From 71cdf73de25cf4a9769ead4e8c8e49ca6a35915b Mon Sep 17 00:00:00 2001 From: GitCodeLTDJ Date: Tue, 17 Jun 2025 17:23:16 +0800 Subject: [PATCH] update net.nwteirk_security apis Signed-off-by: giteeLTDJ --- bundle.json | 7 ++ frameworks/cj/network_security/BUILD.gn | 76 +++++++++++++++++++ .../cj/network_security/include/ffi_structs.h | 33 ++++++++ .../include/net_network_security_ffi.h | 29 +++++++ .../src/net_network_security_ffi.cpp | 40 ++++++++++ 5 files changed, 185 insertions(+) create mode 100644 frameworks/cj/network_security/BUILD.gn create mode 100644 frameworks/cj/network_security/include/ffi_structs.h create mode 100644 frameworks/cj/network_security/include/net_network_security_ffi.h create mode 100644 frameworks/cj/network_security/src/net_network_security_ffi.cpp diff --git a/bundle.json b/bundle.json index 910bca717..bd04e0848 100644 --- a/bundle.json +++ b/bundle.json @@ -133,6 +133,13 @@ "header_files": [] }, "name": "//foundation/communication/netstack/frameworks/cj/http:cj_net_http_ffi" + }, + { + "header": { + "header_base": "//foundation/communication/netstack/frameworks/cj/network_security/include", + "header_files": [] + }, + "name": "//foundation/communication/netstack/frameworks/cj/network_security:cj_net_network_security_ffi" } ], "test": [ diff --git a/frameworks/cj/network_security/BUILD.gn b/frameworks/cj/network_security/BUILD.gn new file mode 100644 index 000000000..9205f35ed --- /dev/null +++ b/frameworks/cj/network_security/BUILD.gn @@ -0,0 +1,76 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos.gni") +import("//foundation/communication/netstack/netstack_config.gni") + +ohos_shared_library("cj_net_network_security_ffi") { + sanitize = { + cfi = true + cfi_cross_dso = true + debug = false + } + + branch_protector_ret = "pac_ret" + + include_dirs = [ + "include", + "$NETSTACK_DIR/utils/common_utils/include", + ] + sources = [ + "src/net_network_security_ffi.cpp", + ] + + defines = [] + + cflags = [ + "-fstack-protector-strong", + "-D_FORTIFY_SOURCE=2", + "-O2", + ] + + cflags_cc = [ + "-fvisibility=hidden", + "-fstack-protector-strong", + "-D_FORTIFY_SOURCE=2", + "-O2", + ] + + deps = [ "$NETSTACK_DIR/interfaces/innerkits/net_ssl:net_ssl" ] + + external_deps = [ + "hilog:libhilog", + "napi:ace_napi", + "napi:cj_bind_ffi", + "napi:cj_bind_native", + "openssl:libcrypto_shared", + "openssl:libssl_shared", + "samgr:samgr_proxy", + ] + + if (defined(global_parts_info) && + defined(global_parts_info.communication_netmanager_base) && + global_parts_info.communication_netmanager_base) { + external_deps += [ + "netmanager_base:net_conn_manager_if", + "netmanager_base:net_security_config_if", + ] + defines += [ "HAS_NETMANAGER_BASE=1" ] + } else { + defines += [ "HAS_NETMANAGER_BASE=0" ] + } + + innerapi_tags = [ "platformsdk" ] + part_name = "netstack" + subsystem_name = "communication" +} diff --git a/frameworks/cj/network_security/include/ffi_structs.h b/frameworks/cj/network_security/include/ffi_structs.h new file mode 100644 index 000000000..b0a611c8a --- /dev/null +++ b/frameworks/cj/network_security/include/ffi_structs.h @@ -0,0 +1,33 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef NET_NETWORK_SECURITY_FFI_STRUCTS_H +#define NET_NETWORK_SECURITY_FFI_STRUCTS_H + +#include + +#include "cj_common_ffi.h" + +namespace OHOS::NetStack::NetworkSecurity { +using namespace OHOS::NetStack::NetworkSecurity; + +struct CCertBlob { + int64_t certType; + CArrUI8 certData; +}; + +} // namespace OHOS::NetStack::NetworkSecurity + +#endif \ No newline at end of file diff --git a/frameworks/cj/network_security/include/net_network_security_ffi.h b/frameworks/cj/network_security/include/net_network_security_ffi.h new file mode 100644 index 000000000..a45cb65b2 --- /dev/null +++ b/frameworks/cj/network_security/include/net_network_security_ffi.h @@ -0,0 +1,29 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef NET_NETWORK_SECURITY_FFI_H +#define NET_NETWORK_SECURITY_FFI_H + +#include "ffi_remote_data.h" +#include "ffi_structs.h" + +namespace OHOS::NetStack::NetworkSecurity { +extern "C" { +FFI_EXPORT int64_t FfiOHOSNetworkSecurityCertVerificationCert(CCertBlob cert); +FFI_EXPORT int64_t FfiOHOSNetworkSecurityCertVerificationCaCert(CCertBlob cert, CCertBlob caCert); +} +} // namespace OHOS::NetStack::NetworkSecurity + +#endif \ No newline at end of file diff --git a/frameworks/cj/network_security/src/net_network_security_ffi.cpp b/frameworks/cj/network_security/src/net_network_security_ffi.cpp new file mode 100644 index 000000000..75b4123c9 --- /dev/null +++ b/frameworks/cj/network_security/src/net_network_security_ffi.cpp @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "net_network_security_ffi.h" +#include "net_ssl.h" + +using namespace OHOS::NetStack::Ssl; +namespace OHOS::NetStack::NetworkSecurity { +extern "C" { +int64_t FfiOHOSNetworkSecurityCertVerificationCert(CCertBlob cert) +{ + CertBlob certBlob = CertBlob{ static_cast(cert.certType), + static_cast(cert.certData.size), cert.certData.head }; + uint32_t ret = NetStackVerifyCertification(&certBlob); + return static_cast(ret); +} + +int64_t FfiOHOSNetworkSecurityCertVerificationCaCert(CCertBlob cert, CCertBlob caCert) +{ + CertBlob certBlob = CertBlob{ static_cast(cert.certType), + static_cast(cert.certData.size), cert.certData.head }; + CertBlob caCertBlob = CertBlob{ static_cast(caCert.certType), + static_cast(caCert.certData.size), caCert.certData.head }; + uint32_t ret = NetStackVerifyCertification(&certBlob, &caCertBlob); + return static_cast(ret); +} +} +} // namespace OHOS::NetStack::NetworkSecurity \ No newline at end of file -- Gitee