1 /*
2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <string>
17 #include "cf_log.h"
18 #include "cf_type.h"
19 #include "napi_cert_chain_validator.h"
20 #include "napi_cert_defines.h"
21 #include "napi_cert_extension.h"
22 #include "napi_cert_utils.h"
23 #include "napi_pub_key.h"
24 #include "napi_x509_cert_chain.h"
25 #include "napi_x509_certificate.h"
26 #include "napi_x509_crl.h"
27 #include "napi_x509_crl_entry.h"
28 #include "napi_cert_crl_collection.h"
29 #include "napi_x509_distinguished_name.h"
30 #include "napi_cert_cms_generator.h"
31 #include "securec.h"
32
33 namespace OHOS {
34 namespace CertFramework {
CreateEncodingFormat(napi_env env)35 static napi_value CreateEncodingFormat(napi_env env)
36 {
37 napi_value encodingFormat = nullptr;
38 napi_create_object(env, &encodingFormat);
39
40 CertAddUint32Property(env, encodingFormat, "FORMAT_DER", CF_FORMAT_DER);
41 CertAddUint32Property(env, encodingFormat, "FORMAT_PEM", CF_FORMAT_PEM);
42 CertAddUint32Property(env, encodingFormat, "FORMAT_PKCS7", CF_FORMAT_PKCS7);
43
44 return encodingFormat;
45 }
46
DefineEncodingFormatProperties(napi_env env,napi_value exports)47 static void DefineEncodingFormatProperties(napi_env env, napi_value exports)
48 {
49 napi_property_descriptor desc[] = {
50 DECLARE_NAPI_PROPERTY("EncodingFormat", CreateEncodingFormat(env)),
51 };
52 napi_define_properties(env, exports, sizeof(desc) / sizeof(desc[0]), desc);
53 }
54
CreateCertResultCode(napi_env env)55 static napi_value CreateCertResultCode(napi_env env)
56 {
57 napi_value resultCode = nullptr;
58 napi_create_object(env, &resultCode);
59
60 CertAddUint32Property(env, resultCode, "INVALID_PARAMS", JS_ERR_CERT_INVALID_PARAMS);
61 CertAddUint32Property(env, resultCode, "NOT_SUPPORT", JS_ERR_CERT_NOT_SUPPORT);
62 CertAddUint32Property(env, resultCode, "ERR_OUT_OF_MEMORY", JS_ERR_CERT_OUT_OF_MEMORY);
63 CertAddUint32Property(env, resultCode, "ERR_RUNTIME_ERROR", JS_ERR_CERT_RUNTIME_ERROR);
64 CertAddUint32Property(env, resultCode, "ERR_CRYPTO_OPERATION", JS_ERR_CERT_CRYPTO_OPERATION);
65 CertAddUint32Property(env, resultCode, "ERR_CERT_SIGNATURE_FAILURE", JS_ERR_CERT_SIGNATURE_FAILURE);
66 CertAddUint32Property(env, resultCode, "ERR_CERT_NOT_YET_VALID", JS_ERR_CERT_NOT_YET_VALID);
67 CertAddUint32Property(env, resultCode, "ERR_CERT_HAS_EXPIRED", JS_ERR_CERT_HAS_EXPIRED);
68 CertAddUint32Property(env, resultCode, "ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY",
69 JS_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY);
70 CertAddUint32Property(env, resultCode, "ERR_KEYUSAGE_NO_CERTSIGN", JS_ERR_KEYUSAGE_NO_CERTSIGN);
71 CertAddUint32Property(env, resultCode, "ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE", JS_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE);
72 CertAddUint32Property(env, resultCode, "ERR_MAYBE_WRONG_PASSWORD", JS_ERR_CERT_INVALID_PRIVATE_KEY);
73 return resultCode;
74 }
75
DefineResultCodeProperties(napi_env env,napi_value exports)76 static void DefineResultCodeProperties(napi_env env, napi_value exports)
77 {
78 napi_property_descriptor desc[] = {
79 DECLARE_NAPI_PROPERTY("CertResult", CreateCertResultCode(env)),
80 };
81 napi_define_properties(env, exports, sizeof(desc) / sizeof(desc[0]), desc);
82 }
83
CreateCertItemType(napi_env env)84 static napi_value CreateCertItemType(napi_env env)
85 {
86 napi_value certItemType = nullptr;
87 napi_create_object(env, &certItemType);
88
89 CertAddUint32Property(env, certItemType, "CERT_ITEM_TYPE_TBS", CF_ITEM_TBS);
90 CertAddUint32Property(env, certItemType, "CERT_ITEM_TYPE_PUBLIC_KEY", CF_ITEM_PUBLIC_KEY);
91 CertAddUint32Property(env, certItemType, "CERT_ITEM_TYPE_ISSUER_UNIQUE_ID", CF_ITEM_ISSUER_UNIQUE_ID);
92 CertAddUint32Property(env, certItemType, "CERT_ITEM_TYPE_SUBJECT_UNIQUE_ID", CF_ITEM_SUBJECT_UNIQUE_ID);
93 CertAddUint32Property(env, certItemType, "CERT_ITEM_TYPE_EXTENSIONS", CF_ITEM_EXTENSIONS);
94
95 return certItemType;
96 }
97
DefineCertItemTypeProperties(napi_env env,napi_value exports)98 static void DefineCertItemTypeProperties(napi_env env, napi_value exports)
99 {
100 napi_property_descriptor desc[] = {
101 DECLARE_NAPI_PROPERTY("CertItemType", CreateCertItemType(env)),
102 };
103 napi_define_properties(env, exports, sizeof(desc) / sizeof(desc[0]), desc);
104 }
105
CreateExtensionOidType(napi_env env)106 static napi_value CreateExtensionOidType(napi_env env)
107 {
108 napi_value extensionOidType = nullptr;
109 napi_create_object(env, &extensionOidType);
110
111 CertAddUint32Property(env, extensionOidType, "EXTENSION_OID_TYPE_ALL", CF_EXT_TYPE_ALL_OIDS);
112 CertAddUint32Property(env, extensionOidType, "EXTENSION_OID_TYPE_CRITICAL", CF_EXT_TYPE_CRITICAL_OIDS);
113 CertAddUint32Property(env, extensionOidType, "EXTENSION_OID_TYPE_UNCRITICAL", CF_EXT_TYPE_UNCRITICAL_OIDS);
114
115 return extensionOidType;
116 }
117
DefineExtensionOidTypeProperties(napi_env env,napi_value exports)118 static void DefineExtensionOidTypeProperties(napi_env env, napi_value exports)
119 {
120 napi_property_descriptor desc[] = {
121 DECLARE_NAPI_PROPERTY("ExtensionOidType", CreateExtensionOidType(env)),
122 };
123 napi_define_properties(env, exports, sizeof(desc) / sizeof(desc[0]), desc);
124 }
125
CreateExtensionEntryType(napi_env env)126 static napi_value CreateExtensionEntryType(napi_env env)
127 {
128 napi_value extensionEntryType = nullptr;
129 napi_create_object(env, &extensionEntryType);
130
131 CertAddUint32Property(env, extensionEntryType, "EXTENSION_ENTRY_TYPE_ENTRY", CF_EXT_ENTRY_TYPE_ENTRY);
132 CertAddUint32Property(env, extensionEntryType, "EXTENSION_ENTRY_TYPE_ENTRY_CRITICAL",
133 CF_EXT_ENTRY_TYPE_ENTRY_CRITICAL);
134 CertAddUint32Property(env, extensionEntryType, "EXTENSION_ENTRY_TYPE_ENTRY_VALUE", CF_EXT_ENTRY_TYPE_ENTRY_VALUE);
135
136 return extensionEntryType;
137 }
138
DefineExtensionEntryTypeProperties(napi_env env,napi_value exports)139 static void DefineExtensionEntryTypeProperties(napi_env env, napi_value exports)
140 {
141 napi_property_descriptor desc[] = {
142 DECLARE_NAPI_PROPERTY("ExtensionEntryType", CreateExtensionEntryType(env)),
143 };
144 napi_define_properties(env, exports, sizeof(desc) / sizeof(desc[0]), desc);
145 }
146
CreateGeneralNameTypeType(napi_env env)147 static napi_value CreateGeneralNameTypeType(napi_env env)
148 {
149 napi_value generalNameType = nullptr;
150 napi_create_object(env, &generalNameType);
151
152 CertAddUint32Property(env, generalNameType, "GENERAL_NAME_TYPE_OTHER_NAME", CF_GENERAL_NAME_TYPE_OTHER_NAME);
153 CertAddUint32Property(env, generalNameType, "GENERAL_NAME_TYPE_RFC822_NAME", CF_GENERAL_NAME_TYPE_RFC822_NAME);
154 CertAddUint32Property(env, generalNameType, "GENERAL_NAME_TYPE_DNS_NAME", CF_GENERAL_NAME_TYPE_DNS_NAME);
155 CertAddUint32Property(env, generalNameType, "GENERAL_NAME_TYPE_X400_ADDRESS", CF_GENERAL_NAME_TYPE_X400_ADDRESS);
156 CertAddUint32Property(
157 env, generalNameType, "GENERAL_NAME_TYPE_DIRECTORY_NAME", CF_GENERAL_NAME_TYPE_DIRECTORY_NAME);
158 CertAddUint32Property(
159 env, generalNameType, "GENERAL_NAME_TYPE_EDI_PARTY_NAME", CF_GENERAL_NAME_TYPE_EDI_PARTY_NAME);
160 CertAddUint32Property(
161 env, generalNameType, "GENERAL_NAME_TYPE_UNIFORM_RESOURCE_ID", CF_GENERAL_NAME_TYPE_UNIFORM_RESOURCE_ID);
162 CertAddUint32Property(env, generalNameType, "GENERAL_NAME_TYPE_IP_ADDRESS", CF_GENERAL_NAME_TYPE_IP_ADDRESS);
163 CertAddUint32Property(env, generalNameType, "GENERAL_NAME_TYPE_REGISTERED_ID", CF_GENERAL_NAME_TYPE_REGISTERED_ID);
164
165 return generalNameType;
166 }
167
DefineGeneralNameTypeProperties(napi_env env,napi_value exports)168 static void DefineGeneralNameTypeProperties(napi_env env, napi_value exports)
169 {
170 napi_property_descriptor desc[] = {
171 DECLARE_NAPI_PROPERTY("GeneralNameType", CreateGeneralNameTypeType(env)),
172 };
173 napi_define_properties(env, exports, sizeof(desc) / sizeof(desc[0]), desc);
174 }
175
CreateRevocationCheckOptions(napi_env env)176 static napi_value CreateRevocationCheckOptions(napi_env env)
177 {
178 napi_value revocationCheckOptions = nullptr;
179 napi_create_object(env, &revocationCheckOptions);
180
181 CertAddUint32Property(
182 env, revocationCheckOptions, "REVOCATION_CHECK_OPTION_PREFER_OCSP", CF_REVOCATION_CHECK_OPTION_PREFER_OCSP);
183 CertAddUint32Property(env, revocationCheckOptions, "REVOCATION_CHECK_OPTION_ACCESS_NETWORK",
184 CF_REVOCATION_CHECK_OPTION_ACCESS_NETWORK);
185 CertAddUint32Property(env, revocationCheckOptions, "REVOCATION_CHECK_OPTION_FALLBACK_NO_PREFER",
186 CF_REVOCATION_CHECK_OPTION_FALLBACK_NO_PREFER);
187 CertAddUint32Property(env, revocationCheckOptions, "REVOCATION_CHECK_OPTION_FALLBACK_LOCAL",
188 CF_REVOCATION_CHECK_OPTION_FALLBACK_LOCAL);
189
190 return revocationCheckOptions;
191 }
192
CreateValidationPolicyType(napi_env env)193 static napi_value CreateValidationPolicyType(napi_env env)
194 {
195 napi_value ValidationPolicyType = nullptr;
196 napi_create_object(env, &ValidationPolicyType);
197
198 CertAddUint32Property(env, ValidationPolicyType, "VALIDATION_POLICY_TYPE_X509", CF_VALIDATION_POLICY_TYPE_X509);
199 CertAddUint32Property(env, ValidationPolicyType, "VALIDATION_POLICY_TYPE_SSL", CF_VALIDATION_POLICY_TYPE_SSL);
200
201 return ValidationPolicyType;
202 }
203
CreateValidationKeyUsageType(napi_env env)204 static napi_value CreateValidationKeyUsageType(napi_env env)
205 {
206 napi_value ValidationKeyUsageType = nullptr;
207 napi_create_object(env, &ValidationKeyUsageType);
208
209 CertAddUint32Property(env, ValidationKeyUsageType, "KEYUSAGE_DIGITAL_SIGNATURE", CF_KEYUSAGE_DIGITAL_SIGNATURE);
210 CertAddUint32Property(env, ValidationKeyUsageType, "KEYUSAGE_NON_REPUDIATION", CF_KEYUSAGE_NON_REPUDIATION);
211 CertAddUint32Property(env, ValidationKeyUsageType, "KEYUSAGE_KEY_ENCIPHERMENT", CF_KEYUSAGE_KEY_ENCIPHERMENT);
212 CertAddUint32Property(env, ValidationKeyUsageType, "KEYUSAGE_DATA_ENCIPHERMENT", CF_KEYUSAGE_DATA_ENCIPHERMENT);
213 CertAddUint32Property(env, ValidationKeyUsageType, "KEYUSAGE_KEY_AGREEMENT", CF_KEYUSAGE_KEY_AGREEMENT);
214 CertAddUint32Property(env, ValidationKeyUsageType, "KEYUSAGE_KEY_CERT_SIGN", CF_KEYUSAGE_KEY_CERT_SIGN);
215 CertAddUint32Property(env, ValidationKeyUsageType, "KEYUSAGE_CRL_SIGN", CF_KEYUSAGE_CRL_SIGN);
216 CertAddUint32Property(env, ValidationKeyUsageType, "KEYUSAGE_ENCIPHER_ONLY", CF_KEYUSAGE_ENCIPHER_ONLY);
217 CertAddUint32Property(env, ValidationKeyUsageType, "KEYUSAGE_DECIPHER_ONLY", CF_KEYUSAGE_DECIPHER_ONLY);
218
219 return ValidationKeyUsageType;
220 }
221
DefineOcspCheckOptionTypeProperties(napi_env env,napi_value exports)222 static void DefineOcspCheckOptionTypeProperties(napi_env env, napi_value exports)
223 {
224 napi_property_descriptor desc[] = {
225 DECLARE_NAPI_PROPERTY("RevocationCheckOptions", CreateRevocationCheckOptions(env)),
226 };
227 napi_define_properties(env, exports, sizeof(desc) / sizeof(desc[0]), desc);
228 }
229
DefineValidationPolicyTypeProperties(napi_env env,napi_value exports)230 static void DefineValidationPolicyTypeProperties(napi_env env, napi_value exports)
231 {
232 napi_property_descriptor desc[] = {
233 DECLARE_NAPI_PROPERTY("ValidationPolicyType", CreateValidationPolicyType(env)),
234 };
235 napi_define_properties(env, exports, sizeof(desc) / sizeof(desc[0]), desc);
236 }
237
DefineValidationKeyUsageTypeProperties(napi_env env,napi_value exports)238 static void DefineValidationKeyUsageTypeProperties(napi_env env, napi_value exports)
239 {
240 napi_property_descriptor desc[] = {
241 DECLARE_NAPI_PROPERTY("KeyUsageType", CreateValidationKeyUsageType(env)),
242 };
243 napi_define_properties(env, exports, sizeof(desc) / sizeof(desc[0]), desc);
244 }
245
CreateEncodingType(napi_env env)246 static napi_value CreateEncodingType(napi_env env)
247 {
248 napi_value encodingType = nullptr;
249 napi_create_object(env, &encodingType);
250
251 CertAddUint32Property(env, encodingType, "ENCODING_UTF8", CF_ENCODING_UTF8);
252
253 return encodingType;
254 }
255
DefineEncodingTypeProperties(napi_env env,napi_value exports)256 static void DefineEncodingTypeProperties(napi_env env, napi_value exports)
257 {
258 napi_property_descriptor desc[] = {
259 DECLARE_NAPI_PROPERTY("EncodingType", CreateEncodingType(env)),
260 };
261 napi_define_properties(env, exports, sizeof(desc) / sizeof(desc[0]), desc);
262 }
263
CreateEncodingBaseFormat(napi_env env)264 static napi_value CreateEncodingBaseFormat(napi_env env)
265 {
266 napi_value encodingBaseFormat = nullptr;
267 napi_create_object(env, &encodingBaseFormat);
268
269 CertAddUint32Property(env, encodingBaseFormat, "PEM", PEM);
270 CertAddUint32Property(env, encodingBaseFormat, "DER", DER);
271
272 return encodingBaseFormat;
273 }
274
DefinePkcs12TypeProperties(napi_env env,napi_value exports)275 static void DefinePkcs12TypeProperties(napi_env env, napi_value exports)
276 {
277 napi_property_descriptor desc[] = {
278 DECLARE_NAPI_PROPERTY("EncodingBaseFormat", CreateEncodingBaseFormat(env)),
279 };
280 napi_define_properties(env, exports, sizeof(desc) / sizeof(desc[0]), desc);
281 }
282
CreateCmsContentType(napi_env env)283 static napi_value CreateCmsContentType(napi_env env)
284 {
285 napi_value cmsContentType = nullptr;
286 napi_create_object(env, &cmsContentType);
287
288 CertAddUint32Property(env, cmsContentType, "SIGNED_DATA", SIGNED_DATA);
289 return cmsContentType;
290 }
291
CreateCmsContentDataFormat(napi_env env)292 static napi_value CreateCmsContentDataFormat(napi_env env)
293 {
294 napi_value cmsContentDataFormat = nullptr;
295 napi_create_object(env, &cmsContentDataFormat);
296
297 CertAddUint32Property(env, cmsContentDataFormat, "BINARY", BINARY);
298 CertAddUint32Property(env, cmsContentDataFormat, "TEXT", TEXT);
299
300 return cmsContentDataFormat;
301 }
302
CreateCmsFormat(napi_env env)303 static napi_value CreateCmsFormat(napi_env env)
304 {
305 napi_value cmsFormat = nullptr;
306 napi_create_object(env, &cmsFormat);
307
308 CertAddUint32Property(env, cmsFormat, "PEM", CMS_PEM);
309 CertAddUint32Property(env, cmsFormat, "DER", CMS_DER);
310
311 return cmsFormat;
312 }
313
DefineCertCmsGeneratorProperties(napi_env env,napi_value exports)314 static void DefineCertCmsGeneratorProperties(napi_env env, napi_value exports)
315 {
316 napi_property_descriptor desc[] = {
317 DECLARE_NAPI_PROPERTY("CmsContentType", CreateCmsContentType(env)),
318 DECLARE_NAPI_PROPERTY("CmsContentDataFormat", CreateCmsContentDataFormat(env)),
319 DECLARE_NAPI_PROPERTY("CmsFormat", CreateCmsFormat(env)),
320 };
321 napi_define_properties(env, exports, sizeof(desc) / sizeof(desc[0]), desc);
322 }
323
324 /***********************************************
325 * Module export and register
326 ***********************************************/
CertModuleExport(napi_env env,napi_value exports)327 static napi_value CertModuleExport(napi_env env, napi_value exports)
328 {
329 DefineEncodingFormatProperties(env, exports);
330 DefineResultCodeProperties(env, exports);
331 DefineCertItemTypeProperties(env, exports);
332 DefineExtensionOidTypeProperties(env, exports);
333 DefineExtensionEntryTypeProperties(env, exports);
334 DefineGeneralNameTypeProperties(env, exports);
335 DefineOcspCheckOptionTypeProperties(env, exports);
336 DefineValidationPolicyTypeProperties(env, exports);
337 DefineValidationKeyUsageTypeProperties(env, exports);
338 DefineEncodingTypeProperties(env, exports);
339 DefinePkcs12TypeProperties(env, exports);
340 DefineCertCmsGeneratorProperties(env, exports);
341
342 NapiKey::DefineHcfKeyJSClass(env);
343 NapiPubKey::DefinePubKeyJSClass(env);
344 NapiCertChainValidator::DefineCertChainValidatorJSClass(env, exports);
345 NapiX509Certificate::DefineX509CertJSClass(env, exports);
346 NapiX509CrlEntry::DefineX509CrlEntryJSClass(env, std::string("X509CrlEntry"));
347 NapiX509CrlEntry::DefineX509CrlEntryJSClass(env, std::string("X509CRLEntry"));
348 NapiX509Crl::DefineX509CrlJSClass(env, exports, std::string("X509Crl"));
349 NapiX509Crl::DefineX509CrlJSClass(env, exports, std::string("X509CRL"));
350 NapiX509DistinguishedName::DefineX509DistinguishedNameJSClass(env, exports);
351 NapiCertExtension::DefineCertExtensionJsClass(env, exports);
352 NapiX509CertChain::DefineX509CertChainJsClass(env, exports);
353 NapiX509CertChainBulidResult::DefineX509CertChainBuildResultJsClass(env, exports);
354 NapiCertCRLCollection::DefineCertCRLCollectionJSClass(env, exports);
355 NapiCertCmsGenerator::DefineCertCmsGeneratorJSClass(env, exports);
356 return exports;
357 }
358
RegisterCertModule(void)359 extern "C" __attribute__((constructor)) void RegisterCertModule(void)
360 {
361 static napi_module cryptoFrameworkCertModule = {
362 .nm_version = 1,
363 .nm_flags = 0,
364 .nm_filename = nullptr,
365 .nm_register_func = CertModuleExport,
366 .nm_modname = "security.cert",
367 .nm_priv = nullptr,
368 .reserved = { nullptr },
369 };
370 napi_module_register(&cryptoFrameworkCertModule);
371 }
372 } // namespace CertFramework
373 } // namespace OHOS
374