Sanitizes key for kvstore

- Sanitizes the key before using it for file operations. - Added unit tests for keyvalue_store module
rsksmart · Jan 17, 2025 · 6970c6e · 6970c6e
1 parent 6073949
commit 6970c6e
Show file tree

Hide file tree

Showing 6 changed files with 363 additions and 5 deletions.
diff --git a/firmware/src/sgx/src/untrusted/keyvalue_store.c b/firmware/src/sgx/src/untrusted/keyvalue_store.c
@@ -23,19 +23,52 @@
  */
 
 #include <sys/stat.h>
-#include "hsm_u.h"
+#include <ctype.h>
+#include <stdio.h>
+#include <string.h>
 #include "log.h"
+#include "keyvalue_store.h"
 
 #define KVSTORE_PREFIX "./kvstore-"
 #define KVSTORE_SUFFIX ".dat"
+#define KVSTORE_MAX_KEY_LEN 150
+
+// Sanitizes a key by allowing only [a-zA-Z0-9]. If one or more invalid
+// characters are found, Replace them with a single hyphen.
+static void sanitize_key(char* key, char* sanitized_key) {
+    if (!key || !sanitized_key)
+        return;
+
+    size_t key_len = strlen(key);
+
+    // Truncate key if it's too long
+    if (key_len > KVSTORE_MAX_KEY_LEN) {
+        key_len = KVSTORE_MAX_KEY_LEN;
+    }
+
+    bool prev_char_valid = false;
+    size_t sanitized_key_len = 0;
+    for (size_t i = 0; i < key_len; i++) {
+        if (isalnum(key[i])) {
+            sanitized_key[sanitized_key_len++] = key[i];
+            prev_char_valid = true;
+        } else if (prev_char_valid) {
+            sanitized_key[sanitized_key_len++] = '-';
+            prev_char_valid = false;
+        }
+    }
+    sanitized_key[sanitized_key_len] = '\0';
+}
 
 static char* filename_for(char* key) {
+    char sanitized_key[KVSTORE_MAX_KEY_LEN + 1];
+    sanitize_key(key, sanitized_key);
     size_t filename_size =
-        strlen(KVSTORE_PREFIX) + strlen(KVSTORE_SUFFIX) + strlen(key);
+        strlen(KVSTORE_PREFIX) + strlen(KVSTORE_SUFFIX) + strlen(sanitized_key);
     char* filename = malloc(filename_size + 1);
     strcpy(filename, "");
     strcat(filename, KVSTORE_PREFIX);
-    strcat(filename, key);
+    strcat(filename, sanitized_key);
     strcat(filename, KVSTORE_SUFFIX);
     return filename;
 }

diff --git a/firmware/src/sgx/src/untrusted/keyvalue_store.h b/firmware/src/sgx/src/untrusted/keyvalue_store.h
@@ -25,6 +25,9 @@
 #ifndef __KEYVALUE_STORE_H
 #define __KEYVALUE_STORE_H
 
+#include <stdbool.h>
+#include <stdint.h>
+
 /**
  * @brief Tell whether a given key currently exists
  *

diff --git a/firmware/src/sgx/test/common/common.mk b/firmware/src/sgx/test/common/common.mk
@@ -1,19 +1,21 @@
 TESTCOMMONDIR = ../common
 SGXTRUSTEDDIR = ../../src/trusted
+SGXUNTRUSTEDDIR = ../../src/untrusted
 HALINCDIR = ../../../hal/include
 HALSGXSRCDIR = ../../../hal/sgx/src/trusted
 POWHSMSRCDIR = ../../../powhsm/src
 COMMONDIR = ../../../common/src
 
 CFLAGS  = -iquote $(TESTCOMMONDIR)
 CFLAGS += -iquote $(SGXTRUSTEDDIR)
+CFLAGS += -iquote $(SGXUNTRUSTEDDIR)
 CFLAGS += -iquote $(HALINCDIR)
 CFLAGS += -iquote $(HALSGXSRCDIR)
 CFLAGS += -iquote $(POWHSMSRCDIR)
 CFLAGS += -iquote $(COMMONDIR)
 CFLAGS += -DHSM_PLATFORM_SGX
 
-VPATH += $(SGXTRUSTEDDIR):$(COMMONDIR)
+VPATH += $(SGXTRUSTEDDIR):$(SGXUNTRUSTEDDIR):$(COMMONDIR)
 
 include ../../../../coverage/coverage.mk
 

diff --git a/firmware/src/sgx/test/keyvalue_store/Makefile b/firmware/src/sgx/test/keyvalue_store/Makefile
@@ -0,0 +1,38 @@
+# The MIT License (MIT)
+#
+# Copyright (c) 2021 RSK Labs Ltd
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy of
+# this software and associated documentation files (the "Software"), to deal in
+# the Software without restriction, including without limitation the rights to
+# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
+# of the Software, and to permit persons to whom the Software is furnished to do
+# so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in all
+# copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+
+include ../common/common.mk
+
+PROG = test.out
+OBJS = keyvalue_store.o test_keyvalue_store.o log.o
+
+all: $(PROG)
+
+$(PROG): $(OBJS)
+	$(CC) $(COVFLAGS) -o $@ $^
+
+.PHONY: clean test
+clean:
+	rm -f $(PROG) *.o *.dat $(COVFILES)
+
+test: all
+	./$(PROG)