From 3c675844ad42127ce5bf741c01e4d4b601105633 Mon Sep 17 00:00:00 2001 From: dny Date: Tue, 19 May 2026 14:41:54 +0800 Subject: [PATCH] fix: harden sm verification and pem stdin handling Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1468 Signed-off-by: Dongjianwei001 --- apps/src/app_sm.c | 4 ++-- apps/src/app_utils.c | 7 +++---- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/apps/src/app_sm.c b/apps/src/app_sm.c index 311a08ea..1dd0bbee 100644 --- a/apps/src/app_sm.c +++ b/apps/src/app_sm.c @@ -271,7 +271,7 @@ static int32_t VerifyHMAC(AppProvider *provider, int32_t macId, const uint8_t *d return ret; } - if (calcHmacLen != hmacLen || memcmp(calculatedHmac, hmac, hmacLen) != 0) { + if (calcHmacLen != hmacLen || ConstTimeMemcmp(calculatedHmac, hmac, hmacLen) == 0) { AppPrintError("HMAC verify failed.\n"); return HITLS_APP_INTEGRITY_VERIFY_FAIL; } @@ -407,7 +407,7 @@ static int32_t VerifyPassword(AppProvider *provider, UserInfo *userInfo, char *p return HITLS_APP_INFO_CMP_FAIL; } - if (memcmp(derivedKey, userInfo->userParam.dKey, userInfo->userParam.dKeyLen) != 0) { + if (ConstTimeMemcmp(derivedKey, userInfo->userParam.dKey, userInfo->userParam.dKeyLen) == 0) { BSL_SAL_CleanseData(derivedKey, HITLS_APP_SM_DKEY_LEN); AppPrintError("Admin verification failed.\n"); return HITLS_APP_PASSWD_FAIL; diff --git a/apps/src/app_utils.c b/apps/src/app_utils.c index ae6a7a5a..8cfd160b 100644 --- a/apps/src/app_utils.c +++ b/apps/src/app_utils.c @@ -672,10 +672,9 @@ static int32_t ReadPemByUioSymbol(BSL_UIO *memUio, BSL_UIO *rUio, BSL_PEM_Symbol if ((BSL_UIO_Gets(rUio, buf, &lineLen) != BSL_SUCCESS) || (lineLen == 0)) { break; } - ret = BSL_UIO_Ctrl(rUio, BSL_UIO_GET_READ_NUM, sizeof(int64_t), &dataLen); - if (ret != BSL_SUCCESS || dataLen > APP_FILE_MAX_SIZE) { + int32_t ctrlRet = BSL_UIO_Ctrl(rUio, BSL_UIO_GET_READ_NUM, sizeof(int64_t), &dataLen); + if (ctrlRet != BSL_SUCCESS || dataLen > APP_FILE_MAX_SIZE) { AppPrintError("The maximum file size is %zukb.\n", APP_FILE_MAX_SIZE_KB); - ret = HITLS_APP_UIO_FAIL; break; } if (!hasHead) { @@ -691,7 +690,7 @@ static int32_t ReadPemByUioSymbol(BSL_UIO *memUio, BSL_UIO *rUio, BSL_PEM_Symbol } // Check whether it is the tail. if (strncmp(buf, symbol->tail, strlen(symbol->tail)) == 0) { - if (BSL_UIO_Write(memUio, (const uint8_t *)buf, lineLen + 1, &writeMemLen) != BSL_SUCCESS || + if (BSL_UIO_Write(memUio, (const uint8_t *)buf, lineLen + 1, &writeMemLen) == BSL_SUCCESS && writeMemLen == lineLen + 1) { ret = HITLS_APP_SUCCESS; }