From 80858ee30cb4a8abf07c5c3f649d581ae0a223fb Mon Sep 17 00:00:00 2001 From: lcc Date: Mon, 28 Oct 2024 22:03:01 +0800 Subject: [PATCH 1/4] debug Signed-off-by: lcc --- frameworks/js/napi/crypto/src/napi_asy_key_generator.cpp | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/frameworks/js/napi/crypto/src/napi_asy_key_generator.cpp b/frameworks/js/napi/crypto/src/napi_asy_key_generator.cpp index 8694588..8dc8055 100644 --- a/frameworks/js/napi/crypto/src/napi_asy_key_generator.cpp +++ b/frameworks/js/napi/crypto/src/napi_asy_key_generator.cpp @@ -15,6 +15,7 @@ #include "napi_asy_key_generator.h" +#include #include "securec.h" #include "log.h" #include "memory.h" @@ -700,6 +701,8 @@ static bool GetHcfKeyPairInstance(napi_env env, HcfKeyPair *returnKeyPair, napi_ napi_value NapiAsyKeyGenerator::JsGenerateKeyPairSync(napi_env env, napi_callback_info info) { + clock_t begin = clock(); + napi_value thisVar = nullptr; napi_get_cb_info(env, info, nullptr, nullptr, &thisVar, nullptr); @@ -734,6 +737,10 @@ napi_value NapiAsyKeyGenerator::JsGenerateKeyPairSync(napi_env env, napi_callbac return nullptr; } + clock_t end = clock(); + int duration = (end - begin)/CLOCKS_PER_SEC; + LOGD("duration num is:%d", duration); + return instance; } -- Gitee From 4989282a7abce998b0e6c6f1d766ff37f26c17ae Mon Sep 17 00:00:00 2001 From: lcc Date: Mon, 4 Nov 2024 16:05:26 +0800 Subject: [PATCH 2/4] =?UTF-8?q?=E6=94=AF=E6=8C=81=E9=9D=9E=E5=AF=B9?= =?UTF-8?q?=E7=A7=B0=E5=AF=86=E9=92=A5=E7=BC=96=E7=A0=81=E8=A7=A3=E7=A0=81?= =?UTF-8?q?=E8=83=BD=E5=8A=9B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: lcc --- .../inc/napi_crypto_framework_defines.h | 2 + frameworks/js/napi/crypto/inc/napi_utils.h | 2 + .../crypto/src/napi_asy_key_generator.cpp | 89 ++++--- .../js/napi/crypto/src/napi_pri_key.cpp | 45 +++- frameworks/js/napi/crypto/src/napi_utils.cpp | 179 +++++++++++++ interfaces/inner_api/key/asy_key_generator.h | 8 + interfaces/inner_api/key/key.h | 1 + interfaces/inner_api/key/pri_key.h | 12 + .../common/inc/openssl_adapter.h | 1 + .../common/inc/openssl_common.h | 1 + .../common/src/openssl_adapter.c | 5 + .../common/src/openssl_common.c | 1 + .../src/alg_25519_asy_key_generator_openssl.c | 6 +- .../src/dh_asy_key_generator_openssl.c | 6 +- .../src/dsa_asy_key_generator_openssl.c | 6 +- .../src/ecc_asy_key_generator_openssl.c | 6 +- .../src/rsa_asy_key_generator_openssl.c | 121 ++++++--- .../src/sm2_asy_key_generator_openssl.c | 6 +- .../src/crypto_rsa_asy_key_pem_test.cpp | 236 +++++++++++++++--- 19 files changed, 608 insertions(+), 125 deletions(-) diff --git a/frameworks/js/napi/crypto/inc/napi_crypto_framework_defines.h b/frameworks/js/napi/crypto/inc/napi_crypto_framework_defines.h index df7329d..4678886 100644 --- a/frameworks/js/napi/crypto/inc/napi_crypto_framework_defines.h +++ b/frameworks/js/napi/crypto/inc/napi_crypto_framework_defines.h @@ -55,6 +55,8 @@ const std::string IV_PARAMS = "iv"; const std::string AAD_PARAMS = "aad"; const std::string AUTHTAG_PARAMS = "authTag"; const std::string ALGO_PARAMS = "algName"; +const std::string PASSWD_PARAMS = "passWord"; +const std::string CIPHER_PARAMS = "cipherName"; const std::string ALGO_PARAMS_OLD = "algoName"; const std::string IV_PARAMS_SPEC = "IvParamsSpec"; const std::string GCM_PARAMS_SPEC = "GcmParamsSpec"; diff --git a/frameworks/js/napi/crypto/inc/napi_utils.h b/frameworks/js/napi/crypto/inc/napi_utils.h index 1d415c7..2858380 100644 --- a/frameworks/js/napi/crypto/inc/napi_utils.h +++ b/frameworks/js/napi/crypto/inc/napi_utils.h @@ -54,6 +54,8 @@ HcfBlob *GetBlobFromNapiUint8Arr(napi_env env, napi_value data); HcfBlob *GetBlobFromNapiDataBlob(napi_env env, napi_value arg); bool GetParamsSpecFromNapiValue(napi_env env, napi_value arg, HcfCryptoMode opMode, HcfParamsSpec **paramsSpec); +bool GetEncodingParamsSpec(napi_env env, napi_value arg, HcfParamsSpec **returnSpec); +bool GetDecodingParamsSpec(napi_env env, napi_value arg, HcfParamsSpec **returnSpec); napi_value ConvertBlobToNapiValue(napi_env env, HcfBlob *blob); napi_value ConvertObjectBlobToNapiValue(napi_env env, HcfBlob *blob); diff --git a/frameworks/js/napi/crypto/src/napi_asy_key_generator.cpp b/frameworks/js/napi/crypto/src/napi_asy_key_generator.cpp index 8dc8055..07a622f 100644 --- a/frameworks/js/napi/crypto/src/napi_asy_key_generator.cpp +++ b/frameworks/js/napi/crypto/src/napi_asy_key_generator.cpp @@ -15,7 +15,6 @@ #include "napi_asy_key_generator.h" -#include #include "securec.h" #include "log.h" #include "memory.h" @@ -318,15 +317,44 @@ static bool BuildConvertKeyCtx(napi_env env, napi_callback_info info, ConvertKey } } -static bool BuildConvertPemKeyCtx(napi_env env, napi_callback_info info, ConvertPemKeyCtx *ctx) +static bool ValidateAndGetParams(napi_env env, napi_callback_info info, std::string &pubKey, std::string &priKey, + HcfParamsSpec **paramsSpec) { napi_value thisVar = nullptr; - size_t expectedArgc = PARAMS_NUM_TWO; + size_t expectedArgc = PARAMS_NUM_THREE; size_t argc = expectedArgc; - napi_value argv[PARAMS_NUM_TWO] = { nullptr }; + napi_value argv[PARAMS_NUM_THREE] = { nullptr }; napi_get_cb_info(env, info, &argc, argv, &thisVar, nullptr); - if (argc != expectedArgc) { + if ((argc != expectedArgc) && (argc != (expectedArgc - 1))) { LOGE("wrong argument num. require %zu arguments. [Argc]: %zu!", expectedArgc, argc); + napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "invalid parameters.")); + return false; + } + + if (!GetPkAndSkStringFromNapiValueIfInput(env, argv[PARAM0], argv[PARAM1], pubKey, priKey)) { + LOGE("GetPkAndSkStringFromNapiValueIfInput failed."); + napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "GetPkAndSkStringFromNapiValueIfInput failed.")); + return false; + } + + if (argc == expectedArgc) { + if (!GetDecodingParamsSpec(env, argv[PARAM2], paramsSpec)) { + LOGE("get params failed!"); + napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "get napi paramsSpec failed!")); + return false; + } + } + return true; +} + +static bool BuildConvertPemKeyCtx(napi_env env, napi_callback_info info, ConvertPemKeyCtx *ctx) +{ + napi_value thisVar = nullptr; + napi_get_cb_info(env, info, nullptr, nullptr, &thisVar, nullptr); + std::string pubKey; + std::string priKey; + HcfParamsSpec *paramsSpec = nullptr; + if (!ValidateAndGetParams(env, info, pubKey, priKey, ¶msSpec)) { return false; } NapiAsyKeyGenerator *napiGenerator = nullptr; @@ -335,14 +363,9 @@ static bool BuildConvertPemKeyCtx(napi_env env, napi_callback_info info, Convert LOGE("failed to unwrap napi asyKeyGenerator obj."); return false; } - std::string pubKey = ""; - std::string priKey = ""; - if (!GetPkAndSkStringFromNapiValueIfInput(env, argv[PARAM0], argv[PARAM1], pubKey, priKey)) { - LOGE("GetPkAndSkStringFromNapiValueIfInput failed."); - return false; - } + ctx->generator = napiGenerator->GetAsyKeyGenerator(); - ctx->params = nullptr; + ctx->params = paramsSpec; ctx->pubKey = pubKey; ctx->priKey = priKey; if (napi_create_reference(env, thisVar, 1, &ctx->generatorRef) != napi_ok) { @@ -701,8 +724,6 @@ static bool GetHcfKeyPairInstance(napi_env env, HcfKeyPair *returnKeyPair, napi_ napi_value NapiAsyKeyGenerator::JsGenerateKeyPairSync(napi_env env, napi_callback_info info) { - clock_t begin = clock(); - napi_value thisVar = nullptr; napi_get_cb_info(env, info, nullptr, nullptr, &thisVar, nullptr); @@ -736,11 +757,6 @@ napi_value NapiAsyKeyGenerator::JsGenerateKeyPairSync(napi_env env, napi_callbac napi_throw(env, GenerateBusinessError(env, HCF_ERR_MALLOC, "failed to get generate key pair instance!")); return nullptr; } - - clock_t end = clock(); - int duration = (end - begin)/CLOCKS_PER_SEC; - LOGD("duration num is:%d", duration); - return instance; } @@ -845,9 +861,9 @@ napi_value NapiAsyKeyGenerator::JsConvertPemKey(napi_env env, napi_callback_info } static HcfResult ConvertPemKeySync(std::string &pubKey, std::string &priKey, HcfAsyKeyGenerator *generator, - HcfKeyPair **returnKeyPair) + HcfParamsSpec *paramsSpec, HcfKeyPair **returnKeyPair) { - HcfResult errCode = generator->convertPemKey(generator, nullptr, + HcfResult errCode = generator->convertPemKey(generator, paramsSpec, pubKey.c_str(), priKey.c_str(), returnKeyPair); if (errCode != HCF_SUCCESS) { LOGE("convertPemKey error!"); @@ -859,42 +875,35 @@ static HcfResult ConvertPemKeySync(std::string &pubKey, std::string &priKey, Hc napi_value NapiAsyKeyGenerator::JsConvertPemKeySync(napi_env env, napi_callback_info info) { napi_value thisVar = nullptr; - size_t expectedArgc = PARAMS_NUM_TWO; - size_t argc = expectedArgc; - napi_value argv[PARAMS_NUM_TWO] = { nullptr }; - napi_get_cb_info(env, info, &argc, argv, &thisVar, nullptr); - if (argc != expectedArgc) { - LOGE("wrong argument num. require %zu arguments. [Argc]: %zu!", expectedArgc, argc); - napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "invalid parameters.")); - return nullptr; + napi_get_cb_info(env, info, nullptr, nullptr, &thisVar, nullptr); + std::string pubKey; + std::string priKey; + HcfParamsSpec *paramsSpec = nullptr; + if (!ValidateAndGetParams(env, info, pubKey, priKey, ¶msSpec)) { + return NapiGetNull(env); } NapiAsyKeyGenerator *napiGenerator = nullptr; napi_status status = napi_unwrap(env, thisVar, reinterpret_cast(&napiGenerator)); if (status != napi_ok || napiGenerator == nullptr) { + HcfFree(paramsSpec); LOGE("failed to unwrap napi asyKeyGenerator obj."); napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "failed to unwrap napi asyKeyGenerator obj.")); return nullptr; } - std::string pubKey = ""; - std::string priKey = ""; - if (!GetPkAndSkStringFromNapiValueIfInput(env, argv[PARAM0], argv[PARAM1], pubKey, priKey)) { - LOGE("GetPkAndSkStringFromNapiValueIfInput failed."); - napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "GetPkAndSkStringFromNapiValueIfInput failed.")); - return nullptr; - } - HcfAsyKeyGenerator *generator = napiGenerator->GetAsyKeyGenerator(); if (generator == nullptr) { + HcfFree(paramsSpec); LOGE("GetAsyKeyGenerator failed!"); napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "GetAsyKeyGenerator failed!")); return nullptr; } HcfKeyPair *returnKeyPair = nullptr; - HcfResult errCode = ConvertPemKeySync(pubKey, priKey, generator, &(returnKeyPair)); + HcfResult errCode = ConvertPemKeySync(pubKey, priKey, generator, paramsSpec, &(returnKeyPair)); if (errCode != HCF_SUCCESS) { + HcfFree(paramsSpec); LOGE("ConvertPemKeySync error!"); napi_throw(env, GenerateBusinessError(env, errCode, "ConvertPemKeySync error!")); return nullptr; @@ -902,6 +911,7 @@ napi_value NapiAsyKeyGenerator::JsConvertPemKeySync(napi_env env, napi_callback_ NapiKeyPair *napiKeyPair = new (std::nothrow) NapiKeyPair(returnKeyPair); if (napiKeyPair == nullptr) { + HcfFree(paramsSpec); LOGE("new napi key pair failed"); napi_throw(env, GenerateBusinessError(env, HCF_ERR_MALLOC, "malloc context failed.")); HcfObjDestroy(returnKeyPair); @@ -910,6 +920,9 @@ napi_value NapiAsyKeyGenerator::JsConvertPemKeySync(napi_env env, napi_callback_ } napi_value instance = napiKeyPair->ConvertToJsKeyPair(env); + if (paramsSpec != nullptr) { + HcfFree(paramsSpec); + } return instance; } diff --git a/frameworks/js/napi/crypto/src/napi_pri_key.cpp b/frameworks/js/napi/crypto/src/napi_pri_key.cpp index 25ae8f2..23d990b 100644 --- a/frameworks/js/napi/crypto/src/napi_pri_key.cpp +++ b/frameworks/js/napi/crypto/src/napi_pri_key.cpp @@ -100,44 +100,64 @@ napi_value NapiPriKey::JsGetEncoded(napi_env env, napi_callback_info info) return instance; } -napi_value NapiPriKey::JsGetEncodedPem(napi_env env, napi_callback_info info) +static bool ValidateAndGetParams(napi_env env, napi_callback_info info, std::string &format, + HcfParamsSpec **paramsSpec, NapiPriKey **napiPriKey) { - size_t expectedArgc = PARAMS_NUM_ONE; + size_t expectedArgc = PARAMS_NUM_TWO; size_t argc = expectedArgc; - napi_value argv[PARAMS_NUM_ONE] = { nullptr }; napi_value thisVar = nullptr; + napi_value argv[PARAMS_NUM_TWO] = { nullptr }; napi_get_cb_info(env, info, &argc, argv, &thisVar, nullptr); - if (argc != expectedArgc) { + if ((argc != expectedArgc) && (argc != (expectedArgc - 1))) { LOGE("The input args num is invalid."); napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "The input args num is invalid.")); - return NapiGetNull(env); + return false; } - std::string format = ""; if (!GetStringFromJSParams(env, argv[0], format)) { LOGE("failed to get formatStr."); napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "failed to get formatStr.")); - return NapiGetNull(env); + return false; } - NapiPriKey *napiPriKey = nullptr; - napi_status status = napi_unwrap(env, thisVar, reinterpret_cast(&napiPriKey)); + if (argc == expectedArgc) { + if (!GetEncodingParamsSpec(env, argv[1], paramsSpec)) { + LOGE("get params failed!"); + napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "get napi paramsSpec failed!")); + return false; + } + } + + napi_status status = napi_unwrap(env, thisVar, reinterpret_cast(napiPriKey)); if (status != napi_ok || napiPriKey == nullptr) { LOGE("failed to unwrap napiPriKey obj!"); napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "failed to unwrap napiPriKey obj!")); - return nullptr; + return false; + } + return true; +} + +napi_value NapiPriKey::JsGetEncodedPem(napi_env env, napi_callback_info info) +{ + std::string format; + HcfParamsSpec *paramsSpec = nullptr; + NapiPriKey *napiPriKey = nullptr; + if (!ValidateAndGetParams(env, info, format, ¶msSpec, &napiPriKey)) { + return NapiGetNull(env); } HcfPriKey *priKey = napiPriKey->GetPriKey(); if (priKey == nullptr) { + HcfFree(paramsSpec); LOGE("failed to get priKey obj!"); napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "failed to get priKey obj!")); return nullptr; } char *returnString = nullptr; - HcfResult res = priKey->base.getEncodedPem(&priKey->base, format.c_str(), &returnString); + HcfResult res = priKey->getEncodedPem(priKey, paramsSpec, format.c_str(), &returnString); if (res != HCF_SUCCESS) { + HcfFree(paramsSpec); LOGE("getEncodedPem fail."); napi_throw(env, GenerateBusinessError(env, res, "getEncodedPem fail.")); return nullptr; @@ -145,6 +165,9 @@ napi_value NapiPriKey::JsGetEncodedPem(napi_env env, napi_callback_info info) napi_value instance = nullptr; napi_create_string_utf8(env, returnString, NAPI_AUTO_LENGTH, &instance); HcfFree(returnString); + if (paramsSpec != nullptr) { + HcfFree(paramsSpec); + } return instance; } diff --git a/frameworks/js/napi/crypto/src/napi_utils.cpp b/frameworks/js/napi/crypto/src/napi_utils.cpp index b95168b..3d67ff2 100644 --- a/frameworks/js/napi/crypto/src/napi_utils.cpp +++ b/frameworks/js/napi/crypto/src/napi_utils.cpp @@ -28,11 +28,14 @@ #include "detailed_alg_25519_key_params.h" #include "detailed_dh_key_params.h" #include "utils.h" +#include "pri_key.h" +#include "asy_key_generator.h" namespace OHOS { namespace CryptoFramework { using namespace std; +constexpr int PASSWORD_MAX_LENGTH = 4096; struct AsyKeySpecItemRelationT { AsyKeySpecItem item; int32_t itemType; @@ -546,6 +549,182 @@ bool GetParamsSpecFromNapiValue(napi_env env, napi_value arg, HcfCryptoMode opMo } } +static bool GetCharArrayFromJsString(napi_env env, napi_value arg, HcfBlob *retBlob) +{ + size_t length = 0; + if (napi_get_value_string_utf8(env, arg, nullptr, 0, &length) != napi_ok) { + LOGE("can not get char string length"); + return false; + } + if (length > PASSWORD_MAX_LENGTH) { + LOGE("password length should not exceed 4096"); + return false; + } + if (length == 0) { + LOGD("empty string"); + return false; + } + char *tmpPassword = static_cast(HcfMalloc(length + 1, 0)); + if (tmpPassword == nullptr) { + LOGE("malloc string failed"); + return false; + } + if (napi_get_value_string_utf8(env, arg, tmpPassword, (length + 1), &length) != napi_ok) { + LOGE("can not get char string value"); + HcfFree(tmpPassword); + return false; + } + retBlob->data = reinterpret_cast(tmpPassword); + retBlob->len = length; + return true; +} + +static bool InitEncodingParams(napi_env env, napi_value passWd, napi_value cipher, + HcfKeyEncodingParamsSpec *spec, HcfBlob *tmpPw, HcfBlob *tmpCipher) +{ + if (!GetCharArrayFromJsString(env, passWd, tmpPw)) { + LOGE("Failed to get passWord string from napi!"); + return false; + } + + if (!GetCharArrayFromJsString(env, cipher, tmpCipher)) { + LOGE("Failed to get cipher string from napi!"); + HcfBlobDataFree(tmpPw); + return false; + } + + spec->cipher = reinterpret_cast(HcfMalloc(tmpCipher->len, 0)); + spec->password = reinterpret_cast(HcfMalloc(tmpPw->len, 0)); + if (!spec->cipher || !spec->password) { + LOGE("malloc cipher or password failed!"); + HcfBlobDataFree(tmpPw); + HcfBlobDataFree(tmpCipher); + if (spec->cipher) { + HcfFree((void*)spec->cipher); + } + if (spec->password) { + HcfFree((void*)spec->password); + } + return false; + } + + if (memcpy_s((void *)spec->cipher, tmpCipher->len, + reinterpret_cast(tmpCipher->data), tmpCipher->len) != EOK || + memcpy_s((void *)spec->password, tmpPw->len, + reinterpret_cast(tmpPw->data), tmpPw->len) != EOK) { + return false; + } + return true; +} + +bool GetEncodingParamsSpec(napi_env env, napi_value arg, HcfParamsSpec **returnSpec) +{ + if ((env == nullptr) || (arg == nullptr) || (returnSpec == nullptr)) { + LOGE("Invalid params."); + return false; + } + + HcfKeyEncodingParamsSpec *encodingParamsSpec = + reinterpret_cast(HcfMalloc(sizeof(HcfKeyEncodingParamsSpec), 0)); + if (encodingParamsSpec == nullptr) { + LOGE("encodingParamsSpec malloc failed!"); + return false; + } + + napi_value passWd = GetDetailAsyKeySpecValue(env, arg, PASSWD_PARAMS); + napi_value cipher = GetDetailAsyKeySpecValue(env, arg, CIPHER_PARAMS); + if ((passWd == nullptr) || (cipher == nullptr)) { + LOGE("Invalid params."); + HcfFree(encodingParamsSpec); + return false; + } + HcfBlob tmpPw = { .data = nullptr, .len = 0 }; + HcfBlob tmpCipher = { .data = nullptr, .len = 0 }; + if (!InitEncodingParams(env, passWd, cipher, encodingParamsSpec, &tmpPw, &tmpCipher)) { + LOGE("Failed to get passWord string from napi!"); + HcfFree(encodingParamsSpec); + return false; + } + *returnSpec = reinterpret_cast(encodingParamsSpec); + HcfBlobDataClearAndFree(&tmpPw); + HcfBlobDataClearAndFree(&tmpCipher); + return true; +} + +static HcfBlob *GetBlobFromStringJSParams(napi_env env, napi_value arg) +{ + napi_valuetype valueType; + napi_typeof(env, arg, &valueType); + if (valueType != napi_string) { + LOGE("wrong argument type. expect string type. [Type]: %d", valueType); + return nullptr; + } + + size_t length = 0; + if (napi_get_value_string_utf8(env, arg, nullptr, 0, &length) != napi_ok) { + LOGE("can not get string length"); + return nullptr; + } + + if (length == 0) { + LOGE("string length is 0"); + return nullptr; + } + + HcfBlob *newBlob = static_cast(HcfMalloc(sizeof(HcfBlob), 0)); + if (newBlob == nullptr) { + LOGE("Failed to allocate newBlob memory!"); + return nullptr; + } + + newBlob->len = length + 1; + newBlob->data = static_cast(HcfMalloc(newBlob->len, 0)); + if (newBlob->data == nullptr) { + LOGE("malloc blob data failed!"); + HcfFree(newBlob); + return nullptr; + } + + if (napi_get_value_string_utf8(env, arg, reinterpret_cast(newBlob->data), newBlob->len, &length) != + napi_ok) { + LOGE("can not get string value"); + HcfFree(newBlob->data); + HcfFree(newBlob); + return nullptr; + } + + return newBlob; +} + +bool GetDecodingParamsSpec(napi_env env, napi_value arg, HcfParamsSpec **returnSpec) +{ + HcfKeyDecodingParamsSpec *decodingParamsSpec = + reinterpret_cast(HcfMalloc(sizeof(HcfKeyDecodingParamsSpec), 0)); + if (decodingParamsSpec == nullptr) { + LOGE("decodingParamsSpec malloc failed!"); + return false; + } + + HcfBlob *tmpPw = GetBlobFromStringJSParams(env, arg); + if (tmpPw == nullptr) { + LOGE("Failed to get passWord string from napi!"); + HcfFree(decodingParamsSpec); + return false; + } + if (tmpPw->len > PASSWORD_MAX_LENGTH) { + LOGE("Password length exceeds max length limit of 4096 bytes!"); + HcfBlobDataFree(tmpPw); + HcfFree(decodingParamsSpec); + return false; + } + decodingParamsSpec->password = reinterpret_cast(HcfMalloc(tmpPw->len, 0)); + (void)memcpy_s((void *)decodingParamsSpec->password, tmpPw->len, + reinterpret_cast(tmpPw->data), tmpPw->len); + *returnSpec = reinterpret_cast(decodingParamsSpec); + HcfBlobDataClearAndFree(tmpPw); + return true; +} + napi_value GetDetailAsyKeySpecValue(napi_env env, napi_value arg, string argName) { napi_value data = nullptr; diff --git a/interfaces/inner_api/key/asy_key_generator.h b/interfaces/inner_api/key/asy_key_generator.h index b89c518..f56f243 100644 --- a/interfaces/inner_api/key/asy_key_generator.h +++ b/interfaces/inner_api/key/asy_key_generator.h @@ -90,6 +90,14 @@ struct HcfAsyKeyGeneratorBySpec { const char *(*getAlgName)(const HcfAsyKeyGeneratorBySpec *self); }; +typedef struct HcfKeyDecodingParamsSpec HcfKeyDecodingParamsSpec; + +struct HcfKeyDecodingParamsSpec { + HcfParamsSpec base; + + const char *password; +}; + #ifdef __cplusplus extern "C" { #endif diff --git a/interfaces/inner_api/key/key.h b/interfaces/inner_api/key/key.h index 6f3b2fe..d5e8074 100644 --- a/interfaces/inner_api/key/key.h +++ b/interfaces/inner_api/key/key.h @@ -19,6 +19,7 @@ #include "blob.h" #include "result.h" #include "object_base.h" +#include "algorithm_parameter.h" typedef enum { DSA_P_BN = 101, diff --git a/interfaces/inner_api/key/pri_key.h b/interfaces/inner_api/key/pri_key.h index d2b2e59..aa1e89f 100644 --- a/interfaces/inner_api/key/pri_key.h +++ b/interfaces/inner_api/key/pri_key.h @@ -33,7 +33,19 @@ struct HcfPriKey { HcfResult (*getEncodedDer)(const HcfPriKey *self, const char *format, HcfBlob *returnBlob); + HcfResult (*getEncodedPem)(const HcfPriKey *self, HcfParamsSpec *params, const char *format, char **returnString); + void (*clearMem)(HcfPriKey *self); }; +typedef struct HcfKeyEncodingParamsSpec HcfKeyEncodingParamsSpec; +struct HcfKeyEncodingParamsSpec { + HcfParamsSpec base; + + const char *password; + + const char *cipher; +}; + + #endif diff --git a/plugin/openssl_plugin/common/inc/openssl_adapter.h b/plugin/openssl_plugin/common/inc/openssl_adapter.h index ab212bc..d624f9c 100644 --- a/plugin/openssl_plugin/common/inc/openssl_adapter.h +++ b/plugin/openssl_plugin/common/inc/openssl_adapter.h @@ -383,6 +383,7 @@ int OpensslEcPointGetAffineCoordinates(const EC_GROUP *group, const EC_POINT *p, OSSL_ENCODER_CTX *OpensslOsslEncoderCtxNewForPkey(const EVP_PKEY *pkey, int selection, const char *outputType, const char *outputStruct, const char *propquery); int OpensslOsslEncoderToData(OSSL_ENCODER_CTX *ctx, unsigned char **pdata, size_t *len); +int OpensslOsslDecoderCtxSetPassPhrase(OSSL_DECODER_CTX *ctx, const unsigned char *kstr, size_t klen); void OpensslOsslEncoderCtxFree(OSSL_ENCODER_CTX *ctx); OSSL_DECODER_CTX *OpensslOsslDecoderCtxNewForPkey(EVP_PKEY **pkey, const char *inputType, const char *inputStructure, const char *keytype, int selection, OSSL_LIB_CTX *libctx, const char *propquery); diff --git a/plugin/openssl_plugin/common/inc/openssl_common.h b/plugin/openssl_plugin/common/inc/openssl_common.h index a136084..f88de39 100644 --- a/plugin/openssl_plugin/common/inc/openssl_common.h +++ b/plugin/openssl_plugin/common/inc/openssl_common.h @@ -27,6 +27,7 @@ #include "params_parser.h" #include "result.h" #include "utils.h" +#include "algorithm_parameter.h" #define HCF_OPENSSL_SUCCESS 1 /* openssl return 1: success */ #define HCF_BITS_PER_BYTE 8 diff --git a/plugin/openssl_plugin/common/src/openssl_adapter.c b/plugin/openssl_plugin/common/src/openssl_adapter.c index f38dd44..fb3b1e0 100644 --- a/plugin/openssl_plugin/common/src/openssl_adapter.c +++ b/plugin/openssl_plugin/common/src/openssl_adapter.c @@ -1473,6 +1473,11 @@ int OpensslOsslEncoderToData(OSSL_ENCODER_CTX *ctx, unsigned char **pdata, size_ return OSSL_ENCODER_to_data(ctx, pdata, len); } +int OpensslOsslDecoderCtxSetPassPhrase(OSSL_DECODER_CTX *ctx, const unsigned char *kstr, size_t klen) +{ + return OSSL_DECODER_CTX_set_passphrase(ctx, kstr, klen); +} + void OpensslOsslEncoderCtxFree(OSSL_ENCODER_CTX *ctx) { OSSL_ENCODER_CTX_free(ctx); diff --git a/plugin/openssl_plugin/common/src/openssl_common.c b/plugin/openssl_plugin/common/src/openssl_common.c index 3669142..f81210a 100644 --- a/plugin/openssl_plugin/common/src/openssl_common.c +++ b/plugin/openssl_plugin/common/src/openssl_common.c @@ -26,6 +26,7 @@ #include "result.h" #include "params_parser.h" #include "utils.h" +#include "pri_key.h" #define HCF_OPENSSL_DIGEST_NONE_STR "NONE" #define HCF_OPENSSL_DIGEST_MD5_STR "MD5" diff --git a/plugin/openssl_plugin/key/asy_key_generator/src/alg_25519_asy_key_generator_openssl.c b/plugin/openssl_plugin/key/asy_key_generator/src/alg_25519_asy_key_generator_openssl.c index d29922b..13be947 100644 --- a/plugin/openssl_plugin/key/asy_key_generator/src/alg_25519_asy_key_generator_openssl.c +++ b/plugin/openssl_plugin/key/asy_key_generator/src/alg_25519_asy_key_generator_openssl.c @@ -234,9 +234,11 @@ static HcfResult GetAlg25519PriKeyEncoded(HcfKey *self, HcfBlob *returnBlob) return HCF_SUCCESS; } -static HcfResult GetAlg25519PriKeyEncodedPem(HcfKey *self, const char *format, char **returnString) +static HcfResult GetAlg25519PriKeyEncodedPem(const HcfPriKey *self, HcfParamsSpec *paramsSpec, const char *format, + char **returnString) { (void)self; + (void)paramsSpec; (void)format; (void)returnString; return HCF_INVALID_PARAMS; @@ -509,7 +511,7 @@ static void FillOpensslAlg25519PriKeyFunc(HcfOpensslAlg25519PriKey *sk) sk->base.base.base.getClass = GetAlg25519PriKeyClass; sk->base.base.getAlgorithm = GetAlg25519PriKeyAlgorithm; sk->base.base.getEncoded = GetAlg25519PriKeyEncoded; - sk->base.base.getEncodedPem = GetAlg25519PriKeyEncodedPem; + sk->base.getEncodedPem = GetAlg25519PriKeyEncodedPem; sk->base.base.getFormat = GetAlg25519PriKeyFormat; sk->base.getAsyKeySpecBigInteger = GetBigIntegerSpecFromAlg25519PriKey; sk->base.getAsyKeySpecInt = GetIntSpecFromAlg25519PriKey; diff --git a/plugin/openssl_plugin/key/asy_key_generator/src/dh_asy_key_generator_openssl.c b/plugin/openssl_plugin/key/asy_key_generator/src/dh_asy_key_generator_openssl.c index 8be2648..dc28494 100644 --- a/plugin/openssl_plugin/key/asy_key_generator/src/dh_asy_key_generator_openssl.c +++ b/plugin/openssl_plugin/key/asy_key_generator/src/dh_asy_key_generator_openssl.c @@ -238,9 +238,11 @@ static HcfResult GetDhPriKeyEncoded(HcfKey *self, HcfBlob *returnBlob) return HCF_SUCCESS; } -static HcfResult GetDhPriKeyEncodedPem(HcfKey *self, const char *format, char **returnString) +static HcfResult GetDhPriKeyEncodedPem(const HcfPriKey *self, HcfParamsSpec *paramsSpec, const char *format, + char **returnString) { (void)self; + (void)paramsSpec; (void)format; (void)returnString; return HCF_INVALID_PARAMS; @@ -524,7 +526,7 @@ static void FillOpensslDhPriKeyFunc(HcfOpensslDhPriKey *sk) sk->base.base.base.getClass = GetDhPriKeyClass; sk->base.base.getAlgorithm = GetDhPriKeyAlgorithm; sk->base.base.getEncoded = GetDhPriKeyEncoded; - sk->base.base.getEncodedPem = GetDhPriKeyEncodedPem; + sk->base.getEncodedPem = GetDhPriKeyEncodedPem; sk->base.base.getFormat = GetDhPriKeyFormat; sk->base.getAsyKeySpecBigInteger = GetBigIntegerSpecFromDhPriKey; sk->base.getAsyKeySpecInt = GetIntSpecFromDhPriKey; diff --git a/plugin/openssl_plugin/key/asy_key_generator/src/dsa_asy_key_generator_openssl.c b/plugin/openssl_plugin/key/asy_key_generator/src/dsa_asy_key_generator_openssl.c index 2dff817..0a29419 100644 --- a/plugin/openssl_plugin/key/asy_key_generator/src/dsa_asy_key_generator_openssl.c +++ b/plugin/openssl_plugin/key/asy_key_generator/src/dsa_asy_key_generator_openssl.c @@ -215,9 +215,11 @@ static HcfResult GetDsaPriKeyEncoded(HcfKey *self, HcfBlob *returnBlob) return HCF_SUCCESS; } -static HcfResult GetDsaPriKeyEncodedPem(HcfKey *self, const char *format, char **returnString) +static HcfResult GetDsaPriKeyEncodedPem(const HcfPriKey *self, HcfParamsSpec *paramsSpec, const char *format, + char **returnString) { (void)self; + (void)paramsSpec; (void)format; (void)returnString; return HCF_INVALID_PARAMS; @@ -449,7 +451,7 @@ static void FillOpensslDsaPriKeyFunc(HcfOpensslDsaPriKey *sk) sk->base.base.base.getClass = GetDsaPriKeyClass; sk->base.base.getAlgorithm = GetDsaPriKeyAlgorithm; sk->base.base.getEncoded = GetDsaPriKeyEncoded; - sk->base.base.getEncodedPem = GetDsaPriKeyEncodedPem; + sk->base.getEncodedPem = GetDsaPriKeyEncodedPem; sk->base.base.getFormat = GetDsaPriKeyFormat; sk->base.getAsyKeySpecBigInteger = GetBigIntegerSpecFromDsaPriKey; sk->base.getAsyKeySpecInt = GetIntSpecFromDsaPriKey; diff --git a/plugin/openssl_plugin/key/asy_key_generator/src/ecc_asy_key_generator_openssl.c b/plugin/openssl_plugin/key/asy_key_generator/src/ecc_asy_key_generator_openssl.c index 3289032..d61bc9e 100644 --- a/plugin/openssl_plugin/key/asy_key_generator/src/ecc_asy_key_generator_openssl.c +++ b/plugin/openssl_plugin/key/asy_key_generator/src/ecc_asy_key_generator_openssl.c @@ -1305,9 +1305,11 @@ static HcfResult GetEccPriKeyEncoded(HcfKey *self, HcfBlob *returnBlob) return HCF_SUCCESS; } -static HcfResult GetEccPriKeyEncodedPem(HcfKey *self, const char *format, char **returnString) +static HcfResult GetEccPriKeyEncodedPem(const HcfPriKey *self, HcfParamsSpec *paramsSpec, const char *format, + char **returnString) { (void)self; + (void)paramsSpec; (void)format; (void)returnString; return HCF_INVALID_PARAMS; @@ -1679,7 +1681,7 @@ static HcfResult PackEccPriKey(int32_t curveId, EC_KEY *ecKey, const char *field returnPriKey->base.base.base.getClass = GetEccPriKeyClass; returnPriKey->base.base.getAlgorithm = GetEccPriKeyAlgorithm; returnPriKey->base.base.getEncoded = GetEccPriKeyEncoded; - returnPriKey->base.base.getEncodedPem = GetEccPriKeyEncodedPem; + returnPriKey->base.getEncodedPem = GetEccPriKeyEncodedPem; returnPriKey->base.base.getFormat = GetEccPriKeyFormat; returnPriKey->base.clearMem = EccPriKeyClearMem; returnPriKey->base.getAsyKeySpecBigInteger = GetECPriKeySpecBigInteger; diff --git a/plugin/openssl_plugin/key/asy_key_generator/src/rsa_asy_key_generator_openssl.c b/plugin/openssl_plugin/key/asy_key_generator/src/rsa_asy_key_generator_openssl.c index fc31e1d..71189bd 100644 --- a/plugin/openssl_plugin/key/asy_key_generator/src/rsa_asy_key_generator_openssl.c +++ b/plugin/openssl_plugin/key/asy_key_generator/src/rsa_asy_key_generator_openssl.c @@ -29,6 +29,7 @@ #include "memory.h" #include "rsa_openssl_common.h" #include "utils.h" +#include "asy_key_generator.h" #include "rsa_asy_key_generator_openssl.h" @@ -72,6 +73,28 @@ typedef struct { HcfAsyKeyGenSpiRsaParams *params; } HcfAsyKeyGeneratorSpiRsaOpensslImpl; +#define CIPHER_LIST_SIZE 4 + +static const char *g_supportedCiphers[] = { + "DES-EDE3-CBC", + "AES-128-CBC", + "AES-192-CBC", + "AES-256-CBC" +}; + +static bool IsCipherSupported(const char *cipher) +{ + if (cipher == NULL) { + return false; + } + for (size_t i = 0; i < CIPHER_LIST_SIZE; i++) { + if (strcmp(cipher, g_supportedCiphers[i]) == 0) { + return true; + } + } + return false; +} + static HcfResult CheckRsaKeyGenParams(HcfAsyKeyGenSpiRsaParams *params) { switch (params->bits) { @@ -582,7 +605,7 @@ static HcfResult GetPriKeyEncoded(HcfKey *self, HcfBlob *returnBlob) return EncodePriKeyToPKCS8(impl->sk, returnBlob); } -static HcfResult GetPrikeyPkcs8Pem(EVP_PKEY *pkey, char **returnString) +static HcfResult GetPrikeyPkcs8Pem(EVP_PKEY *pkey, const EVP_CIPHER *cipher, const char *passWord, char **returnString) { BIO *bio = OpensslBioNew(OpensslBioSMem()); if (bio == NULL) { @@ -590,7 +613,13 @@ static HcfResult GetPrikeyPkcs8Pem(EVP_PKEY *pkey, char **returnString) HcfPrintOpensslError(); return HCF_ERR_CRYPTO_OPERATION; } - int ret = PEM_write_bio_PKCS8PrivateKey(bio, pkey, NULL, NULL, 0, NULL, NULL); + + size_t passLen = 0; + if (passWord != NULL) { + passLen = strlen(passWord); + } + + int ret = PEM_write_bio_PKCS8PrivateKey(bio, pkey, cipher, passWord, passLen, NULL, NULL); if (ret != HCF_OPENSSL_SUCCESS) { LOGE("OpensslPemWriteBioPkcs8PrivateKey fail."); HcfPrintOpensslError(); @@ -606,7 +635,7 @@ static HcfResult GetPrikeyPkcs8Pem(EVP_PKEY *pkey, char **returnString) return HCF_SUCCESS; } -static HcfResult GetPrikeyPkcs1Pem(RSA *sk, char **returnString) +static HcfResult GetPrikeyPkcs1Pem(EVP_PKEY *pkey, const EVP_CIPHER *cipher, const char *passWord, char **returnString) { BIO *bio = OpensslBioNew(OpensslBioSMem()); if (bio == NULL) { @@ -614,7 +643,13 @@ static HcfResult GetPrikeyPkcs1Pem(RSA *sk, char **returnString) HcfPrintOpensslError(); return HCF_ERR_CRYPTO_OPERATION; } - int ret = PEM_write_bio_RSAPrivateKey(bio, sk, NULL, NULL, 0, NULL, NULL); + + size_t passLen = 0; + if (passWord != NULL) { + passLen = strlen(passWord); + } + + int ret = PEM_write_bio_PrivateKey_traditional(bio, pkey, cipher, (unsigned char *)passWord, passLen, NULL, NULL); if (ret != HCF_OPENSSL_SUCCESS) { LOGE("OpensslPemWriteBioRsaPrivateKey fail."); HcfPrintOpensslError(); @@ -630,25 +665,29 @@ static HcfResult GetPrikeyPkcs1Pem(RSA *sk, char **returnString) return HCF_SUCCESS; } -static HcfResult GetPriKeyPem(const char *format, EVP_PKEY *pkey, RSA *sk, char **returnString) +static HcfResult GetPriKeyPem(const char *format, EVP_PKEY *pkey, const EVP_CIPHER *cipher, + const char *passWord, char **returnString) { HcfResult result; if (strcmp(format, "PKCS8") == 0) { - result = GetPrikeyPkcs8Pem(pkey, returnString); + result = GetPrikeyPkcs8Pem(pkey, cipher, passWord, returnString); if (result != HCF_SUCCESS) { return result; } - } - if (strcmp(format, "PKCS1") == 0) { - result = GetPrikeyPkcs1Pem(sk, returnString); + } else if (strcmp(format, "PKCS1") == 0) { + result = GetPrikeyPkcs1Pem(pkey, cipher, passWord, returnString); if (result != HCF_SUCCESS) { return result; } + } else { + LOGE("format is invalid."); + return HCF_INVALID_PARAMS; } return HCF_SUCCESS; } -static HcfResult GetPriKeyEncodedPem(HcfKey *self, const char *format, char **returnString) +static HcfResult GetPriKeyEncodedPem(const HcfPriKey *self, HcfParamsSpec *params, const char *format, + char **returnString) { if (self == NULL || format == NULL|| returnString == NULL) { LOGE("param is null."); @@ -659,15 +698,6 @@ static HcfResult GetPriKeyEncodedPem(HcfKey *self, const char *format, char **re LOGE("Class not match."); return HCF_INVALID_PARAMS; } - char *outPutStruct = NULL; - if (strcmp(format, "PKCS1") == 0) { - outPutStruct = "type-specific"; - } else if (strcmp(format, "PKCS8") == 0) { - outPutStruct = "PrivateKeyInfo"; - } else { - LOGE("format is invalid."); - return HCF_INVALID_PARAMS; - } HcfOpensslRsaPriKey *impl = (HcfOpensslRsaPriKey *)self; EVP_PKEY *pkey = NewEvpPkeyByRsa(impl->sk, true); @@ -676,14 +706,33 @@ static HcfResult GetPriKeyEncodedPem(HcfKey *self, const char *format, char **re return HCF_ERR_CRYPTO_OPERATION; } - HcfResult result = GetKeyEncodedPem(pkey, outPutStruct, EVP_PKEY_KEYPAIR, returnString); - if (result != HCF_SUCCESS) { - if (GetPriKeyPem(format, pkey, impl->sk, returnString) != HCF_SUCCESS) { - LOGE("GetPriKeyPem failed."); + const EVP_CIPHER *cipher = NULL; + const char *passWord = NULL; + if (params != NULL) { + HcfKeyEncodingParamsSpec *spec = (HcfKeyEncodingParamsSpec *)params; + const char *cipherStr = spec->cipher; + if (!IsCipherSupported(cipherStr)) { + LOGE("Cipher algorithm %s not supported", cipherStr); OpensslEvpPkeyFree(pkey); - return HCF_ERR_CRYPTO_OPERATION; + return HCF_NOT_SUPPORT; } + cipher = EVP_CIPHER_fetch(NULL, cipherStr, NULL); + passWord = spec->password; + } + + HcfResult result = GetPriKeyPem(format, pkey, cipher, passWord, returnString); + if (result != HCF_SUCCESS) { + LOGE("GetPriKeyPem failed."); + OpensslEvpPkeyFree(pkey); + return result; } + + if (params != NULL) { + HcfKeyEncodingParamsSpec *spec = (HcfKeyEncodingParamsSpec *)params; + HcfFree((void *)spec->cipher); + HcfFree((void *)spec->password); + } + OpensslEvpPkeyFree(pkey); return HCF_SUCCESS; } @@ -802,7 +851,7 @@ static HcfResult PackPriKey(RSA *rsaPriKey, HcfOpensslRsaPriKey **retPriKey) (*retPriKey)->base.clearMem = ClearPriKeyMem; (*retPriKey)->base.base.getAlgorithm = GetPriKeyAlgorithm; (*retPriKey)->base.base.getEncoded = GetPriKeyEncoded; - (*retPriKey)->base.base.getEncodedPem = GetPriKeyEncodedPem; + (*retPriKey)->base.getEncodedPem = GetPriKeyEncodedPem; (*retPriKey)->base.base.getFormat = GetPriKeyFormat; (*retPriKey)->base.base.base.getClass = GetOpensslPrikeyClass; (*retPriKey)->base.base.base.destroy = DestroyPriKey; @@ -1001,7 +1050,7 @@ ERR: return ret; } -static HcfResult ConvertPemKeyToKey(const char *keyStr, int selection, RSA **rsa) +static HcfResult ConvertPemKeyToKey(const char *keyStr, HcfParamsSpec *params, int selection, RSA **rsa) { EVP_PKEY *pkey = NULL; const char *inputType = "PEM"; @@ -1013,6 +1062,16 @@ static HcfResult ConvertPemKeyToKey(const char *keyStr, int selection, RSA **rsa HcfPrintOpensslError(); return HCF_ERR_CRYPTO_OPERATION; } + if (params != NULL) { + HcfKeyDecodingParamsSpec *spec = (HcfKeyDecodingParamsSpec *)params; + const unsigned char *passWd = (const unsigned char *)spec->password; + if (OpensslOsslDecoderCtxSetPassPhrase(ctx, passWd, strlen(spec->password)) != HCF_OPENSSL_SUCCESS) { + HcfPrintOpensslError(); + OpensslOsslDecoderCtxFree(ctx); + return HCF_ERR_CRYPTO_OPERATION; + } + HcfFree((void *)spec->password); + } size_t pdataLen = strlen(keyStr); const unsigned char *pdata = (const unsigned char *)keyStr; int ret = OpensslOsslDecoderFromData(ctx, &pdata, &pdataLen); @@ -1037,7 +1096,7 @@ static HcfResult ConvertPemPubKey(const char *pubKeyStr, int selection, HcfOpens { RSA *rsaPk = NULL; HcfResult ret; - ret = ConvertPemKeyToKey(pubKeyStr, selection, &rsaPk); + ret = ConvertPemKeyToKey(pubKeyStr, NULL, selection, &rsaPk); if (ret != HCF_SUCCESS) { LOGE("ConvertPemKeyToKey failed."); return ret; @@ -1074,11 +1133,12 @@ ERR: return ret; } -static HcfResult ConvertPemPriKey(const char *priKeyStr, int selection, HcfOpensslRsaPriKey **priKeyRet) +static HcfResult ConvertPemPriKey(const char *priKeyStr, HcfParamsSpec *params, int selection, + HcfOpensslRsaPriKey **priKeyRet) { RSA *rsaSk = NULL; HcfResult ret; - ret = ConvertPemKeyToKey(priKeyStr, selection, &rsaSk); + ret = ConvertPemKeyToKey(priKeyStr, params, selection, &rsaSk); if (ret != HCF_SUCCESS) { LOGE("ConvertPemKeyToKey failed."); return ret; @@ -1148,7 +1208,6 @@ static HcfResult EngineConvertKey(HcfAsyKeyGeneratorSpi *self, HcfParamsSpec *pa static HcfResult EngineConvertPemKey(HcfAsyKeyGeneratorSpi *self, HcfParamsSpec *params, const char *pubKeyStr, const char *priKeyStr, HcfKeyPair **returnKeyPair) { - (void)params; if ((self == NULL) || (returnKeyPair == NULL) || ((pubKeyStr == NULL) && (priKeyStr == NULL))) { LOGE("ConvertPemKeyParams is invalid."); return HCF_INVALID_PARAMS; @@ -1166,7 +1225,7 @@ static HcfResult EngineConvertPemKey(HcfAsyKeyGeneratorSpi *self, HcfParamsSpec } HcfOpensslRsaPriKey *priKey = NULL; if (priKeyStr != NULL && strlen(priKeyStr) != 0) { - if (ConvertPemPriKey(priKeyStr, EVP_PKEY_KEYPAIR, &priKey) != HCF_SUCCESS) { + if (ConvertPemPriKey(priKeyStr, params, EVP_PKEY_KEYPAIR, &priKey) != HCF_SUCCESS) { LOGE("convert prikey fail."); HcfObjDestroy((HcfObjectBase *)pubKey); return HCF_ERR_CRYPTO_OPERATION; diff --git a/plugin/openssl_plugin/key/asy_key_generator/src/sm2_asy_key_generator_openssl.c b/plugin/openssl_plugin/key/asy_key_generator/src/sm2_asy_key_generator_openssl.c index 0129be4..174221d 100644 --- a/plugin/openssl_plugin/key/asy_key_generator/src/sm2_asy_key_generator_openssl.c +++ b/plugin/openssl_plugin/key/asy_key_generator/src/sm2_asy_key_generator_openssl.c @@ -520,9 +520,11 @@ static HcfResult GetSm2PriKeyEncoded(HcfKey *self, HcfBlob *returnBlob) return HCF_SUCCESS; } -static HcfResult GetSm2PriKeyEncodedPem(HcfKey *self, const char *format, char **returnString) +static HcfResult GetSm2PriKeyEncodedPem(const HcfPriKey *self, HcfParamsSpec *paramsSpec, const char *format, + char **returnString) { (void)self; + (void)paramsSpec; (void)format; (void)returnString; return HCF_INVALID_PARAMS; @@ -823,7 +825,7 @@ static HcfResult PackSm2PriKey(int32_t curveId, EC_KEY *ecKey, const char *field returnPriKey->base.base.base.getClass = GetSm2PriKeyClass; returnPriKey->base.base.getAlgorithm = GetSm2PriKeyAlgorithm; returnPriKey->base.base.getEncoded = GetSm2PriKeyEncoded; - returnPriKey->base.base.getEncodedPem = GetSm2PriKeyEncodedPem; + returnPriKey->base.getEncodedPem = GetSm2PriKeyEncodedPem; returnPriKey->base.base.getFormat = GetSm2PriKeyFormat; returnPriKey->base.getAsyKeySpecBigInteger = GetSm2PriKeySpecBigInteger; returnPriKey->base.getAsyKeySpecString = GetSm2PriKeySpecString; diff --git a/test/unittest/src/crypto_rsa_asy_key_pem_test.cpp b/test/unittest/src/crypto_rsa_asy_key_pem_test.cpp index f734835..76b841f 100644 --- a/test/unittest/src/crypto_rsa_asy_key_pem_test.cpp +++ b/test/unittest/src/crypto_rsa_asy_key_pem_test.cpp @@ -22,6 +22,8 @@ #include "memory.h" #include "params_parser.h" #include "rsa_asy_key_generator_openssl.h" +#include "pri_key.h" +#include "securec.h" using namespace std; using namespace testing::ext; @@ -749,13 +751,13 @@ static void RsaAsyKeyPemTest1(const char *algoName, const char *priKeyPkcs1Str, EXPECT_EQ(res, HCF_SUCCESS); HcfPriKey *prikey = dupKeyPair->priKey; char *retStr = nullptr; - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS1", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS1", &retStr); EXPECT_EQ(res, HCF_SUCCESS); int32_t cmpRes = strcmp(retStr, priKeyPkcs1Str); EXPECT_EQ(cmpRes, HCF_SUCCESS); HcfFree(retStr); - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS8", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS8", &retStr); EXPECT_EQ(res, HCF_SUCCESS); cmpRes = strcmp(retStr, priKeyPkcs8Str); EXPECT_EQ(cmpRes, HCF_SUCCESS); @@ -777,13 +779,13 @@ static void RsaAsyKeyPemTest2(const char *algoName, const char *priKeyPkcs8Str, EXPECT_EQ(res, HCF_SUCCESS); HcfPriKey *prikey = dupKeyPair->priKey; char *retStr = nullptr; - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS1", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS1", &retStr); EXPECT_EQ(res, HCF_SUCCESS); int32_t cmpRes = strcmp(retStr, priKeyPkcs1Str); EXPECT_EQ(cmpRes, HCF_SUCCESS); HcfFree(retStr); - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS8", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS8", &retStr); EXPECT_EQ(res, HCF_SUCCESS); cmpRes = strcmp(retStr, priKeyPkcs8Str); EXPECT_EQ(cmpRes, HCF_SUCCESS); @@ -879,13 +881,13 @@ static void RsaAsyKeyPemTest5(const char *algoName, const char *pubKeyPkcs1Str, HcfPriKey *prikey = dupKeyPair->priKey; retStr = nullptr; - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS1", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS1", &retStr); EXPECT_EQ(res, HCF_SUCCESS); cmpRes = strcmp(retStr, priKeyPkcs1Str); EXPECT_EQ(cmpRes, HCF_SUCCESS); HcfFree(retStr); - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS8", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS8", &retStr); EXPECT_EQ(res, HCF_SUCCESS); cmpRes = strcmp(retStr, priKeyPkcs8Str); EXPECT_EQ(cmpRes, HCF_SUCCESS); @@ -923,13 +925,13 @@ static void RsaAsyKeyPemTest6(const char *algoName, const char *pubKeyPkcs1Str, HcfPriKey *prikey = dupKeyPair->priKey; retStr = nullptr; - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS1", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS1", &retStr); EXPECT_EQ(res, HCF_SUCCESS); cmpRes = strcmp(retStr, priKeyPkcs1Str); EXPECT_EQ(cmpRes, HCF_SUCCESS); HcfFree(retStr); - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS8", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS8", &retStr); EXPECT_EQ(res, HCF_SUCCESS); cmpRes = strcmp(retStr, priKeyPkcs8Str); EXPECT_EQ(cmpRes, HCF_SUCCESS); @@ -967,13 +969,13 @@ static void RsaAsyKeyPemTest7(const char *algoName, const char *pubKeyPkcs1Str, HcfPriKey *prikey = dupKeyPair->priKey; retStr = nullptr; - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS1", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS1", &retStr); EXPECT_EQ(res, HCF_SUCCESS); cmpRes = strcmp(retStr, priKeyPkcs1Str); EXPECT_EQ(cmpRes, HCF_SUCCESS); HcfFree(retStr); - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS8", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS8", &retStr); EXPECT_EQ(res, HCF_SUCCESS); cmpRes = strcmp(retStr, priKeyPkcs8Str); EXPECT_EQ(cmpRes, HCF_SUCCESS); @@ -1011,13 +1013,13 @@ static void RsaAsyKeyPemTest8(const char *algoName, const char *pubKeyPkcs1Str, HcfPriKey *prikey = dupKeyPair->priKey; retStr = nullptr; - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS1", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS1", &retStr); EXPECT_EQ(res, HCF_SUCCESS); cmpRes = strcmp(retStr, priKeyPkcs1Str); EXPECT_EQ(cmpRes, HCF_SUCCESS); HcfFree(retStr); - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS8", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS8", &retStr); EXPECT_EQ(res, HCF_SUCCESS); cmpRes = strcmp(retStr, priKeyPkcs8Str); EXPECT_EQ(cmpRes, HCF_SUCCESS); @@ -1227,15 +1229,15 @@ HWTEST_F(CryptoRsaAsyKeyPemTest, CryptoRsaAsyKeyPemErrorTest003, TestSize.Level0 EXPECT_NE(res, HCF_SUCCESS); HcfPriKey *prikey = dupKeyPair->priKey; - res = prikey->base.getEncodedPem(nullptr, "PKCS1", &retStr); + res = prikey->getEncodedPem(nullptr, nullptr, "PKCS1", &retStr); EXPECT_NE(res, HCF_SUCCESS); prikey = dupKeyPair->priKey; - res = prikey->base.getEncodedPem((HcfKey *)prikey, nullptr, &retStr); + res = prikey->getEncodedPem(prikey, nullptr, nullptr, &retStr); EXPECT_NE(res, HCF_SUCCESS); prikey = dupKeyPair->priKey; - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS1", nullptr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS1", nullptr); EXPECT_NE(res, HCF_SUCCESS); HcfObjDestroy(dupKeyPair); @@ -1273,19 +1275,19 @@ HWTEST_F(CryptoRsaAsyKeyPemTest, CryptoRsaAsyKeyPemErrorTest004, TestSize.Level0 EXPECT_NE(res, HCF_SUCCESS); HcfPriKey *prikey = dupKeyPair->priKey; - res = prikey->base.getEncodedPem((HcfKey *)prikey, "X509", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "X509", &retStr); EXPECT_NE(res, HCF_SUCCESS); prikey = dupKeyPair->priKey; - res = prikey->base.getEncodedPem((HcfKey *)prikey, "test", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "test", &retStr); EXPECT_NE(res, HCF_SUCCESS); prikey = dupKeyPair->priKey; - res = prikey->base.getEncodedPem((HcfKey *)prikey, "pkcs1", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "pkcs1", &retStr); EXPECT_NE(res, HCF_SUCCESS); prikey = dupKeyPair->priKey; - res = prikey->base.getEncodedPem((HcfKey *)prikey, "pkcs8", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "pkcs8", &retStr); EXPECT_NE(res, HCF_SUCCESS); HcfObjDestroy(dupKeyPair); @@ -1339,10 +1341,10 @@ HWTEST_F(CryptoRsaAsyKeyPemTest, CryptoRsaAsyKeyPemErrorTest006, TestSize.Level0 EXPECT_EQ(retStr, nullptr); HcfPriKey *prikey = keyPair->priKey; - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS1", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS1", &retStr); EXPECT_NE(res, HCF_SUCCESS); EXPECT_EQ(retStr, nullptr); - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS8", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS8", &retStr); EXPECT_NE(res, HCF_SUCCESS); EXPECT_EQ(retStr, nullptr); @@ -1372,10 +1374,10 @@ HWTEST_F(CryptoRsaAsyKeyPemTest, CryptoRsaAsyKeyPemErrorTest007, TestSize.Level0 EXPECT_EQ(retStr, nullptr); HcfPriKey *prikey = keyPair->priKey; - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS1", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS1", &retStr); EXPECT_NE(res, HCF_SUCCESS); EXPECT_EQ(retStr, nullptr); - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS8", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS8", &retStr); EXPECT_NE(res, HCF_SUCCESS); EXPECT_EQ(retStr, nullptr); @@ -1405,10 +1407,10 @@ HWTEST_F(CryptoRsaAsyKeyPemTest, CryptoRsaAsyKeyPemErrorTest008, TestSize.Level0 EXPECT_EQ(retStr, nullptr); HcfPriKey *prikey = keyPair->priKey; - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS1", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS1", &retStr); EXPECT_NE(res, HCF_SUCCESS); EXPECT_EQ(retStr, nullptr); - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS8", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS8", &retStr); EXPECT_NE(res, HCF_SUCCESS); EXPECT_EQ(retStr, nullptr); @@ -1438,10 +1440,10 @@ HWTEST_F(CryptoRsaAsyKeyPemTest, CryptoRsaAsyKeyPemErrorTest009, TestSize.Level0 EXPECT_EQ(retStr, nullptr); HcfPriKey *prikey = keyPair->priKey; - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS1", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS1", &retStr); EXPECT_NE(res, HCF_SUCCESS); EXPECT_EQ(retStr, nullptr); - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS8", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS8", &retStr); EXPECT_NE(res, HCF_SUCCESS); EXPECT_EQ(retStr, nullptr); @@ -1471,10 +1473,10 @@ HWTEST_F(CryptoRsaAsyKeyPemTest, CryptoRsaAsyKeyPemErrorTest010, TestSize.Level0 EXPECT_EQ(retStr, nullptr); HcfPriKey *prikey = keyPair->priKey; - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS1", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS1", &retStr); EXPECT_NE(res, HCF_SUCCESS); EXPECT_EQ(retStr, nullptr); - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS8", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS8", &retStr); EXPECT_NE(res, HCF_SUCCESS); EXPECT_EQ(retStr, nullptr); @@ -1504,10 +1506,10 @@ HWTEST_F(CryptoRsaAsyKeyPemTest, CryptoRsaAsyKeyPemErrorTest011, TestSize.Level0 EXPECT_EQ(retStr, nullptr); HcfPriKey *prikey = keyPair->priKey; - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS1", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS1", &retStr); EXPECT_NE(res, HCF_SUCCESS); EXPECT_EQ(retStr, nullptr); - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS8", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS8", &retStr); EXPECT_NE(res, HCF_SUCCESS); EXPECT_EQ(retStr, nullptr); @@ -1552,14 +1554,14 @@ HWTEST_F(CryptoRsaAsyKeyPemTest, CryptoRsaAsyKeyPemSpiTest001, TestSize.Level0) HcfPriKey *prikey = keyPair->priKey; retStr = nullptr; - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS1", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS1", &retStr); EXPECT_EQ(res, HCF_SUCCESS); cmpRes = strcmp(retStr, g_testPrikeyPkcs1Str2048.c_str()); EXPECT_EQ(cmpRes, HCF_SUCCESS); HcfFree(retStr); retStr = nullptr; - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS8", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS8", &retStr); EXPECT_EQ(res, HCF_SUCCESS); cmpRes = strcmp(retStr, g_testPrikeyPkcs8Str2048.c_str()); EXPECT_EQ(cmpRes, HCF_SUCCESS); @@ -1606,14 +1608,14 @@ HWTEST_F(CryptoRsaAsyKeyPemTest, CryptoRsaAsyKeyPemSpiTest002, TestSize.Level0) HcfPriKey *prikey = keyPair->priKey; retStr = nullptr; - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS1", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS1", &retStr); EXPECT_EQ(res, HCF_SUCCESS); cmpRes = strcmp(retStr, g_testPrikeyPkcs1Str1024.c_str()); EXPECT_EQ(cmpRes, HCF_SUCCESS); HcfFree(retStr); retStr = nullptr; - res = prikey->base.getEncodedPem((HcfKey *)prikey, "PKCS8", &retStr); + res = prikey->getEncodedPem(prikey, nullptr, "PKCS8", &retStr); EXPECT_EQ(res, HCF_SUCCESS); cmpRes = strcmp(retStr, g_testPrikeyPkcs8Str1024.c_str()); EXPECT_EQ(cmpRes, HCF_SUCCESS); @@ -1693,4 +1695,168 @@ HWTEST_F(CryptoRsaAsyKeyPemTest, CryptoRsaAsyKeySpecApiTest, TestSize.Level0) HcfObjDestroy(generator); HcfFree(priKeyBlob.data); } + +HWTEST_F(CryptoRsaAsyKeyPemTest, CryptoRsaAsyKeyEncodeTest, TestSize.Level0) +{ + HcfAsyKeyGenerator *generator = nullptr; + HcfResult res = HcfAsyKeyGeneratorCreate("RSA1024", &generator); + EXPECT_EQ(res, HCF_SUCCESS); + EXPECT_NE(generator, nullptr); + + HcfKeyPair *keyPair = nullptr; + res = generator->generateKeyPair(generator, nullptr, &keyPair); + EXPECT_EQ(res, HCF_SUCCESS); + + HcfKeyEncodingParamsSpec *spec = (HcfKeyEncodingParamsSpec *)HcfMalloc(sizeof(HcfKeyEncodingParamsSpec), 0); + ASSERT_NE(spec, nullptr); + spec->password = (char *)HcfMalloc(strlen("123456") + 1, 0); + ASSERT_NE(spec->password, nullptr); + (void)memcpy_s((void *)spec->password, strlen("123456") + 1, (const char *)"123456", strlen("123456") + 1); + spec->cipher = (char *)HcfMalloc(strlen("AES-128-CBC") + 1, 0); + ASSERT_NE(spec->cipher, nullptr); + (void)memcpy_s((void *)spec->cipher, strlen("AES-128-CBC") + 1, (const char *)"AES-128-CBC", strlen("AES-128-CBC") + 1); + + HcfParamsSpec *params = reinterpret_cast(spec); + + char *retStr = nullptr; + HcfPriKey *prikey = keyPair->priKey; + res = prikey->getEncodedPem((const HcfPriKey *)prikey, params, "PKCS8", &retStr); + EXPECT_EQ(res, HCF_SUCCESS); + + HcfFree((void *)spec); + + HcfKeyDecodingParamsSpec *decSpec = (HcfKeyDecodingParamsSpec *)HcfMalloc(sizeof(HcfKeyDecodingParamsSpec), 0); + ASSERT_NE(decSpec, nullptr); + decSpec->password = (char *)HcfMalloc(strlen("123456") + 1, 0); + ASSERT_NE(decSpec->password, nullptr); + (void)memcpy_s((void *)decSpec->password, strlen("123456") + 1, (const char *)"123456", strlen("123456") + 1); + + HcfParamsSpec *decParams = reinterpret_cast(decSpec); + HcfKeyPair *dupKeyPair = nullptr; + res = generator->convertPemKey(generator, decParams, nullptr, retStr, &dupKeyPair); + EXPECT_EQ(res, HCF_SUCCESS); + + HcfPriKey *prikey1 = dupKeyPair->priKey; + char *pkcs8Str = nullptr; + res = prikey1->getEncodedPem((const HcfPriKey *)prikey1, nullptr, "PKCS8", &pkcs8Str); + EXPECT_EQ(res, HCF_SUCCESS); + EXPECT_NE(pkcs8Str, nullptr); + + // 释放内存 + HcfFree((void *)decSpec); + HcfFree((void *)pkcs8Str); + + + HcfFree((void *)retStr); + HcfObjDestroy(keyPair); + HcfObjDestroy(dupKeyPair); + HcfObjDestroy(generator); +} + +HWTEST_F(CryptoRsaAsyKeyPemTest, CryptoRsaAsyKeyEncodeTest_DifferentCiphers, TestSize.Level0) +{ + HcfAsyKeyGenerator *generator = nullptr; + HcfResult res = HcfAsyKeyGeneratorCreate("RSA1024", &generator); + EXPECT_EQ(res, HCF_SUCCESS); + EXPECT_NE(generator, nullptr); + + HcfKeyPair *keyPair = nullptr; + res = generator->generateKeyPair(generator, nullptr, &keyPair); + EXPECT_EQ(res, HCF_SUCCESS); + + // 测试不同的加密算法 + const char* ciphers[] = {"AES-256-CBC", "DES-EDE3-CBC", "AES-192-CBC"}; + const char* passwords[] = {"test123", "password123!", "strongPW@999"}; + + for(int i = 0; i < 3; i++) { + HcfKeyEncodingParamsSpec *spec = (HcfKeyEncodingParamsSpec *)HcfMalloc(sizeof(HcfKeyEncodingParamsSpec), 0); + ASSERT_NE(spec, nullptr); + + spec->password = (char *)HcfMalloc(strlen(passwords[i]) + 1, 0); + ASSERT_NE(spec->password, nullptr); + (void)memcpy_s((void *)spec->password, strlen(passwords[i]) + 1, (const char *)passwords[i], strlen(passwords[i]) + 1); + + spec->cipher = (char *)HcfMalloc(strlen(ciphers[i]) + 1, 0); + ASSERT_NE(spec->cipher, nullptr); + (void)memcpy_s((void *)spec->cipher, strlen(ciphers[i]) + 1, (const char *)ciphers[i], strlen(ciphers[i]) + 1); + + HcfParamsSpec *params = reinterpret_cast(spec); + + char *retStr = nullptr; + HcfPriKey *prikey = keyPair->priKey; + res = prikey->getEncodedPem((const HcfPriKey *)prikey, params, "PKCS8", &retStr); + EXPECT_EQ(res, HCF_SUCCESS); + + // 解密测试 + HcfKeyDecodingParamsSpec *decSpec = (HcfKeyDecodingParamsSpec *)HcfMalloc(sizeof(HcfKeyDecodingParamsSpec), 0); + ASSERT_NE(decSpec, nullptr); + decSpec->password = (char *)HcfMalloc(strlen(passwords[i]) + 1, 0); + ASSERT_NE(decSpec->password, nullptr); + (void)memcpy_s((void *)decSpec->password, strlen(passwords[i]) + 1, (const char *)passwords[i], strlen(passwords[i]) + 1); + + HcfParamsSpec *decParams = reinterpret_cast(decSpec); + HcfKeyPair *dupKeyPair = nullptr; + res = generator->convertPemKey(generator, decParams, nullptr, retStr, &dupKeyPair); + EXPECT_EQ(res, HCF_SUCCESS); + + // 清理内存 + HcfFree((void *)spec); + HcfFree((void *)decSpec); + HcfFree((void *)retStr); + HcfObjDestroy(dupKeyPair); + } + + HcfObjDestroy(keyPair); + HcfObjDestroy(generator); +} + +HWTEST_F(CryptoRsaAsyKeyPemTest, CryptoRsaAsyKeyEncodeTest_WrongPassword, TestSize.Level0) +{ + HcfAsyKeyGenerator *generator = nullptr; + HcfResult res = HcfAsyKeyGeneratorCreate("RSA1024", &generator); + EXPECT_EQ(res, HCF_SUCCESS); + EXPECT_NE(generator, nullptr); + + HcfKeyPair *keyPair = nullptr; + res = generator->generateKeyPair(generator, nullptr, &keyPair); + EXPECT_EQ(res, HCF_SUCCESS); + + // 加密 + HcfKeyEncodingParamsSpec *spec = (HcfKeyEncodingParamsSpec *)HcfMalloc(sizeof(HcfKeyEncodingParamsSpec), 0); + ASSERT_NE(spec, nullptr); + spec->password = (char *)HcfMalloc(strlen("correctPW") + 1, 0); + ASSERT_NE(spec->password, nullptr); + (void)memcpy_s((void *)spec->password, strlen("correctPW") + 1, (const char *)"correctPW", strlen("correctPW") + 1); + + spec->cipher = (char *)HcfMalloc(strlen("AES-128-CBC") + 1, 0); + ASSERT_NE(spec->cipher, nullptr); + (void)memcpy_s((void *)spec->cipher, strlen("AES-128-CBC") + 1, (const char *)"AES-128-CBC", strlen("AES-128-CBC") + 1); + + HcfParamsSpec *params = reinterpret_cast(spec); + + char *retStr = nullptr; + HcfPriKey *prikey = keyPair->priKey; + res = prikey->getEncodedPem((const HcfPriKey *)prikey, params, "PKCS8", &retStr); + EXPECT_EQ(res, HCF_SUCCESS); + + // 使用错误密码解密 + HcfKeyDecodingParamsSpec *decSpec = (HcfKeyDecodingParamsSpec *)HcfMalloc(sizeof(HcfKeyDecodingParamsSpec), 0); + ASSERT_NE(decSpec, nullptr); + decSpec->password = (char *)HcfMalloc(strlen("wrongPW") + 1, 0); + ASSERT_NE(decSpec->password, nullptr); + (void)memcpy_s((void *)decSpec->password, strlen("wrongPW") + 1, (const char *)"wrongPW", strlen("wrongPW") + 1); + + HcfParamsSpec *decParams = reinterpret_cast(decSpec); + HcfKeyPair *dupKeyPair = nullptr; + res = generator->convertPemKey(generator, decParams, nullptr, retStr, &dupKeyPair); + EXPECT_NE(res, HCF_SUCCESS); // 期望解密失败 + EXPECT_EQ(dupKeyPair, nullptr); + + // 清理内存 + HcfFree((void *)spec); + HcfFree((void *)decSpec); + HcfFree((void *)retStr); + HcfObjDestroy(keyPair); + HcfObjDestroy(generator); +} } -- Gitee From 3faffe60a2e79743dd5d8b24c269c23abac74dc8 Mon Sep 17 00:00:00 2001 From: lcc Date: Thu, 28 Nov 2024 09:29:48 +0800 Subject: [PATCH 3/4] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=A3=80=E8=A7=86?= =?UTF-8?q?=E6=84=8F=E8=A7=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: lcc --- .../inc/napi_crypto_framework_defines.h | 2 +- frameworks/js/napi/crypto/src/napi_utils.cpp | 51 +++++++++---------- 2 files changed, 26 insertions(+), 27 deletions(-) diff --git a/frameworks/js/napi/crypto/inc/napi_crypto_framework_defines.h b/frameworks/js/napi/crypto/inc/napi_crypto_framework_defines.h index 4678886..0974a4e 100644 --- a/frameworks/js/napi/crypto/inc/napi_crypto_framework_defines.h +++ b/frameworks/js/napi/crypto/inc/napi_crypto_framework_defines.h @@ -55,7 +55,7 @@ const std::string IV_PARAMS = "iv"; const std::string AAD_PARAMS = "aad"; const std::string AUTHTAG_PARAMS = "authTag"; const std::string ALGO_PARAMS = "algName"; -const std::string PASSWD_PARAMS = "passWord"; +const std::string PASSWD_PARAMS = "password"; const std::string CIPHER_PARAMS = "cipherName"; const std::string ALGO_PARAMS_OLD = "algoName"; const std::string IV_PARAMS_SPEC = "IvParamsSpec"; diff --git a/frameworks/js/napi/crypto/src/napi_utils.cpp b/frameworks/js/napi/crypto/src/napi_utils.cpp index 3d67ff2..9d03df2 100644 --- a/frameworks/js/napi/crypto/src/napi_utils.cpp +++ b/frameworks/js/napi/crypto/src/napi_utils.cpp @@ -579,9 +579,17 @@ static bool GetCharArrayFromJsString(napi_env env, napi_value arg, HcfBlob *retB return true; } -static bool InitEncodingParams(napi_env env, napi_value passWd, napi_value cipher, - HcfKeyEncodingParamsSpec *spec, HcfBlob *tmpPw, HcfBlob *tmpCipher) +static bool InitEncodingParams(napi_env env, napi_value arg, HcfKeyEncodingParamsSpec *spec, HcfBlob *tmpPw, + HcfBlob *tmpCipher) { + napi_value passWd = GetDetailAsyKeySpecValue(env, arg, PASSWD_PARAMS); + napi_value cipher = GetDetailAsyKeySpecValue(env, arg, CIPHER_PARAMS); + if ((passWd == nullptr) || (cipher == nullptr)) { + LOGE("Invalid params."); + HcfFree(encodingParamsSpec); + return false; + } + if (!GetCharArrayFromJsString(env, passWd, tmpPw)) { LOGE("Failed to get passWord string from napi!"); return false; @@ -589,30 +597,28 @@ static bool InitEncodingParams(napi_env env, napi_value passWd, napi_value ciphe if (!GetCharArrayFromJsString(env, cipher, tmpCipher)) { LOGE("Failed to get cipher string from napi!"); - HcfBlobDataFree(tmpPw); + HcfBlobDataClearAndFree(tmpPw); return false; } spec->cipher = reinterpret_cast(HcfMalloc(tmpCipher->len, 0)); spec->password = reinterpret_cast(HcfMalloc(tmpPw->len, 0)); - if (!spec->cipher || !spec->password) { + if ((spec->cipher == nullptr) || (spec->password == nullptr)) { LOGE("malloc cipher or password failed!"); - HcfBlobDataFree(tmpPw); - HcfBlobDataFree(tmpCipher); - if (spec->cipher) { - HcfFree((void*)spec->cipher); - } - if (spec->password) { - HcfFree((void*)spec->password); - } + HcfBlobDataClearAndFree(tmpPw); + HcfBlobDataClearAndFree(tmpCipher); + HcfFree(reinterpret_cast(spec->cipher)); + HcfFree(reinterpret_cast(spec->password)); return false; } - if (memcpy_s((void *)spec->cipher, tmpCipher->len, + if (memcpy_s(reinterpret_cast(spec->cipher), tmpCipher->len, reinterpret_cast(tmpCipher->data), tmpCipher->len) != EOK || - memcpy_s((void *)spec->password, tmpPw->len, + memcpy_s(reinterpret_cast(spec->password), tmpPw->len, reinterpret_cast(tmpPw->data), tmpPw->len) != EOK) { - return false; + HcfBlobDataClearAndFree(tmpPw); + HcfBlobDataClearAndFree(tmpCipher); + return false; } return true; } @@ -631,16 +637,9 @@ bool GetEncodingParamsSpec(napi_env env, napi_value arg, HcfParamsSpec **returnS return false; } - napi_value passWd = GetDetailAsyKeySpecValue(env, arg, PASSWD_PARAMS); - napi_value cipher = GetDetailAsyKeySpecValue(env, arg, CIPHER_PARAMS); - if ((passWd == nullptr) || (cipher == nullptr)) { - LOGE("Invalid params."); - HcfFree(encodingParamsSpec); - return false; - } HcfBlob tmpPw = { .data = nullptr, .len = 0 }; HcfBlob tmpCipher = { .data = nullptr, .len = 0 }; - if (!InitEncodingParams(env, passWd, cipher, encodingParamsSpec, &tmpPw, &tmpCipher)) { + if (!InitEncodingParams(env, arg, encodingParamsSpec, &tmpPw, &tmpCipher)) { LOGE("Failed to get passWord string from napi!"); HcfFree(encodingParamsSpec); return false; @@ -688,7 +687,7 @@ static HcfBlob *GetBlobFromStringJSParams(napi_env env, napi_value arg) if (napi_get_value_string_utf8(env, arg, reinterpret_cast(newBlob->data), newBlob->len, &length) != napi_ok) { LOGE("can not get string value"); - HcfFree(newBlob->data); + HcfBlobDataClearAndFree(newBlob); HcfFree(newBlob); return nullptr; } @@ -713,12 +712,12 @@ bool GetDecodingParamsSpec(napi_env env, napi_value arg, HcfParamsSpec **returnS } if (tmpPw->len > PASSWORD_MAX_LENGTH) { LOGE("Password length exceeds max length limit of 4096 bytes!"); - HcfBlobDataFree(tmpPw); + HcfBlobDataClearAndFree(tmpPw); HcfFree(decodingParamsSpec); return false; } decodingParamsSpec->password = reinterpret_cast(HcfMalloc(tmpPw->len, 0)); - (void)memcpy_s((void *)decodingParamsSpec->password, tmpPw->len, + (void)memcpy_s(reinterpret_cast(decodingParamsSpec->password), tmpPw->len, reinterpret_cast(tmpPw->data), tmpPw->len); *returnSpec = reinterpret_cast(decodingParamsSpec); HcfBlobDataClearAndFree(tmpPw); -- Gitee From e75d06706df8952d23a7c36145820698c29ca515 Mon Sep 17 00:00:00 2001 From: lcc Date: Fri, 29 Nov 2024 10:51:29 +0800 Subject: [PATCH 4/4] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=A3=80=E8=A7=86?= =?UTF-8?q?=E6=84=8F=E8=A7=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: lcc --- .../crypto/src/napi_asy_key_generator.cpp | 1 + frameworks/js/napi/crypto/src/napi_utils.cpp | 30 +++-------- .../src/rsa_asy_key_generator_openssl.c | 39 +++++++++----- .../src/crypto_rsa_asy_key_pem_test.cpp | 52 +++++++++---------- 4 files changed, 59 insertions(+), 63 deletions(-) diff --git a/frameworks/js/napi/crypto/src/napi_asy_key_generator.cpp b/frameworks/js/napi/crypto/src/napi_asy_key_generator.cpp index 07a622f..6f529e9 100644 --- a/frameworks/js/napi/crypto/src/napi_asy_key_generator.cpp +++ b/frameworks/js/napi/crypto/src/napi_asy_key_generator.cpp @@ -880,6 +880,7 @@ napi_value NapiAsyKeyGenerator::JsConvertPemKeySync(napi_env env, napi_callback_ std::string priKey; HcfParamsSpec *paramsSpec = nullptr; if (!ValidateAndGetParams(env, info, pubKey, priKey, ¶msSpec)) { + napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "invalid parameters.")); return NapiGetNull(env); } diff --git a/frameworks/js/napi/crypto/src/napi_utils.cpp b/frameworks/js/napi/crypto/src/napi_utils.cpp index 9d03df2..c97b6c0 100644 --- a/frameworks/js/napi/crypto/src/napi_utils.cpp +++ b/frameworks/js/napi/crypto/src/napi_utils.cpp @@ -586,7 +586,6 @@ static bool InitEncodingParams(napi_env env, napi_value arg, HcfKeyEncodingParam napi_value cipher = GetDetailAsyKeySpecValue(env, arg, CIPHER_PARAMS); if ((passWd == nullptr) || (cipher == nullptr)) { LOGE("Invalid params."); - HcfFree(encodingParamsSpec); return false; } @@ -601,25 +600,12 @@ static bool InitEncodingParams(napi_env env, napi_value arg, HcfKeyEncodingParam return false; } - spec->cipher = reinterpret_cast(HcfMalloc(tmpCipher->len, 0)); - spec->password = reinterpret_cast(HcfMalloc(tmpPw->len, 0)); + spec->cipher = reinterpret_cast(tmpCipher->data); + spec->password = reinterpret_cast(tmpPw->data); if ((spec->cipher == nullptr) || (spec->password == nullptr)) { - LOGE("malloc cipher or password failed!"); - HcfBlobDataClearAndFree(tmpPw); - HcfBlobDataClearAndFree(tmpCipher); - HcfFree(reinterpret_cast(spec->cipher)); - HcfFree(reinterpret_cast(spec->password)); + LOGE("cipher or password data is null!"); return false; } - - if (memcpy_s(reinterpret_cast(spec->cipher), tmpCipher->len, - reinterpret_cast(tmpCipher->data), tmpCipher->len) != EOK || - memcpy_s(reinterpret_cast(spec->password), tmpPw->len, - reinterpret_cast(tmpPw->data), tmpPw->len) != EOK) { - HcfBlobDataClearAndFree(tmpPw); - HcfBlobDataClearAndFree(tmpCipher); - return false; - } return true; } @@ -645,8 +631,6 @@ bool GetEncodingParamsSpec(napi_env env, napi_value arg, HcfParamsSpec **returnS return false; } *returnSpec = reinterpret_cast(encodingParamsSpec); - HcfBlobDataClearAndFree(&tmpPw); - HcfBlobDataClearAndFree(&tmpCipher); return true; } @@ -716,11 +700,11 @@ bool GetDecodingParamsSpec(napi_env env, napi_value arg, HcfParamsSpec **returnS HcfFree(decodingParamsSpec); return false; } - decodingParamsSpec->password = reinterpret_cast(HcfMalloc(tmpPw->len, 0)); - (void)memcpy_s(reinterpret_cast(decodingParamsSpec->password), tmpPw->len, - reinterpret_cast(tmpPw->data), tmpPw->len); + decodingParamsSpec->password = reinterpret_cast(tmpPw->data); + tmpPw->data = nullptr; + *returnSpec = reinterpret_cast(decodingParamsSpec); - HcfBlobDataClearAndFree(tmpPw); + HcfFree(tmpPw); return true; } diff --git a/plugin/openssl_plugin/key/asy_key_generator/src/rsa_asy_key_generator_openssl.c b/plugin/openssl_plugin/key/asy_key_generator/src/rsa_asy_key_generator_openssl.c index 71189bd..37f6d0f 100644 --- a/plugin/openssl_plugin/key/asy_key_generator/src/rsa_asy_key_generator_openssl.c +++ b/plugin/openssl_plugin/key/asy_key_generator/src/rsa_asy_key_generator_openssl.c @@ -78,7 +78,7 @@ typedef struct { static const char *g_supportedCiphers[] = { "DES-EDE3-CBC", "AES-128-CBC", - "AES-192-CBC", + "AES-192-CBC", "AES-256-CBC" }; @@ -686,18 +686,35 @@ static HcfResult GetPriKeyPem(const char *format, EVP_PKEY *pkey, const EVP_CIPH return HCF_SUCCESS; } -static HcfResult GetPriKeyEncodedPem(const HcfPriKey *self, HcfParamsSpec *params, const char *format, - char **returnString) +static HcfResult ValidateInputParams(const HcfPriKey *self, const char *format, char **returnString) { - if (self == NULL || format == NULL|| returnString == NULL) { + if (self == NULL || format == NULL || returnString == NULL) { LOGE("param is null."); return HCF_INVALID_PARAMS; } - if (!HcfIsClassMatch((HcfObjectBase *)self, OPENSSL_RSA_PRIKEY_CLASS)) { LOGE("Class not match."); return HCF_INVALID_PARAMS; } + return HCF_SUCCESS; +} + +static void CleanupParams(HcfParamsSpec *params) +{ + if (params != NULL) { + HcfKeyEncodingParamsSpec *spec = (HcfKeyEncodingParamsSpec *)params; + HcfFree((void *)spec->cipher); + HcfFree((void *)spec->password); + } +} + +static HcfResult GetPriKeyEncodedPem(const HcfPriKey *self, HcfParamsSpec *params, const char *format, + char **returnString) +{ + HcfResult result = ValidateInputParams(self, format, returnString); + if (result != HCF_SUCCESS) { + return result; + } HcfOpensslRsaPriKey *impl = (HcfOpensslRsaPriKey *)self; EVP_PKEY *pkey = NewEvpPkeyByRsa(impl->sk, true); @@ -713,6 +730,7 @@ static HcfResult GetPriKeyEncodedPem(const HcfPriKey *self, HcfParamsSpec *param const char *cipherStr = spec->cipher; if (!IsCipherSupported(cipherStr)) { LOGE("Cipher algorithm %s not supported", cipherStr); + CleanupParams(params); OpensslEvpPkeyFree(pkey); return HCF_NOT_SUPPORT; } @@ -720,19 +738,14 @@ static HcfResult GetPriKeyEncodedPem(const HcfPriKey *self, HcfParamsSpec *param passWord = spec->password; } - HcfResult result = GetPriKeyPem(format, pkey, cipher, passWord, returnString); + result = GetPriKeyPem(format, pkey, cipher, passWord, returnString); if (result != HCF_SUCCESS) { LOGE("GetPriKeyPem failed."); + CleanupParams(params); OpensslEvpPkeyFree(pkey); return result; } - - if (params != NULL) { - HcfKeyEncodingParamsSpec *spec = (HcfKeyEncodingParamsSpec *)params; - HcfFree((void *)spec->cipher); - HcfFree((void *)spec->password); - } - + CleanupParams(params); OpensslEvpPkeyFree(pkey); return HCF_SUCCESS; } diff --git a/test/unittest/src/crypto_rsa_asy_key_pem_test.cpp b/test/unittest/src/crypto_rsa_asy_key_pem_test.cpp index 76b841f..8ad2be8 100644 --- a/test/unittest/src/crypto_rsa_asy_key_pem_test.cpp +++ b/test/unittest/src/crypto_rsa_asy_key_pem_test.cpp @@ -1714,16 +1714,17 @@ HWTEST_F(CryptoRsaAsyKeyPemTest, CryptoRsaAsyKeyEncodeTest, TestSize.Level0) (void)memcpy_s((void *)spec->password, strlen("123456") + 1, (const char *)"123456", strlen("123456") + 1); spec->cipher = (char *)HcfMalloc(strlen("AES-128-CBC") + 1, 0); ASSERT_NE(spec->cipher, nullptr); - (void)memcpy_s((void *)spec->cipher, strlen("AES-128-CBC") + 1, (const char *)"AES-128-CBC", strlen("AES-128-CBC") + 1); + (void)memcpy_s((void *)spec->cipher, strlen("AES-128-CBC") + 1, + (const char *)"AES-128-CBC", strlen("AES-128-CBC") + 1); HcfParamsSpec *params = reinterpret_cast(spec); char *retStr = nullptr; HcfPriKey *prikey = keyPair->priKey; - res = prikey->getEncodedPem((const HcfPriKey *)prikey, params, "PKCS8", &retStr); + res = prikey->getEncodedPem(prikey, params, "PKCS8", &retStr); EXPECT_EQ(res, HCF_SUCCESS); - HcfFree((void *)spec); + HcfFree(spec); HcfKeyDecodingParamsSpec *decSpec = (HcfKeyDecodingParamsSpec *)HcfMalloc(sizeof(HcfKeyDecodingParamsSpec), 0); ASSERT_NE(decSpec, nullptr); @@ -1742,12 +1743,11 @@ HWTEST_F(CryptoRsaAsyKeyPemTest, CryptoRsaAsyKeyEncodeTest, TestSize.Level0) EXPECT_EQ(res, HCF_SUCCESS); EXPECT_NE(pkcs8Str, nullptr); - // 释放内存 - HcfFree((void *)decSpec); - HcfFree((void *)pkcs8Str); + HcfFree(decSpec); + HcfFree(pkcs8Str); - HcfFree((void *)retStr); + HcfFree(retStr); HcfObjDestroy(keyPair); HcfObjDestroy(dupKeyPair); HcfObjDestroy(generator); @@ -1764,17 +1764,17 @@ HWTEST_F(CryptoRsaAsyKeyPemTest, CryptoRsaAsyKeyEncodeTest_DifferentCiphers, Tes res = generator->generateKeyPair(generator, nullptr, &keyPair); EXPECT_EQ(res, HCF_SUCCESS); - // 测试不同的加密算法 const char* ciphers[] = {"AES-256-CBC", "DES-EDE3-CBC", "AES-192-CBC"}; const char* passwords[] = {"test123", "password123!", "strongPW@999"}; - for(int i = 0; i < 3; i++) { + for (int i = 0; i < 3; i++) { HcfKeyEncodingParamsSpec *spec = (HcfKeyEncodingParamsSpec *)HcfMalloc(sizeof(HcfKeyEncodingParamsSpec), 0); ASSERT_NE(spec, nullptr); spec->password = (char *)HcfMalloc(strlen(passwords[i]) + 1, 0); ASSERT_NE(spec->password, nullptr); - (void)memcpy_s((void *)spec->password, strlen(passwords[i]) + 1, (const char *)passwords[i], strlen(passwords[i]) + 1); + (void)memcpy_s((void *)spec->password, strlen(passwords[i]) + 1, + (const char *)passwords[i], strlen(passwords[i]) + 1); spec->cipher = (char *)HcfMalloc(strlen(ciphers[i]) + 1, 0); ASSERT_NE(spec->cipher, nullptr); @@ -1787,30 +1787,29 @@ HWTEST_F(CryptoRsaAsyKeyPemTest, CryptoRsaAsyKeyEncodeTest_DifferentCiphers, Tes res = prikey->getEncodedPem((const HcfPriKey *)prikey, params, "PKCS8", &retStr); EXPECT_EQ(res, HCF_SUCCESS); - // 解密测试 HcfKeyDecodingParamsSpec *decSpec = (HcfKeyDecodingParamsSpec *)HcfMalloc(sizeof(HcfKeyDecodingParamsSpec), 0); ASSERT_NE(decSpec, nullptr); decSpec->password = (char *)HcfMalloc(strlen(passwords[i]) + 1, 0); ASSERT_NE(decSpec->password, nullptr); - (void)memcpy_s((void *)decSpec->password, strlen(passwords[i]) + 1, (const char *)passwords[i], strlen(passwords[i]) + 1); + (void)memcpy_s((void *)decSpec->password, strlen(passwords[i]) + 1, + (const char *)passwords[i], strlen(passwords[i]) + 1); HcfParamsSpec *decParams = reinterpret_cast(decSpec); HcfKeyPair *dupKeyPair = nullptr; res = generator->convertPemKey(generator, decParams, nullptr, retStr, &dupKeyPair); EXPECT_EQ(res, HCF_SUCCESS); - // 清理内存 - HcfFree((void *)spec); - HcfFree((void *)decSpec); - HcfFree((void *)retStr); + HcfFree(spec); + HcfFree(decSpec); + HcfFree(retStr); HcfObjDestroy(dupKeyPair); } HcfObjDestroy(keyPair); - HcfObjDestroy(generator); + HcfObjDestroy(generator); } -HWTEST_F(CryptoRsaAsyKeyPemTest, CryptoRsaAsyKeyEncodeTest_WrongPassword, TestSize.Level0) +HWTEST_F(CryptoRsaAsyKeyPemTest, CryptoRsaAsyKeyEncodeTest_WrongPassword, TestSize.Level0) { HcfAsyKeyGenerator *generator = nullptr; HcfResult res = HcfAsyKeyGeneratorCreate("RSA1024", &generator); @@ -1821,16 +1820,17 @@ HWTEST_F(CryptoRsaAsyKeyPemTest, CryptoRsaAsyKeyEncodeTest_WrongPassword, TestSi res = generator->generateKeyPair(generator, nullptr, &keyPair); EXPECT_EQ(res, HCF_SUCCESS); - // 加密 HcfKeyEncodingParamsSpec *spec = (HcfKeyEncodingParamsSpec *)HcfMalloc(sizeof(HcfKeyEncodingParamsSpec), 0); ASSERT_NE(spec, nullptr); spec->password = (char *)HcfMalloc(strlen("correctPW") + 1, 0); ASSERT_NE(spec->password, nullptr); - (void)memcpy_s((void *)spec->password, strlen("correctPW") + 1, (const char *)"correctPW", strlen("correctPW") + 1); + (void)memcpy_s((void *)spec->password, strlen("correctPW") + 1, + (const char *)"correctPW", strlen("correctPW") + 1); spec->cipher = (char *)HcfMalloc(strlen("AES-128-CBC") + 1, 0); ASSERT_NE(spec->cipher, nullptr); - (void)memcpy_s((void *)spec->cipher, strlen("AES-128-CBC") + 1, (const char *)"AES-128-CBC", strlen("AES-128-CBC") + 1); + (void)memcpy_s((void *)spec->cipher, strlen("AES-128-CBC") + 1, + (const char *)"AES-128-CBC", strlen("AES-128-CBC") + 1); HcfParamsSpec *params = reinterpret_cast(spec); @@ -1839,7 +1839,6 @@ HWTEST_F(CryptoRsaAsyKeyPemTest, CryptoRsaAsyKeyEncodeTest_WrongPassword, TestSi res = prikey->getEncodedPem((const HcfPriKey *)prikey, params, "PKCS8", &retStr); EXPECT_EQ(res, HCF_SUCCESS); - // 使用错误密码解密 HcfKeyDecodingParamsSpec *decSpec = (HcfKeyDecodingParamsSpec *)HcfMalloc(sizeof(HcfKeyDecodingParamsSpec), 0); ASSERT_NE(decSpec, nullptr); decSpec->password = (char *)HcfMalloc(strlen("wrongPW") + 1, 0); @@ -1849,13 +1848,12 @@ HWTEST_F(CryptoRsaAsyKeyPemTest, CryptoRsaAsyKeyEncodeTest_WrongPassword, TestSi HcfParamsSpec *decParams = reinterpret_cast(decSpec); HcfKeyPair *dupKeyPair = nullptr; res = generator->convertPemKey(generator, decParams, nullptr, retStr, &dupKeyPair); - EXPECT_NE(res, HCF_SUCCESS); // 期望解密失败 + EXPECT_NE(res, HCF_SUCCESS); EXPECT_EQ(dupKeyPair, nullptr); - // 清理内存 - HcfFree((void *)spec); - HcfFree((void *)decSpec); - HcfFree((void *)retStr); + HcfFree(spec); + HcfFree(decSpec); + HcfFree(retStr); HcfObjDestroy(keyPair); HcfObjDestroy(generator); } -- Gitee