From 6f4e7b07ee5c948dbc2ebcce195571e290a88516 Mon Sep 17 00:00:00 2001 From: qingliutan Date: Mon, 28 Jul 2025 20:56:36 +0800 Subject: [PATCH] =?UTF-8?q?ani=E9=97=AE=E9=A2=98=E4=BF=AE=E5=A4=8D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: qingliutan Change-Id: I876d8230edd4d97624d01b0f07c737cbd0fcb4c0 --- .../ets/@ohos.security.certManager.ets | 48 ++++++++++--------- .../ets/@ohos.security.certManagerDialog.ets | 24 ++++++++++ 2 files changed, 50 insertions(+), 22 deletions(-) diff --git a/interfaces/kits/ani/certificate_manager_ani/ets/@ohos.security.certManager.ets b/interfaces/kits/ani/certificate_manager_ani/ets/@ohos.security.certManager.ets index 5812aae..9b4ee71 100644 --- a/interfaces/kits/ani/certificate_manager_ani/ets/@ohos.security.certManager.ets +++ b/interfaces/kits/ani/certificate_manager_ani/ets/@ohos.security.certManager.ets @@ -249,6 +249,7 @@ export namespace certificateManager { EL4 = 4, } + const MIN_DATA_LEN: double = 1; const MAX_DATA_LEN: double = 0x6400000; function checkBufferLen(buffer: Uint8Array, minLen: double, maxLen: double) { @@ -278,7 +279,7 @@ export namespace certificateManager { } if (nativeResult.code === 0) { err.code = 0; - callback(err, result); + callback(null, result); } else { err.code = nativeResult.code; err.message = nativeResult.message; @@ -308,6 +309,7 @@ export namespace certificateManager { certAlias: string, callback: AsyncCallback ): void { + checkBufferLen(keystore, MIN_DATA_LEN, MAX_DATA_LEN); let pool = taskpool.execute(installPrivateCertificateNative, keystore.buffer as ArrayBuffer, keystorePwd, certAlias); taskExecuteReturn(pool, callback, {}); } @@ -317,17 +319,18 @@ export namespace certificateManager { keystorePwd: string, certAlias: string ): Promise { + checkBufferLen(keystore, MIN_DATA_LEN, MAX_DATA_LEN); return createPromise(() => installPrivateCertificateNative(keystore.buffer as ArrayBuffer, keystorePwd, certAlias), {}); } export function uninstallPrivateCertificate(keyUri: string, callback: AsyncCallback): void { - checkStrLen(keyUri, 1, MAX_DATA_LEN); + checkStrLen(keyUri, MIN_DATA_LEN, MAX_DATA_LEN); let pool = taskpool.execute(uninstallPrivateCertificateNative, keyUri); taskExecuteReturn(pool, callback, undefined); } export function uninstallPrivateCertificate(keyUri: string): Promise { - checkStrLen(keyUri, 1, MAX_DATA_LEN); + checkStrLen(keyUri, MIN_DATA_LEN, MAX_DATA_LEN); return createPromise(() => uninstallPrivateCertificateNative(keyUri), undefined); } @@ -341,83 +344,83 @@ export namespace certificateManager { } export function getPrivateCertificate(keyUri: string, callback: AsyncCallback): void { - checkStrLen(keyUri, 1, MAX_DATA_LEN); + checkStrLen(keyUri, MIN_DATA_LEN, MAX_DATA_LEN); let pool = taskpool.execute(getPrivateCertificateNative, keyUri); taskExecuteReturn(pool, callback, {}); } export function getPrivateCertificate(keyUri: string): Promise { - checkStrLen(keyUri, 1, MAX_DATA_LEN); + checkStrLen(keyUri, MIN_DATA_LEN, MAX_DATA_LEN); return createPromise(() => getPrivateCertificateNative(keyUri), {}); } export function init(authUri: string, spec: CMSignatureSpec, callback: AsyncCallback): void { - checkStrLen(authUri, 1, MAX_DATA_LEN); + checkStrLen(authUri, MIN_DATA_LEN, MAX_DATA_LEN); let result: CMHandle = { handle: new Uint8Array() }; let pool = taskpool.execute(initNative, authUri, spec); taskExecuteReturn(pool, callback, result); } export function init(authUri: string, spec: CMSignatureSpec): Promise { - checkStrLen(authUri, 1, MAX_DATA_LEN); + checkStrLen(authUri, MIN_DATA_LEN, MAX_DATA_LEN); let result: CMHandle = { handle: new Uint8Array() }; return createPromise(() => initNative(authUri, spec), result); } export function update(handle: Uint8Array, data: Uint8Array, callback: AsyncCallback): void { - checkBufferLen(handle, 1, MAX_DATA_LEN); - checkBufferLen(data, 1, MAX_DATA_LEN); + checkBufferLen(handle, MIN_DATA_LEN, MAX_DATA_LEN); + checkBufferLen(data, MIN_DATA_LEN, MAX_DATA_LEN); let pool = taskpool.execute(updateNative, handle.buffer as ArrayBuffer, data.buffer as ArrayBuffer); taskExecuteReturn(pool, callback, undefined); } export function update(handle: Uint8Array, data: Uint8Array): Promise { - checkBufferLen(handle, 1, MAX_DATA_LEN); - checkBufferLen(data, 1, MAX_DATA_LEN); + checkBufferLen(handle, MIN_DATA_LEN, MAX_DATA_LEN); + checkBufferLen(data, MIN_DATA_LEN, MAX_DATA_LEN); return createPromise(() => updateNative(handle.buffer as ArrayBuffer, data.buffer as ArrayBuffer), undefined); } export function finish(handle: Uint8Array, callback: AsyncCallback): void { - checkBufferLen(handle, 1, MAX_DATA_LEN); + checkBufferLen(handle, MIN_DATA_LEN, MAX_DATA_LEN); let pool = taskpool.execute(signatureFinishNative, handle.buffer as ArrayBuffer); taskExecuteReturn(pool, callback, {}); } export function finish(handle: Uint8Array, signature: Uint8Array, callback: AsyncCallback): void { - checkBufferLen(handle, 1, MAX_DATA_LEN); - checkBufferLen(signature, 1, MAX_DATA_LEN); + checkBufferLen(handle, MIN_DATA_LEN, MAX_DATA_LEN); + checkBufferLen(signature, MIN_DATA_LEN, MAX_DATA_LEN); let pool = taskpool.execute(verifyFinishNative, handle.buffer as ArrayBuffer, signature.buffer as ArrayBuffer); taskExecuteReturn(pool, callback, {}); } export function finish(handle: Uint8Array, signature?: Uint8Array): Promise { - checkBufferLen(handle, 1, MAX_DATA_LEN); + checkBufferLen(handle, MIN_DATA_LEN, MAX_DATA_LEN); let defaultSignature = signature ?? new Uint8Array(); if (signature !== undefined) { - checkBufferLen(signature, 1, MAX_DATA_LEN); + checkBufferLen(signature, MIN_DATA_LEN, MAX_DATA_LEN); return createPromise(() => verifyFinishNative(handle.buffer as ArrayBuffer, defaultSignature.buffer as ArrayBuffer), {}); } return createPromise(() => signatureFinishNative(handle.buffer as ArrayBuffer), {}); } export function abort(handle: Uint8Array, callback: AsyncCallback): void { - checkBufferLen(handle, 1, MAX_DATA_LEN); + checkBufferLen(handle, MIN_DATA_LEN, MAX_DATA_LEN); let pool = taskpool.execute(abortNative, handle.buffer as ArrayBuffer); taskExecuteReturn(pool, callback, undefined); } export function abort(handle: Uint8Array): Promise { - checkBufferLen(handle, 1, MAX_DATA_LEN); + checkBufferLen(handle, MIN_DATA_LEN, MAX_DATA_LEN); return createPromise(() => abortNative(handle.buffer as ArrayBuffer), undefined); } export function getPublicCertificate(keyUri: string): Promise { - checkStrLen(keyUri, 1, MAX_DATA_LEN); + checkStrLen(keyUri, MIN_DATA_LEN, MAX_DATA_LEN); return createPromise(() => getPublicCertificateNative(keyUri), {}); } export function isAuthorizedApp(keyUri: string): Promise { - checkStrLen(keyUri, 1, MAX_DATA_LEN); + checkStrLen(keyUri, MIN_DATA_LEN, MAX_DATA_LEN); return createPromise(() => isAuthorizedAppNative(keyUri), false); } @@ -430,7 +433,7 @@ export namespace certificateManager { } export function getUserTrustedCertificate(certUri: string): Promise { - checkStrLen(certUri, 1, MAX_DATA_LEN); + checkStrLen(certUri, MIN_DATA_LEN, MAX_DATA_LEN); return createPromise(() => getUserCANative(certUri), {}); } @@ -477,7 +480,7 @@ export namespace certificateManager { } export function uninstallUserTrustedCertificateSync(certUri: string) : void { - checkStrLen(certUri, 1, MAX_DATA_LEN); + checkStrLen(certUri, MIN_DATA_LEN, MAX_DATA_LEN); let nativeResult: NativeResult = uninstallUserCASyncNative(certUri); if (nativeResult.code === 0) { return; @@ -494,6 +497,7 @@ export namespace certificateManager { keystorePwd: string, certAlias: string, level: AuthStorageLevel): Promise { + checkBufferLen(keystore, MIN_DATA_LEN, MAX_DATA_LEN); return createPromise( () => installPrivateCertWithLevelNative(keystore.buffer as ArrayBuffer, keystorePwd, certAlias, level), {} diff --git a/interfaces/kits/ani/certificate_manager_dialog_ani/ets/@ohos.security.certManagerDialog.ets b/interfaces/kits/ani/certificate_manager_dialog_ani/ets/@ohos.security.certManagerDialog.ets index d4a2cba..6cfe718 100644 --- a/interfaces/kits/ani/certificate_manager_dialog_ani/ets/@ohos.security.certManagerDialog.ets +++ b/interfaces/kits/ani/certificate_manager_dialog_ani/ets/@ohos.security.certManagerDialog.ets @@ -101,6 +101,27 @@ export namespace certificateManagerDialog { GLOBAL_USER = 2, } + const MIN_DATA_LEN: double = 1; + const MAX_DATA_LEN: double = 0x6400000; + + function checkBufferLen(buffer: Uint8Array, minLen: double, maxLen: double) { + if (buffer.length < minLen || buffer.length > maxLen) { + let error = new BusinessError(); + error.code = 401; + error.message = 'the input parameters is invalid.'; + throw error; + } + } + + function checkStrLen(str: string, minLen: double, maxLen: double) { + if (str.length < minLen || str.length > maxLen) { + let error = new BusinessError(); + error.code = 401; + error.message = 'the input parameters is invalid.'; + throw error; + } + } + export function openCertificateManagerDialog(context: common.Context, pageType: CertificateDialogPageType): Promise { return new Promise((resolve, reject: (error: BusinessError) => void) => { let callback = new AsyncCallbackWrapper((err: BusinessError | null) => { @@ -121,6 +142,7 @@ export namespace certificateManagerDialog { } export function openInstallCertificateDialog(context: common.Context, certType: CertificateType, certScope: CertificateScope, cert: Uint8Array): Promise { + checkBufferLen(cert, MIN_DATA_LEN, MAX_DATA_LEN); return new Promise((resolve, reject: (error: BusinessError) => void) => { let callback = new AsyncCallbackWrapper((err: BusinessError | null, data: string | undefined) => { if (err?.code !== 0) { @@ -147,6 +169,7 @@ export namespace certificateManagerDialog { } export function openUninstallCertificateDialog(context: common.Context, certType: CertificateType, certUri: string): Promise { + checkStrLen(certUri, MIN_DATA_LEN, MAX_DATA_LEN); return new Promise((resolve, reject: (error: BusinessError) => void) => { let callback = new AsyncCallbackWrapper((err: BusinessError | null) => { if (err?.code !== 0) { @@ -170,6 +193,7 @@ export namespace certificateManagerDialog { } export function openCertificateDetailDialog(context: common.Context, cert: Uint8Array, property: CertificateDialogProperty): Promise { + checkBufferLen(cert, MIN_DATA_LEN, MAX_DATA_LEN); return new Promise((resolve, reject: (error: BusinessError) => void) => { let callback = new AsyncCallbackWrapper((err: BusinessError | null) => { if (err?.code !== 0) { -- Gitee