diff --git a/frameworks/js/ani/src/ani_cipher.cpp b/frameworks/js/ani/src/ani_cipher.cpp index e4495dee76eab446b038ea13f06217b8e101bc7f..287a286b4229a6eb048ea88837c9e20608b93906 100644 --- a/frameworks/js/ani/src/ani_cipher.cpp +++ b/frameworks/js/ani/src/ani_cipher.cpp @@ -87,7 +87,7 @@ OptStrUint8Arr GetCipherSpecString(HcfCipher *cipher, HcfCipherSpecItem item) return OptStrUint8Arr::make_STRING(""); } string data = string(str); - HcfFree(str); + HCF_FREE_PTR(str); return OptStrUint8Arr::make_STRING(data); } diff --git a/frameworks/js/ani/src/ani_dh_key_util.cpp b/frameworks/js/ani/src/ani_dh_key_util.cpp index 740f1d9a1739c5dca93fb599074a462b754ded41..2df8c111b4a140c1ddcd4369c46a3bb8a8f91474 100644 --- a/frameworks/js/ani/src/ani_dh_key_util.cpp +++ b/frameworks/js/ani/src/ani_dh_key_util.cpp @@ -37,7 +37,8 @@ DHCommonParamsSpec GenDHCommonParamsSpec(int32_t pLen, optional_view sk dh.l = dhCommParamsSpec->length; BigIntegerToArrayU8(dhCommParamsSpec->p, dh.p); BigIntegerToArrayU8(dhCommParamsSpec->g, dh.g); - HcfObjDestroy(dhCommParamsSpec); + FreeDhCommParamsSpec(dhCommParamsSpec); + HCF_FREE_PTR(dhCommParamsSpec); return dh; } } // namespace ANI::CryptoFramework diff --git a/frameworks/js/ani/src/ani_ecc_key_util.cpp b/frameworks/js/ani/src/ani_ecc_key_util.cpp index e2ab9c3f3a11c8021c1b869b5f2cf8bf6a7dc208..bf936d401a1ce44a859a9deed4434836e901ddc8 100644 --- a/frameworks/js/ani/src/ani_ecc_key_util.cpp +++ b/frameworks/js/ani/src/ani_ecc_key_util.cpp @@ -44,7 +44,8 @@ ECCCommonParamsSpec GenECCCommonParamsSpec(string_view curveName) BigIntegerToArrayU8(eccCommParamsSpec->g.x, ecc.g.x); BigIntegerToArrayU8(eccCommParamsSpec->g.y, ecc.g.y); BigIntegerToArrayU8(eccCommParamsSpec->n, ecc.n); - HcfObjDestroy(eccCommParamsSpec); + FreeEccCommParamsSpec(eccCommParamsSpec); + HCF_FREE_PTR(eccCommParamsSpec); return ecc; } diff --git a/frameworks/js/ani/src/ani_kdf.cpp b/frameworks/js/ani/src/ani_kdf.cpp index c0611c9e7aa0160107f090d09d21471f7b46b7f6..08869d732a1d1f88b6e441e37010c03af504d690 100644 --- a/frameworks/js/ani/src/ani_kdf.cpp +++ b/frameworks/js/ani/src/ani_kdf.cpp @@ -25,8 +25,11 @@ const std::string PBKDF2_ALG_NAME = "PBKDF2"; const std::string HKDF_ALG_NAME = "HKDF"; const std::string SCRYPT_ALG_NAME = "SCRYPT"; -void SetPBKDF2ParamsSpecAttribute(const PBKDF2Spec ¶ms, HcfPBKDF2ParamsSpec &pbkdf2Spec, HcfBlob &outBlob) +bool SetPBKDF2ParamsSpecAttribute(const PBKDF2Spec ¶ms, HcfPBKDF2ParamsSpec &pbkdf2Spec, HcfBlob &outBlob) { + if (params.keySize < 0) { + return false; + } pbkdf2Spec.base.algName = params.base.algName.c_str(); if (params.password.get_tag() == OptStrUint8Arr::tag_t::STRING) { StringToDataBlob(params.password.get_STRING_ref(), pbkdf2Spec.password); @@ -39,10 +42,14 @@ void SetPBKDF2ParamsSpecAttribute(const PBKDF2Spec ¶ms, HcfPBKDF2ParamsSpec outBlob.data = static_cast(HcfMalloc(keySize, 0)); outBlob.len = (outBlob.data == nullptr) ? 0 : keySize; pbkdf2Spec.output = outBlob; + return true; } -void SetHkdfParamsSpecAttribute(const HKDFSpec ¶ms, HcfHkdfParamsSpec &hkdfSpec, HcfBlob &outBlob) +bool SetHkdfParamsSpecAttribute(const HKDFSpec ¶ms, HcfHkdfParamsSpec &hkdfSpec, HcfBlob &outBlob) { + if (params.keySize < 0) { + return false; + } hkdfSpec.base.algName = params.base.algName.c_str(); if (params.key.get_tag() == OptStrUint8Arr::tag_t::STRING) { StringToDataBlob(params.key.get_STRING_ref(), hkdfSpec.key); @@ -55,10 +62,14 @@ void SetHkdfParamsSpecAttribute(const HKDFSpec ¶ms, HcfHkdfParamsSpec &hkdfS outBlob.data = static_cast(HcfMalloc(keySize, 0)); outBlob.len = (outBlob.data == nullptr) ? 0 : keySize; hkdfSpec.output = outBlob; + return true; } -void SetScryptParamsSpecAttribute(const ScryptSpec ¶ms, HcfScryptParamsSpec &scryptSpec, HcfBlob &outBlob) +bool SetScryptParamsSpecAttribute(const ScryptSpec ¶ms, HcfScryptParamsSpec &scryptSpec, HcfBlob &outBlob) { + if (params.keySize < 0 || params.n < 0 || params.r < 0 || params.p < 0 || params.maxMemory < 0) { + return false; + } scryptSpec.base.algName = params.base.algName.c_str(); if (params.passphrase.get_tag() == OptStrUint8Arr::tag_t::STRING) { StringToDataBlob(params.passphrase.get_STRING_ref(), scryptSpec.passPhrase); @@ -74,6 +85,7 @@ void SetScryptParamsSpecAttribute(const ScryptSpec ¶ms, HcfScryptParamsSpec outBlob.data = static_cast(HcfMalloc(keySize, 0)); outBlob.len = (outBlob.data == nullptr) ? 0 : keySize; scryptSpec.output = outBlob; + return true; } } // namespace @@ -100,16 +112,18 @@ DataBlob KdfImpl::GenerateSecretSync(OptExtKdfSpec const& params) HcfScryptParamsSpec scryptSpec = {}; HcfBlob outBlob = {}; const std::string &algName = params.get_KDFSPEC_ref().algName.c_str(); + bool flag = false; if (params.get_tag() == OptExtKdfSpec::tag_t::PBKDF2SPEC && algName == PBKDF2_ALG_NAME) { - SetPBKDF2ParamsSpecAttribute(params.get_PBKDF2SPEC_ref(), pbkdf2Spec, outBlob); + flag = SetPBKDF2ParamsSpecAttribute(params.get_PBKDF2SPEC_ref(), pbkdf2Spec, outBlob); paramsSpec = reinterpret_cast(&pbkdf2Spec); } else if (params.get_tag() == OptExtKdfSpec::tag_t::HKDFSPEC && algName == HKDF_ALG_NAME) { - SetHkdfParamsSpecAttribute(params.get_HKDFSPEC_ref(), hkdfSpec, outBlob); + flag = SetHkdfParamsSpecAttribute(params.get_HKDFSPEC_ref(), hkdfSpec, outBlob); paramsSpec = reinterpret_cast(&hkdfSpec); } else if (params.get_tag() == OptExtKdfSpec::tag_t::SCRYPTSPEC && algName == SCRYPT_ALG_NAME) { - SetScryptParamsSpecAttribute(params.get_SCRYPTSPEC_ref(), scryptSpec, outBlob); + flag = SetScryptParamsSpecAttribute(params.get_SCRYPTSPEC_ref(), scryptSpec, outBlob); paramsSpec = reinterpret_cast(&scryptSpec); - } else { + } + if (!flag) { ANI_LOGE_THROW(HCF_INVALID_PARAMS, "invalid kdf spec!"); return {}; } diff --git a/frameworks/js/ani/src/ani_pri_key.cpp b/frameworks/js/ani/src/ani_pri_key.cpp index 0d2debd6c8e1c13b630b14ca2fc00382d4d563ce..44376f0372f48cf6a7fd46397b89581897c70863 100644 --- a/frameworks/js/ani/src/ani_pri_key.cpp +++ b/frameworks/js/ani/src/ani_pri_key.cpp @@ -39,7 +39,7 @@ OptKeySpec GetAsyKeySpecString(HcfPriKey *priKey, HcfAsyKeySpecItem item) return OptKeySpec::make_STRING(""); } string data = string(str); - HcfFree(str); + HCF_FREE_PTR(str); return OptKeySpec::make_STRING(data); } @@ -70,7 +70,7 @@ string GetEncodedPemInner(const HcfPriKey *self, HcfParamsSpec *params, string_v return ""; } string str = string(encoded); - HcfFree(encoded); + HCF_FREE_PTR(encoded); return str; } } // namespace diff --git a/frameworks/js/ani/src/ani_pub_key.cpp b/frameworks/js/ani/src/ani_pub_key.cpp index e031c1a4081f14458d8bac314410d5bffd720992..f03cde0d1e0d41bc7ab3402de715f5a753118d40 100644 --- a/frameworks/js/ani/src/ani_pub_key.cpp +++ b/frameworks/js/ani/src/ani_pub_key.cpp @@ -39,7 +39,7 @@ OptKeySpec GetAsyKeySpecString(HcfPubKey *pubKey, HcfAsyKeySpecItem item) return OptKeySpec::make_STRING(""); } string data = string(str); - HcfFree(str); + HCF_FREE_PTR(str); return OptKeySpec::make_STRING(data); } @@ -53,7 +53,7 @@ OptKeySpec GetAsyKeySpecBigInt(HcfPubKey *pubKey, HcfAsyKeySpecItem item) } array data = {}; BigIntegerToArrayU8(bigint, data); - HcfFree(bigint.data); + HCF_FREE_PTR(bigint.data); return OptKeySpec::make_BIGINT(data); } } // namespace @@ -127,7 +127,7 @@ string PubKeyImpl::GetEncodedPem(string_view format) return ""; } string str = string(encoded); - HcfFree(encoded); + HCF_FREE_PTR(encoded); return str; } diff --git a/frameworks/js/ani/src/ani_sign.cpp b/frameworks/js/ani/src/ani_sign.cpp index 7cb193077f492f83a8db4b6813f14c49253ea415..3e418a8b92c77d31b0fc458bf92490934c78f302 100644 --- a/frameworks/js/ani/src/ani_sign.cpp +++ b/frameworks/js/ani/src/ani_sign.cpp @@ -47,7 +47,7 @@ OptStrInt GetSignSpecString(HcfSign *sign, HcfSignSpecItem item) return OptStrInt::make_STRING(""); } string data = string(str); - HcfFree(str); + HCF_FREE_PTR(str); return OptStrInt::make_STRING(data); } diff --git a/frameworks/js/ani/src/ani_verify.cpp b/frameworks/js/ani/src/ani_verify.cpp index fb2a772b2421332b42d3c20bd7c3de625f86c407..91628d37c9f2c5c6b2dfc3cf1bedb96a61e76f1c 100644 --- a/frameworks/js/ani/src/ani_verify.cpp +++ b/frameworks/js/ani/src/ani_verify.cpp @@ -48,7 +48,7 @@ OptStrInt GetVerifySpecString(HcfVerify *verify, HcfSignSpecItem item) return OptStrInt::make_STRING(""); } string data = string(str); - HcfFree(str); + HCF_FREE_PTR(str); return OptStrInt::make_STRING(data); } diff --git a/frameworks/js/napi/crypto/src/napi_dh_key_util.cpp b/frameworks/js/napi/crypto/src/napi_dh_key_util.cpp index 24e364bb8b1bcf4a54c52501837116ea3dd07f74..438e7e7dd5d2b548cbe179e172cf8cb425542374 100644 --- a/frameworks/js/napi/crypto/src/napi_dh_key_util.cpp +++ b/frameworks/js/napi/crypto/src/napi_dh_key_util.cpp @@ -18,6 +18,7 @@ #include "detailed_ecc_key_params.h" #include "log.h" +#include "memory.h" #include "napi_crypto_framework_defines.h" #include "napi_utils.h" #include "napi_key_pair.h" @@ -172,6 +173,7 @@ napi_value NapiDHKeyUtil::JsGenDHCommonParamsSpec(napi_env env, napi_callback_in napi_value instance = ConvertDhCommParamsSpecToNapiValue(env, dhCommParamsSpec); FreeDhCommParamsSpec(dhCommParamsSpec); + HCF_FREE_PTR(dhCommParamsSpec); return instance; } diff --git a/frameworks/js/napi/crypto/src/napi_ecc_key_util.cpp b/frameworks/js/napi/crypto/src/napi_ecc_key_util.cpp index 4e1f2d9fb6a915f6215368638a653a49b8fc163e..461f8f09a17e8cda7b80c8132766d5a9b2bd1c8f 100644 --- a/frameworks/js/napi/crypto/src/napi_ecc_key_util.cpp +++ b/frameworks/js/napi/crypto/src/napi_ecc_key_util.cpp @@ -348,8 +348,7 @@ napi_value NapiECCKeyUtil::JsGenECCCommonParamsSpec(napi_env env, napi_callback_ } napi_value instance = ConvertEccCommParamsSpecToNapiValue(env, eccCommParamsSpec); FreeEccCommParamsSpec(eccCommParamsSpec); - HcfFree(eccCommParamsSpec); - eccCommParamsSpec = nullptr; + HCF_FREE_PTR(eccCommParamsSpec); return instance; }