154aa6d63Sopenharmony_ci/*
254aa6d63Sopenharmony_ci * Copyright (c) 2024-2024 Huawei Device Co., Ltd.
354aa6d63Sopenharmony_ci * Licensed under the Apache License, Version 2.0 (the "License");
454aa6d63Sopenharmony_ci * you may not use this file except in compliance with the License.
554aa6d63Sopenharmony_ci * You may obtain a copy of the License at
654aa6d63Sopenharmony_ci *
754aa6d63Sopenharmony_ci *     http://www.apache.org/licenses/LICENSE-2.0
854aa6d63Sopenharmony_ci *
954aa6d63Sopenharmony_ci * Unless required by applicable law or agreed to in writing, software
1054aa6d63Sopenharmony_ci * distributed under the License is distributed on an "AS IS" BASIS,
1154aa6d63Sopenharmony_ci * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
1254aa6d63Sopenharmony_ci * See the License for the specific language governing permissions and
1354aa6d63Sopenharmony_ci * limitations under the License.
1454aa6d63Sopenharmony_ci */
1554aa6d63Sopenharmony_ci#include "profile_sign_tool.h"
1654aa6d63Sopenharmony_ci#include "signer_factory.h"
1754aa6d63Sopenharmony_ci#include "local_signer.h"
1854aa6d63Sopenharmony_ci#include "localization_adapter.h"
1954aa6d63Sopenharmony_ci#include "file_utils.h"
2054aa6d63Sopenharmony_ci#include "pkcs7_data.h"
2154aa6d63Sopenharmony_ci#include "verify_hap_openssl_utils.h"
2254aa6d63Sopenharmony_ci#include "signature_tools_errno.h"
2354aa6d63Sopenharmony_ci
2454aa6d63Sopenharmony_cinamespace OHOS {
2554aa6d63Sopenharmony_cinamespace SignatureTools {
2654aa6d63Sopenharmony_ci
2754aa6d63Sopenharmony_ciint ProfileSignTool::GenerateP7b(LocalizationAdapter& adapter, const std::string& content, std::string& ret)
2854aa6d63Sopenharmony_ci{
2954aa6d63Sopenharmony_ci    std::unique_ptr<SignerFactory> signerFactory = std::make_unique<SignerFactory>();
3054aa6d63Sopenharmony_ci    int result = RET_OK;
3154aa6d63Sopenharmony_ci    if (signerFactory == NULL) {
3254aa6d63Sopenharmony_ci        PrintErrorNumberMsg("INVALIDPARAM_ERROR", INVALIDPARAM_ERROR,
3354aa6d63Sopenharmony_ci                            "signerFactory is NULL, create signerFactor failed");
3454aa6d63Sopenharmony_ci        return INVALIDPARAM_ERROR;
3554aa6d63Sopenharmony_ci    }
3654aa6d63Sopenharmony_ci    std::shared_ptr<Signer> signer(signerFactory->GetSigner(adapter));
3754aa6d63Sopenharmony_ci    if (signer == NULL) {
3854aa6d63Sopenharmony_ci        SIGNATURE_TOOLS_LOGE("signer is NULL, get signer failed");
3954aa6d63Sopenharmony_ci        return INVALIDPARAM_ERROR;
4054aa6d63Sopenharmony_ci    }
4154aa6d63Sopenharmony_ci    const std::string sigAlg = adapter.GetSignAlg();
4254aa6d63Sopenharmony_ci    // ret is the generated p7b data
4354aa6d63Sopenharmony_ci    result = SignProfile(content, signer, sigAlg, ret) < 0;
4454aa6d63Sopenharmony_ci    if (result < 0) {
4554aa6d63Sopenharmony_ci        SIGNATURE_TOOLS_LOGE("generate p7b failed");
4654aa6d63Sopenharmony_ci        return SIGN_ERROR;
4754aa6d63Sopenharmony_ci    }
4854aa6d63Sopenharmony_ci    PKCS7Data p7Data;
4954aa6d63Sopenharmony_ci    result = p7Data.Parse(ret);
5054aa6d63Sopenharmony_ci    if (result < 0) {
5154aa6d63Sopenharmony_ci        SIGNATURE_TOOLS_LOGE("parse p7b failed");
5254aa6d63Sopenharmony_ci        return PARSE_ERROR;
5354aa6d63Sopenharmony_ci    }
5454aa6d63Sopenharmony_ci    result = p7Data.Verify();
5554aa6d63Sopenharmony_ci    if (result < 0) {
5654aa6d63Sopenharmony_ci        SIGNATURE_TOOLS_LOGE("verify p7b failed");
5754aa6d63Sopenharmony_ci        return VERIFY_ERROR;
5854aa6d63Sopenharmony_ci    }
5954aa6d63Sopenharmony_ci    return result;
6054aa6d63Sopenharmony_ci}
6154aa6d63Sopenharmony_ci/**
6254aa6d63Sopenharmony_ci* @param content content to sign
6354aa6d63Sopenharmony_ci* @param signer signer
6454aa6d63Sopenharmony_ci* @param sigAlg sign algorithm  only SHAwith256 or SHAwith384
6554aa6d63Sopenharmony_ci* @param ret signed data
6654aa6d63Sopenharmony_ci* @return 0:success <0:error
6754aa6d63Sopenharmony_ci*/
6854aa6d63Sopenharmony_ciint ProfileSignTool::SignProfile(const std::string& content, const std::shared_ptr<Signer>& signer,
6954aa6d63Sopenharmony_ci                                 const std::string& sigAlg, std::string& ret)
7054aa6d63Sopenharmony_ci{
7154aa6d63Sopenharmony_ci    PKCS7Data p7Data;
7254aa6d63Sopenharmony_ci    int result = RET_OK;
7354aa6d63Sopenharmony_ci    result = p7Data.Sign(content, signer, sigAlg, ret);
7454aa6d63Sopenharmony_ci    if (result < 0) {
7554aa6d63Sopenharmony_ci        SIGNATURE_TOOLS_LOGE("SignProfile faild!");
7654aa6d63Sopenharmony_ci        return SIGN_ERROR;
7754aa6d63Sopenharmony_ci    }
7854aa6d63Sopenharmony_ci    return result;
7954aa6d63Sopenharmony_ci}
8054aa6d63Sopenharmony_ci} // namespace SignatureTools
8154aa6d63Sopenharmony_ci} // namespace OHOS