fix: harden sm verification and pem stdin handling

Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1468

Signed-off-by: Dongjianwei001 <dongjianwei1@huawei.com>
This commit is contained in:
dny
2026-05-19 14:41:54 +08:00
committed by Dongjianwei001
parent 571fdba062
commit 3c675844ad
2 changed files with 5 additions and 6 deletions
+2 -2
View File
@@ -271,7 +271,7 @@ static int32_t VerifyHMAC(AppProvider *provider, int32_t macId, const uint8_t *d
return ret;
}
if (calcHmacLen != hmacLen || memcmp(calculatedHmac, hmac, hmacLen) != 0) {
if (calcHmacLen != hmacLen || ConstTimeMemcmp(calculatedHmac, hmac, hmacLen) == 0) {
AppPrintError("HMAC verify failed.\n");
return HITLS_APP_INTEGRITY_VERIFY_FAIL;
}
@@ -407,7 +407,7 @@ static int32_t VerifyPassword(AppProvider *provider, UserInfo *userInfo, char *p
return HITLS_APP_INFO_CMP_FAIL;
}
if (memcmp(derivedKey, userInfo->userParam.dKey, userInfo->userParam.dKeyLen) != 0) {
if (ConstTimeMemcmp(derivedKey, userInfo->userParam.dKey, userInfo->userParam.dKeyLen) == 0) {
BSL_SAL_CleanseData(derivedKey, HITLS_APP_SM_DKEY_LEN);
AppPrintError("Admin verification failed.\n");
return HITLS_APP_PASSWD_FAIL;
+3 -4
View File
@@ -672,10 +672,9 @@ static int32_t ReadPemByUioSymbol(BSL_UIO *memUio, BSL_UIO *rUio, BSL_PEM_Symbol
if ((BSL_UIO_Gets(rUio, buf, &lineLen) != BSL_SUCCESS) || (lineLen == 0)) {
break;
}
ret = BSL_UIO_Ctrl(rUio, BSL_UIO_GET_READ_NUM, sizeof(int64_t), &dataLen);
if (ret != BSL_SUCCESS || dataLen > APP_FILE_MAX_SIZE) {
int32_t ctrlRet = BSL_UIO_Ctrl(rUio, BSL_UIO_GET_READ_NUM, sizeof(int64_t), &dataLen);
if (ctrlRet != BSL_SUCCESS || dataLen > APP_FILE_MAX_SIZE) {
AppPrintError("The maximum file size is %zukb.\n", APP_FILE_MAX_SIZE_KB);
ret = HITLS_APP_UIO_FAIL;
break;
}
if (!hasHead) {
@@ -691,7 +690,7 @@ static int32_t ReadPemByUioSymbol(BSL_UIO *memUio, BSL_UIO *rUio, BSL_PEM_Symbol
}
// Check whether it is the tail.
if (strncmp(buf, symbol->tail, strlen(symbol->tail)) == 0) {
if (BSL_UIO_Write(memUio, (const uint8_t *)buf, lineLen + 1, &writeMemLen) != BSL_SUCCESS ||
if (BSL_UIO_Write(memUio, (const uint8_t *)buf, lineLen + 1, &writeMemLen) == BSL_SUCCESS &&
writeMemLen == lineLen + 1) {
ret = HITLS_APP_SUCCESS;
}