From b20143ef8b6ddef69fb063d8db8a39be1aab8d74 Mon Sep 17 00:00:00 2001 From: zhanzeyi Date: Fri, 2 Aug 2024 11:42:53 +0800 Subject: [PATCH 1/5] add Signed-off-by: zhanzeyi --- hapsigntool_cpp/cmd/src/params_run_tool.cpp | 10 +++++---- .../datastructure/include/elf_sign_block.h | 4 ++-- .../src/code_sign_block_header.cpp | 4 ++-- .../datastructure/src/elf_sign_block.cpp | 4 ++-- .../src/merkle_tree_extension.cpp | 8 +++---- .../datastructure/src/sign_info.cpp | 22 +++++++++---------- .../include/fs_verity_descriptor_with_sign.h | 4 ++-- .../src/fs_verity_descriptor_with_sign.cpp | 4 ++-- .../codesigning/sign/src/code_signing.cpp | 4 ++++ .../sign/src/verify_code_signature.cpp | 4 ++++ .../utils/include/fs_digest_utils.h | 2 +- .../codesigning/utils/src/fs_digest_utils.cpp | 2 +- hapsigntool_cpp/common/src/byte_buffer.cpp | 4 ++++ .../hap/entity/include/signing_block.h | 2 +- .../hap/entity/src/hw_block_head.cpp | 2 +- .../hap/entity/src/sign_block_data.cpp | 6 ++--- .../hap/entity/src/signing_block.cpp | 6 ++--- .../hap/provider/src/local_sign_provider.cpp | 1 - .../hap/verify/include/verify_elf.h | 4 ++-- hapsigntool_cpp/hap/verify/src/verify_elf.cpp | 11 +++++----- hapsigntool_cpp/hap/verify/src/verify_hap.cpp | 1 - hapsigntool_cpp/profile/src/pkcs7_data.cpp | 1 - hapsigntool_cpp/utils/include/cert_dn_utils.h | 4 ++-- hapsigntool_cpp/utils/include/string_utils.h | 2 +- hapsigntool_cpp/utils/src/cert_dn_utils.cpp | 4 ++-- hapsigntool_cpp/utils/src/hash_utils.cpp | 4 ++-- .../utils/src/key_store_helper.cpp | 5 +++++ hapsigntool_cpp/utils/src/string_utils.cpp | 2 +- 28 files changed, 74 insertions(+), 57 deletions(-) diff --git a/hapsigntool_cpp/cmd/src/params_run_tool.cpp b/hapsigntool_cpp/cmd/src/params_run_tool.cpp index 048e130f..6eec98db 100644 --- a/hapsigntool_cpp/cmd/src/params_run_tool.cpp +++ b/hapsigntool_cpp/cmd/src/params_run_tool.cpp @@ -89,11 +89,12 @@ bool ParamsRunTool::CallGenerators(const ParamsSharedPtr& params, SignToolServic { bool isSuccess = false; std::string method = params->GetMethod(); - if (GENERATOR_RUN_METHOD.count(method) == 0) { + auto it = GENERATOR_RUN_METHOD.find(method); + if (it == GENERATOR_RUN_METHOD.end()) { PrintErrorNumberMsg("COMMAND_ERROR", COMMAND_ERROR, "Unsupported method: " + method); return false; } else { - isSuccess=GENERATOR_RUN_METHOD[method](params->GetOptions(), api); + isSuccess = it->second(params->GetOptions(), api); } return isSuccess; } @@ -171,10 +172,11 @@ bool ParamsRunTool::DispatchParams(const ParamsSharedPtr& params, SignToolServic { bool isSuccess = false; std::string method = params->GetMethod(); - if (DISPATCH_RUN_METHOD.count(method) == 0) { + auto it = DISPATCH_RUN_METHOD.find(method); + if (it == DISPATCH_RUN_METHOD.end()) { isSuccess = ParamsRunTool::CallGenerators(params, api); } else { - isSuccess = DISPATCH_RUN_METHOD[method](params->GetOptions(), api); + isSuccess = it->second(params->GetOptions(), api); } return isSuccess; } diff --git a/hapsigntool_cpp/codesigning/datastructure/include/elf_sign_block.h b/hapsigntool_cpp/codesigning/datastructure/include/elf_sign_block.h index 745feecd..3ef6b7e5 100644 --- a/hapsigntool_cpp/codesigning/datastructure/include/elf_sign_block.h +++ b/hapsigntool_cpp/codesigning/datastructure/include/elf_sign_block.h @@ -30,8 +30,8 @@ public: public: ElfSignBlock(); - ElfSignBlock(int32_t paddingSize, std::vector &merkleTreeData, - FsVerityDescriptorWithSign &descriptorWithSign); + ElfSignBlock(int32_t paddingSize, const std::vector &merkleTreeData, + const FsVerityDescriptorWithSign &descriptorWithSign); int32_t Size(); std::vector& GetMerkleTreeWithPadding(); int64_t GetDataSize(); diff --git a/hapsigntool_cpp/codesigning/datastructure/src/code_sign_block_header.cpp b/hapsigntool_cpp/codesigning/datastructure/src/code_sign_block_header.cpp index 949fa8f1..ce55ec5d 100644 --- a/hapsigntool_cpp/codesigning/datastructure/src/code_sign_block_header.cpp +++ b/hapsigntool_cpp/codesigning/datastructure/src/code_sign_block_header.cpp @@ -86,8 +86,8 @@ CodeSignBlockHeader* CodeSignBlockHeader::FromByteArray(const std::vector &merkleTreeData, - FsVerityDescriptorWithSign &descriptorWithSign) +ElfSignBlock::ElfSignBlock(int32_t paddingSize, const std::vector &merkleTreeData, + const FsVerityDescriptorWithSign &descriptorWithSign) { std::vector inMerkleTreeData; if (!merkleTreeData.empty()) { diff --git a/hapsigntool_cpp/codesigning/datastructure/src/merkle_tree_extension.cpp b/hapsigntool_cpp/codesigning/datastructure/src/merkle_tree_extension.cpp index e383af05..c28f1fd0 100644 --- a/hapsigntool_cpp/codesigning/datastructure/src/merkle_tree_extension.cpp +++ b/hapsigntool_cpp/codesigning/datastructure/src/merkle_tree_extension.cpp @@ -75,15 +75,15 @@ MerkleTreeExtension* MerkleTreeExtension::FromByteArray(std::vector& byt bf->PutData(bytes.data(), bytes.size()); bf->Flip(); int64_t inMerkleTreeSize = 0; - bf->GetInt64(inMerkleTreeSize); - if (inMerkleTreeSize % PAGE_SIZE_4K != 0) { + bool flag = bf->GetInt64(inMerkleTreeSize); + if (!flag || (inMerkleTreeSize % PAGE_SIZE_4K != 0)) { PrintErrorNumberMsg("VERIFY_ERROR", VERIFY_ERROR, "The merkletree size must be an integer multiple of 4096"); return nullptr; } int64_t inMerkleTreeOffset = 0; - bf->GetInt64(inMerkleTreeOffset); - if (inMerkleTreeOffset % PAGE_SIZE_4K != 0) { + flag = bf->GetInt64(inMerkleTreeOffset); + if (!flag || (inMerkleTreeOffset % PAGE_SIZE_4K != 0)) { PrintErrorNumberMsg("VERIFY_ERROR", VERIFY_ERROR, "The merkletree offset must be an integer multiple of 4096"); return nullptr; diff --git a/hapsigntool_cpp/codesigning/datastructure/src/sign_info.cpp b/hapsigntool_cpp/codesigning/datastructure/src/sign_info.cpp index d99b04bd..ae675af1 100644 --- a/hapsigntool_cpp/codesigning/datastructure/src/sign_info.cpp +++ b/hapsigntool_cpp/codesigning/datastructure/src/sign_info.cpp @@ -227,37 +227,37 @@ SignInfo SignInfo::FromByteArray(std::vector bytes) bf->PutData(bytes.data(), bytes.size()); bf->Flip(); int32_t inSaltSize = 0; - bf->GetInt32(inSaltSize); + bool flag = bf->GetInt32(inSaltSize); int32_t inSigSize = 0; - bf->GetInt32(inSigSize); - if (inSaltSize < 0 || inSigSize < 0) { + bool ret = bf->GetInt32(inSigSize); + if (!flag || !ret || inSaltSize < 0 || inSigSize < 0) { SIGNATURE_TOOLS_LOGE("Invalid saltSize or sigSize of SignInfo, saltSize: %d, sigSize: %d", inSaltSize, inSigSize); return SignInfo(); } int32_t inFlags = 0; - bf->GetInt32(inFlags); - if (inFlags != 0 && inFlags != SignInfo::FLAG_MERKLE_TREE_INCLUDED) { + flag = bf->GetInt32(inFlags); + if (!flag || (inFlags != 0 && inFlags != SignInfo::FLAG_MERKLE_TREE_INCLUDED)) { SIGNATURE_TOOLS_LOGE("Invalid flags of SignInfo: %d", inFlags); return SignInfo(); } int64_t inDataSize = 0; - bf->GetInt64(inDataSize); - if (inDataSize < 0) { + flag = bf->GetInt64(inDataSize); + if (!flag || (inDataSize < 0)) { SIGNATURE_TOOLS_LOGE("Invalid dataSize of SignInfo"); return SignInfo(); } std::vector inSalt(SignInfo::SALT_BUFFER_LENGTH, 0); bf->GetByte(inSalt.data(), SignInfo::SALT_BUFFER_LENGTH); int32_t inExtensionNum = 0; - bf->GetInt32(inExtensionNum); - if (inExtensionNum < 0 || inExtensionNum > SignInfo::MAX_EXTENSION_NUM) { + flag = bf->GetInt32(inExtensionNum); + if (!flag || inExtensionNum < 0 || inExtensionNum > SignInfo::MAX_EXTENSION_NUM) { SIGNATURE_TOOLS_LOGE("Invalid extensionNum of SignInfo: %d", inExtensionNum); return SignInfo(); } int32_t inExtensionOffset = 0; - bf->GetInt32(inExtensionOffset); - if (inExtensionOffset < 0 || inExtensionOffset % SignInfo::SIGNATURE_ALIGNMENT != 0) { + flag = bf->GetInt32(inExtensionOffset); + if (!flag || inExtensionOffset < 0 || inExtensionOffset % SignInfo::SIGNATURE_ALIGNMENT != 0) { SIGNATURE_TOOLS_LOGE("Invalid extensionOffset of SignInfo: %d", inExtensionOffset); return SignInfo(); } diff --git a/hapsigntool_cpp/codesigning/fsverity/include/fs_verity_descriptor_with_sign.h b/hapsigntool_cpp/codesigning/fsverity/include/fs_verity_descriptor_with_sign.h index d0d49bae..df46a473 100644 --- a/hapsigntool_cpp/codesigning/fsverity/include/fs_verity_descriptor_with_sign.h +++ b/hapsigntool_cpp/codesigning/fsverity/include/fs_verity_descriptor_with_sign.h @@ -28,9 +28,9 @@ public: public: FsVerityDescriptorWithSign(); - FsVerityDescriptorWithSign(FsVerityDescriptor fsVerityDescriptor, std::vector &signature); + FsVerityDescriptorWithSign(FsVerityDescriptor fsVerityDescriptor, const std::vector &signature); FsVerityDescriptorWithSign(int32_t type, int32_t length, FsVerityDescriptor fsVerityDescriptor, - std::vector &signature); + const std::vector &signature); int32_t Size(); void ToByteArray(std::vector &ret); FsVerityDescriptor GetFsVerityDescriptor(); diff --git a/hapsigntool_cpp/codesigning/fsverity/src/fs_verity_descriptor_with_sign.cpp b/hapsigntool_cpp/codesigning/fsverity/src/fs_verity_descriptor_with_sign.cpp index 7f885a84..b1dbd30f 100644 --- a/hapsigntool_cpp/codesigning/fsverity/src/fs_verity_descriptor_with_sign.cpp +++ b/hapsigntool_cpp/codesigning/fsverity/src/fs_verity_descriptor_with_sign.cpp @@ -23,7 +23,7 @@ FsVerityDescriptorWithSign::FsVerityDescriptorWithSign() } FsVerityDescriptorWithSign::FsVerityDescriptorWithSign(FsVerityDescriptor fsVerityDescriptor, - std::vector &signature) + const std::vector &signature) { this->fsVerityDescriptor = fsVerityDescriptor; if (!signature.empty()) { @@ -33,7 +33,7 @@ FsVerityDescriptorWithSign::FsVerityDescriptorWithSign(FsVerityDescriptor fsVeri } FsVerityDescriptorWithSign::FsVerityDescriptorWithSign(int32_t type, int32_t length, - FsVerityDescriptor fsVerityDescriptor, std::vector &signature) + FsVerityDescriptor fsVerityDescriptor, const std::vector &signature) { this->type = type; this->length = length; diff --git a/hapsigntool_cpp/codesigning/sign/src/code_signing.cpp b/hapsigntool_cpp/codesigning/sign/src/code_signing.cpp index b21f7b9d..c578856a 100644 --- a/hapsigntool_cpp/codesigning/sign/src/code_signing.cpp +++ b/hapsigntool_cpp/codesigning/sign/src/code_signing.cpp @@ -161,6 +161,10 @@ bool CodeSigning::SignFile(std::istream& inputStream, int64_t fileSize, bool sto MerkleTreeExtension* merkleTreeExtension = new MerkleTreeExtension(merkleTreeSize, fsvTreeOffset, fsVerityGenerator->GetRootHash()); + if (nullptr == merkleTreeExtension) { + PrintErrorNumberMsg("SIGN_ERROR", SIGN_ERROR, "system failed to allocate memory for MerkleTreeExtension"); + return false; + } signInfo.AddExtension(merkleTreeExtension); } ret = std::make_pair(signInfo, fsVerityGenerator->GetTreeBytes()); diff --git a/hapsigntool_cpp/codesigning/sign/src/verify_code_signature.cpp b/hapsigntool_cpp/codesigning/sign/src/verify_code_signature.cpp index de4f4431..37acaf48 100644 --- a/hapsigntool_cpp/codesigning/sign/src/verify_code_signature.cpp +++ b/hapsigntool_cpp/codesigning/sign/src/verify_code_signature.cpp @@ -122,6 +122,10 @@ bool VerifyCodeSignature::VerifyCodeSign(std::string file, std::pair()); + if (nullptr == mte) { + PrintErrorNumberMsg("VERIFY_ERROR", VERIFY_ERROR, "system failed to allocate memory for MerkleTreeExtension"); + return false; + } if (ext != nullptr) { delete mte; mte = (MerkleTreeExtension*)(ext); diff --git a/hapsigntool_cpp/codesigning/utils/include/fs_digest_utils.h b/hapsigntool_cpp/codesigning/utils/include/fs_digest_utils.h index 89b70c96..bdb21d5d 100644 --- a/hapsigntool_cpp/codesigning/utils/include/fs_digest_utils.h +++ b/hapsigntool_cpp/codesigning/utils/include/fs_digest_utils.h @@ -44,7 +44,7 @@ public: }; explicit DigestUtils(HashType type); ~DigestUtils(); - void AddData(std::string data); + void AddData(const std::string &data); void AddData(const char* data, int length); std::string Result(Type type = Type::HEX); diff --git a/hapsigntool_cpp/codesigning/utils/src/fs_digest_utils.cpp b/hapsigntool_cpp/codesigning/utils/src/fs_digest_utils.cpp index 36e5c331..73631cba 100644 --- a/hapsigntool_cpp/codesigning/utils/src/fs_digest_utils.cpp +++ b/hapsigntool_cpp/codesigning/utils/src/fs_digest_utils.cpp @@ -15,7 +15,7 @@ #include "fs_digest_utils.h" #include "securec.h" -void DigestUtils::AddData(std::string data) +void DigestUtils::AddData(const std::string &data) { AddData(data.data(), (int)data.size()); } diff --git a/hapsigntool_cpp/common/src/byte_buffer.cpp b/hapsigntool_cpp/common/src/byte_buffer.cpp index 6525c634..827bdcae 100644 --- a/hapsigntool_cpp/common/src/byte_buffer.cpp +++ b/hapsigntool_cpp/common/src/byte_buffer.cpp @@ -515,6 +515,10 @@ ByteBuffer& ByteBuffer::Slice() } int32_t newCapacity = limit - position; auto newBuffer = make_shared_array(newCapacity); + if (nullptr == newBuffer) { + SIGNATURE_TOOLS_LOGE("make_shared_array failed"); + return *this; + } if (memcpy_s(newBuffer.get(), newCapacity, buffer.get() + position, newCapacity) != RET_OK) { SIGNATURE_TOOLS_LOGE("memcpy_s failed"); return *this; diff --git a/hapsigntool_cpp/hap/entity/include/signing_block.h b/hapsigntool_cpp/hap/entity/include/signing_block.h index a7a3c9c4..43f47bb0 100644 --- a/hapsigntool_cpp/hap/entity/include/signing_block.h +++ b/hapsigntool_cpp/hap/entity/include/signing_block.h @@ -29,7 +29,7 @@ public: SigningBlock(const int32_t type, const std::vector &value, const int64_t offset); int32_t GetLength(); - std::vector& GetValue(); + const std::vector& GetValue(); int64_t GetOffset(); private: diff --git a/hapsigntool_cpp/hap/entity/src/hw_block_head.cpp b/hapsigntool_cpp/hap/entity/src/hw_block_head.cpp index 753179f1..b8b0511e 100644 --- a/hapsigntool_cpp/hap/entity/src/hw_block_head.cpp +++ b/hapsigntool_cpp/hap/entity/src/hw_block_head.cpp @@ -55,7 +55,7 @@ std::vector HwBlockHead::GetBlockHeadLittleEndian(const char type, const bf.PutByte(0); bf.PutInt32(length); bf.PutInt32(offset); - int8_t ret[HwBlockHead::ELF_BLOCK_LEN]; + int8_t ret[HwBlockHead::ELF_BLOCK_LEN] = {0}; bf.GetData(0, ret, HwBlockHead::ELF_BLOCK_LEN); std::vector byte(ret, ret + HwBlockHead::ELF_BLOCK_LEN); return byte; diff --git a/hapsigntool_cpp/hap/entity/src/sign_block_data.cpp b/hapsigntool_cpp/hap/entity/src/sign_block_data.cpp index cdfe4ad6..d62ab5d4 100644 --- a/hapsigntool_cpp/hap/entity/src/sign_block_data.cpp +++ b/hapsigntool_cpp/hap/entity/src/sign_block_data.cpp @@ -20,7 +20,7 @@ namespace SignatureTools { SignBlockData::SignBlockData(const std::vector& signData, const char type) { - m_signData = signData; + m_signData = std::move(signData); m_type = type; m_len = signData.size(); m_isByte = true; @@ -28,7 +28,7 @@ SignBlockData::SignBlockData(const std::vector& signData, const char typ SignBlockData::SignBlockData(const std::string& signFile, const char type) { - m_signFile = signFile; + m_signFile = std::move(signFile); m_type = type; m_len = FileUtils::GetFileLen(signFile); m_isByte = false; @@ -46,7 +46,7 @@ std::vector& SignBlockData::GetBlockHead() void SignBlockData::SetBlockHead(const std::vector& blockHead) { - m_blockHead = blockHead; + m_blockHead = std::move(blockHead); } std::vector& SignBlockData::GetSignData() diff --git a/hapsigntool_cpp/hap/entity/src/signing_block.cpp b/hapsigntool_cpp/hap/entity/src/signing_block.cpp index 9bb4a054..cb54513b 100644 --- a/hapsigntool_cpp/hap/entity/src/signing_block.cpp +++ b/hapsigntool_cpp/hap/entity/src/signing_block.cpp @@ -22,14 +22,14 @@ SigningBlock::SigningBlock(const int32_t type, const std::vector &value) { m_type = type; m_length = value.size(); - m_value = value; + m_value = std::move(value); } SigningBlock::SigningBlock(const int32_t type, const std::vector &value, const int64_t offset) { m_type = type; m_length = value.size(); - m_value = value; + m_value = std::move(value); m_offset = offset; } @@ -38,7 +38,7 @@ int32_t SigningBlock::GetLength() return m_length; } -std::vector& SigningBlock::GetValue() +const std::vector& SigningBlock::GetValue() { return m_value; } diff --git a/hapsigntool_cpp/hap/provider/src/local_sign_provider.cpp b/hapsigntool_cpp/hap/provider/src/local_sign_provider.cpp index 343d504c..4a29c584 100644 --- a/hapsigntool_cpp/hap/provider/src/local_sign_provider.cpp +++ b/hapsigntool_cpp/hap/provider/src/local_sign_provider.cpp @@ -60,7 +60,6 @@ bool LocalSignProvider::CheckPublicKeyPath() flag = !publicKeyFile.is_open(); if (flag) { PrintErrorNumberMsg("IO_ERROR", IO_ERROR, publicCertsFile + " open failed "); - publicKeyFile.close(); return false; } publicKeyFile.close(); diff --git a/hapsigntool_cpp/hap/verify/include/verify_elf.h b/hapsigntool_cpp/hap/verify/include/verify_elf.h index 78303364..2a844b61 100644 --- a/hapsigntool_cpp/hap/verify/include/verify_elf.h +++ b/hapsigntool_cpp/hap/verify/include/verify_elf.h @@ -43,9 +43,9 @@ public: const std::string fileType); static bool GetSignBlockInfo(const std::string& file, SignBlockInfo& signBlockInfo, const std::string fileType); - static bool GetFileDigest(std::vector& fileBytes, std::vector& signatrue, + static bool GetFileDigest(std::vector& fileBytes, const std::vector& signatrue, SignBlockInfo& signBlockInfo); - static bool GetRawContent(std::vector& contentVec, std::string& rawContent); + static bool GetRawContent(const std::vector& contentVec, std::string& rawContent); static bool VerifyP7b(std::unordered_map& signBlockMap, Options* options, Pkcs7Context& pkcs7Context, std::vector& profileVec, std::string& profileJson); diff --git a/hapsigntool_cpp/hap/verify/src/verify_elf.cpp b/hapsigntool_cpp/hap/verify/src/verify_elf.cpp index 88733e90..2eba38fa 100644 --- a/hapsigntool_cpp/hap/verify/src/verify_elf.cpp +++ b/hapsigntool_cpp/hap/verify/src/verify_elf.cpp @@ -108,7 +108,7 @@ bool VerifyElf::VerifyP7b(std::unordered_map& signBlockMap { if (signBlockMap.find(PROFILE_NOSIGNED_BLOCK) != signBlockMap.end()) { // verify unsigned profile - std::vector& profileByte = signBlockMap.find(PROFILE_NOSIGNED_BLOCK)->second.GetValue(); + const std::vector& profileByte = signBlockMap.find(PROFILE_NOSIGNED_BLOCK)->second.GetValue(); std::string fromByteStr(profileByte.begin(), profileByte.end()); profileJson = fromByteStr; profileVec = profileByte; @@ -116,7 +116,7 @@ bool VerifyElf::VerifyP7b(std::unordered_map& signBlockMap } else if (signBlockMap.find(PROFILE_SIGNED_BLOCK) != signBlockMap.end()) { // verify signed profile SigningBlock profileSign = signBlockMap.find(PROFILE_SIGNED_BLOCK)->second; - std::vector& profileByte = profileSign.GetValue(); + const std::vector& profileByte = profileSign.GetValue(); bool getRawContentFlag = GetRawContent(profileByte, profileJson); if (!getRawContentFlag) { SIGNATURE_TOOLS_LOGE("get profile content failed on verify elf!"); @@ -153,6 +153,7 @@ bool VerifyElf::GetSignBlockInfo(const std::string& file, SignBlockInfo& signBlo if (fileStream.fail() && !fileStream.eof()) { PrintErrorNumberMsg("IO_ERROR", IO_ERROR, "Error occurred while reading data"); fileStream.close(); + delete fileBytes; return false; } fileStream.close(); @@ -173,7 +174,7 @@ bool VerifyElf::GetSignBlockInfo(const std::string& file, SignBlockInfo& signBlo // get bin file digest bool needGenerateDigest = signBlockInfo.GetNeedGenerateDigest(); if (needGenerateDigest) { - std::vector& signatrue = signBlockInfo.GetSignBlockMap().find(0)->second.GetValue(); + const std::vector& signatrue = signBlockInfo.GetSignBlockMap().find(0)->second.GetValue(); bool getFileDigest = GetFileDigest(*((std::vector*)fileBytes), signatrue, signBlockInfo); if (!getFileDigest) { SIGNATURE_TOOLS_LOGE("getFileDigest failed on verify bin file %s", file.c_str()); @@ -185,7 +186,7 @@ bool VerifyElf::GetSignBlockInfo(const std::string& file, SignBlockInfo& signBlo return true; } -bool VerifyElf::GetFileDigest(std::vector& fileBytes, std::vector& signatrue, +bool VerifyElf::GetFileDigest(std::vector& fileBytes, const std::vector& signatrue, SignBlockInfo& signBlockInfo) { std::string binDigest; @@ -386,7 +387,7 @@ bool VerifyElf::CheckSignFile(const std::string& signedFile) return true; } -bool VerifyElf::GetRawContent(std::vector& contentVec, std::string& rawContent) +bool VerifyElf::GetRawContent(const std::vector& contentVec, std::string& rawContent) { PKCS7Data p7Data; int parseFlag = p7Data.Parse(contentVec); diff --git a/hapsigntool_cpp/hap/verify/src/verify_hap.cpp b/hapsigntool_cpp/hap/verify/src/verify_hap.cpp index bbb5d729..3c9ff687 100644 --- a/hapsigntool_cpp/hap/verify/src/verify_hap.cpp +++ b/hapsigntool_cpp/hap/verify/src/verify_hap.cpp @@ -30,7 +30,6 @@ #include "param_constants.h" #include "file_utils.h" #include "nlohmann/json.hpp" -#include "hap_utils.h" #include "cert_tools.h" #include "verify_hap.h" diff --git a/hapsigntool_cpp/profile/src/pkcs7_data.cpp b/hapsigntool_cpp/profile/src/pkcs7_data.cpp index a069c227..6f76172c 100644 --- a/hapsigntool_cpp/profile/src/pkcs7_data.cpp +++ b/hapsigntool_cpp/profile/src/pkcs7_data.cpp @@ -177,7 +177,6 @@ int PKCS7Data::GetContent(std::string& originalRawData) const BIO* oriBio = PKCS7_dataDecode(m_p7, NULL, NULL, NULL); if (oriBio == NULL) { PrintErrorNumberMsg("INVALIDPARAM_ERROR", INVALIDPARAM_ERROR, "pkcs7 get content data failed!"); - BIO_free_all(oriBio); return INVALIDPARAM_ERROR; } char buf[BUFFER_SIZE]{0}; diff --git a/hapsigntool_cpp/utils/include/cert_dn_utils.h b/hapsigntool_cpp/utils/include/cert_dn_utils.h index 02a55aa7..f5f7329d 100644 --- a/hapsigntool_cpp/utils/include/cert_dn_utils.h +++ b/hapsigntool_cpp/utils/include/cert_dn_utils.h @@ -39,14 +39,14 @@ namespace SignatureTools { * @param nameString nameString * @return X500Name */ -X509_NAME* BuildDN(std::string nameString, X509_REQ* req); +X509_NAME* BuildDN(const std::string &nameString, X509_REQ* req); /** * To verify the format of subject or issuer. * Refer to X509_NAMEStyle.fromstring(). * * @param nameString subject or issuer */ -int g_checkDn(std::string nameString, std::vector>& pairs); +int g_checkDn(const std::string &nameString, std::vector>& pairs); } // namespace SignatureTools } // namespace OHOS #endif // SIGNATRUETOOLS_CERTUTILS_H \ No newline at end of file diff --git a/hapsigntool_cpp/utils/include/string_utils.h b/hapsigntool_cpp/utils/include/string_utils.h index 44122ee3..1d29a0f0 100644 --- a/hapsigntool_cpp/utils/include/string_utils.h +++ b/hapsigntool_cpp/utils/include/string_utils.h @@ -30,7 +30,7 @@ class StringUtils { public: StringUtils() = delete; static bool IsEmpty(const std::string& cs); - static bool ContainsCase(std::vector strs, const std::string& str); + static bool ContainsCase(const std::vector &strs, const std::string& str); static bool CaseCompare(const std::string& str1, const std::string& str2); static std::vector SplitString(const std::string& str, char delimiter); static std::string Trim(const std::string& str); diff --git a/hapsigntool_cpp/utils/src/cert_dn_utils.cpp b/hapsigntool_cpp/utils/src/cert_dn_utils.cpp index afeda3c3..526b0d8a 100644 --- a/hapsigntool_cpp/utils/src/cert_dn_utils.cpp +++ b/hapsigntool_cpp/utils/src/cert_dn_utils.cpp @@ -19,7 +19,7 @@ namespace OHOS { namespace SignatureTools { -int g_checkDn(std::string nameString, std::vector>& pairs) +int g_checkDn(const std::string &nameString, std::vector>& pairs) { if (nameString.size() == 0) { return FORMAT_ERROR; @@ -43,7 +43,7 @@ int g_checkDn(std::string nameString, std::vector return 0; } -X509_NAME* BuildDN(std::string nameString, X509_REQ* req) +X509_NAME* BuildDN(const std::string &nameString, X509_REQ* req) { std::vector> pairs; std::ostringstream oss; diff --git a/hapsigntool_cpp/utils/src/hash_utils.cpp b/hapsigntool_cpp/utils/src/hash_utils.cpp index ae01abf7..760fd1a3 100644 --- a/hapsigntool_cpp/utils/src/hash_utils.cpp +++ b/hapsigntool_cpp/utils/src/hash_utils.cpp @@ -113,9 +113,9 @@ std::vector HashUtils::GetDigestFromBytes(const std::vector& fil } std::map> hashMap; int64_t readLength = 0; - int32_t num = 0; + int64_t num = 0; while (readLength < length) { - int32_t blockLength = length - readLength > HASH_LEN ? HASH_LEN : (length - readLength); + int64_t blockLength = length - readLength > HASH_LEN ? HASH_LEN : (length - readLength); std::string readStr(fileBytes.begin() + readLength, fileBytes.begin() + readLength + blockLength); std::vector dig = GetByteDigest(readStr, readStr.size(), algName); hashMap.emplace(num, dig); diff --git a/hapsigntool_cpp/utils/src/key_store_helper.cpp b/hapsigntool_cpp/utils/src/key_store_helper.cpp index 6e86a666..4b3ea3ea 100644 --- a/hapsigntool_cpp/utils/src/key_store_helper.cpp +++ b/hapsigntool_cpp/utils/src/key_store_helper.cpp @@ -152,6 +152,11 @@ bool KeyStoreHelper::InitX509(X509& cert, EVP_PKEY& evpPkey) X509_NAME* issuerName = X509_NAME_new(); const EVP_MD* md = EVP_sha256(); X509_NAME* subjectName = nullptr; + if (!bnSerial || !issuerName || !md) { + KeyPairFree(bnSerial, issuerName, subjectName, nullptr, + "Failed to initialize the x509 info."); + return false; + } ASN1_INTEGER* ai = BN_to_ASN1_INTEGER(bnSerial, NULL); if (ai == NULL || issuerName == NULL) { KeyPairFree(bnSerial, issuerName, subjectName, ai, diff --git a/hapsigntool_cpp/utils/src/string_utils.cpp b/hapsigntool_cpp/utils/src/string_utils.cpp index f7bf4834..0802e451 100644 --- a/hapsigntool_cpp/utils/src/string_utils.cpp +++ b/hapsigntool_cpp/utils/src/string_utils.cpp @@ -25,7 +25,7 @@ bool StringUtils::IsEmpty(const std::string& cs) return cs.empty(); } -bool StringUtils::ContainsCase(const std::vector strs, const std::string& str) +bool StringUtils::ContainsCase(const std::vector &strs, const std::string& str) { for (const std::string& val : strs) { if (val == str) -- Gitee From 694075248934e39eb9ac2ae4df66495a4d5e8c49 Mon Sep 17 00:00:00 2001 From: zhanzeyi Date: Fri, 2 Aug 2024 16:33:26 +0800 Subject: [PATCH 2/5] update Signed-off-by: zhanzeyi --- .../include/{hw_block_data.h => block_data.h} | 8 +-- .../include/{hw_block_head.h => block_head.h} | 6 +- .../include/{hw_sign_head.h => sign_head.h} | 8 +-- .../src/{hw_block_data.cpp => block_data.cpp} | 14 ++--- .../src/{hw_block_head.cpp => block_head.cpp} | 22 +++---- .../src/{hw_sign_head.cpp => sign_head.cpp} | 42 +++++++------- hapsigntool_cpp/hap/sign/src/sign_bin.cpp | 14 ++--- hapsigntool_cpp/hap/sign/src/sign_elf.cpp | 12 ++-- hapsigntool_cpp/hap/signature_tools_hap.gni | 6 +- .../hap/verify/include/verify_elf.h | 8 +-- hapsigntool_cpp/hap/verify/src/verify_elf.cpp | 58 +++++++++---------- 11 files changed, 99 insertions(+), 99 deletions(-) rename hapsigntool_cpp/hap/entity/include/{hw_block_data.h => block_data.h} (85%) rename hapsigntool_cpp/hap/entity/include/{hw_block_head.h => block_head.h} (93%) rename hapsigntool_cpp/hap/entity/include/{hw_sign_head.h => sign_head.h} (91%) rename hapsigntool_cpp/hap/entity/src/{hw_block_data.cpp => block_data.cpp} (74%) rename hapsigntool_cpp/hap/entity/src/{hw_block_head.cpp => block_head.cpp} (71%) rename hapsigntool_cpp/hap/entity/src/{hw_sign_head.cpp => sign_head.cpp} (68%) diff --git a/hapsigntool_cpp/hap/entity/include/hw_block_data.h b/hapsigntool_cpp/hap/entity/include/block_data.h similarity index 85% rename from hapsigntool_cpp/hap/entity/include/hw_block_data.h rename to hapsigntool_cpp/hap/entity/include/block_data.h index 17564965..07c9c984 100644 --- a/hapsigntool_cpp/hap/entity/include/hw_block_data.h +++ b/hapsigntool_cpp/hap/entity/include/block_data.h @@ -13,16 +13,16 @@ * limitations under the License. */ -#ifndef SIGNATRUETOOLS_HW_BLOCK_DATA_H -#define SIGNATRUETOOLS_HW_BLOCK_DATA_H +#ifndef SIGNATRUETOOLS_BLOCK_DATA_H +#define SIGNATRUETOOLS_BLOCK_DATA_H #include namespace OHOS { namespace SignatureTools { -class HwBlockData { +class BlockData { public: - HwBlockData(const int32_t blockNum, const int64_t blockStart); + BlockData(const int32_t blockNum, const int64_t blockStart); int32_t GetBlockNum(); void SetBlockNum(const int32_t blockNum); diff --git a/hapsigntool_cpp/hap/entity/include/hw_block_head.h b/hapsigntool_cpp/hap/entity/include/block_head.h similarity index 93% rename from hapsigntool_cpp/hap/entity/include/hw_block_head.h rename to hapsigntool_cpp/hap/entity/include/block_head.h index f78f1300..0b4f548b 100644 --- a/hapsigntool_cpp/hap/entity/include/hw_block_head.h +++ b/hapsigntool_cpp/hap/entity/include/block_head.h @@ -13,15 +13,15 @@ * limitations under the License. */ -#ifndef SIGNATRUETOOLS_HW_BLOCK_HEAD_H -#define SIGNATRUETOOLS_HW_BLOCK_HEAD_H +#ifndef SIGNATRUETOOLS_BLOCK_HEAD_H +#define SIGNATRUETOOLS_BLOCK_HEAD_H #include #include namespace OHOS { namespace SignatureTools { -class HwBlockHead { +class BlockHead { public: static const int BLOCK_LEN = 8; static const int ELF_BLOCK_LEN = 12; diff --git a/hapsigntool_cpp/hap/entity/include/hw_sign_head.h b/hapsigntool_cpp/hap/entity/include/sign_head.h similarity index 91% rename from hapsigntool_cpp/hap/entity/include/hw_sign_head.h rename to hapsigntool_cpp/hap/entity/include/sign_head.h index 7607dd2d..d61428bc 100644 --- a/hapsigntool_cpp/hap/entity/include/hw_sign_head.h +++ b/hapsigntool_cpp/hap/entity/include/sign_head.h @@ -13,17 +13,17 @@ * limitations under the License. */ -#ifndef SIGNATRUETOOLS_HW_SIGN_HEAD_H -#define SIGNATRUETOOLS_HW_SIGN_HEAD_H +#ifndef SIGNATRUETOOLS_SIGN_HEAD_H +#define SIGNATRUETOOLS_SIGN_HEAD_H #include #include namespace OHOS { namespace SignatureTools { -class HwSignHead { +class SignHead { public: - HwSignHead(); + SignHead(); std::vector GetSignHead(const int subBlockSize); static const int SIGN_HEAD_LEN; diff --git a/hapsigntool_cpp/hap/entity/src/hw_block_data.cpp b/hapsigntool_cpp/hap/entity/src/block_data.cpp similarity index 74% rename from hapsigntool_cpp/hap/entity/src/hw_block_data.cpp rename to hapsigntool_cpp/hap/entity/src/block_data.cpp index b9a02a64..8f5a7326 100644 --- a/hapsigntool_cpp/hap/entity/src/hw_block_data.cpp +++ b/hapsigntool_cpp/hap/entity/src/block_data.cpp @@ -13,36 +13,36 @@ * limitations under the License. */ -#include "hw_block_data.h" +#include "block_data.h" namespace OHOS { namespace SignatureTools { -HwBlockData::HwBlockData(const int32_t blockNum, const int64_t blockStart) +BlockData::BlockData(const int32_t blockNum, const int64_t blockStart) { m_blockNum = blockNum; m_blockStart = blockStart; } -int32_t HwBlockData::GetBlockNum() +int32_t BlockData::GetBlockNum() { return m_blockNum; } -void HwBlockData::SetBlockNum(const int32_t blockNum) +void BlockData::SetBlockNum(const int32_t blockNum) { m_blockNum = blockNum; } -int64_t HwBlockData::GetBlockStart() +int64_t BlockData::GetBlockStart() { return m_blockStart; } -void HwBlockData::SetBlockStart(const int64_t blockStart) +void BlockData::SetBlockStart(const int64_t blockStart) { m_blockStart = blockStart; } } // namespace SignatureTools -} // namespace OHOS \ No newline at end of file +} // namespace OHOS diff --git a/hapsigntool_cpp/hap/entity/src/hw_block_head.cpp b/hapsigntool_cpp/hap/entity/src/block_head.cpp similarity index 71% rename from hapsigntool_cpp/hap/entity/src/hw_block_head.cpp rename to hapsigntool_cpp/hap/entity/src/block_head.cpp index b8b0511e..9d458f31 100644 --- a/hapsigntool_cpp/hap/entity/src/hw_block_head.cpp +++ b/hapsigntool_cpp/hap/entity/src/block_head.cpp @@ -13,24 +13,24 @@ * limitations under the License. */ -#include "hw_block_head.h" +#include "block_head.h" #include "byte_buffer.h" -#include "hw_sign_head.h" +#include "sign_head.h" namespace OHOS { namespace SignatureTools { -int HwBlockHead::GetBlockLen() +int BlockHead::GetBlockLen() { return BLOCK_LEN; } -int HwBlockHead::GetElfBlockLen() +int BlockHead::GetElfBlockLen() { return ELF_BLOCK_LEN; } -std::string HwBlockHead::GetBlockHead(const char type, const char tag, const short length, const int offset) +std::string BlockHead::GetBlockHead(const char type, const char tag, const short length, const int offset) { std::vector tmpVec; tmpVec.push_back(type); @@ -45,21 +45,21 @@ std::string HwBlockHead::GetBlockHead(const char type, const char tag, const sho return std::string(tmpVec.begin(), tmpVec.end()); } -std::vector HwBlockHead::GetBlockHeadLittleEndian(const char type, const char tag, +std::vector BlockHead::GetBlockHeadLittleEndian(const char type, const char tag, const int length, const int offset) { - ByteBuffer bf = ByteBuffer(HwBlockHead::ELF_BLOCK_LEN); + ByteBuffer bf = ByteBuffer(BlockHead::ELF_BLOCK_LEN); bf.PutByte(type); bf.PutByte(tag); bf.PutByte(0); bf.PutByte(0); bf.PutInt32(length); bf.PutInt32(offset); - int8_t ret[HwBlockHead::ELF_BLOCK_LEN] = {0}; - bf.GetData(0, ret, HwBlockHead::ELF_BLOCK_LEN); - std::vector byte(ret, ret + HwBlockHead::ELF_BLOCK_LEN); + int8_t ret[BlockHead::ELF_BLOCK_LEN] = {0}; + bf.GetData(0, ret, BlockHead::ELF_BLOCK_LEN); + std::vector byte(ret, ret + BlockHead::ELF_BLOCK_LEN); return byte; } } // namespace SignatureTools -} // namespace OHOS \ No newline at end of file +} // namespace OHOS diff --git a/hapsigntool_cpp/hap/entity/src/hw_sign_head.cpp b/hapsigntool_cpp/hap/entity/src/sign_head.cpp similarity index 68% rename from hapsigntool_cpp/hap/entity/src/hw_sign_head.cpp rename to hapsigntool_cpp/hap/entity/src/sign_head.cpp index c2764b2c..f0e06e18 100644 --- a/hapsigntool_cpp/hap/entity/src/hw_sign_head.cpp +++ b/hapsigntool_cpp/hap/entity/src/sign_head.cpp @@ -18,26 +18,26 @@ #include "byte_buffer.h" #include "byte_array_utils.h" #include "signature_tools_log.h" -#include "hw_sign_head.h" +#include "sign_head.h" namespace OHOS { namespace SignatureTools { -const int HwSignHead::SIGN_HEAD_LEN = 32; -const std::string HwSignHead::MAGIC = "hw signed app "; -const std::string HwSignHead::ELF_MAGIC = "elf sign block "; -const std::string HwSignHead::VERSION = "1000"; -const int HwSignHead::NUM_OF_BLOCK = 2; -const int HwSignHead::RESERVE_LENGTH = 4; -const int32_t HwSignHead::ELF_BLOCK_LEN = 12; -const int32_t HwSignHead::BIN_BLOCK_LEN = 8; -std::vector HwSignHead::m_reserve = std::vector(HwSignHead::RESERVE_LENGTH, 0); +const int SignHead::SIGN_HEAD_LEN = 32; +const std::string SignHead::MAGIC = "hw signed app "; +const std::string SignHead::ELF_MAGIC = "elf sign block "; +const std::string SignHead::VERSION = "1000"; +const int SignHead::NUM_OF_BLOCK = 2; +const int SignHead::RESERVE_LENGTH = 4; +const int32_t SignHead::ELF_BLOCK_LEN = 12; +const int32_t SignHead::BIN_BLOCK_LEN = 8; +std::vector SignHead::m_reserve = std::vector(SignHead::RESERVE_LENGTH, 0); -HwSignHead::HwSignHead() +SignHead::SignHead() { } -std::vector HwSignHead::GetSignHead(const int subBlockSize) +std::vector SignHead::GetSignHead(const int subBlockSize) { int size = subBlockSize; std::vector signHead(SIGN_HEAD_LEN, 0); @@ -70,26 +70,26 @@ std::vector HwSignHead::GetSignHead(const int subBlockSize) return signHead; } -std::vector HwSignHead::GetSignHeadLittleEndian(const int subBlockSize, const int subBlockNum) +std::vector SignHead::GetSignHeadLittleEndian(const int subBlockSize, const int subBlockNum) { - ByteBuffer bf = ByteBuffer(HwSignHead::SIGN_HEAD_LEN); - for (char c : HwSignHead::ELF_MAGIC) { + ByteBuffer bf = ByteBuffer(SignHead::SIGN_HEAD_LEN); + for (char c : SignHead::ELF_MAGIC) { bf.PutByte(c); } - for (char c : HwSignHead::VERSION) { + for (char c : SignHead::VERSION) { bf.PutByte(c); } bf.PutInt32(subBlockSize); bf.PutInt32(subBlockNum); - for (char c : HwSignHead::m_reserve) { + for (char c : SignHead::m_reserve) { bf.PutByte(c); } - int8_t ret[HwSignHead::SIGN_HEAD_LEN]; - bf.GetData(0, ret, HwSignHead::SIGN_HEAD_LEN); - std::vector byte(ret, ret + HwSignHead::SIGN_HEAD_LEN); + int8_t ret[SignHead::SIGN_HEAD_LEN]; + bf.GetData(0, ret, SignHead::SIGN_HEAD_LEN); + std::vector byte(ret, ret + SignHead::SIGN_HEAD_LEN); return byte; } } // namespace SignatureTools -} // namespace OHOS \ No newline at end of file +} // namespace OHOS diff --git a/hapsigntool_cpp/hap/sign/src/sign_bin.cpp b/hapsigntool_cpp/hap/sign/src/sign_bin.cpp index c42f75f4..da794d02 100644 --- a/hapsigntool_cpp/hap/sign/src/sign_bin.cpp +++ b/hapsigntool_cpp/hap/sign/src/sign_bin.cpp @@ -16,12 +16,12 @@ #include "sign_bin.h" #include "param_constants.h" #include "file_utils.h" -#include "hw_block_head.h" +#include "block_head.h" #include "signature_block_types.h" #include "signature_block_tags.h" #include "hash_utils.h" #include "sign_content_info.h" -#include "hw_sign_head.h" +#include "sign_head.h" #include "bc_pkcs7_generator.h" #include "params.h" @@ -75,7 +75,7 @@ bool SignBin::WriteBlockDataToFile(const std::string& inputFile, const std::stri "lld, profileDataLen: " + std::to_string(profileDataLen) + "lld"); return false; } - int64_t offset = binFileLen + HwBlockHead::GetBlockLen() + HwBlockHead::GetBlockLen(); + int64_t offset = binFileLen + BlockHead::GetBlockLen() + BlockHead::GetBlockLen(); bool isOver = IsLongOverflowInteger(offset); if (isOver) { PrintErrorNumberMsg("SIGN_ERROR", SIGN_ERROR, @@ -85,7 +85,7 @@ bool SignBin::WriteBlockDataToFile(const std::string& inputFile, const std::stri } char isSigned = SignatureBlockTypes::GetProfileBlockTypes(profileSigned); std::string proBlockByte = - HwBlockHead::GetBlockHead(isSigned, SignatureBlockTags::DEFAULT, (short)profileDataLen, (int)offset); + BlockHead::GetBlockHead(isSigned, SignatureBlockTags::DEFAULT, (short)profileDataLen, (int)offset); offset += profileDataLen; isOver = IsLongOverflowInteger(offset); if (isOver) { @@ -94,7 +94,7 @@ bool SignBin::WriteBlockDataToFile(const std::string& inputFile, const std::stri + std::to_string(offset)); return false; } - std::string signBlockByte = HwBlockHead::GetBlockHead( + std::string signBlockByte = BlockHead::GetBlockHead( SignatureBlockTypes::SIGNATURE_BLOCK, SignatureBlockTags::DEFAULT, (short)0, (int)offset); return WriteSignedBin(inputFile, proBlockByte, signBlockByte, profileFile, outputFile); } @@ -146,14 +146,14 @@ bool SignBin::WriteSignDataToOutputFile(SignerConfig& SignerConfig, const std::s bool SignBin::WriteSignHeadDataToOutputFile(const std::string& inputFile, const std::string& outputFile) { - int64_t size = FileUtils::GetFileLen(outputFile) - FileUtils::GetFileLen(inputFile) + HwSignHead::SIGN_HEAD_LEN; + int64_t size = FileUtils::GetFileLen(outputFile) - FileUtils::GetFileLen(inputFile) + SignHead::SIGN_HEAD_LEN; bool isOver = IsLongOverflowInteger(size); if (isOver) { PrintErrorNumberMsg("SIGN_ERROR", SIGN_ERROR, "File size is Overflow integer range, size: " + std::to_string(size)); return false; } - HwSignHead signHeadData; + SignHead signHeadData; std::vector signHeadByte = signHeadData.GetSignHead(size); if (signHeadByte.empty()) { SIGNATURE_TOOLS_LOGE("Failed to get sign head data!"); diff --git a/hapsigntool_cpp/hap/sign/src/sign_elf.cpp b/hapsigntool_cpp/hap/sign/src/sign_elf.cpp index 0f175c9a..161c92ac 100644 --- a/hapsigntool_cpp/hap/sign/src/sign_elf.cpp +++ b/hapsigntool_cpp/hap/sign/src/sign_elf.cpp @@ -18,8 +18,8 @@ #include "string_utils.h" #include "code_signing.h" #include "param_constants.h" -#include "hw_block_head.h" -#include "hw_sign_head.h" +#include "block_head.h" +#include "sign_head.h" #include "signature_block_types.h" #include "signature_block_tags.h" @@ -214,9 +214,9 @@ bool SignElf::WriteSignBlockData(std::list& signBlockList, std::o bool SignElf::GenerateSignBlockHead(std::list& signDataList) { - int64_t offset = HwBlockHead::GetElfBlockLen() * signDataList.size(); + int64_t offset = BlockHead::GetElfBlockLen() * signDataList.size(); for (std::list::iterator it = signDataList.begin(); it != signDataList.end(); ++it) { - std::vector tmp = HwBlockHead::GetBlockHeadLittleEndian(it->GetType(), + std::vector tmp = BlockHead::GetBlockHeadLittleEndian(it->GetType(), SignatureBlockTags::DEFAULT, it->GetLen(), offset); it->SetBlockHead(tmp); @@ -250,7 +250,7 @@ bool SignElf::GenerateCodeSignByte(SignerConfig& signerConfig, const std::map signHeadByte = signHeadData.GetSignHeadLittleEndian((int)size, blockNum); std::ofstream fileOutputStream(outputFile, std::ios::app | std::ios::binary); return FileUtils::WriteByteToOutFile(signHeadByte, fileOutputStream); diff --git a/hapsigntool_cpp/hap/signature_tools_hap.gni b/hapsigntool_cpp/hap/signature_tools_hap.gni index a345ed79..22639a77 100644 --- a/hapsigntool_cpp/hap/signature_tools_hap.gni +++ b/hapsigntool_cpp/hap/signature_tools_hap.gni @@ -29,9 +29,9 @@ signature_tools_hap_src = [ "${signature_tools_hap}/entity/src/content_digest_algorithm.cpp", "${signature_tools_hap}/entity/src/param_constants.cpp", "${signature_tools_hap}/entity/src/signature_algorithm_helper.cpp", - "${signature_tools_hap}/entity/src/hw_block_data.cpp", - "${signature_tools_hap}/entity/src/hw_block_head.cpp", - "${signature_tools_hap}/entity/src/hw_sign_head.cpp", + "${signature_tools_hap}/entity/src/block_data.cpp", + "${signature_tools_hap}/entity/src/block_head.cpp", + "${signature_tools_hap}/entity/src/sign_head.cpp", "${signature_tools_hap}/entity/src/sign_block_info.cpp", "${signature_tools_hap}/entity/src/sign_content_info.cpp", "${signature_tools_hap}/entity/src/sign_block_data.cpp", diff --git a/hapsigntool_cpp/hap/verify/include/verify_elf.h b/hapsigntool_cpp/hap/verify/include/verify_elf.h index 2a844b61..92d5d248 100644 --- a/hapsigntool_cpp/hap/verify/include/verify_elf.h +++ b/hapsigntool_cpp/hap/verify/include/verify_elf.h @@ -20,7 +20,7 @@ #include #include "options.h" -#include "hw_block_data.h" +#include "block_data.h" #include "signing_block.h" #include "pkcs7_context.h" #include "sign_block_info.h" @@ -39,7 +39,7 @@ public: bool Verify(Options* options); static bool CheckParams(Options* options); static bool CheckSignFile(const std::string& signedFile); - static bool GetSignBlockData(std::vector& bytes, HwBlockData& hwBlockData, + static bool GetSignBlockData(std::vector& bytes, BlockData& blockData, const std::string fileType); static bool GetSignBlockInfo(const std::string& file, SignBlockInfo& signBlockInfo, const std::string fileType); @@ -54,9 +54,9 @@ private: Options* options, Pkcs7Context& pkcs7Context); static bool CheckMagicAndVersion(std::vector& bytes, int64_t& offset, const std::string fileType); - static void GetElfSignBlock(std::vector& bytes, HwBlockData& hwBlockData, + static void GetElfSignBlock(std::vector& bytes, BlockData& blockData, std::unordered_map& signBlockMap); - static void GetBinSignBlock(std::vector& bytes, HwBlockData& hwBlockData, + static void GetBinSignBlock(std::vector& bytes, BlockData& blockData, std::unordered_map& signBlockMap); static bool GenerateFileDigest(std::vector& fileBytes, SignBlockInfo& signBlockInfo); }; diff --git a/hapsigntool_cpp/hap/verify/src/verify_elf.cpp b/hapsigntool_cpp/hap/verify/src/verify_elf.cpp index 2eba38fa..47938dac 100644 --- a/hapsigntool_cpp/hap/verify/src/verify_elf.cpp +++ b/hapsigntool_cpp/hap/verify/src/verify_elf.cpp @@ -18,8 +18,8 @@ #include "constant.h" #include "file_utils.h" -#include "hw_sign_head.h" -#include "hw_block_head.h" +#include "sign_head.h" +#include "block_head.h" #include "verify_hap.h" #include "verify_code_signature.h" #include "hash_utils.h" @@ -157,9 +157,9 @@ bool VerifyElf::GetSignBlockInfo(const std::string& file, SignBlockInfo& signBlo return false; } fileStream.close(); - // get HwBlockData - HwBlockData hwBlockData(0, 0); - bool getSignBlockData = GetSignBlockData(*((std::vector*)fileBytes), hwBlockData, fileType); + // get BlockData + BlockData blockData(0, 0); + bool getSignBlockData = GetSignBlockData(*((std::vector*)fileBytes), blockData, fileType); if (!getSignBlockData) { SIGNATURE_TOOLS_LOGE("get signBlockData failed on verify elf/bin file %s", file.c_str()); delete fileBytes; @@ -167,9 +167,9 @@ bool VerifyElf::GetSignBlockInfo(const std::string& file, SignBlockInfo& signBlo } // get SignBlockMap if (fileType == ELF) { - GetElfSignBlock(*((std::vector*)fileBytes), hwBlockData, signBlockInfo.GetSignBlockMap()); + GetElfSignBlock(*((std::vector*)fileBytes), blockData, signBlockInfo.GetSignBlockMap()); } else { - GetBinSignBlock(*((std::vector*)fileBytes), hwBlockData, signBlockInfo.GetSignBlockMap()); + GetBinSignBlock(*((std::vector*)fileBytes), blockData, signBlockInfo.GetSignBlockMap()); } // get bin file digest bool needGenerateDigest = signBlockInfo.GetNeedGenerateDigest(); @@ -231,7 +231,7 @@ bool VerifyElf::GenerateFileDigest(std::vector& fileBytes, SignBlockInfo return true; } -bool VerifyElf::GetSignBlockData(std::vector& bytes, HwBlockData& hwBlockData, +bool VerifyElf::GetSignBlockData(std::vector& bytes, BlockData& blockData, const std::string fileType) { int64_t offset = 0; @@ -262,21 +262,21 @@ bool VerifyElf::GetSignBlockData(std::vector& bytes, HwBlockData& hwBloc if (fileType == BIN) { blockStart = bytes.size() - blockSize; } else { - blockStart = bytes.size() - HwSignHead::SIGN_HEAD_LEN - blockSize; + blockStart = bytes.size() - SignHead::SIGN_HEAD_LEN - blockSize; } - hwBlockData.SetBlockNum(blockNum); - hwBlockData.SetBlockStart(blockStart); + blockData.SetBlockNum(blockNum); + blockData.SetBlockStart(blockStart); return true; } bool VerifyElf::CheckMagicAndVersion(std::vector& bytes, int64_t& offset, const std::string fileType) { - std::string magicStr = (fileType == ELF ? HwSignHead::ELF_MAGIC : HwSignHead::MAGIC); - offset = bytes.size() - HwSignHead::SIGN_HEAD_LEN; + std::string magicStr = (fileType == ELF ? SignHead::ELF_MAGIC : SignHead::MAGIC); + offset = bytes.size() - SignHead::SIGN_HEAD_LEN; std::vector magicByte(bytes.begin() + offset, bytes.begin() + offset + magicStr.size()); offset += magicStr.size(); - std::vector versionByte(bytes.begin() + offset, bytes.begin() + offset + HwSignHead::VERSION.size()); - offset += HwSignHead::VERSION.size(); + std::vector versionByte(bytes.begin() + offset, bytes.begin() + offset + SignHead::VERSION.size()); + offset += SignHead::VERSION.size(); std::vector magicVec(magicStr.begin(), magicStr.end()); for (int i = 0; i < magicStr.size(); i++) { if (magicVec[i] != magicByte[i]) { @@ -284,8 +284,8 @@ bool VerifyElf::CheckMagicAndVersion(std::vector& bytes, int64_t& offset return false; } } - std::vector versionVec(HwSignHead::VERSION.begin(), HwSignHead::VERSION.end()); - for (int i = 0; i < HwSignHead::VERSION.size(); i++) { + std::vector versionVec(SignHead::VERSION.begin(), SignHead::VERSION.end()); + for (int i = 0; i < SignHead::VERSION.size(); i++) { if (versionVec[i] != versionByte[i]) { PrintErrorNumberMsg("VERIFY_ERROR", VERIFY_ERROR, "sign version verify failed!"); return false; @@ -294,12 +294,12 @@ bool VerifyElf::CheckMagicAndVersion(std::vector& bytes, int64_t& offset return true; } -void VerifyElf::GetElfSignBlock(std::vector& bytes, HwBlockData& hwBlockData, +void VerifyElf::GetElfSignBlock(std::vector& bytes, BlockData& blockData, std::unordered_map& signBlockMap) { - int32_t headBlockLen = HwSignHead::ELF_BLOCK_LEN; - int64_t offset = hwBlockData.GetBlockStart(); - for (int i = 0; i < hwBlockData.GetBlockNum(); i++) { + int32_t headBlockLen = SignHead::ELF_BLOCK_LEN; + int64_t offset = blockData.GetBlockStart(); + for (int i = 0; i < blockData.GetBlockNum(); i++) { std::vector blockByte(bytes.begin() + offset, bytes.begin() + offset + headBlockLen); std::unique_ptr blockBuffer = std::make_unique(blockByte.size()); blockBuffer->PutData(blockByte.data(), blockByte.size()); @@ -314,20 +314,20 @@ void VerifyElf::GetElfSignBlock(std::vector& bytes, HwBlockData& hwBlock blockBuffer->GetInt16(empValue); blockBuffer->GetInt32(length); blockBuffer->GetInt32(blockOffset); - std::vector value(bytes.begin() + hwBlockData.GetBlockStart() + blockOffset, - bytes.begin() + hwBlockData.GetBlockStart() + blockOffset + length); - SigningBlock signingBlock(type, value, hwBlockData.GetBlockStart() + blockOffset); + std::vector value(bytes.begin() + blockData.GetBlockStart() + blockOffset, + bytes.begin() + blockData.GetBlockStart() + blockOffset + length); + SigningBlock signingBlock(type, value, blockData.GetBlockStart() + blockOffset); signBlockMap.insert(std::make_pair(type, signingBlock)); offset += headBlockLen; } } -void VerifyElf::GetBinSignBlock(std::vector& bytes, HwBlockData& hwBlockData, +void VerifyElf::GetBinSignBlock(std::vector& bytes, BlockData& blockData, std::unordered_map& signBlockMap) { - int32_t headBlockLen = HwSignHead::BIN_BLOCK_LEN; - int32_t offset = hwBlockData.GetBlockStart(); - for (int i = 0; i < hwBlockData.GetBlockNum(); i++) { + int32_t headBlockLen = SignHead::BIN_BLOCK_LEN; + int32_t offset = blockData.GetBlockStart(); + for (int i = 0; i < blockData.GetBlockNum(); i++) { std::vector blockByte(bytes.begin() + offset, bytes.begin() + offset + headBlockLen); std::unique_ptr blockBuffer = std::make_unique(blockByte.size()); blockBuffer->PutData(blockByte.data(), blockByte.size()); @@ -344,7 +344,7 @@ void VerifyElf::GetBinSignBlock(std::vector& bytes, HwBlockData& hwBlock length = static_cast(be16toh(*reinterpret_cast(bufferPtr + bfLengthIdx))); blockOffset = static_cast(be32toh(*reinterpret_cast(bufferPtr + bfBlockIdx))); if (length == 0) { - length = bytes.size() - HwSignHead::SIGN_HEAD_LEN - blockOffset; + length = bytes.size() - SignHead::SIGN_HEAD_LEN - blockOffset; } std::vector value(bytes.begin() + blockOffset, bytes.begin() + blockOffset + length); SigningBlock signingBlock(type, value, blockOffset); -- Gitee From 54aa3f78805eb219f6883ce4b39aa7f7c50bd124 Mon Sep 17 00:00:00 2001 From: zhanzeyi Date: Fri, 2 Aug 2024 16:56:05 +0800 Subject: [PATCH 3/5] update Signed-off-by: zhanzeyi --- hapsigntool_cpp/hap/entity/src/block_head.cpp | 2 +- hapsigntool_cpp/hap/sign/src/sign_elf.cpp | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/hapsigntool_cpp/hap/entity/src/block_head.cpp b/hapsigntool_cpp/hap/entity/src/block_head.cpp index 9d458f31..0e0c0e52 100644 --- a/hapsigntool_cpp/hap/entity/src/block_head.cpp +++ b/hapsigntool_cpp/hap/entity/src/block_head.cpp @@ -46,7 +46,7 @@ std::string BlockHead::GetBlockHead(const char type, const char tag, const short } std::vector BlockHead::GetBlockHeadLittleEndian(const char type, const char tag, - const int length, const int offset) + const int length, const int offset) { ByteBuffer bf = ByteBuffer(BlockHead::ELF_BLOCK_LEN); bf.PutByte(type); diff --git a/hapsigntool_cpp/hap/sign/src/sign_elf.cpp b/hapsigntool_cpp/hap/sign/src/sign_elf.cpp index 161c92ac..35ab0e72 100644 --- a/hapsigntool_cpp/hap/sign/src/sign_elf.cpp +++ b/hapsigntool_cpp/hap/sign/src/sign_elf.cpp @@ -217,8 +217,7 @@ bool SignElf::GenerateSignBlockHead(std::list& signDataList) int64_t offset = BlockHead::GetElfBlockLen() * signDataList.size(); for (std::list::iterator it = signDataList.begin(); it != signDataList.end(); ++it) { std::vector tmp = BlockHead::GetBlockHeadLittleEndian(it->GetType(), - SignatureBlockTags::DEFAULT, - it->GetLen(), offset); + SignatureBlockTags::DEFAULT, it->GetLen(), offset); it->SetBlockHead(tmp); offset += it->GetLen(); bool checkIsLongOverflowIntegerFlag = IsLongOverflowInteger(offset); -- Gitee From ce204d4f3f94cdd1a503b49d3433a9c6d0075fa1 Mon Sep 17 00:00:00 2001 From: zhanzeyi Date: Mon, 5 Aug 2024 14:24:51 +0800 Subject: [PATCH 4/5] update Signed-off-by: zhanzeyi --- .../codesigning/fsverity/src/fs_verity_generator.cpp | 2 +- .../codesigning/sign/src/verify_code_signature.cpp | 4 ++-- hapsigntool_cpp/common/src/byte_buffer.cpp | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/hapsigntool_cpp/codesigning/fsverity/src/fs_verity_generator.cpp b/hapsigntool_cpp/codesigning/fsverity/src/fs_verity_generator.cpp index f69c303c..a2f24027 100644 --- a/hapsigntool_cpp/codesigning/fsverity/src/fs_verity_generator.cpp +++ b/hapsigntool_cpp/codesigning/fsverity/src/fs_verity_generator.cpp @@ -37,7 +37,7 @@ bool FsVerityGenerator::GenerateFsVerityDigest(std::istream& inputStream, long s } else { merkleTree = GenerateMerkleTree(inputStream, size, FS_SHA256); } - if (nullptr == merkleTree) { + if (merkleTree == nullptr) { return false; } int flags = fsvTreeOffset == 0 ? 0 : FsVerityDescriptor::FLAG_STORE_MERKLE_TREE_OFFSET; diff --git a/hapsigntool_cpp/codesigning/sign/src/verify_code_signature.cpp b/hapsigntool_cpp/codesigning/sign/src/verify_code_signature.cpp index 37acaf48..91a1215b 100644 --- a/hapsigntool_cpp/codesigning/sign/src/verify_code_signature.cpp +++ b/hapsigntool_cpp/codesigning/sign/src/verify_code_signature.cpp @@ -122,7 +122,7 @@ bool VerifyCodeSignature::VerifyCodeSign(std::string file, std::pair()); - if (nullptr == mte) { + if (mte == nullptr) { PrintErrorNumberMsg("VERIFY_ERROR", VERIFY_ERROR, "system failed to allocate memory for MerkleTreeExtension"); return false; } @@ -193,7 +193,7 @@ bool VerifyCodeSignature::GenerateCodeSignBlock(const std::string& file, int64_t fileReadOffset += signedHap.gcount(); CodeSignBlockHeader* pCodeSignBlockHeader = CodeSignBlockHeader::FromByteArray(*(std::vector*) &codeSignBlockHeaderByteArray); - if (nullptr == pCodeSignBlockHeader) { + if (pCodeSignBlockHeader == nullptr) { SIGNATURE_TOOLS_LOGE("Invalid code Sign block header"); signedHap.close(); return false; diff --git a/hapsigntool_cpp/common/src/byte_buffer.cpp b/hapsigntool_cpp/common/src/byte_buffer.cpp index 827bdcae..146c4f31 100644 --- a/hapsigntool_cpp/common/src/byte_buffer.cpp +++ b/hapsigntool_cpp/common/src/byte_buffer.cpp @@ -515,7 +515,7 @@ ByteBuffer& ByteBuffer::Slice() } int32_t newCapacity = limit - position; auto newBuffer = make_shared_array(newCapacity); - if (nullptr == newBuffer) { + if (newBuffer == nullptr) { SIGNATURE_TOOLS_LOGE("make_shared_array failed"); return *this; } -- Gitee From f6fc9bf08850816b829185f3e9afa14bf8613ebb Mon Sep 17 00:00:00 2001 From: zhanzeyi Date: Mon, 5 Aug 2024 14:27:14 +0800 Subject: [PATCH 5/5] add Signed-off-by: zhanzeyi --- hapsigntool_cpp/codesigning/sign/src/code_signing.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hapsigntool_cpp/codesigning/sign/src/code_signing.cpp b/hapsigntool_cpp/codesigning/sign/src/code_signing.cpp index c578856a..467aacf2 100644 --- a/hapsigntool_cpp/codesigning/sign/src/code_signing.cpp +++ b/hapsigntool_cpp/codesigning/sign/src/code_signing.cpp @@ -161,7 +161,7 @@ bool CodeSigning::SignFile(std::istream& inputStream, int64_t fileSize, bool sto MerkleTreeExtension* merkleTreeExtension = new MerkleTreeExtension(merkleTreeSize, fsvTreeOffset, fsVerityGenerator->GetRootHash()); - if (nullptr == merkleTreeExtension) { + if (merkleTreeExtension == nullptr) { PrintErrorNumberMsg("SIGN_ERROR", SIGN_ERROR, "system failed to allocate memory for MerkleTreeExtension"); return false; } -- Gitee