1/*
2 * Copyright (c) 2024-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 *     http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15#include "cert_dn_utils.h"
16#include "signature_tools_errno.h"
17#include "constant.h"
18
19namespace OHOS {
20namespace SignatureTools {
21
22int g_checkDn(const std::string &nameString, std::vector<pair<std::string, std::string>>& pairs)
23{
24    if (nameString.size() == 0) {
25        return FORMAT_ERROR;
26    }
27    std::vector<std::string> tokens = StringUtils::SplitString(nameString.c_str(), ',');
28    for (std::string &pair : tokens) {
29        if (StringUtils::Trim(pair).size() == 0) {
30            return FORMAT_ERROR;
31        }
32        std::vector<std::string> kvPair = StringUtils::SplitString(pair, '=');
33        if (kvPair.size() != DEFAULT_CERT_VERSION) {
34            return FORMAT_ERROR;
35        }
36        kvPair[0] = StringUtils::Trim(kvPair[0]);
37        kvPair[1] = StringUtils::Trim(kvPair[1]);
38        if (kvPair[1].size() == 0) {
39            return FORMAT_ERROR;
40        }
41        pairs.push_back({kvPair[0], kvPair[1]});
42    }
43    return 0;
44}
45
46X509_NAME* BuildDN(const std::string &nameString, X509_REQ* req)
47{
48    std::vector<pair<std::string, std::string>> pairs;
49    std::ostringstream oss;
50    oss << "Format error, must be \"X=xx,XX=xxx,...\". "
51        "Subject does not support either of key-value that contains commas or equal signs. "
52        "Please check: \"" << nameString << "\"";
53    int ret = g_checkDn(nameString, pairs);
54    if (ret == FORMAT_ERROR) {
55        PrintErrorNumberMsg("FORMAT_ERROR", FORMAT_ERROR,
56                            oss.str().c_str());
57        return nullptr;
58    }
59    X509_NAME* subject = nullptr;
60    subject = X509_REQ_get_subject_name(req);
61    if (!subject) {
62        SIGNATURE_TOOLS_LOGE("X509_NAME get failed !");
63        return nullptr;
64    }
65    for (auto idx = pairs.cbegin(); idx != pairs.cend(); idx++) {
66        if (OBJ_txt2nid(idx->first.c_str()) == NID_undef) {
67            PrintErrorNumberMsg("COMMAND_PARAM_ERROR", COMMAND_PARAM_ERROR,
68                                "Error params near:" + nameString + " Reason: Unknown object id - " + idx->first +
69                                " - passed to distinguished name");
70            return nullptr;
71        }
72        X509_NAME_add_entry_by_txt(subject, idx->first.c_str(), MBSTRING_ASC,
73                                   (const unsigned char*)idx->second.c_str(), -1, -1, 0);
74    }
75    return subject;
76}
77} // namespace SignatureTools
78} // namespace OHOS