From fafba294fda08c772f279e295ec4705adc234f29 Mon Sep 17 00:00:00 2001 From: maoyongxing Date: Wed, 30 Mar 2022 17:18:45 +0800 Subject: [PATCH 1/2] =?UTF-8?q?=E5=AE=8C=E5=96=84=E7=99=BD=E7=9B=92?= =?UTF-8?q?=E6=A3=80=E6=9F=A5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../kits/napi/include/napi_cert_mgr.h | 2 - .../kits/napi/src/napi_cert_mgr.cpp | 2 - .../cert_mgr_ability/src/cert_mgr_service.cpp | 3 +- .../src/cert_mgr_system_ability_listener.cpp | 1 - .../cert_mgr_ability/src/cert_result_info.cpp | 3 +- .../services/core/adapter/cert_adapter_mock.c | 2 +- .../services/core/adapter/cert_adapter_oem.c | 1 - .../services/core/cert/cert_service_auth.c | 2 +- .../core/cert/cert_service_challenge.c | 1 - cert_mgr_service/services/core/cert_entry.c | 84 ++-- cert_mgr_service/services/core/dfx/cert_dfx.c | 2 +- .../core/include/network/cert_network.h | 5 +- .../services/core/network/cert_network.c | 5 +- .../services/core/security/cert_security.c | 1 - .../core/security/cert_security_ticket.c | 2 - .../core/security/cert_security_token.c | 7 +- .../services/core/utils/cert_utils.c | 467 +++++++++--------- .../services/core/utils/cert_utils_json.c | 6 +- .../services/core/utils/cert_utils_list.c | 12 +- .../services/core/utils/cert_utils_timer.c | 2 +- .../unittest/src/CertMgrCoreDeviceTest.cpp | 5 +- .../unittest/src/CertMgrCoreServiceTest.cpp | 6 +- 22 files changed, 306 insertions(+), 315 deletions(-) diff --git a/cert_mgr_service/interfaces/kits/napi/include/napi_cert_mgr.h b/cert_mgr_service/interfaces/kits/napi/include/napi_cert_mgr.h index 263ade7..71fc5bd 100644 --- a/cert_mgr_service/interfaces/kits/napi/include/napi_cert_mgr.h +++ b/cert_mgr_service/interfaces/kits/napi/include/napi_cert_mgr.h @@ -24,9 +24,7 @@ namespace OHOS { namespace CertMgrJsKit { - napi_value CertMgrKitJsInit(napi_env env, napi_value exports); - } // namespace AccountJsKit } // namespace OHOS #endif // NAPI_OS_ACCOUNT_H \ No newline at end of file diff --git a/cert_mgr_service/interfaces/kits/napi/src/napi_cert_mgr.cpp b/cert_mgr_service/interfaces/kits/napi/src/napi_cert_mgr.cpp index 44f85a2..7079aeb 100644 --- a/cert_mgr_service/interfaces/kits/napi/src/napi_cert_mgr.cpp +++ b/cert_mgr_service/interfaces/kits/napi/src/napi_cert_mgr.cpp @@ -17,7 +17,6 @@ namespace OHOS { namespace CertMgrJsKit { - static napi_value Add(napi_env env, napi_callback_info info) { size_t requireArgc = 2; @@ -90,6 +89,5 @@ napi_value CertMgrKitJsInit(napi_env env, napi_value exports) NAPI_CALL(env, napi_define_properties(env, exports, sizeof(desc) / sizeof(desc[0]), desc)); return exports; } - } // namespace CertMgrJsKit } // namespace OHOS \ No newline at end of file diff --git a/cert_mgr_service/services/cert_mgr_ability/src/cert_mgr_service.cpp b/cert_mgr_service/services/cert_mgr_ability/src/cert_mgr_service.cpp index 65c0242..0b88022 100644 --- a/cert_mgr_service/services/cert_mgr_ability/src/cert_mgr_service.cpp +++ b/cert_mgr_service/services/cert_mgr_ability/src/cert_mgr_service.cpp @@ -52,7 +52,8 @@ void CertMgrService::OnStart() } state_ = ServiceRunningState::STATE_RUNNING; HILOGI("CertMgrService start success"); - sptr certMgrSystemAbilityListener = (std::make_unique()).release(); + sptr certMgrSystemAbilityListener = + (std::make_unique()).release(); if (!certMgrSystemAbilityListener->AddCertMgrSystemAbilityListener(NETMANAGER_SAMGR_ID)) { HILOGE("AddCertMgrSystemAbilityListener failed."); } diff --git a/cert_mgr_service/services/cert_mgr_ability/src/cert_mgr_system_ability_listener.cpp b/cert_mgr_service/services/cert_mgr_ability/src/cert_mgr_system_ability_listener.cpp index 7a74a34..5f9df85 100644 --- a/cert_mgr_service/services/cert_mgr_ability/src/cert_mgr_system_ability_listener.cpp +++ b/cert_mgr_service/services/cert_mgr_ability/src/cert_mgr_system_ability_listener.cpp @@ -104,6 +104,5 @@ bool CertMgrSystemAbilityListener::CheckInputSysAbilityId(int32_t systemAbilityI { return (systemAbilityId >= FIRST_SYS_ABILITY_ID) && (systemAbilityId <= LAST_SYS_ABILITY_ID); } - } // CertManager } // OHOS \ No newline at end of file diff --git a/cert_mgr_service/services/cert_mgr_ability/src/cert_result_info.cpp b/cert_mgr_service/services/cert_mgr_ability/src/cert_result_info.cpp index 8f80a29..62dd11f 100644 --- a/cert_mgr_service/services/cert_mgr_ability/src/cert_result_info.cpp +++ b/cert_mgr_service/services/cert_mgr_ability/src/cert_result_info.cpp @@ -22,7 +22,8 @@ sptr CertResultInfo::Unmarshalling(Parcel &parcel) if (ptr == nullptr) { return nullptr; } - if (!parcel.ReadInt32(ptr->authResult_) || !parcel.ReadInt32(ptr->softwareResult_) || !parcel.ReadString(ptr->ticket_)) { + if (!parcel.ReadInt32(ptr->authResult_) || !parcel.ReadInt32(ptr->softwareResult_) || + !parcel.ReadString(ptr->ticket_)) { return nullptr; } return ptr; diff --git a/cert_mgr_service/services/core/adapter/cert_adapter_mock.c b/cert_mgr_service/services/core/adapter/cert_adapter_mock.c index f1c406f..77eac70 100644 --- a/cert_mgr_service/services/core/adapter/cert_adapter_mock.c +++ b/cert_mgr_service/services/core/adapter/cert_adapter_mock.c @@ -74,7 +74,7 @@ int32_t SendCertMsgStub(CERT_ACTION_TYPE actionType, char **respMsg) return CERT_ERR; } - const char * root = g_actionJsonStr[actionType]; + const char* root = g_actionJsonStr[actionType]; if (root == NULL) { return CERT_ERR; } diff --git a/cert_mgr_service/services/core/adapter/cert_adapter_oem.c b/cert_mgr_service/services/core/adapter/cert_adapter_oem.c index 7a68cad..d2fbdf8 100644 --- a/cert_mgr_service/services/core/adapter/cert_adapter_oem.c +++ b/cert_mgr_service/services/core/adapter/cert_adapter_oem.c @@ -17,7 +17,6 @@ #include "cert_utils_file.h" #include "cert_adapter_oem.h" #include "cert_utils_log.h" -#include "cert_utils.h" // 是否存在重置标记 bool OEMIsResetFlagExist(void) diff --git a/cert_mgr_service/services/core/cert/cert_service_auth.c b/cert_mgr_service/services/core/cert/cert_service_auth.c index e318140..da9e5f9 100644 --- a/cert_mgr_service/services/core/cert/cert_service_auth.c +++ b/cert_mgr_service/services/core/cert/cert_service_auth.c @@ -336,7 +336,7 @@ int32_t CheckAuthResult(AuthStatus* authStatus, uint64_t currentTime) uint64_t expireTime = authStatus->expireTime; if (result != CERT_OK || expireTime <= currentTime) { - CERT_LOG_ERROR("[CheckAuthResult] result or expireTime is Wrong, result = %d.",result); + CERT_LOG_ERROR("[CheckAuthResult] result or expireTime is Wrong, result = %d.", result); return CERT_ERR; } diff --git a/cert_mgr_service/services/core/cert/cert_service_challenge.c b/cert_mgr_service/services/core/cert/cert_service_challenge.c index ebc1c04..091b34b 100644 --- a/cert_mgr_service/services/core/cert/cert_service_challenge.c +++ b/cert_mgr_service/services/core/cert/cert_service_challenge.c @@ -16,7 +16,6 @@ #include "cert_type.h" #include "cert_utils.h" #include "cert_utils_log.h" -#include "cert_utils_file.h" #include "cert_utils_json.h" #include "cert_dfx.h" #include "cert_network.h" diff --git a/cert_mgr_service/services/core/cert_entry.c b/cert_mgr_service/services/core/cert_entry.c index 623622f..f48315e 100644 --- a/cert_mgr_service/services/core/cert_entry.c +++ b/cert_mgr_service/services/core/cert_entry.c @@ -1,43 +1,43 @@ -/* - * Copyright (C) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "cert_type.h" -#include "cert_utils_log.h" -#include "cert_utils_timer.h" -#include "cert_service.h" -#include "cert_entry.h" - -int32_t CertTask() -{ - CERT_LOG_INFO("[CertTask] Begin."); - // 执行主流程代码 - int32_t ret = ProcCert(); - if (ret != CERT_OK) { - CERT_LOG_ERROR("[CertTask] Proc Cert failed ret = %d.", ret); - } - - // 创建主流程定时器 - ret = CreateTimerTask(EXPIRED_INTERVAL, &ProcCert, CERT_TIMER_TYPE_PERIOD); - if (ret != CERT_OK) { - CERT_LOG_ERROR("[CertTask] Create Periodic TimerTask return ret = %d.", ret); - } - CERT_LOG_INFO("[CertTask] End."); - return ret; -} - -int32_t QueryCert(int32_t* authResult, int32_t* softwareResult, char** ticket) -{ - return QueryCertStatus(authResult, softwareResult, ticket); +/* + * Copyright (C) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cert_type.h" +#include "cert_utils_log.h" +#include "cert_utils_timer.h" +#include "cert_service.h" +#include "cert_entry.h" + +int32_t CertTask() +{ + CERT_LOG_INFO("[CertTask] Begin."); + // 执行主流程代码 + int32_t ret = ProcCert(); + if (ret != CERT_OK) { + CERT_LOG_ERROR("[CertTask] Proc Cert failed ret = %d.", ret); + } + + // 创建主流程定时器 + ret = CreateTimerTask(EXPIRED_INTERVAL, &ProcCert, CERT_TIMER_TYPE_PERIOD); + if (ret != CERT_OK) { + CERT_LOG_ERROR("[CertTask] Create Periodic TimerTask return ret = %d.", ret); + } + CERT_LOG_INFO("[CertTask] End."); + return ret; +} + +int32_t QueryCert(int32_t* authResult, int32_t* softwareResult, char** ticket) +{ + return QueryCertStatus(authResult, softwareResult, ticket); } \ No newline at end of file diff --git a/cert_mgr_service/services/core/dfx/cert_dfx.c b/cert_mgr_service/services/core/dfx/cert_dfx.c index 32287c4..d50730b 100644 --- a/cert_mgr_service/services/core/dfx/cert_dfx.c +++ b/cert_mgr_service/services/core/dfx/cert_dfx.c @@ -32,7 +32,7 @@ void PrintChallengeResult(ChallengeResult* challengeResult) return; } (void)memset_s(buffer, MAX_CERT_BUFF_LEN, 0, MAX_CERT_BUFF_LEN); - char * curBuffer = buffer; + char* curBuffer = buffer; CERT_LOG_NSPRINT(curBuffer, curBuffLen, MAX_CERT_BUFF_LEN, "------ChallengeResult--------\n"); CERT_LOG_NSPRINT(curBuffer, curBuffLen, MAX_CERT_BUFF_LEN, "challenge = %s;\n", challengeResult->challenge); CERT_LOG_NSPRINT(curBuffer, curBuffLen, MAX_CERT_BUFF_LEN, "currentTime = %I64u;\n", diff --git a/cert_mgr_service/services/core/include/network/cert_network.h b/cert_mgr_service/services/core/include/network/cert_network.h index ca58b3f..e1486e9 100644 --- a/cert_mgr_service/services/core/include/network/cert_network.h +++ b/cert_mgr_service/services/core/include/network/cert_network.h @@ -59,10 +59,11 @@ x-traceId: %s\r\n\ x-appid: %s\r\n\ x-tenantid: %s\r\n\ Content-type: application/json\r\n\ -Content-Length: %d\r\n\r\n") +Content-Length: %d\r\n") #define FILL_HTTPS_POST_FORMAT_ARGS(httpPacket) \ - (httpPacket).reqMethod, (httpPacket).reqHost, (httpPacket).reqPort, (httpPacket).reqXclientID, (httpPacket).reqXtraceID,\ + (httpPacket).reqMethod, (httpPacket).reqHost, (httpPacket).reqPort, \ + (httpPacket).reqXclientID, (httpPacket).reqXtraceID, \ (httpPacket).reqXappID, (httpPacket).reqXtenantID, (httpPacket).reqContentLength DevicePacket* CreateDevicePacket(); diff --git a/cert_mgr_service/services/core/network/cert_network.c b/cert_mgr_service/services/core/network/cert_network.c index 1588d0b..da62e83 100644 --- a/cert_mgr_service/services/core/network/cert_network.c +++ b/cert_mgr_service/services/core/network/cert_network.c @@ -204,7 +204,8 @@ static int32_t SetSocketTracekId(char *clientId, char* randomUuid, char **outTra return CERT_OK; } -static int32_t BuildSocketInfo(DevicePacket *devValue, HttpPacket *msgHttpPack, int32_t actionType, int32_t reqContentLength) +static int32_t BuildSocketInfo(DevicePacket *devValue, HttpPacket *msgHttpPack, + int32_t actionType, int32_t reqContentLength) { CERT_LOG_INFO("[BuildSocketInfo] Begin."); if (msgHttpPack == NULL || devValue == NULL) { @@ -401,7 +402,7 @@ static int32_t RecvSSL(SSL *socketSSL, char **outMsg) { char *respData = (char*)CERT_MEM_MALLOC(HTTPS_NETWORK_RESPONSE_MAXLEN); if (respData == NULL) { - CERT_LOG_ERROR("[RecvSSL] respData CERT MEM MALLOC failed"); + CERT_LOG_ERROR("[RecvSSL] respData CERT MEM MALLOC failed"); return CERT_ERR; } int32_t readCnt = SSL_read(socketSSL, respData, HTTPS_NETWORK_RESPONSE_MAXLEN); diff --git a/cert_mgr_service/services/core/security/cert_security.c b/cert_mgr_service/services/core/security/cert_security.c index 66ca95a..356b462 100644 --- a/cert_mgr_service/services/core/security/cert_security.c +++ b/cert_mgr_service/services/core/security/cert_security.c @@ -19,7 +19,6 @@ #include "cert_adapter.h" #include "cert_utils.h" #include "cert_utils_log.h" -#include "cert_dfx.h" #include "cert_security.h" // g_pskKey 和 g_encryptedPsk 是psk的计算因子,通过相关算法获取解码需要的psk。 diff --git a/cert_mgr_service/services/core/security/cert_security_ticket.c b/cert_mgr_service/services/core/security/cert_security_ticket.c index 7744c1f..6be0a42 100644 --- a/cert_mgr_service/services/core/security/cert_security_ticket.c +++ b/cert_mgr_service/services/core/security/cert_security_ticket.c @@ -17,9 +17,7 @@ #include "securec.h" #include "cert_error.h" #include "cert_adapter.h" -#include "cert_utils.h" #include "cert_utils_log.h" -#include "cert_dfx.h" #include "cert_security.h" #include "cert_security_ticket.h" diff --git a/cert_mgr_service/services/core/security/cert_security_token.c b/cert_mgr_service/services/core/security/cert_security_token.c index 04176c7..abda803 100644 --- a/cert_mgr_service/services/core/security/cert_security_token.c +++ b/cert_mgr_service/services/core/security/cert_security_token.c @@ -17,7 +17,6 @@ #include "securec.h" #include "cert_error.h" #include "cert_adapter.h" -#include "cert_utils.h" #include "cert_utils_log.h" #include "cert_dfx.h" #include "cert_security.h" @@ -31,7 +30,7 @@ static int32_t TransTokenVersion(const char* tokenVersion, uint8_t tokenVersionL CERT_LOG_ERROR("[TransTokenVersion] Token version parameter is invalid"); return ERR_CERT_SECURITY_INVALID_ARG; } - for (int32_t i = 0; i < VERSION_ENCRYPT_LEN;) { + for (int32_t i = 0; i < VERSION_ENCRYPT_LEN; ) { if (*tokenVersion >= 'a' && *tokenVersion <= 'f') { g_tokenVersion[i] = *tokenVersion - ('a' - 'A'); } else if ((*tokenVersion >= '0' && *tokenVersion <= '9') || @@ -350,8 +349,8 @@ int32_t FlushToken(AuthResult* authResult) uint32_t tokenIdLen = (authResult->tokenId == NULL) ? 0 : strlen(authResult->tokenId); uint32_t tokenValueLen = (authResult->tokenValue == NULL) ? 0 : strlen(authResult->tokenValue); int32_t ret = WriteToken(authResult->tokenValue, tokenValueLen, authResult->tokenId, tokenIdLen); - if (ret != CERT_OK) { - CERT_LOG_ERROR("[FlushToken] WriteToken failed, "); + if (ret != CERT_OK) { + CERT_LOG_ERROR("[FlushToken] WriteToken failed"); return ret; } CERT_LOG_INFO("[FlushToken] End."); diff --git a/cert_mgr_service/services/core/utils/cert_utils.c b/cert_mgr_service/services/core/utils/cert_utils.c index 240c9d0..9c3cca5 100644 --- a/cert_mgr_service/services/core/utils/cert_utils.c +++ b/cert_mgr_service/services/core/utils/cert_utils.c @@ -1,233 +1,234 @@ -/* - * Copyright (C) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#include "string.h" -#include "securec.h" -#include "time.h" -#include "mbedtls/ctr_drbg.h" -#include "mbedtls/entropy.h" -#include "mbedtls/sha256.h" -#include "cert_utils_log.h" -#include "cert_utils.h" - -int32_t GetRandomNum() -{ - mbedtls_ctr_drbg_context randomContext; - mbedtls_entropy_context randomEntropy; - mbedtls_ctr_drbg_init(&randomContext); - mbedtls_entropy_init(&randomEntropy); - const char* pers = "CTR_DRBG"; - uint8_t random = 0; - do { - int32_t ret = mbedtls_ctr_drbg_seed(&randomContext, mbedtls_entropy_func, &randomEntropy, - (const uint8_t*)pers, strlen(pers)); - if (ret != CERT_OK) { - break; - } - ret = mbedtls_ctr_drbg_random(&randomContext, &random, sizeof(random)); - if (ret != CERT_OK) { - break; - } - } while (0); - mbedtls_ctr_drbg_free(&randomContext); - mbedtls_entropy_free(&randomEntropy); - return ABS(random); -} - -char* CertStrdup(const char* input) -{ - if (input == NULL) { - return NULL; - } - size_t len = strlen(input) + 1; - if (len <= 0) { - return NULL; - } - char* out = malloc(len); - if (out == NULL) { - return NULL; - } - (void)memset_s(out, len, 0, len); - if (memcpy_s(out, len, input, strlen(input)) != 0) { - free(out); - return NULL; - } - return out; -} - -void URLSafeBase64ToBase64(const char* input, size_t inputLen, uint8_t** output, size_t* outputLen) -{ - uint8_t tempInputLen = 4; - if (input == NULL || inputLen == 0 || output == NULL || outputLen == NULL) { - CERT_LOG_ERROR("[URLSafeBase64ToBase64] Invalid parameter"); - return; - } - *outputLen = inputLen + ((inputLen % tempInputLen == 0) ? 0 : (tempInputLen - inputLen % tempInputLen)); - if (*outputLen == 0) { - return; - } - *output = (uint8_t *)malloc(*outputLen + 1); - if (*output == NULL) { - return; - } - (void)memset_s(*output, *outputLen + 1, 0, *outputLen + 1); - size_t i; - for (i = 0; i < inputLen; ++i) { - if (input[i] == '-') { - (*output)[i] = '+'; - continue; - } - if (input[i] == '_') { - (*output)[i] = '/'; - continue; - } - (*output)[i] = input[i]; - } - for (i = inputLen; i < *outputLen; ++i) { - (*output)[i] = '='; - } -} - -static uint32_t CalUnAnonyStrLen(uint32_t strLen) -{ - uint32_t len = 1; - uint32_t tempLen = 2; - while ((tempLen * len) < strLen) { - len = len * tempLen; - } - return len/2; -} - -// 匿名化算法:长度小于8, 全部匿名; 长度大于8,保留前后信息,中间匿名化,一半保留一半匿名化。 -int32_t AnonymiseStr(char * str) -{ - if (str == NULL || strlen(str) == 0) { - return CERT_ERR; - } - uint32_t strLen = strlen(str); - uint32_t ret; - uint32_t tempLen = 8; - uint32_t halfLen = 2; - if (strLen <= tempLen) { - ret = memset_s((void*)str, strLen, '*', strLen); - } else { - int32_t unAnonyStrLen = CalUnAnonyStrLen(strLen); - int32_t endpointLen = unAnonyStrLen / halfLen; - ret = memset_s((void*)(str + endpointLen), (strLen - unAnonyStrLen), '*', (strLen - unAnonyStrLen)); - } - if (ret != 0) { - ret = CERT_ERR; - } - return ret; -} - -void *CertMemAlloc(uint32_t size) -{ - if (size == 0) { - return NULL; - } - void *addr = malloc(size); - if (addr == NULL) { - return NULL; - } - int32_t ret = memset_s(addr, size, 0, size); - if (ret != 0) { - CERT_MEM_FREE(addr); - return NULL; - } - return addr; -} - -void PrintCurrentTime() -{ - time_t timet; - time(&timet); - struct tm* timePacket = gmtime(&timet); - CERT_LOG_INFO("[PrintCurrentTime] Hours: %d, Minutes: %d, Seconds: %d", timePacket->tm_hour, timePacket->tm_min, timePacket->tm_sec); -} - -// 字符串转化为小写 -int32_t ToLowerStr(char* str, int len) -{ - if (str == NULL) { - CERT_LOG_ERROR("[ToLowerStr] Str is NUll"); - return CERT_ERR; - } - - int i; - for (i = 0; i < len; i++) { - str[i] = tolower(str[i]); - } - return CERT_OK; -} - -/* -// 将字符串转化为16进制数 -// parameter(s): [OUT] pbDest - 输出缓冲区 -// [IN] pbSrc - 字符串 -// [IN] nLen - 16进制数的字节数(字符串的长度/2) -*/ -int32_t StrToHex(char *pbDest, char *pbSrc, int nLen) -{ - if (pbDest == NULL || pbSrc == NULL) { - CERT_LOG_ERROR("[StrToHex] Str to Hex failed"); - return CERT_ERR; - } - - char h1,h2; - unsigned char s1,s2; - int i; - - for (i = 0; i < nLen; i++) { - h1 = pbSrc[2 * i]; - h2 = pbSrc[2 * i + 1]; - - s1 = toupper(h1) - 0x30; - if (s1 > 9) { - s1 -= 7; - } - s2 = toupper(h2) - 0x30; - if (s2 > 9) { - s2 -= 7; - } - pbDest[i] = s1*16 + s2; - } - return CERT_OK; -} -int Sha256Value(const unsigned char *src, char *dest, int destLen) -{ - const int DEV_BUF_LENGTH = 3; - const int HASH_LENGTH = 32; - if (src == NULL) { - return CERT_ERR; - } - char buf[DEV_BUF_LENGTH] = { 0 }; - unsigned char hash[HASH_LENGTH] = { 0 }; - - mbedtls_sha256_context context; - mbedtls_sha256_init(&context); - mbedtls_sha256_starts_ret(&context, 0); - mbedtls_sha256_update_ret(&context, src, strlen((const char *)src)); - mbedtls_sha256_finish_ret(&context, hash); - - for (size_t i = 0; i < HASH_LENGTH; i++) { - unsigned char value = hash[i]; - memset_s(buf, DEV_BUF_LENGTH, 0, DEV_BUF_LENGTH); - sprintf_s(buf, sizeof(buf), "%02X", value); - if (strcat_s(dest, destLen, buf) != 0) { - return CERT_ERR; - } - } - return CERT_OK; -} +/* + * Copyright (C) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include "string.h" +#include "securec.h" +#include "time.h" +#include "mbedtls/ctr_drbg.h" +#include "mbedtls/entropy.h" +#include "mbedtls/sha256.h" +#include "cert_utils_log.h" +#include "cert_utils.h" + +int32_t GetRandomNum() +{ + mbedtls_ctr_drbg_context randomContext; + mbedtls_entropy_context randomEntropy; + mbedtls_ctr_drbg_init(&randomContext); + mbedtls_entropy_init(&randomEntropy); + const char* pers = "CTR_DRBG"; + uint8_t random = 0; + do { + int32_t ret = mbedtls_ctr_drbg_seed(&randomContext, mbedtls_entropy_func, &randomEntropy, + (const uint8_t*)pers, strlen(pers)); + if (ret != CERT_OK) { + break; + } + ret = mbedtls_ctr_drbg_random(&randomContext, &random, sizeof(random)); + if (ret != CERT_OK) { + break; + } + } while (0); + mbedtls_ctr_drbg_free(&randomContext); + mbedtls_entropy_free(&randomEntropy); + return ABS(random); +} + +char* CertStrdup(const char* input) +{ + if (input == NULL) { + return NULL; + } + size_t len = strlen(input) + 1; + if (len <= 0) { + return NULL; + } + char* out = malloc(len); + if (out == NULL) { + return NULL; + } + (void)memset_s(out, len, 0, len); + if (memcpy_s(out, len, input, strlen(input)) != 0) { + free(out); + return NULL; + } + return out; +} + +void URLSafeBase64ToBase64(const char* input, size_t inputLen, uint8_t** output, size_t* outputLen) +{ + uint8_t tempInputLen = 4; + if (input == NULL || inputLen == 0 || output == NULL || outputLen == NULL) { + CERT_LOG_ERROR("[URLSafeBase64ToBase64] Invalid parameter"); + return; + } + *outputLen = inputLen + ((inputLen % tempInputLen == 0) ? 0 : (tempInputLen - inputLen % tempInputLen)); + if (*outputLen == 0) { + return; + } + *output = (uint8_t *)malloc(*outputLen + 1); + if (*output == NULL) { + return; + } + (void)memset_s(*output, *outputLen + 1, 0, *outputLen + 1); + size_t i; + for (i = 0; i < inputLen; ++i) { + if (input[i] == '-') { + (*output)[i] = '+'; + continue; + } + if (input[i] == '_') { + (*output)[i] = '/'; + continue; + } + (*output)[i] = input[i]; + } + for (i = inputLen; i < *outputLen; ++i) { + (*output)[i] = '='; + } +} + +static uint32_t CalUnAnonyStrLen(uint32_t strLen) +{ + uint32_t len = 1; + uint32_t tempLen = 2; + while ((tempLen * len) < strLen) { + len = len * tempLen; + } + return len / 2; +} + +// 匿名化算法:长度小于8, 全部匿名; 长度大于8,保留前后信息,中间匿名化,一半保留一半匿名化。 +int32_t AnonymiseStr(char* str) +{ + if (str == NULL || strlen(str) == 0) { + return CERT_ERR; + } + uint32_t strLen = strlen(str); + uint32_t ret; + uint32_t tempLen = 8; + uint32_t halfLen = 2; + if (strLen <= tempLen) { + ret = memset_s((void*)str, strLen, '*', strLen); + } else { + int32_t unAnonyStrLen = CalUnAnonyStrLen(strLen); + int32_t endpointLen = unAnonyStrLen / halfLen; + ret = memset_s((void*)(str + endpointLen), (strLen - unAnonyStrLen), '*', (strLen - unAnonyStrLen)); + } + if (ret != 0) { + ret = CERT_ERR; + } + return ret; +} + +void *CertMemAlloc(uint32_t size) +{ + if (size == 0) { + return NULL; + } + void *addr = malloc(size); + if (addr == NULL) { + return NULL; + } + int32_t ret = memset_s(addr, size, 0, size); + if (ret != 0) { + CERT_MEM_FREE(addr); + return NULL; + } + return addr; +} + +void PrintCurrentTime() +{ + time_t timet; + time(&timet); + struct tm* timePacket = gmtime(&timet); + CERT_LOG_INFO("[PrintCurrentTime] Hours: %d, Minutes: %d, Seconds: %d", timePacket->tm_hour, timePacket->tm_min, timePacket->tm_sec); +} + +// 字符串转化为小写 +int32_t ToLowerStr(char* str, int len) +{ + if (str == NULL) { + CERT_LOG_ERROR("[ToLowerStr] Str is NUll"); + return CERT_ERR; + } + + int i; + for (i = 0; i < len; i++) { + str[i] = tolower(str[i]); + } + return CERT_OK; +} + +/* +// 将字符串转化为16进制数 +// parameter(s): [OUT] pbDest - 输出缓冲区 +// [IN] pbSrc - 字符串 +// [IN] nLen - 16进制数的字节数(字符串的长度/2) +*/ +int32_t StrToHex(char *pbDest, char *pbSrc, int nLen) +{ + if (pbDest == NULL || pbSrc == NULL) { + CERT_LOG_ERROR("[StrToHex] Str to Hex failed"); + return CERT_ERR; + } + + char h1,h2; + unsigned char s1,s2; + int i; + + for (i = 0; i < nLen; i++) { + h1 = pbSrc[2 * i]; // (2*i)即偶数列 + h2 = pbSrc[2 * i + 1]; // (2*i+1)即奇数列 + + s1 = toupper(h1) - 0x30; + if (s1 > 9) { // 大于9 (即为字符A~F) + s1 -= 7; // ASCII码表中字符A与数字9中间隔为7,减去后就是正常的16进制中该字符对应的十进制数 + } + s2 = toupper(h2) - 0x30; + if (s2 > 9) { // 大于9 (即为字符A~F) + s2 -= 7; // ASCII码表中字符A与数字9中间隔为7 + } + pbDest[i] = s1 * 16 + s2; // 16即让s1进一位,组成十六进制数((s1)(s2))对应的十进制数 + } + return CERT_OK; +} + +int Sha256Value(const unsigned char *src, char *dest, int destLen) +{ + const int DEV_BUF_LENGTH = 3; + const int HASH_LENGTH = 32; + if (src == NULL) { + return CERT_ERR; + } + char buf[DEV_BUF_LENGTH] = { 0 }; + unsigned char hash[HASH_LENGTH] = { 0 }; + + mbedtls_sha256_context context; + mbedtls_sha256_init(&context); + mbedtls_sha256_starts_ret(&context, 0); + mbedtls_sha256_update_ret(&context, src, strlen((const char *)src)); + mbedtls_sha256_finish_ret(&context, hash); + + for (size_t i = 0; i < HASH_LENGTH; i++) { + unsigned char value = hash[i]; + memset_s(buf, DEV_BUF_LENGTH, 0, DEV_BUF_LENGTH); + sprintf_s(buf, sizeof(buf), "%02X", value); + if (strcat_s(dest, destLen, buf) != 0) { + return CERT_ERR; + } + } + return CERT_OK; +} \ No newline at end of file diff --git a/cert_mgr_service/services/core/utils/cert_utils_json.c b/cert_mgr_service/services/core/utils/cert_utils_json.c index f75aff7..764601d 100644 --- a/cert_mgr_service/services/core/utils/cert_utils_json.c +++ b/cert_mgr_service/services/core/utils/cert_utils_json.c @@ -49,7 +49,7 @@ int32_t GetObjectItemValueStr(const char* rootStr, const char* key, char** dest) if (root == NULL) { return CERT_ERR; } - int32_t ret = CERT_OK; + int32_t ret; do { char *valueString = cJSON_GetStringValue(cJSON_GetObjectItem(root, key)); if (valueString == NULL) { @@ -68,7 +68,7 @@ int32_t GetObjectItemValueStr(const char* rootStr, const char* key, char** dest) break; } *dest = buffer; - } while(0); + } while (0); cJSON_Delete(root); return ret; } @@ -86,4 +86,4 @@ uint64_t GetObjectItemValueNumber(const char* rootStr, char* key) uint64_t valueDouble = cJSON_GetNumberValue(cJSON_GetObjectItem(root, key)); cJSON_Delete(root); return valueDouble; -} +} \ No newline at end of file diff --git a/cert_mgr_service/services/core/utils/cert_utils_list.c b/cert_mgr_service/services/core/utils/cert_utils_list.c index 58f6ce5..580bbf2 100644 --- a/cert_mgr_service/services/core/utils/cert_utils_list.c +++ b/cert_mgr_service/services/core/utils/cert_utils_list.c @@ -22,7 +22,7 @@ const uint32_t MAX_LIST_LENGTH = 2048; -int32_t CreateList(List * list) +int32_t CreateList(List* list) { if (list == NULL) { return ERR_INVALID_PARAM; @@ -65,7 +65,7 @@ int32_t AddListNode(List *list, void *data) return CERT_OK; } -int32_t RemoveListNode(List * list, int32_t index) +int32_t RemoveListNode(List* list, int32_t index) { if (list == NULL) { return ERR_INVALID_PARAM; @@ -87,7 +87,7 @@ int32_t RemoveListNode(List * list, int32_t index) return CERT_OK; } -void* GetListNodeData(List * list, int32_t index) +void* GetListNodeData(List* list, int32_t index) { if (list == NULL || index < 0 || index >= GetListSize(list)) { return NULL; @@ -100,7 +100,7 @@ void* GetListNodeData(List * list, int32_t index) return curr->data; } -int32_t GetListSize(List * list) +int32_t GetListSize(List* list) { if (list == NULL) { return CERT_ERR; @@ -114,7 +114,7 @@ int32_t GetListSize(List * list) return size; } -int32_t IsListEmpty(List * list) +int32_t IsListEmpty(List* list) { if (list == NULL) { return true; @@ -122,7 +122,7 @@ int32_t IsListEmpty(List * list) return (list->head == NULL); } -void ReleaseList(List * list) +void ReleaseList(List* list) { if (list == NULL) { return; diff --git a/cert_mgr_service/services/core/utils/cert_utils_timer.c b/cert_mgr_service/services/core/utils/cert_utils_timer.c index 7ea09da..a98838b 100644 --- a/cert_mgr_service/services/core/utils/cert_utils_timer.c +++ b/cert_mgr_service/services/core/utils/cert_utils_timer.c @@ -65,7 +65,7 @@ static int32_t TimerStart(TimerInfo* timerInfo, CertTimerType type, uint32_t mil int32_t CreateTimerTask(uint32_t milliseconds, void* userCallBack, CertTimerType type) { if (g_timerId != 0) { - CERT_LOG_INFO( "[CreateTimerTask] TimerTask exists"); + CERT_LOG_INFO("[CreateTimerTask] TimerTask exists"); return CERT_ERR; } TimerInfo* timerInfo = (TimerInfo *)malloc(sizeof(TimerInfo)); diff --git a/cert_mgr_service/test/unittest/src/CertMgrCoreDeviceTest.cpp b/cert_mgr_service/test/unittest/src/CertMgrCoreDeviceTest.cpp index 375525e..10b7095 100644 --- a/cert_mgr_service/test/unittest/src/CertMgrCoreDeviceTest.cpp +++ b/cert_mgr_service/test/unittest/src/CertMgrCoreDeviceTest.cpp @@ -108,7 +108,7 @@ HWTEST_F(CertMgrCoreDeviceTest, CertMgrCoreDeviceTest_InitSysData_001, TestSize. EXPECT_EQ(CERT_OK, result) << "InitSysData failed." << endl; for (int32_t type = 0; type < SYS_DEV_MAX; type++) { - if (type == RANDOM_UUID) { //UUID为随机数,暂时跳过。 + if (type == RANDOM_UUID) { // UUID为随机数,暂时跳过。 continue; } char* devSysInfo = StrdupDevInfo((SYS_DEV_TYPE_E)type); // 读系统参数 @@ -117,7 +117,8 @@ HWTEST_F(CertMgrCoreDeviceTest, CertMgrCoreDeviceTest_InitSysData_001, TestSize. ASSERT_TRUE(setDataFunc != NULL) << "setDataFunc == NULL" << endl; char* devInfo = setDataFunc(); ASSERT_TRUE(devSysInfo != NULL) << "devSysInfo == NULL" << endl; - EXPECT_STREQ(devSysInfo, devInfo) << g_devSysInfosStr[type] << " is not equal. System para ="<< devSysInfo <<", device para =" << devInfo <<"."<< endl; + EXPECT_STREQ(devSysInfo, devInfo) << g_devSysInfosStr[type] << " is not equal. System para ="<< + devSysInfo <<", device para =" << devInfo <<"."<< endl; } // step 3: 恢复环境 diff --git a/cert_mgr_service/test/unittest/src/CertMgrCoreServiceTest.cpp b/cert_mgr_service/test/unittest/src/CertMgrCoreServiceTest.cpp index 4f38419..6692ba4 100644 --- a/cert_mgr_service/test/unittest/src/CertMgrCoreServiceTest.cpp +++ b/cert_mgr_service/test/unittest/src/CertMgrCoreServiceTest.cpp @@ -81,8 +81,4 @@ HWTEST_F(CertMgrCoreServiceTest, CertMgrCoreServiceTest_ProcCert_001, TestSize.L int32_t result = ProcCert(); ASSERT_TRUE(result == CERT_OK) << "ProcCert failed." << endl; HILOGI("-------------CertMgrCoreServiceTest_ProcCert_001 end -----------------"); -} - - - - +} \ No newline at end of file -- Gitee From 007bb1a43c244a62f1aec9484b691994e796678d Mon Sep 17 00:00:00 2001 From: maoyongxing Date: Thu, 31 Mar 2022 11:42:39 +0800 Subject: [PATCH 2/2] =?UTF-8?q?=E8=A1=A5=E5=85=85=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../services/core/adapter/cert_adapter_os.c | 159 +++++++++--------- .../services/core/cert/cert_service_auth.c | 12 +- .../services/core/network/cert_network.c | 3 +- .../services/core/security/cert_security.c | 6 +- .../core/security/cert_security_token.c | 3 +- .../services/core/utils/cert_utils.c | 6 +- .../services/core/utils/cert_utils_list.c | 2 +- .../services/core/utils/cert_utils_log.c | 2 +- .../test/unittest/src/CertMgrSdkTest.cpp | 3 +- 9 files changed, 95 insertions(+), 101 deletions(-) diff --git a/cert_mgr_service/services/core/adapter/cert_adapter_os.c b/cert_mgr_service/services/core/adapter/cert_adapter_os.c index 89f2237..ac95958 100644 --- a/cert_mgr_service/services/core/adapter/cert_adapter_os.c +++ b/cert_mgr_service/services/core/adapter/cert_adapter_os.c @@ -1,81 +1,80 @@ -/* - * Copyright (C) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "parameter.h" -#include "cert_type.h" -#include "cert_utils.h" -#include "cert_utils_log.h" -#include "cert_utils_file.h" -#include "cert_adapter_os.h" - -char* OsGetVersionId() -{ - return CertStrdup(GetVersionId()); -} - -char* OsGetBuildRootHash() -{ - return CertStrdup(GetBuildRootHash()); -} - -char* OsGetDisplayVersion() -{ - return CertStrdup(GetDisplayVersion()); -} - -char* OsGetManufacture() -{ - return CertStrdup(GetManufacture()); -} - -char* OsGetProductModel() -{ - return CertStrdup(GetProductModel()); -} - -char* OsGetBrand() -{ - return CertStrdup(GetBrand()); -} - -char* OsGetSecurityPatchTag() -{ - return CertStrdup(GetSecurityPatchTag()); -} - -char* OsGetUdid() -{ - char udid[UDID_STRING_LEN + 1] = {0}; - if (memset_s(udid, sizeof(udid), 0, sizeof(udid)) != 0) { - free(udid); - return NULL; - } - char *devUdid = udid; - int32_t ret = GetDevUdid(devUdid, sizeof(udid)); - if (ret != CERT_OK) { - return NULL; - } - return CertStrdup(devUdid); -} - -int32_t OsSetParameter(const char *key, const char *value) -{ - return SetParameter(key, value); -} - -int32_t OsGetParameter(const char *key, const char *def, char *value, uint32_t len) -{ - return GetParameter(key, def, value, len); +/* + * Copyright (C) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "parameter.h" +#include "cert_type.h" +#include "cert_utils.h" +#include "cert_utils_log.h" +#include "cert_utils_file.h" +#include "cert_adapter_os.h" + +char* OsGetVersionId() +{ + return CertStrdup(GetVersionId()); +} + +char* OsGetBuildRootHash() +{ + return CertStrdup(GetBuildRootHash()); +} + +char* OsGetDisplayVersion() +{ + return CertStrdup(GetDisplayVersion()); +} + +char* OsGetManufacture() +{ + return CertStrdup(GetManufacture()); +} + +char* OsGetProductModel() +{ + return CertStrdup(GetProductModel()); +} + +char* OsGetBrand() +{ + return CertStrdup(GetBrand()); +} + +char* OsGetSecurityPatchTag() +{ + return CertStrdup(GetSecurityPatchTag()); +} + +char* OsGetUdid() +{ + char udid[UDID_STRING_LEN + 1] = {0}; + if (memset_s(udid, sizeof(udid), 0, sizeof(udid)) != 0) { + return NULL; + } + char *devUdid = udid; + int32_t ret = GetDevUdid(devUdid, sizeof(udid)); + if (ret != CERT_OK) { + return NULL; + } + return CertStrdup(devUdid); +} + +int32_t OsSetParameter(const char *key, const char *value) +{ + return SetParameter(key, value); +} + +int32_t OsGetParameter(const char *key, const char *def, char *value, uint32_t len) +{ + return GetParameter(key, def, value, len); } \ No newline at end of file diff --git a/cert_mgr_service/services/core/cert/cert_service_auth.c b/cert_mgr_service/services/core/cert/cert_service_auth.c index da9e5f9..d1bdfdd 100644 --- a/cert_mgr_service/services/core/cert/cert_service_auth.c +++ b/cert_mgr_service/services/core/cert/cert_service_auth.c @@ -160,7 +160,7 @@ static int32_t ParseAuthType(const cJSON* root, AuthStatus* authStatus) return CERT_ERR; } uint32_t len = strlen(temp); - if (len <= 0 || len > MAX_CERT_BUFF_LEN) { + if (len == 0 || len > MAX_CERT_BUFF_LEN) { CERT_LOG_ERROR("[ParseAuthType] authType length out of range"); return CERT_ERR; } @@ -195,7 +195,7 @@ static int32_t ParseVersionId(const cJSON* root, AuthStatus* authStatus) return CERT_ERR; } uint32_t len = strlen(temp); - if (len <= 0 || len > MAX_CERT_BUFF_LEN) { + if (len == 0 || len > MAX_CERT_BUFF_LEN) { CERT_LOG_ERROR("[ParseVersionId] versionId length out of range"); return CERT_ERR; } @@ -553,7 +553,7 @@ static int32_t ParseAuthStats(const cJSON* json, AuthResult* authResult) return CERT_ERR; } uint32_t len = strlen(item); - if ((len <= 0) || (len >= UINT32_MAX)) { + if ((len == 0) || (len >= UINT32_MAX)) { CERT_LOG_ERROR("[ParseAuthStats] authStats length out of range"); return CERT_ERR; } @@ -586,7 +586,7 @@ static int32_t ParseTicket(const cJSON* json, AuthResult* authResult) return CERT_ERR; } uint32_t len = strlen(item); - if ((len <= 0) || (len >= MAX_TICKET_LEN)) { + if ((len == 0) || (len >= MAX_TICKET_LEN)) { CERT_LOG_ERROR("[ParseTicket] ticket length out of range"); return CERT_ERR; } @@ -619,7 +619,7 @@ static int32_t ParseTokenValue(const cJSON* json, AuthResult* authResult) return CERT_ERR; } uint32_t len = strlen(item); - if ((len <= 0) || (len >= MAX_CERT_BUFF_LEN)) { + if ((len == 0) || (len >= MAX_CERT_BUFF_LEN)) { CERT_LOG_ERROR("[ParseTokenValue] token length out of range"); return CERT_ERR; } @@ -652,7 +652,7 @@ static int32_t ParseTokenId(const cJSON* json, AuthResult* authResult) return CERT_ERR; } uint32_t len = strlen(item); - if ((len <= 0) || (len >= MAX_CERT_BUFF_LEN)) { + if ((len == 0) || (len >= MAX_CERT_BUFF_LEN)) { CERT_LOG_ERROR("[ParseTokenId] token length out of range"); return CERT_ERR; } diff --git a/cert_mgr_service/services/core/network/cert_network.c b/cert_mgr_service/services/core/network/cert_network.c index da62e83..98e7087 100644 --- a/cert_mgr_service/services/core/network/cert_network.c +++ b/cert_mgr_service/services/core/network/cert_network.c @@ -324,14 +324,13 @@ static int32_t InitSocketClient(int32_t *socketFd) static int32_t InitSSLSocket(int32_t socketFd, SSL **socketSSL) { int32_t retCode; - SSL_CTX *socketCTX = NULL; char *caFile = "/etc/ssl/certs/cacert.pem"; SSL_library_init(); OpenSSL_add_ssl_algorithms(); SSL_load_error_strings(); - socketCTX = SSL_CTX_new(SSLv23_client_method()); + SSL_CTX *socketCTX = SSL_CTX_new(SSLv23_client_method()); if (socketCTX == NULL) { CERT_LOG_ERROR("[InitSSLSocket] SSL CTX create failed"); return CERT_ERR; diff --git a/cert_mgr_service/services/core/security/cert_security.c b/cert_mgr_service/services/core/security/cert_security.c index 356b462..8f16c2f 100644 --- a/cert_mgr_service/services/core/security/cert_security.c +++ b/cert_mgr_service/services/core/security/cert_security.c @@ -42,7 +42,7 @@ int32_t Base64Encode(const uint8_t* srcData, size_t srcDataLen, uint8_t* base64E size_t outLen = 0; int32_t ret = mbedtls_base64_encode(NULL, 0, &outLen, srcData, srcDataLen); - if ((outLen <= 0) || (outLen > (base64EncodeLen + 1))) { + if ((outLen == 0) || (outLen > (base64EncodeLen + 1))) { CERT_LOG_ERROR("[Base64Encode] Base64 encode get outLen failed, outLen = %u, ret = -0x00%x", outLen, -ret); return ERR_CERT_SECURITY_BASE64_ENCODE; } @@ -98,7 +98,6 @@ static int32_t GetPsk(uint8_t psk[], size_t pskLen) int32_t ret = mbedtls_base64_decode(base64PskKey, outLen, &outLen, g_pskKey, sizeof(g_pskKey)); if (ret != CERT_OK) { CERT_LOG_ERROR("[GetPsk] GetPsk Base64Decode base64PskKey failed, ret = %d", ret); - free(base64PskKey); return ERR_CERT_SECURITY_BASE64_DECODE; } outLen = 0; @@ -112,7 +111,6 @@ static int32_t GetPsk(uint8_t psk[], size_t pskLen) ret = mbedtls_base64_decode(base64Psk, outLen, &outLen, g_encryptedPsk, sizeof(g_encryptedPsk)); if (ret != CERT_OK) { CERT_LOG_ERROR("[GetPsk] GetPsk Base64Decode base64Psk failed, ret = %d", ret); - free(base64Psk); return ERR_CERT_SECURITY_BASE64_DECODE; } for (size_t i = 0; i < pskLen; i++) { @@ -358,7 +356,7 @@ int32_t Decrypt(const uint8_t* inputData, size_t inputDataLen, const uint8_t* ae return ERR_CERT_SECURITY_DECRYPT; } - if ((decryptDataLen == 0) || (decryptDataLen > outputDataLen)) { + if ((decryptDataLen > outputDataLen)) { // (decryptDataLen == 0) || 删除判断条件 待审查 CERT_LOG_ERROR("[Decrypt] decryptData Len out of range"); return ERR_CERT_SECURITY_INVALID_ARG; } diff --git a/cert_mgr_service/services/core/security/cert_security_token.c b/cert_mgr_service/services/core/security/cert_security_token.c index abda803..62ad42d 100644 --- a/cert_mgr_service/services/core/security/cert_security_token.c +++ b/cert_mgr_service/services/core/security/cert_security_token.c @@ -171,7 +171,6 @@ static int32_t EncryptTokenIdToTokenInfo(const char* data, uint8_t dataLen, uint if (ret != 0) { CERT_LOG_ERROR("[EncryptTokenIdToTokenInfo] memcpy_s tokenId fail"); return ERR_CERT_SECURITY_MEM_MEMCPY; - return ERR_CERT_SECURITY_MEM_MEMCPY; } CERT_LOG_INFO("[EncryptTokenIdToTokenInfo] End."); return CERT_OK; @@ -224,7 +223,7 @@ static int32_t GetTokenInfo(const char* tokenValue, uint8_t tokenValueLen, static int32_t EncryptHmac(const char *challenge, const uint8_t *tokenValue, uint8_t *hmac, uint8_t hmacLen) { CERT_LOG_INFO("[EncryptHmac] Begin."); - if (challenge == NULL || tokenValue == NULL || hmac == NULL || hmacLen <= 0) { + if (challenge == NULL || tokenValue == NULL || hmac == NULL || hmacLen == 0) { CERT_LOG_ERROR("[EncryptHmac] Invalid parameter"); return CERT_ERR; } diff --git a/cert_mgr_service/services/core/utils/cert_utils.c b/cert_mgr_service/services/core/utils/cert_utils.c index 9c3cca5..7c207c0 100644 --- a/cert_mgr_service/services/core/utils/cert_utils.c +++ b/cert_mgr_service/services/core/utils/cert_utils.c @@ -51,7 +51,7 @@ char* CertStrdup(const char* input) return NULL; } size_t len = strlen(input) + 1; - if (len <= 0) { + if (len == 0) { return NULL; } char* out = malloc(len); @@ -118,10 +118,10 @@ int32_t AnonymiseStr(char* str) uint32_t strLen = strlen(str); uint32_t ret; uint32_t tempLen = 8; - uint32_t halfLen = 2; if (strLen <= tempLen) { ret = memset_s((void*)str, strLen, '*', strLen); - } else { + } else { + uint32_t halfLen = 2; int32_t unAnonyStrLen = CalUnAnonyStrLen(strLen); int32_t endpointLen = unAnonyStrLen / halfLen; ret = memset_s((void*)(str + endpointLen), (strLen - unAnonyStrLen), '*', (strLen - unAnonyStrLen)); diff --git a/cert_mgr_service/services/core/utils/cert_utils_list.c b/cert_mgr_service/services/core/utils/cert_utils_list.c index 580bbf2..f051aeb 100644 --- a/cert_mgr_service/services/core/utils/cert_utils_list.c +++ b/cert_mgr_service/services/core/utils/cert_utils_list.c @@ -57,7 +57,7 @@ int32_t AddListNode(List *list, void *data) node->data = data; node->next = NULL; - if (list->head == NULL) { + if (head == NULL) { list->head = node; } else { head->next = node; diff --git a/cert_mgr_service/services/core/utils/cert_utils_log.c b/cert_mgr_service/services/core/utils/cert_utils_log.c index 862875f..e89a02f 100644 --- a/cert_mgr_service/services/core/utils/cert_utils_log.c +++ b/cert_mgr_service/services/core/utils/cert_utils_log.c @@ -49,7 +49,7 @@ void CertLog(CertLogLevel logLevel, const char* fmt, ...) { char outStr[CERT_LOG_STR_LEM] = {0}; va_list arg; - (void)memset_s(&arg, sizeof(va_list), 0, sizeof(va_list)); + // (void)memset_s(&arg, sizeof(va_list), 0, sizeof(va_list)); va_start(arg, fmt); int32_t ret = vsprintf_s(outStr, sizeof(outStr), fmt, arg); va_end(arg); diff --git a/cert_mgr_service/test/unittest/src/CertMgrSdkTest.cpp b/cert_mgr_service/test/unittest/src/CertMgrSdkTest.cpp index b22c5f8..073acd3 100644 --- a/cert_mgr_service/test/unittest/src/CertMgrSdkTest.cpp +++ b/cert_mgr_service/test/unittest/src/CertMgrSdkTest.cpp @@ -63,8 +63,7 @@ HWTEST_F(CertMgrSdkTest, GetCertStatus_Test_001, TestSize.Level0) { // step 1:调用函数获取结果 printf("-------------GetCertStatus_Test_001 begin -----------------"); - CertMgrClient* certManager = nullptr; - certManager = DelayedSingleton::GetInstance(); + CertMgrClient* certManager = DelayedSingleton::GetInstance(); int res = certManager->GetCertStatus(); // Step 2:使用断言比较预期与实际结果 -- Gitee