d72f342fff
Merge pull request !215 from 张欣宇/master |
||
---|---|---|
.gitee | ||
figures | ||
interfaces/innerkits | ||
test/resource/appverify | ||
.gitattributes | ||
BUILD.gn | ||
bundle.json | ||
LICENSE | ||
OAT.xml | ||
README_zh.md | ||
README.md |
appverify
Introduction
To ensure the integrity and trustworthiness of the applications to be installed in OpenHarmony, the applications must be signed and their signatures must be verified.
-
In application development: After developing an application, you need to sign its installation package to ensure that the installation package is not tampered with when it is released on devices. To sign the application package, you can use the signature tools and the public key certificates and follow the signing certificate generation specifications provided by the application integrity verification module. For your convenience, a public key certificate and a corresponding private key are preset in OpenHarmony. You need to replace the public key certificate and private key in your commercial version of OpenHarmony.
-
In application installation: The Application Framework subsystem of OpenHarmony installs applications. Upon receiving an application installation package, the Application Framework subsystem parses the signature of the installation package, and verifies the signature using the application integrity verification APIs. The application can be installed only after the verification succeeds. During the verification, the application integrity verification module uses the preset public key certificate to verify the signature.
Architecture
Figure 1 Application integrity verification architecture
-
APIs between subsystems: APIs provided by the application integrity verification module for other modules
-
Integrity verification: ensures the integrity of application bundles and prevents tampering through signature verification.
-
Application source identification: identifies the application source by matching the signature certificate chain with the trusted source list.
Directory Structure
/base/security/appverify
├── interfaces/innerkits/appverify # Application integrity verification module
│ ├── config # Application signature root certificates and configuration files for the trusted source list
│ ├── include # Header files
│ ├── src # Source code
│ ├── test # Automated test cases
├── test/resource # Test resources
Constraints
The certificates used for application integrity verification are specific to OpenHarmony. The corresponding public key certificates and private keys are preset in the open-source code repositories of OpenHarmony to provide offline signing and verification capabilities for the open-source community. The public key certificates and the corresponding private keys need to be replaced in commercial versions that are based on OpenHarmony.
Usage
The application integrity verification module provides an inter-subsystem API, which is called by the Bundle Manager Service BMS
during application installation.
Available APIs
int32_t HapVerify(const std::string& filePath, HapVerifyResult& hapVerifyResult) |
Verifies application integrity and identifies the application source. |
Usage Guidelines
The HapVerify() API provided by the application integrity verification module is an inter-subsystem API. This API can be called with the HAP file path passed to verify the integrity of an application, and the verification result can be obtained from the return value. The signature of the application can be obtained from the input parameter hapVerifyResult.
Security::Verify::HapVerifyResult verifyResult;
int32_t res = Security::Verify::HapVerify(hapPath, verifyResult);
if (res != Security::Verify::HapVerifyResultCode::VERIFY_SUCCESS) {
// processing error
}
Repositories Involved
Security subsystem
hmf/security/appverify