• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2023 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "napi_x509_cert_chain_validate_params.h"
17 
18 #include "cf_log.h"
19 #include "cf_memory.h"
20 #include "cf_type.h"
21 #include "napi/native_api.h"
22 #include "napi/native_node_api.h"
23 #include "napi_cert_crl_collection.h"
24 #include "napi_cert_defines.h"
25 #include "napi_cert_utils.h"
26 #include "napi_object.h"
27 #include "napi_x509_trust_anchor.h"
28 #include "napi_x509_certificate.h"
29 #include "utils.h"
30 #include "x509_cert_chain_validate_params.h"
31 
32 namespace OHOS {
33 namespace CertFramework {
34 
GetValidDate(napi_env env,napi_value arg,CfBlob * & out)35 static bool GetValidDate(napi_env env, napi_value arg, CfBlob *&out)
36 {
37     napi_value obj = GetProp(env, arg, CERT_CHAIN_VALIDATE_TAG_DATE.c_str());
38     if (obj == nullptr) {
39         LOGI("prop date do not exist!");
40         return true;
41     }
42     out = CertGetBlobFromStringJSParams(env, obj);
43     if (out == nullptr) {
44         LOGE("get blob failed!");
45         return false;
46     }
47     return true;
48 }
49 
GetArrayLength(napi_env env,napi_value arg,uint32_t & length)50 static bool GetArrayLength(napi_env env, napi_value arg, uint32_t &length)
51 {
52     bool flag = false;
53     napi_status status = napi_is_array(env, arg, &flag);
54     if (status != napi_ok || !flag) {
55         LOGE("param type not array!");
56         return false;
57     }
58     status = napi_get_array_length(env, arg, &length);
59     if (status != napi_ok || length == 0 || length > MAX_LEN_OF_ARRAY) {
60         LOGE("array length is invalid!");
61         return false;
62     }
63     return true;
64 }
65 
GetX509TrustAnchorArray(napi_env env,napi_value arg,HcfX509TrustAnchorArray * & out)66 static bool GetX509TrustAnchorArray(napi_env env, napi_value arg, HcfX509TrustAnchorArray *&out)
67 {
68     napi_value obj = GetProp(env, arg, CERT_CHAIN_VALIDATE_TAG_TRUSTANCHORS.c_str());
69     if (obj == nullptr) {
70         LOGE("param type not array!");
71         return false;
72     }
73 
74     uint32_t length;
75     if (!GetArrayLength(env, obj, length)) {
76         LOGE("get array length failed!");
77         return false;
78     }
79 
80     out = static_cast<HcfX509TrustAnchorArray *>(HcfMalloc(sizeof(HcfX509TrustAnchorArray), 0));
81     if (out == nullptr) {
82         LOGE("Failed to allocate out memory!");
83         return false;
84     }
85 
86     out->count = length;
87     out->data = static_cast<HcfX509TrustAnchor **>(HcfMalloc(length * sizeof(HcfX509TrustAnchor *), 0));
88     if (out->data == nullptr) {
89         LOGE("Failed to allocate data memory!");
90         CfFree(out);
91         out = nullptr;
92         return false;
93     }
94     for (uint32_t i = 0; i < length; ++i) {
95         napi_value element;
96         if (napi_get_element(env, obj, i, &element) != napi_ok) {
97             LOGE("get element failed!");
98             CfFree(out->data);
99             CfFree(out);
100             out = nullptr;
101             return false;
102         }
103 
104         if (!BuildX509TrustAnchorObj(env, element, out->data[i])) {
105             LOGE("get element failed!");
106             CfFree(out->data);
107             CfFree(out);
108             out = nullptr;
109             return false;
110         }
111     }
112     return true;
113 }
114 
GetCertCRLCollectionArray(napi_env env,napi_value arg,HcfCertCRLCollectionArray * & out)115 static bool GetCertCRLCollectionArray(napi_env env, napi_value arg, HcfCertCRLCollectionArray *&out)
116 {
117     napi_value obj = GetProp(env, arg, CERT_CHAIN_VALIDATE_TAG_CERTCRLS.c_str());
118     if (obj == nullptr) {
119         LOGI("prop certCRLs do not exist!");
120         return true;
121     }
122 
123     uint32_t length;
124     if (!GetArrayLength(env, obj, length)) {
125         LOGE("get array length failed!");
126         return false;
127     }
128 
129     out = static_cast<HcfCertCRLCollectionArray *>(HcfMalloc(sizeof(HcfCertCRLCollectionArray), 0));
130     if (out == nullptr) {
131         LOGE("Failed to allocate out memory!");
132         return false;
133     }
134     out->count = length;
135     out->data = static_cast<HcfCertCrlCollection **>(HcfMalloc(length * sizeof(HcfCertCrlCollection *), 0));
136     if (out->data == nullptr) {
137         LOGE("Failed to allocate data memory!");
138         CfFree(out);
139         out = nullptr;
140         return false;
141     }
142     for (uint32_t i = 0; i < length; i++) {
143         napi_value element;
144         napi_status status = napi_get_element(env, obj, i, &element);
145         if (status != napi_ok) {
146             LOGE("get element failed!");
147             CfFree(out->data);
148             CfFree(out);
149             out = nullptr;
150             return false;
151         }
152         NapiCertCRLCollection *napiCertCrlCollectionObj = nullptr;
153         napi_unwrap(env, element, reinterpret_cast<void **>(&napiCertCrlCollectionObj));
154         if (napiCertCrlCollectionObj == nullptr) {
155             LOGE("napi cert crl collection object is nullptr!");
156             CfFree(out->data);
157             CfFree(out);
158             out = nullptr;
159             return false;
160         }
161         out->data[i] = napiCertCrlCollectionObj->GetCertCrlCollection();
162     }
163     return true;
164 }
165 
FreeX509CertChainValidateParams(HcfX509CertChainValidateParams & param)166 void FreeX509CertChainValidateParams(HcfX509CertChainValidateParams &param)
167 {
168     CfBlobFree(&param.date);
169     if (param.trustAnchors != nullptr) {
170         for (uint32_t i = 0; i < param.trustAnchors->count; ++i) {
171             FreeX509TrustAnchorObj(param.trustAnchors->data[i]);
172         }
173         CfFree(param.trustAnchors);
174         param.trustAnchors = nullptr;
175     }
176 
177     if (param.certCRLCollections != nullptr) {
178         CfFree(param.certCRLCollections->data);
179         CfFree(param.certCRLCollections);
180         param.certCRLCollections = nullptr;
181     }
182 }
183 
BuildX509CertChainValidateParams(napi_env env,napi_value arg,HcfX509CertChainValidateParams & param)184 bool BuildX509CertChainValidateParams(napi_env env, napi_value arg, HcfX509CertChainValidateParams &param)
185 {
186     napi_valuetype type;
187     napi_typeof(env, arg, &type);
188     if (type != napi_object) {
189         LOGE("wrong argument type. expect string type. [Type]: %d", type);
190         return false;
191     }
192 
193     if (!GetValidDate(env, arg, param.date)) {
194         LOGE("GetValidDate failed");
195         return false;
196     }
197     if (!GetX509TrustAnchorArray(env, arg, param.trustAnchors)) {
198         LOGE("GetX509TrustAnchorArray failed");
199         return false;
200     }
201     if (!GetCertCRLCollectionArray(env, arg, param.certCRLCollections)) {
202         LOGE("GetCertCRLCollectionArray failed");
203         return false;
204     }
205 
206     return true;
207 }
208 
209 } // namespace CertFramework
210 } // namespace OHOS