1/*
2 * Copyright (c) 2024-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 *     http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15#ifndef SIGNATRUETOOLS_VERIFY_OPENSSL_UTILS_H
16#define SIGNATRUETOOLS_VERIFY_OPENSSL_UTILS_H
17#include <string>
18#include <vector>
19
20#include "pkcs7_context.h"
21#include "signature_info.h"
22#include "export_define.h"
23#include "byte_buffer.h"
24#include "openssl/evp.h"
25#include "openssl/ossl_typ.h"
26#include "openssl/pkcs7.h"
27#include "openssl/safestack.h"
28#include "digest_parameter.h"
29#include "verify_cert_openssl_utils.h"
30
31namespace OHOS {
32namespace SignatureTools {
33
34class VerifyHapOpensslUtils {
35public:
36    VerifyHapOpensslUtils() = delete;
37    DLL_EXPORT static bool ParsePkcs7Package(const unsigned char packageData[],
38                                             uint32_t packageLen, Pkcs7Context& pkcs7Context);
39    DLL_EXPORT static bool GetCertChains(PKCS7* p7, Pkcs7Context& pkcs7Context);
40
41    DLL_EXPORT static bool GetCrlStack(PKCS7* p7, STACK_OF(X509_CRL)* x509Crl);
42    DLL_EXPORT static bool VerifyPkcs7(Pkcs7Context& pkcs7Context);
43
44    static void GetOpensslErrorMessage();
45
46private:
47    DLL_EXPORT static bool VerifyPkcs7SignedData(Pkcs7Context& pkcs7Context);
48    DLL_EXPORT static bool VerifySignInfo(STACK_OF(PKCS7_SIGNER_INFO)* signerInfoStack,
49                                          BIO* p7Bio, int32_t signInfoNum, Pkcs7Context& pkcs7Context);
50    static bool VerifyCertChain(CertChain& certsChain, PKCS7* p7, PKCS7_SIGNER_INFO* signInfo,
51                                Pkcs7Context& pkcs7Context, CertSign& certVisitSign);
52    static bool GetContentInfo(const PKCS7* p7ContentInfo, ByteBuffer& content);
53    static bool CheckPkcs7SignedDataIsValid(const PKCS7* p7);
54
55    static const int32_t OPENSSL_PKCS7_VERIFY_SUCCESS;
56    static const int32_t OPENSSL_ERR_MESSAGE_MAX_LEN;
57    static const int32_t OPENSSL_READ_DATA_MAX_TIME;
58    static const int32_t OPENSSL_READ_DATA_LEN_EACH_TIME;
59    static const int32_t MAX_OID_LENGTH;
60    static const std::string PKCS7_EXT_SHAWITHRSA_PSS;
61};
62} // namespace SignatureTools
63} // namespace OHOS
64#endif // SIGNATRUETOOLS_VERIFY_OPENSSL_UTILS_H
65