From 73a4fd96801dca7e97676a06d60f7f33cf04cfc3 Mon Sep 17 00:00:00 2001 From: Karsten Sperling <113487422+ksperling-apple@users.noreply.github.com> Date: Sat, 20 Jan 2024 13:48:28 +1300 Subject: [PATCH] Enforce that P256Keypair is not copyable (#31118) P256PublicKey IS copyable (and actually copied in practice), so prevent sliced copies by making it final. Also use = default instead of empty constructor / destructor bodies. --- src/crypto/CHIPCryptoPAL.h | 51 +++++++++++++++++++++++++++++--------- 1 file changed, 39 insertions(+), 12 deletions(-) diff --git a/src/crypto/CHIPCryptoPAL.h b/src/crypto/CHIPCryptoPAL.h index 578111d35e7a16..55ab402f8fd4b2 100644 --- a/src/crypto/CHIPCryptoPAL.h +++ b/src/crypto/CHIPCryptoPAL.h @@ -222,8 +222,16 @@ bool IsBufferContentEqualConstantTime(const void * a, const void * b, size_t n); template class ECPKey { +protected: + // This base type can't be copied / assigned directly. + // Sub-types should be either uncopyable or final. + ECPKey() = default; + ECPKey(const ECPKey &) = default; + ECPKey & operator=(const ECPKey &) = default; + public: - virtual ~ECPKey() {} + virtual ~ECPKey() = default; + virtual SupportedECPKeyTypes Type() const = 0; virtual size_t Length() const = 0; virtual bool IsUncompressed() const = 0; @@ -377,10 +385,11 @@ using IdentityProtectionKeySpan = FixedByteSpan; -class P256PublicKey : public ECPKey +class P256PublicKey final // final due to being copyable + : public ECPKey { public: - P256PublicKey() {} + P256PublicKey() = default; template constexpr P256PublicKey(const uint8_t (&raw_value)[N]) @@ -430,8 +439,15 @@ class P256PublicKey : public ECPKey template class ECPKeypair { +protected: + // This base type can't be copied / assigned directly. + // Sub-types should be either uncopyable or final. + ECPKeypair() = default; + ECPKeypair(const ECPKeypair &) = default; + ECPKeypair & operator=(const ECPKeypair &) = default; + public: - virtual ~ECPKeypair() {} + virtual ~ECPKeypair() = default; /** @brief Generate a new Certificate Signing Request (CSR). * @param csr Newly generated CSR in DER format @@ -472,6 +488,13 @@ using P256SerializedKeypair = SensitiveDataBuffer { +protected: + // This base type can't be copied / assigned directly. + // Sub-types should be either uncopyable or final. + P256KeypairBase() = default; + P256KeypairBase(const P256KeypairBase &) = default; + P256KeypairBase & operator=(const P256KeypairBase &) = default; + public: /** * @brief Initialize the keypair. @@ -495,9 +518,13 @@ class P256KeypairBase : public ECPKeypair