1 /*
2 * Copyright (c) 2024-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #include "signer_factory.h"
16 #include "dynamic_lib_handle.h"
17
18 namespace OHOS {
19 namespace SignatureTools {
GetSigner(LocalizationAdapter & adapter) const20 std::shared_ptr<Signer> SignerFactory::GetSigner(LocalizationAdapter& adapter)const
21 {
22 if (adapter.IsRemoteSigner()) {
23 return LoadRemoteSigner(adapter);
24 }
25
26 EVP_PKEY* keyPair = adapter.GetAliasKey(false);
27 if (keyPair == NULL) {
28 SIGNATURE_TOOLS_LOGE("key is NULL, get signer failed");
29 adapter.ResetPwd();
30 return NULL;
31 }
32 adapter.ResetPwd();
33 STACK_OF(X509)* certs = adapter.GetSignCertChain();
34 if (certs == nullptr) {
35 SIGNATURE_TOOLS_LOGE("certs is NULL, please input cert file.");
36 return nullptr;
37 }
38 std::shared_ptr<Signer> signer = std::make_shared<LocalSigner>(keyPair, certs);
39 return signer;
40 }
41
LoadRemoteSigner(LocalizationAdapter & adapter) const42 std::shared_ptr<Signer> SignerFactory::LoadRemoteSigner(LocalizationAdapter& adapter) const
43 {
44 std::string keyAlias = adapter.GetOptions()->GetString(ParamConstants::PARAM_BASIC_PRIVATE_KEY);
45 std::string signServer = adapter.GetOptions()->GetString(ParamConstants::PARAM_REMOTE_SERVER);
46 std::string signerPlugin = adapter.GetOptions()->GetString(ParamConstants::PARAM_REMOTE_SIGNERPLUGIN);
47 std::string onlineAuthMode = adapter.GetOptions()->GetString(ParamConstants::PARAM_REMOTE_ONLINEAUTHMODE);
48 std::string username = adapter.GetOptions()->GetString(ParamConstants::PARAM_REMOTE_USERNAME);
49 char* userPwd = adapter.GetOptions()->GetChars(ParamConstants::PARAM_REMOTE_USERPWD);
50
51 // open so
52 if (DynamicLibHandle::g_handle == nullptr) {
53 DynamicLibHandle::g_handle = dlopen(signerPlugin.c_str(), RTLD_NOW | RTLD_LOCAL);
54 }
55
56 if (DynamicLibHandle::g_handle == nullptr) {
57 PrintErrorNumberMsg("LoadRemoteSigner", RET_FAILED, dlerror());
58 return nullptr;
59 }
60
61 // clear previous error
62 dlerror();
63
64 RemoteSignerCreator remoteSignerCreator =
65 (RemoteSignerCreator)dlsym(DynamicLibHandle::g_handle, "GetRemoteSignerInstance");
66 char* error = nullptr;
67 if ((error = dlerror()) != NULL) {
68 SIGNATURE_TOOLS_LOGE("%s", error);
69 return nullptr;
70 }
71
72 RemoteSignerParamType keyAliasType{keyAlias.c_str(), keyAlias.size()};
73 RemoteSignerParamType signServerType{signServer.c_str(), signServer.size()};
74 RemoteSignerParamType onlineAuthModeType{onlineAuthMode.c_str(), onlineAuthMode.size()};
75 RemoteSignerParamType usernameType{username.c_str(), username.size()};
76 RemoteSignerParamType userPwdType{userPwd, strlen(userPwd)};
77
78 Signer* signer = remoteSignerCreator(keyAliasType, signServerType, onlineAuthModeType, usernameType, userPwdType);
79
80 // remote sign support input certificate chain file.
81 STACK_OF(X509)* certs = adapter.GetSignCertChain();
82 if (certs != nullptr) {
83 signer->SetCertificates(certs);
84 }
85
86 for (size_t i = 0; i < strlen(userPwd); i++) {
87 userPwd[i] = 0;
88 }
89
90 std::shared_ptr<Signer> remoteSigner(signer);
91 return remoteSigner;
92 }
93 } // namespace SignatureTools
94 } // namespace OHOS