From 2bf794d318e7c04ce3b6c9178de4c393254ff804 Mon Sep 17 00:00:00 2001 From: wangzeyu Date: Tue, 7 Jan 2025 11:49:08 +0800 Subject: [PATCH 01/28] add error msg solutions Signed-off-by: wangzeyu --- .../com/ohos/hapsigntool/HapSignTool.java | 27 +- .../java/com/ohos/hapsigntoolcmd/CmdUtil.java | 57 ++-- .../com/ohos/hapsigntoolcmd/HelpDocument.java | 3 +- .../ohos/hapsigntoolcmd/ParamsTrustlist.java | 3 +- .../adapter/LocalizationAdapter.java | 27 +- .../com/ohos/hapsigntool/api/CertTools.java | 16 +- .../hapsigntool/api/SignToolServiceImpl.java | 22 +- .../ohos/hapsigntool/cert/CertBuilder.java | 28 +- .../com/ohos/hapsigntool/entity/Options.java | 3 +- .../hapsigntool/error/CodeSignErrMsg.java | 33 ++ .../com/ohos/hapsigntool/error/ErrorMsg.java | 206 ++++++++++++ .../hapsigntool/error/SignToolErrMsg.java | 306 ++++++++++++++++++ .../hap/provider/SignProvider.java | 14 +- .../hapsigntool/profile/ProfileSignTool.java | 10 +- .../hapsigntool/profile/VerifyHelper.java | 23 +- .../hapsigntool/profile/model/BundleInfo.java | 5 +- .../hapsigntool/profile/model/DebugInfo.java | 7 +- .../hapsigntool/profile/model/Provision.java | 6 +- .../hapsigntool/profile/model/Validity.java | 10 - .../ohos/hapsigntool/signer/LocalSigner.java | 4 +- .../hapsigntool/signer/SignerFactory.java | 7 +- .../hapsigntool/utils/CertChainUtils.java | 11 +- .../com/ohos/hapsigntool/utils/CertUtils.java | 9 +- .../com/ohos/hapsigntool/utils/FileUtils.java | 10 +- .../ohos/hapsigntool/utils/KeyPairTools.java | 22 +- .../hapsigntool/utils/KeyStoreHelper.java | 48 +-- .../java/com/ohos/hapsigntool/zip/Zip.java | 8 +- .../com/ohos/hapsigntool/ProfileTest.java | 3 +- 28 files changed, 767 insertions(+), 161 deletions(-) create mode 100644 hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/CodeSignErrMsg.java create mode 100644 hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java create mode 100644 hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/SignToolErrMsg.java diff --git a/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntool/HapSignTool.java b/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntool/HapSignTool.java index b7a2f51a..d674e79d 100644 --- a/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntool/HapSignTool.java +++ b/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntool/HapSignTool.java @@ -26,6 +26,7 @@ import com.ohos.hapsigntool.entity.Options; import com.ohos.hapsigntool.error.CustomException; import com.ohos.hapsigntool.error.ERROR; import com.ohos.hapsigntool.error.ParamException; +import com.ohos.hapsigntool.error.SignToolErrMsg; import com.ohos.hapsigntool.utils.FileUtils; import com.ohos.hapsigntool.utils.LogUtils; import com.ohos.hapsigntool.utils.StringUtils; @@ -97,12 +98,10 @@ public final class HapSignTool { System.exit(1); } } catch (CustomException e) { - LOGGER.error(String.format(Locale.ROOT, "%s, code: %d. Details: %s", e.getError(), - e.getError().getErrorCode(), e.getMessage())); + LOGGER.error(e.getMessage()); System.exit(1); } catch (Exception e) { - LOGGER.error(String.format(Locale.ROOT, "UNKNOWN_ERROR, code: %d. Details: %s", - ERROR.UNKNOWN_ERROR.getErrorCode(), e.getMessage())); + LOGGER.error(SignToolErrMsg.UNKNOWN_ERROR.toString(e.getMessage())); System.exit(1); } } @@ -139,7 +138,8 @@ public final class HapSignTool { private static boolean callGenerators(Params params, ServiceApi api) { boolean isSuccess = false; - switch (params.getMethod()) { + String method = params.getMethod(); + switch (method) { case Method.GENERATE_APP_CERT: isSuccess = runAppCert(params.getOptions(), api); break; @@ -159,7 +159,7 @@ public final class HapSignTool { isSuccess = runProfileCert(params.getOptions(), api); break; default: - CustomException.throwException(ERROR.COMMAND_ERROR, "Unsupported cmd"); + CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.UNSUPPORTED_METHOD.toString(method)); break; } return isSuccess; @@ -286,7 +286,8 @@ public final class HapSignTool { if (!LOCAL_SIGN.equalsIgnoreCase(mode) && !REMOTE_SIGN.equalsIgnoreCase(mode) && !"remoteResign".equalsIgnoreCase(mode)) { - CustomException.throwException(ERROR.COMMAND_ERROR, "mode params is incorrect"); + CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.PARAM_CHECK_FAILED + .toString(Options.MODE, "value must is localSign/remoteSign/remoteResign")); } if (LOCAL_SIGN.equalsIgnoreCase(mode)) { @@ -296,7 +297,8 @@ public final class HapSignTool { checkProfile(params); String inForm = params.getString(Options.IN_FORM, "zip"); if (!StringUtils.isEmpty(inForm) && !containsIgnoreCase(inForm)) { - CustomException.throwException(ERROR.NOT_SUPPORT_ERROR, "inForm params is incorrect"); + CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.PARAM_CHECK_FAILED + .toString(Options.IN_FORM, "value must is " + informList)); } String signAlg = params.getString(Options.SIGN_ALG); CmdUtil.judgeEndSignAlgType(signAlg); @@ -313,7 +315,8 @@ public final class HapSignTool { return; } if (!SIGNED.equals(profileSigned) && !NOT_SIGNED.equals(profileSigned)) { - CustomException.throwException(ERROR.NOT_SUPPORT_ERROR, "profileSigned params is incorrect"); + CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.PARAM_CHECK_FAILED + .toString(Options.PROFILE_SIGNED, "value must is 1/0")); } if (SIGNED.equals(profileSigned)) { FileUtils.validFileType(profileFile, "p7b"); @@ -326,7 +329,8 @@ public final class HapSignTool { params.required(Options.MODE, Options.SIGN_ALG, Options.OUT_FILE, Options.IN_FILE); String mode = params.getString(Options.MODE); if (!LOCAL_SIGN.equalsIgnoreCase(mode) && !REMOTE_SIGN.equalsIgnoreCase(mode)) { - CustomException.throwException(ERROR.COMMAND_ERROR, "mode params is incorrect"); + CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.PARAM_CHECK_FAILED + .toString(Options.MODE, "value must is localSign/remoteSign/remoteResign")); } if (LOCAL_SIGN.equalsIgnoreCase(mode)) { params.required(Options.KEY_STORE_FILE, Options.KEY_ALIAS, Options.PROFILE_CERT_FILE); @@ -346,7 +350,8 @@ public final class HapSignTool { Options.OUT_PROFILE); String inForm = params.getString(Options.IN_FORM, "zip"); if (!containsIgnoreCase(inForm)) { - CustomException.throwException(ERROR.NOT_SUPPORT_ERROR, "inForm params must is " + informList); + CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.PARAM_CHECK_FAILED + .toString(Options.IN_FORM, "value must is " + informList)); } FileUtils.validFileType(params.getString(Options.OUT_CERT_CHAIN), "cer"); FileUtils.validFileType(params.getString(Options.OUT_PROFILE), "p7b"); diff --git a/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntoolcmd/CmdUtil.java b/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntoolcmd/CmdUtil.java index a43077b6..11cb3a93 100644 --- a/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntoolcmd/CmdUtil.java +++ b/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntoolcmd/CmdUtil.java @@ -17,6 +17,7 @@ package com.ohos.hapsigntoolcmd; import com.ohos.hapsigntool.error.CustomException; import com.ohos.hapsigntool.error.ERROR; +import com.ohos.hapsigntool.error.SignToolErrMsg; import com.ohos.hapsigntool.utils.StringUtils; import com.ohos.hapsigntool.utils.ValidateUtils; @@ -51,20 +52,22 @@ public final class CmdUtil { * @return Params */ public static Params convert2Params(String[] args) { - ValidateUtils.throwIfNotMatches(args.length >= ARGS_MIN_LEN, ERROR.COMMAND_ERROR, ""); + ValidateUtils.throwIfNotMatches(args.length >= ARGS_MIN_LEN, ERROR.COMMAND_ERROR, + SignToolErrMsg.PARAM_NUM_ERROR.toString()); Params params = new Params(); - params.setMethod(args[0]); + String method = args[0]; + params.setMethod(method); String keyStandBy = null; boolean readKey = true; - List trustList = ParamsTrustlist.getTrustList(args[0]); - if (trustList.size() == 0) { - CustomException.throwException(ERROR.COMMAND_ERROR, "Unsupported cmd"); + List trustList = ParamsTrustlist.getTrustList(method); + if (trustList.isEmpty()) { + CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.UNSUPPORTED_METHOD.toString(method)); } for (int i = 1; i < args.length; i++) { String value = args[i]; if (StringUtils.isEmpty(value)) { - CustomException.throwException(ERROR.COMMAND_ERROR, "param value could not be empty"); + CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.PARAM_VALUE_EMPTY.toString(value)); } if (readKey) { // prepare key @@ -72,12 +75,12 @@ public final class CmdUtil { value = value.equals("-signcode") ? "-signCode" : value; boolean isTrust = trustList.contains(value); ValidateUtils.throwIfNotMatches(isTrust, - ERROR.COMMAND_PARAM_ERROR, "Not support command param"); + ERROR.COMMAND_PARAM_ERROR, SignToolErrMsg.PARAM_NOT_TRUSTED.toString(value)); keyStandBy = value.substring(1); readKey = false; } else { - ValidateUtils.throwIfNotMatches(false, - ERROR.COMMAND_PARAM_ERROR, "param key value must in pairs"); + CustomException.throwException(ERROR.COMMAND_PARAM_ERROR, SignToolErrMsg + .PARAM_NOT_IN_PAIRS.toString(value)); } } else { // prepare value @@ -97,11 +100,10 @@ public final class CmdUtil { result = false; } else if (StringUtils.isEmpty(value)) { CustomException.throwException(ERROR.COMMAND_ERROR, - String.format("Command -%s could not be empty", key)); + SignToolErrMsg.PARAM_VALUE_EMPTY.toString(key)); result = false; } else if (params.getOptions().containsKey(key)) { - CustomException.throwException(ERROR.COMMAND_ERROR, - String.format("Duplicate param '%s'. Stop processing", key)); + CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.PARAM_DUPLICATE.toString(key)); result = false; } else if (key.toLowerCase(Locale.ROOT).endsWith("pwd")) { params.getOptions().put(key, value.toCharArray()); @@ -120,8 +122,8 @@ public final class CmdUtil { */ public static void judgeAlgType(String alg) { if (!"RSA".equalsIgnoreCase(alg) && !"ECC".equalsIgnoreCase(alg)) { - CustomException.throwException(ERROR.COMMAND_ERROR, - "KeyAlg params is incorrect"); + CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.PARAM_CHECK_FAILED + .toString("keyAlg", "key algorithms include ECC/RSA")); } } @@ -135,18 +137,19 @@ public final class CmdUtil { String[] array = {"2048", "3072", "4096", "NIST-P-256", "NIST-P-384"}; List arrayList = Arrays.asList(array); if (!arrayList.contains(size)) { - CustomException.throwException(ERROR.COMMAND_ERROR, String.format("KeySize '%s' is incorrect", size)); + CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.PARAM_CHECK_FAILED + .toString("KeySize", "Key size include " + arrayList)); } if ("RSA".equalsIgnoreCase(alg)) { if (!"2048".equals(size) && !"3072".equals(size) && !"4096".equals(size)) { - CustomException.throwException(ERROR.COMMAND_ERROR, - String.format("KeySize of '%s' is incorrect", alg)); + CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.PARAM_CHECK_FAILED + .toString("KeySize", "Key size include " + arrayList)); } } else { if (!"NIST-P-256".equalsIgnoreCase(size) && !"NIST-P-384".equalsIgnoreCase(size)) { - CustomException.throwException(ERROR.COMMAND_ERROR, - String.format("KeySize of '%s' is incorrect", alg)); + CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.PARAM_CHECK_FAILED + .toString("KeySize", "Key size include " + arrayList)); } } } @@ -160,8 +163,8 @@ public final class CmdUtil { List arrayList = Arrays.asList("SHA256withRSA", "SHA384withRSA", "SHA256withECDSA", "SHA384withECDSA"); if (!arrayList.contains(signAlg)) { - CustomException.throwException(ERROR.COMMAND_ERROR, - "SignAlg params is incorrect"); + CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.PARAM_CHECK_FAILED + .toString("SignAlg", "signature algorithms include " + arrayList)); } } @@ -173,8 +176,8 @@ public final class CmdUtil { public static void judgeEndSignAlgType(String signAlg) { List arrayList = Arrays.asList("SHA256withECDSA", "SHA384withECDSA"); if (!arrayList.contains(signAlg)) { - CustomException.throwException(ERROR.NOT_SUPPORT_ERROR, - "SignAlg params is incorrect, signature algorithms include SHA256withECDSA,SHA384withECDSA"); + CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.PARAM_CHECK_FAILED + .toString("SignAlg", "signature algorithms include SHA256withECDSA,SHA384withECDSA")); } } @@ -192,8 +195,8 @@ public final class CmdUtil { continue; } if (!supportList.contains(type.trim())) { - CustomException.throwException(ERROR.COMMAND_ERROR, - "'" + type + "' in params '" + inputType + "' is not support"); + CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg + .PARAM_NOT_TRUSTED.toString(inputType)); } } } @@ -210,8 +213,8 @@ public final class CmdUtil { } else if (INTEGER_PATTERN.matcher(size).matches()) { return size; } else { - CustomException.throwException(ERROR.COMMAND_ERROR, - String.format("KeySize '%s' is incorrect", size)); + CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.PARAM_CHECK_FAILED + .toString("KeySize", "Key size is incorrect")); return size; } } diff --git a/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntoolcmd/HelpDocument.java b/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntoolcmd/HelpDocument.java index f5f71165..67d760bf 100644 --- a/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntoolcmd/HelpDocument.java +++ b/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntoolcmd/HelpDocument.java @@ -17,6 +17,7 @@ package com.ohos.hapsigntoolcmd; import com.ohos.hapsigntool.error.CustomException; import com.ohos.hapsigntool.error.ERROR; +import com.ohos.hapsigntool.error.SignToolErrMsg; import com.ohos.hapsigntool.utils.FileUtils; import com.ohos.hapsigntool.utils.LogUtils; @@ -55,7 +56,7 @@ public final class HelpDocument { logger.info(helpStr); } catch (IOException ioe) { logger.debug(ioe.getMessage(), ioe); - CustomException.throwException(ERROR.READ_FILE_ERROR, "Failed to read " + page + " resource"); + CustomException.throwException(ERROR.READ_FILE_ERROR, SignToolErrMsg.FILE_READ_FAILED.toString(page)); } } } diff --git a/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntoolcmd/ParamsTrustlist.java b/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntoolcmd/ParamsTrustlist.java index 56fb0ae6..55fb4aa0 100644 --- a/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntoolcmd/ParamsTrustlist.java +++ b/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntoolcmd/ParamsTrustlist.java @@ -17,6 +17,7 @@ package com.ohos.hapsigntoolcmd; import com.ohos.hapsigntool.error.CustomException; import com.ohos.hapsigntool.error.ERROR; +import com.ohos.hapsigntool.error.SignToolErrMsg; import java.io.BufferedReader; import java.io.IOException; @@ -83,7 +84,7 @@ public final class ParamsTrustlist { readHelpParam(br); } } catch (IOException e) { - CustomException.throwException(ERROR.READ_FILE_ERROR, "Failed to read " + page + " resource"); + CustomException.throwException(ERROR.READ_FILE_ERROR, SignToolErrMsg.FILE_READ_FAILED.toString(page)); } } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/adapter/LocalizationAdapter.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/adapter/LocalizationAdapter.java index 55ce428f..65d85cf7 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/adapter/LocalizationAdapter.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/adapter/LocalizationAdapter.java @@ -18,6 +18,7 @@ package com.ohos.hapsigntool.adapter; import com.ohos.hapsigntool.entity.Options; import com.ohos.hapsigntool.error.CustomException; import com.ohos.hapsigntool.error.ERROR; +import com.ohos.hapsigntool.error.SignToolErrMsg; import com.ohos.hapsigntool.error.VerifyCertificateChainException; import com.ohos.hapsigntool.utils.KeyPairTools; import com.ohos.hapsigntool.utils.KeyStoreHelper; @@ -185,7 +186,8 @@ public class LocalizationAdapter { if (keyStoreHelper == null) { initKeyStore(); } - ValidateUtils.throwIfNotMatches(!StringUtils.isEmpty(alias), ERROR.ACCESS_ERROR, "Alias could not be empty"); + ValidateUtils.throwIfNotMatches(!StringUtils.isEmpty(alias), ERROR.ACCESS_ERROR, + SignToolErrMsg.PARAM_VALUE_EMPTY.toString("KeyAlias")); KeyPair keyPair = null; if (keyStoreHelper.hasAlias(alias)) { keyPair = keyStoreHelper.loadKeyPair(alias, keyPwd); @@ -198,8 +200,7 @@ public class LocalizationAdapter { } } ValidateUtils.throwIfNotMatches(keyPair != null, ERROR.PARAM_NOT_EXIST_ERROR, - String.format("%s: '%s' is not exist in %s", Options.KEY_ALIAS, alias, - keyStoreHelper.getKeyStorePath())); + SignToolErrMsg.KEY_ALIAS_NOT_FOUND.toString(alias, keyStoreHelper.getKeyStorePath())); return keyPair; } @@ -217,8 +218,7 @@ public class LocalizationAdapter { ValidateUtils.throwIfNotMatches( certificates.size() >= MIN_CERT_CHAIN_SIZE && certificates.size() <= MAX_CERT_CHAIN_SIZE, - ERROR.NOT_SUPPORT_ERROR, String.format("Profile cert '%s' must a cert chain", certPath) - ); + ERROR.NOT_SUPPORT_ERROR, SignToolErrMsg.CERT_CHAIN_FORMAT_FAILED.toString(certPath)); return certificates; } @@ -261,22 +261,21 @@ public class LocalizationAdapter { */ public List getCertsFromFile(String certPath, String logTitle) { ValidateUtils.throwIfNotMatches(!StringUtils.isEmpty(certPath), ERROR.PARAM_NOT_EXIST_ERROR, - String.format("Params '%s' not exist", logTitle)); + SignToolErrMsg.FILE_NOT_EXIST.toString(logTitle)); File certFile = new File(certPath); ValidateUtils.throwIfNotMatches(certFile.exists(), ERROR.FILE_NOT_FOUND, - String.format("%s: '%s' not exist", logTitle, certPath)); + SignToolErrMsg.FILE_NOT_EXIST.toString(certPath)); List certificates = null; try { certificates = CertUtils.generateCertificates(FileUtils.readFile(certFile)); } catch (IOException | CertificateException | VerifyCertificateChainException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.ACCESS_ERROR, exception.getMessage() - + "\nSolutions:" - + "\n> The certificate format is incorrect, please check your appCertFile parameter."); + CustomException.throwException(ERROR.ACCESS_ERROR, SignToolErrMsg.CERT_FORMAT_FAILED + .toString(exception.getMessage())); } - ValidateUtils.throwIfNotMatches(certificates != null && certificates.size() > 0, ERROR.READ_FILE_ERROR, - String.format("Read fail from %s, bot found certificates", certPath)); + ValidateUtils.throwIfNotMatches(certificates != null && !certificates.isEmpty(), ERROR.READ_FILE_ERROR, + SignToolErrMsg.CERT_FORMAT_FAILED.toString("can not found certificates in file " + certPath)); return certificates; } @@ -388,8 +387,8 @@ public class LocalizationAdapter { */ public String getInFile() { String file = options.getString(Options.IN_FILE); - ValidateUtils.throwIfNotMatches(new File(file).exists(), ERROR.FILE_NOT_FOUND, - String.format("Required %s: '%s' not exist", Options.IN_FILE, file)); + ValidateUtils.throwIfNotMatches(new File(file).exists(), + ERROR.FILE_NOT_FOUND, SignToolErrMsg.FILE_NOT_EXIST.toString(file)); return file; } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/api/CertTools.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/api/CertTools.java index f4f2abc1..9db68ecc 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/api/CertTools.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/api/CertTools.java @@ -21,6 +21,7 @@ import com.ohos.hapsigntool.adapter.LocalizationAdapter; import com.ohos.hapsigntool.entity.Options; import com.ohos.hapsigntool.error.CustomException; import com.ohos.hapsigntool.error.ERROR; +import com.ohos.hapsigntool.error.SignToolErrMsg; import com.ohos.hapsigntool.utils.CertUtils; import com.ohos.hapsigntool.utils.LogUtils; @@ -83,7 +84,8 @@ public final class CertTools { .build(adapter.getSignAlg()); } catch (IOException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.IO_CERT_ERROR, exception.getMessage()); + CustomException.throwException(ERROR.IO_CERT_ERROR, SignToolErrMsg.CERT_IO_FAILED + .toString(exception.getMessage())); } return null; } @@ -107,7 +109,8 @@ public final class CertTools { .build(adapter.getSignAlg()); } catch (IOException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.IO_CERT_ERROR, exception.getMessage()); + CustomException.throwException(ERROR.IO_CERT_ERROR, SignToolErrMsg.CERT_IO_FAILED + .toString(exception.getMessage())); } return null; } @@ -135,7 +138,8 @@ public final class CertTools { .build(adapter.getSignAlg()); } catch (IOException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.IO_CERT_ERROR, exception.getMessage()); + CustomException.throwException(ERROR.IO_CERT_ERROR, SignToolErrMsg.CERT_IO_FAILED + .toString(exception.getMessage())); } return null; } @@ -162,7 +166,8 @@ public final class CertTools { .build(adapter.getSignAlg()); } catch (IOException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.IO_CERT_ERROR, exception.getMessage()); + CustomException.throwException(ERROR.IO_CERT_ERROR, SignToolErrMsg.CERT_IO_FAILED + .toString(exception.getMessage())); } return null; } @@ -184,7 +189,8 @@ public final class CertTools { return csr.getEncoded(); } catch (IOException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.IO_CSR_ERROR, "Not support " + subject); + CustomException.throwException(ERROR.IO_CSR_ERROR, SignToolErrMsg.IO_CSR_ERROR + .toString("Not support " + subject)); return NO_CSR; } } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/api/SignToolServiceImpl.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/api/SignToolServiceImpl.java index 27fef50f..35d188eb 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/api/SignToolServiceImpl.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/api/SignToolServiceImpl.java @@ -20,6 +20,7 @@ import com.ohos.hapsigntool.entity.Options; import com.ohos.hapsigntool.adapter.LocalizationAdapter; import com.ohos.hapsigntool.error.CustomException; import com.ohos.hapsigntool.error.ERROR; +import com.ohos.hapsigntool.error.SignToolErrMsg; import com.ohos.hapsigntool.error.VerifyException; import com.ohos.hapsigntool.hap.provider.LocalJKSSignProvider; import com.ohos.hapsigntool.hap.provider.RemoteSignProvider; @@ -151,16 +152,15 @@ public class SignToolServiceImpl implements ServiceApi { String iksFile = options.getString(Options.ISSUER_KEY_STORE_FILE); if (isEmpty) { if (!StringUtils.isEmpty(iksFile) && !ksFile.equals(iksFile)) { - CustomException.throwException(ERROR.WRITE_FILE_ERROR, - String.format("Parameter '%s' and parameter '%s' are inconsistent", ksFile, iksFile)); + CustomException.throwException(ERROR.WRITE_FILE_ERROR, SignToolErrMsg.GENERATE_CA_FAILED + .toString(ksFile, iksFile)); } if (options.containsKey(Options.ISSUER_KEY_STORE_RIGHTS)) { boolean isEqual = Arrays.equals(options.getChars(Options.KEY_STORE_RIGHTS), options.getChars(Options.ISSUER_KEY_STORE_RIGHTS)); if (!isEqual) { - CustomException.throwException(ERROR.WRITE_FILE_ERROR, - String.format("Parameter '%s' and parameter '%s' are inconsistent", - Options.KEY_STORE_RIGHTS, Options.ISSUER_KEY_STORE_RIGHTS)); + CustomException.throwException(ERROR.WRITE_FILE_ERROR, SignToolErrMsg.GENERATE_CA_FAILED + .toString(Options.KEY_STORE_RIGHTS, Options.ISSUER_KEY_STORE_RIGHTS)); } } rootKey = subKey; @@ -287,7 +287,8 @@ public class SignToolServiceImpl implements ServiceApi { LOGGER.error(exception.getMessage()); isSign = false; } catch (VerifyException e) { - CustomException.throwException(ERROR.VERIFY_ERROR, "Verify Profile Failed! " + e.getMessage()); + CustomException.throwException(ERROR.VERIFY_ERROR, SignToolErrMsg.VERIFY_PROFILE_FAILED + .toString(e.getMessage())); isSign = false; } return isSign; @@ -349,7 +350,8 @@ public class SignToolServiceImpl implements ServiceApi { FileUtils.write(content.getBytes(StandardCharsets.UTF_8), new File(file)); } catch (IOException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.WRITE_FILE_ERROR, exception.getMessage()); + CustomException.throwException(ERROR.WRITE_FILE_ERROR, SignToolErrMsg.FILE_WRITE_FAILED + .toString(exception.getMessage())); } } } @@ -372,7 +374,8 @@ public class SignToolServiceImpl implements ServiceApi { return true; } catch (CertificateException | IOException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.WRITE_FILE_ERROR, exception.getMessage()); + CustomException.throwException(ERROR.WRITE_FILE_ERROR, SignToolErrMsg.FILE_WRITE_FAILED + .toString(exception.getMessage())); return false; } } @@ -398,7 +401,8 @@ public class SignToolServiceImpl implements ServiceApi { return true; } catch (CertificateException | IOException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.WRITE_FILE_ERROR, exception.getMessage()); + CustomException.throwException(ERROR.WRITE_FILE_ERROR, SignToolErrMsg.FILE_WRITE_FAILED + .toString(exception.getMessage())); return false; } } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/cert/CertBuilder.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/cert/CertBuilder.java index 97939ffd..5f2a1560 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/cert/CertBuilder.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/cert/CertBuilder.java @@ -18,6 +18,7 @@ package com.ohos.hapsigntool.cert; import com.ohos.hapsigntool.api.ServiceApi; import com.ohos.hapsigntool.error.CustomException; import com.ohos.hapsigntool.error.ERROR; +import com.ohos.hapsigntool.error.SignToolErrMsg; import com.ohos.hapsigntool.utils.CertUtils; import com.ohos.hapsigntool.utils.LogUtils; @@ -88,7 +89,8 @@ public class CertBuilder { request = new PKCS10CertificationRequest(csr); } catch (IOException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.IO_CSR_ERROR, exception.getMessage()); + CustomException.throwException(ERROR.IO_CSR_ERROR, SignToolErrMsg.IO_CSR_ERROR + .toString(exception.getMessage())); } x509v3CertificateBuilder = new X509v3CertificateBuilder( issuer, CertUtils.randomSerial(), Date.from(notBefore.atZone(ZoneId.systemDefault()).toInstant()), @@ -100,10 +102,12 @@ public class CertBuilder { extUtils.createSubjectKeyIdentifier(request.getSubjectPublicKeyInfo())); } catch (NoSuchAlgorithmException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.NOT_SUPPORT_ERROR, exception.getMessage()); + CustomException.throwException(ERROR.NOT_SUPPORT_ERROR, SignToolErrMsg.NO_SUCH_SIGNATURE + .toString(exception.getMessage())); } catch (CertIOException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.IO_CERT_ERROR, exception.getMessage()); + CustomException.throwException(ERROR.IO_CERT_ERROR, SignToolErrMsg.CERT_IO_FAILED + .toString(exception.getMessage())); } } @@ -123,10 +127,12 @@ public class CertBuilder { } } catch (NoSuchAlgorithmException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.NOT_SUPPORT_ERROR, exception.getMessage()); + CustomException.throwException(ERROR.NOT_SUPPORT_ERROR, SignToolErrMsg.NO_SUCH_SIGNATURE + .toString(exception.getMessage())); } catch (CertIOException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.IO_CERT_ERROR, exception.getMessage()); + CustomException.throwException(ERROR.IO_CERT_ERROR, SignToolErrMsg.CERT_IO_FAILED + .toString(exception.getMessage())); } return this; } @@ -217,16 +223,20 @@ public class CertBuilder { cert.verify(keyPair.getPublic()); } catch (InvalidKeyException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.KEY_ERROR, exception.getMessage()); + CustomException.throwException(ERROR.KEY_ERROR, SignToolErrMsg.INVALID_KEY + .toString(exception.getMessage())); } catch (SignatureException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.SIGN_ERROR, exception.getMessage()); + CustomException.throwException(ERROR.SIGN_ERROR, SignToolErrMsg.SIGNATURE_FAILED + .toString(exception.getMessage())); } catch (CertificateException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.CERTIFICATE_ERROR, exception.getMessage()); + CustomException.throwException(ERROR.CERTIFICATE_ERROR, SignToolErrMsg.CERT_IO_FAILED + .toString(exception.getMessage())); } catch (NoSuchAlgorithmException | NoSuchProviderException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.NOT_SUPPORT_ERROR, exception.getMessage()); + CustomException.throwException(ERROR.NOT_SUPPORT_ERROR, SignToolErrMsg.NO_SUCH_SIGNATURE + .toString(exception.getMessage())); } return cert; } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/entity/Options.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/entity/Options.java index 6f5b13fc..7ba46cdd 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/entity/Options.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/entity/Options.java @@ -17,6 +17,7 @@ package com.ohos.hapsigntool.entity; import com.ohos.hapsigntool.error.CustomException; import com.ohos.hapsigntool.error.ERROR; +import com.ohos.hapsigntool.error.SignToolErrMsg; import com.ohos.hapsigntool.utils.LogUtils; import java.util.HashMap; @@ -258,7 +259,7 @@ public class Options extends HashMap { public void required(String... keys) { for (String key : keys) { if (!isEmpty(key) && !this.containsKey(key)) { - CustomException.throwException(ERROR.COMMAND_ERROR, String.format("Params '%s' is required", key)); + CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.PARAM_REQUIRED.toString(key)); } } } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/CodeSignErrMsg.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/CodeSignErrMsg.java new file mode 100644 index 00000000..90aa0901 --- /dev/null +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/CodeSignErrMsg.java @@ -0,0 +1,33 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.ohos.hapsigntool.error; + +/** + * CodeSignErrMsg + * + * @since 2025/01/06 + */ +public class CodeSignErrMsg { + public static ErrorMsg FILE_FORMAT_UNSUPPORTED_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("10") + .addErrCode("001") + .addDescription("Description....") + .addErrCode("222") + .addCause("Cause....") + .addSolution("Solution 1") + .addSolution("Solution 2") + .build(); +} diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java new file mode 100644 index 00000000..33a64786 --- /dev/null +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java @@ -0,0 +1,206 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.ohos.hapsigntool.error; + +import com.ohos.hapsigntool.utils.StringUtils; + +import java.util.ArrayList; +import java.util.List; +import java.util.Locale; + +/** + * ErrorMsg + * + * @since 2025/01/06 + */ +public class ErrorMsg { + private String code; + + private String description; + + private String cause; + + private String position; + + private List solutions; + + private MoreInfo moreInfo; + + /** + * ErrorMsg constructor + * @param code code + * @param description description + * @param cause cause + * @param position position + * @param solutions solutions + */ + public ErrorMsg(String code, String description, String cause, + String position, List solutions) { + this.code = code; + this.description = description; + this.cause = cause; + this.position = position; + this.solutions = solutions; + this.moreInfo = new MoreInfo(); + } + + /** + * getCodeSignErrBuilder + * + * @return Builder + */ + public static Builder getCodeSignErrBuilder() { + return new Builder("111"); + } + + /** + * getSignToolErrBuilder + * + * @return Builder + */ + public static Builder getSignToolErrBuilder() { + return new Builder("110"); + } + + @Override + public String toString() { + final StringBuffer sb = new StringBuffer(); + sb.append(code) + .append(" ").append(description).append(System.lineSeparator()).append("Error Message: ").append(cause); + + if (!StringUtils.isEmpty(position)) { + sb.append(" At ").append(position).append(System.lineSeparator()); + } + + if (solutions != null && solutions.isEmpty()) { + sb.append("* Try the following: ").append(System.lineSeparator()); + for (String s : solutions) { + sb.append(" > ").append(s).append(System.lineSeparator()); + } + } + return sb.toString(); + } + + public String toString(Object... args) { + return String.format(Locale.ROOT, this.toString(), args); + } + + static class MoreInfo { + private String cn; + + private String en; + } + + public static class Builder { + private String sysCode; + + private String errCode; + + private String typeCode; + + private String description; + + private String cause; + + private String position; + + private List solutions = new ArrayList<>(); + + /** + * Builder Constructor + * @param sysCode sysCode + */ + public Builder(String sysCode) { + this.sysCode = sysCode; + } + + /** + * addErrCode + * @param errCode errCode + * @return Builder + */ + public Builder addErrCode(String errCode) { + this.errCode = errCode; + return this; + } + + /** + * addTypeCode + * + * @param typeCode typeCode + * @return Builder + */ + public Builder addTypeCode(String typeCode) { + this.typeCode = typeCode; + return this; + } + + /** + * addDescription + * + * @param description description + * @return Builder + */ + public Builder addDescription(String description) { + this.description = description; + return this; + } + + /** + * addCause + * + * @param cause cause + * @return Builder + */ + public Builder addCause(String cause) { + this.cause = cause; + return this; + } + + /** + * addPosition + * + * @param position position + * @return Builder + */ + public Builder addPosition(String position) { + this.position = position; + return this; + } + + /** + * addSolution + * + * @param solution solution + * @return Builder + */ + public Builder addSolution(String solution) { + this.solutions.add(solution); + return this; + } + + /** + * build + * + * @return ErrorMsg + */ + public ErrorMsg build() { + return new ErrorMsg(sysCode + typeCode + errCode, description, cause, position, solutions); + } + } + + +} diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/SignToolErrMsg.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/SignToolErrMsg.java new file mode 100644 index 00000000..28aa4b48 --- /dev/null +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/SignToolErrMsg.java @@ -0,0 +1,306 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.ohos.hapsigntool.error; + +/** + * SignToolErrMsg + * + * @since 2025/01/06 + */ +public class SignToolErrMsg { + // unknown error + public static ErrorMsg UNKNOWN_ERROR = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("10") + .addErrCode("001") + .addDescription("%s") + .build(); + + // command error + public static ErrorMsg UNSUPPORTED_METHOD = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("11") + .addErrCode("001") + .addDescription("Unsupported command method") + .addCause("Can not find method {%s}") + .addSolution("Please check input the first param") + .build(); + + public static ErrorMsg PARAM_CHECK_FAILED = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("11") + .addErrCode("002") + .addDescription("{%s} param is incorrect") + .addCause("%s") + .build(); + + public static ErrorMsg PARAM_NUM_ERROR = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("11") + .addErrCode("003") + .addDescription("Check param num failed") + .addCause("Please input at least two params") + .build(); + + public static ErrorMsg PARAM_VALUE_EMPTY = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("11") + .addErrCode("004") + .addDescription("Check param num failed") + .addCause("Param {%s} value could not be empty") + .build(); + + public static ErrorMsg PARAM_NOT_TRUSTED = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("11") + .addErrCode("005") + .addDescription("Param is not trusted") + .addCause("Param {%s} value is not trusted") + .build(); + + public static ErrorMsg PARAM_NOT_IN_PAIRS = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("11") + .addErrCode("006") + .addDescription("Param {-key value} must in pairs") + .addCause("Check param {%s} failed") + .build(); + + public static ErrorMsg PARAM_DUPLICATE = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("11") + .addErrCode("007") + .addDescription("Check param num failed") + .addCause("Param {%s} is duplicated") + .build(); + + public static ErrorMsg PARAM_REQUIRED = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("11") + .addErrCode("008") + .addDescription("Check param failed") + .addCause("Param {%s} is required, but can not be found") + .addSolution("Please input required param") + .build(); + + public static ErrorMsg MISSING_PARAM = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("11") + .addErrCode("008") + .addDescription("Check param failed") + .addCause("Missed param {%s}") + .build(); + + // file error + public static ErrorMsg LOAD_REMOTE_PLUGIN_FAILED = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("12") + .addErrCode("001") + .addDescription("Load remote sign plugin failed") + .addCause("%s") + .build(); + + public static ErrorMsg FILE_NOT_EXIST = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("12") + .addErrCode("002") + .addDescription("Param {%s} is not exist") + .build(); + + public static ErrorMsg FILE_WRITE_FAILED = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("12") + .addErrCode("003") + .addDescription("Write file failed") + .addCause("%s") + .build(); + + public static ErrorMsg FILE_READ_FAILED = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("12") + .addErrCode("004") + .addDescription("Read file {%s} failed") + .build(); + + public static ErrorMsg NOT_SUPPORT_FILE = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("12") + .addErrCode("005") + .addDescription("Not support file: %s") + .build(); + + // cert error + public static ErrorMsg CERT_DN_FORMAT_FAILED = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("13") + .addErrCode("001") + .addDescription("Check DN format failed") + .addCause("Format error, must be \"X=xx,XX=xxx,...\"") + .addSolution("Please check param {%s}") + .build(); + + public static ErrorMsg CERT_FORMAT_FAILED = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("13") + .addErrCode("002") + .addDescription("Certificate format is in correct, please check your appCertFile parameter.") + .addCause("Exception message: %s") + .addSolution("{-appCertFile} should input a file ending in .cer") + .build(); + + public static ErrorMsg GENERATE_CA_FAILED = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("13") + .addErrCode("003") + .addDescription("Parameter '%s' and parameter '%s' are inconsistent") + .build(); + + public static ErrorMsg CERT_CHAIN_FORMAT_FAILED = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("13") + .addErrCode("004") + .addDescription("Profile cert must a cert chain") + .addCause("cause in cert file: %s") + .build(); + + public static ErrorMsg NO_SUCH_SIGNATURE = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("13") + .addErrCode("005") + .addDescription("No such algorithm") + .addCause("Exception message: %s") + .build(); + + public static ErrorMsg CERT_IO_FAILED = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("13") + .addErrCode("006") + .addDescription("Certificate IO failed") + .addCause("Exception message: %s") + .build(); + + public static ErrorMsg CERTIFICATE_ERROR = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("13") + .addErrCode("007") + .addDescription("Certificate check failed") + .addCause("Exception message: %s") + .build(); + + public static ErrorMsg IO_CSR_ERROR = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("13") + .addErrCode("008") + .addDescription("generate csr failed") + .addCause("Exception message: %s") + .build(); + + // key store error + public static ErrorMsg KEY_ALIAS_NOT_FOUND = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("14") + .addErrCode("001") + .addDescription("KeyAlias {%s} is not exist in {%s}") + .addSolution("Please check keystore file and keyAlias, ensure keyAlias is exist") + .addSolution("Use jdk tool [keytool] check keystore: [keytool -list -keystore xxx.p12]") + .build(); + + public static ErrorMsg KEY_ALIAS_EXIST = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("14") + .addErrCode("002") + .addDescription("KeyAlias {%s} is exist in {%s}, cloud not overwrite.") + .addSolution("Please check keystore file and keyAlias, ensure keyAlias is not exist") + .addSolution("Use jdk tool [keytool] check keystore: [keytool -list -keystore xxx.p12]") + .build(); + + public static ErrorMsg INIT_KEYSTORE_FAILED = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("14") + .addErrCode("003") + .addDescription("Init keystore failed: ") + .addCause("Exception message: %s") + .addSolution("The key store file does not exist, please check the key store file path.") + .addSolution("Incorrect keystore password, please input the correct plaintext password.") + .addSolution("The keystore was created by a newer JDK version, please use the same JDK version") + .build(); + + public static ErrorMsg INVALID_KEY = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("14") + .addErrCode("004") + .addDescription("Invalid Key") + .addCause("Exception message: %s") + .build(); + + public static ErrorMsg ALGORITHM_NOT_SUPPORT = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("14") + .addErrCode("005") + .addDescription("Not support algorithm") + .addCause("Exception message: %s") + .build(); + + public static ErrorMsg KEYSTORE_ERROR = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("14") + .addErrCode("006") + .addDescription("Keystore exception") + .addCause("Exception message: %s") + .build(); + + public static ErrorMsg KEY_PASSWORD_ERROR = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("14") + .addErrCode("007") + .addDescription("Key alias {%s} password error") + .addCause("Exception message: %s") + .build(); + + public static ErrorMsg NO_USABLE_CERT = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("14") + .addErrCode("008") + .addDescription("No usable cert found in {%s}") + .addCause("MayBe the certificate in keystore is invalid.") + .build(); + + // signature error + public static ErrorMsg SIGNATURE_FAILED = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("15") + .addErrCode("001") + .addDescription("Signature failed") + .addCause("Exception message: %s") + .build(); + + public static ErrorMsg SIGNATURE_NOT_MATCHED = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("15") + .addErrCode("002") + .addDescription("Signature not matched!") + .addSolution("Please check if the keyAlias private key matches the public key in the certificate") + .addSolution("If the certificate is changed, the keyAlias should be replaced synchronously") + .build(); + + public static ErrorMsg VERIFY_FAILED = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("15") + .addErrCode("003") + .addDescription("Verify signature failed") + .addCause("Exception message: %s") + .build(); + + // profile error + public static ErrorMsg VERIFY_PROFILE_FAILED = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("16") + .addErrCode("001") + .addDescription("Verify profile failed") + .addCause("Exception message: %s") + .build(); + + // zip error + public static ErrorMsg READ_ZIP_FAILED = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("17") + .addErrCode("001") + .addDescription("Read zip file failed") + .addCause("Exception message: %s") + .addSolution("App (or hap/hsp/hnp) use zip format.") + .addSolution("Zip file can support a maximum size of 4G and 65535 sub files.") + .addSolution("If this value is exceeded, it will be automatically converted to zip64.") + .addSolution("Please check if file is zip64 format, or zip formatted correctly.") + .build(); + + public static ErrorMsg WRITE_ZIP_FAILED = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("17") + .addErrCode("002") + .addDescription("Write zip file failed") + .addCause("Exception message: %s") + .build(); + + public static ErrorMsg ALIGNMENT_ZIP_FAILED = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("17") + .addErrCode("003") + .addDescription("Alignment zip file failed") + .addCause("Exception message: %s") + .build(); +} diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/SignProvider.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/SignProvider.java index 2193f385..04b330ac 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/SignProvider.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/SignProvider.java @@ -27,6 +27,7 @@ import com.ohos.hapsigntool.codesigning.exception.FsVerityDigestException; import com.ohos.hapsigntool.codesigning.sign.CodeSigning; import com.ohos.hapsigntool.error.CustomException; import com.ohos.hapsigntool.error.ERROR; +import com.ohos.hapsigntool.error.SignToolErrMsg; import com.ohos.hapsigntool.hap.config.SignerConfig; import com.ohos.hapsigntool.hap.entity.SigningBlock; import com.ohos.hapsigntool.error.HapFormatException; @@ -263,7 +264,7 @@ public abstract class SignProvider { /* 6. make signed file into output file. */ if (!SignBin.sign(signerConfig, signParams)) { - LOGGER.error("hap-sign-tool: error: Sign bin internal failed."); + LOGGER.error("Sign bin internal failed."); return false; } LOGGER.info("Sign success"); @@ -295,7 +296,7 @@ public abstract class SignProvider { if (ParamConstants.ProfileSignFlag.DISABLE_SIGN_CODE.getSignFlag().equals( signParams.get(ParamConstants.PARAM_BASIC_PROFILE_SIGNED))) { - LOGGER.error("hap-sign-tool: error: Sign elf can not use unsigned profile."); + LOGGER.error("Sign elf can not use unsigned profile."); return false; } @@ -304,7 +305,7 @@ public abstract class SignProvider { } /* 6. make signed file into output file. */ if (!SignElf.sign(signerConfig, signParams)) { - LOGGER.error("hap-sign-tool: error: Sign elf internal failed."); + LOGGER.error("Sign elf internal failed."); return false; } LOGGER.info("Sign success"); @@ -479,13 +480,13 @@ public abstract class SignProvider { private void printErrorLog(Exception exception) { if (exception != null) { - LOGGER.error("hap-sign-tool: error: {}", exception.getMessage(), exception); + LOGGER.error(exception.getMessage(), exception); } } private void printErrorLogWithoutStack(Exception exception) { if (exception != null) { - LOGGER.error("hap-sign-tool: error: {}", exception.getMessage()); + LOGGER.error(exception.getMessage()); } } @@ -578,7 +579,8 @@ public abstract class SignProvider { X500Name name = new X500Name(nameStr); RDN[] commonName = name.getRDNs(BCStyle.CN); if (commonName.length <= 0) { - CustomException.throwException(ERROR.CERTIFICATE_ERROR, "subject without common name"); + CustomException.throwException(ERROR.CERTIFICATE_ERROR, SignToolErrMsg.CERTIFICATE_ERROR + .toString("subject without common name")); } return commonName[0].getFirst().getValue().toString(); } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/ProfileSignTool.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/ProfileSignTool.java index a9b28a5a..c2969cc9 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/ProfileSignTool.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/ProfileSignTool.java @@ -18,6 +18,7 @@ package com.ohos.hapsigntool.profile; import com.ohos.hapsigntool.adapter.LocalizationAdapter; import com.ohos.hapsigntool.error.CustomException; import com.ohos.hapsigntool.error.ERROR; +import com.ohos.hapsigntool.error.SignToolErrMsg; import com.ohos.hapsigntool.error.VerifyException; import com.ohos.hapsigntool.profile.model.VerificationResult; import com.ohos.hapsigntool.signer.ISigner; @@ -93,10 +94,11 @@ public final class ProfileSignTool { try { verificationResult = verifyHelper.verify(p7b); } catch (VerifyException e) { - CustomException.throwException(ERROR.VERIFY_ERROR, "Generate Profile Failed! " + e.getMessage()); + CustomException.throwException(ERROR.VERIFY_ERROR, SignToolErrMsg.VERIFY_PROFILE_FAILED + .toString("Generate Profile Failed! " + e.getMessage())); } - ValidateUtils.throwIfNotMatches(verificationResult.isVerifiedPassed(), ERROR.SIGN_ERROR, - verificationResult.getMessage()); + ValidateUtils.throwIfNotMatches(verificationResult.isVerifiedPassed(), + ERROR.SIGN_ERROR, SignToolErrMsg.SIGNATURE_FAILED.toString(verificationResult.getMessage())); return p7b; } @@ -135,7 +137,7 @@ public final class ProfileSignTool { return contentInfo.getEncoded("DER"); } catch (OperatorCreationException | IOException | CertificateEncodingException | CRLException e) { LOGGER.debug(e.getMessage(), e); - CustomException.throwException(ERROR.SIGN_ERROR, e.getMessage()); + CustomException.throwException(ERROR.SIGN_ERROR, SignToolErrMsg.SIGNATURE_FAILED.toString(e.getMessage())); } return NO_BYTE; } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/VerifyHelper.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/VerifyHelper.java index 19efcc7a..f7b7f75a 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/VerifyHelper.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/VerifyHelper.java @@ -18,6 +18,7 @@ package com.ohos.hapsigntool.profile; import com.google.gson.JsonObject; import com.ohos.hapsigntool.error.CustomException; import com.ohos.hapsigntool.error.ERROR; +import com.ohos.hapsigntool.error.SignToolErrMsg; import com.ohos.hapsigntool.error.VerifyException; import com.ohos.hapsigntool.hap.verify.VerifyUtils; import com.ohos.hapsigntool.profile.model.VerificationResult; @@ -87,10 +88,12 @@ public class VerifyHelper implements IProvisionVerifier { Signature signature = Signature.getInstance(algorithm); signature.initVerify(cert); signature.update(unsignedData); - ValidateUtils.throwIfNotMatches(signature.verify(signedData), ERROR.SIGN_ERROR, "Signature not matched!"); + ValidateUtils.throwIfNotMatches(signature.verify(signedData), ERROR.SIGN_ERROR, + SignToolErrMsg.SIGNATURE_NOT_MATCHED.toString()); } catch (InvalidKeyException | SignatureException | NoSuchAlgorithmException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.SIGN_ERROR, "Failed to verify signature: " + exception.getMessage()); + CustomException.throwException(ERROR.SIGN_ERROR, SignToolErrMsg.VERIFY_FAILED + .toString(exception.getMessage())); } } @@ -103,10 +106,11 @@ public class VerifyHelper implements IProvisionVerifier { public static List certStoreToCertList(Store certificates) { String errorMsg = "Verify failed, not found cert chain"; JcaX509CertificateConverter converter = new JcaX509CertificateConverter(); - ValidateUtils.throwIfMatches(certificates == null, ERROR.VERIFY_ERROR, errorMsg); + ValidateUtils.throwIfMatches(certificates == null, ERROR.VERIFY_ERROR, SignToolErrMsg.VERIFY_FAILED + .toString(errorMsg)); Collection matches = certificates.getMatches(null); ValidateUtils.throwIfMatches(matches == null || !matches.iterator().hasNext(), - ERROR.VERIFY_ERROR, errorMsg); + ERROR.VERIFY_ERROR, SignToolErrMsg.VERIFY_FAILED.toString(errorMsg)); Iterator iterator = matches.iterator(); List certificateList = new ArrayList<>(); @@ -117,9 +121,10 @@ public class VerifyHelper implements IProvisionVerifier { } } catch (CertificateException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.VERIFY_ERROR, errorMsg); + CustomException.throwException(ERROR.VERIFY_ERROR, SignToolErrMsg.VERIFY_FAILED.toString(errorMsg)); } - ValidateUtils.throwIfMatches(certificateList.size() == 0, ERROR.VERIFY_ERROR, errorMsg); + ValidateUtils.throwIfMatches(certificateList.size() == 0, + ERROR.VERIFY_ERROR, SignToolErrMsg.VERIFY_FAILED.toString(errorMsg)); return certificateList; } @@ -192,12 +197,12 @@ public class VerifyHelper implements IProvisionVerifier { cmsSignedData = new CMSSignedData(p7b); boolean verifyResult = VerifyUtils.verifyCmsSignedData(cmsSignedData); ValidateUtils.throwIfNotMatches(verifyResult, ERROR.VERIFY_ERROR, - "Failed to verify BC signatures"); + SignToolErrMsg.VERIFY_FAILED.toString("Failed to verify BC signatures")); return cmsSignedData; } catch (CMSException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.VERIFY_ERROR, "Failed to verify BC signatures: " - + exception.getMessage()); + CustomException.throwException(ERROR.VERIFY_ERROR, SignToolErrMsg.VERIFY_FAILED + .toString("Failed to verify BC signatures" + exception.getMessage())); } return cmsSignedData; } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/model/BundleInfo.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/model/BundleInfo.java index dcf012da..5cacb121 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/model/BundleInfo.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/model/BundleInfo.java @@ -17,6 +17,7 @@ package com.ohos.hapsigntool.profile.model; import com.google.gson.annotations.SerializedName; import com.ohos.hapsigntool.error.ERROR; +import com.ohos.hapsigntool.error.SignToolErrMsg; import com.ohos.hapsigntool.utils.ValidateUtils; /** @@ -122,10 +123,10 @@ public class BundleInfo { public void enforceValid(String buildType) { if (Provision.isBuildTypeRelease(buildType)) { ValidateUtils.throwIfMatches(this.distributionCertificate == null, - ERROR.SIGN_ERROR, "Require cert in bundleInfo!"); + ERROR.SIGN_ERROR, SignToolErrMsg.SIGNATURE_FAILED.toString("Require cert in bundleInfo!")); } else { ValidateUtils.throwIfMatches(this.developmentCertificate == null, - ERROR.SIGN_ERROR, "Require cert in bundleInfo!"); + ERROR.SIGN_ERROR, SignToolErrMsg.SIGNATURE_FAILED.toString("Require cert in bundleInfo!")); } } } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/model/DebugInfo.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/model/DebugInfo.java index 9fcd714c..b2b8563e 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/model/DebugInfo.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/model/DebugInfo.java @@ -17,6 +17,7 @@ package com.ohos.hapsigntool.profile.model; import com.google.gson.annotations.SerializedName; import com.ohos.hapsigntool.error.ERROR; +import com.ohos.hapsigntool.error.SignToolErrMsg; import com.ohos.hapsigntool.utils.ValidateUtils; import java.util.List; @@ -73,9 +74,9 @@ public class DebugInfo { public void enforceValid() { if (this.deviceIds != null) { ValidateUtils.throwIfMatches(this.deviceIds.size() > MAX_DEBUG_DEVICE_NUM, ERROR.SIGN_ERROR, - "Support at most: 100 devices!"); - ValidateUtils.throwIfMatches(!this.isDeviceIdTypeValid(), ERROR.SIGN_ERROR, - "Device id type must be sn or udid, current is " + this.deviceIdType); + SignToolErrMsg.SIGNATURE_FAILED.toString("Support at most: 100 devices!")); + ValidateUtils.throwIfMatches(!this.isDeviceIdTypeValid(), ERROR.SIGN_ERROR, SignToolErrMsg.SIGNATURE_FAILED + .toString("Device id type must be sn or udid, current is " + this.deviceIdType)); } } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/model/Provision.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/model/Provision.java index 50c19b5e..14a09d78 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/model/Provision.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/model/Provision.java @@ -17,6 +17,7 @@ package com.ohos.hapsigntool.profile.model; import com.google.gson.annotations.SerializedName; import com.ohos.hapsigntool.error.ERROR; +import com.ohos.hapsigntool.error.SignToolErrMsg; import com.ohos.hapsigntool.utils.ValidateUtils; /** @@ -195,10 +196,11 @@ public class Provision { */ public static void enforceValid(Provision provision) { ValidateUtils.throwIfMatches(provision.type == null || !isBuildTypeValid(provision.type), - ERROR.SIGN_ERROR, "Require build type must be debug or release, current is :" + provision.type); + ERROR.SIGN_ERROR, SignToolErrMsg.SIGNATURE_FAILED + .toString("Require build type must be debug or release, current is :" + provision.type)); ValidateUtils.throwIfMatches(provision.bundleInfo == null, ERROR.SIGN_ERROR, - "Require bundleInfo in provision!"); + SignToolErrMsg.SIGNATURE_FAILED.toString("Require bundleInfo in provision!")); provision.bundleInfo.enforceValid(provision.type); } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/model/Validity.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/model/Validity.java index 02151973..406192a1 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/model/Validity.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/model/Validity.java @@ -42,16 +42,6 @@ public class Validity { */ public Validity() {} - /** - * Validate attribute. - */ - public void enforceValid() { - ValidateUtils.throwIfMatches(this.notBefore == 0L, ERROR.SIGN_ERROR, "Require notBefore in validity!"); - ValidateUtils.throwIfMatches(this.notAfter == 0L, ERROR.SIGN_ERROR, "Require notAfter in validity!"); - ValidateUtils.throwIfMatches(this.notBefore >= this.notAfter, ERROR.SIGN_ERROR, - "Require notBefore less than notAfter in validity!"); - } - public Long getNotBefore() { return notBefore; } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/signer/LocalSigner.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/signer/LocalSigner.java index cccb9381..03940b9d 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/signer/LocalSigner.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/signer/LocalSigner.java @@ -17,6 +17,7 @@ package com.ohos.hapsigntool.signer; import com.ohos.hapsigntool.error.CustomException; import com.ohos.hapsigntool.error.ERROR; +import com.ohos.hapsigntool.error.SignToolErrMsg; import com.ohos.hapsigntool.utils.LogUtils; import java.security.InvalidAlgorithmParameterException; @@ -85,7 +86,8 @@ public class LocalSigner implements ISigner { } catch (NoSuchAlgorithmException | InvalidKeyException | InvalidAlgorithmParameterException | SignatureException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.SIGN_ERROR, exception.getMessage()); + CustomException.throwException(ERROR.SIGN_ERROR, SignToolErrMsg.SIGNATURE_FAILED + .toString(exception.getMessage())); } return signData; } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/signer/SignerFactory.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/signer/SignerFactory.java index bd62263d..a69e116f 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/signer/SignerFactory.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/signer/SignerFactory.java @@ -18,6 +18,7 @@ package com.ohos.hapsigntool.signer; import com.ohos.hapsigntool.adapter.LocalizationAdapter; import com.ohos.hapsigntool.error.CustomException; import com.ohos.hapsigntool.error.ERROR; +import com.ohos.hapsigntool.error.SignToolErrMsg; import com.ohos.hapsigntool.utils.LogUtils; import com.ohos.hapsigntool.utils.StringUtils; @@ -132,7 +133,8 @@ public class SignerFactory { private File getClassLocation() { String jarPath = SignerFactory.class.getProtectionDomain().getCodeSource().getLocation().getFile(); if (StringUtils.isEmpty(jarPath)) { - CustomException.throwException(ERROR.COMMAND_ERROR, "class path is empty"); + CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.LOAD_REMOTE_PLUGIN_FAILED + .toString("Class path is empty")); } try { jarPath = URLDecoder.decode(URLEncoder.encode(jarPath, "utf-8"), "utf-8"); @@ -141,7 +143,8 @@ public class SignerFactory { } File jarFile = new File(jarPath); if (!jarFile.exists()) { - CustomException.throwException(ERROR.COMMAND_ERROR, "class path" + jarFile + "is not exists"); + CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.LOAD_REMOTE_PLUGIN_FAILED + .toString("class path" + jarFile + "is not exists")); } if (jarFile.isFile()) { return jarFile.getParentFile(); diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/CertChainUtils.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/CertChainUtils.java index fe8e8ece..24a34953 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/CertChainUtils.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/CertChainUtils.java @@ -17,6 +17,7 @@ package com.ohos.hapsigntool.utils; import com.ohos.hapsigntool.error.CustomException; import com.ohos.hapsigntool.error.ERROR; +import com.ohos.hapsigntool.error.SignToolErrMsg; import com.ohos.hapsigntool.error.VerifyException; import javax.security.auth.x500.X500Principal; @@ -102,14 +103,16 @@ public class CertChainUtils { CertPathValidator validator = CertPathValidator.getInstance("PKIX"); CertPathValidatorResult validatorResult = validator.validate(certPath, params); ValidateUtils.throwIfNotMatches(validatorResult instanceof PKIXCertPathValidatorResult, - ERROR.VERIFY_ERROR, "Validator result not target type"); + ERROR.VERIFY_ERROR, SignToolErrMsg.VERIFY_FAILED.toString("Validator result not target type")); if (validatorResult instanceof PKIXCertPathValidatorResult) { PKIXCertPathValidatorResult pkixValidatorResult = (PKIXCertPathValidatorResult) validatorResult; ValidateUtils.throwIfNotMatches(params.getTrustAnchors().contains(pkixValidatorResult.getTrustAnchor()), - ERROR.VERIFY_ERROR, "Anchor is not trusted: " + Base64.getEncoder().encodeToString( - pkixValidatorResult.getTrustAnchor().getTrustedCert().getEncoded())); + ERROR.VERIFY_ERROR, SignToolErrMsg.VERIFY_FAILED.toString( + "Anchor is not trusted: " + Base64.getEncoder().encodeToString( + pkixValidatorResult.getTrustAnchor().getTrustedCert().getEncoded()))); } else { - CustomException.throwException(ERROR.VERIFY_ERROR, "Validator result not target type"); + CustomException.throwException(ERROR.VERIFY_ERROR, SignToolErrMsg.VERIFY_FAILED + .toString("Validator result not target type")); } } catch (IOException | GeneralSecurityException exception) { throw new VerifyException("Cert chain verify failed! " + exception.getMessage()); diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/CertUtils.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/CertUtils.java index 83410b1c..426dba33 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/CertUtils.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/CertUtils.java @@ -17,6 +17,7 @@ package com.ohos.hapsigntool.utils; import com.ohos.hapsigntool.error.CustomException; import com.ohos.hapsigntool.error.ERROR; +import com.ohos.hapsigntool.error.SignToolErrMsg; import com.ohos.hapsigntool.error.VerifyCertificateChainException; import org.bouncycastle.asn1.x500.X500Name; @@ -180,7 +181,7 @@ public final class CertUtils { * @param nameString subject or issuer */ private static void checkDN(String nameString) { - String errorMsg = String.format("Format error, must be \"X=xx,XX=xxx,...\", please check: \"%s\"", nameString); + String errorMsg = SignToolErrMsg.CERT_DN_FORMAT_FAILED.toString(nameString); ValidateUtils.throwIfNotMatches(!StringUtils.isEmpty(nameString), ERROR.COMMAND_ERROR, errorMsg); String[] pairs = nameString.split(","); for (String pair : pairs) { @@ -277,7 +278,8 @@ public final class CertUtils { */ public static ContentSigner createFixedContentSigner(PrivateKey privateKey, String signAlgorithm) { Matcher matcher = SIGN_ALGORITHM_PATTERN.matcher(signAlgorithm); - ValidateUtils.throwIfNotMatches(matcher.matches(), ERROR.NOT_SUPPORT_ERROR, "Not Support " + signAlgorithm); + ValidateUtils.throwIfNotMatches(matcher.matches(), ERROR.NOT_SUPPORT_ERROR, SignToolErrMsg.ALGORITHM_NOT_SUPPORT + .toString("Not Support " + signAlgorithm)); String signAlg = signAlgorithm; // Auto fix signAlgorithm error if (privateKey instanceof ECPrivateKey && signAlgorithm.contains("RSA")) { @@ -294,7 +296,8 @@ public final class CertUtils { return jcaContentSignerBuilder.build(privateKey); } catch (OperatorCreationException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.OPERATOR_CREATION_ERROR, exception.getMessage()); + CustomException.throwException(ERROR.OPERATOR_CREATION_ERROR, SignToolErrMsg.CERT_IO_FAILED + .toString(exception.getMessage())); } return null; } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/FileUtils.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/FileUtils.java index ef0d98cb..9a2c6a4b 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/FileUtils.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/FileUtils.java @@ -19,6 +19,7 @@ import com.google.gson.Gson; import com.google.gson.GsonBuilder; import com.ohos.hapsigntool.error.CustomException; import com.ohos.hapsigntool.error.ERROR; +import com.ohos.hapsigntool.error.SignToolErrMsg; import java.io.BufferedWriter; import java.io.ByteArrayOutputStream; @@ -213,8 +214,8 @@ public final class FileUtils { */ public static void write(byte[] content, File output) throws IOException { if (output.exists() && !output.canWrite()) { - CustomException.throwException(ERROR.WRITE_FILE_ERROR, "No permission to write file " + - output.getCanonicalPath()); + CustomException.throwException(ERROR.WRITE_FILE_ERROR, SignToolErrMsg.FILE_WRITE_FAILED + .toString("No permission write to file " + output)); } try (FileOutputStream out = new FileOutputStream(output)) { for (byte con : content) { @@ -265,7 +266,7 @@ public final class FileUtils { public static void validFileType(String filePath, String... types) { String suffix = getSuffix(filePath); ValidateUtils.throwIfNotMatches(!StringUtils.isEmpty(suffix), - ERROR.NOT_SUPPORT_ERROR, "Not support file: " + filePath); + ERROR.NOT_SUPPORT_ERROR, SignToolErrMsg.NOT_SUPPORT_FILE.toString(filePath)); boolean isMatches = false; for (String type : types) { if (StringUtils.isEmpty(type)) { @@ -276,7 +277,8 @@ public final class FileUtils { break; } } - ValidateUtils.throwIfNotMatches(isMatches, ERROR.NOT_SUPPORT_ERROR, "Not support file: " + filePath); + ValidateUtils.throwIfNotMatches(isMatches, + ERROR.NOT_SUPPORT_ERROR, SignToolErrMsg.NOT_SUPPORT_FILE.toString(filePath)); } /** diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/KeyPairTools.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/KeyPairTools.java index 7b84b73f..ea8e2c45 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/KeyPairTools.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/KeyPairTools.java @@ -18,6 +18,7 @@ package com.ohos.hapsigntool.utils; import com.ohos.hapsigntool.error.CustomException; import com.ohos.hapsigntool.error.ERROR; +import com.ohos.hapsigntool.error.SignToolErrMsg; import org.bouncycastle.util.encoders.Base64; import java.security.Key; @@ -93,7 +94,8 @@ public final class KeyPairTools { */ public static KeyPair generateKeyPair(String algorithm, int keySize) { if (algorithm == null) { - CustomException.throwException(ERROR.NOT_SUPPORT_ERROR, "Not support algorithm: null"); + CustomException.throwException(ERROR.NOT_SUPPORT_ERROR, SignToolErrMsg.ALGORITHM_NOT_SUPPORT + .toString("Not support algorithm: null")); } String alg = algorithm; if (ECC_INPUT.equalsIgnoreCase(alg)) { @@ -101,12 +103,15 @@ public final class KeyPairTools { } if (RSA.equalsIgnoreCase(alg)) { ValidateUtils.throwIfNotMatches((keySize == RSA_2048 || keySize == RSA_3072 || keySize == RSA_4096), - ERROR.NOT_SUPPORT_ERROR, "Algorithm 'RSA' not support size: " + keySize); + ERROR.NOT_SUPPORT_ERROR, SignToolErrMsg.ALGORITHM_NOT_SUPPORT + .toString("Algorithm 'RSA' not support size: " + keySize)); } else if (ECC.equalsIgnoreCase(alg)) { ValidateUtils.throwIfNotMatches((keySize == NIST_P_256 || keySize == NIST_P_384), - ERROR.NOT_SUPPORT_ERROR, "Algorithm 'ECC' not support size: " + keySize); + ERROR.NOT_SUPPORT_ERROR, SignToolErrMsg.ALGORITHM_NOT_SUPPORT + .toString("Algorithm 'ECC' not support size: " + keySize)); } else { - CustomException.throwException(ERROR.NOT_SUPPORT_ERROR, "Not support algorithm: " + alg); + CustomException.throwException(ERROR.NOT_SUPPORT_ERROR, SignToolErrMsg.ALGORITHM_NOT_SUPPORT + .toString("Not support algorithm: " + alg)); } try { @@ -115,7 +120,8 @@ public final class KeyPairTools { return keyPairGenerator.generateKeyPair(); } catch (NoSuchAlgorithmException e) { LOGGER.debug(e.getMessage(), e); - CustomException.throwException(ERROR.NOT_SUPPORT_ERROR, e.getMessage()); + CustomException.throwException(ERROR.NOT_SUPPORT_ERROR, SignToolErrMsg.NO_SUCH_SIGNATURE + .toString(e.getMessage())); return null; } } @@ -144,7 +150,8 @@ public final class KeyPairTools { result = KeyFactory.getInstance(algorithm).generatePublic(spec); } catch (InvalidKeySpecException | NoSuchAlgorithmException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.ACCESS_ERROR, exception.getMessage()); + CustomException.throwException(ERROR.ACCESS_ERROR, SignToolErrMsg.NO_SUCH_SIGNATURE + .toString(exception.getMessage())); } return result; } @@ -163,7 +170,8 @@ public final class KeyPairTools { result = KeyFactory.getInstance(algorithm).generatePrivate(spec); } catch (InvalidKeySpecException | NoSuchAlgorithmException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.ACCESS_ERROR, exception.getMessage()); + CustomException.throwException(ERROR.ACCESS_ERROR, SignToolErrMsg.NO_SUCH_SIGNATURE + .toString(exception.getMessage())); } return result; } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/KeyStoreHelper.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/KeyStoreHelper.java index 16e6b3d3..ea15b2f3 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/KeyStoreHelper.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/KeyStoreHelper.java @@ -18,6 +18,7 @@ package com.ohos.hapsigntool.utils; import com.ohos.hapsigntool.error.CustomException; import com.ohos.hapsigntool.error.ERROR; +import com.ohos.hapsigntool.error.SignToolErrMsg; import org.bouncycastle.asn1.x500.X500NameBuilder; import org.bouncycastle.asn1.x500.style.BCStyle; import org.bouncycastle.cert.X509v3CertificateBuilder; @@ -105,8 +106,8 @@ public class KeyStoreHelper { */ public KeyStoreHelper(String keyStorePath, char[] storePwd) { char[] pwd = storePwd; - ValidateUtils.throwIfMatches(StringUtils.isEmpty(keyStorePath), ERROR.COMMAND_ERROR, - "Missed params: 'keyStorePath'"); + ValidateUtils.throwIfMatches(StringUtils.isEmpty(keyStorePath), + ERROR.COMMAND_ERROR, SignToolErrMsg.MISSING_PARAM.toString("keyStorePath")); if (pwd == null) { pwd = new char[0]; } @@ -124,11 +125,8 @@ public class KeyStoreHelper { } } catch (IOException | NoSuchAlgorithmException | CertificateException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.ACCESS_ERROR, "Init keystore failed: " + exception.getMessage() - + "\nSolutions:" - + "\n> The key store file does not exist, please check the key store file path." - + "\n> Incorrect keystore password, please input the correct plaintext password." - + "\n> The keystore was created by a newer JDK version, please use the same JDK version"); + CustomException.throwException(ERROR.ACCESS_ERROR, SignToolErrMsg.INIT_KEYSTORE_FAILED + .toString(exception.getMessage())); } finally { FileUtils.close(fis); } @@ -144,8 +142,8 @@ public class KeyStoreHelper { * @param alias alias of key */ public void errorOnExist(String alias) { - ValidateUtils.throwIfMatches(this.hasAlias(alias), ERROR.ACCESS_ERROR, - String.format("Could not overwrite! Already exist '%s' in %s", alias, this.keyStorePath)); + ValidateUtils.throwIfMatches(this.hasAlias(alias), + ERROR.ACCESS_ERROR, SignToolErrMsg.KEY_ALIAS_EXIST.toString(alias, this.keyStorePath)); } /** @@ -154,8 +152,8 @@ public class KeyStoreHelper { * @param alias alias of key */ public void errorIfNotExist(String alias) { - ValidateUtils.throwIfNotMatches(this.hasAlias(alias), ERROR.FILE_NOT_FOUND, - String.format("Not exist '%s' in %s", alias, this.keyStorePath)); + ValidateUtils.throwIfNotMatches(this.hasAlias(alias), + ERROR.FILE_NOT_FOUND, SignToolErrMsg.KEY_ALIAS_NOT_FOUND.toString(alias, this.keyStorePath)); } /** @@ -169,7 +167,8 @@ public class KeyStoreHelper { return keyStore.containsAlias(alias); } catch (KeyStoreException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.ACCESS_ERROR, exception.getMessage()); + CustomException.throwException(ERROR.ACCESS_ERROR, SignToolErrMsg.KEYSTORE_ERROR + .toString(exception.getMessage())); return false; } } @@ -206,10 +205,11 @@ public class KeyStoreHelper { } } catch (KeyStoreException | NoSuchAlgorithmException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.ACCESS_ERROR, exception.getMessage()); + CustomException.throwException(ERROR.ACCESS_ERROR, SignToolErrMsg.NO_SUCH_SIGNATURE + .toString(exception.getMessage())); } catch (UnrecoverableKeyException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.ACCESS_ERROR, "Password error of '" + alias + "'"); + CustomException.throwException(ERROR.ACCESS_ERROR, SignToolErrMsg.KEY_PASSWORD_ERROR.toString(alias)); } return null; } @@ -240,8 +240,8 @@ public class KeyStoreHelper { * @return certificates of alias */ public List loadCertificates(String alias) { - ValidateUtils.throwIfNotMatches(this.hasAlias(alias), ERROR.FILE_NOT_FOUND, - String.format("Not found '%s' in %s", alias, this.keyStorePath)); + ValidateUtils.throwIfNotMatches(this.hasAlias(alias), + ERROR.FILE_NOT_FOUND, SignToolErrMsg.KEY_ALIAS_NOT_FOUND.toString(alias, this.keyStorePath)); List certificates = new ArrayList<>(); try { @@ -258,11 +258,12 @@ public class KeyStoreHelper { } } catch (KeyStoreException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.KEYSTORE_OPERATION_ERROR, exception.getMessage()); + CustomException.throwException(ERROR.KEYSTORE_OPERATION_ERROR, SignToolErrMsg.KEYSTORE_ERROR + .toString(exception.getMessage())); } - ValidateUtils.throwIfNotMatches(certificates.size() > 0, ERROR.ACCESS_ERROR, - "No usable cert found in " + this.keyStorePath); + ValidateUtils.throwIfNotMatches(!certificates.isEmpty(), ERROR.ACCESS_ERROR, SignToolErrMsg.NO_USABLE_CERT + .toString(this.keyStorePath)); return certificates; } @@ -293,7 +294,8 @@ public class KeyStoreHelper { fos.flush(); } catch (KeyStoreException | IOException | NoSuchAlgorithmException | CertificateException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.WRITE_FILE_ERROR, exception.getMessage()); + CustomException.throwException(ERROR.WRITE_FILE_ERROR, SignToolErrMsg.FILE_WRITE_FAILED + .toString(exception.getMessage())); return false; } return true; @@ -320,7 +322,8 @@ public class KeyStoreHelper { .getCertificate(certificateBuilder.build(contentSigner)); } catch (CertificateException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.IO_CERT_ERROR, exception.getMessage()); + CustomException.throwException(ERROR.IO_CERT_ERROR, SignToolErrMsg.CERT_IO_FAILED + .toString(exception.getMessage())); return null; } } @@ -344,7 +347,8 @@ public class KeyStoreHelper { } } catch (KeyStoreException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.KEYSTORE_OPERATION_ERROR, exception.getMessage()); + CustomException.throwException(ERROR.KEYSTORE_OPERATION_ERROR, SignToolErrMsg.KEYSTORE_ERROR + .toString(exception.getMessage())); } return typeKeyStore; } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/zip/Zip.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/zip/Zip.java index de8a2163..99a86535 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/zip/Zip.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/zip/Zip.java @@ -17,6 +17,7 @@ package com.ohos.hapsigntool.zip; import com.ohos.hapsigntool.error.CustomException; import com.ohos.hapsigntool.error.ERROR; +import com.ohos.hapsigntool.error.SignToolErrMsg; import com.ohos.hapsigntool.error.ZipException; import com.ohos.hapsigntool.utils.FileUtils; @@ -95,7 +96,7 @@ public class Zip { // 4. file all data - eocd - cd - entry = sign block signingBlock = getSigningBlock(inputFile); } catch (IOException e) { - CustomException.throwException(ERROR.ZIP_ERROR, e.getMessage()); + CustomException.throwException(ERROR.ZIP_ERROR, SignToolErrMsg.READ_ZIP_FAILED.toString(e.getMessage())); } } @@ -213,7 +214,7 @@ public class Zip { } FileUtils.writeByteToOutFile(endOfCentralDirectory.toBytes(), fos); } catch (IOException e) { - CustomException.throwException(ERROR.ZIP_ERROR, e.getMessage()); + CustomException.throwException(ERROR.ZIP_ERROR, SignToolErrMsg.WRITE_ZIP_FAILED.toString(e.getMessage())); } } @@ -253,7 +254,8 @@ public class Zip { } } } catch (ZipException e) { - CustomException.throwException(ERROR.ZIP_ERROR, e.getMessage()); + CustomException.throwException(ERROR.ZIP_ERROR, SignToolErrMsg.ALIGNMENT_ZIP_FAILED + .toString(e.getMessage())); } } diff --git a/hapsigntool/hap_sign_tool_lib/src/test/java/com/ohos/hapsigntool/ProfileTest.java b/hapsigntool/hap_sign_tool_lib/src/test/java/com/ohos/hapsigntool/ProfileTest.java index a6366dd1..5cfc4f15 100644 --- a/hapsigntool/hap_sign_tool_lib/src/test/java/com/ohos/hapsigntool/ProfileTest.java +++ b/hapsigntool/hap_sign_tool_lib/src/test/java/com/ohos/hapsigntool/ProfileTest.java @@ -20,6 +20,7 @@ import com.ohos.hapsigntool.api.SignToolServiceImpl; import com.ohos.hapsigntool.entity.Options; import com.ohos.hapsigntool.error.CustomException; import com.ohos.hapsigntool.error.ERROR; +import com.ohos.hapsigntool.error.SignToolErrMsg; import com.ohos.hapsigntool.error.VerifyException; import com.ohos.hapsigntool.utils.KeyPairTools; import com.ohos.hapsigntool.profile.ProfileSignTool; @@ -148,7 +149,7 @@ public class ProfileTest { try { verificationResult = verifyHelper.verify(p7b); } catch (VerifyException e) { - CustomException.throwException(ERROR.VERIFY_ERROR, e.getMessage()); + CustomException.throwException(ERROR.VERIFY_ERROR, SignToolErrMsg.VERIFY_FAILED.toString(e.getMessage())); } assertTrue(verificationResult.isVerifiedPassed()); -- Gitee From b1728711e4f7c89683bf85e99886f4bfb66e4c1a Mon Sep 17 00:00:00 2001 From: zfeixiang Date: Tue, 7 Jan 2025 11:55:59 +0800 Subject: [PATCH 02/28] error code for ide Signed-off-by: zfeixiang --- .../codesigning/elf/ElfHeader.java | 9 +- .../codesigning/elf/ElfProgramHeader.java | 7 +- .../codesigning/exception/CodeSignErrMsg.java | 177 ++++++++++++++++++ .../fsverity/FsVerityGenerator.java | 10 +- .../fsverity/MerkleTreeBuilder.java | 7 +- .../sign/BcSignedDataGenerator.java | 9 +- .../codesigning/sign/CodeSigning.java | 16 +- .../codesigning/sign/PageInfoGenerator.java | 8 +- .../codesigning/utils/HapUtils.java | 24 ++- .../hapsigntool/error/CodeSignErrMsg.java | 33 ---- .../com/ohos/hapsigntool/error/ErrorMsg.java | 9 +- 11 files changed, 232 insertions(+), 77 deletions(-) create mode 100644 hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java delete mode 100644 hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/CodeSignErrMsg.java diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/elf/ElfHeader.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/elf/ElfHeader.java index 3d246d46..0b3efeef 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/elf/ElfHeader.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/elf/ElfHeader.java @@ -15,6 +15,7 @@ package com.ohos.hapsigntool.codesigning.elf; +import com.ohos.hapsigntool.codesigning.exception.CodeSignErrMsg; import com.ohos.hapsigntool.codesigning.exception.ElfFormatException; import com.ohos.hapsigntool.zip.UnsignedDecimalUtil; @@ -138,7 +139,7 @@ public class ElfHeader { } else if (eiClass == ElfDefine.ELF_64_CLASS) { len = ElfDefine.ELF_HEADER_64_LEN - ElfDefine.EI_NIDENT_LEN; } else { - throw new ElfFormatException("ELF eiClass is incorrect"); + throw new ElfFormatException(CodeSignErrMsg.ELF_EI_CLASS_ERROR.toString()); } ByteOrder bo; if (eiData == ElfDefine.ELF_DATA_2_LSB) { @@ -146,19 +147,19 @@ public class ElfHeader { } else if (eiData == ElfDefine.ELF_DATA_2_MSB) { bo = ByteOrder.BIG_ENDIAN; } else { - throw new ElfFormatException("ELF eiData is incorrect"); + throw new ElfFormatException(CodeSignErrMsg.ELF_EI_DATA_ERROR.toString()); } byte[] bytes = new byte[len]; read = is.read(bytes); if (read != len) { - throw new ElfFormatException("ELF file header is incorrect"); + throw new ElfFormatException(CodeSignErrMsg.ELF_FILE_HEADER_ERROR.toString()); } ByteBuffer byteBuffer = ByteBuffer.wrap(bytes); byteBuffer.order(bo); initHeader(byteBuffer); } - private void initHeader(ByteBuffer byteBuffer) throws ElfFormatException { + private void initHeader(ByteBuffer byteBuffer) { eType = byteBuffer.getShort(); eMachine = byteBuffer.getShort(); eVersion = byteBuffer.getInt(); diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/elf/ElfProgramHeader.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/elf/ElfProgramHeader.java index 91d2a335..f4cd5092 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/elf/ElfProgramHeader.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/elf/ElfProgramHeader.java @@ -15,6 +15,7 @@ package com.ohos.hapsigntool.codesigning.elf; +import com.ohos.hapsigntool.codesigning.exception.CodeSignErrMsg; import com.ohos.hapsigntool.codesigning.exception.ElfFormatException; import com.ohos.hapsigntool.zip.UnsignedDecimalUtil; @@ -85,13 +86,13 @@ public class ElfProgramHeader { } else if (eiData == ElfDefine.ELF_DATA_2_MSB) { bo = ByteOrder.BIG_ENDIAN; } else { - throw new ElfFormatException("ELF ei_data is incorrect"); + throw new ElfFormatException(CodeSignErrMsg.ELF_EI_DATA_ERROR.toString()); } if (eiClass == ElfDefine.ELF_32_CLASS) { byte[] bytes = new byte[ElfDefine.ELF_PHEADER_32_LEN]; int read = is.read(bytes); if (read != ElfDefine.ELF_PHEADER_32_LEN) { - throw new ElfFormatException("ELF program header is incorrect"); + throw new ElfFormatException(CodeSignErrMsg.ELF_PROGRAM_HEADER_ERROR.toString()); } ByteBuffer byteBuffer = ByteBuffer.wrap(bytes); byteBuffer.order(bo); @@ -107,7 +108,7 @@ public class ElfProgramHeader { byte[] bytes = new byte[ElfDefine.ELF_PHEADER_64_LEN]; int read = is.read(bytes); if (read != ElfDefine.ELF_PHEADER_64_LEN) { - throw new ElfFormatException("ELF program header is incorrect"); + throw new ElfFormatException(CodeSignErrMsg.ELF_PROGRAM_HEADER_ERROR.toString()); } ByteBuffer byteBuffer = ByteBuffer.wrap(bytes); byteBuffer.order(bo); diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java new file mode 100644 index 00000000..71e1c022 --- /dev/null +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java @@ -0,0 +1,177 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.ohos.hapsigntool.codesigning.exception; + +import com.ohos.hapsigntool.error.ErrorMsg; + +/** + * CodeSignErrMsg + * + * @since 2025/01/06 + */ +public class CodeSignErrMsg { + public static ErrorMsg FILE_FORMAT_UNSUPPORTED_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("10") + .addErrCode("001") + .addDescription("File Read Error") + .addCause("Code sign does not support the file format") + .addSolution("code sign supports {%s} format") + .build(); + + public static ErrorMsg FILE_4K_ALIGNMENT_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("10") + .addErrCode("002") + .addDescription("File Read Error") + .addCause("Invalid data size {%d}, not a multiple of 4096") + .build(); + + public static ErrorMsg HNP_FILE_DESCRIPTION_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("10") + .addErrCode("003") + .addDescription("File Read Error") + .addCause("Hnp {%s} is not described in module.json") + .addSolution("Hnp should be described in module.json") + .build(); + + public static ErrorMsg EXTRACT_HNP_FILE_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("10") + .addErrCode("004") + .addDescription("File Read Error") + .addCause("Extract hnp file {%s} error") + .addSolution("Check whether the hnp file is packaged correctly") + .build(); + + public static ErrorMsg READ_INPUT_STREAM_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("10") + .addErrCode("005") + .addDescription("File Read Error") + .addCause("read buffer from input error") + .build(); + + public static ErrorMsg CERTIFICATES_CONFIGURE_EMPTY_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("11") + .addErrCode("001") + .addDescription("Certificates Error") + .addCause("No certificates configured for sign") + .addSolution("Please check whether the certificate is correct") + .build(); + + public static ErrorMsg PROFILE_TYPE_UNSUPPORTED_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("12") + .addErrCode("001") + .addDescription("Profile Content Error") + .addCause("Unsupported profile type") + .addSolution("Profile type should be debug or release") + .build(); + + public static ErrorMsg PROFILE_TYPE_NOT_EXISTED_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("12") + .addErrCode("002") + .addDescription("Profile Content Error") + .addCause("Key named 'type' does not exist in profile") + .build(); + + public static ErrorMsg PROFILE_BUNDLE_INFO_NOT_EXISTED_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("12") + .addErrCode("003") + .addDescription("Profile Content Error") + .addCause("Key named 'bundle-info' does not exist in profile") + .build(); + + public static ErrorMsg PROFILE_APPID_VALUE_TYPE_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("12") + .addErrCode("004") + .addDescription("Profile Content Error") + .addCause("Value of app-identifier is not string") + .addSolution("app-identifier should be string") + .build(); + + public static ErrorMsg PROFILE_APPID_VALUE_LENGTH_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("12") + .addErrCode("005") + .addDescription("Profile Content Error") + .addCause("Value length of app-identifier is invalid") + .build(); + + public static ErrorMsg PROFILE_JSON_PARSE_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("12") + .addErrCode("006") + .addDescription("Profile Content Error") + .addCause("Profile json content is invalid") + .addSolution("Please check whether the profile json is correct") + .build(); + + public static ErrorMsg MODULE_JSON_PARSE_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("13") + .addErrCode("001") + .addDescription("Module Content Error") + .addCause("Module json content is invalid") + .addSolution("Please check whether the module json is correct") + .build(); + + public static ErrorMsg DIGEST_ALGORITHM_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("14") + .addErrCode("001") + .addDescription("Digest Algorithm Error") + .addCause("Invalid algorithm {%s}") + .build(); + + public static ErrorMsg SIGN_SIZE_ZERO_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("15") + .addErrCode("001") + .addDescription("Code Sign Error") + .addCause("The file size in bundle is 0") + .build(); + + public static ErrorMsg SIGN_SIZE_OVER_LIMIT_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("15") + .addErrCode("002") + .addDescription("Code Sign Error") + .addCause("The file size in bundle is over limit") + .build(); + + public static ErrorMsg ELF_FILE_HEADER_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("16") + .addErrCode("001") + .addDescription("Elf File Error") + .addCause("ELF header is incorrect") + .addSolution("Failed to parse the elf file, please check whether the file header information is correct") + .build(); + + public static ErrorMsg ELF_PROGRAM_HEADER_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("16") + .addErrCode("002") + .addDescription("Elf File Error") + .addCause("ELF program header is incorrect") + .addSolution("Failed to parse the elf file, please check whether the file header information is correct") + .build(); + + public static ErrorMsg ELF_EI_CLASS_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("16") + .addErrCode("003") + .addDescription("Elf File Error") + .addCause("ELF ei_class is incorrect") + .addSolution("Failed to parse the elf file, please check whether the file header information is correct") + .build(); + + public static ErrorMsg ELF_EI_DATA_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("16") + .addErrCode("004") + .addDescription("Elf File Error") + .addCause("ELF ei_data is incorrect") + .addSolution("Failed to parse the elf file, please check whether the file header information is correct") + .build(); +} diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityGenerator.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityGenerator.java index ff7e3954..06d24212 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityGenerator.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityGenerator.java @@ -16,6 +16,7 @@ package com.ohos.hapsigntool.codesigning.fsverity; import com.ohos.hapsigntool.codesigning.datastructure.PageInfoExtension; +import com.ohos.hapsigntool.codesigning.exception.CodeSignErrMsg; import com.ohos.hapsigntool.codesigning.exception.FsVerityDigestException; import com.ohos.hapsigntool.codesigning.exception.PageInfoException; import com.ohos.hapsigntool.codesigning.utils.DigestUtils; @@ -78,7 +79,8 @@ public class FsVerityGenerator { } catch (IOException e) { throw new FsVerityDigestException("IOException: " + e.getMessage()); } catch (NoSuchAlgorithmException e) { - throw new FsVerityDigestException("Invalid algorithm:" + e.getMessage()); + String msg = CodeSignErrMsg.DIGEST_ALGORITHM_ERROR.toString(fsVerityHashAlgorithm.getHashAlgorithm()); + throw new FsVerityDigestException(msg, e); } return merkleTree; } @@ -115,7 +117,8 @@ public class FsVerityGenerator { byte[] digest = DigestUtils.computeDigest(fsVerityDescriptor, FS_VERITY_HASH_ALGORITHM.getHashAlgorithm()); fsVerityDigest = FsVerityDigest.getFsVerityDigest(FS_VERITY_HASH_ALGORITHM.getId(), digest); } catch (NoSuchAlgorithmException e) { - throw new FsVerityDigestException("Invalid algorithm" + e.getMessage(), e); + String msg = CodeSignErrMsg.DIGEST_ALGORITHM_ERROR.toString(FS_VERITY_HASH_ALGORITHM.getHashAlgorithm()); + throw new FsVerityDigestException(msg, e); } if (pageInfoExtension != null && flags != 0) { PageInfoExtension.valid(pageInfoExtension, size); @@ -127,7 +130,8 @@ public class FsVerityGenerator { FS_VERITY_HASH_ALGORITHM.getHashAlgorithm()); fsVerityDigestV2 = FsVerityDigest.getFsVerityDigest(FS_VERITY_HASH_ALGORITHM.getId(), digest); } catch (NoSuchAlgorithmException e) { - throw new FsVerityDigestException("Invalid algorithm" + e.getMessage(), e); + String msg = CodeSignErrMsg.DIGEST_ALGORITHM_ERROR.toString(FS_VERITY_HASH_ALGORITHM.getHashAlgorithm()); + throw new FsVerityDigestException(msg, e); } } treeBytes = merkleTree.tree; diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/MerkleTreeBuilder.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/MerkleTreeBuilder.java index 6c5f2731..a052adbd 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/MerkleTreeBuilder.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/MerkleTreeBuilder.java @@ -15,6 +15,7 @@ package com.ohos.hapsigntool.codesigning.fsverity; +import com.ohos.hapsigntool.codesigning.exception.CodeSignErrMsg; import com.ohos.hapsigntool.codesigning.utils.DigestUtils; import java.io.IOException; @@ -80,9 +81,9 @@ public class MerkleTreeBuilder implements AutoCloseable { private void transInputStreamToHashData(InputStream inputStream, long size, ByteBuffer outputBuffer) throws IOException { if (size == 0) { - throw new IOException("Input size is empty"); + throw new IOException(CodeSignErrMsg.SIGN_SIZE_ZERO_ERROR.toString()); } else if (size > INPUTSTREAM_MAX_SIZE) { - throw new IOException("Input size is too long"); + throw new IOException(CodeSignErrMsg.SIGN_SIZE_OVER_LIMIT_ERROR.toString()); } int count = (int) getChunkCount(size, MAX_READ_SIZE); int chunks = (int) getChunkCount(size, CHUNK_SIZE); @@ -98,7 +99,7 @@ public class MerkleTreeBuilder implements AutoCloseable { ByteBuffer byteBuffer = ByteBuffer.allocate(fullChunkSize); int readDataLen = readIs(inputStream, byteBuffer, readSize); if (readDataLen != readSize) { - throw new IOException("IOException read buffer from input errorLHJ."); + throw new IOException(CodeSignErrMsg.READ_INPUT_STREAM_ERROR.toString()); } byteBuffer.flip(); int readChunkIndex = (int) getFullChunkSize(MAX_READ_SIZE, CHUNK_SIZE, i); diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java index a38aea41..73298ef7 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java @@ -15,14 +15,14 @@ package com.ohos.hapsigntool.codesigning.sign; +import com.ohos.hapsigntool.codesigning.exception.CodeSignErrMsg; import com.ohos.hapsigntool.codesigning.exception.CodeSignException; import com.ohos.hapsigntool.codesigning.utils.CmsUtils; import com.ohos.hapsigntool.codesigning.utils.DigestUtils; -import com.ohos.hapsigntool.hap.config.SignerConfig; import com.ohos.hapsigntool.entity.Pair; import com.ohos.hapsigntool.entity.ContentDigestAlgorithm; import com.ohos.hapsigntool.entity.SignatureAlgorithm; - +import com.ohos.hapsigntool.hap.config.SignerConfig; import com.ohos.hapsigntool.utils.LogUtils; import org.bouncycastle.asn1.ASN1EncodableVector; import org.bouncycastle.asn1.ASN1Encoding; @@ -87,6 +87,7 @@ public class BcSignedDataGenerator implements SignedDataGenerator { public void setOwnerID(String ownerID) { this.ownerID = ownerID; } + @Override public byte[] generateSignedData(byte[] content, SignerConfig signConfig) throws CodeSignException { if (content == null) { @@ -124,7 +125,7 @@ public class BcSignedDataGenerator implements SignedDataGenerator { throw new CodeSignException("get signature failed"); } if (signConfig.getCertificates().isEmpty()) { - throw new CodeSignException("No certificates configured for sign"); + throw new CodeSignException(CodeSignErrMsg.CERTIFICATES_CONFIGURE_EMPTY_ERROR.toString()); } X509Certificate cert = signConfig.getCertificates().get(0); if (!verifySignFromServer(cert.getPublicKey(), signBytes, signPair, codeAuthed)) { @@ -142,7 +143,7 @@ public class BcSignedDataGenerator implements SignedDataGenerator { try { digest = DigestUtils.computeDigest(unsignedDataDigest, algorithm); } catch (NoSuchAlgorithmException e) { - throw new CodeSignException("Invalid algorithm" + e.getMessage(), e); + throw new CodeSignException(CodeSignErrMsg.DIGEST_ALGORITHM_ERROR.toString(algorithm), e); } return digest; } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java index f30b0430..1302333c 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java @@ -23,6 +23,7 @@ import com.ohos.hapsigntool.codesigning.datastructure.MerkleTreeExtension; import com.ohos.hapsigntool.codesigning.datastructure.PageInfoExtension; import com.ohos.hapsigntool.codesigning.datastructure.SignInfo; import com.ohos.hapsigntool.codesigning.elf.ElfHeader; +import com.ohos.hapsigntool.codesigning.exception.CodeSignErrMsg; import com.ohos.hapsigntool.codesigning.exception.CodeSignException; import com.ohos.hapsigntool.codesigning.exception.FsVerityDigestException; import com.ohos.hapsigntool.codesigning.exception.PageInfoException; @@ -113,7 +114,7 @@ public class CodeSigning { throws CodeSignException, FsVerityDigestException, IOException, ProfileException { LOGGER.info("Start to sign code."); if (!SUPPORT_BIN_FILE_FORM.equalsIgnoreCase(inForm)) { - throw new CodeSignException("file's format is unsupported"); + throw new CodeSignException(CodeSignErrMsg.FILE_FORMAT_UNSUPPORTED_ERROR.toString()); } long fileSize = input.length(); int paddingSize = ElfSignBlock.computeMerkleTreePaddingLength(offset); @@ -169,7 +170,7 @@ public class CodeSigning { throws CodeSignException, IOException, HapFormatException, FsVerityDigestException, ProfileException { LOGGER.info("Start to sign code."); if (!StringUtils.containsIgnoreCase(SUPPORT_FILE_FORM, inForm)) { - throw new CodeSignException("file's format is unsupported"); + throw new CodeSignException(CodeSignErrMsg.FILE_FORMAT_UNSUPPORTED_ERROR.toString(SUPPORT_FILE_FORM)); } long dataSize = computeDataSize(zip); // generate CodeSignBlock @@ -240,8 +241,7 @@ public class CodeSigning { break; } if (!NumberUtils.isMultiple4K(dataSize)) { - throw new HapFormatException( - String.format(Locale.ROOT, "Invalid dataSize(%d), not a multiple of 4096", dataSize)); + throw new HapFormatException(CodeSignErrMsg.FILE_4K_ALIGNMENT_ERROR.toString(dataSize)); } return dataSize; } @@ -274,7 +274,7 @@ public class CodeSigning { } String hnpFileName = HapUtils.parseHnpPath(entryName); if (!hnpTypeMap.containsKey(hnpFileName)) { - throw new CodeSignException("hnp should be described in module.json"); + throw new CodeSignException(CodeSignErrMsg.HNP_FILE_DESCRIPTION_ERROR.toString(entryName)); } LOGGER.debug("Sign hnp name = {}", entryName); String type = hnpTypeMap.get(hnpFileName); @@ -293,7 +293,7 @@ public class CodeSigning { File tempHnp = File.createTempFile("tmp-", ".hnp"); writeTempHnpFile(inputJar, hnpEntry, tempHnp); if (!tempHnp.exists() || tempHnp.length() == 0) { - throw new CodeSignException("extract hnp file error"); + throw new CodeSignException(CodeSignErrMsg.EXTRACT_HNP_FILE_ERROR.toString(hnpEntry.getName())); } try (JarFile hnp = new JarFile(tempHnp, false)) { List elfEntries = getHnpLibEntries(hnp); @@ -315,6 +315,8 @@ public class CodeSigning { throw new CodeSignException("Sign hnp lib error"); } return nativeLibInfoList; + } catch (IOException e) { + throw new IOException(CodeSignErrMsg.EXTRACT_HNP_FILE_ERROR.toString(hnpEntry.getName()), e); } finally { if (tempHnp.exists()) { if (tempHnp.delete()) { @@ -477,7 +479,7 @@ public class CodeSigning { // signConfig is created by SignerFactory if ((copiedConfig.getSigner() instanceof LocalSigner)) { if (copiedConfig.getCertificates().isEmpty()) { - throw new CodeSignException("No certificates configured for sign"); + throw new CodeSignException(CodeSignErrMsg.CERTIFICATES_CONFIGURE_EMPTY_ERROR.toString()); } BcSignedDataGenerator bcSignedDataGenerator = new BcSignedDataGenerator(); bcSignedDataGenerator.setOwnerID(ownerID); diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/PageInfoGenerator.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/PageInfoGenerator.java index 7184d59e..dbcfda66 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/PageInfoGenerator.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/PageInfoGenerator.java @@ -19,6 +19,7 @@ import com.ohos.hapsigntool.codesigning.datastructure.CodeSignBlock; import com.ohos.hapsigntool.codesigning.datastructure.PageInfoExtension; import com.ohos.hapsigntool.codesigning.elf.ElfFile; import com.ohos.hapsigntool.codesigning.elf.ElfProgramHeader; +import com.ohos.hapsigntool.codesigning.exception.CodeSignErrMsg; import com.ohos.hapsigntool.codesigning.exception.ElfFormatException; import com.ohos.hapsigntool.codesigning.utils.NumberUtils; import com.ohos.hapsigntool.error.HapFormatException; @@ -38,7 +39,6 @@ import java.util.ArrayList; import java.util.BitSet; import java.util.LinkedHashMap; import java.util.List; -import java.util.Locale; import java.util.Map; import java.util.jar.JarEntry; import java.util.jar.JarFile; @@ -75,8 +75,7 @@ public class PageInfoGenerator { long entryDataOffset = entry.getCentralDirectory().getOffset() + ZipEntryHeader.HEADER_LENGTH + zipEntryHeader.getFileNameLength() + zipEntryHeader.getExtraLength(); if (!NumberUtils.isMultiple4K(entryDataOffset)) { - throw new HapFormatException( - String.format(Locale.ROOT, "Invalid entryDataOffset(%d), not a multiple of 4096", entryDataOffset)); + throw new HapFormatException(CodeSignErrMsg.FILE_4K_ALIGNMENT_ERROR.toString(entryDataOffset)); } if (EntryType.RUNNABLE_FILE.equals(entry.getZipEntryData().getType()) && Zip.FILE_UNCOMPRESS_METHOD_FLAG == entry.getZipEntryData().getZipEntryHeader().getMethod()) { @@ -127,8 +126,7 @@ public class PageInfoGenerator { */ public byte[] generateBitMap() throws HapFormatException { if (!NumberUtils.isMultiple4K(maxEntryDataOffset)) { - throw new HapFormatException( - String.format(Locale.ROOT, "Invalid maxEndOff(%d), not a multiple of 4096", maxEntryDataOffset)); + throw new HapFormatException(CodeSignErrMsg.FILE_4K_ALIGNMENT_ERROR.toString(maxEntryDataOffset)); } int len = (int) (maxEntryDataOffset / CodeSignBlock.PAGE_SIZE_4K * PageInfoExtension.DEFAULT_UNIT_SIZE); BitSet bitmap = new BitSet(len); diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/HapUtils.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/HapUtils.java index 08ffbdab..cbd94b5b 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/HapUtils.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/HapUtils.java @@ -23,6 +23,7 @@ import com.google.gson.JsonParser; import com.google.gson.JsonPrimitive; import com.google.gson.JsonSyntaxException; import com.google.gson.stream.JsonReader; +import com.ohos.hapsigntool.codesigning.exception.CodeSignErrMsg; import com.ohos.hapsigntool.entity.Pair; import com.ohos.hapsigntool.error.ProfileException; import com.ohos.hapsigntool.utils.LogUtils; @@ -144,7 +145,7 @@ public class HapUtils { } else if ("release".equals(profileType)) { return ownerID; } else { - throw new ProfileException("unsupported profile type"); + throw new ProfileException(CodeSignErrMsg.PROFILE_TYPE_UNSUPPORTED_ERROR.toString()); } } @@ -163,34 +164,32 @@ public class HapUtils { JsonObject profileJson = parser.getAsJsonObject(); String profileTypeKey = "type"; if (!profileJson.has(profileTypeKey)) { - throw new ProfileException("profile has no type key"); + throw new ProfileException(CodeSignErrMsg.PROFILE_TYPE_NOT_EXISTED_ERROR.toString()); } profileType = profileJson.get(profileTypeKey).getAsString(); - if (profileType == null || profileType.length() == 0) { - throw new ProfileException("Get profile type error"); + if (profileType == null || profileType.isEmpty()) { + throw new ProfileException(CodeSignErrMsg.PROFILE_TYPE_NOT_EXISTED_ERROR.toString()); } String appIdentifier = "app-identifier"; String buildInfoMember = "bundle-info"; JsonObject buildInfoObject = profileJson.getAsJsonObject(buildInfoMember); if (buildInfoObject == null) { - throw new ProfileException("can not find bundle-info"); + throw new ProfileException(CodeSignErrMsg.PROFILE_BUNDLE_INFO_NOT_EXISTED_ERROR.toString()); } if (buildInfoObject.has(appIdentifier)) { JsonElement ownerIDElement = buildInfoObject.get(appIdentifier); if (!ownerIDElement.getAsJsonPrimitive().isString()) { - throw new ProfileException("value of app-identifier is not string"); + throw new ProfileException(CodeSignErrMsg.PROFILE_APPID_VALUE_TYPE_ERROR.toString()); } ownerID = ownerIDElement.getAsString(); if (ownerID.isEmpty() || ownerID.length() > MAX_APP_ID_LEN) { - throw new ProfileException("app-id length in profile is invalid"); + throw new ProfileException(CodeSignErrMsg.PROFILE_APPID_VALUE_LENGTH_ERROR.toString()); } - } } catch (JsonSyntaxException | UnsupportedOperationException e) { - LOGGER.error(e.getMessage()); - throw new ProfileException("profile json is invalid"); + throw new ProfileException(CodeSignErrMsg.PROFILE_JSON_PARSE_ERROR.toString(), e); } LOGGER.info("profile type is: {}", profileType); return Pair.create(ownerID, profileType); @@ -260,7 +259,7 @@ public class HapUtils { JsonObject moduleObject = jsonObject.getAsJsonObject("module"); JsonArray hnpPackageArr = moduleObject.getAsJsonArray("hnpPackages"); if (hnpPackageArr == null || hnpPackageArr.isEmpty()) { - LOGGER.debug("profile has no hnpPackages key or hnpPackages value is empty"); + LOGGER.debug("module.json has no hnpPackages key or hnpPackages value is empty"); return hnpNameMap; } hnpPackageArr.iterator().forEachRemaining((element) -> { @@ -276,8 +275,7 @@ public class HapUtils { } }); } catch (JsonParseException e) { - LOGGER.error(e.getMessage()); - throw new ProfileException("profile json is invalid"); + throw new ProfileException(CodeSignErrMsg.MODULE_JSON_PARSE_ERROR.toString(), e); } return hnpNameMap; } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/CodeSignErrMsg.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/CodeSignErrMsg.java deleted file mode 100644 index 90aa0901..00000000 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/CodeSignErrMsg.java +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright (c) 2025-2025 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package com.ohos.hapsigntool.error; - -/** - * CodeSignErrMsg - * - * @since 2025/01/06 - */ -public class CodeSignErrMsg { - public static ErrorMsg FILE_FORMAT_UNSUPPORTED_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("10") - .addErrCode("001") - .addDescription("Description....") - .addErrCode("222") - .addCause("Cause....") - .addSolution("Solution 1") - .addSolution("Solution 2") - .build(); -} diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java index 33a64786..7479fd1a 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java @@ -79,13 +79,18 @@ public class ErrorMsg { public String toString() { final StringBuffer sb = new StringBuffer(); sb.append(code) - .append(" ").append(description).append(System.lineSeparator()).append("Error Message: ").append(cause); + .append(" ") + .append(description) + .append(System.lineSeparator()) + .append("Error Message: ") + .append(cause) + .append(System.lineSeparator()); if (!StringUtils.isEmpty(position)) { sb.append(" At ").append(position).append(System.lineSeparator()); } - if (solutions != null && solutions.isEmpty()) { + if (solutions != null && !solutions.isEmpty()) { sb.append("* Try the following: ").append(System.lineSeparator()); for (String s : solutions) { sb.append(" > ").append(s).append(System.lineSeparator()); -- Gitee From b045d4aea3881ef815be234789b5e3be50177939 Mon Sep 17 00:00:00 2001 From: wangzeyu Date: Tue, 7 Jan 2025 15:15:35 +0800 Subject: [PATCH 03/28] change error format Signed-off-by: wangzeyu --- .../com/ohos/hapsigntool/error/ErrorMsg.java | 17 +- .../hapsigntool/error/SignToolErrMsg.java | 251 +++++++++++++----- 2 files changed, 195 insertions(+), 73 deletions(-) diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java index 7479fd1a..308044d9 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java @@ -27,20 +27,21 @@ import java.util.Locale; * @since 2025/01/06 */ public class ErrorMsg { - private String code; + private final String code; - private String description; + private final String description; - private String cause; + private final String cause; - private String position; + private final String position; - private List solutions; + private final List solutions; private MoreInfo moreInfo; /** * ErrorMsg constructor + * * @param code code * @param description description * @param cause cause @@ -77,7 +78,7 @@ public class ErrorMsg { @Override public String toString() { - final StringBuffer sb = new StringBuffer(); + final StringBuilder sb = new StringBuilder(); sb.append(code) .append(" ") .append(description) @@ -126,6 +127,7 @@ public class ErrorMsg { /** * Builder Constructor + * * @param sysCode sysCode */ public Builder(String sysCode) { @@ -134,6 +136,7 @@ public class ErrorMsg { /** * addErrCode + * * @param errCode errCode * @return Builder */ @@ -206,6 +209,4 @@ public class ErrorMsg { return new ErrorMsg(sysCode + typeCode + errCode, description, cause, position, solutions); } } - - } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/SignToolErrMsg.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/SignToolErrMsg.java index 28aa4b48..0fef7ffa 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/SignToolErrMsg.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/SignToolErrMsg.java @@ -22,14 +22,21 @@ package com.ohos.hapsigntool.error; */ public class SignToolErrMsg { // unknown error - public static ErrorMsg UNKNOWN_ERROR = ErrorMsg.getSignToolErrBuilder() + /** + * UNKNOWN_ERROR + */ + public static final ErrorMsg UNKNOWN_ERROR = ErrorMsg.getSignToolErrBuilder() .addTypeCode("10") .addErrCode("001") - .addDescription("%s") + .addDescription("Unknown error") + .addCause("%s") .build(); // command error - public static ErrorMsg UNSUPPORTED_METHOD = ErrorMsg.getSignToolErrBuilder() + /** + * UNSUPPORTED_METHOD + */ + public static final ErrorMsg UNSUPPORTED_METHOD = ErrorMsg.getSignToolErrBuilder() .addTypeCode("11") .addErrCode("001") .addDescription("Unsupported command method") @@ -37,49 +44,70 @@ public class SignToolErrMsg { .addSolution("Please check input the first param") .build(); - public static ErrorMsg PARAM_CHECK_FAILED = ErrorMsg.getSignToolErrBuilder() + /** + * PARAM_CHECK_FAILED + */ + public static final ErrorMsg PARAM_CHECK_FAILED = ErrorMsg.getSignToolErrBuilder() .addTypeCode("11") .addErrCode("002") .addDescription("{%s} param is incorrect") .addCause("%s") .build(); - public static ErrorMsg PARAM_NUM_ERROR = ErrorMsg.getSignToolErrBuilder() + /** + * PARAM_NUM_ERROR + */ + public static final ErrorMsg PARAM_NUM_ERROR = ErrorMsg.getSignToolErrBuilder() .addTypeCode("11") .addErrCode("003") .addDescription("Check param num failed") .addCause("Please input at least two params") .build(); - public static ErrorMsg PARAM_VALUE_EMPTY = ErrorMsg.getSignToolErrBuilder() + /** + * PARAM_VALUE_EMPTY + */ + public static final ErrorMsg PARAM_VALUE_EMPTY = ErrorMsg.getSignToolErrBuilder() .addTypeCode("11") .addErrCode("004") .addDescription("Check param num failed") .addCause("Param {%s} value could not be empty") .build(); - public static ErrorMsg PARAM_NOT_TRUSTED = ErrorMsg.getSignToolErrBuilder() + /** + * PARAM_NOT_TRUSTED + */ + public static final ErrorMsg PARAM_NOT_TRUSTED = ErrorMsg.getSignToolErrBuilder() .addTypeCode("11") .addErrCode("005") .addDescription("Param is not trusted") .addCause("Param {%s} value is not trusted") .build(); - public static ErrorMsg PARAM_NOT_IN_PAIRS = ErrorMsg.getSignToolErrBuilder() + /** + * PARAM_NOT_IN_PAIRS + */ + public static final ErrorMsg PARAM_NOT_IN_PAIRS = ErrorMsg.getSignToolErrBuilder() .addTypeCode("11") .addErrCode("006") .addDescription("Param {-key value} must in pairs") .addCause("Check param {%s} failed") .build(); - public static ErrorMsg PARAM_DUPLICATE = ErrorMsg.getSignToolErrBuilder() + /** + * PARAM_DUPLICATE + */ + public static final ErrorMsg PARAM_DUPLICATE = ErrorMsg.getSignToolErrBuilder() .addTypeCode("11") .addErrCode("007") .addDescription("Check param num failed") .addCause("Param {%s} is duplicated") .build(); - public static ErrorMsg PARAM_REQUIRED = ErrorMsg.getSignToolErrBuilder() + /** + * PARAM_REQUIRED + */ + public static final ErrorMsg PARAM_REQUIRED = ErrorMsg.getSignToolErrBuilder() .addTypeCode("11") .addErrCode("008") .addDescription("Check param failed") @@ -87,7 +115,10 @@ public class SignToolErrMsg { .addSolution("Please input required param") .build(); - public static ErrorMsg MISSING_PARAM = ErrorMsg.getSignToolErrBuilder() + /** + * MISSING_PARAM + */ + public static final ErrorMsg MISSING_PARAM = ErrorMsg.getSignToolErrBuilder() .addTypeCode("11") .addErrCode("008") .addDescription("Check param failed") @@ -95,40 +126,61 @@ public class SignToolErrMsg { .build(); // file error - public static ErrorMsg LOAD_REMOTE_PLUGIN_FAILED = ErrorMsg.getSignToolErrBuilder() + /** + * LOAD_REMOTE_PLUGIN_FAILED + */ + public static final ErrorMsg LOAD_REMOTE_PLUGIN_FAILED = ErrorMsg.getSignToolErrBuilder() .addTypeCode("12") .addErrCode("001") .addDescription("Load remote sign plugin failed") .addCause("%s") .build(); - public static ErrorMsg FILE_NOT_EXIST = ErrorMsg.getSignToolErrBuilder() + /** + * FILE_NOT_EXIST + */ + public static final ErrorMsg FILE_NOT_EXIST = ErrorMsg.getSignToolErrBuilder() .addTypeCode("12") .addErrCode("002") - .addDescription("Param {%s} is not exist") + .addDescription("File not exist") + .addCause("Param {%s} is not exist") .build(); - public static ErrorMsg FILE_WRITE_FAILED = ErrorMsg.getSignToolErrBuilder() + /** + * FILE_WRITE_FAILED + */ + public static final ErrorMsg FILE_WRITE_FAILED = ErrorMsg.getSignToolErrBuilder() .addTypeCode("12") .addErrCode("003") .addDescription("Write file failed") .addCause("%s") .build(); - public static ErrorMsg FILE_READ_FAILED = ErrorMsg.getSignToolErrBuilder() + /** + * FILE_READ_FAILED + */ + public static final ErrorMsg FILE_READ_FAILED = ErrorMsg.getSignToolErrBuilder() .addTypeCode("12") .addErrCode("004") - .addDescription("Read file {%s} failed") + .addDescription("Read file failed") + .addCause("Read file {%s} failed") .build(); - public static ErrorMsg NOT_SUPPORT_FILE = ErrorMsg.getSignToolErrBuilder() + /** + * NOT_SUPPORT_FILE + */ + public static final ErrorMsg NOT_SUPPORT_FILE = ErrorMsg.getSignToolErrBuilder() .addTypeCode("12") .addErrCode("005") - .addDescription("Not support file: %s") + .addDescription("Not support file") + .addCause("Not support file: %s") .build(); // cert error - public static ErrorMsg CERT_DN_FORMAT_FAILED = ErrorMsg.getSignToolErrBuilder() + /** + * CERT_DN_FORMAT_FAILED + */ + public static final ErrorMsg CERT_DN_FORMAT_FAILED = ErrorMsg.getSignToolErrBuilder() .addTypeCode("13") .addErrCode("001") .addDescription("Check DN format failed") @@ -136,111 +188,159 @@ public class SignToolErrMsg { .addSolution("Please check param {%s}") .build(); - public static ErrorMsg CERT_FORMAT_FAILED = ErrorMsg.getSignToolErrBuilder() + /** + * CERT_FORMAT_FAILED + */ + public static final ErrorMsg CERT_FORMAT_FAILED = ErrorMsg.getSignToolErrBuilder() .addTypeCode("13") .addErrCode("002") .addDescription("Certificate format is in correct, please check your appCertFile parameter.") - .addCause("Exception message: %s") + .addCause("%s") .addSolution("{-appCertFile} should input a file ending in .cer") .build(); - public static ErrorMsg GENERATE_CA_FAILED = ErrorMsg.getSignToolErrBuilder() + /** + * GENERATE_CA_FAILED + */ + public static final ErrorMsg GENERATE_CA_FAILED = ErrorMsg.getSignToolErrBuilder() .addTypeCode("13") .addErrCode("003") - .addDescription("Parameter '%s' and parameter '%s' are inconsistent") + .addDescription("Generate CA failed") + .addCause("Parameter '%s' and parameter '%s' are inconsistent") .build(); - public static ErrorMsg CERT_CHAIN_FORMAT_FAILED = ErrorMsg.getSignToolErrBuilder() + /** + * CERT_CHAIN_FORMAT_FAILED + */ + public static final ErrorMsg CERT_CHAIN_FORMAT_FAILED = ErrorMsg.getSignToolErrBuilder() .addTypeCode("13") .addErrCode("004") .addDescription("Profile cert must a cert chain") .addCause("cause in cert file: %s") .build(); - public static ErrorMsg NO_SUCH_SIGNATURE = ErrorMsg.getSignToolErrBuilder() + /** + * NO_SUCH_SIGNATURE + */ + public static final ErrorMsg NO_SUCH_SIGNATURE = ErrorMsg.getSignToolErrBuilder() .addTypeCode("13") .addErrCode("005") .addDescription("No such algorithm") - .addCause("Exception message: %s") + .addCause("%s") .build(); - public static ErrorMsg CERT_IO_FAILED = ErrorMsg.getSignToolErrBuilder() + /** + * CERT_IO_FAILED + */ + public static final ErrorMsg CERT_IO_FAILED = ErrorMsg.getSignToolErrBuilder() .addTypeCode("13") .addErrCode("006") .addDescription("Certificate IO failed") - .addCause("Exception message: %s") + .addCause("%s") .build(); - public static ErrorMsg CERTIFICATE_ERROR = ErrorMsg.getSignToolErrBuilder() + /** + * CERTIFICATE_ERROR + */ + public static final ErrorMsg CERTIFICATE_ERROR = ErrorMsg.getSignToolErrBuilder() .addTypeCode("13") .addErrCode("007") .addDescription("Certificate check failed") - .addCause("Exception message: %s") + .addCause("%s") .build(); - public static ErrorMsg IO_CSR_ERROR = ErrorMsg.getSignToolErrBuilder() + /** + * IO_CSR_ERROR + */ + public static final ErrorMsg IO_CSR_ERROR = ErrorMsg.getSignToolErrBuilder() .addTypeCode("13") .addErrCode("008") .addDescription("generate csr failed") - .addCause("Exception message: %s") + .addCause("%s") .build(); // key store error - public static ErrorMsg KEY_ALIAS_NOT_FOUND = ErrorMsg.getSignToolErrBuilder() + /** + * KEY_ALIAS_NOT_FOUND + */ + public static final ErrorMsg KEY_ALIAS_NOT_FOUND = ErrorMsg.getSignToolErrBuilder() .addTypeCode("14") .addErrCode("001") - .addDescription("KeyAlias {%s} is not exist in {%s}") + .addDescription("key alias not found") + .addCause("KeyAlias {%s} is not exist in {%s}") .addSolution("Please check keystore file and keyAlias, ensure keyAlias is exist") .addSolution("Use jdk tool [keytool] check keystore: [keytool -list -keystore xxx.p12]") .build(); - public static ErrorMsg KEY_ALIAS_EXIST = ErrorMsg.getSignToolErrBuilder() + /** + * KEY_ALIAS_EXIST + */ + public static final ErrorMsg KEY_ALIAS_EXIST = ErrorMsg.getSignToolErrBuilder() .addTypeCode("14") .addErrCode("002") - .addDescription("KeyAlias {%s} is exist in {%s}, cloud not overwrite.") + .addDescription("Key alias is exist") + .addCause("KeyAlias {%s} is exist in {%s}, cloud not overwrite.") .addSolution("Please check keystore file and keyAlias, ensure keyAlias is not exist") .addSolution("Use jdk tool [keytool] check keystore: [keytool -list -keystore xxx.p12]") .build(); - public static ErrorMsg INIT_KEYSTORE_FAILED = ErrorMsg.getSignToolErrBuilder() + /** + * INIT_KEYSTORE_FAILED + */ + public static final ErrorMsg INIT_KEYSTORE_FAILED = ErrorMsg.getSignToolErrBuilder() .addTypeCode("14") .addErrCode("003") - .addDescription("Init keystore failed: ") - .addCause("Exception message: %s") + .addDescription("Init keystore failed") + .addCause("%s") .addSolution("The key store file does not exist, please check the key store file path.") .addSolution("Incorrect keystore password, please input the correct plaintext password.") .addSolution("The keystore was created by a newer JDK version, please use the same JDK version") .build(); - public static ErrorMsg INVALID_KEY = ErrorMsg.getSignToolErrBuilder() + /** + * INVALID_KEY + */ + public static final ErrorMsg INVALID_KEY = ErrorMsg.getSignToolErrBuilder() .addTypeCode("14") .addErrCode("004") .addDescription("Invalid Key") - .addCause("Exception message: %s") + .addCause("%s") .build(); - public static ErrorMsg ALGORITHM_NOT_SUPPORT = ErrorMsg.getSignToolErrBuilder() + /** + * ALGORITHM_NOT_SUPPORT + */ + public static final ErrorMsg ALGORITHM_NOT_SUPPORT = ErrorMsg.getSignToolErrBuilder() .addTypeCode("14") .addErrCode("005") .addDescription("Not support algorithm") - .addCause("Exception message: %s") + .addCause("%s") .build(); - public static ErrorMsg KEYSTORE_ERROR = ErrorMsg.getSignToolErrBuilder() + /** + * KEYSTORE_ERROR + */ + public static final ErrorMsg KEYSTORE_ERROR = ErrorMsg.getSignToolErrBuilder() .addTypeCode("14") .addErrCode("006") .addDescription("Keystore exception") - .addCause("Exception message: %s") + .addCause("%s") .build(); - public static ErrorMsg KEY_PASSWORD_ERROR = ErrorMsg.getSignToolErrBuilder() + /** + * KEY_PASSWORD_ERROR + */ + public static final ErrorMsg KEY_PASSWORD_ERROR = ErrorMsg.getSignToolErrBuilder() .addTypeCode("14") .addErrCode("007") .addDescription("Key alias {%s} password error") - .addCause("Exception message: %s") + .addCause("%s") .build(); - public static ErrorMsg NO_USABLE_CERT = ErrorMsg.getSignToolErrBuilder() + /** + * NO_USABLE_CERT + */ + public static final ErrorMsg NO_USABLE_CERT = ErrorMsg.getSignToolErrBuilder() .addTypeCode("14") .addErrCode("008") .addDescription("No usable cert found in {%s}") @@ -248,59 +348,80 @@ public class SignToolErrMsg { .build(); // signature error - public static ErrorMsg SIGNATURE_FAILED = ErrorMsg.getSignToolErrBuilder() + /** + * SIGNATURE_FAILED + */ + public static final ErrorMsg SIGNATURE_FAILED = ErrorMsg.getSignToolErrBuilder() .addTypeCode("15") .addErrCode("001") .addDescription("Signature failed") - .addCause("Exception message: %s") + .addCause("%s") .build(); - public static ErrorMsg SIGNATURE_NOT_MATCHED = ErrorMsg.getSignToolErrBuilder() + /** + * SIGNATURE_NOT_MATCHED + */ + public static final ErrorMsg SIGNATURE_NOT_MATCHED = ErrorMsg.getSignToolErrBuilder() .addTypeCode("15") .addErrCode("002") .addDescription("Signature not matched!") + .addCause("Signature verify failed") .addSolution("Please check if the keyAlias private key matches the public key in the certificate") .addSolution("If the certificate is changed, the keyAlias should be replaced synchronously") .build(); - public static ErrorMsg VERIFY_FAILED = ErrorMsg.getSignToolErrBuilder() + /** + * VERIFY_FAILED + */ + public static final ErrorMsg VERIFY_FAILED = ErrorMsg.getSignToolErrBuilder() .addTypeCode("15") .addErrCode("003") .addDescription("Verify signature failed") - .addCause("Exception message: %s") + .addCause("%s") .build(); - // profile error - public static ErrorMsg VERIFY_PROFILE_FAILED = ErrorMsg.getSignToolErrBuilder() - .addTypeCode("16") - .addErrCode("001") + /** + * VERIFY_PROFILE_FAILED + */ + public static final ErrorMsg VERIFY_PROFILE_FAILED = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("15") + .addErrCode("004") .addDescription("Verify profile failed") - .addCause("Exception message: %s") + .addCause("%s") .build(); // zip error - public static ErrorMsg READ_ZIP_FAILED = ErrorMsg.getSignToolErrBuilder() + /** + * READ_ZIP_FAILED + */ + public static final ErrorMsg READ_ZIP_FAILED = ErrorMsg.getSignToolErrBuilder() .addTypeCode("17") .addErrCode("001") .addDescription("Read zip file failed") - .addCause("Exception message: %s") + .addCause("%s") .addSolution("App (or hap/hsp/hnp) use zip format.") .addSolution("Zip file can support a maximum size of 4G and 65535 sub files.") .addSolution("If this value is exceeded, it will be automatically converted to zip64.") .addSolution("Please check if file is zip64 format, or zip formatted correctly.") .build(); - public static ErrorMsg WRITE_ZIP_FAILED = ErrorMsg.getSignToolErrBuilder() + /** + * WRITE_ZIP_FAILED + */ + public static final ErrorMsg WRITE_ZIP_FAILED = ErrorMsg.getSignToolErrBuilder() .addTypeCode("17") .addErrCode("002") .addDescription("Write zip file failed") - .addCause("Exception message: %s") + .addCause("%s") .build(); - public static ErrorMsg ALIGNMENT_ZIP_FAILED = ErrorMsg.getSignToolErrBuilder() + /** + * ALIGNMENT_ZIP_FAILED + */ + public static final ErrorMsg ALIGNMENT_ZIP_FAILED = ErrorMsg.getSignToolErrBuilder() .addTypeCode("17") .addErrCode("003") .addDescription("Alignment zip file failed") - .addCause("Exception message: %s") + .addCause("%s") .build(); } -- Gitee From da47a7e594e6538e340c0032670e68a6951fc889 Mon Sep 17 00:00:00 2001 From: wangzeyu Date: Wed, 8 Jan 2025 09:56:42 +0800 Subject: [PATCH 04/28] add error msg Signed-off-by: wangzeyu --- .../com/ohos/hapsigntool/error/ErrorMsg.java | 10 +- .../hapsigntool/error/SignToolErrMsg.java | 45 ++++ .../hap/provider/LocalJKSSignProvider.java | 6 +- .../hap/provider/RemoteSignProvider.java | 2 +- .../hap/provider/SignProvider.java | 62 +++--- .../ohos/hapsigntool/hap/sign/SignHap.java | 198 ------------------ .../hapsigntool/hap/verify/VerifyElf.java | 6 +- .../hapsigntool/hap/verify/VerifyHap.java | 6 +- .../com/ohos/hapsigntool/zip/ZipUtils.java | 17 +- 9 files changed, 111 insertions(+), 241 deletions(-) diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java index 308044d9..48ccb323 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java @@ -16,6 +16,8 @@ package com.ohos.hapsigntool.error; import com.ohos.hapsigntool.utils.StringUtils; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; import java.util.ArrayList; import java.util.List; @@ -27,6 +29,7 @@ import java.util.Locale; * @since 2025/01/06 */ public class ErrorMsg { + private static final Logger log = LogManager.getLogger(ErrorMsg.class); private final String code; private final String description; @@ -101,7 +104,12 @@ public class ErrorMsg { } public String toString(Object... args) { - return String.format(Locale.ROOT, this.toString(), args); + try { + return String.format(Locale.ROOT, this.toString(), args); + } catch (RuntimeException e) { + log.error("args format failed: " + args); + return this.toString(); + } } static class MoreInfo { diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/SignToolErrMsg.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/SignToolErrMsg.java index 0fef7ffa..68d4e229 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/SignToolErrMsg.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/SignToolErrMsg.java @@ -176,6 +176,16 @@ public class SignToolErrMsg { .addCause("Not support file: %s") .build(); + /** + * FILE_IO_FAILED + */ + public static final ErrorMsg FILE_IO_FAILED = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("12") + .addErrCode("006") + .addDescription("File IO failed") + .addCause("%s") + .build(); + // cert error /** * CERT_DN_FORMAT_FAILED @@ -390,6 +400,31 @@ public class SignToolErrMsg { .addCause("%s") .build(); + /** + * VERIFY_PROFILE_INVALID + */ + public static final ErrorMsg VERIFY_PROFILE_INVALID = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("15") + .addErrCode("005") + .addDescription("Verify profile failed") + .addCause("Verify profile pkcs7 failed! Profile is invalid") + .addSolution("Check if the profile is legal") + .addSolution("Maybe Failed during transmission, please download profile again") + .build(); + + /** + * VERIFY_PROFILE_FAILED + */ + public static final ErrorMsg PROFILE_CERT_MATCH_FAILED = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("15") + .addErrCode("005") + .addDescription("Profile certificate match failed") + .addCause("input certificates do not match with profile") + .addSolution("Profile include signature certificate info, please ensure it same as your appCertFile") + .addSolution("When applying for profile, need to select a certificate, please choose your appCertFile") + .build(); + + // zip error /** * READ_ZIP_FAILED @@ -424,4 +459,14 @@ public class SignToolErrMsg { .addDescription("Alignment zip file failed") .addCause("%s") .build(); + + /** + * ZIP_FORMAT_FAILED + */ + public static final ErrorMsg ZIP_FORMAT_FAILED = ErrorMsg.getSignToolErrBuilder() + .addTypeCode("17") + .addErrCode("004") + .addDescription("Zip format failed") + .addCause("%s") + .build(); } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/LocalJKSSignProvider.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/LocalJKSSignProvider.java index e72a1556..9c937d37 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/LocalJKSSignProvider.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/LocalJKSSignProvider.java @@ -18,6 +18,7 @@ package com.ohos.hapsigntool.hap.provider; import com.ohos.hapsigntool.entity.Options; import com.ohos.hapsigntool.error.InvalidParamsException; import com.ohos.hapsigntool.error.MissingParamsException; +import com.ohos.hapsigntool.error.SignToolErrMsg; import com.ohos.hapsigntool.utils.FileUtils; import com.ohos.hapsigntool.entity.ParamConstants; import com.ohos.hapsigntool.utils.LogUtils; @@ -80,12 +81,13 @@ public class LocalJKSSignProvider extends SignProvider { FileUtils.isValidFile(publicKeyFile); } catch (IOException e) { LOGGER.error("file is invalid: " + publicCertsFile + System.lineSeparator(), e); - throw new InvalidParamsException("Invalid file: " + publicCertsFile); + throw new InvalidParamsException(SignToolErrMsg.PARAM_CHECK_FAILED + .toString(ParamConstants.PARAM_LOCAL_PUBLIC_CERT, "Invalid file: " + publicCertsFile)); } } @Override - public void checkParams(Options options) throws InvalidParamsException, MissingParamsException { + public void checkParams(Options options) throws InvalidParamsException { super.checkParams(options); String[] paramFileds = { ParamConstants.PARAM_LOCAL_JKS_KEYSTORE, diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/RemoteSignProvider.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/RemoteSignProvider.java index 061d046b..a8de5768 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/RemoteSignProvider.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/RemoteSignProvider.java @@ -28,7 +28,7 @@ import java.security.cert.X509Certificate; */ public class RemoteSignProvider extends SignProvider { @Override - public void checkParams(Options options) throws MissingParamsException, InvalidParamsException { + public void checkParams(Options options) throws InvalidParamsException { super.checkParams(options); // add remote params check here } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/SignProvider.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/SignProvider.java index 04b330ac..4de44b16 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/SignProvider.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/SignProvider.java @@ -152,7 +152,8 @@ public abstract class SignProvider { } if (!checkFile(file)) { LOGGER.error("check file failed"); - throw new InvalidParamsException("Invalid file: " + file + ", filetype: " + type); + throw new InvalidParamsException(SignToolErrMsg.PARAM_CHECK_FAILED + .toString(file, "Invalid file: " + file + ", filetype: " + type)); } try { byte[] optionalBlockBytes = HapUtils.readFileToByte(file); @@ -162,8 +163,7 @@ public abstract class SignProvider { } optionalBlocks.add(new SigningBlock(type, optionalBlockBytes)); } catch (IOException e) { - LOGGER.error("read file error", e); - throw new InvalidParamsException("Invalid file: " + file + " is not readable. filetype: " + type); + throw new InvalidParamsException(SignToolErrMsg.FILE_READ_FAILED.toString(file)); } } @@ -219,10 +219,9 @@ public abstract class SignProvider { * @param crl certificate revocation list * @param options options * @return Object of SignerConfig - * @throws InvalidKeyException on error when the key is invalid. */ - public SignerConfig createSignerConfigs(List certificates, Optional crl, Options options) - throws InvalidKeyException { + public SignerConfig createSignerConfigs(List certificates, + Optional crl, Options options) { SignerConfig signerConfig = new SignerConfig(); signerConfig.setParameters(this.signParams); signerConfig.setCertificates(certificates); @@ -256,7 +255,7 @@ public abstract class SignProvider { // Create signer configs, which contains public cert and crl info. signerConfig = createSignerConfigs(publicCert, crl, options); - } catch (InvalidKeyException | InvalidParamsException | MissingParamsException | ProfileException e) { + } catch (InvalidParamsException | ProfileException e) { LOGGER.error("create signer configs failed.", e); printErrorLogWithoutStack(e); return false; @@ -288,7 +287,7 @@ public abstract class SignProvider { // Create signer configs, which contains public cert and crl info. signerConfig = createSignerConfigs(publicCert, crl, options); - } catch (InvalidKeyException | InvalidParamsException | MissingParamsException | ProfileException e) { + } catch (InvalidParamsException | ProfileException e) { LOGGER.error("create signer configs failed.", e); printErrorLogWithoutStack(e); return false; @@ -361,10 +360,11 @@ public abstract class SignProvider { outputSignedFile(outputHap, centralDirectoryOffset, signingBlock, centralDirectory, eocdBuffer); isRet = true; } - } catch (FsVerityDigestException | InvalidKeyException | HapFormatException | MissingParamsException - | InvalidParamsException | ProfileException | NumberFormatException | CustomException | IOException - | CodeSignException | ElfFormatException e) { + } catch (FsVerityDigestException | HapFormatException | InvalidParamsException | ProfileException + | CustomException | CodeSignException | ElfFormatException e) { printErrorLogWithoutStack(e); + } catch (IOException e) { + LOGGER.error(SignToolErrMsg.FILE_IO_FAILED.toString(e.getMessage())); } catch (SignatureException e) { printErrorLog(e); } @@ -420,7 +420,8 @@ public abstract class SignProvider { private String getFileSuffix(File output) throws HapFormatException { String[] fileNameArray = output.getName().split("\\."); if (fileNameArray.length < ParamConstants.FILE_NAME_MIN_LENGTH) { - throw new HapFormatException("hap format error :" + output); + throw new HapFormatException(SignToolErrMsg.ZIP_FORMAT_FAILED + .toString("suffix format error" + output)); } return fileNameArray[fileNameArray.length - 1]; } @@ -434,8 +435,7 @@ public abstract class SignProvider { * @throws InvalidParamsException Exception occurs when the required parameters are invalid. * @throws ProfileException Exception occurs when profile is invalid. */ - private List getX509Certificates(Options options) throws MissingParamsException, - InvalidParamsException, ProfileException { + private List getX509Certificates(Options options) throws InvalidParamsException, ProfileException { List publicCerts; // 1. check the parameters checkParams(options); @@ -535,7 +535,8 @@ public abstract class SignProvider { } } LOGGER.error("Unsupported signature algorithm :" + signAlg); - throw new InvalidParamsException("Invalid parameter: Sign Alg"); + throw new InvalidParamsException(SignToolErrMsg.PARAM_CHECK_FAILED + .toString(ParamConstants.PARAM_BASIC_SIGANTURE_ALG, "Invalid parameter: Sign Alg")); } /** @@ -611,11 +612,12 @@ public abstract class SignProvider { CMSSignedData cmsSignedData = new CMSSignedData(profile); boolean isVerify = VerifyUtils.verifyCmsSignedData(cmsSignedData); if (!isVerify) { - throw new ProfileException("Verify profile pkcs7 failed! Profile is invalid."); + throw new ProfileException(SignToolErrMsg.VERIFY_PROFILE_INVALID.toString()); } Object contentObj = cmsSignedData.getSignedContent().getContent(); if (!(contentObj instanceof byte[])) { - throw new ProfileException("Check profile failed, signed profile content is not byte array!"); + throw new ProfileException(SignToolErrMsg.VERIFY_PROFILE_FAILED + .toString("Check profile failed, signed profile content is not byte array!")); } profileContent = new String((byte[]) contentObj, StandardCharsets.UTF_8); } else { @@ -625,9 +627,10 @@ public abstract class SignProvider { JsonObject profileJson = parser.getAsJsonObject(); checkProfileInfo(profileJson, inputCerts); } catch (CMSException e) { - throw new ProfileException("Verify profile pkcs7 failed! Profile is invalid.", e); + throw new ProfileException(SignToolErrMsg.VERIFY_PROFILE_INVALID.toString()); } catch (JsonParseException e) { - throw new ProfileException("Invalid parameter: profile content is not a JSON.", e); + throw new ProfileException(SignToolErrMsg.VERIFY_PROFILE_FAILED + .toString("Invalid parameter: profile content is not a JSON.", e)); } } @@ -635,7 +638,7 @@ public abstract class SignProvider { String profileTypeKey = "type"; String profileType = profileJson.get(profileTypeKey).getAsString(); if (profileType == null || profileType.length() == 0) { - throw new ProfileException("Get profile type error!"); + throw new ProfileException(SignToolErrMsg.VERIFY_PROFILE_FAILED.toString("Get profile type error!")); } String buildInfoMember = "bundle-info"; JsonObject buildInfoObject = profileJson.getAsJsonObject(buildInfoMember); @@ -645,15 +648,16 @@ public abstract class SignProvider { } else if (profileType.equalsIgnoreCase("debug")) { certInProfile = getDevelopmentCertificate(buildInfoObject); } else { - throw new ProfileException("Unsupported profile type!"); + throw new ProfileException(SignToolErrMsg.VERIFY_PROFILE_FAILED.toString("Unsupported profile type!")); } if (!inputCerts.isEmpty() && !checkInputCertMatchWithProfile(inputCerts.get(0), certInProfile)) { - throw new ProfileException("input certificates do not match with profile!"); + throw new ProfileException(SignToolErrMsg.PROFILE_CERT_MATCH_FAILED.toString()); } String cn = getCertificateCN(certInProfile); LOGGER.info("certificate in profile: {}", cn); if (cn.isEmpty()) { - throw new ProfileException("Common name of certificate is empty!"); + throw new ProfileException(SignToolErrMsg.VERIFY_PROFILE_FAILED + .toString("Common name of certificate is empty!")); } } @@ -672,10 +676,9 @@ public abstract class SignProvider { * Check input parameters is valid. And put valid parameters into signParams. * * @param options parameters inputted by user. - * @throws MissingParamsException Exception occurs when the required parameters are not entered. * @throws InvalidParamsException Exception occurs when the required parameters are invalid. */ - public void checkParams(Options options) throws MissingParamsException, InvalidParamsException { + public void checkParams(Options options) throws InvalidParamsException { String[] paramFileds = { ParamConstants.PARAM_BASIC_ALIGNMENT, ParamConstants.PARAM_BASIC_SIGANTURE_ALG, @@ -724,7 +727,8 @@ public abstract class SignProvider { String codeSign = signParams.get(ParamConstants.PARAM_SIGN_CODE); if (!codeSign.equals(ParamConstants.SignCodeFlag.ENABLE_SIGN_CODE.getSignCodeFlag()) && !codeSign.equals(ParamConstants.SignCodeFlag.DISABLE_SIGN_CODE.getSignCodeFlag())) { - throw new InvalidParamsException("Invalid parameter: " + ParamConstants.PARAM_SIGN_CODE); + throw new InvalidParamsException(SignToolErrMsg.PARAM_CHECK_FAILED + .toString(ParamConstants.PARAM_SIGN_CODE, "Invalid parameter")); } } @@ -732,9 +736,8 @@ public abstract class SignProvider { * Check compatible version, if param do not have compatible version default 9. * * @throws InvalidParamsException invalid param - * @throws MissingParamsException missing param */ - protected void checkCompatibleVersion() throws InvalidParamsException, MissingParamsException { + protected void checkCompatibleVersion() throws InvalidParamsException { if (!signParams.containsKey(ParamConstants.PARAM_BASIC_COMPATIBLE_VERSION)) { signParams.put(ParamConstants.PARAM_BASIC_COMPATIBLE_VERSION, "9"); return; @@ -743,7 +746,8 @@ public abstract class SignProvider { try { int compatibleApiVersion = Integer.parseInt(compatibleApiVersionVal); } catch (NumberFormatException e) { - throw new InvalidParamsException("Invalid parameter: " + ParamConstants.PARAM_BASIC_COMPATIBLE_VERSION); + throw new InvalidParamsException(SignToolErrMsg.PARAM_CHECK_FAILED + .toString(ParamConstants.PARAM_BASIC_COMPATIBLE_VERSION, "Invalid parameter")); } } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/sign/SignHap.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/sign/SignHap.java index f4ec846a..93ca6e9b 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/sign/SignHap.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/sign/SignHap.java @@ -21,15 +21,11 @@ import com.ohos.hapsigntool.entity.SignatureAlgorithm; import com.ohos.hapsigntool.hap.config.SignerConfig; import com.ohos.hapsigntool.entity.Pair; import com.ohos.hapsigntool.hap.entity.SigningBlock; -import com.ohos.hapsigntool.error.HapFormatException; import com.ohos.hapsigntool.error.SignatureException; -import com.ohos.hapsigntool.utils.FileUtils; import com.ohos.hapsigntool.hap.utils.HapUtils; -import com.ohos.hapsigntool.utils.StringUtils; import com.ohos.hapsigntool.zip.ZipDataInput; import java.io.IOException; -import java.io.InputStream; import java.nio.ByteBuffer; import java.nio.ByteOrder; import java.security.DigestException; @@ -39,10 +35,6 @@ import java.util.HashSet; import java.util.List; import java.util.Map; import java.util.Set; -import java.util.jar.JarEntry; -import java.util.jar.JarFile; -import java.util.jar.JarOutputStream; -import java.util.stream.Collectors; /** * @@ -51,205 +43,15 @@ import java.util.stream.Collectors; * @since 2021/12/21 */ public abstract class SignHap { - private static final int STORED_ENTRY_SO_ALIGNMENT = 4096; - private static final int BUFFER_LENGTH = 4096; private static final int BLOCK_COUNT = 4; private static final int BLOCK_MAGIC = 16; private static final int BLOCK_VERSION = 4; - private static final long INIT_OFFSET_LEN = 4L; private static final int OPTIONAL_TYPE_SIZE = 4; private static final int OPTIONAL_LENGTH_SIZE = 4; private static final int OPTIONAL_OFFSET_SIZE = 4; private SignHap() {} - /** - * Copy the jar file and align the storage entries. - * - * @param in input hap-file which is opened as a jar-file. - * @param out output stream of jar. - * @param timestamp ZIP file timestamps - * @param defaultAlignment default value of alignment. - * @throws IOException io error. - * @throws HapFormatException hap format error. - */ - public static void copyFiles(JarFile in, - JarOutputStream out, long timestamp, int defaultAlignment) throws IOException, HapFormatException { - // split compressed and uncompressed - List entryListStored = in.stream() - .filter(jarFile -> jarFile.getMethod() == JarEntry.STORED).collect(Collectors.toList()); - - // uncompressed special files and place in front - entryListStored = storedEntryListOfSort(entryListStored); - long offset = INIT_OFFSET_LEN; - String lastAlignmentEntryName = ""; - for (JarEntry inEntry : entryListStored) { - String entryName = inEntry.getName(); - if (!FileUtils.isRunnableFile(entryName)) { - lastAlignmentEntryName = entryName; - break; - } - } - for (JarEntry inEntry : entryListStored) { - if (inEntry == null) { - continue; - } - - offset += JarFile.LOCHDR; - - JarEntry outEntry = getJarEntry(timestamp, inEntry); - offset += outEntry.getName().length(); - - int alignment = getStoredEntryDataAlignment(inEntry.getName(), defaultAlignment, lastAlignmentEntryName); - if (alignment > 0 && (offset % alignment != 0)) { - int needed = alignment - (int) (offset % alignment); - outEntry.setExtra(new byte[needed]); - offset += needed; - } - - out.putNextEntry(outEntry); - offset = writeOutputStreamAndGetOffset(in, out, inEntry, offset); - } - List entryListNotStored = in.stream() - .filter(jarFile -> jarFile.getMethod() != JarEntry.STORED).collect(Collectors.toList()); - // process byte alignment of the first compressed file - boolean isAlignmentFlag = StringUtils.isEmpty(lastAlignmentEntryName); - if (isAlignmentFlag) { - if (entryListNotStored.isEmpty()) { - throw new HapFormatException("Hap format is error, file missing"); - } - JarEntry firstEntry = entryListNotStored.get(0); - offset += JarFile.LOCHDR; - JarEntry outEntry = getFirstJarEntry(firstEntry, offset, timestamp); - out.putNextEntry(outEntry); - byte[] buffer = new byte[BUFFER_LENGTH]; - writeOutputStream(in, out, firstEntry, buffer); - } - - copyFilesExceptStoredFile(entryListNotStored, in, out, timestamp, isAlignmentFlag); - } - - /** - * uncompressed special files are placed in front - * - * @param entryListStored stored file entry list - * @return List jarEntryList - */ - private static List storedEntryListOfSort(List entryListStored) { - return entryListStored.stream().sorted((entry1, entry2) -> { - String name1 = entry1.getName(); - String name2 = entry2.getName(); - // files ending with .abc or .so are placed before other files - boolean isSpecial1 = FileUtils.isRunnableFile(name1); - boolean isSpecial2 = FileUtils.isRunnableFile(name2); - if (isSpecial1 && !isSpecial2) { - return -1; - } else if (!isSpecial1 && isSpecial2) { - return 1; - } else { - // if all files are special files or none of them are special files,the files are sorted lexically - return name1.compareTo(name2); - } - }).collect(Collectors.toList()); - } - - private static JarEntry getFirstJarEntry(JarEntry firstEntry, long offset, long timestamp) { - long currentOffset = offset; - JarEntry outEntry = getJarEntry(timestamp, firstEntry); - currentOffset += outEntry.getName().length(); - if (currentOffset % STORED_ENTRY_SO_ALIGNMENT != 0) { - int needed = STORED_ENTRY_SO_ALIGNMENT - (int) (currentOffset % STORED_ENTRY_SO_ALIGNMENT); - outEntry.setExtra(new byte[needed]); - } - return outEntry; - } - - /** - * write first not stored entry to outputStream - * - * @param in jar file - * @param out jarOutputStream - * @param firstEntry jarEntry - * @param buffer byte[] - * @throws IOException IOExpcetion - */ - private static void writeOutputStream(JarFile in, JarOutputStream out, JarEntry firstEntry, byte[] buffer) - throws IOException { - try (InputStream data = in.getInputStream(firstEntry)) { - int num; - while ((num = data.read(buffer)) > 0) { - out.write(buffer, 0, num); - } - out.flush(); - } - } - - private static long writeOutputStreamAndGetOffset(JarFile in, JarOutputStream out, JarEntry inEntry, long offset) - throws IOException { - byte[] buffer = new byte[BUFFER_LENGTH]; - long currentOffset = offset; - try (InputStream data = in.getInputStream(inEntry)) { - int num; - while ((num = data.read(buffer)) > 0) { - out.write(buffer, 0, num); - currentOffset += num; - } - out.flush(); - } - return currentOffset; - } - - private static JarEntry getJarEntry(long timestamp, JarEntry inEntry) { - JarEntry outEntry = new JarEntry(inEntry); - outEntry.setTime(timestamp); - - outEntry.setComment(null); - outEntry.setExtra(null); - return outEntry; - } - - private static void copyFilesExceptStoredFile(List entryListNotStored, JarFile in, - JarOutputStream out, long timestamp, boolean isAlignmentFlag) throws IOException { - byte[] buffer = new byte[BUFFER_LENGTH]; - int index = 0; - if (isAlignmentFlag) { - index = 1; - } - for (; index < entryListNotStored.size(); index++) { - JarEntry inEntry = entryListNotStored.get(index); - if (inEntry == null || inEntry.getMethod() == JarEntry.STORED) { - continue; - } - - JarEntry outEntry = new JarEntry(inEntry.getName()); - outEntry.setTime(timestamp); - out.putNextEntry(outEntry); - writeOutputStream(in, out, inEntry, buffer); - } - } - - /** - * If store entry is end with '.so', use 4096-alignment, otherwise, use default-alignment. - * - * @param entryName name of entry - * @param defaultAlignment default value of alignment. - * @param lastAlignmentEntryName lastAlignmentEntryName - * @return value of alignment. - */ - private static int getStoredEntryDataAlignment(String entryName, int defaultAlignment, - String lastAlignmentEntryName) { - if (defaultAlignment <= 0) { - return 0; - } - if (!StringUtils.isEmpty(lastAlignmentEntryName) && entryName.equals(lastAlignmentEntryName)) { - return STORED_ENTRY_SO_ALIGNMENT; - } - if (FileUtils.isRunnableFile(entryName)) { - return STORED_ENTRY_SO_ALIGNMENT; - } - return defaultAlignment; - } - private static byte[] getHapSigningBlock( Set contentDigestAlgorithms, List optionalBlocks, diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/verify/VerifyElf.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/verify/VerifyElf.java index cbcaaa2a..5a641abd 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/verify/VerifyElf.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/verify/VerifyElf.java @@ -19,6 +19,7 @@ import com.ohos.hapsigntool.entity.Options; import com.ohos.hapsigntool.codesigning.exception.FsVerityDigestException; import com.ohos.hapsigntool.codesigning.exception.VerifyCodeSignException; import com.ohos.hapsigntool.codesigning.sign.VerifyCodeSignature; +import com.ohos.hapsigntool.error.SignToolErrMsg; import com.ohos.hapsigntool.hap.entity.ElfBlockData; import com.ohos.hapsigntool.hap.entity.BlockHead; import com.ohos.hapsigntool.hap.entity.SignHead; @@ -67,11 +68,12 @@ public class VerifyElf { try { CMSSignedData cmsSignedData = new CMSSignedData(profile); if (!VerifyUtils.verifyCmsSignedData(cmsSignedData)) { - throw new ProfileException("Verify profile pkcs7 failed! Profile is invalid"); + throw new ProfileException(SignToolErrMsg.VERIFY_PROFILE_INVALID.toString()); } Object contentObj = cmsSignedData.getSignedContent().getContent(); if (!(contentObj instanceof byte[])) { - throw new ProfileException("Check profile failed, signed profile content is not byte array!"); + throw new ProfileException(SignToolErrMsg.VERIFY_PROFILE_FAILED + .toString("Check profile failed, signed profile content is not byte array!")); } return new String((byte[]) contentObj, StandardCharsets.UTF_8); } catch (CMSException e) { diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/verify/VerifyHap.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/verify/VerifyHap.java index cce11d73..d619d1e8 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/verify/VerifyHap.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/verify/VerifyHap.java @@ -20,6 +20,7 @@ import com.ohos.hapsigntool.codesigning.exception.FsVerityDigestException; import com.ohos.hapsigntool.codesigning.exception.VerifyCodeSignException; import com.ohos.hapsigntool.codesigning.sign.VerifyCodeSignature; import com.ohos.hapsigntool.entity.Pair; +import com.ohos.hapsigntool.error.SignToolErrMsg; import com.ohos.hapsigntool.hap.entity.SigningBlock; import com.ohos.hapsigntool.error.HapFormatException; import com.ohos.hapsigntool.error.ProfileException; @@ -89,11 +90,12 @@ public class VerifyHap { try { CMSSignedData cmsSignedData = new CMSSignedData(profile); if (!VerifyUtils.verifyCmsSignedData(cmsSignedData)) { - throw new ProfileException("Verify profile pkcs7 failed! Profile is invalid"); + throw new ProfileException(SignToolErrMsg.VERIFY_PROFILE_INVALID.toString()); } Object contentObj = cmsSignedData.getSignedContent().getContent(); if (!(contentObj instanceof byte[])) { - throw new ProfileException("Check profile failed, signed profile content is not byte array!"); + throw new ProfileException(SignToolErrMsg.VERIFY_PROFILE_FAILED + .toString("Check profile failed, signed profile content is not byte array!")); } return new String((byte[]) contentObj, StandardCharsets.UTF_8); } catch (CMSException e) { diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/zip/ZipUtils.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/zip/ZipUtils.java index fca69eb0..921bd0b4 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/zip/ZipUtils.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/zip/ZipUtils.java @@ -17,6 +17,7 @@ package com.ohos.hapsigntool.zip; import com.ohos.hapsigntool.entity.Pair; import com.ohos.hapsigntool.error.HapFormatException; +import com.ohos.hapsigntool.error.SignToolErrMsg; import java.io.IOException; import java.nio.ByteBuffer; @@ -192,24 +193,28 @@ public class ZipUtils { public static ZipFileInfo findZipInfo(ZipDataInput in) throws IOException, HapFormatException { Pair eocdOffsetAndBuffer = findEocdInHap(in); if (eocdOffsetAndBuffer == null) { - throw new HapFormatException("ZIP End of Central Directory not found"); + throw new HapFormatException(SignToolErrMsg.ZIP_FORMAT_FAILED + .toString("ZIP End of Central Directory not found")); } long eocdOffset = eocdOffsetAndBuffer.getFirst(); ByteBuffer eocdBuffer = eocdOffsetAndBuffer.getSecond().order(ByteOrder.LITTLE_ENDIAN); long centralDirectoryStartOffset = ZipUtils.getCentralDirectoryOffset(eocdBuffer); if (centralDirectoryStartOffset > eocdOffset) { - throw new HapFormatException("ZIP Central Directory start offset(" + centralDirectoryStartOffset - + ") larger than ZIP End of Central Directory offset(" + eocdOffset + ")"); + throw new HapFormatException(SignToolErrMsg.ZIP_FORMAT_FAILED + .toString("ZIP Central Directory start offset(" + centralDirectoryStartOffset + + ") larger than ZIP End of Central Directory offset(" + eocdOffset + ")")); } long centralDirectorySizeLong = ZipUtils.getCentralDirectorySize(eocdBuffer); if (centralDirectorySizeLong > Integer.MAX_VALUE) { - throw new HapFormatException("ZIP Central Directory out of range: " + centralDirectorySizeLong); + throw new HapFormatException(SignToolErrMsg.ZIP_FORMAT_FAILED + .toString("ZIP Central Directory out of range: " + centralDirectorySizeLong)); } int centralDirectorySize = (int) centralDirectorySizeLong; long centralDirectoryEndOffset = centralDirectoryStartOffset + centralDirectorySizeLong; if (centralDirectoryEndOffset != eocdOffset) { - throw new HapFormatException("ZIP Central Directory end offset(" + centralDirectoryEndOffset + ") " - + " different from ZIP End of Central Directory offset(" + eocdOffset + ")"); + throw new HapFormatException(SignToolErrMsg.ZIP_FORMAT_FAILED + .toString("ZIP Central Directory end offset(" + centralDirectoryEndOffset + ") " + + " different from ZIP End of Central Directory offset(" + eocdOffset + ")")); } int centralDirectoryCount = ZipUtils.getCentralDirectoryCount(eocdBuffer); return new ZipFileInfo(centralDirectoryStartOffset, centralDirectorySize, centralDirectoryCount, eocdOffset, -- Gitee From 543a72ef7ec6cfd076383e4345da11589b939e89 Mon Sep 17 00:00:00 2001 From: wangzeyu Date: Wed, 8 Jan 2025 10:10:49 +0800 Subject: [PATCH 05/28] add error msg Signed-off-by: wangzeyu --- .../main/java/com/ohos/hapsigntool/utils/KeyStoreHelper.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/KeyStoreHelper.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/KeyStoreHelper.java index ea15b2f3..c48d5a57 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/KeyStoreHelper.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/KeyStoreHelper.java @@ -209,7 +209,7 @@ public class KeyStoreHelper { .toString(exception.getMessage())); } catch (UnrecoverableKeyException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.ACCESS_ERROR, SignToolErrMsg.KEY_PASSWORD_ERROR.toString(alias)); + CustomException.throwException(ERROR.ACCESS_ERROR, SignToolErrMsg.KEY_PASSWORD_ERROR.toString(alias, exception)); } return null; } -- Gitee From e8ad8248b90521bd034142f6a8c64a146c137e44 Mon Sep 17 00:00:00 2001 From: zfeixiang Date: Wed, 8 Jan 2025 14:26:13 +0800 Subject: [PATCH 06/28] error code for ide Signed-off-by: zfeixiang --- .../codesigning/exception/CodeSignErrMsg.java | 209 ++++++++++++++++-- .../fsverity/FsVerityDescriptor.java | 7 +- .../fsverity/FsVerityGenerator.java | 2 +- .../fsverity/MerkleTreeBuilder.java | 2 +- .../sign/BcSignedDataGenerator.java | 16 +- .../codesigning/sign/CentralDirectory.java | 176 --------------- .../codesigning/sign/CodeSigning.java | 4 +- .../codesigning/utils/HapUtils.java | 50 ----- .../codesigning/utils/InputStreamUtils.java | 65 ------ 9 files changed, 201 insertions(+), 330 deletions(-) delete mode 100644 hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CentralDirectory.java delete mode 100644 hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/InputStreamUtils.java diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java index 71e1c022..f133d67f 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java @@ -23,22 +23,31 @@ import com.ohos.hapsigntool.error.ErrorMsg; * @since 2025/01/06 */ public class CodeSignErrMsg { - public static ErrorMsg FILE_FORMAT_UNSUPPORTED_ERROR = ErrorMsg.getCodeSignErrBuilder() + /** + * FILE_FORMAT_UNSUPPORTED_ERROR + */ + public static final ErrorMsg FILE_FORMAT_UNSUPPORTED_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("10") .addErrCode("001") .addDescription("File Read Error") .addCause("Code sign does not support the file format") - .addSolution("code sign supports {%s} format") + .addSolution("Code sign supports {%s} format") .build(); - public static ErrorMsg FILE_4K_ALIGNMENT_ERROR = ErrorMsg.getCodeSignErrBuilder() + /** + * FILE_4K_ALIGNMENT_ERROR + */ + public static final ErrorMsg FILE_4K_ALIGNMENT_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("10") .addErrCode("002") .addDescription("File Read Error") .addCause("Invalid data size {%d}, not a multiple of 4096") .build(); - public static ErrorMsg HNP_FILE_DESCRIPTION_ERROR = ErrorMsg.getCodeSignErrBuilder() + /** + * HNP_FILE_DESCRIPTION_ERROR + */ + public static final ErrorMsg HNP_FILE_DESCRIPTION_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("10") .addErrCode("003") .addDescription("File Read Error") @@ -46,7 +55,10 @@ public class CodeSignErrMsg { .addSolution("Hnp should be described in module.json") .build(); - public static ErrorMsg EXTRACT_HNP_FILE_ERROR = ErrorMsg.getCodeSignErrBuilder() + /** + * EXTRACT_HNP_FILE_ERROR + */ + public static final ErrorMsg EXTRACT_HNP_FILE_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("10") .addErrCode("004") .addDescription("File Read Error") @@ -54,14 +66,20 @@ public class CodeSignErrMsg { .addSolution("Check whether the hnp file is packaged correctly") .build(); - public static ErrorMsg READ_INPUT_STREAM_ERROR = ErrorMsg.getCodeSignErrBuilder() + /** + * READ_INPUT_STREAM_ERROR + */ + public static final ErrorMsg READ_INPUT_STREAM_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("10") .addErrCode("005") .addDescription("File Read Error") - .addCause("read buffer from input error") + .addCause("Read buffer from input error") .build(); - public static ErrorMsg CERTIFICATES_CONFIGURE_EMPTY_ERROR = ErrorMsg.getCodeSignErrBuilder() + /** + * CERTIFICATES_CONFIGURE_EMPTY_ERROR + */ + public static final ErrorMsg CERTIFICATES_CONFIGURE_EMPTY_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("11") .addErrCode("001") .addDescription("Certificates Error") @@ -69,7 +87,10 @@ public class CodeSignErrMsg { .addSolution("Please check whether the certificate is correct") .build(); - public static ErrorMsg PROFILE_TYPE_UNSUPPORTED_ERROR = ErrorMsg.getCodeSignErrBuilder() + /** + * PROFILE_TYPE_UNSUPPORTED_ERROR + */ + public static final ErrorMsg PROFILE_TYPE_UNSUPPORTED_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("12") .addErrCode("001") .addDescription("Profile Content Error") @@ -77,36 +98,51 @@ public class CodeSignErrMsg { .addSolution("Profile type should be debug or release") .build(); - public static ErrorMsg PROFILE_TYPE_NOT_EXISTED_ERROR = ErrorMsg.getCodeSignErrBuilder() + /** + * PROFILE_TYPE_NOT_EXISTED_ERROR + */ + public static final ErrorMsg PROFILE_TYPE_NOT_EXISTED_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("12") .addErrCode("002") .addDescription("Profile Content Error") .addCause("Key named 'type' does not exist in profile") .build(); - public static ErrorMsg PROFILE_BUNDLE_INFO_NOT_EXISTED_ERROR = ErrorMsg.getCodeSignErrBuilder() + /** + * PROFILE_BUNDLE_INFO_NOT_EXISTED_ERROR + */ + public static final ErrorMsg PROFILE_BUNDLE_INFO_NOT_EXISTED_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("12") .addErrCode("003") .addDescription("Profile Content Error") .addCause("Key named 'bundle-info' does not exist in profile") .build(); - public static ErrorMsg PROFILE_APPID_VALUE_TYPE_ERROR = ErrorMsg.getCodeSignErrBuilder() + /** + * PROFILE_APPID_VALUE_TYPE_ERROR + */ + public static final ErrorMsg PROFILE_APPID_VALUE_TYPE_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("12") .addErrCode("004") .addDescription("Profile Content Error") - .addCause("Value of app-identifier is not string") - .addSolution("app-identifier should be string") + .addCause("Value type of app-identifier is not string") + .addSolution("Value type of app-identifier should be string") .build(); - public static ErrorMsg PROFILE_APPID_VALUE_LENGTH_ERROR = ErrorMsg.getCodeSignErrBuilder() + /** + * PROFILE_APPID_VALUE_LENGTH_ERROR + */ + public static final ErrorMsg PROFILE_APPID_VALUE_LENGTH_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("12") .addErrCode("005") .addDescription("Profile Content Error") .addCause("Value length of app-identifier is invalid") .build(); - public static ErrorMsg PROFILE_JSON_PARSE_ERROR = ErrorMsg.getCodeSignErrBuilder() + /** + * PROFILE_JSON_PARSE_ERROR + */ + public static final ErrorMsg PROFILE_JSON_PARSE_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("12") .addErrCode("006") .addDescription("Profile Content Error") @@ -114,7 +150,10 @@ public class CodeSignErrMsg { .addSolution("Please check whether the profile json is correct") .build(); - public static ErrorMsg MODULE_JSON_PARSE_ERROR = ErrorMsg.getCodeSignErrBuilder() + /** + * MODULE_JSON_PARSE_ERROR + */ + public static final ErrorMsg MODULE_JSON_PARSE_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("13") .addErrCode("001") .addDescription("Module Content Error") @@ -122,28 +161,140 @@ public class CodeSignErrMsg { .addSolution("Please check whether the module json is correct") .build(); - public static ErrorMsg DIGEST_ALGORITHM_ERROR = ErrorMsg.getCodeSignErrBuilder() + /** + * DIGEST_ALGORITHM_ERROR + */ + public static final ErrorMsg DIGEST_ALGORITHM_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("14") .addErrCode("001") .addDescription("Digest Algorithm Error") .addCause("Invalid algorithm {%s}") .build(); - public static ErrorMsg SIGN_SIZE_ZERO_ERROR = ErrorMsg.getCodeSignErrBuilder() + /** + * SIGN_SIZE_ZERO_ERROR + */ + public static final ErrorMsg SIGN_SIZE_ZERO_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("15") .addErrCode("001") .addDescription("Code Sign Error") .addCause("The file size in bundle is 0") .build(); - public static ErrorMsg SIGN_SIZE_OVER_LIMIT_ERROR = ErrorMsg.getCodeSignErrBuilder() + /** + * SIGN_SIZE_OVER_LIMIT_ERROR + */ + public static final ErrorMsg SIGN_SIZE_OVER_LIMIT_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("15") .addErrCode("002") .addDescription("Code Sign Error") .addCause("The file size in bundle is over limit") .build(); - public static ErrorMsg ELF_FILE_HEADER_ERROR = ErrorMsg.getCodeSignErrBuilder() + /** + * SALT_SIZE_LENGTH_ERROR + */ + public static final ErrorMsg SALT_SIZE_LENGTH_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("15") + .addErrCode("003") + .addDescription("Code Sign Error") + .addCause("Salt is too long") + .build(); + + /** + * SIGN_LIBS_ERROR + */ + public static final ErrorMsg SIGN_LIBS_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("15") + .addErrCode("004") + .addDescription("Code Sign Error") + .addCause("Sign libs error") + .build(); + + /** + * SIGN_HNP_ERROR + */ + public static final ErrorMsg SIGN_HNP_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("15") + .addErrCode("005") + .addDescription("Code Sign Error") + .addCause("Sign hnp error") + .build(); + + /** + * ENCODE_DATA_ERROR + */ + public static final ErrorMsg ENCODE_DATA_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("15") + .addErrCode("006") + .addDescription("Code Sign Error") + .addCause("Encode data error") + .build(); + + /** + * CERTIFICATE_ENCODING_ERROR + */ + public static final ErrorMsg CERTIFICATE_ENCODING_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("15") + .addErrCode("007") + .addDescription("Code Sign Error") + .addCause("Create sign info failed") + .build(); + + /** + * CREATE_CRL_ERROR + */ + public static final ErrorMsg CREATE_CRL_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("15") + .addErrCode("008") + .addDescription("Code Sign Error") + .addCause("Create crl failed") + .build(); + + /** + * SIGNER_SIGN_ERROR + */ + public static final ErrorMsg SIGNER_SIGN_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("15") + .addErrCode("009") + .addDescription("Code Sign Error") + .addCause("Signer sign data failed") + .build(); + + /** + * SIGN_CONTENT_EMPTY_ERROR + */ + public static final ErrorMsg SIGN_CONTENT_EMPTY_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("15") + .addErrCode("010") + .addDescription("Code Sign Error") + .addCause("The content to be signed is empty") + .build(); + + /** + * VERIFY_SIGNATURE_FROM_SERVER_ERROR + */ + public static final ErrorMsg VERIFY_SIGNATURE_FROM_SERVER_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("15") + .addErrCode("011") + .addDescription("Code Sign Error") + .addCause("Verify signature from server failed") + .build(); + + /** + * SIGNATURE_VERIFY_FAILED_ERROR + */ + public static final ErrorMsg SIGNATURE_VERIFY_FAILED_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("15") + .addErrCode("011") + .addDescription("Code Sign Error") + .addCause("Signature verify failed") + .build(); + + /** + * ELF_FILE_HEADER_ERROR + */ + public static final ErrorMsg ELF_FILE_HEADER_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("16") .addErrCode("001") .addDescription("Elf File Error") @@ -151,7 +302,10 @@ public class CodeSignErrMsg { .addSolution("Failed to parse the elf file, please check whether the file header information is correct") .build(); - public static ErrorMsg ELF_PROGRAM_HEADER_ERROR = ErrorMsg.getCodeSignErrBuilder() + /** + * ELF_PROGRAM_HEADER_ERROR + */ + public static final ErrorMsg ELF_PROGRAM_HEADER_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("16") .addErrCode("002") .addDescription("Elf File Error") @@ -159,7 +313,10 @@ public class CodeSignErrMsg { .addSolution("Failed to parse the elf file, please check whether the file header information is correct") .build(); - public static ErrorMsg ELF_EI_CLASS_ERROR = ErrorMsg.getCodeSignErrBuilder() + /** + * ELF_EI_CLASS_ERROR + */ + public static final ErrorMsg ELF_EI_CLASS_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("16") .addErrCode("003") .addDescription("Elf File Error") @@ -167,11 +324,15 @@ public class CodeSignErrMsg { .addSolution("Failed to parse the elf file, please check whether the file header information is correct") .build(); - public static ErrorMsg ELF_EI_DATA_ERROR = ErrorMsg.getCodeSignErrBuilder() + /** + * ELF_EI_DATA_ERROR + */ + public static final ErrorMsg ELF_EI_DATA_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("16") .addErrCode("004") .addDescription("Elf File Error") .addCause("ELF ei_data is incorrect") .addSolution("Failed to parse the elf file, please check whether the file header information is correct") .build(); + } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityDescriptor.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityDescriptor.java index da6f8ec1..f2b91024 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityDescriptor.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityDescriptor.java @@ -15,6 +15,7 @@ package com.ohos.hapsigntool.codesigning.fsverity; +import com.ohos.hapsigntool.codesigning.exception.CodeSignErrMsg; import com.ohos.hapsigntool.codesigning.exception.FsVerityDigestException; import com.ohos.hapsigntool.codesigning.exception.VerifyCodeSignException; import com.ohos.hapsigntool.codesigning.utils.NumberUtils; @@ -195,7 +196,7 @@ public class FsVerityDescriptor { buffer.put(hashAlgorithm); buffer.put(log2BlockSize); if (this.saltSize > SALT_SIZE) { - throw new FsVerityDigestException("Salt is too long"); + throw new FsVerityDigestException(CodeSignErrMsg.SALT_SIZE_LENGTH_ERROR.toString()); } buffer.put(this.saltSize); buffer.putInt(signSize); @@ -223,7 +224,7 @@ public class FsVerityDescriptor { buffer.put(hashAlgorithm); buffer.put(log2BlockSize); if (this.saltSize > SALT_SIZE) { - throw new FsVerityDigestException("Salt is too long"); + throw new FsVerityDigestException(CodeSignErrMsg.SALT_SIZE_LENGTH_ERROR.toString()); } buffer.put(this.saltSize); buffer.putInt(0); @@ -251,7 +252,7 @@ public class FsVerityDescriptor { buffer.put(hashAlgorithm); buffer.put(log2BlockSize); if (this.saltSize > SALT_SIZE) { - throw new FsVerityDigestException("Salt is too long"); + throw new FsVerityDigestException(CodeSignErrMsg.SALT_SIZE_LENGTH_ERROR.toString()); } buffer.put(this.saltSize); buffer.putInt(0); diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityGenerator.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityGenerator.java index 06d24212..ebd332db 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityGenerator.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityGenerator.java @@ -77,7 +77,7 @@ public class FsVerityGenerator { try (MerkleTreeBuilder builder = new MerkleTreeBuilder()) { merkleTree = builder.generateMerkleTree(inputStream, size, fsVerityHashAlgorithm); } catch (IOException e) { - throw new FsVerityDigestException("IOException: " + e.getMessage()); + throw new FsVerityDigestException(e.getMessage(), e); } catch (NoSuchAlgorithmException e) { String msg = CodeSignErrMsg.DIGEST_ALGORITHM_ERROR.toString(fsVerityHashAlgorithm.getHashAlgorithm()); throw new FsVerityDigestException(msg, e); diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/MerkleTreeBuilder.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/MerkleTreeBuilder.java index a052adbd..19e8f6da 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/MerkleTreeBuilder.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/MerkleTreeBuilder.java @@ -196,7 +196,7 @@ public class MerkleTreeBuilder implements AutoCloseable { try { hashes[index++] = DigestUtils.computeDigest(tempByte, this.mAlgorithm); } catch (NoSuchAlgorithmException e) { - throw new IllegalStateException(e); + throw new IllegalStateException(CodeSignErrMsg.DIGEST_ALGORITHM_ERROR.toString(this.mAlgorithm), e); } offset += CHUNK_SIZE; } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java index 73298ef7..b39aca36 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java @@ -91,7 +91,7 @@ public class BcSignedDataGenerator implements SignedDataGenerator { @Override public byte[] generateSignedData(byte[] content, SignerConfig signConfig) throws CodeSignException { if (content == null) { - throw new CodeSignException("Verity digest is null"); + throw new CodeSignException(CodeSignErrMsg.SIGN_CONTENT_EMPTY_ERROR.toString()); } Pair pairDigestAndSignInfo = getSignInfo(content, signConfig); // Unsupported certificate revocation, SignedData's _crls is null @@ -122,14 +122,14 @@ public class BcSignedDataGenerator implements SignedDataGenerator { Pair signPair = signAlgorithm.getSignatureAlgAndParams(); byte[] signBytes = signConfig.getSigner().getSignature(codeAuthed, signPair.getFirst(), signPair.getSecond()); if (signBytes == null) { - throw new CodeSignException("get signature failed"); + throw new CodeSignException(CodeSignErrMsg.SIGNER_SIGN_ERROR.toString()); } if (signConfig.getCertificates().isEmpty()) { throw new CodeSignException(CodeSignErrMsg.CERTIFICATES_CONFIGURE_EMPTY_ERROR.toString()); } X509Certificate cert = signConfig.getCertificates().get(0); if (!verifySignFromServer(cert.getPublicKey(), signBytes, signPair, codeAuthed)) { - throw new CodeSignException("verifySignatureFromServer failed"); + throw new CodeSignException(CodeSignErrMsg.VERIFY_SIGNATURE_FROM_SERVER_ERROR.toString()); } JcaX509CertificateHolder certificateHolder = getJcaX509CertificateHolder(cert); return new SignerInfo(new ASN1Integer(1), @@ -153,7 +153,7 @@ public class BcSignedDataGenerator implements SignedDataGenerator { try { codeAuthed = authed.getEncoded(); } catch (IOException e) { - throw new CodeSignException("cannot encode authed", e); + throw new CodeSignException(CodeSignErrMsg.ENCODE_DATA_ERROR.toString(), e); } return codeAuthed; } @@ -163,7 +163,7 @@ public class BcSignedDataGenerator implements SignedDataGenerator { try { crlHolder = new JcaX509CRLHolder(crl); } catch (CRLException e) { - throw new CodeSignException("Create crl failed", e); + throw new CodeSignException(CodeSignErrMsg.CREATE_CRL_ERROR.toString(), e); } return crlHolder; } @@ -173,7 +173,7 @@ public class BcSignedDataGenerator implements SignedDataGenerator { try { certificateHolder = new JcaX509CertificateHolder(cert); } catch (CertificateEncodingException e) { - throw new CodeSignException("Create sign info failed", e); + throw new CodeSignException(CodeSignErrMsg.CERTIFICATE_ENCODING_ERROR.toString(), e); } return certificateHolder; } @@ -207,7 +207,7 @@ public class BcSignedDataGenerator implements SignedDataGenerator { } signature.update(authed); if (!signature.verify(signBytes)) { - throw new CodeSignException("Signature verify failed"); + throw new CodeSignException(CodeSignErrMsg.SIGNATURE_VERIFY_FAILED_ERROR.toString()); } return true; } catch (InvalidKeyException | SignatureException e) { @@ -244,7 +244,7 @@ public class BcSignedDataGenerator implements SignedDataGenerator { ContentInfo contentInfo = new ContentInfo(PKCSObjectIdentifiers.signedData, signedData); signResult = contentInfo.getEncoded(ASN1Encoding.DER); } catch (IOException e) { - throw new CodeSignException("failed to encode unsigned data!", e); + throw new CodeSignException(CodeSignErrMsg.ENCODE_DATA_ERROR.toString(), e); } verifySignResult(unsignedDataDigest, signResult); return signResult; diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CentralDirectory.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CentralDirectory.java deleted file mode 100644 index e664912a..00000000 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CentralDirectory.java +++ /dev/null @@ -1,176 +0,0 @@ -/* - * Copyright (c) 2023-2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package com.ohos.hapsigntool.codesigning.sign; - -import com.ohos.hapsigntool.utils.FileUtils; - -import org.bouncycastle.util.Strings; - -import java.util.Locale; -import java.util.zip.ZipEntry; - -/** - * Central directory structure - * further reference to Zip Format - * - * @since 2023/09/14 - */ -public class CentralDirectory { - /** - * Byte size of all fields before "compression method" in central directory structure - */ - public static final int BYTE_SIZE_BEFORE_COMPRESSION_METHOD = 10; - - /** - * Byte size of all fields between "compression method" and "file comment length" in central directory structure - */ - public static final int BYTE_SIZE_BETWEEN_COMPRESSION_MODE_AND_FILE_SIZE = 16; - - /** - * Byte size of all fields between "file comment length" and - * "relative offset of local header" in central directory structure - */ - public static final int BYTE_SIZE_BETWEEN_FILE_COMMENT_LENGTH_AND_LOCHDR_RELATIVE_OFFSET = 8; - - private final char compressionMethod; - - private final char fileNameLength; - - private final char extraFieldLength; - - private final char fileCommentLength; - - private final long relativeOffsetOfLocalHeader; - - private final byte[] fileName; - - public CentralDirectory(Builder builder) { - this.compressionMethod = builder.compressionMethod; - this.fileNameLength = builder.fileNameLength; - this.extraFieldLength = builder.extraFieldLength; - this.fileCommentLength = builder.fileCommentLength; - this.relativeOffsetOfLocalHeader = builder.relativeOffsetOfLocalHeader; - this.fileName = builder.fileName; - } - - /** - * Return true if entry is an executable file, i.e. abc or so - * - * @return true if entry is an executable file - */ - public boolean isCodeFile() { - return FileUtils.isRunnableFile(this.getFileName()); - } - - /** - * Return true if zip entry is uncompressed - * - * @return true if zip entry is uncompressed - */ - public boolean isUncompressed() { - return this.compressionMethod == ZipEntry.STORED; - } - - public String getFileName() { - return Strings.fromByteArray(this.fileName); - } - - public long getRelativeOffsetOfLocalHeader() { - return relativeOffsetOfLocalHeader; - } - - /** - * Sum byte size of three variable fields: file name, extra field, file comment - * - * @return Sum byte size of three variable fields - */ - public char getFileNameLength() { - return fileNameLength; - } - - public char getExtraFieldLength() { - return extraFieldLength; - } - - /** - * Return a string representation of the object - * - * @return string representation of the object - */ - public String toString() { - return String.format(Locale.ROOT, - "CentralDirectory:compressionMode(%d), fileName(%s), relativeOffsetOfLocalHeader(%d), " - + "fileNameLength(%d), extraFieldLength(%d), fileCommentLength(%d)", (int) this.compressionMethod, - this.getFileName(), this.relativeOffsetOfLocalHeader, (int) this.fileNameLength, - (int) this.extraFieldLength, (int) this.fileCommentLength); - } - - /** - * Builder of CentralDirectory class - */ - public static class Builder { - private char compressionMethod; - - private char fileNameLength; - - private char extraFieldLength; - - private char fileCommentLength; - - private long relativeOffsetOfLocalHeader; - - private byte[] fileName; - - public Builder setCompressionMethod(char compressionMethod) { - this.compressionMethod = compressionMethod; - return this; - } - - public Builder setFileNameLength(char fileNameLength) { - this.fileNameLength = fileNameLength; - return this; - } - - public Builder setExtraFieldLength(char extraFieldLength) { - this.extraFieldLength = extraFieldLength; - return this; - } - - public Builder setFileCommentLength(char fileCommentLength) { - this.fileCommentLength = fileCommentLength; - return this; - } - - public Builder setRelativeOffsetOfLocalHeader(long relativeOffsetOfLocalHeader) { - this.relativeOffsetOfLocalHeader = relativeOffsetOfLocalHeader; - return this; - } - - public Builder setFileName(byte[] fileName) { - this.fileName = fileName; - return this; - } - - /** - * Create a CentralDirectory object - * - * @return a CentralDirectory object - */ - public CentralDirectory build() { - return new CentralDirectory(this); - } - } -} diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java index 1302333c..b992d069 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java @@ -312,7 +312,7 @@ public class CodeSigning { return null; }).collect(Collectors.toList()); if (nativeLibInfoList.contains(null)) { - throw new CodeSignException("Sign hnp lib error"); + throw new CodeSignException(CodeSignErrMsg.SIGN_HNP_ERROR.toString()); } return nativeLibInfoList; } catch (IOException e) { @@ -423,7 +423,7 @@ public class CodeSigning { return null; }).collect(Collectors.toList()); if (nativeLibInfoList.contains(null)) { - throw new CodeSignException("Sign lib error"); + throw new CodeSignException(CodeSignErrMsg.SIGN_LIBS_ERROR.toString()); } return nativeLibInfoList; } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/HapUtils.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/HapUtils.java index cbd94b5b..8dfb6148 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/HapUtils.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/HapUtils.java @@ -79,56 +79,6 @@ public class HapUtils { private HapUtils() { } - /** - * Check configuration in hap to find out whether the native libs are compressed - * - * @param hapFile the given hap - * @return boolean value of parsing result - * @throws IOException io error - */ - public static boolean checkCompressNativeLibs(File hapFile) throws IOException { - try (JarFile inputJar = new JarFile(hapFile, false)) { - for (String configFile : HAP_CONFIG_FILES) { - JarEntry entry = inputJar.getJarEntry(configFile); - if (entry == null) { - continue; - } - try (InputStream data = inputJar.getInputStream(entry)) { - String jsonString = new String(InputStreamUtils.toByteArray(data, (int) entry.getSize()), - StandardCharsets.UTF_8); - return checkCompressNativeLibs(jsonString); - } - } - } - return true; - } - - /** - * Check whether the native libs are compressed by parsing config json - * - * @param jsonString the config json string - * @return boolean value of parsing result - */ - public static boolean checkCompressNativeLibs(String jsonString) { - JsonObject jsonObject = JsonParser.parseString(jsonString).getAsJsonObject(); - Queue queue = new LinkedList<>(); - queue.offer(jsonObject); - while (queue.size() > 0) { - JsonObject curJsonObject = queue.poll(); - JsonElement jsonElement = curJsonObject.get(COMPRESS_NATIVE_LIBS_OPTION); - if (jsonElement != null) { - return jsonElement.getAsBoolean(); - } - for (Map.Entry entry : curJsonObject.entrySet()) { - if (entry.getValue().isJsonObject()) { - queue.offer(entry.getValue().getAsJsonObject()); - } - } - } - // default to compress native libs - return true; - } - /** * get app-id from profile * diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/InputStreamUtils.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/InputStreamUtils.java deleted file mode 100644 index 683a69cd..00000000 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/InputStreamUtils.java +++ /dev/null @@ -1,65 +0,0 @@ -/* - * Copyright (c) 2023-2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package com.ohos.hapsigntool.codesigning.utils; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; - -/** - * InputStream util class - * - * @since 2023/08/10 - */ -public class InputStreamUtils { - private static final int BUFFER_SIZE = 4096; - - /** - * get byte array by inputStream and size - * - * @param inputStream inputStream data - * @param inputStreamSize inputStream size - * @return byte array value - * @throws IOException io error - */ - public static byte[] toByteArray(InputStream inputStream, int inputStreamSize) throws IOException { - if (inputStreamSize == 0) { - return new byte[0]; - } - if (inputStreamSize < 0) { - throw new IllegalArgumentException("inputStreamSize: " + inputStreamSize + "is less than zero: "); - } - try (ByteArrayOutputStream output = new ByteArrayOutputStream()) { - copy(inputStream, inputStreamSize, output); - return output.toByteArray(); - } - } - - private static int copy(InputStream inputStream, int inputStreamSize, OutputStream output) throws IOException { - byte[] buffer = new byte[BUFFER_SIZE]; - int readSize = 0; - int count = 0; - while (readSize < inputStreamSize && (readSize = inputStream.read(buffer)) != -1) { - output.write(buffer, 0, readSize); - count += readSize; - } - if (count != inputStreamSize) { - throw new IOException("read size err. readSizeCount: " + count + ", inputStreamSize: " + inputStreamSize); - } - return count; - } -} -- Gitee From f601a2372dc6cc690f5d19f6a62181b539e146d6 Mon Sep 17 00:00:00 2001 From: zfeixiang Date: Wed, 8 Jan 2025 14:35:17 +0800 Subject: [PATCH 07/28] error code for ide Signed-off-by: zfeixiang --- .../codesigning/fsverity/FsVerityGenerator.java | 12 ++++++------ .../ohos/hapsigntool/codesigning/utils/HapUtils.java | 4 ---- 2 files changed, 6 insertions(+), 10 deletions(-) diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityGenerator.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityGenerator.java index ebd332db..9ef67995 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityGenerator.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityGenerator.java @@ -79,8 +79,8 @@ public class FsVerityGenerator { } catch (IOException e) { throw new FsVerityDigestException(e.getMessage(), e); } catch (NoSuchAlgorithmException e) { - String msg = CodeSignErrMsg.DIGEST_ALGORITHM_ERROR.toString(fsVerityHashAlgorithm.getHashAlgorithm()); - throw new FsVerityDigestException(msg, e); + throw new FsVerityDigestException( + CodeSignErrMsg.DIGEST_ALGORITHM_ERROR.toString(fsVerityHashAlgorithm.getHashAlgorithm()), e); } return merkleTree; } @@ -117,8 +117,8 @@ public class FsVerityGenerator { byte[] digest = DigestUtils.computeDigest(fsVerityDescriptor, FS_VERITY_HASH_ALGORITHM.getHashAlgorithm()); fsVerityDigest = FsVerityDigest.getFsVerityDigest(FS_VERITY_HASH_ALGORITHM.getId(), digest); } catch (NoSuchAlgorithmException e) { - String msg = CodeSignErrMsg.DIGEST_ALGORITHM_ERROR.toString(FS_VERITY_HASH_ALGORITHM.getHashAlgorithm()); - throw new FsVerityDigestException(msg, e); + throw new FsVerityDigestException( + CodeSignErrMsg.DIGEST_ALGORITHM_ERROR.toString(FS_VERITY_HASH_ALGORITHM.getHashAlgorithm()), e); } if (pageInfoExtension != null && flags != 0) { PageInfoExtension.valid(pageInfoExtension, size); @@ -130,8 +130,8 @@ public class FsVerityGenerator { FS_VERITY_HASH_ALGORITHM.getHashAlgorithm()); fsVerityDigestV2 = FsVerityDigest.getFsVerityDigest(FS_VERITY_HASH_ALGORITHM.getId(), digest); } catch (NoSuchAlgorithmException e) { - String msg = CodeSignErrMsg.DIGEST_ALGORITHM_ERROR.toString(FS_VERITY_HASH_ALGORITHM.getHashAlgorithm()); - throw new FsVerityDigestException(msg, e); + throw new FsVerityDigestException( + CodeSignErrMsg.DIGEST_ALGORITHM_ERROR.toString(FS_VERITY_HASH_ALGORITHM.getHashAlgorithm()), e); } } treeBytes = merkleTree.tree; diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/HapUtils.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/HapUtils.java index 8dfb6148..f3053573 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/HapUtils.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/HapUtils.java @@ -28,18 +28,14 @@ import com.ohos.hapsigntool.entity.Pair; import com.ohos.hapsigntool.error.ProfileException; import com.ohos.hapsigntool.utils.LogUtils; -import java.io.File; import java.io.IOException; -import java.io.InputStream; import java.io.InputStreamReader; import java.nio.charset.StandardCharsets; import java.util.ArrayList; import java.util.Arrays; import java.util.HashMap; -import java.util.LinkedList; import java.util.List; import java.util.Map; -import java.util.Queue; import java.util.jar.JarEntry; import java.util.jar.JarFile; -- Gitee From 9f07eca8f8cf959eb4bebf183771993de43a9418 Mon Sep 17 00:00:00 2001 From: zfeixiang Date: Wed, 8 Jan 2025 14:56:58 +0800 Subject: [PATCH 08/28] error code for ide Signed-off-by: zfeixiang --- .../codesigning/exception/CodeSignErrMsg.java | 52 +++++++++++++++++++ .../sign/BcSignedDataGenerator.java | 4 +- .../codesigning/utils/CmsUtils.java | 9 ++-- 3 files changed, 60 insertions(+), 5 deletions(-) diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java index f133d67f..a08dd000 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java @@ -87,6 +87,28 @@ public class CodeSignErrMsg { .addSolution("Please check whether the certificate is correct") .build(); + /** + * CERTIFICATES_MATCHED_EMPTY_ERROR + */ + public static final ErrorMsg CERTIFICATES_MATCHED_EMPTY_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("11") + .addErrCode("002") + .addDescription("Certificates Error") + .addCause("No matched cert") + .addSolution("Please check whether the certificate is correct") + .build(); + + /** + * CERTIFICATES_MATCHED_MORE_ERROR + */ + public static final ErrorMsg CERTIFICATES_MATCHED_MORE_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("11") + .addErrCode("003") + .addDescription("Certificates Error") + .addCause("More than one matched certs, matched certs size: {%d}") + .addSolution("Please check whether the certificate is correct") + .build(); + /** * PROFILE_TYPE_UNSUPPORTED_ERROR */ @@ -291,6 +313,36 @@ public class CodeSignErrMsg { .addCause("Signature verify failed") .build(); + /** + * VERIFY_BC_SIGNATURE_FAILED_ERROR + */ + public static final ErrorMsg VERIFY_BC_SIGNATURE_FAILED_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("15") + .addErrCode("012") + .addDescription("Code Sign Error") + .addCause("Verify BC signatures failed: %s") + .build(); + + /** + * VERIFY_SIGNATURE_DATA_FAILED_ERROR + */ + public static final ErrorMsg VERIFY_SIGNATURE_DATA_FAILED_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("15") + .addErrCode("013") + .addDescription("Code Sign Error") + .addCause("Failed to verify signed data and unsigned data digest") + .build(); + + /** + * VERIFY_PKCS_DATA_FAILED_ERROR + */ + public static final ErrorMsg VERIFY_PKCS_DATA_FAILED_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("15") + .addErrCode("014") + .addDescription("Code Sign Error") + .addCause("PKCS cms data did not verify") + .build(); + /** * ELF_FILE_HEADER_ERROR */ diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java index b39aca36..453508f3 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java @@ -255,10 +255,10 @@ public class BcSignedDataGenerator implements SignedDataGenerator { try { result = CmsUtils.verifySignDataWithUnsignedDataDigest(unsignedDataDigest, signResult); } catch (CMSException e) { - throw new CodeSignException("failed to verify signed data and unsigned data digest", e); + throw new CodeSignException(CodeSignErrMsg.VERIFY_SIGNATURE_DATA_FAILED_ERROR.toString(), e); } if (!result) { - throw new CodeSignException("PKCS cms data did not verify"); + throw new CodeSignException(CodeSignErrMsg.VERIFY_PKCS_DATA_FAILED_ERROR.toString()); } } } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/CmsUtils.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/CmsUtils.java index df4b11a7..318b296e 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/CmsUtils.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/CmsUtils.java @@ -15,6 +15,8 @@ package com.ohos.hapsigntool.codesigning.utils; +import com.ohos.hapsigntool.codesigning.exception.CodeSignErrMsg; + import org.bouncycastle.cert.X509CertificateHolder; import org.bouncycastle.cms.CMSException; import org.bouncycastle.cms.CMSProcessableByteArray; @@ -48,11 +50,11 @@ public class CmsUtils { private static void isCollectionValid(Collection collection) throws OperatorCreationException { if (collection == null) { - throw new OperatorCreationException("No matched cert: " + collection); + throw new OperatorCreationException(CodeSignErrMsg.CERTIFICATES_MATCHED_EMPTY_ERROR.toString()); } if (collection.size() != 1) { throw new OperatorCreationException( - "More than one matched certs, matched certs size: " + collection.size()); + CodeSignErrMsg.CERTIFICATES_MATCHED_MORE_ERROR.toString(collection.size())); } } @@ -65,7 +67,8 @@ public class CmsUtils { try { return new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert); } catch (CertificateException e) { - throw new OperatorCreationException("Verify BC signatures failed: " + e.getMessage(), e); + throw new OperatorCreationException( + CodeSignErrMsg.VERIFY_BC_SIGNATURE_FAILED_ERROR.toString(e.getMessage()), e); } }); } -- Gitee From aa5730c5543b8cea28658c870b7ecc656e6b7a7d Mon Sep 17 00:00:00 2001 From: zfeixiang Date: Wed, 8 Jan 2025 15:15:13 +0800 Subject: [PATCH 09/28] error code for ide Signed-off-by: zfeixiang --- .../datastructure/PageInfoExtension.java | 15 ++--- .../codesigning/exception/CodeSignErrMsg.java | 59 +++++++++++++++++++ 2 files changed, 67 insertions(+), 7 deletions(-) diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/datastructure/PageInfoExtension.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/datastructure/PageInfoExtension.java index 2136bd98..b051a009 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/datastructure/PageInfoExtension.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/datastructure/PageInfoExtension.java @@ -15,6 +15,7 @@ package com.ohos.hapsigntool.codesigning.datastructure; +import com.ohos.hapsigntool.codesigning.exception.CodeSignErrMsg; import com.ohos.hapsigntool.codesigning.exception.PageInfoException; import com.ohos.hapsigntool.codesigning.exception.VerifyCodeSignException; import com.ohos.hapsigntool.codesigning.utils.NumberUtils; @@ -182,24 +183,24 @@ public class PageInfoExtension extends Extension { */ public static boolean valid(PageInfoExtension pgExtension, long dataSize) throws PageInfoException { if (!NumberUtils.isMultiple4K(pgExtension.getMapOffset())) { - throw new PageInfoException(String.format(Locale.ROOT, "Invalid bitmapOff(%d), not a multiple of 4096", - pgExtension.getMapOffset())); + throw new PageInfoException( + CodeSignErrMsg.BITMAP_OFF_4K_ALIGNMENT_ERROR.toString(pgExtension.getMapOffset())); } if (pgExtension.getUnitSize() != PageInfoExtension.DEFAULT_UNIT_SIZE) { - throw new PageInfoException("Invalid page info unitSize : " + pgExtension.getUnitSize()); + throw new PageInfoException(CodeSignErrMsg.PAGE_INFO_UNIT_SIZE_ERROR.toString(pgExtension.getUnitSize())); } if (pgExtension.getMapOffset() < 0 || pgExtension.getMapSize() < 0) { - throw new PageInfoException("Page info offset/size is negative number"); + throw new PageInfoException(CodeSignErrMsg.PAGE_INFO_NEGATIVE_NUMBER_ERROR.toString()); } if (pgExtension.getMapSize() % pgExtension.getUnitSize() != 0) { - throw new PageInfoException("Page info size is not multiple of unit"); + throw new PageInfoException(CodeSignErrMsg.PAGE_INFO_SIZE_AND_UNIT_ERROR.toString()); } if (pgExtension.getMapOffset() > dataSize - pgExtension.getMapSize() / Byte.SIZE) { - throw new PageInfoException("Page info is out of dataSize"); + throw new PageInfoException(CodeSignErrMsg.PAGE_INFO_OUT_DATA_ERROR.toString()); } if (pgExtension.getMapSize() / pgExtension.getUnitSize() >= dataSize / CodeSignBlock.PAGE_SIZE_4K) { - throw new PageInfoException("page info size is not consistent with data page "); + throw new PageInfoException(CodeSignErrMsg.BIT_MAP_PAGE_NOT_LESS_DATA_PAGE_ERROR.toString()); } return true; } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java index a08dd000..5e92ab57 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java @@ -387,4 +387,63 @@ public class CodeSignErrMsg { .addSolution("Failed to parse the elf file, please check whether the file header information is correct") .build(); + /** + * BITMAP_OFF_4K_ALIGNMENT_ERROR + */ + public static final ErrorMsg BITMAP_OFF_4K_ALIGNMENT_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("17") + .addErrCode("001") + .addDescription("Page Info Error") + .addCause("Invalid bitmap offset {%d}, not a multiple of 4096") + .build(); + + /** + * PAGE_INFO_UNIT_SIZE_ERROR + */ + public static final ErrorMsg PAGE_INFO_UNIT_SIZE_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("17") + .addErrCode("002") + .addDescription("Page Info Error") + .addCause("Invalid page info unitSize : {%d}") + .build(); + + /** + * PAGE_INFO_SIZE_AND_UNIT_ERROR + */ + public static final ErrorMsg PAGE_INFO_SIZE_AND_UNIT_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("17") + .addErrCode("003") + .addDescription("Page Info Error") + .addCause("Page info size is not multiple of unit") + .build(); + + /** + * PAGE_INFO_OFFSET_SIZE_ERROR + */ + public static final ErrorMsg PAGE_INFO_NEGATIVE_NUMBER_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("17") + .addErrCode("004") + .addDescription("Page Info Error") + .addCause("Page info offset/size is negative number") + .build(); + + /** + * PAGE_INFO_OUT_DATA_ERROR + */ + public static final ErrorMsg PAGE_INFO_OUT_DATA_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("17") + .addErrCode("005") + .addDescription("Page Info Error") + .addCause("Page info is out of dataSize") + .build(); + + /** + * BIT_MAP_PAGE_NOT_LESS_DATA_PAGE_ERROR + */ + public static final ErrorMsg BIT_MAP_PAGE_NOT_LESS_DATA_PAGE_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("17") + .addErrCode("006") + .addDescription("Page Info Error") + .addCause("page info size is not consistent with data page ") + .build(); } -- Gitee From 0d8516beafbac8ba7904b419ce3e1d205af6a925 Mon Sep 17 00:00:00 2001 From: zfeixiang Date: Wed, 8 Jan 2025 17:15:20 +0800 Subject: [PATCH 10/28] error code for ide Signed-off-by: zfeixiang --- .../hapsigntool/codesigning/exception/CodeSignErrMsg.java | 4 ++-- .../com/ohos/hapsigntool/codesigning/sign/CodeSigning.java | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java index 5e92ab57..f1812c43 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java @@ -200,7 +200,7 @@ public class CodeSignErrMsg { .addTypeCode("15") .addErrCode("001") .addDescription("Code Sign Error") - .addCause("The file size in bundle is 0") + .addCause("Input file size to hash is 0") .build(); /** @@ -210,7 +210,7 @@ public class CodeSignErrMsg { .addTypeCode("15") .addErrCode("002") .addDescription("Code Sign Error") - .addCause("The file size in bundle is over limit") + .addCause("Input file size to hash is over limit") .build(); /** diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java index b992d069..05d582a2 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java @@ -297,7 +297,7 @@ public class CodeSigning { } try (JarFile hnp = new JarFile(tempHnp, false)) { List elfEntries = getHnpLibEntries(hnp); - LOGGER.debug("{} elf num : {}", hnp.getName(), elfEntries.size()); + LOGGER.debug("{} elf num : {}", hnpEntry.getName(), elfEntries.size()); List> nativeLibInfoList = elfEntries.stream().parallel().map(entry -> { String hnpElfPath = hnpEntry.getName() + "!/" + entry.getName(); try (InputStream inputStream = hnp.getInputStream(entry)) { @@ -316,7 +316,7 @@ public class CodeSigning { } return nativeLibInfoList; } catch (IOException e) { - throw new IOException(CodeSignErrMsg.EXTRACT_HNP_FILE_ERROR.toString(hnpEntry.getName()), e); + throw new CodeSignException(CodeSignErrMsg.EXTRACT_HNP_FILE_ERROR.toString(hnpEntry.getName()), e); } finally { if (tempHnp.exists()) { if (tempHnp.delete()) { -- Gitee From 06b7b9a48ede703e48e125adfa1ac2e10751a80b Mon Sep 17 00:00:00 2001 From: wangzeyu Date: Thu, 9 Jan 2025 09:07:59 +0800 Subject: [PATCH 11/28] repair code check Signed-off-by: wangzeyu --- .../com/ohos/hapsigntool/HapSignTool.java | 1 - .../com/ohos/hapsigntoolcmd/CmdUnitTest.java | 22 +++++++++---------- .../hap/provider/LocalJKSSignProvider.java | 1 - .../hap/provider/RemoteSignProvider.java | 1 - .../hap/provider/SignProvider.java | 3 +-- .../hapsigntool/profile/model/Validity.java | 2 -- .../hapsigntool/utils/KeyStoreHelper.java | 5 +++-- 7 files changed, 15 insertions(+), 20 deletions(-) diff --git a/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntool/HapSignTool.java b/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntool/HapSignTool.java index d674e79d..fb0ed446 100644 --- a/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntool/HapSignTool.java +++ b/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntool/HapSignTool.java @@ -37,7 +37,6 @@ import com.ohos.hapsigntoolcmd.Params; import java.util.ArrayList; import java.util.List; -import java.util.Locale; /** * HapSignTool. diff --git a/hapsigntool/hap_sign_tool/src/test/java/com/ohos/hapsigntoolcmd/CmdUnitTest.java b/hapsigntool/hap_sign_tool/src/test/java/com/ohos/hapsigntoolcmd/CmdUnitTest.java index 26854416..64d917ea 100644 --- a/hapsigntool/hap_sign_tool/src/test/java/com/ohos/hapsigntoolcmd/CmdUnitTest.java +++ b/hapsigntool/hap_sign_tool/src/test/java/com/ohos/hapsigntoolcmd/CmdUnitTest.java @@ -422,7 +422,7 @@ public class CmdUnitTest { /** * Add log info. */ - private static final Logger logger = LoggerFactory.getLogger(CmdUnitTest.class); + private static final Logger LOGGER = LoggerFactory.getLogger(CmdUnitTest.class); /** * create test dir @@ -463,7 +463,7 @@ public class CmdUnitTest { assertFalse(FileUtils.isFileExist(CMD_KEY_APP_STORE_PATH)); assertFalse(FileUtils.isFileExist(CMD_KEY_PROFILE_STORE_PATH)); } catch (CustomException exception) { - logger.info(exception, () -> exception.getMessage()); + LOGGER.info(exception, () -> exception.getMessage()); } deleteFile(CMD_KEY_APP_STORE_PATH); @@ -504,7 +504,7 @@ public class CmdUnitTest { assertFalse(result); assertFalse(FileUtils.isFileExist(CMD_CSR_PATH)); } catch (CustomException exception) { - logger.info(exception, () -> exception.getMessage()); + LOGGER.info(exception, () -> exception.getMessage()); } deleteFile(CMD_CSR_PATH); @@ -535,7 +535,7 @@ public class CmdUnitTest { assertFalse(result); assertFalse(FileUtils.isFileExist(CMD_CERT_PATH)); } catch (CustomException exception) { - logger.info(exception, () -> exception.getMessage()); + LOGGER.info(exception, () -> exception.getMessage()); } deleteFile(CMD_CERT_PATH); @@ -584,7 +584,7 @@ public class CmdUnitTest { assertFalse(FileUtils.isFileExist(CMD_SUB_APP_CA_PATH)); assertFalse(FileUtils.isFileExist(CMD_SUB_PROFILE_CA_PATH)); } catch (CustomException exception) { - logger.info(exception, () -> exception.getMessage()); + LOGGER.info(exception, () -> exception.getMessage()); } deleteFile(CMD_ROOT_APP_CA_PATH); boolean result = generateAppRootCa(); @@ -620,7 +620,7 @@ public class CmdUnitTest { assertFalse(FileUtils.isFileExist(CMD_APP_DEBUG_CERT_PATH)); assertFalse(FileUtils.isFileExist(CMD_APP_RELEASE_CERT_PATH)); } catch (CustomException exception) { - logger.info(exception, () -> exception.getMessage()); + LOGGER.info(exception, () -> exception.getMessage()); } deleteFile(CMD_APP_DEBUG_CERT_PATH); boolean result = HapSignTool.processCmd(new String[]{ @@ -678,7 +678,7 @@ public class CmdUnitTest { assertFalse(FileUtils.isFileExist(CMD_PROFILE_DEBUG_CERT_PATH)); assertFalse(FileUtils.isFileExist(CMD_PROFILE_RELEASE_CERT_PATH)); } catch (CustomException exception) { - logger.info(exception, () -> exception.getMessage()); + LOGGER.info(exception, () -> exception.getMessage()); } deleteFile(CMD_PROFILE_DEBUG_CERT_PATH); boolean result = HapSignTool.processCmd(new String[]{ @@ -734,7 +734,7 @@ public class CmdUnitTest { assertFalse(result); assertFalse(FileUtils.isFileExist(CMD_SIGN_PROFILE_PATH)); } catch (CustomException exception) { - logger.info(exception, () -> exception.getMessage()); + LOGGER.info(exception, () -> exception.getMessage()); } deleteFile(CMD_SIGN_PROFILE_PATH); @@ -780,7 +780,7 @@ public class CmdUnitTest { boolean result = HapSignTool.processCmd(new String[]{CmdUtil.Method.VERIFY_PROFILE}); assertFalse(result); } catch (CustomException exception) { - logger.info(exception, () -> exception.getMessage()); + LOGGER.info(exception, () -> exception.getMessage()); } boolean result = HapSignTool.processCmd(new String[]{ @@ -800,7 +800,7 @@ public class CmdUnitTest { boolean result = HapSignTool.processCmd(new String[]{CmdUtil.Method.SIGN_APP}); assertFalse(result); } catch (CustomException exception) { - logger.info(exception, () -> exception.getMessage()); + LOGGER.info(exception, () -> exception.getMessage()); } } @@ -814,7 +814,7 @@ public class CmdUnitTest { boolean result = HapSignTool.processCmd(new String[]{CmdUtil.Method.VERIFY_APP}); assertFalse(result); } catch (CustomException exception) { - logger.info(exception, () -> exception.getMessage()); + LOGGER.info(exception, () -> exception.getMessage()); } } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/LocalJKSSignProvider.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/LocalJKSSignProvider.java index 9c937d37..b5d98f00 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/LocalJKSSignProvider.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/LocalJKSSignProvider.java @@ -17,7 +17,6 @@ package com.ohos.hapsigntool.hap.provider; import com.ohos.hapsigntool.entity.Options; import com.ohos.hapsigntool.error.InvalidParamsException; -import com.ohos.hapsigntool.error.MissingParamsException; import com.ohos.hapsigntool.error.SignToolErrMsg; import com.ohos.hapsigntool.utils.FileUtils; import com.ohos.hapsigntool.entity.ParamConstants; diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/RemoteSignProvider.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/RemoteSignProvider.java index a8de5768..aedd955b 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/RemoteSignProvider.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/RemoteSignProvider.java @@ -17,7 +17,6 @@ package com.ohos.hapsigntool.hap.provider; import com.ohos.hapsigntool.entity.Options; import com.ohos.hapsigntool.error.InvalidParamsException; -import com.ohos.hapsigntool.error.MissingParamsException; import java.security.cert.X509Certificate; diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/SignProvider.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/SignProvider.java index 4de44b16..afb4bdaa 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/SignProvider.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/SignProvider.java @@ -74,7 +74,6 @@ import java.nio.ByteOrder; import java.nio.charset.StandardCharsets; import java.nio.file.Files; import java.nio.file.StandardCopyOption; -import java.security.InvalidKeyException; import java.security.Security; import java.security.cert.CertificateException; import java.security.cert.X509CRL; @@ -361,7 +360,7 @@ public abstract class SignProvider { isRet = true; } } catch (FsVerityDigestException | HapFormatException | InvalidParamsException | ProfileException - | CustomException | CodeSignException | ElfFormatException e) { + | CustomException | CodeSignException | ElfFormatException e) { printErrorLogWithoutStack(e); } catch (IOException e) { LOGGER.error(SignToolErrMsg.FILE_IO_FAILED.toString(e.getMessage())); diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/model/Validity.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/model/Validity.java index 406192a1..bcca56fb 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/model/Validity.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/profile/model/Validity.java @@ -16,8 +16,6 @@ package com.ohos.hapsigntool.profile.model; import com.google.gson.annotations.SerializedName; -import com.ohos.hapsigntool.error.ERROR; -import com.ohos.hapsigntool.utils.ValidateUtils; /** * Sub dto of Provision. diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/KeyStoreHelper.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/KeyStoreHelper.java index c48d5a57..3d4f0571 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/KeyStoreHelper.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/KeyStoreHelper.java @@ -126,7 +126,7 @@ public class KeyStoreHelper { } catch (IOException | NoSuchAlgorithmException | CertificateException exception) { LOGGER.debug(exception.getMessage(), exception); CustomException.throwException(ERROR.ACCESS_ERROR, SignToolErrMsg.INIT_KEYSTORE_FAILED - .toString(exception.getMessage())); + .toString(exception.getMessage())); } finally { FileUtils.close(fis); } @@ -209,7 +209,8 @@ public class KeyStoreHelper { .toString(exception.getMessage())); } catch (UnrecoverableKeyException exception) { LOGGER.debug(exception.getMessage(), exception); - CustomException.throwException(ERROR.ACCESS_ERROR, SignToolErrMsg.KEY_PASSWORD_ERROR.toString(alias, exception)); + CustomException.throwException(ERROR.ACCESS_ERROR, SignToolErrMsg.KEY_PASSWORD_ERROR + .toString(alias, exception)); } return null; } -- Gitee From 73bed4d073b4b2efa685c805a360091eca404ed3 Mon Sep 17 00:00:00 2001 From: wangzeyu Date: Thu, 9 Jan 2025 10:15:31 +0800 Subject: [PATCH 12/28] repair code check Signed-off-by: wangzeyu --- .../src/main/java/com/ohos/hapsigntool/entity/Options.java | 4 ++-- .../java/com/ohos/hapsigntool/hap/provider/SignProvider.java | 2 -- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/entity/Options.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/entity/Options.java index 7ba46cdd..8040a239 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/entity/Options.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/entity/Options.java @@ -248,7 +248,7 @@ public class Options extends HashMap { /** * Logger. */ - private static final LogUtils logger = new LogUtils(Options.class); + private static final LogUtils LOGGER = new LogUtils(Options.class); /** @@ -357,7 +357,7 @@ public class Options extends HashMap { try { return Integer.parseInt((String) value); } catch (NumberFormatException exception) { - logger.debug(exception.getMessage(), exception); + LOGGER.debug(exception.getMessage(), exception); } } return defValue; diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/SignProvider.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/SignProvider.java index afb4bdaa..8c779e76 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/SignProvider.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/hap/provider/SignProvider.java @@ -32,7 +32,6 @@ import com.ohos.hapsigntool.hap.config.SignerConfig; import com.ohos.hapsigntool.hap.entity.SigningBlock; import com.ohos.hapsigntool.error.HapFormatException; import com.ohos.hapsigntool.error.InvalidParamsException; -import com.ohos.hapsigntool.error.MissingParamsException; import com.ohos.hapsigntool.error.ProfileException; import com.ohos.hapsigntool.error.SignatureException; import com.ohos.hapsigntool.error.VerifyCertificateChainException; @@ -430,7 +429,6 @@ public abstract class SignProvider { * * @param options parameters used to sign hap file * @return list of type x509certificate - * @throws MissingParamsException Exception occurs when the required parameters are not entered. * @throws InvalidParamsException Exception occurs when the required parameters are invalid. * @throws ProfileException Exception occurs when profile is invalid. */ -- Gitee From be574339e02075fe3ccac65e9b52e9f28e1e7ea5 Mon Sep 17 00:00:00 2001 From: wangzeyu Date: Thu, 9 Jan 2025 10:26:00 +0800 Subject: [PATCH 13/28] change err msg Signed-off-by: wangzeyu --- .../src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java index 48ccb323..f7202cf7 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java @@ -82,7 +82,9 @@ public class ErrorMsg { @Override public String toString() { final StringBuilder sb = new StringBuilder(); - sb.append(code) + sb.append(System.lineSeparator()) + .append("ERROR: ") + .append(code) .append(" ") .append(description) .append(System.lineSeparator()) -- Gitee From 2acacd08b290148e5a14313734f1686ac07c7e30 Mon Sep 17 00:00:00 2001 From: zfeixiang Date: Thu, 9 Jan 2025 10:52:35 +0800 Subject: [PATCH 14/28] error code for ide Signed-off-by: zfeixiang --- .../codesigning/exception/CodeSignErrMsg.java | 10 +++++++--- .../main/java/com/ohos/hapsigntool/utils/LogUtils.java | 2 +- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java index f1812c43..703b5a3e 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java @@ -52,7 +52,7 @@ public class CodeSignErrMsg { .addErrCode("003") .addDescription("File Read Error") .addCause("Hnp {%s} is not described in module.json") - .addSolution("Hnp should be described in module.json") + .addSolution("Hnp file should be described in module.json") .build(); /** @@ -117,7 +117,7 @@ public class CodeSignErrMsg { .addErrCode("001") .addDescription("Profile Content Error") .addCause("Unsupported profile type") - .addSolution("Profile type should be debug or release") + .addSolution("Value of 'type' in profile should be debug or release") .build(); /** @@ -128,6 +128,7 @@ public class CodeSignErrMsg { .addErrCode("002") .addDescription("Profile Content Error") .addCause("Key named 'type' does not exist in profile") + .addSolution("Add 'type' to the profile") .build(); /** @@ -138,6 +139,7 @@ public class CodeSignErrMsg { .addErrCode("003") .addDescription("Profile Content Error") .addCause("Key named 'bundle-info' does not exist in profile") + .addSolution("Add 'bundle-info' to the profile") .build(); /** @@ -159,6 +161,7 @@ public class CodeSignErrMsg { .addErrCode("005") .addDescription("Profile Content Error") .addCause("Value length of app-identifier is invalid") + .addSolution("Modify to a valid app-identifier") .build(); /** @@ -308,9 +311,10 @@ public class CodeSignErrMsg { */ public static final ErrorMsg SIGNATURE_VERIFY_FAILED_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("15") - .addErrCode("011") + .addErrCode("012") .addDescription("Code Sign Error") .addCause("Signature verify failed") + .addSolution("Please check whether the keyAlias is correct") .build(); /** diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/LogUtils.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/LogUtils.java index 825038ad..f02b06cb 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/LogUtils.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/utils/LogUtils.java @@ -191,7 +191,7 @@ public class LogUtils { * @param arg2 arg */ public void debug(String log, Object arg1, Object arg2) { - logger.warning(" WARN - " + replaceArgs(log, arg1, arg2)); + logger.config(" DEBUG - " + replaceArgs(log, arg1, arg2)); OUT_HANDLER.flush(); } -- Gitee From 0dc0d184931b9e49e39e7fa336ac0e69cb878ce1 Mon Sep 17 00:00:00 2001 From: wangzeyu Date: Thu, 9 Jan 2025 10:55:39 +0800 Subject: [PATCH 15/28] change err msg Signed-off-by: wangzeyu --- .../src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java index f7202cf7..3995421a 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java @@ -97,7 +97,7 @@ public class ErrorMsg { } if (solutions != null && !solutions.isEmpty()) { - sb.append("* Try the following: ").append(System.lineSeparator()); + sb.append(System.lineSeparator()).append("* Try the following: ").append(System.lineSeparator()); for (String s : solutions) { sb.append(" > ").append(s).append(System.lineSeparator()); } -- Gitee From 5e50b6241a8e5fde0fa57c82e84b8b55b94a1370 Mon Sep 17 00:00:00 2001 From: zfeixiang Date: Thu, 9 Jan 2025 10:59:11 +0800 Subject: [PATCH 16/28] error code for ide Signed-off-by: zfeixiang --- .../hapsigntool/codesigning/exception/CodeSignErrMsg.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java index 703b5a3e..7bb5cc9e 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java @@ -322,7 +322,7 @@ public class CodeSignErrMsg { */ public static final ErrorMsg VERIFY_BC_SIGNATURE_FAILED_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("15") - .addErrCode("012") + .addErrCode("013") .addDescription("Code Sign Error") .addCause("Verify BC signatures failed: %s") .build(); @@ -332,7 +332,7 @@ public class CodeSignErrMsg { */ public static final ErrorMsg VERIFY_SIGNATURE_DATA_FAILED_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("15") - .addErrCode("013") + .addErrCode("014") .addDescription("Code Sign Error") .addCause("Failed to verify signed data and unsigned data digest") .build(); @@ -342,7 +342,7 @@ public class CodeSignErrMsg { */ public static final ErrorMsg VERIFY_PKCS_DATA_FAILED_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("15") - .addErrCode("014") + .addErrCode("015") .addDescription("Code Sign Error") .addCause("PKCS cms data did not verify") .build(); -- Gitee From 35667800f0014bae1a9ece094c9113f04bc6425a Mon Sep 17 00:00:00 2001 From: wangzeyu Date: Thu, 9 Jan 2025 16:14:48 +0800 Subject: [PATCH 17/28] change err msg Signed-off-by: wangzeyu --- .../java/com/ohos/hapsigntool/HapSignTool.java | 10 +++++----- .../java/com/ohos/hapsigntoolcmd/CmdUtil.java | 15 ++++++++------- .../java/com/ohos/hapsigntool/error/ErrorMsg.java | 9 +++++++-- .../ohos/hapsigntool/error/SignToolErrMsg.java | 12 ++++++------ 4 files changed, 26 insertions(+), 20 deletions(-) diff --git a/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntool/HapSignTool.java b/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntool/HapSignTool.java index fb0ed446..cb6f6ca0 100644 --- a/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntool/HapSignTool.java +++ b/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntool/HapSignTool.java @@ -286,7 +286,7 @@ public final class HapSignTool { && !REMOTE_SIGN.equalsIgnoreCase(mode) && !"remoteResign".equalsIgnoreCase(mode)) { CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.PARAM_CHECK_FAILED - .toString(Options.MODE, "value must is localSign/remoteSign/remoteResign")); + .toString(Options.MODE, "value must be localSign/remoteSign/remoteResign")); } if (LOCAL_SIGN.equalsIgnoreCase(mode)) { @@ -297,7 +297,7 @@ public final class HapSignTool { String inForm = params.getString(Options.IN_FORM, "zip"); if (!StringUtils.isEmpty(inForm) && !containsIgnoreCase(inForm)) { CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.PARAM_CHECK_FAILED - .toString(Options.IN_FORM, "value must is " + informList)); + .toString(Options.IN_FORM, "value must be " + informList)); } String signAlg = params.getString(Options.SIGN_ALG); CmdUtil.judgeEndSignAlgType(signAlg); @@ -315,7 +315,7 @@ public final class HapSignTool { } if (!SIGNED.equals(profileSigned) && !NOT_SIGNED.equals(profileSigned)) { CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.PARAM_CHECK_FAILED - .toString(Options.PROFILE_SIGNED, "value must is 1/0")); + .toString(Options.PROFILE_SIGNED, "value must be 1/0")); } if (SIGNED.equals(profileSigned)) { FileUtils.validFileType(profileFile, "p7b"); @@ -329,7 +329,7 @@ public final class HapSignTool { String mode = params.getString(Options.MODE); if (!LOCAL_SIGN.equalsIgnoreCase(mode) && !REMOTE_SIGN.equalsIgnoreCase(mode)) { CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.PARAM_CHECK_FAILED - .toString(Options.MODE, "value must is localSign/remoteSign/remoteResign")); + .toString(Options.MODE, "value must be localSign/remoteSign/remoteResign")); } if (LOCAL_SIGN.equalsIgnoreCase(mode)) { params.required(Options.KEY_STORE_FILE, Options.KEY_ALIAS, Options.PROFILE_CERT_FILE); @@ -350,7 +350,7 @@ public final class HapSignTool { String inForm = params.getString(Options.IN_FORM, "zip"); if (!containsIgnoreCase(inForm)) { CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.PARAM_CHECK_FAILED - .toString(Options.IN_FORM, "value must is " + informList)); + .toString(Options.IN_FORM, "value must be " + informList)); } FileUtils.validFileType(params.getString(Options.OUT_CERT_CHAIN), "cer"); FileUtils.validFileType(params.getString(Options.OUT_PROFILE), "p7b"); diff --git a/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntoolcmd/CmdUtil.java b/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntoolcmd/CmdUtil.java index 11cb3a93..1b0041c3 100644 --- a/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntoolcmd/CmdUtil.java +++ b/hapsigntool/hap_sign_tool/src/main/java/com/ohos/hapsigntoolcmd/CmdUtil.java @@ -67,7 +67,8 @@ public final class CmdUtil { for (int i = 1; i < args.length; i++) { String value = args[i]; if (StringUtils.isEmpty(value)) { - CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.PARAM_VALUE_EMPTY.toString(value)); + CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.PARAM_VALUE_EMPTY + .toString("first param")); } if (readKey) { // prepare key @@ -75,12 +76,12 @@ public final class CmdUtil { value = value.equals("-signcode") ? "-signCode" : value; boolean isTrust = trustList.contains(value); ValidateUtils.throwIfNotMatches(isTrust, - ERROR.COMMAND_PARAM_ERROR, SignToolErrMsg.PARAM_NOT_TRUSTED.toString(value)); + ERROR.COMMAND_PARAM_ERROR, SignToolErrMsg.PARAM_NOT_TRUSTED.toString()); keyStandBy = value.substring(1); readKey = false; } else { CustomException.throwException(ERROR.COMMAND_PARAM_ERROR, SignToolErrMsg - .PARAM_NOT_IN_PAIRS.toString(value)); + .PARAM_NOT_IN_PAIRS.toString()); } } else { // prepare value @@ -123,7 +124,7 @@ public final class CmdUtil { public static void judgeAlgType(String alg) { if (!"RSA".equalsIgnoreCase(alg) && !"ECC".equalsIgnoreCase(alg)) { CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.PARAM_CHECK_FAILED - .toString("keyAlg", "key algorithms include ECC/RSA")); + .toString("keyAlg", "Key algorithm only allowed to be ECC or RSA.")); } } @@ -138,18 +139,18 @@ public final class CmdUtil { List arrayList = Arrays.asList(array); if (!arrayList.contains(size)) { CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.PARAM_CHECK_FAILED - .toString("KeySize", "Key size include " + arrayList)); + .toString("KeySize", "Key size include in set of " + arrayList)); } if ("RSA".equalsIgnoreCase(alg)) { if (!"2048".equals(size) && !"3072".equals(size) && !"4096".equals(size)) { CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.PARAM_CHECK_FAILED - .toString("KeySize", "Key size include " + arrayList)); + .toString("KeySize", "Key size of RSA include in set of {2048, 3072, 4096}")); } } else { if (!"NIST-P-256".equalsIgnoreCase(size) && !"NIST-P-384".equalsIgnoreCase(size)) { CustomException.throwException(ERROR.COMMAND_ERROR, SignToolErrMsg.PARAM_CHECK_FAILED - .toString("KeySize", "Key size include " + arrayList)); + .toString("KeySize", "Key size include in set of " + arrayList)); } } } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java index 3995421a..97411aa3 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java @@ -30,6 +30,11 @@ import java.util.Locale; */ public class ErrorMsg { private static final Logger log = LogManager.getLogger(ErrorMsg.class); + + private static final String CODE_SIGN_ERR_CODE = "111"; + + private static final String SIGN_TOOL_ERR_CODE = "110"; + private final String code; private final String description; @@ -67,7 +72,7 @@ public class ErrorMsg { * @return Builder */ public static Builder getCodeSignErrBuilder() { - return new Builder("111"); + return new Builder(CODE_SIGN_ERR_CODE); } /** @@ -76,7 +81,7 @@ public class ErrorMsg { * @return Builder */ public static Builder getSignToolErrBuilder() { - return new Builder("110"); + return new Builder(SIGN_TOOL_ERR_CODE); } @Override diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/SignToolErrMsg.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/SignToolErrMsg.java index 68d4e229..e40f7334 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/SignToolErrMsg.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/SignToolErrMsg.java @@ -41,7 +41,7 @@ public class SignToolErrMsg { .addErrCode("001") .addDescription("Unsupported command method") .addCause("Can not find method {%s}") - .addSolution("Please check input the first param") + .addSolution("Please run java -jar hap-sign-tool.jar -h to see more help message.") .build(); /** @@ -61,7 +61,7 @@ public class SignToolErrMsg { .addTypeCode("11") .addErrCode("003") .addDescription("Check param num failed") - .addCause("Please input at least two params") + .addCause("Please run java -jar hap-sign-tool.jar -h to see more help message.") .build(); /** @@ -70,7 +70,7 @@ public class SignToolErrMsg { public static final ErrorMsg PARAM_VALUE_EMPTY = ErrorMsg.getSignToolErrBuilder() .addTypeCode("11") .addErrCode("004") - .addDescription("Check param num failed") + .addDescription("Check param failed") .addCause("Param {%s} value could not be empty") .build(); @@ -81,7 +81,7 @@ public class SignToolErrMsg { .addTypeCode("11") .addErrCode("005") .addDescription("Param is not trusted") - .addCause("Param {%s} value is not trusted") + .addCause("Please run java -jar hap-sign-tool.jar -h to see more help message.") .build(); /** @@ -91,7 +91,7 @@ public class SignToolErrMsg { .addTypeCode("11") .addErrCode("006") .addDescription("Param {-key value} must in pairs") - .addCause("Check param {%s} failed") + .addCause("Please run java -jar hap-sign-tool.jar -h to see more help message.") .build(); /** @@ -206,7 +206,7 @@ public class SignToolErrMsg { .addErrCode("002") .addDescription("Certificate format is in correct, please check your appCertFile parameter.") .addCause("%s") - .addSolution("{-appCertFile} should input a file ending in .cer") + .addSolution("{-appCertFile} should input a cert chain file,This file is usually suffixed with .cer.") .build(); /** -- Gitee From 41302d4621defed38fd155399cc92e31ee0f9bc7 Mon Sep 17 00:00:00 2001 From: wangzeyu Date: Thu, 9 Jan 2025 18:01:54 +0800 Subject: [PATCH 18/28] change err msg Signed-off-by: wangzeyu --- .../java/com/ohos/hapsigntool/error/ErrorMsg.java | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java index 97411aa3..a48be42d 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java @@ -22,6 +22,7 @@ import org.apache.logging.log4j.Logger; import java.util.ArrayList; import java.util.List; import java.util.Locale; +import java.util.MissingFormatArgumentException; /** * ErrorMsg @@ -110,10 +111,16 @@ public class ErrorMsg { return sb.toString(); } + /** + * to String + * + * @param args args + * @return String + */ public String toString(Object... args) { try { return String.format(Locale.ROOT, this.toString(), args); - } catch (RuntimeException e) { + } catch (MissingFormatArgumentException e) { log.error("args format failed: " + args); return this.toString(); } @@ -125,6 +132,11 @@ public class ErrorMsg { private String en; } + /** + * Builder + * + * @since 2025/01/06 + */ public static class Builder { private String sysCode; -- Gitee From 92df73296faedaf4e560e1e159345da08e697fd3 Mon Sep 17 00:00:00 2001 From: wangzeyu Date: Thu, 9 Jan 2025 19:34:43 +0800 Subject: [PATCH 19/28] change code name Signed-off-by: wangzeyu --- .../main/java/com/ohos/hapsigntool/error/ErrorMsg.java | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java index a48be42d..b75bd5ec 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/error/ErrorMsg.java @@ -32,9 +32,9 @@ import java.util.MissingFormatArgumentException; public class ErrorMsg { private static final Logger log = LogManager.getLogger(ErrorMsg.class); - private static final String CODE_SIGN_ERR_CODE = "111"; + private static final String CODE_SIGN_SUB_SYSTEM_CODE = "111"; - private static final String SIGN_TOOL_ERR_CODE = "110"; + private static final String SIGN_TOOL_SUB_SYSTEM_CODE = "110"; private final String code; @@ -73,7 +73,7 @@ public class ErrorMsg { * @return Builder */ public static Builder getCodeSignErrBuilder() { - return new Builder(CODE_SIGN_ERR_CODE); + return new Builder(CODE_SIGN_SUB_SYSTEM_CODE); } /** @@ -82,7 +82,7 @@ public class ErrorMsg { * @return Builder */ public static Builder getSignToolErrBuilder() { - return new Builder(SIGN_TOOL_ERR_CODE); + return new Builder(SIGN_TOOL_SUB_SYSTEM_CODE); } @Override -- Gitee From f18c9d0e7f4c80c1c654ab7c98f578a8e8f4ab55 Mon Sep 17 00:00:00 2001 From: zfeixiang Date: Fri, 10 Jan 2025 11:10:35 +0800 Subject: [PATCH 20/28] error code for ide Signed-off-by: zfeixiang --- .../codesigning/exception/CodeSignErrMsg.java | 10 +++++++--- .../codesigning/fsverity/FsVerityDescriptor.java | 6 +++--- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java index 7bb5cc9e..cbc82d0f 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java @@ -204,6 +204,7 @@ public class CodeSignErrMsg { .addErrCode("001") .addDescription("Code Sign Error") .addCause("Input file size to hash is 0") + .addSolution("File size should be greater than 0") .build(); /** @@ -214,12 +215,13 @@ public class CodeSignErrMsg { .addErrCode("002") .addDescription("Code Sign Error") .addCause("Input file size to hash is over limit") + .addSolution("File size should be less than 4GB") .build(); /** - * SALT_SIZE_LENGTH_ERROR + * SALT_LENGTH_ERROR */ - public static final ErrorMsg SALT_SIZE_LENGTH_ERROR = ErrorMsg.getCodeSignErrBuilder() + public static final ErrorMsg SALT_LENGTH_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("15") .addErrCode("003") .addDescription("Code Sign Error") @@ -234,6 +236,7 @@ public class CodeSignErrMsg { .addErrCode("004") .addDescription("Code Sign Error") .addCause("Sign libs error") + .addSolution("Please check the lib file") .build(); /** @@ -244,6 +247,7 @@ public class CodeSignErrMsg { .addErrCode("005") .addDescription("Code Sign Error") .addCause("Sign hnp error") + .addSolution("Please check the hnp file") .build(); /** @@ -428,7 +432,7 @@ public class CodeSignErrMsg { .addTypeCode("17") .addErrCode("004") .addDescription("Page Info Error") - .addCause("Page info offset/size is negative number") + .addCause("Page info offset or size is negative number") .build(); /** diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityDescriptor.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityDescriptor.java index f2b91024..336d3f92 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityDescriptor.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityDescriptor.java @@ -196,7 +196,7 @@ public class FsVerityDescriptor { buffer.put(hashAlgorithm); buffer.put(log2BlockSize); if (this.saltSize > SALT_SIZE) { - throw new FsVerityDigestException(CodeSignErrMsg.SALT_SIZE_LENGTH_ERROR.toString()); + throw new FsVerityDigestException(CodeSignErrMsg.SALT_LENGTH_ERROR.toString()); } buffer.put(this.saltSize); buffer.putInt(signSize); @@ -224,7 +224,7 @@ public class FsVerityDescriptor { buffer.put(hashAlgorithm); buffer.put(log2BlockSize); if (this.saltSize > SALT_SIZE) { - throw new FsVerityDigestException(CodeSignErrMsg.SALT_SIZE_LENGTH_ERROR.toString()); + throw new FsVerityDigestException(CodeSignErrMsg.SALT_LENGTH_ERROR.toString()); } buffer.put(this.saltSize); buffer.putInt(0); @@ -252,7 +252,7 @@ public class FsVerityDescriptor { buffer.put(hashAlgorithm); buffer.put(log2BlockSize); if (this.saltSize > SALT_SIZE) { - throw new FsVerityDigestException(CodeSignErrMsg.SALT_SIZE_LENGTH_ERROR.toString()); + throw new FsVerityDigestException(CodeSignErrMsg.SALT_LENGTH_ERROR.toString()); } buffer.put(this.saltSize); buffer.putInt(0); -- Gitee From 04d225a0eb31eed2ec50c95c4b99887ebc2a2390 Mon Sep 17 00:00:00 2001 From: zfeixiang Date: Sat, 11 Jan 2025 11:34:20 +0800 Subject: [PATCH 21/28] error code for ide Signed-off-by: zfeixiang --- .../datastructure/PageInfoExtension.java | 18 +- .../codesigning/elf/ElfHeader.java | 6 +- .../codesigning/elf/ElfProgramHeader.java | 6 +- .../codesigning/exception/CodeSignErrMsg.java | 300 ++---------------- .../fsverity/FsVerityDescriptor.java | 6 +- .../fsverity/MerkleTreeBuilder.java | 4 +- .../sign/BcSignedDataGenerator.java | 25 +- .../codesigning/sign/CodeSigning.java | 12 +- .../codesigning/utils/CmsUtils.java | 10 +- 9 files changed, 81 insertions(+), 306 deletions(-) diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/datastructure/PageInfoExtension.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/datastructure/PageInfoExtension.java index b051a009..b73642e3 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/datastructure/PageInfoExtension.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/datastructure/PageInfoExtension.java @@ -183,24 +183,28 @@ public class PageInfoExtension extends Extension { */ public static boolean valid(PageInfoExtension pgExtension, long dataSize) throws PageInfoException { if (!NumberUtils.isMultiple4K(pgExtension.getMapOffset())) { - throw new PageInfoException( - CodeSignErrMsg.BITMAP_OFF_4K_ALIGNMENT_ERROR.toString(pgExtension.getMapOffset())); + throw new PageInfoException(CodeSignErrMsg.PAGE_INFO_ERROR.toString( + "Invalid bitmapOff { " + pgExtension.getMapOffset() + " }, not a multiple of 4096")); } if (pgExtension.getUnitSize() != PageInfoExtension.DEFAULT_UNIT_SIZE) { - throw new PageInfoException(CodeSignErrMsg.PAGE_INFO_UNIT_SIZE_ERROR.toString(pgExtension.getUnitSize())); + throw new PageInfoException( + CodeSignErrMsg.PAGE_INFO_ERROR.toString("Invalid page info unitSize : " + pgExtension.getUnitSize())); } if (pgExtension.getMapOffset() < 0 || pgExtension.getMapSize() < 0) { - throw new PageInfoException(CodeSignErrMsg.PAGE_INFO_NEGATIVE_NUMBER_ERROR.toString()); + throw new PageInfoException( + CodeSignErrMsg.PAGE_INFO_ERROR.toString("Page info offset or size is negative number")); } if (pgExtension.getMapSize() % pgExtension.getUnitSize() != 0) { - throw new PageInfoException(CodeSignErrMsg.PAGE_INFO_SIZE_AND_UNIT_ERROR.toString()); + throw new PageInfoException( + CodeSignErrMsg.PAGE_INFO_ERROR.toString("Page info size is not multiple of unit")); } if (pgExtension.getMapOffset() > dataSize - pgExtension.getMapSize() / Byte.SIZE) { - throw new PageInfoException(CodeSignErrMsg.PAGE_INFO_OUT_DATA_ERROR.toString()); + throw new PageInfoException(CodeSignErrMsg.PAGE_INFO_ERROR.toString("Page info is out of dataSize")); } if (pgExtension.getMapSize() / pgExtension.getUnitSize() >= dataSize / CodeSignBlock.PAGE_SIZE_4K) { - throw new PageInfoException(CodeSignErrMsg.BIT_MAP_PAGE_NOT_LESS_DATA_PAGE_ERROR.toString()); + throw new PageInfoException( + CodeSignErrMsg.PAGE_INFO_ERROR.toString("Page info size is not consistent with data page ")); } return true; } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/elf/ElfHeader.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/elf/ElfHeader.java index 0b3efeef..bc538579 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/elf/ElfHeader.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/elf/ElfHeader.java @@ -139,7 +139,7 @@ public class ElfHeader { } else if (eiClass == ElfDefine.ELF_64_CLASS) { len = ElfDefine.ELF_HEADER_64_LEN - ElfDefine.EI_NIDENT_LEN; } else { - throw new ElfFormatException(CodeSignErrMsg.ELF_EI_CLASS_ERROR.toString()); + throw new ElfFormatException(CodeSignErrMsg.ELF_FILE_HEADER_ERROR.toString("ei_class")); } ByteOrder bo; if (eiData == ElfDefine.ELF_DATA_2_LSB) { @@ -147,12 +147,12 @@ public class ElfHeader { } else if (eiData == ElfDefine.ELF_DATA_2_MSB) { bo = ByteOrder.BIG_ENDIAN; } else { - throw new ElfFormatException(CodeSignErrMsg.ELF_EI_DATA_ERROR.toString()); + throw new ElfFormatException(CodeSignErrMsg.ELF_FILE_HEADER_ERROR.toString("ei_data")); } byte[] bytes = new byte[len]; read = is.read(bytes); if (read != len) { - throw new ElfFormatException(CodeSignErrMsg.ELF_FILE_HEADER_ERROR.toString()); + throw new ElfFormatException(CodeSignErrMsg.ELF_FILE_HEADER_ERROR.toString("header")); } ByteBuffer byteBuffer = ByteBuffer.wrap(bytes); byteBuffer.order(bo); diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/elf/ElfProgramHeader.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/elf/ElfProgramHeader.java index f4cd5092..c59a1d42 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/elf/ElfProgramHeader.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/elf/ElfProgramHeader.java @@ -86,13 +86,13 @@ public class ElfProgramHeader { } else if (eiData == ElfDefine.ELF_DATA_2_MSB) { bo = ByteOrder.BIG_ENDIAN; } else { - throw new ElfFormatException(CodeSignErrMsg.ELF_EI_DATA_ERROR.toString()); + throw new ElfFormatException(CodeSignErrMsg.ELF_FILE_HEADER_ERROR.toString("ei_data")); } if (eiClass == ElfDefine.ELF_32_CLASS) { byte[] bytes = new byte[ElfDefine.ELF_PHEADER_32_LEN]; int read = is.read(bytes); if (read != ElfDefine.ELF_PHEADER_32_LEN) { - throw new ElfFormatException(CodeSignErrMsg.ELF_PROGRAM_HEADER_ERROR.toString()); + throw new ElfFormatException(CodeSignErrMsg.ELF_FILE_HEADER_ERROR.toString("program header")); } ByteBuffer byteBuffer = ByteBuffer.wrap(bytes); byteBuffer.order(bo); @@ -108,7 +108,7 @@ public class ElfProgramHeader { byte[] bytes = new byte[ElfDefine.ELF_PHEADER_64_LEN]; int read = is.read(bytes); if (read != ElfDefine.ELF_PHEADER_64_LEN) { - throw new ElfFormatException(CodeSignErrMsg.ELF_PROGRAM_HEADER_ERROR.toString()); + throw new ElfFormatException(CodeSignErrMsg.ELF_FILE_HEADER_ERROR.toString("program header")); } ByteBuffer byteBuffer = ByteBuffer.wrap(bytes); byteBuffer.order(bo); diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java index cbc82d0f..e4a60374 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java @@ -29,7 +29,7 @@ public class CodeSignErrMsg { public static final ErrorMsg FILE_FORMAT_UNSUPPORTED_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("10") .addErrCode("001") - .addDescription("File Read Error") + .addDescription("File Format Error") .addCause("Code sign does not support the file format") .addSolution("Code sign supports {%s} format") .build(); @@ -40,28 +40,17 @@ public class CodeSignErrMsg { public static final ErrorMsg FILE_4K_ALIGNMENT_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("10") .addErrCode("002") - .addDescription("File Read Error") + .addDescription("File Alignment Error") .addCause("Invalid data size {%d}, not a multiple of 4096") .build(); - /** - * HNP_FILE_DESCRIPTION_ERROR - */ - public static final ErrorMsg HNP_FILE_DESCRIPTION_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("10") - .addErrCode("003") - .addDescription("File Read Error") - .addCause("Hnp {%s} is not described in module.json") - .addSolution("Hnp file should be described in module.json") - .build(); - /** * EXTRACT_HNP_FILE_ERROR */ public static final ErrorMsg EXTRACT_HNP_FILE_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("10") - .addErrCode("004") - .addDescription("File Read Error") + .addErrCode("003") + .addDescription("Extract File Error") .addCause("Extract hnp file {%s} error") .addSolution("Check whether the hnp file is packaged correctly") .build(); @@ -71,41 +60,19 @@ public class CodeSignErrMsg { */ public static final ErrorMsg READ_INPUT_STREAM_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("10") - .addErrCode("005") - .addDescription("File Read Error") + .addErrCode("004") + .addDescription("Input Stream Read Error") .addCause("Read buffer from input error") .build(); /** - * CERTIFICATES_CONFIGURE_EMPTY_ERROR + * CERTIFICATES_CONFIGURE_ERROR */ - public static final ErrorMsg CERTIFICATES_CONFIGURE_EMPTY_ERROR = ErrorMsg.getCodeSignErrBuilder() + public static final ErrorMsg CERTIFICATES_CONFIGURE_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("11") .addErrCode("001") .addDescription("Certificates Error") - .addCause("No certificates configured for sign") - .addSolution("Please check whether the certificate is correct") - .build(); - - /** - * CERTIFICATES_MATCHED_EMPTY_ERROR - */ - public static final ErrorMsg CERTIFICATES_MATCHED_EMPTY_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("11") - .addErrCode("002") - .addDescription("Certificates Error") - .addCause("No matched cert") - .addSolution("Please check whether the certificate is correct") - .build(); - - /** - * CERTIFICATES_MATCHED_MORE_ERROR - */ - public static final ErrorMsg CERTIFICATES_MATCHED_MORE_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("11") - .addErrCode("003") - .addDescription("Certificates Error") - .addCause("More than one matched certs, matched certs size: {%d}") + .addCause("%s") .addSolution("Please check whether the certificate is correct") .build(); @@ -186,6 +153,17 @@ public class CodeSignErrMsg { .addSolution("Please check whether the module json is correct") .build(); + /** + * HNP_FILE_DESCRIPTION_ERROR + */ + public static final ErrorMsg HNP_FILE_DESCRIPTION_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("13") + .addErrCode("002") + .addDescription("Module Content Error") + .addCause("Hnp {%s} is not described in module.json") + .addSolution("Hnp file should be described in module.json") + .build(); + /** * DIGEST_ALGORITHM_ERROR */ @@ -194,120 +172,17 @@ public class CodeSignErrMsg { .addErrCode("001") .addDescription("Digest Algorithm Error") .addCause("Invalid algorithm {%s}") + .addSolution("Perhaps the JDK you are using does not support it") .build(); /** - * SIGN_SIZE_ZERO_ERROR + * CODE_SIGN_INTERNAL_ERROR */ - public static final ErrorMsg SIGN_SIZE_ZERO_ERROR = ErrorMsg.getCodeSignErrBuilder() + public static final ErrorMsg CODE_SIGN_INTERNAL_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("15") .addErrCode("001") - .addDescription("Code Sign Error") - .addCause("Input file size to hash is 0") - .addSolution("File size should be greater than 0") - .build(); - - /** - * SIGN_SIZE_OVER_LIMIT_ERROR - */ - public static final ErrorMsg SIGN_SIZE_OVER_LIMIT_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("15") - .addErrCode("002") - .addDescription("Code Sign Error") - .addCause("Input file size to hash is over limit") - .addSolution("File size should be less than 4GB") - .build(); - - /** - * SALT_LENGTH_ERROR - */ - public static final ErrorMsg SALT_LENGTH_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("15") - .addErrCode("003") - .addDescription("Code Sign Error") - .addCause("Salt is too long") - .build(); - - /** - * SIGN_LIBS_ERROR - */ - public static final ErrorMsg SIGN_LIBS_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("15") - .addErrCode("004") - .addDescription("Code Sign Error") - .addCause("Sign libs error") - .addSolution("Please check the lib file") - .build(); - - /** - * SIGN_HNP_ERROR - */ - public static final ErrorMsg SIGN_HNP_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("15") - .addErrCode("005") - .addDescription("Code Sign Error") - .addCause("Sign hnp error") - .addSolution("Please check the hnp file") - .build(); - - /** - * ENCODE_DATA_ERROR - */ - public static final ErrorMsg ENCODE_DATA_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("15") - .addErrCode("006") - .addDescription("Code Sign Error") - .addCause("Encode data error") - .build(); - - /** - * CERTIFICATE_ENCODING_ERROR - */ - public static final ErrorMsg CERTIFICATE_ENCODING_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("15") - .addErrCode("007") - .addDescription("Code Sign Error") - .addCause("Create sign info failed") - .build(); - - /** - * CREATE_CRL_ERROR - */ - public static final ErrorMsg CREATE_CRL_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("15") - .addErrCode("008") - .addDescription("Code Sign Error") - .addCause("Create crl failed") - .build(); - - /** - * SIGNER_SIGN_ERROR - */ - public static final ErrorMsg SIGNER_SIGN_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("15") - .addErrCode("009") - .addDescription("Code Sign Error") - .addCause("Signer sign data failed") - .build(); - - /** - * SIGN_CONTENT_EMPTY_ERROR - */ - public static final ErrorMsg SIGN_CONTENT_EMPTY_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("15") - .addErrCode("010") - .addDescription("Code Sign Error") - .addCause("The content to be signed is empty") - .build(); - - /** - * VERIFY_SIGNATURE_FROM_SERVER_ERROR - */ - public static final ErrorMsg VERIFY_SIGNATURE_FROM_SERVER_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("15") - .addErrCode("011") - .addDescription("Code Sign Error") - .addCause("Verify signature from server failed") + .addDescription("Code Sign Internal Error") + .addCause("%s") .build(); /** @@ -315,42 +190,12 @@ public class CodeSignErrMsg { */ public static final ErrorMsg SIGNATURE_VERIFY_FAILED_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("15") - .addErrCode("012") + .addErrCode("002") .addDescription("Code Sign Error") .addCause("Signature verify failed") .addSolution("Please check whether the keyAlias is correct") .build(); - /** - * VERIFY_BC_SIGNATURE_FAILED_ERROR - */ - public static final ErrorMsg VERIFY_BC_SIGNATURE_FAILED_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("15") - .addErrCode("013") - .addDescription("Code Sign Error") - .addCause("Verify BC signatures failed: %s") - .build(); - - /** - * VERIFY_SIGNATURE_DATA_FAILED_ERROR - */ - public static final ErrorMsg VERIFY_SIGNATURE_DATA_FAILED_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("15") - .addErrCode("014") - .addDescription("Code Sign Error") - .addCause("Failed to verify signed data and unsigned data digest") - .build(); - - /** - * VERIFY_PKCS_DATA_FAILED_ERROR - */ - public static final ErrorMsg VERIFY_PKCS_DATA_FAILED_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("15") - .addErrCode("015") - .addDescription("Code Sign Error") - .addCause("PKCS cms data did not verify") - .build(); - /** * ELF_FILE_HEADER_ERROR */ @@ -358,100 +203,17 @@ public class CodeSignErrMsg { .addTypeCode("16") .addErrCode("001") .addDescription("Elf File Error") - .addCause("ELF header is incorrect") - .addSolution("Failed to parse the elf file, please check whether the file header information is correct") - .build(); - - /** - * ELF_PROGRAM_HEADER_ERROR - */ - public static final ErrorMsg ELF_PROGRAM_HEADER_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("16") - .addErrCode("002") - .addDescription("Elf File Error") - .addCause("ELF program header is incorrect") - .addSolution("Failed to parse the elf file, please check whether the file header information is correct") - .build(); - - /** - * ELF_EI_CLASS_ERROR - */ - public static final ErrorMsg ELF_EI_CLASS_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("16") - .addErrCode("003") - .addDescription("Elf File Error") - .addCause("ELF ei_class is incorrect") - .addSolution("Failed to parse the elf file, please check whether the file header information is correct") - .build(); - - /** - * ELF_EI_DATA_ERROR - */ - public static final ErrorMsg ELF_EI_DATA_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("16") - .addErrCode("004") - .addDescription("Elf File Error") - .addCause("ELF ei_data is incorrect") - .addSolution("Failed to parse the elf file, please check whether the file header information is correct") - .build(); - - /** - * BITMAP_OFF_4K_ALIGNMENT_ERROR - */ - public static final ErrorMsg BITMAP_OFF_4K_ALIGNMENT_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("17") - .addErrCode("001") - .addDescription("Page Info Error") - .addCause("Invalid bitmap offset {%d}, not a multiple of 4096") + .addCause("ELF {%s} is incorrect") + .addSolution("Failed to read the elf file, please check whether the file header information is correct") .build(); /** * PAGE_INFO_UNIT_SIZE_ERROR */ - public static final ErrorMsg PAGE_INFO_UNIT_SIZE_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("17") - .addErrCode("002") - .addDescription("Page Info Error") - .addCause("Invalid page info unitSize : {%d}") - .build(); - - /** - * PAGE_INFO_SIZE_AND_UNIT_ERROR - */ - public static final ErrorMsg PAGE_INFO_SIZE_AND_UNIT_ERROR = ErrorMsg.getCodeSignErrBuilder() + public static final ErrorMsg PAGE_INFO_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("17") - .addErrCode("003") - .addDescription("Page Info Error") - .addCause("Page info size is not multiple of unit") - .build(); - - /** - * PAGE_INFO_OFFSET_SIZE_ERROR - */ - public static final ErrorMsg PAGE_INFO_NEGATIVE_NUMBER_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("17") - .addErrCode("004") - .addDescription("Page Info Error") - .addCause("Page info offset or size is negative number") - .build(); - - /** - * PAGE_INFO_OUT_DATA_ERROR - */ - public static final ErrorMsg PAGE_INFO_OUT_DATA_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("17") - .addErrCode("005") - .addDescription("Page Info Error") - .addCause("Page info is out of dataSize") - .build(); - - /** - * BIT_MAP_PAGE_NOT_LESS_DATA_PAGE_ERROR - */ - public static final ErrorMsg BIT_MAP_PAGE_NOT_LESS_DATA_PAGE_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("17") - .addErrCode("006") + .addErrCode("001") .addDescription("Page Info Error") - .addCause("page info size is not consistent with data page ") + .addCause("%s") .build(); } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityDescriptor.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityDescriptor.java index 336d3f92..1575adce 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityDescriptor.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityDescriptor.java @@ -196,7 +196,7 @@ public class FsVerityDescriptor { buffer.put(hashAlgorithm); buffer.put(log2BlockSize); if (this.saltSize > SALT_SIZE) { - throw new FsVerityDigestException(CodeSignErrMsg.SALT_LENGTH_ERROR.toString()); + throw new FsVerityDigestException(CodeSignErrMsg.CODE_SIGN_INTERNAL_ERROR.toString("Salt is too long")); } buffer.put(this.saltSize); buffer.putInt(signSize); @@ -224,7 +224,7 @@ public class FsVerityDescriptor { buffer.put(hashAlgorithm); buffer.put(log2BlockSize); if (this.saltSize > SALT_SIZE) { - throw new FsVerityDigestException(CodeSignErrMsg.SALT_LENGTH_ERROR.toString()); + throw new FsVerityDigestException(CodeSignErrMsg.CODE_SIGN_INTERNAL_ERROR.toString("Salt is too long")); } buffer.put(this.saltSize); buffer.putInt(0); @@ -252,7 +252,7 @@ public class FsVerityDescriptor { buffer.put(hashAlgorithm); buffer.put(log2BlockSize); if (this.saltSize > SALT_SIZE) { - throw new FsVerityDigestException(CodeSignErrMsg.SALT_LENGTH_ERROR.toString()); + throw new FsVerityDigestException(CodeSignErrMsg.CODE_SIGN_INTERNAL_ERROR.toString("Salt is too long")); } buffer.put(this.saltSize); buffer.putInt(0); diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/MerkleTreeBuilder.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/MerkleTreeBuilder.java index 19e8f6da..2705152f 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/MerkleTreeBuilder.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/MerkleTreeBuilder.java @@ -81,9 +81,9 @@ public class MerkleTreeBuilder implements AutoCloseable { private void transInputStreamToHashData(InputStream inputStream, long size, ByteBuffer outputBuffer) throws IOException { if (size == 0) { - throw new IOException(CodeSignErrMsg.SIGN_SIZE_ZERO_ERROR.toString()); + throw new IOException(CodeSignErrMsg.CODE_SIGN_INTERNAL_ERROR.toString("Input size is empty")); } else if (size > INPUTSTREAM_MAX_SIZE) { - throw new IOException(CodeSignErrMsg.SIGN_SIZE_OVER_LIMIT_ERROR.toString()); + throw new IOException(CodeSignErrMsg.CODE_SIGN_INTERNAL_ERROR.toString("Input size is too long")); } int count = (int) getChunkCount(size, MAX_READ_SIZE); int chunks = (int) getChunkCount(size, CHUNK_SIZE); diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java index 453508f3..1d017abc 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java @@ -91,7 +91,8 @@ public class BcSignedDataGenerator implements SignedDataGenerator { @Override public byte[] generateSignedData(byte[] content, SignerConfig signConfig) throws CodeSignException { if (content == null) { - throw new CodeSignException(CodeSignErrMsg.SIGN_CONTENT_EMPTY_ERROR.toString()); + throw new CodeSignException( + CodeSignErrMsg.CODE_SIGN_INTERNAL_ERROR.toString("The content to be signed is empty")); } Pair pairDigestAndSignInfo = getSignInfo(content, signConfig); // Unsupported certificate revocation, SignedData's _crls is null @@ -122,14 +123,16 @@ public class BcSignedDataGenerator implements SignedDataGenerator { Pair signPair = signAlgorithm.getSignatureAlgAndParams(); byte[] signBytes = signConfig.getSigner().getSignature(codeAuthed, signPair.getFirst(), signPair.getSecond()); if (signBytes == null) { - throw new CodeSignException(CodeSignErrMsg.SIGNER_SIGN_ERROR.toString()); + throw new CodeSignException(CodeSignErrMsg.CODE_SIGN_INTERNAL_ERROR.toString("Get signature failed")); } if (signConfig.getCertificates().isEmpty()) { - throw new CodeSignException(CodeSignErrMsg.CERTIFICATES_CONFIGURE_EMPTY_ERROR.toString()); + throw new CodeSignException( + CodeSignErrMsg.CERTIFICATES_CONFIGURE_ERROR.toString("No certificates configured for sign")); } X509Certificate cert = signConfig.getCertificates().get(0); if (!verifySignFromServer(cert.getPublicKey(), signBytes, signPair, codeAuthed)) { - throw new CodeSignException(CodeSignErrMsg.VERIFY_SIGNATURE_FROM_SERVER_ERROR.toString()); + throw new CodeSignException( + CodeSignErrMsg.CODE_SIGN_INTERNAL_ERROR.toString("Verify signature from server failed")); } JcaX509CertificateHolder certificateHolder = getJcaX509CertificateHolder(cert); return new SignerInfo(new ASN1Integer(1), @@ -153,7 +156,7 @@ public class BcSignedDataGenerator implements SignedDataGenerator { try { codeAuthed = authed.getEncoded(); } catch (IOException e) { - throw new CodeSignException(CodeSignErrMsg.ENCODE_DATA_ERROR.toString(), e); + throw new CodeSignException(CodeSignErrMsg.CODE_SIGN_INTERNAL_ERROR.toString("Encode data error"), e); } return codeAuthed; } @@ -163,7 +166,7 @@ public class BcSignedDataGenerator implements SignedDataGenerator { try { crlHolder = new JcaX509CRLHolder(crl); } catch (CRLException e) { - throw new CodeSignException(CodeSignErrMsg.CREATE_CRL_ERROR.toString(), e); + throw new CodeSignException(CodeSignErrMsg.CODE_SIGN_INTERNAL_ERROR.toString("Create crl failed"), e); } return crlHolder; } @@ -173,7 +176,7 @@ public class BcSignedDataGenerator implements SignedDataGenerator { try { certificateHolder = new JcaX509CertificateHolder(cert); } catch (CertificateEncodingException e) { - throw new CodeSignException(CodeSignErrMsg.CERTIFICATE_ENCODING_ERROR.toString(), e); + throw new CodeSignException(CodeSignErrMsg.CODE_SIGN_INTERNAL_ERROR.toString("Create sign info failed"), e); } return certificateHolder; } @@ -244,7 +247,7 @@ public class BcSignedDataGenerator implements SignedDataGenerator { ContentInfo contentInfo = new ContentInfo(PKCSObjectIdentifiers.signedData, signedData); signResult = contentInfo.getEncoded(ASN1Encoding.DER); } catch (IOException e) { - throw new CodeSignException(CodeSignErrMsg.ENCODE_DATA_ERROR.toString(), e); + throw new CodeSignException(CodeSignErrMsg.CODE_SIGN_INTERNAL_ERROR.toString("Encode data error"), e); } verifySignResult(unsignedDataDigest, signResult); return signResult; @@ -255,10 +258,12 @@ public class BcSignedDataGenerator implements SignedDataGenerator { try { result = CmsUtils.verifySignDataWithUnsignedDataDigest(unsignedDataDigest, signResult); } catch (CMSException e) { - throw new CodeSignException(CodeSignErrMsg.VERIFY_SIGNATURE_DATA_FAILED_ERROR.toString(), e); + throw new CodeSignException(CodeSignErrMsg.CODE_SIGN_INTERNAL_ERROR.toString( + "Failed to verify signed data and unsigned data digest"), e); } if (!result) { - throw new CodeSignException(CodeSignErrMsg.VERIFY_PKCS_DATA_FAILED_ERROR.toString()); + throw new CodeSignException( + CodeSignErrMsg.CODE_SIGN_INTERNAL_ERROR.toString("PKCS cms data did not verify")); } } } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java index 05d582a2..5c1b999b 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java @@ -307,12 +307,13 @@ public class CodeSigning { false, 0, ownerID); return (Pair.create(hnpElfPath, pairSignInfoAndMerkleTreeBytes.getFirst())); } catch (IOException | FsVerityDigestException | CodeSignException e) { - LOGGER.error("Sign hnp lib error, entry name = {}, msg : {}", hnpElfPath, e.getMessage()); + LOGGER.error("Sign hnp lib error msg : {} AT entry : {}" + System.lineSeparator(), e.getMessage(), + hnpElfPath); } return null; }).collect(Collectors.toList()); if (nativeLibInfoList.contains(null)) { - throw new CodeSignException(CodeSignErrMsg.SIGN_HNP_ERROR.toString()); + throw new CodeSignException("Sign hnp error"); } return nativeLibInfoList; } catch (IOException e) { @@ -418,12 +419,12 @@ public class CodeSigning { ownerID); return Pair.create(name, pairSignInfoAndMerkleTreeBytes.getFirst()); } catch (FsVerityDigestException | CodeSignException | IOException e) { - LOGGER.error("Sign lib error, entry name = {}, msg : {}", name, e.getMessage()); + LOGGER.error("Sign lib error msg : {} AT entry : {}" + System.lineSeparator(), e.getMessage(), name); } return null; }).collect(Collectors.toList()); if (nativeLibInfoList.contains(null)) { - throw new CodeSignException(CodeSignErrMsg.SIGN_LIBS_ERROR.toString()); + throw new CodeSignException("Sign libs error"); } return nativeLibInfoList; } @@ -479,7 +480,8 @@ public class CodeSigning { // signConfig is created by SignerFactory if ((copiedConfig.getSigner() instanceof LocalSigner)) { if (copiedConfig.getCertificates().isEmpty()) { - throw new CodeSignException(CodeSignErrMsg.CERTIFICATES_CONFIGURE_EMPTY_ERROR.toString()); + throw new CodeSignException( + CodeSignErrMsg.CERTIFICATES_CONFIGURE_ERROR.toString("No certificates configured for sign")); } BcSignedDataGenerator bcSignedDataGenerator = new BcSignedDataGenerator(); bcSignedDataGenerator.setOwnerID(ownerID); diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/CmsUtils.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/CmsUtils.java index 318b296e..1e751492 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/CmsUtils.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/CmsUtils.java @@ -50,11 +50,12 @@ public class CmsUtils { private static void isCollectionValid(Collection collection) throws OperatorCreationException { if (collection == null) { - throw new OperatorCreationException(CodeSignErrMsg.CERTIFICATES_MATCHED_EMPTY_ERROR.toString()); + throw new OperatorCreationException( + CodeSignErrMsg.CERTIFICATES_CONFIGURE_ERROR.toString("No matched cert")); } if (collection.size() != 1) { - throw new OperatorCreationException( - CodeSignErrMsg.CERTIFICATES_MATCHED_MORE_ERROR.toString(collection.size())); + throw new OperatorCreationException(CodeSignErrMsg.CERTIFICATES_CONFIGURE_ERROR.toString( + "More than one matched certs, matched certs size: " + collection.size())); } } @@ -68,7 +69,8 @@ public class CmsUtils { return new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert); } catch (CertificateException e) { throw new OperatorCreationException( - CodeSignErrMsg.VERIFY_BC_SIGNATURE_FAILED_ERROR.toString(e.getMessage()), e); + CodeSignErrMsg.CODE_SIGN_INTERNAL_ERROR.toString("Verify BC signatures failed: " + e.getMessage()), + e); } }); } -- Gitee From 2bf986890052d70a0856c079a24bfe56c65941b9 Mon Sep 17 00:00:00 2001 From: zfeixiang Date: Sat, 11 Jan 2025 11:42:31 +0800 Subject: [PATCH 22/28] error code for ide Signed-off-by: zfeixiang --- .../codesigning/exception/CodeSignErrMsg.java | 28 +++++++++---------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java index e4a60374..ca239b18 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java @@ -35,24 +35,24 @@ public class CodeSignErrMsg { .build(); /** - * FILE_4K_ALIGNMENT_ERROR + * EXTRACT_HNP_FILE_ERROR */ - public static final ErrorMsg FILE_4K_ALIGNMENT_ERROR = ErrorMsg.getCodeSignErrBuilder() + public static final ErrorMsg EXTRACT_HNP_FILE_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("10") .addErrCode("002") - .addDescription("File Alignment Error") - .addCause("Invalid data size {%d}, not a multiple of 4096") + .addDescription("File Format Error") + .addCause("Extract hnp file {%s} error") + .addSolution("Check whether the hnp file is packaged correctly") .build(); /** - * EXTRACT_HNP_FILE_ERROR + * FILE_4K_ALIGNMENT_ERROR */ - public static final ErrorMsg EXTRACT_HNP_FILE_ERROR = ErrorMsg.getCodeSignErrBuilder() + public static final ErrorMsg FILE_4K_ALIGNMENT_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("10") .addErrCode("003") - .addDescription("Extract File Error") - .addCause("Extract hnp file {%s} error") - .addSolution("Check whether the hnp file is packaged correctly") + .addDescription("File Alignment Error") + .addCause("Invalid data size {%d}, not a multiple of 4096") .build(); /** @@ -92,7 +92,7 @@ public class CodeSignErrMsg { */ public static final ErrorMsg PROFILE_TYPE_NOT_EXISTED_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("12") - .addErrCode("002") + .addErrCode("001") .addDescription("Profile Content Error") .addCause("Key named 'type' does not exist in profile") .addSolution("Add 'type' to the profile") @@ -103,7 +103,7 @@ public class CodeSignErrMsg { */ public static final ErrorMsg PROFILE_BUNDLE_INFO_NOT_EXISTED_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("12") - .addErrCode("003") + .addErrCode("001") .addDescription("Profile Content Error") .addCause("Key named 'bundle-info' does not exist in profile") .addSolution("Add 'bundle-info' to the profile") @@ -114,7 +114,7 @@ public class CodeSignErrMsg { */ public static final ErrorMsg PROFILE_APPID_VALUE_TYPE_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("12") - .addErrCode("004") + .addErrCode("001") .addDescription("Profile Content Error") .addCause("Value type of app-identifier is not string") .addSolution("Value type of app-identifier should be string") @@ -125,7 +125,7 @@ public class CodeSignErrMsg { */ public static final ErrorMsg PROFILE_APPID_VALUE_LENGTH_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("12") - .addErrCode("005") + .addErrCode("001") .addDescription("Profile Content Error") .addCause("Value length of app-identifier is invalid") .addSolution("Modify to a valid app-identifier") @@ -136,7 +136,7 @@ public class CodeSignErrMsg { */ public static final ErrorMsg PROFILE_JSON_PARSE_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("12") - .addErrCode("006") + .addErrCode("001") .addDescription("Profile Content Error") .addCause("Profile json content is invalid") .addSolution("Please check whether the profile json is correct") -- Gitee From f4a001d932cef37d1c08bd79d2e31f0bf13f1174 Mon Sep 17 00:00:00 2001 From: zfeixiang Date: Sat, 11 Jan 2025 14:52:01 +0800 Subject: [PATCH 23/28] error code for ide Signed-off-by: zfeixiang --- .../com/ohos/hapsigntool/codesigning/sign/CodeSigning.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java index 5c1b999b..551c52f9 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java @@ -114,7 +114,7 @@ public class CodeSigning { throws CodeSignException, FsVerityDigestException, IOException, ProfileException { LOGGER.info("Start to sign code."); if (!SUPPORT_BIN_FILE_FORM.equalsIgnoreCase(inForm)) { - throw new CodeSignException(CodeSignErrMsg.FILE_FORMAT_UNSUPPORTED_ERROR.toString()); + throw new CodeSignException(CodeSignErrMsg.FILE_FORMAT_UNSUPPORTED_ERROR.toString(SUPPORT_BIN_FILE_FORM)); } long fileSize = input.length(); int paddingSize = ElfSignBlock.computeMerkleTreePaddingLength(offset); @@ -313,7 +313,7 @@ public class CodeSigning { return null; }).collect(Collectors.toList()); if (nativeLibInfoList.contains(null)) { - throw new CodeSignException("Sign hnp error"); + throw new CodeSignException("Sign hnp lib error"); } return nativeLibInfoList; } catch (IOException e) { @@ -424,7 +424,7 @@ public class CodeSigning { return null; }).collect(Collectors.toList()); if (nativeLibInfoList.contains(null)) { - throw new CodeSignException("Sign libs error"); + throw new CodeSignException("Sign lib error"); } return nativeLibInfoList; } -- Gitee From e529781b4ba007d902872de38e3884687c56c523 Mon Sep 17 00:00:00 2001 From: zfeixiang Date: Sat, 11 Jan 2025 15:46:20 +0800 Subject: [PATCH 24/28] error code for ide Signed-off-by: zfeixiang --- .../codesigning/datastructure/PageInfoExtension.java | 2 +- .../hapsigntool/codesigning/sign/BcSignedDataGenerator.java | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/datastructure/PageInfoExtension.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/datastructure/PageInfoExtension.java index b73642e3..208f52c5 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/datastructure/PageInfoExtension.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/datastructure/PageInfoExtension.java @@ -204,7 +204,7 @@ public class PageInfoExtension extends Extension { } if (pgExtension.getMapSize() / pgExtension.getUnitSize() >= dataSize / CodeSignBlock.PAGE_SIZE_4K) { throw new PageInfoException( - CodeSignErrMsg.PAGE_INFO_ERROR.toString("Page info size is not consistent with data page ")); + CodeSignErrMsg.PAGE_INFO_ERROR.toString("Page info size is not less than data page ")); } return true; } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java index 1d017abc..ef33ceba 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java @@ -258,8 +258,8 @@ public class BcSignedDataGenerator implements SignedDataGenerator { try { result = CmsUtils.verifySignDataWithUnsignedDataDigest(unsignedDataDigest, signResult); } catch (CMSException e) { - throw new CodeSignException(CodeSignErrMsg.CODE_SIGN_INTERNAL_ERROR.toString( - "Failed to verify signed data and unsigned data digest"), e); + throw new CodeSignException( + CodeSignErrMsg.CODE_SIGN_INTERNAL_ERROR.toString("PKCS cms data verify failed"), e); } if (!result) { throw new CodeSignException( -- Gitee From 82880c2465d320a112ed56b6c10ff5447748fe80 Mon Sep 17 00:00:00 2001 From: zfeixiang Date: Sat, 11 Jan 2025 17:18:13 +0800 Subject: [PATCH 25/28] error code for ide Signed-off-by: zfeixiang --- .../codesigning/exception/CodeSignErrMsg.java | 100 +++++++++--------- .../fsverity/FsVerityGenerator.java | 7 +- .../fsverity/MerkleTreeBuilder.java | 3 +- .../sign/BcSignedDataGenerator.java | 2 +- .../codesigning/utils/CmsUtils.java | 4 +- 5 files changed, 59 insertions(+), 57 deletions(-) diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java index ca239b18..142b141d 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java @@ -27,40 +27,19 @@ public class CodeSignErrMsg { * FILE_FORMAT_UNSUPPORTED_ERROR */ public static final ErrorMsg FILE_FORMAT_UNSUPPORTED_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("10") + .addTypeCode("06") .addErrCode("001") .addDescription("File Format Error") .addCause("Code sign does not support the file format") .addSolution("Code sign supports {%s} format") .build(); - /** - * EXTRACT_HNP_FILE_ERROR - */ - public static final ErrorMsg EXTRACT_HNP_FILE_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("10") - .addErrCode("002") - .addDescription("File Format Error") - .addCause("Extract hnp file {%s} error") - .addSolution("Check whether the hnp file is packaged correctly") - .build(); - - /** - * FILE_4K_ALIGNMENT_ERROR - */ - public static final ErrorMsg FILE_4K_ALIGNMENT_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("10") - .addErrCode("003") - .addDescription("File Alignment Error") - .addCause("Invalid data size {%d}, not a multiple of 4096") - .build(); - /** * READ_INPUT_STREAM_ERROR */ public static final ErrorMsg READ_INPUT_STREAM_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("10") - .addErrCode("004") + .addErrCode("001") .addDescription("Input Stream Read Error") .addCause("Read buffer from input error") .build(); @@ -76,6 +55,17 @@ public class CodeSignErrMsg { .addSolution("Please check whether the certificate is correct") .build(); + /** + * SIGNATURE_VERIFY_FAILED_ERROR + */ + public static final ErrorMsg SIGNATURE_VERIFY_FAILED_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("11") + .addErrCode("002") + .addDescription("Certificates Error") + .addCause("Signature failed") + .addSolution("Please check whether the keyAlias is correct") + .build(); + /** * PROFILE_TYPE_UNSUPPORTED_ERROR */ @@ -146,8 +136,8 @@ public class CodeSignErrMsg { * MODULE_JSON_PARSE_ERROR */ public static final ErrorMsg MODULE_JSON_PARSE_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("13") - .addErrCode("001") + .addTypeCode("12") + .addErrCode("002") .addDescription("Module Content Error") .addCause("Module json content is invalid") .addSolution("Please check whether the module json is correct") @@ -157,63 +147,73 @@ public class CodeSignErrMsg { * HNP_FILE_DESCRIPTION_ERROR */ public static final ErrorMsg HNP_FILE_DESCRIPTION_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("13") + .addTypeCode("12") .addErrCode("002") .addDescription("Module Content Error") .addCause("Hnp {%s} is not described in module.json") .addSolution("Hnp file should be described in module.json") .build(); + /** + * ELF_FILE_HEADER_ERROR + */ + public static final ErrorMsg ELF_FILE_HEADER_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("12") + .addErrCode("003") + .addDescription("Elf File Error") + .addCause("ELF {%s} is incorrect") + .addSolution("Failed to read the elf file, please check whether the file header information is correct") + .build(); + + /** + * EXTRACT_HNP_FILE_ERROR + */ + public static final ErrorMsg EXTRACT_HNP_FILE_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("12") + .addErrCode("004") + .addDescription("File Format Error") + .addCause("Extract hnp file {%s} error") + .addSolution("Check whether the hnp file is packaged correctly") + .build(); + /** * DIGEST_ALGORITHM_ERROR */ - public static final ErrorMsg DIGEST_ALGORITHM_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("14") + public static final ErrorMsg ALGORITHM_NOT_SUPPORT_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("13") .addErrCode("001") .addDescription("Digest Algorithm Error") .addCause("Invalid algorithm {%s}") - .addSolution("Perhaps the JDK you are using does not support it") + .addSolution("Using SHA-256 algorithm, if an error occurs, please check the JDK version you are using") .build(); /** * CODE_SIGN_INTERNAL_ERROR */ public static final ErrorMsg CODE_SIGN_INTERNAL_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("15") + .addTypeCode("14") .addErrCode("001") .addDescription("Code Sign Internal Error") .addCause("%s") .build(); /** - * SIGNATURE_VERIFY_FAILED_ERROR - */ - public static final ErrorMsg SIGNATURE_VERIFY_FAILED_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("15") - .addErrCode("002") - .addDescription("Code Sign Error") - .addCause("Signature verify failed") - .addSolution("Please check whether the keyAlias is correct") - .build(); - - /** - * ELF_FILE_HEADER_ERROR + * FILE_4K_ALIGNMENT_ERROR */ - public static final ErrorMsg ELF_FILE_HEADER_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("16") + public static final ErrorMsg FILE_4K_ALIGNMENT_ERROR = ErrorMsg.getCodeSignErrBuilder() + .addTypeCode("14") .addErrCode("001") - .addDescription("Elf File Error") - .addCause("ELF {%s} is incorrect") - .addSolution("Failed to read the elf file, please check whether the file header information is correct") + .addDescription("Code Sign Internal Error") + .addCause("Invalid data size {%d}, not a multiple of 4096") .build(); /** * PAGE_INFO_UNIT_SIZE_ERROR */ public static final ErrorMsg PAGE_INFO_ERROR = ErrorMsg.getCodeSignErrBuilder() - .addTypeCode("17") + .addTypeCode("14") .addErrCode("001") - .addDescription("Page Info Error") - .addCause("%s") + .addDescription("Code Sign Internal Error") + .addCause("Page Info Error : %s") .build(); } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityGenerator.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityGenerator.java index 9ef67995..50f1a1a8 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityGenerator.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/FsVerityGenerator.java @@ -80,7 +80,7 @@ public class FsVerityGenerator { throw new FsVerityDigestException(e.getMessage(), e); } catch (NoSuchAlgorithmException e) { throw new FsVerityDigestException( - CodeSignErrMsg.DIGEST_ALGORITHM_ERROR.toString(fsVerityHashAlgorithm.getHashAlgorithm()), e); + CodeSignErrMsg.ALGORITHM_NOT_SUPPORT_ERROR.toString(fsVerityHashAlgorithm.getHashAlgorithm()), e); } return merkleTree; } @@ -118,7 +118,7 @@ public class FsVerityGenerator { fsVerityDigest = FsVerityDigest.getFsVerityDigest(FS_VERITY_HASH_ALGORITHM.getId(), digest); } catch (NoSuchAlgorithmException e) { throw new FsVerityDigestException( - CodeSignErrMsg.DIGEST_ALGORITHM_ERROR.toString(FS_VERITY_HASH_ALGORITHM.getHashAlgorithm()), e); + CodeSignErrMsg.ALGORITHM_NOT_SUPPORT_ERROR.toString(FS_VERITY_HASH_ALGORITHM.getHashAlgorithm()), e); } if (pageInfoExtension != null && flags != 0) { PageInfoExtension.valid(pageInfoExtension, size); @@ -131,7 +131,8 @@ public class FsVerityGenerator { fsVerityDigestV2 = FsVerityDigest.getFsVerityDigest(FS_VERITY_HASH_ALGORITHM.getId(), digest); } catch (NoSuchAlgorithmException e) { throw new FsVerityDigestException( - CodeSignErrMsg.DIGEST_ALGORITHM_ERROR.toString(FS_VERITY_HASH_ALGORITHM.getHashAlgorithm()), e); + CodeSignErrMsg.ALGORITHM_NOT_SUPPORT_ERROR.toString(FS_VERITY_HASH_ALGORITHM.getHashAlgorithm()), + e); } } treeBytes = merkleTree.tree; diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/MerkleTreeBuilder.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/MerkleTreeBuilder.java index 2705152f..3426854e 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/MerkleTreeBuilder.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/fsverity/MerkleTreeBuilder.java @@ -196,7 +196,8 @@ public class MerkleTreeBuilder implements AutoCloseable { try { hashes[index++] = DigestUtils.computeDigest(tempByte, this.mAlgorithm); } catch (NoSuchAlgorithmException e) { - throw new IllegalStateException(CodeSignErrMsg.DIGEST_ALGORITHM_ERROR.toString(this.mAlgorithm), e); + throw new IllegalStateException( + CodeSignErrMsg.ALGORITHM_NOT_SUPPORT_ERROR.toString(this.mAlgorithm), e); } offset += CHUNK_SIZE; } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java index ef33ceba..82130524 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java @@ -146,7 +146,7 @@ public class BcSignedDataGenerator implements SignedDataGenerator { try { digest = DigestUtils.computeDigest(unsignedDataDigest, algorithm); } catch (NoSuchAlgorithmException e) { - throw new CodeSignException(CodeSignErrMsg.DIGEST_ALGORITHM_ERROR.toString(algorithm), e); + throw new CodeSignException(CodeSignErrMsg.ALGORITHM_NOT_SUPPORT_ERROR.toString(algorithm), e); } return digest; } diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/CmsUtils.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/CmsUtils.java index 1e751492..090c0596 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/CmsUtils.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/utils/CmsUtils.java @@ -51,10 +51,10 @@ public class CmsUtils { throws OperatorCreationException { if (collection == null) { throw new OperatorCreationException( - CodeSignErrMsg.CERTIFICATES_CONFIGURE_ERROR.toString("No matched cert")); + CodeSignErrMsg.CODE_SIGN_INTERNAL_ERROR.toString("No matched cert")); } if (collection.size() != 1) { - throw new OperatorCreationException(CodeSignErrMsg.CERTIFICATES_CONFIGURE_ERROR.toString( + throw new OperatorCreationException(CodeSignErrMsg.CODE_SIGN_INTERNAL_ERROR.toString( "More than one matched certs, matched certs size: " + collection.size())); } } -- Gitee From 90cb0d65be11797e25aa7ded47926f76eb2d74e3 Mon Sep 17 00:00:00 2001 From: zfeixiang Date: Sat, 11 Jan 2025 17:23:17 +0800 Subject: [PATCH 26/28] error code for ide Signed-off-by: zfeixiang --- .../hapsigntool/codesigning/sign/BcSignedDataGenerator.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java index 82130524..8b346bef 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java @@ -132,7 +132,7 @@ public class BcSignedDataGenerator implements SignedDataGenerator { X509Certificate cert = signConfig.getCertificates().get(0); if (!verifySignFromServer(cert.getPublicKey(), signBytes, signPair, codeAuthed)) { throw new CodeSignException( - CodeSignErrMsg.CODE_SIGN_INTERNAL_ERROR.toString("Verify signature from server failed")); + CodeSignErrMsg.CODE_SIGN_INTERNAL_ERROR.toString("Verify signature failed")); } JcaX509CertificateHolder certificateHolder = getJcaX509CertificateHolder(cert); return new SignerInfo(new ASN1Integer(1), -- Gitee From 08134afc53a2b42e4b0f017daa868a895df50c3f Mon Sep 17 00:00:00 2001 From: zfeixiang Date: Sat, 11 Jan 2025 18:02:20 +0800 Subject: [PATCH 27/28] error code for ide Signed-off-by: zfeixiang --- .../codesigning/exception/CodeSignErrMsg.java | 32 +++++++++---------- .../sign/BcSignedDataGenerator.java | 2 +- .../codesigning/sign/CodeSigning.java | 3 +- 3 files changed, 19 insertions(+), 18 deletions(-) diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java index 142b141d..aa1ac5aa 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/exception/CodeSignErrMsg.java @@ -29,9 +29,9 @@ public class CodeSignErrMsg { public static final ErrorMsg FILE_FORMAT_UNSUPPORTED_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("06") .addErrCode("001") - .addDescription("File Format Error") - .addCause("Code sign does not support the file format") - .addSolution("Code sign supports {%s} format") + .addDescription("Invalid File Format") + .addCause("Unsupported file to sign") + .addSolution("Support file format: %s") .build(); /** @@ -62,7 +62,7 @@ public class CodeSignErrMsg { .addTypeCode("11") .addErrCode("002") .addDescription("Certificates Error") - .addCause("Signature failed") + .addCause("Signing failed") .addSolution("Please check whether the keyAlias is correct") .build(); @@ -74,7 +74,7 @@ public class CodeSignErrMsg { .addErrCode("001") .addDescription("Profile Content Error") .addCause("Unsupported profile type") - .addSolution("Value of 'type' in profile should be debug or release") + .addSolution("Value of 'type' in profile file should be debug or release") .build(); /** @@ -84,8 +84,8 @@ public class CodeSignErrMsg { .addTypeCode("12") .addErrCode("001") .addDescription("Profile Content Error") - .addCause("Key named 'type' does not exist in profile") - .addSolution("Add 'type' to the profile") + .addCause("'type' not found in profile file") + .addSolution("Add 'type' to the profile file") .build(); /** @@ -95,8 +95,8 @@ public class CodeSignErrMsg { .addTypeCode("12") .addErrCode("001") .addDescription("Profile Content Error") - .addCause("Key named 'bundle-info' does not exist in profile") - .addSolution("Add 'bundle-info' to the profile") + .addCause("'bundle-info' not found in profile file") + .addSolution("Add 'bundle-info' to the profile file") .build(); /** @@ -118,7 +118,7 @@ public class CodeSignErrMsg { .addErrCode("001") .addDescription("Profile Content Error") .addCause("Value length of app-identifier is invalid") - .addSolution("Modify to a valid app-identifier") + .addSolution("Modify to a valid app-identifier in profile file") .build(); /** @@ -129,7 +129,7 @@ public class CodeSignErrMsg { .addErrCode("001") .addDescription("Profile Content Error") .addCause("Profile json content is invalid") - .addSolution("Please check whether the profile json is correct") + .addSolution("Please check whether the profile file is correct") .build(); /** @@ -138,9 +138,9 @@ public class CodeSignErrMsg { public static final ErrorMsg MODULE_JSON_PARSE_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("12") .addErrCode("002") - .addDescription("Module Content Error") - .addCause("Module json content is invalid") - .addSolution("Please check whether the module json is correct") + .addDescription("module.json Content Error") + .addCause("module.json content is invalid") + .addSolution("Please check whether the module.json is correct") .build(); /** @@ -149,7 +149,7 @@ public class CodeSignErrMsg { public static final ErrorMsg HNP_FILE_DESCRIPTION_ERROR = ErrorMsg.getCodeSignErrBuilder() .addTypeCode("12") .addErrCode("002") - .addDescription("Module Content Error") + .addDescription("module.json Content Error") .addCause("Hnp {%s} is not described in module.json") .addSolution("Hnp file should be described in module.json") .build(); @@ -184,7 +184,7 @@ public class CodeSignErrMsg { .addErrCode("001") .addDescription("Digest Algorithm Error") .addCause("Invalid algorithm {%s}") - .addSolution("Using SHA-256 algorithm, if an error occurs, please check the JDK version you are using") + .addSolution("Support SHA-256 and SHA-512, if an error occurs, please check the JDK version") .build(); /** diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java index 8b346bef..0b26f084 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java @@ -132,7 +132,7 @@ public class BcSignedDataGenerator implements SignedDataGenerator { X509Certificate cert = signConfig.getCertificates().get(0); if (!verifySignFromServer(cert.getPublicKey(), signBytes, signPair, codeAuthed)) { throw new CodeSignException( - CodeSignErrMsg.CODE_SIGN_INTERNAL_ERROR.toString("Verify signature failed")); + CodeSignErrMsg.CODE_SIGN_INTERNAL_ERROR.toString("Verify signed result failed")); } JcaX509CertificateHolder certificateHolder = getJcaX509CertificateHolder(cert); return new SignerInfo(new ASN1Integer(1), diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java index 551c52f9..5e771925 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java @@ -170,7 +170,8 @@ public class CodeSigning { throws CodeSignException, IOException, HapFormatException, FsVerityDigestException, ProfileException { LOGGER.info("Start to sign code."); if (!StringUtils.containsIgnoreCase(SUPPORT_FILE_FORM, inForm)) { - throw new CodeSignException(CodeSignErrMsg.FILE_FORMAT_UNSUPPORTED_ERROR.toString(SUPPORT_FILE_FORM)); + throw new CodeSignException( + CodeSignErrMsg.FILE_FORMAT_UNSUPPORTED_ERROR.toString(String.join(",", SUPPORT_FILE_FORM))); } long dataSize = computeDataSize(zip); // generate CodeSignBlock -- Gitee From d5580fc193f2df18cd5ae2852faa9eca6a46dd6a Mon Sep 17 00:00:00 2001 From: zfeixiang Date: Sat, 11 Jan 2025 20:10:27 +0800 Subject: [PATCH 28/28] error code for ide Signed-off-by: zfeixiang --- .../hapsigntool/codesigning/sign/BcSignedDataGenerator.java | 2 +- .../java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java index 0b26f084..9dcc9770 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/BcSignedDataGenerator.java @@ -127,7 +127,7 @@ public class BcSignedDataGenerator implements SignedDataGenerator { } if (signConfig.getCertificates().isEmpty()) { throw new CodeSignException( - CodeSignErrMsg.CERTIFICATES_CONFIGURE_ERROR.toString("No certificates configured for sign")); + CodeSignErrMsg.CERTIFICATES_CONFIGURE_ERROR.toString("No certificate is configured for sign")); } X509Certificate cert = signConfig.getCertificates().get(0); if (!verifySignFromServer(cert.getPublicKey(), signBytes, signPair, codeAuthed)) { diff --git a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java index 5e771925..1e1bf4a1 100644 --- a/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java +++ b/hapsigntool/hap_sign_tool_lib/src/main/java/com/ohos/hapsigntool/codesigning/sign/CodeSigning.java @@ -482,7 +482,7 @@ public class CodeSigning { if ((copiedConfig.getSigner() instanceof LocalSigner)) { if (copiedConfig.getCertificates().isEmpty()) { throw new CodeSignException( - CodeSignErrMsg.CERTIFICATES_CONFIGURE_ERROR.toString("No certificates configured for sign")); + CodeSignErrMsg.CERTIFICATES_CONFIGURE_ERROR.toString("No certificate is configured for sign")); } BcSignedDataGenerator bcSignedDataGenerator = new BcSignedDataGenerator(); bcSignedDataGenerator.setOwnerID(ownerID); -- Gitee