154aa6d63Sopenharmony_ci/*
254aa6d63Sopenharmony_ci * Copyright (c) 2024-2024 Huawei Device Co., Ltd.
354aa6d63Sopenharmony_ci * Licensed under the Apache License, Version 2.0 (the "License");
454aa6d63Sopenharmony_ci * you may not use this file except in compliance with the License.
554aa6d63Sopenharmony_ci * You may obtain a copy of the License at
654aa6d63Sopenharmony_ci *
754aa6d63Sopenharmony_ci *     http://www.apache.org/licenses/LICENSE-2.0
854aa6d63Sopenharmony_ci *
954aa6d63Sopenharmony_ci * Unless required by applicable law or agreed to in writing, software
1054aa6d63Sopenharmony_ci * distributed under the License is distributed on an "AS IS" BASIS,
1154aa6d63Sopenharmony_ci * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
1254aa6d63Sopenharmony_ci * See the License for the specific language governing permissions and
1354aa6d63Sopenharmony_ci * limitations under the License.
1454aa6d63Sopenharmony_ci */
1554aa6d63Sopenharmony_ci#ifndef SIGNATRUETOOLS_CERT_TOOLS_H
1654aa6d63Sopenharmony_ci#define SIGNATRUETOOLS_CERT_TOOLS_H
1754aa6d63Sopenharmony_ci#include <string>
1854aa6d63Sopenharmony_ci
1954aa6d63Sopenharmony_ci#include "cert_dn_utils.h"
2054aa6d63Sopenharmony_ci#include "openssl/x509v3.h"
2154aa6d63Sopenharmony_ci#include "openssl/rand.h"
2254aa6d63Sopenharmony_ci#include "localization_adapter.h"
2354aa6d63Sopenharmony_ci#include "securec.h"
2454aa6d63Sopenharmony_ci
2554aa6d63Sopenharmony_cinamespace OHOS {
2654aa6d63Sopenharmony_cinamespace SignatureTools {
2754aa6d63Sopenharmony_ci
2854aa6d63Sopenharmony_ciclass CertTools {
2954aa6d63Sopenharmony_cipublic:
3054aa6d63Sopenharmony_ci    static X509* GenerateRootCertificate(EVP_PKEY* keyPair, X509_REQ* certReq, Options* options);
3154aa6d63Sopenharmony_ci    static X509* GenerateSubCert(EVP_PKEY* keyPair, X509_REQ* certReq, Options* options);
3254aa6d63Sopenharmony_ci    static X509* GenerateCert(EVP_PKEY* keyPair, X509_REQ* certReq, Options* options);
3354aa6d63Sopenharmony_ci    static bool SaveCertTofile(const std::string& filename, X509* cert);
3454aa6d63Sopenharmony_ci    static X509_REQ* GenerateCsr(EVP_PKEY* evpPkey, std::string signAlgorithm, std::string subject);
3554aa6d63Sopenharmony_ci    static X509* SignCsrGenerateCert(X509_REQ* rootcsr, X509_REQ* subcsr,
3654aa6d63Sopenharmony_ci                                     EVP_PKEY* keyPair, Options* options);
3754aa6d63Sopenharmony_ci    static std::string CsrToString(X509_REQ* csr);
3854aa6d63Sopenharmony_ci    static X509* GenerateEndCert(X509_REQ* csr, EVP_PKEY* issuerKeyPair,
3954aa6d63Sopenharmony_ci                                 LocalizationAdapter& adapter,
4054aa6d63Sopenharmony_ci                                 const char signCapacity[], int capacityLen);
4154aa6d63Sopenharmony_ci    static X509* ReadfileToX509(const std::string& filename);
4254aa6d63Sopenharmony_ci    static bool SetBisicConstraints(Options* options, X509* cert);
4354aa6d63Sopenharmony_ci    static bool SetBisicConstraintsPathLen(Options* options, X509* cert);
4454aa6d63Sopenharmony_ci    static bool SetSubjectForCert(X509_REQ* certReq, X509* cert);
4554aa6d63Sopenharmony_ci    static bool SignForSubCert(X509* cert, X509_REQ* csr, X509_REQ* caReq,
4654aa6d63Sopenharmony_ci                               EVP_PKEY* caPrikey, Options* options);
4754aa6d63Sopenharmony_ci    static bool SetKeyUsage(X509* cert, Options* options);
4854aa6d63Sopenharmony_ci    static bool SetkeyUsageExt(X509* cert, Options* options);
4954aa6d63Sopenharmony_ci    static bool SetCertValidity(X509* cert, int validity);
5054aa6d63Sopenharmony_ci    static bool SerialNumberBuilder(uint8_t* serialNum, int length);
5154aa6d63Sopenharmony_ci    static bool SetCertVersion(X509* cert, int versionNum);
5254aa6d63Sopenharmony_ci    static bool SetCertSerialNum(X509* cert);
5354aa6d63Sopenharmony_ci    static bool SetCertIssuerName(X509* cert, X509_NAME* issuer);
5454aa6d63Sopenharmony_ci    static bool SetCertSubjectName(X509* cert, X509_REQ* subjectCsr);
5554aa6d63Sopenharmony_ci    static bool SetCertValidityStartAndEnd(X509* cert, long vilidityStart, long vilidityEnd);
5654aa6d63Sopenharmony_ci    static bool SetCertPublickKey(X509* cert, X509_REQ* subjectCsr);
5754aa6d63Sopenharmony_ci    static bool SetBasicExt(X509* cert);
5854aa6d63Sopenharmony_ci    static bool SetkeyUsageExt(X509* cert);
5954aa6d63Sopenharmony_ci    static bool SetKeyUsageEndExt(X509* cert);
6054aa6d63Sopenharmony_ci    static bool SetKeyIdentifierExt(X509* cert);
6154aa6d63Sopenharmony_ci    static bool SetAuthorizeKeyIdentifierExt(X509* cert);
6254aa6d63Sopenharmony_ci    static bool SetSignCapacityExt(X509* cert, const char signCapacity[], int capacityLen);
6354aa6d63Sopenharmony_ci    static bool SignCert(X509* cert, EVP_PKEY* privateKey, std::string signAlg);
6454aa6d63Sopenharmony_ci    static bool SetExpandedInformation(X509* cert, Options* options);
6554aa6d63Sopenharmony_ci    static bool SetPubkeyAndSignCert(X509* cert, X509_REQ* issuercsr,
6654aa6d63Sopenharmony_ci                                     X509_REQ* certReq, EVP_PKEY* keyPair, Options* options);
6754aa6d63Sopenharmony_ci    static bool String2Bool(Options* options, const std::string& option);
6854aa6d63Sopenharmony_ci    CertTools() = default;
6954aa6d63Sopenharmony_ci    ~CertTools() = default;
7054aa6d63Sopenharmony_ci};
7154aa6d63Sopenharmony_ci} // namespace SignatureTools
7254aa6d63Sopenharmony_ci} // namespace OHOS
7354aa6d63Sopenharmony_ci#endif // SIGNATRUETOOLS_CERT_TOOLS_H
74