diff --git a/hapsigntool_cpp/codesigning/fsverity/src/merkle_tree_builder.cpp b/hapsigntool_cpp/codesigning/fsverity/src/merkle_tree_builder.cpp index 82c60011d6c414ae04c12c5db62e917fba50318d..2e04776f127cd00c2dccfbbbe04801a335c4fa6e 100644 --- a/hapsigntool_cpp/codesigning/fsverity/src/merkle_tree_builder.cpp +++ b/hapsigntool_cpp/codesigning/fsverity/src/merkle_tree_builder.cpp @@ -16,8 +16,10 @@ #include "merkle_tree_builder.h" -using namespace OHOS::SignatureTools; using namespace OHOS::SignatureTools::Uscript; +namespace OHOS { +namespace SignatureTools { + const int MerkleTreeBuilder::FSVERITY_HASH_PAGE_SIZE = 4096; const int64_t MerkleTreeBuilder::INPUTSTREAM_MAX_SIZE = 4503599627370496L; const int MerkleTreeBuilder::CHUNK_SIZE = 4096; @@ -290,4 +292,6 @@ long MerkleTreeBuilder::GetChunkCount(long dataSize, long divisor) long MerkleTreeBuilder::GetFullChunkSize(long dataSize, long divisor, long multiplier) { return GetChunkCount(dataSize, divisor) * multiplier; -} \ No newline at end of file +} +} // namespace SignatureTools +} // namespace OHOS \ No newline at end of file diff --git a/hapsigntool_cpp/codesigning/sign/src/code_signing.cpp b/hapsigntool_cpp/codesigning/sign/src/code_signing.cpp index 646e0d0bd5fb9c51172c784afaf2088adb5903ff..b21f7b9d1856a362cc52f64f49aea840b86ab5df 100644 --- a/hapsigntool_cpp/codesigning/sign/src/code_signing.cpp +++ b/hapsigntool_cpp/codesigning/sign/src/code_signing.cpp @@ -86,7 +86,10 @@ bool CodeSigning::GetCodeSignBlock(const std::string &input, int64_t offset, m_codeSignBlock.GetHapInfoSegment().SetSignInfo(hapSignInfoAndMerkleTreeBytesPair.first); m_codeSignBlock.AddOneMerkleTree(HAP_SIGNATURE_ENTRY_NAME, hapSignInfoAndMerkleTreeBytesPair.second); - SignNativeLibs(input, ownerID); + if (!SignNativeLibs(input, ownerID)) { + PrintErrorNumberMsg("SIGN_ERROR", SIGN_ERROR, "Failed to sign the contents in the compressed file."); + return false; + } UpdateCodeSignBlock(); m_codeSignBlock.GenerateCodeSignBlockByte(fsvTreeOffset, ret); SIGNATURE_TOOLS_LOGI("Sign successfully."); @@ -272,19 +275,7 @@ bool CodeSigning::GetSingleFileStreamFromZip(unzFile &zFile, char fileName[], int &readFileSize, std::stringbuf &sb) { char szReadBuffer[BUFFER_SIZE] = { 0 }; - if (memset_s(fileName, FILE_NAME_SIZE, 0, FILE_NAME_SIZE) != 0) { - unzClose(zFile); - return false; - } - size_t nameLen = 0; - if (!CheckUnzParam(zFile, zFileInfo, fileName, &nameLen)) { - unzClose(zFile); - return false; - } - if (!CheckFileName(zFile, fileName, &nameLen)) { - unzClose(zFile); - return false; - } + long fileLength = zFileInfo.uncompressed_size; int nReadFileSize; do { @@ -328,7 +319,6 @@ bool CodeSigning::RunParseZipInfo(const std::string& packageName, UnzipHandlePar unzClose(zFile); return false; } - for (uLong i = 0; i < index; ++i) { int ret = unzGoToNextFile(zFile); if (ret != UNZ_OK) { @@ -336,11 +326,23 @@ bool CodeSigning::RunParseZipInfo(const std::string& packageName, UnzipHandlePar return false; } } - unz_file_info zFileInfo; char fileName[FILE_NAME_SIZE]; int readFileSize = 0; std::stringbuf sb; + if (memset_s(fileName, FILE_NAME_SIZE, 0, FILE_NAME_SIZE) != 0) { + unzClose(zFile); + return false; + } + size_t nameLen = 0; + if (!CheckUnzParam(zFile, zFileInfo, fileName, &nameLen)) { + unzClose(zFile); + return false; + } + if (!CheckFileName(zFile, fileName, &nameLen)) { + unzClose(zFile); + return true; + } bool flag = GetSingleFileStreamFromZip(zFile, fileName, zFileInfo, readFileSize, sb); if (!flag) { return false; @@ -348,10 +350,8 @@ bool CodeSigning::RunParseZipInfo(const std::string& packageName, UnzipHandlePar bool handleFlag = DoNativeLibSignOrVerify(std::string(fileName), sb, param, readFileSize); if (!handleFlag) { SIGNATURE_TOOLS_LOGE("%s native libs handle failed", fileName); - unzClose(zFile); return false; } - return true; } diff --git a/hapsigntool_cpp/hap/entity/src/signature_block_tags.cpp b/hapsigntool_cpp/hap/entity/src/signature_block_tags.cpp deleted file mode 100644 index 365b34aa47a03bfefd7d1aaee8e80236c1bad4a6..0000000000000000000000000000000000000000 --- a/hapsigntool_cpp/hap/entity/src/signature_block_tags.cpp +++ /dev/null @@ -1,18 +0,0 @@ -/* - * Copyright (c) 2024-2024 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "signature_block_tags.h" - -using namespace OHOS::SignatureTools; \ No newline at end of file diff --git a/hapsigntool_cpp/hap/entity/src/signature_block_types.cpp b/hapsigntool_cpp/hap/entity/src/signature_block_types.cpp index 05c07c4fb573e9b37f1ad10299a928e1921d1364..7a5fa64bf33e4836e4bee9e5d69fd244863471f9 100644 --- a/hapsigntool_cpp/hap/entity/src/signature_block_types.cpp +++ b/hapsigntool_cpp/hap/entity/src/signature_block_types.cpp @@ -14,8 +14,8 @@ */ #include "signature_block_types.h" -using namespace OHOS::SignatureTools; - +namespace OHOS { +namespace SignatureTools { char SignatureBlockTypes::GetProfileBlockTypes(const std::string& isSigned) { if (!isSigned.empty() && 0 == isSigned.compare("0")) { @@ -25,4 +25,6 @@ char SignatureBlockTypes::GetProfileBlockTypes(const std::string& isSigned) return PROFILE_SIGNED_BLOCK; } return PROFILE_NOSIGNED_BLOCK; -} \ No newline at end of file +} +} // namespace SignatureTools +} // namespace OHOS \ No newline at end of file diff --git a/hapsigntool_cpp/hap/signature_tools_hap.gni b/hapsigntool_cpp/hap/signature_tools_hap.gni index 8a85b3dc29d463571cea76f70997cf42eabdfec0..a345ed79233da4536b7842d2dc1724c0b6f7173b 100644 --- a/hapsigntool_cpp/hap/signature_tools_hap.gni +++ b/hapsigntool_cpp/hap/signature_tools_hap.gni @@ -35,7 +35,6 @@ signature_tools_hap_src = [ "${signature_tools_hap}/entity/src/sign_block_info.cpp", "${signature_tools_hap}/entity/src/sign_content_info.cpp", "${signature_tools_hap}/entity/src/sign_block_data.cpp", - "${signature_tools_hap}/entity/src/signature_block_tags.cpp", "${signature_tools_hap}/entity/src/signature_block_types.cpp", "${signature_tools_hap}/entity/src/signing_block.cpp", "${signature_tools_hap}/provider/src/local_sign_provider.cpp", diff --git a/hapsigntool_cpp/hap/verify/src/verify_hap.cpp b/hapsigntool_cpp/hap/verify/src/verify_hap.cpp index b7043c40827a199d5a68a893a41f57fe7d33b5c8..bbb5d7294b9301898c1994493881223061daf916 100644 --- a/hapsigntool_cpp/hap/verify/src/verify_hap.cpp +++ b/hapsigntool_cpp/hap/verify/src/verify_hap.cpp @@ -90,7 +90,7 @@ bool VerifyHap::outputOptionalBlocks(const std::string& outputProfileFile, const return false; } } else if (optionBlock.optionalType == HapUtils::HAP_PROOF_OF_ROTATION_BLOCK_ID) { - if (!writeOptionalBytesToFile(optionBlock, outputPropertyFile)) { + if (!writeOptionalBytesToFile(optionBlock, outputProofFile)) { return false; } } else { diff --git a/hapsigntool_cpp/profile/include/pkcs7_data.h b/hapsigntool_cpp/profile/include/pkcs7_data.h index f0c66bb3eb67ab055fe6a939fca78538f2b6e46c..35e34c2bc976b6080236d86c8cede4d564e25346 100644 --- a/hapsigntool_cpp/profile/include/pkcs7_data.h +++ b/hapsigntool_cpp/profile/include/pkcs7_data.h @@ -49,7 +49,7 @@ struct std::equal_to { /* all cert is put into one bottle */ template<> struct std::hash { - size_t operator()(const X509* cert)const + size_t operator()(const X509* cert) const { return 0; }