!129 [新需求]: CA向导需求

Merge pull request !129 from 上官景威/master

CertManager/src/main/ets/MainAbility/CertPickerUiExtAbility.ets

@@ -17,6 +17,10 @@ import Want from '@ohos.app.ability.Want';
 import UIExtensionContentSession from '@ohos.app.ability.UIExtensionContentSession';
 import { GlobalContext, PwdStore } from '../common/GlobalContext';
 import UIExtensionAbility from '@ohos.app.ability.UIExtensionAbility';
+import { BusinessError } from '@ohos.base';
+
+const PAGE_CA_INSTALL = 5;
+const TAG = 'CertPickerUiExtAbility';
 
 export default class CertPickerUiExtAbility extends UIExtensionAbility {
   onCreate(): void {
@@ -39,9 +43,22 @@ export default class CertPickerUiExtAbility extends UIExtensionAbility {
       'want': want
     }
     let storage: LocalStorage = new LocalStorage(param);
-    session.loadContent('pages/picker/CertManagerSheetFa', storage);
-    let pwdStore = new PwdStore();
-    GlobalContext.getContext().setPwdStore(pwdStore);
+    try {
+      if (this.isStartToInstall(want.parameters)) {
+        session.loadContent('pages/CertificateInstallPage', storage);
+      } else {
+        session.loadContent('pages/picker/CertManagerSheetFa', storage);
+        let pwdStore = new PwdStore();
+        GlobalContext.getContext().setPwdStore(pwdStore);
+        GlobalContext.getContext().setAbilityWant(want);
+      }
+    } catch (err) {
+      let error = err as BusinessError;
+      console.error(TAG, `onSessionCreat load content failed: ${error?.code}, msg:${error?.message}`);
+      session.terminateSelf();
+      return;
+    }
+
     try {
       session.setWindowBackgroundColor('#00000000');
     } catch (err) {
@@ -49,6 +66,12 @@ export default class CertPickerUiExtAbility extends UIExtensionAbility {
     }
   }
 
+  private isStartToInstall(parameters: Record<string, Object> | undefined): boolean {
+    if(parameters === undefined) {
+      return false;
+    }
+    return parameters['pageType'] === PAGE_CA_INSTALL;
+  }
   onSessionDestroy(): void {
     // Main window is destroyed, release UI related resources
     GlobalContext.getContext().clearSession();

CertManager/src/main/ets/model/CertMangerModel.ets

@@ -33,7 +33,8 @@ export enum CMModelErrorCode {
   CM_MODEL_ERROR_INCORRECT_FORMAT = -6,
   CM_MODEL_ERROR_MAX_QUANTITY_REACHED = -7,
   CM_MODEL_ERROR_ALIAS_LENGTH_REACHED_LIMIT = -8,
-  CM_MODEL_ERROR_PASSWORD_ERR = -9
+  CM_MODEL_ERROR_PASSWORD_ERR = -9,
+  CM_MODEL_ERROR_ADVANCED_SECURITY = -10
 }
 
 export enum CMModelOptType {
@@ -258,8 +259,8 @@ export class CertMangerModel {
     console.info(TAG + 'installCertOrCred start');
     switch (optType) {
       case CMModelOptType.CM_MODEL_OPT_USER_CA:
-        this.installUserCertificate(data, alias, (errCode: CMModelErrorCode) => {
-          callback(errCode);
+        this.installUserCertificate(data, alias, (errCode: CMModelErrorCode, uri: string) => {
+          callback(errCode, uri);
         });
         break;
       case CMModelOptType.CM_MODEL_OPT_APP_CRED:
@@ -671,12 +672,12 @@ export class CertMangerModel {
       return;
     }
     try {
-      await CertManager.installUserTrustedCertificate({
+      let result = await CertManager.installUserTrustedCertificate({
         inData: data,
         alias: alias
       });
       console.info(TAG + 'installUserCertificate end');
-      callback(CMModelErrorCode.CM_MODEL_ERROR_SUCCESS);
+      callback(CMModelErrorCode.CM_MODEL_ERROR_SUCCESS, result.uri);
     } catch (err) {
       let e: BusinessError = err as BusinessError;
       if (e.code === CertManager.CMErrorCode.CM_ERROR_INCORRECT_FORMAT) {

CertManager/src/main/ets/model/CheckUserAuthModel.ets

@@ -43,6 +43,7 @@ export class CheckUserAuthModel {
     } else {
       /* The user does not set identity authentication. */
       callback(true);
+      return;
     }
 
     const authParam: userAuth.AuthParam = {

CertManager/src/main/ets/pages/CertificateInstallPage.ets

@@ -0,0 +1,212 @@
+/**
+ * Copyright (c) 2024-2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import { CustomContentDialog, AlertDialog } from '@ohos.arkui.advanced.Dialog';
+import { CMModelErrorCode, CMModelOptType } from '../model/CertMangerModel';
+import checkUserAuthModel from '../model/CheckUserAuthModel';
+import { BusinessError } from '@ohos.base';
+import UIExtensionContentSession from '@ohos.app.ability.UIExtensionContentSession';
+import certManagerModel from '../model/CertMangerModel';
+import util from '@ohos.util';
+
+/* instrument ignore file */
+
+const TAG = 'CertificateInstallPage';
+let storage = LocalStorage.getShared();
+
+@Entry(storage)
+@Component
+struct CertificateInstallPage {
+  @State installFailedDialogMessage: ResourceStr = '';
+  @State callerName: string = '';
+  @State resultCode: number = CMModelErrorCode.CM_MODEL_ERROR_FAILED;
+  @State successUri: string = '';
+  ;
+  private session: UIExtensionContentSession =
+    storage?.get<UIExtensionContentSession>('session') as UIExtensionContentSession;
+  private want: Want = storage?.get<Want>('want') as Want;
+
+  private context: Context = getContext(this);
+
+  installFailedDialog: CustomDialogController = new CustomDialogController({
+    alignment: DialogAlignment.Center,
+    showInSubWindow: true,
+    cancel: () => {
+      this.session?.terminateSelfWithResult({
+        resultCode: this.resultCode
+      });
+    },
+    builder: AlertDialog({
+      primaryTitle: $r('app.string.cert_install_failed'),
+      content: this.installFailedDialogMessage,
+      primaryButton: {
+        value: $r('app.string.OK'),
+        action: () => {
+          this.session?.terminateSelfWithResult({
+            resultCode: this.resultCode
+          });
+        }
+      }
+    })
+  });
+
+  installSuccessDialog: CustomDialogController = new CustomDialogController({
+    alignment: DialogAlignment.Center,
+    showInSubWindow: true,
+    cancel: () => {
+      this.session?.sendData({'uri': this.successUri});
+    },
+    builder: AlertDialog({
+      primaryTitle: $r('app.string.cert_install_success'),
+      content: $r('app.string.cert_install_success_tip'),
+      primaryButton: {
+        value: $r('app.string.OK'),
+        action: () => {
+          this.session?.sendData({'uri': this.successUri});
+        }
+      }
+    })
+  });
+
+  rootCertificateDialog: CustomDialogController = new CustomDialogController({
+    alignment: DialogAlignment.Center,
+    showInSubWindow: false,
+    cancel: () => {
+      this.session?.terminateSelf();
+    },
+    builder: AlertDialog({
+      primaryTitle: $r('app.string.cert_install_tip', this.callerName),
+      content: $r('app.string.cert_install_warning'),
+      primaryButton: {
+        value: $r('app.string.root_certificate_cancel'),
+        action: () => {
+          console.info(TAG, 'USER_CA_STATUS_CONFIRM cancel');
+          this.session?.terminateSelf();
+        }
+      },
+      secondaryButton: {
+        value: $r('app.string.root_certificate_continue'),
+        action: () => {
+          console.info(TAG, 'USER_CA_STATUS_CONFIRM confirm');
+          this.checkUserAuth();
+        }
+      }
+    }),
+  })
+
+  aboutToAppear(): void {
+    let isGranted = this.getCallerName();
+    if (!isGranted) {
+      this.session?.terminateSelf();
+      return;
+    }
+    this.rootCertificateDialog.open();
+  }
+
+  build() {
+  }
+
+  private getCallerName(): boolean {
+    if (this.want === undefined || this.want === null) {
+      console.error(TAG, 'initData, want is undefined');
+      return false;
+    }
+    let parameters = this.want.parameters;
+    if (parameters === undefined || parameters === null) {
+      console.error(TAG, 'initData, parameters is undefined');
+      return false;
+    }
+    let callerName = parameters['bundleName'];
+    if (callerName === undefined || callerName === null) {
+      console.error(TAG, 'getCallerName, callerName is undefined');
+      return false;
+    }
+    this.callerName = 'callerName as string';
+    return true;
+  }
+
+  private handleInstallResult(resultCode: CMModelErrorCode, uri: string) {
+    if (resultCode === CMModelErrorCode.CM_MODEL_ERROR_SUCCESS) {
+      this.successUri = uri;
+      this.installSuccessDialog.open();
+    } else if (resultCode === CMModelErrorCode.CM_MODEL_ERROR_INCORRECT_FORMAT) {
+      this.resultCode = CMModelErrorCode.CM_MODEL_ERROR_INCORRECT_FORMAT;
+      this.installFailedDialogMessage = $r('app.string.Install_ERROR_INCORRECT_FORMAT');
+      this.installFailedDialog.open();
+    } else if (resultCode === CMModelErrorCode.CM_MODEL_ERROR_MAX_QUANTITY_REACHED) {
+      this.resultCode = CMModelErrorCode.CM_MODEL_ERROR_MAX_QUANTITY_REACHED;
+      this.installFailedDialogMessage = $r('app.string.Install_Error_MAX_QUANTITY_REACHED');
+      this.installFailedDialog.open();
+    } else {
+      console.debug(TAG, `result code ${resultCode}, need not show result`);
+      this.session?.terminateSelfWithResult({
+        resultCode: resultCode
+      });
+    }
+  }
+
+  checkUserAuth() {
+    let titleStr = this.context?.resourceManager.getStringSync($r('app.string.Identity_Authentication'));
+    checkUserAuthModel.auth(titleStr, (authResult: boolean) => {
+      if (!authResult) {
+        console.warn(TAG, 'userAuth cancel!');
+        this.session?.terminateSelf();
+        return;
+      }
+      console.info(TAG, 'userAuth success!');
+      this.installCaCertificate();
+    })
+  }
+
+  private async getCertificateData(parameters: Record<string, Object>): Promise<Uint8Array | undefined> {
+    return new Promise<Uint8Array | undefined>(resolve => {
+      let certificateDataObj = parameters['cert'];
+      if (certificateDataObj === undefined || certificateDataObj === null) {
+        console.error(TAG, 'getCertificateData, certificate data is undefined');
+        return resolve(undefined);
+      }
+      new util.Base64Helper().decode(certificateDataObj as string).then((value) => {
+        return resolve(value);
+      }).catch((error: BusinessError) => {
+        console.error(TAG, `decode certificate data err: ${error?.code}, msg: ${error?.message}`);
+        return resolve(undefined);
+      });
+    });
+  }
+
+  private installCaCertificate(): void {
+    if (this.want === undefined || this.want === null) {
+      console.error(TAG, 'initData, want is undefined');
+      return;
+    }
+    let parameters = this.want.parameters;
+    if (parameters === undefined || parameters === null) {
+      console.error(TAG, 'initData, parameters is undefined');
+      return;
+    }
+    this.getCertificateData(parameters).then(data => {
+      if (data === undefined) {
+        console.error(TAG, 'installCaCertificate, certificate data is undefined');
+        this.session?.terminateSelf();
+        return;
+      }
+      certManagerModel.installCertOrCred(CMModelOptType.CM_MODEL_OPT_USER_CA, '', data,
+        '', (resultCode: CMModelErrorCode, uri: string) => {
+          console.info(TAG, `installCertOrCred result: ${resultCode}`);
+          this.handleInstallResult(resultCode, uri);
+        });
+    })
+  }
+}

CertManager/src/main/resources/base/element/string.json

@@ -411,6 +411,25 @@
     {
       "name": "system_credentials",
       "value": "系统凭据"
+    },
+    {
+      "name": "cert_install_success",
+      "value": "安装成功"
+    },
+    {
+      "name": "cert_install_failed",
+      "value": "安装失败"
+    },
+    { "name": "cert_install_tip",
+      "value": "“%s”请求安装CA 证书"
+    },
+    {
+      "name": "cert_install_success_tip",
+      "value": "CA 证书已安装。"
+    },
+    {
+      "name":"cert_install_warning",
+      "value":"为网站启用此证书将允许第三方查看发送给网站的任何私人数据。"
     }
   ]
 }

CertManager/src/main/resources/base/profile/main_pages.json

@@ -6,6 +6,7 @@
     "pages/cerEvidenceFa",
     "pages/requestAuth",
     "pages/certInstallFromStorage",
+    "pages/CertificateInstallPage",
     "pages/picker/CertManagerSheetFa"
   ]
 }

CertManager/src/main/resources/en_US/element/string.json

@@ -411,6 +411,26 @@
     {
       "name": "system_credentials",
       "value": "System credentials"
+    },
+    {
+      "name": "cert_install_success",
+      "value": "Installation succeeded"
+    },
+    {
+      "name": "cert_install_failed",
+      "value": "Installation failed"
+    },
+    {
+      "name": "cert_install_tip",
+      "value": "\"%s\" is requesting to install the CA certificate"
+    },
+    {
+      "name": "cert_install_success_tip",
+      "value": "CA certificate installed."
+    },
+    {
+      "name":"cert_install_warning",
+      "value":"Enabling this certificate for a website will allow third parties to view any private data sent to the website."
     }
   ]
 }