From b90cc4978061df5e96b2e27c126d8068f34d1072 Mon Sep 17 00:00:00 2001 From: zhanzeyi Date: Sat, 13 Jul 2024 19:20:00 +0800 Subject: [PATCH 1/2] add log and fix path check Signed-off-by: zhanzeyi --- hapsigntool_cpp/api/src/cert_tools.cpp | 36 +++++++++++++++++++ hapsigntool_cpp/cmd/src/cmd_util.cpp | 11 +++--- hapsigntool_cpp/cmd/src/params_run_tool.cpp | 4 +-- .../datastructure/src/code_sign_block.cpp | 2 +- .../hap/provider/include/sign_provider.h | 1 - .../hap/provider/src/sign_provider.cpp | 17 ++------- .../utils/include/signature_tools_log.h | 28 ++++++--------- hapsigntool_cpp/utils/src/hash_utils.cpp | 6 ++-- hapsigntool_cpp/zip/src/zip_signer.cpp | 4 +-- 9 files changed, 65 insertions(+), 44 deletions(-) diff --git a/hapsigntool_cpp/api/src/cert_tools.cpp b/hapsigntool_cpp/api/src/cert_tools.cpp index 37826e94..87b4815e 100644 --- a/hapsigntool_cpp/api/src/cert_tools.cpp +++ b/hapsigntool_cpp/api/src/cert_tools.cpp @@ -75,8 +75,44 @@ bool CertTools::SaveCertTofile(const std::string& filename, X509* cert) return true; } +static bool UpdateConstraint(Options* options) +{ + if (options->count(Options::BASIC_CONSTRAINTS)) { + std::string val = options->GetString(Options::BASIC_CONSTRAINTS); + if (!CmdUtil::String2Bool(options, Options::BASIC_CONSTRAINTS)) { + return false; + } + } else { + (*options)[Options::BASIC_CONSTRAINTS] = DEFAULT_BASIC_CONSTRAINTS; + } + + if (options->count(Options::BASIC_CONSTRAINTS_CRITICAL)) { + if (!CmdUtil::String2Bool(options, Options::BASIC_CONSTRAINTS_CRITICAL)) { + return false; + } + } else { + (*options)[Options::BASIC_CONSTRAINTS] = DEFAULT_BASIC_CONSTRAINTS_CRITICAL; + } + + if (options->count(Options::BASIC_CONSTRAINTS_CA)) { + if (!CmdUtil::String2Bool(options, Options::BASIC_CONSTRAINTS_CA)) { + return false; + } + } else { + (*options)[Options::BASIC_CONSTRAINTS] = DEFAULT_BASIC_CONSTRAINTS_CA; + } + return true; +} + bool CertTools::SetBisicConstraints(Options* options, X509* cert) { + /*Check here when the parameter is not entered through the command line */ + if (!(options->count(Options::BASIC_CONSTRAINTS) + && (*options)[Options::BASIC_CONSTRAINTS].index() == BASIC_NUMBER_TWO)) { + if (!UpdateConstraint(options)) { + return false; + } + } bool basicCon = options->GetBool(Options::BASIC_CONSTRAINTS); if (basicCon) { bool basicConstraintsCritical = options->GetBool(Options::BASIC_CONSTRAINTS_CRITICAL); diff --git a/hapsigntool_cpp/cmd/src/cmd_util.cpp b/hapsigntool_cpp/cmd/src/cmd_util.cpp index 1d87240d..84d835cd 100644 --- a/hapsigntool_cpp/cmd/src/cmd_util.cpp +++ b/hapsigntool_cpp/cmd/src/cmd_util.cpp @@ -200,6 +200,9 @@ static bool outFilePath(Options* options) return false; } std::string parentPath = pat.parent_path(); + if (parentPath == "" || parentPath == "./") { + return true; + } if (!std::filesystem::exists(parentPath)) { PrintErrorNumberMsg("IO_ERROR", IO_ERROR, "output file parent directory'" + std::string(parentPath.c_str()) + "' not exist"); @@ -241,7 +244,7 @@ static bool UpdateParamForCheckSignAlg(ParamsSharedPtr param) if (options->count(Options::SIGN_ALG)) { std::string signAlg = options->GetString(Options::SIGN_ALG); if (signAlg != SIGN_ALG_SHA256 && signAlg != SIGN_ALG_SHA384) { - PrintErrorNumberMsg("COMMAND_ERROR", COMMAND_ERROR, "'" + signAlg + "' parameter is incorrect"); + PrintErrorNumberMsg("NOT_SUPPORT_ERROR", NOT_SUPPORT_ERROR, "'" + signAlg + "' parameter is incorrect"); return false; } } @@ -257,8 +260,8 @@ static bool UpdateParamForInform(ParamsSharedPtr param) if (options->count(Options::INFORM)) { std::string inForm = options->GetString(Options::INFORM); if (!StringUtils::ContainsCase(ParamsRunTool::InformList, inForm)) { - PrintErrorNumberMsg("COMMAND_ERROR", COMMAND_ERROR, "parameter '" + inForm - + "' format error, Inform only support zip/elf/bin"); + PrintErrorNumberMsg("NOT_SUPPORT_ERROR", NOT_SUPPORT_ERROR, "parameter '" + + inForm + "' format error, Inform only support zip/elf/bin"); return false; } } else { @@ -478,7 +481,7 @@ bool CmdUtil::VerifyTypes(const std::string& inputType) sets.insert("decipherOnly"); for (const auto& val : vecs) { if (sets.count(val) == 0) { - PrintErrorNumberMsg("COMMAND_PARAM_ERROR", COMMAND_PARAM_ERROR, + PrintErrorNumberMsg("COMMAND_ERROR", COMMAND_ERROR, "Not support command param '" + val + "'"); return false; } diff --git a/hapsigntool_cpp/cmd/src/params_run_tool.cpp b/hapsigntool_cpp/cmd/src/params_run_tool.cpp index 2d161a61..96d1fa6f 100644 --- a/hapsigntool_cpp/cmd/src/params_run_tool.cpp +++ b/hapsigntool_cpp/cmd/src/params_run_tool.cpp @@ -121,7 +121,7 @@ bool ParamsRunTool::RunSignApp(Options* params, SignToolServiceImpl& api) } std::string inForm = params->GetString(Options::INFORM, ZIP); if (!StringUtils::IsEmpty(inForm) && !StringUtils::ContainsCase(InformList, inForm)) { - PrintErrorNumberMsg("COMMAND_ERROR", COMMAND_ERROR, "parameter '" + inForm + PrintErrorNumberMsg("NOT_SUPPORT_ERROR", NOT_SUPPORT_ERROR, "parameter '" + inForm + "' format error, Inform only support zip/elf/bin"); return false; } @@ -385,7 +385,7 @@ bool ParamsRunTool::RunVerifyApp(Options* params, SignToolServiceImpl& api) } std::string inForm = params->GetString(Options::INFORM, ZIP); if (!StringUtils::ContainsCase(InformList, inForm)) { - PrintErrorNumberMsg("COMMAND_ERROR", COMMAND_ERROR, "parameter '" + inForm + PrintErrorNumberMsg("NOT_SUPPORT_ERROR", NOT_SUPPORT_ERROR, "parameter '" + inForm + "' format error, Inform only support zip/elf/bin"); return false; } diff --git a/hapsigntool_cpp/codesigning/datastructure/src/code_sign_block.cpp b/hapsigntool_cpp/codesigning/datastructure/src/code_sign_block.cpp index 91fccfa3..16b0e5ea 100644 --- a/hapsigntool_cpp/codesigning/datastructure/src/code_sign_block.cpp +++ b/hapsigntool_cpp/codesigning/datastructure/src/code_sign_block.cpp @@ -154,7 +154,7 @@ void CodeSignBlock::ComputeSegmentOffset() int segmentOffset = CodeSignBlockHeader::Size() + segmentHeaderList.size() * SegmentHeader::SEGMENT_HEADER_LENGTH + zeroPadding.size() + GetOneMerkleTreeByFileName("Hap").size(); - for (int i = 0; i < segmentHeaderList.size(); i++) { + for (std::vector::size_type i = 0; i < segmentHeaderList.size(); i++) { segmentHeaderList[i].SetSegmentOffset(static_cast(segmentOffset)); segmentOffset += segmentHeaderList[i].GetSegmentSize(); } diff --git a/hapsigntool_cpp/hap/provider/include/sign_provider.h b/hapsigntool_cpp/hap/provider/include/sign_provider.h index 68559392..2c67def4 100644 --- a/hapsigntool_cpp/hap/provider/include/sign_provider.h +++ b/hapsigntool_cpp/hap/provider/include/sign_provider.h @@ -115,7 +115,6 @@ private: bool CheckSignatureAlg(); - static bool CheckStringToint(const std::string& in, int& out); int LoadOptionalBlock(const std::string& file, int type); bool CheckFile(const std::string& filePath); diff --git a/hapsigntool_cpp/hap/provider/src/sign_provider.cpp b/hapsigntool_cpp/hap/provider/src/sign_provider.cpp index de2d58ff..c51a9dda 100644 --- a/hapsigntool_cpp/hap/provider/src/sign_provider.cpp +++ b/hapsigntool_cpp/hap/provider/src/sign_provider.cpp @@ -55,7 +55,7 @@ bool SignProvider::InitSigerConfig(SignerConfig& signerConfig, STACK_OF(X509)* p return false; } int CompatibleVersion; - if (!CheckStringToint(signParams.at(ParamConstants::PARAM_BASIC_COMPATIBLE_VERSION), CompatibleVersion)) { + if (!StringUtils::CheckStringToint(signParams.at(ParamConstants::PARAM_BASIC_COMPATIBLE_VERSION), CompatibleVersion)) { SIGNATURE_TOOLS_LOGE("[SignHap] CompatibleVersion String To int failed"); return false; } @@ -134,7 +134,7 @@ bool SignProvider::InitZipOutput(std::shared_ptr outputHap, std::string Path) { int alignment; - if (!CheckStringToint(signParams.at(ParamConstants::PARAM_BASIC_ALIGNMENT), alignment)) { + if (!StringUtils::CheckStringToint(signParams.at(ParamConstants::PARAM_BASIC_ALIGNMENT), alignment)) { SIGNATURE_TOOLS_LOGE("[signHap] alignment String To int failed"); inputStream->close(); tmpOutput->close(); @@ -647,17 +647,6 @@ void SignProvider::CheckSignAlignment() } } -bool SignProvider::CheckStringToint(const std::string& in, int& out) -{ - std::istringstream iss(in); - if ((iss >> out) && iss.eof()) { - return true; - } else { - SIGNATURE_TOOLS_LOGE("Invalid parameter: %s", in.c_str()); - return false; - } -} - bool SignProvider::CheckCompatibleVersion() { auto it = signParams.find(ParamConstants::PARAM_BASIC_COMPATIBLE_VERSION); @@ -667,7 +656,7 @@ bool SignProvider::CheckCompatibleVersion() } const std::string& compatibleApiVersionVal = it->second; int compatibleApiVersion; - if (!CheckStringToint(compatibleApiVersionVal, compatibleApiVersion)) { + if (!StringUtils::CheckStringToint(compatibleApiVersionVal, compatibleApiVersion)) { PrintErrorNumberMsg("COMMAND_PARAM_ERROR", COMMAND_PARAM_ERROR, "compatibleVersion Parameter is must integer"); return false; diff --git a/hapsigntool_cpp/utils/include/signature_tools_log.h b/hapsigntool_cpp/utils/include/signature_tools_log.h index f919423b..fc5af04a 100644 --- a/hapsigntool_cpp/utils/include/signature_tools_log.h +++ b/hapsigntool_cpp/utils/include/signature_tools_log.h @@ -17,6 +17,9 @@ #include #include #include +#include +#include +#include #include "signature_tools_errno.h" @@ -50,12 +53,10 @@ namespace SignatureTools { **/ inline void PrintErrorNumberMsg(const std::string& command, const int code, const std::string& details) { - time_t now = time(0); - if (!now) return; - char timebuffer[100] = { 0 }; - struct tm* time = localtime(&now); - if (!time && !strftime(timebuffer, sizeof(timebuffer), "%m-%d %H:%M:%S", time)) return; - std::cerr << timebuffer << " ERROR - " << command << ", code: " + auto now = std::chrono::system_clock::now(); + std::time_t nowTime = std::chrono::system_clock::to_time_t(now); + std::tm* localTime = std::localtime(&nowTime); + std::cerr << std::put_time(localTime, "%m-%d %H:%M:%S") << " ERROR - " << command << ", code: " << code << ". Details: " << details << std::endl; } @@ -66,18 +67,11 @@ inline void PrintErrorNumberMsg(const std::string& command, const int code, cons **/ inline void PrintMsg(const std::string& message) { - time_t now = time(0); - if (!now) { - return; - } - char timebuffer[100] = { 0 }; - struct tm* time = localtime(&now); - if (!time && !strftime(timebuffer, sizeof(timebuffer), "%m-%d %H:%M:%S", time)) { - return; - } - std::cout << timebuffer << " INFO - " << message << std::endl; + auto now = std::chrono::system_clock::now(); + std::time_t nowTime = std::chrono::system_clock::to_time_t(now); + std::tm* localTime = std::localtime(&nowTime); + std::cout << std::put_time(localTime, "%m-%d %H:%M:%S") << " INFO - " << message << std::endl; } - } // namespace SignatureTools } // namespace OHOS #endif // SIGNATURETOOLS_SIGNATRUE_TOOLS_LOG_H \ No newline at end of file diff --git a/hapsigntool_cpp/utils/src/hash_utils.cpp b/hapsigntool_cpp/utils/src/hash_utils.cpp index 7d4f58d0..9f7434f4 100644 --- a/hapsigntool_cpp/utils/src/hash_utils.cpp +++ b/hapsigntool_cpp/utils/src/hash_utils.cpp @@ -98,7 +98,7 @@ std::vector HashUtils::GetFileDigest(const std::string& inputFile, const digestUtils.AddData(str); } std::string digest = digestUtils.Result(DigestUtils::Type::BINARY); - for (int i = 0; i < digest.size(); i++) { + for (std::string::size_type i = 0; i < digest.size(); i++) { result.push_back(digest[i]); } return result; @@ -133,7 +133,7 @@ std::vector HashUtils::GetDigestFromBytes(const std::vector& fil } std::string digest = digestUtils.Result(DigestUtils::Type::BINARY); std::vector result; - for (int i = 0; i < digest.size(); i++) { + for (std::string::size_type i = 0; i < digest.size(); i++) { result.push_back(digest[i]); } return result; @@ -145,7 +145,7 @@ std::vector HashUtils::GetByteDigest(const std::string& str, int count, DigestUtils digestUtils(HASH_SHA256); digestUtils.AddData(str); std::string digest = digestUtils.Result(DigestUtils::Type::BINARY); - for (int i = 0; i < digest.size(); i++) { + for (std::string::size_type i = 0; i < digest.size(); i++) { result.push_back(digest[i]); } return result; diff --git a/hapsigntool_cpp/zip/src/zip_signer.cpp b/hapsigntool_cpp/zip/src/zip_signer.cpp index 6524e4b0..cc1808e0 100644 --- a/hapsigntool_cpp/zip/src/zip_signer.cpp +++ b/hapsigntool_cpp/zip/src/zip_signer.cpp @@ -101,7 +101,7 @@ EndOfCentralDirectory* ZipSigner::GetZipEndOfCentralDirectory(std::ifstream& inp return nullptr; } - for (int start = 0; start < eocdMaxLength; start++) { + for (uint64_t start = 0; start < eocdMaxLength; start++) { eocdByBytes = EndOfCentralDirectory::GetEOCDByBytes(retStr, start); if (eocdByBytes) { m_eOCDOffset += start; @@ -135,7 +135,7 @@ bool ZipSigner::GetZipCentralDirectory(std::ifstream& input) ByteBuffer bf(retStr.c_str(), retStr.size()); - int offset = 0; + std::string::size_type offset = 0; /* one by one format central directory */ while (offset < retStr.size()) { CentralDirectory* cd = new CentralDirectory(); -- Gitee From 33a62412c1607b771190b41c7c6431a74e81a6ef Mon Sep 17 00:00:00 2001 From: zhanzeyi Date: Sat, 13 Jul 2024 19:26:51 +0800 Subject: [PATCH 2/2] fix code check Signed-off-by: zhanzeyi --- hapsigntool_cpp/hap/provider/src/sign_provider.cpp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/hapsigntool_cpp/hap/provider/src/sign_provider.cpp b/hapsigntool_cpp/hap/provider/src/sign_provider.cpp index c51a9dda..cdb3667e 100644 --- a/hapsigntool_cpp/hap/provider/src/sign_provider.cpp +++ b/hapsigntool_cpp/hap/provider/src/sign_provider.cpp @@ -55,7 +55,8 @@ bool SignProvider::InitSigerConfig(SignerConfig& signerConfig, STACK_OF(X509)* p return false; } int CompatibleVersion; - if (!StringUtils::CheckStringToint(signParams.at(ParamConstants::PARAM_BASIC_COMPATIBLE_VERSION), CompatibleVersion)) { + if (!StringUtils::CheckStringToint(signParams.at(ParamConstants::PARAM_BASIC_COMPATIBLE_VERSION), + CompatibleVersion)) { SIGNATURE_TOOLS_LOGE("[SignHap] CompatibleVersion String To int failed"); return false; } -- Gitee