lib.rs - OpenGrok cross reference for /ohos5.0/base/update/updater/services/rust/hash_signed_data/src/lib.rs

/*
 * Copyright (c) 2023 Huawei Device Co., Ltd.
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

//! This lib is used by updater to parse and get sig from hash signe data file:

mod hsd;
mod evp;
mod ffi;
mod img_hash_check;
mod macros;

use core::{ffi::{c_char, CStr}, mem::ManuallyDrop, ptr};
use hsd::HashSignedData;
use img_hash_check::ImgHashData;
use img_hash_check::ReadLeBytes;

/// load hash signed data from buffer, then you can verify them by VerifyHashBySignedData
///
/// # Safety
///
/// signed_data must contain a valid nul terminator at the end
#[no_mangle]
pub unsafe extern fn LoadHashSignedData(signed_data: *const c_char)
    -> *const HashSignedData
{
    if signed_data.is_null() {
        updaterlog!(ERROR, "signed data is null");
        return ptr::null();
    }

    let signed_data_str: &CStr = unsafe { CStr::from_ptr(signed_data) };
    let hsd = signed_data_str.to_str();
    if hsd.is_err() {
        updaterlog!(ERROR, "hash signed data str format is invalid {:?}", signed_data_str);
        return ptr::null();
    }

    match HashSignedData::try_from(hsd.unwrap()) {
        Ok(hsd) => {
            updaterlog!(INFO, "hash signed data parse successful!");
            Box::into_raw(Box::new(hsd))
        },
        Err(err) => {
            updaterlog!(ERROR, "hash signed data parse failed, err is {}", err);
            ptr::null()
        }
    }
}

/// Get signature of file from hash signed data
///
/// # Safety
///
/// file_name should be a valid utf8 str, ended with a nul terminator
#[no_mangle]
pub unsafe extern fn GetSigFromHashData(signed_data: *const HashSignedData,
    out: *mut u8, out_len: usize, file_name: *const c_char) -> usize
{
    if out.is_null() || file_name.is_null() || signed_data.is_null() {
        updaterlog!(ERROR, "input invalid, null status hash:{} file_name:{} signed_data:{}",
            out.is_null(), file_name.is_null(), signed_data.is_null());
        return 0;
    }
    let signed_data = ManuallyDrop::new(unsafe { &*signed_data });
    let file_name_c_str: &CStr = unsafe { CStr::from_ptr(file_name) };
    let file_name = match file_name_c_str.to_str() {
        Ok(file_name) => file_name,
        Err(_) => {
            updaterlog!(ERROR, "filename is invalid utf8 str");
            return 0;
        }
    };
    let sig = match signed_data.get_sig_for_file(file_name) {
        Ok(sig) => sig,
        Err(err) => {
            unsafe { ffi::ERR_print_errors_cb(ffi::err_print_cb, ptr::null_mut()); }
            updaterlog!(ERROR, "get sig for file {} failed, err is {}", file_name, err);
            return 0;
        }
    };
    if sig.len() > out_len {
        updaterlog!(ERROR, "out is too small to hold signature");
        return 0;
    }
    unsafe { ptr::copy_nonoverlapping(sig.as_ptr(), out, sig.len()); }
    // hash is owned by a vector in c++, it's memory is allocated in c++, so need to forget it in rust
    updaterlog!(INFO, "get sig succeed for {}", file_name);
    sig.len()
}

/// release hash signed data when you no longer need it
///
/// # Safety
///
/// HashSignedData should be a return value of LoadHashSignedData
#[no_mangle]
pub unsafe extern fn ReleaseHashSignedData(signed_data: *const HashSignedData)
{
    if signed_data.is_null() {
        updaterlog!(ERROR, "signed data is null");
        return;
    }
    unsafe { drop(Box::from_raw(signed_data as *mut HashSignedData)); }
    updaterlog!(INFO, "release hash signed data");
}

/// load hash signed data from buffer, then you can verify them by check_data_hash
///
/// # Safety
///
/// hash_data must contain a valid nul terminator at the end
#[no_mangle]
pub unsafe extern fn LoadImgHashData(hash_data: *const u8, len: usize)
    -> *const ImgHashData<u32>
{
    if hash_data.is_null() {
        updaterlog!(ERROR, "hash data is null");
        return ptr::null();
    }

    let hash_data_vec: Vec<u8> = unsafe {Vec::from_raw_parts(hash_data as *mut u8, len, len)};
    match ImgHashData::load_img_hash_data(&hash_data_vec[..]) {
        Ok(hash_data) => {
            std::mem::forget(hash_data_vec);
            updaterlog!(INFO, "hash data parse successful!");
            Box::into_raw(Box::new(hash_data))
        },
        Err(err) => {
            std::mem::forget(hash_data_vec);
            updaterlog!(ERROR, "hash data parse failed, err is {}", err);
            ptr::null()
        }
    }
}

/// load hash signed data from buffer, then you can verify them by check_data_hash
///
/// # Safety
///
/// hash_data must contain a valid nul terminator at the end
#[no_mangle]
pub unsafe extern fn LoadImgHashDataNew(hash_data: *const u8, len: usize)
    -> *const ImgHashData<u64>
{
    if hash_data.is_null() {
        updaterlog!(ERROR, "hash data is null");
        return ptr::null();
    }

    let hash_data_vec: Vec<u8> = unsafe {Vec::from_raw_parts(hash_data as *mut u8, len, len)};
    match ImgHashData::load_img_hash_data(&hash_data_vec[..]) {
        Ok(hash_data) => {
            std::mem::forget(hash_data_vec);
            updaterlog!(INFO, "hash data parse successful!");
            Box::into_raw(Box::new(hash_data))
        },
        Err(err) => {
            std::mem::forget(hash_data_vec);
            updaterlog!(ERROR, "hash data parse failed, err is {}", err);
            ptr::null()
        }
    }
}

/// check hash data from buffer
///
/// # Safety
///
/// signed_data must contain a valid nul terminator at the end
// #[no_mangle]
pub unsafe extern fn check_data_hash_template<T>(img_hash_data: *const ImgHashData<T>,
    img_name: *const c_char, start: T, end: T, hash_value: *const u8,  len: usize) -> bool
    where T: ReadLeBytes + std::hash::Hash + std::cmp::Eq + std::fmt::Display + std::default::Default
{
    if img_hash_data.is_null() || img_name.is_null() || hash_value.is_null() {
        updaterlog!(ERROR, "input invalid, null status img_hash_data:{} img_name:{} hash_value:{}",
        img_hash_data.is_null(), img_name.is_null(), hash_value.is_null());
        return false;
    }

    let hash_data = ManuallyDrop::new( unsafe { &*img_hash_data });
    let img_name_c_str: &CStr = unsafe { CStr::from_ptr(img_name) };
    let img_name = match img_name_c_str.to_str() {
        Ok(img_name) => img_name.to_owned(),
        Err(_) => {
            updaterlog!(ERROR, "img_name is invalid utf8 str");
            return false;
        }
    };

    let hash_value_vec: Vec<u8> = unsafe {Vec::from_raw_parts(hash_value as *mut u8, len, len)};
    updaterlog!(INFO, "check_data_hash, img_name: {}, start: {}, hash_value_vec: {:?}", img_name, start, hash_value_vec);
    let is_valid = hash_data.check_img_hash(img_name, start, end, &hash_value_vec[..]);
    std::mem::forget(hash_value_vec);
    is_valid
}

/// check hash data from buffer
///
/// # Safety
///
/// signed_data must contain a valid nul terminator at the end
#[no_mangle]
pub unsafe extern fn check_data_hash(img_hash_data: *const ImgHashData<u32>,
    img_name: *const c_char, start: u32, end: u32, hash_value: *const u8,  len: usize) -> bool
{
    check_data_hash_template(img_hash_data, img_name, start, end, hash_value, len)
}

/// check hash data from buffer
///
/// # Safety
///
/// signed_data must contain a valid nul terminator at the end
#[no_mangle]
pub unsafe extern fn CheckDataHashNew(img_hash_data: *const ImgHashData<u64>,
    img_name: *const c_char, start: u64, end: u64, hash_value: *const u8,  len: usize) -> bool
{
    check_data_hash_template(img_hash_data, img_name, start, end, hash_value, len)
}

/// release hash signed data when you no longer need it
///
/// # Safety
///
/// HashSignedData should be a return value of LoadHashSignedData
#[no_mangle]
pub unsafe extern fn ReleaseImgHashData(hash_data: *const ImgHashData<u32>)
{
    if hash_data.is_null() {
        updaterlog!(ERROR, "image hash data is null");
        return;
    }
    unsafe { drop(Box::from_raw(hash_data as *mut ImgHashData<u32>)); }
    updaterlog!(INFO, "release image hash data");
}

/// release hash signed data when you no longer need it
///
/// # Safety
///
/// HashSignedData should be a return value of LoadHashSignedData
#[no_mangle]
pub unsafe extern fn ReleaseImgHashDataNew(hash_data: *const ImgHashData<u64>)
{
    if hash_data.is_null() {
        updaterlog!(ERROR, "image hash data is null");
        return;
    }
    unsafe { drop(Box::from_raw(hash_data as *mut ImgHashData<u64>)); }
    updaterlog!(INFO, "release image hash data");
}