1 /* 2 * Copyright (c) 2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef CERT_VERIFY_H 17 #define CERT_VERIFY_H 18 19 #include <memory> 20 #include <string> 21 #include <openssl/x509.h> 22 #include "macros.h" 23 24 namespace Hpackage { 25 struct CertInfo { 26 X509 *rootCert = nullptr; 27 std::string subject {}; 28 std::string issuer {}; 29 }; 30 31 class CertHelper { 32 public: 33 virtual int32_t CertChainCheck(STACK_OF(X509) *certStack, X509 *cert) = 0; 34 virtual int32_t Init(); ~CertHelper()35 virtual ~CertHelper() {} 36 }; 37 38 class CertVerify { 39 DISALLOW_COPY_MOVE(CertVerify); 40 public: 41 void RegisterCertHelper(std::unique_ptr<CertHelper> ptr); 42 static CertVerify &GetInstance(); 43 int32_t Init(); 44 int32_t CheckCertChain(STACK_OF(X509) *certStack, X509 *cert); 45 46 private: 47 CertVerify() = default; 48 ~CertVerify() = default; 49 std::unique_ptr<CertHelper> helper_ {}; 50 }; 51 52 class SingleCertHelper : public CertHelper { 53 public: 54 SingleCertHelper() = default; 55 virtual ~SingleCertHelper(); 56 57 int32_t Init() override; 58 int32_t CertChainCheck(STACK_OF(X509) *certStack, X509 *cert) override; 59 60 private: 61 int32_t InitRootCert(); 62 int32_t VerifySingleCert(X509 *cert); 63 int32_t CompareCertSubjectAndIssuer(X509 *cert); 64 CertInfo rootInfo_ {}; 65 }; 66 } // namespace Hpackage 67 68 #endif 69