• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2024-2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 #include "cert_dn_utils.h"
16 #include "signature_tools_errno.h"
17 #include "constant.h"
18 
19 namespace OHOS {
20 namespace SignatureTools {
21 
g_checkDn(const std::string & nameString,std::vector<pair<std::string,std::string>> & pairs)22 int g_checkDn(const std::string &nameString, std::vector<pair<std::string, std::string>>& pairs)
23 {
24     if (nameString.size() == 0) {
25         return FORMAT_ERROR;
26     }
27     std::vector<std::string> tokens = StringUtils::SplitString(nameString.c_str(), ',');
28     for (std::string &pair : tokens) {
29         if (StringUtils::Trim(pair).size() == 0) {
30             return FORMAT_ERROR;
31         }
32         std::vector<std::string> kvPair = StringUtils::SplitString(pair, '=');
33         if (kvPair.size() != DEFAULT_CERT_VERSION) {
34             return FORMAT_ERROR;
35         }
36         kvPair[0] = StringUtils::Trim(kvPair[0]);
37         kvPair[1] = StringUtils::Trim(kvPair[1]);
38         if (kvPair[1].size() == 0) {
39             return FORMAT_ERROR;
40         }
41         pairs.push_back({kvPair[0], kvPair[1]});
42     }
43     return 0;
44 }
45 
BuildDN(const std::string & nameString,X509_REQ * req)46 X509_NAME* BuildDN(const std::string &nameString, X509_REQ* req)
47 {
48     std::vector<pair<std::string, std::string>> pairs;
49     std::ostringstream oss;
50     oss << "Format error, must be \"X=xx,XX=xxx,...\". "
51         "Subject does not support either of key-value that contains commas or equal signs. "
52         "Please check: \"" << nameString << "\"";
53     int ret = g_checkDn(nameString, pairs);
54     if (ret == FORMAT_ERROR) {
55         PrintErrorNumberMsg("FORMAT_ERROR", FORMAT_ERROR,
56                             oss.str().c_str());
57         return nullptr;
58     }
59     X509_NAME* subject = nullptr;
60     subject = X509_REQ_get_subject_name(req);
61     if (!subject) {
62         SIGNATURE_TOOLS_LOGE("X509_NAME get failed !");
63         return nullptr;
64     }
65     for (auto idx = pairs.cbegin(); idx != pairs.cend(); idx++) {
66         if (OBJ_txt2nid(idx->first.c_str()) == NID_undef) {
67             PrintErrorNumberMsg("COMMAND_PARAM_ERROR", COMMAND_PARAM_ERROR,
68                                 "Error params near:" + nameString + " Reason: Unknown object id - " + idx->first +
69                                 " - passed to distinguished name");
70             return nullptr;
71         }
72         X509_NAME_add_entry_by_txt(subject, idx->first.c_str(), MBSTRING_ASC,
73                                    reinterpret_cast<const unsigned char*>(idx->second.c_str()), -1, -1, 0);
74     }
75     return subject;
76 }
77 } // namespace SignatureTools
78 } // namespace OHOS