• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2025-2025 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 #include "profile_sign_tool.h"
16 #include "signer_factory.h"
17 #include "local_signer.h"
18 #include "localization_adapter.h"
19 #include "file_utils.h"
20 #include "pkcs7_data.h"
21 #include "verify_hap_openssl_utils.h"
22 #include "signature_tools_errno.h"
23 
24 namespace OHOS {
25 namespace SignatureTools {
26 
GenerateP7b(LocalizationAdapter & adapter,const std::string & content,std::string & ret)27 int ProfileSignTool::GenerateP7b(LocalizationAdapter& adapter, const std::string& content, std::string& ret)
28 {
29     std::unique_ptr<SignerFactory> signerFactory = std::make_unique<SignerFactory>();
30     std::shared_ptr<Signer> signer(signerFactory->GetSigner(adapter));
31     if (signer == NULL) {
32         SIGNATURE_TOOLS_LOGE("signer is NULL, get signer failed");
33         return INVALIDPARAM_ERROR;
34     }
35     const std::string sigAlg = adapter.GetSignAlg();
36     // ret is the generated p7b data
37     return SignProfile(content, signer, sigAlg, ret);
38 }
39 
40 /**
41 * @param content content to sign
42 * @param signer signer
43 * @param sigAlg sign algorithm  only SHAwith256 or SHAwith384
44 * @param ret signed data
45 * @return 0:success <0:error
46 */
SignProfile(const std::string & content,const std::shared_ptr<Signer> & signer,const std::string & sigAlg,std::string & ret)47 int ProfileSignTool::SignProfile(const std::string& content, const std::shared_ptr<Signer>& signer,
48                                  const std::string& sigAlg, std::string& ret)
49 {
50     PKCS7Data p7Data;
51     int result = RET_OK;
52     result = p7Data.Sign(content, signer, sigAlg, ret);
53     if (result < 0) {
54         SIGNATURE_TOOLS_LOGE("SignProfile faild!");
55         return SIGN_ERROR;
56     }
57     PKCS7Data p7DataVerify;
58     result = p7DataVerify.Parse(ret);
59     if (result < 0) {
60         SIGNATURE_TOOLS_LOGE("parse p7b failed");
61         return PARSE_ERROR;
62     }
63     result = p7DataVerify.Verify();
64     if (result < 0) {
65         SIGNATURE_TOOLS_LOGE("verify p7b failed");
66         return VERIFY_ERROR;
67     }
68     return result;
69 }
70 } // namespace SignatureTools
71 } // namespace OHOS