1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "auth_session_fsm.h"
17
18 #include <securec.h>
19
20 #include "anonymizer.h"
21 #include "auth_attest_interface.h"
22 #include "auth_connection.h"
23 #include "auth_device_common_key.h"
24 #include "auth_hichain.h"
25 #include "auth_normalize_request.h"
26 #include "auth_log.h"
27 #include "auth_manager.h"
28 #include "auth_request.h"
29 #include "auth_session_json.h"
30 #include "auth_session_message.h"
31 #include "bus_center_manager.h"
32 #include "lnn_distributed_net_ledger.h"
33 #include "lnn_event.h"
34 #include "lnn_feature_capability.h"
35 #include "softbus_adapter_bt_common.h"
36 #include "softbus_adapter_hitrace.h"
37 #include "softbus_adapter_mem.h"
38 #include "softbus_def.h"
39
40 #define AUTH_TIMEOUT_MS (10 * 1000)
41 #define TO_AUTH_FSM(ptr) CONTAINER_OF(ptr, AuthFsm, fsm)
42 #define SHORT_UDID_HASH_LEN 8
43 #define HICHAIN_RETURN_NOT_TRUSTED (-425919748)
44
45 typedef enum {
46 FSM_MSG_RECV_DEVICE_ID,
47 FSM_MSG_RECV_AUTH_DATA,
48 FSM_MSG_SAVE_SESSION_KEY,
49 FSM_MSG_AUTH_ERROR,
50 FSM_MSG_RECV_DEVICE_INFO,
51 FSM_MSG_RECV_CLOSE_ACK,
52 FSM_MSG_AUTH_FINISH,
53 FSM_MSG_AUTH_TIMEOUT,
54 FSM_MSG_DEVICE_NOT_TRUSTED,
55 FSM_MSG_DEVICE_DISCONNECTED,
56 FSM_MSG_DEVICE_POST_DEVICEID,
57 FSM_MSG_STOP_AUTH_FSM,
58 FSM_MSG_UNKNOWN,
59 } StateMessageType;
60 typedef struct {
61 StateMessageType type;
62 char *msg;
63 } StateMsgMap;
64
65 static const StateMsgMap g_StateMsgMap[] = {
66 {FSM_MSG_RECV_DEVICE_ID, (char *)"RECV_DEVICE_ID"},
67 {FSM_MSG_RECV_AUTH_DATA, (char *)"RECV_AUTH_DATA"},
68 {FSM_MSG_SAVE_SESSION_KEY, (char *)"SAVE_SESSION_KEY"},
69 {FSM_MSG_AUTH_ERROR, (char *)"AUTH_ERROR"},
70 {FSM_MSG_RECV_DEVICE_INFO, (char *)"RECV_DEVICE_INFO"},
71 {FSM_MSG_RECV_CLOSE_ACK, (char *)"RECV_CLOSE_ACK"},
72 {FSM_MSG_AUTH_FINISH, (char *)"AUTH_FINISH"},
73 {FSM_MSG_AUTH_TIMEOUT, (char *)"AUTH_TIMEOUT"},
74 {FSM_MSG_DEVICE_NOT_TRUSTED, (char *)"DEVICE_NOT_TRUSTED"},
75 {FSM_MSG_DEVICE_DISCONNECTED, (char *)"DEVICE_DISCONNECTED"},
76 {FSM_MSG_DEVICE_POST_DEVICEID, (char *)"DEVICE_POST_DEVICEID"},
77 {FSM_MSG_STOP_AUTH_FSM, (char *)"STOP_AUTH_FSM"},
78 {FSM_MSG_UNKNOWN, (char *)"UNKNOWN MSG!!"},
79 };
80
81 typedef struct {
82 uint32_t len;
83 uint8_t data[0];
84 } MessagePara;
85
86 typedef struct {
87 int64_t param1;
88 bool param2;
89 AuthFsm *(*getFunc)(int64_t param1, bool param2);
90 } AuthFsmGetFunc;
91
92 typedef struct {
93 char localIp[IP_LEN];
94 char localBrMac[MAC_LEN];
95 char localBleMac[MAC_LEN];
96 char localUdid[UDID_BUF_LEN];
97 char localNetworkId[NETWORK_ID_BUF_LEN];
98 char localDevName[DEVICE_NAME_BUF_LEN];
99 } AuditReportDevInfo;
100
101 static ListNode g_authFsmList = { &g_authFsmList, &g_authFsmList };
102
103 static void SyncNegotiationEnter(FsmStateMachine *fsm);
104 static bool SyncNegotiationStateProcess(FsmStateMachine *fsm, int32_t msgType, void *para);
105 static void SyncDevIdStateEnter(FsmStateMachine *fsm);
106 static bool SyncDevIdStateProcess(FsmStateMachine *fsm, int32_t msgType, void *para);
107 static void DeviceAuthStateEnter(FsmStateMachine *fsm);
108 static bool DeviceAuthStateProcess(FsmStateMachine *fsm, int32_t msgType, void *para);
109 static bool SyncDevInfoStateProcess(FsmStateMachine *fsm, int32_t msgType, void *para);
110 static void AuthFsmDeinitCallback(FsmStateMachine *fsm);
111
112 static FsmState g_states[STATE_NUM_MAX] = {
113 [STATE_SYNC_NEGOTIATION] = {
114 .enter = SyncNegotiationEnter,
115 .process = SyncNegotiationStateProcess,
116 .exit = NULL,
117 },
118 [STATE_SYNC_DEVICE_ID] = {
119 .enter = SyncDevIdStateEnter,
120 .process = SyncDevIdStateProcess,
121 .exit = NULL,
122 },
123 [STATE_DEVICE_AUTH] = {
124 .enter = DeviceAuthStateEnter,
125 .process = DeviceAuthStateProcess,
126 .exit = NULL,
127 },
128 [STATE_SYNC_DEVICE_INFO] = {
129 .enter = NULL,
130 .process = SyncDevInfoStateProcess,
131 .exit = NULL,
132 },
133 };
134
FsmMsgTypeToStr(int32_t type)135 static char *FsmMsgTypeToStr(int32_t type)
136 {
137 if (type < FSM_MSG_RECV_DEVICE_ID || type >= FSM_MSG_UNKNOWN) {
138 return g_StateMsgMap[FSM_MSG_UNKNOWN].msg;
139 }
140 return g_StateMsgMap[type].msg;
141 }
142
TranslateToAuthFsm(FsmStateMachine * fsm,int32_t msgType,MessagePara * para)143 static AuthFsm *TranslateToAuthFsm(FsmStateMachine *fsm, int32_t msgType, MessagePara *para)
144 {
145 if (fsm == NULL) {
146 AUTH_LOGE(AUTH_FSM, "fsm is null");
147 return NULL;
148 }
149 AuthFsm *authFsm = TO_AUTH_FSM(fsm);
150 if (authFsm == NULL) {
151 AUTH_LOGE(AUTH_FSM, "authFsm is null");
152 return NULL;
153 }
154 if (authFsm->isDead) {
155 AUTH_LOGE(AUTH_FSM, "auth fsm has dead. authSeq=%{public}" PRId64 "", authFsm->authSeq);
156 return NULL;
157 }
158 /* check para */
159 if ((msgType != FSM_MSG_AUTH_TIMEOUT && msgType != FSM_MSG_DEVICE_NOT_TRUSTED &&
160 msgType != FSM_MSG_DEVICE_DISCONNECTED && msgType != FSM_MSG_STOP_AUTH_FSM) && para == NULL) {
161 AUTH_LOGE(AUTH_FSM, "invalid msgType. msgType=%{public}d", msgType);
162 return NULL;
163 }
164 return authFsm;
165 }
166
GetNextAuthFsmId(void)167 static uint32_t GetNextAuthFsmId(void)
168 {
169 static uint32_t authFsmId = 0;
170 return ++authFsmId;
171 }
172
IsNeedExchangeNetworkId(uint32_t feature,AuthCapability capaBit)173 static bool IsNeedExchangeNetworkId(uint32_t feature, AuthCapability capaBit)
174 {
175 return ((feature & (1 << (uint32_t)capaBit)) != 0);
176 }
177
AddUdidInfo(uint32_t requestId,bool isServer,AuthConnInfo * connInfo)178 static void AddUdidInfo(uint32_t requestId, bool isServer, AuthConnInfo *connInfo)
179 {
180 if (isServer) {
181 AUTH_LOGD(AUTH_FSM, "is not client");
182 return;
183 }
184 AuthRequest request;
185 (void)memset_s(&request, sizeof(request), 0, sizeof(request));
186 if (GetAuthRequestNoLock(requestId, &request) != SOFTBUS_OK) {
187 AUTH_LOGE(AUTH_FSM, "get auth request fail");
188 return;
189 }
190 switch (connInfo->type) {
191 case AUTH_LINK_TYPE_BR:
192 break;
193 case AUTH_LINK_TYPE_WIFI:
194 (void)memcpy_s(connInfo->info.ipInfo.deviceIdHash, UDID_HASH_LEN, request.connInfo.info.ipInfo.deviceIdHash,
195 UDID_HASH_LEN);
196 break;
197 case AUTH_LINK_TYPE_BLE:
198 (void)memcpy_s(connInfo->info.bleInfo.deviceIdHash, UDID_HASH_LEN,
199 request.connInfo.info.bleInfo.deviceIdHash, UDID_HASH_LEN);
200 break;
201 case AUTH_LINK_TYPE_P2P:
202 case AUTH_LINK_TYPE_ENHANCED_P2P:
203 if (strcpy_s(connInfo->info.ipInfo.udid, UDID_BUF_LEN, request.connInfo.info.ipInfo.udid) != EOK) {
204 AUTH_LOGE(AUTH_FSM, "strcpy udid fail");
205 return;
206 }
207 break;
208 default :
209 AUTH_LOGE(AUTH_FSM, "error type");
210 }
211 }
212
ProcAuthFsm(uint32_t requestId,bool isServer,AuthFsm * authFsm)213 static int32_t ProcAuthFsm(uint32_t requestId, bool isServer, AuthFsm *authFsm)
214 {
215 AuthRequest request;
216 NodeInfo nodeInfo;
217 (void)memset_s(&request, sizeof(request), 0, sizeof(request));
218 (void)memset_s(&nodeInfo, sizeof(nodeInfo), 0, sizeof(nodeInfo));
219 AddUdidInfo(requestId, isServer, &authFsm->info.connInfo);
220 if (authFsm->info.connInfo.type == AUTH_LINK_TYPE_BLE) {
221 if (GetAuthRequestNoLock(requestId, &request) != SOFTBUS_OK) {
222 AUTH_LOGE(AUTH_FSM, "get auth request fail");
223 return SOFTBUS_ERR;
224 }
225 char udidHash[SHORT_UDID_HASH_HEX_LEN + 1] = {0};
226 int32_t ret = ConvertBytesToHexString(udidHash, SHORT_UDID_HASH_HEX_LEN + 1,
227 (const unsigned char *)request.connInfo.info.bleInfo.deviceIdHash, SHORT_UDID_HASH_LEN);
228 if (ret == SOFTBUS_OK && LnnRetrieveDeviceInfo((const char *)udidHash, &nodeInfo) == SOFTBUS_OK &&
229 IsNeedExchangeNetworkId(nodeInfo.authCapacity, BIT_SUPPORT_EXCHANGE_NETWORKID)) {
230 AUTH_LOGI(AUTH_FSM, "LnnRetrieveDeviceInfo success");
231 authFsm->info.idType = EXCHANGE_NETWORKID;
232 }
233 }
234 return SOFTBUS_OK;
235 }
236
FillSessionInfoModule(uint32_t requestId,AuthSessionInfo * info)237 static int32_t FillSessionInfoModule(uint32_t requestId, AuthSessionInfo *info)
238 {
239 if (!info->isServer) {
240 AuthRequest request;
241 (void)memset_s(&request, sizeof(request), 0, sizeof(request));
242 int32_t ret = GetAuthRequestNoLock(requestId, &request);
243 if (ret != SOFTBUS_OK) {
244 AUTH_LOGE(AUTH_FSM, "get auth request fail");
245 return ret;
246 }
247 info->module = request.module;
248 }
249 return SOFTBUS_OK;
250 }
251
CreateAuthFsm(int64_t authSeq,uint32_t requestId,uint64_t connId,const AuthConnInfo * connInfo,bool isServer)252 static AuthFsm *CreateAuthFsm(int64_t authSeq, uint32_t requestId, uint64_t connId,
253 const AuthConnInfo *connInfo, bool isServer)
254 {
255 AuthFsm *authFsm = (AuthFsm *)SoftBusCalloc(sizeof(AuthFsm));
256 if (authFsm == NULL) {
257 AUTH_LOGE(AUTH_FSM, "malloc AuthFsm fail");
258 return NULL;
259 }
260 authFsm->id = GetNextAuthFsmId();
261 authFsm->authSeq = authSeq;
262 authFsm->info.requestId = requestId;
263 authFsm->info.isServer = isServer;
264 authFsm->info.isConnectServer = isServer;
265 authFsm->info.connId = connId;
266 authFsm->info.connInfo = *connInfo;
267 authFsm->info.version = SOFTBUS_NEW_V2;
268 authFsm->info.idType = EXCHANGE_UDID;
269 if (FillSessionInfoModule(requestId, &authFsm->info) != SOFTBUS_OK) {
270 AUTH_LOGE(AUTH_FSM, "fill module fail");
271 return NULL;
272 }
273 if (!isServer) {
274 if (ProcAuthFsm(requestId, isServer, authFsm) != SOFTBUS_OK) {
275 SoftBusFree(authFsm);
276 return NULL;
277 }
278 }
279 if (sprintf_s(authFsm->fsmName, sizeof(authFsm->fsmName), "AuthFsm-%u", authFsm->id) == -1) {
280 AUTH_LOGE(AUTH_FSM, "format auth fsm name fail");
281 SoftBusFree(authFsm);
282 return NULL;
283 }
284 if (LnnFsmInit(&authFsm->fsm, NULL, authFsm->fsmName, AuthFsmDeinitCallback) != SOFTBUS_OK) {
285 AUTH_LOGE(AUTH_FSM, "init fsm fail");
286 SoftBusFree(authFsm);
287 return NULL;
288 }
289 for (int32_t i = 0; i < STATE_NUM_MAX; ++i) {
290 LnnFsmAddState(&authFsm->fsm, &g_states[i]);
291 }
292 ListNodeInsert(&g_authFsmList, &authFsm->node);
293 AUTH_LOGI(AUTH_FSM,
294 "create auth fsm. authSeq=%{public}" PRId64 ", name=%{public}s, side=%{public}s, requestId=%{public}u, "
295 "" CONN_INFO, authFsm->authSeq, authFsm->fsmName, GetAuthSideStr(isServer), requestId, CONN_DATA(connId));
296 return authFsm;
297 }
298
DestroyAuthFsm(AuthFsm * authFsm)299 static void DestroyAuthFsm(AuthFsm *authFsm)
300 {
301 AUTH_LOGI(AUTH_FSM, "destroy auth. authSeq=%{public}" PRId64 ", side=%{public}s, requestId=%{public}u",
302 authFsm->authSeq, GetAuthSideStr(authFsm->info.isServer), authFsm->info.requestId);
303 ListDelete(&authFsm->node);
304 if (authFsm->info.deviceInfoData != NULL) {
305 SoftBusFree(authFsm->info.deviceInfoData);
306 authFsm->info.deviceInfoData = NULL;
307 }
308 if (authFsm->info.normalizedKey != NULL) {
309 SoftBusFree(authFsm->info.normalizedKey);
310 authFsm->info.normalizedKey = NULL;
311 }
312 SoftBusFree(authFsm);
313 }
314
AuthFsmDeinitCallback(FsmStateMachine * fsm)315 static void AuthFsmDeinitCallback(FsmStateMachine *fsm)
316 {
317 static uint32_t callCount = 0;
318 AUTH_LOGI(AUTH_FSM, "auth fsm deinit callback enter, callCount=%{public}u", callCount++);
319 if (fsm == NULL) {
320 AUTH_LOGE(AUTH_FSM, "fsm is null");
321 return;
322 }
323 if (!RequireAuthLock()) {
324 return;
325 }
326 DestroyAuthFsm(TO_AUTH_FSM(fsm));
327 ReleaseAuthLock();
328 }
329
NewMessagePara(const uint8_t * data,uint32_t len)330 static MessagePara *NewMessagePara(const uint8_t *data, uint32_t len)
331 {
332 MessagePara *para = (MessagePara *)SoftBusCalloc(sizeof(MessagePara) + len);
333 if (para == NULL) {
334 AUTH_LOGE(AUTH_FSM, "malloc ExchangeDataPara fail");
335 return NULL;
336 }
337 para->len = len;
338 if (data != NULL && len > 0 && memcpy_s(para->data, len, data, len) != EOK) {
339 AUTH_LOGE(AUTH_FSM, "copy data fail");
340 SoftBusFree(para);
341 return NULL;
342 }
343 return para;
344 }
345
FreeMessagePara(MessagePara * para)346 static void FreeMessagePara(MessagePara *para)
347 {
348 if (para != NULL) {
349 SoftBusFree(para);
350 }
351 }
352
ConvertAuthLinkTypeToHisysEvtLinkType(AuthLinkType type)353 static SoftBusLinkType ConvertAuthLinkTypeToHisysEvtLinkType(AuthLinkType type)
354 {
355 switch (type) {
356 case AUTH_LINK_TYPE_WIFI:
357 return SOFTBUS_HISYSEVT_LINK_TYPE_WLAN;
358 case AUTH_LINK_TYPE_BR:
359 return SOFTBUS_HISYSEVT_LINK_TYPE_BR;
360 case AUTH_LINK_TYPE_BLE:
361 return SOFTBUS_HISYSEVT_LINK_TYPE_BLE;
362 case AUTH_LINK_TYPE_P2P:
363 return SOFTBUS_HISYSEVT_LINK_TYPE_P2P;
364 default:
365 return SOFTBUS_HISYSEVT_LINK_TYPE_BUTT;
366 }
367 }
368
DfxRecordLnnAuthEnd(AuthFsm * authFsm,uint64_t costTime,int32_t reason)369 static void DfxRecordLnnAuthEnd(AuthFsm *authFsm, uint64_t costTime, int32_t reason)
370 {
371 LnnEventExtra extra = { 0 };
372 LnnEventExtraInit(&extra);
373 extra.errcode = reason;
374 extra.authCostTime = (int32_t)costTime;
375 extra.result = (reason == SOFTBUS_OK) ? EVENT_STAGE_RESULT_OK : EVENT_STAGE_RESULT_FAILED;
376
377 if (authFsm != NULL) {
378 extra.authLinkType = authFsm->info.connInfo.type;
379 extra.authId = (int32_t)authFsm->authSeq;
380 extra.authRequestId = (int32_t)authFsm->info.requestId;
381 }
382 LNN_EVENT(EVENT_SCENE_JOIN_LNN, EVENT_STAGE_AUTH, extra);
383 }
384
ReportAuthResultEvt(AuthFsm * authFsm,int32_t result)385 static void ReportAuthResultEvt(AuthFsm *authFsm, int32_t result)
386 {
387 AUTH_LOGE(AUTH_FSM, "report auth result evt enter");
388 SoftBusLinkType linkType = ConvertAuthLinkTypeToHisysEvtLinkType(authFsm->info.connInfo.type);
389 if (linkType == SOFTBUS_HISYSEVT_LINK_TYPE_BUTT) {
390 return;
391 }
392 authFsm->statisticData.endAuthTime = (uint64_t)LnnUpTimeMs();
393 uint64_t costTime = authFsm->statisticData.endAuthTime - authFsm->statisticData.startAuthTime;
394 DfxRecordLnnAuthEnd(authFsm, costTime, result);
395 AuthFailStage stage = AUTH_STAGE_BUTT;
396
397 if (result == SOFTBUS_OK) {
398 if (SoftBusRecordAuthResult(linkType, SOFTBUS_OK, costTime, AUTH_STAGE_BUTT) != SOFTBUS_OK) {
399 AUTH_LOGE(AUTH_FSM, "report static auth result fail");
400 }
401 return;
402 } else if (result == SOFTBUS_AUTH_SYNC_DEVID_FAIL || result == SOFTBUS_AUTH_SYNC_DEVINFO_FAIL ||
403 result == SOFTBUS_AUTH_UNPACK_DEVINFO_FAIL || result == SOFTBUS_AUTH_SEND_FAIL ||
404 result == SOFTBUS_AUTH_NOT_SUPPORT_THREE_STATE) {
405 stage = AUTH_EXCHANGE_STAGE;
406 } else if (result == SOFTBUS_AUTH_DEVICE_DISCONNECTED) {
407 stage = AUTH_CONNECT_STAGE;
408 } else if (result == SOFTBUS_AUTH_HICHAIN_PROCESS_FAIL || result == SOFTBUS_AUTH_TIMEOUT ||
409 result == SOFTBUS_AUTH_HICHAIN_NOT_TRUSTED) {
410 stage = AUTH_VERIFY_STAGE;
411 } else if (result >= SOFTBUS_HICHAIN_MIN && result <= SOFTBUS_HICHAIN_MAX) {
412 stage = AUTH_VERIFY_STAGE;
413 } else {
414 AUTH_LOGE(AUTH_FSM, "unsupport result=%{public}d.", result);
415 return;
416 }
417
418 if (SoftBusRecordAuthResult(linkType, SOFTBUS_ERR, costTime, stage) != SOFTBUS_OK) {
419 AUTH_LOGE(AUTH_FSM, "report static auth result fail");
420 }
421 SoftBusFaultEvtInfo info;
422 (void)memset_s(&info, sizeof(SoftBusFaultEvtInfo), 0, sizeof(SoftBusFaultEvtInfo));
423 info.moduleType = MODULE_TYPE_AUTH;
424 info.linkType = linkType;
425 info.errorCode = result;
426 if (SoftBusReportBusCenterFaultEvt(&info) != SOFTBUS_OK) {
427 AUTH_LOGE(AUTH_FSM, "report buscenter fault evt fail");
428 }
429 }
430
SaveDeviceKey(AuthFsm * authFsm,int32_t keyType,AuthLinkType type)431 static void SaveDeviceKey(AuthFsm *authFsm, int32_t keyType, AuthLinkType type)
432 {
433 AuthDeviceKeyInfo deviceKey;
434 SessionKey sessionKey;
435 (void)memset_s(&deviceKey, sizeof(AuthDeviceKeyInfo), 0, sizeof(AuthDeviceKeyInfo));
436 (void)memset_s(&sessionKey, sizeof(SessionKey), 0, sizeof(SessionKey));
437 if (AuthManagerGetSessionKey(authFsm->authSeq, &authFsm->info, &sessionKey) != SOFTBUS_OK) {
438 AUTH_LOGE(AUTH_FSM, "get session key fail");
439 return;
440 }
441 if (memcpy_s(deviceKey.deviceKey, sizeof(deviceKey.deviceKey),
442 sessionKey.value, sizeof(sessionKey.value)) != EOK) {
443 AUTH_LOGE(AUTH_FSM, "session key cpy fail");
444 (void)memset_s(&sessionKey, sizeof(SessionKey), 0, sizeof(SessionKey));
445 return;
446 }
447 deviceKey.keyLen = sessionKey.len;
448 deviceKey.keyIndex = authFsm->authSeq;
449 deviceKey.keyType = keyType;
450 deviceKey.isServerSide = authFsm->info.isServer;
451 if (AuthInsertDeviceKey(&authFsm->info.nodeInfo, &deviceKey, type) != SOFTBUS_OK) {
452 AUTH_LOGE(AUTH_FSM, "insert deviceKey fail");
453 }
454 (void)memset_s(&deviceKey, sizeof(AuthDeviceKeyInfo), 0, sizeof(AuthDeviceKeyInfo));
455 (void)memset_s(&sessionKey, sizeof(SessionKey), 0, sizeof(SessionKey));
456 }
457
GetAuthFsmByConnInfo(const AuthConnInfo * connInfo,bool isServer)458 static AuthFsm *GetAuthFsmByConnInfo(const AuthConnInfo *connInfo, bool isServer)
459 {
460 AuthFsm *item = NULL;
461 LIST_FOR_EACH_ENTRY(item, &g_authFsmList, AuthFsm, node) {
462 if (!CompareConnInfo(&item->info.connInfo, connInfo, true) || item->info.isConnectServer != isServer) {
463 continue;
464 }
465 if (item->isDead) {
466 AUTH_LOGE(AUTH_FSM, "auth fsm has dead. authSeq=%{public}" PRId64 "", item->authSeq);
467 break;
468 }
469 return item;
470 }
471 return NULL;
472 }
473
ProcessTimeoutErrorCode(AuthFsm * authFsm,int32_t * result)474 static void ProcessTimeoutErrorCode(AuthFsm *authFsm, int32_t *result)
475 {
476 AuthFsmStateIndex curState = authFsm->curState;
477 if (curState == STATE_SYNC_NEGOTIATION || curState == STATE_SYNC_DEVICE_ID) {
478 *result = SOFTBUS_AUTH_SYNC_DEVICEID_TIMEOUT;
479 } else if (curState == STATE_DEVICE_AUTH) {
480 *result = (authFsm->info.normalizedType == NORMALIZED_SUPPORT || authFsm->info.isSupportFastAuth) ?
481 SOFTBUS_AUTH_SAVE_SESSIONKEY_TIMEOUT : SOFTBUS_AUTH_HICHAIN_TIMEOUT;
482 } else if (curState == STATE_SYNC_DEVICE_INFO) {
483 *result = SOFTBUS_AUTH_SYNC_DEVICEINFO_TIMEOUT;
484 } else {
485 AUTH_LOGE(AUTH_FSM, "authFsm state error, curState=%{public}d", curState);
486 }
487 }
488
CompleteAuthSession(AuthFsm * authFsm,int32_t result)489 static void CompleteAuthSession(AuthFsm *authFsm, int32_t result)
490 {
491 SoftbusHitraceStart(SOFTBUS_HITRACE_ID_VALID, (uint64_t)authFsm->authSeq);
492 AUTH_LOGI(AUTH_FSM, "auth fsm complete. authSeq=%{public}" PRId64 ", side=%{public}s, result=%{public}d",
493 authFsm->authSeq, GetAuthSideStr(authFsm->info.isServer), result);
494 ReportAuthResultEvt(authFsm, result);
495 if (result == SOFTBUS_OK) {
496 AuthManagerSetAuthFinished(authFsm->authSeq, &authFsm->info);
497 if (authFsm->info.normalizedType == NORMALIZED_KEY_ERROR) {
498 AUTH_LOGI(AUTH_FSM, "only hichain verify, save the device key");
499 SaveDeviceKey(authFsm, AUTH_LINK_TYPE_NORMALIZED, authFsm->info.connInfo.type);
500 } else if ((authFsm->info.normalizedType == NORMALIZED_NOT_SUPPORT) &&
501 (authFsm->info.connInfo.type == AUTH_LINK_TYPE_BLE) &&
502 !authFsm->info.isSupportFastAuth) {
503 AUTH_LOGI(AUTH_FSM, "save device key for fast auth");
504 SaveDeviceKey(authFsm, AUTH_LINK_TYPE_BLE, AUTH_LINK_TYPE_BLE);
505 }
506 if (!authFsm->info.isServer) {
507 NotifyNormalizeRequestSuccess(authFsm->authSeq, true);
508 }
509 // Disconnect another request and notify auth success
510 if (authFsm->info.isConnectServer && authFsm->info.peerState != AUTH_STATE_COMPATIBLE) {
511 AuthFsm *stopFsm = GetAuthFsmByConnInfo(&authFsm->info.connInfo, !authFsm->info.isConnectServer);
512 if (stopFsm != NULL) {
513 AuthNotifyAuthPassed(stopFsm->authSeq, &stopFsm->info);
514 LnnFsmPostMessage(&stopFsm->fsm, FSM_MSG_STOP_AUTH_FSM, NULL);
515 }
516 }
517 } else {
518 if (result == SOFTBUS_AUTH_TIMEOUT) {
519 ProcessTimeoutErrorCode(authFsm, &result);
520 }
521 LnnFsmRemoveMessage(&authFsm->fsm, FSM_MSG_AUTH_TIMEOUT);
522 if (!authFsm->info.isServer) {
523 NotifyNormalizeRequestFail(authFsm->authSeq, result);
524 }
525 AuthManagerSetAuthFailed(authFsm->authSeq, &authFsm->info, result);
526 }
527
528 authFsm->isDead = true;
529 LnnFsmStop(&authFsm->fsm);
530 LnnFsmDeinit(&authFsm->fsm);
531 SoftbusHitraceStop();
532 }
533
StopAuthFsm(AuthFsm * authFsm)534 static void StopAuthFsm(AuthFsm *authFsm)
535 {
536 authFsm->isDead = true;
537 LnnFsmStop(&authFsm->fsm);
538 LnnFsmDeinit(&authFsm->fsm);
539 }
540
HandleCommonMsg(AuthFsm * authFsm,int32_t msgType,MessagePara * msgPara)541 static void HandleCommonMsg(AuthFsm *authFsm, int32_t msgType, MessagePara *msgPara)
542 {
543 (void)msgPara;
544 switch (msgType) {
545 case FSM_MSG_AUTH_TIMEOUT:
546 AUTH_LOGE(AUTH_FSM, "auth fsm timeout. authSeq=%{public}" PRId64 "", authFsm->authSeq);
547 CompleteAuthSession(authFsm, SOFTBUS_AUTH_TIMEOUT);
548 HichainCancelRequest(authFsm->authSeq);
549 break;
550 case FSM_MSG_DEVICE_NOT_TRUSTED:
551 CompleteAuthSession(authFsm, SOFTBUS_AUTH_HICHAIN_NOT_TRUSTED);
552 HichainCancelRequest(authFsm->authSeq);
553 break;
554 case FSM_MSG_DEVICE_DISCONNECTED:
555 if (authFsm->info.isNodeInfoReceived && authFsm->info.isCloseAckReceived) {
556 AUTH_LOGW(AUTH_FSM,
557 "auth fsm wait for the finish event, ignore this disconnect event. authSeq=%{public}" PRId64 "",
558 authFsm->authSeq);
559 /*
560 * Note: Local hichain NOT onFinish, but remote hichain already onFinish
561 * Regard this situation as auth finish
562 */
563 CompleteAuthSession(authFsm, SOFTBUS_OK);
564 break;
565 }
566 CompleteAuthSession(authFsm, SOFTBUS_AUTH_DEVICE_DISCONNECTED);
567 HichainCancelRequest(authFsm->authSeq);
568 break;
569 case FSM_MSG_STOP_AUTH_FSM:
570 StopAuthFsm(authFsm);
571 break;
572 default:
573 AUTH_LOGE(AUTH_FSM,
574 "auth fsm cannot handle msgType. authSeq=%{public}" PRId64 ", msgType=%{public}d",
575 authFsm->authSeq, msgType);
576 break;
577 }
578 }
579
AddConcurrentAuthRequest(AuthFsm * authFsm)580 static uint32_t AddConcurrentAuthRequest(AuthFsm *authFsm)
581 {
582 uint32_t num = 0;
583 if (strlen(authFsm->info.udidHash) == 0) {
584 AUTH_LOGE(AUTH_FSM, "udidHash is null, authSeq=%{public}" PRId64, authFsm->authSeq);
585 return num;
586 }
587 NormalizeRequest normalizeRequest = {
588 .authSeq = authFsm->authSeq,
589 .connInfo = authFsm->info.connInfo,
590 .isConnectServer = authFsm->info.isConnectServer
591 };
592 if (strcpy_s(normalizeRequest.udidHash, sizeof(normalizeRequest.udidHash), authFsm->info.udidHash) != EOK) {
593 AUTH_LOGE(AUTH_FSM, "strcpy udid hash fail. authSeq=%{public}" PRId64, authFsm->authSeq);
594 return num;
595 }
596 num = AddNormalizeRequest(&normalizeRequest);
597 char *anonyUdidHash = NULL;
598 Anonymize(normalizeRequest.udidHash, &anonyUdidHash);
599 AUTH_LOGI(AUTH_CONN, "add normalize queue, num=%{public}d, udidHash=%{public}s", num, anonyUdidHash);
600 AnonymizeFree(anonyUdidHash);
601 return num;
602 }
603
SyncNegotiationEnter(FsmStateMachine * fsm)604 static void SyncNegotiationEnter(FsmStateMachine *fsm)
605 {
606 if (fsm == NULL) {
607 AUTH_LOGE(AUTH_FSM, "fsm is null");
608 return;
609 }
610 AuthFsm *authFsm = TO_AUTH_FSM(fsm);
611 if (authFsm == NULL) {
612 AUTH_LOGE(AUTH_FSM, "authFsm is null");
613 return;
614 }
615 authFsm->curState = STATE_SYNC_NEGOTIATION;
616 AUTH_LOGI(AUTH_FSM, "SyncNegotiationState: auth fsm enter. authSeq=%{public}" PRId64, authFsm->authSeq);
617 if (!authFsm->info.isServer) {
618 if (PostDeviceIdMessage(authFsm->authSeq, &authFsm->info) != SOFTBUS_OK) {
619 CompleteAuthSession(authFsm, SOFTBUS_AUTH_SYNC_DEVID_FAIL);
620 }
621 }
622 }
623
HandleMsgPostDeviceId(AuthFsm * authFsm,const MessagePara * para)624 static void HandleMsgPostDeviceId(AuthFsm *authFsm, const MessagePara *para)
625 {
626 (void)para;
627 AuthSessionInfo *info = &authFsm->info;
628 if (PostDeviceIdMessage(authFsm->authSeq, info) != SOFTBUS_OK) {
629 CompleteAuthSession(authFsm, SOFTBUS_AUTH_SYNC_DEVID_FAIL);
630 return;
631 }
632 if (info->isServer) {
633 LnnFsmTransactState(&authFsm->fsm, g_states + STATE_DEVICE_AUTH);
634 }
635 }
636
SyncDevIdStateEnter(FsmStateMachine * fsm)637 static void SyncDevIdStateEnter(FsmStateMachine *fsm)
638 {
639 if (fsm == NULL) {
640 AUTH_LOGE(AUTH_FSM, "fsm is null");
641 return;
642 }
643 AuthFsm *authFsm = TO_AUTH_FSM(fsm);
644 if (authFsm == NULL) {
645 AUTH_LOGE(AUTH_FSM, "authFsm is null");
646 return;
647 }
648 authFsm->curState = STATE_SYNC_DEVICE_ID;
649 SoftbusHitraceStart(SOFTBUS_HITRACE_ID_VALID, (uint64_t)authFsm->authSeq);
650 AUTH_LOGI(AUTH_FSM, "SyncDevIdState: auth fsm enter. authSeq=%{public}" PRId64 "", authFsm->authSeq);
651 if (!authFsm->info.isServer) {
652 if (authFsm->info.localState == AUTH_STATE_START) {
653 if (!AuthIsRepeatedAuthRequest(authFsm->authSeq) && AddConcurrentAuthRequest(authFsm) > 1) {
654 AUTH_LOGI(AUTH_FSM, "wait another auth, authSeq=%{public}" PRId64 "", authFsm->authSeq);
655 return;
656 }
657 }
658 if (PostDeviceIdMessage(authFsm->authSeq, &authFsm->info) != SOFTBUS_OK) {
659 CompleteAuthSession(authFsm, SOFTBUS_AUTH_SYNC_DEVID_FAIL);
660 }
661 }
662 SoftbusHitraceStop();
663 }
664
SaveLastAuthSeq(const unsigned char * udidHash,int64_t authSeq)665 static void SaveLastAuthSeq(const unsigned char *udidHash, int64_t authSeq)
666 {
667 AUTH_LOGI(AUTH_FSM, "save auth seq.authSeq=%{public}" PRId64, authSeq);
668 char hashStr[SHORT_UDID_HASH_HEX_LEN + 1] = {0};
669 if (ConvertBytesToHexString(hashStr, SHORT_UDID_HASH_HEX_LEN + 1,
670 udidHash, SHORT_UDID_HASH_HEX_LEN / HEXIFY_UNIT_LEN) != SOFTBUS_OK) {
671 AUTH_LOGE(AUTH_FSM, "convert udidhash to hexstr fail.");
672 return;
673 }
674 NodeInfo deviceInfo;
675 (void)memset_s(&deviceInfo, sizeof(NodeInfo), 0, sizeof(NodeInfo));
676 if (LnnRetrieveDeviceInfo(hashStr, &deviceInfo) != SOFTBUS_OK) {
677 AUTH_LOGE(AUTH_FSM, "no this device info.");
678 return;
679 }
680 deviceInfo.lastAuthSeq = authSeq;
681 if (LnnSaveRemoteDeviceInfo(&deviceInfo) != SOFTBUS_OK) {
682 AUTH_LOGE(AUTH_FSM, "save device info fail.");
683 }
684 }
685
RecoveryNormalizedDeviceKey(AuthFsm * authFsm)686 static int32_t RecoveryNormalizedDeviceKey(AuthFsm *authFsm)
687 {
688 if (authFsm->info.normalizedKey == NULL) {
689 AUTH_LOGE(AUTH_FSM, "normalizedKey is NULL, auth fail");
690 return SOFTBUS_ERR;
691 }
692 uint8_t hash[SHA_256_HASH_LEN] = {0};
693 int32_t ret = SoftBusGenerateStrHash((uint8_t *)authFsm->info.udid, strlen(authFsm->info.udid), hash);
694 if (ret != SOFTBUS_OK) {
695 AUTH_LOGE(AUTH_FSM, "generate udidHash fail");
696 return ret;
697 }
698 char udidShortHash[SHORT_UDID_HASH_HEX_LEN + 1] = {0};
699 if (ConvertBytesToUpperCaseHexString(udidShortHash, SHORT_UDID_HASH_HEX_LEN + 1,
700 hash, SHORT_UDID_HASH_LEN) != SOFTBUS_OK) {
701 AUTH_LOGE(AUTH_FSM, "convert bytes to string fail");
702 return SOFTBUS_ERR;
703 }
704 AuthUpdateNormalizeKeyIndex(udidShortHash, authFsm->info.normalizedIndex, authFsm->info.connInfo.type,
705 authFsm->info.normalizedKey, authFsm->info.isServer);
706 if (authFsm->info.connInfo.type == AUTH_LINK_TYPE_BLE) {
707 SaveLastAuthSeq(hash, authFsm->authSeq);
708 }
709 ret = AuthSessionSaveSessionKey(authFsm->authSeq, authFsm->info.normalizedKey->value,
710 authFsm->info.normalizedKey->len);
711 if (ret != SOFTBUS_OK) {
712 AUTH_LOGE(AUTH_FSM, "post save sessionKey event fail");
713 return SOFTBUS_ERR;
714 }
715 return AuthSessionHandleAuthFinish(authFsm->authSeq);
716 }
717
RecoveryFastAuthKey(AuthFsm * authFsm)718 static int32_t RecoveryFastAuthKey(AuthFsm *authFsm)
719 {
720 AuthDeviceKeyInfo key = {0};
721 uint8_t hash[SHA_256_HASH_LEN] = {0};
722 int32_t ret = SoftBusGenerateStrHash((uint8_t *)authFsm->info.udid, strlen(authFsm->info.udid), hash);
723 if (ret != SOFTBUS_OK) {
724 AUTH_LOGE(AUTH_FSM, "generate udidHash fail");
725 return ret;
726 }
727 char udidShortHash[SHORT_UDID_HASH_HEX_LEN + 1] = {0};
728 if (ConvertBytesToUpperCaseHexString(udidShortHash, SHORT_UDID_HASH_HEX_LEN + 1,
729 hash, SHORT_UDID_HASH_LEN) != SOFTBUS_OK) {
730 AUTH_LOGE(AUTH_FSM, "convert bytes to string fail");
731 return SOFTBUS_ERR;
732 }
733 AuthLinkType linkType = authFsm->info.connInfo.type;
734 if (authFsm->info.connInfo.type == AUTH_LINK_TYPE_ENHANCED_P2P) {
735 // enhanced p2p reuse ble authKey
736 linkType = AUTH_LINK_TYPE_BLE;
737 }
738 if (AuthFindDeviceKey(udidShortHash, linkType, &key) != SOFTBUS_OK) {
739 AUTH_LOGE(AUTH_FSM, "find key fail, fastAuth error");
740 return SOFTBUS_ERR;
741 }
742 AuthUpdateKeyIndex(udidShortHash, authFsm->info.connInfo.type, authFsm->authSeq, authFsm->info.isServer);
743 authFsm->info.oldIndex = key.keyIndex;
744 ret = AuthSessionSaveSessionKey(authFsm->authSeq, key.deviceKey, key.keyLen);
745 if (ret != SOFTBUS_OK) {
746 AUTH_LOGE(AUTH_FSM, "post save sessionKey event");
747 (void)memset_s(&key, sizeof(AuthDeviceKeyInfo), 0, sizeof(AuthDeviceKeyInfo));
748 return ret;
749 }
750 (void)memset_s(&key, sizeof(AuthDeviceKeyInfo), 0, sizeof(AuthDeviceKeyInfo));
751 return AuthSessionHandleAuthFinish(authFsm->authSeq);
752 }
753
AuditReportSetPeerDevInfo(LnnAuditExtra * lnnAuditExtra,AuthSessionInfo * info)754 static void AuditReportSetPeerDevInfo(LnnAuditExtra *lnnAuditExtra, AuthSessionInfo *info)
755 {
756 if (lnnAuditExtra == NULL || info == NULL) {
757 AUTH_LOGE(AUTH_FSM, "lnnAuditExtra or info is null");
758 return;
759 }
760 char *anonyBrMac = NULL;
761 char *anonyBleMac = NULL;
762 char *anonyIp = NULL;
763 switch (info->connInfo.type) {
764 case AUTH_LINK_TYPE_BR:
765 Anonymize(info->connInfo.info.brInfo.brMac, &anonyBrMac);
766 if (strcpy_s((char *)lnnAuditExtra->peerBrMac, BT_MAC_LEN, anonyBrMac) != EOK) {
767 AUTH_LOGE(AUTH_FSM, "BR MAC COPY ERROR");
768 }
769 AnonymizeFree(anonyBrMac);
770 break;
771 case AUTH_LINK_TYPE_BLE:
772 Anonymize(info->connInfo.info.bleInfo.bleMac, &anonyBleMac);
773 if (strcpy_s((char *)lnnAuditExtra->peerBleMac, BT_MAC_LEN, anonyBleMac) != EOK) {
774 AUTH_LOGE(AUTH_FSM, "BLE MAC COPY ERROR");
775 }
776 AnonymizeFree(anonyBleMac);
777 break;
778 case AUTH_LINK_TYPE_WIFI:
779 case AUTH_LINK_TYPE_P2P:
780 case AUTH_LINK_TYPE_ENHANCED_P2P:
781 Anonymize(info->connInfo.info.ipInfo.ip, &anonyIp);
782 if (strcpy_s((char *)lnnAuditExtra->peerIp, IP_STR_MAX_LEN, anonyIp) != EOK) {
783 AUTH_LOGE(AUTH_FSM, "IP COPY ERROR");
784 }
785 AnonymizeFree(anonyIp);
786 lnnAuditExtra->peerAuthPort = info->connInfo.info.ipInfo.port;
787 break;
788 default:
789 AUTH_LOGW(AUTH_FSM, "unknow param type!");
790 break;
791 }
792 }
793
GetLocalDevReportInfo(AuditReportDevInfo * reportInfo,LnnAuditExtra * lnnAuditExtra)794 static void GetLocalDevReportInfo(AuditReportDevInfo *reportInfo, LnnAuditExtra *lnnAuditExtra)
795 {
796 (void)LnnGetLocalStrInfo(STRING_KEY_WLAN_IP, reportInfo->localIp, IP_LEN);
797 char *anonyLocalIp = NULL;
798 Anonymize(reportInfo->localIp, &anonyLocalIp);
799 if (strcpy_s((char *)lnnAuditExtra->localIp, IP_LEN, anonyLocalIp) != EOK) {
800 AUTH_LOGE(AUTH_FSM, "LOCAL IP COPY ERROR");
801 }
802 AnonymizeFree(anonyLocalIp);
803
804 (void)LnnGetLocalStrInfo(STRING_KEY_BT_MAC, reportInfo->localBrMac, MAC_LEN);
805 char *anonyLocalBrMac = NULL;
806 Anonymize(reportInfo->localBrMac, &anonyLocalBrMac);
807 if (strcpy_s((char *)lnnAuditExtra->localBrMac, MAC_LEN, anonyLocalBrMac) != EOK) {
808 AUTH_LOGE(AUTH_FSM, "LOCAL BR MAC COPY ERROR");
809 }
810 AnonymizeFree(anonyLocalBrMac);
811
812 (void)LnnGetLocalStrInfo(STRING_KEY_BLE_MAC, reportInfo->localBleMac, MAC_LEN);
813 char *anonyLocalBleMac = NULL;
814 Anonymize(reportInfo->localBleMac, &anonyLocalBleMac);
815 if (strcpy_s((char *)lnnAuditExtra->localBleMac, MAC_LEN, anonyLocalBleMac) != EOK) {
816 AUTH_LOGE(AUTH_FSM, "LOCAL BLE MAC COPY ERROR");
817 }
818 AnonymizeFree(anonyLocalBleMac);
819
820 (void)LnnGetLocalStrInfo(STRING_KEY_NETWORKID, reportInfo->localNetworkId, NETWORK_ID_BUF_LEN);
821 char *anonyLocalNetworkId = NULL;
822 Anonymize(reportInfo->localNetworkId, &anonyLocalNetworkId);
823 if (strcpy_s((char *)lnnAuditExtra->localNetworkId, NETWORK_ID_BUF_LEN, anonyLocalNetworkId) != EOK) {
824 AUTH_LOGE(AUTH_FSM, "LOCAL NETWORKID COPY ERROR");
825 }
826 AnonymizeFree(anonyLocalNetworkId);
827
828 (void)LnnGetLocalStrInfo(STRING_KEY_DEV_NAME, reportInfo->localDevName, DEVICE_NAME_BUF_LEN);
829 char *anonyLocalDevName = NULL;
830 Anonymize(reportInfo->localDevName, &anonyLocalDevName);
831 if (strcpy_s((char *)lnnAuditExtra->localDevName, DEVICE_NAME_BUF_LEN, anonyLocalDevName) != EOK) {
832 AUTH_LOGE(AUTH_FSM, "LOCAL DEVICE NAME COPY ERROR");
833 }
834 AnonymizeFree(anonyLocalDevName);
835 }
836
AuditReportSetLocalDevInfo(LnnAuditExtra * lnnAuditExtra)837 static void AuditReportSetLocalDevInfo(LnnAuditExtra *lnnAuditExtra)
838 {
839 if (lnnAuditExtra == NULL) {
840 AUTH_LOGE(AUTH_FSM, "lnnAuditExtra is null");
841 return;
842 }
843 AuditReportDevInfo reportInfo;
844 (void)memset_s(&reportInfo, sizeof(AuditReportDevInfo), 0, sizeof(AuditReportDevInfo));
845 GetLocalDevReportInfo(&reportInfo, lnnAuditExtra);
846 (void)LnnGetLocalNumInfo(NUM_KEY_AUTH_PORT, &lnnAuditExtra->localAuthPort);
847 (void)LnnGetLocalNumInfo(NUM_KEY_PROXY_PORT, &lnnAuditExtra->localProxyPort);
848 (void)LnnGetLocalNumInfo(NUM_KEY_SESSION_PORT, &lnnAuditExtra->localSessionPort);
849 (void)LnnGetLocalNumInfo(NUM_KEY_DEV_TYPE_ID, &lnnAuditExtra->localDevType);
850 char udid[UDID_BUF_LEN] = {0};
851 uint8_t udidHash[SHA_256_HASH_LEN] = {0};
852 if (LnnGetLocalStrInfo(STRING_KEY_DEV_UDID, udid, UUID_BUF_LEN) != SOFTBUS_OK) {
853 AUTH_LOGE(AUTH_FSM, "get local udid fail");
854 return;
855 }
856 int32_t ret = SoftBusGenerateStrHash((const unsigned char *)udid, strlen(udid), udidHash);
857 if (ret != SOFTBUS_OK) {
858 AUTH_LOGE(AUTH_FSM, "generate udid hash fail");
859 return;
860 }
861 if (ConvertBytesToUpperCaseHexString(reportInfo.localUdid, SHA_256_HEX_HASH_LEN, udidHash, SHA_256_HASH_LEN) !=
862 SOFTBUS_OK) {
863 AUTH_LOGE(AUTH_FSM, "convert hash to upper hex str fail");
864 }
865 char *anonyLocalUdid = NULL;
866 Anonymize(reportInfo.localUdid, &anonyLocalUdid);
867 if (strcpy_s((char *)lnnAuditExtra->localUdid, SHA_256_HEX_HASH_LEN, anonyLocalUdid) != EOK) {
868 AUTH_LOGE(AUTH_FSM, "LOCAL UDID COPY ERROR");
869 }
870 AnonymizeFree(anonyLocalUdid);
871 }
872
BuildLnnAuditEvent(LnnAuditExtra * lnnAuditExtra,AuthSessionInfo * info,int32_t result,int32_t errCode,SoftbusAuditType auditType)873 static void BuildLnnAuditEvent(LnnAuditExtra *lnnAuditExtra, AuthSessionInfo *info, int32_t result,
874 int32_t errCode, SoftbusAuditType auditType)
875 {
876 if (lnnAuditExtra == NULL || info == NULL) {
877 AUTH_LOGE(AUTH_FSM, "lnnAuditExtra or info is null");
878 return;
879 }
880 (void)AuditReportSetPeerDevInfo(lnnAuditExtra, info);
881 (void)AuditReportSetLocalDevInfo(lnnAuditExtra);
882 lnnAuditExtra->result = result;
883 lnnAuditExtra->errCode = errCode;
884 lnnAuditExtra->auditType = auditType;
885 lnnAuditExtra->connId = info->connId;
886 lnnAuditExtra->authLinkType = info->connInfo.type;
887 lnnAuditExtra->authRequestId = info->requestId;
888 (void)LnnGetAllOnlineNodeNum(&(lnnAuditExtra->onlineNum));
889 }
890
ClientSetExchangeIdType(AuthFsm * authFsm)891 static int32_t ClientSetExchangeIdType(AuthFsm *authFsm)
892 {
893 AuthSessionInfo *info = &authFsm->info;
894 if (info->idType == EXCHANGE_FAIL) {
895 AUTH_LOGI(AUTH_FSM, "fsm switch to reauth due to not find networkId");
896 info->idType = EXCHANGE_UDID;
897 LnnFsmTransactState(&authFsm->fsm, g_states + STATE_SYNC_DEVICE_ID);
898 return SOFTBUS_ERR;
899 }
900 return SOFTBUS_OK;
901 }
902
UpdateUdidHashIfEmpty(AuthFsm * authFsm,AuthSessionInfo * info)903 static void UpdateUdidHashIfEmpty(AuthFsm *authFsm, AuthSessionInfo *info)
904 {
905 if (info->connInfo.type == AUTH_LINK_TYPE_BLE && strlen(info->udid) != 0 &&
906 authFsm->info.connInfo.info.bleInfo.deviceIdHash[0] == '\0') {
907 char *anonyUdid = NULL;
908 Anonymize(info->udid, &anonyUdid);
909 AUTH_LOGW(AUTH_FSM, "udidhash is empty, udid=%{public}s", anonyUdid);
910 AnonymizeFree(anonyUdid);
911 if (SoftBusGenerateStrHash((unsigned char *)info->udid, strlen(info->udid),
912 (unsigned char *)authFsm->info.connInfo.info.bleInfo.deviceIdHash) != SOFTBUS_OK) {
913 AUTH_LOGE(AUTH_FSM, "generate udidhash fail");
914 }
915 }
916 }
917
HandleMsgRecvDeviceId(AuthFsm * authFsm,const MessagePara * para)918 static void HandleMsgRecvDeviceId(AuthFsm *authFsm, const MessagePara *para)
919 {
920 int32_t ret = SOFTBUS_OK;
921 AuthSessionInfo *info = &authFsm->info;
922 do {
923 if (ProcessDeviceIdMessage(info, para->data, para->len) != SOFTBUS_OK) {
924 ret = SOFTBUS_AUTH_SYNC_DEVID_FAIL;
925 LnnAuditExtra lnnAuditExtra = {0};
926 BuildLnnAuditEvent(&lnnAuditExtra, info, AUDIT_HANDLE_MSG_FAIL_END_AUTH,
927 ret, AUDIT_EVENT_PACKETS_ERROR);
928 LNN_AUDIT(AUDIT_SCENE_HANDLE_MSG_DEV_ID, lnnAuditExtra);
929 break;
930 }
931 UpdateUdidHashIfEmpty(authFsm, info);
932 if (info->isServer) {
933 if (PostDeviceIdMessage(authFsm->authSeq, info) != SOFTBUS_OK) {
934 ret = SOFTBUS_AUTH_SYNC_DEVID_FAIL;
935 break;
936 }
937 } else {
938 if (info->normalizedType == NORMALIZED_NOT_SUPPORT || info->peerState == AUTH_STATE_COMPATIBLE) {
939 NotifyNormalizeRequestSuccess(authFsm->authSeq, false);
940 }
941 }
942 LnnFsmTransactState(&authFsm->fsm, g_states + STATE_DEVICE_AUTH);
943 } while (false);
944
945 if (ret != SOFTBUS_OK) {
946 AUTH_LOGE(AUTH_FSM, "handle devId msg fail, ret=%{public}d", ret);
947 CompleteAuthSession(authFsm, ret);
948 }
949 }
950
HandleMsgRecvDeviceIdNego(AuthFsm * authFsm,const MessagePara * para)951 static void HandleMsgRecvDeviceIdNego(AuthFsm *authFsm, const MessagePara *para)
952 {
953 int32_t ret = SOFTBUS_OK;
954 AuthSessionInfo *info = &authFsm->info;
955 do {
956 if (ProcessDeviceIdMessage(info, para->data, para->len) != SOFTBUS_OK) {
957 ret = SOFTBUS_AUTH_SYNC_DEVID_FAIL;
958 LnnAuditExtra lnnAuditExtra = {0};
959 BuildLnnAuditEvent(&lnnAuditExtra, info, AUDIT_HANDLE_MSG_FAIL_END_AUTH,
960 ret, AUDIT_EVENT_PACKETS_ERROR);
961 LNN_AUDIT(AUDIT_SCENE_HANDLE_MSG_DEV_ID, lnnAuditExtra);
962 break;
963 }
964 UpdateUdidHashIfEmpty(authFsm, info);
965 if (UpdateLocalAuthState(authFsm->authSeq, &authFsm->info) != SOFTBUS_OK) {
966 AUTH_LOGE(AUTH_FSM, "update auth state fail, authSeq=%{public}" PRId64, authFsm->authSeq);
967 return;
968 }
969 if (info->peerState == AUTH_STATE_COMPATIBLE) {
970 NotifyNormalizeRequestSuccess(authFsm->authSeq, false);
971 }
972 if (info->localState == AUTH_STATE_START) {
973 info->isServer = false;
974 LnnFsmTransactState(&authFsm->fsm, g_states + STATE_SYNC_DEVICE_ID);
975 } else if (info->localState == AUTH_STATE_ACK) {
976 info->isServer = true;
977 ret = PostDeviceIdMessage(authFsm->authSeq, info);
978 LnnFsmTransactState(&authFsm->fsm, g_states + STATE_DEVICE_AUTH);
979 } else if (info->localState == AUTH_STATE_WAIT) {
980 info->isServer = true;
981 ret = PostDeviceIdMessage(authFsm->authSeq, info);
982 } else if (info->localState == AUTH_STATE_COMPATIBLE) {
983 if (info->isServer) {
984 ret = PostDeviceIdMessage(authFsm->authSeq, info);
985 }
986 LnnFsmTransactState(&authFsm->fsm, g_states + STATE_DEVICE_AUTH);
987 } else if (info->localState == AUTH_STATE_UNKNOW) {
988 ret = PostDeviceIdMessage(authFsm->authSeq, info);
989 } else {
990 AUTH_LOGE(AUTH_FSM, "local auth state error");
991 ret = SOFTBUS_AUTH_SYNC_DEVID_FAIL;
992 }
993 } while (false);
994
995 if (ret != SOFTBUS_OK) {
996 AUTH_LOGE(AUTH_FSM, "handle devId msg fail, ret=%{public}d", ret);
997 CompleteAuthSession(authFsm, ret);
998 }
999 }
1000
SyncNegotiationStateProcess(FsmStateMachine * fsm,int32_t msgType,void * para)1001 static bool SyncNegotiationStateProcess(FsmStateMachine *fsm, int32_t msgType, void *para)
1002 {
1003 MessagePara *msgPara = (MessagePara *)para;
1004 AuthFsm *authFsm = TranslateToAuthFsm(fsm, msgType, msgPara);
1005 if (authFsm == NULL) {
1006 FreeMessagePara(msgPara);
1007 return false;
1008 }
1009 SoftbusHitraceStart(SOFTBUS_HITRACE_ID_VALID, (uint64_t)authFsm->authSeq);
1010 AUTH_LOGI(AUTH_FSM, "auth fsm process. authSeq=%{public}" PRId64 ", message=%{public}s",
1011 authFsm->authSeq, FsmMsgTypeToStr(msgType));
1012 switch (msgType) {
1013 case FSM_MSG_RECV_DEVICE_ID:
1014 HandleMsgRecvDeviceIdNego(authFsm, msgPara);
1015 break;
1016 case FSM_MSG_DEVICE_POST_DEVICEID:
1017 HandleMsgPostDeviceId(authFsm, msgPara);
1018 break;
1019 default:
1020 HandleCommonMsg(authFsm, msgType, msgPara);
1021 break;
1022 }
1023 FreeMessagePara(msgPara);
1024 SoftbusHitraceStop();
1025 return true;
1026 }
1027
SyncDevIdStateProcess(FsmStateMachine * fsm,int32_t msgType,void * para)1028 static bool SyncDevIdStateProcess(FsmStateMachine *fsm, int32_t msgType, void *para)
1029 {
1030 MessagePara *msgPara = (MessagePara *)para;
1031 AuthFsm *authFsm = TranslateToAuthFsm(fsm, msgType, msgPara);
1032 if (authFsm == NULL) {
1033 FreeMessagePara(msgPara);
1034 return false;
1035 }
1036 SoftbusHitraceStart(SOFTBUS_HITRACE_ID_VALID, (uint64_t)authFsm->authSeq);
1037 AUTH_LOGI(AUTH_FSM, "auth fsm process. authSeq=%{public}" PRId64 ", message=%{public}s",
1038 authFsm->authSeq, FsmMsgTypeToStr(msgType));
1039 switch (msgType) {
1040 case FSM_MSG_RECV_DEVICE_ID:
1041 HandleMsgRecvDeviceId(authFsm, msgPara);
1042 break;
1043 case FSM_MSG_DEVICE_POST_DEVICEID:
1044 HandleMsgPostDeviceId(authFsm, msgPara);
1045 break;
1046 default:
1047 HandleCommonMsg(authFsm, msgType, msgPara);
1048 break;
1049 }
1050 FreeMessagePara(msgPara);
1051 SoftbusHitraceStop();
1052 return true;
1053 }
1054
HandleMsgRecvAuthData(AuthFsm * authFsm,MessagePara * para)1055 static void HandleMsgRecvAuthData(AuthFsm *authFsm, MessagePara *para)
1056 {
1057 int32_t ret = HichainProcessData(authFsm->authSeq, para->data, para->len);
1058 if (ret != SOFTBUS_OK) {
1059 LnnAuditExtra lnnAuditExtra = {0};
1060 BuildLnnAuditEvent(&lnnAuditExtra, &authFsm->info, AUDIT_HANDLE_MSG_FAIL_END_AUTH,
1061 ret, AUDIT_EVENT_PACKETS_ERROR);
1062 LNN_AUDIT(AUDIT_SCENE_HANDLE_MSG_AUTH_DATA, lnnAuditExtra);
1063 AUTH_LOGE(AUTH_FSM, "process hichain data fail");
1064 if (!authFsm->info.isAuthFinished) {
1065 CompleteAuthSession(authFsm, SOFTBUS_AUTH_HICHAIN_PROCESS_FAIL);
1066 } else {
1067 AUTH_LOGD(AUTH_FSM, "auth has finished, ignore this processing failure");
1068 }
1069 }
1070 }
1071
TrySyncDeviceInfo(int64_t authSeq,AuthSessionInfo * info)1072 static int32_t TrySyncDeviceInfo(int64_t authSeq, AuthSessionInfo *info)
1073 {
1074 switch (info->connInfo.type) {
1075 case AUTH_LINK_TYPE_WIFI:
1076 /* WIFI: client firstly send device info, server just reponse it. */
1077 if (!info->isServer) {
1078 return PostDeviceInfoMessage(authSeq, info);
1079 }
1080 return SOFTBUS_OK;
1081 case AUTH_LINK_TYPE_BR:
1082 case AUTH_LINK_TYPE_BLE:
1083 case AUTH_LINK_TYPE_P2P:
1084 case AUTH_LINK_TYPE_ENHANCED_P2P:
1085 return PostDeviceInfoMessage(authSeq, info);
1086 default:
1087 break;
1088 }
1089 return SOFTBUS_ERR;
1090 }
1091
HandleMsgSaveSessionKey(AuthFsm * authFsm,MessagePara * para)1092 static void HandleMsgSaveSessionKey(AuthFsm *authFsm, MessagePara *para)
1093 {
1094 SessionKey sessionKey = {.len = para->len};
1095 if (memcpy_s(sessionKey.value, sizeof(sessionKey.value), para->data, para->len) != EOK) {
1096 AUTH_LOGE(AUTH_FSM, "copy session key fail.");
1097 (void)memset_s(&sessionKey, sizeof(sessionKey), 0, sizeof(sessionKey));
1098 return;
1099 }
1100 if (AuthManagerSetSessionKey(authFsm->authSeq, &authFsm->info, &sessionKey, true, false) != SOFTBUS_OK) {
1101 AUTH_LOGE(AUTH_FSM, "auth fsm save session key fail. authSeq=%{public}" PRId64 "", authFsm->authSeq);
1102 }
1103
1104 (void)CalcHKDF((uint8_t *)(&sessionKey.value), sessionKey.len,
1105 (uint8_t *)(&authFsm->info.sessionKeyRandomNum), sizeof(authFsm->info.sessionKeyRandomNum));
1106 (void)memset_s(&sessionKey, sizeof(sessionKey), 0, sizeof(sessionKey));
1107 if (LnnGenerateLocalPtk(authFsm->info.udid, authFsm->info.uuid) != SOFTBUS_OK) {
1108 AUTH_LOGE(AUTH_FSM, "generate ptk fail");
1109 }
1110 if (TrySyncDeviceInfo(authFsm->authSeq, &authFsm->info) != SOFTBUS_OK) {
1111 AUTH_LOGE(AUTH_FSM, "auth fsm sync device info fail. authSeq=%{public}" PRId64 "", authFsm->authSeq);
1112 CompleteAuthSession(authFsm, SOFTBUS_AUTH_SYNC_DEVINFO_FAIL);
1113 return;
1114 }
1115 if (authFsm->info.deviceInfoData != NULL) {
1116 AUTH_LOGE(AUTH_FSM, "auth fsm dispatch device info to next state. authSeq=%{public}" PRId64, authFsm->authSeq);
1117 (void)AuthSessionProcessDevInfoData(authFsm->authSeq,
1118 authFsm->info.deviceInfoData, authFsm->info.deviceInfoDataLen);
1119 SoftBusFree(authFsm->info.deviceInfoData);
1120 authFsm->info.deviceInfoData = NULL;
1121 }
1122 LnnFsmTransactState(&authFsm->fsm, g_states + STATE_SYNC_DEVICE_INFO);
1123 authFsm->curState = STATE_SYNC_DEVICE_INFO;
1124 }
1125
HandleMsgAuthError(AuthFsm * authFsm,MessagePara * para)1126 static void HandleMsgAuthError(AuthFsm *authFsm, MessagePara *para)
1127 {
1128 int32_t result = *((int32_t *)(para->data));
1129 AUTH_LOGE(AUTH_FSM,
1130 "auth fsm handle hichain error, authSeq=%{public}" PRId64", reason=%{public}d", authFsm->authSeq, result);
1131 if (result == HICHAIN_RETURN_NOT_TRUSTED) {
1132 AUTH_LOGE(AUTH_FSM, "device not has trust relation, begin to offline");
1133 AuthDeviceNotTrust(authFsm->info.udid);
1134 }
1135 CompleteAuthSession(authFsm, result);
1136 }
1137
HandleMsgRecvDevInfoEarly(AuthFsm * authFsm,MessagePara * para)1138 static void HandleMsgRecvDevInfoEarly(AuthFsm *authFsm, MessagePara *para)
1139 {
1140 AUTH_LOGI(AUTH_FSM, "auth fsm recv device info early, save it. authSeq=%{public}" PRId64 "", authFsm->authSeq);
1141 AuthSessionInfo *info = &authFsm->info;
1142 if (info->deviceInfoData != NULL) {
1143 SoftBusFree(info->deviceInfoData);
1144 info->deviceInfoData = NULL;
1145 }
1146 info->deviceInfoData = DupMemBuffer(para->data, para->len);
1147 if (info->deviceInfoData == NULL) {
1148 AUTH_LOGE(AUTH_FSM, "dup device info fail.");
1149 return;
1150 }
1151 info->deviceInfoDataLen = para->len;
1152 }
1153
TryFinishAuthSession(AuthFsm * authFsm)1154 static void TryFinishAuthSession(AuthFsm *authFsm)
1155 {
1156 AuthSessionInfo *info = &authFsm->info;
1157 AUTH_LOGI(AUTH_FSM,
1158 "Try finish auth fsm session, authSeq=%{public}" PRId64", devInfo=%{public}d, closeAck=%{public}d, "
1159 "authFinish=%{public}d",
1160 authFsm->authSeq, info->isNodeInfoReceived, info->isCloseAckReceived, info->isAuthFinished);
1161 if (info->isNodeInfoReceived && info->isCloseAckReceived && info->isAuthFinished) {
1162 CompleteAuthSession(authFsm, SOFTBUS_OK);
1163 }
1164 }
1165
HandleMsgAuthFinish(AuthFsm * authFsm,MessagePara * para)1166 static void HandleMsgAuthFinish(AuthFsm *authFsm, MessagePara *para)
1167 {
1168 (void)para;
1169 AuthSessionInfo *info = &authFsm->info;
1170 AUTH_LOGI(AUTH_FSM,
1171 "auth fsm hichain finished, authSeq=%{public}" PRId64", devInfo=%{public}d, closeAck=%{public}d",
1172 authFsm->authSeq, info->isNodeInfoReceived, info->isCloseAckReceived);
1173 info->isAuthFinished = true;
1174 TryFinishAuthSession(authFsm);
1175 }
1176
TryRecoveryKey(AuthFsm * authFsm)1177 static int32_t TryRecoveryKey(AuthFsm *authFsm)
1178 {
1179 int32_t ret = SOFTBUS_OK;
1180 if (authFsm->info.normalizedType == NORMALIZED_SUPPORT) {
1181 AUTH_LOGI(AUTH_FSM, "normalized auth succ");
1182 if (RecoveryNormalizedDeviceKey(authFsm) != SOFTBUS_OK) {
1183 AUTH_LOGE(AUTH_FSM, "normalized auth recovery device key fail");
1184 ret = SOFTBUS_AUTH_SYNC_DEVID_FAIL;
1185 }
1186 return ret;
1187 }
1188 if (authFsm->info.isSupportFastAuth) {
1189 AUTH_LOGI(AUTH_FSM, "fast auth succ");
1190 if (RecoveryFastAuthKey(authFsm) != SOFTBUS_OK) {
1191 AUTH_LOGE(AUTH_FSM, "fast auth recovery device key fail");
1192 ret = SOFTBUS_AUTH_SYNC_DEVID_FAIL;
1193 }
1194 }
1195 return ret;
1196 }
1197
ProcessClientAuthState(AuthFsm * authFsm)1198 static int32_t ProcessClientAuthState(AuthFsm *authFsm)
1199 {
1200 /* just client need start authDevice */
1201 if (ClientSetExchangeIdType(authFsm) != SOFTBUS_OK) {
1202 return SOFTBUS_OK;
1203 }
1204 char *anonyUdid = NULL;
1205 Anonymize(authFsm->info.udid, &anonyUdid);
1206 AUTH_LOGI(AUTH_FSM, "start auth send udid=%{public}s", anonyUdid);
1207 AnonymizeFree(anonyUdid);
1208 return HichainStartAuth(authFsm->authSeq, authFsm->info.udid, authFsm->info.connInfo.peerUid);
1209 }
1210
DeviceAuthStateEnter(FsmStateMachine * fsm)1211 static void DeviceAuthStateEnter(FsmStateMachine *fsm)
1212 {
1213 if (fsm == NULL) {
1214 AUTH_LOGE(AUTH_FSM, "fsm is null");
1215 return;
1216 }
1217 int32_t ret = SOFTBUS_OK;
1218 AuthFsm *authFsm = TO_AUTH_FSM(fsm);
1219 if (authFsm == NULL) {
1220 AUTH_LOGE(AUTH_FSM, "authFsm is null");
1221 return;
1222 }
1223 AUTH_LOGI(AUTH_FSM, "auth state enter, authSeq=%{public}" PRId64, authFsm->authSeq);
1224 authFsm->curState = STATE_DEVICE_AUTH;
1225 AuthSessionInfo *info = &authFsm->info;
1226 if (info->normalizedType == NORMALIZED_SUPPORT || info->isSupportFastAuth) {
1227 ret = TryRecoveryKey(authFsm);
1228 if (ret != SOFTBUS_OK) {
1229 goto ERR_EXIT;
1230 }
1231 return;
1232 }
1233 if (!info->isServer) {
1234 ret = ProcessClientAuthState(authFsm);
1235 }
1236 if (ret != SOFTBUS_OK) {
1237 goto ERR_EXIT;
1238 }
1239 return;
1240 ERR_EXIT:
1241 AUTH_LOGE(AUTH_FSM, "auth state enter, fail ret=%{public}d", ret);
1242 CompleteAuthSession(authFsm, ret);
1243 }
1244
DeviceAuthStateProcess(FsmStateMachine * fsm,int32_t msgType,void * para)1245 static bool DeviceAuthStateProcess(FsmStateMachine *fsm, int32_t msgType, void *para)
1246 {
1247 MessagePara *msgPara = (MessagePara *)para;
1248 AuthFsm *authFsm = TranslateToAuthFsm(fsm, msgType, msgPara);
1249 if (authFsm == NULL) {
1250 FreeMessagePara(msgPara);
1251 return false;
1252 }
1253 SoftbusHitraceStart(SOFTBUS_HITRACE_ID_VALID, (uint64_t)authFsm->authSeq);
1254 AUTH_LOGI(AUTH_FSM, "auth fsm process. authSeq=%{public}" PRId64", message=%{public}s",
1255 authFsm->authSeq, FsmMsgTypeToStr(msgType));
1256 switch (msgType) {
1257 case FSM_MSG_RECV_DEVICE_ID:
1258 HandleMsgRecvDeviceId(authFsm, msgPara);
1259 break;
1260 case FSM_MSG_RECV_AUTH_DATA:
1261 HandleMsgRecvAuthData(authFsm, msgPara);
1262 break;
1263 case FSM_MSG_SAVE_SESSION_KEY:
1264 HandleMsgSaveSessionKey(authFsm, msgPara);
1265 break;
1266 case FSM_MSG_AUTH_ERROR:
1267 HandleMsgAuthError(authFsm, msgPara);
1268 break;
1269 case FSM_MSG_RECV_DEVICE_INFO:
1270 HandleMsgRecvDevInfoEarly(authFsm, msgPara);
1271 break;
1272 case FSM_MSG_AUTH_FINISH:
1273 HandleMsgAuthFinish(authFsm, msgPara);
1274 break;
1275 default:
1276 HandleCommonMsg(authFsm, msgType, msgPara);
1277 break;
1278 }
1279 FreeMessagePara(msgPara);
1280 SoftbusHitraceStop();
1281 return true;
1282 }
1283
HandleCloseAckMessage(AuthFsm * authFsm,const AuthSessionInfo * info)1284 static int32_t HandleCloseAckMessage(AuthFsm *authFsm, const AuthSessionInfo *info)
1285 {
1286 if ((info->connInfo.type == AUTH_LINK_TYPE_BLE) && (SoftBusGetBrState() == BR_DISABLE) &&
1287 (info->nodeInfo.feature & 1 << BIT_SUPPORT_THREE_STATE) == 0) {
1288 AUTH_LOGE(AUTH_FSM, "peer not support three state");
1289 CompleteAuthSession(authFsm, SOFTBUS_AUTH_NOT_SUPPORT_THREE_STATE);
1290 return SOFTBUS_ERR;
1291 }
1292 if (PostCloseAckMessage(authFsm->authSeq, info) != SOFTBUS_OK) {
1293 AUTH_LOGE(AUTH_FSM, "post close ack fail");
1294 CompleteAuthSession(authFsm, SOFTBUS_AUTH_SEND_FAIL);
1295 return SOFTBUS_ERR;
1296 }
1297 return SOFTBUS_OK;
1298 }
1299
HandleMsgRecvDeviceInfo(AuthFsm * authFsm,MessagePara * para)1300 static void HandleMsgRecvDeviceInfo(AuthFsm *authFsm, MessagePara *para)
1301 {
1302 AuthSessionInfo *info = &authFsm->info;
1303 if (ProcessDeviceInfoMessage(authFsm->authSeq, info, para->data, para->len) != SOFTBUS_OK) {
1304 LnnAuditExtra lnnAuditExtra = {0};
1305 BuildLnnAuditEvent(&lnnAuditExtra, info, AUDIT_HANDLE_MSG_FAIL_END_AUTH,
1306 SOFTBUS_AUTH_UNPACK_DEVINFO_FAIL, AUDIT_EVENT_PACKETS_ERROR);
1307 LNN_AUDIT(AUDIT_SCENE_HANDLE_MSG_DEV_INFO, lnnAuditExtra);
1308 AUTH_LOGE(AUTH_FSM, "process device info msg fail");
1309 CompleteAuthSession(authFsm, SOFTBUS_AUTH_UNPACK_DEVINFO_FAIL);
1310 return;
1311 }
1312 info->isNodeInfoReceived = true;
1313 if (strcpy_s(info->nodeInfo.uuid, UUID_BUF_LEN, info->uuid) != EOK) {
1314 AUTH_LOGE(AUTH_FSM, "copy uuid fail.");
1315 return;
1316 }
1317 if (info->connInfo.type == AUTH_LINK_TYPE_WIFI) {
1318 info->isCloseAckReceived = true; /* WiFi auth no need close ack, set true directly */
1319 if (!info->isServer) {
1320 LnnFsmRemoveMessage(&authFsm->fsm, FSM_MSG_AUTH_TIMEOUT);
1321 AuthManagerSetAuthPassed(authFsm->authSeq, info);
1322 TryFinishAuthSession(authFsm);
1323 return;
1324 }
1325 /* WIFI: server should response device info */
1326 if (PostDeviceInfoMessage(authFsm->authSeq, info) != SOFTBUS_OK) {
1327 AUTH_LOGE(AUTH_FSM, "server: response device info fail");
1328 CompleteAuthSession(authFsm, SOFTBUS_AUTH_SYNC_DEVINFO_FAIL);
1329 return;
1330 }
1331 LnnFsmRemoveMessage(&authFsm->fsm, FSM_MSG_AUTH_TIMEOUT);
1332 AuthManagerSetAuthPassed(authFsm->authSeq, info);
1333 TryFinishAuthSession(authFsm);
1334 return;
1335 }
1336 if (HandleCloseAckMessage(authFsm, info) != SOFTBUS_OK) {
1337 AUTH_LOGE(AUTH_FSM, "handle close ack fail");
1338 return;
1339 }
1340 if (info->isCloseAckReceived) {
1341 LnnFsmRemoveMessage(&authFsm->fsm, FSM_MSG_AUTH_TIMEOUT);
1342 AuthManagerSetAuthPassed(authFsm->authSeq, info);
1343 TryFinishAuthSession(authFsm);
1344 }
1345 }
1346
HandleMsgRecvCloseAck(AuthFsm * authFsm,MessagePara * para)1347 static void HandleMsgRecvCloseAck(AuthFsm *authFsm, MessagePara *para)
1348 {
1349 (void)para;
1350 AuthSessionInfo *info = &authFsm->info;
1351 AUTH_LOGI(AUTH_FSM, "auth fsm recv close ack, fsm=%{public}" PRId64 ", isNodeInfoReceived=%{public}d",
1352 authFsm->authSeq, info->isNodeInfoReceived);
1353 info->isCloseAckReceived = true;
1354 if (info->isNodeInfoReceived) {
1355 LnnFsmRemoveMessage(&authFsm->fsm, FSM_MSG_AUTH_TIMEOUT);
1356 AuthManagerSetAuthPassed(authFsm->authSeq, info);
1357 } else {
1358 AUTH_LOGI(AUTH_FSM, "close ack received before device info");
1359 }
1360 TryFinishAuthSession(authFsm);
1361 }
1362
SyncDevInfoStateProcess(FsmStateMachine * fsm,int32_t msgType,void * para)1363 static bool SyncDevInfoStateProcess(FsmStateMachine *fsm, int32_t msgType, void *para)
1364 {
1365 MessagePara *msgPara = (MessagePara *)para;
1366 AuthFsm *authFsm = TranslateToAuthFsm(fsm, msgType, msgPara);
1367 if (authFsm == NULL) {
1368 FreeMessagePara(msgPara);
1369 return false;
1370 }
1371 SoftbusHitraceStart(SOFTBUS_HITRACE_ID_VALID, (uint64_t)authFsm->authSeq);
1372 AUTH_LOGI(AUTH_FSM, "auth fsm process. authSeq=%{public}" PRId64", message=%{public}s",
1373 authFsm->authSeq, FsmMsgTypeToStr(msgType));
1374 switch (msgType) {
1375 case FSM_MSG_RECV_DEVICE_INFO:
1376 HandleMsgRecvDeviceInfo(authFsm, msgPara);
1377 break;
1378 case FSM_MSG_RECV_CLOSE_ACK:
1379 HandleMsgRecvCloseAck(authFsm, msgPara);
1380 break;
1381 case FSM_MSG_RECV_AUTH_DATA:
1382 HandleMsgRecvAuthData(authFsm, msgPara);
1383 break;
1384 case FSM_MSG_AUTH_FINISH:
1385 HandleMsgAuthFinish(authFsm, msgPara);
1386 break;
1387 default:
1388 HandleCommonMsg(authFsm, msgType, msgPara);
1389 break;
1390 }
1391 FreeMessagePara(msgPara);
1392 SoftbusHitraceStop();
1393 return true;
1394 }
1395
GetAuthFsmByAuthSeq(int64_t authSeq)1396 AuthFsm *GetAuthFsmByAuthSeq(int64_t authSeq)
1397 {
1398 AuthFsm *item = NULL;
1399 LIST_FOR_EACH_ENTRY(item, &g_authFsmList, AuthFsm, node) {
1400 if (item->authSeq != authSeq) {
1401 continue;
1402 }
1403 if (item->isDead) {
1404 AUTH_LOGE(AUTH_FSM, "auth fsm has dead. authSeq=%{public}" PRId64 "", item->authSeq);
1405 break;
1406 }
1407 return item;
1408 }
1409 AUTH_LOGE(AUTH_FSM, "auth fsm not found. authSeq=%{public}" PRId64 "", authSeq);
1410 return NULL;
1411 }
1412
GetAuthFsmByConnId(uint64_t connId,bool isServer,bool isConnectSide)1413 AuthFsm *GetAuthFsmByConnId(uint64_t connId, bool isServer, bool isConnectSide)
1414 {
1415 AuthFsm *item = NULL;
1416 LIST_FOR_EACH_ENTRY(item, &g_authFsmList, AuthFsm, node) {
1417 if (isConnectSide && (item->info.connId != connId || item->info.isConnectServer != isServer)) {
1418 continue;
1419 }
1420 if (!isConnectSide && (item->info.connId != connId || item->info.isServer != isServer)) {
1421 continue;
1422 }
1423 if (item->isDead) {
1424 AUTH_LOGE(AUTH_FSM, "auth fsm has dead. authSeq=%{public}" PRId64 "", item->authSeq);
1425 break;
1426 }
1427 return item;
1428 }
1429 AUTH_LOGE(AUTH_FSM, "auth fsm not found. " CONN_INFO, CONN_DATA(connId));
1430 return NULL;
1431 }
1432
GetSessionInfoFromAuthFsm(int64_t authSeq,AuthSessionInfo * info)1433 static int32_t GetSessionInfoFromAuthFsm(int64_t authSeq, AuthSessionInfo *info)
1434 {
1435 if (!RequireAuthLock()) {
1436 return SOFTBUS_LOCK_ERR;
1437 }
1438 AuthFsm *authFsm = GetAuthFsmByAuthSeq(authSeq);
1439 if (authFsm == NULL) {
1440 AUTH_LOGE(AUTH_FSM, "auth fsm not found. authSeq=%{public}" PRId64 "", authSeq);
1441 ReleaseAuthLock();
1442 return SOFTBUS_AUTH_NOT_FOUND;
1443 }
1444 *info = authFsm->info;
1445 info->deviceInfoData = NULL;
1446 info->deviceInfoDataLen = 0;
1447 ReleaseAuthLock();
1448 return SOFTBUS_OK;
1449 }
1450
PostMessageToAuthFsm(int32_t msgType,int64_t authSeq,const uint8_t * data,uint32_t len)1451 static int32_t PostMessageToAuthFsm(int32_t msgType, int64_t authSeq, const uint8_t *data, uint32_t len)
1452 {
1453 MessagePara *para = NewMessagePara(data, len);
1454 if (para == NULL) {
1455 return SOFTBUS_MALLOC_ERR;
1456 }
1457 if (!RequireAuthLock()) {
1458 SoftBusFree(para);
1459 return SOFTBUS_LOCK_ERR;
1460 }
1461 AuthFsm *authFsm = GetAuthFsmByAuthSeq(authSeq);
1462 if (authFsm == NULL) {
1463 ReleaseAuthLock();
1464 SoftBusFree(para);
1465 return SOFTBUS_AUTH_GET_FSM_FAIL;
1466 }
1467 if (LnnFsmPostMessage(&authFsm->fsm, msgType, para) != SOFTBUS_OK) {
1468 AUTH_LOGE(AUTH_FSM, "post message to auth fsm fail");
1469 ReleaseAuthLock();
1470 SoftBusFree(para);
1471 return SOFTBUS_AUTH_SEND_FAIL;
1472 }
1473 ReleaseAuthLock();
1474 return SOFTBUS_OK;
1475 }
1476
PostMessageToAuthFsmByConnId(int32_t msgType,uint64_t connId,bool isServer,const uint8_t * data,uint32_t len)1477 static int32_t PostMessageToAuthFsmByConnId(int32_t msgType, uint64_t connId, bool isServer,
1478 const uint8_t *data, uint32_t len)
1479 {
1480 MessagePara *para = NewMessagePara(data, len);
1481 if (para == NULL) {
1482 return SOFTBUS_MALLOC_ERR;
1483 }
1484 if (!RequireAuthLock()) {
1485 SoftBusFree(para);
1486 return SOFTBUS_LOCK_ERR;
1487 }
1488 AuthFsm *authFsm = GetAuthFsmByConnId(connId, isServer, false);
1489 if (authFsm == NULL) {
1490 ReleaseAuthLock();
1491 SoftBusFree(para);
1492 return SOFTBUS_AUTH_GET_FSM_FAIL;
1493 }
1494 if (LnnFsmPostMessage(&authFsm->fsm, msgType, para) != SOFTBUS_OK) {
1495 AUTH_LOGE(AUTH_FSM, "post message to auth fsm by connId fail");
1496 ReleaseAuthLock();
1497 SoftBusFree(para);
1498 return SOFTBUS_AUTH_SEND_FAIL;
1499 }
1500 ReleaseAuthLock();
1501 return SOFTBUS_OK;
1502 }
1503
SetAuthStartTime(AuthFsm * authFsm)1504 static void SetAuthStartTime(AuthFsm *authFsm)
1505 {
1506 authFsm->statisticData.startAuthTime = (uint64_t)LnnUpTimeMs();
1507 }
1508
IsPeerSupportNegoAuth(AuthSessionInfo * info)1509 static bool IsPeerSupportNegoAuth(AuthSessionInfo *info)
1510 {
1511 char udidHash[SHORT_UDID_HASH_HEX_LEN + 1] = { 0 };
1512 if (!GetUdidShortHash(info, udidHash, SHORT_UDID_HASH_HEX_LEN + 1)) {
1513 return true;
1514 }
1515 NodeInfo nodeInfo;
1516 (void)memset_s(&nodeInfo, sizeof(nodeInfo), 0, sizeof(nodeInfo));
1517 if (LnnRetrieveDeviceInfo((const char *)udidHash, &nodeInfo) != SOFTBUS_OK) {
1518 AUTH_LOGE(AUTH_FSM, "retrive deviceInfo fail");
1519 return true;
1520 }
1521 if (IsSupportFeatureByCapaBit(nodeInfo.authCapacity, BIT_SUPPORT_NEGOTIATION_AUTH)) {
1522 return true;
1523 }
1524 return false;
1525 }
1526
GetFirstFsmState(AuthSessionInfo * info,int64_t authSeq,AuthFsmStateIndex * state)1527 static int32_t GetFirstFsmState(AuthSessionInfo *info, int64_t authSeq, AuthFsmStateIndex *state)
1528 {
1529 CHECK_NULL_PTR_RETURN_VALUE(info, SOFTBUS_INVALID_PARAM);
1530 CHECK_NULL_PTR_RETURN_VALUE(state, SOFTBUS_INVALID_PARAM);
1531 if (info->isConnectServer) {
1532 *state = STATE_SYNC_NEGOTIATION;
1533 } else {
1534 if (!IsPeerSupportNegoAuth(info)) {
1535 info->localState = AUTH_STATE_COMPATIBLE;
1536 AUTH_LOGI(AUTH_FSM, "peer not support nego, localState change, authSeq=%{public}" PRId64, authSeq);
1537 }
1538 if (info->localState == AUTH_STATE_START || info->localState == AUTH_STATE_COMPATIBLE) {
1539 *state = STATE_SYNC_DEVICE_ID;
1540 } else {
1541 *state = STATE_SYNC_NEGOTIATION;
1542 }
1543 }
1544 return SOFTBUS_OK;
1545 }
1546
AuthSessionStartAuth(const AuthParam * authParam,const AuthConnInfo * connInfo)1547 int32_t AuthSessionStartAuth(const AuthParam *authParam, const AuthConnInfo *connInfo)
1548 {
1549 CHECK_NULL_PTR_RETURN_VALUE(connInfo, SOFTBUS_INVALID_PARAM);
1550 AUTH_CHECK_AND_RETURN_RET_LOGE(authParam != NULL, SOFTBUS_INVALID_PARAM, AUTH_FSM, "authParam is NULL");
1551 if (!RequireAuthLock()) {
1552 return SOFTBUS_LOCK_ERR;
1553 }
1554 AuthFsm *authFsm = CreateAuthFsm(authParam->authSeq, authParam->requestId, authParam->connId,
1555 connInfo, authParam->isServer);
1556 if (authFsm == NULL) {
1557 ReleaseAuthLock();
1558 return SOFTBUS_MEM_ERR;
1559 }
1560 authFsm->info.isNeedFastAuth = authParam->isFastAuth;
1561 (void)UpdateLocalAuthState(authFsm->authSeq, &authFsm->info);
1562 AuthFsmStateIndex nextState = STATE_SYNC_DEVICE_ID;
1563 if (GetFirstFsmState(&authFsm->info, authFsm->authSeq, &nextState) != SOFTBUS_OK ||
1564 LnnFsmStart(&authFsm->fsm, g_states + nextState) != SOFTBUS_OK) {
1565 AUTH_LOGE(AUTH_FSM, "start auth fsm fail. authSeq=%{public}" PRId64 "", authFsm->authSeq);
1566 DestroyAuthFsm(authFsm);
1567 ReleaseAuthLock();
1568 return SOFTBUS_ERR;
1569 }
1570 SetAuthStartTime(authFsm);
1571 LnnFsmPostMessageDelay(&authFsm->fsm, FSM_MSG_AUTH_TIMEOUT, NULL, AUTH_TIMEOUT_MS);
1572 ReleaseAuthLock();
1573 return SOFTBUS_OK;
1574 }
1575
AuthSessionProcessDevIdData(int64_t authSeq,const uint8_t * data,uint32_t len)1576 int32_t AuthSessionProcessDevIdData(int64_t authSeq, const uint8_t *data, uint32_t len)
1577 {
1578 if (data == NULL) {
1579 return SOFTBUS_INVALID_PARAM;
1580 }
1581 return PostMessageToAuthFsm(FSM_MSG_RECV_DEVICE_ID, authSeq, data, len);
1582 }
1583
AuthSessionPostAuthData(int64_t authSeq,const uint8_t * data,uint32_t len)1584 int32_t AuthSessionPostAuthData(int64_t authSeq, const uint8_t *data, uint32_t len)
1585 {
1586 AuthSessionInfo info;
1587 if (GetSessionInfoFromAuthFsm(authSeq, &info) != SOFTBUS_OK) {
1588 return SOFTBUS_AUTH_GET_SESSION_INFO_FAIL;
1589 }
1590 if (PostHichainAuthMessage(authSeq, &info, data, len) != SOFTBUS_OK) {
1591 return SOFTBUS_AUTH_SYNC_DEVID_FAIL;
1592 }
1593 return SOFTBUS_OK;
1594 }
1595
AuthSessionProcessAuthData(int64_t authSeq,const uint8_t * data,uint32_t len)1596 int32_t AuthSessionProcessAuthData(int64_t authSeq, const uint8_t *data, uint32_t len)
1597 {
1598 if (data == NULL) {
1599 return SOFTBUS_INVALID_PARAM;
1600 }
1601 return PostMessageToAuthFsm(FSM_MSG_RECV_AUTH_DATA, authSeq, data, len);
1602 }
1603
AuthSessionGetUdid(int64_t authSeq,char * udid,uint32_t size)1604 int32_t AuthSessionGetUdid(int64_t authSeq, char *udid, uint32_t size)
1605 {
1606 if (udid == NULL) {
1607 return SOFTBUS_INVALID_PARAM;
1608 }
1609 AuthSessionInfo info = {0};
1610 if (GetSessionInfoFromAuthFsm(authSeq, &info) != SOFTBUS_OK) {
1611 return SOFTBUS_AUTH_GET_SESSION_INFO_FAIL;
1612 }
1613 if (memcpy_s(udid, size, info.udid, sizeof(info.udid)) != EOK) {
1614 AUTH_LOGE(AUTH_FSM, "copy udid fail");
1615 return SOFTBUS_MEM_ERR;
1616 }
1617 return SOFTBUS_OK;
1618 }
1619
AuthSessionSaveSessionKey(int64_t authSeq,const uint8_t * key,uint32_t len)1620 int32_t AuthSessionSaveSessionKey(int64_t authSeq, const uint8_t *key, uint32_t len)
1621 {
1622 if (key == NULL) {
1623 return SOFTBUS_INVALID_PARAM;
1624 }
1625 return PostMessageToAuthFsm(FSM_MSG_SAVE_SESSION_KEY, authSeq, key, len);
1626 }
1627
AuthSessionHandleAuthFinish(int64_t authSeq)1628 int32_t AuthSessionHandleAuthFinish(int64_t authSeq)
1629 {
1630 return PostMessageToAuthFsm(FSM_MSG_AUTH_FINISH, authSeq, NULL, 0);
1631 }
1632
AuthSessionHandleAuthError(int64_t authSeq,int32_t reason)1633 int32_t AuthSessionHandleAuthError(int64_t authSeq, int32_t reason)
1634 {
1635 return PostMessageToAuthFsm(FSM_MSG_AUTH_ERROR, authSeq, (uint8_t *)&reason, sizeof(reason));
1636 }
1637
AuthSessionProcessDevInfoData(int64_t authSeq,const uint8_t * data,uint32_t len)1638 int32_t AuthSessionProcessDevInfoData(int64_t authSeq, const uint8_t *data, uint32_t len)
1639 {
1640 if (data == NULL) {
1641 return SOFTBUS_INVALID_PARAM;
1642 }
1643 return PostMessageToAuthFsm(FSM_MSG_RECV_DEVICE_INFO, authSeq, data, len);
1644 }
1645
AuthSessionProcessCloseAck(int64_t authSeq,const uint8_t * data,uint32_t len)1646 int32_t AuthSessionProcessCloseAck(int64_t authSeq, const uint8_t *data, uint32_t len)
1647 {
1648 if (data == NULL) {
1649 return SOFTBUS_INVALID_PARAM;
1650 }
1651 return PostMessageToAuthFsm(FSM_MSG_RECV_CLOSE_ACK, authSeq, data, len);
1652 }
1653
AuthSessionProcessDevInfoDataByConnId(uint64_t connId,bool isServer,const uint8_t * data,uint32_t len)1654 int32_t AuthSessionProcessDevInfoDataByConnId(uint64_t connId, bool isServer, const uint8_t *data,
1655 uint32_t len)
1656 {
1657 if (data == NULL) {
1658 return SOFTBUS_INVALID_PARAM;
1659 }
1660 return PostMessageToAuthFsmByConnId(FSM_MSG_RECV_DEVICE_INFO, connId, isServer, data, len);
1661 }
1662
AuthSessionProcessCloseAckByConnId(uint64_t connId,bool isServer,const uint8_t * data,uint32_t len)1663 int32_t AuthSessionProcessCloseAckByConnId(uint64_t connId, bool isServer, const uint8_t *data,
1664 uint32_t len)
1665 {
1666 if (data == NULL) {
1667 return SOFTBUS_INVALID_PARAM;
1668 }
1669 return PostMessageToAuthFsmByConnId(FSM_MSG_RECV_CLOSE_ACK, connId, isServer, data, len);
1670 }
1671
AuthSessionProcessCancelAuthByConnId(uint64_t connId,bool isConnectServer,const uint8_t * data,uint32_t len)1672 int32_t AuthSessionProcessCancelAuthByConnId(uint64_t connId, bool isConnectServer, const uint8_t *data, uint32_t len)
1673 {
1674 if (!RequireAuthLock()) {
1675 return SOFTBUS_LOCK_ERR;
1676 }
1677 AuthFsm *authFsm = GetAuthFsmByConnId(connId, isConnectServer, true);
1678 if (authFsm == NULL) {
1679 ReleaseAuthLock();
1680 return SOFTBUS_AUTH_GET_FSM_FAIL;
1681 }
1682 if (LnnFsmPostMessage(&authFsm->fsm, FSM_MSG_DEVICE_DISCONNECTED, NULL) != SOFTBUS_OK) {
1683 AUTH_LOGE(AUTH_FSM, "post message to auth fsm by connId fail");
1684 ReleaseAuthLock();
1685 return SOFTBUS_AUTH_SEND_FAIL;
1686 }
1687 ReleaseAuthLock();
1688 return SOFTBUS_OK;
1689 }
1690
AuthSessionHandleDeviceNotTrusted(const char * udid)1691 int32_t AuthSessionHandleDeviceNotTrusted(const char *udid)
1692 {
1693 if (udid == NULL || udid[0] == '\0') {
1694 return SOFTBUS_INVALID_PARAM;
1695 }
1696 if (!RequireAuthLock()) {
1697 return SOFTBUS_LOCK_ERR;
1698 }
1699 AuthFsm *item = NULL;
1700 LIST_FOR_EACH_ENTRY(item, &g_authFsmList, AuthFsm, node) {
1701 if (strcmp(item->info.udid, udid) != 0) {
1702 continue;
1703 }
1704 if (item->isDead) {
1705 AUTH_LOGE(AUTH_FSM, "auth fsm has dead. authSeq=%{public}" PRId64 "", item->authSeq);
1706 continue;
1707 }
1708 LnnFsmPostMessage(&item->fsm, FSM_MSG_DEVICE_NOT_TRUSTED, NULL);
1709 }
1710 ReleaseAuthLock();
1711 return SOFTBUS_OK;
1712 }
1713
AuthSessionHandleDeviceDisconnected(uint64_t connId)1714 int32_t AuthSessionHandleDeviceDisconnected(uint64_t connId)
1715 {
1716 if (!RequireAuthLock()) {
1717 return SOFTBUS_LOCK_ERR;
1718 }
1719 AuthFsm *item = NULL;
1720 LIST_FOR_EACH_ENTRY(item, &g_authFsmList, AuthFsm, node) {
1721 if (item->info.connId != connId) {
1722 continue;
1723 }
1724 if (item->isDead) {
1725 AUTH_LOGE(AUTH_FSM, "auth fsm has dead. authSeq=%{public}" PRId64 "", item->authSeq);
1726 continue;
1727 }
1728 LnnFsmPostMessage(&item->fsm, FSM_MSG_DEVICE_DISCONNECTED, NULL);
1729 }
1730 ReleaseAuthLock();
1731 return SOFTBUS_OK;
1732 }
1733
AuthNotifyRequestVerify(int64_t authSeq)1734 int32_t AuthNotifyRequestVerify(int64_t authSeq)
1735 {
1736 return PostMessageToAuthFsm(FSM_MSG_DEVICE_POST_DEVICEID, authSeq, NULL, 0);
1737 }
1738
AuthSessionFsmExit(void)1739 void AuthSessionFsmExit(void)
1740 {
1741 HichainDestroy();
1742 if (!RequireAuthLock()) {
1743 return;
1744 }
1745 AuthFsm *item = NULL;
1746 AuthFsm *next = NULL;
1747 LIST_FOR_EACH_ENTRY_SAFE(item, next, &g_authFsmList, AuthFsm, node) {
1748 DestroyAuthFsm(item);
1749 }
1750 ListInit(&g_authFsmList);
1751 ReleaseAuthLock();
1752 }
1753