From 18e7ea4d52b2be74239119e47359fd51e088a164 Mon Sep 17 00:00:00 2001
From: zhanzeyi <zhanzeyi@huawei.com>
Date: Tue, 30 Jul 2024 10:38:08 +0800
Subject: [PATCH 1/2] fix code review

Signed-off-by: zhanzeyi <zhanzeyi@huawei.com>
---
 .../codesigning/sign/src/code_signing.cpp     | 37 ++++++++++---------
 hapsigntool_cpp/hap/verify/src/verify_hap.cpp |  2 +-
 hapsigntool_cpp/profile/include/pkcs7_data.h  |  2 +-
 3 files changed, 21 insertions(+), 20 deletions(-)

diff --git a/hapsigntool_cpp/codesigning/sign/src/code_signing.cpp b/hapsigntool_cpp/codesigning/sign/src/code_signing.cpp
index 646e0d0b..8aa853e7 100644
--- a/hapsigntool_cpp/codesigning/sign/src/code_signing.cpp
+++ b/hapsigntool_cpp/codesigning/sign/src/code_signing.cpp
@@ -272,19 +272,7 @@ bool CodeSigning::GetSingleFileStreamFromZip(unzFile &zFile, char fileName[],
                                              int &readFileSize, std::stringbuf &sb)
 {
     char szReadBuffer[BUFFER_SIZE] = { 0 };
-    if (memset_s(fileName, FILE_NAME_SIZE, 0, FILE_NAME_SIZE) != 0) {
-        unzClose(zFile);
-        return false;
-    }
-    size_t nameLen = 0;
-    if (!CheckUnzParam(zFile, zFileInfo, fileName, &nameLen)) {
-        unzClose(zFile);
-        return false;
-    }
-    if (!CheckFileName(zFile, fileName, &nameLen)) {
-        unzClose(zFile);
-        return false;
-    }
+
     long fileLength = zFileInfo.uncompressed_size;
     int nReadFileSize;
     do {
@@ -328,7 +316,6 @@ bool CodeSigning::RunParseZipInfo(const std::string& packageName, UnzipHandlePar
         unzClose(zFile);
         return false;
     }
-
     for (uLong i = 0; i < index; ++i) {
         int ret = unzGoToNextFile(zFile);
         if (ret != UNZ_OK) {
@@ -336,11 +323,23 @@ bool CodeSigning::RunParseZipInfo(const std::string& packageName, UnzipHandlePar
             return false;
         }
     }
-
     unz_file_info zFileInfo;
     char fileName[FILE_NAME_SIZE];
     int readFileSize = 0;
     std::stringbuf sb;
+    if (memset_s(fileName, FILE_NAME_SIZE, 0, FILE_NAME_SIZE) != 0) {
+        unzClose(zFile);
+        return false;
+    }
+    size_t nameLen = 0;
+    if (!CheckUnzParam(zFile, zFileInfo, fileName, &nameLen)) {
+        unzClose(zFile);
+        return false;
+    }
+    if (!CheckFileName(zFile, fileName, &nameLen)) {
+        unzClose(zFile);
+        return true;
+    }
     bool flag = GetSingleFileStreamFromZip(zFile, fileName, zFileInfo, readFileSize, sb);
     if (!flag) {
         return false;
@@ -348,10 +347,12 @@ bool CodeSigning::RunParseZipInfo(const std::string& packageName, UnzipHandlePar
     bool handleFlag = DoNativeLibSignOrVerify(std::string(fileName), sb, param, readFileSize);
     if (!handleFlag) {
         SIGNATURE_TOOLS_LOGE("%s native libs handle failed", fileName);
-        unzClose(zFile);
-        return false;
+        if(!zFile) {
+            unzClose(zFile);
+            zFile = nullptr;
+            return false;
+        }
     }
-
     return true;
 }
 
diff --git a/hapsigntool_cpp/hap/verify/src/verify_hap.cpp b/hapsigntool_cpp/hap/verify/src/verify_hap.cpp
index b7043c40..bbb5d729 100644
--- a/hapsigntool_cpp/hap/verify/src/verify_hap.cpp
+++ b/hapsigntool_cpp/hap/verify/src/verify_hap.cpp
@@ -90,7 +90,7 @@ bool VerifyHap::outputOptionalBlocks(const std::string& outputProfileFile, const
                 return false;
             }
         } else if (optionBlock.optionalType == HapUtils::HAP_PROOF_OF_ROTATION_BLOCK_ID) {
-            if (!writeOptionalBytesToFile(optionBlock, outputPropertyFile)) {
+            if (!writeOptionalBytesToFile(optionBlock, outputProofFile)) {
                 return false;
             }
         } else {
diff --git a/hapsigntool_cpp/profile/include/pkcs7_data.h b/hapsigntool_cpp/profile/include/pkcs7_data.h
index f0c66bb3..35e34c2b 100644
--- a/hapsigntool_cpp/profile/include/pkcs7_data.h
+++ b/hapsigntool_cpp/profile/include/pkcs7_data.h
@@ -49,7 +49,7 @@ struct std::equal_to<X509*> {
 /* all cert is put into one bottle */
 template<>
 struct std::hash<X509*> {
-    size_t operator()(const X509* cert)const
+    size_t operator()(const X509* cert) const
     {
         return 0;
     }
-- 
Gitee


From cdd148cbe0d7b38bca40dafd6ae7ba7290513e2a Mon Sep 17 00:00:00 2001
From: zhanzeyi <zhanzeyi@huawei.com>
Date: Tue, 30 Jul 2024 16:42:58 +0800
Subject: [PATCH 2/2] update

Signed-off-by: zhanzeyi <zhanzeyi@huawei.com>
---
 .../fsverity/src/merkle_tree_builder.cpp       |  8 ++++++--
 .../codesigning/sign/src/code_signing.cpp      | 11 +++++------
 .../hap/entity/src/signature_block_tags.cpp    | 18 ------------------
 .../hap/entity/src/signature_block_types.cpp   |  8 +++++---
 hapsigntool_cpp/hap/signature_tools_hap.gni    |  1 -
 5 files changed, 16 insertions(+), 30 deletions(-)
 delete mode 100644 hapsigntool_cpp/hap/entity/src/signature_block_tags.cpp

diff --git a/hapsigntool_cpp/codesigning/fsverity/src/merkle_tree_builder.cpp b/hapsigntool_cpp/codesigning/fsverity/src/merkle_tree_builder.cpp
index 82c60011..2e04776f 100644
--- a/hapsigntool_cpp/codesigning/fsverity/src/merkle_tree_builder.cpp
+++ b/hapsigntool_cpp/codesigning/fsverity/src/merkle_tree_builder.cpp
@@ -16,8 +16,10 @@
 
 #include "merkle_tree_builder.h"
 
-using namespace OHOS::SignatureTools;
 using namespace OHOS::SignatureTools::Uscript;
+namespace OHOS {
+namespace SignatureTools {
+    
 const int MerkleTreeBuilder::FSVERITY_HASH_PAGE_SIZE = 4096;
 const int64_t MerkleTreeBuilder::INPUTSTREAM_MAX_SIZE = 4503599627370496L;
 const int MerkleTreeBuilder::CHUNK_SIZE = 4096;
@@ -290,4 +292,6 @@ long MerkleTreeBuilder::GetChunkCount(long dataSize, long divisor)
 long MerkleTreeBuilder::GetFullChunkSize(long dataSize, long divisor, long multiplier)
 {
     return GetChunkCount(dataSize, divisor) * multiplier;
-}
\ No newline at end of file
+}
+} // namespace SignatureTools
+} // namespace OHOS
\ No newline at end of file
diff --git a/hapsigntool_cpp/codesigning/sign/src/code_signing.cpp b/hapsigntool_cpp/codesigning/sign/src/code_signing.cpp
index 8aa853e7..b21f7b9d 100644
--- a/hapsigntool_cpp/codesigning/sign/src/code_signing.cpp
+++ b/hapsigntool_cpp/codesigning/sign/src/code_signing.cpp
@@ -86,7 +86,10 @@ bool CodeSigning::GetCodeSignBlock(const std::string &input, int64_t offset,
     m_codeSignBlock.GetHapInfoSegment().SetSignInfo(hapSignInfoAndMerkleTreeBytesPair.first);
     m_codeSignBlock.AddOneMerkleTree(HAP_SIGNATURE_ENTRY_NAME,
                                      hapSignInfoAndMerkleTreeBytesPair.second);
-    SignNativeLibs(input, ownerID);
+    if (!SignNativeLibs(input, ownerID)) {
+        PrintErrorNumberMsg("SIGN_ERROR", SIGN_ERROR, "Failed to sign the contents in the compressed file.");
+        return false;
+    }
     UpdateCodeSignBlock();
     m_codeSignBlock.GenerateCodeSignBlockByte(fsvTreeOffset, ret);
     SIGNATURE_TOOLS_LOGI("Sign successfully.");
@@ -347,11 +350,7 @@ bool CodeSigning::RunParseZipInfo(const std::string& packageName, UnzipHandlePar
     bool handleFlag = DoNativeLibSignOrVerify(std::string(fileName), sb, param, readFileSize);
     if (!handleFlag) {
         SIGNATURE_TOOLS_LOGE("%s native libs handle failed", fileName);
-        if(!zFile) {
-            unzClose(zFile);
-            zFile = nullptr;
-            return false;
-        }
+        return false;
     }
     return true;
 }
diff --git a/hapsigntool_cpp/hap/entity/src/signature_block_tags.cpp b/hapsigntool_cpp/hap/entity/src/signature_block_tags.cpp
deleted file mode 100644
index 365b34aa..00000000
--- a/hapsigntool_cpp/hap/entity/src/signature_block_tags.cpp
+++ /dev/null
@@ -1,18 +0,0 @@
-/*
- * Copyright (c) 2024-2024 Huawei Device Co., Ltd.
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "signature_block_tags.h"
-
-using namespace OHOS::SignatureTools;
\ No newline at end of file
diff --git a/hapsigntool_cpp/hap/entity/src/signature_block_types.cpp b/hapsigntool_cpp/hap/entity/src/signature_block_types.cpp
index 05c07c4f..7a5fa64b 100644
--- a/hapsigntool_cpp/hap/entity/src/signature_block_types.cpp
+++ b/hapsigntool_cpp/hap/entity/src/signature_block_types.cpp
@@ -14,8 +14,8 @@
  */
 #include "signature_block_types.h"
 
-using namespace OHOS::SignatureTools;
-
+namespace OHOS {
+namespace SignatureTools {
 char SignatureBlockTypes::GetProfileBlockTypes(const std::string& isSigned)
 {
     if (!isSigned.empty() && 0 == isSigned.compare("0")) {
@@ -25,4 +25,6 @@ char SignatureBlockTypes::GetProfileBlockTypes(const std::string& isSigned)
         return PROFILE_SIGNED_BLOCK;
     }
     return PROFILE_NOSIGNED_BLOCK;
-}
\ No newline at end of file
+}
+} // namespace SignatureTools
+} // namespace OHOS
\ No newline at end of file
diff --git a/hapsigntool_cpp/hap/signature_tools_hap.gni b/hapsigntool_cpp/hap/signature_tools_hap.gni
index 8a85b3dc..a345ed79 100644
--- a/hapsigntool_cpp/hap/signature_tools_hap.gni
+++ b/hapsigntool_cpp/hap/signature_tools_hap.gni
@@ -35,7 +35,6 @@ signature_tools_hap_src = [
   "${signature_tools_hap}/entity/src/sign_block_info.cpp",
   "${signature_tools_hap}/entity/src/sign_content_info.cpp",
   "${signature_tools_hap}/entity/src/sign_block_data.cpp",
-  "${signature_tools_hap}/entity/src/signature_block_tags.cpp",
   "${signature_tools_hap}/entity/src/signature_block_types.cpp",
   "${signature_tools_hap}/entity/src/signing_block.cpp",
   "${signature_tools_hap}/provider/src/local_sign_provider.cpp",
-- 
Gitee