From db6767832bcc43e5afb7a95620e7a3ffca19df6f Mon Sep 17 00:00:00 2001 From: gaobo Date: Thu, 13 Oct 2022 02:53:39 -0700 Subject: [PATCH 1/3] cert manager context ipc Signed-off-by: gaobo --- .../cm_ipc/include/cm_client_ipc.h | 11 +- .../cm_ipc/include/cm_ipc_check.h | 6 - .../cm_ipc/include/cm_ipc_serialization.h | 4 +- .../os_dependency/cm_ipc/src/cm_ipc_check.c | 23 +- .../os_dependency/cm_ipc/src/cm_ipc_client.c | 275 ++++++------------ .../cm_ipc/src/cm_ipc_serialization.c | 8 +- .../main/include/cert_manager_api.h | 11 +- .../main/src/cert_manager_api.c | 27 +- .../napi/src/cm_napi_get_system_cert_info.cpp | 17 +- .../napi/src/cm_napi_get_system_cert_list.cpp | 23 +- .../kits/napi/src/cm_napi_set_cert_status.cpp | 2 +- .../main/core/src/cert_manager.c | 2 +- .../os_dependency/idl/cm_ipc/cm_ipc_service.c | 167 +++++------ .../os_dependency/idl/cm_ipc/cm_ipc_service.h | 9 +- .../main/os_dependency/sa/cm_sa.cpp | 14 +- test/unittest/include/cm_test_common.h | 2 + test/unittest/src/cm_get_certinfo_test.cpp | 49 ++-- test/unittest/src/cm_get_certlist_test.cpp | 15 +- test/unittest/src/cm_set_status_test.cpp | 32 +- test/unittest/src/cm_test_common.cpp | 28 +- 20 files changed, 314 insertions(+), 411 deletions(-) diff --git a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_client_ipc.h b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_client_ipc.h index 6441498..33d45bb 100644 --- a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_client_ipc.h +++ b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_client_ipc.h @@ -24,14 +24,13 @@ extern "C" { #endif -int32_t CmClientGetCertList(const struct CmContext *cmContext, const uint32_t store, - struct CertList *certificateList); +int32_t CmClientGetCertList(const uint32_t store, struct CertList *certificateList); -int32_t CmClientGetCertInfo(const struct CmContext *cmContext, const struct CmBlob *certUri, - const uint32_t store, struct CertInfo *certificateList); +int32_t CmClientGetCertInfo(const struct CmBlob *certUri, const uint32_t store, + struct CertInfo *certificateInfo); -int32_t CmClientSetCertStatus(const struct CmContext *cmContext, const struct CmBlob *certUri, - const uint32_t store, const uint32_t status); +int32_t CmClientSetCertStatus(const struct CmBlob *certUri, const uint32_t store, + const uint32_t status); int32_t CmClientInstallAppCert(const struct CmBlob *appCert, const struct CmBlob *appCertPwd, const struct CmBlob *certAlias, const uint32_t store, struct CmBlob *keyUri); diff --git a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_ipc_check.h b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_ipc_check.h index ba8bb1b..567ff6b 100644 --- a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_ipc_check.h +++ b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_ipc_check.h @@ -30,12 +30,6 @@ int32_t CmGetBlobFromBuffer(struct CmBlob *blob, const struct CmBlob *srcBlob, u int32_t CopyBlobToBuffer(const struct CmBlob *blob, const struct CmBlob *destBlob, uint32_t *destOffset); -int32_t CheckCertificateListPara(struct CmBlob *inBlob, struct CmBlob *outBlob, const struct CmContext *cmContext, - const uint32_t store, struct CertList *certificateList); - -int32_t CheckCertificateInfoPara(struct CmBlob *inBlob, struct CmBlob *outBlob, const struct CmContext *cmContext, - const uint32_t store, struct CertInfo *certificateInfo); - #ifdef __cplusplus } #endif diff --git a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_ipc_serialization.h b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_ipc_serialization.h index 3f6493d..51cd9ef 100644 --- a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_ipc_serialization.h +++ b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_ipc_serialization.h @@ -41,8 +41,8 @@ int32_t CmCertificateInfoPack(struct CmBlob *inData, const struct CmContext *cmC int32_t CmCertificateListUnpackFromService(const struct CmBlob *outData, bool needEncode, const struct CmContext *context, struct CertList *certificateList); -int32_t CmCertificateInfoUnpackFromService(const struct CmBlob *outData, const struct CmContext *context, - struct CertInfo *certificateInfo, const struct CmBlob *certUri); +int32_t CmCertificateInfoUnpackFromService(const struct CmBlob *outData, struct CertInfo *certificateInfo, + const struct CmBlob *certUri); int32_t CmCertificateStatusPack(struct CmBlob *inData, const struct CmContext *cmContext, const struct CmBlob *certUri, const uint32_t store, const uint32_t status); diff --git a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_check.c b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_check.c index 8d7ae89..856530e 100644 --- a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_check.c +++ b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_check.c @@ -18,22 +18,7 @@ #include "cm_log.h" -int32_t CheckCertificateListPara(struct CmBlob *inBlob, struct CmBlob *outBlob, const struct CmContext *cmContext, - const uint32_t store, struct CertList *certificateList) -{ - if ((inBlob == NULL) || (outBlob == NULL) || (cmContext == NULL) || (certificateList == NULL)) { - CM_LOG_E("CheckCertificateListPara arg error"); - return CMR_ERROR_INVALID_ARGUMENT; - } - return CM_SUCCESS; -} - -int32_t CheckCertificateInfoPara(struct CmBlob *inBlob, struct CmBlob *outBlob, const struct CmContext *cmContext, - const uint32_t store, struct CertInfo *certificateInfo) -{ - if ((inBlob == NULL) || (outBlob == NULL) || (cmContext == NULL) || (certificateInfo == NULL)) { - CM_LOG_E("CmCertificateInfoPack arg error"); - return CMR_ERROR_INVALID_ARGUMENT; - } - return CM_SUCCESS; -} \ No newline at end of file +#if 0 +void checkout() +{} +#endif diff --git a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_client.c b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_client.c index 35d986d..1bd5e8d 100644 --- a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_client.c +++ b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_client.c @@ -40,113 +40,46 @@ static int32_t CmSendParcelInit(struct CmParam *params, uint32_t paramCount, return ret; } -static int32_t CertificateInfoInitBlob(struct CmBlob *inBlob, struct CmBlob *outBlob, - const struct CmContext *cmContext, struct CertInfo *CertificateInfo) -{ - uint32_t buffSize; - int32_t ret = CM_SUCCESS; - buffSize = sizeof(cmContext->userId) + sizeof(cmContext->uid) + - sizeof(uint32_t) + sizeof(cmContext->packageName) + sizeof(uint32_t) + MAX_LEN_URI + sizeof(uint32_t); - inBlob->data = (uint8_t *)CmMalloc(buffSize); - if (inBlob->data == NULL) { - ret = CMR_ERROR_MALLOC_FAIL; - goto err; - } - inBlob->size = buffSize; - - buffSize = sizeof(uint32_t) + MAX_LEN_CERTIFICATE + sizeof(uint32_t); - outBlob->data = (uint8_t *)CmMalloc(buffSize); - if (outBlob->data == NULL) { - ret = CMR_ERROR_MALLOC_FAIL; - goto err; - } - outBlob->size = buffSize; - - CertificateInfo->certInfo.data = (uint8_t *)CmMalloc(MAX_LEN_CERTIFICATE); - if (CertificateInfo->certInfo.data == NULL) { - ret = CMR_ERROR_MALLOC_FAIL; - goto err; - } - CertificateInfo->certInfo.size = MAX_LEN_CERTIFICATE; - return ret; -err: - CM_FREE_BLOB(*inBlob); - CM_FREE_BLOB(*outBlob); - - return ret; -} - -static int32_t CertificateListInitBlob(struct CmBlob *inBlob, struct CmBlob *outBlob, const struct CmContext *cmContext, - const uint32_t store, struct CertList *certificateList) +static int32_t GetCertListInitOutData(struct CmBlob *outListBlob) { - uint32_t buffSize; - int32_t ret = CM_SUCCESS; - - buffSize = sizeof(cmContext->userId) + sizeof(cmContext->uid) + - sizeof(uint32_t) + sizeof(cmContext->packageName) + sizeof(uint32_t); - inBlob->data = (uint8_t *)CmMalloc(buffSize); - if (inBlob->data == NULL) { - ret = CMR_ERROR_MALLOC_FAIL; - goto err; - } - inBlob->size = buffSize; - - buffSize = sizeof(uint32_t) + (sizeof(uint32_t) + MAX_LEN_SUBJECT_NAME + sizeof(uint32_t) + sizeof(uint32_t) + - MAX_LEN_URI + MAX_LEN_CERT_ALIAS) * MAX_COUNT_CERTIFICATE; - outBlob->data = (uint8_t *)CmMalloc(buffSize); - if (outBlob->data == NULL) { - ret = CMR_ERROR_MALLOC_FAIL; - goto err; - } - outBlob->size = buffSize; - - buffSize = (MAX_COUNT_CERTIFICATE * sizeof(struct CertAbstract)); - certificateList->certAbstract = (struct CertAbstract *)CmMalloc(buffSize); - if (certificateList->certAbstract == NULL) { - ret = CMR_ERROR_MALLOC_FAIL; - goto err; - } - certificateList->certsCount = MAX_COUNT_CERTIFICATE; + uint32_t buffSize = sizeof(uint32_t) + (sizeof(uint32_t) + MAX_LEN_SUBJECT_NAME + sizeof(uint32_t) + + sizeof(uint32_t) + MAX_LEN_URI + sizeof(uint32_t) + MAX_LEN_CERT_ALIAS) * MAX_COUNT_CERTIFICATE; - if (memset_s(certificateList->certAbstract, buffSize, 0, buffSize) != EOK) { - CM_LOG_E("init certAbstract failed"); - ret = CMR_ERROR_INVALID_OPERATION; - goto err; + outListBlob->data = (uint8_t *)CmMalloc(buffSize); + if (outListBlob->data == NULL) { + return CMR_ERROR_MALLOC_FAIL; } - return ret; -err: - CM_FREE_BLOB(*inBlob); - CM_FREE_BLOB(*outBlob); - CmFree(certificateList->certAbstract); + outListBlob->size = buffSize; - return ret; + return CM_SUCCESS; } -static int32_t GetCertificateList(enum CmMessage type, const struct CmContext *cmContext, const uint32_t store, +static int32_t GetCertificateList(enum CmMessage type, const uint32_t store, struct CertList *certificateList) { - struct CmBlob inBlob = {0, NULL}; + int32_t ret; struct CmBlob outBlob = {0, NULL}; const struct CmContext context = {0}; - int32_t ret = CheckCertificateListPara(&inBlob, &outBlob, cmContext, store, certificateList); - if (ret != CM_SUCCESS) { - CM_LOG_E("CheckCertificateListPara fail"); - return ret; - } - - ret = CertificateListInitBlob(&inBlob, &outBlob, cmContext, store, certificateList); - if (ret != CM_SUCCESS) { - CM_LOG_E("CertificateListInitBlob fail"); - return ret; - } + struct CmBlob parcelBlob = {0, NULL}; + struct CmParamSet *sendParamSet = NULL; + struct CmParam params[] = { + { .tag = CM_TAG_PARAM0_UINT32, .uint32Param = store }, + }; do { - ret = CmCertificateListPack(&inBlob, cmContext, store); + ret = CmSendParcelInit(params, CM_ARRAY_SIZE(params), &parcelBlob, &sendParamSet); + if (ret != CM_SUCCESS) { + CM_LOG_E("get cert list sendParcel failed"); + break; + } + + ret = GetCertListInitOutData(&outBlob); if (ret != CM_SUCCESS) { - CM_LOG_E("CmCertificateListPack fail"); + CM_LOG_E("malloc getcertlist outdata failed"); break; } - ret = SendRequest(type, &inBlob, &outBlob); + + ret = SendRequest(type, &parcelBlob, &outBlob); if (ret != CM_SUCCESS) { CM_LOG_E("GetCertificateList request fail"); break; @@ -154,119 +87,111 @@ static int32_t GetCertificateList(enum CmMessage type, const struct CmContext *c ret = CmCertificateListUnpackFromService(&outBlob, false, &context, certificateList); } while (0); - CM_FREE_BLOB(inBlob); + CmFreeParamSet(&sendParamSet); CM_FREE_BLOB(outBlob); return ret; } -int32_t CmClientGetCertList(const struct CmContext *cmContext, const uint32_t store, - struct CertList *certificateList) +int32_t CmClientGetCertList(const uint32_t store, struct CertList *certificateList) { - return GetCertificateList(CM_MSG_GET_CERTIFICATE_LIST, cmContext, store, certificateList); + return GetCertificateList(CM_MSG_GET_CERTIFICATE_LIST, store, certificateList); } -static int32_t GetCertificateInfo(enum CmMessage type, const struct CmContext *cmContext, - const struct CmBlob *certUri, const uint32_t store, struct CertInfo *certificateInfo) +static int32_t GetCertInfoInitOutData(struct CmBlob *outInfoBlob) { - struct CmBlob inBlob = {0, NULL}; - struct CmBlob outBlob = {0, NULL}; - const struct CmContext context = {0}; + uint32_t buffSize = sizeof(uint32_t) + MAX_LEN_CERTIFICATE + sizeof(uint32_t) + + MAX_LEN_CERT_ALIAS + sizeof(uint32_t); - int32_t ret = CheckCertificateInfoPara(&inBlob, &outBlob, cmContext, store, certificateInfo); - if (ret != CM_SUCCESS) { - CM_LOG_E("CheckCertificateInfoPara fail"); - return ret; + outInfoBlob->data = (uint8_t *)CmMalloc(buffSize); + if (outInfoBlob->data == NULL) { + return CMR_ERROR_MALLOC_FAIL; } + outInfoBlob->size = buffSize; - ret = CertificateInfoInitBlob(&inBlob, &outBlob, cmContext, certificateInfo); - if (ret != CM_SUCCESS) { - CM_LOG_E("CheckCertificateInfoPara fail"); - return ret; - } + return CM_SUCCESS; +} + +static int32_t GetCertificateInfo(enum CmMessage type, const struct CmBlob *certUri, + const uint32_t store, struct CertInfo *certificateInfo) +{ + int32_t ret = CM_SUCCESS; + struct CmBlob outBlob = {0, NULL}; + struct CmBlob parcelBlob = {0, NULL}; + struct CmParamSet *sendParamSet = NULL; + struct CmParam params[] = { + { .tag = CM_TAG_PARAM0_BUFFER, .blob = *certUri }, + { .tag = CM_TAG_PARAM0_UINT32, .uint32Param = store }, + }; do { - ret = CmCertificateInfoPack(&inBlob, cmContext, certUri, store); + ret = CmSendParcelInit(params, CM_ARRAY_SIZE(params), &parcelBlob, &sendParamSet); if (ret != CM_SUCCESS) { - CM_LOG_E("CmCertificateInfoPack fail"); + CM_LOG_E("get cert info sendParcel failed"); break; } - ret = SendRequest(type, &inBlob, &outBlob); + ret = GetCertInfoInitOutData(&outBlob); + if (ret != CM_SUCCESS) { + CM_LOG_E("malloc getcertinfo outdata failed"); + break; + } + + ret = SendRequest(type, &parcelBlob, &outBlob); if (ret != CM_SUCCESS) { CM_LOG_E("GetCertificateInfo request fail"); break; } - ret = CmCertificateInfoUnpackFromService(&outBlob, &context, certificateInfo, certUri); + ret = CmCertificateInfoUnpackFromService(&outBlob, certificateInfo, certUri); + if (ret != CM_SUCCESS) { + CM_LOG_E("GetCertificateInfo unpack failed, ret = %d", ret); + break; + } } while (0); - - CM_FREE_BLOB(inBlob); + CmFreeParamSet(&sendParamSet); CM_FREE_BLOB(outBlob); return ret; } -int32_t CmClientGetCertInfo(const struct CmContext *cmContext, const struct CmBlob *certUri, - const uint32_t store, struct CertInfo *certificateInfo) +int32_t CmClientGetCertInfo(const struct CmBlob *certUri, const uint32_t store, + struct CertInfo *certificateInfo) { - return GetCertificateInfo(CM_MSG_GET_CERTIFICATE_INFO, cmContext, certUri, store, certificateInfo); + return GetCertificateInfo(CM_MSG_GET_CERTIFICATE_INFO, certUri, store, certificateInfo); } -static int32_t CertificateStatusInitBlob(struct CmBlob *inBlob, const struct CmContext *cmContext, - const struct CmBlob *certUri, const uint32_t store, const uint32_t status) -{ - int32_t ret = CM_SUCCESS; - uint32_t buffSize = sizeof(cmContext->userId) + sizeof(cmContext->uid) + - sizeof(uint32_t) + sizeof(cmContext->packageName) + sizeof(certUri->size) + - ALIGN_SIZE(certUri->size) + sizeof(store) + sizeof(status); - inBlob->data = (uint8_t *)CmMalloc(buffSize); - if (inBlob->data == NULL) { - ret = CMR_ERROR_MALLOC_FAIL; - goto err; - } - inBlob->size = buffSize; - return ret; -err: - CM_FREE_BLOB(*inBlob); - return ret; -} - -static int32_t SetCertificateStatus(enum CmMessage type, const struct CmContext *cmContext, - const struct CmBlob *certUri, const uint32_t store, const uint32_t status) +static int32_t SetCertificateStatus(enum CmMessage type, const struct CmBlob *certUri, + const uint32_t store, const uint32_t status) { - struct CmBlob inBlob = {0, NULL}; int32_t ret = CM_SUCCESS; - - if ((cmContext == NULL) || certUri == NULL) { - CM_LOG_E("SetCertificateStatus invalid agrument"); - return CMR_ERROR_INVALID_ARGUMENT; - } - - ret = CertificateStatusInitBlob(&inBlob, cmContext, certUri, store, status); - if (ret != CM_SUCCESS) { - CM_LOG_E("CertificateStatusInitBlob fail"); - return ret; - } + struct CmBlob parcelBlob = {0, NULL}; + struct CmParamSet *sendParamSet = NULL; + struct CmParam params[] = { + { .tag = CM_TAG_PARAM0_BUFFER, .blob = *certUri }, + { .tag = CM_TAG_PARAM0_UINT32, .uint32Param = store }, + { .tag = CM_TAG_PARAM1_UINT32, .uint32Param = status }, + }; do { - ret = CmCertificateStatusPack(&inBlob, cmContext, certUri, store, status); + ret = CmSendParcelInit(params, CM_ARRAY_SIZE(params), &parcelBlob, &sendParamSet); if (ret != CM_SUCCESS) { - CM_LOG_E("CmCertificateStatusPack fail"); + CM_LOG_E("set cert status sendParcel failed"); break; } - ret = SendRequest(type, &inBlob, NULL); + + ret = SendRequest(type, &parcelBlob, NULL); if (ret != CM_SUCCESS) { CM_LOG_E("CmCertificateStatusPack request fail"); break; } } while (0); - CM_FREE_BLOB(inBlob); + CmFreeParamSet(&sendParamSet); return ret; } -int32_t CmClientSetCertStatus(const struct CmContext *cmContext, const struct CmBlob *certUri, const uint32_t store, - const uint32_t status) +int32_t CmClientSetCertStatus(const struct CmBlob *certUri, const uint32_t store, + const uint32_t status) { - return SetCertificateStatus(CM_MSG_SET_CERTIFICATE_STATUS, cmContext, certUri, store, status); + return SetCertificateStatus(CM_MSG_SET_CERTIFICATE_STATUS, certUri, store, status); } static int32_t CmInstallAppCertUnpackFromService(const struct CmBlob *outData, struct CmBlob *keyUri) @@ -919,20 +844,6 @@ int32_t CmClientAbort(const struct CmBlob *handle) return ret; } -static int32_t GetCertListInitOutData(struct CmBlob *outListBlob) -{ - uint32_t buffSize = sizeof(uint32_t) + (sizeof(uint32_t) + MAX_LEN_SUBJECT_NAME + sizeof(uint32_t) + - sizeof(uint32_t) + MAX_LEN_URI + sizeof(uint32_t) + MAX_LEN_CERT_ALIAS) * MAX_COUNT_CERTIFICATE; - - outListBlob->data = (uint8_t *)CmMalloc(buffSize); - if (outListBlob->data == NULL) { - return CMR_ERROR_MALLOC_FAIL; - } - outListBlob->size = buffSize; - - return CM_SUCCESS; -} - static int32_t GetUserCertList(enum CmMessage type, const uint32_t store, struct CertList *certificateList) { @@ -981,22 +892,7 @@ int32_t CmClientGetUserCertList(const uint32_t store, struct CertList *certifica return GetUserCertList(CM_MSG_GET_USER_CERTIFICATE_LIST, store, certificateList); } -static int32_t GetCertInfoInitOutData(struct CmBlob *outInfoBlob) -{ - uint32_t buffSize = sizeof(uint32_t) + MAX_LEN_CERTIFICATE + sizeof(uint32_t) + - MAX_LEN_CERT_ALIAS + sizeof(uint32_t); - - outInfoBlob->data = (uint8_t *)CmMalloc(buffSize); - if (outInfoBlob->data == NULL) { - return CMR_ERROR_MALLOC_FAIL; - } - outInfoBlob->size = buffSize; - - return CM_SUCCESS; -} - -static int32_t GetInfoFromX509cert(X509 *x509cert, struct CertInfo *userCertInfo) -{ +static int32_t GetInfoFromX509cert(X509 *x509cert, struct CertInfo *userCertInfo) { int32_t subjectNameLen = 0; subjectNameLen = GetX509SubjectNameLongFormat(x509cert, userCertInfo->subjectName, MAX_LEN_SUBJECT_NAME); if (subjectNameLen == 0) { @@ -1057,6 +953,7 @@ static int32_t CmUserCertInfoUnpackFromService(const struct CmBlob *outBuf, return ret; } if (memcpy_s(userCertInfo->certInfo.data, MAX_LEN_CERTIFICATE, bufBlob.data, bufBlob.size) != EOK) { + CM_LOG_E("copy cert data failed"); return CMR_ERROR_INVALID_OPERATION; } userCertInfo->certInfo.size = bufBlob.size; diff --git a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_serialization.c b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_serialization.c index 43d300c..699542e 100644 --- a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_serialization.c +++ b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_serialization.c @@ -211,14 +211,14 @@ int32_t CmCertificateListUnpackFromService(const struct CmBlob *outData, bool ne return CM_SUCCESS; } -int32_t CmCertificateInfoUnpackFromService(const struct CmBlob *outData, - const struct CmContext *context, struct CertInfo *certificateInfo, const struct CmBlob *certUri) +int32_t CmCertificateInfoUnpackFromService(const struct CmBlob *outData, struct CertInfo *certificateInfo, + const struct CmBlob *certUri) { struct CmBlob blob; uint32_t offset = 0, status = 0; - if ((outData == NULL) || (context == NULL) || (certificateInfo == NULL) || - (outData->data == NULL) || (certificateInfo->certInfo.data == NULL)) { + if ((outData == NULL) || (certificateInfo == NULL) || (outData->data == NULL) || + (certificateInfo->certInfo.data == NULL)) { return CMR_ERROR_NULL_POINTER; } diff --git a/interfaces/innerkits/cert_manager_standard/main/include/cert_manager_api.h b/interfaces/innerkits/cert_manager_standard/main/include/cert_manager_api.h index 761eb54..bdf8f22 100644 --- a/interfaces/innerkits/cert_manager_standard/main/include/cert_manager_api.h +++ b/interfaces/innerkits/cert_manager_standard/main/include/cert_manager_api.h @@ -22,14 +22,13 @@ extern "C" { #endif -CM_API_EXPORT int32_t CmGetCertList(const struct CmContext *cmContext, uint32_t store, - struct CertList *certificateList); +CM_API_EXPORT int32_t CmGetCertList(uint32_t store, struct CertList *certificateList); -CM_API_EXPORT int32_t CmGetCertInfo(const struct CmContext *cmContext, const struct CmBlob *certUri, - uint32_t store, struct CertInfo *certificateInfo); +CM_API_EXPORT int32_t CmGetCertInfo(const struct CmBlob *certUri, uint32_t store, + struct CertInfo *certificateInfo); -CM_API_EXPORT int32_t CmSetCertStatus(const struct CmContext *cmContext, const struct CmBlob *certUri, - uint32_t store, const bool status); +CM_API_EXPORT int32_t CmSetCertStatus(const struct CmBlob *certUri, const uint32_t store, + const bool status); CM_API_EXPORT int32_t CmInstallAppCert(const struct CmBlob *appCert, const struct CmBlob *appCertPwd, const struct CmBlob *certAlias, const uint32_t store, struct CmBlob *keyUri); diff --git a/interfaces/innerkits/cert_manager_standard/main/src/cert_manager_api.c b/interfaces/innerkits/cert_manager_standard/main/src/cert_manager_api.c index 0d278a8..0622f5c 100644 --- a/interfaces/innerkits/cert_manager_standard/main/src/cert_manager_api.c +++ b/interfaces/innerkits/cert_manager_standard/main/src/cert_manager_api.c @@ -27,43 +27,44 @@ #include "cm_request.h" -CM_API_EXPORT int32_t CmGetCertList(const struct CmContext *cmContext, const uint32_t store, - struct CertList *certificateList) +CM_API_EXPORT int32_t CmGetCertList(const uint32_t store, struct CertList *certificateList) { CM_LOG_I("enter get certificate list"); - if ((cmContext == NULL) || (certificateList == NULL)) { + if (certificateList == NULL) { return CMR_ERROR_NULL_POINTER; } - int32_t ret = CmClientGetCertList(cmContext, store, certificateList); + CM_LOG_I("enter get certificate list test"); + + int32_t ret = CmClientGetCertList(store, certificateList); CM_LOG_I("leave get certificate list, result = %d", ret); return ret; } -CM_API_EXPORT int32_t CmGetCertInfo(const struct CmContext *cmContext, const struct CmBlob *certUri, - const uint32_t store, struct CertInfo *certificateInfo) +CM_API_EXPORT int32_t CmGetCertInfo(const struct CmBlob *certUri, uint32_t store, + struct CertInfo *certificateInfo) { CM_LOG_I("enter get certificate info"); - if ((cmContext == NULL) || (certUri == NULL) || (certificateInfo == NULL)) { + if ((certUri == NULL) || (certificateInfo == NULL)) { return CMR_ERROR_NULL_POINTER; } - int32_t ret = CmClientGetCertInfo(cmContext, certUri, store, certificateInfo); + int32_t ret = CmClientGetCertInfo(certUri, store, certificateInfo); CM_LOG_I("leave get certificate info, result = %d", ret); return ret; } -CM_API_EXPORT int32_t CmSetCertStatus(const struct CmContext *cmContext, const struct CmBlob *certUri, - const uint32_t store, const bool status) +CM_API_EXPORT int32_t CmSetCertStatus(const struct CmBlob *certUri, const uint32_t store, + const bool status) { CM_LOG_I("enter set certificate status"); - if ((cmContext == NULL) || (certUri == NULL)) { + if (certUri == NULL) { return CMR_ERROR_NULL_POINTER; } - uint32_t uStatus = status ? 0: 1; // 0 indicates the certificate enabled status + uint32_t uStatus = status ? 0 : 1; // 0 indicates the certificate enabled status - int32_t ret = CmClientSetCertStatus(cmContext, certUri, store, uStatus); + int32_t ret = CmClientSetCertStatus(certUri, store, uStatus); CM_LOG_I("leave set certificate status, result = %d", ret); return ret; } diff --git a/interfaces/kits/napi/src/cm_napi_get_system_cert_info.cpp b/interfaces/kits/napi/src/cm_napi_get_system_cert_info.cpp index 15b17c8..b2283d7 100644 --- a/interfaces/kits/napi/src/cm_napi_get_system_cert_info.cpp +++ b/interfaces/kits/napi/src/cm_napi_get_system_cert_info.cpp @@ -176,17 +176,18 @@ static void GetCertInfoExecute(napi_env env, void *data) } (void)memset_s(context->certificate, sizeof(struct CertInfo), 0, sizeof(struct CertInfo)); + context->certificate->certInfo.data = (uint8_t *)CmMalloc(MAX_LEN_CERTIFICATE); + if (context->certificate->certInfo.data == nullptr) { + CM_LOG_E("malloc certificate certInfo data fail"); + context->result = CMR_ERROR_MALLOC_FAIL; + return; + } + context->certificate->certInfo.size = MAX_LEN_CERTIFICATE; + if (context->store == CM_SYSTEM_TRUSTED_STORE) { - context->result = CmGetCertInfo(context->cmContext, context->certUri, context->store, + context->result = CmGetCertInfo(context->certUri, context->store, context->certificate); } else { - context->certificate->certInfo.data = (uint8_t *)CmMalloc(MAX_LEN_CERTIFICATE); - if (context->certificate->certInfo.data == nullptr) { - CM_LOG_E("malloc certificate certInfo data fail"); - context->result = CMR_ERROR_MALLOC_FAIL; - return; - } - context->certificate->certInfo.size = MAX_LEN_CERTIFICATE; context->result = CmGetUserCertInfo(context->certUri, context->store, context->certificate); } } diff --git a/interfaces/kits/napi/src/cm_napi_get_system_cert_list.cpp b/interfaces/kits/napi/src/cm_napi_get_system_cert_list.cpp index 6abae5f..174e2a2 100644 --- a/interfaces/kits/napi/src/cm_napi_get_system_cert_list.cpp +++ b/interfaces/kits/napi/src/cm_napi_get_system_cert_list.cpp @@ -157,19 +157,20 @@ static void GetCertListExecute(napi_env env, void *data) } context->certificateList->certAbstract = nullptr; context->certificateList->certsCount = 0; + + uint32_t buffSize = MAX_COUNT_CERTIFICATE * sizeof(struct CertAbstract); + context->certificateList->certAbstract = (struct CertAbstract *)CmMalloc(buffSize); + if (context->certificateList->certAbstract == nullptr) { + CM_LOG_E("malloc certificateList certAbstract fail"); + context->result = CMR_ERROR_MALLOC_FAIL; + return; + } + (void)memset_s(context->certificateList->certAbstract, buffSize, 0, buffSize); + context->certificateList->certsCount = MAX_COUNT_CERTIFICATE; + if (context->store == CM_SYSTEM_TRUSTED_STORE) { - context->result = CmGetCertList(context->cmContext, context->store, context->certificateList); + context->result = CmGetCertList(context->store, context->certificateList); } else { - uint32_t buffSize = MAX_COUNT_CERTIFICATE * sizeof(struct CertAbstract); - context->certificateList->certAbstract = (struct CertAbstract *)CmMalloc(buffSize); - if (context->certificateList->certAbstract == nullptr) { - CM_LOG_E("malloc certificateList certAbstract fail"); - context->result = CMR_ERROR_MALLOC_FAIL; - return; - } - (void)memset_s(context->certificateList->certAbstract, buffSize, 0, buffSize); - context->certificateList->certsCount = MAX_COUNT_CERTIFICATE; - context->result = CmGetUserCertList(context->store, context->certificateList); } } diff --git a/interfaces/kits/napi/src/cm_napi_set_cert_status.cpp b/interfaces/kits/napi/src/cm_napi_set_cert_status.cpp index a0e113b..ec57c3e 100644 --- a/interfaces/kits/napi/src/cm_napi_set_cert_status.cpp +++ b/interfaces/kits/napi/src/cm_napi_set_cert_status.cpp @@ -129,7 +129,7 @@ static void SetCertStatusExecute(napi_env env, void *data) { SetCertStatusAsyncContext context = static_cast(data); if (context->store == CM_SYSTEM_TRUSTED_STORE) { - context->result = CmSetCertStatus(context->cmContext, context->certUri, context->store, + context->result = CmSetCertStatus(context->certUri, context->store, context->status); } else if (context->store == CM_USER_TRUSTED_STORE) { context->result = CmSetUserCertStatus(context->certUri, context->store, context->status); diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager.c index bc58977..738ad29 100644 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager.c @@ -371,7 +371,7 @@ int32_t CertManagerListTrustedCertificates(const struct CmContext *context, stru int32_t ret = CmGetFilePath(context, store, &pathBlob); if (ret != CMR_OK) { - CM_LOG_E("Failed obtain path fot store %x", store); + CM_LOG_E("Failed obtain path for store %x", store); return CMR_ERROR; } ret = CertManagerGetFilenames(&fileNames, path, certBlob->uri); diff --git a/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service.c b/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service.c index e26e8cd..1ea6ea6 100644 --- a/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service.c +++ b/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service.c @@ -52,46 +52,59 @@ #define MAX_LEN_PRIVATE_KEY 1024 #define INSTALL_PARAMSET_SZIE 4 -static int32_t CmTrustCertificateListPack(struct CmBlob *tempCertificateList, const struct CmBlob *certificateList, - const struct CertBlob *certBlob, const uint32_t *status) +static int32_t GetInputParams(const struct CmBlob *paramSetBlob, struct CmParamSet **paramSet, + struct CmContext *cmContext, struct CmParamOut *params, uint32_t paramsCount) { - int32_t ret; - uint32_t offset = 0; - uint32_t buffSize; - - /* buff struct: cert count + (cert subjectname + cert status + cert uri + cert alias) * MAX_CERT_COUNT */ - buffSize = sizeof(uint32_t) + (sizeof(uint32_t) + MAX_LEN_SUBJECT_NAME + sizeof(uint32_t) + sizeof(uint32_t) + - MAX_LEN_URI + MAX_LEN_CERT_ALIAS) * MAX_COUNT_CERTIFICATE; + int32_t ret = CmGetProcessInfoForIPC(cmContext); + if (ret != CM_SUCCESS) { + CM_LOG_E("get ipc info failed, ret = %d", ret); + return ret; + } - tempCertificateList->data = (uint8_t *)CmMalloc(buffSize); - if (tempCertificateList->data == NULL) { - ret = CMR_ERROR_MALLOC_FAIL; + /* The paramSet blob pointer needs to be refreshed across processes. */ + ret = CmGetParamSet((struct CmParamSet *)paramSetBlob->data, paramSetBlob->size, paramSet); + if (ret != HKS_SUCCESS) { + CM_LOG_E("get paramSet failed, ret = %d", ret); return ret; } - tempCertificateList->size = buffSize; - ret = CopyUint32ToBuffer(certificateList->size, tempCertificateList, &offset); + + ret = CmParamSetToParams(*paramSet, params, paramsCount); + if (ret != CM_SUCCESS) { + CM_LOG_E("get params from paramSet failed, ret = %d", ret); + CmFreeParamSet(paramSet); /* if success no need free paramSet */ + } + + return ret; +} + +static int32_t CmTrustCertificateListPack(struct CmBlob *outData, const struct CmBlob *certificateList, + const struct CertBlob *certBlob, const uint32_t *status) +{ + int32_t ret; + uint32_t offset = 0; + ret = CopyUint32ToBuffer(certificateList->size, outData, &offset); if (ret != CM_SUCCESS) { CM_LOG_E("Copy certificate count failed"); return ret; } for (uint32_t i = 0; i < certificateList->size; i++) { - ret = CopyBlobToBuffer(&(certBlob->subjectName[i]), tempCertificateList, &offset); + ret = CopyBlobToBuffer(&(certBlob->subjectName[i]), outData, &offset); if (ret != CM_SUCCESS) { CM_LOG_E("Copy certificate subject failed"); return ret; } - ret = CopyUint32ToBuffer(status[i], tempCertificateList, &offset); + ret = CopyUint32ToBuffer(status[i], outData, &offset); if (ret != CM_SUCCESS) { CM_LOG_E("Copy certificate status failed"); return ret; } - ret = CopyBlobToBuffer(&(certBlob->uri[i]), tempCertificateList, &offset); + ret = CopyBlobToBuffer(&(certBlob->uri[i]), outData, &offset); if (ret != CM_SUCCESS) { CM_LOG_E("Copy certificate uri failed"); return ret; } - ret = CopyBlobToBuffer(&(certBlob->certAlias[i]), tempCertificateList, &offset); + ret = CopyBlobToBuffer(&(certBlob->certAlias[i]), outData, &offset); if (ret != CM_SUCCESS) { CM_LOG_E("Copy certificate certAlias failed"); return ret; @@ -142,17 +155,22 @@ static void CmFreeCertInfo(struct CertBlob *certBlob) } } -void CmIpcServiceGetCertificateList(const struct CmBlob *srcData, const struct CmContext *context) +void CmIpcServiceGetCertificateList(const struct CmBlob *paramSetBlob, struct CmBlob *outData, + const struct CmContext *context) { int32_t ret; uint32_t store; struct CmContext cmContext = {0}; struct CmBlob certificateList = { 0, NULL }; - struct CmBlob tempCertificateList = { 0, NULL }; uint32_t status[MAX_COUNT_CERTIFICATE] = {0}; struct CertBlob certBlob; - (void)memset_s(&certBlob, sizeof(struct CertBlob), 0, sizeof(struct CertBlob)); + + struct CmParamSet *paramSet = NULL; + struct CmParamOut params[] = { + { .tag = CM_TAG_PARAM0_UINT32, .uint32Param = &store }, + }; + do { ret = CmMallocCertInfo(&certBlob); if (ret != CM_SUCCESS) { @@ -160,9 +178,9 @@ void CmIpcServiceGetCertificateList(const struct CmBlob *srcData, const struct C break; } - ret = CmTrustCertificateListUnpack(srcData, &cmContext, &store); + ret = GetInputParams(paramSetBlob, ¶mSet, &cmContext, params, CM_ARRAY_SIZE(params)); if (ret != CM_SUCCESS) { - CM_LOG_E("CmTrustCertificateListUnpack Ipc fail"); + CM_LOG_E("GetCaCertList get input params failed, ret = %d", ret); break; } @@ -171,20 +189,19 @@ void CmIpcServiceGetCertificateList(const struct CmBlob *srcData, const struct C CM_LOG_E("CertManagerListTrustedCertificates fail, ret = %d", ret); break; } - ret = CmTrustCertificateListPack(&tempCertificateList, &certificateList, &certBlob, status); + ret = CmTrustCertificateListPack(outData, &certificateList, &certBlob, status); if (ret != CM_SUCCESS) { CM_LOG_E("CmIpcServiceGetCertificateList pack fail, ret = %d", ret); break; } - CmSendResponse(context, ret, &tempCertificateList); + CmSendResponse(context, ret, outData); } while (0); if (ret != CM_SUCCESS) { CmSendResponse(context, ret, NULL); } CmCertificateListFree((struct CmMutableBlob *)certificateList.data, certificateList.size); - CM_FREE_BLOB(tempCertificateList); CmFreeCertInfo(&certBlob); } @@ -219,38 +236,43 @@ static int32_t CmTrustCertificateInfoPack(struct CmBlob *certificateInfo, ret = CopyUint32ToBuffer(status, certificateInfo, &offset); if (ret != CM_SUCCESS) { - CM_LOG_E("Copy certificate count failed"); + CM_LOG_E("copy certificate status failed"); return ret; } return ret; } -void CmIpcServiceGetCertificateInfo(const struct CmBlob *srcData, const struct CmContext *context) +void CmIpcServiceGetCertificateInfo(const struct CmBlob *paramSetBlob, struct CmBlob *outData, + const struct CmContext *context) { - struct CmContext cmContext = {0}; + int32_t ret; + uint32_t status = 0; uint32_t store; + struct CmContext cmContext = {0}; struct CmBlob certificateList = { 0, NULL }; struct CmBlob certificateInfo = { 0, NULL }; - uint8_t uriBuf[MAX_LEN_URI] = {0}; - struct CmBlob uriBlob = { 0, uriBuf }; - int32_t ret; - uint32_t status = 0; + struct CmBlob certUri = { 0, NULL }; + struct CmParamSet *paramSet = NULL; + struct CmParamOut params[] = { + { .tag = CM_TAG_PARAM0_BUFFER, .blob = &certUri}, + { .tag = CM_TAG_PARAM0_UINT32, .uint32Param = &store}, + }; do { - ret = CmTrustCertificateInfoUnpack(srcData, &cmContext, &uriBlob, &store); - if (ret != CM_SUCCESS) { - CM_LOG_E("CmTrustCertificateInfoUnpack Ipc fail"); - break; - } - if (!CmHasCommonPermission()) { CM_LOG_E("permission check failed"); ret = CMR_ERROR_PERMISSION_DENIED; break; } - ret = CmGetCertificatesByUri(context, &certificateList, store, &uriBlob, &status); + ret = GetInputParams(paramSetBlob, ¶mSet, &cmContext, params, CM_ARRAY_SIZE(params)); + if (ret != CM_SUCCESS) { + CM_LOG_E("GetUserCertInfo get input params failed, ret = %d", ret); + break; + } + + ret = CmGetCertificatesByUri(context, &certificateList, store, &certUri, &status); if (ret != CM_SUCCESS) { CM_LOG_E("CmGetCertificatesByUri fail, ret = %d", ret); break; @@ -269,40 +291,46 @@ void CmIpcServiceGetCertificateInfo(const struct CmBlob *srcData, const struct C } CmCertificateListFree((struct CmMutableBlob *)certificateList.data, certificateList.size); CM_FREE_BLOB(certificateInfo); + CmFreeParamSet(¶mSet); } -void CmIpcServiceSetCertStatus(const struct CmBlob *srcData, const struct CmContext *context) +void CmIpcServiceSetCertStatus(const struct CmBlob *paramSetBlob, struct CmBlob *outData, + const struct CmContext *context) { struct CmContext cmContext = {0}; uint32_t store; - uint8_t uriBuf[MAX_LEN_URI] = {0}; - struct CmBlob uriBlob = { 0, uriBuf }; uint32_t status = 0; int32_t ret; + struct CmBlob certUri = { 0, NULL }; + struct CmParamSet *paramSet = NULL; + struct CmParamOut params[] = { + { .tag = CM_TAG_PARAM0_BUFFER, .blob = &certUri}, + { .tag = CM_TAG_PARAM0_UINT32, .uint32Param = &store}, + { .tag = CM_TAG_PARAM1_UINT32, .uint32Param = &status}, + }; do { - ret = CmCertificateStatusUnpack(srcData, &cmContext, &uriBlob, &store, &status); - if (ret != CM_SUCCESS) { - CM_LOG_E("CmIpcServiceSetCertStatus Ipc fail"); - break; - } - if (!CmHasPrivilegedPermission() || !CmHasCommonPermission()) { CM_LOG_E("permission check failed"); ret = CMR_ERROR_PERMISSION_DENIED; break; } - ret = CertManagerSetCertificatesStatus(&cmContext, &uriBlob, store, status); - - CmSendResponse(context, ret, NULL); + ret = GetInputParams(paramSetBlob, ¶mSet, &cmContext, params, CM_ARRAY_SIZE(params)); + if (ret != CM_SUCCESS) { + CM_LOG_E("SetUserCertStatus get input params failed, ret = %d", ret); + break; + } - CM_LOG_I("CmIpcServiceSetCertStatus end:%d", ret); + ret = CertManagerSetCertificatesStatus(&cmContext, &certUri, store, status); + if (ret != CM_SUCCESS) { + CM_LOG_E("set cert status failed, ret = %d", ret); + break; + } } while (0); - - if (ret != CM_SUCCESS) { - CmSendResponse(context, ret, NULL); - } + CmSendResponse(context, ret, NULL); + CmFreeParamSet(¶mSet); + CM_LOG_I("CmIpcServiceSetCertStatus end:%d", ret); } static int32_t CmWriteAppCert(const struct CmContext *context, const struct CmBlob *certDer, @@ -1187,31 +1215,6 @@ void CmIpcServiceGetAppCert(const struct CmBlob *paramSetBlob, struct CmBlob *ou CM_LOG_I("CmIpcServiceGetAppCert end:%d", ret); } -static int32_t GetInputParams(const struct CmBlob *paramSetBlob, struct CmParamSet **paramSet, - struct CmContext *cmContext, struct CmParamOut *params, uint32_t paramsCount) -{ - int32_t ret = CmGetProcessInfoForIPC(cmContext); - if (ret != CM_SUCCESS) { - CM_LOG_E("get ipc info failed, ret = %d", ret); - return ret; - } - - /* The paramSet blob pointer needs to be refreshed across processes. */ - ret = CmGetParamSet((struct CmParamSet *)paramSetBlob->data, paramSetBlob->size, paramSet); - if (ret != HKS_SUCCESS) { - CM_LOG_E("get paramSet failed, ret = %d", ret); - return ret; - } - - ret = CmParamSetToParams(*paramSet, params, paramsCount); - if (ret != CM_SUCCESS) { - CM_LOG_E("get params from paramSet failed, ret = %d", ret); - CmFreeParamSet(paramSet); /* if success no need free paramSet */ - } - - return ret; -} - static int32_t GetAuthedList(const struct CmContext *context, const struct CmBlob *keyUri, struct CmBlob *outData) { if (outData->size < sizeof(uint32_t)) { /* appUidCount size */ diff --git a/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service.h b/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service.h index 60c061a..a980243 100644 --- a/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service.h +++ b/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service.h @@ -28,11 +28,14 @@ struct CertParam { struct CmContext *cmContext; }; -void CmIpcServiceGetCertificateList(const struct CmBlob *srcData, const struct CmContext *context); +void CmIpcServiceGetCertificateList(const struct CmBlob *paramSetBlob, struct CmBlob *outData, + const struct CmContext *context); -void CmIpcServiceGetCertificateInfo(const struct CmBlob *srcData, const struct CmContext *context); +void CmIpcServiceGetCertificateInfo(const struct CmBlob *paramSetBlob, struct CmBlob *outData, + const struct CmContext *context); -void CmIpcServiceSetCertStatus(const struct CmBlob *srcData, const struct CmContext *context); +void CmIpcServiceSetCertStatus(const struct CmBlob *paramSetBlob, struct CmBlob *outData, + const struct CmContext *context); void CmIpcServiceInstallAppCert(const struct CmBlob *paramSetBlob, struct CmBlob *outData, const struct CmContext *context); diff --git a/services/cert_manager_standard/cert_manager_service/main/os_dependency/sa/cm_sa.cpp b/services/cert_manager_standard/cert_manager_service/main/os_dependency/sa/cm_sa.cpp index 72eb3b0..5a04cb8 100644 --- a/services/cert_manager_standard/cert_manager_service/main/os_dependency/sa/cm_sa.cpp +++ b/services/cert_manager_standard/cert_manager_service/main/os_dependency/sa/cm_sa.cpp @@ -111,9 +111,6 @@ static struct CmIpcPoint g_cmIpcHandler[] = { { CM_MSG_UNINSTALL_USER_CERTIFICATE, CmIpcServiceUninstallUserCert }, { CM_MSG_UNINSTALL_ALL_USER_CERTIFICATE, CmIpcServiceUninstallAllUserCert }, -}; - -static struct CmIpcEntryPoint g_cmIpcMessageHandler[] = { { CM_MSG_GET_CERTIFICATE_LIST, CmIpcServiceGetCertificateList }, { CM_MSG_GET_CERTIFICATE_INFO, CmIpcServiceGetCertificateInfo }, { CM_MSG_SET_CERTIFICATE_STATUS, CmIpcServiceSetCertStatus }, @@ -152,16 +149,7 @@ static inline bool IsInvalidLength(uint32_t length) static int32_t ProcessMessage(uint32_t code, uint32_t outSize, const struct CmBlob &srcData, MessageParcel &reply) { - uint32_t size = sizeof(g_cmIpcMessageHandler) / sizeof(g_cmIpcMessageHandler[0]); - for (uint32_t i = 0; i < size; ++i) { - CM_LOG_E("ProcessMessage msgId:%x gmsg:%x", code, g_cmIpcMessageHandler[i].msgId); - if (code == g_cmIpcMessageHandler[i].msgId) { - g_cmIpcMessageHandler[i].handler((const struct CmBlob *)&srcData, (const CmContext *)&reply); - return NO_ERROR; - } - } - - size = sizeof(g_cmIpcHandler) / sizeof(g_cmIpcHandler[0]); + uint32_t size = sizeof(g_cmIpcHandler) / sizeof(g_cmIpcHandler[0]); for (uint32_t i = 0; i < size; ++i) { if (code != g_cmIpcHandler[i].msgId) { continue; diff --git a/test/unittest/include/cm_test_common.h b/test/unittest/include/cm_test_common.h index bf09bb4..419ddf0 100644 --- a/test/unittest/include/cm_test_common.h +++ b/test/unittest/include/cm_test_common.h @@ -58,5 +58,7 @@ uint32_t InitUserCertList(struct CertList **cList); uint32_t InitUserCertInfo(struct CertInfo **cInfo); +uint32_t InitCertInfo(struct CertInfo *certInfo); + } #endif /* CM_TEST_COMMON_H */ diff --git a/test/unittest/src/cm_get_certinfo_test.cpp b/test/unittest/src/cm_get_certinfo_test.cpp index 5e32f89..e8ede42 100644 --- a/test/unittest/src/cm_get_certinfo_test.cpp +++ b/test/unittest/src/cm_get_certinfo_test.cpp @@ -155,8 +155,11 @@ HWTEST_F(CmGetCertInfoTest, SimpleCmGetCertInfo001, TestSize.Level0) struct CertInfo certInfo; unsigned int len = sizeof(struct CertInfo); (void)memset_s(&certInfo, len, 0, len); - int32_t ret = CmGetCertInfo(&firstUserCtx, &uriBlob, CM_SYSTEM_TRUSTED_STORE, &certInfo); - EXPECT_EQ(ret, CM_SUCCESS) << "CmGetCertInfo failed,retcode:" << ret; + int32_t ret = InitCertInfo(&certInfo); + EXPECT_EQ(ret, CM_SUCCESS) << "CertInfo malloc faild, retcode:" << ret; + + ret = CmGetCertInfo(&uriBlob, CM_SYSTEM_TRUSTED_STORE, &certInfo); + EXPECT_EQ(ret, CM_SUCCESS) << "CmGetCertInfo failed, retcode:" << ret; EXPECT_EQ(CompareCertInfo(&certInfo, &(g_listCertInfoexpectResult[0].CertInfo)), true) <certsCount; ++i) { (void)memset_s(&certInfo, len, 0, len); + ret = InitCertInfo(&certInfo); + EXPECT_EQ(ret, CM_SUCCESS) << "CertInfo malloc faild, retcode:" << ret; struct CertAbstract *ptr = &(lstCert->certAbstract[i]); ASSERT_TRUE(ptr != NULL); struct CmBlob uriBlob = {strlen(ptr->uri), (uint8_t *)(ptr->uri)}; - ret = CmGetCertInfo(&secondUserCtx, &uriBlob, CM_SYSTEM_TRUSTED_STORE, &certInfo); + ret = CmGetCertInfo(&uriBlob, CM_SYSTEM_TRUSTED_STORE, &certInfo); EXPECT_EQ(ret, CM_SUCCESS) << " CmGetCertInfo failed,retcode:" << ptr->uri; FreeCMBlobData(&(certInfo.certInfo)); } @@ -233,22 +244,20 @@ HWTEST_F(CmGetCertInfoTest, ExceptionGetCertInfoTest004, TestSize.Level0) struct CertInfo certInfo; unsigned int len = sizeof(struct CertInfo); (void)memset_s(&certInfo, len, 0, len); - EXPECT_EQ(CmGetCertInfo(NULL, &uriBlob, CM_SYSTEM_TRUSTED_STORE, &certInfo), - CMR_ERROR_NULL_POINTER); - FreeCMBlobData(&(certInfo.certInfo)); - EXPECT_EQ(CmGetCertInfo(&secondUserCtx, NULL, CM_SYSTEM_TRUSTED_STORE, &certInfo), - CMR_ERROR_NULL_POINTER); - FreeCMBlobData(&(certInfo.certInfo)); - EXPECT_EQ(CmGetCertInfo(&firstUserCtx, &uriBlob, 10, &certInfo), CM_FAILURE); - FreeCMBlobData(&(certInfo.certInfo)); - EXPECT_EQ(CmGetCertInfo(&firstUserCtx, &uriBlob, CM_SYSTEM_TRUSTED_STORE, NULL), - CMR_ERROR_NULL_POINTER); - FreeCMBlobData(&(certInfo.certInfo)); + int32_t ret = InitCertInfo(&certInfo); + EXPECT_EQ(ret, CM_SUCCESS) << "CertInfo malloc faild, retcode:" << ret; + + EXPECT_EQ(CmGetCertInfo(NULL, CM_SYSTEM_TRUSTED_STORE, &certInfo), CMR_ERROR_NULL_POINTER); + + EXPECT_EQ(CmGetCertInfo(&uriBlob, 10, &certInfo), CM_FAILURE); + + EXPECT_EQ(CmGetCertInfo(&uriBlob, CM_SYSTEM_TRUSTED_STORE, NULL), CMR_ERROR_NULL_POINTER); const char *invalidUri = "INVALID"; struct CmBlob invalidUriBlob = {strlen(invalidUri), (uint8_t *)invalidUri}; - EXPECT_EQ(CmGetCertInfo(&firstUserCtx, &invalidUriBlob, CM_SYSTEM_TRUSTED_STORE, &certInfo), - CMR_ERROR_INVALID_ARGUMENT); + EXPECT_EQ(CmGetCertInfo(&invalidUriBlob, CM_SYSTEM_TRUSTED_STORE, &certInfo), + CMR_ERROR_INVALID_ARGUMENT); + FreeCMBlobData(&(certInfo.certInfo)); } } \ No newline at end of file diff --git a/test/unittest/src/cm_get_certlist_test.cpp b/test/unittest/src/cm_get_certlist_test.cpp index fa4a225..fe752f5 100644 --- a/test/unittest/src/cm_get_certlist_test.cpp +++ b/test/unittest/src/cm_get_certlist_test.cpp @@ -123,7 +123,7 @@ void CmGetCertListTest::TearDown() */ HWTEST_F(CmGetCertListTest, SimpleGetCertListTest001, TestSize.Level0) { - int32_t ret = CmGetCertList(&firstUserCtx, CM_SYSTEM_TRUSTED_STORE, lstCert); + int32_t ret = CmGetCertList(CM_SYSTEM_TRUSTED_STORE, lstCert); EXPECT_EQ(ret, CM_SUCCESS) << "CmGetCertList failed,retcode:" << ret; } @@ -138,7 +138,7 @@ HWTEST_F(CmGetCertListTest, PerformanceGetCertListTest002, TestSize.Level0) for (int times = 0; times < TIMES_PERFORMANCE; ++times) { struct CertList *listCert = NULL; ASSERT_TRUE(InitCertList(&listCert) == CM_SUCCESS); - int32_t ret = CmGetCertList(&secondUserCtx, CM_SYSTEM_TRUSTED_STORE, listCert); + int32_t ret = CmGetCertList(CM_SYSTEM_TRUSTED_STORE, listCert); EXPECT_EQ(ret, CM_SUCCESS) << "CmGetCertList Performance failed,retcode:" << ret; FreeCertList(listCert); } @@ -152,7 +152,7 @@ HWTEST_F(CmGetCertListTest, PerformanceGetCertListTest002, TestSize.Level0) */ HWTEST_F(CmGetCertListTest, GetCertListContent003, TestSize.Level0) { - int32_t ret = CmGetCertList(&firstUserCtx, CM_SYSTEM_TRUSTED_STORE, lstCert); + int32_t ret = CmGetCertList(CM_SYSTEM_TRUSTED_STORE, lstCert); EXPECT_EQ(ret, CM_SUCCESS) << "firstUserCtx CmGetCertList failed,retcode:" << ret; uint32_t length = sizeof(g_listexpectResult) / sizeof(g_listexpectResult[0]); @@ -172,12 +172,12 @@ HWTEST_F(CmGetCertListTest, GetCertListContent003, TestSize.Level0) */ HWTEST_F(CmGetCertListTest, AppGetCertListCompare004, TestSize.Level0) { - int32_t ret = CmGetCertList(&firstUserCtx, CM_SYSTEM_TRUSTED_STORE, lstCert); + int32_t ret = CmGetCertList(CM_SYSTEM_TRUSTED_STORE, lstCert); EXPECT_EQ(ret, CM_SUCCESS) << "first CmGetCertList failed,retcode:" << ret; struct CertList *secondListCert = NULL; ASSERT_TRUE(InitCertList(&secondListCert) == CM_SUCCESS); - ret = CmGetCertList(&secondUserCtx, CM_SYSTEM_TRUSTED_STORE, secondListCert); + ret = CmGetCertList(CM_SYSTEM_TRUSTED_STORE, secondListCert); EXPECT_EQ(ret, CM_SUCCESS) << "secondUserCtx CmGetCertList failed,retcode:" << ret; EXPECT_EQ(lstCert->certsCount, secondListCert->certsCount) << "firstUserCtx count:" << lstCert->certsCount @@ -194,8 +194,7 @@ HWTEST_F(CmGetCertListTest, AppGetCertListCompare004, TestSize.Level0) */ HWTEST_F(CmGetCertListTest, ExceptionGetCertList005, TestSize.Level0) { - EXPECT_EQ(CmGetCertList(NULL, CM_SYSTEM_TRUSTED_STORE, lstCert), CMR_ERROR_NULL_POINTER); - EXPECT_EQ(CmGetCertList(&firstUserCtx, CM_SYSTEM_TRUSTED_STORE, NULL), CMR_ERROR_NULL_POINTER); - EXPECT_EQ(CmGetCertList(&secondUserCtx, 10, lstCert), CM_FAILURE); + EXPECT_EQ(CmGetCertList(CM_SYSTEM_TRUSTED_STORE, NULL), CMR_ERROR_NULL_POINTER); + EXPECT_EQ(CmGetCertList(10, lstCert), CM_FAILURE); } } \ No newline at end of file diff --git a/test/unittest/src/cm_set_status_test.cpp b/test/unittest/src/cm_set_status_test.cpp index 2e0405d..c958549 100644 --- a/test/unittest/src/cm_set_status_test.cpp +++ b/test/unittest/src/cm_set_status_test.cpp @@ -88,11 +88,10 @@ HWTEST_F(CmSetCertStatusTest, SimpleSetCertStatus001, TestSize.Level0) { struct CmBlob uriBlob = {strlen(g_expectList[0].uri), (uint8_t *)(g_expectList[0].uri)}; - int32_t ret = CmSetCertStatus(&firstUserCtx, - &uriBlob, CM_SYSTEM_TRUSTED_STORE, g_expectList[0].inparamStatus); + int32_t ret = CmSetCertStatus(&uriBlob, CM_SYSTEM_TRUSTED_STORE, g_expectList[0].inparamStatus); EXPECT_EQ(ret, CM_SUCCESS) << "SimpleSetCertStatus failed,retcode:" << ret; - ret = CmSetCertStatus(&firstUserCtx, &uriBlob, CM_SYSTEM_TRUSTED_STORE, true); + ret = CmSetCertStatus(&uriBlob, CM_SYSTEM_TRUSTED_STORE, true); EXPECT_EQ(ret, CM_SUCCESS) << "SimpleSetCertStatus true failed,retcode:" << ret; } @@ -108,21 +107,22 @@ HWTEST_F(CmSetCertStatusTest, SetCertStatusAndQueryStatus002, TestSize.Level0) for (uint32_t i = 0; i < size; ++i) { struct CmBlob uriBlob = {strlen(g_expectList[i].uri), (uint8_t *)(g_expectList[i].uri)}; - int32_t ret = CmSetCertStatus(&firstUserCtx, - &uriBlob, CM_SYSTEM_TRUSTED_STORE, g_expectList[i].inparamStatus); + int32_t ret = CmSetCertStatus(&uriBlob, CM_SYSTEM_TRUSTED_STORE, g_expectList[i].inparamStatus); EXPECT_EQ(ret, CM_SUCCESS) << " SetCertStatusAndQueryStatus, CmSetCertStatus failed,retcode: " << ret; struct CertInfo certDetailInfo; - (void)memset_s(&certDetailInfo, sizeof(certDetailInfo), 0, sizeof(certDetailInfo)); + (void)memset_s(&certDetailInfo, sizeof(struct CertInfo), 0, sizeof(struct CertInfo)); + ret = InitCertInfo(&certDetailInfo); + EXPECT_EQ(ret, CM_SUCCESS) << "CmGetCertInfo malloc faild, retcode:" << ret; - ret = CmGetCertInfo(&firstUserCtx, &uriBlob, CM_SYSTEM_TRUSTED_STORE, &certDetailInfo); + ret = CmGetCertInfo(&uriBlob, CM_SYSTEM_TRUSTED_STORE, &certDetailInfo); EXPECT_EQ(ret, CM_SUCCESS) << "SetCertStatusAndQueryStatus,CmGetCertInfo failed,retcode: " << ret; uint32_t uStatus = (g_expectList[i].expectStatus == certDetailInfo.status) ? 1 : 0; - EXPECT_EQ(uStatus, 1) << "SetCertStatusAndQueryStatus fail, cert info: " << DumpCertInfo(&certDetailInfo); + EXPECT_EQ(uStatus, 1) << "SetCertStatusAndQueryStatus faild, cert info: " << DumpCertInfo(&certDetailInfo); FreeCMBlobData(&(certDetailInfo.certInfo)); - ret = CmSetCertStatus(&firstUserCtx, &uriBlob, CM_SYSTEM_TRUSTED_STORE, true); + ret = CmSetCertStatus(&uriBlob, CM_SYSTEM_TRUSTED_STORE, true); EXPECT_EQ(ret, CM_SUCCESS) << " SetCertStatusAndQueryStatus, CmSetCertStatus failed,retcode: " << ret; } } @@ -139,7 +139,7 @@ HWTEST_F(CmSetCertStatusTest, SetAllCertStatus003, TestSize.Level0) ASSERT_TRUE(InitCertList(&certlist) == CM_SUCCESS); // CA trusted list - int32_t ret = CmGetCertList(&secondUserCtx, CM_SYSTEM_TRUSTED_STORE, certlist); + int32_t ret = CmGetCertList(CM_SYSTEM_TRUSTED_STORE, certlist); EXPECT_EQ(ret, CM_SUCCESS) << "SetAllCertStatus,CmGetCertList failed,retcode:" << ret; @@ -147,7 +147,7 @@ HWTEST_F(CmSetCertStatusTest, SetAllCertStatus003, TestSize.Level0) struct CertAbstract *ptr = &(certlist->certAbstract[i]); ASSERT_TRUE(NULL != ptr); struct CmBlob uriBlob = {strlen(ptr->uri), (uint8_t *)(ptr->uri)}; - ret = CmSetCertStatus(&secondUserCtx, &uriBlob, CM_SYSTEM_TRUSTED_STORE, false); + ret = CmSetCertStatus(&uriBlob, CM_SYSTEM_TRUSTED_STORE, false); EXPECT_EQ(ret, CM_SUCCESS); } @@ -155,7 +155,7 @@ HWTEST_F(CmSetCertStatusTest, SetAllCertStatus003, TestSize.Level0) struct CertAbstract *ptr2 = &(certlist->certAbstract[i]); ASSERT_TRUE(NULL != ptr2); struct CmBlob uriBlob2 = {strlen(ptr2->uri), (uint8_t *)(ptr2->uri)}; - ret = CmSetCertStatus(&firstUserCtx, &uriBlob2, CM_SYSTEM_TRUSTED_STORE, true); + ret = CmSetCertStatus(&uriBlob2, CM_SYSTEM_TRUSTED_STORE, true); EXPECT_EQ(ret, CM_SUCCESS); } FreeCertList(certlist); @@ -170,16 +170,14 @@ HWTEST_F(CmSetCertStatusTest, SetAllCertStatus003, TestSize.Level0) HWTEST_F(CmSetCertStatusTest, ExceptionSetStatus004, TestSize.Level0) { struct CmBlob uriBlob = {strlen(g_expectList[1].uri), (uint8_t *)(g_expectList[1].uri)}; - EXPECT_EQ(CmSetCertStatus(NULL, &uriBlob, CM_SYSTEM_TRUSTED_STORE, true), - CMR_ERROR_NULL_POINTER); - EXPECT_EQ(CmSetCertStatus(&secondUserCtx, NULL, CM_SYSTEM_TRUSTED_STORE, true), + EXPECT_EQ(CmSetCertStatus(NULL, CM_SYSTEM_TRUSTED_STORE, true), CMR_ERROR_NULL_POINTER); - EXPECT_EQ(CmSetCertStatus(&firstUserCtx, &uriBlob, 10, true), CM_FAILURE); + EXPECT_EQ(CmSetCertStatus(&uriBlob, 10, true), CM_FAILURE); const char *invalidUri = "INVALIDXXXX"; struct CmBlob invalidUriBlob = {strlen(invalidUri), (uint8_t *)invalidUri}; - EXPECT_EQ(CmSetCertStatus(&firstUserCtx, &invalidUriBlob, CM_SYSTEM_TRUSTED_STORE, true), + EXPECT_EQ(CmSetCertStatus(&invalidUriBlob, CM_SYSTEM_TRUSTED_STORE, true), CMR_ERROR_NOT_FOUND); } } diff --git a/test/unittest/src/cm_test_common.cpp b/test/unittest/src/cm_test_common.cpp index fba82b1..aaf736c 100644 --- a/test/unittest/src/cm_test_common.cpp +++ b/test/unittest/src/cm_test_common.cpp @@ -61,15 +61,40 @@ void SetATPermission(void) OHOS::Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo(); } +uint32_t InitCertInfo(struct CertInfo *certInfo) +{ + if (certInfo == nullptr) { + return CMR_ERROR_MALLOC_FAIL; + } + + certInfo->certInfo.data = (uint8_t *)CmMalloc(MAX_LEN_CERTIFICATE); + if (certInfo->certInfo.data == NULL) { + return CMR_ERROR_MALLOC_FAIL; + } + certInfo->certInfo.size = 0; + + return CM_SUCCESS; +} + + uint32_t InitCertList(struct CertList **certlist) { *certlist = (struct CertList *)CmMalloc(sizeof(struct CertList)); if (*certlist == nullptr) { return CMR_ERROR_MALLOC_FAIL; } - (*certlist)->certAbstract = nullptr; + + uint32_t buffSize = sizeof(uint32_t) + (sizeof(uint32_t) + MAX_LEN_SUBJECT_NAME + sizeof(uint32_t) + + sizeof(uint32_t) + MAX_LEN_URI + sizeof(uint32_t) + MAX_LEN_CERT_ALIAS) * MAX_COUNT_CERTIFICATE; + + (*certlist)->certAbstract = (struct CertAbstract *)CmMalloc(buffSize); + if ((*certlist)->certAbstract == NULL) { + return CMR_ERROR_MALLOC_FAIL; + } + (*certlist)->certsCount = 0; + return CM_SUCCESS; } @@ -135,7 +160,6 @@ void FreeCertList(struct CertList *certList) certList = nullptr; } - void FreeCMBlobData(struct CmBlob *blob) { if (blob == nullptr) { -- Gitee From 216c1b88022879eed478098144c2c8914037cdc4 Mon Sep 17 00:00:00 2001 From: gaobo Date: Thu, 13 Oct 2022 02:53:39 -0700 Subject: [PATCH 2/3] cert manager context ipc Signed-off-by: gaobo --- .../main/os_dependency/BUILD.gn | 1 - .../cm_ipc/include/cm_client_ipc.h | 11 +- .../cm_ipc/include/cm_ipc_serialization.h | 4 +- .../os_dependency/cm_ipc/src/cm_ipc_check.c | 39 -- .../os_dependency/cm_ipc/src/cm_ipc_client.c | 278 ++++--------- .../cm_ipc/src/cm_ipc_serialization.c | 8 +- .../main/include/cert_manager_api.h | 11 +- .../main/src/cert_manager_api.c | 43 +- .../napi/src/cm_napi_get_system_cert_info.cpp | 17 +- .../napi/src/cm_napi_get_system_cert_list.cpp | 23 +- .../kits/napi/src/cm_napi_set_cert_status.cpp | 2 +- .../cert_manager_engine/main/core/BUILD.gn | 1 + .../main/core/include/cert_manager_check.h | 17 +- .../core/include/cert_manager_file_operator.h | 3 + .../main/core/include/cert_manager_service.h | 2 + .../main/core/src/cert_manager.c | 32 +- .../main/core/src/cert_manager_check.c | 219 +++++++++++ .../core/src/cert_manager_file_operator.c | 5 +- .../main/core/src/cert_manager_service.c | 17 +- .../os_dependency/idl/cm_ipc/cm_ipc_service.c | 372 ++++++------------ .../os_dependency/idl/cm_ipc/cm_ipc_service.h | 15 +- .../main/os_dependency/sa/cm_sa.cpp | 14 +- test/unittest/include/cm_test_common.h | 2 + test/unittest/src/cm_app_cert_test.cpp | 2 +- test/unittest/src/cm_get_certinfo_test.cpp | 57 +-- test/unittest/src/cm_get_certlist_test.cpp | 15 +- test/unittest/src/cm_set_status_test.cpp | 44 +-- test/unittest/src/cm_test_common.cpp | 28 +- 28 files changed, 621 insertions(+), 661 deletions(-) delete mode 100644 frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_check.c rename frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_ipc_check.h => services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_check.h (63%) mode change 100644 => 100755 create mode 100755 services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c diff --git a/frameworks/cert_manager_standard/main/os_dependency/BUILD.gn b/frameworks/cert_manager_standard/main/os_dependency/BUILD.gn index 0cbbff8..d4be6eb 100644 --- a/frameworks/cert_manager_standard/main/os_dependency/BUILD.gn +++ b/frameworks/cert_manager_standard/main/os_dependency/BUILD.gn @@ -34,7 +34,6 @@ ohos_static_library("libcert_manager_os_dependency_standard_static") { "_CM_LOG_ENABLE_", ] sources = [ - "./cm_ipc/src/cm_ipc_check.c", "./cm_ipc/src/cm_ipc_client.c", "./cm_ipc/src/cm_ipc_serialization.c", "./cm_ipc/src/cm_load_sa.cpp", diff --git a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_client_ipc.h b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_client_ipc.h index 6441498..33d45bb 100644 --- a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_client_ipc.h +++ b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_client_ipc.h @@ -24,14 +24,13 @@ extern "C" { #endif -int32_t CmClientGetCertList(const struct CmContext *cmContext, const uint32_t store, - struct CertList *certificateList); +int32_t CmClientGetCertList(const uint32_t store, struct CertList *certificateList); -int32_t CmClientGetCertInfo(const struct CmContext *cmContext, const struct CmBlob *certUri, - const uint32_t store, struct CertInfo *certificateList); +int32_t CmClientGetCertInfo(const struct CmBlob *certUri, const uint32_t store, + struct CertInfo *certificateInfo); -int32_t CmClientSetCertStatus(const struct CmContext *cmContext, const struct CmBlob *certUri, - const uint32_t store, const uint32_t status); +int32_t CmClientSetCertStatus(const struct CmBlob *certUri, const uint32_t store, + const uint32_t status); int32_t CmClientInstallAppCert(const struct CmBlob *appCert, const struct CmBlob *appCertPwd, const struct CmBlob *certAlias, const uint32_t store, struct CmBlob *keyUri); diff --git a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_ipc_serialization.h b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_ipc_serialization.h index 3f6493d..51cd9ef 100644 --- a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_ipc_serialization.h +++ b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_ipc_serialization.h @@ -41,8 +41,8 @@ int32_t CmCertificateInfoPack(struct CmBlob *inData, const struct CmContext *cmC int32_t CmCertificateListUnpackFromService(const struct CmBlob *outData, bool needEncode, const struct CmContext *context, struct CertList *certificateList); -int32_t CmCertificateInfoUnpackFromService(const struct CmBlob *outData, const struct CmContext *context, - struct CertInfo *certificateInfo, const struct CmBlob *certUri); +int32_t CmCertificateInfoUnpackFromService(const struct CmBlob *outData, struct CertInfo *certificateInfo, + const struct CmBlob *certUri); int32_t CmCertificateStatusPack(struct CmBlob *inData, const struct CmContext *cmContext, const struct CmBlob *certUri, const uint32_t store, const uint32_t status); diff --git a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_check.c b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_check.c deleted file mode 100644 index 8d7ae89..0000000 --- a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_check.c +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright (c) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "cm_ipc_check.h" -#include "cm_ipc_serialization.h" - -#include "cm_log.h" - -int32_t CheckCertificateListPara(struct CmBlob *inBlob, struct CmBlob *outBlob, const struct CmContext *cmContext, - const uint32_t store, struct CertList *certificateList) -{ - if ((inBlob == NULL) || (outBlob == NULL) || (cmContext == NULL) || (certificateList == NULL)) { - CM_LOG_E("CheckCertificateListPara arg error"); - return CMR_ERROR_INVALID_ARGUMENT; - } - return CM_SUCCESS; -} - -int32_t CheckCertificateInfoPara(struct CmBlob *inBlob, struct CmBlob *outBlob, const struct CmContext *cmContext, - const uint32_t store, struct CertInfo *certificateInfo) -{ - if ((inBlob == NULL) || (outBlob == NULL) || (cmContext == NULL) || (certificateInfo == NULL)) { - CM_LOG_E("CmCertificateInfoPack arg error"); - return CMR_ERROR_INVALID_ARGUMENT; - } - return CM_SUCCESS; -} \ No newline at end of file diff --git a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_client.c b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_client.c index 35d986d..9ce01a4 100644 --- a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_client.c +++ b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_client.c @@ -14,14 +14,11 @@ */ #include "cm_client_ipc.h" -#include "cm_ipc_check.h" - #include "cm_ipc_serialization.h" #include "cm_log.h" #include "cm_mem.h" #include "cm_x509.h" #include "cm_param.h" - #include "cm_request.h" static int32_t CmSendParcelInit(struct CmParam *params, uint32_t paramCount, @@ -40,113 +37,46 @@ static int32_t CmSendParcelInit(struct CmParam *params, uint32_t paramCount, return ret; } -static int32_t CertificateInfoInitBlob(struct CmBlob *inBlob, struct CmBlob *outBlob, - const struct CmContext *cmContext, struct CertInfo *CertificateInfo) -{ - uint32_t buffSize; - int32_t ret = CM_SUCCESS; - buffSize = sizeof(cmContext->userId) + sizeof(cmContext->uid) + - sizeof(uint32_t) + sizeof(cmContext->packageName) + sizeof(uint32_t) + MAX_LEN_URI + sizeof(uint32_t); - inBlob->data = (uint8_t *)CmMalloc(buffSize); - if (inBlob->data == NULL) { - ret = CMR_ERROR_MALLOC_FAIL; - goto err; - } - inBlob->size = buffSize; - - buffSize = sizeof(uint32_t) + MAX_LEN_CERTIFICATE + sizeof(uint32_t); - outBlob->data = (uint8_t *)CmMalloc(buffSize); - if (outBlob->data == NULL) { - ret = CMR_ERROR_MALLOC_FAIL; - goto err; - } - outBlob->size = buffSize; - - CertificateInfo->certInfo.data = (uint8_t *)CmMalloc(MAX_LEN_CERTIFICATE); - if (CertificateInfo->certInfo.data == NULL) { - ret = CMR_ERROR_MALLOC_FAIL; - goto err; - } - CertificateInfo->certInfo.size = MAX_LEN_CERTIFICATE; - return ret; -err: - CM_FREE_BLOB(*inBlob); - CM_FREE_BLOB(*outBlob); - - return ret; -} - -static int32_t CertificateListInitBlob(struct CmBlob *inBlob, struct CmBlob *outBlob, const struct CmContext *cmContext, - const uint32_t store, struct CertList *certificateList) +static int32_t GetCertListInitOutData(struct CmBlob *outListBlob) { - uint32_t buffSize; - int32_t ret = CM_SUCCESS; - - buffSize = sizeof(cmContext->userId) + sizeof(cmContext->uid) + - sizeof(uint32_t) + sizeof(cmContext->packageName) + sizeof(uint32_t); - inBlob->data = (uint8_t *)CmMalloc(buffSize); - if (inBlob->data == NULL) { - ret = CMR_ERROR_MALLOC_FAIL; - goto err; - } - inBlob->size = buffSize; - - buffSize = sizeof(uint32_t) + (sizeof(uint32_t) + MAX_LEN_SUBJECT_NAME + sizeof(uint32_t) + sizeof(uint32_t) + - MAX_LEN_URI + MAX_LEN_CERT_ALIAS) * MAX_COUNT_CERTIFICATE; - outBlob->data = (uint8_t *)CmMalloc(buffSize); - if (outBlob->data == NULL) { - ret = CMR_ERROR_MALLOC_FAIL; - goto err; - } - outBlob->size = buffSize; - - buffSize = (MAX_COUNT_CERTIFICATE * sizeof(struct CertAbstract)); - certificateList->certAbstract = (struct CertAbstract *)CmMalloc(buffSize); - if (certificateList->certAbstract == NULL) { - ret = CMR_ERROR_MALLOC_FAIL; - goto err; - } - certificateList->certsCount = MAX_COUNT_CERTIFICATE; + uint32_t buffSize = sizeof(uint32_t) + (sizeof(uint32_t) + MAX_LEN_SUBJECT_NAME + sizeof(uint32_t) + + sizeof(uint32_t) + MAX_LEN_URI + sizeof(uint32_t) + MAX_LEN_CERT_ALIAS) * MAX_COUNT_CERTIFICATE; - if (memset_s(certificateList->certAbstract, buffSize, 0, buffSize) != EOK) { - CM_LOG_E("init certAbstract failed"); - ret = CMR_ERROR_INVALID_OPERATION; - goto err; + outListBlob->data = (uint8_t *)CmMalloc(buffSize); + if (outListBlob->data == NULL) { + return CMR_ERROR_MALLOC_FAIL; } - return ret; -err: - CM_FREE_BLOB(*inBlob); - CM_FREE_BLOB(*outBlob); - CmFree(certificateList->certAbstract); + outListBlob->size = buffSize; - return ret; + return CM_SUCCESS; } -static int32_t GetCertificateList(enum CmMessage type, const struct CmContext *cmContext, const uint32_t store, +static int32_t GetCertificateList(enum CmMessage type, const uint32_t store, struct CertList *certificateList) { - struct CmBlob inBlob = {0, NULL}; + int32_t ret; struct CmBlob outBlob = {0, NULL}; const struct CmContext context = {0}; - int32_t ret = CheckCertificateListPara(&inBlob, &outBlob, cmContext, store, certificateList); - if (ret != CM_SUCCESS) { - CM_LOG_E("CheckCertificateListPara fail"); - return ret; - } - - ret = CertificateListInitBlob(&inBlob, &outBlob, cmContext, store, certificateList); - if (ret != CM_SUCCESS) { - CM_LOG_E("CertificateListInitBlob fail"); - return ret; - } + struct CmBlob parcelBlob = {0, NULL}; + struct CmParamSet *sendParamSet = NULL; + struct CmParam params[] = { + { .tag = CM_TAG_PARAM0_UINT32, .uint32Param = store }, + }; do { - ret = CmCertificateListPack(&inBlob, cmContext, store); + ret = CmSendParcelInit(params, CM_ARRAY_SIZE(params), &parcelBlob, &sendParamSet); + if (ret != CM_SUCCESS) { + CM_LOG_E("get cert list sendParcel failed"); + break; + } + + ret = GetCertListInitOutData(&outBlob); if (ret != CM_SUCCESS) { - CM_LOG_E("CmCertificateListPack fail"); + CM_LOG_E("malloc getcertlist outdata failed"); break; } - ret = SendRequest(type, &inBlob, &outBlob); + + ret = SendRequest(type, &parcelBlob, &outBlob); if (ret != CM_SUCCESS) { CM_LOG_E("GetCertificateList request fail"); break; @@ -154,119 +84,111 @@ static int32_t GetCertificateList(enum CmMessage type, const struct CmContext *c ret = CmCertificateListUnpackFromService(&outBlob, false, &context, certificateList); } while (0); - CM_FREE_BLOB(inBlob); + CmFreeParamSet(&sendParamSet); CM_FREE_BLOB(outBlob); return ret; } -int32_t CmClientGetCertList(const struct CmContext *cmContext, const uint32_t store, - struct CertList *certificateList) +int32_t CmClientGetCertList(const uint32_t store, struct CertList *certificateList) { - return GetCertificateList(CM_MSG_GET_CERTIFICATE_LIST, cmContext, store, certificateList); + return GetCertificateList(CM_MSG_GET_CERTIFICATE_LIST, store, certificateList); } -static int32_t GetCertificateInfo(enum CmMessage type, const struct CmContext *cmContext, - const struct CmBlob *certUri, const uint32_t store, struct CertInfo *certificateInfo) +static int32_t GetCertInfoInitOutData(struct CmBlob *outInfoBlob) { - struct CmBlob inBlob = {0, NULL}; - struct CmBlob outBlob = {0, NULL}; - const struct CmContext context = {0}; + uint32_t buffSize = sizeof(uint32_t) + MAX_LEN_CERTIFICATE + sizeof(uint32_t) + + MAX_LEN_CERT_ALIAS + sizeof(uint32_t); - int32_t ret = CheckCertificateInfoPara(&inBlob, &outBlob, cmContext, store, certificateInfo); - if (ret != CM_SUCCESS) { - CM_LOG_E("CheckCertificateInfoPara fail"); - return ret; + outInfoBlob->data = (uint8_t *)CmMalloc(buffSize); + if (outInfoBlob->data == NULL) { + return CMR_ERROR_MALLOC_FAIL; } + outInfoBlob->size = buffSize; - ret = CertificateInfoInitBlob(&inBlob, &outBlob, cmContext, certificateInfo); - if (ret != CM_SUCCESS) { - CM_LOG_E("CheckCertificateInfoPara fail"); - return ret; - } + return CM_SUCCESS; +} + +static int32_t GetCertificateInfo(enum CmMessage type, const struct CmBlob *certUri, + const uint32_t store, struct CertInfo *certificateInfo) +{ + int32_t ret = CM_SUCCESS; + struct CmBlob outBlob = {0, NULL}; + struct CmBlob parcelBlob = {0, NULL}; + struct CmParamSet *sendParamSet = NULL; + struct CmParam params[] = { + { .tag = CM_TAG_PARAM0_BUFFER, .blob = *certUri }, + { .tag = CM_TAG_PARAM0_UINT32, .uint32Param = store }, + }; do { - ret = CmCertificateInfoPack(&inBlob, cmContext, certUri, store); + ret = CmSendParcelInit(params, CM_ARRAY_SIZE(params), &parcelBlob, &sendParamSet); if (ret != CM_SUCCESS) { - CM_LOG_E("CmCertificateInfoPack fail"); + CM_LOG_E("get cert info sendParcel failed"); + break; + } + + ret = GetCertInfoInitOutData(&outBlob); + if (ret != CM_SUCCESS) { + CM_LOG_E("malloc getcertinfo outdata failed"); break; } - ret = SendRequest(type, &inBlob, &outBlob); + ret = SendRequest(type, &parcelBlob, &outBlob); if (ret != CM_SUCCESS) { CM_LOG_E("GetCertificateInfo request fail"); break; } - ret = CmCertificateInfoUnpackFromService(&outBlob, &context, certificateInfo, certUri); + ret = CmCertificateInfoUnpackFromService(&outBlob, certificateInfo, certUri); + if (ret != CM_SUCCESS) { + CM_LOG_E("GetCertificateInfo unpack failed, ret = %d", ret); + break; + } } while (0); - - CM_FREE_BLOB(inBlob); + CmFreeParamSet(&sendParamSet); CM_FREE_BLOB(outBlob); return ret; } -int32_t CmClientGetCertInfo(const struct CmContext *cmContext, const struct CmBlob *certUri, - const uint32_t store, struct CertInfo *certificateInfo) +int32_t CmClientGetCertInfo(const struct CmBlob *certUri, const uint32_t store, + struct CertInfo *certificateInfo) { - return GetCertificateInfo(CM_MSG_GET_CERTIFICATE_INFO, cmContext, certUri, store, certificateInfo); + return GetCertificateInfo(CM_MSG_GET_CERTIFICATE_INFO, certUri, store, certificateInfo); } -static int32_t CertificateStatusInitBlob(struct CmBlob *inBlob, const struct CmContext *cmContext, - const struct CmBlob *certUri, const uint32_t store, const uint32_t status) -{ - int32_t ret = CM_SUCCESS; - uint32_t buffSize = sizeof(cmContext->userId) + sizeof(cmContext->uid) + - sizeof(uint32_t) + sizeof(cmContext->packageName) + sizeof(certUri->size) + - ALIGN_SIZE(certUri->size) + sizeof(store) + sizeof(status); - inBlob->data = (uint8_t *)CmMalloc(buffSize); - if (inBlob->data == NULL) { - ret = CMR_ERROR_MALLOC_FAIL; - goto err; - } - inBlob->size = buffSize; - return ret; -err: - CM_FREE_BLOB(*inBlob); - return ret; -} - -static int32_t SetCertificateStatus(enum CmMessage type, const struct CmContext *cmContext, - const struct CmBlob *certUri, const uint32_t store, const uint32_t status) +static int32_t SetCertificateStatus(enum CmMessage type, const struct CmBlob *certUri, + const uint32_t store, const uint32_t status) { - struct CmBlob inBlob = {0, NULL}; int32_t ret = CM_SUCCESS; - - if ((cmContext == NULL) || certUri == NULL) { - CM_LOG_E("SetCertificateStatus invalid agrument"); - return CMR_ERROR_INVALID_ARGUMENT; - } - - ret = CertificateStatusInitBlob(&inBlob, cmContext, certUri, store, status); - if (ret != CM_SUCCESS) { - CM_LOG_E("CertificateStatusInitBlob fail"); - return ret; - } + struct CmBlob parcelBlob = {0, NULL}; + struct CmParamSet *sendParamSet = NULL; + struct CmParam params[] = { + { .tag = CM_TAG_PARAM0_BUFFER, .blob = *certUri }, + { .tag = CM_TAG_PARAM0_UINT32, .uint32Param = store }, + { .tag = CM_TAG_PARAM1_UINT32, .uint32Param = status }, + }; do { - ret = CmCertificateStatusPack(&inBlob, cmContext, certUri, store, status); + ret = CmSendParcelInit(params, CM_ARRAY_SIZE(params), &parcelBlob, &sendParamSet); if (ret != CM_SUCCESS) { - CM_LOG_E("CmCertificateStatusPack fail"); + CM_LOG_E("set cert status sendParcel failed"); break; } - ret = SendRequest(type, &inBlob, NULL); + + ret = SendRequest(type, &parcelBlob, NULL); if (ret != CM_SUCCESS) { CM_LOG_E("CmCertificateStatusPack request fail"); break; } } while (0); - CM_FREE_BLOB(inBlob); + CmFreeParamSet(&sendParamSet); return ret; } -int32_t CmClientSetCertStatus(const struct CmContext *cmContext, const struct CmBlob *certUri, const uint32_t store, - const uint32_t status) +int32_t CmClientSetCertStatus(const struct CmBlob *certUri, const uint32_t store, + const uint32_t status) { - return SetCertificateStatus(CM_MSG_SET_CERTIFICATE_STATUS, cmContext, certUri, store, status); + return SetCertificateStatus(CM_MSG_SET_CERTIFICATE_STATUS, certUri, store, status); } static int32_t CmInstallAppCertUnpackFromService(const struct CmBlob *outData, struct CmBlob *keyUri) @@ -919,20 +841,6 @@ int32_t CmClientAbort(const struct CmBlob *handle) return ret; } -static int32_t GetCertListInitOutData(struct CmBlob *outListBlob) -{ - uint32_t buffSize = sizeof(uint32_t) + (sizeof(uint32_t) + MAX_LEN_SUBJECT_NAME + sizeof(uint32_t) + - sizeof(uint32_t) + MAX_LEN_URI + sizeof(uint32_t) + MAX_LEN_CERT_ALIAS) * MAX_COUNT_CERTIFICATE; - - outListBlob->data = (uint8_t *)CmMalloc(buffSize); - if (outListBlob->data == NULL) { - return CMR_ERROR_MALLOC_FAIL; - } - outListBlob->size = buffSize; - - return CM_SUCCESS; -} - static int32_t GetUserCertList(enum CmMessage type, const uint32_t store, struct CertList *certificateList) { @@ -981,22 +889,7 @@ int32_t CmClientGetUserCertList(const uint32_t store, struct CertList *certifica return GetUserCertList(CM_MSG_GET_USER_CERTIFICATE_LIST, store, certificateList); } -static int32_t GetCertInfoInitOutData(struct CmBlob *outInfoBlob) -{ - uint32_t buffSize = sizeof(uint32_t) + MAX_LEN_CERTIFICATE + sizeof(uint32_t) + - MAX_LEN_CERT_ALIAS + sizeof(uint32_t); - - outInfoBlob->data = (uint8_t *)CmMalloc(buffSize); - if (outInfoBlob->data == NULL) { - return CMR_ERROR_MALLOC_FAIL; - } - outInfoBlob->size = buffSize; - - return CM_SUCCESS; -} - -static int32_t GetInfoFromX509cert(X509 *x509cert, struct CertInfo *userCertInfo) -{ +static int32_t GetInfoFromX509cert(X509 *x509cert, struct CertInfo *userCertInfo) { int32_t subjectNameLen = 0; subjectNameLen = GetX509SubjectNameLongFormat(x509cert, userCertInfo->subjectName, MAX_LEN_SUBJECT_NAME); if (subjectNameLen == 0) { @@ -1057,6 +950,7 @@ static int32_t CmUserCertInfoUnpackFromService(const struct CmBlob *outBuf, return ret; } if (memcpy_s(userCertInfo->certInfo.data, MAX_LEN_CERTIFICATE, bufBlob.data, bufBlob.size) != EOK) { + CM_LOG_E("copy cert data failed"); return CMR_ERROR_INVALID_OPERATION; } userCertInfo->certInfo.size = bufBlob.size; diff --git a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_serialization.c b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_serialization.c index 43d300c..699542e 100644 --- a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_serialization.c +++ b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_serialization.c @@ -211,14 +211,14 @@ int32_t CmCertificateListUnpackFromService(const struct CmBlob *outData, bool ne return CM_SUCCESS; } -int32_t CmCertificateInfoUnpackFromService(const struct CmBlob *outData, - const struct CmContext *context, struct CertInfo *certificateInfo, const struct CmBlob *certUri) +int32_t CmCertificateInfoUnpackFromService(const struct CmBlob *outData, struct CertInfo *certificateInfo, + const struct CmBlob *certUri) { struct CmBlob blob; uint32_t offset = 0, status = 0; - if ((outData == NULL) || (context == NULL) || (certificateInfo == NULL) || - (outData->data == NULL) || (certificateInfo->certInfo.data == NULL)) { + if ((outData == NULL) || (certificateInfo == NULL) || (outData->data == NULL) || + (certificateInfo->certInfo.data == NULL)) { return CMR_ERROR_NULL_POINTER; } diff --git a/interfaces/innerkits/cert_manager_standard/main/include/cert_manager_api.h b/interfaces/innerkits/cert_manager_standard/main/include/cert_manager_api.h index 761eb54..bdf8f22 100644 --- a/interfaces/innerkits/cert_manager_standard/main/include/cert_manager_api.h +++ b/interfaces/innerkits/cert_manager_standard/main/include/cert_manager_api.h @@ -22,14 +22,13 @@ extern "C" { #endif -CM_API_EXPORT int32_t CmGetCertList(const struct CmContext *cmContext, uint32_t store, - struct CertList *certificateList); +CM_API_EXPORT int32_t CmGetCertList(uint32_t store, struct CertList *certificateList); -CM_API_EXPORT int32_t CmGetCertInfo(const struct CmContext *cmContext, const struct CmBlob *certUri, - uint32_t store, struct CertInfo *certificateInfo); +CM_API_EXPORT int32_t CmGetCertInfo(const struct CmBlob *certUri, uint32_t store, + struct CertInfo *certificateInfo); -CM_API_EXPORT int32_t CmSetCertStatus(const struct CmContext *cmContext, const struct CmBlob *certUri, - uint32_t store, const bool status); +CM_API_EXPORT int32_t CmSetCertStatus(const struct CmBlob *certUri, const uint32_t store, + const bool status); CM_API_EXPORT int32_t CmInstallAppCert(const struct CmBlob *appCert, const struct CmBlob *appCertPwd, const struct CmBlob *certAlias, const uint32_t store, struct CmBlob *keyUri); diff --git a/interfaces/innerkits/cert_manager_standard/main/src/cert_manager_api.c b/interfaces/innerkits/cert_manager_standard/main/src/cert_manager_api.c index 0d278a8..23beec4 100644 --- a/interfaces/innerkits/cert_manager_standard/main/src/cert_manager_api.c +++ b/interfaces/innerkits/cert_manager_standard/main/src/cert_manager_api.c @@ -27,43 +27,60 @@ #include "cm_request.h" -CM_API_EXPORT int32_t CmGetCertList(const struct CmContext *cmContext, const uint32_t store, - struct CertList *certificateList) +CM_API_EXPORT int32_t CmGetCertList(const uint32_t store, struct CertList *certificateList) { CM_LOG_I("enter get certificate list"); - if ((cmContext == NULL) || (certificateList == NULL)) { + if (certificateList == NULL) { + CM_LOG_E("invalid input arguments"); return CMR_ERROR_NULL_POINTER; } - int32_t ret = CmClientGetCertList(cmContext, store, certificateList); + if ((certificateList->certAbstract == NULL) || (store != CM_SYSTEM_TRUSTED_STORE)) { + CM_LOG_E("invalid input arguments store:%u", store); + return CMR_ERROR_INVALID_ARGUMENT; + } + + int32_t ret = CmClientGetCertList(store, certificateList); CM_LOG_I("leave get certificate list, result = %d", ret); return ret; } -CM_API_EXPORT int32_t CmGetCertInfo(const struct CmContext *cmContext, const struct CmBlob *certUri, - const uint32_t store, struct CertInfo *certificateInfo) +CM_API_EXPORT int32_t CmGetCertInfo(const struct CmBlob *certUri, uint32_t store, + struct CertInfo *certificateInfo) { CM_LOG_I("enter get certificate info"); - if ((cmContext == NULL) || (certUri == NULL) || (certificateInfo == NULL)) { + if ((certUri == NULL) || (certificateInfo == NULL)) { + CM_LOG_E("invalid input arguments"); return CMR_ERROR_NULL_POINTER; } - int32_t ret = CmClientGetCertInfo(cmContext, certUri, store, certificateInfo); + if ((certificateInfo->certInfo.data == NULL) || (store != CM_SYSTEM_TRUSTED_STORE)) { + CM_LOG_E("invalid input arguments store:%u", store); + return CMR_ERROR_INVALID_ARGUMENT; + } + + int32_t ret = CmClientGetCertInfo(certUri, store, certificateInfo); CM_LOG_I("leave get certificate info, result = %d", ret); return ret; } -CM_API_EXPORT int32_t CmSetCertStatus(const struct CmContext *cmContext, const struct CmBlob *certUri, - const uint32_t store, const bool status) +CM_API_EXPORT int32_t CmSetCertStatus(const struct CmBlob *certUri, const uint32_t store, + const bool status) { CM_LOG_I("enter set certificate status"); - if ((cmContext == NULL) || (certUri == NULL)) { + if (certUri == NULL) { + CM_LOG_E("invalid input arguments"); return CMR_ERROR_NULL_POINTER; } - uint32_t uStatus = status ? 0: 1; // 0 indicates the certificate enabled status + if (store != CM_SYSTEM_TRUSTED_STORE) { + CM_LOG_E("invalid input arguments store:%u", store); + return CMR_ERROR_INVALID_ARGUMENT; + } + + uint32_t uStatus = status ? 0 : 1; // 0 indicates the certificate enabled status - int32_t ret = CmClientSetCertStatus(cmContext, certUri, store, uStatus); + int32_t ret = CmClientSetCertStatus(certUri, store, uStatus); CM_LOG_I("leave set certificate status, result = %d", ret); return ret; } diff --git a/interfaces/kits/napi/src/cm_napi_get_system_cert_info.cpp b/interfaces/kits/napi/src/cm_napi_get_system_cert_info.cpp index 15b17c8..b2283d7 100644 --- a/interfaces/kits/napi/src/cm_napi_get_system_cert_info.cpp +++ b/interfaces/kits/napi/src/cm_napi_get_system_cert_info.cpp @@ -176,17 +176,18 @@ static void GetCertInfoExecute(napi_env env, void *data) } (void)memset_s(context->certificate, sizeof(struct CertInfo), 0, sizeof(struct CertInfo)); + context->certificate->certInfo.data = (uint8_t *)CmMalloc(MAX_LEN_CERTIFICATE); + if (context->certificate->certInfo.data == nullptr) { + CM_LOG_E("malloc certificate certInfo data fail"); + context->result = CMR_ERROR_MALLOC_FAIL; + return; + } + context->certificate->certInfo.size = MAX_LEN_CERTIFICATE; + if (context->store == CM_SYSTEM_TRUSTED_STORE) { - context->result = CmGetCertInfo(context->cmContext, context->certUri, context->store, + context->result = CmGetCertInfo(context->certUri, context->store, context->certificate); } else { - context->certificate->certInfo.data = (uint8_t *)CmMalloc(MAX_LEN_CERTIFICATE); - if (context->certificate->certInfo.data == nullptr) { - CM_LOG_E("malloc certificate certInfo data fail"); - context->result = CMR_ERROR_MALLOC_FAIL; - return; - } - context->certificate->certInfo.size = MAX_LEN_CERTIFICATE; context->result = CmGetUserCertInfo(context->certUri, context->store, context->certificate); } } diff --git a/interfaces/kits/napi/src/cm_napi_get_system_cert_list.cpp b/interfaces/kits/napi/src/cm_napi_get_system_cert_list.cpp index 6abae5f..174e2a2 100644 --- a/interfaces/kits/napi/src/cm_napi_get_system_cert_list.cpp +++ b/interfaces/kits/napi/src/cm_napi_get_system_cert_list.cpp @@ -157,19 +157,20 @@ static void GetCertListExecute(napi_env env, void *data) } context->certificateList->certAbstract = nullptr; context->certificateList->certsCount = 0; + + uint32_t buffSize = MAX_COUNT_CERTIFICATE * sizeof(struct CertAbstract); + context->certificateList->certAbstract = (struct CertAbstract *)CmMalloc(buffSize); + if (context->certificateList->certAbstract == nullptr) { + CM_LOG_E("malloc certificateList certAbstract fail"); + context->result = CMR_ERROR_MALLOC_FAIL; + return; + } + (void)memset_s(context->certificateList->certAbstract, buffSize, 0, buffSize); + context->certificateList->certsCount = MAX_COUNT_CERTIFICATE; + if (context->store == CM_SYSTEM_TRUSTED_STORE) { - context->result = CmGetCertList(context->cmContext, context->store, context->certificateList); + context->result = CmGetCertList(context->store, context->certificateList); } else { - uint32_t buffSize = MAX_COUNT_CERTIFICATE * sizeof(struct CertAbstract); - context->certificateList->certAbstract = (struct CertAbstract *)CmMalloc(buffSize); - if (context->certificateList->certAbstract == nullptr) { - CM_LOG_E("malloc certificateList certAbstract fail"); - context->result = CMR_ERROR_MALLOC_FAIL; - return; - } - (void)memset_s(context->certificateList->certAbstract, buffSize, 0, buffSize); - context->certificateList->certsCount = MAX_COUNT_CERTIFICATE; - context->result = CmGetUserCertList(context->store, context->certificateList); } } diff --git a/interfaces/kits/napi/src/cm_napi_set_cert_status.cpp b/interfaces/kits/napi/src/cm_napi_set_cert_status.cpp index a0e113b..ec57c3e 100644 --- a/interfaces/kits/napi/src/cm_napi_set_cert_status.cpp +++ b/interfaces/kits/napi/src/cm_napi_set_cert_status.cpp @@ -129,7 +129,7 @@ static void SetCertStatusExecute(napi_env env, void *data) { SetCertStatusAsyncContext context = static_cast(data); if (context->store == CM_SYSTEM_TRUSTED_STORE) { - context->result = CmSetCertStatus(context->cmContext, context->certUri, context->store, + context->result = CmSetCertStatus(context->certUri, context->store, context->status); } else if (context->store == CM_USER_TRUSTED_STORE) { context->result = CmSetUserCertStatus(context->certUri, context->store, context->status); diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/BUILD.gn b/services/cert_manager_standard/cert_manager_engine/main/core/BUILD.gn index e5c3cfc..8c910aa 100644 --- a/services/cert_manager_standard/cert_manager_engine/main/core/BUILD.gn +++ b/services/cert_manager_standard/cert_manager_engine/main/core/BUILD.gn @@ -57,6 +57,7 @@ ohos_shared_library("cert_manager_engine_core_standard") { "src/cert_manager_storage.c", "src/cert_manager_uri.c", "src/cert_manager_util.c", + "src/cert_manager_check.c", "src/cm_asn1.c", "src/cm_event_process.c", "src/cm_openssl_curve25519.c", diff --git a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_ipc_check.h b/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_check.h old mode 100644 new mode 100755 similarity index 63% rename from frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_ipc_check.h rename to services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_check.h index ba8bb1b..2c59351 --- a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_ipc_check.h +++ b/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_check.h @@ -30,11 +30,20 @@ int32_t CmGetBlobFromBuffer(struct CmBlob *blob, const struct CmBlob *srcBlob, u int32_t CopyBlobToBuffer(const struct CmBlob *blob, const struct CmBlob *destBlob, uint32_t *destOffset); -int32_t CheckCertificateListPara(struct CmBlob *inBlob, struct CmBlob *outBlob, const struct CmContext *cmContext, - const uint32_t store, struct CertList *certificateList); +int32_t CmServiceGetSystemCertListCheck(const uint32_t store); -int32_t CheckCertificateInfoPara(struct CmBlob *inBlob, struct CmBlob *outBlob, const struct CmContext *cmContext, - const uint32_t store, struct CertInfo *certificateInfo); +int32_t CmServiceGetSystemCertCheck(const uint32_t store, const struct CmBlob *keyUri); + +int32_t CmServiceSetCertStatusCheck(const uint32_t store, struct CmBlob *certUri, const uint32_t status); + +int32_t CmServiceInstallAppCertCheck(const struct CmBlob *appCert, struct CmBlob *appCertPwd, + struct CmBlob *certAlias, uint32_t store, const struct CmContext *cmContext); + +int32_t CmServiceUninstallAppCertCheck(const uint32_t store, struct CmBlob *certUri); + +int32_t CmServiceGetAppCertListCheck(const uint32_t store); + +int32_t CmServiceGetAppCertCheck(const uint32_t store, struct CmBlob *keyUri); #ifdef __cplusplus } diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_file_operator.h b/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_file_operator.h index 733f13b..d58dd04 100644 --- a/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_file_operator.h +++ b/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_file_operator.h @@ -74,6 +74,9 @@ int32_t CmIsDirExist(const char *path); int32_t CmUserIdLayerGetFileCountAndNames(const char *path, struct CmBlob *fileNames, const uint32_t arraySize, uint32_t *fileCount); +int32_t CmUidLayerGetFileCountAndNames(const char *path, struct CmBlob *fileNames, + const uint32_t arraySize, uint32_t *fileCount); + int32_t CmGetSubDir(void *dirp, struct CmFileDirentInfo *direntInfo); int32_t CmDirRemove(const char *path); diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_service.h b/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_service.h index 1b9d810..c3eb4f7 100755 --- a/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_service.h +++ b/services/cert_manager_standard/cert_manager_engine/main/core/include/cert_manager_service.h @@ -67,6 +67,8 @@ int32_t CmUninstallAllUserCert(const struct CmContext *context); int32_t CmServiceSetCertStatus(const struct CmContext *context, const struct CmBlob *certUri, uint32_t store, uint32_t status); +int32_t CheckUri(const struct CmBlob *keyUri); + #ifdef __cplusplus } #endif diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager.c index bc58977..456be80 100644 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager.c @@ -364,14 +364,9 @@ int32_t CertManagerListTrustedCertificates(const struct CmContext *context, stru char path[CERT_MAX_PATH_LEN] = {0}; struct CmMutableBlob pathBlob = { sizeof(path), (uint8_t *)path }; - if (!CmHasCommonPermission()) { - CM_LOG_E("permission check failed"); - return CMR_ERROR_PERMISSION_DENIED; - } - int32_t ret = CmGetFilePath(context, store, &pathBlob); if (ret != CMR_OK) { - CM_LOG_E("Failed obtain path fot store %x", store); + CM_LOG_E("Failed obtain path for store %x", store); return CMR_ERROR; } ret = CertManagerGetFilenames(&fileNames, path, certBlob->uri); @@ -877,12 +872,6 @@ int32_t CmRemoveAppCert(const struct CmContext *context, const struct CmBlob *ke { ASSERT_ARGS(context && keyUri && keyUri->data && keyUri->size); int32_t ret; - - if (!CmPermissionCheck(store)) { - CM_LOG_E("CmPermissionCheck check failed"); - return CMR_ERROR_PERMISSION_DENIED; - } - if (store == CM_CREDENTIAL_STORE) { ret = CmAuthDeleteAuthInfo(context, keyUri); if (ret != CM_SUCCESS) { @@ -931,7 +920,7 @@ static int32_t CmAppCertGetFilePath(const struct CmContext *context, const uint3 switch (store) { case CM_CREDENTIAL_STORE : - ret = sprintf_s((char*)path->data, MAX_PATH_LEN, "%s%u", CREDNTIAL_STORE, context->userId); + ret = sprintf_s((char*)path->data, MAX_PATH_LEN, "%s%u/%u", CREDNTIAL_STORE, context->userId, context->uid); break; case CM_PRI_CREDENTIAL_STORE : ret = sprintf_s((char*)path->data, MAX_PATH_LEN, "%s%u", APP_CA_STORE, context->userId); @@ -1078,23 +1067,26 @@ int32_t CmServiceGetAppCertList(const struct CmContext *context, uint32_t store, char pathBuf[CERT_MAX_PATH_LEN] = {0}; struct CmBlob path = { sizeof(pathBuf), (uint8_t*)pathBuf }; - if (store != CM_CREDENTIAL_STORE && store != CM_PRI_CREDENTIAL_STORE) { - CM_LOG_E("Parm is invalid store:%u", store); - return CM_FAILURE; - } - int32_t ret = CmAppCertGetFilePath(context, store, &path); if (ret != CM_SUCCESS) { CM_LOG_E("Get file path for store:%u faild", store); return CM_FAILURE; } - ret = CmUserIdLayerGetFileCountAndNames(pathBuf, fileNames, fileSize, fileCount); + CM_LOG_I("Get app cert list path:%s", pathBuf); + + if (store == CM_CREDENTIAL_STORE) { + ret = CmUidLayerGetFileCountAndNames(pathBuf, fileNames, fileSize, fileCount); + } else { + ret = CmUserIdLayerGetFileCountAndNames(pathBuf, fileNames, fileSize, fileCount); + } if (ret != CM_SUCCESS) { - CM_LOG_E("Get file count and names from path faild ret:%d:path:%s", ret, pathBuf); + CM_LOG_E("Get file count and names from path faild ret:%d, path:%s", ret, pathBuf); return ret; } + CM_LOG_I("Get app cert list fileCount:%u", *fileCount); + return CM_SUCCESS; } diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c new file mode 100755 index 0000000..07b6fe8 --- /dev/null +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_check.c @@ -0,0 +1,219 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include "cm_log.h" +#include "cm_ipc_check.h" +#include "cert_manager.h" +#include "cm_ipc_serialization.h" +#include "cert_manager_service.h" +#include "cert_manager_permission_check.h" + +int32_t CmServiceGetSystemCertListCheck(const uint32_t store) +{ + if (store != CM_SYSTEM_TRUSTED_STORE) { + CM_LOG_E("invalid input arguments store:%u", store); + return CMR_ERROR_INVALID_ARGUMENT; + } + + if (!CmHasCommonPermission()) { + CM_LOG_E("permission check failed"); + return CMR_ERROR_PERMISSION_DENIED; + } + + return CM_SUCCESS; +} + +int32_t CmServiceGetSystemCertCheck(const uint32_t store, const struct CmBlob *keyUri) +{ + if (store != CM_SYSTEM_TRUSTED_STORE) { + CM_LOG_E("invalid input arguments store:%u", store); + return CMR_ERROR_INVALID_ARGUMENT; + } + + if (CheckUri(keyUri) != CM_SUCCESS) { + CM_LOG_E("invalid input arguments"); + return CMR_ERROR_INVALID_ARGUMENT; + } + + if (!CmHasCommonPermission()) { + CM_LOG_E("permission check failed"); + return CMR_ERROR_PERMISSION_DENIED; + } + + return CM_SUCCESS; +} + +int32_t CmServiceSetCertStatusCheck(const uint32_t store, struct CmBlob *keyUri, const uint32_t status) +{ + if (store != CM_SYSTEM_TRUSTED_STORE) { + CM_LOG_E("invalid input arguments store:%u", store); + return CMR_ERROR_INVALID_ARGUMENT; + } + + if (CheckUri(keyUri) != CM_SUCCESS) { + CM_LOG_E("invalid input arguments"); + return CMR_ERROR_INVALID_ARGUMENT; + } + + if ((status != 0) && (status != 1)) { + CM_LOG_E("invalid input arguments store:%u", status); + return CMR_ERROR_INVALID_ARGUMENT; + } + + if (!CmHasPrivilegedPermission() || !CmHasCommonPermission()) { + CM_LOG_E("permission check failed"); + return CMR_ERROR_PERMISSION_DENIED; + } + + return CM_SUCCESS; +} + +static bool AppCertCheckBlobValid(const struct CmBlob *data) +{ + for (uint32_t i = 0; i < data->size; i++) { + if ((i > 0) && (data->data[i] == '\0')) { /* from index 1 has '\0' */ + CM_LOG_E("data has string end character"); + return true; + } + + if ((!isalnum(data->data[i])) && (data->data[i] != '_')) { /* has invalid character */ + CM_LOG_E("data include invalid character"); + return false; + } + } + + return true; +} + +static bool CmCheckMaxInstalledCertCount(const uint32_t store, const struct CmContext *cmContext) +{ + bool isValid = true; + uint32_t fileCount = 0; + struct CmBlob fileNames[MAX_COUNT_CERTIFICATE]; + uint32_t len = MAX_COUNT_CERTIFICATE * sizeof(struct CmBlob); + (void)memset_s(fileNames, len, 0, len); + + if (CmServiceGetAppCertList(cmContext, store, fileNames, + MAX_COUNT_CERTIFICATE, &fileCount) != CM_SUCCESS) { + isValid = false; + CM_LOG_E("Get App cert list fail"); + } + + if (fileCount >= MAX_COUNT_CERTIFICATE) { + isValid = false; + CM_LOG_E("The app cert installed has reached max count:%u", fileCount); + } + + CM_LOG_I("app cert installed count:%u", fileCount); + + CmFreeFileNames(fileNames, fileCount); + return isValid; +} + +int32_t CmServiceInstallAppCertCheck(const struct CmBlob *appCert, struct CmBlob *appCertPwd, + struct CmBlob *certAlias, uint32_t store, const struct CmContext *cmContext) +{ + if (store != CM_CREDENTIAL_STORE && store != CM_PRI_CREDENTIAL_STORE) { + CM_LOG_E("CmInstallAppCertCheck store check fail, store:%u", store); + return CMR_ERROR_INVALID_ARGUMENT; + } + + if ((CmCheckBlob(appCert) != CM_SUCCESS) || (CmCheckBlob(appCertPwd) != CM_SUCCESS) || + (CmCheckBlob(certAlias) != CM_SUCCESS)) { + CM_LOG_E("CmInstallAppCertCheck blob check fail"); + return CMR_ERROR_INVALID_ARGUMENT; + } + + if (appCert->size > MAX_LEN_APP_CERT || appCertPwd->size > MAX_LEN_APP_CERT_PASSWD || + certAlias->size > MAX_LEN_CERT_ALIAS) { + CM_LOG_E("CmInstallAppCertCheck max check fail, appCert:%u, appCertPwd:%u, certAlias:%u", + appCert->size, appCertPwd->size, certAlias->size); + return CMR_ERROR_INVALID_ARGUMENT; + } + + if (!AppCertCheckBlobValid(appCertPwd) || !AppCertCheckBlobValid(certAlias)) { + CM_LOG_E("CmInstallAppCertCheck blob data check fail"); + return CMR_ERROR_INVALID_ARGUMENT; + } + + if (CmCheckMaxInstalledCertCount(store, cmContext) == false) { + CM_LOG_E("CmCheckMaxInstalledCertCount check fail"); + return CM_FAILURE; + } + + if (!CmPermissionCheck(store)) { + CM_LOG_E("CmPermissionCheck check failed"); + return CMR_ERROR_PERMISSION_DENIED; + } + + return CM_SUCCESS; +} + +int32_t CmServiceUninstallAppCertCheck(const uint32_t store, struct CmBlob *keyUri) +{ + if ((store != CM_CREDENTIAL_STORE) && (store != CM_PRI_CREDENTIAL_STORE)) { + CM_LOG_E("invalid input arguments store:%u", store); + return CMR_ERROR_INVALID_ARGUMENT; + } + + if (CheckUri(keyUri) != CM_SUCCESS) { + CM_LOG_E("invalid input arguments"); + return CMR_ERROR_INVALID_ARGUMENT; + } + + if (!CmHasCommonPermission()) { + CM_LOG_E("permission check failed"); + return CMR_ERROR_PERMISSION_DENIED; + } + + return CM_SUCCESS; +} + +int32_t CmServiceGetAppCertListCheck(const uint32_t store) +{ + if ((store != CM_CREDENTIAL_STORE) && (store != CM_PRI_CREDENTIAL_STORE)) { + CM_LOG_E("invalid input arguments store:%u", store); + return CMR_ERROR_INVALID_ARGUMENT; + } + + if (!CmHasPrivilegedPermission() || !CmHasCommonPermission()) { + CM_LOG_E("permission check failed"); + return CMR_ERROR_PERMISSION_DENIED; + } + + return CM_SUCCESS; +} + +int32_t CmServiceGetAppCertCheck(const uint32_t store, struct CmBlob *keyUri) +{ + if ((store != CM_CREDENTIAL_STORE) && (store != CM_PRI_CREDENTIAL_STORE)) { + CM_LOG_E("invalid input arguments store:%u", store); + return CMR_ERROR_INVALID_ARGUMENT; + } + + if (CheckUri(keyUri) != CM_SUCCESS) { + CM_LOG_E("invalid input arguments"); + return CMR_ERROR_INVALID_ARGUMENT; + } + + if (!CmHasCommonPermission()) { + CM_LOG_E("permission check failed"); + return CMR_ERROR_PERMISSION_DENIED; + } + + return CM_SUCCESS; +} + diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_file_operator.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_file_operator.c index 2e92ac0..06f2ffb 100644 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_file_operator.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_file_operator.c @@ -375,7 +375,7 @@ static int32_t CmUidLayerGetFileNames(const char *filePath, struct CmBlob *fileN return CM_SUCCESS; } -static int32_t CmUidLayerGetFileCountAndNames(const char *path, struct CmBlob *fileNames, +int32_t CmUidLayerGetFileCountAndNames(const char *path, struct CmBlob *fileNames, const uint32_t arraySize, uint32_t *fileCount) { uint32_t count = *fileCount; @@ -459,7 +459,7 @@ int32_t CmUserIdLayerGetFileCountAndNames(const char *path, struct CmBlob *fileN closedir(dir); return CMR_ERROR_INVALID_OPERATION; } - CM_LOG_E("CmIpcServiceGetAppCert07:%d", *fileCount); + if ((dire->d_type == DT_DIR) && (strcmp("..", dire->d_name) != 0) && (strcmp(".", dire->d_name) != 0)) { if (CmUidLayerGetFileCountAndNames(userIdPath, fileNames, arraySize, fileCount) != CM_SUCCESS) { CM_LOG_E("CmUidLayerGetFileCountAndNames faild"); @@ -470,7 +470,6 @@ int32_t CmUserIdLayerGetFileCountAndNames(const char *path, struct CmBlob *fileN (void)remove(userIdPath); } dire = readdir(dir); - CM_LOG_E("CmIpcServiceGetAppCert20:%d", *fileCount); } closedir(dir); return CM_SUCCESS; diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_service.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_service.c index aae85bf..41868a6 100755 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_service.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_service.c @@ -33,13 +33,18 @@ #include "cert_manager_uri.h" #include "cm_event_process.h" -static int32_t CheckUri(const struct CmBlob *keyUri) +int32_t CheckUri(const struct CmBlob *keyUri) { if (CmCheckBlob(keyUri) != CM_SUCCESS) { CM_LOG_E("invalid uri"); return CMR_ERROR_INVALID_ARGUMENT; } + if (keyUri->size > MAX_LEN_URI) { + CM_LOG_E("invalid uri len:%u", keyUri->size); + return CMR_ERROR_INVALID_ARGUMENT; + } + for (uint32_t i = 1; i < keyUri->size; ++i) { /* from index 1 has '\0' */ if (keyUri->data[i] == 0) { return CM_SUCCESS; @@ -106,16 +111,6 @@ static int32_t GetPrivateAppCert(const struct CmContext *context, uint32_t store int32_t CmServiceGetAppCert(const struct CmContext *context, uint32_t store, struct CmBlob *keyUri, struct CmBlob *certBlob) { - if (CheckUri(keyUri) != CM_SUCCESS) { - CM_LOG_E("invalid input arguments"); - return CMR_ERROR_INVALID_ARGUMENT; - } - - if (!CmHasCommonPermission()) { - CM_LOG_E("permission check failed"); - return CMR_ERROR_PERMISSION_DENIED; - } - if (store == CM_CREDENTIAL_STORE) { return GetPublicAppCert(context, store, keyUri, certBlob); } else if (store == CM_PRI_CREDENTIAL_STORE) { diff --git a/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service.c b/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service.c index e26e8cd..429e665 100644 --- a/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service.c +++ b/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service.c @@ -20,7 +20,6 @@ #include #include #include -#include #include "cm_ipc_serialization.h" #include "cm_log.h" #include "cm_mem.h" @@ -52,46 +51,59 @@ #define MAX_LEN_PRIVATE_KEY 1024 #define INSTALL_PARAMSET_SZIE 4 -static int32_t CmTrustCertificateListPack(struct CmBlob *tempCertificateList, const struct CmBlob *certificateList, - const struct CertBlob *certBlob, const uint32_t *status) +static int32_t GetInputParams(const struct CmBlob *paramSetBlob, struct CmParamSet **paramSet, + struct CmContext *cmContext, struct CmParamOut *params, uint32_t paramsCount) { - int32_t ret; - uint32_t offset = 0; - uint32_t buffSize; - - /* buff struct: cert count + (cert subjectname + cert status + cert uri + cert alias) * MAX_CERT_COUNT */ - buffSize = sizeof(uint32_t) + (sizeof(uint32_t) + MAX_LEN_SUBJECT_NAME + sizeof(uint32_t) + sizeof(uint32_t) + - MAX_LEN_URI + MAX_LEN_CERT_ALIAS) * MAX_COUNT_CERTIFICATE; + int32_t ret = CmGetProcessInfoForIPC(cmContext); + if (ret != CM_SUCCESS) { + CM_LOG_E("get ipc info failed, ret = %d", ret); + return ret; + } - tempCertificateList->data = (uint8_t *)CmMalloc(buffSize); - if (tempCertificateList->data == NULL) { - ret = CMR_ERROR_MALLOC_FAIL; + /* The paramSet blob pointer needs to be refreshed across processes. */ + ret = CmGetParamSet((struct CmParamSet *)paramSetBlob->data, paramSetBlob->size, paramSet); + if (ret != HKS_SUCCESS) { + CM_LOG_E("get paramSet failed, ret = %d", ret); return ret; } - tempCertificateList->size = buffSize; - ret = CopyUint32ToBuffer(certificateList->size, tempCertificateList, &offset); + + ret = CmParamSetToParams(*paramSet, params, paramsCount); + if (ret != CM_SUCCESS) { + CM_LOG_E("get params from paramSet failed, ret = %d", ret); + CmFreeParamSet(paramSet); /* if success no need free paramSet */ + } + + return ret; +} + +static int32_t CmTrustCertificateListPack(struct CmBlob *outData, const struct CmBlob *certificateList, + const struct CertBlob *certBlob, const uint32_t *status) +{ + int32_t ret; + uint32_t offset = 0; + ret = CopyUint32ToBuffer(certificateList->size, outData, &offset); if (ret != CM_SUCCESS) { CM_LOG_E("Copy certificate count failed"); return ret; } for (uint32_t i = 0; i < certificateList->size; i++) { - ret = CopyBlobToBuffer(&(certBlob->subjectName[i]), tempCertificateList, &offset); + ret = CopyBlobToBuffer(&(certBlob->subjectName[i]), outData, &offset); if (ret != CM_SUCCESS) { CM_LOG_E("Copy certificate subject failed"); return ret; } - ret = CopyUint32ToBuffer(status[i], tempCertificateList, &offset); + ret = CopyUint32ToBuffer(status[i], outData, &offset); if (ret != CM_SUCCESS) { CM_LOG_E("Copy certificate status failed"); return ret; } - ret = CopyBlobToBuffer(&(certBlob->uri[i]), tempCertificateList, &offset); + ret = CopyBlobToBuffer(&(certBlob->uri[i]), outData, &offset); if (ret != CM_SUCCESS) { CM_LOG_E("Copy certificate uri failed"); return ret; } - ret = CopyBlobToBuffer(&(certBlob->certAlias[i]), tempCertificateList, &offset); + ret = CopyBlobToBuffer(&(certBlob->certAlias[i]), outData, &offset); if (ret != CM_SUCCESS) { CM_LOG_E("Copy certificate certAlias failed"); return ret; @@ -142,17 +154,22 @@ static void CmFreeCertInfo(struct CertBlob *certBlob) } } -void CmIpcServiceGetCertificateList(const struct CmBlob *srcData, const struct CmContext *context) +void CmIpcServiceGetCertificateList(const struct CmBlob *paramSetBlob, struct CmBlob *outData, + const struct CmContext *context) { int32_t ret; uint32_t store; struct CmContext cmContext = {0}; struct CmBlob certificateList = { 0, NULL }; - struct CmBlob tempCertificateList = { 0, NULL }; uint32_t status[MAX_COUNT_CERTIFICATE] = {0}; struct CertBlob certBlob; - (void)memset_s(&certBlob, sizeof(struct CertBlob), 0, sizeof(struct CertBlob)); + + struct CmParamSet *paramSet = NULL; + struct CmParamOut params[] = { + { .tag = CM_TAG_PARAM0_UINT32, .uint32Param = &store }, + }; + do { ret = CmMallocCertInfo(&certBlob); if (ret != CM_SUCCESS) { @@ -160,9 +177,15 @@ void CmIpcServiceGetCertificateList(const struct CmBlob *srcData, const struct C break; } - ret = CmTrustCertificateListUnpack(srcData, &cmContext, &store); + ret = GetInputParams(paramSetBlob, ¶mSet, &cmContext, params, CM_ARRAY_SIZE(params)); if (ret != CM_SUCCESS) { - CM_LOG_E("CmTrustCertificateListUnpack Ipc fail"); + CM_LOG_E("GetCaCertList get input params failed, ret = %d", ret); + break; + } + + ret = CmServiceGetSystemCertListCheck(store); + if (ret != CM_SUCCESS) { + CM_LOG_E("CmIpcServiceGetSystemCertCheck fail, ret = %d", ret); break; } @@ -171,20 +194,20 @@ void CmIpcServiceGetCertificateList(const struct CmBlob *srcData, const struct C CM_LOG_E("CertManagerListTrustedCertificates fail, ret = %d", ret); break; } - ret = CmTrustCertificateListPack(&tempCertificateList, &certificateList, &certBlob, status); + + ret = CmTrustCertificateListPack(outData, &certificateList, &certBlob, status); if (ret != CM_SUCCESS) { CM_LOG_E("CmIpcServiceGetCertificateList pack fail, ret = %d", ret); break; } - CmSendResponse(context, ret, &tempCertificateList); + CmSendResponse(context, ret, outData); } while (0); if (ret != CM_SUCCESS) { CmSendResponse(context, ret, NULL); } CmCertificateListFree((struct CmMutableBlob *)certificateList.data, certificateList.size); - CM_FREE_BLOB(tempCertificateList); CmFreeCertInfo(&certBlob); } @@ -219,38 +242,43 @@ static int32_t CmTrustCertificateInfoPack(struct CmBlob *certificateInfo, ret = CopyUint32ToBuffer(status, certificateInfo, &offset); if (ret != CM_SUCCESS) { - CM_LOG_E("Copy certificate count failed"); + CM_LOG_E("copy certificate status failed"); return ret; } return ret; } -void CmIpcServiceGetCertificateInfo(const struct CmBlob *srcData, const struct CmContext *context) +void CmIpcServiceGetCertificateInfo(const struct CmBlob *paramSetBlob, struct CmBlob *outData, + const struct CmContext *context) { - struct CmContext cmContext = {0}; + int32_t ret; + uint32_t status = 0; uint32_t store; + struct CmContext cmContext = {0}; struct CmBlob certificateList = { 0, NULL }; struct CmBlob certificateInfo = { 0, NULL }; - uint8_t uriBuf[MAX_LEN_URI] = {0}; - struct CmBlob uriBlob = { 0, uriBuf }; - int32_t ret; - uint32_t status = 0; + struct CmBlob certUri = { 0, NULL }; + struct CmParamSet *paramSet = NULL; + struct CmParamOut params[] = { + { .tag = CM_TAG_PARAM0_BUFFER, .blob = &certUri}, + { .tag = CM_TAG_PARAM0_UINT32, .uint32Param = &store}, + }; do { - ret = CmTrustCertificateInfoUnpack(srcData, &cmContext, &uriBlob, &store); + ret = GetInputParams(paramSetBlob, ¶mSet, &cmContext, params, CM_ARRAY_SIZE(params)); if (ret != CM_SUCCESS) { - CM_LOG_E("CmTrustCertificateInfoUnpack Ipc fail"); + CM_LOG_E("GetUserCertInfo get input params failed, ret = %d", ret); break; } - if (!CmHasCommonPermission()) { - CM_LOG_E("permission check failed"); - ret = CMR_ERROR_PERMISSION_DENIED; + ret = CmServiceGetSystemCertCheck(store, &certUri); + if (ret != CM_SUCCESS) { + CM_LOG_E("CmServiceGetSystemCertCheck failed, ret = %d", ret); break; } - ret = CmGetCertificatesByUri(context, &certificateList, store, &uriBlob, &status); + ret = CmGetCertificatesByUri(context, &certificateList, store, &certUri, &status); if (ret != CM_SUCCESS) { CM_LOG_E("CmGetCertificatesByUri fail, ret = %d", ret); break; @@ -269,40 +297,46 @@ void CmIpcServiceGetCertificateInfo(const struct CmBlob *srcData, const struct C } CmCertificateListFree((struct CmMutableBlob *)certificateList.data, certificateList.size); CM_FREE_BLOB(certificateInfo); + CmFreeParamSet(¶mSet); } -void CmIpcServiceSetCertStatus(const struct CmBlob *srcData, const struct CmContext *context) +void CmIpcServiceSetCertStatus(const struct CmBlob *paramSetBlob, struct CmBlob *outData, + const struct CmContext *context) { - struct CmContext cmContext = {0}; + int32_t ret; uint32_t store; - uint8_t uriBuf[MAX_LEN_URI] = {0}; - struct CmBlob uriBlob = { 0, uriBuf }; uint32_t status = 0; - int32_t ret; + struct CmContext cmContext = {0}; + struct CmBlob certUri = { 0, NULL }; + struct CmParamSet *paramSet = NULL; + struct CmParamOut params[] = { + { .tag = CM_TAG_PARAM0_BUFFER, .blob = &certUri}, + { .tag = CM_TAG_PARAM0_UINT32, .uint32Param = &store}, + { .tag = CM_TAG_PARAM1_UINT32, .uint32Param = &status}, + }; do { - ret = CmCertificateStatusUnpack(srcData, &cmContext, &uriBlob, &store, &status); + ret = GetInputParams(paramSetBlob, ¶mSet, &cmContext, params, CM_ARRAY_SIZE(params)); if (ret != CM_SUCCESS) { - CM_LOG_E("CmIpcServiceSetCertStatus Ipc fail"); + CM_LOG_E("SetUserCertStatus get input params failed, ret = %d", ret); break; } - if (!CmHasPrivilegedPermission() || !CmHasCommonPermission()) { - CM_LOG_E("permission check failed"); - ret = CMR_ERROR_PERMISSION_DENIED; + ret = CmServiceSetCertStatusCheck(store, &certUri, status); + if (ret != CM_SUCCESS) { + CM_LOG_E("CmServiceSetCertStatusCheck check failed, ret = %d", ret); break; } - ret = CertManagerSetCertificatesStatus(&cmContext, &uriBlob, store, status); - - CmSendResponse(context, ret, NULL); - - CM_LOG_I("CmIpcServiceSetCertStatus end:%d", ret); + ret = CertManagerSetCertificatesStatus(&cmContext, &certUri, store, status); + if (ret != CM_SUCCESS) { + CM_LOG_E("set cert status failed, ret = %d", ret); + break; + } } while (0); - - if (ret != CM_SUCCESS) { - CmSendResponse(context, ret, NULL); - } + CmSendResponse(context, ret, NULL); + CmFreeParamSet(¶mSet); + CM_LOG_I("CmIpcServiceSetCertStatus end:%d", ret); } static int32_t CmWriteAppCert(const struct CmContext *context, const struct CmBlob *certDer, @@ -539,85 +573,6 @@ static int32_t CmInstallAppCert(const struct CmContext *context, const struct Cm return ret; } -static bool AppCertCheckBlobValid(const struct CmBlob *data) -{ - bool validChar = true; - - for (uint32_t i = 0; i < data->size; i++) { - if ((!isalnum(data->data[i])) && (data->data[i] != '_') && (data->data[i] != '\0')) { - validChar = false; - CM_LOG_E("data include invalid character"); - break; - } - } - - return validChar; -} - -static bool CmCheckMaxInstalledCertCount(const uint32_t store, const struct CmContext *cmContext) -{ - bool isValid = true; - uint32_t fileCount = 0; - struct CmBlob fileNames[MAX_COUNT_CERTIFICATE]; - uint32_t len = MAX_COUNT_CERTIFICATE * sizeof(struct CmBlob); - (void)memset_s(fileNames, len, 0, len); - - if (CmServiceGetAppCertList(cmContext, store, fileNames, - MAX_COUNT_CERTIFICATE, &fileCount) != CM_SUCCESS) { - isValid = false; - CM_LOG_E("Get App cert list fail"); - } - - if (fileCount >= MAX_COUNT_CERTIFICATE) { - isValid = false; - CM_LOG_E("The app cert installed has reached max count:%u", fileCount); - } - - CM_LOG_I("app cert installed count:%u", fileCount); - - CmFreeFileNames(fileNames, fileCount); - return isValid; -} - -static int32_t CmInstallAppCertCheck(const struct CmBlob *appCert, const struct CmBlob *appCertPwd, - const struct CmBlob *certAlias, uint32_t store, const struct CmContext *cmContext) -{ - if (appCert->data == NULL || appCertPwd->data == NULL || certAlias->data == NULL) { - CM_LOG_E("CmInstallAppCertCheck paramSet check fail"); - return CMR_ERROR_INVALID_ARGUMENT; - } - - if (appCert->size == 0 || appCertPwd->size == 0 || certAlias->size == 0 || - appCert->size > MAX_LEN_APP_CERT || appCertPwd->size > MAX_LEN_APP_CERT_PASSWD || - certAlias->size > MAX_LEN_CERT_ALIAS) { - CM_LOG_E("CmInstallAppCertCheck paramSet check fail, appCert:%u, appCertPwd:%u, certAlias:%u", - appCert->size, appCertPwd->size, certAlias->size); - return CMR_ERROR_INVALID_ARGUMENT; - } - - if (store != CM_CREDENTIAL_STORE && store != CM_PRI_CREDENTIAL_STORE) { - CM_LOG_E("CmInstallAppCertCheck store check fail, store:%u", store); - return CMR_ERROR_INVALID_ARGUMENT; - } - - if (!AppCertCheckBlobValid(appCertPwd) || !AppCertCheckBlobValid(certAlias)) { - CM_LOG_E("CmInstallAppCertCheck blob data check fail"); - return CMR_ERROR_INVALID_ARGUMENT; - } - - if (CmCheckMaxInstalledCertCount(store, cmContext) == false) { - CM_LOG_E("CmCheckMaxInstalledCertCount check fail"); - return CM_FAILURE; - } - - if (!CmPermissionCheck(store)) { - CM_LOG_E("CmPermissionCheck check failed"); - return CMR_ERROR_PERMISSION_DENIED; - } - - return CM_SUCCESS; -} - static int32_t CmServiceInstallAppCertPack(const struct CmContext *context, const struct CmBlob *certAlias, struct CmBlob *keyUri) { @@ -659,60 +614,6 @@ static int32_t CmServiceInstallAppCertPack(const struct CmContext *context, return ret; } -static int32_t CmInstallAppCertGetParam(const struct CmBlob *paramSetBlob, struct CmParamSet **paramSet, - struct CmParamOut *params, uint32_t paramsSize, struct CertParam *certParam) -{ - uint8_t *aliasBuff = certParam->aliasBuff; - uint8_t *passWdBuff = certParam->passWdBuff; - struct CmContext *cmContext = certParam->cmContext; - int32_t ret = CmGetParamSet((struct CmParamSet *)paramSetBlob->data, paramSetBlob->size, paramSet); - if (ret != CM_SUCCESS) { - CM_LOG_E("InstallAppCert CmGetParamSet fail, ret = %d", ret); - return CM_FAILURE; - } - - ret = CmParamSetToParams(*paramSet, params, paramsSize); - if (ret != CM_SUCCESS) { - CM_LOG_E("InstallAppCert CmParamSetToParams fail, ret = %d", ret); - return CM_FAILURE; - } - - if (paramsSize > INSTALL_PARAMSET_SZIE) { - CM_LOG_E("paramsSize check faild, paramsSize:%u", paramsSize); - return CM_FAILURE; - } - - struct CmBlob *appCert = params[0].blob, *appCertPwd = params[1].blob, *certAlias = params[2].blob; - uint32_t store = *(params[3].uint32Param); - ret = CmInstallAppCertCheck(appCert, appCertPwd, certAlias, store, cmContext); - if (ret != CM_SUCCESS) { - CM_LOG_E("CmInstallAppCertCheck fail, ret = %d", ret); - return CM_FAILURE; - } - - if (appCertPwd->data[appCertPwd->size - 1] != '\0') { - if (memcpy_s(passWdBuff, MAX_LEN_APP_CERT_PASSWD, appCertPwd->data, appCertPwd->size) != EOK) { - CM_LOG_E("Copy passWdBuff failed"); - return CMR_ERROR_INVALID_OPERATION; - } - passWdBuff[appCertPwd->size] = '\0'; - appCertPwd->data = passWdBuff; - appCertPwd->size++; - } - - if (certAlias->data[certAlias->size - 1] != '\0') { - if (memcpy_s(aliasBuff, MAX_LEN_CERT_ALIAS, certAlias->data, certAlias->size) != EOK) { - CM_LOG_E("Copy aliasBuff failed"); - return CMR_ERROR_INVALID_OPERATION; - } - aliasBuff[certAlias->size] = '\0'; - certAlias->data = aliasBuff; - certAlias->size++; - } - - return CM_SUCCESS; -} - void CmIpcServiceInstallAppCert(const struct CmBlob *paramSetBlob, struct CmBlob *outData, const struct CmContext *context) { @@ -720,8 +621,6 @@ void CmIpcServiceInstallAppCert(const struct CmBlob *paramSetBlob, struct CmBlob uint32_t store; (void)outData; struct CmContext cmContext = {0}; - uint8_t aliasBuff[MAX_LEN_CERT_ALIAS] = {0}, passWdBuff[MAX_LEN_APP_CERT_PASSWD] = {0}; - struct CertParam certParam = { aliasBuff, passWdBuff, &cmContext}; struct CmBlob appCert = { 0, NULL }, appCertPwd = { 0, NULL }; struct CmBlob certAlias = { 0, NULL }, keyUri = { 0, NULL }; struct CmParamSet *paramSet = NULL; @@ -738,15 +637,15 @@ void CmIpcServiceInstallAppCert(const struct CmBlob *paramSetBlob, struct CmBlob }; do { - ret = CmGetProcessInfoForIPC(&cmContext); + ret = GetInputParams(paramSetBlob, ¶mSet, &cmContext, params, CM_ARRAY_SIZE(params)); if (ret != CM_SUCCESS) { - CM_LOG_E("CmGetProcessInfoForIPC fail, ret = %d", ret); + CM_LOG_E("CmIpcServiceInstallAppCert get input params failed, ret = %d", ret); break; } - ret = CmInstallAppCertGetParam(paramSetBlob, ¶mSet, params, CM_ARRAY_SIZE(params), &certParam); + ret = CmServiceInstallAppCertCheck(&appCert, &appCertPwd, &certAlias, store, &cmContext); if (ret != CM_SUCCESS) { - CM_LOG_E("CmInstallAppCertGetParam fail, ret = %d", ret); + CM_LOG_E("CmInstallAppCertCheck failed, ret = %d", ret); break; } @@ -789,21 +688,15 @@ void CmIpcServiceUninstallAppCert(const struct CmBlob *paramSetBlob, struct CmBl }; do { - ret = CmGetParamSet((struct CmParamSet *)paramSetBlob->data, paramSetBlob->size, ¶mSet); - if (ret != CM_SUCCESS) { - CM_LOG_E("UninstallAppCert CmGetParamSet fail, ret = %d", ret); - break; - } - - ret = CmParamSetToParams(paramSet, params, CM_ARRAY_SIZE(params)); + ret = GetInputParams(paramSetBlob, ¶mSet, &cmContext, params, CM_ARRAY_SIZE(params)); if (ret != CM_SUCCESS) { - CM_LOG_E("UninstallAppCert CmParamSetToParams fail, ret = %d", ret); + CM_LOG_E("UninstallAppCert get input params failed, ret = %d", ret); break; } - ret = CmGetProcessInfoForIPC(&cmContext); + ret = CmServiceUninstallAppCertCheck(store, &keyUri); if (ret != CM_SUCCESS) { - CM_LOG_E("UninstallAppCert CmGetProcessInfoForIPC fail, ret = %d", ret); + CM_LOG_E("UninstallAppCert CmServiceGetSystemCertCheck failed, ret = %d", ret); break; } @@ -979,6 +872,8 @@ void CmIpcServiceGetAppCertList(const struct CmBlob *paramSetBlob, struct CmBlob struct CmContext cmContext = {0}; struct CmBlob certificateList = { 0, NULL }; struct CmBlob fileNames[MAX_COUNT_CERTIFICATE]; + uint32_t len = MAX_COUNT_CERTIFICATE * sizeof(struct CmBlob); + (void)memset_s(fileNames, len, 0, len); struct CmParamSet *paramSet = NULL; struct CmParamOut params[] = { { @@ -986,30 +881,17 @@ void CmIpcServiceGetAppCertList(const struct CmBlob *paramSetBlob, struct CmBlob .uint32Param = &store }, }; - uint32_t len = MAX_COUNT_CERTIFICATE * sizeof(struct CmBlob); - (void)memset_s(fileNames, len, 0, len); - do { - ret = CmGetParamSet((struct CmParamSet *)paramSetBlob->data, paramSetBlob->size, ¶mSet); - if (ret != CM_SUCCESS) { - CM_LOG_E("GetAppCertList CmGetParamSet fail, ret = %d", ret); - break; - } - ret = CmParamSetToParams(paramSet, params, CM_ARRAY_SIZE(params)); + do { + ret = GetInputParams(paramSetBlob, ¶mSet, &cmContext, params, CM_ARRAY_SIZE(params)); if (ret != CM_SUCCESS) { - CM_LOG_E("GetAppCertList CmParamSetToParams fail, ret = %d", ret); + CM_LOG_E("CmIpcServiceGetAppCertList get input params failed, ret = %d", ret); break; } - ret = CmGetProcessInfoForIPC(&cmContext); + ret = CmServiceGetAppCertListCheck(store); if (ret != CM_SUCCESS) { - CM_LOG_E("CmGetProcessInfoForIPC fail, ret = %d", ret); - break; - } - - if (!CmHasPrivilegedPermission() || !CmHasCommonPermission()) { - CM_LOG_E("permission check failed"); - ret = CMR_ERROR_PERMISSION_DENIED; + CM_LOG_E("CmServiceGetAppCertListCheck fail, ret = %d", ret); break; } @@ -1151,20 +1033,15 @@ void CmIpcServiceGetAppCert(const struct CmBlob *paramSetBlob, struct CmBlob *ou }, }; do { - ret = CmGetParamSet((struct CmParamSet *)paramSetBlob->data, paramSetBlob->size, ¶mSet); + ret = GetInputParams(paramSetBlob, ¶mSet, &cmContext, params, CM_ARRAY_SIZE(params)); if (ret != CM_SUCCESS) { - CM_LOG_E("GetAppCert CmGetParamSet fail, ret = %d", ret); + CM_LOG_E("CmIpcServiceGetAppCert get input params failed, ret = %d", ret); break; } - ret = CmParamSetToParams(paramSet, params, CM_ARRAY_SIZE(params)); + ret = CmServiceGetAppCertCheck(store, &keyUri); if (ret != CM_SUCCESS) { - break; - } - - ret = CmGetProcessInfoForIPC(&cmContext); - if (ret != CM_SUCCESS) { - CM_LOG_E("CmGetProcessInfoForIPC fail, ret = %d", ret); + CM_LOG_E("GCmServiceGetAppCertCheck fail, ret = %d", ret); break; } @@ -1187,31 +1064,6 @@ void CmIpcServiceGetAppCert(const struct CmBlob *paramSetBlob, struct CmBlob *ou CM_LOG_I("CmIpcServiceGetAppCert end:%d", ret); } -static int32_t GetInputParams(const struct CmBlob *paramSetBlob, struct CmParamSet **paramSet, - struct CmContext *cmContext, struct CmParamOut *params, uint32_t paramsCount) -{ - int32_t ret = CmGetProcessInfoForIPC(cmContext); - if (ret != CM_SUCCESS) { - CM_LOG_E("get ipc info failed, ret = %d", ret); - return ret; - } - - /* The paramSet blob pointer needs to be refreshed across processes. */ - ret = CmGetParamSet((struct CmParamSet *)paramSetBlob->data, paramSetBlob->size, paramSet); - if (ret != HKS_SUCCESS) { - CM_LOG_E("get paramSet failed, ret = %d", ret); - return ret; - } - - ret = CmParamSetToParams(*paramSet, params, paramsCount); - if (ret != CM_SUCCESS) { - CM_LOG_E("get params from paramSet failed, ret = %d", ret); - CmFreeParamSet(paramSet); /* if success no need free paramSet */ - } - - return ret; -} - static int32_t GetAuthedList(const struct CmContext *context, const struct CmBlob *keyUri, struct CmBlob *outData) { if (outData->size < sizeof(uint32_t)) { /* appUidCount size */ diff --git a/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service.h b/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service.h index 60c061a..6839d23 100644 --- a/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service.h +++ b/services/cert_manager_standard/cert_manager_service/main/os_dependency/idl/cm_ipc/cm_ipc_service.h @@ -22,17 +22,14 @@ extern "C" { #endif -struct CertParam { - uint8_t *aliasBuff; - uint8_t *passWdBuff; - struct CmContext *cmContext; -}; - -void CmIpcServiceGetCertificateList(const struct CmBlob *srcData, const struct CmContext *context); +void CmIpcServiceGetCertificateList(const struct CmBlob *paramSetBlob, struct CmBlob *outData, + const struct CmContext *context); -void CmIpcServiceGetCertificateInfo(const struct CmBlob *srcData, const struct CmContext *context); +void CmIpcServiceGetCertificateInfo(const struct CmBlob *paramSetBlob, struct CmBlob *outData, + const struct CmContext *context); -void CmIpcServiceSetCertStatus(const struct CmBlob *srcData, const struct CmContext *context); +void CmIpcServiceSetCertStatus(const struct CmBlob *paramSetBlob, struct CmBlob *outData, + const struct CmContext *context); void CmIpcServiceInstallAppCert(const struct CmBlob *paramSetBlob, struct CmBlob *outData, const struct CmContext *context); diff --git a/services/cert_manager_standard/cert_manager_service/main/os_dependency/sa/cm_sa.cpp b/services/cert_manager_standard/cert_manager_service/main/os_dependency/sa/cm_sa.cpp index 72eb3b0..5a04cb8 100644 --- a/services/cert_manager_standard/cert_manager_service/main/os_dependency/sa/cm_sa.cpp +++ b/services/cert_manager_standard/cert_manager_service/main/os_dependency/sa/cm_sa.cpp @@ -111,9 +111,6 @@ static struct CmIpcPoint g_cmIpcHandler[] = { { CM_MSG_UNINSTALL_USER_CERTIFICATE, CmIpcServiceUninstallUserCert }, { CM_MSG_UNINSTALL_ALL_USER_CERTIFICATE, CmIpcServiceUninstallAllUserCert }, -}; - -static struct CmIpcEntryPoint g_cmIpcMessageHandler[] = { { CM_MSG_GET_CERTIFICATE_LIST, CmIpcServiceGetCertificateList }, { CM_MSG_GET_CERTIFICATE_INFO, CmIpcServiceGetCertificateInfo }, { CM_MSG_SET_CERTIFICATE_STATUS, CmIpcServiceSetCertStatus }, @@ -152,16 +149,7 @@ static inline bool IsInvalidLength(uint32_t length) static int32_t ProcessMessage(uint32_t code, uint32_t outSize, const struct CmBlob &srcData, MessageParcel &reply) { - uint32_t size = sizeof(g_cmIpcMessageHandler) / sizeof(g_cmIpcMessageHandler[0]); - for (uint32_t i = 0; i < size; ++i) { - CM_LOG_E("ProcessMessage msgId:%x gmsg:%x", code, g_cmIpcMessageHandler[i].msgId); - if (code == g_cmIpcMessageHandler[i].msgId) { - g_cmIpcMessageHandler[i].handler((const struct CmBlob *)&srcData, (const CmContext *)&reply); - return NO_ERROR; - } - } - - size = sizeof(g_cmIpcHandler) / sizeof(g_cmIpcHandler[0]); + uint32_t size = sizeof(g_cmIpcHandler) / sizeof(g_cmIpcHandler[0]); for (uint32_t i = 0; i < size; ++i) { if (code != g_cmIpcHandler[i].msgId) { continue; diff --git a/test/unittest/include/cm_test_common.h b/test/unittest/include/cm_test_common.h index bf09bb4..419ddf0 100644 --- a/test/unittest/include/cm_test_common.h +++ b/test/unittest/include/cm_test_common.h @@ -58,5 +58,7 @@ uint32_t InitUserCertList(struct CertList **cList); uint32_t InitUserCertInfo(struct CertInfo **cInfo); +uint32_t InitCertInfo(struct CertInfo *certInfo); + } #endif /* CM_TEST_COMMON_H */ diff --git a/test/unittest/src/cm_app_cert_test.cpp b/test/unittest/src/cm_app_cert_test.cpp index db7db56..3cd6646 100644 --- a/test/unittest/src/cm_app_cert_test.cpp +++ b/test/unittest/src/cm_app_cert_test.cpp @@ -839,7 +839,7 @@ HWTEST_F(CmAppCertTest, AppCertUnInstallBaseTest001, TestSize.Level0) int32_t ret; uint8_t keyUriBuf[] = "oh:t=ak;o=keyA;u=0;a=0"; uint32_t store = CM_CREDENTIAL_STORE; - struct CmBlob keyUri = { strlen((char*)keyUriBuf), keyUriBuf }; + struct CmBlob keyUri = { strlen((char*)keyUriBuf) + 1, keyUriBuf }; uint8_t appCertPwdBuf[] = "123456"; uint8_t certAliasBuf[] = "keyA"; diff --git a/test/unittest/src/cm_get_certinfo_test.cpp b/test/unittest/src/cm_get_certinfo_test.cpp index 5e32f89..37bceec 100644 --- a/test/unittest/src/cm_get_certinfo_test.cpp +++ b/test/unittest/src/cm_get_certinfo_test.cpp @@ -151,12 +151,15 @@ void CmGetCertInfoTest::TearDown() HWTEST_F(CmGetCertInfoTest, SimpleCmGetCertInfo001, TestSize.Level0) { char *uri = g_listCertInfoexpectResult[0].CertInfo.uri; - struct CmBlob uriBlob = {strlen(uri), (uint8_t *)(uri)}; + struct CmBlob uriBlob = {strlen(uri) + 1, (uint8_t *)(uri)}; struct CertInfo certInfo; unsigned int len = sizeof(struct CertInfo); (void)memset_s(&certInfo, len, 0, len); - int32_t ret = CmGetCertInfo(&firstUserCtx, &uriBlob, CM_SYSTEM_TRUSTED_STORE, &certInfo); - EXPECT_EQ(ret, CM_SUCCESS) << "CmGetCertInfo failed,retcode:" << ret; + int32_t ret = InitCertInfo(&certInfo); + EXPECT_EQ(ret, CM_SUCCESS) << "CertInfo malloc faild, retcode:" << ret; + + ret = CmGetCertInfo(&uriBlob, CM_SYSTEM_TRUSTED_STORE, &certInfo); + EXPECT_EQ(ret, CM_SUCCESS) << "CmGetCertInfo failed, retcode:" << ret; EXPECT_EQ(CompareCertInfo(&certInfo, &(g_listCertInfoexpectResult[0].CertInfo)), true) <certsCount; ++i) { (void)memset_s(&certInfo, len, 0, len); + ret = InitCertInfo(&certInfo); + EXPECT_EQ(ret, CM_SUCCESS) << "CertInfo malloc faild, retcode:" << ret; struct CertAbstract *ptr = &(lstCert->certAbstract[i]); ASSERT_TRUE(ptr != NULL); - struct CmBlob uriBlob = {strlen(ptr->uri), (uint8_t *)(ptr->uri)}; + struct CmBlob uriBlob = {strlen(ptr->uri) + 1, (uint8_t *)(ptr->uri)}; - ret = CmGetCertInfo(&secondUserCtx, &uriBlob, CM_SYSTEM_TRUSTED_STORE, &certInfo); + ret = CmGetCertInfo(&uriBlob, CM_SYSTEM_TRUSTED_STORE, &certInfo); EXPECT_EQ(ret, CM_SUCCESS) << " CmGetCertInfo failed,retcode:" << ptr->uri; FreeCMBlobData(&(certInfo.certInfo)); } @@ -229,26 +240,24 @@ HWTEST_F(CmGetCertInfoTest, AppGetAllCertInfo003, TestSize.Level0) HWTEST_F(CmGetCertInfoTest, ExceptionGetCertInfoTest004, TestSize.Level0) { char *uri = g_listCertInfoexpectResult[1].CertInfo.uri; - struct CmBlob uriBlob = {strlen(uri), (uint8_t *)(uri)}; + struct CmBlob uriBlob = {strlen(uri) + 1, (uint8_t *)(uri)}; struct CertInfo certInfo; unsigned int len = sizeof(struct CertInfo); (void)memset_s(&certInfo, len, 0, len); - EXPECT_EQ(CmGetCertInfo(NULL, &uriBlob, CM_SYSTEM_TRUSTED_STORE, &certInfo), - CMR_ERROR_NULL_POINTER); - FreeCMBlobData(&(certInfo.certInfo)); - EXPECT_EQ(CmGetCertInfo(&secondUserCtx, NULL, CM_SYSTEM_TRUSTED_STORE, &certInfo), - CMR_ERROR_NULL_POINTER); - FreeCMBlobData(&(certInfo.certInfo)); - EXPECT_EQ(CmGetCertInfo(&firstUserCtx, &uriBlob, 10, &certInfo), CM_FAILURE); - FreeCMBlobData(&(certInfo.certInfo)); - EXPECT_EQ(CmGetCertInfo(&firstUserCtx, &uriBlob, CM_SYSTEM_TRUSTED_STORE, NULL), - CMR_ERROR_NULL_POINTER); - FreeCMBlobData(&(certInfo.certInfo)); + int32_t ret = InitCertInfo(&certInfo); + EXPECT_EQ(ret, CM_SUCCESS) << "CertInfo malloc faild, retcode:" << ret; + + EXPECT_EQ(CmGetCertInfo(NULL, CM_SYSTEM_TRUSTED_STORE, &certInfo), CMR_ERROR_NULL_POINTER); + + EXPECT_EQ(CmGetCertInfo(&uriBlob, 10, &certInfo), CMR_ERROR_INVALID_ARGUMENT); + + EXPECT_EQ(CmGetCertInfo(&uriBlob, CM_SYSTEM_TRUSTED_STORE, NULL), CMR_ERROR_NULL_POINTER); const char *invalidUri = "INVALID"; struct CmBlob invalidUriBlob = {strlen(invalidUri), (uint8_t *)invalidUri}; - EXPECT_EQ(CmGetCertInfo(&firstUserCtx, &invalidUriBlob, CM_SYSTEM_TRUSTED_STORE, &certInfo), - CMR_ERROR_INVALID_ARGUMENT); + EXPECT_EQ(CmGetCertInfo(&invalidUriBlob, CM_SYSTEM_TRUSTED_STORE, &certInfo), + CMR_ERROR_INVALID_ARGUMENT); + FreeCMBlobData(&(certInfo.certInfo)); } } \ No newline at end of file diff --git a/test/unittest/src/cm_get_certlist_test.cpp b/test/unittest/src/cm_get_certlist_test.cpp index fa4a225..fe507ad 100644 --- a/test/unittest/src/cm_get_certlist_test.cpp +++ b/test/unittest/src/cm_get_certlist_test.cpp @@ -123,7 +123,7 @@ void CmGetCertListTest::TearDown() */ HWTEST_F(CmGetCertListTest, SimpleGetCertListTest001, TestSize.Level0) { - int32_t ret = CmGetCertList(&firstUserCtx, CM_SYSTEM_TRUSTED_STORE, lstCert); + int32_t ret = CmGetCertList(CM_SYSTEM_TRUSTED_STORE, lstCert); EXPECT_EQ(ret, CM_SUCCESS) << "CmGetCertList failed,retcode:" << ret; } @@ -138,7 +138,7 @@ HWTEST_F(CmGetCertListTest, PerformanceGetCertListTest002, TestSize.Level0) for (int times = 0; times < TIMES_PERFORMANCE; ++times) { struct CertList *listCert = NULL; ASSERT_TRUE(InitCertList(&listCert) == CM_SUCCESS); - int32_t ret = CmGetCertList(&secondUserCtx, CM_SYSTEM_TRUSTED_STORE, listCert); + int32_t ret = CmGetCertList(CM_SYSTEM_TRUSTED_STORE, listCert); EXPECT_EQ(ret, CM_SUCCESS) << "CmGetCertList Performance failed,retcode:" << ret; FreeCertList(listCert); } @@ -152,7 +152,7 @@ HWTEST_F(CmGetCertListTest, PerformanceGetCertListTest002, TestSize.Level0) */ HWTEST_F(CmGetCertListTest, GetCertListContent003, TestSize.Level0) { - int32_t ret = CmGetCertList(&firstUserCtx, CM_SYSTEM_TRUSTED_STORE, lstCert); + int32_t ret = CmGetCertList(CM_SYSTEM_TRUSTED_STORE, lstCert); EXPECT_EQ(ret, CM_SUCCESS) << "firstUserCtx CmGetCertList failed,retcode:" << ret; uint32_t length = sizeof(g_listexpectResult) / sizeof(g_listexpectResult[0]); @@ -172,12 +172,12 @@ HWTEST_F(CmGetCertListTest, GetCertListContent003, TestSize.Level0) */ HWTEST_F(CmGetCertListTest, AppGetCertListCompare004, TestSize.Level0) { - int32_t ret = CmGetCertList(&firstUserCtx, CM_SYSTEM_TRUSTED_STORE, lstCert); + int32_t ret = CmGetCertList(CM_SYSTEM_TRUSTED_STORE, lstCert); EXPECT_EQ(ret, CM_SUCCESS) << "first CmGetCertList failed,retcode:" << ret; struct CertList *secondListCert = NULL; ASSERT_TRUE(InitCertList(&secondListCert) == CM_SUCCESS); - ret = CmGetCertList(&secondUserCtx, CM_SYSTEM_TRUSTED_STORE, secondListCert); + ret = CmGetCertList(CM_SYSTEM_TRUSTED_STORE, secondListCert); EXPECT_EQ(ret, CM_SUCCESS) << "secondUserCtx CmGetCertList failed,retcode:" << ret; EXPECT_EQ(lstCert->certsCount, secondListCert->certsCount) << "firstUserCtx count:" << lstCert->certsCount @@ -194,8 +194,7 @@ HWTEST_F(CmGetCertListTest, AppGetCertListCompare004, TestSize.Level0) */ HWTEST_F(CmGetCertListTest, ExceptionGetCertList005, TestSize.Level0) { - EXPECT_EQ(CmGetCertList(NULL, CM_SYSTEM_TRUSTED_STORE, lstCert), CMR_ERROR_NULL_POINTER); - EXPECT_EQ(CmGetCertList(&firstUserCtx, CM_SYSTEM_TRUSTED_STORE, NULL), CMR_ERROR_NULL_POINTER); - EXPECT_EQ(CmGetCertList(&secondUserCtx, 10, lstCert), CM_FAILURE); + EXPECT_EQ(CmGetCertList(CM_SYSTEM_TRUSTED_STORE, NULL), CMR_ERROR_NULL_POINTER); + EXPECT_EQ(CmGetCertList(10, lstCert), CMR_ERROR_INVALID_ARGUMENT); } } \ No newline at end of file diff --git a/test/unittest/src/cm_set_status_test.cpp b/test/unittest/src/cm_set_status_test.cpp index 2e0405d..a92161a 100644 --- a/test/unittest/src/cm_set_status_test.cpp +++ b/test/unittest/src/cm_set_status_test.cpp @@ -86,13 +86,12 @@ void CmSetCertStatusTest::TearDown() */ HWTEST_F(CmSetCertStatusTest, SimpleSetCertStatus001, TestSize.Level0) { - struct CmBlob uriBlob = {strlen(g_expectList[0].uri), (uint8_t *)(g_expectList[0].uri)}; + struct CmBlob uriBlob = {strlen(g_expectList[0].uri) + 1, (uint8_t *)(g_expectList[0].uri)}; - int32_t ret = CmSetCertStatus(&firstUserCtx, - &uriBlob, CM_SYSTEM_TRUSTED_STORE, g_expectList[0].inparamStatus); + int32_t ret = CmSetCertStatus(&uriBlob, CM_SYSTEM_TRUSTED_STORE, g_expectList[0].inparamStatus); EXPECT_EQ(ret, CM_SUCCESS) << "SimpleSetCertStatus failed,retcode:" << ret; - ret = CmSetCertStatus(&firstUserCtx, &uriBlob, CM_SYSTEM_TRUSTED_STORE, true); + ret = CmSetCertStatus(&uriBlob, CM_SYSTEM_TRUSTED_STORE, true); EXPECT_EQ(ret, CM_SUCCESS) << "SimpleSetCertStatus true failed,retcode:" << ret; } @@ -106,23 +105,24 @@ HWTEST_F(CmSetCertStatusTest, SetCertStatusAndQueryStatus002, TestSize.Level0) { uint32_t size = sizeof(g_expectList) / sizeof(g_expectList[0]); for (uint32_t i = 0; i < size; ++i) { - struct CmBlob uriBlob = {strlen(g_expectList[i].uri), (uint8_t *)(g_expectList[i].uri)}; + struct CmBlob uriBlob = {strlen(g_expectList[i].uri) + 1, (uint8_t *)(g_expectList[i].uri)}; - int32_t ret = CmSetCertStatus(&firstUserCtx, - &uriBlob, CM_SYSTEM_TRUSTED_STORE, g_expectList[i].inparamStatus); + int32_t ret = CmSetCertStatus(&uriBlob, CM_SYSTEM_TRUSTED_STORE, g_expectList[i].inparamStatus); EXPECT_EQ(ret, CM_SUCCESS) << " SetCertStatusAndQueryStatus, CmSetCertStatus failed,retcode: " << ret; struct CertInfo certDetailInfo; - (void)memset_s(&certDetailInfo, sizeof(certDetailInfo), 0, sizeof(certDetailInfo)); + (void)memset_s(&certDetailInfo, sizeof(struct CertInfo), 0, sizeof(struct CertInfo)); + ret = InitCertInfo(&certDetailInfo); + EXPECT_EQ(ret, CM_SUCCESS) << "CmGetCertInfo malloc faild, retcode:" << ret; - ret = CmGetCertInfo(&firstUserCtx, &uriBlob, CM_SYSTEM_TRUSTED_STORE, &certDetailInfo); + ret = CmGetCertInfo(&uriBlob, CM_SYSTEM_TRUSTED_STORE, &certDetailInfo); EXPECT_EQ(ret, CM_SUCCESS) << "SetCertStatusAndQueryStatus,CmGetCertInfo failed,retcode: " << ret; uint32_t uStatus = (g_expectList[i].expectStatus == certDetailInfo.status) ? 1 : 0; - EXPECT_EQ(uStatus, 1) << "SetCertStatusAndQueryStatus fail, cert info: " << DumpCertInfo(&certDetailInfo); + EXPECT_EQ(uStatus, 1) << "SetCertStatusAndQueryStatus faild, cert info: " << DumpCertInfo(&certDetailInfo); FreeCMBlobData(&(certDetailInfo.certInfo)); - ret = CmSetCertStatus(&firstUserCtx, &uriBlob, CM_SYSTEM_TRUSTED_STORE, true); + ret = CmSetCertStatus(&uriBlob, CM_SYSTEM_TRUSTED_STORE, true); EXPECT_EQ(ret, CM_SUCCESS) << " SetCertStatusAndQueryStatus, CmSetCertStatus failed,retcode: " << ret; } } @@ -139,23 +139,23 @@ HWTEST_F(CmSetCertStatusTest, SetAllCertStatus003, TestSize.Level0) ASSERT_TRUE(InitCertList(&certlist) == CM_SUCCESS); // CA trusted list - int32_t ret = CmGetCertList(&secondUserCtx, CM_SYSTEM_TRUSTED_STORE, certlist); + int32_t ret = CmGetCertList(CM_SYSTEM_TRUSTED_STORE, certlist); EXPECT_EQ(ret, CM_SUCCESS) << "SetAllCertStatus,CmGetCertList failed,retcode:" << ret; for (uint32_t i = 0; i < certlist->certsCount; ++i) { struct CertAbstract *ptr = &(certlist->certAbstract[i]); ASSERT_TRUE(NULL != ptr); - struct CmBlob uriBlob = {strlen(ptr->uri), (uint8_t *)(ptr->uri)}; - ret = CmSetCertStatus(&secondUserCtx, &uriBlob, CM_SYSTEM_TRUSTED_STORE, false); + struct CmBlob uriBlob = {strlen(ptr->uri) + 1, (uint8_t *)(ptr->uri)}; + ret = CmSetCertStatus(&uriBlob, CM_SYSTEM_TRUSTED_STORE, false); EXPECT_EQ(ret, CM_SUCCESS); } for (uint32_t i = 0; i < certlist->certsCount; ++i) { struct CertAbstract *ptr2 = &(certlist->certAbstract[i]); ASSERT_TRUE(NULL != ptr2); - struct CmBlob uriBlob2 = {strlen(ptr2->uri), (uint8_t *)(ptr2->uri)}; - ret = CmSetCertStatus(&firstUserCtx, &uriBlob2, CM_SYSTEM_TRUSTED_STORE, true); + struct CmBlob uriBlob2 = {strlen(ptr2->uri) + 1, (uint8_t *)(ptr2->uri)}; + ret = CmSetCertStatus(&uriBlob2, CM_SYSTEM_TRUSTED_STORE, true); EXPECT_EQ(ret, CM_SUCCESS); } FreeCertList(certlist); @@ -169,17 +169,15 @@ HWTEST_F(CmSetCertStatusTest, SetAllCertStatus003, TestSize.Level0) */ HWTEST_F(CmSetCertStatusTest, ExceptionSetStatus004, TestSize.Level0) { - struct CmBlob uriBlob = {strlen(g_expectList[1].uri), (uint8_t *)(g_expectList[1].uri)}; - EXPECT_EQ(CmSetCertStatus(NULL, &uriBlob, CM_SYSTEM_TRUSTED_STORE, true), - CMR_ERROR_NULL_POINTER); - EXPECT_EQ(CmSetCertStatus(&secondUserCtx, NULL, CM_SYSTEM_TRUSTED_STORE, true), + struct CmBlob uriBlob = {strlen(g_expectList[1].uri) + 1, (uint8_t *)(g_expectList[1].uri)}; + EXPECT_EQ(CmSetCertStatus(NULL, CM_SYSTEM_TRUSTED_STORE, true), CMR_ERROR_NULL_POINTER); - EXPECT_EQ(CmSetCertStatus(&firstUserCtx, &uriBlob, 10, true), CM_FAILURE); + EXPECT_EQ(CmSetCertStatus(&uriBlob, 10, true), CMR_ERROR_INVALID_ARGUMENT); const char *invalidUri = "INVALIDXXXX"; - struct CmBlob invalidUriBlob = {strlen(invalidUri), (uint8_t *)invalidUri}; - EXPECT_EQ(CmSetCertStatus(&firstUserCtx, &invalidUriBlob, CM_SYSTEM_TRUSTED_STORE, true), + struct CmBlob invalidUriBlob = {strlen(invalidUri) + 1, (uint8_t *)invalidUri}; + EXPECT_EQ(CmSetCertStatus(&invalidUriBlob, CM_SYSTEM_TRUSTED_STORE, true), CMR_ERROR_NOT_FOUND); } } diff --git a/test/unittest/src/cm_test_common.cpp b/test/unittest/src/cm_test_common.cpp index fba82b1..aaf736c 100644 --- a/test/unittest/src/cm_test_common.cpp +++ b/test/unittest/src/cm_test_common.cpp @@ -61,15 +61,40 @@ void SetATPermission(void) OHOS::Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo(); } +uint32_t InitCertInfo(struct CertInfo *certInfo) +{ + if (certInfo == nullptr) { + return CMR_ERROR_MALLOC_FAIL; + } + + certInfo->certInfo.data = (uint8_t *)CmMalloc(MAX_LEN_CERTIFICATE); + if (certInfo->certInfo.data == NULL) { + return CMR_ERROR_MALLOC_FAIL; + } + certInfo->certInfo.size = 0; + + return CM_SUCCESS; +} + + uint32_t InitCertList(struct CertList **certlist) { *certlist = (struct CertList *)CmMalloc(sizeof(struct CertList)); if (*certlist == nullptr) { return CMR_ERROR_MALLOC_FAIL; } - (*certlist)->certAbstract = nullptr; + + uint32_t buffSize = sizeof(uint32_t) + (sizeof(uint32_t) + MAX_LEN_SUBJECT_NAME + sizeof(uint32_t) + + sizeof(uint32_t) + MAX_LEN_URI + sizeof(uint32_t) + MAX_LEN_CERT_ALIAS) * MAX_COUNT_CERTIFICATE; + + (*certlist)->certAbstract = (struct CertAbstract *)CmMalloc(buffSize); + if ((*certlist)->certAbstract == NULL) { + return CMR_ERROR_MALLOC_FAIL; + } + (*certlist)->certsCount = 0; + return CM_SUCCESS; } @@ -135,7 +160,6 @@ void FreeCertList(struct CertList *certList) certList = nullptr; } - void FreeCMBlobData(struct CmBlob *blob) { if (blob == nullptr) { -- Gitee From 52234e5ee16c9b217ea57bceedf9abcc1355e8ec Mon Sep 17 00:00:00 2001 From: gaobo Date: Mon, 24 Oct 2022 04:50:59 -0700 Subject: [PATCH 3/3] cert manager context ipc Signed-off-by: gaobo --- .../{cm_client_ipc.h => cm_ipc_client.h} | 0 .../os_dependency/cm_ipc/src/cm_ipc_check.c | 39 ------------------- .../os_dependency/cm_ipc/src/cm_ipc_client.c | 2 +- .../main/src/cert_manager_api.c | 2 +- .../main/core/src/cert_manager_query.c | 2 +- .../src/cm_hisysevent_test_common.cpp | 2 +- 6 files changed, 4 insertions(+), 43 deletions(-) rename frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/{cm_client_ipc.h => cm_ipc_client.h} (100%) delete mode 100644 frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_check.c diff --git a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_client_ipc.h b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_ipc_client.h similarity index 100% rename from frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_client_ipc.h rename to frameworks/cert_manager_standard/main/os_dependency/cm_ipc/include/cm_ipc_client.h diff --git a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_check.c b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_check.c deleted file mode 100644 index 3c12ddf..0000000 --- a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_check.c +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright (c) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "cm_ipc_check.h" -#include "cm_ipc_serialization.h" - -#include "cm_log.h" - -int32_t CheckCertificateListPara(const struct CmBlob *inBlob, const struct CmBlob *outBlob, - const struct CmContext *cmContext, const uint32_t store, const struct CertList *certificateList) -{ - if ((inBlob == NULL) || (outBlob == NULL) || (cmContext == NULL) || (certificateList == NULL)) { - CM_LOG_E("CheckCertificateListPara arg error"); - return CMR_ERROR_INVALID_ARGUMENT; - } - return CM_SUCCESS; -} - -int32_t CheckCertificateInfoPara(const struct CmBlob *inBlob, const struct CmBlob *outBlob, - const struct CmContext *cmContext, const uint32_t store, const struct CertInfo *certificateInfo) -{ - if ((inBlob == NULL) || (outBlob == NULL) || (cmContext == NULL) || (certificateInfo == NULL)) { - CM_LOG_E("CmCertificateInfoPack arg error"); - return CMR_ERROR_INVALID_ARGUMENT; - } - return CM_SUCCESS; -} \ No newline at end of file diff --git a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_client.c b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_client.c index 5a88586..bfdf933 100644 --- a/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_client.c +++ b/frameworks/cert_manager_standard/main/os_dependency/cm_ipc/src/cm_ipc_client.c @@ -13,7 +13,7 @@ * limitations under the License. */ -#include "cm_client_ipc.h" +#include "cm_ipc_client.h" #include "cm_ipc_serialization.h" #include "cm_log.h" #include "cm_mem.h" diff --git a/interfaces/innerkits/cert_manager_standard/main/src/cert_manager_api.c b/interfaces/innerkits/cert_manager_standard/main/src/cert_manager_api.c index 5477100..a349581 100644 --- a/interfaces/innerkits/cert_manager_standard/main/src/cert_manager_api.c +++ b/interfaces/innerkits/cert_manager_standard/main/src/cert_manager_api.c @@ -20,7 +20,7 @@ #endif #include "cert_manager_api.h" -#include "cm_client_ipc.h" +#include "cm_ipc_client.h" #include "cm_log.h" #include "cm_mem.h" #include "cm_type.h" diff --git a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_query.c b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_query.c index 2a09704..5d8e74f 100755 --- a/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_query.c +++ b/services/cert_manager_standard/cert_manager_engine/main/core/src/cert_manager_query.c @@ -306,7 +306,7 @@ static int32_t CreateCertFile(struct CertFilePath *certFilePath, const char *pat i++; } - if ((i - *certCount) != fileNums) { + if ((i - *certCount) != (uint32_t)fileNums) { return CM_FAILURE; } (void) CmCloseDir(d); diff --git a/test/hisysevent_test/src/cm_hisysevent_test_common.cpp b/test/hisysevent_test/src/cm_hisysevent_test_common.cpp index be4bca2..aa5145e 100644 --- a/test/hisysevent_test/src/cm_hisysevent_test_common.cpp +++ b/test/hisysevent_test/src/cm_hisysevent_test_common.cpp @@ -177,4 +177,4 @@ void FreeCertList(struct CertList *certList) certList->certAbstract = nullptr; CmFree(certList); -} \ No newline at end of file +} -- Gitee