openharmony/security_certificate_framework
1
0
Fork 0
mirror of https://gitee.com/openharmony/security_certificate_framework synced 2024-11-23 14:39:44 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

提取公共函数到common文件

Browse Source 
Signed-off-by: lanming <lanming@huawei.com>
This commit is contained in:
lanming 2024-06-18 19:52:13 +08:00
parent ae266cb9e0
commit db6951ca5a
3 changed files with 78 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
frameworks/adapter/v1.0/inc/certificate_openssl_common.h
View File

@ -56,6 +56,9 @@ bool CheckIsLeafCert(X509 *cert);
CfResult IsOrderCertChain(STACK_OF(X509) * certsChain, bool *isOrder);
CfResult CheckSelfPubkey(X509 *cert, const EVP_PKEY *pubKey);
X509 *FindCertificateBySubject(STACK_OF(X509) * certs, X509_NAME *subjectName);
CfResult GetPubKeyDataFromX509(X509 *x509, CfBlob **pub);
CfResult GetSubjectNameFromX509(X509 *cert, CfBlob **sub);
CfResult GetNameConstraintsFromX509(X509 *cert, CfBlob **name);
#ifdef __cplusplus
}
#endif

73
frameworks/adapter/v1.0/src/certificate_openssl_common.c
View File

@ -496,4 +496,75 @@ void SubAltNameArrayDataClearAndFree(SubAltNameArray *array)
array->data = NULL;
array->count = 0;
}
}
}
CfResult GetPubKeyDataFromX509(X509 *x509, CfBlob **pub)
{
EVP_PKEY *pkey = X509_get0_pubkey(x509);
if (pkey == NULL) {
return CF_ERR_CRYPTO_OPERATION;
}
*pub = (CfBlob *)CfMalloc(sizeof(CfBlob), 0);
if (*pub == NULL) {
LOGE("Failed to malloc pub key!");
return CF_ERR_MALLOC;
}
int32_t size = i2d_PUBKEY(pkey, &((*pub)->data));
if (size <= 0) {
LOGE("Failed to convert public key to DER format");
CfFree(*pub);
*pub = NULL;
return CF_INVALID_PARAMS;
}
(*pub)->size = (uint32_t)size;
return CF_SUCCESS;
}
CfResult GetSubjectNameFromX509(X509 *cert, CfBlob **sub)
{
X509_NAME *name = X509_get_subject_name(cert);
if (!name) {
LOGE("Failed to get subject name!");
return CF_INVALID_PARAMS;
}
*sub = (CfBlob *)CfMalloc(sizeof(CfBlob), 0);
if (*sub == NULL) {
LOGE("Failed to malloc pub key!");
return CF_ERR_MALLOC;
}
int32_t size = i2d_X509_NAME(name, &((*sub)->data));
if (size <= 0) {
LOGE("Failed to get subject DER data!");
CfFree(*sub);
*sub = NULL;
return CF_ERR_CRYPTO_OPERATION;
}
(*sub)->size = (uint32_t)size;
return CF_SUCCESS;
}
CfResult GetNameConstraintsFromX509(X509 *cert, CfBlob **name)
{
ASN1_BIT_STRING *nc = X509_get_ext_d2i(cert, NID_name_constraints, NULL, NULL);
if (!nc) {
LOGE("No nameConstraints found in certificate");
return CF_INVALID_PARAMS;
}
*name = (CfBlob *)CfMalloc(sizeof(CfBlob), 0);
if (*name == NULL) {
LOGE("Failed to malloc pub key!");
return CF_ERR_MALLOC;
}
int32_t size = i2d_ASN1_BIT_STRING(nc, &((*name)->data));
if (size < 0) {
LOGE("Failed to get name DER data!");
CfFree(*name);
*name = NULL;
return CF_ERR_CRYPTO_OPERATION;
}
(*name)->size = (uint32_t)size;
return CF_SUCCESS;
}

71
frameworks/adapter/v1.0/src/x509_cert_chain_openssl.c
View File

@ -2060,71 +2060,6 @@ CfResult HcfX509CertChainByParamsSpiCreate(const HcfX509CertChainBuildParameters
return res;
}
static CfResult GetPubFromP12(EVP_PKEY *pkey, CfBlob **pub)
{
*pub = (CfBlob *)CfMalloc(sizeof(CfBlob), 0);
if (*pub == NULL) {
LOGE("Failed to malloc pub key!");
return CF_ERR_MALLOC;
}
int32_t size = i2d_PUBKEY(pkey, &((*pub)->data));
if (size < 0) {
LOGE("Failed to convert public key to DER format");
CfFree(*pub);
*pub = NULL;
return CF_INVALID_PARAMS;
}
(*pub)->size = (uint32_t)size;
return CF_SUCCESS;
}
static CfResult GetSubjectFromP12(X509 *cert, CfBlob **sub)
{
X509_NAME *name = X509_get_subject_name(cert);
if (!name) {
LOGE("Failed to get subject name!");
return CF_INVALID_PARAMS;
}
*sub = (CfBlob *)CfMalloc(sizeof(CfBlob), 0);
if (*sub == NULL) {
LOGE("Failed to malloc pub key!");
return CF_ERR_MALLOC;
}
int32_t size = i2d_X509_NAME(name, &((*sub)->data));
if (size <= 0) {
LOGE("Failed to get subject DER data!");
CfFree(*sub);
*sub = NULL;
return CF_ERR_CRYPTO_OPERATION;
}
(*sub)->size = (uint32_t)size;
return CF_SUCCESS;
}
static CfResult GetNameConstraintsFromP12(X509 *cert, CfBlob **name)
{
ASN1_BIT_STRING *nc = X509_get_ext_d2i(cert, NID_name_constraints, NULL, NULL);
if (!nc) {
LOGE("No nameConstraints found in certificate");
return CF_INVALID_PARAMS;
}
*name = (CfBlob *)CfMalloc(sizeof(CfBlob), 0);
if (*name == NULL) {
LOGE("Failed to malloc pub key!");
return CF_ERR_MALLOC;
}
int32_t size = i2d_ASN1_BIT_STRING(nc, &((*name)->data));
if (size < 0) {
LOGE("Failed to get name DER data!");
CfFree(*name);
*name = NULL;
return CF_ERR_CRYPTO_OPERATION;
}
(*name)->size = (uint32_t)size;
return CF_SUCCESS;
}
static CfResult ProcessP12Data(STACK_OF(X509) *ca, HcfX509TrustAnchorArray *result)
{
CfResult ret = CF_SUCCESS;
@ -2137,19 +2072,19 @@ static CfResult ProcessP12Data(STACK_OF(X509) *ca, HcfX509TrustAnchorArray *resu
}
// CAPubKey
ret = GetPubFromP12(X509_get0_pubkey(x509), &(result->data[i]->CAPubKey));
ret = GetPubKeyDataFromX509(x509, &(result->data[i]->CAPubKey));
if (ret != CF_SUCCESS) {
LOGD("Failed to get %d CAPubKey!", i);
}
// CASubject
ret = GetSubjectFromP12(x509, &(result->data[i]->CASubject));
ret = GetSubjectNameFromX509(x509, &(result->data[i]->CASubject));
if (ret != CF_SUCCESS) {
LOGD("Failed to get %d CASubject!", i);
}
// nameConstraints
ret = GetNameConstraintsFromP12(x509, &(result->data[i]->nameConstraints));
ret = GetNameConstraintsFromX509(x509, &(result->data[i]->nameConstraints));
if (ret != CF_SUCCESS) {
LOGD("Failed to get %d nameConstraints!", i);
}