init 24.03 files

0002-feat-for-embedded-fix-huks-compile-errors.patch

@@ -0,0 +1,111 @@
+From b8a21d565f44303187ade8245e637c261906451f Mon Sep 17 00:00:00 2001
+From: s_c_c <shichuchao@huawei.com>
+Date: Tue, 2 Apr 2024 16:59:34 +0800
+Subject: [PATCH] feat for embedded fix huks compile errors
+
+---
+ frameworks/huks_standard/main/core/src/hks_verifier.c     | 1 +
+ .../main/crypto_engine/openssl/src/hks_openssl_sm2.c      | 4 ++--
+ .../huks_service/main/os_dependency/idl/BUILD.gn          | 1 +
+ utils/crypto_adapter/hks_client_service_adapter.c         | 8 ++++----
+ utils/file_operator/BUILD.gn                              | 1 +
+ 5 files changed, 9 insertions(+), 6 deletions(-)
+
+diff --git a/frameworks/huks_standard/main/core/src/hks_verifier.c b/frameworks/huks_standard/main/core/src/hks_verifier.c
+index c9bf5ae..5e3d1a4 100644
+--- a/frameworks/huks_standard/main/core/src/hks_verifier.c
++++ b/frameworks/huks_standard/main/core/src/hks_verifier.c
+@@ -253,6 +253,7 @@ static int32_t EncodeTlvAndGetLength(uint8_t **buf, uint32_t *outLength, uint32_
+ 
+     uint32_t tmp;
+     HKS_ASN1_DECODE_BYTE(*buf, tmp); /* get type */
++    (void)tmp;
+     if ((*buf)[0] < ASN_1_MIN_VAL_1_EXTRA_LEN_BYTE) {
+         /* Current byte tells the length */
+         HKS_ASN1_DECODE_BYTE(*buf, length);
+diff --git a/frameworks/huks_standard/main/crypto_engine/openssl/src/hks_openssl_sm2.c b/frameworks/huks_standard/main/crypto_engine/openssl/src/hks_openssl_sm2.c
+index 0dbe0d5..3451d17 100644
+--- a/frameworks/huks_standard/main/crypto_engine/openssl/src/hks_openssl_sm2.c
++++ b/frameworks/huks_standard/main/crypto_engine/openssl/src/hks_openssl_sm2.c
+@@ -163,12 +163,12 @@ static EVP_PKEY_CTX *InitSm2Ctx(const struct HksBlob *mainKey, uint32_t digest,
+             HKS_LOG_E("assign ec key failed");
+             break;
+         }
+-
++#if OPENSSL_VERSION_MAJOR < 3
+         if (EVP_PKEY_set_alias_type(key, EVP_PKEY_SM2) != HKS_OPENSSL_SUCCESS) {
+             HKS_LOG_E("set alias type failed");
+             break;
+         }
+-
++#endif
+         ctx = EVP_PKEY_CTX_new(key, NULL);
+         HKS_IF_NULL_LOGE_BREAK(ctx, "new ctx failed")
+ 
+diff --git a/services/huks_standard/huks_service/main/os_dependency/idl/BUILD.gn b/services/huks_standard/huks_service/main/os_dependency/idl/BUILD.gn
+index c1f2e20..c7f2283 100644
+--- a/services/huks_standard/huks_service/main/os_dependency/idl/BUILD.gn
++++ b/services/huks_standard/huks_service/main/os_dependency/idl/BUILD.gn
+@@ -60,6 +60,7 @@ ohos_static_library("libhuks_service_idl_standard_static") {
+     "-DHILOG_ENABLE",
+     "-Wall",
+     "-Werror",
++    "-Wno-attributes",
+   ]
+   cflags = cflags_cc
+   complete_static_lib = true
+diff --git a/utils/crypto_adapter/hks_client_service_adapter.c b/utils/crypto_adapter/hks_client_service_adapter.c
+index ae9f94d..ee2c303 100644
+--- a/utils/crypto_adapter/hks_client_service_adapter.c
++++ b/utils/crypto_adapter/hks_client_service_adapter.c
+@@ -428,7 +428,7 @@ int32_t TranslateToX509PublicKey(const struct HksBlob *publicKey, struct HksBlob
+ #ifdef HKS_SUPPORT_RSA_C
+ static int32_t X509PublicKeyToRsa(EVP_PKEY *pkey, struct HksBlob *rsaPublicKey)
+ {
+-    RSA *rsa = EVP_PKEY_get0_RSA(pkey);
++    RSA *rsa = (RSA *)EVP_PKEY_get0_RSA(pkey);
+     HKS_IF_NULL_LOGE_RETURN(rsa, HKS_ERROR_NULL_POINTER,
+         "EVP_PKEY_get1_RSA error %" LOG_PUBLIC "s", ERR_reason_error_string(ERR_get_error()))
+ 
+@@ -521,7 +521,7 @@ static int32_t EcKeyToPublicKey(const uint32_t alg, EC_KEY *ecKey, struct HksBlo
+ 
+ static int32_t X509PublicKeyToEcc(const uint32_t alg, EVP_PKEY *pkey, struct HksBlob *eccPublicKey)
+ {
+-    EC_KEY *ecKey = EVP_PKEY_get0_EC_KEY(pkey);
++    EC_KEY *ecKey = (EC_KEY *)EVP_PKEY_get0_EC_KEY(pkey);
+     HKS_IF_NULL_LOGE_RETURN(ecKey, HKS_ERROR_NULL_POINTER,
+         "EVP_PKEY_get1_EC_KEY error %" LOG_PUBLIC "s", ERR_reason_error_string(ERR_get_error()))
+ 
+@@ -547,7 +547,7 @@ static int32_t GetDsaKeyInfo(const DSA *dsa, const BIGNUM **info, uint32_t *info
+ 
+ static int32_t X509PublicKeyToDsa(EVP_PKEY *pkey, struct HksBlob *dsaPublicKey)
+ {
+-    DSA *dsa = EVP_PKEY_get0_DSA(pkey);
++    DSA *dsa = (DSA *)EVP_PKEY_get0_DSA(pkey);
+     HKS_IF_NULL_LOGE_RETURN(dsa, HKS_ERROR_NULL_POINTER,
+         "EVP_PKEY_get1_DSA error %" LOG_PUBLIC "s", ERR_reason_error_string(ERR_get_error()))
+ 
+@@ -604,7 +604,7 @@ static int32_t X509PublicKeyToDsa(EVP_PKEY *pkey, struct HksBlob *dsaPublicKey)
+ #ifdef HKS_SUPPORT_DH_C
+ static int32_t X509PublicKeyToDh(EVP_PKEY *pkey, struct HksBlob *dhPublicKey)
+ {
+-    DH *dh = EVP_PKEY_get0_DH(pkey);
++    DH *dh = (DH *)EVP_PKEY_get0_DH(pkey);
+     HKS_IF_NULL_LOGE_RETURN(dh, HKS_ERROR_NULL_POINTER,
+         "EVP_PKEY_get0_DH error %" LOG_PUBLIC "s", ERR_reason_error_string(ERR_get_error()))
+ 
+diff --git a/utils/file_operator/BUILD.gn b/utils/file_operator/BUILD.gn
+index 8666d7f..841e3e1 100644
+--- a/utils/file_operator/BUILD.gn
++++ b/utils/file_operator/BUILD.gn
+@@ -41,6 +41,7 @@ ohos_static_library("libhuks_utils_file_operator_static") {
+   cflags = [
+     "-Wall",
+     "-Werror",
++    "-Wno-unused-result",
+   ]
+   deps = [ "//base/security/huks/frameworks/huks_standard/main/os_dependency:libhuks_os_dependency_standard_static" ]
+   external_deps = [
+-- 
+2.20.1 (Apple Git-117)
+

huks.BUILD.gn

@@ -0,0 +1,32 @@
+# Copyright (C) 2021-2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import("//build/ohos.gni")
+import("//build/config/sysroot.gni")
+
+config("huks_config") {
+    include_dirs = [ "${sysroot}/usr/include/huks" ]
+    libs = ["hukssdk.z"]
+}
+
+if (os_level == "standard") {
+    group("libhukssdk") {
+        public_configs = [ ":huks_config" ]
+    }
+}
+
+if (os_level == "small" || os_level == "mini") {
+    group("libhukssdk") {
+    }
+}
+

huks.bundle.json

@@ -0,0 +1,78 @@
+{
+  "name": "@ohos/huks",
+  "description": "The provider of key and certificate manangement capbility, which belongs to security subsystem",
+  "version": "3.1",
+  "license": "Apache License 2.0",
+  "publishAs": "code-segment",
+  "segment": {
+    "destPath": "base/security/huks"
+  },
+  "dirs":{},
+  "scripts": {
+    "install": "DEST_PATH=${DEP_BUNDLE_BASE}/base/security/huks && mkdir -p $DEST_PATH && cp -r ./* $DEST_PATH"
+  },
+  "author": {},
+  "repository": "",
+  "component": {
+    "name": "huks",
+    "subsystem": "security",
+    "syscap": [
+      "SystemCapability.Security.Huks",
+      "SystemCapability.Security.Cipher"
+    ],
+    "features": [],
+    "adapted_system_type": [
+      "standard",
+      "small",
+      "mini"
+    ],
+    "hisysevent_config": [
+      "//base/security/huks/hisysevent.yaml"
+    ],
+    "rom": "5000KB",
+    "ram": "500kB",
+    "deps": {
+      "components": [
+        "ability_base",
+        "access_token",
+        "bundle_framework",
+        "common",
+        "common_event_service",
+        "hisysevent_native",
+        "hitrace_native",
+        "hiviewdfx_hilog_native",
+        "ipc",
+        "napi",
+        "os_account",
+        "safwk",
+        "samgr",
+        "thirdparty_bounds_checking_function",
+        "c_utils"
+      ],
+      "third_party": [
+        "openssl",
+        "bounds_checking_function"
+      ]
+    },
+    "build": {
+      "group_type": {
+      },
+      "inner_kits": [
+        {
+          "name": "//base/security/huks/interfaces/innerkits/huks_standard/main:libhukssdk",
+          "header": {
+            "header_files": [
+              "hks_api.h"
+            ],
+            "header_base": "//base/security/huks/interfaces/innerkits/huks_standard/main/include"
+          }
+        }
+      ],
+      "test": [
+        "//base/security/huks:huks_sdk_test",
+        "//base/security/huks/test/fuzz_test:fuzztest"
+      ]
+    }
+  }
+}
+

huks_service.xml

@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="utf-8"?>
+<info>
+    <process>huks_service</process>
+    <loadlibs>
+        <libpath>libhuks_service.z.so</libpath>
+    </loadlibs>
+    <systemability> 
+        <name>3510</name> 
+        <libpath>libhuks_service.z.so</libpath> 
+        <run-on-create>true</run-on-create> 
+        <distributed>false</distributed> 
+        <dump-level>1</dump-level> 
+    </systemability>
+</info>

mbedtls.BUILD.gn

@@ -0,0 +1,18 @@
+import("//build/ohos.gni")
+config("mbedtls_config") {
+  include_dirs = [
+    "include",
+ ]
+  libs = [ 
+   "mbedtls.z", 
+  ]
+}
+
+ohos_shared_library("mbedtls_shared") {
+  public_configs = [ ":mbedtls_config" ]
+}
+
+group("mbedtls") {
+  public_deps = [ ":mbedtls_shared" ]
+}
+

security_huks.spec

@@ -0,0 +1,131 @@
+%define debug_package %{nil}
+%global build_opt /opt/distributed-middleware-build
+%global oh_version OpenHarmony-v3.2-Release
+%global security_path %{_builddir}/base/security
+%global third_party_path %{_builddir}/third_party
+
+Name:           security_huks
+Version:        1.0.0
+Release:        6%{?dist}
+Summary:        Key management service
+License:        Apache-2.0
+URL:            https://gitee.com/openharmony/security_huks
+Source1:        https://gitee.com/openharmony/security_huks/repository/archive/OpenHarmony-v3.2-Release.tar.gz #/security_huks-OpenHarmony-v3.2-Release.tar.gz
+Source2:        huks.BUILD.gn
+Source3:        huks.bundle.json
+Source4:        huks_service.xml
+
+Patch1:         0001-adapt-compilation-tailor-dependencies.patch
+Patch2:         0002-feat-for-embedded-fix-huks-compile-errors.patch
+
+BuildRequires:  gcc, make, hilog
+BuildRequires:  distributed-build, distributed-beget
+BuildRequires:  commonlibrary_c_utils
+BuildRequires:  notification_eventhandler
+BuildRequires:  communication_ipc
+BuildRequires:  systemabilitymgr_safwk, systemabilitymgr_samgr
+BuildRequires:  compat-openssl11-devel
+
+Requires:  distributed-beget
+Requires:  commonlibrary_c_utils
+Requires:  notification_eventhandler
+Requires:  communication_ipc
+Requires:  systemabilitymgr_safwk, systemabilitymgr_samgr
+
+%description
+OpenHarmony Universal KeyStore (HUKS) provides applications with key library capabilities, such as key management and cryptographic operations on keys. HUKS also provides APIs for applications to import or generate keys.
+
+# Decompress source code package, make patches to the source code.
+%prep
+rm -rf %{_builddir}/*
+
+cp -rf %{build_opt} %{_builddir}/build
+[ ! -L "%{_builddir}/build.sh" ] && ln -s %{_builddir}/build/build_scripts/build.sh %{_builddir}/build.sh
+[ ! -L "%{_builddir}/.gn" ] && ln -s %{_builddir}/build/core/gn/dotfile.gn %{_builddir}/.gn
+[ ! -L "%{_builddir}/build.py" ] && ln -s %{_builddir}/build/lite/build.py %{_builddir}/build.py
+cp -rf %{_builddir}/build/openeuler/vendor %{_builddir}/
+cp -rf %{_builddir}/build/openeuler/compiler_gn/* %{_builddir}
+
+%setup -q -D -T -a 1 -c -n %{security_path}
+mv %{security_path}/%{name}-%{oh_version} %{security_path}/huks
+%patch -P1 -p1 -d %{security_path}/huks
+%patch -P2 -p1 -d %{security_path}/huks
+
+%build
+
+
+%ifarch x86_64
+%{_builddir}/build.sh --product-name openeuler --target-cpu x86_64
+%endif
+
+%ifarch aarch64
+%{_builddir}/build.sh --product-name openeuler --target-cpu arm64
+%endif
+
+%install
+install -d -m 0755 %{buildroot}/%{_includedir}/huks
+install -d -m 0755 %{buildroot}/%{_libdir}
+install -d -m 0755 %{buildroot}/system/lib64
+install -d -m 0755 %{buildroot}/system/profile
+install -d -m 0755 %{buildroot}%{build_opt}/openeuler/compiler_gn/base/security/huks/interfaces/innerkits/huks_standard/main/
+
+%ifarch aarch64
+%define module_out_path out/openeuler/linux_clang_arm64/security/huks
+%define header_out_path out/openeuler/innerkits/linux-arm64/huks
+%endif
+
+%ifarch x86_64
+%define module_out_path out/openeuler/linux_clang_x86_64/security/huks
+%define header_out_path out/openeuler/innerkits/linux-x86_64/huks
+%endif
+# prepare head files
+find %{_builddir}/%{header_out_path} -name *.h -print0 | xargs -0 -i cp -rf {} %{buildroot}%{_includedir}/huks/
+install -m 0755 %{_builddir}/base/security/huks/frameworks/huks_standard/main/common/include/*.h %{buildroot}%{_includedir}/huks/
+
+# copy executable file.
+install -m 0755 %{_builddir}/%{module_out_path}/*.so %{buildroot}%{_libdir}
+install -m 0755 %{_builddir}/%{module_out_path}/*.so %{buildroot}/system/lib64
+
+#cp json file
+install -m 0755 %{SOURCE3} %{buildroot}%{build_opt}/openeuler/compiler_gn/base/security/huks/bundle.json
+
+#cp gn file
+install -m 0755 %{SOURCE2} %{buildroot}%{build_opt}/openeuler/compiler_gn/base/security/huks/interfaces/innerkits/huks_standard/main/BUILD.gn
+
+# cp profile file
+install -m 0755 %{SOURCE4} %{buildroot}/system/profile
+
+#cp yaml file
+install -m 0755 %{_builddir}/base/security/huks/hisysevent.yaml %{buildroot}%{build_opt}/openeuler/compiler_gn/base/security/huks
+
+#create soft link 
+ln -s  /usr/include/huks %{buildroot}%{build_opt}/openeuler/compiler_gn/base/security/huks/include
+
+# copy ko file to the certain path on deployment environment.
+%files
+%{_libdir}/*.so
+%{_includedir}/huks/*
+# %{bundle_dir}/*
+/system/*
+%{build_opt}/*
+
+%changelog
+* Wed Apr 3 2024 s_c_c <shichuchao@huawei.com> - 1.0.0-6
+- Fix huks sysroot patch for embedded
+
+* Tue Apr 2 2024 s_c_c <shichuchao@huawei.com> - 1.0.0-5
+- Fix header_out_path variable error
+
+* Tue Apr 2 2024 s_c_c <shichuchao@huawei.com> - 1.0.0-4
+- Fix huks compile errors for embedded
+
+* Fri Dec 15 2023 Peng He <hepeng68@huawei.com> - 1.0.0-3
+- add sa profile file
+
+* Mon Oct 30 2023 Yuying Mu <muyuying1@huawei.com> - 1.0.0-2
+- add gn file
+
+* Sat Oct 07 2023 Peng He <hepeng68@huawei.com> - 1.0.0-1
+* Tue Nov 21 2023 JiaQi Zhao <zhaojiaqi18@huawei.com> - 1.0.0-1
+- adapt compilation, tailor dependencies on hitrace and hisysevent
+