代码签名告警清理

Signed-off-by: yang1946 <yuzhaoyang1@huawei.com>
2024-11-23 14:19:56 +00:00 · 2024-01-03 13:46:36 +08:00 · 2024-01-03 13:46:36 +08:00 · 6fcad713ec
commit 6fcad713ec
parent 1b0cb90801
6 changed files with 14 additions and 8 deletions
--- a/services/key_enable/cfg/key_enable.enable_xpm.cfg
+++ b/services/key_enable/cfg/key_enable.enable_xpm.cfg
@ -15,7 +15,7 @@
        }, {
            "name" : "pre-init",
            "cmds" : [
-                "write /proc/sys/kernel/xpm/xpm_mode 1",
+                "write /proc/sys/kernel/xpm/xpm_mode 1"
            ]
        }
    ],
--- a/utils/include/cs_hisysevent.h
+++ b/utils/include/cs_hisysevent.h
@ -41,7 +41,7 @@ inline void ReportInvalidCaller(const std::string &interfaceType, uint32_t token
        HiviewDFX::HiSysEvent::EventType::SECURITY,
        "INTERFACE", interfaceType, "TOKEN_ID", tokenId);
 }
-inline void ReportParseCodeSig(const std::string &fileInfo, uint32_t errCode)
+inline void ReportParseCodeSig(const std::string &fileInfo, int32_t errCode)
 {
    HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::CODE_SIGN, "CS_PARSE_CODE_SIG",
        HiviewDFX::HiSysEvent::EventType::FAULT,
--- a/utils/include/fsverity_utils_helper.h
+++ b/utils/include/fsverity_utils_helper.h
@ -104,7 +104,7 @@ private:
                    return CS_ERR_FILE_READ;
                }
                buf += bytesRead;
-                count -= bytesRead;
+                count -= static_cast<size_t>(bytesRead);
            }
            return CS_SUCCESS;
        }
--- a/utils/src/code_sign_block.cpp
+++ b/utils/src/code_sign_block.cpp
@ -34,7 +34,13 @@ namespace CodeSign {
 constexpr uint32_t HAP_CODE_SIGN_BLOCK_ID = 0x30000001;
 constexpr uint32_t CSB_PROPERTY_BLOB = 0x20000003;

-CodeSignBlock::CodeSignBlock() { }
+CodeSignBlock::CodeSignBlock()
+{
+    signatureInfo_.hapSigningBlockOffset = 0;
+    signatureInfo_.hapCentralDirOffset = 0;
+    signatureInfo_.hapEocdOffset = 0;
+    signatureInfo_.version = 0;
+}

 CodeSignBlock::~CodeSignBlock() { }

@ -194,7 +200,7 @@ int32_t CodeSignBlock::GetCodeSignBlockBuffer(const std::string &path, ReadBuffe
        }

        blobBuffer = value.optionalBlockValue.GetBufferPtr();
-        blobSize = value.optionalBlockValue.GetCapacity();
+        blobSize = static_cast<uint32_t>(value.optionalBlockValue.GetCapacity());
        break;
    }

--- a/utils/src/pkcs7_data.cpp
+++ b/utils/src/pkcs7_data.cpp
@ -43,14 +43,14 @@ PKCS7Data::~PKCS7Data()

 bool PKCS7Data::InitPKCS7Data(const std::vector<ByteBuffer> &certChain)
 {
-    int flags = PKCS7_BINARY | PKCS7_DETACHED | PKCS7_NOATTR | PKCS7_PARTIAL;
+    uint32_t flags = PKCS7_BINARY | PKCS7_DETACHED | PKCS7_NOATTR | PKCS7_PARTIAL;
    STACK_OF(X509) *certs = nullptr;
    if (certChain.empty()) {
        flags = flags | PKCS7_NOCERTS;
    } else {
        certs = MakeStackOfCerts(certChain);
    }
-    p7_ = PKCS7_sign(nullptr, nullptr, certs, nullptr, flags);
+    p7_ = PKCS7_sign(nullptr, nullptr, certs, nullptr, static_cast<int>(flags));
    if (p7_ == nullptr) {
        sk_X509_pop_free(certs, X509_free);
        return false;
--- a/utils/src/signer_info.cpp
+++ b/utils/src/signer_info.cpp
@ -143,7 +143,7 @@ uint8_t *SignerInfo::GetDataToSign(uint32_t &len)
        if (itemLen < 0) {
            return nullptr;
        }
-        len = itemLen;
+        len = static_cast<uint32_t>(itemLen);
    } else {
        if (unsignedData_ == nullptr) {
            return nullptr;