From d1353878a874936a0caed9393666c37eb0d78a10 Mon Sep 17 00:00:00 2001 From: huyiqi Date: Mon, 22 May 2023 16:16:55 +0800 Subject: [PATCH] add cert object cert code Signed-off-by: huyiqi --- frameworks/core/BUILD.gn | 2 + frameworks/core/cert/BUILD.gn | 49 ++++++ .../cert/inc/cf_cert_adapter_ability_define.h | 29 ++++ frameworks/core/cert/inc/cf_object_cert.h | 37 +++++ frameworks/core/cert/src/cf_cert_ability.c | 35 ++++ frameworks/core/cert/src/cf_object_cert.c | 157 ++++++++++++++++++ 6 files changed, 309 insertions(+) create mode 100644 frameworks/core/cert/BUILD.gn create mode 100644 frameworks/core/cert/inc/cf_cert_adapter_ability_define.h create mode 100644 frameworks/core/cert/inc/cf_object_cert.h create mode 100644 frameworks/core/cert/src/cf_cert_ability.c create mode 100644 frameworks/core/cert/src/cf_object_cert.c diff --git a/frameworks/core/BUILD.gn b/frameworks/core/BUILD.gn index 537fce4..7454598 100644 --- a/frameworks/core/BUILD.gn +++ b/frameworks/core/BUILD.gn @@ -30,8 +30,10 @@ ohos_shared_library("certificate_framework_core") { sources = [ "life/cf_api.c" ] deps = [ + "../ability:libcertificate_framework_ability", "../adapter:libcertificate_framework_adapter", "../common:libcertificate_framework_common_static", + "cert:libcertificate_framework_cert_object", "v1.0:libcertificate_framework_vesion1", ] diff --git a/frameworks/core/cert/BUILD.gn b/frameworks/core/cert/BUILD.gn new file mode 100644 index 0000000..21bfe3a --- /dev/null +++ b/frameworks/core/cert/BUILD.gn @@ -0,0 +1,49 @@ +# Copyright (c) 2023 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos.gni") + +config("libcertificate_framework_cert_object_config") { + include_dirs = [ "inc" ] +} + +ohos_static_library("libcertificate_framework_cert_object") { + subsystem_name = "security" + part_name = "certificate_framework" + public_configs = [ ":libcertificate_framework_cert_object_config" ] + configs = [ "../../../config/build:coverage_flag" ] + include_dirs = [ "../life/inc" ] + + sources = [ + "src/cf_cert_ability.c", + "src/cf_object_cert.c", + ] + + deps = [ + "../../ability:libcertificate_framework_ability", + "../../common:libcertificate_framework_common_static", + "../param:libcertificate_framework_param", + ] + + external_deps = [ + "c_utils:utils", + "hiviewdfx_hilog_native:libhilog", + ] + + cflags = [ + "-DHILOG_ENABLE", + "-fPIC", + "-Wall", + "-Werror", + ] +} diff --git a/frameworks/core/cert/inc/cf_cert_adapter_ability_define.h b/frameworks/core/cert/inc/cf_cert_adapter_ability_define.h new file mode 100644 index 0000000..9745bf6 --- /dev/null +++ b/frameworks/core/cert/inc/cf_cert_adapter_ability_define.h @@ -0,0 +1,29 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CF_CERT_ADAPTER_ABILITY_DEFINE_H +#define CF_CERT_ADAPTER_ABILITY_DEFINE_H + +#include "cf_type.h" + +typedef struct { + CfBase base; + int32_t (*adapterCreate)(const CfEncodingBlob *in, CfBase **object); + void (*adapterDestory)(CfBase **object); + int32_t (*adapterVerify)(const CfBase *certObj, const CfBlob *pubKey); + int32_t (*adapterGetItem)(const CfBase *object, CfItemId id, CfBlob *outBlob); +} CfCertAdapterAbilityFunc; + +#endif /* CF_CERT_ADAPTER_ABILITY_DEFINE_H */ \ No newline at end of file diff --git a/frameworks/core/cert/inc/cf_object_cert.h b/frameworks/core/cert/inc/cf_object_cert.h new file mode 100644 index 0000000..ad0c650 --- /dev/null +++ b/frameworks/core/cert/inc/cf_object_cert.h @@ -0,0 +1,37 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CF_OBJECT_CERT_H +#define CF_OBJECT_CERT_H + +#include "cf_type.h" + +#ifdef __cplusplus +extern "C" { +#endif + +int32_t CfCertCreate(const CfEncodingBlob *in, CfBase **obj); + +int32_t CfCertGet(const CfBase *obj, const CfParamSet *in, CfParamSet **out); + +int32_t CfCertCheck(const CfBase *obj, const CfParamSet *in, CfParamSet **out); + +void CfCertDestroy(CfBase **obj); + +#ifdef __cplusplus +} +#endif + +#endif /* CF_OBJECT_CERT_H */ \ No newline at end of file diff --git a/frameworks/core/cert/src/cf_cert_ability.c b/frameworks/core/cert/src/cf_cert_ability.c new file mode 100644 index 0000000..f23da8f --- /dev/null +++ b/frameworks/core/cert/src/cf_cert_ability.c @@ -0,0 +1,35 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cf_ability.h" + +#include "cf_log.h" +#include "cf_magic.h" +#include "cf_object_ability_define.h" +#include "cf_object_cert.h" + +static CfObjectAbilityFunc g_certObjectFunc = { + .base.type = CF_MAGIC(CF_MAGIC_TYPE_OBJ_FUNC, CF_OBJ_TYPE_CERT), + .create = CfCertCreate, + .destroy = CfCertDestroy, + .check = CfCertCheck, + .get = CfCertGet, +}; + +__attribute__((constructor)) static void LoadCertOjbectAbility(void) +{ + CF_LOG_I("enter load cert object ability"); + (void)RegisterAbility(CF_ABILITY(CF_ABILITY_TYPE_OBJECT, CF_OBJ_TYPE_CERT), &g_certObjectFunc.base); +} diff --git a/frameworks/core/cert/src/cf_object_cert.c b/frameworks/core/cert/src/cf_object_cert.c new file mode 100644 index 0000000..8abc965 --- /dev/null +++ b/frameworks/core/cert/src/cf_object_cert.c @@ -0,0 +1,157 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cf_object_cert.h" + +#include "securec.h" + +#include "cf_ability.h" +#include "cf_log.h" +#include "cf_magic.h" +#include "cf_memory.h" +#include "cf_param.h" +#include "cf_param_parse.h" +#include "cf_result.h" + +#include "cf_cert_adapter_ability_define.h" + +typedef struct { + CfBase base; + CfCertAdapterAbilityFunc func; + CfBase *adapterRes; +} CfCertObjStruct; + +int32_t CfCertCreate(const CfEncodingBlob *in, CfBase **obj) +{ + if ((in == NULL) || (obj == NULL)) { + CF_LOG_E("param null"); + return CF_NULL_POINTER; + } + + CfCertAdapterAbilityFunc *func = (CfCertAdapterAbilityFunc *)GetAbility(CF_ABILITY(CF_ABILITY_TYPE_ADAPTER, + CF_OBJ_TYPE_CERT)); + if ((func == NULL) || (func->base.type != CF_MAGIC(CF_MAGIC_TYPE_ADAPTER_FUNC, CF_OBJ_TYPE_CERT))) { + CF_LOG_E("invalid func type"); + return CF_INVALID_PARAMS; + } + + CfCertObjStruct *tmp = CfMalloc(sizeof(CfCertObjStruct)); + if (tmp == NULL) { + CF_LOG_E("malloc cert obj failed"); + return CF_ERR_MALLOC; + } + tmp->base.type = CF_MAGIC(CF_MAGIC_TYPE_OBJ_RESOURCE, CF_OBJ_TYPE_CERT); + + int32_t ret = func->adapterCreate(in, &tmp->adapterRes); + if (ret != CF_SUCCESS) { + CF_LOG_E("cert adapter create failed"); + CfFree(tmp); + return ret; + } + (void)memcpy_s(&tmp->func, sizeof(CfCertAdapterAbilityFunc), func, sizeof(CfCertAdapterAbilityFunc)); + + *obj = &(tmp->base); + return CF_SUCCESS; +} + +static int32_t CfCertGetItem(const CfCertObjStruct *obj, const CfParamSet *in, CfParamSet **out) +{ + CfParam *tmpParam = NULL; + int32_t ret = CfGetParam(in, CF_TAG_PARAM0_INT32, &tmpParam); + if (ret != CF_SUCCESS) { + CF_LOG_E("get item id failed, ret = %d", ret); + return ret; + } + + CF_LOG_I("cert get type = 0x%x", tmpParam->int32Param); + CfBlob itemValue = { 0, NULL }; + ret = obj->func.adapterGetItem(obj->adapterRes, (CfItemId)tmpParam->int32Param, &itemValue); + if (ret != CF_SUCCESS) { + CF_LOG_E("adapter get item failed, ret = %d", ret); + return ret; + } + + CfParam params[] = { + { .tag = CF_TAG_RESULT_TYPE, .int32Param = CF_TAG_TYPE_BYTES }, + { .tag = CF_TAG_RESULT_BYTES, .blob = itemValue }, + }; + ret = CfConstructParamSetOut(params, sizeof(params) / sizeof(CfParam), out); + CfFree(itemValue.data); + return ret; +} + +int32_t CfCertGet(const CfBase *obj, const CfParamSet *in, CfParamSet **out) +{ + if ((obj == NULL) || (in == NULL) || (out == NULL)) { + CF_LOG_E("cfcertget params is null"); + return CF_NULL_POINTER; + } + + CfCertObjStruct *tmp = (CfCertObjStruct *)obj; + if (tmp->base.type != CF_MAGIC(CF_MAGIC_TYPE_OBJ_RESOURCE, CF_OBJ_TYPE_CERT)) { + CF_LOG_E("invalid resource type"); + return CF_INVALID_PARAMS; + } + + CfParam *tmpParam = NULL; + int32_t ret = CfGetParam(in, CF_TAG_GET_TYPE, &tmpParam); + if (ret != CF_SUCCESS) { + CF_LOG_E("get param item type failed, ret = %d", ret); + return ret; + } + + switch (tmpParam->int32Param) { + case CF_GET_TYPE_CERT_ITEM: + return CfCertGetItem(tmp, in, out); + default: + CF_LOG_E("cert get type invalid, type = %d", tmpParam->int32Param); + return CF_NOT_SUPPORT; + } +} + +int32_t CfCertCheck(const CfBase *obj, const CfParamSet *in, CfParamSet **out) +{ + if ((obj == NULL) || (in == NULL) || (out == NULL)) { + CF_LOG_E("cfcertcheck params is null"); + return CF_NULL_POINTER; + } + + CfCertObjStruct *tmp = (CfCertObjStruct *)obj; + if (tmp->base.type != CF_MAGIC(CF_MAGIC_TYPE_OBJ_RESOURCE, CF_OBJ_TYPE_CERT)) { + CF_LOG_E("invalid resource type"); + return CF_INVALID_PARAMS; + } + + return CF_SUCCESS; /* reserve check function */ +} + +void CfCertDestroy(CfBase **obj) +{ + if ((obj == NULL) || (*obj == NULL)) { + return; + } + + CfCertObjStruct *tmp = (CfCertObjStruct *)*obj; + if (tmp->base.type != CF_MAGIC(CF_MAGIC_TYPE_OBJ_RESOURCE, CF_OBJ_TYPE_CERT)) { + CF_LOG_E("invalid resource type"); + return; + } + + tmp->func.adapterDestory(&tmp->adapterRes); + CfFree(tmp); + *obj = NULL; + return; +} +