openharmony/security_certificate_manager
1
0
Fork 0
mirror of https://gitee.com/openharmony/security_certificate_manager synced 2024-11-23 07:29:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

!334 增加仓颉语言ffi桥接层代码

Browse Source 
Merge pull request !334 from zhuoyuanli/master
This commit is contained in:
openharmony_ci 2024-10-15 04:05:27 +00:00 committed by Gitee
commit 6b289698b3
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
4 changed files with 272 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
BUILD.gn
View File

@ -35,6 +35,12 @@ group("cert_manager_napi") {
}
}
group("cert_manager_cjapi") {
if (os_level == "standard") {
deps = [ "./interfaces/kits/cj:cj_cert_manager_ffi" ]
}
}
group("cipher_napi") {
if (os_level == "standard") {
if (support_jsapi) {
@ -46,6 +52,7 @@ group("cipher_napi") {
group("cert_manager_type_base") {
if (os_level == "standard") {
deps = [
":cert_manager_cjapi",
":cert_manager_napi",
"./config:trusted_system_certificate0",
"./config:trusted_system_certificate1",

48
interfaces/kits/cj/BUILD.gn Normal file
View File

@ -0,0 +1,48 @@
# Copyright (c) 2022-2023 Huawei Device Co., Ltd.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import("//build/ohos.gni")
ohos_shared_library("cj_cert_manager_ffi") {
branch_protector_ret = "pac_ret"
sanitize = {
cfi = true
cfi_cross_dso = true
boundary_sanitize = true
debug = false
integer_overflow = true
ubsan = true
}
defines = [
"L2_STANDARD",
"_HARDWARE_ROOT_KEY_",
"_CM_LOG_ENABLE_",
]
include_dirs = [
"../../../frameworks/cert_manager_standard/main/common/include",
"include",
]
sources = [ "src/cj_cert_manager_ffi.c" ]
cflags_cc = [
"-Wall",
"-Werror",
]
deps = [ "../../innerkits/cert_manager_standard/main:cert_manager_sdk" ]
innerapi_tags = [ "platformsdk" ]
subsystem_name = "security"
part_name = "certificate_manager"
}

70
interfaces/kits/cj/include/cj_cert_manager_ffi.h Normal file
View File

@ -0,0 +1,70 @@
/*
* Copyright (c) 2024 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef CJ_CERT_MANAGER_FFI_H
#define CJ_CERT_MANAGER_FFI_H
#include "cert_manager_api.h"
struct CjCredential {
uint32_t isExist;
char *type;
char *alias;
char *keyUri;
uint32_t certNum;
uint32_t keyNum;
struct CmBlob credData;
};
struct CjSignatureSpec {
uint32_t purpose;
uint32_t padding;
uint32_t digest;
};
struct CjCertAbstract {
char *uri;
char *certAlias;
bool status;
char *subjectName;
};
struct CjCertInfo {
char *uri;
char *certAlias;
bool status;
char *issuerName;
char *subjectName;
char *serial;
char *notBefore;
char *notAfter;
char *fingerprintSha256;
struct CmBlob certInfo;
};
int32_t FfiCertManagerInstallAppCert(const struct CmBlob *appCert, const struct CmBlob *appCertPwd,
const struct CmBlob *certAlias, const uint32_t store, struct CmBlob *keyUri);
int32_t FfiCertManagerUninstallAppCert(const struct CmBlob *keyUri, const uint32_t store);
int32_t FfiCertManagerGetAppCert(const struct CmBlob *keyUri, const uint32_t store, struct CjCredential *retObj);
int32_t FfiCertManagerInit(const struct CmBlob *authUri, const struct CjSignatureSpec *spec, struct CmBlob *handle);
int32_t FfiCertManagerUpdate(const struct CmBlob *handle, const struct CmBlob *inData);
int32_t FfiCertManagerFinish(const struct CmBlob *handle, const struct CmBlob *inData, struct CmBlob *outData);
int32_t FfiCertManagerAbort(const struct CmBlob *handle);
int32_t FfiCertManagerIsAuthorizedApp(const struct CmBlob *authUri);
int32_t FfiCertManagerGetUserCertList(const uint32_t store, uint32_t *retCount, struct CjCertAbstract **retObj);
int32_t FfiCertManagerGetUserCertInfo(const struct CmBlob *certUri, const uint32_t store, struct CjCertInfo *retObj);
#endif //CJ_CERT_MANAGER_FFI_H

147
interfaces/kits/cj/src/cj_cert_manager_ffi.c Normal file
View File

@ -0,0 +1,147 @@
/*
* Copyright (c) 2024 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include <string.h>
#include "cj_cert_manager_ffi.h"
int32_t FfiCertManagerInstallAppCert(const struct CmBlob *appCert, const struct CmBlob *appCertPwd,
const struct CmBlob *certAlias, const uint32_t store, struct CmBlob *keyUri)
{
return CmInstallAppCert(appCert, appCertPwd, certAlias, store, keyUri);
}
int32_t FfiCertManagerUninstallAppCert(const struct CmBlob *keyUri, const uint32_t store)
{
return CmUninstallAppCert(keyUri, store);
}
int32_t FfiCertManagerGetAppCert(const struct CmBlob *keyUri, const uint32_t store, struct CjCredential *retObj)
{
struct Credential credential = {0};
credential.credData.data = malloc(MAX_LEN_CERTIFICATE_CHAIN);
if (credential.credData.data == NULL) {
return CMR_ERROR_MALLOC_FAIL;
}
credential.credData.size = MAX_LEN_CERTIFICATE_CHAIN;
const int32_t errCode = CmGetAppCert(keyUri, store, &credential);
if (errCode != CM_SUCCESS) {
free(credential.credData.data);
return errCode;
}
// ATTENTION: resource will be released by caller.
// Caller will ensure `retObj` is always not null.
retObj->isExist = credential.isExist;
retObj->type = strdup(credential.type);
retObj->alias = strdup(credential.alias);
retObj->keyUri = strdup(credential.keyUri);
retObj->certNum = credential.certNum;
retObj->keyNum = credential.keyNum;
retObj->credData.data = credential.credData.data;
retObj->credData.size = credential.credData.size;
return CM_SUCCESS;
}
int32_t FfiCertManagerInit(const struct CmBlob *authUri, const struct CjSignatureSpec *spec, struct CmBlob *handle)
{
// Caller will ensure `spec` is always not null.
const struct CmSignatureSpec cmSpec = {
.purpose = spec->purpose,
.padding = spec->padding,
.digest = spec->digest,
};
return CmInit(authUri, &cmSpec, handle);
}
int32_t FfiCertManagerUpdate(const struct CmBlob *handle, const struct CmBlob *inData)
{
return CmUpdate(handle, inData);
}
int32_t FfiCertManagerFinish(const struct CmBlob *handle, const struct CmBlob *inData, struct CmBlob *outData)
{
return CmFinish(handle, inData, outData);
}
int32_t FfiCertManagerAbort(const struct CmBlob *handle)
{
return CmAbort(handle);
}
int32_t FfiCertManagerIsAuthorizedApp(const struct CmBlob *authUri)
{
return CmIsAuthorizedApp(authUri);
}
int32_t FfiCertManagerGetUserCertList(const uint32_t store, uint32_t *retCount, struct CjCertAbstract **retObj)
{
struct CertList certificateList = {0};
uint32_t buffSize = MAX_COUNT_CERTIFICATE * sizeof(struct CertAbstract);
certificateList.certAbstract = (struct CertAbstract *) malloc(buffSize);
if (certificateList.certAbstract == NULL) {
return CMR_ERROR_MALLOC_FAIL;
}
certificateList.certsCount = MAX_COUNT_CERTIFICATE;
const int32_t errCode = CmGetUserCertList(store, &certificateList);
if (errCode == CM_SUCCESS) {
// Caller will ensure `retObj` is always not null.
*retObj = malloc(sizeof(struct CjCertAbstract) * certificateList.certsCount);
if (*retObj == NULL) {
free(certificateList.certAbstract);
return CMR_ERROR_MALLOC_FAIL;
}
*retCount = certificateList.certsCount;
for (int i = 0; i < certificateList.certsCount; ++i) {
// ATTENTION: resource will be released by caller.
(*retObj)->uri = strdup(certificateList.certAbstract[i].uri);
(*retObj)->certAlias = strdup(certificateList.certAbstract[i].certAlias);
(*retObj)[i].status = certificateList.certAbstract[i].status;
(*retObj)->subjectName = strdup(certificateList.certAbstract[i].subjectName);
}
}
free(certificateList.certAbstract);
return errCode;
}
int32_t FfiCertManagerGetUserCertInfo(const struct CmBlob *certUri, const uint32_t store, struct CjCertInfo *retObj)
{
struct CertInfo info = {0};
info.certInfo.data = malloc(MAX_LEN_CERTIFICATE);
if (info.certInfo.data == NULL) {
return CMR_ERROR_MALLOC_FAIL;
}
info.certInfo.size = MAX_LEN_CERTIFICATE;
const int32_t errCode = CmGetUserCertInfo(certUri, store, &info);
if (errCode != CM_SUCCESS) {
free(info.certInfo.data);
return errCode;
}
// ATTENTION: resource will be released by caller.
// Caller will ensure `retObj` is always not null.
retObj->uri = strdup(info.uri);
retObj->certAlias = strdup(info.certAlias);
retObj->status = info.status;
retObj->issuerName = strdup(info.issuerName);
retObj->subjectName = strdup(info.subjectName);
retObj->serial = strdup(info.serial);
retObj->notBefore = strdup(info.notBefore);
retObj->notAfter = strdup(info.notAfter);
retObj->fingerprintSha256 = strdup(info.fingerprintSha256);
retObj->certInfo.data = info.certInfo.data;
retObj->certInfo.size = info.certInfo.size;
return CM_SUCCESS;
}