diff --git a/param/useriam.para b/param/useriam.para index 62159cd30..2e9bea6df 100644 --- a/param/useriam.para +++ b/param/useriam.para @@ -12,4 +12,3 @@ # limitations under the License. bootevent.useriam.fwkready=false -persist.useriam.enable.fingerprintauth=true diff --git a/param/useriam.para.dac b/param/useriam.para.dac index ddbc067d1..bb810cc51 100644 --- a/param/useriam.para.dac +++ b/param/useriam.para.dac @@ -12,4 +12,3 @@ # limitations under the License. bootevent.useriam.fwkready=useriam:useriam:0755 -persist.useriam.enable.fingerprintauth=useriam:useriam:0775 diff --git a/services/core/BUILD.gn b/services/core/BUILD.gn index d0fafa58b..74b5dd408 100644 --- a/services/core/BUILD.gn +++ b/services/core/BUILD.gn @@ -68,7 +68,6 @@ ohos_source_set("userauth_service_core") { "src/schedule_node_impl.cpp", "src/schedule_resource_node_listener.cpp", "src/secure_user_info_impl.cpp", - "src/system_param_manager.cpp", "src/template_cache_manager.cpp", "src/update_pin_param_impl.cpp", "src/user_idm_database_impl.cpp", diff --git a/services/core/inc/system_param_manager.h b/services/core/inc/system_param_manager.h deleted file mode 100644 index c3e6513ec..000000000 --- a/services/core/inc/system_param_manager.h +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef SYSTEM_PARAM_MANAGER -#define SYSTEM_PARAM_MANAGER - -#include - -namespace OHOS { -namespace UserIam { -namespace UserAuth { -class SystemParamManager { -public: - static SystemParamManager &GetInstance(); - void Start(); - void UpdateFingerAuthEnable(bool isFingerAuthEnable); - bool IsAuthTypeEnable(int32_t authType); - -private: - SystemParamManager(); - ~SystemParamManager() = default; - - std::recursive_mutex recursiveMutex_; - bool isFingerAuthEnable_ = false; -}; -} // namespace UserAuth -} // namespace UserIam -} // namespace OHOS - -#endif // SYSTEM_PARAM_MANAGER \ No newline at end of file diff --git a/services/core/src/auth_widget_helper.cpp b/services/core/src/auth_widget_helper.cpp index 86bb5a2bc..00523612a 100644 --- a/services/core/src/auth_widget_helper.cpp +++ b/services/core/src/auth_widget_helper.cpp @@ -21,7 +21,6 @@ #include "iam_check.h" #include "iam_logger.h" #include "resource_node_pool.h" -#include "system_param_manager.h" #include "user_idm_database.h" #include "widget_client.h" @@ -137,10 +136,6 @@ int32_t AuthWidgetHelper::CheckValidSolution(int32_t userId, std::vector validTypes; uint32_t inputAtl = atl; for (auto &type : authTypeList) { - if (!SystemParamManager::GetInstance().IsAuthTypeEnable(type)) { - IAM_LOGE("authType:%{public}d not enable", type); - continue; - } inputAuthType.emplace_back(static_cast(type)); } int32_t result = hdi->GetValidSolution(userId, inputAuthType, inputAtl, validTypes); diff --git a/services/core/src/system_param_manager.cpp b/services/core/src/system_param_manager.cpp deleted file mode 100644 index d1d471f61..000000000 --- a/services/core/src/system_param_manager.cpp +++ /dev/null @@ -1,159 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "system_param_manager.h" - -#include "iservice_registry.h" -#include "parameter.h" -#include "system_ability_definition.h" -#include "system_ability_status_change_stub.h" - -#include "iam_check.h" -#include "iam_common_defines.h" -#include "iam_logger.h" - -#define LOG_TAG "USER_AUTH_SA" - -namespace OHOS { -namespace UserIam { -namespace UserAuth { -namespace { -const char SYSTEM_VALUE_TRUE[] = "true"; -const char IAM_ENABLE_FINGERPRINT_PARAM[] = "persist.useriam.enable.fingerprintauth"; - -bool IsEnableValue(const char *value) -{ - return (strcmp(value, SYSTEM_VALUE_TRUE) == 0); -} - -void ParameterChange(const char *key, const char *value, void *context) -{ - if ((key == nullptr) || (value == nullptr)) { - IAM_LOGE("return invalid param"); - return; - } - IAM_LOGI("receive param %{public}s:%{public}s", key, value); - if (strcmp(key, IAM_ENABLE_FINGERPRINT_PARAM) != 0) { - IAM_LOGE("event key mismatch"); - return; - } - SystemParamManager::GetInstance().UpdateFingerAuthEnable(IsEnableValue(value)); -} -} - -class SystemParamServiceStatusListener : public OHOS::SystemAbilityStatusChangeStub, public NoCopyable { -public: - static void Subscribe(); - - void OnAddSystemAbility(int32_t systemAbilityId, const std::string &deviceId) override; - void OnRemoveSystemAbility(int32_t systemAbilityId, const std::string &deviceId) override; - -private: - static sptr GetInstance(); - - SystemParamServiceStatusListener() {}; - ~SystemParamServiceStatusListener() override {}; -}; - -void SystemParamServiceStatusListener::OnAddSystemAbility(int32_t systemAbilityId, const std::string &deviceId) -{ - if (systemAbilityId != PARAM_WATCHER_DISTRIBUTED_SERVICE_ID) { - return; - } - - IAM_LOGI("param watcher service add process begin"); - int32_t ret = WatchParameter(IAM_ENABLE_FINGERPRINT_PARAM, ParameterChange, nullptr); - if (ret != 0) { - IAM_LOGE("WatchParameter fail %{public}d", ret); - } - IAM_LOGI("param watcher service add process finish"); -} - -void SystemParamServiceStatusListener::OnRemoveSystemAbility(int32_t systemAbilityId, const std::string &deviceId) -{ - if (systemAbilityId != PARAM_WATCHER_DISTRIBUTED_SERVICE_ID) { - return; - } - - IAM_LOGE("param watcher service remove process begin"); - int32_t ret = RemoveParameterWatcher(IAM_ENABLE_FINGERPRINT_PARAM, ParameterChange, nullptr); - if (ret != 0) { - IAM_LOGE("RemoveParameterWatcher fail %{public}d", ret); - } - IAM_LOGI("param watcher service remove process finish"); -} - -sptr SystemParamServiceStatusListener::GetInstance() -{ - static sptr listener(new (std::nothrow) SystemParamServiceStatusListener()); - if (listener == nullptr) { - IAM_LOGE("SystemParamServiceStatusListener is null"); - } - return listener; -} - -void SystemParamServiceStatusListener::Subscribe() -{ - auto sam = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); - if (sam == nullptr) { - IAM_LOGE("failed to get SA manager"); - return; - } - - auto instance = GetInstance(); - IF_FALSE_LOGE_AND_RETURN(instance != NULL); - - int32_t ret = sam->SubscribeSystemAbility(PARAM_WATCHER_DISTRIBUTED_SERVICE_ID, instance); - if (ret != ERR_OK) { - IAM_LOGE("failed to subscribe param watcher service status"); - return; - } - - IAM_LOGI("subscribe param watcher service status success"); -} - -SystemParamManager::SystemParamManager() -{} - -SystemParamManager &SystemParamManager::GetInstance() -{ - static SystemParamManager systemParamManager; - return systemParamManager; -} - -void SystemParamManager::Start() -{ - SystemParamServiceStatusListener::Subscribe(); -} - -void SystemParamManager::UpdateFingerAuthEnable(bool isFingerAuthEnable) -{ - std::lock_guard lock(recursiveMutex_); - IAM_LOGI("UpdateFingerAuthEnable %{public}d", isFingerAuthEnable); - isFingerAuthEnable_ = isFingerAuthEnable; -} - -bool SystemParamManager::IsAuthTypeEnable(int32_t authType) -{ - std::lock_guard lock(recursiveMutex_); - if ((authType == AuthType::FINGERPRINT) && !isFingerAuthEnable_) { - IAM_LOGI("fingerprint not enable"); - return false; - } - return true; -} -} // namespace UserAuth -} // namespace UserIam -} // namespace OHOS \ No newline at end of file diff --git a/services/ipc/inc/user_idm_service.h b/services/ipc/inc/user_idm_service.h index 5b4f3db3a..11f0f0361 100644 --- a/services/ipc/inc/user_idm_service.h +++ b/services/ipc/inc/user_idm_service.h @@ -60,8 +60,6 @@ protected: void OnStop() override; private: - bool CheckEnrollPermissionAndEnableStatus( - const std::shared_ptr &contextCallback, AuthType authType); int32_t CancelCurrentEnroll(); void CancelCurrentEnrollIfExist(); int32_t GetSecInfoInner(int32_t userId, SecUserInfo &secUserInfo); diff --git a/services/ipc/src/user_auth_service.cpp b/services/ipc/src/user_auth_service.cpp index 0615c7fc6..811ffedbb 100644 --- a/services/ipc/src/user_auth_service.cpp +++ b/services/ipc/src/user_auth_service.cpp @@ -35,7 +35,6 @@ #include "ipc_common.h" #include "ipc_skeleton.h" #include "keyguard_status_listener.h" -#include "system_param_manager.h" #include "soft_bus_manager.h" #include "widget_client.h" #include "remote_msg_util.h" @@ -159,7 +158,6 @@ void UserAuthService::OnStart() if (!Publish(this)) { IAM_LOGE("failed to publish service"); } - SystemParamManager::GetInstance().Start(); SoftBusManager::GetInstance().Start(); KeyguardStatusListenerManager::GetInstance().RegisterKeyguardStatusSwitchCallback(); } @@ -188,8 +186,7 @@ int32_t UserAuthService::GetAvailableStatus(int32_t apiVersion, AuthType authTyp IAM_LOGE("failed to check permission"); return CHECK_PERMISSION_FAILED; } - if ((apiVersion <= API_VERSION_8 && authType == PIN) || - !SystemParamManager::GetInstance().IsAuthTypeEnable(authType)) { + if (apiVersion <= API_VERSION_8 && authType == PIN) { IAM_LOGE("authType not support"); return TYPE_NOT_SUPPORT; } @@ -368,7 +365,7 @@ int32_t UserAuthService::CheckAuthPermissionAndParam(int32_t authType, const int IAM_LOGE("failed to check foreground application"); return CHECK_PERMISSION_FAILED; } - if ((authType == PIN) || !SystemParamManager::GetInstance().IsAuthTypeEnable(authType)) { + if (authType == PIN) { IAM_LOGE("authType not support"); return TYPE_NOT_SUPPORT; } @@ -509,11 +506,6 @@ bool UserAuthService::CheckAuthPermissionAndParam(AuthType authType, AuthTrustLe contextCallback->OnResult(CHECK_PERMISSION_FAILED, extraInfo); return false; } - if (!SystemParamManager::GetInstance().IsAuthTypeEnable(authType)) { - IAM_LOGE("auth type not support"); - contextCallback->OnResult(TYPE_NOT_SUPPORT, extraInfo); - return false; - } return true; } @@ -692,7 +684,7 @@ uint64_t UserAuthService::Identify(const std::vector &challenge, AuthTy callback->OnResult(GENERAL_ERROR, extraInfo); return BAD_CONTEXT_ID; } - if ((authType == PIN) || !SystemParamManager::GetInstance().IsAuthTypeEnable(authType)) { + if (authType == PIN) { IAM_LOGE("type not support %{public}d", authType); contextCallback->OnResult(TYPE_NOT_SUPPORT, extraInfo); return BAD_CONTEXT_ID; @@ -1061,8 +1053,7 @@ int32_t UserAuthService::GetEnrolledState(int32_t apiVersion, AuthType authType, return CHECK_PERMISSION_FAILED; } - if (apiVersion < API_VERSION_12 || - !SystemParamManager::GetInstance().IsAuthTypeEnable(authType)) { + if (apiVersion < API_VERSION_12) { IAM_LOGE("failed to check apiVersion"); return TYPE_NOT_SUPPORT; } diff --git a/services/ipc/src/user_idm_service.cpp b/services/ipc/src/user_idm_service.cpp index 8f8768cb8..b95b02c6d 100644 --- a/services/ipc/src/user_idm_service.cpp +++ b/services/ipc/src/user_idm_service.cpp @@ -32,7 +32,6 @@ #include "publish_event_adapter.h" #include "resource_node_pool.h" #include "resource_node_utils.h" -#include "system_param_manager.h" #include "user_idm_callback_proxy.h" #include "user_idm_database.h" #include "user_idm_session_controller.h" @@ -204,24 +203,6 @@ int32_t UserIdmService::GetSecInfo(int32_t userId, const sptr &contextCallback, AuthType authType) -{ - Attributes extraInfo; - if (!IpcCommon::CheckPermission(*this, MANAGE_USER_IDM_PERMISSION)) { - IAM_LOGE("failed to check permission"); - contextCallback->OnResult(CHECK_PERMISSION_FAILED, extraInfo); - return false; - } - - if (!SystemParamManager::GetInstance().IsAuthTypeEnable(authType)) { - IAM_LOGE("authType not support"); - contextCallback->OnResult(TYPE_NOT_SUPPORT, extraInfo); - return false; - } - return true; -} - void UserIdmService::StartEnroll(Enrollment::EnrollmentPara ¶, const std::shared_ptr &contextCallback, Attributes &extraInfo) { @@ -262,9 +243,9 @@ void UserIdmService::AddCredential(int32_t userId, const CredentialPara &credPar contextCallback->SetTraceCallerType(callerType); contextCallback->SetTraceUserId(userId); contextCallback->SetTraceAuthType(credPara.authType); - - if (!CheckEnrollPermissionAndEnableStatus(contextCallback, credPara.authType)) { - IAM_LOGE("CheckEnrollPermissionAndEnableStatus fail"); + if (!IpcCommon::CheckPermission(*this, MANAGE_USER_IDM_PERMISSION)) { + IAM_LOGE("failed to check permission"); + contextCallback->OnResult(CHECK_PERMISSION_FAILED, extraInfo); return; } diff --git a/test/fuzztest/common_fuzzer/BUILD.gn b/test/fuzztest/common_fuzzer/BUILD.gn index 5057f8be2..edb4249fa 100644 --- a/test/fuzztest/common_fuzzer/BUILD.gn +++ b/test/fuzztest/common_fuzzer/BUILD.gn @@ -176,7 +176,6 @@ ohos_source_set("userauth_service_core_fuzzer") { "../../../services/core/src/schedule_node_impl.cpp", "../../../services/core/src/schedule_resource_node_listener.cpp", "../../../services/core/src/secure_user_info_impl.cpp", - "../../../services/core/src/system_param_manager.cpp", "../../../services/core/src/template_cache_manager.cpp", "../../../services/core/src/update_pin_param_impl.cpp", "../../../services/core/src/user_idm_database_impl.cpp", diff --git a/test/unittest/services/BUILD.gn b/test/unittest/services/BUILD.gn index 9d8f9acd9..cfd329ac4 100644 --- a/test/unittest/services/BUILD.gn +++ b/test/unittest/services/BUILD.gn @@ -89,7 +89,6 @@ ohos_unittest("iam_services_test") { "../../../services/core/src/schedule_node_impl.cpp", "../../../services/core/src/schedule_resource_node_listener.cpp", "../../../services/core/src/secure_user_info_impl.cpp", - "../../../services/core/src/system_param_manager.cpp", "../../../services/core/src/template_cache_manager.cpp", "../../../services/core/src/update_pin_param_impl.cpp", "../../../services/core/src/user_idm_database_impl.cpp",