From 83ffb1518185d2de264dbd31b7959ca204897f22 Mon Sep 17 00:00:00 2001 From: jing-wang177 Date: Thu, 17 Jul 2025 19:24:07 +0800 Subject: [PATCH 1/2] =?UTF-8?q?=E5=91=8A=E8=AD=A6=E6=B8=85=E7=90=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: jing-wang177 --- frameworks/crypto_operation/sm2_crypto_util.c | 4 +++ frameworks/js/ani/src/ani_md.cpp | 2 +- frameworks/native/include/native_common.h | 6 ++-- frameworks/native/src/asym_key.c | 28 ++++++++++++++++--- frameworks/native/src/native_common.c | 27 ++++-------------- plugin/mbedtls_plugin/rand/src/mbedtls_rand.c | 2 ++ .../crypto_operation/kdf/src/scrypt_openssl.c | 8 +++--- .../sym_key_generator/src/sym_key_openssl.c | 2 +- 8 files changed, 43 insertions(+), 36 deletions(-) diff --git a/frameworks/crypto_operation/sm2_crypto_util.c b/frameworks/crypto_operation/sm2_crypto_util.c index a28cece..88ef81c 100644 --- a/frameworks/crypto_operation/sm2_crypto_util.c +++ b/frameworks/crypto_operation/sm2_crypto_util.c @@ -105,6 +105,10 @@ HcfResult HcfGenCipherTextBySpec(Sm2CipherTextSpec *spec, const char *mode, HcfB return HCF_INVALID_PARAMS; } HcfSm2SpecToASN1CreateFunc createFunc = FindAbility(mode); + if (createFunc == NULL) { + LOGE("Failed to find create function"); + return HCF_INVALID_PARAMS; + } HcfResult res = createFunc(spec, output); if (res != HCF_SUCCESS) { LOGE("Failed to convert construct to asn1!"); diff --git a/frameworks/js/ani/src/ani_md.cpp b/frameworks/js/ani/src/ani_md.cpp index ac1f064..b358db0 100644 --- a/frameworks/js/ani/src/ani_md.cpp +++ b/frameworks/js/ani/src/ani_md.cpp @@ -35,7 +35,7 @@ void MdImpl::UpdateSync(DataBlob const& input) HcfBlob inBlob = { .data = input.data.data(), .len = input.data.size() }; HcfResult res = mdObj->update(mdObj, &inBlob); if (res != HCF_SUCCESS) { - ANI_LOGE_THROW(res, "md doFinal failed!"); + ANI_LOGE_THROW(res, "md update failed!"); return; } } diff --git a/frameworks/native/include/native_common.h b/frameworks/native/include/native_common.h index 03c924c..a324e2e 100644 --- a/frameworks/native/include/native_common.h +++ b/frameworks/native/include/native_common.h @@ -27,10 +27,8 @@ OH_Crypto_ErrCode GetOhCryptoErrCode(HcfResult errCode); OH_Crypto_ErrCode GetOhCryptoErrCodeNew(HcfResult errCode); void ReverseUint8Arr(uint8_t *data, size_t len); -int32_t bigEndianArrToInt32(const uint8_t *data, size_t len); -void Int32TobigEndianArr(int32_t value, uint8_t *data, size_t len); -int32_t bigEndianArrToInt(const uint8_t *data, size_t len); -void IntTobigEndianArr(int value, uint8_t *data, size_t len); +uint32_t BigEndianArrToUint32(const uint8_t *data, size_t len); +void Uint32TobigEndianArr(uint32_t value, uint8_t *data, size_t len); #ifdef __cplusplus } #endif diff --git a/frameworks/native/src/asym_key.c b/frameworks/native/src/asym_key.c index 55494d5..fd40379 100644 --- a/frameworks/native/src/asym_key.c +++ b/frameworks/native/src/asym_key.c @@ -861,7 +861,11 @@ static OH_Crypto_ErrCode SetEccCommSpec(HcfEccCommParamsSpec *spec, CryptoAsymKe if (value->len != sizeof(spec->h)) { return CRYPTO_PARAMETER_CHECK_FAILED; } - spec->h = bigEndianArrToInt32(value->data, value->len); + uint32_t tmp = BigEndianArrToUint32(value->data, value->len); + if (tmp > INT32_MAX) { + return CRYPTO_PARAMETER_CHECK_FAILED; + } + spec->h = (int32_t)tmp; break; default: return CRYPTO_PARAMETER_CHECK_FAILED; @@ -936,7 +940,11 @@ static OH_Crypto_ErrCode SetDhCommSpec(HcfDhCommParamsSpec *spec, CryptoAsymKey_ if (value->len != sizeof(spec->length)) { return CRYPTO_PARAMETER_CHECK_FAILED; } - spec->length = bigEndianArrToInt(value->data, value->len); + uint32_t tmp = BigEndianArrToUint32(value->data, value->len); + if (tmp > INT32_MAX) { + return CRYPTO_PARAMETER_CHECK_FAILED; + } + spec->length = (int)tmp; break; default: return CRYPTO_PARAMETER_CHECK_FAILED; @@ -1309,7 +1317,13 @@ static OH_Crypto_ErrCode GetEccCommSpec(HcfEccCommParamsSpec *spec, CryptoAsymKe return CRYPTO_MEMORY_ERROR; } value->len = sizeof(spec->h); - Int32TobigEndianArr(spec->h, value->data, value->len); + if (spec->h < 0) { + HcfFree(value->data); + value->data = NULL; + return CRYPTO_PARAMETER_CHECK_FAILED; + } + uint32_t tmp = (uint32_t)spec->h; + Uint32TobigEndianArr(tmp, value->data, value->len); break; default: return CRYPTO_PARAMETER_CHECK_FAILED; @@ -1386,7 +1400,13 @@ static OH_Crypto_ErrCode GetDhCommSpec(HcfDhCommParamsSpec *spec, CryptoAsymKey_ return CRYPTO_MEMORY_ERROR; } value->len = sizeof(spec->length); - IntTobigEndianArr(spec->length, value->data, value->len); + if (spec->length < 0) { + HcfFree(value->data); + value->data = NULL; + return CRYPTO_PARAMETER_CHECK_FAILED; + } + uint32_t tmp = (uint32_t)spec->length; + Uint32TobigEndianArr(tmp, value->data, value->len); break; default: return CRYPTO_PARAMETER_CHECK_FAILED; diff --git a/frameworks/native/src/native_common.c b/frameworks/native/src/native_common.c index 62b7fd3..a92b10a 100644 --- a/frameworks/native/src/native_common.c +++ b/frameworks/native/src/native_common.c @@ -58,36 +58,19 @@ void ReverseUint8Arr(uint8_t *data, size_t len) #define NATIVE_BITS_SIZE 8 -int32_t bigEndianArrToInt32(const uint8_t *data, size_t len) +uint32_t BigEndianArrToUint32(const uint8_t *data, size_t len) { - int32_t value = 0; + uint32_t value = 0; for (size_t i = 0; i < len; ++i) { - value |= (int32_t)(data[i] << ((sizeof(int32_t) - 1 - i) * NATIVE_BITS_SIZE)); + value |= (uint32_t)(data[i] << ((sizeof(int32_t) - 1 - i) * NATIVE_BITS_SIZE)); } return value; } -void Int32TobigEndianArr(int32_t value, uint8_t *data, size_t len) +void Uint32TobigEndianArr(uint32_t value, uint8_t *data, size_t len) { for (size_t i = 0; i < len; ++i) { - data[i] = (value >> ((sizeof(int32_t) - i - 1) * NATIVE_BITS_SIZE)) & 0xFF; - } -} - -int32_t bigEndianArrToInt(const uint8_t *data, size_t len) -{ - int value = 0; - - for (size_t i = 0; i < len; ++i) { - value |= (int)(data[i] << ((sizeof(int) - 1 - i) * NATIVE_BITS_SIZE)); - } - return value; -} - -void IntTobigEndianArr(int value, uint8_t *data, size_t len) -{ - for (size_t i = 0; i < len; ++i) { - data[i] = (value >> ((sizeof(int) - i - 1) * NATIVE_BITS_SIZE)) & 0xFF; + data[i] = (value >> ((sizeof(uint32_t) - i - 1) * NATIVE_BITS_SIZE)) & 0xFF; } } diff --git a/plugin/mbedtls_plugin/rand/src/mbedtls_rand.c b/plugin/mbedtls_plugin/rand/src/mbedtls_rand.c index 0ab9714..67fd4da 100644 --- a/plugin/mbedtls_plugin/rand/src/mbedtls_rand.c +++ b/plugin/mbedtls_plugin/rand/src/mbedtls_rand.c @@ -200,6 +200,8 @@ HcfResult MbedtlsRandSpiCreate(HcfRandSpi **spiObj) int32_t ret = MbedtlsRandInitEx(&(returnSpiImpl->entropy), &(returnSpiImpl->ctrDrbg)); if (ret != HCF_SUCCESS) { LOGE("Failed to allocate entropy ctrDrbg memory!"); + HcfFree(returnSpiImpl); + returnSpiImpl = NULL; return HCF_ERR_MALLOC; } returnSpiImpl->base.base.getClass = GetMbedtlsRandClass; diff --git a/plugin/openssl_plugin/crypto_operation/kdf/src/scrypt_openssl.c b/plugin/openssl_plugin/crypto_operation/kdf/src/scrypt_openssl.c index 38fda9d..ef22208 100644 --- a/plugin/openssl_plugin/crypto_operation/kdf/src/scrypt_openssl.c +++ b/plugin/openssl_plugin/crypto_operation/kdf/src/scrypt_openssl.c @@ -128,7 +128,7 @@ static bool GetScryptSaltFromSpec(HcfScryptData *data, HcfScryptParamsSpec *para return false; } (void)memcpy_s(data->salt, params->salt.len, params->salt.data, params->salt.len); - data->saltLen = params->salt.len; + data->saltLen = (int)params->salt.len; return true; } @@ -140,7 +140,7 @@ static bool GetScryptPasswordFromSpec(HcfScryptData *data, HcfScryptParamsSpec * return false; } (void)memcpy_s(data->password, params->passPhrase.len, params->passPhrase.data, params->passPhrase.len); - data->passwordLen = params->passPhrase.len; + data->passwordLen = (int)params->passPhrase.len; } else { data->passwordLen = 0; data->password = NULL; @@ -161,7 +161,7 @@ static HcfResult InitScryptData(OpensslScryptSpiImpl *self, HcfScryptParamsSpec break; } if (!GetScryptPasswordFromSpec(data, params)) { - LOGE("malloc salt failed!"); + LOGE("malloc password failed!"); break; } data->out = (unsigned char *)HcfMalloc(params->output.len, 0); @@ -173,7 +173,7 @@ static HcfResult InitScryptData(OpensslScryptSpiImpl *self, HcfScryptParamsSpec data->p = params->p; data->r = params->r; data->maxBytes = params->maxMem; - data->outLen = params->output.len; + data->outLen = (int)params->output.len; self->kdfData = data; return HCF_SUCCESS; } while (0); diff --git a/plugin/openssl_plugin/key/sym_key_generator/src/sym_key_openssl.c b/plugin/openssl_plugin/key/sym_key_generator/src/sym_key_openssl.c index af635f9..ab72bfa 100644 --- a/plugin/openssl_plugin/key/sym_key_generator/src/sym_key_openssl.c +++ b/plugin/openssl_plugin/key/sym_key_generator/src/sym_key_openssl.c @@ -186,7 +186,7 @@ static HcfResult HcfDesSymmKeySpiCreate(int32_t keyLen, SymKeyImpl *symKey) EVP_CIPHER_CTX_free(ctx); symKey->keyMaterial.data = keyMaterial; - symKey->keyMaterial.len = keyLen; + symKey->keyMaterial.len = (size_t)keyLen; return HCF_SUCCESS; } -- Gitee From 3f954d85a058261966e65d7ca55f8507594ee0a0 Mon Sep 17 00:00:00 2001 From: jing-wang177 Date: Tue, 19 Aug 2025 17:56:24 +0800 Subject: [PATCH 2/2] =?UTF-8?q?string=E7=B1=BB=E5=9E=8B=E5=AD=98=E8=B4=AE?= =?UTF-8?q?=E7=A7=81=E9=92=A5=E9=97=AE=E9=A2=98=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: jing-wang177 --- frameworks/js/napi/crypto/inc/napi_utils.h | 2 + .../crypto/src/napi_asy_key_generator.cpp | 95 +++++++++++-------- frameworks/js/napi/crypto/src/napi_utils.cpp | 2 +- 3 files changed, 58 insertions(+), 41 deletions(-) diff --git a/frameworks/js/napi/crypto/inc/napi_utils.h b/frameworks/js/napi/crypto/inc/napi_utils.h index 53cec12..79ff66b 100644 --- a/frameworks/js/napi/crypto/inc/napi_utils.h +++ b/frameworks/js/napi/crypto/inc/napi_utils.h @@ -89,6 +89,8 @@ HcfResult GetNapiUint8ArrayDataNoCopy(napi_env env, napi_value arg, HcfBlob *blo HcfResult CreateNapiUint8ArrayNoCopy(napi_env env, HcfBlob *blob, napi_value *napiValue); +HcfBlob *GetBlobFromStringJSParams(napi_env env, napi_value arg); + } // namespace CryptoFramework } // namespace OHOS #endif diff --git a/frameworks/js/napi/crypto/src/napi_asy_key_generator.cpp b/frameworks/js/napi/crypto/src/napi_asy_key_generator.cpp index bec9049..54ebba2 100644 --- a/frameworks/js/napi/crypto/src/napi_asy_key_generator.cpp +++ b/frameworks/js/napi/crypto/src/napi_asy_key_generator.cpp @@ -75,8 +75,8 @@ struct ConvertPemKeyCtx { HcfAsyKeyGenerator *generator = nullptr; HcfParamsSpec *params = nullptr; - std::string pubKey = ""; - std::string priKey = ""; + HcfBlob *pubKey = nullptr; + HcfBlob *priKey = nullptr; HcfResult errCode = HCF_SUCCESS; const char *errMsg = nullptr; @@ -172,8 +172,16 @@ static void FreeConvertPemKeyCtx(napi_env env, ConvertPemKeyCtx *ctx) FreeDecodeParamsSpec(ctx->params); ctx->errMsg = nullptr; - ctx->pubKey = ""; - ctx->priKey = ""; + if (ctx->pubKey != nullptr) { + HcfBlobDataFree(ctx->pubKey); + HcfFree(ctx->pubKey); + ctx->pubKey = nullptr; + } + if (ctx->priKey != nullptr) { + HcfBlobDataClearAndFree(ctx->priKey); + HcfFree(ctx->priKey); + ctx->priKey = nullptr; + } HcfFree(ctx); } @@ -248,9 +256,8 @@ static bool GetPkAndSkBlobFromNapiValueIfInput(napi_env env, napi_value pkValue, } static bool GetPkAndSkStringFromNapiValueIfInput(napi_env env, napi_value pkValue, napi_value skValue, - std::string &returnPubKey, std::string &returnPriKey) + HcfBlob **returnPubKey, HcfBlob **returnPriKey) { - size_t length = 0; napi_valuetype valueTypePk; napi_valuetype valueTypeSk; napi_typeof(env, pkValue, &valueTypePk); @@ -259,38 +266,27 @@ static bool GetPkAndSkStringFromNapiValueIfInput(napi_env env, napi_value pkValu LOGE("valueTypePk and valueTypeSk is all null."); return false; } + HcfBlob *pubKey = nullptr; if (valueTypePk != napi_null) { - if (valueTypePk != napi_string) { - LOGE("valueTypePk wrong argument type, expect string type."); - return false; - } - if (napi_get_value_string_utf8(env, pkValue, nullptr, 0, &length) != napi_ok) { - LOGE("pkValue can not get string length."); - return false; - } - returnPubKey.reserve(length + 1); - returnPubKey.resize(length); - if (napi_get_value_string_utf8(env, pkValue, returnPubKey.data(), (length + 1), &length) != napi_ok) { - LOGE("pkValue can not get string value."); + pubKey = GetBlobFromStringJSParams(env, pkValue); + if (pubKey == nullptr) { + LOGE("GetBlobFromStringJSParams failed for pubKey."); return false; } } + HcfBlob *priKey = nullptr; if (valueTypeSk != napi_null) { - if (valueTypeSk != napi_string) { - LOGE("valueTypeSk wrong argument type. expect string type."); - return false; - } - if (napi_get_value_string_utf8(env, skValue, nullptr, 0, &length) != napi_ok) { - LOGE("skValue can not get string length."); - return false; - } - returnPriKey.reserve(length + 1); - returnPriKey.resize(length); - if (napi_get_value_string_utf8(env, skValue, returnPriKey.data(), (length + 1), &length) != napi_ok) { - LOGE("skValue can not get string value."); + priKey = GetBlobFromStringJSParams(env, skValue); + if (priKey == nullptr) { + HcfBlobDataFree(pubKey); + HcfFree(pubKey); + pubKey = nullptr; + LOGE("GetBlobFromStringJSParams failed for priKey."); return false; } } + *returnPubKey = pubKey; + *returnPriKey = priKey; return true; } @@ -339,7 +335,7 @@ static bool BuildConvertKeyCtx(napi_env env, napi_callback_info info, ConvertKey } } -static bool ValidateAndGetParams(napi_env env, napi_callback_info info, std::string &pubKey, std::string &priKey, +static bool ValidateAndGetParams(napi_env env, napi_callback_info info, HcfBlob **pubKey, HcfBlob **priKey, HcfParamsSpec **paramsSpec) { napi_value thisVar = nullptr; @@ -379,10 +375,10 @@ static bool BuildConvertPemKeyCtx(napi_env env, napi_callback_info info, Convert LOGE("failed to unwrap napi asyKeyGenerator obj."); return false; } - std::string pubKey; - std::string priKey; + HcfBlob *pubKey = nullptr; + HcfBlob *priKey = nullptr; HcfParamsSpec *paramsSpec = nullptr; - if (!ValidateAndGetParams(env, info, pubKey, priKey, ¶msSpec)) { + if (!ValidateAndGetParams(env, info, &pubKey, &priKey, ¶msSpec)) { return false; } @@ -528,8 +524,16 @@ static void ConvertKeyAsyncWorkProcess(napi_env env, void *data) static void ConvertPemKeyAsyncWorkProcess(napi_env env, void *data) { ConvertPemKeyCtx *ctx = static_cast(data); + const char *pubKeyStr = nullptr; + const char *priKeyStr = nullptr; + if (ctx->pubKey != nullptr) { + pubKeyStr = reinterpret_cast(ctx->pubKey->data); + } + if (ctx->priKey != nullptr) { + priKeyStr = reinterpret_cast(ctx->priKey->data); + } ctx->errCode = ctx->generator->convertPemKey(ctx->generator, ctx->params, - ctx->pubKey.c_str(), ctx->priKey.c_str(), &(ctx->returnKeyPair)); + pubKeyStr, priKeyStr, &(ctx->returnKeyPair)); if (ctx->errCode != HCF_SUCCESS) { LOGE("ConvertPemKey fail."); ctx->errMsg = "ConvertPemKey fail."; @@ -884,11 +888,19 @@ napi_value NapiAsyKeyGenerator::JsConvertPemKey(napi_env env, napi_callback_info return NewConvertPemKeyAsyncWork(env, ctx); } -static HcfResult ConvertPemKeySync(std::string &pubKey, std::string &priKey, HcfAsyKeyGenerator *generator, +static HcfResult ConvertPemKeySync(HcfBlob *pubKey, HcfBlob *priKey, HcfAsyKeyGenerator *generator, HcfParamsSpec *paramsSpec, HcfKeyPair **returnKeyPair) { + const char *pubKeyStr = nullptr; + const char *priKeyStr = nullptr; + if (pubKey != nullptr) { + pubKeyStr = reinterpret_cast(pubKey->data); + } + if (priKey != nullptr) { + priKeyStr = reinterpret_cast(priKey->data); + } HcfResult errCode = generator->convertPemKey(generator, paramsSpec, - pubKey.c_str(), priKey.c_str(), returnKeyPair); + pubKeyStr, priKeyStr, returnKeyPair); if (errCode != HCF_SUCCESS) { LOGE("convertPemKey error!"); return errCode; @@ -900,10 +912,10 @@ napi_value NapiAsyKeyGenerator::JsConvertPemKeySync(napi_env env, napi_callback_ { napi_value thisVar = nullptr; napi_get_cb_info(env, info, nullptr, nullptr, &thisVar, nullptr); - std::string pubKey; - std::string priKey; + HcfBlob *pubKey = nullptr; + HcfBlob *priKey = nullptr; HcfParamsSpec *paramsSpec = nullptr; - if (!ValidateAndGetParams(env, info, pubKey, priKey, ¶msSpec)) { + if (!ValidateAndGetParams(env, info, &pubKey, &priKey, ¶msSpec)) { FreeDecodeParamsSpec(paramsSpec); napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "invalid parameters.")); return NapiGetNull(env); @@ -913,6 +925,7 @@ napi_value NapiAsyKeyGenerator::JsConvertPemKeySync(napi_env env, napi_callback_ napi_status status = napi_unwrap(env, thisVar, reinterpret_cast(&napiGenerator)); if (status != napi_ok || napiGenerator == nullptr) { FreeDecodeParamsSpec(paramsSpec); + HcfFreePubKeyAndPriKey(pubKey, priKey); LOGE("failed to unwrap napi asyKeyGenerator obj."); napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "failed to unwrap napi asyKeyGenerator obj.")); return nullptr; @@ -921,6 +934,7 @@ napi_value NapiAsyKeyGenerator::JsConvertPemKeySync(napi_env env, napi_callback_ HcfAsyKeyGenerator *generator = napiGenerator->GetAsyKeyGenerator(); if (generator == nullptr) { FreeDecodeParamsSpec(paramsSpec); + HcfFreePubKeyAndPriKey(pubKey, priKey); LOGE("GetAsyKeyGenerator failed!"); napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "GetAsyKeyGenerator failed!")); return nullptr; @@ -928,6 +942,7 @@ napi_value NapiAsyKeyGenerator::JsConvertPemKeySync(napi_env env, napi_callback_ HcfKeyPair *returnKeyPair = nullptr; HcfResult errCode = ConvertPemKeySync(pubKey, priKey, generator, paramsSpec, &(returnKeyPair)); + HcfFreePubKeyAndPriKey(pubKey, priKey); if (errCode != HCF_SUCCESS) { FreeDecodeParamsSpec(paramsSpec); LOGE("ConvertPemKeySync error!"); diff --git a/frameworks/js/napi/crypto/src/napi_utils.cpp b/frameworks/js/napi/crypto/src/napi_utils.cpp index 88c26b1..1f52bfa 100644 --- a/frameworks/js/napi/crypto/src/napi_utils.cpp +++ b/frameworks/js/napi/crypto/src/napi_utils.cpp @@ -662,7 +662,7 @@ bool GetEncodingParamsSpec(napi_env env, napi_value arg, HcfParamsSpec **returnS return true; } -static HcfBlob *GetBlobFromStringJSParams(napi_env env, napi_value arg) +HcfBlob *GetBlobFromStringJSParams(napi_env env, napi_value arg) { napi_valuetype valueType; napi_typeof(env, arg, &valueType); -- Gitee