From 230b9220ea8e0dfcc065236a21c733049c217e63 Mon Sep 17 00:00:00 2001 From: zhanzeyi Date: Wed, 21 Aug 2024 15:56:46 +0800 Subject: [PATCH 1/3] update Signed-off-by: zhanzeyi --- .../codesigning/sign/src/verify_code_signature.cpp | 1 + hapsigntool_cpp/hap/provider/src/sign_provider.cpp | 9 ++++++--- hapsigntool_cpp/hap/verify/src/verify_hap.cpp | 12 ++++++++---- 3 files changed, 15 insertions(+), 7 deletions(-) diff --git a/hapsigntool_cpp/codesigning/sign/src/verify_code_signature.cpp b/hapsigntool_cpp/codesigning/sign/src/verify_code_signature.cpp index 91a1215b..60854d8a 100644 --- a/hapsigntool_cpp/codesigning/sign/src/verify_code_signature.cpp +++ b/hapsigntool_cpp/codesigning/sign/src/verify_code_signature.cpp @@ -21,6 +21,7 @@ namespace SignatureTools { bool VerifyCodeSignature::VerifyHap(std::string file, int64_t offset, int64_t length, std::string fileFormat, std::string profileContent) { + std::transform(fileFormat.begin(), fileFormat.end(), fileFormat.begin(), ::tolower); if (std::find(CodeSigning::SUPPORT_FILE_FORM.begin(), CodeSigning::SUPPORT_FILE_FORM.end(), fileFormat) == CodeSigning::SUPPORT_FILE_FORM.end()) { SIGNATURE_TOOLS_LOGI("Not hap, hsp or hqf file, skip code signing verify, file type: %s", fileFormat.c_str()); diff --git a/hapsigntool_cpp/hap/provider/src/sign_provider.cpp b/hapsigntool_cpp/hap/provider/src/sign_provider.cpp index 14ea2eb5..64327903 100644 --- a/hapsigntool_cpp/hap/provider/src/sign_provider.cpp +++ b/hapsigntool_cpp/hap/provider/src/sign_provider.cpp @@ -20,6 +20,7 @@ #include #include #include +#include #include "nlohmann/json.hpp" #include "string_utils.h" @@ -348,9 +349,11 @@ bool SignProvider::AppendCodeSignBlock(SignerConfig* signerConfig, std::string o { if (signParams.at(ParamConstants::PARAM_SIGN_CODE) == CodeSigning::ENABLE_SIGN_CODE_VALUE) { SIGNATURE_TOOLS_LOGI("start code signing."); + std::string suffixTmp = suffix; + std::transform(suffixTmp.begin(), suffixTmp.end(), suffixTmp.begin(), ::tolower); if (std::find(CodeSigning::SUPPORT_FILE_FORM.begin(), CodeSigning::SUPPORT_FILE_FORM.end(), - suffix) == CodeSigning::SUPPORT_FILE_FORM.end()) { - SIGNATURE_TOOLS_LOGI("no need to sign code for %s", suffix.c_str()); + suffixTmp) == CodeSigning::SUPPORT_FILE_FORM.end()) { + SIGNATURE_TOOLS_LOGI("no need to sign code for %s", suffixTmp.c_str()); return true; } // 4 means hap format occupy 4 byte storage location,2 means optional blocks reserve 2 storage location @@ -358,7 +361,7 @@ bool SignProvider::AppendCodeSignBlock(SignerConfig* signerConfig, std::string o // create CodeSigning Object CodeSigning codeSigning(signerConfig); std::vector codeSignArray; - if (!codeSigning.GetCodeSignBlock(outputFilePath, codeSignOffset, suffix, profileContent, zip, + if (!codeSigning.GetCodeSignBlock(outputFilePath, codeSignOffset, suffixTmp, profileContent, zip, codeSignArray)) { SIGNATURE_TOOLS_LOGE("Codesigning getCodeSignBlock Fail."); return false; diff --git a/hapsigntool_cpp/hap/verify/src/verify_hap.cpp b/hapsigntool_cpp/hap/verify/src/verify_hap.cpp index 3c9ff687..8e2c0707 100644 --- a/hapsigntool_cpp/hap/verify/src/verify_hap.cpp +++ b/hapsigntool_cpp/hap/verify/src/verify_hap.cpp @@ -17,6 +17,7 @@ #include #include #include +#include #include "securec.h" #include "hap_signer_block_utils.h" @@ -168,10 +169,13 @@ bool VerifyHap::CheckFilePath(const std::string& filePath, std::string& standard return false; } standardFilePath = std::string(path); - bool ret = (!std::regex_match(standardFilePath, std::regex(HAP_APP_PATTERN)) && - !std::regex_match(standardFilePath, std::regex(HSP_APP_PATTERN)) && - !std::regex_match(standardFilePath, std::regex(APP_APP_PATTERN)) && - !std::regex_match(standardFilePath, std::regex(HQF_APP_PATTERN))); + std::string standardFilePathTmp = std::string(path); + std::transform(standardFilePathTmp.begin(), standardFilePathTmp.end(), standardFilePathTmp.begin(), + [](unsigned char c) { return std::tolower(c); }); + bool ret = (!std::regex_match(standardFilePathTmp, std::regex(HAP_APP_PATTERN)) && + !std::regex_match(standardFilePathTmp, std::regex(HSP_APP_PATTERN)) && + !std::regex_match(standardFilePathTmp, std::regex(APP_APP_PATTERN)) && + !std::regex_match(standardFilePathTmp, std::regex(HQF_APP_PATTERN))); if (ret) { PrintErrorNumberMsg("COMMAND_PARAM_ERROR", COMMAND_PARAM_ERROR, "only support format is [hap, hqf, hsp, app]"); -- Gitee From 01ee25f5f1b22195f350996ed5515e7948293667 Mon Sep 17 00:00:00 2001 From: zhanzeyi Date: Thu, 22 Aug 2024 09:53:56 +0800 Subject: [PATCH 2/3] add Signed-off-by: zhanzeyi --- .../codesigning/sign/src/verify_code_signature.cpp | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/hapsigntool_cpp/codesigning/sign/src/verify_code_signature.cpp b/hapsigntool_cpp/codesigning/sign/src/verify_code_signature.cpp index 60854d8a..f3526aa8 100644 --- a/hapsigntool_cpp/codesigning/sign/src/verify_code_signature.cpp +++ b/hapsigntool_cpp/codesigning/sign/src/verify_code_signature.cpp @@ -21,10 +21,11 @@ namespace SignatureTools { bool VerifyCodeSignature::VerifyHap(std::string file, int64_t offset, int64_t length, std::string fileFormat, std::string profileContent) { - std::transform(fileFormat.begin(), fileFormat.end(), fileFormat.begin(), ::tolower); + std::string fileFromatTmp = fileFormat; + std::transform(fileFromatTmp.begin(), fileFromatTmp.end(), fileFromatTmp.begin(), ::tolower); if (std::find(CodeSigning::SUPPORT_FILE_FORM.begin(), CodeSigning::SUPPORT_FILE_FORM.end(), - fileFormat) == CodeSigning::SUPPORT_FILE_FORM.end()) { - SIGNATURE_TOOLS_LOGI("Not hap, hsp or hqf file, skip code signing verify, file type: %s", fileFormat.c_str()); + fileFromatTmp) == CodeSigning::SUPPORT_FILE_FORM.end()) { + SIGNATURE_TOOLS_LOGI("Not hap, hsp or hqf file, skip code signing verify, file type: %s", fileFromatTmp.c_str()); return true; } // 1) generate CodeSignBlock -- Gitee From d7d282f3d1a141bd371baec81762dc016d7d8e52 Mon Sep 17 00:00:00 2001 From: zhanzeyi Date: Thu, 22 Aug 2024 11:47:51 +0800 Subject: [PATCH 3/3] fix code check Signed-off-by: zhanzeyi --- hapsigntool_cpp/codesigning/sign/src/verify_code_signature.cpp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/hapsigntool_cpp/codesigning/sign/src/verify_code_signature.cpp b/hapsigntool_cpp/codesigning/sign/src/verify_code_signature.cpp index f3526aa8..9f76a8f5 100644 --- a/hapsigntool_cpp/codesigning/sign/src/verify_code_signature.cpp +++ b/hapsigntool_cpp/codesigning/sign/src/verify_code_signature.cpp @@ -25,7 +25,8 @@ bool VerifyCodeSignature::VerifyHap(std::string file, int64_t offset, int64_t le std::transform(fileFromatTmp.begin(), fileFromatTmp.end(), fileFromatTmp.begin(), ::tolower); if (std::find(CodeSigning::SUPPORT_FILE_FORM.begin(), CodeSigning::SUPPORT_FILE_FORM.end(), fileFromatTmp) == CodeSigning::SUPPORT_FILE_FORM.end()) { - SIGNATURE_TOOLS_LOGI("Not hap, hsp or hqf file, skip code signing verify, file type: %s", fileFromatTmp.c_str()); + SIGNATURE_TOOLS_LOGI("Not hap, hsp or hqf file, skip code signing verify, file type: %s", + fileFromatTmp.c_str()); return true; } // 1) generate CodeSignBlock -- Gitee