From 41c75c8fda4bfe8a48ef5681c4d7334ef5d52b1d Mon Sep 17 00:00:00 2001 From: fuzikun Date: Mon, 30 May 2022 10:22:36 +0800 Subject: [PATCH] support asysmetric credential Signed-off-by: fuzikun --- .../impl/src/small/mbedtls_ec_adapter.c | 2 +- .../interfaces/alg_defs.h | 1 + frameworks/inc/ipc_sdk.h | 2 + frameworks/src/ipc_sdk.c | 144 +++- frameworks/src/ipc_service.c | 66 ++ frameworks/src/lite/ipc_adapt.c | 11 +- frameworks/src/lite/ipc_callback_stub.c | 2 +- frameworks/src/lite/ipc_dev_auth_proxy.c | 2 +- frameworks/src/lite/ipc_dev_auth_stub.c | 4 +- frameworks/src/standard/ipc_adapt.cpp | 7 - frameworks/src/standard/ipc_callback_stub.cpp | 2 +- frameworks/src/standard/ipc_dev_auth_stub.cpp | 2 +- interfaces/innerkits/device_auth.h | 17 +- interfaces/innerkits/device_auth_defines.h | 1 + .../inc/account_related/account_module.h | 12 +- .../account_related/account_module_defines.h | 5 +- .../pake_v2_auth_task_common.h | 4 +- .../asy_token_manager.h | 14 - .../creds_manager/sym_token_manager.h | 52 ++ .../src/account_related/account_module.c | 123 ++-- .../pake_v2_auth_client_task.c | 2 +- .../pake_v2_auth_server_task.c | 2 +- .../asy_token_manager.c | 76 +- .../creds_manager/sym_token_manager.c | 653 ++++++++++++++++++ .../account_module_mock.c | 2 +- .../src/account_unrelated/das_module.c | 2 +- services/data_manager/src/data_manager.c | 18 +- services/device_auth.c | 2 + services/deviceauth_account.gni | 7 +- .../src/module/dev_auth_module_manager.c | 2 +- .../group_manager/inc/across_account_group.h | 2 + services/group_manager/inc/group_manager.h | 2 + services/group_manager/inc/group_operation.h | 2 + .../inc/group_operation_common.h | 17 +- .../inc/identical_account_group.h | 3 +- services/group_manager/src/group_manager.c | 12 + .../across_account_group.c | 294 +++++++- .../src/group_operation/group_operation.c | 111 ++- .../group_operation/group_operation_common.c | 197 +++--- .../identical_account_group.c | 555 ++++++++++----- .../peer_to_peer_group/peer_to_peer_group.c | 61 +- .../bind_session/bind_session_common.c | 9 +- .../source/deviceauth_standard_test.cpp | 60 ++ 43 files changed, 2073 insertions(+), 491 deletions(-) rename services/authenticators/inc/account_related/creds_manager/{asysmetric_token_manager => }/asy_token_manager.h (84%) create mode 100644 services/authenticators/inc/account_related/creds_manager/sym_token_manager.h rename services/authenticators/src/account_related/creds_manager/{asysmetric_token_manager => }/asy_token_manager.c (95%) create mode 100644 services/authenticators/src/account_related/creds_manager/sym_token_manager.c diff --git a/deps_adapter/key_management_adapter/impl/src/small/mbedtls_ec_adapter.c b/deps_adapter/key_management_adapter/impl/src/small/mbedtls_ec_adapter.c index 42f5bb2..d0b87ad 100644 --- a/deps_adapter/key_management_adapter/impl/src/small/mbedtls_ec_adapter.c +++ b/deps_adapter/key_management_adapter/impl/src/small/mbedtls_ec_adapter.c @@ -268,7 +268,7 @@ int32_t MbedtlsHashToPoint(const Uint8Buff *hash, Uint8Buff *outEcPoint) LOGE("MbedtlsHashToPoint invalid length."); return HAL_ERR_INVALID_PARAM; } - uint8_t hashTmp[BYTE_LENGTH_CURVE_25519] = {0}; + uint8_t hashTmp[BYTE_LENGTH_CURVE_25519] = { 0 }; (void)memcpy_s(hashTmp, BYTE_LENGTH_CURVE_25519, hash->val, BYTE_LENGTH_CURVE_25519); hashTmp[BYTE_LENGTH_CURVE_25519 - 1] &= ~HASH2POINT_PARA_PREPRO; diff --git a/deps_adapter/key_management_adapter/interfaces/alg_defs.h b/deps_adapter/key_management_adapter/interfaces/alg_defs.h index 1bb7338..65e00c8 100644 --- a/deps_adapter/key_management_adapter/interfaces/alg_defs.h +++ b/deps_adapter/key_management_adapter/interfaces/alg_defs.h @@ -42,6 +42,7 @@ typedef enum { ED25519 = 0, X25519 = 1, P256 = 2, + AES = 3, } Algorithm; typedef enum { diff --git a/frameworks/inc/ipc_sdk.h b/frameworks/inc/ipc_sdk.h index 1050446..9277acc 100644 --- a/frameworks/inc/ipc_sdk.h +++ b/frameworks/inc/ipc_sdk.h @@ -86,6 +86,8 @@ enum { IPC_CALL_ID_DESTROY_INFO, IPC_CALL_ID_GA_PROC_DATA, IPC_CALL_ID_AUTH_DEVICE, + IPC_CALL_ID_ADD_MULTI_GROUP_MEMBERS, + IPC_CALL_ID_DEL_MULTI_GROUP_MEMBERS, }; #ifdef __cplusplus diff --git a/frameworks/src/ipc_sdk.c b/frameworks/src/ipc_sdk.c index 275d6cf..e4a3b0a 100644 --- a/frameworks/src/ipc_sdk.c +++ b/frameworks/src/ipc_sdk.c @@ -40,8 +40,8 @@ typedef struct { uintptr_t inst; char appId[IPC_APPID_LEN]; } IpcProxyCbInfo; -static IpcProxyCbInfo g_ipcProxyCbList = {0}; -static IpcProxyCbInfo g_ipcListenerCbList = {0}; +static IpcProxyCbInfo g_ipcProxyCbList = { 0 }; +static IpcProxyCbInfo g_ipcListenerCbList = { 0 }; static HcMutex g_ipcMutex; static void DelIpcCliCallbackCtx(const char *appId, IpcProxyCbInfo *cbCache) @@ -281,7 +281,7 @@ static int32_t IpcGmCreateGroup(int32_t osAccountId, int64_t requestId, const ch uintptr_t callCtx = 0x0; int32_t ret; int32_t inOutLen; - IpcDataInfo replyCache = {0}; + IpcDataInfo replyCache = { 0 }; LOGI("starting ..."); if (!IS_STRING_VALID(createParams) || !IS_STRING_VALID(appid)) { @@ -342,7 +342,7 @@ static int32_t IpcGmDelGroup(int32_t osAccountId, int64_t requestId, const char uintptr_t callCtx = 0x0; int32_t ret; int32_t inOutLen; - IpcDataInfo replyCache = {0}; + IpcDataInfo replyCache = { 0 }; LOGI("starting ..."); if (!IS_STRING_VALID(delParams) || !IS_STRING_VALID(appId)) { @@ -403,7 +403,7 @@ static int32_t IpcGmAddMemberToGroup(int32_t osAccountId, int64_t requestId, con uintptr_t callCtx = 0x0; int32_t ret; int32_t inOutLen; - IpcDataInfo replyCache = {0}; + IpcDataInfo replyCache = { 0 }; LOGI("starting ..."); if (!IS_STRING_VALID(appId) || !IS_STRING_VALID(addParams)) { @@ -463,7 +463,7 @@ static int32_t IpcGmDelMemberFromGroup(int32_t osAccountId, int64_t requestId, c uintptr_t callCtx = 0x0; int32_t ret; int32_t inOutLen; - IpcDataInfo replyCache = {0}; + IpcDataInfo replyCache = { 0 }; LOGI("starting ..."); if (!IS_STRING_VALID(appId) || !IS_STRING_VALID(delParams)) { @@ -518,12 +518,116 @@ static int32_t IpcGmDelMemberFromGroup(int32_t osAccountId, int64_t requestId, c return ret; } +static int32_t IpcGmAddMultiMembersToGroup(int32_t osAccountId, const char *appId, const char *addParams) +{ + LOGI("starting ..."); + if (!IS_STRING_VALID(appId) || !IS_STRING_VALID(addParams)) { + LOGE("Invalid params"); + return HC_ERR_INVALID_PARAMS; + } + if (!IsServiceRunning()) { + LOGE("service is not activity"); + return HC_ERR_IPC_SERVICE_DIED; + } + uintptr_t callCtx = 0x0; + int32_t ret = CreateCallCtx(&callCtx, NULL); + if (ret != HC_SUCCESS) { + LOGE("CreateCallCtx failed, ret %d", ret); + return HC_ERR_IPC_INIT; + } + ret = SetCallRequestParamInfo(callCtx, PARAM_TYPE_OS_ACCOUNT_ID, (const uint8_t *)&osAccountId, + sizeof(osAccountId)); + if (ret != HC_SUCCESS) { + LOGE("set request param failed, ret %d, param id %d", ret, PARAM_TYPE_OS_ACCOUNT_ID); + DestroyCallCtx(&callCtx, NULL); + return HC_ERR_IPC_BUILD_PARAM; + } + ret = SetCallRequestParamInfo(callCtx, PARAM_TYPE_APPID, (const uint8_t *)appId, strlen(appId) + 1); + if (ret != HC_SUCCESS) { + LOGE("set request param failed, ret %d, param id %d", ret, PARAM_TYPE_APPID); + DestroyCallCtx(&callCtx, NULL); + return HC_ERR_IPC_BUILD_PARAM; + } + ret = SetCallRequestParamInfo(callCtx, PARAM_TYPE_ADD_PARAMS, (const uint8_t *)addParams, strlen(addParams) + 1); + if (ret != HC_SUCCESS) { + LOGE("set request param failed, ret %d, param id %d", ret, PARAM_TYPE_ADD_PARAMS); + DestroyCallCtx(&callCtx, NULL); + return HC_ERR_IPC_BUILD_PARAM; + } + ret = DoBinderCall(callCtx, IPC_CALL_ID_ADD_MULTI_GROUP_MEMBERS, true); + if (ret == HC_ERR_IPC_INTERNAL_FAILED) { + LOGE("ipc call failed"); + DestroyCallCtx(&callCtx, NULL); + return HC_ERR_IPC_PROC_FAILED; + } + IpcDataInfo replyCache = { 0 }; + DecodeCallReply(callCtx, &replyCache, REPLAY_CACHE_NUM(replyCache)); + ret = HC_ERR_IPC_UNKNOW_REPLY; + int32_t inOutLen = sizeof(int32_t); + GetIpcReplyByType(&replyCache, REPLAY_CACHE_NUM(replyCache), PARAM_TYPE_IPC_RESULT, (uint8_t *)&ret, &inOutLen); + DestroyCallCtx(&callCtx, NULL); + LOGI("process done, ret %d", ret); + return ret; +} + +static int32_t IpcGmDelMultiMembersFromGroup(int32_t osAccountId, const char *appId, const char *delParams) +{ + LOGI("starting ..."); + if (!IS_STRING_VALID(appId) || !IS_STRING_VALID(delParams)) { + LOGE("Invalid params"); + return HC_ERR_INVALID_PARAMS; + } + if (!IsServiceRunning()) { + LOGE("service is not activity"); + return HC_ERR_IPC_SERVICE_DIED; + } + uintptr_t callCtx = 0x0; + int32_t ret = CreateCallCtx(&callCtx, NULL); + if (ret != HC_SUCCESS) { + LOGE("CreateCallCtx failed, ret %d", ret); + return HC_ERR_IPC_INIT; + } + ret = SetCallRequestParamInfo(callCtx, PARAM_TYPE_OS_ACCOUNT_ID, (const uint8_t *)&osAccountId, + sizeof(osAccountId)); + if (ret != HC_SUCCESS) { + LOGE("set request param failed, ret %d, param id %d", ret, PARAM_TYPE_OS_ACCOUNT_ID); + DestroyCallCtx(&callCtx, NULL); + return HC_ERR_IPC_BUILD_PARAM; + } + ret = SetCallRequestParamInfo(callCtx, PARAM_TYPE_APPID, (const uint8_t *)appId, strlen(appId) + 1); + if (ret != HC_SUCCESS) { + LOGE("set request param failed, ret %d, param id %d", ret, PARAM_TYPE_APPID); + DestroyCallCtx(&callCtx, NULL); + return HC_ERR_IPC_BUILD_PARAM; + } + ret = SetCallRequestParamInfo(callCtx, PARAM_TYPE_DEL_PARAMS, (const uint8_t *)delParams, strlen(delParams) + 1); + if (ret != HC_SUCCESS) { + LOGE("set request param failed, ret %d, param id %d", ret, PARAM_TYPE_DEL_PARAMS); + DestroyCallCtx(&callCtx, NULL); + return HC_ERR_IPC_BUILD_PARAM; + } + ret = DoBinderCall(callCtx, IPC_CALL_ID_DEL_MULTI_GROUP_MEMBERS, true); + if (ret == HC_ERR_IPC_INTERNAL_FAILED) { + LOGE("ipc call failed"); + DestroyCallCtx(&callCtx, NULL); + return HC_ERR_IPC_PROC_FAILED; + } + IpcDataInfo replyCache = { 0 }; + DecodeCallReply(callCtx, &replyCache, REPLAY_CACHE_NUM(replyCache)); + ret = HC_ERR_IPC_UNKNOW_REPLY; + int32_t inOutLen = sizeof(int32_t); + GetIpcReplyByType(&replyCache, REPLAY_CACHE_NUM(replyCache), PARAM_TYPE_IPC_RESULT, (uint8_t *)&ret, &inOutLen); + DestroyCallCtx(&callCtx, NULL); + LOGI("process done, ret %d", ret); + return ret; +} + static int32_t IpcGmProcessData(int64_t requestId, const uint8_t *data, uint32_t dataLen) { uintptr_t callCtx = 0x0; int32_t ret; int32_t inOutLen; - IpcDataInfo replyCache = {0}; + IpcDataInfo replyCache = { 0 }; LOGI("starting ..."); if (!IS_COMM_DATA_VALID(data, dataLen)) { @@ -570,7 +674,7 @@ static int32_t IpcGmGetRegisterInfo(const char *reqJsonStr, char **registerInfo) uintptr_t callCtx = 0x0; int32_t ret; int32_t inOutLen; - IpcDataInfo replyCache[IPC_DATA_CACHES_3] = {{0}}; + IpcDataInfo replyCache[IPC_DATA_CACHES_3] = { { 0 } }; char *outInfo = NULL; LOGI("starting ..."); @@ -630,7 +734,7 @@ static int32_t IpcGmCheckAccessToGroup(int32_t osAccountId, const char *appId, c uintptr_t callCtx = 0x0; int32_t ret; int32_t inOutLen; - IpcDataInfo replyCache = {0}; + IpcDataInfo replyCache = { 0 }; LOGI("starting ..."); if (!IS_STRING_VALID(appId) || !IS_STRING_VALID(groupId)) { @@ -708,7 +812,7 @@ static int32_t IpcGmGetPkInfoList(int32_t osAccountId, const char *appId, const uintptr_t callCtx = 0x0; int32_t ret; int32_t inOutLen; - IpcDataInfo replyCache[IPC_DATA_CACHES_4] = {{0}}; + IpcDataInfo replyCache[IPC_DATA_CACHES_4] = { { 0 } }; LOGI("starting ..."); if (!IS_STRING_VALID(appId) || !IS_STRING_VALID(queryParams) || @@ -791,7 +895,7 @@ static int32_t IpcGmGetGroupInfoById(int32_t osAccountId, const char *appId, con uintptr_t callCtx = 0x0; int32_t ret; int32_t inOutLen; - IpcDataInfo replyCache[IPC_DATA_CACHES_3] = {{0}}; + IpcDataInfo replyCache[IPC_DATA_CACHES_3] = { { 0 } }; LOGI("starting ..."); if (!IS_STRING_VALID(groupId) || !IS_STRING_VALID(appId) || (outGroupInfo == NULL)) { @@ -876,7 +980,7 @@ static int32_t IpcGmGetGroupInfo(int32_t osAccountId, const char *appId, const c uintptr_t callCtx = 0x0; int32_t ret; int32_t inOutLen; - IpcDataInfo replyCache[IPC_DATA_CACHES_4] = {{0}}; + IpcDataInfo replyCache[IPC_DATA_CACHES_4] = { { 0 } }; LOGI("starting ..."); if (!IS_STRING_VALID(queryParams) || !IS_STRING_VALID(appId) || (outGroupVec == NULL) || (groupNum == NULL)) { @@ -962,7 +1066,7 @@ static int32_t IpcGmGetJoinedGroups(int32_t osAccountId, const char *appId, int3 uintptr_t callCtx = 0x0; int32_t ret; int32_t inOutLen; - IpcDataInfo replyCache[IPC_DATA_CACHES_4] = {{0}}; + IpcDataInfo replyCache[IPC_DATA_CACHES_4] = { { 0 } }; LOGI("starting ..."); if (!IS_STRING_VALID(appId) || (outGroupVec == NULL) || (groupNum == NULL)) { @@ -1047,7 +1151,7 @@ static int32_t IpcGmGetRelatedGroups(int32_t osAccountId, const char *appId, con uintptr_t callCtx = 0x0; int32_t ret; int32_t inOutLen; - IpcDataInfo replyCache[IPC_DATA_CACHES_4] = {{0}}; + IpcDataInfo replyCache[IPC_DATA_CACHES_4] = { { 0 } }; LOGI("starting ..."); if (!IS_STRING_VALID(appId) || !IS_STRING_VALID(peerUdid) || (outGroupVec == NULL) || (groupNum == NULL)) { @@ -1158,7 +1262,7 @@ static int32_t IpcGmGetDeviceInfoById(int32_t osAccountId, const char *appId, co uintptr_t callCtx = 0x0; int32_t ret; int32_t inOutLen; - IpcDataInfo replyCache[IPC_DATA_CACHES_3] = {{0}}; + IpcDataInfo replyCache[IPC_DATA_CACHES_3] = { { 0 } }; LOGI("starting ..."); if (!IS_STRING_VALID(appId) || !IS_STRING_VALID(peerUdid) || !IS_STRING_VALID(groupId) || (outDevInfo == NULL)) { @@ -1228,7 +1332,7 @@ static int32_t IpcGmGetTrustedDevices(int32_t osAccountId, const char *appId, uintptr_t callCtx = 0x0; int32_t ret; int32_t inOutLen; - IpcDataInfo replyCache[IPC_DATA_CACHES_4] = {{0}}; + IpcDataInfo replyCache[IPC_DATA_CACHES_4] = { { 0 } }; LOGI("starting ..."); if (!IS_STRING_VALID(appId) || !IS_STRING_VALID(groupId) || @@ -1289,7 +1393,7 @@ static bool IpcGmIsDeviceInGroup(int32_t osAccountId, const char *appId, const c uintptr_t callCtx = 0x0; int32_t ret; int32_t inOutLen; - IpcDataInfo replyCache = {0}; + IpcDataInfo replyCache = { 0 }; LOGI("starting ..."); if (!IS_STRING_VALID(appId) || !IS_STRING_VALID(groupId) || !IS_STRING_VALID(udid)) { @@ -1364,6 +1468,8 @@ static void InitIpcGmMethods(DeviceGroupManager *gmMethodObj) gmMethodObj->deleteGroup = IpcGmDelGroup; gmMethodObj->addMemberToGroup = IpcGmAddMemberToGroup; gmMethodObj->deleteMemberFromGroup = IpcGmDelMemberFromGroup; + gmMethodObj->addMultiMembersToGroup = IpcGmAddMultiMembersToGroup; + gmMethodObj->delMultiMembersFromGroup = IpcGmDelMultiMembersFromGroup; gmMethodObj->processData = IpcGmProcessData; gmMethodObj->getRegisterInfo = IpcGmGetRegisterInfo; gmMethodObj->checkAccessToGroup = IpcGmCheckAccessToGroup; @@ -1386,7 +1492,7 @@ static int32_t IpcGaProcessData(int64_t authReqId, uintptr_t callCtx = 0x0; int32_t ret; int32_t inOutLen; - IpcDataInfo replyCache = {0}; + IpcDataInfo replyCache = { 0 }; LOGI("starting ..."); if (!IS_COMM_DATA_VALID(data, dataLen) || (callback == NULL)) { @@ -1443,7 +1549,7 @@ static int32_t IpcGaAuthDevice(int32_t osAccountId, int64_t authReqId, const cha uintptr_t callCtx = 0x0; int32_t ret; int32_t inOutLen; - IpcDataInfo replyCache = {0}; + IpcDataInfo replyCache = { 0 }; LOGI("starting ..."); if (!IS_STRING_VALID(authParams) || (callback == NULL)) { diff --git a/frameworks/src/ipc_service.c b/frameworks/src/ipc_service.c index 6d35206..5ff5e94 100644 --- a/frameworks/src/ipc_service.c +++ b/frameworks/src/ipc_service.c @@ -371,6 +371,70 @@ static int32_t IpcServiceGmDelMemberFromGroup(const IpcDataInfo *ipcParams, int3 return ret; } +static int32_t IpcServiceGmAddMultiMembersToGroup(const IpcDataInfo *ipcParams, int32_t paramNum, uintptr_t outCache) +{ + int32_t callRet; + int32_t ret; + int32_t inOutLen; + int32_t osAccountId; + const char *addParams = NULL; + const char *appId = NULL; + + LOGI("starting ..."); + inOutLen = sizeof(int32_t); + ret = GetIpcRequestParamByType(ipcParams, paramNum, PARAM_TYPE_OS_ACCOUNT_ID, (uint8_t *)&osAccountId, &inOutLen); + if ((inOutLen != sizeof(int32_t)) || (ret != HC_SUCCESS)) { + LOGE("get param error, type %d", PARAM_TYPE_OS_ACCOUNT_ID); + return HC_ERR_IPC_BAD_PARAM; + } + ret = GetIpcRequestParamByType(ipcParams, paramNum, PARAM_TYPE_ADD_PARAMS, (uint8_t *)&addParams, NULL); + if (ret != HC_SUCCESS) { + LOGE("get param error, type %d", PARAM_TYPE_ADD_PARAMS); + return ret; + } + ret = GetIpcRequestParamByType(ipcParams, paramNum, PARAM_TYPE_APPID, (uint8_t *)&appId, NULL); + if (ret != HC_SUCCESS) { + LOGE("get param error, type %d", PARAM_TYPE_APPID); + return ret; + } + callRet = g_devGroupMgrMethod.addMultiMembersToGroup(osAccountId, appId, addParams); + ret = IpcEncodeCallReplay(outCache, PARAM_TYPE_IPC_RESULT, (const uint8_t *)&callRet, sizeof(int32_t)); + LOGI("process done, call ret %d, ipc ret %d", callRet, ret); + return ret; +} + +static int32_t IpcServiceGmDelMultiMembersFromGroup(const IpcDataInfo *ipcParams, int32_t paramNum, uintptr_t outCache) +{ + int32_t callRet; + int32_t ret; + int32_t inOutLen; + int32_t osAccountId; + const char *delParams = NULL; + const char *appId = NULL; + + LOGI("starting ..."); + inOutLen = sizeof(int32_t); + ret = GetIpcRequestParamByType(ipcParams, paramNum, PARAM_TYPE_OS_ACCOUNT_ID, (uint8_t *)&osAccountId, &inOutLen); + if ((inOutLen != sizeof(int32_t)) || (ret != HC_SUCCESS)) { + LOGE("get param error, type %d", PARAM_TYPE_OS_ACCOUNT_ID); + return HC_ERR_IPC_BAD_PARAM; + } + ret = GetIpcRequestParamByType(ipcParams, paramNum, PARAM_TYPE_APPID, (uint8_t *)&appId, NULL); + if (ret != HC_SUCCESS) { + LOGE("get param error, type %d", PARAM_TYPE_APPID); + return ret; + } + ret = GetIpcRequestParamByType(ipcParams, paramNum, PARAM_TYPE_DEL_PARAMS, (uint8_t *)&delParams, NULL); + if (ret != HC_SUCCESS) { + LOGE("get param error, type %d", PARAM_TYPE_DEL_PARAMS); + return ret; + } + callRet = g_devGroupMgrMethod.delMultiMembersFromGroup(osAccountId, appId, delParams); + ret = IpcEncodeCallReplay(outCache, PARAM_TYPE_IPC_RESULT, (const uint8_t *)&callRet, sizeof(int32_t)); + LOGI("process done, call ret %d, ipc ret %d", callRet, ret); + return ret; +} + static int32_t IpcServiceGmProcessData(const IpcDataInfo *ipcParams, int32_t paramNum, uintptr_t outCache) { int32_t callRet; @@ -946,6 +1010,8 @@ static int32_t AddMethodMap(uintptr_t ipcInstance) ret &= SetIpcCallMap(ipcInstance, IpcServiceGmDelGroup, IPC_CALL_ID_DEL_GROUP); ret &= SetIpcCallMap(ipcInstance, IpcServiceGmAddMemberToGroup, IPC_CALL_ID_ADD_GROUP_MEMBER); ret &= SetIpcCallMap(ipcInstance, IpcServiceGmDelMemberFromGroup, IPC_CALL_ID_DEL_GROUP_MEMBER); + ret &= SetIpcCallMap(ipcInstance, IpcServiceGmAddMultiMembersToGroup, IPC_CALL_ID_ADD_MULTI_GROUP_MEMBERS); + ret &= SetIpcCallMap(ipcInstance, IpcServiceGmDelMultiMembersFromGroup, IPC_CALL_ID_DEL_MULTI_GROUP_MEMBERS); ret &= SetIpcCallMap(ipcInstance, IpcServiceGmProcessData, IPC_CALL_ID_GM_PROC_DATA); ret &= SetIpcCallMap(ipcInstance, IpcServiceGmApplyRegisterInfo, IPC_CALL_ID_APPLY_REG_INFO); ret &= SetIpcCallMap(ipcInstance, IpcServiceGmCheckAccessToGroup, IPC_CALL_ID_CHECK_ACCESS_TO_GROUP); diff --git a/frameworks/src/lite/ipc_adapt.c b/frameworks/src/lite/ipc_adapt.c index c1dcdcd..8909565 100644 --- a/frameworks/src/lite/ipc_adapt.c +++ b/frameworks/src/lite/ipc_adapt.c @@ -685,7 +685,7 @@ static bool GaCbOnTransmitWithType(int64_t requestId, const uint8_t *data, uint3 uint32_t ret; IpcIo *dataParcel = NULL; IpcIo reply; - uint8_t dataBuf[IPC_STACK_BUFF_SZ] = {0}; + uint8_t dataBuf[IPC_STACK_BUFF_SZ] = { 0 }; IpcCallBackNode *node = NULL; LOGI("starting ... request id: %lld, type %d", requestId, type); @@ -887,7 +887,7 @@ static char *GaCbOnRequestWithType(int64_t requestId, int32_t operationCode, con uint32_t uRet; IpcIo *dataParcel = NULL; IpcIo reply; - uint8_t dataBuf[IPC_STACK_BUFF_SZ] = {0}; + uint8_t dataBuf[IPC_STACK_BUFF_SZ] = { 0 }; const char *dPtr = NULL; IpcCallBackNode *node = NULL; @@ -1000,7 +1000,6 @@ void IpcOnGroupCreated(const char *groupInfo) if (g_ipcCallBackList.ctx[i].cbType == CB_TYPE_LISTENER) { listener = &(g_ipcCallBackList.ctx[i].cbCtx.listener); if (listener->onGroupCreated == NULL) { - LOGE("onGroupCreated hook is invalid"); continue; } ActCallback(g_ipcCallBackList.ctx[i].proxyId, CB_ID_ON_GROUP_CREATED, @@ -1048,7 +1047,6 @@ void IpcOnGroupDeleted(const char *groupInfo) if (g_ipcCallBackList.ctx[i].cbType == CB_TYPE_LISTENER) { listener = &(g_ipcCallBackList.ctx[i].cbCtx.listener); if (listener->onGroupDeleted == NULL) { - LOGE("onGroupDeleted hook is null"); continue; } ActCallback(g_ipcCallBackList.ctx[i].proxyId, CB_ID_ON_GROUP_DELETED, @@ -1097,7 +1095,6 @@ void IpcOnDeviceBound(const char *peerUdid, const char *groupInfo) if (g_ipcCallBackList.ctx[i].cbType == CB_TYPE_LISTENER) { listener = &(g_ipcCallBackList.ctx[i].cbCtx.listener); if (listener->onDeviceBound == NULL) { - LOGE("onDeviceBound hook is null"); continue; } ActCallback(g_ipcCallBackList.ctx[i].proxyId, CB_ID_ON_DEV_BOUND, @@ -1146,7 +1143,6 @@ void IpcOnDeviceUnBound(const char *peerUdid, const char *groupInfo) if (g_ipcCallBackList.ctx[i].cbType == CB_TYPE_LISTENER) { listener = &(g_ipcCallBackList.ctx[i].cbCtx.listener); if (listener->onDeviceUnBound == NULL) { - LOGE("onDeviceUnBound hook is null"); continue; } ActCallback(g_ipcCallBackList.ctx[i].proxyId, CB_ID_ON_DEV_UNBOUND, @@ -1194,7 +1190,6 @@ void IpcOnDeviceNotTrusted(const char *peerUdid) if (g_ipcCallBackList.ctx[i].cbType == CB_TYPE_LISTENER) { listener = &(g_ipcCallBackList.ctx[i].cbCtx.listener); if (listener->onDeviceNotTrusted == NULL) { - LOGE("onDeviceNotTrusted hook is null"); continue; } ActCallback(g_ipcCallBackList.ctx[i].proxyId, CB_ID_ON_DEV_UNTRUSTED, @@ -1243,7 +1238,6 @@ void IpcOnLastGroupDeleted(const char *peerUdid, int32_t groupType) if (g_ipcCallBackList.ctx[i].cbType == CB_TYPE_LISTENER) { listener = &(g_ipcCallBackList.ctx[i].cbCtx.listener); if (listener->onLastGroupDeleted == NULL) { - LOGE("onLastGroupDeleted hook is null"); continue; } ActCallback(g_ipcCallBackList.ctx[i].proxyId, CB_ID_ON_LAST_GROUP_DELETED, @@ -1287,7 +1281,6 @@ void IpcOnTrustedDeviceNumChanged(int32_t curTrustedDeviceNum) if (g_ipcCallBackList.ctx[i].cbType == CB_TYPE_LISTENER) { listener = &(g_ipcCallBackList.ctx[i].cbCtx.listener); if (listener->onTrustedDeviceNumChanged == NULL) { - LOGE("onTrustedDeviceNumChanged hook is null"); continue; } ActCallback(g_ipcCallBackList.ctx[i].proxyId, CB_ID_ON_TRUST_DEV_NUM_CHANGED, diff --git a/frameworks/src/lite/ipc_callback_stub.c b/frameworks/src/lite/ipc_callback_stub.c index 0ecd7e9..abfc528 100644 --- a/frameworks/src/lite/ipc_callback_stub.c +++ b/frameworks/src/lite/ipc_callback_stub.c @@ -30,7 +30,7 @@ static void DoCallBack(int32_t callbackId, uintptr_t cbHook, IpcIo *data, IpcIo { int32_t ret; int32_t i; - IpcDataInfo cbDataCache[MAX_REQUEST_PARAMS_NUM] = {{0}}; + IpcDataInfo cbDataCache[MAX_REQUEST_PARAMS_NUM] = { { 0 } }; if (cbHook == 0x0) { LOGE("Invalid call back hook"); diff --git a/frameworks/src/lite/ipc_dev_auth_proxy.c b/frameworks/src/lite/ipc_dev_auth_proxy.c index bbc3d27..e3dafd3 100644 --- a/frameworks/src/lite/ipc_dev_auth_proxy.c +++ b/frameworks/src/lite/ipc_dev_auth_proxy.c @@ -84,7 +84,7 @@ int32_t FinalCallRequest(ProxyDevAuthData *dataCtx, int32_t methodId) return HC_FALSE; } if (dataCtx->withCallback) { - SvcIdentity badSvc = {0}; + SvcIdentity badSvc = { 0 }; ShowIpcSvcInfo(&(dataCtx->cbSvc)); if ((sizeof(dataCtx->cbSvc) != sizeof(badSvc)) || !memcmp(&(dataCtx->cbSvc), &badSvc, sizeof(badSvc))) { diff --git a/frameworks/src/lite/ipc_dev_auth_stub.c b/frameworks/src/lite/ipc_dev_auth_stub.c index 4412e77..9fb9769 100644 --- a/frameworks/src/lite/ipc_dev_auth_stub.c +++ b/frameworks/src/lite/ipc_dev_auth_stub.c @@ -177,7 +177,7 @@ static int32_t DevAuthRequestCall(void *origin, IpcIo *req, IpcIo *reply) int32_t ret; int32_t methodId = -1; int32_t reqParamNum = 0; - IpcDataInfo reqParams[MAX_REQUEST_PARAMS_NUM] = {{0}}; + IpcDataInfo reqParams[MAX_REQUEST_PARAMS_NUM] = { { 0 } }; IpcServiceCall serviceCall = NULL; (void)origin; @@ -214,7 +214,7 @@ int32_t OnRemoteInvoke(IServerProxy *iProxy, int32_t reqId, void *origin, IpcIo int32_t n; int32_t (*callCtx)(void *origin, IpcIo *req, IpcIo *reply) = NULL; IpcIo replyTmp; - uint8_t dataBuff[IPC_IO_BUFF_SZ] = {0}; + uint8_t dataBuff[IPC_IO_BUFF_SZ] = { 0 }; int32_t ret = HC_ERR_IPC_UNKNOW_OPCODE; (void)origin; diff --git a/frameworks/src/standard/ipc_adapt.cpp b/frameworks/src/standard/ipc_adapt.cpp index b5aa2a9..f226cae 100644 --- a/frameworks/src/standard/ipc_adapt.cpp +++ b/frameworks/src/standard/ipc_adapt.cpp @@ -946,7 +946,6 @@ void IpcOnGroupCreated(const char *groupInfo) if (g_ipcCallBackList.ctx[i].cbType == CB_TYPE_LISTENER) { listener = &(g_ipcCallBackList.ctx[i].cbCtx.listener); if (listener->onGroupCreated == nullptr) { - LOGE("onGroupCreated hook is invalid"); continue; } ServiceDevAuth::ActCallback(g_ipcCallBackList.ctx[i].proxyId, CB_ID_ON_GROUP_CREATED, @@ -986,7 +985,6 @@ void IpcOnGroupDeleted(const char *groupInfo) if (g_ipcCallBackList.ctx[i].cbType == CB_TYPE_LISTENER) { listener = &(g_ipcCallBackList.ctx[i].cbCtx.listener); if (listener->onGroupDeleted == nullptr) { - LOGE("onGroupDeleted hook is null"); continue; } ServiceDevAuth::ActCallback(g_ipcCallBackList.ctx[i].proxyId, CB_ID_ON_GROUP_DELETED, @@ -1028,7 +1026,6 @@ void IpcOnDeviceBound(const char *peerUdid, const char *groupInfo) if (g_ipcCallBackList.ctx[i].cbType == CB_TYPE_LISTENER) { listener = &(g_ipcCallBackList.ctx[i].cbCtx.listener); if (listener->onDeviceBound == nullptr) { - LOGE("onDeviceBound hook is null"); continue; } ServiceDevAuth::ActCallback(g_ipcCallBackList.ctx[i].proxyId, CB_ID_ON_DEV_BOUND, @@ -1070,7 +1067,6 @@ void IpcOnDeviceUnBound(const char *peerUdid, const char *groupInfo) if (g_ipcCallBackList.ctx[i].cbType == CB_TYPE_LISTENER) { listener = &(g_ipcCallBackList.ctx[i].cbCtx.listener); if (listener->onDeviceUnBound == nullptr) { - LOGE("onDeviceUnBound hook is null"); continue; } ServiceDevAuth::ActCallback(g_ipcCallBackList.ctx[i].proxyId, CB_ID_ON_DEV_UNBOUND, @@ -1110,7 +1106,6 @@ void IpcOnDeviceNotTrusted(const char *peerUdid) if (g_ipcCallBackList.ctx[i].cbType == CB_TYPE_LISTENER) { listener = &(g_ipcCallBackList.ctx[i].cbCtx.listener); if (listener->onDeviceNotTrusted == nullptr) { - LOGE("onDeviceNotTrusted hook is null"); continue; } ServiceDevAuth::ActCallback(g_ipcCallBackList.ctx[i].proxyId, CB_ID_ON_DEV_UNTRUSTED, @@ -1152,7 +1147,6 @@ void IpcOnLastGroupDeleted(const char *peerUdid, int32_t groupType) if (g_ipcCallBackList.ctx[i].cbType == CB_TYPE_LISTENER) { listener = &(g_ipcCallBackList.ctx[i].cbCtx.listener); if (listener->onLastGroupDeleted == nullptr) { - LOGE("onLastGroupDeleted hook is null"); continue; } ServiceDevAuth::ActCallback(g_ipcCallBackList.ctx[i].proxyId, CB_ID_ON_LAST_GROUP_DELETED, @@ -1187,7 +1181,6 @@ void IpcOnTrustedDeviceNumChanged(int32_t curTrustedDeviceNum) if (g_ipcCallBackList.ctx[i].cbType == CB_TYPE_LISTENER) { listener = &(g_ipcCallBackList.ctx[i].cbCtx.listener); if (listener->onTrustedDeviceNumChanged == nullptr) { - LOGE("onTrustedDeviceNumChanged hook is null"); continue; } ServiceDevAuth::ActCallback(g_ipcCallBackList.ctx[i].proxyId, CB_ID_ON_TRUST_DEV_NUM_CHANGED, diff --git a/frameworks/src/standard/ipc_callback_stub.cpp b/frameworks/src/standard/ipc_callback_stub.cpp index c2fd70e..e42b3ce 100644 --- a/frameworks/src/standard/ipc_callback_stub.cpp +++ b/frameworks/src/standard/ipc_callback_stub.cpp @@ -33,7 +33,7 @@ void StubDevAuthCb::DoCallBack(int32_t callbackId, uintptr_t cbHook, int32_t ret; int32_t i; MessageParcel retParcel; - IpcDataInfo cbDataCache[MAX_REQUEST_PARAMS_NUM] = {{0}}; + IpcDataInfo cbDataCache[MAX_REQUEST_PARAMS_NUM] = { { 0 } }; if (cbHook == 0x0) { LOGE("Invalid call back hook"); diff --git a/frameworks/src/standard/ipc_dev_auth_stub.cpp b/frameworks/src/standard/ipc_dev_auth_stub.cpp index e33b770..339320f 100644 --- a/frameworks/src/standard/ipc_dev_auth_stub.cpp +++ b/frameworks/src/standard/ipc_dev_auth_stub.cpp @@ -159,7 +159,7 @@ int32_t ServiceDevAuth::OnRemoteRequest(uint32_t code, MessageParcel &data, Mess int32_t methodId = 0; int32_t reqParamNum = 0; MessageParcel replyCache; - IpcDataInfo reqParams[MAX_REQUEST_PARAMS_NUM] = {{0}}; + IpcDataInfo reqParams[MAX_REQUEST_PARAMS_NUM] = { { 0 } }; IpcServiceCall serviceCall = nullptr; LOGI("request code %u", code); diff --git a/interfaces/innerkits/device_auth.h b/interfaces/innerkits/device_auth.h index 4c835c5..ff8e0d6 100644 --- a/interfaces/innerkits/device_auth.h +++ b/interfaces/innerkits/device_auth.h @@ -66,6 +66,9 @@ #define FIELD_IS_DELETE_ALL "isDeleteAll" #define FIELD_BLE_CHALLENGE "bleChallenge" #define FIELD_OS_ACCOUNT_ID "osAccountId" +#define FIELD_AUTH_CODE "authCode" +#define FIELD_AUTH_CODE_ID "authCodeId" +#define FIELD_DEVICE_LIST "deviceList" typedef enum { DEFAULT_OS_ACCOUNT = 0, @@ -109,14 +112,10 @@ typedef enum { } GroupAuthForm; typedef enum { - IMPORT_SELF_CREDENTIAL = 0, - DELETE_SELF_CREDENTIAL = 1, - QUERY_SELF_CREDENTIAL_INFO = 2, - IMPORT_TRUSTED_CREDENTIALS = 3, - DELETE_TRUSTED_CREDENTIALS = 4, - QUERY_TRUSTED_CREDENTIALS = 5, - REQUEST_SIGNATURE = 6, -} CredentialCode; + INVALID_CRED = 0, + SYMMETRIC_CRED = 1, + ASYMMETRIC_CRED = 2, +} CredType; typedef enum { DEVICE_TYPE_ACCESSORY = 0, @@ -172,6 +171,8 @@ typedef struct { int32_t (*deleteMemberFromGroup)(int32_t osAccountId, int64_t requestId, const char *appId, const char *deleteParams); int32_t (*processData)(int64_t requestId, const uint8_t *data, uint32_t dataLen); + int32_t (*addMultiMembersToGroup)(int32_t osAccountId, const char *appId, const char *addParams); + int32_t (*delMultiMembersFromGroup)(int32_t osAccountId, const char *appId, const char *deleteParams); int32_t (*getRegisterInfo)(const char *reqJsonStr, char **returnRegisterInfo); int32_t (*checkAccessToGroup)(int32_t osAccountId, const char *appId, const char *groupId); int32_t (*getPkInfoList)(int32_t osAccountId, const char *appId, const char *queryParams, char **returnInfoList, diff --git a/interfaces/innerkits/device_auth_defines.h b/interfaces/innerkits/device_auth_defines.h index e3355ca..b235236 100644 --- a/interfaces/innerkits/device_auth_defines.h +++ b/interfaces/innerkits/device_auth_defines.h @@ -76,6 +76,7 @@ enum { HC_ERR_IPC_OUT_DATA_NUM = 0x0000300F, HC_ERR_IPC_OUT_DATA = 0x00003010, HC_ERR_IPC_BAD_PARAM = 0x00003011, + HC_ERR_IPC_SERVICE_DIED = 0x00003012, /* error code for module , 0x00004000 ~ 0x00004FFF */ HC_ERR_MODULE_NOT_FOUNT = 0x00004001, diff --git a/services/authenticators/inc/account_related/account_module.h b/services/authenticators/inc/account_related/account_module.h index af4eb0a..24f1dca 100644 --- a/services/authenticators/inc/account_related/account_module.h +++ b/services/authenticators/inc/account_related/account_module.h @@ -19,9 +19,19 @@ #include "dev_auth_module_manager.h" #include "json_utils.h" +typedef enum { + IMPORT_SELF_CREDENTIAL = 0, + DELETE_SELF_CREDENTIAL = 1, + QUERY_SELF_CREDENTIAL_INFO = 2, + IMPORT_TRUSTED_CREDENTIALS = 3, + DELETE_TRUSTED_CREDENTIALS = 4, + QUERY_TRUSTED_CREDENTIALS = 5, + REQUEST_SIGNATURE = 6, +} CredentialCode; + int32_t CheckAccountMsgRepeatability(const CJson *in); bool IsAccountSupported(void); AuthModuleBase *CreateAccountModule(void); -int32_t ProcessAccountCredentials(int32_t osAccountId, int32_t credentialOpCode, const CJson *in, CJson *out); +int32_t ProcessAccountCredentials(int32_t osAccountId, int32_t opCode, CJson *in, CJson *out); #endif diff --git a/services/authenticators/inc/account_related/account_module_defines.h b/services/authenticators/inc/account_related/account_module_defines.h index 04a0faa..bd4078d 100644 --- a/services/authenticators/inc/account_related/account_module_defines.h +++ b/services/authenticators/inc/account_related/account_module_defines.h @@ -17,13 +17,14 @@ #define ACCOUNT_MODULE_DEFINES_H #define SEED_SIZE 32 -#define USER_ID_SIZE 65 #define PK_SIZE 128 #define PK_VERSION_SIZE 256 -#define DEVICE_ID_SIZE 256 #define SIGNATURE_SIZE 128 #define PUBLIC_KEY_INFO_SIZE 1024 #define SERVER_PK_SIZE 128 +#define DEV_AUTH_USER_ID_SIZE 65 +#define DEV_AUTH_DEVICE_ID_SIZE 65 +#define DEV_AUTH_AUTH_CODE_SIZE 32 typedef enum { TASK_TYPE_DEFAULT = 0, diff --git a/services/authenticators/inc/account_related/auth/pake_v2_auth_task/pake_v2_auth_task_common.h b/services/authenticators/inc/account_related/auth/pake_v2_auth_task/pake_v2_auth_task_common.h index 2c0cdeb..f2e720f 100644 --- a/services/authenticators/inc/account_related/auth/pake_v2_auth_task/pake_v2_auth_task_common.h +++ b/services/authenticators/inc/account_related/auth/pake_v2_auth_task/pake_v2_auth_task_common.h @@ -34,8 +34,8 @@ typedef struct { Uint8Buff devIdSelf; Uint8Buff devIdPeer; uint8_t pkCloud[SERVER_PK_SIZE]; - uint8_t userIdSelf[USER_ID_SIZE]; - uint8_t userIdPeer[USER_ID_SIZE]; + uint8_t userIdSelf[DEV_AUTH_USER_ID_SIZE]; + uint8_t userIdPeer[DEV_AUTH_USER_ID_SIZE]; uint8_t pkSelf[PK_SIZE]; Uint8Buff pkInfoSelf; Uint8Buff pkInfoSignSelf; diff --git a/services/authenticators/inc/account_related/creds_manager/asysmetric_token_manager/asy_token_manager.h b/services/authenticators/inc/account_related/creds_manager/asy_token_manager.h similarity index 84% rename from services/authenticators/inc/account_related/creds_manager/asysmetric_token_manager/asy_token_manager.h rename to services/authenticators/inc/account_related/creds_manager/asy_token_manager.h index 98605f9..2d93abd 100644 --- a/services/authenticators/inc/account_related/creds_manager/asysmetric_token_manager/asy_token_manager.h +++ b/services/authenticators/inc/account_related/creds_manager/asy_token_manager.h @@ -21,20 +21,6 @@ #include "common_defs.h" #include "string_util.h" -#define SELF_ECC_KEY_LEN 32 - -#define COPY_STRING_GOTO_ERR_IF_FAIL(src, dest, tag) \ - do { \ - if ((src) == NULL) { \ - LOGE("%s is NULL", tag); \ - goto ERR; \ - } \ - if (memcpy_s((dest), sizeof(dest), src, HcStrlen(src) + 1) != EOK) { \ - LOGE("%s copy failed", tag); \ - goto ERR; \ - } \ - } while (0) - typedef struct { Uint8Buff version; Uint8Buff userId; diff --git a/services/authenticators/inc/account_related/creds_manager/sym_token_manager.h b/services/authenticators/inc/account_related/creds_manager/sym_token_manager.h new file mode 100644 index 0000000..3307b7f --- /dev/null +++ b/services/authenticators/inc/account_related/creds_manager/sym_token_manager.h @@ -0,0 +1,52 @@ +/* + * Copyright (C) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef SYM_TOKEN_MANAGER_H +#define SYM_TOKEN_MANAGER_H + +#include +#include "account_module_defines.h" +#include "common_defs.h" +#include "string_util.h" + +typedef struct { + char userId[DEV_AUTH_USER_ID_SIZE]; + char deviceId[DEV_AUTH_DEVICE_ID_SIZE]; + int32_t authCodeId; +} SymToken; +DECLARE_HC_VECTOR(SymTokenVec, SymToken*) + +typedef struct { + int32_t (*addToken)(int32_t osAccountId, CJson *in); + int32_t (*deleteToken)(int32_t osAccountId, const char *userId, const char *deviceId); +} SymTokenManager; + +#ifdef __cplusplus +extern "C" { +#endif + +SymTokenManager *GetSymTokenManager(void); + +void InitSymTokenManager(void); +void DestroySymTokenManager(void); + +SymTokenVec CreateSymTokenVec(void); +void ClearSymTokenVec(SymTokenVec *vec); + +#ifdef __cplusplus +} +#endif + +#endif \ No newline at end of file diff --git a/services/authenticators/src/account_related/account_module.c b/services/authenticators/src/account_related/account_module.c index de38493..1dbac93 100644 --- a/services/authenticators/src/account_related/account_module.c +++ b/services/authenticators/src/account_related/account_module.c @@ -14,6 +14,9 @@ */ #include "account_module.h" +#include "account_module_defines.h" +#include "account_multi_task_manager.h" +#include "account_version_util.h" #include "alg_loader.h" #include "asy_token_manager.h" #include "clib_error.h" @@ -24,9 +27,7 @@ #include "json_utils.h" #include "pake_v2_auth_client_task.h" #include "pake_v2_auth_server_task.h" -#include "account_module_defines.h" -#include "account_multi_task_manager.h" -#include "account_version_util.h" +#include "sym_token_manager.h" #define ACCOUNT_CLIENT_FIRST_MESSAGE 0x0000 #define ACCOUNT_CLIENT_STEP_MASK 0x000F @@ -126,40 +127,9 @@ static void DestroyAccountTask(int32_t taskId) authManager->deleteTaskFromManager(taskId); } -static void DestroyAccountModule(AuthModuleBase *module) +static int32_t ProcessAsyTokens(int32_t osAccountId, int32_t opCode, CJson *in, CJson *out) { - DestroyAccountMultiTaskManager(); - DestroyTokenManager(); - DestroyVersionInfos(); - (void)memset_s(module, sizeof(AccountModule), 0, sizeof(AccountModule)); -} - -AuthModuleBase *CreateAccountModule(void) -{ - g_module.moduleBase.moduleType = ACCOUNT_MODULE; - g_module.moduleBase.createTask = CreateAccountTask; - g_module.moduleBase.processTask = ProcessAccountTask; - g_module.moduleBase.destroyTask = DestroyAccountTask; - g_module.moduleBase.destroyModule = DestroyAccountModule; - - InitVersionInfos(); - InitAccountMultiTaskManager(); - InitTokenManager(); - return (AuthModuleBase *)&g_module; -} - -bool IsAccountSupported(void) -{ - return true; -} - -int32_t ProcessAccountCredentials(int32_t osAccountId, int32_t credentialOpCode, const CJson *in, CJson *out) -{ - if (in == NULL) { - LOGE("The input param: in is null."); - return HC_ERR_NULL_PTR; - } - switch (credentialOpCode) { + switch (opCode) { case IMPORT_SELF_CREDENTIAL: return GetAccountAuthTokenManager()->addToken(osAccountId, in, out); case DELETE_SELF_CREDENTIAL: { @@ -177,8 +147,83 @@ int32_t ProcessAccountCredentials(int32_t osAccountId, int32_t credentialOpCode, } return GetAccountAuthTokenManager()->getRegisterProof(in, out); default: - LOGE("Operation is not supported for: %d.", credentialOpCode); - break; + LOGE("Operation is not supported for: %d.", opCode); + return HC_ERR_NOT_SUPPORT; + } +} + +static int32_t ProcessSymTokens(int32_t osAccountId, int32_t opCode, CJson *in, CJson *out) +{ + switch (opCode) { + case IMPORT_SELF_CREDENTIAL: + case IMPORT_TRUSTED_CREDENTIALS: + return GetSymTokenManager()->addToken(osAccountId, in); + case DELETE_SELF_CREDENTIAL: + case DELETE_TRUSTED_CREDENTIALS: { + const char *userId = GetStringFromJson(in, FIELD_USER_ID); + if (userId == NULL) { + LOGE("Failed to get userId from json!"); + return HC_ERR_JSON_GET; + } + const char *deviceId = GetStringFromJson(in, FIELD_DEVICE_ID); + if (deviceId == NULL) { + LOGE("Failed to get deviceId from json!"); + return HC_ERR_JSON_GET; + } + return GetSymTokenManager()->deleteToken(osAccountId, userId, deviceId); + } + default: + LOGE("Operation is not supported for: %d.", opCode); + return HC_ERR_NOT_SUPPORT; + } +} + +static void DestroyAccountModule(AuthModuleBase *module) +{ + DestroyAccountMultiTaskManager(); + DestroyTokenManager(); + DestroySymTokenManager(); + DestroyVersionInfos(); + (void)memset_s(module, sizeof(AccountModule), 0, sizeof(AccountModule)); +} + +AuthModuleBase *CreateAccountModule(void) +{ + g_module.moduleBase.moduleType = ACCOUNT_MODULE; + g_module.moduleBase.createTask = CreateAccountTask; + g_module.moduleBase.processTask = ProcessAccountTask; + g_module.moduleBase.destroyTask = DestroyAccountTask; + g_module.moduleBase.destroyModule = DestroyAccountModule; + + InitVersionInfos(); + InitAccountMultiTaskManager(); + InitTokenManager(); + InitSymTokenManager(); + return (AuthModuleBase *)&g_module; +} + +bool IsAccountSupported(void) +{ + return true; +} + +int32_t ProcessAccountCredentials(int32_t osAccountId, int32_t opCode, CJson *in, CJson *out) +{ + if (in == NULL) { + LOGE("The input param: in is null."); + return HC_ERR_NULL_PTR; + } + int32_t credentialType = INVALID_CRED; + if (GetIntFromJson(in, FIELD_CREDENTIAL_TYPE, &credentialType) != HC_SUCCESS) { + LOGE("Failed to get credentialType from json!"); + return HC_ERR_JSON_GET; + } + if (credentialType == ASYMMETRIC_CRED) { + return ProcessAsyTokens(osAccountId, opCode, in, out); + } else if (credentialType == SYMMETRIC_CRED) { + return ProcessSymTokens(osAccountId, opCode, in, out); + } else { + LOGE("Invalid credential type! [CredType]: %d", credentialType); + return HC_ERR_NOT_SUPPORT; } - return HC_ERR_NOT_SUPPORT; } diff --git a/services/authenticators/src/account_related/auth/pake_v2_auth_task/pake_v2_auth_client_task.c b/services/authenticators/src/account_related/auth/pake_v2_auth_task/pake_v2_auth_client_task.c index 73d02e2..2c58707 100644 --- a/services/authenticators/src/account_related/auth/pake_v2_auth_task/pake_v2_auth_client_task.c +++ b/services/authenticators/src/account_related/auth/pake_v2_auth_task/pake_v2_auth_client_task.c @@ -152,7 +152,7 @@ static int32_t AsyAuthClientStepTwo(TaskBase *task, const CJson *in, CJson *out, } const char *userIdPeer = GetStringFromJson(in, FIELD_USER_ID); uint32_t userIdPeerLen = HcStrlen(userIdPeer) + 1; - if (userIdPeer == NULL || userIdPeerLen > USER_ID_SIZE) { + if (userIdPeer == NULL || userIdPeerLen > DEV_AUTH_USER_ID_SIZE) { LOGE("Payload not contain peer userId or userId len is invalid."); return HC_ERR_BAD_MESSAGE; } diff --git a/services/authenticators/src/account_related/auth/pake_v2_auth_task/pake_v2_auth_server_task.c b/services/authenticators/src/account_related/auth/pake_v2_auth_task/pake_v2_auth_server_task.c index b0a390e..5c18184 100644 --- a/services/authenticators/src/account_related/auth/pake_v2_auth_task/pake_v2_auth_server_task.c +++ b/services/authenticators/src/account_related/auth/pake_v2_auth_task/pake_v2_auth_server_task.c @@ -146,7 +146,7 @@ static int32_t AsyAuthServerStepOne(TaskBase *task, const CJson *in, CJson *out, GOTO_IF_ERR(GetIntFromJson(in, FIELD_AUTH_FORM, &innerTask->params.authForm)); const char *userIdPeer = GetStringFromJson(in, FIELD_USER_ID); uint32_t userIdPeerLen = HcStrlen(userIdPeer) + 1; - if (userIdPeer == NULL || userIdPeerLen > USER_ID_SIZE) { + if (userIdPeer == NULL || userIdPeerLen > DEV_AUTH_USER_ID_SIZE) { LOGE("Payload not contain peer userId or userId len is invalid."); return HC_ERR_BAD_MESSAGE; } diff --git a/services/authenticators/src/account_related/creds_manager/asysmetric_token_manager/asy_token_manager.c b/services/authenticators/src/account_related/creds_manager/asy_token_manager.c similarity index 95% rename from services/authenticators/src/account_related/creds_manager/asysmetric_token_manager/asy_token_manager.c rename to services/authenticators/src/account_related/creds_manager/asy_token_manager.c index 59fb2ad..cc1212b 100644 --- a/services/authenticators/src/account_related/creds_manager/asysmetric_token_manager/asy_token_manager.c +++ b/services/authenticators/src/account_related/creds_manager/asy_token_manager.c @@ -36,8 +36,9 @@ DECLARE_HC_VECTOR(AccountTokenDb, OsAccountTokenInfo) IMPLEMENT_HC_VECTOR(AccountTokenDb, OsAccountTokenInfo, 1) #define MAX_DB_PATH_LEN 256 +#define SELF_ECC_KEY_LEN 32 -AccountAuthTokenManager g_tokenManager; +AccountAuthTokenManager g_asyTokenManager; static const AlgLoader *g_algLoader = NULL; static bool g_isInitial = false; @@ -92,20 +93,20 @@ static bool GetTokenPath(int32_t osAccountId, char *tokenPath, uint32_t pathBuff LOGE("Failed to get the account storage path!"); return false; } - int32_t ret; + int32_t writeByteNum; if (osAccountId == DEFAULT_OS_ACCOUNT) { - ret = sprintf_s(tokenPath, pathBufferLen, "%s/account_data.dat", beginPath); + writeByteNum = sprintf_s(tokenPath, pathBufferLen, "%s/account_data_asy.dat", beginPath); } else { - ret = sprintf_s(tokenPath, pathBufferLen, "%s/account_data%d.dat", beginPath, osAccountId); + writeByteNum = sprintf_s(tokenPath, pathBufferLen, "%s/account_data_asy%d.dat", beginPath, osAccountId); } - if (ret <= 0) { + if (writeByteNum <= 0) { LOGE("sprintf_s fail!"); return false; } return true; } -static int32_t GenerateTokenFromJson(CJson *tokenJson, AccountToken *token) +static int32_t GenerateTokenFromJson(const CJson *tokenJson, AccountToken *token) { CJson *pkInfoJson = GetObjFromJson(tokenJson, FIELD_PK_INFO); if (pkInfoJson == NULL) { @@ -261,11 +262,9 @@ static int32_t WriteTokensJsonToFile(int32_t osAccountId, CJson *tokensJson) return ret; } int32_t fileSize = (int32_t)(HcStrlen(storeJsonString) + 1); - if (HcFileWrite(file, storeJsonString, fileSize) == fileSize) { - ret = HC_SUCCESS; - } else { + if (HcFileWrite(file, storeJsonString, fileSize) != fileSize) { LOGE("Failed to write token array to file."); - ret = HC_ERROR; + ret = HC_ERR_FILE; } FreeJsonString(storeJsonString); HcFileClose(file); @@ -885,9 +884,9 @@ static int32_t CheckDevicePk(const CJson *credJson) return ret; } -static int32_t CheckUserId(const char *userId, CJson *credJson) +static int32_t CheckUserId(const char *userId, const CJson *in) { - CJson *pkInfoJson = GetObjFromJson(credJson, FIELD_PK_INFO); + CJson *pkInfoJson = GetObjFromJson(in, FIELD_PK_INFO); if (pkInfoJson == NULL) { LOGE("Failed to get pkInfoJson"); return HC_ERR_JSON_GET; @@ -903,24 +902,24 @@ static int32_t CheckUserId(const char *userId, CJson *credJson) return HC_ERROR; } -static int32_t CheckCredValidity(const CJson *in, CJson *credJson) +static int32_t CheckCredValidity(const CJson *in) { const char *userId = GetStringFromJson(in, FIELD_USER_ID); if (userId == NULL) { LOGE("Failed to get userId"); return HC_ERR_JSON_GET; } - int32_t ret = VerifySignature(credJson); + int32_t ret = VerifySignature(in); if (ret != HC_SUCCESS) { LOGE("Verify server credential failed!"); return ret; } - ret = CheckDevicePk(credJson); + ret = CheckDevicePk(in); if (ret != HC_SUCCESS) { LOGE("Check devicePk failed!"); return ret; } - ret = CheckUserId(userId, credJson); + ret = CheckUserId(userId, in); if (ret != HC_SUCCESS) { LOGE("Check userId failed!"); } @@ -934,12 +933,7 @@ static int32_t AddToken(int32_t osAccountId, const CJson *in, CJson *out) LOGE("Input param is null!"); return HC_ERR_NULL_PTR; } - CJson *credJson = GetObjFromJson(in, FIELD_CREDENTIAL); - if (credJson == NULL) { - LOGE("Failed to get credJson"); - return HC_ERR_JSON_GET; - } - int32_t ret = CheckCredValidity(in, credJson); + int32_t ret = CheckCredValidity(in); if (ret != HC_SUCCESS) { LOGE("Invalid credential"); return ret; @@ -949,7 +943,7 @@ static int32_t AddToken(int32_t osAccountId, const CJson *in, CJson *out) LOGE("Failed to allocate token memory!"); return HC_ERR_ALLOC_MEMORY; } - ret = GenerateTokenFromJson(credJson, token); + ret = GenerateTokenFromJson(in, token); if (ret != HC_SUCCESS) { LOGE("Failed to generate token"); DestroyAccountToken(token); @@ -1169,9 +1163,9 @@ static void LoadTokenDb(void) if (name == NULL) { continue; } - if (strcmp(name, "account_data.dat") == 0) { + if (strcmp(name, "account_data_asy.dat") == 0) { LoadOsAccountTokenDb(DEFAULT_OS_ACCOUNT); - } else if (sscanf_s(name, "account_data%d.dat", &osAccountId) == 1) { + } else if (sscanf_s(name, "account_data_asy%d.dat", &osAccountId) == 1) { LoadOsAccountTokenDb(osAccountId); } } @@ -1183,25 +1177,25 @@ void InitTokenManager(void) if (g_accountDbMutex == NULL) { g_accountDbMutex = (HcMutex *)HcMalloc(sizeof(HcMutex), 0); if (g_accountDbMutex == NULL) { - LOGE("Alloc account database mutex failed"); + LOGE("Alloc account database mutex failed."); return; } if (InitHcMutex(g_accountDbMutex) != HC_SUCCESS) { - LOGE("Init account mutex failed"); + LOGE("Init account mutex failed."); HcFree(g_accountDbMutex); g_accountDbMutex = NULL; return; } } g_accountDbMutex->lock(g_accountDbMutex); - (void)memset_s(&g_tokenManager, sizeof(AccountAuthTokenManager), 0, sizeof(AccountAuthTokenManager)); - g_tokenManager.addToken = AddToken; - g_tokenManager.getToken = GetToken; - g_tokenManager.deleteToken = DeleteToken; - g_tokenManager.getRegisterProof = GetRegisterProof; - g_tokenManager.getServerPublicKey = GetServerPublicKey; - g_tokenManager.generateKeyAlias = GenerateKeyAlias; - g_tokenManager.getAlgVersion = GetAlgVersion; + (void)memset_s(&g_asyTokenManager, sizeof(AccountAuthTokenManager), 0, sizeof(AccountAuthTokenManager)); + g_asyTokenManager.addToken = AddToken; + g_asyTokenManager.getToken = GetToken; + g_asyTokenManager.deleteToken = DeleteToken; + g_asyTokenManager.getRegisterProof = GetRegisterProof; + g_asyTokenManager.getServerPublicKey = GetServerPublicKey; + g_asyTokenManager.generateKeyAlias = GenerateKeyAlias; + g_asyTokenManager.getAlgVersion = GetAlgVersion; if (!g_isInitial) { g_accountTokenDb = CREATE_HC_VECTOR(AccountTokenDb); g_isInitial = true; @@ -1259,12 +1253,12 @@ AccountToken *CreateAccountToken(void) token->serverPk.val = (uint8_t *)HcMalloc(SERVER_PK_SIZE, 0); GOTO_IF_CHECK_NULL(token->serverPk.val, "serverPk"); token->serverPk.length = SERVER_PK_SIZE; - token->pkInfo.deviceId.val = (uint8_t *)HcMalloc(DEVICE_ID_SIZE, 0); + token->pkInfo.deviceId.val = (uint8_t *)HcMalloc(DEV_AUTH_DEVICE_ID_SIZE, 0); GOTO_IF_CHECK_NULL(token->pkInfo.deviceId.val, "deviceId"); - token->pkInfo.deviceId.length = DEVICE_ID_SIZE; - token->pkInfo.userId.val = (uint8_t *)HcMalloc(USER_ID_SIZE, 0); + token->pkInfo.deviceId.length = DEV_AUTH_DEVICE_ID_SIZE; + token->pkInfo.userId.val = (uint8_t *)HcMalloc(DEV_AUTH_USER_ID_SIZE, 0); GOTO_IF_CHECK_NULL(token->pkInfo.userId.val, "userId"); - token->pkInfo.userId.length = USER_ID_SIZE; + token->pkInfo.userId.length = DEV_AUTH_USER_ID_SIZE; token->pkInfo.version.val = (uint8_t *)HcMalloc(PK_VERSION_SIZE, 0); GOTO_IF_CHECK_NULL(token->pkInfo.version.val, "version"); token->pkInfo.version.length = PK_VERSION_SIZE; @@ -1302,14 +1296,14 @@ void DestroyAccountToken(AccountToken *token) AccountAuthTokenManager *GetAccountAuthTokenManager(void) { - return &g_tokenManager; + return &g_asyTokenManager; } void DestroyTokenManager(void) { g_accountDbMutex->lock(g_accountDbMutex); g_algLoader = NULL; - (void)memset_s(&g_tokenManager, sizeof(AccountAuthTokenManager), 0, sizeof(AccountAuthTokenManager)); + (void)memset_s(&g_asyTokenManager, sizeof(AccountAuthTokenManager), 0, sizeof(AccountAuthTokenManager)); uint32_t index; OsAccountTokenInfo *info = NULL; FOR_EACH_HC_VECTOR(g_accountTokenDb, index, info) { diff --git a/services/authenticators/src/account_related/creds_manager/sym_token_manager.c b/services/authenticators/src/account_related/creds_manager/sym_token_manager.c new file mode 100644 index 0000000..309d98d --- /dev/null +++ b/services/authenticators/src/account_related/creds_manager/sym_token_manager.c @@ -0,0 +1,653 @@ +/* + * Copyright (C) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "sym_token_manager.h" + +#include "alg_defs.h" +#include "alg_loader.h" +#include "common_defs.h" +#include "hc_dev_info.h" +#include "hal_error.h" +#include "hc_file.h" +#include "hc_log.h" +#include "hc_mutex.h" +#include "hc_types.h" +#include "string_util.h" + +IMPLEMENT_HC_VECTOR(SymTokenVec, SymToken*, 1) + +typedef struct { + int32_t osAccountId; + SymTokenVec tokens; +} OsSymTokensInfo; + +DECLARE_HC_VECTOR(SymTokensDb, OsSymTokensInfo) +IMPLEMENT_HC_VECTOR(SymTokensDb, OsSymTokensInfo, 1) + +#define FIELD_SYM_TOKENS "symTokens" + +#define MAX_DB_PATH_LEN 256 + +SymTokenManager g_symTokenManager; + +static SymTokensDb g_SymTokensDb; +static HcMutex *g_dataMutex; + +static bool IsTokenMatch(const SymToken *token, const char *userId, const char *deviceId) +{ + return (strcmp(userId, token->userId) == 0) && (strcmp(deviceId, token->deviceId) == 0); +} + +static bool GetTokensFilePath(int32_t osAccountId, char *tokenPath, uint32_t pathBufferLen) +{ + const char *beginPath = GetAccountStoragePath(); + if (beginPath == NULL) { + LOGE("Failed to get the account storage path!"); + return false; + } + int32_t writeByteNum; + if (osAccountId == DEFAULT_OS_ACCOUNT) { + writeByteNum = sprintf_s(tokenPath, pathBufferLen, "%s/account_data_sym.dat", beginPath); + } else { + writeByteNum = sprintf_s(tokenPath, pathBufferLen, "%s/account_data_sym%d.dat", beginPath, osAccountId); + } + if (writeByteNum <= 0) { + LOGE("sprintf_s fail!"); + return false; + } + return true; +} + +static SymToken *CreateSymTokenByJson(const CJson *tokenJson) +{ + SymToken *token = (SymToken *)HcMalloc(sizeof(SymToken), 0); + if (token == NULL) { + LOGE("Failed to allocate token memory!"); + return NULL; + } + const char *userId = GetStringFromJson(tokenJson, FIELD_USER_ID); + if (userId == NULL) { + LOGE("Failed to get userId from json!"); + HcFree(token); + return NULL; + } + const char *deviceId = GetStringFromJson(tokenJson, FIELD_DEVICE_ID); + if (deviceId == NULL) { + LOGE("Failed to get deviceId from json!"); + HcFree(token); + return NULL; + } + if (strcpy_s(token->userId, DEV_AUTH_USER_ID_SIZE, userId) != EOK) { + LOGE("Failed to copy userId!"); + HcFree(token); + return NULL; + } + if (strcpy_s(token->deviceId, DEV_AUTH_DEVICE_ID_SIZE, deviceId) != EOK) { + LOGE("Failed to copy deviceId!"); + HcFree(token); + return NULL; + } + (void)GetIntFromJson(tokenJson, FIELD_AUTH_CODE_ID, &token->authCodeId); + return token; +} + +static int32_t CreateTokensFromJson(CJson *tokensJson, SymTokenVec *vec) +{ + CJson *symTokensJson = GetObjFromJson(tokensJson, FIELD_SYM_TOKENS); + if (symTokensJson == NULL) { + LOGE("Failed to get symTokensJson from json!"); + return HC_ERR_JSON_GET; + } + int32_t tokenNum = GetItemNum(symTokensJson); + if (tokenNum <= 0) { + LOGE("No token found."); + return HC_ERR_JSON_GET; + } + for (int32_t i = 0; i < tokenNum; i++) { + CJson *tokenJson = GetItemFromArray(symTokensJson, i); + if (tokenJson == NULL) { + LOGE("Token json is null"); + ClearSymTokenVec(vec); + return HC_ERR_JSON_GET; + } + SymToken *symToken = CreateSymTokenByJson(tokenJson); + if (symToken == NULL) { + LOGE("Failed to create symToken from json!"); + ClearSymTokenVec(vec); + return HC_ERR_ALLOC_MEMORY; + } + if (vec->pushBackT(vec, symToken) == NULL) { + LOGE("Failed to push symToken to vec"); + HcFree(symToken); + ClearSymTokenVec(vec); + return HC_ERR_MEMORY_COPY; + } + } + return HC_SUCCESS; +} + +static int32_t OpenTokenFile(int32_t osAccountId, FileHandle *file, int32_t mode) +{ + char *tokenPath = (char *)HcMalloc(MAX_DB_PATH_LEN, 0); + if (tokenPath == NULL) { + LOGE("Malloc tokenPath failed"); + return HC_ERR_ALLOC_MEMORY; + } + if (!GetTokensFilePath(osAccountId, tokenPath, MAX_DB_PATH_LEN)) { + LOGE("Get token path failed"); + HcFree(tokenPath); + return HC_ERROR; + } + int32_t ret = HcFileOpen(tokenPath, mode, file); + HcFree(tokenPath); + return ret; +} + +static int32_t ReadTokensFromFile(int32_t osAccountId, SymTokenVec *vec) +{ + if (vec == NULL) { + LOGE("Input token vec is null."); + return HC_ERR_NULL_PTR; + } + FileHandle file = { 0 }; + int32_t ret = OpenTokenFile(osAccountId, &file, MODE_FILE_READ); + if (ret != HC_SUCCESS) { + LOGE("Open token file failed"); + return ret; + } + int32_t fileSize = HcFileSize(file); + if (fileSize <= 0) { + LOGE("file size stat failed"); + HcFileClose(file); + return HC_ERROR; + } + char *fileData = (char *)HcMalloc(fileSize, 0); + if (fileData == NULL) { + LOGE("Malloc file data failed"); + HcFileClose(file); + return HC_ERR_ALLOC_MEMORY; + } + if (HcFileRead(file, fileData, fileSize) != fileSize) { + LOGE("fileData read failed"); + HcFileClose(file); + HcFree(fileData); + return HC_ERROR; + } + HcFileClose(file); + CJson *readJsonFile = CreateJsonFromString(fileData); + HcFree(fileData); + if (readJsonFile == NULL) { + LOGE("fileData parse failed"); + return HC_ERR_JSON_CREATE; + } + ret = CreateTokensFromJson(readJsonFile, vec); + FreeJson(readJsonFile); + if (ret != HC_SUCCESS) { + LOGE("Failed to create tokens from json"); + } + return ret; +} + +static int32_t WriteTokensJsonToFile(int32_t osAccountId, CJson *tokensJson) +{ + char *storeJsonString = PackJsonToString(tokensJson); + if (storeJsonString == NULL) { + LOGE("Pack stored json to string failed."); + return HC_ERR_PACKAGE_JSON_TO_STRING_FAIL; + } + FileHandle file = { 0 }; + int32_t ret = OpenTokenFile(osAccountId, &file, MODE_FILE_WRITE); + if (ret != HC_SUCCESS) { + LOGE("Open token file failed."); + FreeJsonString(storeJsonString); + return ret; + } + int32_t fileSize = (int32_t)(HcStrlen(storeJsonString) + 1); + if (HcFileWrite(file, storeJsonString, fileSize) != fileSize) { + LOGE("Failed to write token array to file."); + ret = HC_ERR_FILE; + } + FreeJsonString(storeJsonString); + HcFileClose(file); + return ret; +} + +static int32_t GenerateJsonFromToken(const SymToken *token, CJson *tokenJson) +{ + if (AddStringToJson(tokenJson, FIELD_USER_ID, token->userId) != HC_SUCCESS) { + LOGE("Failed to add userId to json!"); + return HC_ERR_JSON_ADD; + } + if (AddStringToJson(tokenJson, FIELD_DEVICE_ID, token->deviceId) != HC_SUCCESS) { + LOGE("Failed to add deviceId to json!"); + return HC_ERR_JSON_ADD; + } + if (AddIntToJson(tokenJson, FIELD_AUTH_CODE_ID, token->authCodeId) != HC_SUCCESS) { + LOGE("Failed to add authCodeId to json!"); + return HC_ERR_JSON_ADD; + } + return HC_SUCCESS; +} + +static int32_t SaveTokensToFile(int32_t osAccountId, const SymTokenVec *vec) +{ + CJson *symTokensJson = CreateJsonArray(); + if (symTokensJson == NULL) { + LOGE("Create json failed when save tokens to file."); + return HC_ERR_JSON_CREATE; + } + int32_t ret; + uint32_t index; + SymToken **token; + FOR_EACH_HC_VECTOR(*vec, index, token) { + CJson *tokenJson = CreateJson(); + if (tokenJson == NULL) { + LOGE("Create token json failed."); + FreeJson(symTokensJson); + return HC_ERR_JSON_CREATE; + } + ret = GenerateJsonFromToken(*token, tokenJson); + if (ret != HC_SUCCESS) { + LOGE("Generate json from token failed"); + FreeJson(tokenJson); + FreeJson(symTokensJson); + return ret; + } + if (AddObjToArray(symTokensJson, tokenJson) != HC_SUCCESS) { + LOGE("Add token json to array failed"); + FreeJson(tokenJson); + FreeJson(symTokensJson); + return HC_ERR_JSON_ADD; + } + } + CJson *allTokensJson = CreateJson(); + if (allTokensJson == NULL) { + LOGE("Failed to allocate tokensJson memory!"); + FreeJson(symTokensJson); + return HC_ERR_JSON_CREATE; + } + if (AddObjToJson(allTokensJson, FIELD_SYM_TOKENS, symTokensJson) != HC_SUCCESS) { + LOGE("Failed to add symTokensJson to json!"); + FreeJson(symTokensJson); + FreeJson(allTokensJson); + return HC_ERR_JSON_ADD; + } + FreeJson(symTokensJson); + ret = WriteTokensJsonToFile(osAccountId, allTokensJson); + FreeJson(allTokensJson); + return ret; +} + +static OsSymTokensInfo *GetTokensInfoByOsAccountId(int32_t osAccountId) +{ + uint32_t index = 0; + OsSymTokensInfo *info = NULL; + FOR_EACH_HC_VECTOR(g_SymTokensDb, index, info) { + if ((info != NULL) && (info->osAccountId == osAccountId)) { + return info; + } + } + LOGI("Create a new os account database cache! [Id]: %d", osAccountId); + OsSymTokensInfo newInfo; + newInfo.osAccountId = osAccountId; + newInfo.tokens = CreateSymTokenVec(); + OsSymTokensInfo *returnInfo = g_SymTokensDb.pushBackT(&g_SymTokensDb, newInfo); + if (returnInfo == NULL) { + LOGE("Failed to push OsSymTokensInfo to database!"); + DestroySymTokenVec(&newInfo.tokens); + } + return returnInfo; +} + +static int32_t SaveOsSymTokensDb(int32_t osAccountId) +{ + OsSymTokensInfo *info = GetTokensInfoByOsAccountId(osAccountId); + if (info == NULL) { + LOGE("Failed to get tokens by os account id. [OsAccountId]: %d", osAccountId); + return HC_ERR_INVALID_PARAMS; + } + int32_t ret = SaveTokensToFile(osAccountId, &info->tokens); + if (ret != HC_SUCCESS) { + LOGE("Save tokens to file failed"); + return ret; + } + LOGI("Save an os account database successfully! [Id]: %d", osAccountId); + return HC_SUCCESS; +} + +static SymToken **QueryTokenPtrIfMatch(const SymTokenVec *vec, const char *userId, const char *deviceId) +{ + uint32_t index; + SymToken **token; + FOR_EACH_HC_VECTOR(*vec, index, token) { + if ((token != NULL) && (*token != NULL) && (IsTokenMatch(*token, userId, deviceId))) { + return token; + } + } + return NULL; +} + +static int32_t AddSymTokenToVec(int32_t osAccountId, SymToken *token) +{ + LOGI("Start to add a token to database!"); + OsSymTokensInfo *info = GetTokensInfoByOsAccountId(osAccountId); + if (info == NULL) { + LOGE("Failed to get tokens by os account id. [OsAccountId]: %d", osAccountId); + return HC_ERR_INVALID_PARAMS; + } + SymToken **oldTokenPtr = QueryTokenPtrIfMatch(&info->tokens, token->userId, token->deviceId); + if (oldTokenPtr != NULL) { + LOGI("Replace an old token successfully!"); + HcFree(*oldTokenPtr); + *oldTokenPtr = token; + return HC_SUCCESS; + } + if (info->tokens.pushBackT(&info->tokens, token) == NULL) { + LOGE("Failed to push token to vec!"); + return HC_ERR_MEMORY_COPY; + } + LOGI("Add a token to database successfully!"); + return HC_SUCCESS; +} + +static int32_t GenerateAuthCodeKeyAlias(const SymToken *token, Uint8Buff *alias) +{ + /* KeyAlias = sha256(userId + deviceId + tag). */ + const char *authCodeTag = "authCode"; + uint32_t authCodeTagLen = HcStrlen(authCodeTag); + uint32_t userIdLen = HcStrlen(token->userId); + uint32_t deviceIdLen = HcStrlen(token->deviceId); + uint32_t aliasLen = authCodeTagLen + userIdLen + deviceIdLen; + uint8_t *aliasVal = (uint8_t *)HcMalloc(aliasLen, 0); + if (aliasVal == NULL) { + LOGE("Failed to malloc for self key aliasStr."); + return HC_ERR_ALLOC_MEMORY; + } + Uint8Buff oriAliasBuff = { + aliasVal, + aliasLen + }; + if (memcpy_s(oriAliasBuff.val, oriAliasBuff.length, token->userId, userIdLen) != EOK) { + LOGE("Failed to copy userId."); + HcFree(aliasVal); + return HC_ERR_MEMORY_COPY; + } + if (memcpy_s(oriAliasBuff.val + userIdLen, oriAliasBuff.length - userIdLen, token->deviceId, deviceIdLen) != EOK) { + LOGE("Failed to copy deviceId."); + HcFree(aliasVal); + return HC_ERR_MEMORY_COPY; + } + if (memcpy_s(oriAliasBuff.val + userIdLen + deviceIdLen, + oriAliasBuff.length - userIdLen - deviceIdLen, authCodeTag, authCodeTagLen) != EOK) { + LOGE("Failed to copy authCodeTag."); + HcFree(aliasVal); + return HC_ERR_MEMORY_COPY; + } + int32_t res = GetLoaderInstance()->sha256(&oriAliasBuff, alias); + HcFree(aliasVal); + if (res != HAL_SUCCESS) { + LOGE("Compute authCode alias hash failed"); + } + return res; +} + +static int32_t ImportSymTokenToKeyManager(const SymToken *token, CJson *in) +{ + uint8_t authCode[DEV_AUTH_AUTH_CODE_SIZE] = { 0 }; + if (GetByteFromJson(in, FIELD_AUTH_CODE, authCode, DEV_AUTH_AUTH_CODE_SIZE) != HC_SUCCESS) { + LOGE("Failed to get authCode from json!"); + return HC_ERR_JSON_GET; + } + uint8_t *keyAliasVal = (uint8_t *)HcMalloc(SHA256_LEN, 0); + if (keyAliasVal == NULL) { + LOGE("Failed to allocate keyAliasVal memory!"); + return HC_ERR_ALLOC_MEMORY; + } + Uint8Buff keyAlias = { + .val = keyAliasVal, + .length = SHA256_LEN + }; + Uint8Buff authCodeBuff = { + .val = authCode, + .length = DEV_AUTH_AUTH_CODE_SIZE + }; + int32_t res = GenerateAuthCodeKeyAlias(token, &keyAlias); + if (res != HC_SUCCESS) { + LOGE("Failed to generate authCode key alias!"); + HcFree(keyAliasVal); + return res; + } + res = GetLoaderInstance()->importSymmetricKey(&keyAlias, &authCodeBuff, KEY_PURPOSE_MAC, NULL); + HcFree(keyAliasVal); + if (res != HC_SUCCESS) { + LOGE("Failed to import sym token! res: %d", res); + } else { + LOGI("Import sym token success!"); + } + /* Clear sensitive data: authCode. */ + (void)memset_s(authCode, DEV_AUTH_AUTH_CODE_SIZE, 0, DEV_AUTH_AUTH_CODE_SIZE); + ClearSensitiveStringInJson(in, FIELD_AUTH_CODE); + return res; +} + +static int32_t AddToken(int32_t osAccountId, CJson *in) +{ + LOGI("[Token]: Add sym token starting ..."); + if (in == NULL) { + LOGE("Invalid params!"); + return HC_ERR_NULL_PTR; + } + SymToken *symToken = CreateSymTokenByJson(in); + if (symToken == NULL) { + LOGE("Failed to create symToken from json!"); + return HC_ERR_ALLOC_MEMORY; + } + g_dataMutex->lock(g_dataMutex); + int32_t res = AddSymTokenToVec(osAccountId, symToken); + if (res != HC_SUCCESS) { + g_dataMutex->unlock(g_dataMutex); + LOGE("Failed to add sym token to vec"); + HcFree(symToken); + return res; + } + res = ImportSymTokenToKeyManager(symToken, in); + if (res != HC_SUCCESS) { + g_dataMutex->unlock(g_dataMutex); + LOGE("Failed to import sym token!"); + return res; + } + res = SaveOsSymTokensDb(osAccountId); + g_dataMutex->unlock(g_dataMutex); + if (res != HC_SUCCESS) { + LOGE("Failed to save token to db"); + return res; + } + LOGI("[Token]: Add sym token success"); + return HC_SUCCESS; +} + +static SymToken *PopSymTokenFromVec(int32_t osAccountId, const char *userId, const char *deviceId) +{ + LOGI("Start to pop token from database!"); + OsSymTokensInfo *info = GetTokensInfoByOsAccountId(osAccountId); + if (info == NULL) { + LOGE("Failed to get tokens by os account id. [OsAccountId]: %d", osAccountId); + return NULL; + } + uint32_t index = 0; + SymToken **token = NULL; + while (index < HC_VECTOR_SIZE(&info->tokens)) { + token = info->tokens.getp(&info->tokens, index); + if ((token == NULL) || (*token == NULL) || (!IsTokenMatch(*token, userId, deviceId))) { + index++; + continue; + } + SymToken *deleteToken = NULL; + HC_VECTOR_POPELEMENT(&info->tokens, &deleteToken, index); + LOGI("Pop a token from database successfully!"); + return deleteToken; + } + LOGE("The token is not found!"); + return NULL; +} + +static int32_t DeleteSymTokenFromKeyManager(const SymToken *token) +{ + uint8_t *keyAliasVal = (uint8_t *)HcMalloc(SHA256_LEN, 0); + if (keyAliasVal == NULL) { + LOGE("Failed to allocate keyAliasVal memory!"); + return HC_ERR_ALLOC_MEMORY; + } + Uint8Buff keyAlias = { + .val = keyAliasVal, + .length = SHA256_LEN + }; + int32_t res = GenerateAuthCodeKeyAlias(token, &keyAlias); + if (res != HC_SUCCESS) { + LOGE("Failed to generate authCode key alias!"); + HcFree(keyAliasVal); + return res; + } + res = GetLoaderInstance()->deleteKey(&keyAlias); + HcFree(keyAliasVal); + if (res != HC_SUCCESS) { + LOGE("Failed to delete sym token! res: %d", res); + } else { + LOGI("Delete sym token success!"); + } + return res; +} + +static int32_t DeleteToken(int32_t osAccountId, const char *userId, const char *deviceId) +{ + LOGI("[Token]: Delete sym token starting ..."); + if ((userId == NULL) || (deviceId == NULL)) { + LOGE("Invalid params"); + return HC_ERR_NULL_PTR; + } + g_dataMutex->lock(g_dataMutex); + SymToken *symToken = PopSymTokenFromVec(osAccountId, userId, deviceId); + if (symToken == NULL) { + g_dataMutex->unlock(g_dataMutex); + return HC_ERR_NULL_PTR; + } + int32_t res = DeleteSymTokenFromKeyManager(symToken); + HcFree(symToken); + if (res != HC_SUCCESS) { + g_dataMutex->unlock(g_dataMutex); + LOGE("Failed to delete sym token!"); + return res; + } + res = SaveOsSymTokensDb(osAccountId); + g_dataMutex->unlock(g_dataMutex); + if (res != HC_SUCCESS) { + LOGE("Failed to save token to db, account id is: %d", osAccountId); + return res; + } + LOGI("[Token]: Delete sym token success"); + return HC_SUCCESS; +} + +static void LoadOsSymTokensDb(int32_t osAccountId) +{ + OsSymTokensInfo info; + info.osAccountId = osAccountId; + info.tokens = CreateSymTokenVec(); + if (ReadTokensFromFile(osAccountId, &info.tokens) != HC_SUCCESS) { + DestroySymTokenVec(&info.tokens); + return; + } + if (g_SymTokensDb.pushBackT(&g_SymTokensDb, info) == NULL) { + LOGE("Failed to push osAccountInfo to database!"); + ClearSymTokenVec(&info.tokens); + } + LOGI("Load os account db successfully! [Id]: %d", osAccountId); +} + +static void LoadTokenDb(void) +{ + StringVector dbNameVec = CreateStrVector(); + HcFileGetSubFileName(GetAccountStoragePath(), &dbNameVec); + uint32_t index; + HcString *dbName = NULL; + FOR_EACH_HC_VECTOR(dbNameVec, index, dbName) { + int32_t osAccountId; + const char *name = StringGet(dbName); + if (name == NULL) { + continue; + } + if (strcmp(name, "account_data_sym.dat") == 0) { + LoadOsSymTokensDb(DEFAULT_OS_ACCOUNT); + } else if (sscanf_s(name, "account_data_sym%d.dat", &osAccountId) == 1) { + LoadOsSymTokensDb(osAccountId); + } + } + DestroyStrVector(&dbNameVec); +} + +void ClearSymTokenVec(SymTokenVec *vec) +{ + uint32_t index; + SymToken **token; + FOR_EACH_HC_VECTOR(*vec, index, token) { + HcFree(*token); + } + DESTROY_HC_VECTOR(SymTokenVec, vec); +} + +SymTokenManager *GetSymTokenManager(void) +{ + return &g_symTokenManager; +} + +void InitSymTokenManager(void) +{ + if (g_dataMutex == NULL) { + g_dataMutex = (HcMutex *)HcMalloc(sizeof(HcMutex), 0); + if (g_dataMutex == NULL) { + LOGE("Alloc account database mutex failed."); + return; + } + if (InitHcMutex(g_dataMutex) != HC_SUCCESS) { + LOGE("Init account mutex failed."); + HcFree(g_dataMutex); + g_dataMutex = NULL; + return; + } + } + g_dataMutex->lock(g_dataMutex); + (void)memset_s(&g_symTokenManager, sizeof(SymTokenManager), 0, sizeof(SymTokenManager)); + g_symTokenManager.addToken = AddToken; + g_symTokenManager.deleteToken = DeleteToken; + g_SymTokensDb = CREATE_HC_VECTOR(SymTokensDb); + LoadTokenDb(); + g_dataMutex->unlock(g_dataMutex); +} + +void DestroySymTokenManager(void) +{ + g_dataMutex->lock(g_dataMutex); + (void)memset_s(&g_symTokenManager, sizeof(SymTokenManager), 0, sizeof(SymTokenManager)); + uint32_t index; + OsSymTokensInfo *info = NULL; + FOR_EACH_HC_VECTOR(g_SymTokensDb, index, info) { + ClearSymTokenVec(&info->tokens); + } + DESTROY_HC_VECTOR(SymTokensDb, &g_SymTokensDb); + g_dataMutex->unlock(g_dataMutex); + DestroyHcMutex(g_dataMutex); + HcFree(g_dataMutex); + g_dataMutex = NULL; +} diff --git a/services/authenticators/src/account_related_mock/account_module_mock.c b/services/authenticators/src/account_related_mock/account_module_mock.c index 59cdc83..c1ef397 100644 --- a/services/authenticators/src/account_related_mock/account_module_mock.c +++ b/services/authenticators/src/account_related_mock/account_module_mock.c @@ -35,7 +35,7 @@ AuthModuleBase *CreateAccountModule(void) return NULL; } -int32_t ProcessAccountCredentials(int32_t osAccountId, int32_t credentialOpCode, const CJson *in, CJson *out) +int32_t ProcessAccountCredentials(int32_t osAccountId, int32_t credentialOpCode, CJson *in, CJson *out) { (void)osAccountId; (void)credentialOpCode; diff --git a/services/authenticators/src/account_unrelated/das_module.c b/services/authenticators/src/account_unrelated/das_module.c index 8487003..d6ad34b 100644 --- a/services/authenticators/src/account_unrelated/das_module.c +++ b/services/authenticators/src/account_unrelated/das_module.c @@ -27,7 +27,7 @@ DECLARE_HC_VECTOR(TaskInModuleVec, void *); IMPLEMENT_HC_VECTOR(TaskInModuleVec, void *, 1) TaskInModuleVec g_taskInModuleVec; -DasAuthModule g_dasModule = {0}; +DasAuthModule g_dasModule = { 0 }; static int32_t RegisterDasLocalIdentity(const char *pkgName, const char *serviceType, Uint8Buff *authId, int userType) { diff --git a/services/data_manager/src/data_manager.c b/services/data_manager/src/data_manager.c index 9826129..b24324e 100644 --- a/services/data_manager/src/data_manager.c +++ b/services/data_manager/src/data_manager.c @@ -201,13 +201,13 @@ static bool GetOsAccountInfoPath(int32_t osAccountId, char *infoPath, uint32_t p LOGE("[DB]: Failed to get the storage path dir!"); return false; } - int32_t ret; + int32_t writeByteNum; if (osAccountId == DEFAULT_OS_ACCOUNT) { - ret = sprintf_s(infoPath, pathBufferLen, "%s/hcgroup.dat", beginPath); + writeByteNum = sprintf_s(infoPath, pathBufferLen, "%s/hcgroup.dat", beginPath); } else { - ret = sprintf_s(infoPath, pathBufferLen, "%s/hcgroup%d.dat", beginPath, osAccountId); + writeByteNum = sprintf_s(infoPath, pathBufferLen, "%s/hcgroup%d.dat", beginPath, osAccountId); } - if (ret <= 0) { + if (writeByteNum <= 0) { LOGE("[DB]: sprintf_s fail!"); return false; } @@ -649,14 +649,14 @@ static bool SaveParcelToFile(const OsAccountTrustedInfo *info, HcParcel *parcel) } int fileSize = (int)GetParcelDataSize(parcel); const char *fileData = GetParcelData(parcel); - if (HcFileWrite(file, fileData, fileSize) == fileSize) { - ret = true; + int writeSize = HcFileWrite(file, fileData, fileSize); + HcFileClose(file); + if (writeSize == fileSize) { + return true; } else { LOGE("[DB]: write file error!"); - ret = false; + return false; } - HcFileClose(file); - return ret; } static bool CompareQueryGroupParams(const QueryGroupParams *params, const TrustedGroupEntry *entry) diff --git a/services/device_auth.c b/services/device_auth.c index 51b8f63..38f7f7e 100644 --- a/services/device_auth.c +++ b/services/device_auth.c @@ -278,6 +278,8 @@ DEVICE_AUTH_API_PUBLIC const DeviceGroupManager *GetGmInstance(void) g_groupManagerInstance->deleteGroup = DeleteGroupImpl; g_groupManagerInstance->addMemberToGroup = AddMemberToGroupImpl; g_groupManagerInstance->deleteMemberFromGroup = DeleteMemberFromGroupImpl; + g_groupManagerInstance->addMultiMembersToGroup = AddMultiMembersToGroupImpl; + g_groupManagerInstance->delMultiMembersFromGroup = DelMultiMembersFromGroupImpl; g_groupManagerInstance->processData = ProcessBindDataImpl; g_groupManagerInstance->getRegisterInfo = GetRegisterInfo; g_groupManagerInstance->checkAccessToGroup = CheckAccessToGroupImpl; diff --git a/services/deviceauth_account.gni b/services/deviceauth_account.gni index df77f3a..163f95a 100644 --- a/services/deviceauth_account.gni +++ b/services/deviceauth_account.gni @@ -9,7 +9,7 @@ # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and -# limitations under the License. +# limitations under the License. import("//base/security/deviceauth/deviceauth_env.gni") @@ -28,7 +28,7 @@ account_related_inc_path += [ "${services_path}/authenticators/inc", "${services_path}/authenticators/inc/account_related", "${services_path}/authenticators/inc/account_related/auth/pake_v2_auth_task", - "${services_path}/authenticators/inc/account_related/creds_manager/asysmetric_token_manager", + "${services_path}/authenticators/inc/account_related/creds_manager", ] authenticators_account_related_files = [ @@ -36,7 +36,8 @@ authenticators_account_related_files = [ "${services_path}/authenticators/src/account_related/account_multi_task_manager.c", "${services_path}/authenticators/src/account_related/account_task_main.c", "${services_path}/authenticators/src/account_related/account_version_util.c", - "${services_path}/authenticators/src/account_related/creds_manager/asysmetric_token_manager/asy_token_manager.c", + "${services_path}/authenticators/src/account_related/creds_manager/asy_token_manager.c", + "${services_path}/authenticators/src/account_related/creds_manager/sym_token_manager.c", "${services_path}/authenticators/src/account_related/auth/pake_v2_auth_task/pake_v2_auth_task_common.c", "${services_path}/authenticators/src/account_related/auth/pake_v2_auth_task/pake_v2_auth_client_task.c", "${services_path}/authenticators/src/account_related/auth/pake_v2_auth_task/pake_v2_auth_server_task.c", diff --git a/services/frameworks/src/module/dev_auth_module_manager.c b/services/frameworks/src/module/dev_auth_module_manager.c index 330d09c..65f4fcb 100644 --- a/services/frameworks/src/module/dev_auth_module_manager.c +++ b/services/frameworks/src/module/dev_auth_module_manager.c @@ -259,7 +259,7 @@ static int32_t InitAccountModule(void) } static int32_t ProcessCredentials(int32_t osAccountId, int32_t credentialOpCode, - const CJson *in, CJson *out, int moduleType) + CJson *in, CJson *out, int moduleType) { if (moduleType != ACCOUNT_MODULE) { LOGE("Unsupported method in the module, moduleType: %d.", moduleType); diff --git a/services/group_manager/inc/across_account_group.h b/services/group_manager/inc/across_account_group.h index 755d2f6..d1dbb92 100644 --- a/services/group_manager/inc/across_account_group.h +++ b/services/group_manager/inc/across_account_group.h @@ -24,6 +24,8 @@ extern "C" { typedef struct { BaseGroup base; + int32_t (*addMultiMembersToGroup)(int32_t osAccountId, const char *appId, CJson *jsonParams); + int32_t (*delMultiMembersFromGroup)(int32_t osAccountId, const char *appId, CJson *jsonParams); } AcrossAccountGroup; bool IsAcrossAccountGroupSupported(void); diff --git a/services/group_manager/inc/group_manager.h b/services/group_manager/inc/group_manager.h index 2977107..4eba785 100644 --- a/services/group_manager/inc/group_manager.h +++ b/services/group_manager/inc/group_manager.h @@ -30,6 +30,8 @@ int32_t CreateGroupImpl(int32_t osAccountId, int64_t requestId, const char *appI int32_t DeleteGroupImpl(int32_t osAccountId, int64_t requestId, const char *appId, const char *disbandParams); int32_t AddMemberToGroupImpl(int32_t osAccountId, int64_t requestId, const char *appId, const char *addParams); int32_t DeleteMemberFromGroupImpl(int32_t osAccountId, int64_t requestId, const char *appId, const char *deleteParams); +int32_t AddMultiMembersToGroupImpl(int32_t osAccountId, const char *appId, const char *addParams); +int32_t DelMultiMembersFromGroupImpl(int32_t osAccountId, const char *appId, const char *deleteParams); int32_t ProcessBindDataImpl(int64_t requestId, const uint8_t *data, uint32_t dataLen); int32_t ConfirmRequestImpl(int32_t osAccountId, int64_t requestId, const char *appId, const char *confirmParams); int32_t AddGroupManagerImpl(int32_t osAccountId, const char *appId, const char *groupId, const char *managerAppId); diff --git a/services/group_manager/inc/group_operation.h b/services/group_manager/inc/group_operation.h index b472f40..2dc4111 100644 --- a/services/group_manager/inc/group_operation.h +++ b/services/group_manager/inc/group_operation.h @@ -28,6 +28,8 @@ typedef struct { int32_t (*deleteGroup)(int32_t osAccountId, int64_t requestId, const char *appId, const char *disbandParams); int32_t (*addMember)(int32_t osAccountId, int64_t requestId, const char *appId, const char *addParams); int32_t (*deleteMember)(int32_t osAccountId, int64_t requestId, const char *appId, const char *deleteParams); + int32_t (*addMultiMembers)(int32_t osAccountId, const char *appId, const char *addParams); + int32_t (*delMultiMembers)(int32_t osAccountId, const char *appId, const char *deleteParams); int32_t (*processBindData)(int64_t requestId, const uint8_t *data, uint32_t dataLen); int32_t (*confirmRequest)(int32_t osAccountId, int64_t requestId, const char *appId, const char *confirmParams); int32_t (*addGroupRole)(int32_t osAccountId, bool isManager, const char *appId, const char *groupId, diff --git a/services/group_manager/inc/group_operation_common.h b/services/group_manager/inc/group_operation_common.h index 206db25..33fadb7 100644 --- a/services/group_manager/inc/group_operation_common.h +++ b/services/group_manager/inc/group_operation_common.h @@ -37,6 +37,8 @@ int32_t GetHashMessage(const Uint8Buff *first, const Uint8Buff *second, uint8_t int32_t AssertUserIdExist(const CJson *jsonParams); int32_t AssertSharedUserIdExist(const CJson *jsonParams); +int32_t AssertGroupTypeMatch(int32_t inputType, int32_t targetType); +int32_t AssertSameGroupNotExist(int32_t osAccountId, const char *groupId); int32_t CheckGroupExist(int32_t osAccountId, const char *groupId); int32_t CheckGroupNumLimit(int32_t osAccountId, int32_t groupType, const char *appId); int32_t CheckDeviceNumLimit(int32_t osAccountId, const char *groupId, const char *peerUdid); @@ -54,9 +56,12 @@ int32_t AddExpireTimeOrDefault(const CJson *jsonParams, TrustedGroupEntry *group int32_t AddUserIdToGroupParams(const CJson *jsonParams, TrustedGroupEntry *groupParams); int32_t AddSharedUserIdToGroupParams(const CJson *jsonParams, TrustedGroupEntry *groupParams); -int32_t AddUdidToParams(TrustedDeviceEntry *devParams); +int32_t AddSelfUdidToParams(TrustedDeviceEntry *devParams); +int32_t AddUdidToParams(const CJson *jsonParams, TrustedDeviceEntry *devParams); +int32_t AddAuthIdToParams(const CJson *jsonParams, TrustedDeviceEntry *devParams); int32_t AddAuthIdToParamsOrDefault(const CJson *jsonParams, TrustedDeviceEntry *devParams); int32_t AddUserTypeToParamsOrDefault(const CJson *jsonParams, TrustedDeviceEntry *devParams); +int32_t AddCredTypeToParams(const CJson *jsonParams, TrustedDeviceEntry *devParams); int32_t AddServiceTypeToParams(const char *groupId, TrustedDeviceEntry *devParams); int32_t AddGroupIdToDevParams(const char *groupId, TrustedDeviceEntry *devParams); int32_t AddUserIdToDevParams(const CJson *jsonParams, TrustedDeviceEntry *devParams); @@ -79,12 +84,12 @@ int32_t GetAppIdFromJson(const CJson *jsonParams, const char **appId); int32_t GetHashResult(const uint8_t *info, uint32_t infoLen, char *hash, uint32_t hashLen); -bool IsTrustedDeviceInGroup(int32_t osAccountId, const char *groupId, const char *deviceId, bool isUdid); -int32_t GetGroupInfoById(int32_t osAccountId, const char *groupId, TrustedGroupEntry *returnGroupEntry); -bool IsGroupOwner(int32_t osAccountId, const char *groupId, const char *appId); -bool IsGroupAccessible(int32_t osAccountId, const char *groupId, const char *appId); +bool IsLocalDevice(const char *udid); bool IsGroupExistByGroupId(int32_t osAccountId, const char *groupId); -bool IsGroupEditAllowed(int32_t osAccountId, const char *groupId, const char *appId); +bool IsGroupOwner(int32_t osAccountId, const char *groupId, const char *appId); +bool IsTrustedDeviceInGroup(int32_t osAccountId, const char *groupId, const char *deviceId, bool isUdid); +int32_t CheckGroupAccessible(int32_t osAccountId, const char *groupId, const char *appId); +int32_t CheckGroupEditAllowed(int32_t osAccountId, const char *groupId, const char *appId); int32_t GetGroupInfo(int32_t osAccountId, int groupType, const char *groupId, const char *groupName, const char *groupOwner, GroupEntryVec *groupEntryVec); int32_t GetJoinedGroups(int32_t osAccountId, int groupType, GroupEntryVec *groupEntryVec); diff --git a/services/group_manager/inc/identical_account_group.h b/services/group_manager/inc/identical_account_group.h index 02c66b9..4f5fc8b 100644 --- a/services/group_manager/inc/identical_account_group.h +++ b/services/group_manager/inc/identical_account_group.h @@ -24,7 +24,8 @@ extern "C" { typedef struct { BaseGroup base; - int32_t (*generateGroupId)(const char *userIdHash, char **returnGroupId); + int32_t (*addMultiMembersToGroup)(int32_t osAccountId, const char *appId, CJson *jsonParams); + int32_t (*delMultiMembersFromGroup)(int32_t osAccountId, const char *appId, CJson *jsonParams); } IdenticalAccountGroup; bool IsIdenticalAccountGroupSupported(void); diff --git a/services/group_manager/src/group_manager.c b/services/group_manager/src/group_manager.c index 34c6634..cde9933 100644 --- a/services/group_manager/src/group_manager.c +++ b/services/group_manager/src/group_manager.c @@ -45,6 +45,18 @@ int32_t DeleteMemberFromGroupImpl(int32_t osAccountId, int64_t requestId, const : HC_ERR_NOT_SUPPORT; } +int32_t AddMultiMembersToGroupImpl(int32_t osAccountId, const char *appId, const char *addParams) +{ + return IsGroupSupport() ? GetGroupImplInstance()->addMultiMembers(osAccountId, appId, addParams) + : HC_ERR_NOT_SUPPORT; +} + +int32_t DelMultiMembersFromGroupImpl(int32_t osAccountId, const char *appId, const char *deleteParams) +{ + return IsGroupSupport() ? GetGroupImplInstance()->delMultiMembers(osAccountId, appId, deleteParams) + : HC_ERR_NOT_SUPPORT; +} + int32_t ProcessBindDataImpl(int64_t requestId, const uint8_t *data, uint32_t dataLen) { return IsGroupSupport() ? GetGroupImplInstance()->processBindData(requestId, data, dataLen) : HC_ERR_NOT_SUPPORT; diff --git a/services/group_manager/src/group_operation/across_account_group/across_account_group.c b/services/group_manager/src/group_operation/across_account_group/across_account_group.c index 194b06e..8a5b336 100644 --- a/services/group_manager/src/group_operation/across_account_group/across_account_group.c +++ b/services/group_manager/src/group_operation/across_account_group/across_account_group.c @@ -15,11 +15,13 @@ #include "across_account_group.h" +#include "account_module.h" #include "alg_defs.h" #include "callback_manager.h" #include "common_defs.h" #include "data_manager.h" #include "device_auth_defines.h" +#include "dev_auth_module_manager.h" #include "group_operation_common.h" #include "hc_log.h" #include "string_util.h" @@ -86,7 +88,7 @@ static int32_t GenerateGroupId(const char *userId, const char *sharedUserId, cha static int32_t GenerateDevParams(const CJson *jsonParams, const char *groupId, TrustedDeviceEntry *devParams) { int32_t result; - if (((result = AddUdidToParams(devParams)) != HC_SUCCESS) || + if (((result = AddSelfUdidToParams(devParams)) != HC_SUCCESS) || ((result = AddAuthIdToParamsOrDefault(jsonParams, devParams)) != HC_SUCCESS) || ((result = AddUserIdToDevParams(jsonParams, devParams)) != HC_SUCCESS) || ((result = AddUserTypeToParamsOrDefault(jsonParams, devParams)) != HC_SUCCESS) || @@ -195,22 +197,219 @@ static int32_t CheckCreateParams(int32_t osAccountId, const CJson *jsonParams) return HC_SUCCESS; } -static int32_t CreateGroupInner(int32_t osAccountId, const CJson *jsonParams, char **returnGroupId) +static int32_t GenerateAddTokenParams(const CJson *jsonParams, CJson *addParams) { - char *groupId = NULL; + const char *userId = GetStringFromJson(jsonParams, FIELD_USER_ID); + if (userId == NULL) { + LOGE("Failed to get userId from json!"); + return HC_ERR_JSON_GET; + } + const char *deviceId = GetStringFromJson(jsonParams, FIELD_DEVICE_ID); + if (deviceId == NULL) { + LOGE("Failed to get deviceId from json!"); + return HC_ERR_JSON_GET; + } + if (AddStringToJson(addParams, FIELD_DEVICE_ID, deviceId) != HC_SUCCESS) { + LOGE("Failed to add deviceId to json!"); + return HC_ERR_JSON_ADD; + } + if (AddStringToJson(addParams, FIELD_USER_ID, userId) != HC_SUCCESS) { + LOGE("Failed to add userId to json!"); + return HC_ERR_JSON_ADD; + } + return HC_SUCCESS; +} + +static int32_t GenerateDelTokenParams(const TrustedDeviceEntry *entry, CJson *delParams) +{ + if (AddIntToJson(delParams, FIELD_CREDENTIAL_TYPE, (int32_t)entry->credential) != HC_SUCCESS) { + LOGE("Failed to add credentialType to json!"); + return HC_ERR_JSON_ADD; + } + if (AddStringToJson(delParams, FIELD_USER_ID, StringGet(&entry->userId)) != HC_SUCCESS) { + LOGE("Failed to add userId to json!"); + return HC_ERR_JSON_ADD; + } + if (AddStringToJson(delParams, FIELD_DEVICE_ID, StringGet(&entry->authId)) != HC_SUCCESS) { + LOGE("Failed to add deviceId to json!"); + return HC_ERR_JSON_ADD; + } + return HC_SUCCESS; +} + +static int32_t DelPeerDeviceToken(int32_t osAccountId, const TrustedDeviceEntry *entry) +{ + CJson *delParams = CreateJson(); + if (delParams == NULL) { + LOGE("Failed to allocate delParams memory!"); + return HC_ERR_ALLOC_MEMORY; + } + int32_t res = GenerateDelTokenParams(entry, delParams); + if (res != HC_SUCCESS) { + FreeJson(delParams); + return res; + } + res = ProcessAccountCredentials(osAccountId, DELETE_TRUSTED_CREDENTIALS, delParams, NULL); + FreeJson(delParams); + return res; +} + +static void DelAllPeerTokens(int32_t osAccountId, const DeviceEntryVec *vec) +{ + int32_t res; + uint32_t index; + TrustedDeviceEntry **entry = NULL; + FOR_EACH_HC_VECTOR(*vec, index, entry) { + if ((entry == NULL) || (*entry == NULL) || (IsLocalDevice(StringGet(&(*entry)->udid)))) { + continue; + } + res = DelPeerDeviceToken(osAccountId, *entry); + if (res != HC_SUCCESS) { + LOGE("Failed to delete peer device token! res: %d", res); + } + } +} + +static int32_t DelGroupAndTokens(int32_t osAccountId, const char *groupId) +{ + DeviceEntryVec deviceList = CreateDeviceEntryVec(); + (void)GetTrustedDevices(osAccountId, groupId, &deviceList); + int32_t res = DelGroupFromDb(osAccountId, groupId); + DelAllPeerTokens(osAccountId, &deviceList); + ClearDeviceEntryVec(&deviceList); + return res; +} + +static int32_t CheckChangeParams(int32_t osAccountId, const char *appId, CJson *jsonParams) +{ + const char *groupId = GetStringFromJson(jsonParams, FIELD_GROUP_ID); + if (groupId == NULL) { + LOGE("Failed to get groupId from json!"); + return HC_ERR_JSON_GET; + } + int32_t groupType; int32_t result; - if (((result = CheckCreateParams(osAccountId, jsonParams)) != HC_SUCCESS) || - ((result = GenerateAcrossAccountGroupId(jsonParams, &groupId)) != HC_SUCCESS) || - ((result = AddGroupToDatabaseByJson(osAccountId, GenerateGroupParams, jsonParams, groupId)) != HC_SUCCESS) || - ((result = AddDeviceToDatabaseByJson(osAccountId, GenerateDevParams, jsonParams, groupId)) != HC_SUCCESS) || - ((result = SaveOsAccountDb(osAccountId)) != HC_SUCCESS)) { - HcFree(groupId); + if (((result = CheckGroupExist(osAccountId, groupId)) != HC_SUCCESS) || + ((result = GetGroupTypeFromDb(osAccountId, groupId, &groupType)) != HC_SUCCESS) || + ((result = AssertGroupTypeMatch(groupType, ACROSS_ACCOUNT_AUTHORIZE_GROUP)) != HC_SUCCESS) || + ((result = CheckGroupEditAllowed(osAccountId, groupId, appId)) != HC_SUCCESS)) { return result; } - *returnGroupId = groupId; return HC_SUCCESS; } +static int32_t DelDeviceById(int32_t osAccountId, const char *groupId, const char *deviceId, bool isUdid) +{ + QueryDeviceParams queryDeviceParams = InitQueryDeviceParams(); + queryDeviceParams.groupId = groupId; + if (isUdid) { + queryDeviceParams.udid = deviceId; + } else { + queryDeviceParams.authId = deviceId; + } + return DelTrustedDevice(osAccountId, &queryDeviceParams); +} + +static int32_t GenerateTrustedDevParams(const CJson *jsonParams, const char *groupId, TrustedDeviceEntry *devParams) +{ + int32_t result; + if (((result = AddUdidToParams(jsonParams, devParams)) != HC_SUCCESS) || + ((result = AddAuthIdToParams(jsonParams, devParams)) != HC_SUCCESS) || + ((result = AddCredTypeToParams(jsonParams, devParams)) != HC_SUCCESS) || + ((result = AddUserIdToDevParams(jsonParams, devParams)) != HC_SUCCESS) || + ((result = AddUserTypeToParamsOrDefault(jsonParams, devParams)) != HC_SUCCESS) || + ((result = AddGroupIdToDevParams(groupId, devParams)) != HC_SUCCESS) || + ((result = AddServiceTypeToParams(groupId, devParams)) != HC_SUCCESS)) { + return result; + } + return HC_SUCCESS; +} + +static int32_t AddDeviceAndToken(int32_t osAccountId, CJson *jsonParams, CJson *deviceInfo) +{ + const char *groupId = GetStringFromJson(jsonParams, FIELD_GROUP_ID); + if (groupId == NULL) { + LOGE("Failed to get groupId from json!"); + return HC_ERR_JSON_GET; + } + CJson *credential = GetObjFromJson(deviceInfo, FIELD_CREDENTIAL); + if (credential == NULL) { + LOGE("Failed to get credential from json!"); + return HC_ERR_JSON_GET; + } + int32_t res = GenerateAddTokenParams(deviceInfo, credential); + if (res != HC_SUCCESS) { + return res; + } + res = ProcessAccountCredentials(osAccountId, IMPORT_TRUSTED_CREDENTIALS, credential, NULL); + if (res != HC_SUCCESS) { + LOGE("Failed to import device token! res: %d", res); + return res; + } + res = AddDeviceToDatabaseByJson(osAccountId, GenerateTrustedDevParams, deviceInfo, groupId); + if (res != HC_SUCCESS) { + LOGE("Failed to add device to database! res: %d", res); + } + return res; +} + +static int32_t DelPeerDeviceAndToken(int32_t osAccountId, CJson *jsonParams, CJson *deviceInfo) +{ + const char *groupId = GetStringFromJson(jsonParams, FIELD_GROUP_ID); + if (groupId == NULL) { + LOGE("Failed to get groupId from json!"); + return HC_ERR_JSON_GET; + } + const char *deviceId = GetStringFromJson(deviceInfo, FIELD_DEVICE_ID); + if (deviceId == NULL) { + LOGE("Failed to get deviceId from json!"); + return HC_ERR_JSON_GET; + } + TrustedDeviceEntry *entry = GetTrustedDeviceEntryById(osAccountId, deviceId, false, groupId); + if (entry == NULL) { + LOGE("Failed to get device from db!"); + return HC_ERR_DEVICE_NOT_EXIST; + } + if (IsLocalDevice(StringGet(&entry->udid))) { + LOGE("Do not delete the local device!"); + DestroyDeviceEntry(entry); + return HC_ERR_INVALID_PARAMS; + } + int32_t res = DelDeviceById(osAccountId, groupId, deviceId, false); + if (res != HC_SUCCESS) { + LOGE("Failed to delete device from database! res: %d", res); + DestroyDeviceEntry(entry); + return res; + } + res = DelPeerDeviceToken(osAccountId, entry); + DestroyDeviceEntry(entry); + if (res != HC_SUCCESS) { + LOGE("Failed to delete token! res: %d", res); + } + return res; +} + +static int32_t AddGroupAndLocalDev(int32_t osAccountId, CJson *jsonParams, const char *groupId) +{ + int32_t res = AddGroupToDatabaseByJson(osAccountId, GenerateGroupParams, jsonParams, groupId); + if (res != HC_SUCCESS) { + LOGE("Failed to add group to database!"); + return res; + } + res = AddDeviceToDatabaseByJson(osAccountId, GenerateDevParams, jsonParams, groupId); + if (res != HC_SUCCESS) { + LOGE("Failed to add device to database!"); + (void)DelGroupFromDb(osAccountId, groupId); + return res; + } + res = SaveOsAccountDb(osAccountId); + if (res != HC_SUCCESS) { + LOGE("Failed to save database!"); + (void)DelGroupFromDb(osAccountId, groupId); + } + return res; +} + static int32_t CreateGroup(int32_t osAccountId, CJson *jsonParams, char **returnJsonStr) { LOGI("[Start]: Start to create a across account group!"); @@ -220,7 +419,10 @@ static int32_t CreateGroup(int32_t osAccountId, CJson *jsonParams, char **return } char *groupId = NULL; int32_t result; - if (((result = CreateGroupInner(osAccountId, jsonParams, &groupId)) != HC_SUCCESS) || + if (((result = CheckCreateParams(osAccountId, jsonParams)) != HC_SUCCESS) || + ((result = GenerateAcrossAccountGroupId(jsonParams, &groupId)) != HC_SUCCESS) || + ((result = AssertSameGroupNotExist(osAccountId, groupId)) != HC_SUCCESS) || + ((result = AddGroupAndLocalDev(osAccountId, jsonParams, groupId)) != HC_SUCCESS) || ((result = ConvertGroupIdToJsonStr(groupId, returnJsonStr)) != HC_SUCCESS)) { HcFree(groupId); return result; @@ -240,7 +442,7 @@ static int32_t DeleteGroup(int32_t osAccountId, CJson *jsonParams, char **return int32_t result; const char *groupId = NULL; if (((result = GetGroupIdFromJson(jsonParams, &groupId)) != HC_SUCCESS) || - ((result = DelGroupFromDb(osAccountId, groupId)) != HC_SUCCESS) || + ((result = DelGroupAndTokens(osAccountId, groupId)) != HC_SUCCESS) || ((result = ConvertGroupIdToJsonStr(groupId, returnJsonStr)) != HC_SUCCESS)) { return result; } @@ -248,10 +450,78 @@ static int32_t DeleteGroup(int32_t osAccountId, CJson *jsonParams, char **return return HC_SUCCESS; } +static int32_t AddMultiMembersToGroup(int32_t osAccountId, const char *appId, CJson *jsonParams) +{ + LOGI("[Start]: Start to add multiple members to a across account group!"); + if ((appId == NULL) || (jsonParams == NULL)) { + LOGE("Invalid params!"); + return HC_ERR_INVALID_PARAMS; + } + int32_t res = CheckChangeParams(osAccountId, appId, jsonParams); + if (res != HC_SUCCESS) { + return res; + } + CJson *deviceList = GetObjFromJson(jsonParams, FIELD_DEVICE_LIST); + if (deviceList == NULL) { + LOGE("Failed to get deviceList from json!"); + return HC_ERR_JSON_GET; + } + int32_t deviceNum = GetItemNum(deviceList); + int32_t addedCount = 0; + for (int32_t i = 0; i < deviceNum; i++) { + CJson *deviceInfo = GetItemFromArray(deviceList, i); + if (deviceInfo == NULL) { + LOGE("The deviceInfo is NULL!"); + continue; + } + if (AddDeviceAndToken(osAccountId, jsonParams, deviceInfo) == HC_SUCCESS) { + addedCount++; + } + } + LOGI("[End]: Add multiple members to a across account group successfully! [ListNum]: %d, [AddedNum]: %d", + deviceNum, addedCount); + return HC_SUCCESS; +} + +static int32_t DelMultiMembersFromGroup(int32_t osAccountId, const char *appId, CJson *jsonParams) +{ + LOGI("[Start]: Start to delete multiple members from a across account group!"); + if ((appId == NULL) || (jsonParams == NULL)) { + LOGE("Invalid params!"); + return HC_ERR_INVALID_PARAMS; + } + int32_t res = CheckChangeParams(osAccountId, appId, jsonParams); + if (res != HC_SUCCESS) { + return res; + } + CJson *deviceList = GetObjFromJson(jsonParams, FIELD_DEVICE_LIST); + if (deviceList == NULL) { + LOGE("Failed to get deviceList from json!"); + return HC_ERR_JSON_GET; + } + int32_t deviceNum = GetItemNum(deviceList); + int32_t deletedCount = 0; + for (int32_t i = 0; i < deviceNum; i++) { + CJson *deviceInfo = GetItemFromArray(deviceList, i); + if (deviceInfo == NULL) { + LOGE("The deviceInfo is NULL!"); + continue; + } + if (DelPeerDeviceAndToken(osAccountId, jsonParams, deviceInfo) == HC_SUCCESS) { + deletedCount++; + } + } + LOGI("[End]: Delete multiple members from a across account group successfully! [ListNum]: %d, [DeletedNum]: %d", + deviceNum, deletedCount); + return HC_SUCCESS; +} + static AcrossAccountGroup g_acrossAccountGroup = { .base.type = ACROSS_ACCOUNT_AUTHORIZE_GROUP, .base.createGroup = CreateGroup, .base.deleteGroup = DeleteGroup, + .addMultiMembersToGroup = AddMultiMembersToGroup, + .delMultiMembersFromGroup = DelMultiMembersFromGroup, }; BaseGroup *GetAcrossAccountGroupInstance(void) diff --git a/services/group_manager/src/group_operation/group_operation.c b/services/group_manager/src/group_operation/group_operation.c index ad64d81..a665c06 100644 --- a/services/group_manager/src/group_operation/group_operation.c +++ b/services/group_manager/src/group_operation/group_operation.c @@ -42,7 +42,7 @@ static bool IsGroupTypeSupported(int groupType) ((groupType == ACROSS_ACCOUNT_AUTHORIZE_GROUP) && (IsAcrossAccountGroupSupported()))) { return true; } - LOGE("Invalid group type! [GroupType]: %d", groupType); + LOGE("The group type is not supported! [GroupType]: %d", groupType); return false; } @@ -56,7 +56,7 @@ static void RemoveNoPermissionGroup(int32_t osAccountId, GroupEntryVec *groupEnt index++; continue; } - if (IsGroupAccessible(osAccountId, StringGet(&(*groupEntryPtr)->id), appId)) { + if (CheckGroupAccessible(osAccountId, StringGet(&(*groupEntryPtr)->id), appId) == HC_SUCCESS) { index++; continue; } @@ -746,6 +746,84 @@ static int32_t RequestDeleteMemberFromGroup(int32_t osAccountId, int64_t request return HC_SUCCESS; } +static int32_t RequestAddMultiMembersToGroup(int32_t osAccountId, const char *appId, const char *addParams) +{ + osAccountId = DevAuthGetRealOsAccountLocalId(osAccountId); + if ((appId == NULL) || (addParams == NULL) || (osAccountId == INVALID_OS_ACCOUNT)) { + LOGE("Invalid input parameters!"); + return HC_ERR_INVALID_PARAMS; + } + LOGI("[Start]: RequestAddMultiMembersToGroup! [AppId]: %s", appId); + CJson *params = CreateJsonFromString(addParams); + if (params == NULL) { + LOGE("Failed to create json from string!"); + return HC_ERR_JSON_CREATE; + } + int32_t groupType = GROUP_TYPE_INVALID; + if (GetIntFromJson(params, FIELD_GROUP_TYPE, &groupType) != HC_SUCCESS) { + LOGE("Failed to get groupType from json!"); + FreeJson(params); + return HC_ERR_JSON_GET; + } + if (!IsGroupTypeSupported(groupType)) { + FreeJson(params); + return HC_ERR_NOT_SUPPORT; + } + int32_t res; + if (groupType == IDENTICAL_ACCOUNT_GROUP) { + IdenticalAccountGroup *instance = (IdenticalAccountGroup *)GetIdenticalAccountGroupInstance(); + res = instance->addMultiMembersToGroup(osAccountId, appId, params); + } else if (groupType == ACROSS_ACCOUNT_AUTHORIZE_GROUP) { + AcrossAccountGroup *instance = (AcrossAccountGroup *)GetAcrossAccountGroupInstance(); + res = instance->addMultiMembersToGroup(osAccountId, appId, params); + } else { + LOGE("The input groupType is invalid! [GroupType]: %d", groupType); + res = HC_ERR_INVALID_PARAMS; + } + FreeJson(params); + LOGI("[End]: RequestAddMultiMembersToGroup!"); + return res; +} + +static int32_t RequestDelMultiMembersFromGroup(int32_t osAccountId, const char *appId, const char *deleteParams) +{ + osAccountId = DevAuthGetRealOsAccountLocalId(osAccountId); + if ((appId == NULL) || (deleteParams == NULL) || (osAccountId == INVALID_OS_ACCOUNT)) { + LOGE("Invalid input parameters!"); + return HC_ERR_INVALID_PARAMS; + } + LOGI("[Start]: RequestDelMultiMembersFromGroup! [AppId]: %s", appId); + CJson *params = CreateJsonFromString(deleteParams); + if (params == NULL) { + LOGE("Failed to create json from string!"); + return HC_ERR_JSON_CREATE; + } + int32_t groupType = GROUP_TYPE_INVALID; + if (GetIntFromJson(params, FIELD_GROUP_TYPE, &groupType) != HC_SUCCESS) { + LOGE("Failed to get groupType from json!"); + FreeJson(params); + return HC_ERR_JSON_GET; + } + if (!IsGroupTypeSupported(groupType)) { + FreeJson(params); + return HC_ERR_NOT_SUPPORT; + } + int32_t res; + if (groupType == IDENTICAL_ACCOUNT_GROUP) { + IdenticalAccountGroup *instance = (IdenticalAccountGroup *)GetIdenticalAccountGroupInstance(); + res = instance->delMultiMembersFromGroup(osAccountId, appId, params); + } else if (groupType == ACROSS_ACCOUNT_AUTHORIZE_GROUP) { + AcrossAccountGroup *instance = (AcrossAccountGroup *)GetAcrossAccountGroupInstance(); + res = instance->delMultiMembersFromGroup(osAccountId, appId, params); + } else { + LOGE("The input groupType is invalid! [GroupType]: %d", groupType); + res = HC_ERR_INVALID_PARAMS; + } + FreeJson(params); + LOGI("[End]: RequestDelMultiMembersFromGroup!"); + return res; +} + static int32_t RequestProcessBindData(int64_t requestId, const uint8_t *data, uint32_t dataLen) { if ((data == NULL) || (dataLen == 0) || (dataLen > MAX_DATA_BUFFER_SIZE)) { @@ -837,7 +915,7 @@ static int32_t CheckAccessToGroup(int32_t osAccountId, const char *appId, const LOGE("Invalid input parameters!"); return HC_ERR_INVALID_PARAMS; } - if (!IsGroupAccessible(osAccountId, groupId, appId)) { + if (CheckGroupAccessible(osAccountId, groupId, appId) != HC_SUCCESS) { LOGE("You do not have the permission to query the group information!"); return HC_ERR_ACCESS_DENIED; } @@ -856,28 +934,23 @@ static int32_t GetAccessibleGroupInfoById(int32_t osAccountId, const char *appId LOGE("No group is found based on the query parameters!"); return HC_ERR_GROUP_NOT_EXIST; } - if (!IsGroupAccessible(osAccountId, groupId, appId)) { + if (CheckGroupAccessible(osAccountId, groupId, appId) != HC_SUCCESS) { LOGE("You do not have the permission to query the group information!"); return HC_ERR_ACCESS_DENIED; } - TrustedGroupEntry *groupInfo = CreateGroupEntry(); - if (groupInfo == NULL) { - LOGE("Failed to allocate groupInfo memory!"); - return HC_ERR_ALLOC_MEMORY; - } - if (GetGroupInfoById(osAccountId, groupId, groupInfo) != HC_SUCCESS) { - LOGE("Failed to obtain the group information from the database!"); - DestroyGroupEntry(groupInfo); + TrustedGroupEntry *groupEntry = GetGroupEntryById(osAccountId, groupId); + if (groupEntry == NULL) { + LOGE("Failed to get groupEntry from db!"); return HC_ERR_DB; } CJson *groupInfoJson = CreateJson(); if (groupInfoJson == NULL) { LOGE("Failed to allocate groupInfoJson memory!"); - DestroyGroupEntry(groupInfo); + DestroyGroupEntry(groupEntry); return HC_ERR_JSON_FAIL; } - int32_t result = GenerateReturnGroupInfo(groupInfo, groupInfoJson); - DestroyGroupEntry(groupInfo); + int32_t result = GenerateReturnGroupInfo(groupEntry, groupInfoJson); + DestroyGroupEntry(groupEntry); if (result != HC_SUCCESS) { FreeJson(groupInfoJson); return result; @@ -992,7 +1065,7 @@ static int32_t GetAccessibleDeviceInfoById(int32_t osAccountId, const char *appI LOGE("No group is found based on the query parameters!"); return HC_ERR_GROUP_NOT_EXIST; } - if (!IsGroupAccessible(osAccountId, groupId, appId)) { + if (CheckGroupAccessible(osAccountId, groupId, appId) != HC_SUCCESS) { LOGE("You do not have the permission to query the group information!"); return HC_ERR_ACCESS_DENIED; } @@ -1040,7 +1113,7 @@ static int32_t GetAccessibleTrustedDevices(int32_t osAccountId, const char *appI LOGE("No group is found based on the query parameters!"); return HC_ERR_GROUP_NOT_EXIST; } - if (!IsGroupAccessible(osAccountId, groupId, appId)) { + if (CheckGroupAccessible(osAccountId, groupId, appId) != HC_SUCCESS) { LOGE("You do not have the permission to query the group information!"); return HC_ERR_ACCESS_DENIED; } @@ -1067,7 +1140,7 @@ static bool IsDeviceInAccessibleGroup(int32_t osAccountId, const char *appId, co LOGE("No group is found based on the query parameters!"); return false; } - if (!IsGroupAccessible(osAccountId, groupId, appId)) { + if (CheckGroupAccessible(osAccountId, groupId, appId) != HC_SUCCESS) { LOGE("You do not have the permission to query the group information!"); return false; } @@ -1128,6 +1201,8 @@ static const GroupImpl g_groupImplInstance = { .deleteGroup = RequestDeleteGroup, .addMember = RequestAddMemberToGroup, .deleteMember = RequestDeleteMemberFromGroup, + .addMultiMembers = RequestAddMultiMembersToGroup, + .delMultiMembers = RequestDelMultiMembersFromGroup, .processBindData = RequestProcessBindData, .confirmRequest = RequestConfirmRequest, .addGroupRole = AddGroupRoleWithCheck, diff --git a/services/group_manager/src/group_operation/group_operation_common.c b/services/group_manager/src/group_operation/group_operation_common.c index 3796e9c..407583c 100644 --- a/services/group_manager/src/group_operation/group_operation_common.c +++ b/services/group_manager/src/group_operation/group_operation_common.c @@ -141,57 +141,6 @@ bool IsTrustedDeviceInGroup(int32_t osAccountId, const char *groupId, const char return true; } -int32_t GetGroupInfoById(int32_t osAccountId, const char *groupId, TrustedGroupEntry *returnGroupEntry) -{ - if ((groupId == NULL) || (returnGroupEntry == NULL)) { - LOGE("The input groupId or returnGroupEntry is NULL!"); - return HC_ERR_INVALID_PARAMS; - } - int32_t result; - uint32_t index; - TrustedGroupEntry **entry = NULL; - GroupEntryVec groupEntryVec = CreateGroupEntryVec(); - QueryGroupParams params = InitQueryGroupParams(); - params.groupId = groupId; - result = QueryGroups(osAccountId, ¶ms, &groupEntryVec); - if (result != HC_SUCCESS) { - LOGE("Failed to query groups!"); - ClearGroupEntryVec(&groupEntryVec); - return result; - } - FOR_EACH_HC_VECTOR(groupEntryVec, index, entry) { - if ((entry == NULL) || (*entry == NULL)) { - continue; - } - result = GenerateGroupEntryFromEntry(*entry, returnGroupEntry) ? HC_SUCCESS : HC_ERR_MEMORY_COPY; - ClearGroupEntryVec(&groupEntryVec); - return result; - } - ClearGroupEntryVec(&groupEntryVec); - return HC_ERR_GROUP_NOT_EXIST; -} - -bool IsGroupAccessible(int32_t osAccountId, const char *groupId, const char *appId) -{ - if ((groupId == NULL) || (appId == NULL)) { - LOGE("The input groupId or appId is NULL!"); - return false; - } - TrustedGroupEntry *entry = GetGroupEntryById(osAccountId, groupId); - if (entry == NULL) { - LOGE("The group cannot be found!"); - return false; - } - if ((entry->visibility == GROUP_VISIBILITY_PUBLIC) || - (IsGroupManager(appId, entry)) || - (IsGroupFriend(appId, entry))) { - DestroyGroupEntry(entry); - return true; - } - DestroyGroupEntry(entry); - return false; -} - int32_t CheckGroupNumLimit(int32_t osAccountId, int32_t groupType, const char *appId) { /* Currently, only peer to peer group is supported. */ @@ -203,6 +152,17 @@ int32_t CheckGroupNumLimit(int32_t osAccountId, int32_t groupType, const char *a return HC_SUCCESS; } +bool IsLocalDevice(const char *udid) +{ + char localUdid[INPUT_UDID_LEN] = { 0 }; + int32_t res = HcGetUdid((uint8_t *)localUdid, INPUT_UDID_LEN); + if (res != HC_SUCCESS) { + LOGE("Failed to get local udid! res: %d", res); + return HC_ERR_DB; + } + return (strcmp(localUdid, udid) == 0); +} + bool IsGroupOwner(int32_t osAccountId, const char *groupId, const char *appId) { if ((groupId == NULL) || (appId == NULL)) { @@ -237,30 +197,50 @@ bool IsGroupExistByGroupId(int32_t osAccountId, const char *groupId) } TrustedGroupEntry *entry = GetGroupEntryById(osAccountId, groupId); if (entry == NULL) { - LOGE("The group cannot be found!"); return false; } DestroyGroupEntry(entry); return true; } -bool IsGroupEditAllowed(int32_t osAccountId, const char *groupId, const char *appId) +int32_t CheckGroupAccessible(int32_t osAccountId, const char *groupId, const char *appId) { if ((groupId == NULL) || (appId == NULL)) { LOGE("The input groupId or appId is NULL!"); - return false; + return HC_ERR_NULL_PTR; } TrustedGroupEntry *entry = GetGroupEntryById(osAccountId, groupId); if (entry == NULL) { LOGE("The group cannot be found!"); - return false; + return HC_ERR_GROUP_NOT_EXIST; } - if (IsGroupManager(appId, entry)) { + if ((entry->visibility != GROUP_VISIBILITY_PUBLIC) && + (!IsGroupManager(appId, entry)) && + (!IsGroupFriend(appId, entry))) { DestroyGroupEntry(entry); - return true; + return HC_ERR_ACCESS_DENIED; } DestroyGroupEntry(entry); - return false; + return HC_SUCCESS; +} + +int32_t CheckGroupEditAllowed(int32_t osAccountId, const char *groupId, const char *appId) +{ + if ((groupId == NULL) || (appId == NULL)) { + LOGE("The input groupId or appId is NULL!"); + return HC_ERR_NULL_PTR; + } + TrustedGroupEntry *entry = GetGroupEntryById(osAccountId, groupId); + if (entry == NULL) { + LOGE("The group cannot be found!"); + return HC_ERR_GROUP_NOT_EXIST; + } + if (!IsGroupManager(appId, entry)) { + DestroyGroupEntry(entry); + return HC_ERR_ACCESS_DENIED; + } + DestroyGroupEntry(entry); + return HC_SUCCESS; } int32_t GetGroupInfo(int32_t osAccountId, int groupType, const char *groupId, const char *groupName, @@ -451,14 +431,14 @@ bool IsAccountRelatedGroup(int groupType) return ((groupType == IDENTICAL_ACCOUNT_GROUP) || (groupType == ACROSS_ACCOUNT_AUTHORIZE_GROUP)); } -int32_t GenerateReturnGroupInfo(const TrustedGroupEntry *groupInfo, CJson *returnJson) +int32_t GenerateReturnGroupInfo(const TrustedGroupEntry *groupEntry, CJson *returnJson) { int32_t result; - if (((result = AddGroupNameToReturn(groupInfo, returnJson)) != HC_SUCCESS) || - ((result = AddGroupIdToReturn(groupInfo, returnJson)) != HC_SUCCESS) || - ((result = AddGroupOwnerToReturn(groupInfo, returnJson)) != HC_SUCCESS) || - ((result = AddGroupTypeToReturn(groupInfo, returnJson)) != HC_SUCCESS) || - ((result = AddGroupVisibilityToReturn(groupInfo, returnJson)) != HC_SUCCESS)) { + if (((result = AddGroupNameToReturn(groupEntry, returnJson)) != HC_SUCCESS) || + ((result = AddGroupIdToReturn(groupEntry, returnJson)) != HC_SUCCESS) || + ((result = AddGroupOwnerToReturn(groupEntry, returnJson)) != HC_SUCCESS) || + ((result = AddGroupTypeToReturn(groupEntry, returnJson)) != HC_SUCCESS) || + ((result = AddGroupVisibilityToReturn(groupEntry, returnJson)) != HC_SUCCESS)) { return result; } return HC_SUCCESS; @@ -703,7 +683,7 @@ int32_t AddSharedUserIdToGroupParams(const CJson *jsonParams, TrustedGroupEntry return HC_SUCCESS; } -int32_t AddUdidToParams(TrustedDeviceEntry *devParams) +int32_t AddSelfUdidToParams(TrustedDeviceEntry *devParams) { char udid[INPUT_UDID_LEN] = { 0 }; int32_t res = HcGetUdid((uint8_t *)udid, INPUT_UDID_LEN); @@ -718,6 +698,20 @@ int32_t AddUdidToParams(TrustedDeviceEntry *devParams) return HC_SUCCESS; } +int32_t AddUdidToParams(const CJson *jsonParams, TrustedDeviceEntry *devParams) +{ + const char *udid = GetStringFromJson(jsonParams, FIELD_UDID); + if (udid == NULL) { + LOGE("Failed to get udid from json!"); + return HC_ERR_JSON_GET; + } + if (!StringSetPointer(&devParams->udid, udid)) { + LOGE("Failed to copy udid!"); + return HC_ERR_MEMORY_COPY; + } + return HC_SUCCESS; +} + int32_t AddAuthIdToParamsOrDefault(const CJson *jsonParams, TrustedDeviceEntry *devParams) { const char *authId = GetStringFromJson(jsonParams, FIELD_DEVICE_ID); @@ -738,6 +732,31 @@ int32_t AddAuthIdToParamsOrDefault(const CJson *jsonParams, TrustedDeviceEntry * return HC_SUCCESS; } +int32_t AddAuthIdToParams(const CJson *jsonParams, TrustedDeviceEntry *devParams) +{ + const char *authId = GetStringFromJson(jsonParams, FIELD_DEVICE_ID); + if (authId == NULL) { + LOGE("Failed to get authId from json!"); + return HC_ERR_JSON_GET; + } + if (!StringSetPointer(&devParams->authId, authId)) { + LOGE("Failed to copy authId!"); + return HC_ERR_MEMORY_COPY; + } + return HC_SUCCESS; +} + +int32_t AddCredTypeToParams(const CJson *jsonParams, TrustedDeviceEntry *devParams) +{ + int32_t credType = INVALID_CRED; + if (GetIntFromJson(jsonParams, FIELD_CREDENTIAL_TYPE, &credType) != HC_SUCCESS) { + LOGE("Failed to get credentialType from json!"); + return HC_ERR_JSON_GET; + } + devParams->credential = (uint8_t)credType; + return HC_SUCCESS; +} + int32_t AddUserTypeToParamsOrDefault(const CJson *jsonParams, TrustedDeviceEntry *devParams) { int32_t userType = DEVICE_TYPE_ACCESSORY; @@ -800,6 +819,15 @@ int32_t AssertSharedUserIdExist(const CJson *jsonParams) return HC_SUCCESS; } +int32_t AssertSameGroupNotExist(int32_t osAccountId, const char *groupId) +{ + if (IsGroupExistByGroupId(osAccountId, groupId)) { + LOGE("The group has been created!"); + return HC_ERR_GROUP_DUPLICATE; + } + return HC_SUCCESS; +} + int32_t CheckGroupExist(int32_t osAccountId, const char *groupId) { if (groupId == NULL) { @@ -873,18 +901,21 @@ int32_t DelGroupFromDb(int32_t osAccountId, const char *groupId) LOGE("The input groupId is NULL!"); return HC_ERR_NULL_PTR; } - int32_t result; QueryGroupParams queryGroupParams = InitQueryGroupParams(); queryGroupParams.groupId = groupId; QueryDeviceParams queryDeviceParams = InitQueryDeviceParams(); queryDeviceParams.groupId = groupId; - if (((result = DelTrustedDevice(osAccountId, &queryDeviceParams)) != HC_SUCCESS) || - ((result = DelGroup(osAccountId, &queryGroupParams)) != HC_SUCCESS) || - ((result = SaveOsAccountDb(osAccountId)) != HC_SUCCESS)) { - LOGE("Failed to delete group from database!"); - return result; + int32_t result = HC_SUCCESS; + if (DelTrustedDevice(osAccountId, &queryDeviceParams) != HC_SUCCESS) { + result = HC_ERR_DEL_GROUP; } - return HC_SUCCESS; + if (DelGroup(osAccountId, &queryGroupParams) != HC_SUCCESS) { + result = HC_ERR_DEL_GROUP; + } + if (SaveOsAccountDb(osAccountId) != HC_SUCCESS) { + result = HC_ERR_DEL_GROUP; + } + return result; } int32_t ConvertGroupIdToJsonStr(const char *groupId, char **returnJsonStr) @@ -1045,14 +1076,9 @@ int32_t GetGroupTypeFromDb(int32_t osAccountId, const char *groupId, int32_t *re LOGE("The input parameters contains NULL value!"); return HC_ERR_INVALID_PARAMS; } - TrustedGroupEntry *groupEntry = CreateGroupEntry(); + TrustedGroupEntry *groupEntry = GetGroupEntryById(osAccountId, groupId); if (groupEntry == NULL) { - LOGE("Failed to allocate groupEntry memory!"); - return HC_ERR_ALLOC_MEMORY; - } - if (GetGroupInfoById(osAccountId, groupId, groupEntry) != HC_SUCCESS) { - LOGE("Failed to get groupEntry from database!"); - DestroyGroupEntry(groupEntry); + LOGE("Failed to get groupEntry from db!"); return HC_ERR_DB; } *returnGroupType = groupEntry->type; @@ -1116,11 +1142,20 @@ int32_t GetAppIdFromJson(const CJson *jsonParams, const char **appId) return HC_SUCCESS; } +int32_t AssertGroupTypeMatch(int32_t inputType, int32_t targetType) +{ + if (inputType != targetType) { + LOGE("Invalid group type! [InputType]: %d, [TargetType]: %d", inputType, targetType); + return HC_ERR_INVALID_PARAMS; + } + return HC_SUCCESS; +} + int32_t CheckPermForGroup(int32_t osAccountId, int actionType, const char *callerPkgName, const char *groupId) { if (((actionType == GROUP_DISBAND) && (IsGroupOwner(osAccountId, groupId, callerPkgName))) || - ((actionType == MEMBER_INVITE) && (IsGroupEditAllowed(osAccountId, groupId, callerPkgName))) || - ((actionType == MEMBER_DELETE) && (IsGroupEditAllowed(osAccountId, groupId, callerPkgName)))) { + ((actionType == MEMBER_INVITE) && (CheckGroupEditAllowed(osAccountId, groupId, callerPkgName) == HC_SUCCESS)) || + ((actionType == MEMBER_DELETE) && (CheckGroupEditAllowed(osAccountId, groupId, callerPkgName) == HC_SUCCESS))) { return HC_SUCCESS; } LOGE("You do not have the right to execute the command!"); diff --git a/services/group_manager/src/group_operation/identical_account_group/identical_account_group.c b/services/group_manager/src/group_operation/identical_account_group/identical_account_group.c index 4d89032..9833a7a 100644 --- a/services/group_manager/src/group_operation/identical_account_group/identical_account_group.c +++ b/services/group_manager/src/group_operation/identical_account_group/identical_account_group.c @@ -20,14 +20,17 @@ #include "data_manager.h" #include "device_auth_defines.h" #include "group_operation_common.h" +#include "hc_dev_info.h" #include "hc_log.h" #include "string_util.h" +#include "dev_auth_module_manager.h" #include "account_module.h" static int32_t GenerateDevParams(const CJson *jsonParams, const char *groupId, TrustedDeviceEntry *devParams) { int32_t result; - if (((result = AddUdidToParams(devParams)) != HC_SUCCESS) || + if (((result = AddSelfUdidToParams(devParams)) != HC_SUCCESS) || + ((result = AddCredTypeToParams(jsonParams, devParams)) != HC_SUCCESS) || ((result = AddUserIdToDevParams(jsonParams, devParams)) != HC_SUCCESS) || ((result = AddAuthIdToParamsOrDefault(jsonParams, devParams)) != HC_SUCCESS) || ((result = AddUserTypeToParamsOrDefault(jsonParams, devParams)) != HC_SUCCESS) || @@ -100,28 +103,7 @@ static int32_t AssertCredentialExist(const CJson *jsonParams) { CJson *credJson = GetObjFromJson(jsonParams, FIELD_CREDENTIAL); if (credJson == NULL) { - LOGE("Failed to get credJson!"); - return HC_ERR_JSON_GET; - } - int32_t credType; - int32_t ret = GetIntFromJson(credJson, FIELD_CREDENTIAL_TYPE, &credType); - if (ret != HC_SUCCESS) { - LOGE("Failed to get credential type"); - return ret; - } - const char *serverPk = GetStringFromJson(credJson, FIELD_SERVER_PK); - if (serverPk == NULL) { - LOGE("Failed to get serverPk"); - return HC_ERR_JSON_GET; - } - const char *pkInfoSignature = GetStringFromJson(credJson, FIELD_PK_INFO_SIGNATURE); - if (pkInfoSignature == NULL) { - LOGE("Failed to get pkInfoSignature"); - return HC_ERR_JSON_GET; - } - CJson *pkInfoJson = GetObjFromJson(credJson, FIELD_PK_INFO); - if (pkInfoJson == NULL) { - LOGE("Failed to get pkInfoJson"); + LOGE("Failed to get credential from json!"); return HC_ERR_JSON_GET; } return HC_SUCCESS; @@ -146,73 +128,341 @@ static int32_t CheckCreateParams(int32_t osAccountId, const CJson *jsonParams) return HC_SUCCESS; } -static int32_t DeleteGroupById(int32_t osAccountId, const char *groupId) -{ - QueryGroupParams queryGroupParams = InitQueryGroupParams(); - queryGroupParams.groupId = groupId; - return DelGroup(osAccountId, &queryGroupParams); -} - -static int32_t DeleteDeviceById(int32_t osAccountId, const char *groupId) +static int32_t DelDeviceById(int32_t osAccountId, const char *groupId, const char *deviceId, bool isUdid) { QueryDeviceParams queryDeviceParams = InitQueryDeviceParams(); queryDeviceParams.groupId = groupId; + if (isUdid) { + queryDeviceParams.udid = deviceId; + } else { + queryDeviceParams.authId = deviceId; + } return DelTrustedDevice(osAccountId, &queryDeviceParams); } -static int32_t CreateIdenticalGroup(int32_t osAccountId, const CJson *jsonParams, char *groupId) +static int32_t ImportSelfToken(int32_t osAccountId, CJson *jsonParams) { - int32_t result = AddGroupToDatabaseByJson(osAccountId, GenerateGroupParams, jsonParams, groupId); - if (result != HC_SUCCESS) { - LOGE("Add group to database failed"); - return result; + const char *userId = GetStringFromJson(jsonParams, FIELD_USER_ID); + if (userId == NULL) { + LOGE("Failed to get userId from json!"); + return HC_ERR_JSON_GET; } - result = ProcessAccountCredentials(osAccountId, IMPORT_SELF_CREDENTIAL, jsonParams, NULL); - if (result != HC_SUCCESS) { - LOGE("Import credential failed"); - DeleteGroupById(osAccountId, groupId); - return result; + const char *deviceId = GetStringFromJson(jsonParams, FIELD_DEVICE_ID); + char udid[INPUT_UDID_LEN] = { 0 }; + if (deviceId == NULL) { + LOGD("No deviceId is found. The default value is udid!"); + int32_t res = HcGetUdid((uint8_t *)udid, INPUT_UDID_LEN); + if (res != HC_SUCCESS) { + LOGE("Failed to get local udid! res: %d", res); + return HC_ERR_DB; + } + deviceId = udid; } - result = AddDeviceToDatabaseByJson(osAccountId, GenerateDevParams, jsonParams, groupId); - if (result != HC_SUCCESS) { - LOGE("Add device to database failed"); - DeleteGroupById(osAccountId, groupId); - ProcessAccountCredentials(osAccountId, DELETE_SELF_CREDENTIAL, jsonParams, NULL); - return result; + CJson *credJson = GetObjFromJson(jsonParams, FIELD_CREDENTIAL); + if (credJson == NULL) { + LOGE("Failed to get credential from json!"); + return HC_ERR_JSON_GET; } - result = SaveOsAccountDb(osAccountId); - if (result != HC_SUCCESS) { - LOGE("Save data to db file failed"); - DeleteGroupById(osAccountId, groupId); - ProcessAccountCredentials(osAccountId, DELETE_SELF_CREDENTIAL, jsonParams, NULL); - DeleteDeviceById(osAccountId, groupId); + if (AddStringToJson(credJson, FIELD_USER_ID, userId) != HC_SUCCESS) { + LOGE("Failed to add userId to json!"); + return HC_ERR_JSON_ADD; } - return result; + if (AddStringToJson(credJson, FIELD_DEVICE_ID, deviceId) != HC_SUCCESS) { + LOGE("Failed to add deviceId to json!"); + return HC_ERR_JSON_ADD; + } + return ProcessAccountCredentials(osAccountId, IMPORT_SELF_CREDENTIAL, credJson, NULL); } -static int32_t CreateGroupInner(int32_t osAccountId, const CJson *jsonParams, char **returnGroupId) +static int32_t DelSelfToken(int32_t osAccountId, CJson *jsonParams) { - char *groupId = NULL; - int32_t result; - if (((result = CheckCreateParams(osAccountId, jsonParams)) != HC_SUCCESS) || - ((result = GenerateIdenticalGroupId(jsonParams, &groupId)) != HC_SUCCESS)) { - LOGE("Check create params or generate groupId failed"); - return result; + CJson *credJson = GetObjFromJson(jsonParams, FIELD_CREDENTIAL); + if (credJson == NULL) { + LOGE("Failed to get credential from json!"); + return HC_ERR_JSON_GET; } - if (IsGroupExistByGroupId(osAccountId, groupId)) { - LOGE("Group already exists, do not create it again"); - HcFree(groupId); - return HC_ERR_GROUP_DUPLICATE; + return ProcessAccountCredentials(osAccountId, DELETE_SELF_CREDENTIAL, credJson, NULL); +} + +static int32_t GenerateAddTokenParams(const CJson *jsonParams, CJson *addParams) +{ + const char *userId = GetStringFromJson(jsonParams, FIELD_USER_ID); + if (userId == NULL) { + LOGE("Failed to get userId from json!"); + return HC_ERR_JSON_GET; } - result = CreateIdenticalGroup(osAccountId, jsonParams, groupId); - if (result != HC_SUCCESS) { - HcFree(groupId); - return result; + const char *deviceId = GetStringFromJson(jsonParams, FIELD_DEVICE_ID); + if (deviceId == NULL) { + LOGE("Failed to get deviceId from json!"); + return HC_ERR_JSON_GET; + } + if (AddStringToJson(addParams, FIELD_DEVICE_ID, deviceId) != HC_SUCCESS) { + LOGE("Failed to add deviceId to json!"); + return HC_ERR_JSON_ADD; + } + if (AddStringToJson(addParams, FIELD_USER_ID, userId) != HC_SUCCESS) { + LOGE("Failed to add userId to json!"); + return HC_ERR_JSON_ADD; } - *returnGroupId = groupId; return HC_SUCCESS; } +static int32_t GenerateDelTokenParams(const TrustedDeviceEntry *entry, CJson *delParams) +{ + if (AddIntToJson(delParams, FIELD_CREDENTIAL_TYPE, (int32_t)entry->credential) != HC_SUCCESS) { + LOGE("Failed to add credentialType to json!"); + return HC_ERR_JSON_ADD; + } + if (AddStringToJson(delParams, FIELD_USER_ID, StringGet(&entry->userId)) != HC_SUCCESS) { + LOGE("Failed to add userId to json!"); + return HC_ERR_JSON_ADD; + } + if (AddStringToJson(delParams, FIELD_DEVICE_ID, StringGet(&entry->authId)) != HC_SUCCESS) { + LOGE("Failed to add deviceId to json!"); + return HC_ERR_JSON_ADD; + } + return HC_SUCCESS; +} + +static int32_t DelDeviceToken(int32_t osAccountId, const TrustedDeviceEntry *entry, bool isLocalDev) +{ + CJson *delParams = CreateJson(); + if (delParams == NULL) { + LOGE("Failed to allocate delParams memory!"); + return HC_ERR_ALLOC_MEMORY; + } + int32_t res = GenerateDelTokenParams(entry, delParams); + if (res != HC_SUCCESS) { + FreeJson(delParams); + return res; + } + res = ProcessAccountCredentials(osAccountId, (isLocalDev ? DELETE_SELF_CREDENTIAL : DELETE_TRUSTED_CREDENTIALS), + delParams, NULL); + FreeJson(delParams); + return res; +} + +static void DelAllTokens(int32_t osAccountId, const DeviceEntryVec *vec) +{ + int32_t res; + uint32_t index; + TrustedDeviceEntry **entry = NULL; + FOR_EACH_HC_VECTOR(*vec, index, entry) { + if ((entry == NULL) || (*entry == NULL)) { + continue; + } + if (IsLocalDevice(StringGet(&(*entry)->udid))) { + res = DelDeviceToken(osAccountId, *entry, true); + } else { + res = DelDeviceToken(osAccountId, *entry, false); + } + if (res != HC_SUCCESS) { + LOGE("Failed to delete token! res: %d", res); + } + } +} + +static void DelAllPeerTokens(int32_t osAccountId, const DeviceEntryVec *vec) +{ + int32_t res; + uint32_t index; + TrustedDeviceEntry **entry = NULL; + FOR_EACH_HC_VECTOR(*vec, index, entry) { + if ((entry == NULL) || (*entry == NULL) || (IsLocalDevice(StringGet(&(*entry)->udid)))) { + continue; + } + res = DelDeviceToken(osAccountId, *entry, false); + if (res != HC_SUCCESS) { + LOGE("Failed to delete peer device token! res: %d", res); + } + } +} + +static int32_t DelAcrossAccountGroupAndTokens(int32_t osAccountId, const char *groupId) +{ + DeviceEntryVec deviceList = CreateDeviceEntryVec(); + (void)GetTrustedDevices(osAccountId, groupId, &deviceList); + int32_t res = DelGroupFromDb(osAccountId, groupId); + DelAllPeerTokens(osAccountId, &deviceList); + ClearDeviceEntryVec(&deviceList); + return res; +} + +static int32_t GetRelatedAcrossAccountGroups(int32_t osAccountId, const char *groupId, GroupEntryVec *vec) +{ + TrustedGroupEntry *groupEntry = GetGroupEntryById(osAccountId, groupId); + if (groupEntry == NULL) { + LOGE("Failed to get groupEntry from db!"); + return HC_ERR_DB; + } + QueryGroupParams groupParams = InitQueryGroupParams(); + groupParams.userId = StringGet(&groupEntry->userId); + groupParams.groupType = ACROSS_ACCOUNT_AUTHORIZE_GROUP; + int32_t res = QueryGroups(osAccountId, &groupParams, vec); + DestroyGroupEntry(groupEntry); + return res; +} + +static int32_t DelRelatedAcrossAccountGroups(int32_t osAccountId, const char *groupId) +{ + GroupEntryVec groupEntryVec = CreateGroupEntryVec(); + (void)GetRelatedAcrossAccountGroups(osAccountId, groupId, &groupEntryVec); + int32_t res = HC_SUCCESS; + uint32_t index; + TrustedGroupEntry **entry = NULL; + FOR_EACH_HC_VECTOR(groupEntryVec, index, entry) { + if ((entry != NULL) && (*entry != NULL)) { + if (DelAcrossAccountGroupAndTokens(osAccountId, StringGet(&(*entry)->id)) != HC_SUCCESS) { + res = HC_ERR_DEL_GROUP; + } + } + } + ClearGroupEntryVec(&groupEntryVec); + return res; +} + +static int32_t DelGroupAndTokens(int32_t osAccountId, const char *groupId) +{ + int32_t res = HC_SUCCESS; + if (DelRelatedAcrossAccountGroups(osAccountId, groupId) != HC_SUCCESS) { + res = HC_ERR_DEL_GROUP; + } + DeviceEntryVec deviceList = CreateDeviceEntryVec(); + (void)GetTrustedDevices(osAccountId, groupId, &deviceList); + if (DelGroupFromDb(osAccountId, groupId) != HC_SUCCESS) { + res = HC_ERR_DEL_GROUP; + } + DelAllTokens(osAccountId, &deviceList); + ClearDeviceEntryVec(&deviceList); + return res; +} + +static int32_t GenerateTrustedDevParams(const CJson *jsonParams, const char *groupId, TrustedDeviceEntry *devParams) +{ + int32_t result; + if (((result = AddUdidToParams(jsonParams, devParams)) != HC_SUCCESS) || + ((result = AddAuthIdToParams(jsonParams, devParams)) != HC_SUCCESS) || + ((result = AddCredTypeToParams(jsonParams, devParams)) != HC_SUCCESS) || + ((result = AddUserIdToDevParams(jsonParams, devParams)) != HC_SUCCESS) || + ((result = AddUserTypeToParamsOrDefault(jsonParams, devParams)) != HC_SUCCESS) || + ((result = AddGroupIdToDevParams(groupId, devParams)) != HC_SUCCESS) || + ((result = AddServiceTypeToParams(groupId, devParams)) != HC_SUCCESS)) { + return result; + } + return HC_SUCCESS; +} + +static int32_t AddDeviceAndToken(int32_t osAccountId, CJson *jsonParams, CJson *deviceInfo) +{ + const char *groupId = GetStringFromJson(jsonParams, FIELD_GROUP_ID); + if (groupId == NULL) { + LOGE("Failed to get groupId from json!"); + return HC_ERR_JSON_GET; + } + CJson *credential = GetObjFromJson(deviceInfo, FIELD_CREDENTIAL); + if (credential == NULL) { + LOGE("Failed to get credential from json!"); + return HC_ERR_JSON_GET; + } + int32_t res = GenerateAddTokenParams(deviceInfo, credential); + if (res != HC_SUCCESS) { + return res; + } + res = ProcessAccountCredentials(osAccountId, IMPORT_TRUSTED_CREDENTIALS, credential, NULL); + if (res != HC_SUCCESS) { + LOGE("Failed to import device token! res: %d", res); + return res; + } + res = AddDeviceToDatabaseByJson(osAccountId, GenerateTrustedDevParams, deviceInfo, groupId); + if (res != HC_SUCCESS) { + LOGE("Failed to add device to database! res: %d", res); + } + return res; +} + +static int32_t DelPeerDeviceAndToken(int32_t osAccountId, CJson *jsonParams, CJson *deviceInfo) +{ + const char *groupId = GetStringFromJson(jsonParams, FIELD_GROUP_ID); + if (groupId == NULL) { + LOGE("Failed to get groupId from json!"); + return HC_ERR_JSON_GET; + } + const char *deviceId = GetStringFromJson(deviceInfo, FIELD_DEVICE_ID); + if (deviceId == NULL) { + LOGE("Failed to get deviceId from json!"); + return HC_ERR_JSON_GET; + } + TrustedDeviceEntry *entry = GetTrustedDeviceEntryById(osAccountId, deviceId, false, groupId); + if (entry == NULL) { + LOGE("Failed to get device from db!"); + return HC_ERR_DEVICE_NOT_EXIST; + } + if (IsLocalDevice(StringGet(&entry->udid))) { + LOGE("Do not delete the local device!"); + DestroyDeviceEntry(entry); + return HC_ERR_INVALID_PARAMS; + } + int32_t res = DelDeviceById(osAccountId, groupId, deviceId, false); + if (res != HC_SUCCESS) { + LOGE("Failed to delete device from database! res: %d", res); + DestroyDeviceEntry(entry); + return res; + } + res = DelDeviceToken(osAccountId, entry, false); + DestroyDeviceEntry(entry); + if (res != HC_SUCCESS) { + LOGE("Failed to delete token! res: %d", res); + } + return res; +} + +static int32_t CheckChangeParams(int32_t osAccountId, const char *appId, CJson *jsonParams) +{ + const char *groupId = GetStringFromJson(jsonParams, FIELD_GROUP_ID); + if (groupId == NULL) { + LOGE("Failed to get groupId from json!"); + return HC_ERR_JSON_GET; + } + int32_t groupType; + int32_t result; + if (((result = CheckGroupExist(osAccountId, groupId)) != HC_SUCCESS) || + ((result = GetGroupTypeFromDb(osAccountId, groupId, &groupType)) != HC_SUCCESS) || + ((result = AssertGroupTypeMatch(groupType, IDENTICAL_ACCOUNT_GROUP)) != HC_SUCCESS) || + ((result = CheckGroupEditAllowed(osAccountId, groupId, appId)) != HC_SUCCESS)) { + return result; + } + return HC_SUCCESS; +} + +static int32_t AddGroupAndToken(int32_t osAccountId, CJson *jsonParams, const char *groupId) +{ + int32_t res = AddGroupToDatabaseByJson(osAccountId, GenerateGroupParams, jsonParams, groupId); + if (res != HC_SUCCESS) { + LOGE("Failed to add group to database!"); + return res; + } + res = ImportSelfToken(osAccountId, jsonParams); + if (res != HC_SUCCESS) { + LOGE("Failed to import self token!"); + (void)DelGroupFromDb(osAccountId, groupId); + return res; + } + res = AddDeviceToDatabaseByJson(osAccountId, GenerateDevParams, jsonParams, groupId); + if (res != HC_SUCCESS) { + LOGE("Failed to add device to database!"); + (void)DelGroupFromDb(osAccountId, groupId); + (void)DelSelfToken(osAccountId, jsonParams); + return res; + } + res = SaveOsAccountDb(osAccountId); + if (res != HC_SUCCESS) { + LOGE("Failed to save database!"); + (void)DelGroupFromDb(osAccountId, groupId); + (void)DelSelfToken(osAccountId, jsonParams); + } + return res; +} + static int32_t CreateGroup(int32_t osAccountId, CJson *jsonParams, char **returnJsonStr) { LOGI("[Start]: Start to create a identical account group!"); @@ -220,12 +470,14 @@ static int32_t CreateGroup(int32_t osAccountId, CJson *jsonParams, char **return LOGE("The input parameters contains NULL value!"); return HC_ERR_INVALID_PARAMS; } - int32_t result; char *groupId = NULL; - if (((result = CreateGroupInner(osAccountId, jsonParams, &groupId)) != HC_SUCCESS) || + int32_t result; + if (((result = CheckCreateParams(osAccountId, jsonParams)) != HC_SUCCESS) || + ((result = GenerateIdenticalGroupId(jsonParams, &groupId)) != HC_SUCCESS) || + ((result = AssertSameGroupNotExist(osAccountId, groupId)) != HC_SUCCESS) || + ((result = AddGroupAndToken(osAccountId, jsonParams, groupId)) != HC_SUCCESS) || ((result = ConvertGroupIdToJsonStr(groupId, returnJsonStr)) != HC_SUCCESS)) { HcFree(groupId); - LOGE("Create identical group failed, result:%d", result); return result; } HcFree(groupId); @@ -233,99 +485,87 @@ static int32_t CreateGroup(int32_t osAccountId, CJson *jsonParams, char **return return HC_SUCCESS; } -static int32_t DeleteAcrossAccountGroup(int32_t osAccountId, const char *identicalGroupId) -{ - TrustedGroupEntry *groupInfo = CreateGroupEntry(); - if (groupInfo == NULL) { - LOGE("Failed to allocate groupInfo memory!"); - return HC_ERR_ALLOC_MEMORY; - } - int32_t ret = GetGroupInfoById(osAccountId, identicalGroupId, groupInfo); - if (ret != HC_SUCCESS) { - LOGE("Failed to obtain the group information from the database!"); - DestroyGroupEntry(groupInfo); - return ret; - } - const char *userId = StringGet(&groupInfo->userId); - DestroyGroupEntry(groupInfo); - GroupEntryVec groupEntryVec = CreateGroupEntryVec(); - QueryGroupParams groupParams = InitQueryGroupParams(); - groupParams.userId = userId; - groupParams.groupType = ACROSS_ACCOUNT_AUTHORIZE_GROUP; - ret = QueryGroups(osAccountId, &groupParams, &groupEntryVec); - if (ret != HC_SUCCESS) { - LOGE("query across account groups failed!"); - ClearGroupEntryVec(&groupEntryVec); - return ret; - } - uint32_t groupIndex; - TrustedGroupEntry **entry = NULL; - FOR_EACH_HC_VECTOR(groupEntryVec, groupIndex, entry) { - if ((entry != NULL) && (*entry != NULL)) { - if (DeleteDeviceById(osAccountId, StringGet(&(*entry)->id)) != HC_SUCCESS) { - LOGE("Delete across account device failed"); - ret = HC_ERR_DEL_GROUP; - } - if (DeleteGroupById(osAccountId, StringGet(&(*entry)->id)) != HC_SUCCESS) { - LOGE("Delete across account group failed"); - ret = HC_ERR_DEL_GROUP; - } - } - } - ClearGroupEntryVec(&groupEntryVec); - return ret; -} - -static int32_t DeleteGroupInner(int32_t osAccountId, const char *groupId, CJson *jsonParams) -{ - int32_t ret = DeleteAcrossAccountGroup(osAccountId, groupId); - if ((ret != HC_SUCCESS) && (ret != HC_ERR_DEL_GROUP)) { - return ret; - } - if (DeleteDeviceById(osAccountId, groupId) != HC_SUCCESS) { - LOGE("Delete identical account device failed"); - ret = HC_ERR_DEL_GROUP; - } - if (DeleteGroupById(osAccountId, groupId) != HC_SUCCESS) { - LOGE("Delete identical account group failed"); - ret = HC_ERR_DEL_GROUP; - } - if (SaveOsAccountDb(osAccountId) != HC_SUCCESS) { - LOGE("Save data to db file failed"); - ret = HC_ERR_DEL_GROUP; - } - if ((AddStringToJson(jsonParams, FIELD_USER_ID, groupId) != HC_SUCCESS) || - (ProcessAccountCredentials(osAccountId, DELETE_SELF_CREDENTIAL, jsonParams, NULL) != HC_SUCCESS)) { - LOGE("Delete credential failed"); - ret = HC_ERR_DEL_GROUP; - } - return ret; -} - static int32_t DeleteGroup(int32_t osAccountId, CJson *jsonParams, char **returnJsonStr) { - LOGI("[Start]: Start to delete the identical account group!"); + LOGI("[Start]: Start to delete a identical account group!"); if ((jsonParams == NULL) || (returnJsonStr == NULL)) { LOGE("The input parameters contains NULL value!"); return HC_ERR_INVALID_PARAMS; } + int32_t result; const char *groupId = NULL; - int32_t ret = GetGroupIdFromJson(jsonParams, &groupId); - if (ret != HC_SUCCESS) { - LOGE("Failed to get groupId"); - return ret; + if (((result = GetGroupIdFromJson(jsonParams, &groupId)) != HC_SUCCESS) || + ((result = DelGroupAndTokens(osAccountId, groupId)) != HC_SUCCESS) || + ((result = ConvertGroupIdToJsonStr(groupId, returnJsonStr)) != HC_SUCCESS)) { + return result; } - ret = DeleteGroupInner(osAccountId, groupId, jsonParams); - if (ret != HC_SUCCESS) { - LOGE("Delete group inner failed"); - return ret; + LOGI("[End]: Delete a identical account group successfully!"); + return HC_SUCCESS; +} + +static int32_t AddMultiMembersToGroup(int32_t osAccountId, const char *appId, CJson *jsonParams) +{ + LOGI("[Start]: Start to add multiple members to a identical account group!"); + if ((appId == NULL) || (jsonParams == NULL)) { + LOGE("Invalid params!"); + return HC_ERR_INVALID_PARAMS; } - ret = ConvertGroupIdToJsonStr(groupId, returnJsonStr); - if (ret != HC_SUCCESS) { - LOGE("Failed to convert groupId to json"); - return ret; + int32_t res = CheckChangeParams(osAccountId, appId, jsonParams); + if (res != HC_SUCCESS) { + return res; } - LOGI("[End]: Delete the identical account group successfully!"); + CJson *deviceList = GetObjFromJson(jsonParams, FIELD_DEVICE_LIST); + if (deviceList == NULL) { + LOGE("Failed to get deviceList from json!"); + return HC_ERR_JSON_GET; + } + int32_t deviceNum = GetItemNum(deviceList); + int32_t addedCount = 0; + for (int32_t i = 0; i < deviceNum; i++) { + CJson *deviceInfo = GetItemFromArray(deviceList, i); + if (deviceInfo == NULL) { + LOGE("The deviceInfo is NULL!"); + continue; + } + if (AddDeviceAndToken(osAccountId, jsonParams, deviceInfo) == HC_SUCCESS) { + addedCount++; + } + } + LOGI("[End]: Add multiple members to a identical account group successfully! [ListNum]: %d, [AddedNum]: %d", + deviceNum, addedCount); + return HC_SUCCESS; +} + +static int32_t DelMultiMembersFromGroup(int32_t osAccountId, const char *appId, CJson *jsonParams) +{ + LOGI("[Start]: Start to delete multiple members from a identical account group!"); + if ((appId == NULL) || (jsonParams == NULL)) { + LOGE("Invalid params!"); + return HC_ERR_INVALID_PARAMS; + } + int32_t res = CheckChangeParams(osAccountId, appId, jsonParams); + if (res != HC_SUCCESS) { + return res; + } + CJson *deviceList = GetObjFromJson(jsonParams, FIELD_DEVICE_LIST); + if (deviceList == NULL) { + LOGE("Failed to get deviceList from json!"); + return HC_ERR_JSON_GET; + } + int32_t deviceNum = GetItemNum(deviceList); + int32_t deletedCount = 0; + for (int32_t i = 0; i < deviceNum; i++) { + CJson *deviceInfo = GetItemFromArray(deviceList, i); + if (deviceInfo == NULL) { + LOGE("The deviceInfo is NULL!"); + continue; + } + if (DelPeerDeviceAndToken(osAccountId, jsonParams, deviceInfo) == HC_SUCCESS) { + deletedCount++; + } + } + LOGI("[End]: Delete multiple members from a identical account group successfully! [ListNum]: %d, [DeletedNum]: %d", + deviceNum, deletedCount); return HC_SUCCESS; } @@ -333,7 +573,8 @@ static IdenticalAccountGroup g_identicalAccountGroup = { .base.type = IDENTICAL_ACCOUNT_GROUP, .base.createGroup = CreateGroup, .base.deleteGroup = DeleteGroup, - .generateGroupId = GenerateGroupId + .addMultiMembersToGroup = AddMultiMembersToGroup, + .delMultiMembersFromGroup = DelMultiMembersFromGroup, }; BaseGroup *GetIdenticalAccountGroupInstance(void) diff --git a/services/group_manager/src/group_operation/peer_to_peer_group/peer_to_peer_group.c b/services/group_manager/src/group_operation/peer_to_peer_group/peer_to_peer_group.c index 02aefe7..dba6a15 100644 --- a/services/group_manager/src/group_operation/peer_to_peer_group/peer_to_peer_group.c +++ b/services/group_manager/src/group_operation/peer_to_peer_group/peer_to_peer_group.c @@ -158,7 +158,7 @@ static int32_t GenerateGroupParams(const CJson *jsonParams, const char *groupId, static int32_t GenerateDevParams(const CJson *jsonParams, const char *groupId, TrustedDeviceEntry *devParams) { int32_t result; - if (((result = AddUdidToParams(devParams)) != HC_SUCCESS) || + if (((result = AddSelfUdidToParams(devParams)) != HC_SUCCESS) || ((result = AddAuthIdToParamsOrDefault(jsonParams, devParams))) || ((result = AddUserTypeToParamsOrDefault(jsonParams, devParams)) != HC_SUCCESS) || ((result = AddGroupIdToDevParams(groupId, devParams)) != HC_SUCCESS) || @@ -233,17 +233,6 @@ static int32_t DelPeerDevAndKeyInfo(int32_t osAccountId, const char *groupId, co return HC_SUCCESS; } -static bool IsLocalDevice(const char *udid) -{ - char localUdid[INPUT_UDID_LEN] = { 0 }; - int32_t res = HcGetUdid((uint8_t *)localUdid, INPUT_UDID_LEN); - if (res != HC_SUCCESS) { - LOGE("Failed to get local udid! res: %d", res); - return HC_ERR_DB; - } - return (strcmp(localUdid, udid) == 0); -} - static int32_t DelAllPeerDevAndKeyInfo(int32_t osAccountId, const char *groupId) { QueryDeviceParams queryParams = InitQueryDeviceParams(); @@ -370,25 +359,6 @@ static int32_t HandleLocalUnbind(int64_t requestId, const CJson *jsonParams, return HC_SUCCESS; } -static int32_t AssertPeerToPeerGroupType(int32_t groupType) -{ - if (groupType != PEER_TO_PEER_GROUP) { - LOGE("Invalid group type! [GroupType]: %d", groupType); - return HC_ERR_INVALID_PARAMS; - } - return HC_SUCCESS; -} - -static int32_t CheckInputGroupTypeValid(const CJson *jsonParams) -{ - int32_t groupType = PEER_TO_PEER_GROUP; - if (GetIntFromJson(jsonParams, FIELD_GROUP_TYPE, &groupType) != HC_SUCCESS) { - LOGE("Failed to get groupType from jsonParams!"); - return HC_ERR_JSON_GET; - } - return AssertPeerToPeerGroupType(groupType); -} - static int32_t IsPeerDeviceNotSelf(const char *peerUdid) { if (peerUdid == NULL) { @@ -453,7 +423,7 @@ static int32_t CheckInvitePeer(const CJson *jsonParams) int32_t result; if (((result = CheckGroupExist(osAccountId, groupId)) != HC_SUCCESS) || ((result = GetGroupTypeFromDb(osAccountId, groupId, &groupType)) != HC_SUCCESS) || - ((result = AssertPeerToPeerGroupType(groupType)) != HC_SUCCESS) || + ((result = AssertGroupTypeMatch(groupType, PEER_TO_PEER_GROUP)) != HC_SUCCESS) || ((result = CheckPermForGroup(osAccountId, MEMBER_INVITE, appId, groupId)) != HC_SUCCESS) || ((result = CheckDeviceNumLimit(osAccountId, groupId, NULL)) != HC_SUCCESS)) { return result; @@ -463,7 +433,12 @@ static int32_t CheckInvitePeer(const CJson *jsonParams) static int32_t CheckJoinPeer(const CJson *jsonParams) { - return CheckInputGroupTypeValid(jsonParams); + int32_t groupType = PEER_TO_PEER_GROUP; + if (GetIntFromJson(jsonParams, FIELD_GROUP_TYPE, &groupType) != HC_SUCCESS) { + LOGE("Failed to get groupType from jsonParams!"); + return HC_ERR_JSON_GET; + } + return AssertGroupTypeMatch(groupType, PEER_TO_PEER_GROUP); } static int32_t CheckDeletePeer(const CJson *jsonParams) @@ -488,7 +463,7 @@ static int32_t CheckDeletePeer(const CJson *jsonParams) int32_t result; if (((result = CheckGroupExist(osAccountId, groupId)) != HC_SUCCESS) || ((result = GetGroupTypeFromDb(osAccountId, groupId, &groupType)) != HC_SUCCESS) || - ((result = AssertPeerToPeerGroupType(groupType)) != HC_SUCCESS) || + ((result = AssertGroupTypeMatch(groupType, PEER_TO_PEER_GROUP)) != HC_SUCCESS) || ((result = CheckPermForGroup(osAccountId, MEMBER_DELETE, appId, groupId)) != HC_SUCCESS) || ((result = CheckPeerDeviceStatus(osAccountId, groupId, jsonParams)) != HC_SUCCESS)) { return result; @@ -712,7 +687,7 @@ static int32_t AddManagerWithCheck(int32_t osAccountId, const char *appId, const LOGE("No group is found based on the query parameters!"); return HC_ERR_GROUP_NOT_EXIST; } - if (AssertPeerToPeerGroupType(groupType) != HC_SUCCESS) { + if (AssertGroupTypeMatch(groupType, PEER_TO_PEER_GROUP) != HC_SUCCESS) { return HC_ERR_NOT_SUPPORT; } if (!IsGroupOwner(osAccountId, groupId, appId)) { @@ -730,10 +705,10 @@ static int32_t AddFriendWithCheck(int32_t osAccountId, const char *appId, const LOGE("No group is found based on the query parameters!"); return HC_ERR_GROUP_NOT_EXIST; } - if (AssertPeerToPeerGroupType(groupType) != HC_SUCCESS) { + if (AssertGroupTypeMatch(groupType, PEER_TO_PEER_GROUP) != HC_SUCCESS) { return HC_ERR_NOT_SUPPORT; } - if (!IsGroupEditAllowed(osAccountId, groupId, appId)) { + if (CheckGroupEditAllowed(osAccountId, groupId, appId) != HC_SUCCESS) { LOGE("You do not have the permission to add a friend to the group!"); return HC_ERR_ACCESS_DENIED; } @@ -749,7 +724,7 @@ static int32_t DeleteManagerWithCheck(int32_t osAccountId, const char *appId, co LOGE("No group is found based on the query parameters!"); return HC_ERR_GROUP_NOT_EXIST; } - if (AssertPeerToPeerGroupType(groupType) != HC_SUCCESS) { + if (AssertGroupTypeMatch(groupType, PEER_TO_PEER_GROUP) != HC_SUCCESS) { return HC_ERR_NOT_SUPPORT; } if (!IsGroupOwner(osAccountId, groupId, appId)) { @@ -768,10 +743,10 @@ static int32_t DeleteFriendWithCheck(int32_t osAccountId, const char *appId, con LOGE("No group is found based on the query parameters!"); return HC_ERR_GROUP_NOT_EXIST; } - if (AssertPeerToPeerGroupType(groupType) != HC_SUCCESS) { + if (AssertGroupTypeMatch(groupType, PEER_TO_PEER_GROUP) != HC_SUCCESS) { return HC_ERR_NOT_SUPPORT; } - if (!IsGroupEditAllowed(osAccountId, groupId, appId)) { + if (CheckGroupEditAllowed(osAccountId, groupId, appId) != HC_SUCCESS) { LOGE("You do not have the permission to add a friend to the group!"); return HC_ERR_ACCESS_DENIED; } @@ -787,7 +762,7 @@ static int32_t GetManagersWithCheck(int32_t osAccountId, const char *appId, cons LOGE("No group is found based on the query parameters!"); return HC_ERR_GROUP_NOT_EXIST; } - if (AssertPeerToPeerGroupType(groupType) != HC_SUCCESS) { + if (AssertGroupTypeMatch(groupType, PEER_TO_PEER_GROUP) != HC_SUCCESS) { return HC_ERR_NOT_SUPPORT; } if (!IsGroupOwner(osAccountId, groupId, appId)) { @@ -812,10 +787,10 @@ static int32_t GetFriendsWithCheck(int32_t osAccountId, const char *appId, const LOGE("No group is found based on the query parameters!"); return HC_ERR_GROUP_NOT_EXIST; } - if (AssertPeerToPeerGroupType(groupType) != HC_SUCCESS) { + if (AssertGroupTypeMatch(groupType, PEER_TO_PEER_GROUP) != HC_SUCCESS) { return HC_ERR_NOT_SUPPORT; } - if (!IsGroupEditAllowed(osAccountId, groupId, appId)) { + if (CheckGroupEditAllowed(osAccountId, groupId, appId) != HC_SUCCESS) { LOGE("You do not have the permission to query the group friends information!"); return HC_ERR_ACCESS_DENIED; } diff --git a/services/group_manager/src/session/bind_session/bind_session_common.c b/services/group_manager/src/session/bind_session/bind_session_common.c index 46651fe..98a9a7f 100644 --- a/services/group_manager/src/session/bind_session/bind_session_common.c +++ b/services/group_manager/src/session/bind_session/bind_session_common.c @@ -317,14 +317,9 @@ static int32_t AddDevInfoToParams(const TrustedDeviceEntry *devAuthParams, CJson static int32_t AddGroupInfoByDatabase(int32_t osAccountId, const char *groupId, CJson *params) { - TrustedGroupEntry *entry = CreateGroupEntry(); + TrustedGroupEntry *entry = GetGroupEntryById(osAccountId, groupId); if (entry == NULL) { - LOGE("Failed to allocate groupEntry memory!"); - return HC_ERR_ALLOC_MEMORY; - } - if (GetGroupInfoById(osAccountId, groupId, entry) != HC_SUCCESS) { - LOGE("Failed to obtain the group information from the database!"); - DestroyGroupEntry(entry); + LOGE("Failed to get groupEntry from db!"); return HC_ERR_DB; } if (AddGroupInfoToParams(entry, params) != HC_SUCCESS) { diff --git a/test/unittest/deviceauth/source/deviceauth_standard_test.cpp b/test/unittest/deviceauth/source/deviceauth_standard_test.cpp index 63deb3c..b2b89c4 100644 --- a/test/unittest/deviceauth/source/deviceauth_standard_test.cpp +++ b/test/unittest/deviceauth/source/deviceauth_standard_test.cpp @@ -370,6 +370,66 @@ HWTEST_F(GmDeleteMemberFromGroupTest, GmDeleteMemberFromGroupTest002, TestSize.L EXPECT_NE(ret, HC_SUCCESS); } +class GmAddMultiMembersToGroupTest : public testing::Test { +public: + static void SetUpTestCase(); + static void TearDownTestCase(); + void SetUp(); + void TearDown(); +}; + +void GmAddMultiMembersToGroupTest::SetUpTestCase() {} +void GmAddMultiMembersToGroupTest::TearDownTestCase() {} + +void GmAddMultiMembersToGroupTest::SetUp() +{ + int ret = InitDeviceAuthService(); + EXPECT_EQ(ret, HC_SUCCESS); +} + +void GmAddMultiMembersToGroupTest::TearDown() +{ + DestroyDeviceAuthService(); +} + +HWTEST_F(GmAddMultiMembersToGroupTest, GmAddMultiMembersToGroupTest002, TestSize.Level0) +{ + const DeviceGroupManager *gm = GetGmInstance(); + EXPECT_NE(gm, nullptr); + int32_t ret = gm->addMultiMembersToGroup(DEFAULT_OS_ACCOUNT, TEST_APP_ID, NULL); + EXPECT_NE(ret, HC_SUCCESS); +} + +class GmDelMultiMembersFromGroupTest : public testing::Test { +public: + static void SetUpTestCase(); + static void TearDownTestCase(); + void SetUp(); + void TearDown(); +}; + +void GmDelMultiMembersFromGroupTest::SetUpTestCase() {} +void GmDelMultiMembersFromGroupTest::TearDownTestCase() {} + +void GmDelMultiMembersFromGroupTest::SetUp() +{ + int ret = InitDeviceAuthService(); + EXPECT_EQ(ret, HC_SUCCESS); +} + +void GmDelMultiMembersFromGroupTest::TearDown() +{ + DestroyDeviceAuthService(); +} + +HWTEST_F(GmDelMultiMembersFromGroupTest, GmDelMultiMembersFromGroupTest002, TestSize.Level0) +{ + const DeviceGroupManager *gm = GetGmInstance(); + EXPECT_NE(gm, nullptr); + int32_t ret = gm->delMultiMembersFromGroup(DEFAULT_OS_ACCOUNT, TEST_APP_ID, NULL); + EXPECT_NE(ret, HC_SUCCESS); +} + class GmProcessDataTest : public testing::Test { public: static void SetUpTestCase();