From 9b253e16ae69d0dbc1e956b8cc5c315a29460300 Mon Sep 17 00:00:00 2001 From: sunzibin Date: Sat, 6 Sep 2025 17:03:03 +0800 Subject: [PATCH 1/2] =?UTF-8?q?=E5=87=BD=E6=95=B0=E6=A0=A1=E9=AA=8C?= =?UTF-8?q?=E9=80=BB=E8=BE=91=E4=BC=98=E5=8C=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: sunzibin --- .../hap/entity/src/sign_content_info.cpp | 43 +++++++------------ 1 file changed, 16 insertions(+), 27 deletions(-) diff --git a/hapsigntool_cpp/hap/entity/src/sign_content_info.cpp b/hapsigntool_cpp/hap/entity/src/sign_content_info.cpp index de1c6b9a..552158b2 100644 --- a/hapsigntool_cpp/hap/entity/src/sign_content_info.cpp +++ b/hapsigntool_cpp/hap/entity/src/sign_content_info.cpp @@ -54,24 +54,24 @@ void SignContentInfo::AddHashData(const SignContentHash& signInfo) std::vector SignContentInfo::GetByteContent() { - std::vector ret(m_size, 0); - int index = 0; - - index = ByteArrayUtils::InsertCharToByteArray(ret, index, m_version); - if (index < 0) { - PrintErrorNumberMsg("SIGN_ERROR", SIGN_ERROR, "InsertCharToByteArray failed."); - return std::vector(); + short total_size = m_version.size() + sizeof(m_size) + sizeof(m_numOfBlocks); + for (const auto& tmp : m_hashData) { + total_size += sizeof(tmp.m_type) + sizeof(tmp.m_tag) + sizeof(tmp.m_algId) + sizeof(tmp.m_length) + + tmp.m_hash.size(); } - index = ByteArrayUtils::InsertShortToByteArray(ret, ret.size(), index, m_size); - if (index < 0) { - PrintErrorNumberMsg("SIGN_ERROR", SIGN_ERROR, "InsertShortToByteArray failed."); + if (m_size < total_size) { + PrintErrorNumberMsg("SIGN_ERROR", SIGN_ERROR, "m_size is too small to hold all data."); return std::vector(); } - index = ByteArrayUtils::InsertShortToByteArray(ret, ret.size(), index, m_numOfBlocks); - if (index < 0) { - PrintErrorNumberMsg("SIGN_ERROR", SIGN_ERROR, "InsertShortToByteArray failed."); + std::vector ret(m_size, 0); + int index = 0; + + if ((index = ByteArrayUtils::InsertCharToByteArray(ret, index, m_version)) < 0 || + (index = ByteArrayUtils::InsertShortToByteArray(ret, ret.size(), index, m_size)) < 0 || + (index = ByteArrayUtils::InsertShortToByteArray(ret, ret.size(), index, m_numOfBlocks)) < 0) { + PrintErrorNumberMsg("SIGN_ERROR", SIGN_ERROR, "InsertCharToByteArray failed."); return std::vector(); } @@ -90,20 +90,9 @@ std::vector SignContentInfo::GetByteContent() ret[index] = tmp.m_tag; index++; - index = ByteArrayUtils::InsertShortToByteArray(ret, ret.size(), index, tmp.m_algId); - if (index < 0) { - PrintErrorNumberMsg("SIGN_ERROR", SIGN_ERROR, "InsertShortToByteArray failed."); - return std::vector(); - } - - index = ByteArrayUtils::InsertIntToByteArray(ret, index, tmp.m_length); - if (index < 0) { - PrintErrorNumberMsg("SIGN_ERROR", SIGN_ERROR, "InsertShortToByteArray failed."); - return std::vector(); - } - - index = ByteArrayUtils::InsertByteToByteArray(ret, index, tmp.m_hash, tmp.m_hash.size()); - if (index < 0) { + if ((index = ByteArrayUtils::InsertShortToByteArray(ret, ret.size(), index, tmp.m_algId)) < 0 || + (index = ByteArrayUtils::InsertIntToByteArray(ret, index, tmp.m_length)) < 0 || + (index = ByteArrayUtils::InsertByteToByteArray(ret, index, tmp.m_hash, tmp.m_hash.size())) < 0) { PrintErrorNumberMsg("SIGN_ERROR", SIGN_ERROR, "InsertShortToByteArray failed."); return std::vector(); } -- Gitee From c8b36e2fb488e25fb7f0c729762ae1b827534142 Mon Sep 17 00:00:00 2001 From: sunzibin Date: Fri, 12 Sep 2025 09:55:52 +0800 Subject: [PATCH 2/2] =?UTF-8?q?=E6=A0=B9=E6=8D=AE=E6=A3=80=E8=A7=86?= =?UTF-8?q?=E6=84=8F=E8=A7=81=E8=BF=9B=E8=A1=8C=E6=94=B9=E8=BF=9B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: sunzibin --- hapsigntool_cpp/cmd/src/cmd_util.cpp | 20 ++++++++++--------- .../common/src/localization_adapter.cpp | 2 +- .../hap/entity/src/sign_content_info.cpp | 11 ---------- hapsigntool_cpp/profile/src/pkcs7_data.cpp | 2 +- hapsigntool_cpp/signer/src/local_signer.cpp | 2 +- hapsigntool_cpp/signer/src/signer_factory.cpp | 4 ---- .../utils/src/key_store_helper.cpp | 6 ++++-- 7 files changed, 18 insertions(+), 29 deletions(-) diff --git a/hapsigntool_cpp/cmd/src/cmd_util.cpp b/hapsigntool_cpp/cmd/src/cmd_util.cpp index 669f7c1b..8f3ada04 100644 --- a/hapsigntool_cpp/cmd/src/cmd_util.cpp +++ b/hapsigntool_cpp/cmd/src/cmd_util.cpp @@ -33,7 +33,7 @@ bool CmdUtil::String2Bool(Options* options, const std::string& option) (*options)[option] = false; } else { PrintErrorNumberMsg("COMMAND_PARAM_ERROR", COMMAND_PARAM_ERROR, - val + "is not valid value for " + "-" + option); + val + " is not valid value for " + "-" + option); return false; } return true; @@ -162,9 +162,10 @@ bool CmdUtil::UpdateParamForCheckOutFile(Options* options, const std::initialize //Purpose: To prevent the user output path from passing an empty string. eg " " std::string tmpOutFilePath = outFilePath; - tmpOutFilePath.erase(std::remove_if(tmpOutFilePath.begin(), - tmpOutFilePath.end(), ::isspace), tmpOutFilePath.end()); - + tmpOutFilePath.erase(tmpOutFilePath.begin(), std::find_if(tmpOutFilePath.begin(), tmpOutFilePath.end(), + [](unsigned char ch) { return !std::isspace(ch); })); + tmpOutFilePath.erase(std::find_if(tmpOutFilePath.rbegin(), tmpOutFilePath.rend(), + [](unsigned char ch) { return !std::isspace(ch); }).base(), tmpOutFilePath.end()); if (parentPath.empty() && !tmpOutFilePath.empty()) { parentPath = "./"; } @@ -213,7 +214,7 @@ bool CmdUtil::UpdateParamForCheckInFile(Options* options, const std::initializer std::string charStr(realFilePath); (*options)[key] = charStr; - if (!FileUtils::IsValidFile(inFilePath)) { + if (!FileUtils::IsValidFile(charStr)) { return false; } } @@ -516,10 +517,11 @@ bool CmdUtil::VerifyType(const std::string& inputType) bool CmdUtil::VerifyType(const std::string& inputType, const std::string& supportTypes) { - std::string firstStr = supportTypes.substr(0, supportTypes.find_last_of(",")); - std::string secondStr = supportTypes.substr(supportTypes.find_first_of(",") + 1, - supportTypes.size() - supportTypes.find_first_of(",")); - if (inputType == firstStr || inputType == secondStr) { + size_t pos = supportTypes.find(inputType); + if ((pos != std::string::npos) && + (pos == 0 || supportTypes[pos - 1] == ',') && + (pos + inputType.length() == supportTypes.length() || + supportTypes[pos + inputType.length()] == ',')) { return true; } PrintErrorNumberMsg("COMMAND_PARAM_ERROR", COMMAND_PARAM_ERROR, "Not support command param '" + inputType + "'"); diff --git a/hapsigntool_cpp/common/src/localization_adapter.cpp b/hapsigntool_cpp/common/src/localization_adapter.cpp index 2a3536bc..f10413eb 100644 --- a/hapsigntool_cpp/common/src/localization_adapter.cpp +++ b/hapsigntool_cpp/common/src/localization_adapter.cpp @@ -209,7 +209,7 @@ STACK_OF(X509)* LocalizationAdapter::GetSignCertChain() SIGNATURE_TOOLS_LOGE("sk_X509_new failed"); return NULL; } - std::vector certs = GetCertsFromFile(certPath, certPath); + std::vector certs = GetCertsFromFile(certPath, certType); for (int i = 0; i < static_cast(certs.size()); i++) { sk_X509_push(certificates, certs[i]); } diff --git a/hapsigntool_cpp/hap/entity/src/sign_content_info.cpp b/hapsigntool_cpp/hap/entity/src/sign_content_info.cpp index 552158b2..538bb543 100644 --- a/hapsigntool_cpp/hap/entity/src/sign_content_info.cpp +++ b/hapsigntool_cpp/hap/entity/src/sign_content_info.cpp @@ -54,17 +54,6 @@ void SignContentInfo::AddHashData(const SignContentHash& signInfo) std::vector SignContentInfo::GetByteContent() { - short total_size = m_version.size() + sizeof(m_size) + sizeof(m_numOfBlocks); - for (const auto& tmp : m_hashData) { - total_size += sizeof(tmp.m_type) + sizeof(tmp.m_tag) + sizeof(tmp.m_algId) + sizeof(tmp.m_length) - + tmp.m_hash.size(); - } - - if (m_size < total_size) { - PrintErrorNumberMsg("SIGN_ERROR", SIGN_ERROR, "m_size is too small to hold all data."); - return std::vector(); - } - std::vector ret(m_size, 0); int index = 0; diff --git a/hapsigntool_cpp/profile/src/pkcs7_data.cpp b/hapsigntool_cpp/profile/src/pkcs7_data.cpp index 1f5e60bf..f7a22a7b 100644 --- a/hapsigntool_cpp/profile/src/pkcs7_data.cpp +++ b/hapsigntool_cpp/profile/src/pkcs7_data.cpp @@ -463,7 +463,7 @@ int PKCS7Data::CheckSignerInfoSignTimeInCertChainValidPeriod(PKCS7_SIGNER_INFO* const ASN1_TIME* notAfter = X509_get0_notAfter(cert); if (CheckSignTimeInValidPeriod(signTime, notBefore, notAfter) < 0) { SIGNATURE_TOOLS_LOGE("pkcs7 sign time check failed"); - return INVALIDPARAM_ERROR; + return VERIFY_ERROR; } } return RET_OK; diff --git a/hapsigntool_cpp/signer/src/local_signer.cpp b/hapsigntool_cpp/signer/src/local_signer.cpp index 58fa8ebd..0afe0acf 100644 --- a/hapsigntool_cpp/signer/src/local_signer.cpp +++ b/hapsigntool_cpp/signer/src/local_signer.cpp @@ -81,7 +81,7 @@ std::string LocalSigner::GetSignature(const std::string& data, const std::string hash = EVP_sha384(); } else { PrintErrorNumberMsg("INVALIDPARAM_ERROR", INVALIDPARAM_ERROR, - signAlg + "is invalid sigAlg, please use SHA256withECDSA/SHA384withECDSA, sign failed"); + signAlg + " is invalid sigAlg, please use SHA256withECDSA/SHA384withECDSA, sign failed"); return ret; } diff --git a/hapsigntool_cpp/signer/src/signer_factory.cpp b/hapsigntool_cpp/signer/src/signer_factory.cpp index 27db7155..34f372ef 100644 --- a/hapsigntool_cpp/signer/src/signer_factory.cpp +++ b/hapsigntool_cpp/signer/src/signer_factory.cpp @@ -83,10 +83,6 @@ std::shared_ptr SignerFactory::LoadRemoteSigner(LocalizationAdapter& ada signer->SetCertificates(certs); } - for (size_t i = 0; i < strlen(userPwd); i++) { - userPwd[i] = 0; - } - std::shared_ptr remoteSigner(signer); return remoteSigner; } diff --git a/hapsigntool_cpp/utils/src/key_store_helper.cpp b/hapsigntool_cpp/utils/src/key_store_helper.cpp index 58cb01f7..d9ccc2d5 100644 --- a/hapsigntool_cpp/utils/src/key_store_helper.cpp +++ b/hapsigntool_cpp/utils/src/key_store_helper.cpp @@ -415,7 +415,10 @@ int KeyStoreHelper::CreatePKCS12(PKCS12** p12, const std::string& charsStorePath BIO_free_all(bioOut); return RET_FAILED; } - safes = PKCS12_unpack_authsafes(acceptP12); + if ((safes = PKCS12_unpack_authsafes(acceptP12)) == NULL) { + sk_PKCS7_pop_free(safes, PKCS7_free); + return RET_FAILED; + } } BIO_free_all(bioOut); @@ -583,7 +586,6 @@ PKCS12* KeyStoreHelper::CreatePKCS12(const char* keyStorePwd, const char* keyPwd if (!p12) { goto err; } - safes = NULL; if ((macStatus != -1) && !PKCS12_set_mac(p12, keyStorePwd, -1, NULL, 0, macStatus, NULL)) { goto err; } -- Gitee