1 /* 2 * Copyright (c) 2021-2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 package com.ohos.hapsigntool.utils; 17 18 import java.io.ByteArrayInputStream; 19 import java.io.UnsupportedEncodingException; 20 import java.security.MessageDigest; 21 import java.security.NoSuchAlgorithmException; 22 import java.security.cert.CRL; 23 import java.security.cert.CRLException; 24 import java.security.cert.Certificate; 25 import java.security.cert.CertificateException; 26 import java.security.cert.CertificateFactory; 27 import java.security.cert.X509CRL; 28 import java.security.cert.X509Certificate; 29 import java.util.Base64; 30 31 /** 32 * Digest util class 33 * 34 * @since 2021-12-13 35 */ 36 public class DigestUtils { 37 private static final LogUtils LOGGER = new LogUtils(DigestUtils.class); 38 39 /** 40 * Constructor of Method 41 */ DigestUtils()42 private DigestUtils() { 43 } 44 45 /** 46 * digest the inputContent with SHA-256 47 * 48 * @param inputContentArray input Content Array 49 * @return the result of digest with SHA-256 50 */ sha256Digest(byte[] inputContentArray)51 public static byte[] sha256Digest(byte[] inputContentArray) { 52 byte[] sha2Array = null; 53 try { 54 MessageDigest md = MessageDigest.getInstance("SHA-256"); 55 md.update(inputContentArray); 56 sha2Array = md.digest(); 57 } catch (NoSuchAlgorithmException e) { 58 LOGGER.error("don't has SHA-256 Algorithm"); 59 } 60 return sha2Array; 61 } 62 63 /** 64 * digest the inputContent with SHA-384 65 * 66 * @param inputContentArray input Content Array 67 * @return the result of digest with SHA-384 68 */ sha384Digest(byte[] inputContentArray)69 public static byte[] sha384Digest(byte[] inputContentArray) { 70 byte[] sha2Array = null; 71 try { 72 MessageDigest md = MessageDigest.getInstance("SHA-384"); 73 md.update(inputContentArray); 74 sha2Array = md.digest(); 75 } catch (NoSuchAlgorithmException e) { 76 LOGGER.error("don't has SHA-384 Algorithm"); 77 } 78 return sha2Array; 79 } 80 81 /** 82 * digest the inputContent with SHA-512 83 * 84 * @param inputContentArray input Content Array 85 * @return the result of digest with SHA-512 86 */ sha512Digest(byte[] inputContentArray)87 public static byte[] sha512Digest(byte[] inputContentArray) { 88 byte[] sha2Array = null; 89 try { 90 MessageDigest md = MessageDigest.getInstance("SHA-512"); 91 md.update(inputContentArray); 92 sha2Array = md.digest(); 93 } catch (NoSuchAlgorithmException e) { 94 LOGGER.error("don't has SHA-512 Algorithm"); 95 } 96 return sha2Array; 97 } 98 99 /** 100 * Transform a string of certificate with base64 encoded to an object of X509Certificate. 101 * 102 * @param encodeString string of certificate with base64 encoded 103 * @return object of X509Certificate 104 */ decodeBase64ToX509Certifate(String encodeString)105 public static X509Certificate decodeBase64ToX509Certifate(String encodeString) { 106 String header = "-----BEGIN CERTIFICATE-----\n"; 107 String tail = "-----END CERTIFICATE-----\n"; 108 byte[] certificateDatas = null; 109 X509Certificate x509Certificate = null; 110 try { 111 CertificateFactory cf = CertificateFactory.getInstance("X.509"); 112 if (encodeString.startsWith(header) && encodeString.endsWith(tail)) { 113 certificateDatas = encodeString.getBytes("UTF-8"); 114 } else { 115 certificateDatas = Base64.getUrlDecoder().decode(encodeString); 116 } 117 118 Certificate obj = cf.generateCertificate(new ByteArrayInputStream(certificateDatas)); 119 if (!(obj instanceof X509Certificate)) { 120 LOGGER.error("generateCertificate is not x509"); 121 return x509Certificate; 122 } 123 x509Certificate = (X509Certificate) obj; 124 } catch (UnsupportedEncodingException | CertificateException e) { 125 LOGGER.error("Decode Base64 certificate failed!", e); 126 } 127 return x509Certificate; 128 } 129 130 /** 131 * Get an object of x509CRL from a string of certificate with base64 encoded 132 * 133 * @param encodeString string of certificate with base64 encoded 134 * @return an object of x509CRL 135 */ decodeBase64ToX509CRL(String encodeString)136 public static X509CRL decodeBase64ToX509CRL(String encodeString) { 137 byte[] certificateDatas = Base64.getUrlDecoder().decode(encodeString); 138 139 X509CRL x509CRL = null; 140 try { 141 CertificateFactory cf = CertificateFactory.getInstance("X.509"); 142 CRL obj = cf.generateCRL(new ByteArrayInputStream(certificateDatas)); 143 if (!(obj instanceof X509CRL)) { 144 LOGGER.error("generateCRL is not x509"); 145 return x509CRL; 146 } 147 x509CRL = (X509CRL) obj; 148 } catch (CertificateException | CRLException e) { 149 LOGGER.error("Decode Base64 crl failed!"); 150 } 151 return x509CRL; 152 } 153 } 154