1 /*
2  * Copyright (C) 2021 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 #ifndef HAP_TRUSTED_ROOT_CA_H
16 #define HAP_TRUSTED_ROOT_CA_H
17 
18 #include <string>
19 #include <unordered_map>
20 
21 #include "openssl/x509.h"
22 
23 #include "common/export_define.h"
24 #include "init/json_parser_utils.h"
25 #include "interfaces/hap_verify_result.h"
26 
27 namespace OHOS {
28 namespace Security {
29 namespace Verify {
30 using StringCertMap = std::unordered_map<std::string, X509*>;
31 
32 class TrustedRootCa {
33 public:
34     DLL_EXPORT static TrustedRootCa& GetInstance();
35     DLL_EXPORT bool Init();
36     DLL_EXPORT void Recovery();
37     DLL_EXPORT bool EnableDebug();
38     DLL_EXPORT void DisableDebug();
39     DLL_EXPORT X509* FindMatchedRoot(X509* caCert);
40     DLL_EXPORT void SetDevMode(DevMode devMode);
41 
42 private:
43     TrustedRootCa();
44     ~TrustedRootCa();
45 
46     /* Forbid external replication constructs and external replication */
47     TrustedRootCa(const TrustedRootCa& trustedRoot) = delete;
48     TrustedRootCa& operator = (const TrustedRootCa& trustedRoot) = delete;
49 
50     DLL_EXPORT bool GetTrustedRootCAFromJson(StringCertMap& rootCertMap, const std::string& filePath);
51     X509* FindMatchedRoot(const StringCertMap& rootCertMap, X509* caCert);
52 
53 private:
54     static const std::string TRUSTED_ROOT_CA_FILE_PATH;
55     static const std::string TRUSTED_ROOT_CA_TEST_FILE_PATH;
56     StringCertMap rootCerts;
57     StringCertMap rootCertsForTest;
58     bool isInit;
59     bool isDebug;
60     DevMode devMode;
61 };
62 } // namespace Verify
63 } // namespace Security
64 } // namespace OHOS
65 #endif // HAP_TRUSTED_ROOT_CA_H
66