packages/dsoftbus
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
dsoftbus/0007-support-huks-for-openeuler.patch
liheavy 92830da5f5 init dsoftbus
2022-11-30 17:59:29 +08:00

237 lines
10 KiB
Diff
Raw Blame History

From c7fe7e1422af2a0b4fdbd7e514f8b8c6054170e8 Mon Sep 17 00:00:00 2001
From: "beiling.xie" <xiekunxunn@huawei.com>
Date: Tue, 19 Jul 2022 21:01:41 +0800
Subject: [PATCH] support huks for openeuler
Signed-off-by: beiling.xie <xiekunxun@huawei.com>
---
frameworks/huks_standard/main/BUILD.gn | 1 +
.../huks_standard/main/core/src/hks_verifier.c | 10 ++++++----
.../crypto_engine/openssl/src/hks_openssl_kdf.c | 4 +++-
.../huks_standard/main/os_dependency/BUILD.gn | 15 ++++++++++-----
.../main/os_dependency/log/hks_log.c | 14 +++++++-------
interfaces/innerkits/huks_standard/main/BUILD.gn | 1 +
.../huks_service/main/os_dependency/BUILD.gn | 2 +-
.../huks_service/main/os_dependency/idl/BUILD.gn | 6 +++---
utils/file_operator/hks_file_operator.c | 6 +++---
9 files changed, 35 insertions(+), 24 deletions(-)
diff --git a/frameworks/huks_standard/main/BUILD.gn b/frameworks/huks_standard/main/BUILD.gn
index 83d7750..cd899cd 100755
--- a/frameworks/huks_standard/main/BUILD.gn
+++ b/frameworks/huks_standard/main/BUILD.gn
@@ -20,6 +20,7 @@ group("huks_standard_frameworks") {
"//base/security/huks/frameworks/huks_standard/main/core:libhuks_core_standard_static",
"//base/security/huks/frameworks/huks_standard/main/crypto_engine:libhuks_crypto_engine_standard_static",
"//base/security/huks/frameworks/huks_standard/main/os_dependency:libhuks_os_dependency_standard_static",
+ "//base/security/huks/services/huks_standard/huks_service/main/os_dependency:libhuks_service_os_dependency_standard_static",
]
}
}
diff --git a/frameworks/huks_standard/main/core/src/hks_verifier.c b/frameworks/huks_standard/main/core/src/hks_verifier.c
index 149137d..a65f27e 100755
--- a/frameworks/huks_standard/main/core/src/hks_verifier.c
+++ b/frameworks/huks_standard/main/core/src/hks_verifier.c
@@ -250,8 +250,9 @@ static int32_t ExtractTlvLength(const uint8_t *in, uint32_t inLen, uint32_t *hea
uint8_t *buf = (uint8_t *)in;
uint32_t length = 0; /* length of the payload */
- uint32_t tmp;
- HKS_ASN1_DECODE_BYTE(buf, tmp); /* get type */
+// uint32_t tmp;
+// HKS_ASN1_DECODE_BYTE(buf, tmp); /* get type */
+ buf++;
if (buf[0] < ASN_1_MIN_VAL_1_EXTRA_LEN_BYTE) {
/* Current byte tells the length */
HKS_ASN1_DECODE_BYTE(buf, length);
@@ -301,8 +302,9 @@ static int32_t ExtractTlvData(const uint8_t *in, uint32_t inLen, uint8_t *out, u
uint8_t *buf = (uint8_t *)in;
uint32_t length = 0; /* length of the payload */
- uint32_t tmp;
- HKS_ASN1_DECODE_BYTE(buf, tmp); /* get type */
+// uint32_t tmp;
+// HKS_ASN1_DECODE_BYTE(buf, tmp); /* get type */
+ buf++;
if (buf[0] < ASN_1_MIN_VAL_1_EXTRA_LEN_BYTE) {
/* Current byte tells the length */
HKS_ASN1_DECODE_BYTE(buf, length);
diff --git a/frameworks/huks_standard/main/crypto_engine/openssl/src/hks_openssl_kdf.c b/frameworks/huks_standard/main/crypto_engine/openssl/src/hks_openssl_kdf.c
index 258b206..5db3e4d 100755
--- a/frameworks/huks_standard/main/crypto_engine/openssl/src/hks_openssl_kdf.c
+++ b/frameworks/huks_standard/main/crypto_engine/openssl/src/hks_openssl_kdf.c
@@ -57,6 +57,7 @@ int32_t HksOpensslHkdf(const struct HksBlob *mainKey, const struct HksKeySpec *d
EVP_PKEY_CTX *pctx;
pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);
int32_t ret = HKS_FAILURE;
+
do {
if (EVP_PKEY_derive_init(pctx) <= 0) {
HksLogOpensslError();
@@ -78,7 +79,8 @@ int32_t HksOpensslHkdf(const struct HksBlob *mainKey, const struct HksKeySpec *d
HksLogOpensslError();
break;
}
- if (EVP_PKEY_derive(pctx, derivedKey->data, (size_t *)&derivedKey->size) <= 0) {
+ size_t new = derivedKey->size;
+ if (EVP_PKEY_derive(pctx, derivedKey->data, &new) <= 0) {
HksLogOpensslError();
break;
}
diff --git a/frameworks/huks_standard/main/os_dependency/BUILD.gn b/frameworks/huks_standard/main/os_dependency/BUILD.gn
index 7d03e55..6da94a5 100755
--- a/frameworks/huks_standard/main/os_dependency/BUILD.gn
+++ b/frameworks/huks_standard/main/os_dependency/BUILD.gn
@@ -26,6 +26,8 @@ ohos_static_library("libhuks_os_dependency_standard_static") {
public_configs = [ ":huks_config" ]
include_dirs = [
"log",
+ "sysinfo/include",
+ "../../../../services/huks_standard/huks_service/main/core/include/",
"//utils/native/base/include",
"//utils/system/safwk/native/include",
]
@@ -35,17 +37,20 @@ ohos_static_library("libhuks_os_dependency_standard_static") {
"_HUKS_LOG_ENABLE_",
]
sources = [
- "./ipc/src/hks_client_service_ipc.c",
- "./ipc/src/hks_ipc_check.c",
- "./ipc/src/hks_ipc_serialization.c",
- "./ipc/src/hks_ipc_slice.c",
- "./ipc/src/hks_request.cpp",
+# "./ipc/src/hks_client_service_ipc.c",
+# "./ipc/src/hks_ipc_check.c",
+# "./ipc/src/hks_ipc_serialization.c",
+# "./ipc/src/hks_ipc_slice.c",
+# "./ipc/src/hks_request.cpp",
+ "./ipc/src/hks_client_service_passthrough.c",
+ "./sysinfo/src/hks_get_process_info_passthrough.c",
"./log/hks_log.c",
"./posix/hks_mem.c",
]
deps = [
"//base/security/huks/frameworks/huks_standard/main/common:libhuks_common_standard_static",
"//utils/native/base:utils",
+ "//third_party/bounds_checking_function:libsec_shared",
]
external_deps = [
"hiviewdfx_hilog_native:libhilog",
diff --git a/frameworks/huks_standard/main/os_dependency/log/hks_log.c b/frameworks/huks_standard/main/os_dependency/log/hks_log.c
index ef7d264..5beadab 100755
--- a/frameworks/huks_standard/main/os_dependency/log/hks_log.c
+++ b/frameworks/huks_standard/main/os_dependency/log/hks_log.c
@@ -22,8 +22,8 @@
#undef LOG_DOMAIN
#undef LOG_TAG
-static const unsigned int LOG_DOMAIN = 0xD002F01;
-static const char* LOG_TAG = "HUKS";
+//static const unsigned int LOG_DOMAIN = 0xD002F01;
+//static const char* LOG_TAG = "HUKS";
#define MAX_LOG_BUFF_LEN 512
@@ -48,16 +48,16 @@ void HksLog(uint32_t logLevel, const char *funcName, uint32_t lineNo, const char
switch (logLevel) {
case HKS_LOG_LEVEL_I:
- HILOG_INFO(LOG_CORE, "%{public}s[%{public}u]: %{public}s\n", funcName, lineNo, buf);
+ HILOG_INFO(LOG_CORE, "%s[%u]: %s\n", funcName, lineNo, buf);
break;
case HKS_LOG_LEVEL_E:
- HILOG_ERROR(LOG_CORE, "%{public}s[%{public}u]: %{public}s\n", funcName, lineNo, buf);
+ HILOG_ERROR(LOG_CORE, "%s[%u]: %s\n", funcName, lineNo, buf);
break;
case HKS_LOG_LEVEL_W:
- HILOG_WARN(LOG_CORE, "%{public}s[%{public}u]: %{public}s\n", funcName, lineNo, buf);
+ HILOG_WARN(LOG_CORE, "%s[%u]: %s\n", funcName, lineNo, buf);
break;
case HKS_LOG_LEVEL_D:
- HILOG_DEBUG(LOG_CORE, "%{public}s[%{public}u]: %{private}s\n", funcName, lineNo, buf);
+ HILOG_DEBUG(LOG_CORE, "%s[%u]: %s\n", funcName, lineNo, buf);
break;
default:
HKS_FREE_PTR(buf);
@@ -65,4 +65,4 @@ void HksLog(uint32_t logLevel, const char *funcName, uint32_t lineNo, const char
}
HKS_FREE_PTR(buf);
-}
\ No newline at end of file
+}
diff --git a/interfaces/innerkits/huks_standard/main/BUILD.gn b/interfaces/innerkits/huks_standard/main/BUILD.gn
index 1ca1e02..88e620d 100755
--- a/interfaces/innerkits/huks_standard/main/BUILD.gn
+++ b/interfaces/innerkits/huks_standard/main/BUILD.gn
@@ -41,6 +41,7 @@ if (os_level == "standard") {
deps = [
"//base/security/huks/frameworks/huks_standard/main:huks_standard_frameworks",
"//base/security/huks/utils/crypto_adapter:libhuks_utils_client_service_adapter_static",
+ "//base/security/huks/services/huks_standard/huks_engine/main/core:huks_engine_core_standard",
]
}
}
diff --git a/services/huks_standard/huks_service/main/os_dependency/BUILD.gn b/services/huks_standard/huks_service/main/os_dependency/BUILD.gn
index 931d20c..01078b7 100755
--- a/services/huks_standard/huks_service/main/os_dependency/BUILD.gn
+++ b/services/huks_standard/huks_service/main/os_dependency/BUILD.gn
@@ -34,7 +34,7 @@ ohos_static_library("libhuks_service_os_dependency_standard_static") {
]
sources = [
"posix/hks_rwlock.c",
- "sa/hks_sa.cpp",
+# "sa/hks_sa.cpp",
]
deps = [
"//base/security/huks/frameworks/huks_standard/main/common:libhuks_common_standard_static",
diff --git a/services/huks_standard/huks_service/main/os_dependency/idl/BUILD.gn b/services/huks_standard/huks_service/main/os_dependency/idl/BUILD.gn
index e86a491..3ffcfa1 100755
--- a/services/huks_standard/huks_service/main/os_dependency/idl/BUILD.gn
+++ b/services/huks_standard/huks_service/main/os_dependency/idl/BUILD.gn
@@ -32,9 +32,9 @@ ohos_static_library("libhuks_service_idl_standard_static") {
"_HUKS_LOG_ENABLE_",
]
sources = [
- "ipc/hks_ipc_serialization.c",
- "ipc/hks_ipc_service.c",
- "ipc/hks_response.cpp",
+# "ipc/hks_ipc_serialization.c",
+# "ipc/hks_ipc_service.c",
+# "ipc/hks_response.cpp",
"passthrough/huks_access.c",
"passthrough/huks_core_dynamic_hal.c",
]
diff --git a/utils/file_operator/hks_file_operator.c b/utils/file_operator/hks_file_operator.c
index 5543c38..5c2e704 100755
--- a/utils/file_operator/hks_file_operator.c
+++ b/utils/file_operator/hks_file_operator.c
@@ -93,7 +93,7 @@ static uint32_t FileRead(const char *fileName, uint32_t offset, uint8_t *buf, ui
}
char filePath[PATH_MAX + 1] = {0};
- (void)realpath(fileName, filePath);
+ char *path __attribute__((unused)) = realpath(fileName, filePath);
if (strstr(filePath, "../") != NULL) {
HKS_LOG_E("invalid filePath, path %s", filePath);
return 0;
@@ -137,7 +137,7 @@ static int32_t FileWrite(const char *fileName, uint32_t offset, const uint8_t *b
if (memcpy_s(filePath, sizeof(filePath) - 1, fileName, strlen(fileName)) != EOK) {
return HKS_ERROR_BAD_STATE;
}
- (void)realpath(fileName, filePath);
+ char *path __attribute__((unused)) = realpath(fileName, filePath);
if (strstr(filePath, "../") != NULL) {
HKS_LOG_E("invalid filePath, path %s", filePath);
return HKS_ERROR_INVALID_KEY_FILE;
@@ -519,4 +519,4 @@ uint32_t HksFileSize(const char *path, const char *fileName)
int32_t HksGetFileName(const char *path, const char *fileName, char *fullFileName, uint32_t fullFileNameLen)
{
return GetFileName(path, fileName, fullFileName, fullFileNameLen);
-}
\ No newline at end of file
+}
--
2.25.1
Reference in New Issue View Git Blame Copy Permalink