Go to file
openharmony_ci 19466d0085
!204 新增CFI配置
Merge pull request !204 from junyi233/myfeature
2024-01-26 02:19:05 +00:00
.gitee IssueNo: 2023-09-05 11:07:54 +08:00
figures update OpenHarmony 2.0 Canary 2021-06-02 02:56:01 +08:00
interfaces/innerkits !204 新增CFI配置 2024-01-26 02:19:05 +00:00
test/resource/appverify TicketVerifyTest tdd新增 2023-06-16 02:52:26 +00:00
.gitattributes update OpenHarmony 2.0 Canary 2021-06-02 02:56:01 +08:00
BUILD.gn appverify仓路径移动代码回退 2023-07-03 14:26:59 +00:00
bundle.json 研发设备豁免校验设备ID 2023-12-18 14:06:34 +08:00
LICENSE update openharmony 1.0.1 2021-03-11 22:30:15 +08:00
OAT.xml appverify仓路径移动代码回退 2023-07-03 14:26:59 +00:00
README_zh.md 安全排查int改为int32_t unsigned int 改为uint32_t 2023-08-30 02:31:01 +00:00
README.md 安全排查int改为int32_t unsigned int 改为uint32_t 2023-08-30 02:31:01 +00:00

appverify

Introduction

To ensure the integrity and trustworthiness of the applications to be installed in OpenHarmony, the applications must be signed and their signatures must be verified.

  • In application development: After developing an application, you need to sign its installation package to ensure that the installation package is not tampered with when it is released on devices. To sign the application package, you can use the signature tools and the public key certificates and follow the signing certificate generation specifications provided by the application integrity verification module. For your convenience, a public key certificate and a corresponding private key are preset in OpenHarmony. You need to replace the public key certificate and private key in your commercial version of OpenHarmony.

  • In application installation: The Application Framework subsystem of OpenHarmony installs applications. Upon receiving an application installation package, the Application Framework subsystem parses the signature of the installation package, and verifies the signature using the application integrity verification APIs. The application can be installed only after the verification succeeds. During the verification, the application integrity verification module uses the preset public key certificate to verify the signature.

Architecture

Figure 1 Application integrity verification architecture

  • APIs between subsystems: APIs provided by the application integrity verification module for other modules

  • Integrity verification: ensures the integrity of application bundles and prevents tampering through signature verification.

  • Application source identification: identifies the application source by matching the signature certificate chain with the trusted source list.

Directory Structure

/base/security/appverify
├── interfaces/innerkits/appverify         # Application integrity verification module
│       ├── config                         # Application signature root certificates and configuration files for the trusted source list
│       ├── include                        # Header files
│       ├── src                            # Source code
│       ├── test                           # Automated test cases
├── test/resource                          # Test resources

Constraints

The certificates used for application integrity verification are specific to OpenHarmony. The corresponding public key certificates and private keys are preset in the open-source code repositories of OpenHarmony to provide offline signing and verification capabilities for the open-source community. The public key certificates and the corresponding private keys need to be replaced in commercial versions that are based on OpenHarmony.

Usage

The application integrity verification module provides an inter-subsystem API, which is called by the Bundle Manager Service BMS during application installation.

Available APIs

API

Description

int32_t HapVerify(const std::string& filePath, HapVerifyResult& hapVerifyResult)

Verifies application integrity and identifies the application source.

Usage Guidelines

The HapVerify() API provided by the application integrity verification module is an inter-subsystem API. This API can be called with the HAP file path passed to verify the integrity of an application, and the verification result can be obtained from the return value. The signature of the application can be obtained from the input parameter hapVerifyResult.

Security::Verify::HapVerifyResult verifyResult;
int32_t res = Security::Verify::HapVerify(hapPath, verifyResult);
if (res != Security::Verify::HapVerifyResultCode::VERIFY_SUCCESS) {
    // processing error
}

Repositories Involved

Security subsystem

hmf/security/appverify