diff --git a/bundle.json b/bundle.json index d57466cc2038809d9fe813e6eb6043c837309714..8239a701dcc7f59656ed3b0c9377f4b6c42b1ff3 100644 --- a/bundle.json +++ b/bundle.json @@ -34,7 +34,6 @@ "access_token", "bundle_framework", "common_event_service", - "crypto_framework", "c_utils", "eventhandler", "hisysevent_native", @@ -47,7 +46,7 @@ "samgr" ], "third_party": [ - "thirdparty_openssl" + "openssl" ] }, "build": { diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/BUILD.gn b/services/cert_manager_standard/cert_manager_engine/main/core/BUILD.gn index 5fcbd1f88b3e8d514a450025b56a11ed67a0749d..bd4bf8e49542b5ff6d206d997ffd1ab9c8614418 100644 --- a/services/cert_manager_standard/cert_manager_engine/main/core/BUILD.gn +++ b/services/cert_manager_standard/cert_manager_engine/main/core/BUILD.gn @@ -64,7 +64,6 @@ ohos_static_library("cert_manager_engine_core_standard") { ] deps = [ - "../../../../../../crypto_framework/frameworks:crypto_framework_lib", "../../../../../frameworks/cert_manager_standard/main/common:libcert_manager_common_standard_static", "../../../../../frameworks/cert_manager_standard/main/os_dependency:libcert_manager_log_mem_static", "//third_party/openssl:libcrypto_shared", diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_crypto_operation.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_crypto_operation.c index 29ccee3e81e1451f777417ab7b4efcda15054bd7..c4e23c989674d8748560398bafc3189f09b706a8 100644 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_crypto_operation.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_crypto_operation.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2023 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -15,88 +15,50 @@ #include "cert_manager_crypto_operation.h" +#include +#include + #include "securec.h" #include "cm_log.h" #include "cm_type.h" -#include "blob.h" -#include "md.h" -#include "rand.h" +#define DIGEST_SHA256_LEN 32 int32_t CmGetRandom(struct CmBlob *random) { - HcfRand *randObj = NULL; - struct HcfBlob randomBlob = { NULL, 0 }; - - int32_t ret = CMR_ERROR_KEY_OPERATION_FAILED; - do { - int32_t retHcf = (int32_t)HcfRandCreate(&randObj); - if (retHcf != HCF_SUCCESS) { - CM_LOG_E("creat random obj failed, ret = %d", retHcf); - break; - } - - retHcf = (int32_t)randObj->generateRandom(randObj, random->size, &randomBlob); - if (retHcf != HCF_SUCCESS) { - CM_LOG_E("generate random value failed, ret = %d", retHcf); - break; - } - - if (memcpy_s(random->data, random->size, randomBlob.data, randomBlob.len) != EOK) { - CM_LOG_E("copy random value failed"); - break; - } - random->size = randomBlob.len; - ret = CM_SUCCESS; - } while (0); + if (CmCheckBlob(random) != CM_SUCCESS) { + return CMR_ERROR_INVALID_ARGUMENT; + } - HcfBlobDataClearAndFree(&randomBlob); - HcfObjDestroy(randObj); + int ret = RAND_bytes(random->data, random->size); + if (ret <= 0) { + CM_LOG_E("Get random failed"); + return CMR_ERROR_KEY_OPERATION_FAILED; + } - return ret; + return CM_SUCCESS; } int32_t CmGetHash(const struct CmBlob *inData, struct CmBlob *hash) { - HcfMd *mdObj = NULL; - struct HcfBlob outBlob = { NULL, 0 }; - - int32_t ret = CMR_ERROR_KEY_OPERATION_FAILED; - do { - int32_t retHcf = (int32_t)HcfMdCreate("SHA256", &mdObj); - if (retHcf != HCF_SUCCESS) { - CM_LOG_E("creat hash obj failed, ret = %d", retHcf); - break; - } - - HcfBlob inBlob = { .data = inData->data, .len = inData->size }; - retHcf = mdObj->update(mdObj, &inBlob); - if (retHcf != HCF_SUCCESS) { - CM_LOG_E("hash update failed, ret = %d", retHcf); - break; - } - retHcf = mdObj->doFinal(mdObj, &outBlob); - if (retHcf != HCF_SUCCESS) { - CM_LOG_E("hash final failed, ret = %d", retHcf); - break; - } - - if (hash->size < outBlob.len) { - CM_LOG_E("hash input size[%u] too small", hash->size); - ret = CMR_ERROR_BUFFER_TOO_SMALL; - break; - } - if (memcpy_s(hash->data, hash->size, outBlob.data, outBlob.len) != EOK) { - CM_LOG_E("copy hash value failed"); - break; - } - hash->size = outBlob.len; - ret = CM_SUCCESS; - } while (0); - - HcfBlobDataClearAndFree(&outBlob); - HcfObjDestroy(mdObj); - return ret; + if ((CmCheckBlob(inData) != CM_SUCCESS) || (CmCheckBlob(hash) != CM_SUCCESS) || + (hash->size < DIGEST_SHA256_LEN)) { + CM_LOG_E("invalid input args"); + return CMR_ERROR_INVALID_ARGUMENT; + } + + const EVP_MD *opensslAlg = EVP_sha256(); + if (opensslAlg == NULL) { + CM_LOG_E("get openssl alg failed"); + return CMR_ERROR_KEY_OPERATION_FAILED; + } + + int32_t ret = EVP_Digest(inData->data, inData->size, hash->data, &hash->size, opensslAlg, NULL); + if (ret <= 0) { + CM_LOG_E("digest failed"); + return CMR_ERROR_KEY_OPERATION_FAILED; + } + return CM_SUCCESS; } diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_uri.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_uri.c index 6e1e9cc4d9e93c9c7a81c441ffafb2d5005d0bcf..4694cde6ea2df697efbb56f9f319332b26e5eded 100644 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_uri.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_uri.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2023 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at