From 88b05e43a0ce8fcc933ca3515974659783acc4ea Mon Sep 17 00:00:00 2001
From: Richard <1256827031@qq.com>
Date: Thu, 15 May 2025 03:42:08 +0000
Subject: [PATCH 1/6] add

Signed-off-by: Richard <1256827031@qq.com>
---
 services/include/package/cert_verify.h      |  1 +
 services/package/pkg_verify/cert_verify.cpp | 22 ++++++++++++++++-----
 2 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/services/include/package/cert_verify.h b/services/include/package/cert_verify.h
index 20893398..dc26c93e 100644
--- a/services/include/package/cert_verify.h
+++ b/services/include/package/cert_verify.h
@@ -56,6 +56,7 @@ public:
 
     int32_t Init() override;
     int32_t CertChainCheck(STACK_OF(X509) *certStack, X509 *cert) override;
+    int32_t SetRootCertInfo(std::string certFile);
 
 private:
     int32_t InitRootCert();
diff --git a/services/package/pkg_verify/cert_verify.cpp b/services/package/pkg_verify/cert_verify.cpp
index 6a954544..90eb7898 100644
--- a/services/package/pkg_verify/cert_verify.cpp
+++ b/services/package/pkg_verify/cert_verify.cpp
@@ -85,13 +85,11 @@ int32_t SingleCertHelper::CertChainCheck(STACK_OF(X509) * certStack, X509 *cert)
     return VerifySingleCert(cert);
 }
 
-int32_t SingleCertHelper::InitRootCert()
+int32_t SingleCertHelper::SetRootCertInfo(std::string certFile)
 {
-    UPDATER_INIT_RECORD;
-#ifndef DIFF_PATCH_SDK
-    X509 *rootCert = GetX509CertFromPemFile(Utils::GetCertName());
+    X509 *rootCert = GetX509CertFromPemFile(certFile);
     if (rootCert == nullptr) {
-        PKG_LOGE("Get root cert fail, file: %s", Utils::GetCertName().c_str());
+        PKG_LOGE("Get root cert fail, file: %s", certFile.c_str());
         UPDATER_LAST_WORD(-1);
         return -1;
     }
@@ -102,6 +100,14 @@ int32_t SingleCertHelper::InitRootCert()
     rootInfo_.rootCert = rootCert;
     rootInfo_.subject = GetX509CertSubjectName(rootCert);
     rootInfo_.issuer = GetX509CertIssuerName(rootCert);
+    return 0;
+}
+
+int32_t SingleCertHelper::InitRootCert()
+{
+    UPDATER_INIT_RECORD;
+#ifndef DIFF_PATCH_SDK
+    return SetRootCertInfo(Utils::GetCertName());
 #endif
 
     return 0;
@@ -120,6 +126,12 @@ int32_t SingleCertHelper::VerifySingleCert(X509 *cert)
 
 int32_t SingleCertHelper::CompareCertSubjectAndIssuer(X509 *cert)
 {
+    if (rootInfo_.subject.empty() || rootInfo_.issuer.empty()) {
+        PKG_LOGW("rootInfo_ is null");
+        if (SetRootCertInfo("/etc/certificate/signing_cert.crt") != 0) {
+            return -1;
+        }
+    }
     string certSubject = GetX509CertSubjectName(cert);
     string certIssuer = GetX509CertIssuerName(cert);
     if (rootInfo_.subject.compare(certSubject) == 0 &&
-- 
Gitee


From 3e04bb6c281dee56f34ce112cc372ff260b5464e Mon Sep 17 00:00:00 2001
From: Richard <1256827031@qq.com>
Date: Tue, 20 May 2025 03:10:25 +0000
Subject: [PATCH 2/6] add

Signed-off-by: Richard <1256827031@qq.com>
---
 services/include/package/cert_verify.h      | 2 +-
 services/package/pkg_verify/cert_verify.cpp | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/services/include/package/cert_verify.h b/services/include/package/cert_verify.h
index dc26c93e..5932bf61 100644
--- a/services/include/package/cert_verify.h
+++ b/services/include/package/cert_verify.h
@@ -56,7 +56,7 @@ public:
 
     int32_t Init() override;
     int32_t CertChainCheck(STACK_OF(X509) *certStack, X509 *cert) override;
-    int32_t SetRootCertInfo(std::string certFile);
+    int32_t SetRootCertInfo(const std::string &certFile);
 
 private:
     int32_t InitRootCert();
diff --git a/services/package/pkg_verify/cert_verify.cpp b/services/package/pkg_verify/cert_verify.cpp
index 90eb7898..a6469ada 100644
--- a/services/package/pkg_verify/cert_verify.cpp
+++ b/services/package/pkg_verify/cert_verify.cpp
@@ -85,7 +85,7 @@ int32_t SingleCertHelper::CertChainCheck(STACK_OF(X509) * certStack, X509 *cert)
     return VerifySingleCert(cert);
 }
 
-int32_t SingleCertHelper::SetRootCertInfo(std::string certFile)
+int32_t SingleCertHelper::SetRootCertInfo(const std::string &certFile)
 {
     X509 *rootCert = GetX509CertFromPemFile(certFile);
     if (rootCert == nullptr) {
-- 
Gitee


From a6317196dc0b4a1f56dcdc842c9c4ea67547a9b9 Mon Sep 17 00:00:00 2001
From: Richard <1256827031@qq.com>
Date: Tue, 20 May 2025 09:21:53 +0000
Subject: [PATCH 3/6] Revert "add"

This reverts commit 3e04bb6c281dee56f34ce112cc372ff260b5464e.
---
 services/include/package/cert_verify.h      | 2 +-
 services/package/pkg_verify/cert_verify.cpp | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/services/include/package/cert_verify.h b/services/include/package/cert_verify.h
index 5932bf61..dc26c93e 100644
--- a/services/include/package/cert_verify.h
+++ b/services/include/package/cert_verify.h
@@ -56,7 +56,7 @@ public:
 
     int32_t Init() override;
     int32_t CertChainCheck(STACK_OF(X509) *certStack, X509 *cert) override;
-    int32_t SetRootCertInfo(const std::string &certFile);
+    int32_t SetRootCertInfo(std::string certFile);
 
 private:
     int32_t InitRootCert();
diff --git a/services/package/pkg_verify/cert_verify.cpp b/services/package/pkg_verify/cert_verify.cpp
index a6469ada..90eb7898 100644
--- a/services/package/pkg_verify/cert_verify.cpp
+++ b/services/package/pkg_verify/cert_verify.cpp
@@ -85,7 +85,7 @@ int32_t SingleCertHelper::CertChainCheck(STACK_OF(X509) * certStack, X509 *cert)
     return VerifySingleCert(cert);
 }
 
-int32_t SingleCertHelper::SetRootCertInfo(const std::string &certFile)
+int32_t SingleCertHelper::SetRootCertInfo(std::string certFile)
 {
     X509 *rootCert = GetX509CertFromPemFile(certFile);
     if (rootCert == nullptr) {
-- 
Gitee


From e5d583ac056c0eba9df27ca60a79dec41f1be4b1 Mon Sep 17 00:00:00 2001
From: Richard <1256827031@qq.com>
Date: Tue, 20 May 2025 09:22:11 +0000
Subject: [PATCH 4/6] Revert "add"

This reverts commit 88b05e43a0ce8fcc933ca3515974659783acc4ea.
---
 services/include/package/cert_verify.h      |  1 -
 services/package/pkg_verify/cert_verify.cpp | 22 +++++----------------
 2 files changed, 5 insertions(+), 18 deletions(-)

diff --git a/services/include/package/cert_verify.h b/services/include/package/cert_verify.h
index dc26c93e..20893398 100644
--- a/services/include/package/cert_verify.h
+++ b/services/include/package/cert_verify.h
@@ -56,7 +56,6 @@ public:
 
     int32_t Init() override;
     int32_t CertChainCheck(STACK_OF(X509) *certStack, X509 *cert) override;
-    int32_t SetRootCertInfo(std::string certFile);
 
 private:
     int32_t InitRootCert();
diff --git a/services/package/pkg_verify/cert_verify.cpp b/services/package/pkg_verify/cert_verify.cpp
index 90eb7898..6a954544 100644
--- a/services/package/pkg_verify/cert_verify.cpp
+++ b/services/package/pkg_verify/cert_verify.cpp
@@ -85,11 +85,13 @@ int32_t SingleCertHelper::CertChainCheck(STACK_OF(X509) * certStack, X509 *cert)
     return VerifySingleCert(cert);
 }
 
-int32_t SingleCertHelper::SetRootCertInfo(std::string certFile)
+int32_t SingleCertHelper::InitRootCert()
 {
-    X509 *rootCert = GetX509CertFromPemFile(certFile);
+    UPDATER_INIT_RECORD;
+#ifndef DIFF_PATCH_SDK
+    X509 *rootCert = GetX509CertFromPemFile(Utils::GetCertName());
     if (rootCert == nullptr) {
-        PKG_LOGE("Get root cert fail, file: %s", certFile.c_str());
+        PKG_LOGE("Get root cert fail, file: %s", Utils::GetCertName().c_str());
         UPDATER_LAST_WORD(-1);
         return -1;
     }
@@ -100,14 +102,6 @@ int32_t SingleCertHelper::SetRootCertInfo(std::string certFile)
     rootInfo_.rootCert = rootCert;
     rootInfo_.subject = GetX509CertSubjectName(rootCert);
     rootInfo_.issuer = GetX509CertIssuerName(rootCert);
-    return 0;
-}
-
-int32_t SingleCertHelper::InitRootCert()
-{
-    UPDATER_INIT_RECORD;
-#ifndef DIFF_PATCH_SDK
-    return SetRootCertInfo(Utils::GetCertName());
 #endif
 
     return 0;
@@ -126,12 +120,6 @@ int32_t SingleCertHelper::VerifySingleCert(X509 *cert)
 
 int32_t SingleCertHelper::CompareCertSubjectAndIssuer(X509 *cert)
 {
-    if (rootInfo_.subject.empty() || rootInfo_.issuer.empty()) {
-        PKG_LOGW("rootInfo_ is null");
-        if (SetRootCertInfo("/etc/certificate/signing_cert.crt") != 0) {
-            return -1;
-        }
-    }
     string certSubject = GetX509CertSubjectName(cert);
     string certIssuer = GetX509CertIssuerName(cert);
     if (rootInfo_.subject.compare(certSubject) == 0 &&
-- 
Gitee


From 63526bc46065ebd16e5e8439119247f547252a02 Mon Sep 17 00:00:00 2001
From: Richard <1256827031@qq.com>
Date: Tue, 20 May 2025 09:31:54 +0000
Subject: [PATCH 5/6] fix

Signed-off-by: Richard <1256827031@qq.com>
---
 services/package/BUILD.gn | 29 ++++++++++++++++++++++-------
 1 file changed, 22 insertions(+), 7 deletions(-)

diff --git a/services/package/BUILD.gn b/services/package/BUILD.gn
index e77a4707..cc45967a 100644
--- a/services/package/BUILD.gn
+++ b/services/package/BUILD.gn
@@ -85,8 +85,15 @@ ohos_static_library("libupdaterpackage") {
     "${updater_path}/services/log:libupdaterlog",
   ]
 
-  if (!is_linux && !is_mingw && !is_mac && host_cpu != "arm64") {
-    deps += [ "../rust/hash_signed_data:rust_hash_signed_data" ]
+  if (!is_linux && !is_mingw && !is_mac) {
+    if (host_cpu != "arm64") {
+      deps += [ "../rust/hash_signed_data:rust_hash_signed_data" ]
+    } 
+    deps += [
+      "${updater_path}/interfaces/kits/misc_info:libmiscinfo",
+      "${updater_path}/services/fs_manager:libfsmanager",
+      "${updater_path}/utils:libutils",
+    ]
   }
 
   external_deps = [
@@ -117,6 +124,9 @@ ohos_static_library("libupdaterpackage") {
     ]
   }
   defines = [ "OPENSSL_SUPPRESS_DEPRECATED" ]
+  if (is_linux || is_mingw || is_mac) {
+    defines += [ "DIFF_PATCH_SDK" ]
+  }
 
   subsystem_name = "updater"
   part_name = "updater"
@@ -138,16 +148,21 @@ ohos_shared_library("libupdaterpackage_shared") {
   ]
 
   if (!is_linux && !is_mingw && !is_mac) {
-    deps += [ "../rust/hash_signed_data:rust_hash_signed_data" ]
+    deps += [
+      "../rust/hash_signed_data:rust_hash_signed_data",
+      "${updater_path}/utils:libutils",
+      "${updater_path}/interfaces/kits/misc_info:libmiscinfo",
+      "${updater_path}/services/fs_manager:libfsmanager",
+    ]
   }
 
   configs = [ ":package_config" ]
 
   public_configs = [ ":libupdaterpackage_exported_headers" ]
-  defines = [
-    "DIFF_PATCH_SDK",
-    "OPENSSL_SUPPRESS_DEPRECATED",
-  ]
+  defines = [ "OPENSSL_SUPPRESS_DEPRECATED" ]
+  if (is_linux || is_mingw || is_mac) {
+    defines += [ "DIFF_PATCH_SDK" ]
+  }
 
   subsystem_name = "updater"
   part_name = "updater"
-- 
Gitee


From fc308cd6be90d10e335ff4de692dc6d35dc803bd Mon Sep 17 00:00:00 2001
From: Richard <1256827031@qq.com>
Date: Tue, 20 May 2025 09:33:46 +0000
Subject: [PATCH 6/6] add

Signed-off-by: Richard <1256827031@qq.com>
---
 services/package/pkg_verify/cert_verify.cpp | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/services/package/pkg_verify/cert_verify.cpp b/services/package/pkg_verify/cert_verify.cpp
index 6a954544..f5bbfe31 100644
--- a/services/package/pkg_verify/cert_verify.cpp
+++ b/services/package/pkg_verify/cert_verify.cpp
@@ -120,6 +120,10 @@ int32_t SingleCertHelper::VerifySingleCert(X509 *cert)
 
 int32_t SingleCertHelper::CompareCertSubjectAndIssuer(X509 *cert)
 {
+    if (rootInfo_.subject.empty() || rootInfo_.issuer.empty()) {
+        PKG_LOGW("rootInfo_ is null");
+        return -1;
+    }
     string certSubject = GetX509CertSubjectName(cert);
     string certIssuer = GetX509CertIssuerName(cert);
     if (rootInfo_.subject.compare(certSubject) == 0 &&
-- 
Gitee