154aa6d63Sopenharmony_ci/*
254aa6d63Sopenharmony_ci * Copyright (c) 2024-2024 Huawei Device Co., Ltd.
354aa6d63Sopenharmony_ci * Licensed under the Apache License, Version 2.0 (the "License");
454aa6d63Sopenharmony_ci * you may not use this file except in compliance with the License.
554aa6d63Sopenharmony_ci * You may obtain a copy of the License at
654aa6d63Sopenharmony_ci *
754aa6d63Sopenharmony_ci *     http://www.apache.org/licenses/LICENSE-2.0
854aa6d63Sopenharmony_ci *
954aa6d63Sopenharmony_ci * Unless required by applicable law or agreed to in writing, software
1054aa6d63Sopenharmony_ci * distributed under the License is distributed on an "AS IS" BASIS,
1154aa6d63Sopenharmony_ci * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
1254aa6d63Sopenharmony_ci * See the License for the specific language governing permissions and
1354aa6d63Sopenharmony_ci * limitations under the License.
1454aa6d63Sopenharmony_ci */
1554aa6d63Sopenharmony_ci#include "remote_sign_provider.h"
1654aa6d63Sopenharmony_ci
1754aa6d63Sopenharmony_cinamespace OHOS {
1854aa6d63Sopenharmony_cinamespace SignatureTools {
1954aa6d63Sopenharmony_ci//void* RemoteSignProvider::handle = nullptr;
2054aa6d63Sopenharmony_ci// RemoteSignProvider::~RemoteSignProvider()
2154aa6d63Sopenharmony_ci// {
2254aa6d63Sopenharmony_ci//     if (handle) {
2354aa6d63Sopenharmony_ci//         if (dlclose(handle) != 0) {
2454aa6d63Sopenharmony_ci//             SIGNATURE_TOOLS_LOGE("dlclose() %s", dlerror());
2554aa6d63Sopenharmony_ci//         }
2654aa6d63Sopenharmony_ci//     }
2754aa6d63Sopenharmony_ci// }
2854aa6d63Sopenharmony_ci
2954aa6d63Sopenharmony_cibool RemoteSignProvider::CheckParams(Options* options)
3054aa6d63Sopenharmony_ci{
3154aa6d63Sopenharmony_ci    if (!SignProvider::CheckParams(options)) {
3254aa6d63Sopenharmony_ci        SIGNATURE_TOOLS_LOGE("SignProvider::Parameter check failed !");
3354aa6d63Sopenharmony_ci        return false;
3454aa6d63Sopenharmony_ci    }
3554aa6d63Sopenharmony_ci    // The following code is for reference only.
3654aa6d63Sopenharmony_ci    std::vector<std::string> paramFileds;
3754aa6d63Sopenharmony_ci    paramFileds.emplace_back(ParamConstants::PARAM_REMOTE_SERVER);
3854aa6d63Sopenharmony_ci    paramFileds.emplace_back(ParamConstants::PARAM_REMOTE_USERNAME);
3954aa6d63Sopenharmony_ci    paramFileds.emplace_back(ParamConstants::PARAM_REMOTE_USERPWD);
4054aa6d63Sopenharmony_ci    paramFileds.emplace_back(ParamConstants::PARAM_REMOTE_ONLINEAUTHMODE);
4154aa6d63Sopenharmony_ci    paramFileds.emplace_back(ParamConstants::PARAM_REMOTE_SIGNERPLUGIN);
4254aa6d63Sopenharmony_ci    std::unordered_set<std::string> paramSet = Params::InitParamField(paramFileds);
4354aa6d63Sopenharmony_ci    for (auto it = options->begin(); it != options->end(); it++) {
4454aa6d63Sopenharmony_ci        if (paramSet.find(it->first) != paramSet.end()) {
4554aa6d63Sopenharmony_ci            size_t size = it->first.size();
4654aa6d63Sopenharmony_ci            std::string str = it->first.substr(size - 3);
4754aa6d63Sopenharmony_ci            if (str == "Pwd") {
4854aa6d63Sopenharmony_ci                signParams.insert(std::make_pair(it->first, ""));
4954aa6d63Sopenharmony_ci            } else {
5054aa6d63Sopenharmony_ci                signParams.insert(std::make_pair(it->first, options->GetString(it->first)));
5154aa6d63Sopenharmony_ci            }
5254aa6d63Sopenharmony_ci        }
5354aa6d63Sopenharmony_ci    }
5454aa6d63Sopenharmony_ci    for (const auto& param : paramFileds) {
5554aa6d63Sopenharmony_ci        if (signParams.find(param) == signParams.end()) {
5654aa6d63Sopenharmony_ci            PrintErrorNumberMsg("COMMAND_PARAM_ERROR", COMMAND_PARAM_ERROR,
5754aa6d63Sopenharmony_ci                                "Missing parameter:" + param);
5854aa6d63Sopenharmony_ci            return false;
5954aa6d63Sopenharmony_ci        }
6054aa6d63Sopenharmony_ci    }
6154aa6d63Sopenharmony_ci    return true;
6254aa6d63Sopenharmony_ci}
6354aa6d63Sopenharmony_ci
6454aa6d63Sopenharmony_cibool RemoteSignProvider::CheckInputCertMatchWithProfile(X509* inputCert, X509* certInProfile) const
6554aa6d63Sopenharmony_ci{
6654aa6d63Sopenharmony_ci    bool ret = true;
6754aa6d63Sopenharmony_ci    if (inputCert == nullptr || certInProfile == nullptr) {
6854aa6d63Sopenharmony_ci        PrintErrorNumberMsg("CERTIFICATE_ERROR", CERTIFICATE_ERROR,
6954aa6d63Sopenharmony_ci                            "The certificate is empty");
7054aa6d63Sopenharmony_ci        return false;
7154aa6d63Sopenharmony_ci    }
7254aa6d63Sopenharmony_ci    X509_NAME* subject1 = X509_get_subject_name(inputCert);
7354aa6d63Sopenharmony_ci    X509_NAME* subject2 = X509_get_subject_name(certInProfile);
7454aa6d63Sopenharmony_ci    if (X509_NAME_cmp(subject1, subject2) != 0) {
7554aa6d63Sopenharmony_ci        PrintErrorNumberMsg("CERTIFICATE_ERROR", CERTIFICATE_ERROR,
7654aa6d63Sopenharmony_ci                            "The subject does not match!");
7754aa6d63Sopenharmony_ci        return false;
7854aa6d63Sopenharmony_ci    }
7954aa6d63Sopenharmony_ci    X509_NAME* issuer1 = X509_get_issuer_name(inputCert);
8054aa6d63Sopenharmony_ci    X509_NAME* issuer2 = X509_get_issuer_name(certInProfile);
8154aa6d63Sopenharmony_ci    if (X509_NAME_cmp(issuer1, issuer2) != 0) {
8254aa6d63Sopenharmony_ci        PrintErrorNumberMsg("CERTIFICATE_ERROR", CERTIFICATE_ERROR,
8354aa6d63Sopenharmony_ci                            "The issuer name does not match!");
8454aa6d63Sopenharmony_ci        return false;
8554aa6d63Sopenharmony_ci    }
8654aa6d63Sopenharmony_ci    ASN1_INTEGER* serial1 = X509_get_serialNumber(inputCert);
8754aa6d63Sopenharmony_ci    ASN1_INTEGER* serial2 = X509_get_serialNumber(certInProfile);
8854aa6d63Sopenharmony_ci    if (ASN1_INTEGER_cmp(serial1, serial2) != 0) {
8954aa6d63Sopenharmony_ci        PrintErrorNumberMsg("CERTIFICATE_ERROR", CERTIFICATE_ERROR,
9054aa6d63Sopenharmony_ci                            "serial number does not match!");
9154aa6d63Sopenharmony_ci        return false;
9254aa6d63Sopenharmony_ci    }
9354aa6d63Sopenharmony_ci    EVP_PKEY* pkey1 = X509_get_pubkey(inputCert);
9454aa6d63Sopenharmony_ci    EVP_PKEY* pkey2 = X509_get_pubkey(certInProfile);
9554aa6d63Sopenharmony_ci    if (pkey1 && pkey2 && EVP_PKEY_cmp(pkey1, pkey2) != 1) {
9654aa6d63Sopenharmony_ci        EVP_PKEY_free(pkey1);
9754aa6d63Sopenharmony_ci        EVP_PKEY_free(pkey2);
9854aa6d63Sopenharmony_ci        PrintErrorNumberMsg("CERTIFICATE_ERROR", CERTIFICATE_ERROR,
9954aa6d63Sopenharmony_ci                            "The public key does not match!");
10054aa6d63Sopenharmony_ci        return false;
10154aa6d63Sopenharmony_ci    }
10254aa6d63Sopenharmony_ci    if (!pkey1 || !pkey2) {
10354aa6d63Sopenharmony_ci        PrintErrorNumberMsg("CERTIFICATE_ERROR", CERTIFICATE_ERROR,
10454aa6d63Sopenharmony_ci                            "The public key is null!");
10554aa6d63Sopenharmony_ci        ret = false;
10654aa6d63Sopenharmony_ci    }
10754aa6d63Sopenharmony_ci    if (pkey1) EVP_PKEY_free(pkey1);
10854aa6d63Sopenharmony_ci    if (pkey2) EVP_PKEY_free(pkey2);
10954aa6d63Sopenharmony_ci    return ret;
11054aa6d63Sopenharmony_ci}
11154aa6d63Sopenharmony_ci} // namespace SignatureTools
11254aa6d63Sopenharmony_ci} // namespace OHOS