openharmony/bundlemanager_bundle_framework
1
0
Fork 0
mirror of https://gitee.com/openharmony/bundlemanager_bundle_framework synced 2024-11-23 07:09:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

代码保护兜底

Browse Source 
Signed-off-by: zhaogan <zhaogan2@huawei.com>
This commit is contained in:
zhaogan 2024-09-10 15:42:50 +08:00
parent de03d5014a
commit a37fc0c8da
19 changed files with 295 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
interfaces/inner_api/appexecfwk_base/include/application_info.h
View File

@ -66,8 +66,10 @@ enum class CompatiblePolicy {
BACKWARD_COMPATIBILITY = 1,
};
// Each bit of this ApplicationReservedFlag value identifies relevant information
enum class ApplicationReservedFlag {
ENCRYPTED_APPLICATION = 0x00000001,
ENCRYPTED_KEY_EXISTED = 0x00000002,
};
enum class MultiAppModeType : uint8_t {
@ -221,7 +223,7 @@ struct ApplicationInfo : public Parcelable {
bool distributedNotificationEnabled = true;
std::vector<int32_t> resourcesApply;
std::vector<std::string> allowCommonEvent;
bool allowEnableNotification = false;
bool gwpAsanEnabled = false;
int32_t supportedModes = 0; // returns 0 if the application does not support the driving mode

3
interfaces/inner_api/appexecfwk_core/include/bundle_framework_core_ipc_interface_code.h
View File

@ -186,7 +186,8 @@ enum class BundleMgrInterfaceCode : uint32_t {
GET_ODID_BY_BUNDLENAME,
GET_BUNDLE_INFOS_FOR_CONTINUATION,
GET_CONTINUE_BUNDLE_NAMES,
GET_LAUNCH_WANT
GET_LAUNCH_WANT,
UPDATE_APP_ENCRYPTED_KEY_STATUS
};
/* SAID: 401-85 Interface No.85 subservice also provides the following interfaces */

2
interfaces/inner_api/appexecfwk_core/include/bundlemgr/bundle_mgr_host.h
View File

@ -819,6 +819,8 @@ private:
ErrCode HandleGetOdidByBundleName(MessageParcel &data, MessageParcel &reply);
ErrCode HandleUpdateAppEncryptedStatus(MessageParcel &data, MessageParcel &reply);
/**
* @brief Handles the GetBundleInfosForContinuation function called from a IBundleMgr proxy object.
* @param data Indicates the data to be read.

5
interfaces/inner_api/appexecfwk_core/include/bundlemgr/bundle_mgr_interface.h
View File

@ -1541,6 +1541,11 @@ public:
return ERR_APPEXECFWK_SERVICE_INTERNAL_ERROR;
}
virtual ErrCode UpdateAppEncryptedStatus(const std::string &bundleName, bool isExisted, int32_t appIndex = 0)
{
return ERR_APPEXECFWK_SERVICE_INTERNAL_ERROR;
}
virtual ErrCode AddDesktopShortcutInfo(const ShortcutInfo &shortcutInfo, int32_t userId)
{
return ERR_APPEXECFWK_SERVICE_INTERNAL_ERROR;

5
interfaces/inner_api/appexecfwk_core/include/bundlemgr/bundle_mgr_proxy.h
View File

@ -1005,6 +1005,9 @@ public:
virtual ErrCode CreateBundleDataDir(int32_t userId) override;
virtual ErrCode UpdateAppEncryptedStatus(const std::string &bundleName,
bool isExisted, int32_t appIndex = 0) override;
/**
* @brief Check whether the link can be opened.
* @param link Indicates the link to be opened.
@ -1077,7 +1080,7 @@ public:
virtual ErrCode QueryCloneExtensionAbilityInfoWithAppIndex(const ElementName &elementName, int32_t flags,
int32_t appIndex, ExtensionAbilityInfo &extensionAbilityInfo,
int32_t userId = Constants::UNSPECIFIED_USERID) override;
virtual ErrCode GetSignatureInfoByBundleName(const std::string &bundleName, SignatureInfo &signatureInfo) override;
virtual ErrCode AddDesktopShortcutInfo(const ShortcutInfo &shortcutInfo, int32_t userId) override;

18
interfaces/inner_api/appexecfwk_core/src/bundlemgr/bundle_mgr_host.cpp
View File

@ -600,6 +600,9 @@ int BundleMgrHost::OnRemoteRequest(uint32_t code, MessageParcel &data, MessagePa
case static_cast<uint32_t>(BundleMgrInterfaceCode::GET_CONTINUE_BUNDLE_NAMES):
errCode = HandleGetContinueBundleNames(data, reply);
break;
case static_cast<uint32_t>(BundleMgrInterfaceCode::UPDATE_APP_ENCRYPTED_KEY_STATUS):
errCode = HandleUpdateAppEncryptedStatus(data, reply);
break;
default :
APP_LOGW("bundleMgr host receives unknown code %{public}u", code);
return IPCObjectStub::OnRemoteRequest(code, data, reply, option);
@ -3965,6 +3968,19 @@ ErrCode BundleMgrHost::HandleGetSignatureInfoByBundleName(MessageParcel &data, M
return ret;
}
ErrCode BundleMgrHost::HandleUpdateAppEncryptedStatus(MessageParcel &data, MessageParcel &reply)
{
std::string name = data.ReadString();
bool isExisted = data.ReadBool();
int32_t appIndex = data.ReadInt32();
ErrCode ret = UpdateAppEncryptedStatus(name, isExisted, appIndex);
if (!reply.WriteInt32(ret)) {
APP_LOGE("write failed");
return ERR_APPEXECFWK_PARCEL_ERROR;
}
return ERR_OK;
}
ErrCode BundleMgrHost::HandleAddDesktopShortcutInfo(MessageParcel &data, MessageParcel &reply)
{
HITRACE_METER_NAME(HITRACE_TAG_APP, __PRETTY_FUNCTION__);
@ -4041,7 +4057,7 @@ ErrCode BundleMgrHost::HandleGetBundleInfosForContinuation(MessageParcel &data,
HITRACE_METER_NAME(HITRACE_TAG_APP, __PRETTY_FUNCTION__);
int flags = data.ReadInt32();
int userId = data.ReadInt32();
std::vector<BundleInfo> infos;
reply.SetDataCapacity(MAX_CAPACITY_BUNDLES);
bool ret = GetBundleInfosForContinuation(flags, infos, userId);

28
interfaces/inner_api/appexecfwk_core/src/bundlemgr/bundle_mgr_proxy.cpp
View File

@ -5107,6 +5107,34 @@ ErrCode BundleMgrProxy::GetSignatureInfoByBundleName(const std::string &bundleNa
return GetParcelInfoIntelligent<SignatureInfo>(BundleMgrInterfaceCode::GET_SIGNATURE_INFO, data, signatureInfo);
}
ErrCode BundleMgrProxy::UpdateAppEncryptedStatus(const std::string &bundleName, bool isExisted, int32_t appIndex)
{
HITRACE_METER_NAME(HITRACE_TAG_APP, __PRETTY_FUNCTION__);
MessageParcel data;
if (!data.WriteInterfaceToken(GetDescriptor())) {
APP_LOGE("UpdateAppEncryptedStatus write InterfaceToken fail");
return ERR_APPEXECFWK_PARCEL_ERROR;
}
if (!data.WriteString(bundleName)) {
APP_LOGE("write bundleName fail");
return ERR_APPEXECFWK_PARCEL_ERROR;
}
if (!data.WriteBool(isExisted)) {
APP_LOGE("write isExisted failed");
return ERR_APPEXECFWK_PARCEL_ERROR;
}
if (!data.WriteInt32(appIndex)) {
APP_LOGE("write appIndex fail");
return ERR_APPEXECFWK_PARCEL_ERROR;
}
MessageParcel reply;
if (!SendTransactCmd(BundleMgrInterfaceCode::UPDATE_APP_ENCRYPTED_KEY_STATUS, data, reply)) {
APP_LOGE("SendTransactCmd failed");
return ERR_BUNDLE_MANAGER_IPC_TRANSACTION;
}
return reply.ReadInt32();
}
ErrCode BundleMgrProxy::AddDesktopShortcutInfo(const ShortcutInfo &shortcutInfo, int32_t userId)
{
HITRACE_METER_NAME(HITRACE_TAG_APP, __PRETTY_FUNCTION__);

2
services/bundlemgr/include/base_bundle_installer.h
View File

@ -670,6 +670,8 @@ private:
const InnerBundleInfo &innerBundleInfo);
bool UpdateEncryptedStatus();
bool DeleteEncryptedStatus(const std::string &bundleName, int32_t uid);
void ProcessEncryptedKeyExisted(int32_t res, uint32_t type,
const std::vector<CodeProtectBundleInfo> &infos);
ErrCode VerifyCodeSignatureForNativeFiles(InnerBundleInfo &info, const std::string &cpuAbi,
const std::string &targetSoPath, const std::string &signatureFileDir) const;
ErrCode VerifyCodeSignatureForHap(const std::unordered_map<std::string, InnerBundleInfo> &infos,

2
services/bundlemgr/include/bundle_data_mgr.h
View File

@ -948,6 +948,8 @@ public:
ErrCode GetSignatureInfoByBundleName(const std::string &bundleName, SignatureInfo &signatureInfo) const;
ErrCode UpdateAppEncryptedStatus(const std::string &bundleName, bool isExisted, int32_t appIndex = 0);
ErrCode AddDesktopShortcutInfo(const ShortcutInfo &shortcutInfo, int32_t userId);
ErrCode DeleteDesktopShortcutInfo(const ShortcutInfo &shortcutInfo, int32_t userId);
ErrCode GetAllDesktopShortcutInfo(int32_t userId, std::vector<ShortcutInfo> &shortcutInfos);

3
services/bundlemgr/include/bundle_mgr_host_impl.h
View File

@ -1009,6 +1009,9 @@ public:
virtual ErrCode GetOdidByBundleName(const std::string &bundleName, std::string &odid) override;
virtual ErrCode UpdateAppEncryptedStatus(const std::string &bundleName,
bool isExisted, int32_t appIndex = 0) override;
/**
* @brief Obtains continuable BundleInfo of all bundles available in the system.
* @param flags Indicates the flag used to specify information contained in the BundleInfo that will be returned.

4
services/bundlemgr/include/inner_bundle_clone_info.h
View File

@ -23,7 +23,7 @@ namespace OHOS {
namespace AppExecFwk {
struct InnerBundleCloneInfo {
int32_t userId = Constants::INVALID_USERID;
// Indicates whether the bundle is disabled.
bool enabled = true;
@ -44,6 +44,8 @@ struct InnerBundleCloneInfo {
// The time(unix time) will be recalculated
// if the application is reinstalled after being uninstalled.
int64_t installTime = 0;
bool encryptedKeyExisted = false;
};
void from_json(const nlohmann::json& jsonObject, InnerBundleCloneInfo& bundleCloneInfo);

2
services/bundlemgr/include/inner_bundle_info.h
View File

@ -2210,6 +2210,7 @@ public:
void AdaptMainLauncherResourceInfo(ApplicationInfo &applicationInfo) const;
bool IsHwasanEnabled() const;
bool IsUbsanEnabled() const;
ErrCode UpdateAppEncryptedStatus(const std::string &bundleName, bool isExisted, int32_t appIndex);
std::set<int32_t> GetCloneBundleAppIndexes() const;
static uint8_t GetSanitizerFlag(GetInnerModuleInfoFlag flag);
@ -2236,6 +2237,7 @@ private:
void InnerProcessRequestPermissions(
const std::unordered_map<std::string, std::string> &moduleNameMap,
std::vector<RequestPermission> &requestPermissions) const;
void GetApplicationReservedFlagAdaptClone(ApplicationInfo &appInfo, int32_t appIndex) const;
// using for get
Constants::AppType appType_ = Constants::AppType::THIRD_PARTY_APP;

72
services/bundlemgr/src/base_bundle_installer.cpp
View File

@ -4360,28 +4360,70 @@ bool BaseBundleInstaller::UpdateEncryptedStatus()
info.applicationReservedFlag = innerBundleInfo.GetApplicationReservedFlag();
info.uid = innerBundleInfo.GetUid(userId_);
std::vector<CodeProtectBundleInfo> infos { info };
bool oldAppEncrypted = oldApplicationReservedFlag_ &
static_cast<uint32_t>(ApplicationReservedFlag::ENCRYPTED_APPLICATION);
bool newAppEncrypted = innerBundleInfo.GetApplicationReservedFlag() &
static_cast<uint32_t>(ApplicationReservedFlag::ENCRYPTED_APPLICATION);
BmsExtensionDataMgr bmsExtensionDataMgr;
if (!isAppExist_ && (innerBundleInfo.GetApplicationReservedFlag() ==
static_cast<uint32_t>(ApplicationReservedFlag::ENCRYPTED_APPLICATION))) {
if (!isAppExist_ && newAppEncrypted) {
// add a new encrypted app, need to add operation
return bmsExtensionDataMgr.KeyOperation(infos, CodeOperation::ADD) == ERR_OK;
auto res = bmsExtensionDataMgr.KeyOperation(infos, CodeOperation::ADD);
ProcessEncryptedKeyExisted(res, CodeOperation::ADD, infos);
return res == ERR_OK;
}
if (isAppExist_ && (oldApplicationReservedFlag_ ==
static_cast<uint32_t>(ApplicationReservedFlag::ENCRYPTED_APPLICATION))
&& (innerBundleInfo.GetApplicationReservedFlag() !=
static_cast<uint32_t>(ApplicationReservedFlag::ENCRYPTED_APPLICATION))) {
if (isAppExist_ && oldAppEncrypted && !newAppEncrypted) {
// new app is not a encrypted app, need to delete operation on main app & all clone app
return bmsExtensionDataMgr.KeyOperation(infos, CodeOperation::DELETE) == ERR_OK;
auto res = bmsExtensionDataMgr.KeyOperation(infos, CodeOperation::DELETE);
ProcessEncryptedKeyExisted(res, CodeOperation::DELETE, infos);
return res == ERR_OK;
}
if (isAppExist_ && (innerBundleInfo.GetApplicationReservedFlag() ==
static_cast<uint32_t>(ApplicationReservedFlag::ENCRYPTED_APPLICATION))) {
if (isAppExist_ && newAppEncrypted) {
// update a new encrypted app, need to update operation
GetAllConeCodeProtectBundleInfos(infos, innerBundleInfo);
return bmsExtensionDataMgr.KeyOperation(infos, CodeOperation::UPDATE) == ERR_OK;
auto res = bmsExtensionDataMgr.KeyOperation(infos, CodeOperation::UPDATE);
ProcessEncryptedKeyExisted(res, CodeOperation::UPDATE, infos);
return res == ERR_OK;
}
return true;
}
void BaseBundleInstaller::ProcessEncryptedKeyExisted(int32_t res, uint32_t type,
const std::vector<CodeProtectBundleInfo> &infos)
{
if (!InitDataMgr() || infos.empty()) {
LOG_E(BMS_TAG_INSTALLER, "init failed or infos is empty");
return;
}
std::string bundleName = infos.begin()->bundleName;
if (type == CodeOperation::ADD) {
if (res == ERR_OK) {
dataMgr_->UpdateAppEncryptedStatus(bundleName, true, 0);
} else {
dataMgr_->UpdateAppEncryptedStatus(bundleName, false, 0);
}
return;
} else if (type == CodeOperation::DELETE) {
if (res == ERR_OK) {
dataMgr_->UpdateAppEncryptedStatus(bundleName, false, 0);
} else {
dataMgr_->UpdateAppEncryptedStatus(bundleName, true, 0);
}
return;
}
// UPDATE
if (res == ERR_OK) {
dataMgr_->UpdateAppEncryptedStatus(bundleName, true, 0);
for (const auto &codeProtectBundleInfo : infos) {
dataMgr_->UpdateAppEncryptedStatus(bundleName, true, codeProtectBundleInfo.appIndex);
}
} else {
dataMgr_->UpdateAppEncryptedStatus(bundleName, false, 0);
for (const auto &codeProtectBundleInfo : infos) {
dataMgr_->UpdateAppEncryptedStatus(bundleName, false, codeProtectBundleInfo.appIndex);
}
}
}
void BaseBundleInstaller::GetAllConeCodeProtectBundleInfos(std::vector<CodeProtectBundleInfo> &infos,
const InnerBundleInfo &innerBundleInfo)
{
@ -4410,7 +4452,9 @@ void BaseBundleInstaller::GetAllConeCodeProtectBundleInfos(std::vector<CodeProte
bool BaseBundleInstaller::DeleteEncryptedStatus(const std::string &bundleName, int32_t uid)
{
if (oldApplicationReservedFlag_ != static_cast<uint32_t>(ApplicationReservedFlag::ENCRYPTED_APPLICATION)) {
bool oldAppEncrypted = oldApplicationReservedFlag_ &
static_cast<uint32_t>(ApplicationReservedFlag::ENCRYPTED_APPLICATION);
if (!oldAppEncrypted) {
return true;
}
CodeProtectBundleInfo info;
@ -4646,6 +4690,10 @@ void BaseBundleInstaller::ResetInstallProperties()
appIdentifier_.clear();
targetSoPathMap_.clear();
isAppService_ = false;
oldApplicationReservedFlag_ = 0;
newExtensionDirs_.clear();
createExtensionDirs_.clear();
removeExtensionDirs_.clear();
}
void BaseBundleInstaller::OnSingletonChange(bool killProcess)

25
services/bundlemgr/src/bundle_data_mgr.cpp
View File

@ -8316,6 +8316,31 @@ ErrCode BundleDataMgr::GetSignatureInfoByBundleName(const std::string &bundleNam
return ERR_OK;
}
ErrCode BundleDataMgr::UpdateAppEncryptedStatus(
const std::string &bundleName, bool isExisted, int32_t appIndex)
{
std::unique_lock<std::shared_mutex> lock(bundleInfoMutex_);
auto item = bundleInfos_.find(bundleName);
if (item == bundleInfos_.end()) {
LOG_E(BMS_TAG_DEFAULT, "%{public}s not exist", bundleName.c_str());
return ERR_BUNDLE_MANAGER_BUNDLE_NOT_EXIST;
}
auto res = item->second.UpdateAppEncryptedStatus(bundleName, isExisted, appIndex);
if (res != ERR_OK) {
LOG_E(BMS_TAG_DEFAULT, "UpdateAppEncryptedStatus failed %{public}s %{public}d", bundleName.c_str(), res);
return res;
}
if (dataStorage_ == nullptr) {
LOG_E(BMS_TAG_DEFAULT, "dataStorage_ nullptr");
return ERR_BUNDLE_MANAGER_INTERNAL_ERROR;
}
if (!dataStorage_->SaveStorageBundleInfo(item->second)) {
APP_LOGE("SaveStorageBundleInfo failed for bundle %{public}s", bundleName.c_str());
return ERR_BUNDLE_MANAGER_INTERNAL_ERROR;
}
return ERR_OK;
}
ErrCode BundleDataMgr::AddDesktopShortcutInfo(const ShortcutInfo &shortcutInfo, int32_t userId)
{
int32_t requestUserId = GetUserId(userId);

15
services/bundlemgr/src/bundle_mgr_host_impl.cpp
View File

@ -3804,6 +3804,21 @@ ErrCode BundleMgrHostImpl::CreateBundleDataDir(int32_t userId)
return dataMgr->CreateBundleDataDir(userId);
}
ErrCode BundleMgrHostImpl::UpdateAppEncryptedStatus(const std::string &bundleName, bool isExisted, int32_t appIndex)
{
if (!BundlePermissionMgr::IsCallingUidValid(Constants::CODE_PROTECT_UID)) {
APP_LOGE("IsCallingUidValid failed");
return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
}
auto dataMgr = GetDataMgrFromService();
if (dataMgr == nullptr) {
APP_LOGE("DataMgr is nullptr");
return ERR_BUNDLE_MANAGER_INTERNAL_ERROR;
}
return dataMgr->UpdateAppEncryptedStatus(bundleName, isExisted, appIndex);
}
sptr<IBundleResource> BundleMgrHostImpl::GetBundleResourceProxy()
{
#ifdef BUNDLE_FRAMEWORK_BUNDLE_RESOURCE

13
services/bundlemgr/src/clone/bundle_clone_installer.cpp
View File

@ -324,8 +324,9 @@ bool BundleCloneInstaller::AddKeyOperation(
APP_LOGE("get failed");
return false;
}
if (innerBundleInfo.GetApplicationReservedFlag() !=
static_cast<uint32_t>(ApplicationReservedFlag::ENCRYPTED_APPLICATION)) {
bool appEncrypted = innerBundleInfo.GetApplicationReservedFlag() &
static_cast<uint32_t>(ApplicationReservedFlag::ENCRYPTED_APPLICATION);
if (!appEncrypted) {
return true;
}
CodeProtectBundleInfo info;
@ -336,7 +337,13 @@ bool BundleCloneInstaller::AddKeyOperation(
info.appIndex = appIndex;
BmsExtensionDataMgr bmsExtensionDataMgr;
return bmsExtensionDataMgr.KeyOperation(std::vector<CodeProtectBundleInfo> { info }, CodeOperation::ADD) == ERR_OK;
auto res = bmsExtensionDataMgr.KeyOperation(std::vector<CodeProtectBundleInfo> { info }, CodeOperation::ADD);
if (res == ERR_OK) {
dataMgr_->UpdateAppEncryptedStatus(bundleName, true, appIndex);
} else {
dataMgr_->UpdateAppEncryptedStatus(bundleName, false, appIndex);
}
return res == ERR_OK;
}
ErrCode BundleCloneInstaller::CreateCloneDataDir(InnerBundleInfo &info,

4
services/bundlemgr/src/inner_bundle_clone_info.cpp
View File

@ -27,6 +27,7 @@ const std::string BUNDLE_CLONE_INFO_DISABLE_ABILITIES = "disabledAbilities";
const std::string BUNDLE_CLONE_INFO_ACCESS_TOKEN_ID = "accessTokenId";
const std::string BUNDLE_CLONE_INFO_ACCESS_TOKEN_ID_EX = "accessTokenIdEx";
const std::string BUNDLE_CLONE_INFO_INSTALL_TIME = "installTime";
const std::string BUNDLE_CLONE_INFO_ENCRYPTED_KEY_EXISTED = "encryptedKeyExisted";
} // namespace
void to_json(nlohmann::json& jsonObject, const InnerBundleCloneInfo& bundleCloneInfo)
@ -41,6 +42,7 @@ void to_json(nlohmann::json& jsonObject, const InnerBundleCloneInfo& bundleClone
{BUNDLE_CLONE_INFO_ACCESS_TOKEN_ID, bundleCloneInfo.accessTokenId},
{BUNDLE_CLONE_INFO_ACCESS_TOKEN_ID_EX, bundleCloneInfo.accessTokenIdEx},
{BUNDLE_CLONE_INFO_INSTALL_TIME, bundleCloneInfo.installTime},
{BUNDLE_CLONE_INFO_ENCRYPTED_KEY_EXISTED, bundleCloneInfo.encryptedKeyExisted}
};
}
@ -66,6 +68,8 @@ void from_json(const nlohmann::json& jsonObject, InnerBundleCloneInfo& bundleClo
bundleCloneInfo.accessTokenIdEx, JsonType::NUMBER, false, parseResult, ArrayType::NOT_ARRAY);
GetValueIfFindKey<int64_t>(jsonObject, jsonObjectEnd, BUNDLE_CLONE_INFO_INSTALL_TIME,
bundleCloneInfo.installTime, JsonType::NUMBER, false, parseResult, ArrayType::NOT_ARRAY);
GetValueIfFindKey<bool>(jsonObject, jsonObjectEnd, BUNDLE_CLONE_INFO_ENCRYPTED_KEY_EXISTED,
bundleCloneInfo.encryptedKeyExisted, JsonType::BOOLEAN, false, parseResult, ArrayType::NOT_ARRAY);
if (parseResult != ERR_OK) {
APP_LOGE("read module bundleCloneInfo from jsonObject error, error code : %{public}d", parseResult);
}

55
services/bundlemgr/src/inner_bundle_info.cpp
View File

@ -2504,6 +2504,7 @@ void InnerBundleInfo::ProcessBundleFlags(
GetApplicationInfoV9(static_cast<int32_t>(GetApplicationFlag::GET_APPLICATION_INFO_DEFAULT), userId,
bundleInfo.applicationInfo, appIndex);
}
GetApplicationReservedFlagAdaptClone(bundleInfo.applicationInfo, appIndex);
}
bundleInfo.applicationInfo.appIndex = appIndex;
GetBundleWithReqPermissionsV9(flags, userId, bundleInfo, appIndex);
@ -2516,6 +2517,35 @@ void InnerBundleInfo::ProcessBundleFlags(
}
}
void InnerBundleInfo::GetApplicationReservedFlagAdaptClone(ApplicationInfo &appInfo, int32_t appIndex) const
{
if (appIndex == 0) {
return;
}
bool encryptedKeyExisted = false;
bool hasFoundAppIndex = false;
for (auto &innerUserInfo : innerBundleUserInfos_) {
auto cloneIter = innerUserInfo.second.cloneInfos.find(std::to_string(appIndex));
if (cloneIter == innerUserInfo.second.cloneInfos.end()) {
continue;
}
hasFoundAppIndex = true;
encryptedKeyExisted = cloneIter->second.encryptedKeyExisted;
break;
}
if (!hasFoundAppIndex) {
APP_LOGE("index %{public}d not found", appIndex);
return;
}
if (encryptedKeyExisted) {
// Set the second bit to 1
appInfo.applicationReservedFlag |= static_cast<uint32_t>(ApplicationReservedFlag::ENCRYPTED_KEY_EXISTED);
} else {
// Set the second bit to 0
appInfo.applicationReservedFlag &= ~(static_cast<uint32_t>(ApplicationReservedFlag::ENCRYPTED_KEY_EXISTED));
}
}
void InnerBundleInfo::GetBundleWithReqPermissionsV9(
int32_t flags, int32_t userId, BundleInfo &bundleInfo, int32_t appIndex) const
{
@ -3558,6 +3588,31 @@ bool InnerBundleInfo::SetModuleRemovable(const std::string &moduleName, bool isE
return false;
}
ErrCode InnerBundleInfo::UpdateAppEncryptedStatus(const std::string &bundleName, bool isExisted, int32_t appIndex)
{
APP_LOGI("update encrypted key %{public}s %{public}d %{public}d", bundleName.c_str(), isExisted, appIndex);
if (appIndex == 0) {
if (isExisted) {
// Set the second bit to 1
SetApplicationReservedFlag(static_cast<uint32_t>(ApplicationReservedFlag::ENCRYPTED_KEY_EXISTED));
} else {
// Set the second bit to 0
ClearApplicationReservedFlag(static_cast<uint32_t>(ApplicationReservedFlag::ENCRYPTED_KEY_EXISTED));
}
return ERR_OK;
}
bool hasFoundAppIndex = false;
for (auto &innerUserInfo : innerBundleUserInfos_) {
auto cloneIter = innerUserInfo.second.cloneInfos.find(std::to_string(appIndex));
if (cloneIter == innerUserInfo.second.cloneInfos.end()) {
continue;
}
hasFoundAppIndex = true;
cloneIter->second.encryptedKeyExisted = isExisted;
}
return hasFoundAppIndex ? ERR_OK : ERR_APPEXECFWK_CLONE_QUERY_NO_CLONE_APP;
}
void InnerBundleInfo::DeleteModuleRemovableInfo(InnerModuleInfo &info, const std::string &stringUserId)
{
auto item = info.isRemovable.find(stringUserId);

54
test/systemtest/common/bms/acts_bms_kit_system_test/acts_bms_kit_system_test.cpp
View File

@ -6471,6 +6471,58 @@ HWTEST_F(ActsBmsKitSystemTest, CheckAbilityEnabled_0400, Function | SmallTest |
std::cout << "END GetUdidByNetworkId_0100" << std::endl;
}
/**
* @tc.number: UpdateAppEncryptedStatus_0001
* @tc.name: test UpdateAppEncryptedStatus interface
* @tc.desc: 1.ret is no permission
*/
HWTEST_F(ActsBmsKitSystemTest, UpdateAppEncryptedStatus_0001, Function | MediumTest | Level1)
{
sptr<BundleMgrProxy> bundleMgrProxy = GetBundleMgrProxy();
ASSERT_NE(bundleMgrProxy, nullptr);
std::string bundleName = "com.example.test";
ErrCode ret = bundleMgrProxy->UpdateAppEncryptedStatus(bundleName, true);
EXPECT_EQ(ret, ERR_BUNDLE_MANAGER_PERMISSION_DENIED);
}
/**
* @tc.number: UpdateAppEncryptedStatus_0002
* @tc.name: test UpdateAppEncryptedStatus interface
* @tc.desc: 1.ret is no permission
*/
HWTEST_F(ActsBmsKitSystemTest, UpdateAppEncryptedStatus_0002, Function | MediumTest | Level1)
{
std::vector<std::string> resvec;
std::string bundleFilePath = THIRD_BUNDLE_PATH + "bmsThirdBundle24.hap";
std::string appName = BASE_BUNDLE_NAME + "1";
Install(bundleFilePath, InstallFlag::REPLACE_EXISTING, resvec);
CommonTool commonTool;
std::string installResult = commonTool.VectorToStr(resvec);
EXPECT_EQ(installResult, "Success") << "install fail!";
sptr<BundleMgrProxy> bundleMgrProxy = GetBundleMgrProxy();
ASSERT_NE(bundleMgrProxy, nullptr);
setuid(7666);
ErrCode ret = bundleMgrProxy->UpdateAppEncryptedStatus(appName, true);
EXPECT_EQ(ret, ERR_OK);
setuid(0);
BundleInfo bundleInfo;
auto getInfoResult = bundleMgrProxy->GetBundleInfoV9(appName,
static_cast<int32_t>(GetBundleInfoFlag::GET_BUNDLE_INFO_WITH_APPLICATION), bundleInfo, USERID);
EXPECT_EQ(getInfoResult, ERR_OK);
uint32_t applicationReservedFlag = bundleInfo.applicationInfo.applicationReservedFlag;
bool appEncryptedKey = applicationReservedFlag &
static_cast<uint32_t>(ApplicationReservedFlag::ENCRYPTED_KEY_EXISTED);
EXPECT_TRUE(appEncryptedKey);
EXPECT_EQ(bundleInfo.applicationInfo.name, appName);
resvec.clear();
Uninstall(appName, resvec);
std::string uninstallResult = commonTool.VectorToStr(resvec);
EXPECT_EQ(uninstallResult, "Success") << "uninstall fail!";
}
/**
* @tc.number: CheckCloneAbilityEnabled_0100
* @tc.name: test SetCloneAbilityEnabled and IsCloneAbilityEnabled proxy
@ -9517,7 +9569,7 @@ HWTEST_F(ActsBmsKitSystemTest, GetSignatureInfoByBundleName_0100, Function | Med
sptr<BundleMgrProxy> bundleMgrProxy = GetBundleMgrProxy();
ASSERT_NE(bundleMgrProxy, nullptr);
setuid(5523);
SignatureInfo info;