1 /*
2  * Copyright (c) 2024-2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 #include "profile_sign_tool.h"
16 #include "signer_factory.h"
17 #include "local_signer.h"
18 #include "localization_adapter.h"
19 #include "file_utils.h"
20 #include "pkcs7_data.h"
21 #include "verify_hap_openssl_utils.h"
22 #include "signature_tools_errno.h"
23 
24 namespace OHOS {
25 namespace SignatureTools {
26 
GenerateP7b(LocalizationAdapter& adapter, const std::string& content, std::string& ret)27 int ProfileSignTool::GenerateP7b(LocalizationAdapter& adapter, const std::string& content, std::string& ret)
28 {
29     std::unique_ptr<SignerFactory> signerFactory = std::make_unique<SignerFactory>();
30     int result = RET_OK;
31     if (signerFactory == NULL) {
32         PrintErrorNumberMsg("INVALIDPARAM_ERROR", INVALIDPARAM_ERROR,
33                             "signerFactory is NULL, create signerFactor failed");
34         return INVALIDPARAM_ERROR;
35     }
36     std::shared_ptr<Signer> signer(signerFactory->GetSigner(adapter));
37     if (signer == NULL) {
38         SIGNATURE_TOOLS_LOGE("signer is NULL, get signer failed");
39         return INVALIDPARAM_ERROR;
40     }
41     const std::string sigAlg = adapter.GetSignAlg();
42     // ret is the generated p7b data
43     result = SignProfile(content, signer, sigAlg, ret) < 0;
44     if (result < 0) {
45         SIGNATURE_TOOLS_LOGE("generate p7b failed");
46         return SIGN_ERROR;
47     }
48     PKCS7Data p7Data;
49     result = p7Data.Parse(ret);
50     if (result < 0) {
51         SIGNATURE_TOOLS_LOGE("parse p7b failed");
52         return PARSE_ERROR;
53     }
54     result = p7Data.Verify();
55     if (result < 0) {
56         SIGNATURE_TOOLS_LOGE("verify p7b failed");
57         return VERIFY_ERROR;
58     }
59     return result;
60 }
61 /**
62 * @param content content to sign
63 * @param signer signer
64 * @param sigAlg sign algorithm  only SHAwith256 or SHAwith384
65 * @param ret signed data
66 * @return 0:success <0:error
67 */
68 int ProfileSignTool::SignProfile(const std::string& content, const std::shared_ptr<Signer>& signer,
69                                  const std::string& sigAlg, std::string& ret)
70 {
71     PKCS7Data p7Data;
72     int result = RET_OK;
73     result = p7Data.Sign(content, signer, sigAlg, ret);
74     if (result < 0) {
75         SIGNATURE_TOOLS_LOGE("SignProfile faild!");
76         return SIGN_ERROR;
77     }
78     return result;
79 }
80 } // namespace SignatureTools
81 } // namespace OHOS