diff options
-rw-r--r-- | src/manager/service/key-provider.cpp | 51 | ||||
-rw-r--r-- | src/manager/service/key-provider.h | 6 | ||||
-rw-r--r-- | tests/test_key-provider.cpp | 19 |
3 files changed, 49 insertions, 27 deletions
diff --git a/src/manager/service/key-provider.cpp b/src/manager/service/key-provider.cpp index a1bc1e5a..47425e62 100644 --- a/src/manager/service/key-provider.cpp +++ b/src/manager/service/key-provider.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2014 - 2018 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2014 - 2019 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,6 +17,7 @@ #include <exception.h> #include <key-provider.h> #include <dpl/log/log.h> +#include <string.h> namespace { @@ -46,94 +47,98 @@ using namespace CKM; WrappedKeyAndInfoContainer::WrappedKeyAndInfoContainer() { - wrappedKeyAndInfo = new WrappedKeyAndInfo; - memset(wrappedKeyAndInfo, 0, sizeof(WrappedKeyAndInfo)); + memset(&wrappedKeyAndInfo, 0, sizeof(WrappedKeyAndInfo)); } WrappedKeyAndInfoContainer::WrappedKeyAndInfoContainer(const unsigned char *data) { - wrappedKeyAndInfo = new WrappedKeyAndInfo; - memcpy(wrappedKeyAndInfo, data, sizeof(WrappedKeyAndInfo)); + memcpy(&wrappedKeyAndInfo, data, sizeof(WrappedKeyAndInfo)); + + if (wrappedKeyAndInfo.keyInfo.keyLength > sizeof(wrappedKeyAndInfo.wrappedKey)) { + ThrowErr(Exc::InternalError, + "Wrapped key info is corrupted. Key length exceeds the size of the key buffer."); + } + + size_t maxlen = sizeof(wrappedKeyAndInfo.keyInfo.client); + if (strnlen(wrappedKeyAndInfo.keyInfo.client, maxlen) == maxlen) { + ThrowErr(Exc::InternalError, + "Wrapped key info is corrupted. Client id is not NULL terminated."); + } } WrappedKeyAndInfo &WrappedKeyAndInfoContainer::getWrappedKeyAndInfo() { - return *wrappedKeyAndInfo; + return wrappedKeyAndInfo; } void WrappedKeyAndInfoContainer::setKeyInfoKeyLength(const unsigned int length) { - wrappedKeyAndInfo->keyInfo.keyLength = length; + wrappedKeyAndInfo.keyInfo.keyLength = length; } void WrappedKeyAndInfoContainer::setKeyInfoClient(const std::string resized_client) { - if (resized_client.size() >= sizeof(wrappedKeyAndInfo->keyInfo.client)) { + if (resized_client.size() >= sizeof(wrappedKeyAndInfo.keyInfo.client)) { ThrowErr(Exc::InternalError, "Client name too long"); } - strcpy(wrappedKeyAndInfo->keyInfo.client, resized_client.c_str()); + strcpy(wrappedKeyAndInfo.keyInfo.client, resized_client.c_str()); } void WrappedKeyAndInfoContainer::setKeyInfoSalt(const unsigned char *salt, const int size) { - memcpy(wrappedKeyAndInfo->keyInfo.salt, salt, size); + memcpy(wrappedKeyAndInfo.keyInfo.salt, salt, size); } void WrappedKeyAndInfoContainer::setKeyInfo(const KeyComponentsInfo *keyComponentsInfo) { - memcpy(&(wrappedKeyAndInfo->keyInfo), keyComponentsInfo, + memcpy(&(wrappedKeyAndInfo.keyInfo), keyComponentsInfo, sizeof(KeyComponentsInfo)); } WrappedKeyAndInfoContainer::~WrappedKeyAndInfoContainer() { - delete wrappedKeyAndInfo; } KeyAndInfoContainer::KeyAndInfoContainer() { - keyAndInfo = new KeyAndInfo; - memset(keyAndInfo, 0, sizeof(KeyAndInfo)); + memset(&keyAndInfo, 0, sizeof(KeyAndInfo)); } KeyAndInfoContainer::KeyAndInfoContainer(const unsigned char *data) { - keyAndInfo = new KeyAndInfo; - memcpy(keyAndInfo, data, sizeof(KeyAndInfo)); + memcpy(&keyAndInfo, data, sizeof(KeyAndInfo)); } KeyAndInfo &KeyAndInfoContainer::getKeyAndInfo() { - return *keyAndInfo; + return keyAndInfo; } void KeyAndInfoContainer::setKeyInfoKeyLength(unsigned int length) { - keyAndInfo->keyInfo.keyLength = length; + keyAndInfo.keyInfo.keyLength = length; } void KeyAndInfoContainer::setKeyInfo(const KeyComponentsInfo *keyComponentsInfo) { - memcpy(&(keyAndInfo->keyInfo), keyComponentsInfo, sizeof(KeyComponentsInfo)); + memcpy(&(keyAndInfo.keyInfo), keyComponentsInfo, sizeof(KeyComponentsInfo)); } KeyAndInfoContainer::~KeyAndInfoContainer() { // overwrite key - char *ptr = reinterpret_cast<char *>(keyAndInfo); + char *ptr = reinterpret_cast<char *>(&keyAndInfo); memset(ptr, 0, sizeof(KeyAndInfo)); // verification for (size_t size = 0; size < sizeof(KeyAndInfo); ++size) { if (ptr[size]) - LogError("Write momory error! Memory used by key was not owerwritten."); + LogError("Write memory error! Memory used by key was not owerwritten."); } - - delete keyAndInfo; } KeyProvider::KeyProvider() : diff --git a/src/manager/service/key-provider.h b/src/manager/service/key-provider.h index 9994c905..bcc999f2 100644 --- a/src/manager/service/key-provider.h +++ b/src/manager/service/key-provider.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2014 - 2018 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2014 - 2019 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -92,7 +92,7 @@ public: ~WrappedKeyAndInfoContainer(); private: - WrappedKeyAndInfo *wrappedKeyAndInfo; + WrappedKeyAndInfo wrappedKeyAndInfo; }; class KeyAndInfoContainer { @@ -105,7 +105,7 @@ public: ~KeyAndInfoContainer(); private: - KeyAndInfo *keyAndInfo; + KeyAndInfo keyAndInfo; }; diff --git a/tests/test_key-provider.cpp b/tests/test_key-provider.cpp index abca9890..4991c4db 100644 --- a/tests/test_key-provider.cpp +++ b/tests/test_key-provider.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2016 - 2019 Samsung Electronics Co., Ltd All Rights Reserved * * Contact: Kyungwook Tak <k.tak@samsung.com> * @@ -186,6 +186,23 @@ BOOST_AUTO_TEST_CASE(wrapped_container) wrappedContainer.getWrappedKeyAndInfo().keyInfo.client, wrappedContainer2.getWrappedKeyAndInfo().keyInfo.client, sizeof(wrappedContainer.getWrappedKeyAndInfo().keyInfo.client)) == 0); + + CKM::WrappedKeyAndInfo wrapped3; + wrapped3.keyInfo.keyLength = MAX_WRAPPED_KEY_SIZE; + BOOST_REQUIRE_NO_THROW(CKM::WrappedKeyAndInfoContainer wrappedContainer3( + reinterpret_cast<unsigned char*>(&wrapped3))); + + wrapped3.keyInfo.keyLength++; + BOOST_REQUIRE_THROW(CKM::WrappedKeyAndInfoContainer wrappedContainer3( + reinterpret_cast<unsigned char*>(&wrapped3)), + CKM::Exc::InternalError); + + // missing NULL termination in wrapped4.keyInfo.client + CKM::WrappedKeyAndInfo wrapped4; + memset(&wrapped4, 0x01, sizeof(CKM::WrappedKeyAndInfo)); + BOOST_REQUIRE_THROW(CKM::WrappedKeyAndInfoContainer wrappedContainer3( + reinterpret_cast<unsigned char*>(&wrapped4)), + CKM::Exc::InternalError); } BOOST_AUTO_TEST_CASE(container) |