Warning: mlock failed (%s). Memory may be swapped.\n", strerror(errno));
-        /* Continue without mlock - better than failing entirely */
-    }
-    
-    /* 2. Exclude from core dumps */
-    if (madvise(ptr, size, MADV_DONTDUMP) != 0) {
-        perror("madvise MADV_DONTDUMP failed");
-        /* Non-fatal, continue */
-    }
-    
-    /* 3. Clear in child processes after fork() */
-    if (madvise(ptr, size, MADV_WIPEONFORK) != 0) {
-        perror("madvise MADV_WIPEONFORK failed");
-        /* Non-fatal, continue */
-    }
-    
-    return SE050_OK;
-}
-
-static void release_memory_protection(void *ptr, size_t size)
-{
-    munlock(ptr, size);
-}
-#else
-static se050_status_t protect_sensitive_memory(void *ptr, size_t size)
-{
-    (void)ptr;
-    (void)size;
-    return SE050_OK;
-}
-
-static void release_memory_protection(void *ptr, size_t size)
-{
-    (void)ptr;
-    (void)size;
-}
-#endif
+#include "se050_mem_protect.h"
 
 /* ============================================================================
  * Key Store Management
diff --git a/src/se050_keystore.o b/src/se050_keystore.o
index 85b73b36b7bed084520e1bc43634ac4d7eddf8cd..674a0840d965040f9496a30e88075c02e300d5a3 100644
GIT binary patch
delta 859
zcmZ9JO=uHQ5XX16HQ%3`nsuRQtP;{*jCzoO5`&6s!Goe;Z$*00izs+8dJ&-#N+sbh
zT1BuP)SiTpQ>hf&L)1%+In`5D3MoBEdk~DMbtZW$ivu&WZ+`!IZ{EJ?p{b#AhNdcm
z4{?+BR9a<Dlk^&X{VM%IQ9nun%;{-*fUo+KWc}CHmOXLehkfTwZa$@Hnq7LkR>l3E
zVS0p>p5t_`wzs!I{iUBuH)-eWiSx_c^Uf~S?b3&}D~Nes>h(6_p2uN}!LnUil5KX@
zM!knAUE^J~LL@e>9}9c*S0S%Y)B3q|OX_TC35D9C?;cqlEiZ@Jb&a%xB#<?@9B9!9
z&IC_dOM169px7r~8m!$wHE7Zp-Us(ttG!*#w{Fr>tQAcY@sLTy+F<A|(Nk2zrZuA^
z(h*?iAJVZZzA&9rRL%^!=py0~(`qUzy<rz!M<HUK`mU(-Ze!1?^>3A>E6VPixLsXH
z>Je8xg=Z0yGPuU^EI#tNWtY-$DI1`uX?fHSl6~Ct2=+%!8t=sCo%jM3uCydtb&<14
zGTEJ}4q$=lX}JKK&?LJ<li1`P<|QH(yI?sFHq9C_8AW^qm6-YO={|Es%%K}tU^=EI
zkjHY<RctbCstHE_qebkFuh0O<I7DUSjJ$r)i>g0~vXOB<8%BmMp>5=81-V3C5Bs``
kM22FRP2?$yHpd;v_2p>>H#lZ7+n4vJ;@wfM<F>KuFQ8)THvj+t

delta 744
zcmZ9J&r1|x7{}jdc3rK>{o$|al@O&c8-m!=YD8<$(&nk4AiC|vg9tg&KcF5&3TgXN
zZPG#MP=STR6hVh=z35HyvdLbelLb}`U33ZTd1v2+!57}|GxL7F&-b18oszw5KN_Ot
z;<;ydPG)g)HTpNvS1(ph<0(zhdyp|jbxa$hWWX~9=`m`?i=Oho!^8Z8+<tzpGE(jr
zLgW`Vf4srN$QV7r*T_}6;hl<pA)3LjmR@7L4mY;cKEfS4`GqazEn_YAih8^|t(PeF
zkpn~yOKrU|J9zXywJnkimic{*ry)pWNI@ZN6prsw0oToIR7KIW<bI?<?l+3~$+d$!
zCb4c_pgs8PskJoVYwfwrY05L}4V;)K`BE=OxgO)m2Moq4*4r)lAw<m({S2S!hNcEr
zwM(<Nih;N#e`~6e;~{#0n{kT>E~~^0JJ09?Hgj(2&hyG6?`o=YlA)XuzBAnk(asQ!
zBbBfyhbyd$fxZp&9UNZy6X+IJ5|+HEFG%HghZ1gMo1J~2q(vL7_b3A=X~}}#vBF+8
z)K{xn#R}8rFX0;wMw3oro9Uj~gvaO+S_7plnuSb#BO3>)43&`X$kGIyKwZ`;_^i7~
gcV?*@4(my{ti$kG`;qR-(i$ArVYsYA@Vn0b2U!u#@&Et;

diff --git a/src/se050_scp03.c b/src/se050_scp03.c
index fc67224..53eb917 100644
--- a/src/se050_scp03.c
+++ b/src/se050_scp03.c
@@ -12,15 +12,10 @@
 
 #include "se050_wireguard.h"
 #include "se050_crypto_utils.h"
+#include "se050_mem_protect.h"
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#include <errno.h>
-
-/* Linux memory protection */
-#ifdef __linux__
-#include <sys/mman.h>
-#endif
 
 /* SCP03 constants */
 #define SCP03_KEY_SIZE          16
@@ -33,67 +28,6 @@
 #define SCP03_SW_SUCCESS        0x9000
 #define SCP03_SW_FAIL           0x6F00
 
-/* ============================================================================
- * Memory Protection (Linux-specific)
- * ============================================================================ */
-
-/**
- * @brief Protect sensitive memory from being swapped or dumped
- * 
- * Applies multiple security measures:
- * - mlock(): Prevent swapping to disk
- * - MADV_DONTDUMP: Exclude from core dumps
- * - MADV_WIPEONFORK: Clear in child processes after fork()
- */
-#ifdef __linux__
-static se050_status_t protect_sensitive_memory(void *ptr, size_t size)
-{
-    /* 1. Prevent swapping to disk (optional - may fail due to permissions) */
-    if (mlock(ptr, size) != 0) {
-        /* mlock may fail due to ulimit restrictions. Log warning but continue. */
-        fprintf(stderr, "Warning: mlock failed (%s). Memory may be swapped.\n", strerror(errno));
-        /* Continue without mlock - better than failing entirely */
-    }
-    
-    /* 2. Exclude from core dumps */
-    if (madvise(ptr, size, MADV_DONTDUMP) != 0) {
-        perror("madvise MADV_DONTDUMP failed");
-        /* Non-fatal, continue */
-    }
-    
-    /* 3. Clear in child processes after fork() */
-    if (madvise(ptr, size, MADV_WIPEONFORK) != 0) {
-        perror("madvise MADV_WIPEONFORK failed");
-        /* Non-fatal, continue */
-    }
-    
-    return SE050_OK;
-}
-
-/**
- * @brief Release memory protection before freeing
- */
-static void release_memory_protection(void *ptr, size_t size)
-{
-    /* Must unlock before freeing */
-    munlock(ptr, size);
-}
-#else
-/* Non-Linux platforms: no special protection */
-static se050_status_t protect_sensitive_memory(void *ptr, size_t size)
-{
-    (void)ptr;
-    (void)size;
-    return SE050_OK;
-}
-
-static void release_memory_protection(void *ptr, size_t size)
-{
-    (void)ptr;
-    (void)size;
-}
-#endif
-
 /**
  * @brief SCP03 session context structure
  */
diff --git a/src/se050_scp03.o b/src/se050_scp03.o
index 26b681d607c3a7fa850963e2103c0c8cae074a3b..2586fa19575a0e6ce4cf79069dced0f94cabff17 100644
GIT binary patch
delta 1262
zcmZvaUr1AN6vywmbDK-k{c--ho7)s~Z4ZG$Q1s9?rZgYId{|^eZ4kvC(#-W5iI7ML
z>OnB+!2%H<490zlAej-R7-)|@Wp5L+(igKotn=G`^WIhm&hOs){hU9)^Si%|@Je_*
z04tfG1#kyiuouSF9Y`CT@t^s8Y^-y0$tp=wZ1ioeg9L1=K87>Kt8f+%jJ@&eKPcv5
z=eO8!w&5_YTN49^;u%dmy;LbGwrXPdP_*K_>HLjX2ZhSt|Ej#GiCX1pP1Gt6Yob=U
zPl!ti(SIB-oBQB6uA1GRsv^wA#$o{)Y2!t4>^HH|_1sq#Dx*+wXTNX&eznh%seo3s
zspg&RSE-g1sj)tgqeo5hvuZO9*GST1u9Nxs5>f3olN>C>(r27pmOz>V4n+(-`^mY!
zh7ku-_5?lPA!JkJoNnWQgTaV8>hJ+{;X>UxNaJoDQ~c&aoKz(elk~JxLOV7)uYntf
zoD2-=Bj-MV4JQ~=Tq3Z7@@mO{<%`yW%S2BIDig8k=t<lq+M&y}>*y71ZeYqyU9O2}
z8#%Xr>}jCA^B9=KAzEh&%4^I})<xcmjPIwOytJQN_=)JMfwO<<U9>4oi5fM^=(Uu4
zA0tGwI_lC<4-OFhEDo-`uL++J9pu-QjBk$5GRQy3?%{i)i-Pi8A9<<oO9U5Fwsn->
ziV}5VJJB@@No3`H=P~JGU0;s;pZ>1Wbp52yt2JGJdQWlL#h@EMxJF<OlWyuO{?2AG
zp)eVrZVxAjZi~Orr2B_l8o_0vUE(AYWt6TU(b5&1Eu(Y=8=2x3^KO<=1NJn2ggCZ)
zPQh(Vc|!73Ehg>tnDqq2>!ddT(-`!Iz>X<zNDf<z0VIcUi{u0beIdwUiq=cGK<g}S
Q`9hWp{MgCTnDO}j0RL=xVgLXD

delta 1243
zcmZ9KUr19?9LMi(x;v+3E}hpi-E>H)1%W-3Lggfei}GR6sGw|nsmO<r2m%X}pg&kR
z`$13ryAMHs9?EVJ^dOUn4193xEr{AfB=w>#N@rldbMCp`+kS9<=kELY{l4d%oih`e
zi=^9OZnDD*<%JEQB7TKdOh6i6sy^c<oGh#DUs+v^-Hd*js!<drcK!YQt`*$l-Hf-~
z1F!=Z-AC$=7O7$^x)8gZX;`c3!=zfbb-RtarYfXC&=w<WVg=q;`$yg^3#+C7tRC88
z`<j2+7H#KYTeO`|NO3AD*S}$|zr+tilJW!6AKvoACveb{fM%TbG(s7EqWsNR_Ur{X
zZS3}bEQg@cP(ABXU-PCYey<6rTg0bP=~G?3LZ;sd8ZHHt$H1YYh#H#D(BOJb>TMiS
zjL_hE5#zNQE4YNH+%YHRsifn^Xl*k<9QC?Bc0o1i3t4o4EH{$HHUz&0-N^jMS*zEC
z^V0CStf?|4{C|M?<u1yps+z{%RWm}UYZ_~FP=4<g?Zhn6E=jpF--$(I2n`w}F-3V0
zJ1L*V3Cd$!VYf@V4pJwNd%T9tI#%?PYIzReG|_YN5PY}m9W;xJL@#ogf=~4{tls??
zW*WQZ=FFswW{b{XoaiQxfTB0xpucdGXf=Pc6s69?I7#%1gNCTea(;z*qVF8E#X$?`
z3ur7TuZKHp4w}PWqR%QxqTtkd-rqPx)V)qXL7lxB)QLXf*GW;@dkC|EtIT?p8BxPu
zo;h+j)TptdyajqoA}m@!o#=R(sYXg@9J55NM|r7)(xYtBShxH)G9|PXJDW79!hKDj
z;TU!Vcfxs01$*Ew>LTYUKfrLP2LhO)97A2?JmpguZtj5vOi@mvPWch$DIdmgOWQw}
C-Epu0