1 /* 2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef OHOS_LOCAL_SIGN_KEY_H 17 #define OHOS_LOCAL_SIGN_KEY_H 18 19 #include <memory> 20 #include <mutex> 21 #include <string> 22 23 #include "byte_buffer.h" 24 #include "errcode.h" 25 #include "huks_param_set.h" 26 #include "log.h" 27 #include "sign_key.h" 28 29 namespace OHOS { 30 namespace Security { 31 namespace CodeSign { 32 class LocalSignKey : public SignKey { 33 public: 34 static LocalSignKey &GetInstance(); 35 const ByteBuffer *GetSignCert() override; 36 bool Sign(const ByteBuffer &data, ByteBuffer &ret) override; 37 const HksCertChain *GetCertChain(); 38 void SetChallenge(const ByteBuffer &challenge); 39 bool InitKey(); 40 int32_t GetFormattedCertChain(ByteBuffer &buffer); 41 42 private: 43 LocalSignKey(); 44 ~LocalSignKey(); 45 46 LocalSignKey(const LocalSignKey &source) = delete; 47 LocalSignKey &operator = (const LocalSignKey &source) = delete; 48 49 bool GenerateKey(); 50 HksCertChain *QueryCertChain(); 51 bool GetKeyParamSet(HUKSParamSet ¶mSet); 52 bool GetAttestParamSet(HUKSParamSet ¶mSet); 53 bool GetSignParamSet(HUKSParamSet ¶mSet); 54 bool SignByHUKS(const struct HksBlob *inData, struct HksBlob *outData); 55 56 private: 57 ByteBuffer *cert_ = nullptr; 58 HksCertChain *certChain_ = nullptr; 59 std::unique_ptr<ByteBuffer> challenge_ = nullptr; 60 std::mutex lock_; 61 std::string algorithm_ = "ECDSA256"; 62 }; 63 } 64 } 65 } 66 67 #endif