summaryrefslogtreecommitdiff
path: root/security-huks-0001-support-huks-for-openeuler.patch
diff options
context:
space:
mode:
Diffstat (limited to 'security-huks-0001-support-huks-for-openeuler.patch')
-rw-r--r--security-huks-0001-support-huks-for-openeuler.patch236
1 files changed, 236 insertions, 0 deletions
diff --git a/security-huks-0001-support-huks-for-openeuler.patch b/security-huks-0001-support-huks-for-openeuler.patch
new file mode 100644
index 0000000..ebeb757
--- /dev/null
+++ b/security-huks-0001-support-huks-for-openeuler.patch
@@ -0,0 +1,236 @@
+From c7fe7e1422af2a0b4fdbd7e514f8b8c6054170e8 Mon Sep 17 00:00:00 2001
+From: "beiling.xie" <xiekunxunn@huawei.com>
+Date: Tue, 19 Jul 2022 21:01:41 +0800
+Subject: [PATCH] support huks for openeuler
+
+Signed-off-by: beiling.xie <xiekunxun@huawei.com>
+---
+ frameworks/huks_standard/main/BUILD.gn | 1 +
+ .../huks_standard/main/core/src/hks_verifier.c | 10 ++++++----
+ .../crypto_engine/openssl/src/hks_openssl_kdf.c | 4 +++-
+ .../huks_standard/main/os_dependency/BUILD.gn | 15 ++++++++++-----
+ .../main/os_dependency/log/hks_log.c | 14 +++++++-------
+ interfaces/innerkits/huks_standard/main/BUILD.gn | 1 +
+ .../huks_service/main/os_dependency/BUILD.gn | 2 +-
+ .../huks_service/main/os_dependency/idl/BUILD.gn | 6 +++---
+ utils/file_operator/hks_file_operator.c | 6 +++---
+ 9 files changed, 35 insertions(+), 24 deletions(-)
+
+diff --git a/frameworks/huks_standard/main/BUILD.gn b/frameworks/huks_standard/main/BUILD.gn
+index 83d7750..cd899cd 100755
+--- a/frameworks/huks_standard/main/BUILD.gn
++++ b/frameworks/huks_standard/main/BUILD.gn
+@@ -20,6 +20,7 @@ group("huks_standard_frameworks") {
+ "//base/security/huks/frameworks/huks_standard/main/core:libhuks_core_standard_static",
+ "//base/security/huks/frameworks/huks_standard/main/crypto_engine:libhuks_crypto_engine_standard_static",
+ "//base/security/huks/frameworks/huks_standard/main/os_dependency:libhuks_os_dependency_standard_static",
++ "//base/security/huks/services/huks_standard/huks_service/main/os_dependency:libhuks_service_os_dependency_standard_static",
+ ]
+ }
+ }
+diff --git a/frameworks/huks_standard/main/core/src/hks_verifier.c b/frameworks/huks_standard/main/core/src/hks_verifier.c
+index 149137d..a65f27e 100755
+--- a/frameworks/huks_standard/main/core/src/hks_verifier.c
++++ b/frameworks/huks_standard/main/core/src/hks_verifier.c
+@@ -250,8 +250,9 @@ static int32_t ExtractTlvLength(const uint8_t *in, uint32_t inLen, uint32_t *hea
+ uint8_t *buf = (uint8_t *)in;
+ uint32_t length = 0; /* length of the payload */
+
+- uint32_t tmp;
+- HKS_ASN1_DECODE_BYTE(buf, tmp); /* get type */
++// uint32_t tmp;
++// HKS_ASN1_DECODE_BYTE(buf, tmp); /* get type */
++ buf++;
+ if (buf[0] < ASN_1_MIN_VAL_1_EXTRA_LEN_BYTE) {
+ /* Current byte tells the length */
+ HKS_ASN1_DECODE_BYTE(buf, length);
+@@ -301,8 +302,9 @@ static int32_t ExtractTlvData(const uint8_t *in, uint32_t inLen, uint8_t *out, u
+ uint8_t *buf = (uint8_t *)in;
+ uint32_t length = 0; /* length of the payload */
+
+- uint32_t tmp;
+- HKS_ASN1_DECODE_BYTE(buf, tmp); /* get type */
++// uint32_t tmp;
++// HKS_ASN1_DECODE_BYTE(buf, tmp); /* get type */
++ buf++;
+ if (buf[0] < ASN_1_MIN_VAL_1_EXTRA_LEN_BYTE) {
+ /* Current byte tells the length */
+ HKS_ASN1_DECODE_BYTE(buf, length);
+diff --git a/frameworks/huks_standard/main/crypto_engine/openssl/src/hks_openssl_kdf.c b/frameworks/huks_standard/main/crypto_engine/openssl/src/hks_openssl_kdf.c
+index 258b206..5db3e4d 100755
+--- a/frameworks/huks_standard/main/crypto_engine/openssl/src/hks_openssl_kdf.c
++++ b/frameworks/huks_standard/main/crypto_engine/openssl/src/hks_openssl_kdf.c
+@@ -57,6 +57,7 @@ int32_t HksOpensslHkdf(const struct HksBlob *mainKey, const struct HksKeySpec *d
+ EVP_PKEY_CTX *pctx;
+ pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);
+ int32_t ret = HKS_FAILURE;
++
+ do {
+ if (EVP_PKEY_derive_init(pctx) <= 0) {
+ HksLogOpensslError();
+@@ -78,7 +79,8 @@ int32_t HksOpensslHkdf(const struct HksBlob *mainKey, const struct HksKeySpec *d
+ HksLogOpensslError();
+ break;
+ }
+- if (EVP_PKEY_derive(pctx, derivedKey->data, (size_t *)&derivedKey->size) <= 0) {
++ size_t new = derivedKey->size;
++ if (EVP_PKEY_derive(pctx, derivedKey->data, &new) <= 0) {
+ HksLogOpensslError();
+ break;
+ }
+diff --git a/frameworks/huks_standard/main/os_dependency/BUILD.gn b/frameworks/huks_standard/main/os_dependency/BUILD.gn
+index 7d03e55..6da94a5 100755
+--- a/frameworks/huks_standard/main/os_dependency/BUILD.gn
++++ b/frameworks/huks_standard/main/os_dependency/BUILD.gn
+@@ -26,6 +26,8 @@ ohos_static_library("libhuks_os_dependency_standard_static") {
+ public_configs = [ ":huks_config" ]
+ include_dirs = [
+ "log",
++ "sysinfo/include",
++ "../../../../services/huks_standard/huks_service/main/core/include/",
+ "//utils/native/base/include",
+ "//utils/system/safwk/native/include",
+ ]
+@@ -35,17 +37,20 @@ ohos_static_library("libhuks_os_dependency_standard_static") {
+ "_HUKS_LOG_ENABLE_",
+ ]
+ sources = [
+- "./ipc/src/hks_client_service_ipc.c",
+- "./ipc/src/hks_ipc_check.c",
+- "./ipc/src/hks_ipc_serialization.c",
+- "./ipc/src/hks_ipc_slice.c",
+- "./ipc/src/hks_request.cpp",
++# "./ipc/src/hks_client_service_ipc.c",
++# "./ipc/src/hks_ipc_check.c",
++# "./ipc/src/hks_ipc_serialization.c",
++# "./ipc/src/hks_ipc_slice.c",
++# "./ipc/src/hks_request.cpp",
++ "./ipc/src/hks_client_service_passthrough.c",
++ "./sysinfo/src/hks_get_process_info_passthrough.c",
+ "./log/hks_log.c",
+ "./posix/hks_mem.c",
+ ]
+ deps = [
+ "//base/security/huks/frameworks/huks_standard/main/common:libhuks_common_standard_static",
+ "//utils/native/base:utils",
++ "//third_party/bounds_checking_function:libsec_shared",
+ ]
+ external_deps = [
+ "hiviewdfx_hilog_native:libhilog",
+diff --git a/frameworks/huks_standard/main/os_dependency/log/hks_log.c b/frameworks/huks_standard/main/os_dependency/log/hks_log.c
+index ef7d264..5beadab 100755
+--- a/frameworks/huks_standard/main/os_dependency/log/hks_log.c
++++ b/frameworks/huks_standard/main/os_dependency/log/hks_log.c
+@@ -22,8 +22,8 @@
+
+ #undef LOG_DOMAIN
+ #undef LOG_TAG
+-static const unsigned int LOG_DOMAIN = 0xD002F01;
+-static const char* LOG_TAG = "HUKS";
++//static const unsigned int LOG_DOMAIN = 0xD002F01;
++//static const char* LOG_TAG = "HUKS";
+
+ #define MAX_LOG_BUFF_LEN 512
+
+@@ -48,16 +48,16 @@ void HksLog(uint32_t logLevel, const char *funcName, uint32_t lineNo, const char
+
+ switch (logLevel) {
+ case HKS_LOG_LEVEL_I:
+- HILOG_INFO(LOG_CORE, "%{public}s[%{public}u]: %{public}s\n", funcName, lineNo, buf);
++ HILOG_INFO(LOG_CORE, "%s[%u]: %s\n", funcName, lineNo, buf);
+ break;
+ case HKS_LOG_LEVEL_E:
+- HILOG_ERROR(LOG_CORE, "%{public}s[%{public}u]: %{public}s\n", funcName, lineNo, buf);
++ HILOG_ERROR(LOG_CORE, "%s[%u]: %s\n", funcName, lineNo, buf);
+ break;
+ case HKS_LOG_LEVEL_W:
+- HILOG_WARN(LOG_CORE, "%{public}s[%{public}u]: %{public}s\n", funcName, lineNo, buf);
++ HILOG_WARN(LOG_CORE, "%s[%u]: %s\n", funcName, lineNo, buf);
+ break;
+ case HKS_LOG_LEVEL_D:
+- HILOG_DEBUG(LOG_CORE, "%{public}s[%{public}u]: %{private}s\n", funcName, lineNo, buf);
++ HILOG_DEBUG(LOG_CORE, "%s[%u]: %s\n", funcName, lineNo, buf);
+ break;
+ default:
+ HKS_FREE_PTR(buf);
+@@ -65,4 +65,4 @@ void HksLog(uint32_t logLevel, const char *funcName, uint32_t lineNo, const char
+ }
+
+ HKS_FREE_PTR(buf);
+-}
+\ No newline at end of file
++}
+diff --git a/interfaces/innerkits/huks_standard/main/BUILD.gn b/interfaces/innerkits/huks_standard/main/BUILD.gn
+index 1ca1e02..88e620d 100755
+--- a/interfaces/innerkits/huks_standard/main/BUILD.gn
++++ b/interfaces/innerkits/huks_standard/main/BUILD.gn
+@@ -41,6 +41,7 @@ if (os_level == "standard") {
+ deps = [
+ "//base/security/huks/frameworks/huks_standard/main:huks_standard_frameworks",
+ "//base/security/huks/utils/crypto_adapter:libhuks_utils_client_service_adapter_static",
++ "//base/security/huks/services/huks_standard/huks_engine/main/core:huks_engine_core_standard",
+ ]
+ }
+ }
+diff --git a/services/huks_standard/huks_service/main/os_dependency/BUILD.gn b/services/huks_standard/huks_service/main/os_dependency/BUILD.gn
+index 931d20c..01078b7 100755
+--- a/services/huks_standard/huks_service/main/os_dependency/BUILD.gn
++++ b/services/huks_standard/huks_service/main/os_dependency/BUILD.gn
+@@ -34,7 +34,7 @@ ohos_static_library("libhuks_service_os_dependency_standard_static") {
+ ]
+ sources = [
+ "posix/hks_rwlock.c",
+- "sa/hks_sa.cpp",
++# "sa/hks_sa.cpp",
+ ]
+ deps = [
+ "//base/security/huks/frameworks/huks_standard/main/common:libhuks_common_standard_static",
+diff --git a/services/huks_standard/huks_service/main/os_dependency/idl/BUILD.gn b/services/huks_standard/huks_service/main/os_dependency/idl/BUILD.gn
+index e86a491..3ffcfa1 100755
+--- a/services/huks_standard/huks_service/main/os_dependency/idl/BUILD.gn
++++ b/services/huks_standard/huks_service/main/os_dependency/idl/BUILD.gn
+@@ -32,9 +32,9 @@ ohos_static_library("libhuks_service_idl_standard_static") {
+ "_HUKS_LOG_ENABLE_",
+ ]
+ sources = [
+- "ipc/hks_ipc_serialization.c",
+- "ipc/hks_ipc_service.c",
+- "ipc/hks_response.cpp",
++# "ipc/hks_ipc_serialization.c",
++# "ipc/hks_ipc_service.c",
++# "ipc/hks_response.cpp",
+ "passthrough/huks_access.c",
+ "passthrough/huks_core_dynamic_hal.c",
+ ]
+diff --git a/utils/file_operator/hks_file_operator.c b/utils/file_operator/hks_file_operator.c
+index 5543c38..5c2e704 100755
+--- a/utils/file_operator/hks_file_operator.c
++++ b/utils/file_operator/hks_file_operator.c
+@@ -93,7 +93,7 @@ static uint32_t FileRead(const char *fileName, uint32_t offset, uint8_t *buf, ui
+ }
+
+ char filePath[PATH_MAX + 1] = {0};
+- (void)realpath(fileName, filePath);
++ char *path __attribute__((unused)) = realpath(fileName, filePath);
+ if (strstr(filePath, "../") != NULL) {
+ HKS_LOG_E("invalid filePath, path %s", filePath);
+ return 0;
+@@ -137,7 +137,7 @@ static int32_t FileWrite(const char *fileName, uint32_t offset, const uint8_t *b
+ if (memcpy_s(filePath, sizeof(filePath) - 1, fileName, strlen(fileName)) != EOK) {
+ return HKS_ERROR_BAD_STATE;
+ }
+- (void)realpath(fileName, filePath);
++ char *path __attribute__((unused)) = realpath(fileName, filePath);
+ if (strstr(filePath, "../") != NULL) {
+ HKS_LOG_E("invalid filePath, path %s", filePath);
+ return HKS_ERROR_INVALID_KEY_FILE;
+@@ -519,4 +519,4 @@ uint32_t HksFileSize(const char *path, const char *fileName)
+ int32_t HksGetFileName(const char *path, const char *fileName, char *fullFileName, uint32_t fullFileNameLen)
+ {
+ return GetFileName(path, fileName, fullFileName, fullFileNameLen);
+-}
+\ No newline at end of file
++}
+--
+2.25.1
+
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-28 19:34:01 +0000