• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2023 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "openssl_utils.h"
17 #include "openssl/err.h"
18 #include "log.h"
19 
20 namespace OHOS {
21 namespace Security {
22 namespace CodeSign {
23 constexpr int OPENSSL_ERR_MESSAGE_MAX_LEN = 1024;
24 
ErrLogWithOpenSSLMsg(const char * msg)25 void ErrLogWithOpenSSLMsg(const char *msg)
26 {
27     LOG_ERROR(LABEL, "%{public}s", msg);
28     GetOpensslErrorMessage();
29 }
30 
GetOpensslErrorMessage()31 void GetOpensslErrorMessage()
32 {
33     unsigned long retOpenssl;
34     char errOpenssl[OPENSSL_ERR_MESSAGE_MAX_LEN];
35     while ((retOpenssl = ERR_get_error()) != 0) {
36         // error string is written no more than OPENSSL_ERR_MESSAGE_MAX_LEN in errOpenssl
37         ERR_error_string_n(retOpenssl, errOpenssl, OPENSSL_ERR_MESSAGE_MAX_LEN);
38         LOG_ERROR(LABEL, "openssl err: %{public}lu, message: %{public}s", retOpenssl, errOpenssl);
39     }
40 }
41 
LoadCertFromBuffer(const uint8_t * buffer,const uint32_t size)42 X509 *LoadCertFromBuffer(const uint8_t *buffer, const uint32_t size)
43 {
44     BIO *mem = BIO_new_mem_buf(buffer, size);
45     if (mem == nullptr) {
46         LOG_ERROR(LABEL, "Fail to create bio for cert.");
47         return nullptr;
48     }
49     X509 *cert = d2i_X509_bio(mem, nullptr);
50     if (cert == nullptr) {
51         ErrLogWithOpenSSLMsg("Certificate is invalid.");
52     }
53     BIO_free(mem);
54     return cert;
55 }
56 
STACK_OF(X509)57 STACK_OF(X509) *MakeStackOfCerts(const std::vector<ByteBuffer> &certChain)
58 {
59     STACK_OF(X509)* certs = sk_X509_new_null();
60     if (certs == nullptr) {
61         return nullptr;
62     }
63     for (const ByteBuffer &cert: certChain) {
64         X509 *tmp = LoadCertFromBuffer(cert.GetBuffer(), cert.GetSize());
65         if ((tmp == nullptr) || (!sk_X509_push(certs, tmp))) {
66             // including each cert in certs and stack of certs
67             sk_X509_pop_free(certs, X509_free);
68             certs = nullptr;
69             break;
70         }
71     }
72     return certs;
73 }
74 }
75 }
76 }
77