diff --git a/common/src/asy_key_params.c b/common/src/asy_key_params.c index 22843498ed8df059480f07882715147070751562..415ab5aca1521d04efe2d9ee12e91ab6f0874b7d 100644 --- a/common/src/asy_key_params.c +++ b/common/src/asy_key_params.c @@ -214,9 +214,11 @@ void DestroyEccPriKeySpec(HcfEccPriKeyParamsSpec *spec) return; } FreeEccCommParamsSpec(&(spec->base)); - (void)memset_s(spec->sk.data, spec->sk.len, 0, spec->sk.len); - HcfFree(spec->sk.data); - spec->sk.data = NULL; + if (spec->sk.data != NULL) { + (void)memset_s(spec->sk.data, spec->sk.len, 0, spec->sk.len); + HcfFree(spec->sk.data); + spec->sk.data = NULL; + } HcfFree(spec); } @@ -460,7 +462,7 @@ void FreeAsyKeySpec(HcfAsyKeyParamsSpec *spec) } HcfFreeParamsAsyKeySpec createFreeFunc = FindAsyKeySpecFreeAbility(spec); if (createFreeFunc != NULL) { - return createFreeFunc(spec); + createFreeFunc(spec); } else { LOGE("create freeFunc failed."); } diff --git a/common/src/hcf_parcel.c b/common/src/hcf_parcel.c index beb96674ea3f94a6d4ddd8cb43c920f5fd1d1275..9573128a64f4f4154eabf3e564c2c5ec8ac4e2f9 100644 --- a/common/src/hcf_parcel.c +++ b/common/src/hcf_parcel.c @@ -46,7 +46,7 @@ void DeleteParcel(HcParcel *parcel) if (parcel->data != NULL) { HcfFree(parcel->data); - parcel->data = 0; + parcel->data = NULL; } parcel->length = 0; parcel->beginPos = 0; @@ -66,7 +66,7 @@ uint32_t GetParcelDataSize(const HcParcel *parcel) const char *GetParcelData(const HcParcel *parcel) { - if (parcel == NULL) { + if (parcel == NULL || parcel->data == NULL) { return NULL; } return parcel->data + parcel->beginPos; @@ -122,9 +122,8 @@ static void ParcelRecycle(HcParcel *parcel) uint32_t contentSize = parcel->endPos - parcel->beginPos; if (contentSize > 0) { - if (memmove_s(parcel->data, parcel->endPos - parcel->beginPos, - parcel->data + parcel->beginPos, parcel->endPos - parcel->beginPos) != EOK) { - } + (void)memmove_s(parcel->data, parcel->endPos - parcel->beginPos, + parcel->data + parcel->beginPos, parcel->endPos - parcel->beginPos); } parcel->beginPos = 0; parcel->endPos = contentSize; diff --git a/common/src/hcf_string.c b/common/src/hcf_string.c index 8d1b3d628c50694c91a2a4119d5df39168faf115..e7ed836bf14f1660069b0a1f1f1842de18cbc671 100644 --- a/common/src/hcf_string.c +++ b/common/src/hcf_string.c @@ -129,7 +129,7 @@ int StringFind(const HcString *self, char c, uint32_t begin) if (self == NULL) { return -1; } - + uint32_t p = begin; // because the return value is int // so the string length cannot bigger than MAX_INT uint32_t strLen = StringLength(self); @@ -138,11 +138,11 @@ int StringFind(const HcString *self, char c, uint32_t begin) } const char* curChar = StringGet(self); - while (begin < strLen) { - if (*(curChar + begin) == c) { - return begin; + while (p < strLen) { + if (*(curChar + p) == c) { + return p; } - ++begin; + ++p; } return -1; } diff --git a/common/src/object_base.c b/common/src/object_base.c index d3ff9178b45dca9b5938a3410eb2debd934be213..15d10905e2ca4097b46909013ab4fd5131089bd2 100644 --- a/common/src/object_base.c +++ b/common/src/object_base.c @@ -19,7 +19,8 @@ void HcfObjDestroy(void *obj) { - if (obj != NULL) { - ((HcfObjectBase *)obj)->destroy((HcfObjectBase *)obj); + HcfObjectBase *tmp = (HcfObjectBase *)obj; + if (tmp != NULL && tmp->destroy != NULL) { + tmp->destroy(tmp); } } diff --git a/frameworks/crypto_operation/cipher.c b/frameworks/crypto_operation/cipher.c index add67e4887ba09af144bd420661244a6591cf58d..aab445a791b7be7be4b682692e59543343f30b2c 100644 --- a/frameworks/crypto_operation/cipher.c +++ b/frameworks/crypto_operation/cipher.c @@ -214,7 +214,7 @@ static HcfResult SetCipherSpecUint8Array(HcfCipher *self, CipherSpecItem item, H { // only implemented for OAEP_MGF1_PSRC_UINT8ARR // if pSource == NULL or len == 0, it means cleaning the pSource - if (self == NULL || pSource.len < 0) { + if (self == NULL) { LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } diff --git a/frameworks/crypto_operation/kdf.c b/frameworks/crypto_operation/kdf.c index 1b4ce47817eeb7c39512a1c821d3945d3923582d..1d45072a8998f8ff642a5d9cb26f21eb11c59abc 100644 --- a/frameworks/crypto_operation/kdf.c +++ b/frameworks/crypto_operation/kdf.c @@ -152,15 +152,15 @@ static void DestroyKdf(HcfObjectBase *self) HcfFree(impl); } -HcfResult HcfKdfCreate(const char *algoName, HcfKdf **returnObj) +HcfResult HcfKdfCreate(const char *transformation, HcfKdf **returnObj) { - if ((!HcfIsStrValid(algoName, HCF_MAX_ALGO_NAME_LEN)) || (returnObj == NULL)) { + if ((!HcfIsStrValid(transformation, HCF_MAX_ALGO_NAME_LEN)) || (returnObj == NULL)) { LOGE("Invalid input params while creating kdf!"); return HCF_INVALID_PARAMS; } HcfKdfDeriveParams params = { 0 }; - if (ParseAndSetParameter(algoName, ¶ms, ParseKdfParams) != HCF_SUCCESS) { + if (ParseAndSetParameter(transformation, ¶ms, ParseKdfParams) != HCF_SUCCESS) { LOGE("Failed to parse params!"); return HCF_INVALID_PARAMS; } @@ -175,7 +175,7 @@ HcfResult HcfKdfCreate(const char *algoName, HcfKdf **returnObj) LOGE("Failed to allocate returnGenerator memory!"); return HCF_ERR_MALLOC; } - if (strcpy_s(returnGenerator->algoName, HCF_MAX_ALGO_NAME_LEN, algoName) != EOK) { + if (strcpy_s(returnGenerator->algoName, HCF_MAX_ALGO_NAME_LEN, transformation) != EOK) { LOGE("Failed to copy algoName!"); HcfFree(returnGenerator); return HCF_INVALID_PARAMS; diff --git a/frameworks/js/napi/crypto/src/napi_asy_key_generator.cpp b/frameworks/js/napi/crypto/src/napi_asy_key_generator.cpp index b301fdeb58024cedd646473bee966a9dcadd9c97..542660488e3151a3e86d0ed355fcf6a6370f346f 100644 --- a/frameworks/js/napi/crypto/src/napi_asy_key_generator.cpp +++ b/frameworks/js/napi/crypto/src/napi_asy_key_generator.cpp @@ -132,7 +132,7 @@ static void FreeConvertKeyCtx(napi_env env, ConvertKeyCtx *ctx) HcfBlobDataFree(ctx->pubKey); HcfFree(ctx->pubKey); - HcfBlobDataFree(ctx->priKey); + HcfBlobDataClearAndFree(ctx->priKey); HcfFree(ctx->priKey); HcfFree(ctx); } @@ -156,7 +156,6 @@ static void FreeConvertPemKeyCtx(napi_env env, ConvertPemKeyCtx *ctx) ctx->pubKey = ""; ctx->priKey = ""; HcfFree(ctx); - ctx = nullptr; } static bool BuildGenKeyPairCtx(napi_env env, napi_callback_info info, GenKeyPairCtx *ctx) @@ -172,7 +171,7 @@ static bool BuildGenKeyPairCtx(napi_env env, napi_callback_info info, GenKeyPair } ctx->asyncType = isCallback(env, argv[0], argc, expectedArgc) ? ASYNC_CALLBACK : ASYNC_PROMISE; - NapiAsyKeyGenerator *napiGenerator; + NapiAsyKeyGenerator *napiGenerator = nullptr; napi_status status = napi_unwrap(env, thisVar, reinterpret_cast(&napiGenerator)); if (status != napi_ok || napiGenerator == nullptr) { LOGE("failed to unwrap napi asyKeyGenerator obj."); @@ -287,7 +286,7 @@ static bool BuildConvertKeyCtx(napi_env env, napi_callback_info info, ConvertKey } ctx->asyncType = isCallback(env, argv[expectedArgc - 1], argc, expectedArgc) ? ASYNC_CALLBACK : ASYNC_PROMISE; - NapiAsyKeyGenerator *napiGenerator; + NapiAsyKeyGenerator *napiGenerator = nullptr; napi_status status = napi_unwrap(env, thisVar, reinterpret_cast(&napiGenerator)); if (status != napi_ok || napiGenerator == nullptr) { LOGE("failed to unwrap napi asyKeyGenerator obj."); @@ -329,7 +328,7 @@ static bool BuildConvertPemKeyCtx(napi_env env, napi_callback_info info, Convert LOGE("wrong argument num. require %zu arguments. [Argc]: %zu!", expectedArgc, argc); return false; } - NapiAsyKeyGenerator *napiGenerator; + NapiAsyKeyGenerator *napiGenerator = nullptr; napi_status status = napi_unwrap(env, thisVar, reinterpret_cast(&napiGenerator)); if (status != napi_ok || napiGenerator == nullptr) { LOGE("failed to unwrap napi asyKeyGenerator obj."); @@ -761,7 +760,7 @@ static void HcfFreePubKeyAndPriKey(HcfBlob *pubKey, HcfBlob *priKey) { HcfBlobDataFree(pubKey); HcfFree(pubKey); - HcfBlobDataFree(priKey); + HcfBlobDataClearAndFree(priKey); HcfFree(priKey); } @@ -863,7 +862,7 @@ napi_value NapiAsyKeyGenerator::JsConvertPemKeySync(napi_env env, napi_callback_ return nullptr; } - NapiAsyKeyGenerator *napiGenerator; + NapiAsyKeyGenerator *napiGenerator = nullptr; napi_status status = napi_unwrap(env, thisVar, reinterpret_cast(&napiGenerator)); if (status != napi_ok || napiGenerator == nullptr) { LOGE("failed to unwrap napi asyKeyGenerator obj."); @@ -903,8 +902,12 @@ napi_value NapiAsyKeyGenerator::JsConvertPemKeySync(napi_env env, napi_callback_ return nullptr; } - napi_value instance = nullptr; - instance = napiKeyPair->ConvertToJsKeyPair(env); + napi_value instance = napiKeyPair->ConvertToJsKeyPair(env); + if (instance == nullptr) { + LOGE("covert to jsKeyPair failed!"); + instance = NapiGetNull(env); + } + return instance; } @@ -936,7 +939,6 @@ static napi_value NapiWrapAsyKeyGen(napi_env env, napi_value instance, NapiAsyKe napi_value NapiAsyKeyGenerator::CreateJsAsyKeyGenerator(napi_env env, napi_callback_info info) { - LOGD("Enter CreateJsAsyKeyGenerator..."); size_t expectedArgc = PARAMS_NUM_ONE; size_t argc = expectedArgc; napi_value argv[PARAMS_NUM_ONE] = { nullptr }; diff --git a/frameworks/js/napi/crypto/src/napi_asy_key_spec_generator.cpp b/frameworks/js/napi/crypto/src/napi_asy_key_spec_generator.cpp index d0b470f7665a0cad0dd1244cf482c4f8a9918000..442c3289aa599540d51705f2564cc361bd44e284 100644 --- a/frameworks/js/napi/crypto/src/napi_asy_key_spec_generator.cpp +++ b/frameworks/js/napi/crypto/src/napi_asy_key_spec_generator.cpp @@ -85,7 +85,7 @@ static bool BuildAsyKeyCtx(napi_env env, napi_callback_info info, AsyKeyCtx *ctx } ctx->asyncType = isCallback(env, argv[0], argc, expectedArgc) ? ASYNC_CALLBACK : ASYNC_PROMISE; - NapiAsyKeyGeneratorBySpec *napiGenerator; + NapiAsyKeyGeneratorBySpec *napiGenerator = nullptr; napi_status status = napi_unwrap(env, thisVar, reinterpret_cast(&napiGenerator)); if (status != napi_ok || napiGenerator == nullptr) { LOGE("failed to unwrap napi asyKeyGenerator obj."); @@ -111,7 +111,7 @@ static bool GetAsyKeyGenerator(napi_env env, napi_callback_info info, HcfAsyKeyG napi_value thisVar = nullptr; napi_get_cb_info(env, info, nullptr, nullptr, &thisVar, nullptr); - NapiAsyKeyGeneratorBySpec *napiGenerator; + NapiAsyKeyGeneratorBySpec *napiGenerator = nullptr; napi_status status = napi_unwrap(env, thisVar, reinterpret_cast(&napiGenerator)); if (status != napi_ok || napiGenerator == nullptr) { LOGE("failed to unwrap napi asyKeyGenerator obj."); diff --git a/frameworks/js/napi/crypto/src/napi_cipher.cpp b/frameworks/js/napi/crypto/src/napi_cipher.cpp index 0e404dcb7964e21f9b20259e65f7187bcd5747a5..ac947b7dbefcd20d457f41b739f4da1e66c40d79 100644 --- a/frameworks/js/napi/crypto/src/napi_cipher.cpp +++ b/frameworks/js/napi/crypto/src/napi_cipher.cpp @@ -648,7 +648,7 @@ napi_value NapiCipher::JsCipherUpdateSync(napi_env env, napi_callback_info info) } HcfBlob output = { .data = nullptr, .len = 0 }; errCode = cipher->update(cipher, &input, &output); - HcfFree(input.data); + HcfBlobDataClearAndFree(&input); if (errCode != HCF_SUCCESS) { LOGE("failed to update!"); napi_throw(env, GenerateBusinessError(env, errCode, "update fail!")); @@ -657,7 +657,7 @@ napi_value NapiCipher::JsCipherUpdateSync(napi_env env, napi_callback_info info) napi_value instance = nullptr; errCode = ConvertDataBlobToNapiValue(env, &output, &instance); - HcfFree(output.data); + HcfBlobDataClearAndFree(&output); if (errCode != HCF_SUCCESS) { LOGE("cipher update convert dataBlob to napi_value failed!"); napi_throw(env, GenerateBusinessError(env, errCode, "cipher update convert dataBlob to napi_value failed!")); @@ -721,7 +721,7 @@ napi_value NapiCipher::JsCipherDoFinalSync(napi_env env, napi_callback_info info } HcfBlob output = { .data = nullptr, .len = 0 }; HcfResult res = cipher->doFinal(cipher, input, &output); - HcfBlobDataFree(input); + HcfBlobDataClearAndFree(input); if (res != HCF_SUCCESS) { LOGE("failed to do final!"); napi_throw(env, GenerateBusinessError(env, res, "do final fail!")); @@ -730,7 +730,7 @@ napi_value NapiCipher::JsCipherDoFinalSync(napi_env env, napi_callback_info info napi_value instance = nullptr; res = ConvertDataBlobToNapiValue(env, &output, &instance); - HcfFree(output.data); + HcfBlobDataClearAndFree(&output); if (res != HCF_SUCCESS) { LOGE("cipher convert dataBlob to napi_value failed!"); napi_throw(env, GenerateBusinessError(env, res, "cipher convert dataBlob to napi_value failed!")); @@ -851,12 +851,10 @@ napi_value NapiCipher::JsSetCipherSpec(napi_env env, napi_callback_info info) LOGE("get JsGetCipherSpecUint8Array failed!"); return nullptr; } - HcfBlob *pSource = nullptr; - pSource = GetBlobFromNapiUint8Arr(env, argv[1]); + HcfBlob *pSource = GetBlobFromNapiUint8Arr(env, argv[1]); if (pSource == nullptr || pSource->len == 0) { LOGE("failed to get pSource."); - napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, - "[pSource]: must be of the DataBlob type.")); + napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "[pSource]: must be of the DataBlob type.")); return nullptr; } napi_status status = napi_unwrap(env, thisVar, reinterpret_cast(&napiCipher)); diff --git a/frameworks/js/napi/crypto/src/napi_kdf.cpp b/frameworks/js/napi/crypto/src/napi_kdf.cpp index d7d8318ab7860a3174847a17b7099fa220456d5b..9a99858a5b710178b486a767abd4789d49758226 100644 --- a/frameworks/js/napi/crypto/src/napi_kdf.cpp +++ b/frameworks/js/napi/crypto/src/napi_kdf.cpp @@ -595,7 +595,6 @@ napi_value NapiKdf::JsKdfGenerateSecretSync(napi_env env, napi_callback_info inf LOGE("KDF generateSecret failed!"); napi_throw(env, GenerateBusinessError(env, errCode, "KDF generateSecret failed!")); FreeKdfParamsSpec(paramsSpec); - paramsSpec = nullptr; return nullptr; } napi_value returnBlob = NewKdfJsGenSecretSyncWork(env, paramsSpec); @@ -635,7 +634,6 @@ napi_value NapiKdf::KdfConstructor(napi_env env, napi_callback_info info) napi_value NapiKdf::CreateJsKdf(napi_env env, napi_callback_info info) { - LOGD("Enter CreateKdf..."); size_t expectedArgc = ARGS_SIZE_ONE; size_t argc = expectedArgc; napi_value argv[ARGS_SIZE_ONE] = { nullptr }; diff --git a/frameworks/js/napi/crypto/src/napi_key.cpp b/frameworks/js/napi/crypto/src/napi_key.cpp index deb23b3459974328c81cc59aa06fe105f1234a1b..f6a816d7df28d704e8322aa3a40d8000fbe16f7f 100644 --- a/frameworks/js/napi/crypto/src/napi_key.cpp +++ b/frameworks/js/napi/crypto/src/napi_key.cpp @@ -113,7 +113,7 @@ napi_value NapiKey::JsGetEncoded(napi_env env, napi_callback_info info) return nullptr; } napi_value instance = ConvertBlobToNapiValue(env, &blob); - HcfBlobDataFree(&blob); + HcfBlobDataClearAndFree(&blob); return instance; } diff --git a/frameworks/js/napi/crypto/src/napi_key_agreement.cpp b/frameworks/js/napi/crypto/src/napi_key_agreement.cpp index 12aa7129cdcbb36e4cbed72ad9de6f7d76a2bd49..0e6ff2dd6d844310a84d1a0d19717ae092084f1f 100644 --- a/frameworks/js/napi/crypto/src/napi_key_agreement.cpp +++ b/frameworks/js/napi/crypto/src/napi_key_agreement.cpp @@ -348,7 +348,7 @@ napi_value NapiKeyAgreement::JsGenerateSecretSync(napi_env env, napi_callback_in napi_value instance = nullptr; ret = ConvertDataBlobToNapiValue(env, &returnSecret, &instance); - HcfBlobDataFree(&returnSecret); + HcfBlobDataClearAndFree(&returnSecret); if (ret != HCF_SUCCESS) { LOGE("key agreement convert dataBlob to napi_value failed!"); napi_throw(env, GenerateBusinessError(env, ret, "key agreement convert dataBlob to napi_value failed!")); diff --git a/frameworks/js/napi/crypto/src/napi_mac.cpp b/frameworks/js/napi/crypto/src/napi_mac.cpp index beecde6e4cc59e24f6a234ffe63635a85ab82675..1d91c44e30defb7e41f16ffeab053f5981fb6b9b 100644 --- a/frameworks/js/napi/crypto/src/napi_mac.cpp +++ b/frameworks/js/napi/crypto/src/napi_mac.cpp @@ -87,7 +87,6 @@ static void FreeCryptoFwkCtx(napi_env env, MacCtx *context) context->errMsg = nullptr; context->mac = nullptr; HcfFree(context); - context = nullptr; } static void ReturnCallbackResult(napi_env env, MacCtx *context, napi_value result) @@ -642,7 +641,6 @@ static napi_value NapiWrapMac(napi_env env, napi_value instance, NapiMac *macNap if (status != napi_ok) { napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "failed to wrap NapiMac obj!")); delete macNapiObj; - macNapiObj = nullptr; LOGE("failed to wrap NapiMac obj!"); return nullptr; } @@ -651,7 +649,6 @@ static napi_value NapiWrapMac(napi_env env, napi_value instance, NapiMac *macNap napi_value NapiMac::CreateMac(napi_env env, napi_callback_info info) { - LOGD("Enter CreateMac..."); size_t expectedArgc = ARGS_SIZE_ONE; size_t argc = expectedArgc; napi_value argv[ARGS_SIZE_ONE] = { nullptr }; diff --git a/frameworks/js/napi/crypto/src/napi_md.cpp b/frameworks/js/napi/crypto/src/napi_md.cpp index c2751c4761a1dcfae2823aacd48eb66afdd7c1fc..7ebe265d4e74a114fe4e937c92e843059f8b34cc 100644 --- a/frameworks/js/napi/crypto/src/napi_md.cpp +++ b/frameworks/js/napi/crypto/src/napi_md.cpp @@ -80,7 +80,6 @@ static void FreeCryptoFwkCtx(napi_env env, MdCtx *context) context->errMsg = nullptr; context->md = nullptr; HcfFree(context); - context = nullptr; } static void ReturnCallbackResult(napi_env env, MdCtx *context, napi_value result) @@ -481,7 +480,6 @@ static napi_value NapiWrapMd(napi_env env, napi_value instance, NapiMd *mdNapiOb if (status != napi_ok) { napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "failed to wrap NapiMd obj!")); delete mdNapiObj; - mdNapiObj = nullptr; LOGE("failed to wrap NapiMd obj!"); return nullptr; } @@ -490,7 +488,6 @@ static napi_value NapiWrapMd(napi_env env, napi_value instance, NapiMd *mdNapiOb napi_value NapiMd::CreateMd(napi_env env, napi_callback_info info) { - LOGD("Enter CreateMd..."); size_t expectedArgc = ARGS_SIZE_ONE; size_t argc = expectedArgc; napi_value argv[ARGS_SIZE_ONE] = { nullptr }; diff --git a/frameworks/js/napi/crypto/src/napi_pri_key.cpp b/frameworks/js/napi/crypto/src/napi_pri_key.cpp index ffc93b4a8a1f71b06e669a1e605a5b4513a7323c..2593292403cc36c875b28c10f159e42279f23195 100644 --- a/frameworks/js/napi/crypto/src/napi_pri_key.cpp +++ b/frameworks/js/napi/crypto/src/napi_pri_key.cpp @@ -90,7 +90,13 @@ napi_value NapiPriKey::JsGetEncoded(napi_env env, napi_callback_info info) } napi_value instance = ConvertBlobToNapiValue(env, &returnBlob); - HcfBlobDataFree(&returnBlob); + if (instance == nullptr) { + HcfBlobDataFree(&returnBlob); + napi_throw(env, GenerateBusinessError(env, res, "covert blob to napi value failed.")); + LOGE("covert blob to napi value failed."); + return nullptr; + } + HcfBlobDataClearAndFree(&returnBlob); return instance; } @@ -176,6 +182,12 @@ static napi_value GetAsyKeySpecBigInt(napi_env env, AsyKeySpecItem item, HcfPriK } napi_value instance = ConvertBigIntToNapiValue(env, &returnBigInteger); + if (instance == nullptr) { + HcfFree(returnBigInteger.data); + napi_throw(env, GenerateBusinessError(env, res, "covert bigInt to napi value failed.")); + LOGE("covert bigInt to napi value failed."); + return nullptr; + } HcfFree(returnBigInteger.data); return instance; } @@ -296,8 +308,15 @@ napi_value NapiPriKey::JsGetEncodedDer(napi_env env, napi_callback_info info) LOGE("get private key encodeDer fail."); return nullptr; } + napi_value instance = ConvertBlobToNapiValue(env, &returnBlob); - HcfBlobDataFree(&returnBlob); + if (instance == nullptr) { + HcfBlobDataFree(&returnBlob); + napi_throw(env, GenerateBusinessError(env, res, "covert blob to napi value failed.")); + LOGE("covert blob to napi value failed."); + return nullptr; + } + HcfBlobDataClearAndFree(&returnBlob); return instance; } diff --git a/frameworks/js/napi/crypto/src/napi_pub_key.cpp b/frameworks/js/napi/crypto/src/napi_pub_key.cpp index 38109e73a9c376b9f7c9ee78a3aeaddbb5b963a0..675cba125f05d87f7a01185bdbbee7977c6542a1 100644 --- a/frameworks/js/napi/crypto/src/napi_pub_key.cpp +++ b/frameworks/js/napi/crypto/src/napi_pub_key.cpp @@ -90,6 +90,12 @@ napi_value NapiPubKey::JsGetEncoded(napi_env env, napi_callback_info info) } napi_value instance = ConvertBlobToNapiValue(env, &returnBlob); + if (instance == nullptr) { + HcfBlobDataFree(&returnBlob); + napi_throw(env, GenerateBusinessError(env, res, "covert blob to napi value failed.")); + LOGE("covert blob to napi value failed."); + return nullptr; + } HcfBlobDataFree(&returnBlob); return instance; } @@ -136,6 +142,12 @@ napi_value NapiPubKey::JsGetEncodedDer(napi_env env, napi_callback_info info) } napi_value instance = ConvertBlobToNapiValue(env, &returnBlob); + if (instance == nullptr) { + HcfBlobDataFree(&returnBlob); + napi_throw(env, GenerateBusinessError(env, res, "covert blob to napi value failed.")); + LOGE("covert blob to napi value failed."); + return nullptr; + } HcfBlobDataFree(&returnBlob); return instance; } @@ -199,6 +211,12 @@ static napi_value GetAsyKeySpecBigInt(napi_env env, AsyKeySpecItem item, HcfPubK } napi_value instance = ConvertBigIntToNapiValue(env, &returnBigInteger); + if (instance == nullptr) { + HcfFree(returnBigInteger.data); + napi_throw(env, GenerateBusinessError(env, res, "covert bigInt to napi value failed.")); + LOGE("covert bigInt to napi value failed."); + return nullptr; + } HcfFree(returnBigInteger.data); return instance; } diff --git a/frameworks/js/napi/crypto/src/napi_rand.cpp b/frameworks/js/napi/crypto/src/napi_rand.cpp index 212a7c511434cbe6d6389be8c050e551035bb3ef..4b3c9bfd47c74e542e60237929de7bb3345234c9 100644 --- a/frameworks/js/napi/crypto/src/napi_rand.cpp +++ b/frameworks/js/napi/crypto/src/napi_rand.cpp @@ -80,7 +80,6 @@ static void FreeCryptoFwkCtx(napi_env env, RandCtx *context) context->errMsg = nullptr; context->rand = nullptr; HcfFree(context); - context = nullptr; } static void ReturnCallbackResult(napi_env env, RandCtx *context, napi_value result) @@ -315,7 +314,7 @@ napi_value NapiRand::JsSetSeed(napi_env env, napi_callback_info info) } napi_status status = napi_unwrap(env, thisVar, reinterpret_cast(&napiRand)); if (status != napi_ok || napiRand == nullptr) { - HcfBlobDataFree(seedBlob); + HcfBlobDataClearAndFree(seedBlob); HcfFree(seedBlob); napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "failed to unwrap NapiRand obj!")); LOGE("failed to unwrap NapiRand obj!"); @@ -323,7 +322,7 @@ napi_value NapiRand::JsSetSeed(napi_env env, napi_callback_info info) } HcfRand *rand = napiRand->GetRand(); if (rand == nullptr) { - HcfBlobDataFree(seedBlob); + HcfBlobDataClearAndFree(seedBlob); HcfFree(seedBlob); napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "fail to get rand obj!")); LOGE("fail to get rand obj!"); @@ -331,13 +330,13 @@ napi_value NapiRand::JsSetSeed(napi_env env, napi_callback_info info) } HcfResult res = rand->setSeed(rand, seedBlob); if (res != HCF_SUCCESS) { - HcfBlobDataFree(seedBlob); + HcfBlobDataClearAndFree(seedBlob); HcfFree(seedBlob); napi_throw(env, GenerateBusinessError(env, res, "set seed failed.")); LOGD("[error] set seed failed."); return nullptr; } - HcfBlobDataFree(seedBlob); + HcfBlobDataClearAndFree(seedBlob); HcfFree(seedBlob); return thisVar; } diff --git a/frameworks/js/napi/crypto/src/napi_sign.cpp b/frameworks/js/napi/crypto/src/napi_sign.cpp index cf7fc77a896a90c8a782143907ae0534ea7fe050..213550c43166a9743b6794d72c130d808c84d887 100644 --- a/frameworks/js/napi/crypto/src/napi_sign.cpp +++ b/frameworks/js/napi/crypto/src/napi_sign.cpp @@ -170,7 +170,7 @@ static bool BuildSignJsInitCtx(napi_env env, napi_callback_info info, SignInitCt napi_value thisVar = nullptr; size_t expectedArgc = PARAMS_NUM_TWO; size_t argc = expectedArgc; - napi_value argv[PARAMS_NUM_TWO] = { nullptr, nullptr }; + napi_value argv[PARAMS_NUM_TWO] = { nullptr }; napi_get_cb_info(env, info, &argc, argv, &thisVar, nullptr); if (argc != expectedArgc && argc != expectedArgc - 1) { LOGE("wrong argument num. require %zu or %zu arguments. [Argc]: %zu!", expectedArgc - 1, expectedArgc, argc); @@ -220,7 +220,7 @@ static bool BuildSignJsUpdateCtx(napi_env env, napi_callback_info info, SignUpda napi_value thisVar = nullptr; size_t expectedArgc = PARAMS_NUM_TWO; size_t argc = expectedArgc; - napi_value argv[PARAMS_NUM_TWO] = { nullptr, nullptr }; + napi_value argv[PARAMS_NUM_TWO] = { nullptr }; napi_get_cb_info(env, info, &argc, argv, &thisVar, nullptr); if ((argc != expectedArgc) && (argc != expectedArgc - 1)) { LOGE("wrong argument num. require %zu or %zu arguments. [Argc]: %zu!", expectedArgc - 1, expectedArgc, argc); @@ -263,7 +263,7 @@ static bool BuildSignJsDoFinalCtx(napi_env env, napi_callback_info info, SignDoF napi_value thisVar = nullptr; size_t expectedArgc = PARAMS_NUM_TWO; size_t argc = expectedArgc; - napi_value argv[PARAMS_NUM_TWO] = { nullptr, nullptr }; + napi_value argv[PARAMS_NUM_TWO] = { nullptr }; napi_get_cb_info(env, info, &argc, argv, &thisVar, nullptr); if ((argc != expectedArgc) && (argc != expectedArgc - 1)) { LOGE("wrong argument num. require %zu or %zu arguments. [Argc]: %zu!", expectedArgc - 1, expectedArgc, argc); @@ -767,7 +767,6 @@ static napi_value NapiWrapSign(napi_env env, napi_value instance, NapiSign *napi if (status != napi_ok) { LOGE("failed to wrap napiSign obj!"); delete napiSign; - napiSign = nullptr; return nullptr; } return instance; @@ -775,7 +774,6 @@ static napi_value NapiWrapSign(napi_env env, napi_value instance, NapiSign *napi napi_value NapiSign::CreateJsSign(napi_env env, napi_callback_info info) { - LOGD("Enter CreateJsSign..."); size_t expectedArgc = PARAMS_NUM_ONE; size_t argc = expectedArgc; napi_value argv[PARAMS_NUM_ONE] = { nullptr }; diff --git a/frameworks/js/napi/crypto/src/napi_sym_key_generator.cpp b/frameworks/js/napi/crypto/src/napi_sym_key_generator.cpp index 1b51cd26e3ec1b44f32a2035905352e66afa047a..321d1d0ff7fd5d43750ef1ed9870f69618f7e06e 100644 --- a/frameworks/js/napi/crypto/src/napi_sym_key_generator.cpp +++ b/frameworks/js/napi/crypto/src/napi_sym_key_generator.cpp @@ -90,7 +90,7 @@ static bool BuildContextForGenerateKey(napi_env env, napi_callback_info info, Sy return false; } context->asyncType = isCallback(env, argv[expectedArgc - 1], argc, expectedArgc) ? ASYNC_CALLBACK : ASYNC_PROMISE; - NapiSymKeyGenerator *napiGenerator; + NapiSymKeyGenerator *napiGenerator = nullptr; napi_status status = napi_unwrap(env, thisVar, reinterpret_cast(&napiGenerator)); if (status != napi_ok || napiGenerator == nullptr) { LOGE("failed to unwrap NapiSymKeyGenerator obj!"); @@ -129,7 +129,7 @@ static bool BuildContextForConvertKey(napi_env env, napi_callback_info info, Sym } context->asyncType = isCallback(env, argv[expectedArgc - 1], argc, expectedArgc) ? ASYNC_CALLBACK : ASYNC_PROMISE; - NapiSymKeyGenerator *napiGenerator; + NapiSymKeyGenerator *napiGenerator = nullptr; napi_status status = napi_unwrap(env, thisVar, reinterpret_cast(&napiGenerator)); if (status != napi_ok || napiGenerator == nullptr) { LOGE("failed to unwrap NapiSymKeyGenerator obj!"); @@ -477,7 +477,7 @@ napi_value NapiSymKeyGenerator::JsConvertKeySync(napi_env env, napi_callback_inf HcfSymKey *key = nullptr; HcfResult ret = generator->convertSymKey(generator, keyMaterial, &key); - HcfBlobDataFree(keyMaterial); + HcfBlobDataClearAndFree(keyMaterial); HcfFree(keyMaterial); if (ret != HCF_SUCCESS) { napi_throw(env, GenerateBusinessError(env, ret, "convertSymKey key failed!")); diff --git a/frameworks/js/napi/crypto/src/napi_utils.cpp b/frameworks/js/napi/crypto/src/napi_utils.cpp index cb55d6c7e9aecc704d889b6a154234a76f5e82c7..be45baa7ea69b48f81d07af85c6caab0ab9dcf07 100644 --- a/frameworks/js/napi/crypto/src/napi_utils.cpp +++ b/frameworks/js/napi/crypto/src/napi_utils.cpp @@ -245,9 +245,6 @@ static HcfBlob *GetAadFromParamsSpec(napi_env env, napi_value arg) LOGE("Failed to allocate newBlob memory!"); return nullptr; } - blob->data = nullptr; - blob->len = 0; - LOGD("Input GCM Aad is Null"); return blob; } blob = GetBlobFromNapiDataBlob(env, data); diff --git a/frameworks/js/napi/crypto/src/napi_verify.cpp b/frameworks/js/napi/crypto/src/napi_verify.cpp index 47319d9466f149cf5284268cae4e42051cee37cd..a9e6321214b5b4165e8f6ba50201a243452100e1 100644 --- a/frameworks/js/napi/crypto/src/napi_verify.cpp +++ b/frameworks/js/napi/crypto/src/napi_verify.cpp @@ -214,7 +214,7 @@ static bool BuildVerifyJsInitCtx(napi_env env, napi_callback_info info, VerifyIn napi_value thisVar = nullptr; size_t expectedArgc = PARAMS_NUM_TWO; size_t argc = expectedArgc; - napi_value argv[PARAMS_NUM_TWO] = { nullptr, nullptr }; + napi_value argv[PARAMS_NUM_TWO] = { nullptr }; napi_get_cb_info(env, info, &argc, argv, &thisVar, nullptr); if ((argc != expectedArgc) && (argc != expectedArgc - 1)) { LOGE("wrong argument num. require %zu or %zu arguments. [Argc]: %zu!", expectedArgc - 1, expectedArgc, argc); @@ -264,7 +264,7 @@ static bool BuildVerifyJsUpdateCtx(napi_env env, napi_callback_info info, Verify napi_value thisVar = nullptr; size_t expectedArgc = PARAMS_NUM_TWO; size_t argc = expectedArgc; - napi_value argv[PARAMS_NUM_TWO] = { nullptr, nullptr }; + napi_value argv[PARAMS_NUM_TWO] = { nullptr }; napi_get_cb_info(env, info, &argc, argv, &thisVar, nullptr); if ((argc != expectedArgc) && (argc != expectedArgc - 1)) { LOGE("wrong argument num. require %zu or %zu arguments. [Argc]: %zu!", expectedArgc - 1, expectedArgc, argc); @@ -362,7 +362,7 @@ static bool BuildVerifyJsDoFinalCtx(napi_env env, napi_callback_info info, Verif napi_value thisVar = nullptr; size_t expectedArgc = PARAMS_NUM_THREE; size_t argc = expectedArgc; - napi_value argv[PARAMS_NUM_THREE] = { nullptr, nullptr, nullptr }; + napi_value argv[PARAMS_NUM_THREE] = { nullptr }; napi_get_cb_info(env, info, &argc, argv, &thisVar, nullptr); if ((argc != expectedArgc) && (argc != expectedArgc - 1)) { LOGE("wrong argument num. require %zu or %zu arguments. [Argc]: %zu!", expectedArgc - 1, expectedArgc, argc); @@ -816,6 +816,11 @@ napi_value NapiVerify::JsUpdateSync(napi_env env, napi_callback_info info) } HcfVerify *verify = napiVerify->GetVerify(); + if (verify == nullptr) { + LOGE("failed to get verify obj."); + napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "fail to get verify obj.")); + return nullptr; + } ret = verify->update(verify, &blob); HcfBlobDataFree(&blob); if (ret != HCF_SUCCESS) { @@ -849,7 +854,7 @@ napi_value NapiVerify::JsVerifySync(napi_env env, napi_callback_info info) { napi_value thisVar = nullptr; size_t argc = PARAMS_NUM_TWO; - napi_value argv[PARAMS_NUM_TWO] = { nullptr, nullptr }; + napi_value argv[PARAMS_NUM_TWO] = { nullptr }; napi_get_cb_info(env, info, &argc, argv, &thisVar, nullptr); if (argc != PARAMS_NUM_TWO) { LOGE("wrong argument num. require %d arguments. [Argc]: %zu!", PARAMS_NUM_TWO, argc); @@ -918,11 +923,16 @@ HcfResult BuildVerifyJsRecoverCtx(napi_env env, napi_callback_info info, VerifyR HcfResult ret = GetBlobFromNapiValue(env, argv[PARAM0], ctx->signatureData); if (ret != HCF_SUCCESS) { + HcfFree(ctx->signatureData); + ctx->signatureData = nullptr; return ret; } if (napi_create_reference(env, thisVar, 1, &ctx->verifyRef) != napi_ok) { LOGE("create verify ref failed when do verify recover!"); + HcfBlobDataFree(ctx->signatureData); + HcfFree(ctx->signatureData); + ctx->signatureData = nullptr; return HCF_ERR_NAPI; } @@ -1026,7 +1036,6 @@ static napi_value NapiWrapVerify(napi_env env, napi_value instance, NapiVerify * if (status != napi_ok) { LOGE("failed to wrap napiVerify obj!"); delete napiVerify; - napiVerify = nullptr; return nullptr; } return instance; @@ -1034,7 +1043,6 @@ static napi_value NapiWrapVerify(napi_env env, napi_value instance, NapiVerify * napi_value NapiVerify::CreateJsVerify(napi_env env, napi_callback_info info) { - LOGD("Enter CreateJsVerify..."); size_t expectedArgc = PARAMS_NUM_ONE; size_t argc = expectedArgc; napi_value argv[PARAMS_NUM_ONE] = { nullptr }; diff --git a/frameworks/key/asy_key_generator.c b/frameworks/key/asy_key_generator.c index c3ff4bf8520e640b07346236a9d659a0bd530c9a..479af45800fcf0823c44289e2ea21d719326dbb0 100644 --- a/frameworks/key/asy_key_generator.c +++ b/frameworks/key/asy_key_generator.c @@ -723,7 +723,6 @@ static HcfResult CreateDhPubKeySpecImpl(const HcfDhPubKeyParamsSpec *srcSpec, Hc spec->pk.data = (unsigned char *)HcfMalloc(srcSpec->pk.len, 0); if (spec->pk.data == NULL) { LOGE("Failed to allocate public key memory"); - FreeDhCommParamsSpec(&(spec->base)); DestroyDhPubKeySpec(spec); return HCF_ERR_MALLOC; } @@ -1234,6 +1233,10 @@ static HcfResult ConvertKey(HcfAsyKeyGenerator *self, HcfParamsSpec *params, Hcf return HCF_INVALID_PARAMS; } HcfAsyKeyGeneratorImpl *impl = (HcfAsyKeyGeneratorImpl *)self; + if (impl->spiObj == NULL || impl->spiObj->engineConvertKey == NULL) { + LOGE("Invalid input parameter."); + return HCF_INVALID_PARAMS; + } return impl->spiObj->engineConvertKey(impl->spiObj, params, pubKeyBlob, priKeyBlob, returnKeyPair); } @@ -1248,6 +1251,10 @@ static HcfResult ConvertPemKey(HcfAsyKeyGenerator *self, HcfParamsSpec *params, return HCF_INVALID_PARAMS; } HcfAsyKeyGeneratorImpl *impl = (HcfAsyKeyGeneratorImpl *)self; + if (impl->spiObj == NULL || impl->spiObj->engineConvertPemKey == NULL) { + LOGE("Invalid input parameter."); + return HCF_INVALID_PARAMS; + } return impl->spiObj->engineConvertPemKey(impl->spiObj, params, pubKeyStr, priKeyStr, returnKeyPair); } @@ -1263,6 +1270,10 @@ static HcfResult GenerateKeyPair(HcfAsyKeyGenerator *self, HcfParamsSpec *params return HCF_INVALID_PARAMS; } HcfAsyKeyGeneratorImpl *impl = (HcfAsyKeyGeneratorImpl *)self; + if (impl->spiObj == NULL || impl->spiObj->engineGenerateKeyPair == NULL) { + LOGE("Invalid input parameter."); + return HCF_INVALID_PARAMS; + } return impl->spiObj->engineGenerateKeyPair(impl->spiObj, returnKeyPair); } @@ -1276,6 +1287,10 @@ static HcfResult GenerateKeyPairBySpec(const HcfAsyKeyGeneratorBySpec *self, Hcf return HCF_INVALID_PARAMS; } HcfAsyKeyGeneratorBySpecImpl *impl = (HcfAsyKeyGeneratorBySpecImpl *)self; + if (impl->spiObj == NULL || impl->spiObj->engineGenerateKeyPairBySpec == NULL) { + LOGE("Invalid input parameter."); + return HCF_INVALID_PARAMS; + } return impl->spiObj->engineGenerateKeyPairBySpec(impl->spiObj, impl->paramsSpec, returnKeyPair); } @@ -1289,6 +1304,10 @@ static HcfResult GeneratePubKeyBySpec(const HcfAsyKeyGeneratorBySpec *self, HcfP return HCF_INVALID_PARAMS; } HcfAsyKeyGeneratorBySpecImpl *impl = (HcfAsyKeyGeneratorBySpecImpl *)self; + if (impl->spiObj == NULL || impl->spiObj->engineGeneratePubKeyBySpec == NULL) { + LOGE("Invalid input parameter."); + return HCF_INVALID_PARAMS; + } return impl->spiObj->engineGeneratePubKeyBySpec(impl->spiObj, impl->paramsSpec, returnPubKey); } @@ -1302,6 +1321,10 @@ static HcfResult GeneratePriKeyBySpec(const HcfAsyKeyGeneratorBySpec *self, HcfP return HCF_INVALID_PARAMS; } HcfAsyKeyGeneratorBySpecImpl *impl = (HcfAsyKeyGeneratorBySpecImpl *)self; + if (impl->spiObj == NULL || impl->spiObj->engineGeneratePriKeyBySpec == NULL) { + LOGE("Invalid input parameter."); + return HCF_INVALID_PARAMS; + } return impl->spiObj->engineGeneratePriKeyBySpec(impl->spiObj, impl->paramsSpec, returnPriKey); } diff --git a/frameworks/key/dh_key_util.c b/frameworks/key/dh_key_util.c index d04952f74cac5663856f5df401b593ecabc5cf50..af6c831536fd68606a968bd45bef190b16d094a1 100644 --- a/frameworks/key/dh_key_util.c +++ b/frameworks/key/dh_key_util.c @@ -44,7 +44,7 @@ HcfResult HcfDhKeyUtilCreate(int32_t pLen, int32_t skLen, HcfDhCommParamsSpec ** } ret = CreateDhCommonSpecImpl(&(spiInstance->paramsSpec), returnCommonParamSpec); if (ret != HCF_SUCCESS) { - LOGE("Failed to create spi object!"); + LOGE("Failed to create spi impl object!"); } FreeDhCommParamsSpec(&(spiInstance->paramsSpec)); HcfFree(spiInstance); diff --git a/frameworks/key/ecc_key_util.c b/frameworks/key/ecc_key_util.c index 8e81d140a11ee21ccb39601458a0ea6808de3e6e..31565684ece1120926df30ab7779aad270c5ff98 100644 --- a/frameworks/key/ecc_key_util.c +++ b/frameworks/key/ecc_key_util.c @@ -185,13 +185,11 @@ HcfResult HcfEccKeyUtilCreate(const char *algName, HcfEccCommParamsSpec **return LOGE("Failed to create spi object!"); return ret; } - if (CreateEccCommonSpecImpl(&(spiInstance->paramsSpec), returnCommonParamSpec) != HCF_SUCCESS) { + ret = CreateEccCommonSpecImpl(&(spiInstance->paramsSpec), returnCommonParamSpec); + if (ret != HCF_SUCCESS) { LOGE("Failed to create spi object!"); - FreeEccCommParamsSpec(&(spiInstance->paramsSpec)); - HcfFree(spiInstance); - return ret; } FreeEccCommParamsSpec(&(spiInstance->paramsSpec)); HcfFree(spiInstance); - return HCF_SUCCESS; + return ret; } diff --git a/frameworks/key/sym_key_generator.c b/frameworks/key/sym_key_generator.c index 9295cf39303004058a844c079e54e5221b0739ce..0b9f646d1f7f40d0bc53927ed0a96aa019d0444a 100644 --- a/frameworks/key/sym_key_generator.c +++ b/frameworks/key/sym_key_generator.c @@ -216,6 +216,10 @@ static HcfResult GenerateSymmKey(HcfSymKeyGenerator *self, HcfSymKey **symmKey) return HCF_INVALID_PARAMS; } HcfSymmKeyGeneratorImpl *impl = (HcfSymmKeyGeneratorImpl *)self; + if (impl->spiObj == NULL || impl->spiObj->engineGenerateSymmKey == NULL) { + LOGE("Invalid input parameter."); + return HCF_INVALID_PARAMS; + } return impl->spiObj->engineGenerateSymmKey(impl->spiObj, symmKey); } @@ -231,7 +235,10 @@ static HcfResult ConvertSymmKey(HcfSymKeyGenerator *self, const HcfBlob *key, Hc return HCF_INVALID_PARAMS; } HcfSymmKeyGeneratorImpl *impl = (HcfSymmKeyGeneratorImpl *)self; - + if (impl->spiObj == NULL || impl->spiObj->engineConvertSymmKey == NULL) { + LOGE("Invalid input parameter."); + return HCF_INVALID_PARAMS; + } return impl->spiObj->engineConvertSymmKey(impl->spiObj, key, symmKey); } diff --git a/frameworks/native/src/asym_key.c b/frameworks/native/src/asym_key.c index 2295e0e5177e26365d01179d95c5963fe65fe0a0..5007aa7400aa794cdbfb5510b23a896316320874 100644 --- a/frameworks/native/src/asym_key.c +++ b/frameworks/native/src/asym_key.c @@ -74,7 +74,7 @@ OH_Crypto_ErrCode OH_CryptoAsymKeyGenerator_Create(const char *algoName, OH_Cryp OH_Crypto_ErrCode OH_CryptoAsymKeyGenerator_Generate(OH_CryptoAsymKeyGenerator *ctx, OH_CryptoKeyPair **keyCtx) { - if ((ctx == NULL) || (keyCtx == NULL)) { + if ((ctx == NULL) || (ctx->generateKeyPair == NULL) || (keyCtx == NULL)) { return CRYPTO_INVALID_PARAMS; } HcfResult ret = ctx->generateKeyPair((HcfAsyKeyGenerator *)ctx, NULL, (HcfKeyPair **)keyCtx); @@ -92,11 +92,13 @@ OH_Crypto_ErrCode OH_CryptoAsymKeyGenerator_Convert(OH_CryptoAsymKeyGenerator *c const char *pubKeyStr = (pubKeyData == NULL)? NULL : (const char *)pubKeyData->data; switch (type) { case CRYPTO_PEM: - ret = ctx->convertPemKey((HcfAsyKeyGenerator *)ctx, NULL, pubKeyStr, priKeyStr, (HcfKeyPair **)keyCtx); + ret = ctx->convertPemKey == NULL ? HCF_INVALID_PARAMS : + ctx->convertPemKey((HcfAsyKeyGenerator *)ctx, NULL, pubKeyStr, priKeyStr, (HcfKeyPair **)keyCtx); break; case CRYPTO_DER: - ret = ctx->convertKey((HcfAsyKeyGenerator *)ctx, NULL, - (HcfBlob *)pubKeyData, (HcfBlob *)priKeyData, (HcfKeyPair **)keyCtx); + ret = ctx->convertKey == NULL ? HCF_INVALID_PARAMS : + ctx->convertKey((HcfAsyKeyGenerator *)ctx, NULL, (HcfBlob *)pubKeyData, + (HcfBlob *)priKeyData, (HcfKeyPair **)keyCtx); break; default: return CRYPTO_INVALID_PARAMS; @@ -106,7 +108,7 @@ OH_Crypto_ErrCode OH_CryptoAsymKeyGenerator_Convert(OH_CryptoAsymKeyGenerator *c const char *OH_CryptoAsymKeyGenerator_GetAlgoName(OH_CryptoAsymKeyGenerator *ctx) { - if (ctx == NULL) { + if ((ctx == NULL) || (ctx->getAlgoName == NULL)) { return NULL; } return ctx->getAlgoName((HcfAsyKeyGenerator *)ctx); @@ -114,7 +116,7 @@ const char *OH_CryptoAsymKeyGenerator_GetAlgoName(OH_CryptoAsymKeyGenerator *ctx void OH_CryptoAsymKeyGenerator_Destroy(OH_CryptoAsymKeyGenerator *ctx) { - if (ctx == NULL) { + if ((ctx == NULL) || (ctx->base.destroy == NULL)) { return; } ctx->base.destroy((HcfObjectBase *)ctx); @@ -122,7 +124,7 @@ void OH_CryptoAsymKeyGenerator_Destroy(OH_CryptoAsymKeyGenerator *ctx) void OH_CryptoKeyPair_Destroy(OH_CryptoKeyPair *keyCtx) { - if (keyCtx == NULL) { + if ((keyCtx == NULL) || (keyCtx->base.destroy == NULL)) { return; } keyCtx->base.destroy((HcfObjectBase *)keyCtx); @@ -146,6 +148,9 @@ OH_Crypto_ErrCode OH_CryptoPubKey_Encode(OH_CryptoPubKey *key, Crypto_EncodingTy char *pemStr = NULL; switch (type) { case CRYPTO_PEM: + if (key->base.getEncodedPem == NULL) { + return CRYPTO_INVALID_PARAMS; + } ret = key->base.getEncodedPem((HcfKey *)key, encodingStandard, &pemStr); if (ret != HCF_SUCCESS) { break; @@ -155,10 +160,12 @@ OH_Crypto_ErrCode OH_CryptoPubKey_Encode(OH_CryptoPubKey *key, Crypto_EncodingTy break; case CRYPTO_DER: if (encodingStandard != NULL) { - ret = key->getEncodedDer((HcfPubKey *)key, encodingStandard, (HcfBlob *)out); + ret = key->getEncodedDer == NULL ? HCF_INVALID_PARAMS : + key->getEncodedDer((HcfPubKey *)key, encodingStandard, (HcfBlob *)out); break; } else { - ret = key->base.getEncoded((HcfKey *)key, (HcfBlob *)out); + ret = key->base.getEncoded == NULL ? HCF_INVALID_PARAMS + : key->base.getEncoded((HcfKey *)key, (HcfBlob *)out); break; } default: @@ -186,7 +193,8 @@ OH_Crypto_ErrCode OH_CryptoPubKey_GetParam(OH_CryptoPubKey *key, CryptoAsymKey_P ret = HCF_ERR_MALLOC; break; } - ret = key->getAsyKeySpecInt((HcfPubKey *)key, (AsyKeySpecItem)item, returnInt); + ret = key->getAsyKeySpecInt == NULL ? HCF_INVALID_PARAMS : + key->getAsyKeySpecInt((HcfPubKey *)key, (AsyKeySpecItem)item, returnInt); if (ret != HCF_SUCCESS) { HcfFree(returnInt); break; @@ -196,7 +204,8 @@ OH_Crypto_ErrCode OH_CryptoPubKey_GetParam(OH_CryptoPubKey *key, CryptoAsymKey_P break; case CRYPTO_ECC_FIELD_TYPE_STR: case CRYPTO_ECC_CURVE_NAME_STR: - ret = key->getAsyKeySpecString((HcfPubKey *)key, (AsyKeySpecItem)item, &returnStr); + ret = key->getAsyKeySpecString == NULL ? HCF_INVALID_PARAMS : + key->getAsyKeySpecString((HcfPubKey *)key, (AsyKeySpecItem)item, &returnStr); if (ret != HCF_SUCCESS) { break; } @@ -204,8 +213,8 @@ OH_Crypto_ErrCode OH_CryptoPubKey_GetParam(OH_CryptoPubKey *key, CryptoAsymKey_P value->len = strlen(returnStr); break; default: - ret = key->getAsyKeySpecBigInteger((HcfPubKey *)key, - (AsyKeySpecItem)item, &bigIntValue); + ret = key->getAsyKeySpecBigInteger == NULL ? HCF_INVALID_PARAMS : + key->getAsyKeySpecBigInteger((HcfPubKey *)key, (AsyKeySpecItem)item, &bigIntValue); if (ret != HCF_SUCCESS) { break; } diff --git a/frameworks/native/src/crypto_common.c b/frameworks/native/src/crypto_common.c index b3d00a2811a1ff3bc8f548334530edff5cb2f3be..f9a17dde2e73c5af2c9e8eebab637b7e82db9266 100644 --- a/frameworks/native/src/crypto_common.c +++ b/frameworks/native/src/crypto_common.c @@ -22,5 +22,5 @@ void OH_Crypto_FreeDataBlob(Crypto_DataBlob *dataBlob) if (dataBlob == NULL) { return; } - return HcfBlobDataFree((HcfBlob *)dataBlob); + HcfBlobDataFree((HcfBlob *)dataBlob); } \ No newline at end of file diff --git a/frameworks/native/src/digest.c b/frameworks/native/src/digest.c index b8d9ab2ff5e3a38d3ef96e5d96490b9057cbb2c0..8d0a6c6d86be01545e0adad98643ab45f842b1d2 100644 --- a/frameworks/native/src/digest.c +++ b/frameworks/native/src/digest.c @@ -44,7 +44,7 @@ OH_Crypto_ErrCode OH_CryptoDigest_Create(const char *algoName, OH_CryptoDigest * OH_Crypto_ErrCode OH_CryptoDigest_Update(OH_CryptoDigest *ctx, Crypto_DataBlob *in) { - if ((ctx == NULL) || (in == NULL)) { + if ((ctx == NULL) || (ctx->update == NULL) || (in == NULL)) { return CRYPTO_INVALID_PARAMS; } HcfResult ret = ctx->update((HcfMd *)ctx, (HcfBlob *)in); @@ -53,7 +53,7 @@ OH_Crypto_ErrCode OH_CryptoDigest_Update(OH_CryptoDigest *ctx, Crypto_DataBlob * OH_Crypto_ErrCode OH_CryptoDigest_Final(OH_CryptoDigest *ctx, Crypto_DataBlob *out) { - if ((ctx == NULL) || (out == NULL)) { + if ((ctx == NULL) || (ctx->doFinal == NULL) || (out == NULL)) { return CRYPTO_INVALID_PARAMS; } HcfResult ret = ctx->doFinal((HcfMd *)ctx, (HcfBlob *)out); @@ -62,7 +62,7 @@ OH_Crypto_ErrCode OH_CryptoDigest_Final(OH_CryptoDigest *ctx, Crypto_DataBlob *o uint32_t OH_CryptoDigest_GetLength(OH_CryptoDigest *ctx) { - if (ctx == NULL) { + if ((ctx == NULL) || (ctx->getMdLength == NULL)) { return CRYPTO_INVALID_PARAMS; } return ctx->getMdLength((HcfMd *)ctx); @@ -70,7 +70,7 @@ uint32_t OH_CryptoDigest_GetLength(OH_CryptoDigest *ctx) const char *OH_CryptoDigest_GetAlgoName(OH_CryptoDigest *ctx) { - if (ctx == NULL) { + if ((ctx == NULL) || (ctx->getAlgoName == NULL)) { return NULL; } return ctx->getAlgoName((HcfMd *)ctx); @@ -78,7 +78,7 @@ const char *OH_CryptoDigest_GetAlgoName(OH_CryptoDigest *ctx) void OH_DigestCrypto_Destroy(OH_CryptoDigest *ctx) { - if (ctx == NULL) { + if ((ctx == NULL) || (ctx->base.destroy == NULL)) { return; } ctx->base.destroy((HcfObjectBase *)ctx); diff --git a/frameworks/native/src/signature.c b/frameworks/native/src/signature.c index 060e78aa83c88493b39485fb4acd37c6a4237eda..c619321f860e74be2b2a2a6ee871b88e8dd460fc 100644 --- a/frameworks/native/src/signature.c +++ b/frameworks/native/src/signature.c @@ -46,18 +46,18 @@ struct OH_CryptoVerify { HcfResult (*setVerifySpecUint8Array)(HcfVerify *self, SignSpecItem item, HcfBlob blob); }; -OH_Crypto_ErrCode OH_CryptoVerify_Create(const char *algoName, OH_CryptoVerify **ctx) +OH_Crypto_ErrCode OH_CryptoVerify_Create(const char *algoName, OH_CryptoVerify **verify) { - if (ctx == NULL) { + if (verify == NULL) { return CRYPTO_INVALID_PARAMS; } - HcfResult ret = HcfVerifyCreate(algoName, (HcfVerify **)ctx); + HcfResult ret = HcfVerifyCreate(algoName, (HcfVerify **)verify); return GetOhCryptoErrCode(ret); } OH_Crypto_ErrCode OH_CryptoVerify_Init(OH_CryptoVerify *ctx, OH_CryptoPubKey *pubKey) { - if ((ctx == NULL) || (pubKey == NULL)) { + if ((ctx == NULL) || (ctx->init == NULL) || (pubKey == NULL)) { return CRYPTO_INVALID_PARAMS; } HcfResult ret = ctx->init((HcfVerify *)ctx, NULL, (HcfPubKey *)pubKey); @@ -66,7 +66,7 @@ OH_Crypto_ErrCode OH_CryptoVerify_Init(OH_CryptoVerify *ctx, OH_CryptoPubKey *pu OH_Crypto_ErrCode OH_CryptoVerify_Update(OH_CryptoVerify *ctx, Crypto_DataBlob *in) { - if ((ctx == NULL) || (in == NULL)) { + if ((ctx == NULL) || (ctx->update == NULL) || (in == NULL)) { return CRYPTO_INVALID_PARAMS; } HcfResult ret = ctx->update((HcfVerify *)ctx, (HcfBlob *)in); @@ -75,7 +75,7 @@ OH_Crypto_ErrCode OH_CryptoVerify_Update(OH_CryptoVerify *ctx, Crypto_DataBlob * bool OH_CryptoVerify_Final(OH_CryptoVerify *ctx, Crypto_DataBlob *in, Crypto_DataBlob *signData) { - if ((ctx == NULL) || (signData == NULL)) { + if ((ctx == NULL) || (ctx->verify == NULL) || (signData == NULL)) { return false; } bool ret = ctx->verify((HcfVerify *)ctx, (HcfBlob *)in, (HcfBlob *)signData); @@ -89,7 +89,7 @@ bool OH_CryptoVerify_Final(OH_CryptoVerify *ctx, Crypto_DataBlob *in, Crypto_Dat OH_Crypto_ErrCode OH_CryptoVerify_Recover(OH_CryptoVerify *ctx, Crypto_DataBlob *signData, Crypto_DataBlob *rawSignData) { - if ((ctx == NULL) || (signData == NULL) || (rawSignData == NULL)) { + if ((ctx == NULL) || (ctx->recover == NULL) || (signData == NULL) || (rawSignData == NULL)) { return CRYPTO_INVALID_PARAMS; } HcfResult ret = ctx->recover((HcfVerify *)ctx, (HcfBlob *)signData, (HcfBlob *)rawSignData); @@ -98,7 +98,7 @@ OH_Crypto_ErrCode OH_CryptoVerify_Recover(OH_CryptoVerify *ctx, Crypto_DataBlob const char *OH_CryptoVerify_GetAlgoName(OH_CryptoVerify *ctx) { - if (ctx == NULL) { + if ((ctx == NULL) || (ctx->getAlgoName == NULL)) { return NULL; } return ctx->getAlgoName((HcfVerify *)ctx); @@ -114,7 +114,7 @@ OH_Crypto_ErrCode OH_CryptoVerify_SetParam(OH_CryptoVerify *ctx, CryptoSignature switch (type) { case CRYPTO_PSS_SALT_LEN_INT: case CRYPTO_PSS_TRAILER_FIELD_INT: - if (value->len != sizeof(int32_t)) { + if ((value->data == NULL) || (value->len != sizeof(int32_t)) || (ctx->setVerifySpecInt == NULL)) { ret = HCF_INVALID_PARAMS; break; } @@ -124,6 +124,10 @@ OH_Crypto_ErrCode OH_CryptoVerify_SetParam(OH_CryptoVerify *ctx, CryptoSignature case CRYPTO_PSS_MGF1_NAME_STR: case CRYPTO_PSS_MGF_NAME_STR: case CRYPTO_PSS_MD_NAME_STR: + if (ctx->setVerifySpecUint8Array == NULL) { + ret = HCF_INVALID_PARAMS; + break; + } ret = ctx->setVerifySpecUint8Array((HcfVerify *)ctx, (SignSpecItem)type, *((HcfBlob *)value)); break; default: @@ -145,6 +149,10 @@ OH_Crypto_ErrCode OH_CryptoVerify_GetParam(OH_CryptoVerify *ctx, CryptoSignature case CRYPTO_PSS_SALT_LEN_INT: case CRYPTO_PSS_TRAILER_FIELD_INT: case CRYPTO_SM2_USER_ID_DATABLOB: + if (ctx->getVerifySpecInt == NULL) { + ret = HCF_INVALID_PARAMS; + break; + } returnInt = (int32_t *)HcfMalloc(sizeof(int32_t), 0); if (returnInt == NULL) { return CRYPTO_MEMORY_ERROR; @@ -160,6 +168,10 @@ OH_Crypto_ErrCode OH_CryptoVerify_GetParam(OH_CryptoVerify *ctx, CryptoSignature case CRYPTO_PSS_MD_NAME_STR: case CRYPTO_PSS_MGF_NAME_STR: case CRYPTO_PSS_MGF1_NAME_STR: + if (ctx->getVerifySpecString == NULL) { + ret = HCF_INVALID_PARAMS; + break; + } ret = ctx->getVerifySpecString((HcfVerify *)ctx, (SignSpecItem)type, &returnStr); if (ret != HCF_SUCCESS) { break; @@ -176,7 +188,7 @@ OH_Crypto_ErrCode OH_CryptoVerify_GetParam(OH_CryptoVerify *ctx, CryptoSignature void OH_CryptoVerify_Destroy(OH_CryptoVerify *ctx) { - if (ctx == NULL) { + if (ctx == NULL || ctx->base.destroy == NULL) { return; } ctx->base.destroy((HcfObjectBase *)ctx); diff --git a/frameworks/native/src/sym_cipher.c b/frameworks/native/src/sym_cipher.c index 615d554207733974fe2d76e03661c413f4f3641d..ac7f75f547000ae40547720bbeb9d6137c80241f 100644 --- a/frameworks/native/src/sym_cipher.c +++ b/frameworks/native/src/sym_cipher.c @@ -113,7 +113,7 @@ OH_Crypto_ErrCode OH_CryptoSymCipher_Create(const char *algoName, OH_CryptoSymCi OH_Crypto_ErrCode OH_CryptoSymCipher_Init(OH_CryptoSymCipher *ctx, Crypto_CipherMode mod, OH_CryptoSymKey *key, OH_CryptoSymCipherParams *params) { - if ((ctx == NULL) || (key == NULL)) { + if ((ctx == NULL) || (ctx->init == NULL) || (key == NULL)) { return CRYPTO_INVALID_PARAMS; } HcfResult ret = ctx->init((HcfCipher *)ctx, (enum HcfCryptoMode)mod, (HcfKey *)key, (HcfParamsSpec *)params); @@ -122,7 +122,7 @@ OH_Crypto_ErrCode OH_CryptoSymCipher_Init(OH_CryptoSymCipher *ctx, Crypto_Cipher OH_Crypto_ErrCode OH_CryptoSymCipher_Update(OH_CryptoSymCipher *ctx, Crypto_DataBlob *in, Crypto_DataBlob *out) { - if ((ctx == NULL) || (in == NULL) || (out == NULL)) { + if ((ctx == NULL) || (ctx->update == NULL) || (in == NULL) || (out == NULL)) { return CRYPTO_INVALID_PARAMS; } HcfResult ret = ctx->update((HcfCipher *)ctx, (HcfBlob *)in, (HcfBlob *)out); @@ -131,7 +131,7 @@ OH_Crypto_ErrCode OH_CryptoSymCipher_Update(OH_CryptoSymCipher *ctx, Crypto_Data OH_Crypto_ErrCode OH_CryptoSymCipher_Final(OH_CryptoSymCipher *ctx, Crypto_DataBlob *in, Crypto_DataBlob *out) { - if ((ctx == NULL) || (out == NULL)) { + if ((ctx == NULL) || (ctx->doFinal == NULL) || (out == NULL)) { return CRYPTO_INVALID_PARAMS; } HcfResult ret = ctx->doFinal((HcfCipher *)ctx, (HcfBlob *)in, (HcfBlob *)out); @@ -140,7 +140,7 @@ OH_Crypto_ErrCode OH_CryptoSymCipher_Final(OH_CryptoSymCipher *ctx, Crypto_DataB const char *OH_CryptoSymCipher_GetAlgoName(OH_CryptoSymCipher *ctx) { - if (ctx == NULL) { + if ((ctx == NULL) || (ctx->getAlgorithm == NULL)) { return NULL; } return ctx->getAlgorithm((HcfCipher *)ctx); @@ -148,7 +148,7 @@ const char *OH_CryptoSymCipher_GetAlgoName(OH_CryptoSymCipher *ctx) void OH_CryptoSymCipher_Destroy(OH_CryptoSymCipher *ctx) { - if (ctx == NULL) { + if ((ctx == NULL) || (ctx->base.destroy == NULL)) { return; } ctx->base.destroy((HcfObjectBase *)ctx); diff --git a/frameworks/native/src/sym_key.c b/frameworks/native/src/sym_key.c index df250d8658ceb3fae34ac1bf6b268ec9f50a7f01..4d9626767b84a24066e340cee362ea2aca72e91d 100644 --- a/frameworks/native/src/sym_key.c +++ b/frameworks/native/src/sym_key.c @@ -53,7 +53,7 @@ OH_Crypto_ErrCode OH_CryptoSymKeyGenerator_Create(const char *algoName, OH_Crypt OH_Crypto_ErrCode OH_CryptoSymKeyGenerator_Generate(OH_CryptoSymKeyGenerator *ctx, OH_CryptoSymKey **keyCtx) { - if ((ctx == NULL) || (keyCtx == NULL)) { + if ((ctx == NULL) || (ctx->generateSymKey == NULL) || (keyCtx == NULL)) { return CRYPTO_INVALID_PARAMS; } HcfResult ret = ctx->generateSymKey((HcfSymKeyGenerator *)ctx, (HcfSymKey **)keyCtx); @@ -63,7 +63,7 @@ OH_Crypto_ErrCode OH_CryptoSymKeyGenerator_Generate(OH_CryptoSymKeyGenerator *ct OH_Crypto_ErrCode OH_CryptoSymKeyGenerator_Convert(OH_CryptoSymKeyGenerator *ctx, const Crypto_DataBlob *keyData, OH_CryptoSymKey **keyCtx) { - if ((ctx == NULL) || (keyData == NULL) || (keyCtx == NULL)) { + if ((ctx == NULL) || (ctx->convertSymKey == NULL) || (keyData == NULL) || (keyCtx == NULL)) { return CRYPTO_INVALID_PARAMS; } HcfResult ret = ctx->convertSymKey((HcfSymKeyGenerator *)ctx, (HcfBlob *)keyData, (HcfSymKey **)keyCtx); @@ -72,7 +72,7 @@ OH_Crypto_ErrCode OH_CryptoSymKeyGenerator_Convert(OH_CryptoSymKeyGenerator *ctx const char *OH_CryptoSymKeyGenerator_GetAlgoName(OH_CryptoSymKeyGenerator *ctx) { - if (ctx == NULL) { + if (ctx == NULL || (ctx->getAlgoName == NULL)) { return NULL; } return ctx->getAlgoName((HcfSymKeyGenerator *)ctx); @@ -80,7 +80,7 @@ const char *OH_CryptoSymKeyGenerator_GetAlgoName(OH_CryptoSymKeyGenerator *ctx) void OH_CryptoSymKeyGenerator_Destroy(OH_CryptoSymKeyGenerator *ctx) { - if (ctx == NULL) { + if (ctx == NULL || (ctx->base.destroy == NULL)) { return; } ctx->base.destroy((HcfObjectBase *)ctx); @@ -88,7 +88,7 @@ void OH_CryptoSymKeyGenerator_Destroy(OH_CryptoSymKeyGenerator *ctx) const char *OH_CryptoSymKey_GetAlgoName(OH_CryptoSymKey *keyCtx) { - if (keyCtx == NULL) { + if (keyCtx == NULL || (keyCtx->key.getAlgorithm == NULL)) { return NULL; } return keyCtx->key.getAlgorithm((HcfKey *)keyCtx); @@ -96,7 +96,7 @@ const char *OH_CryptoSymKey_GetAlgoName(OH_CryptoSymKey *keyCtx) OH_Crypto_ErrCode OH_CryptoSymKey_GetKeyData(OH_CryptoSymKey *keyCtx, Crypto_DataBlob *out) { - if ((keyCtx == NULL) || (out == NULL)) { + if ((keyCtx == NULL) || (keyCtx->key.getEncoded == NULL) || (out == NULL)) { return CRYPTO_INVALID_PARAMS; } HcfResult ret = keyCtx->key.getEncoded((HcfKey *)keyCtx, (HcfBlob *)out); @@ -105,7 +105,7 @@ OH_Crypto_ErrCode OH_CryptoSymKey_GetKeyData(OH_CryptoSymKey *keyCtx, Crypto_Dat void OH_CryptoSymKey_Destroy(OH_CryptoSymKey *keyCtx) { - if (keyCtx == NULL) { + if ((keyCtx == NULL) || (keyCtx->key.base.destroy == NULL)) { return; } keyCtx->key.base.destroy((HcfObjectBase *)keyCtx); diff --git a/plugin/openssl_plugin/common/src/ecc_openssl_common.c b/plugin/openssl_plugin/common/src/ecc_openssl_common.c index a667155e87886546af6d35a1f19576cd9f2f7251..4afd54afbfa01989d40a3ddd7c1296abf85fcef2 100644 --- a/plugin/openssl_plugin/common/src/ecc_openssl_common.c +++ b/plugin/openssl_plugin/common/src/ecc_openssl_common.c @@ -218,10 +218,10 @@ static HcfResult InitEcKeyByPriKey(const HcfBigInteger *priKey, EC_KEY *ecKey) int32_t ret = (int32_t)OpensslEcKeySetPrivateKey(ecKey, sk); if (ret != HCF_OPENSSL_SUCCESS) { LOGD("[error] OpensslEcKeySetPrivateKey failed."); - OpensslBnFree(sk); + OpensslBnClearFree(sk); return HCF_ERR_CRYPTO_OPERATION; } - OpensslBnFree(sk); + OpensslBnClearFree(sk); return HCF_SUCCESS; } @@ -256,7 +256,7 @@ static HcfResult SetEcPubKeyFromPriKey(const HcfBigInteger *priKey, EC_KEY *ecKe } } while (0); OpensslEcPointFree(point); - OpensslBnFree(sk); + OpensslBnClearFree(sk); return ret; } diff --git a/plugin/openssl_plugin/common/src/openssl_adapter.c b/plugin/openssl_plugin/common/src/openssl_adapter.c index 48a9fbc72e81158ee93b0f8a2f6d6943ced392f0..f38dd44a94823421e4e63da068d9b240a8a97795 100644 --- a/plugin/openssl_plugin/common/src/openssl_adapter.c +++ b/plugin/openssl_plugin/common/src/openssl_adapter.c @@ -846,7 +846,7 @@ int OpensslBioWrite(BIO *b, const void *data, int dlen) void OpensslBioFreeAll(BIO *a) { - return BIO_free_all(a); + BIO_free_all(a); } int OpensslRandPrivBytes(unsigned char *buf, int num) @@ -1126,7 +1126,7 @@ EVP_CIPHER *OpensslEvpCipherFetch(OSSL_LIB_CTX *ctx, const char *algorithm, cons void OpensslEvpCipherFree(EVP_CIPHER *cipher) { - return EVP_CIPHER_free(cipher); + EVP_CIPHER_free(cipher); } EVP_CIPHER_CTX *OpensslEvpCipherCtxNew(void) @@ -1235,7 +1235,7 @@ int OpensslDhComputeKeyPadded(unsigned char *key, const BIGNUM *pubKey, DH *dh) void OpensslDhFree(DH *dh) { - return DH_free(dh); + DH_free(dh); } int OpensslDhGenerateKey(DH *dh) @@ -1323,9 +1323,9 @@ int OpensslDhSet0Key(DH *dh, BIGNUM *pubKey, BIGNUM *privKey) return DH_set0_key(dh, pubKey, privKey); } -struct Sm2CipherTextSt *OpensslD2iSm2CipherText(const uint8_t *ciphertext, size_t ciphertext_len) +struct Sm2CipherTextSt *OpensslD2iSm2CipherText(const uint8_t *ciphertext, size_t ciphertextLen) { - return d2i_Sm2CipherText(NULL, &ciphertext, ciphertext_len); + return d2i_Sm2CipherText(NULL, &ciphertext, ciphertextLen); } void OpensslSm2CipherTextFree(struct Sm2CipherTextSt *sm2Text) @@ -1448,12 +1448,12 @@ EVP_KDF_CTX *OpensslEvpKdfCtxNew(EVP_KDF *kdf) void OpensslEvpKdfFree(EVP_KDF *kdf) { - return EVP_KDF_free(kdf); + EVP_KDF_free(kdf); } void OpensslEvpKdfCtxFree(EVP_KDF_CTX *ctx) { - return EVP_KDF_CTX_free(ctx); + EVP_KDF_CTX_free(ctx); } int OpensslEvpKdfDerive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen, diff --git a/plugin/openssl_plugin/common/src/openssl_common.c b/plugin/openssl_plugin/common/src/openssl_common.c index 275cf3304d12ee80fc86a73ce3b6867011f02de1..83d82af8041e4773af3cdfa133aaaaa066b4f7f5 100644 --- a/plugin/openssl_plugin/common/src/openssl_common.c +++ b/plugin/openssl_plugin/common/src/openssl_common.c @@ -537,20 +537,17 @@ HcfResult KeyDerive(EVP_PKEY *priKey, EVP_PKEY *pubKey, HcfBlob *returnSecret) ret = HCF_ERR_MALLOC; break; } - size_t actualLen = maxLen; - if (OpensslEvpPkeyDerive(ctx, secretData, &actualLen) != HCF_OPENSSL_SUCCESS) { + + if (OpensslEvpPkeyDerive(ctx, secretData, &maxLen) != HCF_OPENSSL_SUCCESS) { + (void)memset_s(secretData, maxLen, 0, maxLen); LOGD("[error] Evp key derive failed!"); HcfPrintOpensslError(); HcfFree(secretData); break; } - if (actualLen > maxLen) { - LOGD("[error] signature data too long."); - HcfFree(secretData); - break; - } + returnSecret->data = secretData; - returnSecret->len = actualLen; + returnSecret->len = maxLen; ret = HCF_SUCCESS; } while (0); OpensslEvpPkeyCtxFree(ctx); diff --git a/plugin/openssl_plugin/crypto_operation/cipher/src/cipher_3des_openssl.c b/plugin/openssl_plugin/crypto_operation/cipher/src/cipher_3des_openssl.c index 01bf8f29a65da2e3fcd525df79ea85bb83b551f7..b8c1c458979c72c5946af99b96dcf698eb59776a 100644 --- a/plugin/openssl_plugin/crypto_operation/cipher/src/cipher_3des_openssl.c +++ b/plugin/openssl_plugin/crypto_operation/cipher/src/cipher_3des_openssl.c @@ -192,7 +192,7 @@ static HcfResult EngineUpdate(HcfCipherGeneratorSpi *self, HcfBlob *input, HcfBl res = HCF_SUCCESS; clearup: if (res != HCF_SUCCESS) { - HcfBlobDataFree(output); + HcfBlobDataClearAndFree(output); FreeCipherData(&(cipherImpl->cipherData)); } else { FreeRedundantOutput(output); @@ -253,7 +253,7 @@ static HcfResult EngineDoFinal(HcfCipherGeneratorSpi *self, HcfBlob *input, HcfB } clearup: if (res != HCF_SUCCESS) { - HcfBlobDataFree(output); + HcfBlobDataClearAndFree(output); } else { FreeRedundantOutput(output); } diff --git a/plugin/openssl_plugin/crypto_operation/cipher/src/cipher_aes_openssl.c b/plugin/openssl_plugin/crypto_operation/cipher/src/cipher_aes_openssl.c index 8720c590daef4cf1da5f07d50b8a3267d475394d..b6615da55297f1e76310c58a0bde00dd355b018e 100644 --- a/plugin/openssl_plugin/crypto_operation/cipher/src/cipher_aes_openssl.c +++ b/plugin/openssl_plugin/crypto_operation/cipher/src/cipher_aes_openssl.c @@ -350,6 +350,7 @@ static HcfResult InitCipherData(HcfCipherGeneratorSpi *self, enum HcfCryptoMode ret = InitAadAndTagFromGcmParams(opMode, (HcfGcmParamsSpec *)params, *cipherData); break; default: + ret = HCF_NOT_SUPPORT; break; } if (ret != HCF_SUCCESS) { @@ -532,7 +533,7 @@ static HcfResult EngineUpdate(HcfCipherGeneratorSpi *self, HcfBlob *input, HcfBl ret = AeadUpdate(data, cipherImpl->attr.mode, input, output); } if (ret != HCF_SUCCESS) { - HcfBlobDataFree(output); + HcfBlobDataClearAndFree(output); FreeCipherData(&(cipherImpl->cipherData)); } data->aead = false; @@ -575,7 +576,7 @@ static HcfResult AllocateCcmOutput(CipherData *data, HcfBlob *input, HcfBlob *ou outLen += input->len; *isUpdateInput = true; } - uint32_t authTagLen = data->enc == ENCRYPT_MODE ? CCM_TAG_SIZE : 0; + uint32_t authTagLen = (data->enc == ENCRYPT_MODE) ? CCM_TAG_SIZE : 0; outLen += authTagLen + AES_BLOCK_SIZE; if (outLen == 0) { LOGE("output size is invaild!"); @@ -596,7 +597,7 @@ static HcfResult CcmDecryptDoFinal(HcfBlob *output, bool isUpdateInput) return HCF_SUCCESS; } if (output->data != NULL) { - HcfBlobDataFree(output); + HcfBlobDataClearAndFree(output); } return HCF_SUCCESS; } @@ -688,7 +689,7 @@ static HcfResult AllocateGcmOutput(CipherData *data, HcfBlob *input, HcfBlob *ou outLen += input->len; *isUpdateInput = true; } - uint32_t authTagLen = data->enc == ENCRYPT_MODE ? GCM_TAG_SIZE : 0; + uint32_t authTagLen = (data->enc == ENCRYPT_MODE) ? GCM_TAG_SIZE : 0; outLen += data->updateLen + authTagLen + AES_BLOCK_SIZE; if (outLen == 0) { LOGE("output size is invaild!"); @@ -767,7 +768,7 @@ static HcfResult EngineDoFinal(HcfCipherGeneratorSpi *self, HcfBlob *input, HcfB FreeCipherData(&(cipherImpl->cipherData)); if (ret != HCF_SUCCESS) { - HcfBlobDataFree(output); + HcfBlobDataClearAndFree(output); } FreeRedundantOutput(output); return ret; diff --git a/plugin/openssl_plugin/crypto_operation/cipher/src/cipher_rsa_openssl.c b/plugin/openssl_plugin/crypto_operation/cipher/src/cipher_rsa_openssl.c index 3c796810086e1df7315c12a8c5713e7960f5f352..d17899b116e834a93b8052a8707ed5ea21aef27b 100644 --- a/plugin/openssl_plugin/crypto_operation/cipher/src/cipher_rsa_openssl.c +++ b/plugin/openssl_plugin/crypto_operation/cipher/src/cipher_rsa_openssl.c @@ -122,6 +122,7 @@ static HcfResult InitEvpPkeyCtx(HcfCipherRsaGeneratorSpiImpl *impl, HcfKey *key, HcfPrintOpensslError(); OpensslEvpPkeyFree(pkey); OpensslEvpPkeyCtxFree(impl->ctx); + impl->ctx = NULL; return HCF_ERR_CRYPTO_OPERATION; } OpensslEvpPkeyFree(pkey); @@ -175,8 +176,8 @@ static HcfResult SetDetailParams(HcfCipherRsaGeneratorSpiImpl *impl) (void)GetOpensslDigestAlg(attr.md, &md); (void)GetOpensslDigestAlg(attr.mgf1md, &mgf1md); // set md and mgf1md - if (OpensslEvpPkeyCtxSetRsaOaepMd(impl->ctx, md) != HCF_OPENSSL_SUCCESS - || OpensslEvpPkeyCtxSetRsaMgf1Md(impl->ctx, mgf1md) != HCF_OPENSSL_SUCCESS) { + if (OpensslEvpPkeyCtxSetRsaOaepMd(impl->ctx, md) != HCF_OPENSSL_SUCCESS || + OpensslEvpPkeyCtxSetRsaMgf1Md(impl->ctx, mgf1md) != HCF_OPENSSL_SUCCESS) { LOGD("[error] Set md or mgf1md fail"); HcfPrintOpensslError(); return HCF_ERR_CRYPTO_OPERATION; @@ -413,7 +414,6 @@ static HcfResult EngineDoFinal(HcfCipherGeneratorSpi *self, HcfBlob *input, HcfB LOGD("[error] GetOutLen fail."); return HCF_ERR_CRYPTO_OPERATION; } - LOGD("ouput data len is %zu.", output->len); output->data = (uint8_t *)HcfMalloc(sizeof(uint8_t) * output->len, 0); if (output->data == NULL) { @@ -516,6 +516,5 @@ HcfResult HcfCipherRsaCipherSpiCreate(CipherAttr *params, HcfCipherGeneratorSpi returnImpl->super.base.getClass = EngineGetClass; returnImpl->initFlag = UNINITIALIZED; *generator = (HcfCipherGeneratorSpi *)returnImpl; - LOGD("Rsa Cipher create success."); return HCF_SUCCESS; } diff --git a/plugin/openssl_plugin/crypto_operation/cipher/src/cipher_sm4_openssl.c b/plugin/openssl_plugin/crypto_operation/cipher/src/cipher_sm4_openssl.c index 750f2ac515256552c5426486e8372209c13e45c3..fc6adc4e6c6b30fa760b9100886964a661fed8a8 100644 --- a/plugin/openssl_plugin/crypto_operation/cipher/src/cipher_sm4_openssl.c +++ b/plugin/openssl_plugin/crypto_operation/cipher/src/cipher_sm4_openssl.c @@ -246,6 +246,7 @@ static HcfResult InitCipherData(HcfCipherGeneratorSpi* self, enum HcfCryptoMode ret = HCF_NOT_SUPPORT; break; default: + ret = HCF_NOT_SUPPORT; break; } if (ret != HCF_SUCCESS) { @@ -302,8 +303,8 @@ static HcfResult CheckParam(HcfCipherGeneratorSpi* self, enum HcfCryptoMode opMo cipherImpl->attr.paddingMode = HCF_ALG_NOPADDING; LOGD("Default paddingMode is %u", HCF_ALG_NOPADDING); } - if (cipherImpl->attr.paddingMode != HCF_ALG_NOPADDING && cipherImpl->attr.paddingMode != HCF_ALG_PADDING_PKCS5 - && cipherImpl->attr.paddingMode != HCF_ALG_PADDING_PKCS7) { + if (cipherImpl->attr.paddingMode != HCF_ALG_NOPADDING && cipherImpl->attr.paddingMode != HCF_ALG_PADDING_PKCS5 && + cipherImpl->attr.paddingMode != HCF_ALG_PADDING_PKCS7) { LOGE("Invalid padding mode %u", cipherImpl->attr.paddingMode); return HCF_INVALID_PARAMS; } @@ -459,7 +460,7 @@ static HcfResult EngineUpdate(HcfCipherGeneratorSpi *self, HcfBlob *input, HcfBl ret = AeadUpdate(data, cipherImpl->attr.mode, input, output); } if (ret != HCF_SUCCESS) { - HcfBlobDataFree(output); + HcfBlobDataClearAndFree(output); FreeCipherData(&(cipherImpl->cipherData)); } data->aead = false; @@ -474,7 +475,7 @@ static HcfResult AllocateGcmOutput(CipherData *data, HcfBlob *input, HcfBlob *ou outLen += input->len; *isUpdateInput = true; } - uint32_t authTagLen = data->enc == ENCRYPT_MODE ? GCM_TAG_SIZE : 0; + uint32_t authTagLen = (data->enc == ENCRYPT_MODE) ? GCM_TAG_SIZE : 0; outLen += data->updateLen + authTagLen + SM4_BLOCK_SIZE; if (outLen == 0) { LOGE("output size is invaild!"); @@ -624,7 +625,7 @@ static HcfResult EngineDoFinal(HcfCipherGeneratorSpi* self, HcfBlob* input, HcfB FreeCipherData(&(cipherImpl->cipherData)); if (ret != HCF_SUCCESS) { - HcfBlobDataFree(output); + HcfBlobDataClearAndFree(output); } FreeRedundantOutput(output); return ret; diff --git a/plugin/openssl_plugin/crypto_operation/kdf/src/hkdf_openssl.c b/plugin/openssl_plugin/crypto_operation/kdf/src/hkdf_openssl.c index 4f3f2b5b4cefa0af15f1f9e1f15d3d1eae69749a..a0ca0b9b121614e5538eadff3272068e6acf4e41 100644 --- a/plugin/openssl_plugin/crypto_operation/kdf/src/hkdf_openssl.c +++ b/plugin/openssl_plugin/crypto_operation/kdf/src/hkdf_openssl.c @@ -202,12 +202,6 @@ static HcfResult InitHkdfData(OpensslHkdfSpiImpl *self, HcfHkdfParamsSpec *param LOGE("malloc info failed!"); break; } - data->out = (unsigned char *)HcfMalloc(params->output.len, 0); - if (data->out == NULL) { - LOGE("malloc out failed!"); - break; - } - data->outLen = params->output.len; self->kdfData = data; return HCF_SUCCESS; } while (0); diff --git a/plugin/openssl_plugin/crypto_operation/md/src/md_openssl.c b/plugin/openssl_plugin/crypto_operation/md/src/md_openssl.c index 58f62f557bfbf4f576c56ee344c7f9dd512cbe83..323dbb95fa4c32ada1f92942df1817b9b75dfc95 100644 --- a/plugin/openssl_plugin/crypto_operation/md/src/md_openssl.c +++ b/plugin/openssl_plugin/crypto_operation/md/src/md_openssl.c @@ -67,6 +67,10 @@ static const EVP_MD *OpensslGetMdAlgoFromString(const char *mdName) static HcfResult OpensslEngineUpdateMd(HcfMdSpi *self, HcfBlob *input) { + if (input == NULL) { + LOGE("The input is NULL!"); + return HCF_INVALID_PARAMS; + } if (OpensslGetMdCtx(self) == NULL) { LOGD("[error] The CTX is NULL!"); return HCF_ERR_CRYPTO_OPERATION; @@ -81,6 +85,10 @@ static HcfResult OpensslEngineUpdateMd(HcfMdSpi *self, HcfBlob *input) static HcfResult OpensslEngineDoFinalMd(HcfMdSpi *self, HcfBlob *output) { + if (output == NULL) { + LOGE("The output is NULL!"); + return HCF_INVALID_PARAMS; + } EVP_MD_CTX *localCtx = OpensslGetMdCtx(self); if (localCtx == NULL) { LOGE("The CTX is NULL!"); @@ -136,7 +144,7 @@ static void OpensslDestroyMd(HcfObjectBase *self) HcfResult OpensslMdSpiCreate(const char *opensslAlgoName, HcfMdSpi **spiObj) { - if (spiObj == NULL) { + if (spiObj == NULL || opensslAlgoName == NULL) { LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } diff --git a/plugin/openssl_plugin/crypto_operation/rand/src/rand_openssl.c b/plugin/openssl_plugin/crypto_operation/rand/src/rand_openssl.c index 8ba2e1719392ad27c6c63229e44b6a10010eb88e..78bb9691d9df582a6166a0fe03d9d4fa77112d35 100644 --- a/plugin/openssl_plugin/crypto_operation/rand/src/rand_openssl.c +++ b/plugin/openssl_plugin/crypto_operation/rand/src/rand_openssl.c @@ -75,6 +75,11 @@ static const char *GetRandAlgoName(HcfRandSpi *self) static void OpensslSetSeed(HcfRandSpi *self, HcfBlob *seed) { + (void)self; + if (seed == NULL) { + LOGE("The seed is NULL!"); + return; + } OpensslRandSeed(seed->data, seed->len); } diff --git a/plugin/openssl_plugin/crypto_operation/signature/src/dsa_openssl.c b/plugin/openssl_plugin/crypto_operation/signature/src/dsa_openssl.c index 2debcae3db6270c106618a2000279816ed4a7638..03fb3f146492ccf237ba42ca9652ad955df3c04c 100644 --- a/plugin/openssl_plugin/crypto_operation/signature/src/dsa_openssl.c +++ b/plugin/openssl_plugin/crypto_operation/signature/src/dsa_openssl.c @@ -378,20 +378,15 @@ static HcfResult EngineDsaSignDoFinal(HcfSignSpi *self, HcfBlob *data, HcfBlob * LOGE("Failed to allocate signatureData memory!"); return HCF_ERR_MALLOC; } - size_t actualLen = maxLen; - if (OpensslEvpDigestSignFinal(impl->mdCtx, signatureData, &actualLen) != HCF_OPENSSL_SUCCESS) { + + if (OpensslEvpDigestSignFinal(impl->mdCtx, signatureData, &maxLen) != HCF_OPENSSL_SUCCESS) { HcfPrintOpensslError(); HcfFree(signatureData); return HCF_ERR_CRYPTO_OPERATION; } - if (actualLen > maxLen) { - LOGD("[error] Signature data too long."); - HcfFree(signatureData); - return HCF_ERR_CRYPTO_OPERATION; - } returnSignatureData->data = signatureData; - returnSignatureData->len = (uint32_t)actualLen; + returnSignatureData->len = (uint32_t)maxLen; return HCF_SUCCESS; } diff --git a/plugin/openssl_plugin/crypto_operation/signature/src/ecdsa_openssl.c b/plugin/openssl_plugin/crypto_operation/signature/src/ecdsa_openssl.c index d369fb87d355f09be15875103c95feb6abb32755..3c8f67176ae76c1cb7bfc568085ec4419bbc49fd 100644 --- a/plugin/openssl_plugin/crypto_operation/signature/src/ecdsa_openssl.c +++ b/plugin/openssl_plugin/crypto_operation/signature/src/ecdsa_openssl.c @@ -225,21 +225,16 @@ static HcfResult EngineSignDoFinal(HcfSignSpi *self, HcfBlob *data, HcfBlob *ret LOGE("Failed to allocate outData memory!"); return HCF_ERR_MALLOC; } - size_t actualLen = maxLen; - if (OpensslEvpDigestSignFinal(impl->ctx, outData, &actualLen) != HCF_OPENSSL_SUCCESS) { + + if (OpensslEvpDigestSignFinal(impl->ctx, outData, &maxLen) != HCF_OPENSSL_SUCCESS) { HcfPrintOpensslError(); LOGD("[error] EVP_DigestSignFinal failed."); HcfFree(outData); return HCF_ERR_CRYPTO_OPERATION; } - if (actualLen > maxLen) { - LOGD("[error] signature data too long."); - HcfFree(outData); - return HCF_ERR_CRYPTO_OPERATION; - } returnSignatureData->data = outData; - returnSignatureData->len = (uint32_t)actualLen; + returnSignatureData->len = (uint32_t)maxLen; return HCF_SUCCESS; } diff --git a/plugin/openssl_plugin/crypto_operation/signature/src/signature_rsa_openssl.c b/plugin/openssl_plugin/crypto_operation/signature/src/signature_rsa_openssl.c index fa11d7ba55dc9a14d18b785f18e86f70ecb30678..4ac193d4a344b497cb8408fca435fbc3f62ef760 100644 --- a/plugin/openssl_plugin/crypto_operation/signature/src/signature_rsa_openssl.c +++ b/plugin/openssl_plugin/crypto_operation/signature/src/signature_rsa_openssl.c @@ -104,8 +104,6 @@ static void DestroyRsaSign(HcfObjectBase *self) impl->ctx = NULL; } HcfFree(impl); - impl = NULL; - LOGD("DestroyRsaSign success."); } static void DestroyRsaVerify(HcfObjectBase *self) @@ -126,8 +124,6 @@ static void DestroyRsaVerify(HcfObjectBase *self) impl->ctx = NULL; } HcfFree(impl); - impl = NULL; - LOGD("DestroyRsaVerify success."); } static HcfResult CheckInitKeyType(HcfKey *key, bool signing) @@ -251,6 +247,7 @@ static HcfResult SetSignParams(HcfSignSpiRsaOpensslImpl *impl, HcfPriKey *privat EVP_MD *opensslAlg = NULL; (void)GetOpensslDigestAlg(impl->md, &opensslAlg); if (opensslAlg == NULL) { + OpensslEvpPkeyFree(dupKey); LOGE("Get openssl digest alg fail"); return HCF_INVALID_PARAMS; } @@ -318,6 +315,7 @@ static HcfResult SetVerifyParams(HcfVerifySpiRsaOpensslImpl *impl, HcfPubKey *pu EVP_MD *opensslAlg = NULL; (void)GetOpensslDigestAlg(impl->md, &opensslAlg); if (opensslAlg == NULL) { + OpensslEvpPkeyFree(dupKey); LOGE("Get openssl digest alg fail"); return HCF_INVALID_PARAMS; } @@ -529,20 +527,15 @@ static HcfResult EngineDigestSign(HcfSignSpiRsaOpensslImpl *impl, HcfBlob *data, LOGE("Failed to allocate outData memory!"); return HCF_ERR_MALLOC; } - size_t actualLen = maxLen; - if (OpensslEvpDigestSignFinal(impl->mdctx, outData, &actualLen) != HCF_OPENSSL_SUCCESS) { + + if (OpensslEvpDigestSignFinal(impl->mdctx, outData, &maxLen) != HCF_OPENSSL_SUCCESS) { LOGD("[error] OpensslEvpDigestSignFinal fail"); HcfFree(outData); HcfPrintOpensslError(); return HCF_ERR_CRYPTO_OPERATION; } - if (actualLen > maxLen) { - LOGD("[error] signature data too long."); - HcfFree(outData); - return HCF_ERR_CRYPTO_OPERATION; - } returnSignatureData->data = outData; - returnSignatureData->len = (uint32_t)actualLen; + returnSignatureData->len = (uint32_t)maxLen; return HCF_SUCCESS; } @@ -631,7 +624,7 @@ static HcfResult EngineRecover(HcfVerifySpi *self, HcfBlob *signatureData, HcfBl size_t bufLen = 0; if (OpensslEvpPkeyVerifyRecover(impl->ctx, NULL, &bufLen, signatureData->data, signatureData->len) - != HCF_OPENSSL_SUCCESS) { + != HCF_OPENSSL_SUCCESS) { LOGE("[error] OpensslEvpPkeyVerifyRecover get len fail."); HcfPrintOpensslError(); return HCF_ERR_CRYPTO_OPERATION; @@ -644,7 +637,7 @@ static HcfResult EngineRecover(HcfVerifySpi *self, HcfBlob *signatureData, HcfBl } if (OpensslEvpPkeyVerifyRecover(impl->ctx, buf, &bufLen, signatureData->data, signatureData->len) - != HCF_OPENSSL_SUCCESS) { + != HCF_OPENSSL_SUCCESS) { LOGE("[error] OpensslEvpPkeyVerifyRecover fail."); HcfPrintOpensslError(); HcfFree(buf); @@ -981,7 +974,7 @@ HcfResult HcfSignSpiRsaCreate(HcfSignatureParams *params, HcfSignSpi **returnObj } returnImpl->initFlag = UNINITIALIZED; returnImpl->saltLen = PSS_SALTLEN_INVALID_INIT; - returnImpl->operation = params->operation == HCF_ALG_ONLY_SIGN ? HCF_OPERATIOPN_ONLY_SIGN : HCF_OPERATION_SIGN; + returnImpl->operation = (params->operation == HCF_ALG_ONLY_SIGN) ? HCF_OPERATIOPN_ONLY_SIGN : HCF_OPERATION_SIGN; *returnObj = (HcfSignSpi *)returnImpl; return HCF_SUCCESS; } diff --git a/plugin/openssl_plugin/key/asy_key_generator/src/alg_25519_asy_key_generator_openssl.c b/plugin/openssl_plugin/key/asy_key_generator/src/alg_25519_asy_key_generator_openssl.c index 759173fdee729be8716f2a53b365b25ee428e058..6aaaf57ab04bfdcbdaa1db9f385331ff56b9411d 100644 --- a/plugin/openssl_plugin/key/asy_key_generator/src/alg_25519_asy_key_generator_openssl.c +++ b/plugin/openssl_plugin/key/asy_key_generator/src/alg_25519_asy_key_generator_openssl.c @@ -67,10 +67,15 @@ static const char *GetAlg25519PriKeyClass(void) static void DestroyAlg25519KeyGeneratorSpiImpl(HcfObjectBase *self) { - if (self == NULL) { + if ((self == NULL) || (self->getClass() == NULL)) { LOGE("Invalid input parameter."); - return; + return; } + + if (strcmp(obj->getClass(), GetEd25519KeyGeneratorSpiClass()) != 0 && ) { + return true; + } + if (!HcfIsClassMatch(self, GetEd25519KeyGeneratorSpiClass()) && !HcfIsClassMatch(self, GetX25519KeyGeneratorSpiClass())) { LOGE("Invalid class of self."); @@ -1057,7 +1062,7 @@ static HcfResult CreateAlg25519PriKeyByPriKeySpec(const HcfAlg25519PriKeyParamsS static HcfResult EngineGenerateAlg25519PubKeyBySpec(const HcfAsyKeyGeneratorSpi *self, const HcfAsyKeyParamsSpec *paramsSpec, HcfPubKey **returnPubKey) { - if ((self == NULL) || (paramsSpec == NULL) || (returnPubKey == NULL)) { + if ((self == NULL) || (paramsSpec == NULL) || (paramsSpec->algName == NULL) || (returnPubKey == NULL)) { LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } @@ -1091,7 +1096,7 @@ static HcfResult EngineGenerateAlg25519PubKeyBySpec(const HcfAsyKeyGeneratorSpi static HcfResult EngineGenerateAlg25519PriKeyBySpec(const HcfAsyKeyGeneratorSpi *self, const HcfAsyKeyParamsSpec *paramsSpec, HcfPriKey **returnPriKey) { - if ((self == NULL) || (paramsSpec == NULL) || (returnPriKey == NULL)) { + if ((self == NULL) || (paramsSpec == NULL) || (paramsSpec->algName == NULL) || (returnPriKey == NULL)) { LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } @@ -1125,7 +1130,7 @@ static HcfResult EngineGenerateAlg25519PriKeyBySpec(const HcfAsyKeyGeneratorSpi static HcfResult EngineGenerateAlg25519KeyPairBySpec(const HcfAsyKeyGeneratorSpi *self, const HcfAsyKeyParamsSpec *paramsSpec, HcfKeyPair **returnKeyPair) { - if ((self == NULL) || (paramsSpec == NULL) || (returnKeyPair == NULL)) { + if ((self == NULL) || (paramsSpec == NULL) || (paramsSpec->algName == NULL) || (returnKeyPair == NULL)) { LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } @@ -1157,10 +1162,10 @@ static HcfResult EngineGenerateAlg25519KeyPairBySpec(const HcfAsyKeyGeneratorSpi return ret; } -HcfResult HcfAsyKeyGeneratorSpiEd25519Create(HcfAsyKeyGenParams *params, HcfAsyKeyGeneratorSpi **returnSpi) +HcfResult HcfAsyKeyGeneratorSpiEd25519Create(HcfAsyKeyGenParams *params, HcfAsyKeyGeneratorSpi **returnObj) { (void)params; - if (params == NULL || returnSpi == NULL) { + if (params == NULL || returnObj == NULL) { LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } @@ -1179,14 +1184,14 @@ HcfResult HcfAsyKeyGeneratorSpiEd25519Create(HcfAsyKeyGenParams *params, HcfAsyK impl->base.engineGeneratePubKeyBySpec = EngineGenerateAlg25519PubKeyBySpec; impl->base.engineGeneratePriKeyBySpec = EngineGenerateAlg25519PriKeyBySpec; - *returnSpi = (HcfAsyKeyGeneratorSpi *)impl; + *returnObj = (HcfAsyKeyGeneratorSpi *)impl; return HCF_SUCCESS; } -HcfResult HcfAsyKeyGeneratorSpiX25519Create(HcfAsyKeyGenParams *params, HcfAsyKeyGeneratorSpi **returnSpi) +HcfResult HcfAsyKeyGeneratorSpiX25519Create(HcfAsyKeyGenParams *params, HcfAsyKeyGeneratorSpi **returnObj) { (void)params; - if (params == NULL || returnSpi == NULL) { + if (params == NULL || returnObj == NULL) { LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } @@ -1205,7 +1210,7 @@ HcfResult HcfAsyKeyGeneratorSpiX25519Create(HcfAsyKeyGenParams *params, HcfAsyKe impl->base.engineGeneratePubKeyBySpec = EngineGenerateAlg25519PubKeyBySpec; impl->base.engineGeneratePriKeyBySpec = EngineGenerateAlg25519PriKeyBySpec; - *returnSpi = (HcfAsyKeyGeneratorSpi *)impl; + *returnObj = (HcfAsyKeyGeneratorSpi *)impl; return HCF_SUCCESS; } diff --git a/plugin/openssl_plugin/key/asy_key_generator/src/dh_asy_key_generator_openssl.c b/plugin/openssl_plugin/key/asy_key_generator/src/dh_asy_key_generator_openssl.c index 6e0083fc3a7f63b66641bfd4a03d89bc5535317a..8be26487e542e18faa14299ffc7d44319e8a9d6e 100644 --- a/plugin/openssl_plugin/key/asy_key_generator/src/dh_asy_key_generator_openssl.c +++ b/plugin/openssl_plugin/key/asy_key_generator/src/dh_asy_key_generator_openssl.c @@ -346,8 +346,7 @@ static HcfResult GetBigIntegerSpecFromDhPriKey(const HcfPriKey *self, const AsyK LOGE("Invalid class of self."); return HCF_INVALID_PARAMS; } - HcfResult ret = HCF_SUCCESS; - ret = GetBigIntegerSpec(NULL, self, item, returnBigInteger); + HcfResult ret = GetBigIntegerSpec(NULL, self, item, returnBigInteger); if (ret != HCF_SUCCESS) { LOGE("Get big integer failed."); } @@ -1159,7 +1158,7 @@ static HcfResult EngineConvertDhPemKey(HcfAsyKeyGeneratorSpi *self, HcfParamsSpe static HcfResult EngineGenerateDhKeyPairBySpec(const HcfAsyKeyGeneratorSpi *self, const HcfAsyKeyParamsSpec *paramsSpec, HcfKeyPair **returnKeyPair) { - if ((self == NULL) || (paramsSpec == NULL) || (returnKeyPair == NULL)) { + if ((self == NULL) || (paramsSpec == NULL) || (paramsSpec->algName == NULL) || (returnKeyPair == NULL)) { LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } @@ -1184,7 +1183,7 @@ static HcfResult EngineGenerateDhKeyPairBySpec(const HcfAsyKeyGeneratorSpi *self static HcfResult EngineGenerateDhPubKeyBySpec(const HcfAsyKeyGeneratorSpi *self, const HcfAsyKeyParamsSpec *paramsSpec, HcfPubKey **returnPubKey) { - if ((self == NULL) || (paramsSpec == NULL) || (returnPubKey == NULL)) { + if ((self == NULL) || (paramsSpec == NULL) || (paramsSpec->algName == NULL) || (returnPubKey == NULL)) { LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } @@ -1210,7 +1209,7 @@ static HcfResult EngineGenerateDhPubKeyBySpec(const HcfAsyKeyGeneratorSpi *self, static HcfResult EngineGenerateDhPriKeyBySpec(const HcfAsyKeyGeneratorSpi *self, const HcfAsyKeyParamsSpec *paramsSpec, HcfPriKey **returnPriKey) { - if ((self == NULL) || (paramsSpec == NULL) || (returnPriKey == NULL)) { + if ((self == NULL) || (paramsSpec == NULL) || (paramsSpec->algName == NULL) || (returnPriKey == NULL)) { LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } @@ -1231,9 +1230,9 @@ static HcfResult EngineGenerateDhPriKeyBySpec(const HcfAsyKeyGeneratorSpi *self, return ret; } -HcfResult HcfAsyKeyGeneratorSpiDhCreate(HcfAsyKeyGenParams *params, HcfAsyKeyGeneratorSpi **returnSpi) +HcfResult HcfAsyKeyGeneratorSpiDhCreate(HcfAsyKeyGenParams *params, HcfAsyKeyGeneratorSpi **generator) { - if (params == NULL || returnSpi == NULL) { + if (params == NULL || generator == NULL) { LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } @@ -1253,6 +1252,6 @@ HcfResult HcfAsyKeyGeneratorSpiDhCreate(HcfAsyKeyGenParams *params, HcfAsyKeyGen impl->base.engineGeneratePubKeyBySpec = EngineGenerateDhPubKeyBySpec; impl->base.engineGeneratePriKeyBySpec = EngineGenerateDhPriKeyBySpec; - *returnSpi = (HcfAsyKeyGeneratorSpi *)impl; + *generator = (HcfAsyKeyGeneratorSpi *)impl; return HCF_SUCCESS; } \ No newline at end of file diff --git a/plugin/openssl_plugin/key/asy_key_generator/src/dh_common_param_spec_generator_openssl.c b/plugin/openssl_plugin/key/asy_key_generator/src/dh_common_param_spec_generator_openssl.c index b02c6488e8ba9cf32efd776df8a982c63e348d9a..928dab78d12531a56266ec7deb191f4cbb3b216f 100644 --- a/plugin/openssl_plugin/key/asy_key_generator/src/dh_common_param_spec_generator_openssl.c +++ b/plugin/openssl_plugin/key/asy_key_generator/src/dh_common_param_spec_generator_openssl.c @@ -131,7 +131,7 @@ static HcfResult BuildCommonParam(EVP_PKEY *dhKey, HcfDhCommParamsSpecSpi *retur static HcfResult SetAlgName(const char *algName, char **returnAlgName) { size_t srcAlgNameLen = HcfStrlen(algName); - if (!srcAlgNameLen) { + if (srcAlgNameLen == 0) { LOGE("AlgName is empty!"); return HCF_INVALID_PARAMS; } @@ -140,11 +140,7 @@ static HcfResult SetAlgName(const char *algName, char **returnAlgName) LOGE("Failed to malloc algName memory."); return HCF_ERR_MALLOC; } - if (memcpy_s(*returnAlgName, srcAlgNameLen, algName, srcAlgNameLen) != EOK) { - LOGD("[error] Failed to memcpy algName."); - HcfFree(*returnAlgName); - return HCF_ERR_CRYPTO_OPERATION; - } + (void)memcpy_s(*returnAlgName, srcAlgNameLen + 1, algName, srcAlgNameLen); return HCF_SUCCESS; } diff --git a/plugin/openssl_plugin/key/asy_key_generator/src/dsa_asy_key_generator_openssl.c b/plugin/openssl_plugin/key/asy_key_generator/src/dsa_asy_key_generator_openssl.c index 8d7e8a2f5f1dfa9686f4049ec2e7cccac5dfb557..2dff8179acfa43b078fcdbebce29ba17484cf115 100644 --- a/plugin/openssl_plugin/key/asy_key_generator/src/dsa_asy_key_generator_openssl.c +++ b/plugin/openssl_plugin/key/asy_key_generator/src/dsa_asy_key_generator_openssl.c @@ -1009,7 +1009,7 @@ static HcfResult EngineConvertDsaPemKey(HcfAsyKeyGeneratorSpi *self, HcfParamsSp static HcfResult EngineGenerateDsaKeyPairBySpec(const HcfAsyKeyGeneratorSpi *self, const HcfAsyKeyParamsSpec *paramsSpec, HcfKeyPair **returnKeyPair) { - if ((self == NULL) || (paramsSpec == NULL) || (returnKeyPair == NULL)) { + if ((self == NULL) || (paramsSpec == NULL) || (paramsSpec->algName == NULL) || (returnKeyPair == NULL)) { LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } @@ -1033,7 +1033,7 @@ static HcfResult EngineGenerateDsaKeyPairBySpec(const HcfAsyKeyGeneratorSpi *sel static HcfResult EngineGenerateDsaPubKeyBySpec(const HcfAsyKeyGeneratorSpi *self, const HcfAsyKeyParamsSpec *paramsSpec, HcfPubKey **returnPubKey) { - if ((self == NULL) || (paramsSpec == NULL) || (returnPubKey == NULL)) { + if ((self == NULL) || (paramsSpec == NULL) || (paramsSpec->algName == NULL) || (returnPubKey == NULL)) { LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } @@ -1058,7 +1058,7 @@ static HcfResult EngineGenerateDsaPubKeyBySpec(const HcfAsyKeyGeneratorSpi *self static HcfResult EngineGenerateDsaPriKeyBySpec(const HcfAsyKeyGeneratorSpi *self, const HcfAsyKeyParamsSpec *paramsSpec, HcfPriKey **returnPriKey) { - if ((self == NULL) || (paramsSpec == NULL) || (returnPriKey == NULL)) { + if ((self == NULL) || (paramsSpec == NULL) || (paramsSpec->algName == NULL) || (returnPriKey == NULL)) { LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } @@ -1080,9 +1080,9 @@ static HcfResult EngineGenerateDsaPriKeyBySpec(const HcfAsyKeyGeneratorSpi *self return ret; } -HcfResult HcfAsyKeyGeneratorSpiDsaCreate(HcfAsyKeyGenParams *params, HcfAsyKeyGeneratorSpi **returnSpi) +HcfResult HcfAsyKeyGeneratorSpiDsaCreate(HcfAsyKeyGenParams *params, HcfAsyKeyGeneratorSpi **returnObj) { - if (params == NULL || returnSpi == NULL) { + if (params == NULL || returnObj == NULL) { LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } @@ -1102,6 +1102,6 @@ HcfResult HcfAsyKeyGeneratorSpiDsaCreate(HcfAsyKeyGenParams *params, HcfAsyKeyGe impl->base.engineGeneratePubKeyBySpec = EngineGenerateDsaPubKeyBySpec; impl->base.engineGeneratePriKeyBySpec = EngineGenerateDsaPriKeyBySpec; - *returnSpi = (HcfAsyKeyGeneratorSpi *)impl; + *returnObj = (HcfAsyKeyGeneratorSpi *)impl; return HCF_SUCCESS; } diff --git a/plugin/openssl_plugin/key/asy_key_generator/src/ecc_asy_key_generator_openssl.c b/plugin/openssl_plugin/key/asy_key_generator/src/ecc_asy_key_generator_openssl.c index e2c8c8d3a1851101fef0c3282490bd8170821be7..3289032afdddfd14ea61680a1a61c18f29c8d02f 100644 --- a/plugin/openssl_plugin/key/asy_key_generator/src/ecc_asy_key_generator_openssl.c +++ b/plugin/openssl_plugin/key/asy_key_generator/src/ecc_asy_key_generator_openssl.c @@ -1066,8 +1066,7 @@ static OSSL_PARAM *ConvertHcfBlobToOsslParams(const char *groupName, HcfBlob *po OpensslOsslParamBldFree(paramBld); return NULL; } - if (OpensslOsslParamBldPushOctetString(paramBld, "pub", pointBlob->data, pointBlob->len) - != HCF_OPENSSL_SUCCESS) { + if (OpensslOsslParamBldPushOctetString(paramBld, "pub", pointBlob->data, pointBlob->len) != HCF_OPENSSL_SUCCESS) { LOGE("Invalid pointBlob parameter."); OpensslOsslParamBldFree(paramBld); return NULL; @@ -1133,6 +1132,10 @@ static EC_KEY *ConvertOsslParamsToEccPubKey(const char *groupName, int32_t curve static HcfResult GetCompressedEccPointEncoded(HcfOpensslEccPubKey *impl, HcfBlob *returnBlob) { EC_KEY *ecKey = impl->ecKey; + if (ecKey == NULL) { + LOGE("EcKey is NULL."); + return HCF_INVALID_PARAMS; + } const EC_GROUP *group = OpensslEcKeyGet0Group(ecKey); if (group == NULL) { LOGE("Failed to get group."); @@ -1473,7 +1476,7 @@ static HcfResult GetEcKeySpecBigInteger(const HcfKey *self, const AsyKeySpecItem LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } - bool isPrivate; + bool isPrivate = false; HcfResult res = CheckEcKeySelf(self, &isPrivate); if (res != HCF_SUCCESS) { LOGE("Invalid input key"); @@ -1517,7 +1520,7 @@ static HcfResult GetEcKeySpecString(const HcfKey *self, const AsyKeySpecItem ite LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } - bool isPrivate; + bool isPrivate = false; HcfResult res = CheckEcKeySelf(self, &isPrivate); if (res != HCF_SUCCESS) { LOGE("Invalid input key"); @@ -1545,7 +1548,7 @@ static HcfResult GetEcKeySpecInt(const HcfKey *self, const AsyKeySpecItem item, LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } - bool isPrivate; + bool isPrivate = false; HcfResult res = CheckEcKeySelf(self, &isPrivate); if (res != HCF_SUCCESS) { LOGE("Invalid input key"); @@ -1723,7 +1726,7 @@ static HcfResult ConvertEcPubKey(int32_t curveId, HcfBlob *pubKeyBlob, HcfOpenss OpensslEcKeyFree(ecKey); return res; } - return HCF_SUCCESS; + return HCF_SUCCESS; } static HcfResult ConvertPriFromEncoded(EC_KEY **eckey, HcfBlob *priKeyBlob) @@ -2012,7 +2015,8 @@ static HcfResult EngineGenerateKeyPair(HcfAsyKeyGeneratorSpi *self, HcfKeyPair * static HcfResult EngineGenerateKeyPairBySpec(const HcfAsyKeyGeneratorSpi *self, const HcfAsyKeyParamsSpec *params, HcfKeyPair **returnKeyPair) { - if ((self == NULL) || (returnKeyPair == NULL)) { + if ((self == NULL) || (returnKeyPair == NULL) || (params == NULL) || + (((HcfEccCommParamsSpec *)params)->field == NULL)) { LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } @@ -2047,7 +2051,8 @@ static HcfResult EngineGenerateKeyPairBySpec(const HcfAsyKeyGeneratorSpi *self, static HcfResult EngineGeneratePubKeyBySpec(const HcfAsyKeyGeneratorSpi *self, const HcfAsyKeyParamsSpec *params, HcfPubKey **returnPubKey) { - if ((self == NULL) || (returnPubKey == NULL)) { + if ((self == NULL) || (returnPubKey == NULL) || (params == NULL) || + (((HcfEccCommParamsSpec *)params)->field == NULL)) { LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } @@ -2079,7 +2084,8 @@ static HcfResult EngineGeneratePubKeyBySpec(const HcfAsyKeyGeneratorSpi *self, c static HcfResult EngineGeneratePriKeyBySpec(const HcfAsyKeyGeneratorSpi *self, const HcfAsyKeyParamsSpec *params, HcfPriKey **returnPriKey) { - if ((self == NULL) || (returnPriKey == NULL)) { + if ((self == NULL) || (returnPriKey == NULL) || (params == NULL) || + (((HcfEccCommParamsSpec *)params)->field == NULL)) { LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } diff --git a/plugin/openssl_plugin/key/asy_key_generator/src/rsa_asy_key_generator_openssl.c b/plugin/openssl_plugin/key/asy_key_generator/src/rsa_asy_key_generator_openssl.c index 4ad98a26631e7fd07086cde964bc5a18a3089fd1..286fb3ac1a2cf594816dc0d20e35b841c9584b62 100644 --- a/plugin/openssl_plugin/key/asy_key_generator/src/rsa_asy_key_generator_openssl.c +++ b/plugin/openssl_plugin/key/asy_key_generator/src/rsa_asy_key_generator_openssl.c @@ -353,6 +353,7 @@ static HcfResult CopyStrFromBIO(BIO *bio, char **returnString) LOGE("Bio read fail"); HcfPrintOpensslError(); HcfFree(*returnString); + *returnString = NULL; return HCF_ERR_CRYPTO_OPERATION; } return HCF_SUCCESS; @@ -1151,6 +1152,11 @@ static HcfResult EngineConvertPemKey(HcfAsyKeyGeneratorSpi *self, HcfParamsSpec } } + if (pubKey == NULL && priKey == NULL) { + LOGE("Convert key failed with invalid blob"); + return HCF_INVALID_PARAMS; + } + HcfOpensslRsaKeyPair *keyPair = (HcfOpensslRsaKeyPair *)HcfMalloc(sizeof(HcfOpensslRsaKeyPair), 0); if (keyPair == NULL) { LOGE("Malloc keyPair fail."); @@ -1337,7 +1343,7 @@ static HcfResult GeneratePriKeyBySpec(const HcfAsyKeyParamsSpec *paramsSpec, Hcf static HcfResult EngineGenerateKeyPairBySpec(const HcfAsyKeyGeneratorSpi *self, const HcfAsyKeyParamsSpec *paramsSpec, HcfKeyPair **returnKeyPair) { - if ((self == NULL) || (returnKeyPair == NULL) || (paramsSpec == NULL)) { + if ((self == NULL) || (returnKeyPair == NULL) || (paramsSpec == NULL) || (paramsSpec->algName == NULL)) { LOGE("GenerateKeyPairBySpec Params is invalid."); return HCF_INVALID_PARAMS; } @@ -1359,7 +1365,7 @@ static HcfResult EngineGenerateKeyPairBySpec(const HcfAsyKeyGeneratorSpi *self, static HcfResult EngineGeneratePubKeyBySpec(const HcfAsyKeyGeneratorSpi *self, const HcfAsyKeyParamsSpec *paramsSpec, HcfPubKey **returnPubKey) { - if ((self == NULL) || (returnPubKey == NULL) || (paramsSpec == NULL)) { + if ((self == NULL) || (returnPubKey == NULL) || (paramsSpec == NULL) || (paramsSpec->algName == NULL)) { LOGE("GeneratePubKeyBySpec Params is invalid."); return HCF_INVALID_PARAMS; } @@ -1381,7 +1387,7 @@ static HcfResult EngineGeneratePubKeyBySpec(const HcfAsyKeyGeneratorSpi *self, static HcfResult EngineGeneratePriKeyBySpec(const HcfAsyKeyGeneratorSpi *self, const HcfAsyKeyParamsSpec *paramsSpec, HcfPriKey **returnPriKey) { - if ((self == NULL) || (returnPriKey == NULL) || (paramsSpec == NULL)) { + if ((self == NULL) || (returnPriKey == NULL) || (paramsSpec == NULL) || (paramsSpec->algName == NULL)) { LOGE("GeneratePriKeyBySpec Params is invalid."); return HCF_INVALID_PARAMS; } @@ -1444,6 +1450,7 @@ static HcfResult DecodeParams(HcfAsyKeyGenParams *from, HcfAsyKeyGenSpiRsaParams } if (CheckRsaKeyGenParams(*to) != HCF_SUCCESS) { LOGE("Invalid keyGen params"); + OpensslBnFree((*to)->pubExp); HcfFree(*to); *to = NULL; return HCF_INVALID_PARAMS; diff --git a/plugin/openssl_plugin/key/asy_key_generator/src/sm2_asy_key_generator_openssl.c b/plugin/openssl_plugin/key/asy_key_generator/src/sm2_asy_key_generator_openssl.c index 35d51918f4301bff86628568b9819fd2f779e62e..0129be4836939488d0be6408eed36ab3a37922d3 100644 --- a/plugin/openssl_plugin/key/asy_key_generator/src/sm2_asy_key_generator_openssl.c +++ b/plugin/openssl_plugin/key/asy_key_generator/src/sm2_asy_key_generator_openssl.c @@ -568,11 +568,7 @@ static HcfResult GetCurveName(const HcfKey *self, bool isPriavte, char **returnS LOGE("Allocate returnString memory failed."); return HCF_ERR_MALLOC; } - if (memcpy_s(*returnString, len, curveIdStr, len) != EOK) { - LOGE("Memcpy returnString failed."); - HcfFree(*returnString); - return HCF_ERR_MALLOC; - } + (void)memcpy_s(*returnString, len, curveIdStr, len); return HCF_SUCCESS; } @@ -600,7 +596,7 @@ static HcfResult GetSm2KeySpecBigInteger(const HcfKey *self, const AsyKeySpecIte LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } - bool isPrivate; + bool isPrivate = false; HcfResult ret = CheckSm2KeySelf(self, &isPrivate); if (ret != HCF_SUCCESS) { LOGE("Invalid input key"); @@ -648,7 +644,7 @@ static HcfResult GetSm2KeySpecString(const HcfKey *self, const AsyKeySpecItem it LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } - bool isPrivate; + bool isPrivate = false; HcfResult ret = CheckSm2KeySelf(self, &isPrivate); if (ret != HCF_SUCCESS) { LOGE("Invalid input key"); @@ -676,7 +672,7 @@ static HcfResult GetSm2KeySpecInt(const HcfKey *self, const AsyKeySpecItem item, LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } - bool isPrivate; + bool isPrivate = false; HcfResult ret = CheckSm2KeySelf(self, &isPrivate); if (ret != HCF_SUCCESS) { LOGE("Invalid input key"); @@ -1226,7 +1222,8 @@ static HcfResult EngineGenerateKeyPair(HcfAsyKeyGeneratorSpi *self, HcfKeyPair * static HcfResult EngineGenerateKeyPairBySpec(const HcfAsyKeyGeneratorSpi *self, const HcfAsyKeyParamsSpec *params, HcfKeyPair **returnKeyPair) { - if ((self == NULL) || (returnKeyPair == NULL)) { + if ((self == NULL) || (returnKeyPair == NULL) || (params == NULL) || + (((HcfEccCommParamsSpec *)params)->field == NULL)) { LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } @@ -1261,7 +1258,8 @@ static HcfResult EngineGenerateKeyPairBySpec(const HcfAsyKeyGeneratorSpi *self, static HcfResult EngineGeneratePubKeyBySpec(const HcfAsyKeyGeneratorSpi *self, const HcfAsyKeyParamsSpec *params, HcfPubKey **returnPubKey) { - if ((self == NULL) || (returnPubKey == NULL)) { + if ((self == NULL) || (returnPubKey == NULL) || (params == NULL) || + (((HcfEccCommParamsSpec *)params)->field == NULL)) { LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } @@ -1293,7 +1291,8 @@ static HcfResult EngineGeneratePubKeyBySpec(const HcfAsyKeyGeneratorSpi *self, c static HcfResult EngineGeneratePriKeyBySpec(const HcfAsyKeyGeneratorSpi *self, const HcfAsyKeyParamsSpec *params, HcfPriKey **returnPriKey) { - if ((self == NULL) || (returnPriKey == NULL)) { + if ((self == NULL) || (returnPriKey == NULL) || (params == NULL) || + (((HcfEccCommParamsSpec *)params)->field == NULL)) { LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } diff --git a/test/fuzztest/crypto_operation/hcfciphercreate_fuzzer/hcfciphercreate_fuzzer.cpp b/test/fuzztest/crypto_operation/hcfciphercreate_fuzzer/hcfciphercreate_fuzzer.cpp index 7b37ad47e28e351e0a4fe7a812fa6e856c26f5dc..85dc0afdcb38bdf86afa2172b3480872fe53a0a8 100755 --- a/test/fuzztest/crypto_operation/hcfciphercreate_fuzzer/hcfciphercreate_fuzzer.cpp +++ b/test/fuzztest/crypto_operation/hcfciphercreate_fuzzer/hcfciphercreate_fuzzer.cpp @@ -70,6 +70,9 @@ namespace OHOS { uint8_t *cipherText, int cipherTextLen) { HcfBlob output = {}; + if (cipherTextLen <= 0) { + return -1; + } int32_t maxLen = cipherTextLen; int32_t ret = cipher->init(cipher, DECRYPT_MODE, &(key->key), nullptr); if (ret != 0) { @@ -149,6 +152,9 @@ namespace OHOS { uint8_t *cipherText, int cipherTextLen) { HcfBlob output = {}; + if (cipherTextLen <= 0) { + return -1; + } int32_t maxLen = cipherTextLen; int32_t ret = cipher->init(cipher, DECRYPT_MODE, reinterpret_cast(key), nullptr); if (ret != 0) { diff --git a/test/fuzztest/crypto_operation/hcfkeyagreementcreate_fuzzer/hcfkeyagreementcreate_fuzzer.cpp b/test/fuzztest/crypto_operation/hcfkeyagreementcreate_fuzzer/hcfkeyagreementcreate_fuzzer.cpp index bccfbdb32a117bdf9aa753ee8fe5a4b2ffbb4126..8a2128801e94a5e684e9feafb0638fc889a5bf23 100755 --- a/test/fuzztest/crypto_operation/hcfkeyagreementcreate_fuzzer/hcfkeyagreementcreate_fuzzer.cpp +++ b/test/fuzztest/crypto_operation/hcfkeyagreementcreate_fuzzer/hcfkeyagreementcreate_fuzzer.cpp @@ -26,6 +26,9 @@ namespace OHOS { bool HcfKeyAgreementCreateFuzzTest(const uint8_t* data, size_t size) { + if (data == nullptr || size == 0) { + return false; + } HcfKeyAgreement *keyAgreement = nullptr; std::string algoName(reinterpret_cast(data), size); int32_t res = HcfKeyAgreementCreate(algoName.c_str(), &keyAgreement); diff --git a/test/fuzztest/key/asykeygenerator_fuzzer/corpus/init b/test/fuzztest/key/asykeygenerator_fuzzer/corpus/init index 2be750d4aca6dd7dc15ec82d18aea969f3d8be30..f7603157aea7683340a32f2bd58bb845065c0503 100755 --- a/test/fuzztest/key/asykeygenerator_fuzzer/corpus/init +++ b/test/fuzztest/key/asykeygenerator_fuzzer/corpus/init @@ -11,4 +11,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -FUZZ \ No newline at end of file +RSA1024 \ No newline at end of file diff --git a/test/fuzztest/key/ecckeyutil_fuzzer/corpus/init b/test/fuzztest/key/ecckeyutil_fuzzer/corpus/init index 23e26fe23c21191cfd3f9bd01be902390c4eeb2b..a2291efaa65d6a87903787e07baa9390c873bb28 100644 --- a/test/fuzztest/key/ecckeyutil_fuzzer/corpus/init +++ b/test/fuzztest/key/ecckeyutil_fuzzer/corpus/init @@ -11,4 +11,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -FUZZ \ No newline at end of file +NID_brainpoolP160r1 \ No newline at end of file diff --git a/test/unittest/src/rsa_common_param_spec.cpp b/test/unittest/src/rsa_common_param_spec.cpp index e7efc4dcca2171dd9137ecc886cf47fc86c01837..f6537f4c249b93d6b1436299142b55bc3ff24be2 100644 --- a/test/unittest/src/rsa_common_param_spec.cpp +++ b/test/unittest/src/rsa_common_param_spec.cpp @@ -47,6 +47,9 @@ void EndianSwap(unsigned char *pData, int startIndex, int length) // 512 defined the length of byte array void GenerateRsa512CorrectCommonKeySpec(unsigned char *dataN, HcfRsaCommParamsSpec *returnSpec) { + if (dataN == nullptr) { + return; + } RemoveLastChar(CORRECT_512_N, dataN, RSA_512_N_BYTE_SIZE); if (!IsBigEndian()) { // the device is not big endian diff --git a/test/unittest/src/sm4_common.cpp b/test/unittest/src/sm4_common.cpp index e6953c809dc877dff748cbdbbe47cb20a3e475e4..bba4858eff69a4cefb972224375ce293a62b932b 100644 --- a/test/unittest/src/sm4_common.cpp +++ b/test/unittest/src/sm4_common.cpp @@ -37,7 +37,7 @@ HcfResult GenerateSm4SymKey(HcfSymKey **key) HcfSymKeyGenerator *generator = nullptr; HcfResult ret = HcfSymKeyGeneratorCreate("SM4_128", &generator); - if (ret != HCF_SUCCESS) { + if (ret != HCF_SUCCESS || generator == nullptr) { LOGE("HcfSymKeyGeneratorCreate failed!"); return ret; } @@ -55,7 +55,7 @@ int32_t GenerateSymKeyForSm4(const char *algoName, HcfSymKey **key) HcfSymKeyGenerator *generator = nullptr; int32_t ret = HcfSymKeyGeneratorCreate(algoName, &generator); - if (ret != 0) { + if (ret != 0 || generator == nullptr) { LOGE("HcfSymKeyGeneratorCreate failed!"); return ret; }