1 /* 2 * Copyright (c) 2021-2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 package com.ohos.hapsigntool.utils; 17 18 import org.apache.logging.log4j.LogManager; 19 import org.apache.logging.log4j.Logger; 20 21 import java.io.ByteArrayInputStream; 22 import java.io.UnsupportedEncodingException; 23 import java.security.MessageDigest; 24 import java.security.NoSuchAlgorithmException; 25 import java.security.cert.CRL; 26 import java.security.cert.CRLException; 27 import java.security.cert.Certificate; 28 import java.security.cert.CertificateException; 29 import java.security.cert.CertificateFactory; 30 import java.security.cert.X509CRL; 31 import java.security.cert.X509Certificate; 32 import java.util.Base64; 33 34 /** 35 * Digest util class 36 * 37 * @since 2021-12-13 38 */ 39 public class DigestUtils { 40 /** 41 * Constructor of Method 42 */ DigestUtils()43 private DigestUtils() { 44 } 45 46 private static final Logger LOGGER = LogManager.getLogger(DigestUtils.class); 47 48 /** 49 * digest the inputContent with SHA-256 50 * 51 * @param inputContentArray input Content Array 52 * @return the result of digest with SHA-256 53 */ sha256Digest(byte[] inputContentArray)54 public static byte[] sha256Digest(byte[] inputContentArray) { 55 byte[] sha2Array = null; 56 try { 57 MessageDigest md = MessageDigest.getInstance("SHA-256"); 58 md.update(inputContentArray); 59 sha2Array = md.digest(); 60 } catch (NoSuchAlgorithmException e) { 61 LOGGER.error("don't has SHA-256 Algorithm"); 62 } 63 return sha2Array; 64 } 65 66 /** 67 * digest the inputContent with SHA-384 68 * 69 * @param inputContentArray input Content Array 70 * @return the result of digest with SHA-384 71 */ sha384Digest(byte[] inputContentArray)72 public static byte[] sha384Digest(byte[] inputContentArray) { 73 byte[] sha2Array = null; 74 try { 75 MessageDigest md = MessageDigest.getInstance("SHA-384"); 76 md.update(inputContentArray); 77 sha2Array = md.digest(); 78 } catch (NoSuchAlgorithmException e) { 79 LOGGER.error("don't has SHA-384 Algorithm"); 80 } 81 return sha2Array; 82 } 83 84 /** 85 * digest the inputContent with SHA-512 86 * 87 * @param inputContentArray input Content Array 88 * @return the result of digest with SHA-512 89 */ sha512Digest(byte[] inputContentArray)90 public static byte[] sha512Digest(byte[] inputContentArray) { 91 byte[] sha2Array = null; 92 try { 93 MessageDigest md = MessageDigest.getInstance("SHA-512"); 94 md.update(inputContentArray); 95 sha2Array = md.digest(); 96 } catch (NoSuchAlgorithmException e) { 97 LOGGER.error("don't has SHA-512 Algorithm"); 98 } 99 return sha2Array; 100 } 101 102 /** 103 * Transform a string of certificate with base64 encoded to an object of X509Certificate. 104 * 105 * @param encodeString string of certificate with base64 encoded 106 * @return object of X509Certificate 107 */ decodeBase64ToX509Certifate(String encodeString)108 public static X509Certificate decodeBase64ToX509Certifate(String encodeString) { 109 String header = "-----BEGIN CERTIFICATE-----\n"; 110 String tail = "-----END CERTIFICATE-----\n"; 111 byte[] certificateDatas = null; 112 X509Certificate x509Certificate = null; 113 try { 114 CertificateFactory cf = CertificateFactory.getInstance("X.509"); 115 if (encodeString.startsWith(header) && encodeString.endsWith(tail)) { 116 certificateDatas = encodeString.getBytes("UTF-8"); 117 } else { 118 certificateDatas = Base64.getUrlDecoder().decode(encodeString); 119 } 120 121 Certificate obj = cf.generateCertificate(new ByteArrayInputStream(certificateDatas)); 122 if (!(obj instanceof X509Certificate)) { 123 LOGGER.error("generateCertificate is not x509"); 124 return x509Certificate; 125 } 126 x509Certificate = (X509Certificate)obj; 127 } catch (UnsupportedEncodingException | CertificateException e) { 128 LOGGER.error("Decode Base64 certificate failed!", e); 129 } 130 return x509Certificate; 131 } 132 133 /** 134 * Get an object of x509CRL from a string of certificate with base64 encoded 135 * 136 * @param encodeString string of certificate with base64 encoded 137 * @return an object of x509CRL 138 */ decodeBase64ToX509CRL(String encodeString)139 public static X509CRL decodeBase64ToX509CRL(String encodeString) { 140 byte[] certificateDatas = Base64.getUrlDecoder().decode(encodeString); 141 142 X509CRL x509CRL = null; 143 try { 144 CertificateFactory cf = CertificateFactory.getInstance("X.509"); 145 CRL obj = cf.generateCRL(new ByteArrayInputStream(certificateDatas)); 146 if (!(obj instanceof X509CRL)) { 147 LOGGER.error("generateCRL is not x509"); 148 return x509CRL; 149 } 150 x509CRL = (X509CRL)obj; 151 } catch (CertificateException | CRLException e) { 152 LOGGER.error("Decode Base64 crl failed!"); 153 } 154 return x509CRL; 155 } 156 } 157