<fix>(security): fix dataEncrtption decode bug. (FISCO-BCOS#4561)

wenlinlee · Aug 1, 2024 · cc2483e · cc2483e
1 parent 6f62fad
commit cc2483e
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 17 deletions.
diff --git a/bcos-executor/src/vm/gas_meter/Metric.cpp b/bcos-executor/src/vm/gas_meter/Metric.cpp
@@ -25,6 +25,7 @@ namespace bcos
 {
 namespace wasm
 {
+using bcos::wasm::Instruction;
 InstructionTable GetInstructionTable()
 {
     auto defaultInstructionTable = InstructionTable{};

diff --git a/bcos-security/bcos-security/DataEncryption.cpp b/bcos-security/bcos-security/DataEncryption.cpp
@@ -97,15 +97,12 @@ std::shared_ptr<bytes> DataEncryption::decryptContents(const std::shared_ptr<byt
         if (m_compatibilityVersion >=
             static_cast<uint32_t>(bcos::protocol::BlockVersion::V3_3_VERSION))
         {
-            random_bytes_engine rbe;
-            std::vector<unsigned char> ivData(16);
-            std::generate(std::begin(ivData), std::end(ivData), std::ref(rbe));
-
+            size_t const offsetIv = encFileBytes.size() - 16;
+            size_t const cipherDataSize = encFileBytes.size() - 16;
             decFileBytesBase64Ptr = m_symmetricEncrypt->symmetricDecrypt(
-                (const unsigned char*)encFileBytes.data(), encFileBytes.size(),
-                (const unsigned char*)m_dataKey.data(), m_dataKey.size(), ivData.data(), 16);
-            decFileBytesBase64Ptr->insert(
-                decFileBytesBase64Ptr->end(), ivData.begin(), ivData.end());
+                reinterpret_cast<const unsigned char*>(encFileBytes.data()), cipherDataSize,
+                reinterpret_cast<const unsigned char*>(m_dataKey.data()), m_dataKey.size(),
+                reinterpret_cast<const unsigned char*>(encFileBytes.data() + offsetIv), 16);
         }
         else
         {
@@ -143,15 +140,12 @@ std::shared_ptr<bytes> DataEncryption::decryptFile(const std::string& filename)
         if (m_compatibilityVersion >=
             static_cast<uint32_t>(bcos::protocol::BlockVersion::V3_3_VERSION))
         {
-            random_bytes_engine rbe;
-            std::vector<unsigned char> ivData(16);
-            std::generate(std::begin(ivData), std::end(ivData), std::ref(rbe));
-
+            size_t const offsetIv = encFileBytes.size() - 16;
+            size_t const cipherDataSize = encFileBytes.size() - 16;
             decFileBytesBase64Ptr = m_symmetricEncrypt->symmetricDecrypt(
-                (const unsigned char*)encFileBytes.data(), encFileBytes.size(),
-                (const unsigned char*)m_dataKey.data(), m_dataKey.size(), ivData.data(), 16);
-            decFileBytesBase64Ptr->insert(
-                decFileBytesBase64Ptr->end(), ivData.begin(), ivData.end());
+                reinterpret_cast<const unsigned char*>(encFileBytes.data()), cipherDataSize,
+                reinterpret_cast<const unsigned char*>(m_dataKey.data()), m_dataKey.size(),
+                reinterpret_cast<const unsigned char*>(encFileBytes.data() + offsetIv), 16);
         }
         else
         {

diff --git a/transaction-scheduler/bcos-transaction-scheduler/BaselineScheduler.h b/transaction-scheduler/bcos-transaction-scheduler/BaselineScheduler.h
@@ -661,7 +661,7 @@ class BaselineScheduler : public scheduler::SchedulerInterface
         callback(nullptr);
     }
 
-    void stop() override {};
+    void stop() override{};
 
     void registerTransactionNotifier(std::function<void(bcos::protocol::BlockNumber,
             bcos::protocol::TransactionSubmitResultsPtr, std::function<void(Error::Ptr)>)>