diff --git a/common_lib/impl/src/common_util.c b/common_lib/impl/src/common_util.c index 79cae83..f3eea02 100644 --- a/common_lib/impl/src/common_util.c +++ b/common_lib/impl/src/common_util.c @@ -22,6 +22,7 @@ #define OUT_OF_HEX 16 #define NUMBER_9_IN_DECIMAL 9 +#define ASCII_CASE_DIFFERENCE_VALUE 32 static char HexToChar(uint8_t hex) { @@ -94,7 +95,7 @@ int64_t StringToInt64(const char *cp) return strtoll(cp, NULL, DEC); } -void ConvertToAnnoymousStr(const char *originalStr, char **anonymousStr) +void ConvertToAnonymousStr(const char *originalStr, char **anonymousStr) { if ((originalStr == NULL) || (anonymousStr == NULL)) { return; @@ -122,4 +123,25 @@ void ConvertToAnnoymousStr(const char *originalStr, char **anonymousStr) *anonymousStr = NULL; return; } +} + +int32_t ToUpperCase(const char *oriStr, char **desStr) +{ + if (oriStr == NULL || desStr == NULL) { + LOGE("Params is null."); + return HAL_ERR_INVALID_PARAM; + } + *desStr = HcMalloc(HcStrlen(oriStr) + 1, 0); + if (*desStr == NULL) { + LOGE("Failed to allocate desStr memory!"); + return HAL_ERR_BAD_ALLOC; + } + for (uint32_t i = 0; i < HcStrlen(oriStr); i++) { + if ((oriStr[i] >= 'a') && (oriStr[i] <= 'f')) { + (*desStr)[i] = oriStr[i] - ASCII_CASE_DIFFERENCE_VALUE; + } else { + (*desStr)[i] = oriStr[i]; + } + } + return HAL_SUCCESS; } \ No newline at end of file diff --git a/common_lib/interfaces/common_util.h b/common_lib/interfaces/common_util.h index 3af85f0..5f49ddc 100644 --- a/common_lib/interfaces/common_util.h +++ b/common_lib/interfaces/common_util.h @@ -58,6 +58,13 @@ int64_t StringToInt64(const char *cp); * @param originalStr: string to be converted * @param anonymousStr: the converted result */ -void ConvertToAnnoymousStr(const char *originalStr, char **anonymousStr); +void ConvertToAnonymousStr(const char *originalStr, char **anonymousStr); +/* + * Convert string to upper case. + * @param oriStr: original string. + * @param desStr: the converted result. Need free. + * @return success(0), otherwise, failure. + */ +int32_t ToUpperCase(const char *oriStr, char **desStr); #endif \ No newline at end of file diff --git a/services/common/inc/common_defs.h b/services/common/inc/common_defs.h index 9330519..3432181 100644 --- a/services/common/inc/common_defs.h +++ b/services/common/inc/common_defs.h @@ -147,8 +147,12 @@ typedef enum { } ChannelType; typedef enum { - SYMMETRIC = 0, - ASYMMETRIC = 1, + CREDENTIAL_TYPE_INVALID = 0, + CREDENTIAL_TYPE_AUTH_CODE = 0X0001, + CREDENTIAL_TYPE_TCIS = 0X0002, + CREDENTIAL_TYPE_DEFAULT_CONTROLLER = 0X0003, + CREDENTIAL_TYPE_DEVICE_CLOUD = 0X0004, + CREDENTIAL_TYPE_BLE = 0X0008, } CredentialType; #define MAX_IN_PARAM_LEN 4096 diff --git a/services/device_auth.c b/services/device_auth.c index 20db2dc..b9d45fb 100644 --- a/services/device_auth.c +++ b/services/device_auth.c @@ -226,7 +226,7 @@ static bool InitAuthDeviceTask(AuthDeviceTask *task, int64_t authReqId, CJson *a static bool InitProcessDataTask(AuthDeviceTask *task, int64_t authReqId, CJson *receivedData, const DeviceAuthCallback *gaCallback) { - task->base.doAction = DoProcessData; + task->base.doAction = DoProcessAuthData; task->base.destroy = DestroyGroupAuthTask; task->authReqId = authReqId; if (AddByteToJson(receivedData, FIELD_REQUEST_ID, (const uint8_t*)&authReqId, sizeof(int64_t)) != HC_SUCCESS) { diff --git a/services/group_auth/inc/account_related_group_auth/account_related_group_auth.h b/services/group_auth/inc/account_related_group_auth/account_related_group_auth.h index a46aa7e..0886412 100644 --- a/services/group_auth/inc/account_related_group_auth/account_related_group_auth.h +++ b/services/group_auth/inc/account_related_group_auth/account_related_group_auth.h @@ -20,15 +20,18 @@ #include "base_group_auth.h" #include "database_manager.h" -#define DEFAULT_CREDENTIAL_TYPE 2 - -typedef void (*GetTcisCandidateGroupFunc)(const CJson *param, GroupQueryParams *queryParams, GroupInfoVec *vec); +typedef void (*GetTcisCandidateGroupFunc)(const CJson *param, const GroupQueryParams *queryParams, GroupInfoVec *vec); typedef struct { BaseGroupAuth base; GetTcisCandidateGroupFunc getTcisCandidateGroup; } AccountRelatedGroupAuth; -BaseGroupAuth *GetAccountRelatedGroupAuth(void); - +#ifdef __cplusplus +extern "C" { +#endif +BaseGroupAuth *GetAccountRelatedGroupAuth(void); +#ifdef __cplusplus +} +#endif #endif diff --git a/services/group_auth/inc/account_unrelated_group_auth/account_unrelated_group_auth.h b/services/group_auth/inc/account_unrelated_group_auth/account_unrelated_group_auth.h index 78feaf8..307ad6f 100644 --- a/services/group_auth/inc/account_unrelated_group_auth/account_unrelated_group_auth.h +++ b/services/group_auth/inc/account_unrelated_group_auth/account_unrelated_group_auth.h @@ -26,6 +26,11 @@ typedef struct { OnDasErrorFunc onDasError; } NonAccountGroupAuth; -BaseGroupAuth *GetNonAccountGroupAuth(void); - +#ifdef __cplusplus +extern "C" { +#endif +BaseGroupAuth *GetAccountUnrelatedGroupAuth(void); +#ifdef __cplusplus +} +#endif #endif diff --git a/services/group_auth/inc/base_group_auth.h b/services/group_auth/inc/base_group_auth.h index 14bff8d..52f798c 100644 --- a/services/group_auth/inc/base_group_auth.h +++ b/services/group_auth/inc/base_group_auth.h @@ -18,15 +18,15 @@ #include #include "auth_session_common_defines.h" -#include "json_utils.h" #include "database_manager.h" #include "device_auth.h" +#include "json_utils.h" typedef struct { void (*onFinish)(int64_t requestId, const CJson *authParam, const CJson *out, const DeviceAuthCallback *callback); void (*onError)(int64_t requestId, const AuthSession *session, int errorCode); int32_t (*fillDeviceAuthInfo)(const GroupInfo *entry, const DeviceInfo *localAuthInfo, CJson *paramsData); - int32_t (*getAuthParamForServer)(CJson *dataFromClient, ParamsVec *authParamsVec); + int32_t (*getAuthParamForServer)(const CJson *dataFromClient, ParamsVec *authParamsVec); int32_t (*getReqParams)(const CJson *receiveData, CJson *reqParam); int32_t (*combineServerConfirmParams)(const CJson *confirmationJson, CJson *dataFromClient); int32_t authType; diff --git a/services/group_auth/inc/group_auth_manager.h b/services/group_auth/inc/group_auth_manager.h index 914d1f6..9c5214e 100644 --- a/services/group_auth/inc/group_auth_manager.h +++ b/services/group_auth/inc/group_auth_manager.h @@ -18,11 +18,16 @@ #include "group_auth_common_defines.h" +#ifdef __cplusplus +extern "C" { +#endif int32_t GetAuthState(int64_t authReqId, const char *groupId, const char *peerUdid, uint8_t *out, uint32_t *outLen); void InformDeviceDisconnection(const char *udid); bool IsTrustedDevice(const char *udid); int32_t QueryTrustedDeviceNum(void); void DoAuthDevice(HcTaskBase *task); -void DoProcessData(HcTaskBase *task); - +void DoProcessAuthData(HcTaskBase *task); +#ifdef __cplusplus +} +#endif #endif diff --git a/services/group_auth/src/group_auth_manager/account_related_group_auth_mock/account_related_group_auth_mock.c b/services/group_auth/src/group_auth_manager/account_related_group_auth_mock/account_related_group_auth_mock.c index cdea033..47e13c8 100644 --- a/services/group_auth/src/group_auth_manager/account_related_group_auth_mock/account_related_group_auth_mock.c +++ b/services/group_auth/src/group_auth_manager/account_related_group_auth_mock/account_related_group_auth_mock.c @@ -14,8 +14,10 @@ */ #include "account_related_group_auth.h" +#include "hc_log.h" BaseGroupAuth *GetAccountRelatedGroupAuth() { + LOGD("Device auth do not support account related auth!"); return NULL; } diff --git a/services/group_auth/src/group_auth_manager/account_unrelated_group_auth/account_unrelated_group_auth.c b/services/group_auth/src/group_auth_manager/account_unrelated_group_auth/account_unrelated_group_auth.c index 35203aa..28d0395 100644 --- a/services/group_auth/src/group_auth_manager/account_unrelated_group_auth/account_unrelated_group_auth.c +++ b/services/group_auth/src/group_auth_manager/account_unrelated_group_auth/account_unrelated_group_auth.c @@ -26,7 +26,7 @@ static void OnDasFinish(int64_t requestId, const CJson *authParam, const CJson * const DeviceAuthCallback *callback); static int32_t FillNonAccountAuthInfo(const GroupInfo *entry, const DeviceInfo *localAuthInfo, CJson *paramsData); static void OnDasError(int64_t requestId, const AuthSession *session, int errorCode); -static int32_t GetDasAuthParamForServer(CJson *dataFromClient, ParamsVec *authParamsVec); +static int32_t GetDasAuthParamForServer(const CJson *dataFromClient, ParamsVec *authParamsVec); static int32_t GetDasReqParams(const CJson *receiveData, CJson *reqParam); static int32_t CombineDasServerConfirmParams(const CJson *confirmationJson, CJson *dataFromClient); @@ -58,8 +58,8 @@ static int32_t AddPeerUdidToSelfData(const CJson *authParam, CJson *returnToSelf { const char *peerUdid = GetStringFromJson(authParam, FIELD_PEER_CONN_DEVICE_ID); if (peerUdid == NULL) { - LOGE("Failed to get peerUdid from authParam!"); - return HC_ERR_JSON_GET; + LOGD("The input has no peerUdid in authParam!"); + return HC_SUCCESS; } if (AddStringToJson(returnToSelf, FIELD_PEER_CONN_DEVICE_ID, peerUdid) != HC_SUCCESS) { LOGE("Failed to add peer udid!"); @@ -68,6 +68,21 @@ static int32_t AddPeerUdidToSelfData(const CJson *authParam, CJson *returnToSelf return HC_SUCCESS; } +static int32_t AddPeerAuthIdToSelfData(const CJson *authParam, CJson *returnToSelf) +{ + const char *peerAuthId = GetStringFromJson(authParam, FIELD_PEER_AUTH_ID); + if (peerAuthId == NULL) { + LOGD("No peerAuthId in auth session cached params!"); + return HC_SUCCESS; + } + + if (AddStringToJson(returnToSelf, FIELD_PEER_AUTH_ID, peerAuthId) != HC_SUCCESS) { + LOGE("Failed to add peerAuthId!"); + return HC_ERR_JSON_FAIL; + } + return HC_SUCCESS; +} + static int32_t AddSelfTypeToSelfData(const CJson *authParam, CJson *returnToSelf) { int32_t userType = 0; @@ -134,6 +149,10 @@ static int32_t PrepareDasReturnToSelfData(const CJson *authParam, const CJson *s if (res != HC_SUCCESS) { return res; } + res = AddPeerAuthIdToSelfData(authParam, returnToSelf); + if (res != HC_SUCCESS) { + return res; + } res = AddSelfTypeToSelfData(authParam, returnToSelf); if (res != HC_SUCCESS) { return res; @@ -163,10 +182,12 @@ static int32_t DasOnFinishToPeer(int64_t requestId, const CJson *out, const Devi return HC_ERR_ALLOC_MEMORY; } if ((callback != NULL) && (callback->onTransmit != NULL)) { + LOGD("Begin to transmit data to peer for auth in DasOnFinishToPeer."); if (!callback->onTransmit(requestId, (uint8_t *)sendToPeerStr, (uint32_t)strlen(sendToPeerStr) + 1)) { LOGE("Failed to transmit data to peer!"); res = HC_ERR_TRANSMIT_FAIL; } + LOGD("End to transmit data to peer for auth in DasOnFinishToPeer."); } FreeJsonString(sendToPeerStr); return res; @@ -200,6 +221,7 @@ static int32_t DasOnFinishToSelf(int64_t requestId, const CJson *authParam, cons return HC_ERR_ALLOC_MEMORY; } if ((callback != NULL) && (callback->onFinish != NULL)) { + LOGD("Group auth call onFinish for account unrelated auth."); callback->onFinish(requestId, AUTH_FORM_ACCOUNT_UNRELATED, returnStr); } ClearAndFreeJsonString(returnStr); @@ -225,48 +247,34 @@ static int32_t AddNonAccountPkgName(const GroupInfo *entry, CJson *paramsData) return res; } -static int32_t AddPeerUdidIfPossible(const char *peerUdid, const DeviceInfo *peerAuthInfo, CJson *paramsData) -{ - if (peerUdid != NULL) { - return HC_SUCCESS; - } - const char *peerUdidFromDb = StringGet(&peerAuthInfo->udid); - if (peerUdidFromDb == NULL) { - LOGE("Peer device's udid in db is null!"); - return HC_ERR_DB; - } - if (AddStringToJson(paramsData, FIELD_PEER_CONN_DEVICE_ID, peerUdidFromDb) != HC_SUCCESS) { - LOGE("Failed to add peer udid in db to paramsData!"); - return HC_ERR_JSON_FAIL; - } - return HC_SUCCESS; -} - static int32_t AddNonAccountAuthInfo(const DeviceInfo *localAuthInfo, const DeviceInfo *peerAuthInfo, CJson *paramsData) { int32_t keyLen = DEFAULT_RETURN_KEY_LENGTH; (void)GetIntFromJson(paramsData, FIELD_KEY_LENGTH, &keyLen); if (AddIntToJson(paramsData, FIELD_KEY_LENGTH, keyLen) != HC_SUCCESS) { - LOGE("Failed to add keyLen for client auth!"); + LOGE("Failed to add keyLen for auth!"); return HC_ERR_JSON_FAIL; } if (AddStringToJson(paramsData, FIELD_SELF_AUTH_ID, StringGet(&localAuthInfo->authId)) != HC_SUCCESS) { - LOGE("Failed to add self authId to paramsData!"); + LOGE("Failed to add self authId to paramsData from db!"); return HC_ERR_JSON_FAIL; } if (AddIntToJson(paramsData, FIELD_SELF_TYPE, localAuthInfo->devType) != HC_SUCCESS) { - LOGE("Failed to add self devType to paramsData!"); + LOGE("Failed to add self devType to paramsData from db!"); return HC_ERR_JSON_FAIL; } - if (AddStringToJson(paramsData, FIELD_PEER_AUTH_ID, StringGet(&peerAuthInfo->authId)) - != HC_SUCCESS) { - LOGE("Failed to add peer authId to paramsData!"); - return HC_ERR_JSON_FAIL; + const char *peerAuthId = GetStringFromJson(paramsData, FIELD_PEER_AUTH_ID); + if (peerAuthId == NULL) { + if (AddStringToJson(paramsData, FIELD_PEER_AUTH_ID, StringGet(&peerAuthInfo->authId)) + != HC_SUCCESS) { + LOGE("Failed to add peer authId to paramsData!"); + return HC_ERR_JSON_FAIL; + } } if (AddIntToJson(paramsData, FIELD_PEER_USER_TYPE, peerAuthInfo->devType) != HC_SUCCESS) { - LOGE("Failed to add peer devType to paramsData!"); + LOGE("Failed to add peer devType to paramsData from db!"); return HC_ERR_JSON_FAIL; } return HC_SUCCESS; @@ -301,6 +309,11 @@ static void OnDasError(int64_t requestId, const AuthSession *session, int errorC FreeJson(returnData); return; } + res = AddPeerAuthIdToSelfData(authParam, returnData); + if (res != HC_SUCCESS) { + FreeJson(returnData); + return; + } char *returnStr = PackJsonToString(returnData); FreeJson(returnData); if (returnStr == NULL) { @@ -308,6 +321,7 @@ static void OnDasError(int64_t requestId, const AuthSession *session, int errorC return; } if ((callback != NULL) && (callback->onError != NULL)) { + LOGE("Invoke OnDasError!"); callback->onError(requestId, AUTH_FORM_ACCOUNT_UNRELATED, errorCode, returnStr); } FreeJsonString(returnStr); @@ -342,11 +356,6 @@ static int32_t FillNonAccountAuthInfo(const GroupInfo *entry, const DeviceInfo * LOGE("Failed to add pkg name to paramsData!"); break; } - res = AddPeerUdidIfPossible(peerUdid, peerAuthInfo, paramsData); - if (res != HC_SUCCESS) { - LOGE("Failed to add peer udid!"); - break; - } res = AddNonAccountAuthInfo(localAuthInfo, peerAuthInfo, paramsData); if (res != HC_SUCCESS) { LOGE("Failed to add device auth info for non-account group!"); @@ -412,7 +421,7 @@ static int32_t CombineDasServerConfirmParams(const CJson *confirmationJson, CJso return HC_SUCCESS; } -static int32_t GetDasAuthParamForServer(CJson *dataFromClient, ParamsVec *authParamsVec) +static int32_t GetDasAuthParamForServer(const CJson *dataFromClient, ParamsVec *authParamsVec) { LOGI("Begin get non-account auth params for server."); int32_t res = GetAuthParamsList(dataFromClient, authParamsVec); @@ -441,7 +450,7 @@ static void OnDasFinish(int64_t requestId, const CJson *authParam, const CJson * LOGI("Call onFinish for non-account auth successfully."); } -BaseGroupAuth *GetNonAccountGroupAuth() +BaseGroupAuth *GetAccountUnrelatedGroupAuth() { return (BaseGroupAuth *)&g_nonAccountGroupAuth; } diff --git a/services/group_auth/src/group_auth_manager/account_unrelated_group_auth_mock/account_unrelated_group_auth_mock.c b/services/group_auth/src/group_auth_manager/account_unrelated_group_auth_mock/account_unrelated_group_auth_mock.c index 293e73a..6d0322a 100644 --- a/services/group_auth/src/group_auth_manager/account_unrelated_group_auth_mock/account_unrelated_group_auth_mock.c +++ b/services/group_auth/src/group_auth_manager/account_unrelated_group_auth_mock/account_unrelated_group_auth_mock.c @@ -14,8 +14,10 @@ */ #include "account_unrelated_group_auth.h" +#include "hc_log.h" -BaseGroupAuth *GetNonAccountGroupAuth() +BaseGroupAuth *GetAccountUnrelatedGroupAuth() { + LOGD("Device auth do not support account unrelated auth!"); return NULL; } diff --git a/services/group_auth/src/group_auth_manager/group_auth_manager.c b/services/group_auth/src/group_auth_manager/group_auth_manager.c index 330eef3..0c0b026 100644 --- a/services/group_auth/src/group_auth_manager/group_auth_manager.c +++ b/services/group_auth/src/group_auth_manager/group_auth_manager.c @@ -14,11 +14,29 @@ */ #include "group_auth_manager.h" +#include "common_defs.h" #include "database_manager.h" +#include "dev_auth_module_manager.h" #include "device_auth_defines.h" #include "hc_log.h" #include "session_manager.h" +static int32_t GetModuleTypeFromPayload(const CJson *authParams) +{ + int32_t authForm = AUTH_FORM_INVALID_TYPE; + if (GetIntFromJson(authParams, FIELD_AUTH_FORM, &authForm) != HC_SUCCESS) { + LOGE("[GetModuleTypeFromPayload], Failed to get authForm!"); + return INVALID_MODULE_TYPE; + } + if (authForm == AUTH_FORM_ACCOUNT_UNRELATED) { + return DAS_MODULE; + } else if ((authForm == AUTH_FORM_IDENTICAL_ACCOUNT) || (authForm == AUTH_FORM_ACROSS_ACCOUNT)) { + return TCIS_MODULE; + } + LOGE("Invalid authForm for repeated payload check!"); + return INVALID_MODULE_TYPE; +} + int32_t GetAuthState(int64_t authReqId, const char *groupId, const char *peerUdid, uint8_t *out, uint32_t *outLen) { (void)authReqId; @@ -38,7 +56,7 @@ void InformDeviceDisconnection(const char *udid) bool IsTrustedDevice(const char *udid) { if (udid == NULL) { - LOGE("InValid params in IsTrustedDevice"); + LOGE("Invalid params in IsTrustedDevice"); return false; } return IsTrustedDeviceExist(udid); @@ -61,34 +79,52 @@ void DoAuthDevice(HcTaskBase *task) LOGE("Failed to get role of client or server when start auth!"); return; } - int32_t result; - if (isClient) { - result = CreateSession(realTask->authReqId, TYPE_CLIENT_AUTH_SESSION, realTask->authParams, realTask->callback); - } else { - result = CreateSession(realTask->authReqId, TYPE_SERVER_AUTH_SESSION, realTask->authParams, realTask->callback); + if (!isClient) { + LOGI("Server invokes authDevice, return directly."); + return; } + int32_t result = CreateSession(realTask->authReqId, TYPE_CLIENT_AUTH_SESSION, realTask->authParams, + realTask->callback); if (result != HC_SUCCESS) { LOGE("Failed to create session for authDevice!"); + if ((result != HC_ERR_CREATE_SESSION_FAIL) && (realTask->callback != NULL) && + (realTask->callback->onError != NULL)) { + LOGE("[DoAuthDevice] Begin invoke onError by group auth manager!"); + realTask->callback->onError(realTask->authReqId, AUTH_FORM_INVALID_TYPE, result, NULL); + LOGE("[DoAuthDevice] End invoke onError by group auth manager!"); + } } } -void DoProcessData(HcTaskBase *task) +void DoProcessAuthData(HcTaskBase *task) { if (task == NULL) { LOGE("The input task is NULL, can't process auth data!"); return; } AuthDeviceTask *realTask = (AuthDeviceTask *)task; + int32_t res; if (IsRequestExist(realTask->authReqId)) { - int ret = ProcessSession(realTask->authReqId, AUTH_TYPE, realTask->authParams); - if (ret != HC_SUCCESS) { + res = ProcessSession(realTask->authReqId, AUTH_TYPE, realTask->authParams); + if (res != HC_SUCCESS) { DestroySession(realTask->authReqId); } return; } - int32_t result = CreateSession(realTask->authReqId, TYPE_SERVER_AUTH_SESSION, realTask->authParams, + res = CheckMsgRepeatability(realTask->authParams, GetModuleTypeFromPayload(realTask->authParams)); + if (res != HC_SUCCESS) { + LOGD("Caller inputs repeated payload, so we will ignore it."); + return; + } + res = CreateSession(realTask->authReqId, TYPE_SERVER_AUTH_SESSION, realTask->authParams, realTask->callback); - if (result != HC_SUCCESS) { + if (res != HC_SUCCESS) { LOGE("Failed to create session for process auth data!"); + if ((res != HC_ERR_CREATE_SESSION_FAIL) && (realTask->callback != NULL) && + (realTask->callback->onError != NULL)) { + LOGE("Begin invoke onError by group auth manager!"); + realTask->callback->onError(realTask->authReqId, AUTH_FORM_INVALID_TYPE, res, NULL); + LOGE("End invoke onError by group auth manager!"); + } } } diff --git a/services/group_auth/src/group_auth_manager_lite/group_auth_manager_lite.c b/services/group_auth/src/group_auth_manager_lite/group_auth_manager_lite.c index af078f5..c0a393b 100644 --- a/services/group_auth/src/group_auth_manager_lite/group_auth_manager_lite.c +++ b/services/group_auth/src/group_auth_manager_lite/group_auth_manager_lite.c @@ -15,10 +15,27 @@ #include "group_auth_manager.h" #include "common_defs.h" +#include "dev_auth_module_manager.h" #include "device_auth_defines.h" #include "hc_log.h" #include "session_manager.h" +static int32_t GetModuleTypeFromPayload(const CJson *authParams) +{ + int32_t authForm = AUTH_FORM_INVALID_TYPE; + if (GetIntFromJson(authParams, FIELD_AUTH_FORM, &authForm) != HC_SUCCESS) { + LOGE("[GetModuleTypeFromPayload], Failed to get authForm!"); + return HC_ERR_JSON_GET; + } + if (authForm == AUTH_FORM_ACCOUNT_UNRELATED) { + return DAS_MODULE; + } else if ((authForm == AUTH_FORM_IDENTICAL_ACCOUNT) || (authForm == AUTH_FORM_ACROSS_ACCOUNT)) { + return TCIS_MODULE; + } + LOGE("Invalid authForm for repeated payload check!"); + return INVALID_MODULE_TYPE; +} + int32_t GetAuthState(int64_t authReqId, const char *groupId, const char *peerUdid, uint8_t *out, uint32_t *outLen) { (void)authReqId; @@ -61,32 +78,44 @@ void DoAuthDevice(HcTaskBase *task) realTask->authParams, realTask->callback); if (result != HC_SUCCESS) { LOGE("Failed to create lite auth session for auth device!"); - if ((realTask->callback != NULL) && (realTask->callback->onError != NULL)) { + if ((result != HC_ERR_CREATE_SESSION_FAIL) && (realTask->callback != NULL) && + (realTask->callback->onError != NULL)) { + LOGE("[DoAuthDevice] Begin invoke onError by group auth manager lite!"); realTask->callback->onError(realTask->authReqId, AUTH_FORM_INVALID_TYPE, result, NULL); + LOGE("[DoAuthDevice] End invoke onError by group auth manager lite!"); } } } -void DoProcessData(HcTaskBase *task) +void DoProcessAuthData(HcTaskBase *task) { if (task == NULL) { LOGE("The input task is NULL, can't process lite-auth data!"); return; } AuthDeviceTask *realTask = (AuthDeviceTask *)task; + int32_t res; if (IsRequestExist(realTask->authReqId)) { - int ret = ProcessSession(realTask->authReqId, AUTH_TYPE, realTask->authParams); - if (ret != HC_SUCCESS) { + res = ProcessSession(realTask->authReqId, AUTH_TYPE, realTask->authParams); + if (res != HC_SUCCESS) { DestroySession(realTask->authReqId); } return; } - int32_t result = CreateSession(realTask->authReqId, TYPE_SERVER_AUTH_SESSION_LITE, realTask->authParams, + res = CheckMsgRepeatability(realTask->authParams, GetModuleTypeFromPayload(realTask->authParams)); + if (res != HC_SUCCESS) { + LOGD("Caller inputs repeated payload, so we will ignore it."); + return; + } + res = CreateSession(realTask->authReqId, TYPE_SERVER_AUTH_SESSION_LITE, realTask->authParams, realTask->callback); - if (result != HC_SUCCESS) { + if (res != HC_SUCCESS) { LOGE("Failed to create lite auth session for process data!"); - if ((realTask->callback != NULL) && (realTask->callback->onError != NULL)) { - realTask->callback->onError(realTask->authReqId, AUTH_FORM_INVALID_TYPE, result, NULL); + if ((res != HC_ERR_CREATE_SESSION_FAIL) && (realTask->callback != NULL) && + (realTask->callback->onError != NULL)) { + LOGE("Begin invoke onError by group auth manager lite!"); + realTask->callback->onError(realTask->authReqId, AUTH_FORM_INVALID_TYPE, res, NULL); + LOGE("End invoke onError by group auth manager lite!"); } } } \ No newline at end of file diff --git a/services/group_manager/src/group_manager/group_common.c b/services/group_manager/src/group_manager/group_common.c index bf2364a..4514efd 100644 --- a/services/group_manager/src/group_manager/group_common.c +++ b/services/group_manager/src/group_manager/group_common.c @@ -393,8 +393,8 @@ int32_t GenerateBindSuccessData(const char *peerAuthId, const char *groupId, cha } char *tempGroupId = NULL; char *tempAuthId = NULL; - ConvertToAnnoymousStr(groupId, &tempGroupId); - ConvertToAnnoymousStr(peerAuthId, &tempAuthId); + ConvertToAnonymousStr(groupId, &tempGroupId); + ConvertToAnonymousStr(peerAuthId, &tempAuthId); LOGI("Bind successfully! [GroupId]: %s, [AddId]: %s", tempGroupId == NULL ? "NULL" : tempGroupId, tempAuthId == NULL ? "NULL" : tempAuthId); @@ -433,8 +433,8 @@ int32_t GenerateUnbindSuccessData(const char *peerAuthId, const char *groupId, c } char *tempGroupId = NULL; char *tempAuthId = NULL; - ConvertToAnnoymousStr(groupId, &tempGroupId); - ConvertToAnnoymousStr(peerAuthId, &tempAuthId); + ConvertToAnonymousStr(groupId, &tempGroupId); + ConvertToAnonymousStr(peerAuthId, &tempAuthId); LOGI("Unbind successfully! [GroupId]: %s, [DeleteId]: %s", tempGroupId == NULL ? "NULL" : tempGroupId, tempAuthId == NULL ? "NULL" : tempAuthId); diff --git a/services/session/inc/auth_session/auth_session_client.h b/services/session/inc/auth_session/auth_session_client.h index 973de0c..ee2f68e 100644 --- a/services/session/inc/auth_session/auth_session_client.h +++ b/services/session/inc/auth_session/auth_session_client.h @@ -18,6 +18,11 @@ #include "auth_session_common.h" -Session *CreateClientAuthSession(CJson *param, const DeviceAuthCallback *callback); - +#ifdef __cplusplus +extern "C" { +#endif +Session *CreateClientAuthSession(CJson *param, const DeviceAuthCallback *callback); +#ifdef __cplusplus +} +#endif #endif diff --git a/services/session/inc/auth_session/auth_session_common.h b/services/session/inc/auth_session/auth_session_common.h index f05505c..959c7ff 100644 --- a/services/session/inc/auth_session/auth_session_common.h +++ b/services/session/inc/auth_session/auth_session_common.h @@ -18,8 +18,10 @@ #include "auth_session_common_defines.h" #include "common_defs.h" -#include "database_manager.h" +#ifdef __cplusplus +extern "C" { +#endif void InformLocalAuthError(const CJson *param, const DeviceAuthCallback *callback); void InformPeerAuthError(const CJson *param, const DeviceAuthCallback *callback); int32_t InformAuthError(AuthSession *session, const CJson *out, int errorCode); @@ -34,5 +36,7 @@ void CreateAuthParamsVec(ParamsVec *vec); void DestroyAuthParamsVec(ParamsVec *vec); int32_t ReturnSessionKey(int64_t requestId, const CJson *authParam, const CJson *out, const DeviceAuthCallback *callback); - +#ifdef __cplusplus +} +#endif #endif diff --git a/services/session/inc/auth_session/auth_session_server.h b/services/session/inc/auth_session/auth_session_server.h index d65fbde..0995faf 100644 --- a/services/session/inc/auth_session/auth_session_server.h +++ b/services/session/inc/auth_session/auth_session_server.h @@ -20,9 +20,11 @@ #include "device_auth.h" #include "json_utils.h" -#define INDEX_OF_PARAMS_FOR_TASK 1 -#define LIST_SIZE_ONE 1 - -Session *CreateServerAuthSession(CJson *param, const DeviceAuthCallback *callback); - +#ifdef __cplusplus +extern "C" { +#endif +Session *CreateServerAuthSession(CJson *param, const DeviceAuthCallback *callback); +#ifdef __cplusplus +} +#endif #endif diff --git a/services/session/inc/auth_session/auth_session_util.h b/services/session/inc/auth_session/auth_session_util.h index 312941f..2fa2ebf 100644 --- a/services/session/inc/auth_session/auth_session_util.h +++ b/services/session/inc/auth_session/auth_session_util.h @@ -21,9 +21,14 @@ #include "device_auth.h" #include "json_utils.h" - -int32_t GetGroupAuth(int32_t groupAuthType, BaseGroupAuth **groupAuthHandle); +#ifdef __cplusplus +extern "C" { +#endif +BaseGroupAuth *GetGroupAuth(int32_t groupAuthType); int32_t GetAuthModuleType(const CJson *in); int32_t GetInfoHash(const uint8_t *info, uint32_t infoLen, char *str, uint32_t strLen); - +bool IsBleAuthForAcrossAccount(const CJson *authParam); +#ifdef __cplusplus +} +#endif #endif diff --git a/services/session/inc/auth_session_common_util.h b/services/session/inc/auth_session_common_util.h index 98628bf..ed74416 100644 --- a/services/session/inc/auth_session_common_util.h +++ b/services/session/inc/auth_session_common_util.h @@ -20,8 +20,14 @@ #include "device_auth.h" #include "json_utils.h" +#ifdef __cplusplus +extern "C" { +#endif char *GetServerConfirmation(const CJson *paramsFromClient, const CJson *reqParam, const DeviceAuthCallback *callback); int32_t GetGeneralReqParams(const CJson *receiveData, CJson *reqParam); - +bool IsUidHashEqual(const char *uidHashInDb, const char *peerUidHash); +#ifdef __cplusplus +} +#endif #endif diff --git a/services/session/inc/auth_session_lite/auth_session_client_lite.h b/services/session/inc/auth_session_lite/auth_session_client_lite.h index e5285e1..90561cc 100644 --- a/services/session/inc/auth_session_lite/auth_session_client_lite.h +++ b/services/session/inc/auth_session_lite/auth_session_client_lite.h @@ -18,6 +18,11 @@ #include "auth_session_common_lite.h" -Session *CreateClientAuthSessionLite(CJson *in, const DeviceAuthCallback *callback); - +#ifdef __cplusplus +extern "C" { +#endif +Session *CreateClientAuthSessionLite(CJson *in, const DeviceAuthCallback *callback); +#ifdef __cplusplus +} +#endif #endif diff --git a/services/session/inc/auth_session_lite/auth_session_common_lite.h b/services/session/inc/auth_session_lite/auth_session_common_lite.h index 062ff6b..c3578a5 100644 --- a/services/session/inc/auth_session_lite/auth_session_common_lite.h +++ b/services/session/inc/auth_session_lite/auth_session_common_lite.h @@ -27,6 +27,9 @@ typedef struct AuthSessionLiteT { CJson *authParams; } AuthSessionLite; +#ifdef __cplusplus +extern "C" { +#endif int32_t ReturnTransmitDataLite(const AuthSessionLite *session, CJson *out); void InformLocalAuthErrorLite(const CJson *authParam, const DeviceAuthCallback *callback); void InformPeerAuthErrorLite(const CJson *in, const DeviceAuthCallback *callback); @@ -34,6 +37,8 @@ void InformAuthErrorLite(const CJson *in, const DeviceAuthCallback *callback, co int32_t CreateAndProcessLiteTask(AuthSessionLite *session, CJson *out, int32_t *status); int32_t ProcessLiteTaskStatusForAuth(const AuthSessionLite *session, CJson *out, int32_t status); void DestroyAuthSessionLite(Session *session); -AuthSessionLite *InitAuthSessionLite(CJson *param, const DeviceAuthCallback *callback); - +AuthSessionLite *InitAuthSessionLite(const CJson *in, const DeviceAuthCallback *callback); +#ifdef __cplusplus +} +#endif #endif diff --git a/services/session/inc/auth_session_lite/auth_session_server_lite.h b/services/session/inc/auth_session_lite/auth_session_server_lite.h index 99822d9..3fbebf6 100644 --- a/services/session/inc/auth_session_lite/auth_session_server_lite.h +++ b/services/session/inc/auth_session_lite/auth_session_server_lite.h @@ -18,6 +18,11 @@ #include "auth_session_common_lite.h" -Session *CreateServerAuthSessionLite(CJson *in, const DeviceAuthCallback *callback); - +#ifdef __cplusplus +extern "C" { +#endif +Session *CreateServerAuthSessionLite(CJson *in, const DeviceAuthCallback *callback); +#ifdef __cplusplus +} +#endif #endif diff --git a/services/session/src/auth_session/auth_session_client.c b/services/session/src/auth_session/auth_session_client.c index 49ac5ef..118ffbc 100644 --- a/services/session/src/auth_session/auth_session_client.c +++ b/services/session/src/auth_session/auth_session_client.c @@ -39,41 +39,21 @@ int32_t CheckInputAuthParams(const CJson *authParam) return HC_SUCCESS; } -static AuthSession *InitClientAuthSession(const DeviceAuthCallback *callback, ParamsVec *authParamsVec) -{ - AuthSession *session = (AuthSession *)HcMalloc(sizeof(AuthSession), 0); - if (session == NULL) { - LOGE("Failed to allocate memory for session!"); - DestroyAuthParamsVec(authParamsVec); - return NULL; - } - session->base.process = ProcessClientAuthSession; - session->base.destroy = DestroyAuthSession; - session->base.callback = callback; - session->currentIndex = 0; - session->paramsList = *authParamsVec; - int32_t res = GenerateSessionOrTaskId(&session->base.sessionId); - if (res != HC_SUCCESS) { - LOGE("Failed to generate session id!"); - DestroyAuthSession((Session *)session); - return NULL; - } - return session; -} - static int32_t ProcessClientAuthTask(AuthSession *session, int32_t moduleType, CJson *in, CJson *out) { int32_t status = 0; CJson *paramInSession = (session->paramsList).get(&(session->paramsList), session->currentIndex); + if (paramInSession == NULL) { + LOGE("Failed to get param in session!"); + return HC_ERR_NULL_PTR; + } int32_t res = ProcessTask(session->curTaskId, in, out, &status, moduleType); DeleteItemFromJson(in, FIELD_PAYLOAD); if (res != HC_SUCCESS) { DestroyTask(session->curTaskId, moduleType); - res = InformAuthError(session, out, res); - return res; + return InformAuthError(session, out, res); } - res = ProcessTaskStatusForAuth(session, paramInSession, out, status); - return res; + return ProcessTaskStatusForAuth(session, paramInSession, out, status); } static int32_t StartClientAuthTask(AuthSession *session) @@ -84,21 +64,17 @@ static int32_t StartClientAuthTask(AuthSession *session) return HC_ERR_NULL_PTR; } CJson *out = CreateJson(); - int32_t res; + if (out == NULL) { + LOGE("Failed to create json!"); + InformLocalAuthError(paramInSession, session->base.callback); + return HC_ERR_ALLOC_MEMORY; + } int32_t status = 0; - do { - if (out == NULL) { - LOGE("Failed to create json!"); - res = HC_ERR_ALLOC_MEMORY; - break; - } - res = CreateAndProcessTask(session, paramInSession, out, &status); - } while (0); + int32_t res = CreateAndProcessTask(session, paramInSession, out, &status); if (res != HC_SUCCESS) { - DestroyTask(session->curTaskId, GetAuthModuleType(paramInSession)); res = InformAuthError(session, out, res); FreeJson(out); - LOGD("Start process client auth task, res = %d.", res); + LOGD("Start process client auth task, res = %d.", res); return res; } res = ProcessTaskStatusForAuth(session, paramInSession, out, status); @@ -108,8 +84,8 @@ static int32_t StartClientAuthTask(AuthSession *session) int32_t CheckClientGroupAuthMsg(AuthSession *session, const CJson *in) { - int32_t GroupErrMsg = 0; - if (GetIntFromJson(in, FIELD_GROUP_ERROR_MSG, (int *)&GroupErrMsg) != HC_SUCCESS) { + int32_t groupErrMsg = 0; + if (GetIntFromJson(in, FIELD_GROUP_ERROR_MSG, (int *)&groupErrMsg) != HC_SUCCESS) { return HC_SUCCESS; } CJson *outData = CreateJson(); @@ -117,7 +93,7 @@ int32_t CheckClientGroupAuthMsg(AuthSession *session, const CJson *in) LOGE("Failed to malloc for outData!"); return HC_ERR_ALLOC_MEMORY; } - if (AddIntToJson(outData, FIELD_GROUP_ERROR_MSG, GroupErrMsg) != HC_SUCCESS) { + if (AddIntToJson(outData, FIELD_GROUP_ERROR_MSG, groupErrMsg) != HC_SUCCESS) { LOGE("Failed to add info to outData!"); FreeJson(outData); return HC_ERR_JSON_FAIL; @@ -159,7 +135,7 @@ static int32_t ProcessClientAuthSession(Session *session, CJson *in) ClearSensitiveStringInJson(out, FIELD_SESSION_KEY); FreeJson(out); if (res == FINISH) { - LOGI("End process client authSession, auth completed successfully."); + LOGD("End process client authSession."); } return res; } @@ -168,26 +144,34 @@ static Session *CreateClientAuthSessionInner(CJson *param, const DeviceAuthCallb { ParamsVec authParamsVec; CreateAuthParamsVec(&authParamsVec); - AuthSession *session = NULL; int32_t res = GetAuthParamsList(param, &authParamsVec); - if (res != HC_SUCCESS) { - LOGE("Failed to get auth param list!"); + if ((res != HC_SUCCESS) || (authParamsVec.size(&authParamsVec) == 0)) { + LOGE("Failed to get auth param list, candidate group = %u!", authParamsVec.size(&authParamsVec)); DestroyAuthParamsVec(&authParamsVec); InformLocalAuthError(param, callback); return NULL; } - if (authParamsVec.size(&authParamsVec) == 0) { - LOGE("No candidate auth group!"); - DestroyAuthParamsVec(&authParamsVec); - InformLocalAuthError(param, callback); - return NULL; - } - session = InitClientAuthSession(callback, &authParamsVec); + + AuthSession *session = (AuthSession *)HcMalloc(sizeof(AuthSession), 0); if (session == NULL) { - LOGE("Failed to initial session!"); + LOGE("Failed to allocate memory for session!"); + DestroyAuthParamsVec(&authParamsVec); InformLocalAuthError(param, callback); return NULL; } + session->base.process = ProcessClientAuthSession; + session->base.destroy = DestroyAuthSession; + session->base.callback = callback; + session->currentIndex = 0; + session->paramsList = authParamsVec; + res = GenerateSessionOrTaskId(&session->base.sessionId); + if (res != HC_SUCCESS) { + LOGE("Failed to generate session id!"); + DestroyAuthSession((Session *)session); + InformLocalAuthError(param, callback); + return NULL; + } + res = StartClientAuthTask(session); if (res != HC_SUCCESS) { DestroyAuthSession((Session *)session); @@ -198,6 +182,7 @@ static Session *CreateClientAuthSessionInner(CJson *param, const DeviceAuthCallb Session *CreateClientAuthSession(CJson *param, const DeviceAuthCallback *callback) { + LOGD("Begin create client authSession."); Session *session = NULL; if (CheckInputAuthParams(param) != HC_SUCCESS) { LOGE("Invalid input params!"); @@ -214,5 +199,6 @@ Session *CreateClientAuthSession(CJson *param, const DeviceAuthCallback *callbac LOGE("Failed to create client auth session!"); return NULL; } + LOGD("End create client authSession."); return session; } \ No newline at end of file diff --git a/services/session/src/auth_session/auth_session_common.c b/services/session/src/auth_session/auth_session_common.c index f3e525b..340dff3 100644 --- a/services/session/src/auth_session/auth_session_common.c +++ b/services/session/src/auth_session/auth_session_common.c @@ -20,6 +20,7 @@ #include "auth_session_util.h" #include "common_defs.h" #include "common_util.h" +#include "database_manager.h" #include "dev_auth_module_manager.h" #include "hc_log.h" #include "json_utils.h" @@ -48,13 +49,17 @@ static int32_t UnifyOldFormatParams(const CJson *param, ParamsVec *paramsVec) } int64_t uid = 0; uint32_t groupIdLen = SHA256_LEN * BYTE_TO_HEX_OPER_LENGTH + 1; - char groupId[SHA256_LEN * BYTE_TO_HEX_OPER_LENGTH + 1] = { 0 }; + char *groupId = (char *)HcMalloc(groupIdLen, 0); + if (groupId == NULL) { + LOGE("Failed to allocate memory for groupId!"); + FreeJson(oldFormatParams); + return HC_ERR_ALLOC_MEMORY; + } int32_t res = HC_SUCCESS; do { if (GetByteFromJson(param, FIELD_USER_ID, (uint8_t *)&uid, sizeof(int64_t)) != HC_SUCCESS) { LOGI("No uid in auth param!"); - } - if (uid == 0L) { + res = HC_ERR_JSON_GET; break; } if (GetInfoHash((const uint8_t *)&uid, sizeof(int64_t), groupId, groupIdLen) != HC_SUCCESS) { @@ -68,6 +73,8 @@ static int32_t UnifyOldFormatParams(const CJson *param, ParamsVec *paramsVec) break; } } while (0); + HcFree(groupId); + groupId = NULL; if (res != HC_SUCCESS) { FreeJson(oldFormatParams); return res; @@ -81,7 +88,7 @@ static bool IsGroupAvailable(const char *groupId, const char *pkgName) if (IsGroupAccessible(groupId, pkgName)) { return true; } - LOGI("%s don't have enough right for group: %s!", pkgName, groupId); + LOGD("%s don't have enough right for group: %s!", pkgName, groupId); return false; } @@ -90,6 +97,8 @@ static int32_t GroupTypeToAuthForm(int32_t groupType) int32_t authForm; switch (groupType) { case PEER_TO_PEER_GROUP: + authForm = AUTH_FORM_ACCOUNT_UNRELATED; + break; case COMPATIBLE_GROUP: authForm = AUTH_FORM_ACCOUNT_UNRELATED; break; @@ -110,35 +119,26 @@ static int32_t GroupTypeToAuthForm(int32_t groupType) static int32_t AddGeneralParams(const char *groupId, int32_t groupType, const DeviceInfo *localAuthInfo, CJson *paramsData) { - int32_t res = HC_SUCCESS; int32_t authForm = GroupTypeToAuthForm(groupType); + if (AddStringToJson(paramsData, FIELD_GROUP_ID, groupId) != HC_SUCCESS) { + LOGE("Failed to add groupId for client auth!"); + return HC_ERR_JSON_FAIL; + } + if (AddIntToJson(paramsData, FIELD_AUTH_FORM, authForm) != HC_SUCCESS) { + LOGE("Failed to add authFrom for client auth!"); + return HC_ERR_JSON_FAIL; + } const char *serviceType = StringGet(&(localAuthInfo->serviceType)); - do { - if (AddStringToJson(paramsData, FIELD_GROUP_ID, groupId) != HC_SUCCESS) { - LOGE("Failed to add groupId for client auth!"); - res = HC_ERR_JSON_FAIL; - break; + if ((groupType == COMPATIBLE_GROUP) && (serviceType != NULL)) { + if (AddStringToJson(paramsData, FIELD_SERVICE_TYPE, serviceType) != HC_SUCCESS) { + LOGE("Failed to add serviceType for client compatible group auth!"); + return HC_ERR_JSON_FAIL; } - if (AddIntToJson(paramsData, FIELD_AUTH_FORM, authForm) != HC_SUCCESS) { - LOGE("Failed to add authFrom for client auth!"); - res = HC_ERR_JSON_FAIL; - break; - } - if ((groupType == COMPATIBLE_GROUP) && (serviceType != NULL)) { - if (AddStringToJson(paramsData, FIELD_SERVICE_TYPE, serviceType) != HC_SUCCESS) { - LOGE("Failed to add serviceType for client compatible group auth!"); - res = HC_ERR_JSON_FAIL; - break; - } - } else { - if (AddStringToJson(paramsData, FIELD_SERVICE_TYPE, groupId) != HC_SUCCESS) { - LOGE("Failed to add serviceType with groupId for client auth!"); - res = HC_ERR_JSON_FAIL; - break; - } - } - } while (0); - return res; + } else if (AddStringToJson(paramsData, FIELD_SERVICE_TYPE, groupId) != HC_SUCCESS) { + LOGE("Failed to add serviceType with groupId for client auth!"); + return HC_ERR_JSON_FAIL; + } + return HC_SUCCESS; } static int32_t GetLocalDeviceInfoFromDatabase(const char *groupId, DeviceInfo *localAuthInfo) @@ -162,7 +162,7 @@ static int32_t ExtractAndAddParams(const char *groupId, const GroupInfo *groupIn int32_t res; DeviceInfo *localAuthInfo = CreateDeviceInfoStruct(); if (localAuthInfo == NULL) { - LOGE("Failed to allocate memory for peerAuthInfo!"); + LOGE("Failed to allocate memory for localAuthInfo!"); return HC_ERR_ALLOC_MEMORY; } int32_t groupType = groupInfo->type; @@ -177,9 +177,8 @@ static int32_t ExtractAndAddParams(const char *groupId, const GroupInfo *groupIn LOGE("Failed to add general params!"); break; } - BaseGroupAuth *groupAuth = NULL; - res = GetGroupAuth(GetGroupAuthType(authForm), &groupAuth); - if (res != HC_SUCCESS) { + BaseGroupAuth *groupAuth = GetGroupAuth(GetGroupAuthType(authForm)); + if (groupAuth == NULL) { LOGE("Failed to get group auth handle!"); break; } @@ -198,7 +197,7 @@ static int32_t FillAuthParams(const CJson *param, const GroupInfoVec *vec, Param const char *pkgName = GetStringFromJson(param, FIELD_SERVICE_PKG_NAME); if (pkgName == NULL) { LOGE("Pkg name is null, can't extract params from db!"); - return HC_ERR_INVALID_PARAMS; + return HC_ERR_NULL_PTR; } uint32_t index; void **ptr = NULL; @@ -219,49 +218,61 @@ static int32_t FillAuthParams(const CJson *param, const GroupInfoVec *vec, Param LOGE("Failed to duplicate auth param data!"); return HC_ERR_JSON_FAIL; } - if (ExtractAndAddParams(groupId, groupInfo, paramsData) == HC_SUCCESS) { - paramsVec->pushBack(paramsVec, (const void **)¶msData); + int32_t res = ExtractAndAddParams(groupId, groupInfo, paramsData); + if (res != HC_SUCCESS) { + LOGE("Failed to extract and add param!"); + FreeJson(paramsData); + continue; } + paramsVec->pushBack(paramsVec, (const void **)¶msData); } return HC_SUCCESS; } static void GetCandidateGroupByOrder(const CJson *param, GroupQueryParams *queryParams, GroupInfoVec *vec) { - BaseGroupAuth *groupAuth = NULL; - if (GetGroupAuth(ACCOUNT_RELATED_GROUP_AUTH_TYPE, &groupAuth) == HC_SUCCESS) { + BaseGroupAuth *groupAuth = GetGroupAuth(ACCOUNT_RELATED_GROUP_AUTH_TYPE); + if (groupAuth != NULL) { AccountRelatedGroupAuth *realGroupAuth = (AccountRelatedGroupAuth *)groupAuth; realGroupAuth->getTcisCandidateGroup(param, queryParams, vec); } queryParams->type = PEER_TO_PEER_GROUP; - (void)GetJoinedGroupInfoVecByDevId(queryParams, vec); + if (GetJoinedGroupInfoVecByDevId(queryParams, vec) != HC_SUCCESS) { + LOGD("No peer to peer group in db."); + } queryParams->type = COMPATIBLE_GROUP; - (void)GetJoinedGroupInfoVecByDevId(queryParams, vec); + if (GetJoinedGroupInfoVecByDevId(queryParams, vec) != HC_SUCCESS) { + LOGD("No compatible group in db."); + } } static int32_t InitGroupQueryParams(const char *peerUdid, const char *peerAuthId, GroupQueryParams *queryParams) { + uint32_t peerUdidLen = HcStrlen(peerUdid) + 1; + uint32_t peerAuthIdLen = HcStrlen(peerAuthId) + 1; queryParams->type = ALL_GROUP_TYPE; queryParams->visibility = ANY_GROUP_VISIBILITY; + queryParams->udid = NULL; + queryParams->authId = NULL; if (peerUdid != NULL) { - queryParams->udid = (char *)HcMalloc(HcStrlen(peerUdid) + 1, 0); + queryParams->udid = (char *)HcMalloc(peerUdidLen, 0); if (queryParams->udid == NULL) { LOGE("Failed to allocate memory for queryParams of udid!"); return HC_ERR_ALLOC_MEMORY; } - if (strcpy_s(queryParams->udid, HcStrlen(peerUdid) + 1, peerUdid) != HC_SUCCESS) { + if (strcpy_s(queryParams->udid, peerUdidLen, peerUdid) != EOK) { LOGE("Failed to copy udid for queryParams!"); HcFree(queryParams->udid); queryParams->udid = NULL; return HC_ERR_MEMORY_COPY; } } else if (peerAuthId != NULL) { - queryParams->authId = (char *)HcMalloc(HcStrlen(peerAuthId) + 1, 0); + queryParams->authId = (char *)HcMalloc(peerAuthIdLen, 0); if (queryParams->authId == NULL) { LOGE("Failed to allocate memory for queryParams of authId!"); return HC_ERR_ALLOC_MEMORY; } - if (strcpy_s(queryParams->authId, HcStrlen(peerAuthId) + 1, peerAuthId) != HC_SUCCESS) { + if (strcpy_s(queryParams->authId, peerAuthIdLen, peerAuthId) != EOK) { LOGE("Failed to copy authId for queryParams!"); HcFree(queryParams->authId); queryParams->authId = NULL; @@ -271,12 +282,13 @@ static int32_t InitGroupQueryParams(const char *peerUdid, const char *peerAuthId return HC_SUCCESS; } -static void DestroyGroupQueryParams(const char *peerUdid, const char *peerAuthId, GroupQueryParams *queryParams) +static void DestroyGroupQueryParams(GroupQueryParams *queryParams) { - if (peerUdid != NULL) { + if (queryParams->udid != NULL) { HcFree(queryParams->udid); queryParams->udid = NULL; - } else if (peerAuthId != NULL) { + } + if (queryParams->authId != NULL) { HcFree(queryParams->authId); queryParams->authId = NULL; } @@ -299,12 +311,12 @@ static void GetCandidateGroupInfo(const CJson *param, const char *peerUdid, return; } if (deviceLevelFlag && isClient) { - GetCandidateGroupByOrder(param, &queryParams, vec); + LOGI("Try to get device-level candidate groups for auth."); } else { queryParams.visibility = GROUP_VISIBILITY_PUBLIC; - GetCandidateGroupByOrder(param, &queryParams, vec); } - DestroyGroupQueryParams(peerUdid, peerAuthId, &queryParams); + GetCandidateGroupByOrder(param, &queryParams, vec); + DestroyGroupQueryParams(&queryParams); } static void GetGroupInfoByGroupId(const char *groupId, const char *peerUdid, const char *peerAuthId, GroupInfoVec *vec) @@ -330,14 +342,26 @@ static void GetGroupInfoByGroupId(const char *groupId, const char *peerUdid, con } } +static int32_t GetBleGroupInfoAndAuthParams(const CJson *param, ParamsVec *paramsVec) +{ + CJson *bleAuthParams = DuplicateJson(param); + if (bleAuthParams == NULL) { + LOGE("Failed to create json for ble auth params!"); + return HC_ERR_JSON_FAIL; + } + if (AddIntToJson(bleAuthParams, FIELD_AUTH_FORM, AUTH_FORM_ACROSS_ACCOUNT) != HC_SUCCESS) { + LOGE("Failed to add ble authForm!"); + FreeJson(bleAuthParams); + return HC_ERR_JSON_FAIL; + } + paramsVec->pushBack(paramsVec, (const void **)&bleAuthParams); + return HC_SUCCESS; +} + static int32_t GetCandidateAuthInfo(const char *groupId, const CJson *param, ParamsVec *authParamsVec) { const char *peerUdid = GetStringFromJson(param, FIELD_PEER_CONN_DEVICE_ID); const char *peerAuthId = GetStringFromJson(param, FIELD_PEER_AUTH_ID); - if ((peerUdid == NULL) && (peerAuthId == NULL)) { - LOGE("Invalid input, peer udid and peer auth id are both null!"); - return HC_ERR_INVALID_PARAMS; - } GroupInfoVec vec; CreateGroupInfoVecStruct(&vec); if (groupId == NULL) { @@ -348,11 +372,23 @@ static int32_t GetCandidateAuthInfo(const char *groupId, const CJson *param, Par if (vec.size(&vec) == 0) { LOGE("No satisfied candidate group!"); DestroyGroupInfoVecStruct(&vec); + char *anonyPeerUdid = NULL; + char *anonyPeerAuthId = NULL; + ConvertToAnonymousStr(peerUdid, &anonyPeerUdid); + ConvertToAnonymousStr(peerAuthId, &anonyPeerAuthId); + LOGE("[GetCandidateAuthInfo] [peerUdid]: %s", ((anonyPeerUdid == NULL) ? "NULL" : anonyPeerUdid)); + LOGE("[GetCandidateAuthInfo] [peerAuthId]: %s", ((anonyPeerAuthId == NULL) ? "NULL" : anonyPeerAuthId)); + HcFree(anonyPeerUdid); + HcFree(anonyPeerAuthId); + if (peerUdid != NULL) { + LOGE("[GetCandidateAuthInfo] peerUdid-IsTrustedDeviceExist = %s", + (IsTrustedDeviceExist(peerUdid) == true) ? "true" : "false"); + } return HC_ERR_NO_CANDIDATE_GROUP; } - int32_t ret = FillAuthParams(param, &vec, authParamsVec); + int32_t res = FillAuthParams(param, &vec, authParamsVec); DestroyGroupInfoVecStruct(&vec); - return ret; + return res; } static int32_t AddGroupAuthTransmitData(const AuthSession *session, CJson *sendToPeer) @@ -375,7 +411,12 @@ static int32_t AddGroupAuthTransmitData(const AuthSession *session, CJson *sendT return HC_ERR_JSON_GET; } if (isClient && (session->currentIndex < (list.size(&list) - 1))) { - const char *altGroup = GetStringFromJson(list.get(&list, session->currentIndex + 1), FIELD_SERVICE_TYPE); + CJson *nextParam = list.get(&list, session->currentIndex + 1); + if (nextParam == NULL) { + LOGE("Failed to get next auth params!"); + return HC_ERR_JSON_FAIL; + } + const char *altGroup = GetStringFromJson(nextParam, FIELD_SERVICE_TYPE); if ((altGroup != NULL) && (AddStringToJson(sendToPeer, FIELD_ALTERNATIVE, altGroup) != HC_SUCCESS)) { LOGE("Failed to add alternative group!"); return HC_ERR_JSON_FAIL; @@ -420,10 +461,12 @@ static int32_t ReturnTransmitData(const AuthSession *session, CJson *out) ret = HC_ERR_TRANSMIT_FAIL; break; } - if (!callback->onTransmit(requestId, (uint8_t *)outStr, (uint32_t)strlen(outStr) + 1)) { + LOGI("Start to transmit data to peer for auth!"); + if (!callback->onTransmit(requestId, (uint8_t *)outStr, HcStrlen(outStr) + 1)) { LOGE("Failed to transmit data to peer!"); ret = HC_ERR_TRANSMIT_FAIL; } + LOGI("End transmit data to peer for auth!"); } while (0); FreeJsonString(outStr); return ret; @@ -439,6 +482,9 @@ int32_t GetAuthParamsList(const CJson *param, ParamsVec *authParamsVec) if (IsOldFormatParams(param)) { LOGI("The input params' type is in old format!"); ret = UnifyOldFormatParams(param, authParamsVec); + } else if (IsBleAuthForAcrossAccount(param)) { + LOGD("This is across-account auth for ble device."); + ret = GetBleGroupInfoAndAuthParams(param, authParamsVec); } else { ret = GetCandidateAuthInfo(groupId, param, authParamsVec); } @@ -447,10 +493,6 @@ int32_t GetAuthParamsList(const CJson *param, ParamsVec *authParamsVec) static void ReturnFinishData(const AuthSession *session, const CJson *out) { - if (out == NULL) { - LOGE("The return data is null!"); - return; - } ParamsVec list = session->paramsList; const CJson *authParam = list.get(&list, session->currentIndex); if (authParam == NULL) { @@ -467,8 +509,8 @@ static void ReturnFinishData(const AuthSession *session, const CJson *out) LOGE("Failed to get auth type!"); return; } - BaseGroupAuth *groupAuth = NULL; - if (GetGroupAuth(GetGroupAuthType(authForm), &groupAuth) == HC_SUCCESS) { + BaseGroupAuth *groupAuth = GetGroupAuth(GetGroupAuthType(authForm)); + if (groupAuth != NULL) { groupAuth->onFinish(requestId, authParam, out, session->base.callback); } } @@ -492,12 +534,12 @@ static int32_t ReturnErrorToLocalBySession(const AuthSession *session, int error return HC_ERR_JSON_GET; } - BaseGroupAuth *groupAuth = NULL; - int32_t res = GetGroupAuth(GetGroupAuthType(authForm), &groupAuth); - if (res == HC_SUCCESS) { + BaseGroupAuth *groupAuth = GetGroupAuth(GetGroupAuthType(authForm)); + if (groupAuth != NULL) { + LOGE("Invoke ReturnErrorToLocalBySession for authForm:%d!", authForm); groupAuth->onError(requestId, session, errorCode); } - return res; + return HC_SUCCESS; } static int32_t AddVersionMsgToPeer(CJson *errorToPeer) @@ -588,11 +630,13 @@ static int32_t ReturnErrorToPeerBySession(const CJson *authParam, const DeviceAu res = HC_ERR_NULL_PTR; break; } - if (!callback->onTransmit(requestId, (uint8_t *)errorToPeerStr, (uint32_t)strlen(errorToPeerStr) + 1)) { - LOGE("Failed to invoke onTransmit!"); + LOGD("Begin transmit error msg to peer by session!"); + if (!callback->onTransmit(requestId, (uint8_t *)errorToPeerStr, HcStrlen(errorToPeerStr) + 1)) { + LOGE("Failed to invoke onTransmit by session!"); res = HC_ERR_TRANSMIT_FAIL; break; } + LOGD("End transmit error msg to peer by session!"); } while (0); FreeJsonString(errorToPeerStr); return res; @@ -601,10 +645,6 @@ static int32_t ReturnErrorToPeerBySession(const CJson *authParam, const DeviceAu static int32_t ReturnErrorToPeerByTask(const CJson *sendToPeer, const CJson *authParam, const DeviceAuthCallback *callback) { - if (sendToPeer == NULL) { - LOGD("NO need to send data to peer!"); - return HC_SUCCESS; - } int64_t requestId = 0; if (GetByteFromJson(authParam, FIELD_REQUEST_ID, (uint8_t *)&requestId, sizeof(int64_t)) != HC_SUCCESS) { LOGE("Failed to get request id!"); @@ -623,11 +663,13 @@ static int32_t ReturnErrorToPeerByTask(const CJson *sendToPeer, const CJson *aut res = HC_ERR_NULL_PTR; break; } - if (!callback->onTransmit(requestId, (uint8_t *)sendToPeerStr, (uint32_t)strlen(sendToPeerStr) + 1)) { - LOGE("Failed to invoke onTransmit!"); + LOGD("Begin transmit error msg to peer by task!"); + if (!callback->onTransmit(requestId, (uint8_t *)sendToPeerStr, HcStrlen(sendToPeerStr) + 1)) { + LOGE("Failed to invoke onTransmit by task!"); res = HC_ERR_TRANSMIT_FAIL; break; } + LOGD("End transmit error msg to peer by task!"); } while (0); FreeJsonString(sendToPeerStr); return res; @@ -655,12 +697,11 @@ static int32_t ProcessNextGroupIfPossible(AuthSession *session) return HC_ERR_NULL_PTR; } CJson *outNext = CreateJson(); + if (outNext == NULL) { + LOGE("Failed to create json for outNext!"); + return HC_ERR_ALLOC_MEMORY; + } do { - if (outNext == NULL) { - LOGE("Failed to create json for outNext!"); - res = HC_ERR_ALLOC_MEMORY; - break; - } int32_t status = 0; res = CreateAndProcessTask(session, paramInNextSession, outNext, &status); if (res != HC_SUCCESS) { @@ -679,7 +720,6 @@ static int32_t ProcessNextGroupIfPossible(AuthSession *session) int32_t ReturnSessionKey(int64_t requestId, const CJson *authParam, const CJson *out, const DeviceAuthCallback *callback) { - LOGI("Begin return session key."); int32_t keyLen = DEFAULT_RETURN_KEY_LENGTH; (void)GetIntFromJson(authParam, FIELD_KEY_LENGTH, &keyLen); uint8_t *sessionKey = (uint8_t *)HcMalloc(keyLen, 0); @@ -700,12 +740,13 @@ int32_t ReturnSessionKey(int64_t requestId, const CJson *authParam, res = HC_ERR_INVALID_PARAMS; break; } + LOGI("Begin invoke onSessionKeyReturned."); callback->onSessionKeyReturned(requestId, sessionKey, keyLen); + LOGI("End invoke onSessionKeyReturned, res = %d.", res); } while (0); (void)memset_s(sessionKey, keyLen, 0, keyLen); HcFree(sessionKey); sessionKey = NULL; - LOGI("End return session key, res = %d.", res); return res; } @@ -713,7 +754,6 @@ void DeleteCachedData(CJson *paramInSession) { DeleteItemFromJson(paramInSession, FIELD_PAYLOAD); DeleteItemFromJson(paramInSession, FIELD_SELF_AUTH_ID); - DeleteItemFromJson(paramInSession, FIELD_PEER_AUTH_ID); DeleteItemFromJson(paramInSession, FIELD_OPERATION_CODE); } @@ -723,6 +763,7 @@ int32_t GetGroupAuthType(int32_t authForm) case AUTH_FORM_ACCOUNT_UNRELATED: return ACCOUNT_UNRELATED_GROUP_AUTH_TYPE; case AUTH_FORM_IDENTICAL_ACCOUNT: + return ACCOUNT_RELATED_GROUP_AUTH_TYPE; case AUTH_FORM_ACROSS_ACCOUNT: return ACCOUNT_RELATED_GROUP_AUTH_TYPE; default: @@ -746,10 +787,12 @@ int32_t InformAuthError(AuthSession *session, const CJson *out, int errorCode) return res; } const CJson *sendToPeer = GetObjFromJson(out, FIELD_SEND_TO_PEER); - res = ReturnErrorToPeerByTask(sendToPeer, paramInSession, session->base.callback); - if (res != HC_SUCCESS) { - LOGE("Failed to return task's error msg to peer!"); - return res; + if (sendToPeer != NULL) { + res = ReturnErrorToPeerByTask(sendToPeer, paramInSession, session->base.callback); + if (res != HC_SUCCESS) { + LOGE("Failed to return task's error msg to peer!"); + return res; + } } res = ProcessNextGroupIfPossible(session); @@ -782,7 +825,7 @@ int32_t ProcessTaskStatusForAuth(const AuthSession *session, const CJson *param, int32_t res = HC_SUCCESS; switch (status) { case IGNORE_MSG: - LOGI("Ignore this msg."); + LOGD("Ignore this msg."); break; case CONTINUE: res = ReturnTransmitData(session, out); @@ -808,6 +851,10 @@ int32_t CreateAndProcessTask(AuthSession *session, CJson *paramInSession, CJson { int32_t moduleType = GetAuthModuleType(paramInSession); const char *pkgName = GetStringFromJson(paramInSession, FIELD_SERVICE_PKG_NAME); + if (pkgName == NULL) { + LOGE("Pkg name is null!"); + return HC_ERR_NULL_PTR; + } if (AddStringToJson(paramInSession, FIELD_PKG_NAME, pkgName) != HC_SUCCESS) { LOGE("Failed to add pkg name to json!"); return HC_ERR_JSON_FAIL; @@ -821,6 +868,7 @@ int32_t CreateAndProcessTask(AuthSession *session, CJson *paramInSession, CJson res = ProcessTask(session->curTaskId, paramInSession, out, status, moduleType); DeleteCachedData(paramInSession); if (res != HC_SUCCESS) { + DestroyTask(session->curTaskId, GetAuthModuleType(paramInSession)); LOGE("Failed to process task for auth!"); return res; } @@ -842,6 +890,7 @@ void InformLocalAuthError(const CJson *authParam, const DeviceAuthCallback *call return; } if ((callback != NULL) && (callback->onError != NULL)) { + LOGE("Invoke InformLocalAuthError!"); callback->onError(requestId, AUTH_FORM_INVALID_TYPE, HC_ERR_CREATE_SESSION_FAIL, NULL); } } diff --git a/services/session/src/auth_session/auth_session_server.c b/services/session/src/auth_session/auth_session_server.c index b8cc7de..88de078 100644 --- a/services/session/src/auth_session/auth_session_server.c +++ b/services/session/src/auth_session/auth_session_server.c @@ -34,13 +34,12 @@ static int32_t CombineServerParams(const CJson *confirmationJson, CJson *dataFro return HC_ERR_JSON_GET; } int32_t groupAuthType = GetGroupAuthType(authForm); - BaseGroupAuth *groupAuthHandle = NULL; - int32_t res = GetGroupAuth(groupAuthType, &groupAuthHandle); - if (res != HC_SUCCESS) { + BaseGroupAuth *groupAuthHandle = GetGroupAuth(groupAuthType); + if (groupAuthHandle == NULL) { LOGE("Failed to get group auth handle!"); - return res; + return HC_ERR_NOT_SUPPORT; } - res = groupAuthHandle->combineServerConfirmParams(confirmationJson, dataFromClient); + int32_t res = groupAuthHandle->combineServerConfirmParams(confirmationJson, dataFromClient); if (res != HC_SUCCESS) { LOGE("Failed to combine server confirm params!"); } @@ -55,14 +54,12 @@ static int32_t GetAuthInfoForServer(CJson *dataFromClient, ParamsVec *authParams return HC_ERR_JSON_FAIL; } int32_t groupAuthType = GetGroupAuthType(authForm); - BaseGroupAuth *groupAuthHandle = NULL; - int32_t res = GetGroupAuth(groupAuthType, &groupAuthHandle); - if (res != HC_SUCCESS) { + BaseGroupAuth *groupAuthHandle = GetGroupAuth(groupAuthType); + if (groupAuthHandle == NULL) { LOGE("Failed to get group auth handle!"); - return res; + return HC_ERR_NOT_SUPPORT; } - res = groupAuthHandle->getAuthParamForServer(dataFromClient, authParamsVec); - return res; + return groupAuthHandle->getAuthParamForServer(dataFromClient, authParamsVec); } static char *StartServerRequest(const CJson *dataFromClient, const DeviceAuthCallback *callback) @@ -80,13 +77,12 @@ static char *StartServerRequest(const CJson *dataFromClient, const DeviceAuthCal break; } int32_t groupAuthType = GetGroupAuthType(authForm); - BaseGroupAuth *groupAuthHandle = NULL; - int32_t res = GetGroupAuth(groupAuthType, &groupAuthHandle); - if (res != HC_SUCCESS) { + BaseGroupAuth *groupAuthHandle = GetGroupAuth(groupAuthType); + if (groupAuthHandle == NULL) { LOGE("Failed to get group auth handle!"); break; } - res = groupAuthHandle->getReqParams(dataFromClient, reqParam); + int32_t res = groupAuthHandle->getReqParams(dataFromClient, reqParam); if (res != HC_SUCCESS) { LOGE("Failed to get request params!"); break; @@ -133,28 +129,6 @@ static int32_t AddAuthParamByRequest(CJson *dataFromClient, const DeviceAuthCall return res; } -static AuthSession *InitServerAuthSession(const DeviceAuthCallback *callback, ParamsVec *authParamsVec) -{ - AuthSession *session = (AuthSession *)HcMalloc(sizeof(AuthSession), 0); - if (session == NULL) { - LOGE("Failed to malloc memory for session!"); - DestroyAuthParamsVec(authParamsVec); - return NULL; - } - session->base.process = ProcessServerAuthSession; - session->base.destroy = DestroyAuthSession; - session->base.callback = callback; - session->currentIndex = 0; - session->paramsList = *authParamsVec; - int32_t res = GenerateSessionOrTaskId(&session->base.sessionId); - if (res != HC_SUCCESS) { - LOGE("Failed to generate session id!"); - DestroyAuthSession((Session *)session); - return NULL; - } - return session; -} - static int32_t ProcessServerAuthTask(AuthSession *session, int32_t moduleType, CJson *in, CJson *out) { int32_t status = 0; @@ -193,7 +167,6 @@ static int32_t StartServerAuthTask(AuthSession *session, const CJson *receivedDa } int32_t status = 0; int32_t res = CreateAndProcessTask(session, paramInSession, out, &status); - DeleteCachedData(paramInSession); if (res != HC_SUCCESS) { LOGE("Failed to process server auth task, res = %d!", res); if (InformAuthError(session, out, res) != HC_SUCCESS) { @@ -209,8 +182,8 @@ static int32_t StartServerAuthTask(AuthSession *session, const CJson *receivedDa static int32_t CheckServerGroupAuthMsg(const CJson *in, const CJson *paramInSession, const DeviceAuthCallback *callback) { - int32_t GroupErrMsg = 0; - if (GetIntFromJson(in, FIELD_GROUP_ERROR_MSG, (int *)&GroupErrMsg) != HC_SUCCESS) { + int32_t groupErrMsg = 0; + if (GetIntFromJson(in, FIELD_GROUP_ERROR_MSG, (int *)&groupErrMsg) != HC_SUCCESS) { return HC_SUCCESS; } InformLocalAuthError(paramInSession, callback); @@ -246,38 +219,45 @@ static int ProcessServerAuthSession(Session *session, CJson *in) res = ProcessServerAuthTask(realSession, moduleType, in, out); FreeJson(out); if (res == FINISH) { - LOGI("End process server authSession, auth completed successfully."); + LOGI("End process server authSession."); } return res; } static AuthSession *CreateServerAuthSessionInner(CJson *param, const DeviceAuthCallback *callback) { - bool isClient = true; - (void)GetBoolFromJson(param, FIELD_IS_CLIENT, &isClient); - if (!isClient) { - LOGI("Server invokes authDevice, return directly."); + ParamsVec authVec; + CreateAuthParamsVec(&authVec); + int32_t res = AddAuthParamByRequest(param, callback, &authVec); + DeleteCachedData(param); + if ((res != HC_SUCCESS) || (authVec.size(&authVec) == 0)) { + LOGE("Failed to add auth param for server, res = %d, candidate auth group = %u!", res, authVec.size(&authVec)); + DestroyAuthParamsVec(&authVec); + InformPeerAuthError(param, callback); + InformLocalAuthError(param, callback); return NULL; } - ParamsVec authParamsVec; - CreateAuthParamsVec(&authParamsVec); - AuthSession *session = NULL; - int32_t res = AddAuthParamByRequest(param, callback, &authParamsVec); - DeleteCachedData(param); - if (res != HC_SUCCESS) { - LOGE("Failed to add auth param by request, res = %d!", res); - DestroyAuthParamsVec(&authParamsVec); - goto err; - } - if (authParamsVec.size(&authParamsVec) == 0) { - LOGE("No candidate auth group for server!"); - DestroyAuthParamsVec(&authParamsVec); - goto err; - } - session = InitServerAuthSession(callback, &authParamsVec); + + AuthSession *session = (AuthSession *)HcMalloc(sizeof(AuthSession), 0); if (session == NULL) { - LOGE("Failed to init auth session!"); - goto err; + LOGE("Failed to malloc memory for session!"); + DestroyAuthParamsVec(&authVec); + InformPeerAuthError(param, callback); + InformLocalAuthError(param, callback); + return NULL; + } + session->base.process = ProcessServerAuthSession; + session->base.destroy = DestroyAuthSession; + session->base.callback = callback; + session->currentIndex = 0; + session->paramsList = authVec; + res = GenerateSessionOrTaskId(&session->base.sessionId); + if (res != HC_SUCCESS) { + LOGE("Failed to generate session id!"); + DestroyAuthSession((Session *)session); + InformPeerAuthError(param, callback); + InformLocalAuthError(param, callback); + return NULL; } res = StartServerAuthTask(session, param); @@ -287,22 +267,11 @@ static AuthSession *CreateServerAuthSessionInner(CJson *param, const DeviceAuthC return NULL; } return (AuthSession *)session; -err: - InformPeerAuthError(param, callback); - InformLocalAuthError(param, callback); - return NULL; } Session *CreateServerAuthSession(CJson *param, const DeviceAuthCallback *callback) { - AuthSession *session = NULL; - if (AddIntToJson(param, FIELD_OPERATION_CODE, AUTHENTICATE) != HC_SUCCESS) { - LOGE("Failed to add operation code to json!"); - InformPeerAuthError(param, callback); - InformLocalAuthError(param, callback); - return NULL; - } - session = CreateServerAuthSessionInner(param, callback); + AuthSession *session = CreateServerAuthSessionInner(param, callback); if (session == NULL) { LOGE("Failed to create server auth session!"); return NULL; diff --git a/services/session/src/auth_session/auth_session_util.c b/services/session/src/auth_session/auth_session_util.c index b545f78..7d5de75 100644 --- a/services/session/src/auth_session/auth_session_util.c +++ b/services/session/src/auth_session/auth_session_util.c @@ -36,26 +36,19 @@ static int32_t AuthFormToModuleType(int32_t authForm) return moduleType; } -int32_t GetGroupAuth(int32_t groupAuthType, BaseGroupAuth **groupAuthHandle) +BaseGroupAuth *GetGroupAuth(int32_t groupAuthType) { switch (groupAuthType) { case ACCOUNT_UNRELATED_GROUP_AUTH_TYPE: LOGI("Non-account auth type."); - *groupAuthHandle = GetNonAccountGroupAuth(); - break; + return GetAccountUnrelatedGroupAuth(); case ACCOUNT_RELATED_GROUP_AUTH_TYPE: LOGI("Account-related auth type."); - *groupAuthHandle = GetAccountRelatedGroupAuth(); - break; + return GetAccountRelatedGroupAuth(); default: LOGE("Invalid auth type!"); - break; } - if ((*groupAuthHandle) == NULL) { - LOGE("Device auth do not support groupAuthType: %d, !", groupAuthType); - return HC_ERR_NULL_PTR; - } - return HC_SUCCESS; + return NULL; } int32_t GetAuthModuleType(const CJson *in) @@ -68,6 +61,17 @@ int32_t GetAuthModuleType(const CJson *in) return AuthFormToModuleType(authForm); } +bool IsBleAuthForAcrossAccount(const CJson *authParam) +{ + int32_t credentialType = CREDENTIAL_TYPE_DEFAULT_CONTROLLER; + if (GetIntFromJson(authParam, FIELD_CREDENTIAL_TYPE, &credentialType) != HC_SUCCESS) { + return false; + } + bool isBle = ((uint32_t)credentialType & CREDENTIAL_TYPE_BLE); + return isBle; +} + + int32_t GetInfoHash(const uint8_t *info, uint32_t infoLen, char *str, uint32_t strLen) { Uint8Buff infoHash = {NULL, SHA256_LEN}; @@ -108,4 +112,4 @@ int32_t GetInfoHash(const uint8_t *info, uint32_t infoLen, char *str, uint32_t s HcFree(infoHash.val); infoHash.val = NULL; return res; -} +} \ No newline at end of file diff --git a/services/session/src/auth_session_common_util.c b/services/session/src/auth_session_common_util.c index d9c61cd..5afa4e7 100644 --- a/services/session/src/auth_session_common_util.c +++ b/services/session/src/auth_session_common_util.c @@ -14,11 +14,22 @@ */ #include "auth_session_common_util.h" -#include "auth_session_common_defines.h" #include "common_defs.h" #include "common_util.h" #include "device_auth_defines.h" #include "hc_log.h" +#include "hc_types.h" +#define UID_HASH_HEX_STRING_LEN_MAX 64 +#define UID_HASH_HEX_STRING_LEN_MIN 10 + +static bool IsPeerUidHashLenValid(uint32_t peerUidHashLen) +{ + if ((peerUidHashLen < UID_HASH_HEX_STRING_LEN_MIN) || (peerUidHashLen > UID_HASH_HEX_STRING_LEN_MAX)) { + LOGE("The input uid hash len is invalid, input uid hash in hex string len = %d", peerUidHashLen); + return false; + } + return true; +} static int32_t AddPeerIdToReqParam(const CJson *receiveData, CJson *reqParam) { @@ -27,7 +38,7 @@ static int32_t AddPeerIdToReqParam(const CJson *receiveData, CJson *reqParam) LOGE("Failed to get peerId from the data transmitted by the client!"); return HC_ERR_JSON_GET; } - uint32_t peerIdLen = strlen(peerId); + uint32_t peerIdLen = HcStrlen(peerId); if ((peerIdLen == 0) || (peerIdLen > MAX_AUTH_ID_LEN) || ((peerIdLen % 2) != 0)) { /* 2: even numbers. */ LOGE("Invalid len of peerId!"); return HC_ERR_JSON_GET; @@ -77,7 +88,9 @@ char *GetServerConfirmation(const CJson *paramsFromClient, const CJson *reqParam LOGE("Failed to get request callback!"); break; } + LOGD("Begin to invoke onRequest for auth!"); serverInfo = callback->onRequest(requestId, authForm, reqParamStr); + LOGD("End to invoke onRequest for auth!"); if (serverInfo == NULL) { LOGE("Failed to get server confirmation info!"); } @@ -129,3 +142,33 @@ int32_t GetGeneralReqParams(const CJson *receiveData, CJson *reqParam) } return HC_SUCCESS; } + +bool IsUidHashEqual(const char *uidHashInDb, const char *peerUidHash) +{ + if ((uidHashInDb == NULL) || (peerUidHash == NULL)) { + LOGE("Input is null for uid hash!"); + return false; + } + char *peerUidHashToUpper = NULL; + int32_t result = ToUpperCase(peerUidHash, &peerUidHashToUpper); + if (result != HC_SUCCESS) { + LOGE("Failed to convert the input uidHash to upper case!"); + return result; + } + uint32_t uidHashInDbLen = strlen(uidHashInDb); + uint32_t peerUidHashLen = strlen(peerUidHash); + if (!IsPeerUidHashLenValid(peerUidHashLen)) { + HcFree(peerUidHashToUpper); + peerUidHashToUpper = NULL; + return false; + } + uint32_t cmpHashLen = (uidHashInDbLen > peerUidHashLen) ? peerUidHashLen : uidHashInDbLen; + if (memcmp(uidHashInDb, peerUidHashToUpper, cmpHashLen) == EOK) { + HcFree(peerUidHashToUpper); + peerUidHashToUpper = NULL; + return true; + } + HcFree(peerUidHashToUpper); + peerUidHashToUpper = NULL; + return false; +} \ No newline at end of file diff --git a/services/session/src/auth_session_lite/auth_session_client_lite.c b/services/session/src/auth_session_lite/auth_session_client_lite.c index 58d91f0..b2e83e7 100644 --- a/services/session/src/auth_session_lite/auth_session_client_lite.c +++ b/services/session/src/auth_session_lite/auth_session_client_lite.c @@ -27,11 +27,26 @@ static int32_t StartClientAuthLiteTask(AuthSessionLite *session) InformLocalAuthErrorLite(session->authParams, session->base.callback); return HC_ERR_ALLOC_MEMORY; } + const char *pkgName = GetStringFromJson(session->authParams, FIELD_SERVICE_PKG_NAME); + if (pkgName == NULL) { + LOGE("Pkg name is null, the input is invalid!"); + FreeJson(out); + InformLocalAuthErrorLite(session->authParams, session->base.callback); + return HC_ERR_INVALID_PARAMS; + } + if (AddStringToJson(session->authParams, FIELD_PKG_NAME, pkgName) != HC_SUCCESS) { + LOGE("Failed to add pkg name for client!"); + FreeJson(out); + InformLocalAuthErrorLite(session->authParams, session->base.callback); + return HC_ERR_JSON_FAIL; + } + int32_t status = 0; int32_t res = CreateAndProcessLiteTask(session, out, &status); if (res != HC_SUCCESS) { + LOGE("Failed to process for client auth session lite!"); + InformAuthErrorLite(session->authParams, session->base.callback, out, res); FreeJson(out); - LOGE("Failed to process for client auth session!"); return res; } res = ProcessLiteTaskStatusForAuth(session, out, status); @@ -39,12 +54,12 @@ static int32_t StartClientAuthLiteTask(AuthSessionLite *session) return res; } -static Session *CreateClientAuthSessionLiteInner(CJson *param, const DeviceAuthCallback *callback) +static Session *CreateClientAuthSessionLiteInner(const CJson *in, const DeviceAuthCallback *callback) { - AuthSessionLite *session = InitAuthSessionLite(param, callback); + AuthSessionLite *session = InitAuthSessionLite(in, callback); if (session == NULL) { LOGE("Failed to initial session!"); - InformLocalAuthErrorLite(param, callback); + InformLocalAuthErrorLite(in, callback); return NULL; } int32_t res = StartClientAuthLiteTask(session); diff --git a/services/session/src/auth_session_lite/auth_session_common_lite.c b/services/session/src/auth_session_lite/auth_session_common_lite.c index 8ec1727..1d70306 100644 --- a/services/session/src/auth_session_lite/auth_session_common_lite.c +++ b/services/session/src/auth_session_lite/auth_session_common_lite.c @@ -14,7 +14,6 @@ */ #include "auth_session_common_lite.h" -#include "auth_session_util.h" #include "common_defs.h" #include "das_module_defines.h" #include "dev_auth_module_manager.h" @@ -33,13 +32,28 @@ static int32_t ProcessAuthTaskLite(AuthSessionLite *session, int32_t moduleType, InformAuthErrorLite(in, session->base.callback, out, res); return res; } - res = ProcessLiteTaskStatusForAuth(session, out, status); - return res; + return ProcessLiteTaskStatusForAuth(session, out, status); +} + +static int32_t GetAuthModuleTypeLite(const CJson *in) +{ + int32_t authForm = AUTH_FORM_INVALID_TYPE; + if (GetIntFromJson(in, FIELD_AUTH_FORM, &authForm) != HC_SUCCESS) { + LOGE("Failed to get auth form!"); + return INVALID_MODULE_TYPE; + } + if (authForm == AUTH_FORM_ACCOUNT_UNRELATED) { + return DAS_MODULE; + } else if ((authForm == AUTH_FORM_IDENTICAL_ACCOUNT) || (authForm == AUTH_FORM_ACROSS_ACCOUNT)) { + return TCIS_MODULE; + } + LOGE("Invalid authForm for repeated payload check in auth session lite!"); + return INVALID_MODULE_TYPE; } static int ProcessAuthSessionLite(Session *session, CJson *in) { - LOGI("Begin process authSession lite."); + LOGD("Begin process authSession lite."); if ((session == NULL) || (in == NULL)) { LOGE("Invalid input params!"); return HC_ERR_INVALID_PARAMS; @@ -51,7 +65,7 @@ static int ProcessAuthSessionLite(Session *session, CJson *in) LOGE("Failed to create json!"); return HC_ERR_ALLOC_MEMORY; } - int32_t res = ProcessAuthTaskLite(realSession, GetAuthModuleType(realSession->authParams), in, out); + int32_t res = ProcessAuthTaskLite(realSession, GetAuthModuleTypeLite(realSession->authParams), in, out); FreeJson(out); LOGI("End process authSession lite, res = %d.", res); return res; @@ -75,6 +89,7 @@ static void ReturnErrorDataLite(const CJson *in, const DeviceAuthCallback *callb return; } if ((callback != NULL) && (callback->onError != NULL)) { + LOGE("Begin to invoke onError for lite auth!"); callback->onError(requestId, authForm, errorCode, returnStr); } FreeJsonString(returnStr); @@ -102,6 +117,7 @@ static int32_t ReturnSessionKeyLite(int64_t requestId, const CJson *authParams, res = HC_ERR_JSON_GET; break; } + LOGD("Begin to invoke onSessionKeyReturned for lite auth."); callback->onSessionKeyReturned(requestId, sessionKey, keyLen); } while (0); (void)memset_s(sessionKey, keyLen, 0, keyLen); @@ -126,11 +142,13 @@ static void ReturnFinishDataLiteInner(int64_t requestId, const CJson *in, const return; } if ((callback != NULL) && (callback->onTransmit != NULL)) { + LOGD("Begin to invoke onTransmit for lite auth!"); if (!callback->onTransmit(requestId, (uint8_t *)sendToPeerStr, (uint32_t)strlen(sendToPeerStr) + 1)) { LOGE("Failed to transmit data to peer!"); FreeJsonString(sendToPeerStr); return; } + LOGD("End to invoke onTransmit for lite auth!"); } FreeJsonString(sendToPeerStr); } @@ -139,12 +157,12 @@ static void ReturnFinishDataLiteInner(int64_t requestId, const CJson *in, const return; } char *returnStr = PackJsonToString(sendToSelf); - ClearSensitiveStringInJson(sendToSelf, FIELD_SESSION_KEY); if (returnStr == NULL) { LOGE("Failed to pack returnStr for onFinish!"); return; } if ((callback != NULL) && (callback->onFinish != NULL)) { + LOGD("Begin to invoke onFinish for lite auth."); callback->onFinish(requestId, authForm, returnStr); } ClearAndFreeJsonString(returnStr); @@ -194,10 +212,12 @@ int32_t ReturnTransmitDataLite(const AuthSessionLite *session, CJson *out) ret = HC_ERR_NULL_PTR; break; } + LOGD("Begin to invoke onTransmit for lite auth."); if (!callback->onTransmit(requestId, (uint8_t *)outStr, (uint32_t)strlen(outStr) + 1)) { LOGE("Failed to transmit data to peer!"); ret = HC_ERR_TRANSMIT_FAIL; } + LOGD("End to invoke onTransmit for lite auth."); } while (0); FreeJsonString(outStr); return ret; @@ -211,6 +231,7 @@ void InformLocalAuthErrorLite(const CJson *authParam, const DeviceAuthCallback * return; } if ((callback != NULL) && (callback->onError != NULL)) { + LOGE("Begin to invoke onError for lite auth."); callback->onError(requestId, AUTH_FORM_INVALID_TYPE, HC_ERR_CREATE_SESSION_FAIL, NULL); } } @@ -250,6 +271,7 @@ void InformPeerAuthErrorLite(const CJson *in, const DeviceAuthCallback *callback return; } if ((callback != NULL) && (callback->onTransmit != NULL)) { + LOGD("Begin to invoke onTransmit for lite auth."); (void)callback->onTransmit(requestId, (uint8_t *)errorToPeerStr, (uint32_t)strlen(errorToPeerStr) + 1); } FreeJsonString(errorToPeerStr); @@ -278,6 +300,7 @@ void InformAuthErrorLite(const CJson *in, const DeviceAuthCallback *callback, co return; } if ((callback != NULL) && (callback->onTransmit != NULL)) { + LOGD("Begin to invoke onTransmit for lite auth in InformAuthErrorLite."); (void)callback->onTransmit(requestId, (uint8_t *)sendToPeerStr, (uint32_t)strlen(sendToPeerStr) + 1); } FreeJsonString(sendToPeerStr); @@ -285,25 +308,16 @@ void InformAuthErrorLite(const CJson *in, const DeviceAuthCallback *callback, co int32_t CreateAndProcessLiteTask(AuthSessionLite *session, CJson *out, int32_t *status) { - int32_t moduleType = GetAuthModuleType(session->authParams); - const char *pkgName = GetStringFromJson(session->authParams, FIELD_SERVICE_PKG_NAME); - if (AddStringToJson(session->authParams, FIELD_PKG_NAME, pkgName) != HC_SUCCESS) { - LOGE("Failed to add pkg name to json!"); - InformLocalAuthErrorLite(session->authParams, session->base.callback); - InformPeerAuthErrorLite(session->authParams, session->base.callback); - return HC_ERR_JSON_FAIL; - } + int32_t moduleType = GetAuthModuleTypeLite(session->authParams); session->curTaskId = 0; int32_t res = CreateTask(&(session->curTaskId), session->authParams, out, moduleType); if (res != HC_SUCCESS) { LOGE("Failed to create task for auth!"); - InformAuthErrorLite(session->authParams, session->base.callback, out, res); return res; } res = ProcessTask(session->curTaskId, session->authParams, out, status, moduleType); if (res != HC_SUCCESS) { LOGE("Failed to process task for auth!"); - InformAuthErrorLite(session->authParams, session->base.callback, out, res); return res; } return HC_SUCCESS; @@ -314,11 +328,10 @@ int32_t ProcessLiteTaskStatusForAuth(const AuthSessionLite *session, CJson *out, int32_t res = HC_SUCCESS; switch (status) { case IGNORE_MSG: - LOGI("Ignore this msg."); + LOGD("Ignore this msg."); break; case CONTINUE: res = ReturnTransmitDataLite(session, out); - FreeJson(out); if (res != HC_SUCCESS) { LOGE("Failed to transmit lite auth data to peer!"); InformLocalAuthErrorLite(session->authParams, session->base.callback); @@ -326,6 +339,7 @@ int32_t ProcessLiteTaskStatusForAuth(const AuthSessionLite *session, CJson *out, break; case FINISH: ReturnFinishDataLite(session->authParams, session->base.callback, out); + ClearSensitiveStringInJson(out, FIELD_SESSION_KEY); res = FINISH; break; default: @@ -347,7 +361,7 @@ void DestroyAuthSessionLite(Session *session) realSession = NULL; } -AuthSessionLite *InitAuthSessionLite(CJson *param, const DeviceAuthCallback *callback) +AuthSessionLite *InitAuthSessionLite(const CJson *in, const DeviceAuthCallback *callback) { AuthSessionLite *session = (AuthSessionLite *)HcMalloc(sizeof(AuthSessionLite), 0); if (session == NULL) { @@ -357,7 +371,7 @@ AuthSessionLite *InitAuthSessionLite(CJson *param, const DeviceAuthCallback *cal session->base.process = ProcessAuthSessionLite; session->base.destroy = DestroyAuthSessionLite; session->base.callback = callback; - session->authParams = DuplicateJson(param); + session->authParams = DuplicateJson(in); if (session->authParams == NULL) { LOGE("Failed to duplicate param!"); DestroyAuthSessionLite((Session *)session); diff --git a/services/session/src/auth_session_lite/auth_session_server_lite.c b/services/session/src/auth_session_lite/auth_session_server_lite.c index 5819c08..0131230 100644 --- a/services/session/src/auth_session_lite/auth_session_server_lite.c +++ b/services/session/src/auth_session_lite/auth_session_server_lite.c @@ -29,12 +29,28 @@ static int32_t StartServerAuthLiteTask(AuthSessionLite *session) InformPeerAuthErrorLite(session->authParams, session->base.callback); return HC_ERR_ALLOC_MEMORY; } + + const char *pkgName = GetStringFromJson(session->authParams, FIELD_SERVICE_PKG_NAME); + if (pkgName == NULL) { + LOGE("Pkg name is null, the input is invalid!"); + FreeJson(out); + return HC_ERR_INVALID_PARAMS; + } + if (AddStringToJson(session->authParams, FIELD_PKG_NAME, pkgName) != HC_SUCCESS) { + LOGE("Failed to add pkg name for server!"); + FreeJson(out); + InformPeerAuthErrorLite(session->authParams, session->base.callback); + InformLocalAuthErrorLite(session->authParams, session->base.callback); + return HC_ERR_JSON_FAIL; + } + int32_t status = 0; int32_t res = CreateAndProcessLiteTask(session, out, &status); DeleteItemFromJson(session->authParams, FIELD_PAYLOAD); if (res != HC_SUCCESS) { + LOGE("Failed to process for server auth lite session!"); + InformAuthErrorLite(session->authParams, session->base.callback, out, res); FreeJson(out); - LOGE("Failed to process for Server auth lite session!"); return res; } res = ProcessLiteTaskStatusForAuth(session, out, status); @@ -44,11 +60,6 @@ static int32_t StartServerAuthLiteTask(AuthSessionLite *session) static int32_t CombineServerParamsLite(const CJson *confirmationJson, CJson *dataFromClient) { - bool isClient = false; - if (AddBoolToJson(dataFromClient, FIELD_IS_CLIENT, isClient) != HC_SUCCESS) { - LOGE("Failed to combine server param with isClient!"); - return HC_ERR_JSON_FAIL; - } const char *pkgName = GetStringFromJson(confirmationJson, FIELD_SERVICE_PKG_NAME); if (pkgName == NULL) { LOGE("Failed to get pkgName from confirmation data!"); @@ -59,23 +70,23 @@ static int32_t CombineServerParamsLite(const CJson *confirmationJson, CJson *dat return HC_ERR_JSON_FAIL; } const char *selfId = GetStringFromJson(confirmationJson, FIELD_SELF_AUTH_ID); - if (selfId == NULL) { - LOGE("Failed to get selfId from confirmation data!"); - return HC_ERR_JSON_GET; - } - if (AddStringToJson(dataFromClient, FIELD_SELF_AUTH_ID, selfId) != HC_SUCCESS) { - LOGE("Failed to combine server param with selfId!"); - return HC_ERR_JSON_FAIL; + if (selfId != NULL) { + LOGD("Begin to add selfId for server auth!"); + if (AddStringToJson(dataFromClient, FIELD_SELF_AUTH_ID, selfId) != HC_SUCCESS) { + LOGE("Failed to combine server param with selfId!"); + return HC_ERR_JSON_FAIL; + } } + int32_t selfType; - if (GetIntFromJson(confirmationJson, FIELD_SELF_TYPE, &selfType) != HC_SUCCESS) { - LOGE("Failed to get selfId from confirmation data!"); - return HC_ERR_JSON_GET; - } - if (AddIntToJson(dataFromClient, FIELD_SELF_TYPE, selfType) != HC_SUCCESS) { - LOGE("Failed to combine server param with selfType!"); - return HC_ERR_JSON_FAIL; + if (GetIntFromJson(confirmationJson, FIELD_SELF_TYPE, &selfType) == HC_SUCCESS) { + LOGD("Begin to add selfId for server auth!"); + if (AddIntToJson(dataFromClient, FIELD_SELF_TYPE, selfType) != HC_SUCCESS) { + LOGE("Failed to combine server param with selfType!"); + return HC_ERR_JSON_FAIL; + } } + const char *serviceType = GetStringFromJson(confirmationJson, FIELD_SERVICE_TYPE); if (serviceType == NULL) { LOGE("Failed to get serviceType from confirmation data!"); @@ -160,7 +171,7 @@ static Session *CreateServerAuthSessionLiteInner(CJson *in, const DeviceAuthCall Session *CreateServerAuthSessionLite(CJson *in, const DeviceAuthCallback *callback) { if (AddBoolToJson(in, FIELD_IS_CLIENT, false) != HC_SUCCESS) { - LOGE("Failed to add isClient to json!"); + LOGE("Failed to add isClient to json for server auth!"); InformLocalAuthErrorLite(in, callback); InformPeerAuthErrorLite(in, callback); return NULL;