diff --git a/test/unittest/enable_verity_test.cpp b/test/unittest/enable_verity_test.cpp index acf1aef10c0e1b6e2ef2411b9b48f0769b28a212..09e3d92a1f28e2ad1255279dda57678cea14f82d 100644 --- a/test/unittest/enable_verity_test.cpp +++ b/test/unittest/enable_verity_test.cpp @@ -311,7 +311,8 @@ static void EnableExpandedTamperFile(const std::string &filePath, bool (*tamperFileFunc)(const std::string &filePath)) { struct code_sign_enable_arg arg = {}; - ByteBuffer signature, rootHash; + ByteBuffer signature; + ByteBuffer rootHash; FillCommonArgs(filePath, true, &arg, signature); FillOptional(filePath, &arg, rootHash); @@ -423,7 +424,8 @@ HWTEST_F(EnableVerityTest, EnableVerityTest_0004, TestSize.Level0) LOG_INFO(LABEL, "Test on file path = %{public}s", filePath.c_str()); struct code_sign_enable_arg arg = {}; - ByteBuffer signature, rootHash; + ByteBuffer signature; + ByteBuffer rootHash; FillCommonArgs(filePath, true, &arg, signature); FillOptional(filePath, &arg, rootHash); std::string expandFilePath = MakeExpandTreeFile(filePath, &arg); @@ -443,7 +445,8 @@ HWTEST_F(EnableVerityTest, EnableVerityTest_0005, TestSize.Level0) { std::string filePath = TEST_DEFAULT_FILE; struct code_sign_enable_arg arg = {}; - ByteBuffer signature, rootHash; + ByteBuffer signature; + ByteBuffer rootHash; FillCommonArgs(filePath, true, &arg, signature); FillOptional(filePath, &arg, rootHash); std::string expandFilePath = MakeExpandTreeFile(filePath, &arg); @@ -470,7 +473,8 @@ HWTEST_F(EnableVerityTest, EnableVerityTest_0006, TestSize.Level0) { std::string filePath = TEST_DEFAULT_FILE; struct code_sign_enable_arg arg = {}; - ByteBuffer signature, rootHash; + ByteBuffer signature; + ByteBuffer rootHash; FillCommonArgs(filePath, true, &arg, signature); FillOptional(filePath, &arg, rootHash); std::string expandFilePath = MakeExpandTreeFile(filePath, &arg); @@ -510,7 +514,8 @@ HWTEST_F(EnableVerityTest, EnableVerityTest_0008, TestSize.Level0) } std::string filePath = TEST_DEFAULT_FILE; struct code_sign_enable_arg arg = {}; - ByteBuffer signature, rootHash; + ByteBuffer signature; + ByteBuffer rootHash; FillCommonArgs(filePath, true, &arg, signature); FillOptional(filePath, &arg, rootHash); std::string expandFilePath = MakeExpandTreeFile(filePath, &arg); @@ -541,7 +546,8 @@ HWTEST_F(EnableVerityTest, EnableVerityTest_0009, TestSize.Level0) } std::string filePath = TEST_DEFAULT_FILE; struct code_sign_enable_arg arg = {}; - ByteBuffer signature, rootHash; + ByteBuffer signature; + ByteBuffer rootHash; FillCommonArgs(filePath, true, &arg, signature); FillOptional(filePath, &arg, rootHash); std::string expandFilePath = MakeExpandTreeFile(filePath, &arg); @@ -570,7 +576,8 @@ HWTEST_F(EnableVerityTest, EnableVerityTest_0010, TestSize.Level0) } std::string filePath = TEST_FILES_DIR + "elf/elf"; struct code_sign_enable_arg arg = {}; - ByteBuffer signature, rootHash; + ByteBuffer signature; + ByteBuffer rootHash; FillCommonArgs(filePath, true, &arg, signature); FillOptional(filePath, &arg, rootHash); std::string expandFilePath = MakeExpandTreeFile(filePath, &arg); @@ -605,7 +612,8 @@ HWTEST_F(EnableVerityTest, EnableVerityTest_0011, TestSize.Level0) } std::string filePath = TEST_FILES_DIR + "elf/elf"; struct code_sign_enable_arg arg = {}; - ByteBuffer signature, rootHash; + ByteBuffer signature; + ByteBuffer rootHash; FillCommonArgs(filePath, true, &arg, signature); FillOptional(filePath, &arg, rootHash); std::string expandFilePath = MakeExpandTreeFile(filePath, &arg); diff --git a/utils/include/openssl_utils.h b/utils/include/openssl_utils.h index 5932e3c1a4b14b94680e6b399012964d4982b452..47f29a3d7c172368373c12801efdb084e2c53563 100644 --- a/utils/include/openssl_utils.h +++ b/utils/include/openssl_utils.h @@ -30,7 +30,7 @@ constexpr int OPENSSL_ERR_MESSAGE_MAX_LEN = 1024; void GetOpensslErrorMessage(); -#define ErrLogWithOpenSSLMsg(msg) do { \ +#define ERR_LOG_WITH_OPEN_SSL_MSG(msg) do { \ LOG_ERROR(LABEL, "%{public}s", msg); \ GetOpensslErrorMessage(); \ } while (0) diff --git a/utils/src/fsverity_utils_helper.cpp b/utils/src/fsverity_utils_helper.cpp index 108a59f77f3edb82a0404acff8041986ba013e7e..924decc91d9b1d4274d56fc8e158ae7ecdea4a1c 100644 --- a/utils/src/fsverity_utils_helper.cpp +++ b/utils/src/fsverity_utils_helper.cpp @@ -27,7 +27,7 @@ namespace Security { namespace CodeSign { static constexpr int MAX_DIGEST_SIZE = 64; // size of sha512 static constexpr int FSVERITY_HASH_PAGE_SIZE = 4096; -static const char *FSVERITY_DIGEST_MAGIC = "FSVerity"; +static const char *g_fsverityDigestMagic = "FSVerity"; static constexpr uint32_t FSVERITY_DIGEST_MAGIC_LENGTH = 8; FsverityUtilsHelper &FsverityUtilsHelper::GetInstance() @@ -56,7 +56,7 @@ void FsverityUtilsHelper::ErrorMsgLogCallback(const char *msg) bool FsverityUtilsHelper::FormatDigest(libfsverity_digest *digest, uint8_t *buffer) { struct fsverity_formatted_digest *ret = reinterpret_cast(buffer); - if (memcpy_s(ret->magic, FSVERITY_DIGEST_MAGIC_LENGTH, FSVERITY_DIGEST_MAGIC, + if (memcpy_s(ret->magic, FSVERITY_DIGEST_MAGIC_LENGTH, g_fsverityDigestMagic, FSVERITY_DIGEST_MAGIC_LENGTH) != EOK) { return false; } diff --git a/utils/src/openssl_utils.cpp b/utils/src/openssl_utils.cpp index a3304aa8909f84681938c98435022b7b3ee0ad08..dc78ac3a53bae780de8063ed47af178aa733f3b5 100644 --- a/utils/src/openssl_utils.cpp +++ b/utils/src/openssl_utils.cpp @@ -40,7 +40,7 @@ X509 *LoadCertFromBuffer(const uint8_t *buffer, const uint32_t size) } X509 *cert = d2i_X509_bio(mem, nullptr); if (cert == nullptr) { - ErrLogWithOpenSSLMsg("Certificate is invalid."); + ERR_LOG_WITH_OPEN_SSL_MSG("Certificate is invalid."); } BIO_free(mem); return cert; diff --git a/utils/src/pkcs7_data.cpp b/utils/src/pkcs7_data.cpp index 028ff970d60b080a6d0a3d46f26e025734057edf..afbfc46db48b160ae183c010e359744fac13d14e 100644 --- a/utils/src/pkcs7_data.cpp +++ b/utils/src/pkcs7_data.cpp @@ -67,7 +67,7 @@ bool PKCS7Data::GetPKCS7Data(ByteBuffer &pkcs7Data) break; } if (!i2d_PKCS7_bio(bio, p7_)) { - ErrLogWithOpenSSLMsg("Encode pkcs7 data failed."); + ERR_LOG_WITH_OPEN_SSL_MSG("Encode pkcs7 data failed."); break; } uint8_t *tmp = nullptr; diff --git a/utils/src/pkcs7_generator.cpp b/utils/src/pkcs7_generator.cpp index 8f8ff4eb9d9335f268eaf5398a2bab7837f636b3..8fe84975ab2b328d903d9b5381db2aca0f5357ce 100644 --- a/utils/src/pkcs7_generator.cpp +++ b/utils/src/pkcs7_generator.cpp @@ -17,10 +17,6 @@ #include "errcode.h" #include "log.h" -#include "openssl/asn1.h" -#include "openssl/evp.h" -#include "openssl/pem.h" -#include "openssl/x509.h" #include "openssl_utils.h" #include "pkcs7_data.h" #include "securec.h" diff --git a/utils/src/signer_info.cpp b/utils/src/signer_info.cpp index 09e71ff3b736ea3c5cd10774746bf29f2587195b..dc08d93eabf0e2f35047a59e2a63a7aa6367ddf8 100644 --- a/utils/src/signer_info.cpp +++ b/utils/src/signer_info.cpp @@ -46,7 +46,7 @@ bool SignerInfo::InitSignerInfo(const std::string &ownerID, X509 *cert, const EV carrySigningTime_ = carrySigningTime; p7info_ = PKCS7_SIGNER_INFO_new(); if (p7info_ == nullptr) { - ErrLogWithOpenSSLMsg("Create pkcs7 signer info failed"); + ERR_LOG_WITH_OPEN_SSL_MSG("Create pkcs7 signer info failed"); return false; } bool ret = false; @@ -82,14 +82,14 @@ bool SignerInfo::InitSignerInfo(const std::string &ownerID, X509 *cert, const EV } if (!AddAttrsToSignerInfo(ownerID, contentData)) { - ErrLogWithOpenSSLMsg("Add attributes to signer info failed"); + ERR_LOG_WITH_OPEN_SSL_MSG("Add attributes to signer info failed"); break; } ret = true; } while (0); if (!ret) { PKCS7_SIGNER_INFO_free(p7info_); - ErrLogWithOpenSSLMsg("Init pkcs7 signer info failed"); + ERR_LOG_WITH_OPEN_SSL_MSG("Init pkcs7 signer info failed"); } return ret; } @@ -124,7 +124,7 @@ bool SignerInfo::AddAttrsToSignerInfo(const std::string &ownerID, const ByteBuff return false; } if (!PKCS7_add1_attrib_digest(p7info_, digest.GetBuffer(), digest.GetSize())) { - ErrLogWithOpenSSLMsg("PKCS7_add1_attrib_digest fail"); + ERR_LOG_WITH_OPEN_SSL_MSG("PKCS7_add1_attrib_digest fail"); return false; } return true; @@ -195,7 +195,7 @@ bool SignerInfo::ComputeDigest(const ByteBuffer &data, ByteBuffer &digest) ret = true; } while (0); if (!ret) { - ErrLogWithOpenSSLMsg("Compute digest failed."); + ERR_LOG_WITH_OPEN_SSL_MSG("Compute digest failed."); } else if (!digest.CopyFrom(mdBuffer, mdLen)) { ret = false; } @@ -236,7 +236,7 @@ int SignerInfo::AddOwnerID(const std::string &ownerID) int ret = PKCS7_add_signed_attribute(p7info_, nid, V_ASN1_UTF8STRING, ownerIDAsn1); if (ret == 0) { ASN1_STRING_free(ownerIDAsn1); - ErrLogWithOpenSSLMsg("PKCS7_add_signed_attribute failed"); + ERR_LOG_WITH_OPEN_SSL_MSG("PKCS7_add_signed_attribute failed"); return CS_ERR_OPENSSL_PKCS7; } @@ -253,13 +253,13 @@ int SignerInfo::ParseOwnerIdFromSignature(const ByteBuffer &sigbuffer, std::stri BIO *bio = BIO_new_mem_buf(sigbuffer.GetBuffer(), sigbuffer.GetSize()); if (bio == nullptr) { - ErrLogWithOpenSSLMsg("BIO_new_mem_buf failed"); + ERR_LOG_WITH_OPEN_SSL_MSG("BIO_new_mem_buf failed"); return CS_ERR_OPENSSL_BIO; } PKCS7 *p7 = d2i_PKCS7_bio(bio, nullptr); if (p7 == nullptr) { BIO_free(bio); - ErrLogWithOpenSSLMsg("d2i_PKCS7_bio failed"); + ERR_LOG_WITH_OPEN_SSL_MSG("d2i_PKCS7_bio failed"); return CS_ERR_OPENSSL_PKCS7; } @@ -267,7 +267,7 @@ int SignerInfo::ParseOwnerIdFromSignature(const ByteBuffer &sigbuffer, std::stri if (signerInfosk == nullptr) { BIO_free(bio); PKCS7_free(p7); - ErrLogWithOpenSSLMsg("PKCS7_get_signer_info failed"); + ERR_LOG_WITH_OPEN_SSL_MSG("PKCS7_get_signer_info failed"); return CS_ERR_OPENSSL_PKCS7; } for (int i = 0; i < sk_PKCS7_SIGNER_INFO_num(signerInfosk); i++) {