security: avoid potential undefined behavior in const_cast Change-Id: I24cee635d5a3da95bdfd2566f2e4232e4b9ac358

commit: 73940c93a6c738fe5c287bfe8b59d27b79a74efe [log] [tgz]
author: Davide Pesavento <davidepesa@gmail.com> Sun Oct 13 15:58:11 2019 -0400
committer: Davide Pesavento <davidepesa@gmail.com> Thu Oct 17 14:58:01 2019 -0400
tree: 9e14032ee1a042c1d8762ce8e6ff609ad6354262
parent: 56a812d6331230be7338bc289ccfe9b50e3e9545 [diff]
diff --git a/ndn-cxx/security/tpm/back-end.cpp b/ndn-cxx/security/tpm/back-end.cpp
index decbc13..d3e32b2 100644
--- a/ndn-cxx/security/tpm/back-end.cpp
+++ b/ndn-cxx/security/tpm/back-end.cpp

@@ -20,16 +20,19 @@
  */
 
 #include "ndn-cxx/security/tpm/back-end.hpp"
+
+#include "ndn-cxx/encoding/buffer-stream.hpp"
+#include "ndn-cxx/security/pib/key.hpp"
 #include "ndn-cxx/security/tpm/key-handle.hpp"
 #include "ndn-cxx/security/tpm/tpm.hpp"
-#include "ndn-cxx/security/pib/key.hpp"
 #include "ndn-cxx/security/transform/buffer-source.hpp"
 #include "ndn-cxx/security/transform/digest-filter.hpp"
 #include "ndn-cxx/security/transform/private-key.hpp"
 #include "ndn-cxx/security/transform/stream-sink.hpp"
-#include "ndn-cxx/encoding/buffer-stream.hpp"
 #include "ndn-cxx/util/random.hpp"
 
+#include <boost/lexical_cast.hpp>
+
 namespace ndn {
 namespace security {
 namespace tpm {
@@ -55,33 +58,21 @@
     return doCreateKey(identity, params);
   }
 
-  // key name checking
   switch (params.getKeyIdType()) {
-    case KeyIdType::USER_SPECIFIED: { // keyId is pre-set.
+    case KeyIdType::USER_SPECIFIED: {
+      // check that the provided key id isn't already taken
       Name keyName = v2::constructKeyName(identity, params.getKeyId());
       if (hasKey(keyName)) {
         NDN_THROW(Tpm::Error("Key `" + keyName.toUri() + "` already exists"));
       }
       break;
     }
-    case KeyIdType::SHA256: {
-      // KeyName will be assigned in setKeyName after key is generated
+    case KeyIdType::SHA256:
+    case KeyIdType::RANDOM:
+      // key id will be determined after key is generated
       break;
-    }
-    case KeyIdType::RANDOM: {
-      Name keyName;
-      name::Component keyId;
-      do {
-        keyId = name::Component::fromNumber(random::generateSecureWord64());
-        keyName = v2::constructKeyName(identity, keyId);
-      } while (hasKey(keyName));
-
-      const_cast<KeyParams&>(params).setKeyId(keyId);
-      break;
-    }
-    default: {
-      NDN_THROW(Error("Unsupported key id type"));
-    }
+    default:
+      NDN_THROW(Error("Unsupported key id type " + boost::lexical_cast<std::string>(params.getKeyIdType())));
   }
 
   return doCreateKey(identity, params);
@@ -122,14 +113,11 @@
 
 Name
 BackEnd::constructAsymmetricKeyName(const KeyHandle& keyHandle, const Name& identity,
-                                    const KeyParams& params)
+                                    const KeyParams& params) const
 {
-  name::Component keyId;
-
   switch (params.getKeyIdType()) {
     case KeyIdType::USER_SPECIFIED: {
-      keyId = params.getKeyId();
-      break;
+      return v2::constructKeyName(identity, params.getKeyId());
     }
     case KeyIdType::SHA256: {
       using namespace transform;
@@ -137,25 +125,25 @@
       bufferSource(*keyHandle.derivePublicKey()) >>
         digestFilter(DigestAlgorithm::SHA256) >>
         streamSink(os);
-      keyId = name::Component(os.buf());
-      break;
+      return v2::constructKeyName(identity, name::Component(os.buf()));
     }
     case KeyIdType::RANDOM: {
-      BOOST_ASSERT(!params.getKeyId().empty());
-      keyId = params.getKeyId();
-      break;
+      Name keyName;
+      do {
+        auto keyId = name::Component::fromNumber(random::generateSecureWord64());
+        keyName = v2::constructKeyName(identity, keyId);
+      } while (hasKey(keyName));
+      return keyName;
     }
     default: {
-      NDN_THROW(Error("Unsupported key id type"));
+      NDN_THROW(Error("Unsupported key id type " + boost::lexical_cast<std::string>(params.getKeyIdType())));
     }
   }
-
-  return v2::constructKeyName(identity, keyId);
 }
 
 Name
 BackEnd::constructHmacKeyName(const transform::PrivateKey& key, const Name& identity,
-                              const KeyParams& params)
+                              const KeyParams& params) const
 {
   return Name(identity).append(name::Component(key.getKeyDigest(DigestAlgorithm::SHA256)));
 }

diff --git a/ndn-cxx/security/tpm/back-end.hpp b/ndn-cxx/security/tpm/back-end.hpp
index 8309b52..ad264ea 100644
--- a/ndn-cxx/security/tpm/back-end.hpp
+++ b/ndn-cxx/security/tpm/back-end.hpp

@@ -173,18 +173,20 @@
   NDN_CXX_NODISCARD virtual bool
   unlockTpm(const char* pw, size_t pwLen) const;
 
-protected: // static helper methods
+protected: // helper methods
   /**
    * @brief Construct and return the name of a RSA or EC key, based on @p identity and @p params.
    */
-  static Name
-  constructAsymmetricKeyName(const KeyHandle& key, const Name& identity, const KeyParams& params);
+  Name
+  constructAsymmetricKeyName(const KeyHandle& key, const Name& identity,
+                             const KeyParams& params) const;
 
   /**
    * @brief Construct and return the name of a HMAC key, based on @p identity and @p params.
    */
-  static Name
-  constructHmacKeyName(const transform::PrivateKey& key, const Name& identity, const KeyParams& params);
+  Name
+  constructHmacKeyName(const transform::PrivateKey& key, const Name& identity,
+                       const KeyParams& params) const;
 
 private: // pure virtual methods
   virtual bool
commit	73940c93a6c738fe5c287bfe8b59d27b79a74efe	[log] [tgz]
author	Davide Pesavento <davidepesa@gmail.com>	Sun Oct 13 15:58:11 2019 -0400
committer	Davide Pesavento <davidepesa@gmail.com>	Thu Oct 17 14:58:01 2019 -0400
tree	9e14032ee1a042c1d8762ce8e6ff609ad6354262
parent	56a812d6331230be7338bc289ccfe9b50e3e9545 [diff]