andy/phs_v1.0.1.0
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
49d0cea04d85044694b6826bee0007c4fafa3775
phs_v1.0.1.0/base/security/code_signature/README.md
andy 49d0cea04d 提交 #1
2024-09-27 19:16:49 +08:00

2.0 KiB
Raw Blame History

Code Signature

Introduction

Code signature is a security mechanism on OpenHarmony to protect integrity of the application and verify the validity of the application source on runtime.

The code signature component provides the following features:

  • Writing trusted code signing certificates into the kernel
  • Enabling code signing for applicaitons
  • Signing local code

Directory Structure

/base/security/code_signature
├── interfaces                   # APIs
│   └── innerkits                #
│       ├── code_sign_utils      # APIs for enabling code signing
│       ├── common               # Common basic capacities
│       └── local_code_sign      # APIs for local signing
├── services                     # Service layer
│    ├── key_enable              # Certificate initialization
│    └── local_code_sign         # Local signing service
├── test                         # Test cases
│    ├── fuzztest                # Fuzz test cases
│    └── unittest                # Unit test cases
└── utils                        # Common basic capacities

Usage

Available APIs

API Description
int32_t EnforceCodeSignForApp(const EntryMap &entryPath, const std::string &signatureFile); Enforces code signing for an hap
int32_t EnforceCodeSignForFile(const std::string &path, const ByteBuffer &signature); Enforces code signing for an file
int32_t SignLocalCode(const std::string &filePath, ByteBuffer &signature); Signs the local code

Signing Tool User Guide

User Guide

相关仓

Repositories Involved

developtools_hapsigner

third_party_fsverity-utils