1 /*
2 * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "dm_auth_manager.h"
17
18 #include <mutex>
19 #include <string>
20 #include <unistd.h>
21
22 #include "bundle_mgr_interface.h"
23 #include "iservice_registry.h"
24 #if defined(SUPPORT_SCREENLOCK)
25 #include "screenlock_manager.h"
26 #endif
27 #include "system_ability_definition.h"
28
29 #include "auth_message_processor.h"
30 #include "common_event_support.h"
31 #include "dm_ability_manager.h"
32 #include "dm_anonymous.h"
33 #include "dm_config_manager.h"
34 #include "dm_constants.h"
35 #include "dm_crypto.h"
36 #include "dm_dialog_manager.h"
37 #include "dm_log.h"
38 #include "dm_radar_helper.h"
39 #include "dm_random.h"
40 #include "multiple_user_connector.h"
41 #include "nlohmann/json.hpp"
42 #include "parameter.h"
43 #include "show_confirm.h"
44
45 namespace OHOS {
46 namespace DistributedHardware {
47 const int32_t AUTHENTICATE_TIMEOUT = 120;
48 const int32_t CONFIRM_TIMEOUT = 60;
49 const int32_t NEGOTIATE_TIMEOUT = 10;
50 const int32_t INPUT_TIMEOUT = 60;
51 const int32_t ADD_TIMEOUT = 10;
52 const int32_t WAIT_NEGOTIATE_TIMEOUT = 10;
53 const int32_t WAIT_REQUEST_TIMEOUT = 10;
54 const int32_t CLONE_AUTHENTICATE_TIMEOUT = 20;
55 const int32_t CLONE_CONFIRM_TIMEOUT = 10;
56 const int32_t CLONE_NEGOTIATE_TIMEOUT = 10;
57 const int32_t CLONE_ADD_TIMEOUT = 10;
58 const int32_t CLONE_WAIT_NEGOTIATE_TIMEOUT = 10;
59 const int32_t CLONE_WAIT_REQUEST_TIMEOUT = 10;
60 const int32_t CLONE_SESSION_HEARTBEAT_TIMEOUT = 20;
61 const int32_t CANCEL_PIN_CODE_DISPLAY = 1;
62 const int32_t DEVICE_ID_HALF = 2;
63 const int32_t MAX_AUTH_TIMES = 3;
64 const int32_t MIN_PIN_TOKEN = 10000000;
65 const int32_t MAX_PIN_TOKEN = 90000000;
66 const int32_t MIN_PIN_CODE = 100000;
67 const int32_t MAX_PIN_CODE = 999999;
68 const int32_t DM_AUTH_TYPE_MAX = 5;
69 const int32_t DM_AUTH_TYPE_MIN = 0;
70 const int32_t AUTH_SESSION_SIDE_SERVER = 0;
71 const int32_t USLEEP_TIME_MS = 500000; // 500ms
72 const int32_t SYNC_DELETE_TIMEOUT = 60;
73 const int32_t AUTH_DEVICE_TIMEOUT = 10;
74 const int32_t SESSION_HEARTBEAT_TIMEOUT = 50;
75 const int32_t ALREADY_BIND = 1;
76
77 // clone task timeout map
78 const std::map<std::string, int32_t> TASK_TIME_OUT_MAP = {
79 { std::string(AUTHENTICATE_TIMEOUT_TASK), CLONE_AUTHENTICATE_TIMEOUT },
80 { std::string(NEGOTIATE_TIMEOUT_TASK), CLONE_NEGOTIATE_TIMEOUT },
81 { std::string(CONFIRM_TIMEOUT_TASK), CLONE_CONFIRM_TIMEOUT },
82 { std::string(ADD_TIMEOUT_TASK), CLONE_ADD_TIMEOUT },
83 { std::string(WAIT_NEGOTIATE_TIMEOUT_TASK), CLONE_WAIT_NEGOTIATE_TIMEOUT },
84 { std::string(WAIT_REQUEST_TIMEOUT_TASK), CLONE_WAIT_REQUEST_TIMEOUT },
85 { std::string(SESSION_HEARTBEAT_TIMEOUT_TASK), CLONE_SESSION_HEARTBEAT_TIMEOUT }
86 };
87
88 constexpr const char* APP_OPERATION_KEY = "appOperation";
89 constexpr const char* TARGET_PKG_NAME_KEY = "targetPkgName";
90 constexpr const char* CUSTOM_DESCRIPTION_KEY = "customDescription";
91 constexpr const char* CANCEL_DISPLAY_KEY = "cancelPinCodeDisplay";
92 constexpr const char* DM_VERSION_4_1_5_1 = "4.1.5.1";
93 constexpr const char* DM_VERSION_5_0_1 = "5.0.1";
94 constexpr const char* DM_VERSION_5_0_2 = "5.0.2";
95 std::mutex g_authFinishLock;
96
DmAuthManager(std::shared_ptr<SoftbusConnector> softbusConnector,std::shared_ptr<HiChainConnector> hiChainConnector,std::shared_ptr<IDeviceManagerServiceListener> listener,std::shared_ptr<HiChainAuthConnector> hiChainAuthConnector)97 DmAuthManager::DmAuthManager(std::shared_ptr<SoftbusConnector> softbusConnector,
98 std::shared_ptr<HiChainConnector> hiChainConnector,
99 std::shared_ptr<IDeviceManagerServiceListener> listener,
100 std::shared_ptr<HiChainAuthConnector> hiChainAuthConnector)
101 : softbusConnector_(softbusConnector), hiChainConnector_(hiChainConnector), listener_(listener),
102 hiChainAuthConnector_(hiChainAuthConnector)
103 {
104 LOGI("DmAuthManager constructor");
105 DmConfigManager &dmConfigManager = DmConfigManager::GetInstance();
106 dmConfigManager.GetAuthAdapter(authenticationMap_);
107 authUiStateMgr_ = std::make_shared<AuthUiStateManager>(listener_);
108 authenticationMap_[AUTH_TYPE_IMPORT_AUTH_CODE] = nullptr;
109 authenticationMap_[AUTH_TYPE_CRE] = nullptr;
110 dmVersion_ = DM_VERSION_5_0_2;
111 }
112
~DmAuthManager()113 DmAuthManager::~DmAuthManager()
114 {
115 LOGI("DmAuthManager destructor");
116 }
117
CheckAuthParamVaild(const std::string & pkgName,int32_t authType,const std::string & deviceId,const std::string & extra)118 int32_t DmAuthManager::CheckAuthParamVaild(const std::string &pkgName, int32_t authType,
119 const std::string &deviceId, const std::string &extra)
120 {
121 LOGI("DmAuthManager::CheckAuthParamVaild start.");
122 if (authType < DM_AUTH_TYPE_MIN || authType > DM_AUTH_TYPE_MAX) {
123 LOGE("CheckAuthParamVaild failed, authType is illegal.");
124 return ERR_DM_AUTH_FAILED;
125 }
126 if (pkgName.empty() || deviceId.empty()) {
127 LOGE("DmAuthManager::CheckAuthParamVaild failed, pkgName is %{public}s, deviceId is %{public}s, extra is"
128 "%{public}s.", pkgName.c_str(), GetAnonyString(deviceId).c_str(), extra.c_str());
129 return ERR_DM_INPUT_PARA_INVALID;
130 }
131 if (listener_ == nullptr || authUiStateMgr_ == nullptr) {
132 LOGE("DmAuthManager::CheckAuthParamVaild listener or authUiStateMgr is nullptr.");
133 return ERR_DM_INPUT_PARA_INVALID;
134 }
135
136 if (!IsAuthTypeSupported(authType)) {
137 LOGE("DmAuthManager::CheckAuthParamVaild authType %{public}d not support.", authType);
138 listener_->OnAuthResult(pkgName, peerTargetId_.deviceId, "", STATUS_DM_AUTH_DEFAULT,
139 ERR_DM_UNSUPPORTED_AUTH_TYPE);
140 listener_->OnBindResult(pkgName, peerTargetId_, ERR_DM_UNSUPPORTED_AUTH_TYPE, STATUS_DM_AUTH_DEFAULT, "");
141 return ERR_DM_UNSUPPORTED_AUTH_TYPE;
142 }
143
144 if (authRequestState_ != nullptr || authResponseState_ != nullptr) {
145 LOGE("DmAuthManager::CheckAuthParamVaild %{public}s is request authentication.", pkgName.c_str());
146 return ERR_DM_AUTH_BUSINESS_BUSY;
147 }
148
149 if (!softbusConnector_->HaveDeviceInMap(deviceId)) {
150 LOGE("CheckAuthParamVaild failed, the discoveryDeviceInfoMap_ not have this device.");
151 listener_->OnAuthResult(pkgName, peerTargetId_.deviceId, "", STATUS_DM_AUTH_DEFAULT, ERR_DM_INPUT_PARA_INVALID);
152 listener_->OnBindResult(pkgName, peerTargetId_, ERR_DM_INPUT_PARA_INVALID, STATUS_DM_AUTH_DEFAULT, "");
153 return ERR_DM_INPUT_PARA_INVALID;
154 }
155
156 if ((authType == AUTH_TYPE_IMPORT_AUTH_CODE) && (!IsAuthCodeReady(pkgName))) {
157 LOGE("Auth code not exist.");
158 listener_->OnAuthResult(pkgName, peerTargetId_.deviceId, "", STATUS_DM_AUTH_DEFAULT, ERR_DM_INPUT_PARA_INVALID);
159 listener_->OnBindResult(pkgName, peerTargetId_, ERR_DM_INPUT_PARA_INVALID, STATUS_DM_AUTH_DEFAULT, "");
160 return ERR_DM_INPUT_PARA_INVALID;
161 }
162 return DM_OK;
163 }
164
GetAuthParam(const std::string & pkgName,int32_t authType,const std::string & deviceId,const std::string & extra)165 void DmAuthManager::GetAuthParam(const std::string &pkgName, int32_t authType,
166 const std::string &deviceId, const std::string &extra)
167 {
168 LOGI("Get auth param.");
169 char localDeviceId[DEVICE_UUID_LENGTH] = {0};
170 GetDevUdid(localDeviceId, DEVICE_UUID_LENGTH);
171 std::string localUdid = static_cast<std::string>(localDeviceId);
172 authRequestContext_->hostPkgName = pkgName;
173 authRequestContext_->hostPkgLabel = GetBundleLable(pkgName);
174 authRequestContext_->authType = authType;
175 authRequestContext_->localDeviceName = softbusConnector_->GetLocalDeviceName();
176 authRequestContext_->localDeviceTypeId = softbusConnector_->GetLocalDeviceTypeId();
177 authRequestContext_->localDeviceId = localUdid;
178 authRequestContext_->deviceId = deviceId;
179 authRequestContext_->ip = deviceId;
180 authRequestContext_->dmVersion = DM_VERSION_5_0_2;
181 authRequestContext_->localAccountId = MultipleUserConnector::GetOhosAccountId();
182 MultipleUserConnector::SetSwitchOldAccountId(authRequestContext_->localAccountId);
183 authRequestContext_->localUserId = MultipleUserConnector::GetCurrentAccountUserID();
184 MultipleUserConnector::SetSwitchOldUserId(authRequestContext_->localUserId);
185 authRequestContext_->isOnline = false;
186 authRequestContext_->authed = !authRequestContext_->bindType.empty();
187 authRequestContext_->bindLevel = INVALIED_TYPE;
188 nlohmann::json jsonObject = nlohmann::json::parse(extra, nullptr, false);
189 if (!jsonObject.is_discarded()) {
190 if (IsString(jsonObject, TARGET_PKG_NAME_KEY)) {
191 authRequestContext_->targetPkgName = jsonObject[TARGET_PKG_NAME_KEY].get<std::string>();
192 }
193 if (IsString(jsonObject, APP_OPERATION_KEY)) {
194 authRequestContext_->appOperation = jsonObject[APP_OPERATION_KEY].get<std::string>();
195 }
196 if (IsString(jsonObject, CUSTOM_DESCRIPTION_KEY)) {
197 authRequestContext_->customDesc = jsonObject[CUSTOM_DESCRIPTION_KEY].get<std::string>();
198 }
199 if (IsString(jsonObject, APP_THUMBNAIL)) {
200 authRequestContext_->appThumbnail = jsonObject[APP_THUMBNAIL].get<std::string>();
201 }
202 if (IsInt64(jsonObject, TAG_TOKENID)) {
203 authRequestContext_->tokenId = jsonObject[TAG_TOKENID].get<int64_t>();
204 }
205 if (IsInt32(jsonObject, TAG_BIND_LEVEL)) {
206 authRequestContext_->bindLevel = jsonObject[TAG_BIND_LEVEL].get<int32_t>();
207 }
208 }
209 authRequestContext_->token = std::to_string(GenRandInt(MIN_PIN_TOKEN, MAX_PIN_TOKEN));
210 }
211
InitAuthState(const std::string & pkgName,int32_t authType,const std::string & deviceId,const std::string & extra)212 void DmAuthManager::InitAuthState(const std::string &pkgName, int32_t authType,
213 const std::string &deviceId, const std::string &extra)
214 {
215 authPtr_ = authenticationMap_[authType];
216 if (timer_ == nullptr) {
217 timer_ = std::make_shared<DmTimer>();
218 }
219 timer_->StartTimer(std::string(AUTHENTICATE_TIMEOUT_TASK),
220 GetTaskTimeout(AUTHENTICATE_TIMEOUT_TASK, AUTHENTICATE_TIMEOUT), [this] (std::string name) {
221 DmAuthManager::HandleAuthenticateTimeout(name);
222 });
223 authMessageProcessor_ = std::make_shared<AuthMessageProcessor>(shared_from_this());
224 authResponseContext_ = std::make_shared<DmAuthResponseContext>();
225 authRequestContext_ = std::make_shared<DmAuthRequestContext>();
226 GetAuthParam(pkgName, authType, deviceId, extra);
227 authMessageProcessor_->SetRequestContext(authRequestContext_);
228 authRequestState_ = std::make_shared<AuthRequestInitState>();
229 authRequestState_->SetAuthManager(shared_from_this());
230 authRequestState_->SetAuthContext(authRequestContext_);
231 if (!DmRadarHelper::GetInstance().ReportAuthStart(peerTargetId_.deviceId, pkgName)) {
232 LOGE("ReportAuthStart failed");
233 }
234 authRequestState_->Enter();
235 LOGI("DmAuthManager::AuthenticateDevice complete");
236 }
237
AuthenticateDevice(const std::string & pkgName,int32_t authType,const std::string & deviceId,const std::string & extra)238 int32_t DmAuthManager::AuthenticateDevice(const std::string &pkgName, int32_t authType,
239 const std::string &deviceId, const std::string &extra)
240 {
241 LOGI("DmAuthManager::AuthenticateDevice start auth type %{public}d.", authType);
242 SetAuthType(authType);
243 int32_t ret = CheckAuthParamVaild(pkgName, authType, deviceId, extra);
244 if (ret != DM_OK) {
245 LOGE("DmAuthManager::AuthenticateDevice failed, param is invaild.");
246 return ret;
247 }
248 isAuthenticateDevice_ = true;
249 if (authType == AUTH_TYPE_CRE) {
250 LOGI("DmAuthManager::AuthenticateDevice for credential type, joinLNN directly.");
251 softbusConnector_->JoinLnn(deviceId);
252 listener_->OnAuthResult(pkgName, peerTargetId_.deviceId, "", STATUS_DM_AUTH_DEFAULT, DM_OK);
253 listener_->OnBindResult(pkgName, peerTargetId_, DM_OK, STATUS_DM_AUTH_DEFAULT, "");
254 return DM_OK;
255 }
256 InitAuthState(pkgName, authType, deviceId, extra);
257 return DM_OK;
258 }
259
UnAuthenticateDevice(const std::string & pkgName,const std::string & networkId)260 int32_t DmAuthManager::UnAuthenticateDevice(const std::string &pkgName, const std::string &networkId)
261 {
262 if (pkgName.empty()) {
263 LOGE("Invalid parameter, pkgName is empty.");
264 return ERR_DM_FAILED;
265 }
266 std::string deviceUdid = "";
267 int32_t ret = SoftbusConnector::GetUdidByNetworkId(networkId.c_str(), deviceUdid);
268 if (ret != DM_OK) {
269 LOGE("UnAuthenticateDevice GetNodeKeyInfo failed");
270 return ret;
271 }
272 char localDeviceId[DEVICE_UUID_LENGTH] = {0};
273 GetDevUdid(localDeviceId, DEVICE_UUID_LENGTH);
274 struct RadarInfo info = {
275 .funcName = "UnAuthenticateDevice",
276 .toCallPkg = HICHAINNAME,
277 .hostName = pkgName,
278 .peerUdid = deviceUdid,
279 };
280 if (!DmRadarHelper::GetInstance().ReportDeleteTrustRelation(info)) {
281 LOGE("ReportDeleteTrustRelation failed");
282 }
283 if (!DeviceProfileConnector::GetInstance().CheckPkgnameInAcl(pkgName, localDeviceId, deviceUdid)) {
284 LOGE("The pkgName %{public}s cannot unbind.", pkgName.c_str());
285 return ERR_DM_FAILED;
286 }
287 remoteDeviceId_ = deviceUdid;
288 SyncDeleteAcl(pkgName, deviceUdid);
289 return DM_OK;
290 }
291
StopAuthenticateDevice(const std::string & pkgName)292 int32_t DmAuthManager::StopAuthenticateDevice(const std::string &pkgName)
293 {
294 if (pkgName.empty()) {
295 LOGE("Invalid parameter, pkgName is empty.");
296 return ERR_DM_FAILED;
297 }
298 if (((authRequestState_!= nullptr && authRequestContext_->hostPkgName == pkgName) ||
299 (authResponseContext_ != nullptr && authResponseContext_->hostPkgName == pkgName)) &&
300 isAuthenticateDevice_) {
301 LOGI("Stop previous AuthenticateDevice.");
302 authRequestContext_->reason = STOP_BIND;
303 authResponseContext_->state = authRequestState_->GetStateType();
304 authRequestState_->TransitionTo(std::make_shared<AuthRequestFinishState>());
305 }
306 return DM_OK;
307 }
308
UnBindDevice(const std::string & pkgName,const std::string & udidHash)309 int32_t DmAuthManager::UnBindDevice(const std::string &pkgName, const std::string &udidHash)
310 {
311 if (pkgName.empty()) {
312 LOGE("Invalid parameter, pkgName is empty.");
313 return ERR_DM_FAILED;
314 }
315 remoteDeviceId_ = SoftbusConnector::GetDeviceUdidByUdidHash(udidHash);
316 char localDeviceId[DEVICE_UUID_LENGTH] = {0};
317 GetDevUdid(localDeviceId, DEVICE_UUID_LENGTH);
318 if (!DeviceProfileConnector::GetInstance().CheckPkgnameInAcl(pkgName, localDeviceId, remoteDeviceId_)) {
319 LOGE("The pkgname %{public}s cannot unbind.", pkgName.c_str());
320 return ERR_DM_FAILED;
321 }
322 SyncDeleteAcl(pkgName, remoteDeviceId_);
323 return DM_OK;
324 }
325
SyncDeleteAcl(const std::string & pkgName,const std::string & deviceId)326 void DmAuthManager::SyncDeleteAcl(const std::string &pkgName, const std::string &deviceId)
327 {
328 LOGI("SyncDeleteAcl start.");
329 authMessageProcessor_ = std::make_shared<AuthMessageProcessor>(shared_from_this());
330 authResponseContext_ = std::make_shared<DmAuthResponseContext>();
331 authRequestContext_ = std::make_shared<DmAuthRequestContext>();
332
333 char localDeviceId[DEVICE_UUID_LENGTH] = {0};
334 GetDevUdid(localDeviceId, DEVICE_UUID_LENGTH);
335 std::string localUdid = static_cast<std::string>(localDeviceId);
336 authRequestContext_->localDeviceId = localUdid;
337 authRequestContext_->hostPkgName = pkgName;
338 authRequestContext_->deviceId = deviceId;
339 authMessageProcessor_->SetRequestContext(authRequestContext_);
340 authRequestState_ = std::make_shared<AuthRequestDeleteInit>();
341 authRequestState_->SetAuthManager(shared_from_this());
342 authRequestState_->SetAuthContext(authRequestContext_);
343 authRequestState_->Enter();
344 }
345
GetPeerUdidHash(int32_t sessionId,std::string & peerUdidHash)346 void DmAuthManager::GetPeerUdidHash(int32_t sessionId, std::string &peerUdidHash)
347 {
348 std::string peerUdid = "";
349 int32_t ret = softbusConnector_->GetSoftbusSession()->GetPeerDeviceId(sessionId, peerUdid);
350 if (ret != DM_OK) {
351 LOGE("DmAuthManager::GetPeerUdidHash failed.");
352 peerUdidHash = "";
353 return;
354 }
355 char udidHashTmp[DM_MAX_DEVICE_ID_LEN] = {0};
356 if (Crypto::GetUdidHash(peerUdid, reinterpret_cast<uint8_t *>(udidHashTmp)) != DM_OK) {
357 LOGE("get udidhash by udid: %{public}s failed.", GetAnonyString(peerUdid).c_str());
358 peerUdidHash = "";
359 return;
360 }
361 peerUdidHash = std::string(udidHashTmp);
362 }
363
DeleteOffLineTimer(int32_t sessionId)364 void DmAuthManager::DeleteOffLineTimer(int32_t sessionId)
365 {
366 GetPeerUdidHash(sessionId, remoteUdidHash_);
367 if (remoteUdidHash_.empty()) {
368 LOGE("DeleteOffLineTimer remoteUdidHash is empty.");
369 return;
370 }
371 if (softbusConnector_ != nullptr) {
372 softbusConnector_->DeleteOffLineTimer(remoteUdidHash_);
373 }
374 }
375
OnSessionOpened(int32_t sessionId,int32_t sessionSide,int32_t result)376 void DmAuthManager::OnSessionOpened(int32_t sessionId, int32_t sessionSide, int32_t result)
377 {
378 LOGI("DmAuthManager::OnSessionOpened, sessionId = %{public}d and sessionSide = %{public}d result = %{public}d",
379 sessionId, sessionSide, result);
380 DeleteOffLineTimer(sessionId);
381 if (sessionSide == AUTH_SESSION_SIDE_SERVER) {
382 if (authResponseState_ == nullptr && authRequestState_ == nullptr) {
383 authMessageProcessor_ = std::make_shared<AuthMessageProcessor>(shared_from_this());
384 authResponseState_ = std::make_shared<AuthResponseInitState>();
385 authResponseState_->SetAuthManager(shared_from_this());
386 authResponseState_->Enter();
387 authResponseContext_ = std::make_shared<DmAuthResponseContext>();
388 if (timer_ == nullptr) {
389 timer_ = std::make_shared<DmTimer>();
390 }
391 timer_->StartTimer(std::string(AUTHENTICATE_TIMEOUT_TASK),
392 GetTaskTimeout(AUTHENTICATE_TIMEOUT_TASK, AUTHENTICATE_TIMEOUT), [this] (std::string name) {
393 DmAuthManager::HandleAuthenticateTimeout(name);
394 });
395 timer_->StartTimer(std::string(WAIT_NEGOTIATE_TIMEOUT_TASK),
396 GetTaskTimeout(WAIT_NEGOTIATE_TIMEOUT_TASK, WAIT_NEGOTIATE_TIMEOUT), [this] (std::string name) {
397 DmAuthManager::HandleAuthenticateTimeout(name);
398 });
399 } else {
400 std::shared_ptr<AuthMessageProcessor> authMessageProcessor =
401 std::make_shared<AuthMessageProcessor>(shared_from_this());
402 std::shared_ptr<DmAuthResponseContext> authResponseContext = std::make_shared<DmAuthResponseContext>();
403 authResponseContext->reply = ERR_DM_AUTH_BUSINESS_BUSY;
404 authMessageProcessor->SetResponseContext(authResponseContext);
405 std::string message = authMessageProcessor->CreateSimpleMessage(MSG_TYPE_REQ_AUTH_TERMINATE);
406 softbusConnector_->GetSoftbusSession()->SendData(sessionId, message);
407 }
408 } else {
409 if (authResponseState_ == nullptr && authRequestState_ != nullptr &&
410 authRequestState_->GetStateType() == AuthState::AUTH_REQUEST_INIT) {
411 authRequestContext_->sessionId = sessionId;
412 authMessageProcessor_->SetRequestContext(authRequestContext_);
413 authRequestState_->SetAuthContext(authRequestContext_);
414 authRequestState_->TransitionTo(std::make_shared<AuthRequestNegotiateState>());
415 struct RadarInfo info = { .funcName = "OnSessionOpened" };
416 info.channelId = sessionId;
417 if (!DmRadarHelper::GetInstance().ReportAuthSendRequest(info)) {
418 LOGE("ReportAuthSendRequest failed");
419 }
420 } else {
421 softbusConnector_->GetSoftbusSession()->CloseAuthSession(sessionId);
422 LOGE("DmAuthManager::OnSessionOpened but request state is wrong");
423 }
424 }
425 }
426
OnSessionClosed(const int32_t sessionId)427 void DmAuthManager::OnSessionClosed(const int32_t sessionId)
428 {
429 LOGI("DmAuthManager::OnSessionClosed sessionId = %{public}d", sessionId);
430 }
431
ProcessSourceMsg()432 void DmAuthManager::ProcessSourceMsg()
433 {
434 authRequestContext_ = authMessageProcessor_->GetRequestContext();
435 authRequestState_->SetAuthContext(authRequestContext_);
436 LOGI("OnDataReceived for source device, authResponseContext msgType = %{public}d, authRequestState stateType ="
437 "%{public}d", authResponseContext_->msgType, authRequestState_->GetStateType());
438
439 switch (authResponseContext_->msgType) {
440 case MSG_TYPE_RESP_AUTH:
441 case MSG_TYPE_RESP_AUTH_EXT:
442 if (authRequestState_->GetStateType() == AuthState::AUTH_REQUEST_NEGOTIATE_DONE) {
443 authRequestState_->TransitionTo(std::make_shared<AuthRequestReplyState>());
444 }
445 break;
446 case MSG_TYPE_RESP_NEGOTIATE:
447 if (authRequestState_->GetStateType() == AuthState::AUTH_REQUEST_NEGOTIATE) {
448 authRequestState_->TransitionTo(std::make_shared<AuthRequestNegotiateDoneState>());
449 }
450 break;
451 case MSG_TYPE_REQ_AUTH_TERMINATE:
452 if (authRequestState_->GetStateType() != AuthState::AUTH_REQUEST_FINISH) {
453 isFinishOfLocal_ = false;
454 authResponseContext_->state = authRequestState_->GetStateType();
455 authRequestState_->TransitionTo(std::make_shared<AuthRequestFinishState>());
456 }
457 break;
458 case MSG_TYPE_RESP_PUBLICKEY:
459 if (authRequestState_->GetStateType() == AuthState::AUTH_REQUEST_CREDENTIAL) {
460 authRequestState_->TransitionTo(std::make_shared<AuthRequestCredentialDone>());
461 }
462 break;
463 case MSG_TYPE_REQ_SYNC_DELETE_DONE:
464 if (authRequestState_->GetStateType() == AuthState::AUTH_REQUEST_SYNCDELETE) {
465 if (timer_ != nullptr) {
466 timer_->DeleteTimer(std::string(SYNC_DELETE_TIMEOUT_TASK));
467 }
468 isFinishOfLocal_ = false;
469 authRequestState_->TransitionTo(std::make_shared<AuthRequestSyncDeleteAclNone>());
470 }
471 break;
472 default:
473 break;
474 }
475 }
476
ProcessSinkMsg()477 void DmAuthManager::ProcessSinkMsg()
478 {
479 authResponseState_->SetAuthContext(authResponseContext_);
480 LOGI("OnDataReceived for sink device, authResponseContext msgType = %{public}d, authResponseState stateType ="
481 "%{public}d", authResponseContext_->msgType, authResponseState_->GetStateType());
482
483 switch (authResponseContext_->msgType) {
484 case MSG_TYPE_NEGOTIATE:
485 if (authResponseState_->GetStateType() == AuthState::AUTH_RESPONSE_INIT) {
486 if (timer_ != nullptr) {
487 timer_->DeleteTimer(std::string(WAIT_NEGOTIATE_TIMEOUT_TASK));
488 }
489 authResponseState_->TransitionTo(std::make_shared<AuthResponseNegotiateState>());
490 }
491 break;
492 case MSG_TYPE_REQ_AUTH:
493 if (authResponseState_->GetStateType() == AuthState::AUTH_RESPONSE_NEGOTIATE) {
494 if (timer_ != nullptr) {
495 timer_->DeleteTimer(std::string(WAIT_REQUEST_TIMEOUT_TASK));
496 }
497 authResponseState_->TransitionTo(std::make_shared<AuthResponseConfirmState>());
498 }
499 break;
500 case MSG_TYPE_REQ_AUTH_TERMINATE:
501 if (authResponseState_->GetStateType() != AuthState::AUTH_RESPONSE_FINISH) {
502 isFinishOfLocal_ = false;
503 authResponseState_->TransitionTo(std::make_shared<AuthResponseFinishState>());
504 }
505 break;
506 case MSG_TYPE_REQ_PUBLICKEY:
507 if (authResponseState_->GetStateType() == AuthState::AUTH_RESPONSE_SHOW) {
508 authResponseState_->TransitionTo(std::make_shared<AuthResponseCredential>());
509 }
510 break;
511 case MSG_TYPE_REQ_SYNC_DELETE:
512 if (authResponseState_->GetStateType() == AuthState::AUTH_RESPONSE_INIT) {
513 authResponseState_->TransitionTo(std::make_shared<AuthResponseSyncDeleteAcl>());
514 }
515 break;
516 case MSG_TYPE_REQ_SYNC_DELETE_DONE:
517 if (authResponseState_->GetStateType() == AuthState::AUTH_REQUEST_SYNCDELETE) {
518 if (timer_ != nullptr) {
519 timer_->DeleteTimer(std::string(SYNC_DELETE_TIMEOUT_TASK));
520 }
521 isFinishOfLocal_ = false;
522 authResponseState_->TransitionTo(std::make_shared<AuthResponseSyncDeleteAclNone>());
523 }
524 break;
525 default:
526 break;
527 }
528 }
529
OnDataReceived(const int32_t sessionId,const std::string message)530 void DmAuthManager::OnDataReceived(const int32_t sessionId, const std::string message)
531 {
532 if (authResponseContext_ == nullptr || authMessageProcessor_ == nullptr) {
533 LOGE("OnDataReceived failed, authResponseContext or authMessageProcessor_ is nullptr.");
534 return;
535 }
536
537 authResponseContext_->sessionId = sessionId;
538 authMessageProcessor_->SetResponseContext(authResponseContext_);
539 int32_t ret = authMessageProcessor_->ParseMessage(message);
540 if (ret != DM_OK) {
541 LOGE("OnDataReceived failed, parse input message error.");
542 return;
543 }
544
545 if ((authRequestState_ != nullptr) && (authResponseState_ == nullptr)) {
546 // source device auth process
547 ProcessSourceMsg();
548 } else if ((authResponseState_ != nullptr) && (authRequestState_ == nullptr)) {
549 // sink device auth process
550 ProcessSinkMsg();
551 } else {
552 LOGE("DmAuthManager::OnDataReceived failed, authRequestState_ or authResponseState_ is invalid.");
553 }
554 }
555
OnGroupCreated(int64_t requestId,const std::string & groupId)556 void DmAuthManager::OnGroupCreated(int64_t requestId, const std::string &groupId)
557 {
558 if (authResponseContext_ == nullptr) {
559 LOGE("failed to OnGroupCreated because authResponseContext_ is nullptr");
560 return;
561 }
562 if (authResponseState_ == nullptr) {
563 LOGE("DmAuthManager::AuthenticateDevice end");
564 return;
565 }
566 LOGI("DmAuthManager::OnGroupCreated start group id %{public}s", GetAnonyString(groupId).c_str());
567 if (groupId == "{}") {
568 authResponseContext_->reply = ERR_DM_CREATE_GROUP_FAILED;
569 authMessageProcessor_->SetResponseContext(authResponseContext_);
570 std::string message = authMessageProcessor_->CreateSimpleMessage(MSG_TYPE_RESP_AUTH);
571 softbusConnector_->GetSoftbusSession()->SendData(authResponseContext_->sessionId, message);
572 return;
573 }
574
575 int32_t pinCode = -1;
576 if (authResponseContext_->isShowDialog) {
577 pinCode = GeneratePincode();
578 } else {
579 GetAuthCode(authResponseContext_->hostPkgName, pinCode);
580 }
581 nlohmann::json jsonObj;
582 jsonObj[PIN_TOKEN] = authResponseContext_->token;
583 jsonObj[QR_CODE_KEY] = GenerateGroupName();
584 jsonObj[NFC_CODE_KEY] = GenerateGroupName();
585 authResponseContext_->authToken = jsonObj.dump();
586 LOGI("DmAuthManager::OnGroupCreated start group id %{public}s", GetAnonyString(groupId).c_str());
587 authResponseContext_->groupId = groupId;
588 authResponseContext_->code = pinCode;
589 authMessageProcessor_->SetResponseContext(authResponseContext_);
590 std::string message = authMessageProcessor_->CreateSimpleMessage(MSG_TYPE_RESP_AUTH);
591 softbusConnector_->GetSoftbusSession()->SendData(authResponseContext_->sessionId, message);
592 authResponseContext_->isFinish = true;
593 authResponseState_->TransitionTo(std::make_shared<AuthResponseShowState>());
594 }
595
OnMemberJoin(int64_t requestId,int32_t status)596 void DmAuthManager::OnMemberJoin(int64_t requestId, int32_t status)
597 {
598 isAddingMember_ = false;
599 if (authResponseContext_ == nullptr || authUiStateMgr_ == nullptr) {
600 LOGE("failed to OnMemberJoin because authResponseContext_ or authUiStateMgr is nullptr");
601 return;
602 }
603 LOGI("DmAuthManager OnMemberJoin start authTimes %{public}d", authTimes_);
604 if ((authRequestState_ != nullptr) && (authResponseState_ == nullptr)) {
605 authTimes_++;
606 timer_->DeleteTimer(std::string(ADD_TIMEOUT_TASK));
607 if (authResponseContext_->authType == AUTH_TYPE_IMPORT_AUTH_CODE) {
608 HandleMemberJoinImportAuthCode(requestId, status);
609 return;
610 }
611 CHECK_NULL_VOID(timer_);
612 if (status != DM_OK || authResponseContext_->requestId != requestId) {
613 if (authRequestState_ != nullptr && authTimes_ >= MAX_AUTH_TIMES) {
614 authResponseContext_->state = AuthState::AUTH_REQUEST_JOIN;
615 authRequestContext_->reason = ERR_DM_BIND_PIN_CODE_ERROR;
616 authRequestState_->TransitionTo(std::make_shared<AuthRequestFinishState>());
617 } else {
618 timer_->StartTimer(std::string(INPUT_TIMEOUT_TASK),
619 GetTaskTimeout(INPUT_TIMEOUT_TASK, INPUT_TIMEOUT), [this] (std::string name) {
620 DmAuthManager::HandleAuthenticateTimeout(name);
621 });
622 authUiStateMgr_->UpdateUiState(DmUiStateMsg::MSG_PIN_CODE_ERROR);
623 }
624 } else {
625 authRequestState_->TransitionTo(std::make_shared<AuthRequestNetworkState>());
626 timer_->DeleteTimer(std::string(SESSION_HEARTBEAT_TIMEOUT_TASK));
627 }
628 } else if ((authResponseState_ != nullptr) && (authRequestState_ == nullptr)) {
629 if (status == DM_OK && authResponseContext_->requestId == requestId &&
630 authResponseState_->GetStateType() == AuthState::AUTH_RESPONSE_SHOW) {
631 authUiStateMgr_->UpdateUiState(DmUiStateMsg::MSG_CANCEL_PIN_CODE_SHOW);
632 } else {
633 if (++authTimes_ >= MAX_AUTH_TIMES) {
634 authResponseContext_->isFinish = false;
635 }
636 }
637 } else {
638 LOGE("DmAuthManager::OnMemberJoin failed, authRequestState_ or authResponseState_ is invalid.");
639 }
640 }
641
HandleMemberJoinImportAuthCode(const int64_t requestId,const int32_t status)642 void DmAuthManager::HandleMemberJoinImportAuthCode(const int64_t requestId, const int32_t status)
643 {
644 if (status != DM_OK || authResponseContext_->requestId != requestId) {
645 authResponseContext_->state = AuthState::AUTH_REQUEST_JOIN;
646 authRequestContext_->reason = ERR_DM_AUTH_CODE_INCORRECT;
647 authRequestState_->TransitionTo(std::make_shared<AuthRequestFinishState>());
648 } else {
649 authRequestState_->TransitionTo(std::make_shared<AuthRequestNetworkState>());
650 }
651 }
652
HandleAuthenticateTimeout(std::string name)653 void DmAuthManager::HandleAuthenticateTimeout(std::string name)
654 {
655 LOGI("DmAuthManager::HandleAuthenticateTimeout start timer name %{public}s", name.c_str());
656 if (authRequestState_ != nullptr && authRequestState_->GetStateType() != AuthState::AUTH_REQUEST_FINISH) {
657 if (authResponseContext_ == nullptr) {
658 authResponseContext_ = std::make_shared<DmAuthResponseContext>();
659 }
660 authResponseContext_->state = authRequestState_->GetStateType();
661 authRequestContext_->reason = ERR_DM_TIME_OUT;
662 authRequestState_->TransitionTo(std::make_shared<AuthRequestFinishState>());
663 }
664
665 if (authResponseState_ != nullptr && authResponseState_->GetStateType() != AuthState::AUTH_RESPONSE_FINISH) {
666 authResponseContext_->state = authResponseState_->GetStateType();
667 authResponseContext_->reply = ERR_DM_TIME_OUT;
668 authResponseState_->TransitionTo(std::make_shared<AuthResponseFinishState>());
669 }
670 LOGI("DmAuthManager::HandleAuthenticateTimeout start complete");
671 }
672
EstablishAuthChannel(const std::string & deviceId)673 int32_t DmAuthManager::EstablishAuthChannel(const std::string &deviceId)
674 {
675 int32_t sessionId = softbusConnector_->GetSoftbusSession()->OpenAuthSession(deviceId);
676 struct RadarInfo info = {
677 .funcName = "EstablishAuthChannel",
678 .stageRes = (sessionId > 0) ?
679 static_cast<int32_t>(StageRes::STAGE_IDLE) : static_cast<int32_t>(StageRes::STAGE_FAIL),
680 .bizState = (sessionId > 0) ?
681 static_cast<int32_t>(BizState::BIZ_STATE_START) : static_cast<int32_t>(BizState::BIZ_STATE_END),
682 .localSessName = DM_SESSION_NAME,
683 .peerSessName = DM_SESSION_NAME,
684 .isTrust = static_cast<int32_t>(TrustStatus::NOT_TRUST),
685 .commServ = static_cast<int32_t>(CommServ::USE_SOFTBUS),
686 .peerUdid = peerTargetId_.deviceId,
687 .channelId = sessionId,
688 .errCode = sessionId,
689 };
690 if (!DmRadarHelper::GetInstance().ReportAuthOpenSession(info)) {
691 LOGE("ReportAuthOpenSession failed");
692 }
693 if (sessionId < 0) {
694 LOGE("OpenAuthSession failed, stop the authentication");
695 if (authResponseContext_ == nullptr) {
696 authResponseContext_ = std::make_shared<DmAuthResponseContext>();
697 }
698 authResponseContext_->state = AuthState::AUTH_REQUEST_NEGOTIATE;
699 authRequestContext_->reason = sessionId;
700 if (authRequestState_ != nullptr) {
701 authRequestState_->TransitionTo(std::make_shared<AuthRequestFinishState>());
702 }
703 }
704 return DM_OK;
705 }
706
StartNegotiate(const int32_t & sessionId)707 void DmAuthManager::StartNegotiate(const int32_t &sessionId)
708 {
709 if (authResponseContext_ == nullptr) {
710 LOGE("DmAuthManager::StartNegotiate error, authResponseContext_ is nullptr");
711 return;
712 }
713 LOGI("DmAuthManager::StartNegotiate sessionId %{public}d.", sessionId);
714 authResponseContext_->localDeviceId = authRequestContext_->localDeviceId;
715 authResponseContext_->reply = ERR_DM_AUTH_REJECT;
716 authResponseContext_->authType = authRequestContext_->authType;
717 authResponseContext_->deviceId = authRequestContext_->deviceId;
718 authResponseContext_->accountGroupIdHash = GetAccountGroupIdHash();
719 authResponseContext_->hostPkgName = authRequestContext_->hostPkgName;
720 authResponseContext_->hostPkgLabel = authRequestContext_->hostPkgLabel;
721 authResponseContext_->tokenId = authRequestContext_->tokenId;
722 authResponseContext_->bindLevel = authRequestContext_->bindLevel;
723 authResponseContext_->bindType = authRequestContext_->bindType;
724 authResponseContext_->isOnline = authRequestContext_->isOnline;
725 authResponseContext_->authed = authRequestContext_->authed;
726 authResponseContext_->dmVersion = "";
727 authResponseContext_->localAccountId = authRequestContext_->localAccountId;
728 authResponseContext_->localUserId = authRequestContext_->localUserId;
729 authResponseContext_->isIdenticalAccount = false;
730 authResponseContext_->edition = DM_VERSION_5_0_2;
731 authMessageProcessor_->SetResponseContext(authResponseContext_);
732 std::string message = authMessageProcessor_->CreateSimpleMessage(MSG_TYPE_NEGOTIATE);
733 softbusConnector_->GetSoftbusSession()->SendData(sessionId, message);
734 if (timer_ != nullptr) {
735 timer_->StartTimer(std::string(NEGOTIATE_TIMEOUT_TASK),
736 GetTaskTimeout(NEGOTIATE_TIMEOUT_TASK, NEGOTIATE_TIMEOUT), [this] (std::string name) {
737 DmAuthManager::HandleAuthenticateTimeout(name);
738 });
739 }
740 }
741
AbilityNegotiate()742 void DmAuthManager::AbilityNegotiate()
743 {
744 char localDeviceId[DEVICE_UUID_LENGTH] = {0};
745 GetDevUdid(localDeviceId, DEVICE_UUID_LENGTH);
746 bool ret = hiChainConnector_->IsDevicesInP2PGroup(authResponseContext_->localDeviceId, localDeviceId);
747 if (ret) {
748 LOGE("DmAuthManager::EstablishAuthChannel device is in group");
749 if (!DeviceProfileConnector::GetInstance().CheckSinkDevIdInAclForDevBind(authResponseContext_->hostPkgName,
750 authResponseContext_->localDeviceId)) {
751 CompatiblePutAcl();
752 }
753 authResponseContext_->reply = ERR_DM_AUTH_PEER_REJECT;
754 if (authResponseContext_->authType == AUTH_TYPE_IMPORT_AUTH_CODE && !importAuthCode_.empty()) {
755 authResponseContext_->importAuthCode = Crypto::Sha256(importAuthCode_);
756 }
757 } else {
758 authResponseContext_->reply = ERR_DM_AUTH_REJECT;
759 }
760 authResponseContext_->localDeviceId = localDeviceId;
761
762 if (!IsAuthTypeSupported(authResponseContext_->authType)) {
763 LOGE("DmAuthManager::AuthenticateDevice authType %{public}d not support.", authResponseContext_->authType);
764 authResponseContext_->reply = ERR_DM_UNSUPPORTED_AUTH_TYPE;
765 } else {
766 authPtr_ = authenticationMap_[authResponseContext_->authType];
767 }
768
769 if (IsAuthCodeReady(authResponseContext_->hostPkgName)) {
770 authResponseContext_->isAuthCodeReady = true;
771 } else {
772 authResponseContext_->isAuthCodeReady = false;
773 }
774 }
775
RespNegotiate(const int32_t & sessionId)776 void DmAuthManager::RespNegotiate(const int32_t &sessionId)
777 {
778 if (authResponseContext_ == nullptr || authRequestState_ != nullptr) {
779 LOGE("failed to RespNegotiate because authResponseContext_ is nullptr");
780 return;
781 }
782 LOGI("DmAuthManager::RespNegotiate sessionid %{public}d", sessionId);
783 remoteDeviceId_ = authResponseContext_->localDeviceId;
784 authResponseContext_->networkId = softbusConnector_->GetLocalDeviceNetworkId();
785 authResponseContext_->targetDeviceName = softbusConnector_->GetLocalDeviceName();
786 remoteVersion_ = ConvertSrcVersion(authResponseContext_->dmVersion, authResponseContext_->edition);
787 NegotiateRespMsg(remoteVersion_);
788 if (CompareVersion(remoteVersion_, std::string(DM_VERSION_4_1_5_1)) &&
789 (static_cast<uint32_t>(authResponseContext_->bindLevel) >= DEVICE &&
790 static_cast<uint32_t>(authResponseContext_->bindLevel) <= APP)) {
791 ProcRespNegotiateExt(sessionId);
792 timer_->StartTimer(std::string(WAIT_REQUEST_TIMEOUT_TASK),
793 GetTaskTimeout(WAIT_REQUEST_TIMEOUT_TASK, WAIT_REQUEST_TIMEOUT), [this] (std::string name) {
794 DmAuthManager::HandleAuthenticateTimeout(name);
795 });
796 } else if (!CompareVersion(remoteVersion_, std::string(DM_VERSION_4_1_5_1)) ||
797 authResponseContext_->bindLevel == INVALIED_TYPE) {
798 ProcRespNegotiate(sessionId);
799 timer_->StartTimer(std::string(WAIT_REQUEST_TIMEOUT_TASK),
800 GetTaskTimeout(WAIT_REQUEST_TIMEOUT_TASK, WAIT_REQUEST_TIMEOUT), [this] (std::string name) {
801 DmAuthManager::HandleAuthenticateTimeout(name);
802 });
803 } else {
804 ProcIncompatible(sessionId);
805 }
806 }
807
NegotiateRespMsg(const std::string & version)808 void DmAuthManager::NegotiateRespMsg(const std::string &version)
809 {
810 if (version == DM_VERSION_5_0_1) {
811 authResponseContext_->dmVersion = DM_VERSION_5_0_1;
812 } else if (version < DM_VERSION_5_0_1) {
813 authResponseContext_->dmVersion = "";
814 authResponseContext_->bindLevel = INVALIED_TYPE;
815 } else if (version > DM_VERSION_5_0_1) {
816 authResponseContext_->dmVersion = dmVersion_;
817 }
818 }
819
SendAuthRequest(const int32_t & sessionId)820 void DmAuthManager::SendAuthRequest(const int32_t &sessionId)
821 {
822 LOGI("DmAuthManager::SendAuthRequest sessionId %{public}d.", sessionId);
823 if (authResponseContext_ == nullptr) {
824 LOGE("failed to SendAuthRequest because authResponseContext_ is nullptr");
825 return;
826 }
827 if (authResponseContext_->reply == ERR_DM_VERSION_INCOMPATIBLE) {
828 LOGE("The peer device version is not supported");
829 authRequestContext_->reason = authResponseContext_->reply;
830 authRequestState_->TransitionTo(std::make_shared<AuthRequestFinishState>());
831 return;
832 }
833 remoteDeviceId_ = authResponseContext_->localDeviceId;
834 remoteVersion_ = ConvertSinkVersion(authResponseContext_->dmVersion);
835 if (timer_ != nullptr) {
836 timer_->DeleteTimer(std::string(NEGOTIATE_TIMEOUT_TASK));
837 }
838 if (authResponseContext_->cryptoSupport) {
839 isCryptoSupport_ = true;
840 }
841 LOGI("SendAuthRequest dmversion %{public}s, level %{public}d",
842 authResponseContext_->dmVersion.c_str(), authResponseContext_->bindLevel);
843 if (CompareVersion(remoteVersion_, std::string(DM_VERSION_4_1_5_1)) &&
844 (static_cast<uint32_t>(authResponseContext_->bindLevel) >= DEVICE &&
845 static_cast<uint32_t>(authResponseContext_->bindLevel) <= APP)) {
846 ProcessAuthRequestExt(sessionId);
847 } else if (!CompareVersion(remoteVersion_, std::string(DM_VERSION_4_1_5_1)) ||
848 authResponseContext_->bindLevel == INVALIED_TYPE) {
849 ProcessAuthRequest(sessionId);
850 } else {
851 LOGE("Invalied bind mode.");
852 }
853 }
854
ProcessAuthRequest(const int32_t & sessionId)855 void DmAuthManager::ProcessAuthRequest(const int32_t &sessionId)
856 {
857 LOGI("ProcessAuthRequest start.");
858 if (authResponseContext_->authType == AUTH_TYPE_IMPORT_AUTH_CODE &&
859 !authResponseContext_->importAuthCode.empty() && !importAuthCode_.empty()) {
860 if (authResponseContext_->importAuthCode != Crypto::Sha256(importAuthCode_)) {
861 SetReasonAndFinish(ERR_DM_AUTH_CODE_INCORRECT, AuthState::AUTH_REQUEST_FINISH);
862 return;
863 }
864 }
865
866 if (authResponseContext_->isOnline && softbusConnector_->CheckIsOnline(remoteDeviceId_)) {
867 authResponseContext_->isOnline = true;
868 } else {
869 authResponseContext_->isOnline = false;
870 }
871 if (CheckTrustState() != DM_OK) {
872 LOGI("CheckTrustState end.");
873 return;
874 }
875
876 std::vector<std::string> messageList = authMessageProcessor_->CreateAuthRequestMessage();
877 for (auto msg : messageList) {
878 softbusConnector_->GetSoftbusSession()->SendData(sessionId, msg);
879 }
880
881 listener_->OnAuthResult(authResponseContext_->hostPkgName, peerTargetId_.deviceId,
882 authRequestContext_->token, STATUS_DM_SHOW_AUTHORIZE_UI, DM_OK);
883 listener_->OnBindResult(authResponseContext_->hostPkgName, peerTargetId_, DM_OK, STATUS_DM_SHOW_AUTHORIZE_UI, "");
884 if (timer_ != nullptr) {
885 timer_->StartTimer(std::string(CONFIRM_TIMEOUT_TASK),
886 GetTaskTimeout(CONFIRM_TIMEOUT_TASK, CONFIRM_TIMEOUT), [this] (std::string name) {
887 DmAuthManager::HandleAuthenticateTimeout(name);
888 });
889 }
890 }
891
GetAuthRequestContext()892 void DmAuthManager::GetAuthRequestContext()
893 {
894 char deviceIdHash[DM_MAX_DEVICE_ID_LEN] = {0};
895 Crypto::GetUdidHash(authResponseContext_->localDeviceId, reinterpret_cast<uint8_t *>(deviceIdHash));
896 authRequestContext_->deviceId = static_cast<std::string>(deviceIdHash);
897 authResponseContext_->deviceId = authResponseContext_->localDeviceId;
898 authResponseContext_->localDeviceId = authRequestContext_->localDeviceId;
899 authRequestContext_->remoteAccountId = authResponseContext_->localAccountId;
900 authResponseContext_->remoteAccountId = authRequestContext_->remoteAccountId;
901 authResponseContext_->localAccountId = authRequestContext_->localAccountId;
902 authRequestContext_->remoteUserId = authResponseContext_->localUserId;
903 if (authResponseContext_->isOnline && softbusConnector_->CheckIsOnline(remoteDeviceId_)) {
904 authResponseContext_->isOnline = true;
905 } else {
906 authResponseContext_->isOnline = false;
907 }
908 bool haveCredential = hiChainAuthConnector_->QueryCredential(remoteDeviceId_, authRequestContext_->localUserId);
909 if (authResponseContext_->haveCredential && haveCredential) {
910 authResponseContext_->haveCredential = true;
911 } else {
912 authResponseContext_->haveCredential = false;
913 }
914 }
915
ProcessAuthRequestExt(const int32_t & sessionId)916 void DmAuthManager::ProcessAuthRequestExt(const int32_t &sessionId)
917 {
918 LOGI("ProcessAuthRequestExt start.");
919 if (authResponseContext_->authType == AUTH_TYPE_IMPORT_AUTH_CODE &&
920 !authResponseContext_->importAuthCode.empty() && !importAuthCode_.empty()) {
921 if (authResponseContext_->importAuthCode != Crypto::Sha256(importAuthCode_)) {
922 SetReasonAndFinish(ERR_DM_AUTH_CODE_INCORRECT, AuthState::AUTH_REQUEST_FINISH);
923 return;
924 }
925 }
926
927 GetAuthRequestContext();
928 std::vector<int32_t> bindType =
929 DeviceProfileConnector::GetInstance().SyncAclByBindType(authResponseContext_->hostPkgName,
930 authResponseContext_->bindType, authResponseContext_->localDeviceId, authResponseContext_->deviceId);
931 authResponseContext_->authed = !bindType.empty();
932 if (authResponseContext_->isOnline && authResponseContext_->authed &&
933 authResponseContext_->authType == AUTH_TYPE_IMPORT_AUTH_CODE &&
934 (authResponseContext_->importAuthCode.empty() || importAuthCode_.empty())) {
935 SetReasonAndFinish(ERR_DM_AUTH_CODE_INCORRECT, AuthState::AUTH_REQUEST_FINISH);
936 return;
937 }
938 authResponseContext_->bindType = bindType;
939 if (IsAuthFinish()) {
940 return;
941 }
942
943 std::vector<std::string> messageList = authMessageProcessor_->CreateAuthRequestMessage();
944 for (auto msg : messageList) {
945 softbusConnector_->GetSoftbusSession()->SendData(sessionId, msg);
946 }
947 listener_->OnAuthResult(authResponseContext_->hostPkgName, peerTargetId_.deviceId,
948 authRequestContext_->token, STATUS_DM_SHOW_AUTHORIZE_UI, DM_OK);
949 listener_->OnBindResult(authResponseContext_->hostPkgName, peerTargetId_, DM_OK, STATUS_DM_SHOW_AUTHORIZE_UI, "");
950 if (timer_ != nullptr) {
951 timer_->StartTimer(std::string(CONFIRM_TIMEOUT_TASK),
952 GetTaskTimeout(CONFIRM_TIMEOUT_TASK, CONFIRM_TIMEOUT), [this] (std::string name) {
953 DmAuthManager::HandleAuthenticateTimeout(name);
954 });
955 }
956 }
957
IsAuthFinish()958 bool DmAuthManager::IsAuthFinish()
959 {
960 if (authResponseContext_->reply == ERR_DM_UNSUPPORTED_AUTH_TYPE) {
961 listener_->OnAuthResult(authResponseContext_->hostPkgName, peerTargetId_.deviceId,
962 authRequestContext_->token, AuthState::AUTH_REQUEST_NEGOTIATE_DONE, ERR_DM_UNSUPPORTED_AUTH_TYPE);
963 authRequestState_->TransitionTo(std::make_shared<AuthRequestFinishState>());
964 return true;
965 }
966
967 if (authResponseContext_->isOnline && authResponseContext_->authed) {
968 authRequestContext_->reason = DM_OK;
969 authResponseContext_->reply = DM_OK;
970 authResponseContext_->state = AuthState::AUTH_REQUEST_FINISH;
971 authRequestState_->TransitionTo(std::make_shared<AuthRequestFinishState>());
972 return true;
973 }
974
975 if ((authResponseContext_->isIdenticalAccount && !authResponseContext_->authed) ||
976 (authResponseContext_->authed && !authResponseContext_->isOnline)) {
977 softbusConnector_->JoinLnn(authRequestContext_->deviceId);
978 authRequestContext_->reason = DM_OK;
979 authResponseContext_->state = AuthState::AUTH_REQUEST_FINISH;
980 authResponseContext_->reply = DM_OK;
981 authRequestState_->TransitionTo(std::make_shared<AuthRequestFinishState>());
982 return true;
983 }
984
985 if (authResponseContext_->reply == ERR_DM_UNSUPPORTED_AUTH_TYPE ||
986 (authResponseContext_->authType == AUTH_TYPE_IMPORT_AUTH_CODE &&
987 authResponseContext_->isAuthCodeReady == false)) {
988 authRequestState_->TransitionTo(std::make_shared<AuthRequestFinishState>());
989 return true;
990 }
991 return false;
992 }
993
ConfirmProcess(const int32_t & action)994 int32_t DmAuthManager::ConfirmProcess(const int32_t &action)
995 {
996 LOGI("ConfirmProcess start.");
997 if (action_ == USER_OPERATION_TYPE_ALLOW_AUTH || action_ == USER_OPERATION_TYPE_ALLOW_AUTH_ALWAYS) {
998 authResponseContext_->reply = USER_OPERATION_TYPE_ALLOW_AUTH;
999 } else {
1000 authResponseContext_->reply = action_;
1001 }
1002
1003 if (authResponseContext_->reply == USER_OPERATION_TYPE_ALLOW_AUTH &&
1004 authResponseState_->GetStateType() == AuthState::AUTH_RESPONSE_CONFIRM) {
1005 authResponseState_->TransitionTo(std::make_shared<AuthResponseGroupState>());
1006 } else {
1007 authMessageProcessor_->SetResponseContext(authResponseContext_);
1008 std::string message = authMessageProcessor_->CreateSimpleMessage(MSG_TYPE_RESP_AUTH);
1009 softbusConnector_->GetSoftbusSession()->SendData(authResponseContext_->sessionId, message);
1010 }
1011 return DM_OK;
1012 }
1013
ConfirmProcessExt(const int32_t & action)1014 int32_t DmAuthManager::ConfirmProcessExt(const int32_t &action)
1015 {
1016 LOGI("ConfirmProcessExt start.");
1017 authResponseContext_->confirmOperation = action;
1018 if (action_ == USER_OPERATION_TYPE_ALLOW_AUTH || action_ == USER_OPERATION_TYPE_ALLOW_AUTH_ALWAYS) {
1019 authResponseContext_->reply = USER_OPERATION_TYPE_ALLOW_AUTH;
1020 } else {
1021 authResponseContext_->reply = USER_OPERATION_TYPE_CANCEL_AUTH;
1022 }
1023 authMessageProcessor_->SetResponseContext(authResponseContext_);
1024 if (authResponseContext_->reply == USER_OPERATION_TYPE_ALLOW_AUTH &&
1025 authResponseState_->GetStateType() == AuthState::AUTH_RESPONSE_CONFIRM) {
1026 if (!authResponseContext_->isShowDialog) {
1027 GetAuthCode(authResponseContext_->hostPkgName, authResponseContext_->code);
1028 } else {
1029 authResponseContext_->code = GeneratePincode();
1030 }
1031 authResponseContext_->requestId = GenRandInt(MIN_PIN_CODE, MAX_PIN_CODE);
1032 authResponseState_->TransitionTo(std::make_shared<AuthResponseShowState>());
1033 }
1034 authMessageProcessor_->SetResponseContext(authResponseContext_);
1035 std::string message = authMessageProcessor_->CreateSimpleMessage(MSG_TYPE_RESP_AUTH_EXT);
1036 softbusConnector_->GetSoftbusSession()->SendData(authResponseContext_->sessionId, message);
1037 return DM_OK;
1038 }
1039
StartAuthProcess(const int32_t & action)1040 int32_t DmAuthManager::StartAuthProcess(const int32_t &action)
1041 {
1042 if (authResponseContext_ == nullptr) {
1043 LOGE("failed to StartAuthProcess because authResponseContext_ is nullptr");
1044 return ERR_DM_AUTH_NOT_START;
1045 }
1046 LOGI("DmAuthManager::StartAuthProcess");
1047 action_ = action;
1048 struct RadarInfo info = {
1049 .funcName = "StartAuthProcess",
1050 .stageRes = (action_ == USER_OPERATION_TYPE_CANCEL_AUTH) ?
1051 static_cast<int32_t>(StageRes::STAGE_CANCEL) : static_cast<int32_t>(StageRes::STAGE_SUCC),
1052 .bizState = (action_ == USER_OPERATION_TYPE_CANCEL_AUTH) ?
1053 static_cast<int32_t>(BizState::BIZ_STATE_END) : static_cast<int32_t>(BizState::BIZ_STATE_START),
1054 .errCode = DmRadarHelper::GetInstance().GetErrCode(ERR_DM_AUTH_REJECT),
1055 };
1056 if (!DmRadarHelper::GetInstance().ReportAuthConfirmBox(info)) {
1057 LOGE("ReportAuthConfirmBox failed");
1058 }
1059 if (CompareVersion(remoteVersion_, std::string(DM_VERSION_4_1_5_1)) &&
1060 (static_cast<uint32_t>(authResponseContext_->bindLevel) >= DEVICE &&
1061 static_cast<uint32_t>(authResponseContext_->bindLevel) <= APP)) {
1062 return ConfirmProcessExt(action);
1063 } else if (!CompareVersion(remoteVersion_, std::string(DM_VERSION_4_1_5_1)) ||
1064 authResponseContext_->bindLevel == INVALIED_TYPE) {
1065 return ConfirmProcess(action);
1066 } else {
1067 LOGE("Invalied bind mode.");
1068 }
1069 return DM_OK;
1070 }
1071
StartRespAuthProcess()1072 void DmAuthManager::StartRespAuthProcess()
1073 {
1074 if (authResponseContext_ == nullptr) {
1075 LOGE("failed to StartRespAuthProcess because authResponseContext_ is nullptr");
1076 return;
1077 }
1078 LOGI("DmAuthManager::StartRespAuthProcess sessionId = %{public}d", authResponseContext_->sessionId);
1079 if (timer_ != nullptr) {
1080 timer_->DeleteTimer(std::string(CONFIRM_TIMEOUT_TASK));
1081 }
1082 if (authResponseContext_->groupName[CHECK_AUTH_ALWAYS_POS] == AUTH_ALWAYS) {
1083 action_ = USER_OPERATION_TYPE_ALLOW_AUTH_ALWAYS;
1084 } else if (authResponseContext_->groupName[CHECK_AUTH_ALWAYS_POS] == AUTH_ONCE) {
1085 action_ = USER_OPERATION_TYPE_ALLOW_AUTH;
1086 }
1087 if (authResponseContext_->reply == USER_OPERATION_TYPE_ALLOW_AUTH) {
1088 if (timer_ != nullptr) {
1089 timer_->StartTimer(std::string(INPUT_TIMEOUT_TASK),
1090 GetTaskTimeout(INPUT_TIMEOUT_TASK, INPUT_TIMEOUT), [this] (std::string name) {
1091 DmAuthManager::HandleAuthenticateTimeout(name);
1092 });
1093 timer_->StartTimer(std::string(SESSION_HEARTBEAT_TIMEOUT_TASK),
1094 GetTaskTimeout(SESSION_HEARTBEAT_TIMEOUT_TASK, SESSION_HEARTBEAT_TIMEOUT), [this] (std::string name) {
1095 DmAuthManager::HandleSessionHeartbeat(name);
1096 });
1097 }
1098 listener_->OnAuthResult(authRequestContext_->hostPkgName, peerTargetId_.deviceId,
1099 authRequestContext_->token, STATUS_DM_SHOW_PIN_INPUT_UI, DM_OK);
1100 listener_->OnBindResult(authRequestContext_->hostPkgName, peerTargetId_, DM_OK,
1101 STATUS_DM_SHOW_PIN_INPUT_UI, "");
1102 authRequestState_->TransitionTo(std::make_shared<AuthRequestJoinState>());
1103 } else {
1104 LOGE("do not accept");
1105 authResponseContext_->state = AuthState::AUTH_REQUEST_REPLY;
1106 authRequestContext_->reason = ERR_DM_AUTH_PEER_REJECT;
1107 authRequestState_->TransitionTo(std::make_shared<AuthRequestFinishState>());
1108 }
1109 }
1110
CreateGroup()1111 int32_t DmAuthManager::CreateGroup()
1112 {
1113 if (authResponseContext_ == nullptr) {
1114 LOGE("failed to CreateGroup because authResponseContext_ is nullptr");
1115 return ERR_DM_FAILED;
1116 }
1117 LOGI("DmAuthManager::CreateGroup start");
1118 authResponseContext_->groupName = GenerateGroupName();
1119 authResponseContext_->requestId = GenRandLongLong(MIN_REQUEST_ID, MAX_REQUEST_ID);
1120 hiChainConnector_->CreateGroup(authResponseContext_->requestId, authResponseContext_->groupName);
1121 return DM_OK;
1122 }
1123
AddMember(int32_t pinCode)1124 int32_t DmAuthManager::AddMember(int32_t pinCode)
1125 {
1126 if (authResponseContext_ == nullptr) {
1127 LOGE("failed to AddMember because authResponseContext_ is nullptr");
1128 return ERR_DM_FAILED;
1129 }
1130 LOGI("DmAuthManager::AddMember start group id %{public}s", GetAnonyString(authResponseContext_->groupId).c_str());
1131 if (timer_ != nullptr) {
1132 timer_->DeleteTimer(std::string(INPUT_TIMEOUT_TASK));
1133 }
1134 nlohmann::json jsonObject;
1135 jsonObject[TAG_GROUP_ID] = authResponseContext_->groupId;
1136 jsonObject[TAG_GROUP_NAME] = authResponseContext_->groupName;
1137 jsonObject[PIN_CODE_KEY] = pinCode;
1138 jsonObject[TAG_REQUEST_ID] = authResponseContext_->requestId;
1139 jsonObject[TAG_DEVICE_ID] = authResponseContext_->deviceId;
1140 std::string connectInfo = jsonObject.dump();
1141 if (timer_ != nullptr) {
1142 timer_->StartTimer(std::string(ADD_TIMEOUT_TASK),
1143 GetTaskTimeout(ADD_TIMEOUT_TASK, ADD_TIMEOUT), [this] (std::string name) {
1144 DmAuthManager::HandleAuthenticateTimeout(name);
1145 });
1146 }
1147 if (authUiStateMgr_ == nullptr) {
1148 LOGE("DmAuthManager::AddMember authUiStateMgr is null.");
1149 return ERR_DM_FAILED;
1150 }
1151 if (isAddingMember_) {
1152 LOGE("DmAuthManager::AddMember doing add member.");
1153 authUiStateMgr_->UpdateUiState(DmUiStateMsg::MSG_DOING_AUTH);
1154 return ERR_DM_FAILED;
1155 }
1156 isAddingMember_ = true;
1157 int32_t ret = hiChainConnector_->AddMember(authRequestContext_->ip, connectInfo);
1158 struct RadarInfo info = {
1159 .funcName = "AddMember",
1160 .stageRes = (ret == 0) ?
1161 static_cast<int32_t>(StageRes::STAGE_IDLE) : static_cast<int32_t>(StageRes::STAGE_FAIL),
1162 .peerUdid = authResponseContext_ == nullptr ? "" : authResponseContext_->deviceId,
1163 .errCode = DmRadarHelper::GetInstance().GetErrCode(ERR_DM_ADD_GROUP_FAILED),
1164 };
1165 if (!DmRadarHelper::GetInstance().ReportAuthAddGroup(info)) {
1166 LOGE("ReportAuthAddGroup failed");
1167 }
1168 if (ret != 0) {
1169 LOGE("DmAuthManager::AddMember failed, ret: %{public}d", ret);
1170 isAddingMember_ = false;
1171 return ERR_DM_ADD_GROUP_FAILED;
1172 }
1173 return DM_OK;
1174 }
1175
GetConnectAddr(std::string deviceId)1176 std::string DmAuthManager::GetConnectAddr(std::string deviceId)
1177 {
1178 std::string connectAddr;
1179 if (softbusConnector_->GetConnectAddr(deviceId, connectAddr) == nullptr) {
1180 LOGE("DmAuthManager::GetConnectAddr error");
1181 }
1182 return connectAddr;
1183 }
1184
JoinNetwork()1185 int32_t DmAuthManager::JoinNetwork()
1186 {
1187 if (authResponseContext_ == nullptr) {
1188 LOGE("failed to JoinNeWork because authResponseContext_ is nullptr");
1189 return ERR_DM_FAILED;
1190 }
1191 LOGI("DmAuthManager JoinNetwork start");
1192 if (timer_ != nullptr) {
1193 timer_->DeleteTimer(std::string(AUTHENTICATE_TIMEOUT_TASK));
1194 }
1195 authResponseContext_->state = AuthState::AUTH_REQUEST_FINISH;
1196 authResponseContext_->isFinish = true;
1197 authRequestContext_->reason = DM_OK;
1198 authRequestState_->TransitionTo(std::make_shared<AuthRequestFinishState>());
1199 return DM_OK;
1200 }
1201
SinkAuthenticateFinish()1202 void DmAuthManager::SinkAuthenticateFinish()
1203 {
1204 LOGI("DmAuthManager::SinkAuthenticateFinish, isFinishOfLocal: %{public}d", isFinishOfLocal_);
1205 if (authResponseState_->GetStateType() == AuthState::AUTH_RESPONSE_FINISH && authPtr_ != nullptr) {
1206 authUiStateMgr_->UpdateUiState(DmUiStateMsg::MSG_CANCEL_PIN_CODE_SHOW);
1207 authUiStateMgr_->UpdateUiState(DmUiStateMsg::MSG_CANCEL_CONFIRM_SHOW);
1208 }
1209 if (isFinishOfLocal_) {
1210 authMessageProcessor_->SetResponseContext(authResponseContext_);
1211 std::string message = authMessageProcessor_->CreateSimpleMessage(MSG_TYPE_REQ_AUTH_TERMINATE);
1212 softbusConnector_->GetSoftbusSession()->SendData(authResponseContext_->sessionId, message);
1213 }
1214 authResponseState_ = nullptr;
1215 }
1216
SrcAuthenticateFinish()1217 void DmAuthManager::SrcAuthenticateFinish()
1218 {
1219 LOGI("DmAuthManager::SrcAuthenticateFinish, isFinishOfLocal: %{public}d", isFinishOfLocal_);
1220 if (isFinishOfLocal_) {
1221 authMessageProcessor_->SetResponseContext(authResponseContext_);
1222 std::string message = authMessageProcessor_->CreateSimpleMessage(MSG_TYPE_REQ_AUTH_TERMINATE);
1223 softbusConnector_->GetSoftbusSession()->SendData(authResponseContext_->sessionId, message);
1224 } else {
1225 authRequestContext_->reason = authResponseContext_->reply;
1226 }
1227 if ((authResponseContext_->state == AuthState::AUTH_REQUEST_JOIN ||
1228 authResponseContext_->state == AuthState::AUTH_REQUEST_FINISH) && authPtr_ != nullptr) {
1229 authUiStateMgr_->UpdateUiState(DmUiStateMsg::MSG_CANCEL_PIN_CODE_INPUT);
1230 }
1231 usleep(USLEEP_TIME_MS); // 500ms
1232 listener_->OnAuthResult(authRequestContext_->hostPkgName, peerTargetId_.deviceId,
1233 authRequestContext_->token, authResponseContext_->state, authRequestContext_->reason);
1234 listener_->OnBindResult(authRequestContext_->hostPkgName, peerTargetId_, authRequestContext_->reason,
1235 authResponseContext_->state, GenerateBindResultContent());
1236 softbusConnector_->GetSoftbusSession()->CloseAuthSession(authRequestContext_->sessionId);
1237 authRequestContext_ = nullptr;
1238 authRequestState_ = nullptr;
1239 authTimes_ = 0;
1240 }
1241
AuthenticateFinish()1242 void DmAuthManager::AuthenticateFinish()
1243 {
1244 authType_ = AUTH_TYPE_UNKNOW;
1245 std::lock_guard<std::mutex> autoLock(g_authFinishLock);
1246 if (authResponseContext_ == nullptr || authUiStateMgr_ == nullptr) {
1247 LOGE("failed to AuthenticateFinish because authResponseContext_ or authUiStateMgr is nullptr");
1248 return;
1249 }
1250 LOGI("DmAuthManager::AuthenticateFinish start");
1251 isAddingMember_ = false;
1252 isAuthenticateDevice_ = false;
1253 isAuthDevice_ = false;
1254 if (authResponseContext_->isFinish) {
1255 CompatiblePutAcl();
1256 }
1257 if (DeviceProfileConnector::GetInstance().GetTrustNumber(remoteDeviceId_) >= 1 &&
1258 CompareVersion(remoteVersion_, std::string(DM_VERSION_4_1_5_1)) &&
1259 authResponseContext_->bindLevel == INVALIED_TYPE && softbusConnector_->CheckIsOnline(remoteDeviceId_) &&
1260 authResponseContext_->isFinish) {
1261 softbusConnector_->HandleDeviceOnline(remoteDeviceId_, authForm_);
1262 }
1263
1264 DeleteAuthCode();
1265 if (authResponseState_ != nullptr) {
1266 SinkAuthenticateFinish();
1267 } else if (authRequestState_ != nullptr) {
1268 SrcAuthenticateFinish();
1269 }
1270 if (timer_ != nullptr) {
1271 timer_->DeleteAll();
1272 }
1273 isFinishOfLocal_ = true;
1274 authResponseContext_ = nullptr;
1275 authMessageProcessor_ = nullptr;
1276 authPtr_ = nullptr;
1277 LOGI("DmAuthManager::AuthenticateFinish complete");
1278 }
1279
CancelDisplay()1280 void DmAuthManager::CancelDisplay()
1281 {
1282 LOGI("DmAuthManager::CancelDisplay start");
1283 nlohmann::json jsonObj;
1284 jsonObj[CANCEL_DISPLAY_KEY] = CANCEL_PIN_CODE_DISPLAY;
1285 std::string paramJson = jsonObj.dump();
1286 std::string pkgName = "com.ohos.devicemanagerui";
1287 listener_->OnUiCall(pkgName, paramJson);
1288 }
1289
RegisterUiStateCallback(const std::string pkgName)1290 int32_t DmAuthManager::RegisterUiStateCallback(const std::string pkgName)
1291 {
1292 LOGI("DmAuthManager::RegisterUiStateCallback start");
1293 if (authUiStateMgr_ == nullptr) {
1294 LOGE("DmAuthManager::RegisterUiStateCallback authUiStateMgr_ is null.");
1295 return ERR_DM_FAILED;
1296 }
1297 authUiStateMgr_->RegisterUiStateCallback(pkgName);
1298 return DM_OK;
1299 }
1300
UnRegisterUiStateCallback(const std::string pkgName)1301 int32_t DmAuthManager::UnRegisterUiStateCallback(const std::string pkgName)
1302 {
1303 LOGI("DmAuthManager::UnRegisterUiStateCallback start");
1304 if (authUiStateMgr_ == nullptr) {
1305 LOGE("DmAuthManager::UnRegisterUiStateCallback authUiStateMgr_ is null.");
1306 return ERR_DM_FAILED;
1307 }
1308 authUiStateMgr_->UnRegisterUiStateCallback(pkgName);
1309 return DM_OK;
1310 }
1311
GeneratePincode()1312 int32_t DmAuthManager::GeneratePincode()
1313 {
1314 return GenRandInt(MIN_PIN_CODE, MAX_PIN_CODE);
1315 }
1316
GenerateGroupName()1317 std::string DmAuthManager::GenerateGroupName()
1318 {
1319 if (authResponseContext_ == nullptr) {
1320 LOGE("failed to GenerateGroupName because authResponseContext_ is nullptr.");
1321 return "";
1322 }
1323 char localDeviceId[DEVICE_UUID_LENGTH] = {0};
1324 GetDevUdid(localDeviceId, DEVICE_UUID_LENGTH);
1325 std::string sLocalDeviceId = localDeviceId;
1326 uint32_t interceptLength = sLocalDeviceId.size() / DEVICE_ID_HALF;
1327 std::string groupName = "";
1328 if (action_ == USER_OPERATION_TYPE_ALLOW_AUTH_ALWAYS) {
1329 groupName += AUTH_ALWAYS;
1330 } else {
1331 groupName += AUTH_ONCE;
1332 }
1333 groupName += authResponseContext_->targetPkgName + sLocalDeviceId.substr(0, interceptLength)
1334 + authResponseContext_->localDeviceId.substr(0, interceptLength);
1335 return groupName;
1336 }
1337
GetIsCryptoSupport()1338 bool DmAuthManager::GetIsCryptoSupport()
1339 {
1340 if (authResponseState_ == nullptr) {
1341 return false;
1342 }
1343 if (authRequestState_ == nullptr) {
1344 if (authResponseState_->GetStateType() == AuthState::AUTH_REQUEST_NEGOTIATE_DONE) {
1345 return false;
1346 }
1347 } else {
1348 if (authRequestState_->GetStateType() == AuthState::AUTH_REQUEST_NEGOTIATE ||
1349 authRequestState_->GetStateType() == AuthState::AUTH_REQUEST_NEGOTIATE_DONE) {
1350 return false;
1351 }
1352 }
1353
1354 return isCryptoSupport_;
1355 }
1356
SetAuthRequestState(std::shared_ptr<AuthRequestState> authRequestState)1357 int32_t DmAuthManager::SetAuthRequestState(std::shared_ptr<AuthRequestState> authRequestState)
1358 {
1359 if (authRequestState == nullptr) {
1360 LOGE("authRequestState is nullptr.");
1361 return ERR_DM_INPUT_PARA_INVALID;
1362 }
1363 authRequestState_ = authRequestState;
1364 return DM_OK;
1365 }
1366
SetAuthResponseState(std::shared_ptr<AuthResponseState> authResponseState)1367 int32_t DmAuthManager::SetAuthResponseState(std::shared_ptr<AuthResponseState> authResponseState)
1368 {
1369 if (authResponseState == nullptr) {
1370 LOGE("authResponseState is nullptr.");
1371 return ERR_DM_INPUT_PARA_INVALID;
1372 }
1373 authResponseState_ = authResponseState;
1374 return DM_OK;
1375 }
1376
GetPinCode(int32_t & code)1377 int32_t DmAuthManager::GetPinCode(int32_t &code)
1378 {
1379 if (authResponseContext_ == nullptr) {
1380 LOGE("failed to GetPinCode because authResponseContext_ is nullptr");
1381 code = ERR_DM_AUTH_NOT_START;
1382 return ERR_DM_FAILED;
1383 }
1384 LOGI("ShowConfigDialog start add member pin code.");
1385 code = authResponseContext_->code;
1386 return DM_OK;
1387 }
1388
ShowConfigDialog()1389 void DmAuthManager::ShowConfigDialog()
1390 {
1391 if (authResponseContext_ == nullptr) {
1392 LOGE("failed to ShowConfigDialog because authResponseContext_ is nullptr");
1393 return;
1394 }
1395 if (!authResponseContext_->isShowDialog) {
1396 LOGI("start auth process");
1397 StartAuthProcess(USER_OPERATION_TYPE_ALLOW_AUTH);
1398 return;
1399 }
1400 LOGI("ShowConfigDialog start");
1401 nlohmann::json jsonObj;
1402 jsonObj[TAG_AUTH_TYPE] = AUTH_TYPE_PIN;
1403 jsonObj[TAG_TOKEN] = authResponseContext_->token;
1404 jsonObj[TARGET_PKG_NAME_KEY] = authResponseContext_->targetPkgName;
1405 jsonObj[TAG_CUSTOM_DESCRIPTION] = authResponseContext_->customDesc;
1406 jsonObj[TAG_APP_OPERATION] = authResponseContext_->appOperation;
1407 jsonObj[TAG_LOCAL_DEVICE_TYPE] = authResponseContext_->deviceTypeId;
1408 jsonObj[TAG_REQUESTER] = authResponseContext_->deviceName;
1409 jsonObj[TAG_HOST_PKGLABEL] = authResponseContext_->hostPkgLabel;
1410 const std::string params = jsonObj.dump();
1411 char localDeviceId[DEVICE_UUID_LENGTH] = {0};
1412 GetDevUdid(localDeviceId, DEVICE_UUID_LENGTH);
1413 std::string localUdid = static_cast<std::string>(localDeviceId);
1414 DeviceProfileConnector::GetInstance().SyncAclByBindType(authResponseContext_->hostPkgName,
1415 authResponseContext_->bindType, localUdid, remoteDeviceId_);
1416 DmDialogManager::GetInstance().ShowConfirmDialog(params);
1417 struct RadarInfo info = {
1418 .funcName = "ShowConfigDialog",
1419 .stageRes = static_cast<int32_t>(StageRes::STAGE_IDLE),
1420 };
1421 if (!DmRadarHelper::GetInstance().ReportAuthPullAuthBox(info)) {
1422 LOGE("ReportAuthPullAuthBox failed");
1423 }
1424 LOGI("ShowConfigDialog end");
1425 }
1426
ShowAuthInfoDialog()1427 void DmAuthManager::ShowAuthInfoDialog()
1428 {
1429 if (authResponseContext_ == nullptr) {
1430 LOGE("failed to ShowAuthInfoDialog because authResponseContext_ is nullptr");
1431 return;
1432 }
1433 LOGI("DmAuthManager::ShowAuthInfoDialog start");
1434 if (!authResponseContext_->isShowDialog) {
1435 LOGI("not show dialog.");
1436 return;
1437 }
1438 struct RadarInfo info = {
1439 .funcName = "ShowAuthInfoDialog",
1440 .stageRes = static_cast<int32_t>(StageRes::STAGE_SUCC),
1441 };
1442 if (!DmRadarHelper::GetInstance().ReportAuthPullPinBox(info)) {
1443 LOGE("ReportAuthPullPinBox failed");
1444 }
1445 nlohmann::json jsonObj;
1446 jsonObj[PIN_CODE_KEY] = authResponseContext_->code;
1447 std::string authParam = jsonObj.dump();
1448 DmDialogManager::GetInstance().ShowPinDialog(std::to_string(authResponseContext_->code));
1449 }
1450
ShowStartAuthDialog()1451 void DmAuthManager::ShowStartAuthDialog()
1452 {
1453 if (authResponseContext_ == nullptr) {
1454 LOGE("failed to ShowStartAuthDialog because authResponseContext_ is nullptr");
1455 return;
1456 }
1457 if (authResponseContext_->authType == AUTH_TYPE_IMPORT_AUTH_CODE) {
1458 LOGI("Add member start");
1459 int32_t pinCode = -1;
1460 if (GetAuthCode(authResponseContext_->hostPkgName, pinCode) != DM_OK) {
1461 LOGE("failed to get auth code");
1462 return;
1463 }
1464 if (CompareVersion(remoteVersion_, std::string(DM_VERSION_4_1_5_1)) &&
1465 (static_cast<uint32_t>(authResponseContext_->bindLevel) >= DEVICE &&
1466 static_cast<uint32_t>(authResponseContext_->bindLevel) <= APP)) {
1467 AuthDevice(pinCode);
1468 } else if (!CompareVersion(remoteVersion_, std::string(DM_VERSION_4_1_5_1)) ||
1469 authResponseContext_->bindLevel == INVALIED_TYPE) {
1470 AddMember(pinCode);
1471 } else {
1472 LOGE("Invalied bind mode.");
1473 }
1474 return;
1475 }
1476 if (IsScreenLocked()) {
1477 LOGE("ShowStartAuthDialog screen is locked.");
1478 SetReasonAndFinish(ERR_DM_BIND_USER_CANCEL, STATUS_DM_AUTH_DEFAULT);
1479 return;
1480 }
1481 LOGI("DmAuthManager::ShowStartAuthDialog start");
1482 DmDialogManager::GetInstance().ShowInputDialog(authResponseContext_->targetDeviceName);
1483 }
1484
ProcessPincode(int32_t pinCode)1485 int32_t DmAuthManager::ProcessPincode(int32_t pinCode)
1486 {
1487 if (authResponseContext_ == nullptr) {
1488 LOGE("failed to ProcessPincode because authResponseContext_ is nullptr");
1489 return ERR_DM_FAILED;
1490 }
1491 if (timer_ != nullptr) {
1492 timer_->DeleteTimer(std::string(INPUT_TIMEOUT_TASK));
1493 }
1494 if (CompareVersion(remoteVersion_, std::string(DM_VERSION_4_1_5_1)) &&
1495 (static_cast<uint32_t>(authResponseContext_->bindLevel) >= DEVICE &&
1496 static_cast<uint32_t>(authResponseContext_->bindLevel) <= APP)) {
1497 return AuthDevice(pinCode);
1498 } else if (!CompareVersion(remoteVersion_, std::string(DM_VERSION_4_1_5_1)) ||
1499 authResponseContext_->bindLevel == INVALIED_TYPE) {
1500 return AddMember(pinCode);
1501 } else {
1502 LOGE("Invalied bind mode.");
1503 }
1504 return ERR_DM_FAILED;
1505 }
1506
AuthDevice(int32_t pinCode)1507 int32_t DmAuthManager::AuthDevice(int32_t pinCode)
1508 {
1509 LOGI("DmAuthManager::AuthDevice start.");
1510 if (isAuthDevice_) {
1511 LOGE("DmAuthManager::AuthDevice doing auth device.");
1512 authUiStateMgr_->UpdateUiState(DmUiStateMsg::MSG_DOING_AUTH);
1513 return ERR_DM_FAILED;
1514 }
1515 isAuthDevice_ = true;
1516 int32_t osAccountId = MultipleUserConnector::GetCurrentAccountUserID();
1517 if (timer_ != nullptr) {
1518 timer_->DeleteTimer(std::string(INPUT_TIMEOUT_TASK));
1519 timer_->StartTimer(std::string(AUTH_DEVICE_TIMEOUT_TASK), AUTH_DEVICE_TIMEOUT,
1520 [this] (std::string name) {
1521 DmAuthManager::HandleAuthenticateTimeout(name);
1522 });
1523 }
1524 if (hiChainAuthConnector_->AuthDevice(pinCode, osAccountId, remoteDeviceId_,
1525 authResponseContext_->requestId) != DM_OK) {
1526 LOGE("DmAuthManager::AuthDevice failed.");
1527 isAuthDevice_ = false;
1528 if (authResponseContext_->authType == AUTH_TYPE_IMPORT_AUTH_CODE) {
1529 HandleMemberJoinImportAuthCode(authResponseContext_->requestId, ERR_DM_FAILED);
1530 return ERR_DM_FAILED;
1531 }
1532 }
1533 return DM_OK;
1534 }
1535
OnUserOperation(int32_t action,const std::string & params)1536 int32_t DmAuthManager::OnUserOperation(int32_t action, const std::string ¶ms)
1537 {
1538 if (authResponseContext_ == nullptr) {
1539 LOGE("Authenticate is not start");
1540 return ERR_DM_AUTH_NOT_START;
1541 }
1542 struct RadarInfo info = {
1543 .funcName = "OnUserOperation",
1544 .stageRes = static_cast<int32_t>(StageRes::STAGE_CANCEL),
1545 .bizState = static_cast<int32_t>(BizState::BIZ_STATE_END),
1546 };
1547 switch (action) {
1548 case USER_OPERATION_TYPE_ALLOW_AUTH:
1549 case USER_OPERATION_TYPE_CANCEL_AUTH:
1550 case USER_OPERATION_TYPE_ALLOW_AUTH_ALWAYS:
1551 StartAuthProcess(action);
1552 break;
1553 case USER_OPERATION_TYPE_AUTH_CONFIRM_TIMEOUT:
1554 SetReasonAndFinish(ERR_DM_TIME_OUT, STATUS_DM_AUTH_DEFAULT);
1555 info.errCode = DmRadarHelper::GetInstance().GetErrCode(ERR_DM_TIME_OUT);
1556 if (!DmRadarHelper::GetInstance().ReportAuthConfirmBox(info)) {
1557 LOGE("ReportAuthConfirmBox failed");
1558 }
1559 break;
1560 case USER_OPERATION_TYPE_CANCEL_PINCODE_DISPLAY:
1561 SetReasonAndFinish(ERR_DM_BIND_USER_CANCEL_PIN_CODE_DISPLAY, STATUS_DM_AUTH_DEFAULT);
1562 info.errCode = DmRadarHelper::GetInstance().GetErrCode(ERR_DM_BIND_USER_CANCEL_PIN_CODE_DISPLAY);
1563 if (!DmRadarHelper::GetInstance().ReportAuthInputPinBox(info)) {
1564 LOGE("ReportAuthInputPinBox failed");
1565 }
1566 break;
1567 case USER_OPERATION_TYPE_CANCEL_PINCODE_INPUT:
1568 SetReasonAndFinish(ERR_DM_BIND_USER_CANCEL_ERROR, STATUS_DM_AUTH_DEFAULT);
1569 info.errCode = DmRadarHelper::GetInstance().GetErrCode(ERR_DM_BIND_USER_CANCEL_ERROR);
1570 if (!DmRadarHelper::GetInstance().ReportAuthInputPinBox(info)) {
1571 LOGE("ReportAuthInputPinBox failed");
1572 }
1573 break;
1574 case USER_OPERATION_TYPE_DONE_PINCODE_INPUT:
1575 ProcessPincode(std::atoi(params.c_str()));
1576 info.stageRes = static_cast<int32_t>(StageRes::STAGE_SUCC);
1577 if (!DmRadarHelper::GetInstance().ReportAuthInputPinBox(info)) {
1578 LOGE("ReportAuthInputPinBox failed");
1579 }
1580 break;
1581 default:
1582 LOGE("this action id not support");
1583 break;
1584 }
1585 return DM_OK;
1586 }
1587
SetPageId(int32_t pageId)1588 int32_t DmAuthManager::SetPageId(int32_t pageId)
1589 {
1590 if (authResponseContext_ == nullptr) {
1591 LOGE("Authenticate is not start");
1592 return ERR_DM_AUTH_NOT_START;
1593 }
1594 authResponseContext_->pageId = pageId;
1595 return DM_OK;
1596 }
1597
SetReasonAndFinish(int32_t reason,int32_t state)1598 int32_t DmAuthManager::SetReasonAndFinish(int32_t reason, int32_t state)
1599 {
1600 if (authResponseContext_ == nullptr) {
1601 LOGE("Authenticate is not start");
1602 return ERR_DM_AUTH_NOT_START;
1603 }
1604 authResponseContext_->state = state;
1605 authResponseContext_->reply = reason;
1606 if (authRequestState_ != nullptr && authRequestState_->GetStateType() != AuthState::AUTH_REQUEST_FINISH) {
1607 authRequestContext_->reason = reason;
1608 authRequestState_->TransitionTo(std::make_shared<AuthRequestFinishState>());
1609 } else if (authResponseState_ != nullptr && authResponseState_->GetStateType() != AuthState::AUTH_RESPONSE_FINISH) {
1610 authResponseState_->TransitionTo(std::make_shared<AuthResponseFinishState>());
1611 }
1612 return DM_OK;
1613 }
1614
IsIdenticalAccount()1615 bool DmAuthManager::IsIdenticalAccount()
1616 {
1617 nlohmann::json jsonObj;
1618 jsonObj[FIELD_GROUP_TYPE] = GROUP_TYPE_IDENTICAL_ACCOUNT_GROUP;
1619 std::string queryParams = jsonObj.dump();
1620
1621 int32_t osAccountUserId = MultipleUserConnector::GetCurrentAccountUserID();
1622 if (osAccountUserId < 0) {
1623 LOGE("get current process account user id failed");
1624 return false;
1625 }
1626 std::vector<GroupInfo> groupList;
1627 if (!hiChainConnector_->GetGroupInfo(osAccountUserId, queryParams, groupList)) {
1628 return false;
1629 }
1630 if (authResponseContext_ == nullptr) {
1631 LOGE("authResponseContext_ is nullptr.");
1632 return false;
1633 }
1634 if (authResponseContext_->accountGroupIdHash == OLD_VERSION_ACCOUNT) {
1635 LOGI("The old version.");
1636 return true;
1637 }
1638 nlohmann::json jsonPeerGroupIdObj = nlohmann::json::parse(authResponseContext_->accountGroupIdHash,
1639 nullptr, false);
1640 if (jsonPeerGroupIdObj.is_discarded()) {
1641 LOGE("accountGroupIdHash string not a json type.");
1642 return false;
1643 }
1644 for (auto &groupInfo : groupList) {
1645 for (nlohmann::json::iterator it = jsonPeerGroupIdObj.begin(); it != jsonPeerGroupIdObj.end(); ++it) {
1646 if ((*it) == Crypto::GetGroupIdHash(groupInfo.groupId)) {
1647 LOGI("Is identical Account.");
1648 return true;
1649 }
1650 }
1651 }
1652 return false;
1653 }
1654
GetAccountGroupIdHash()1655 std::string DmAuthManager::GetAccountGroupIdHash()
1656 {
1657 nlohmann::json jsonObj;
1658 jsonObj[FIELD_GROUP_TYPE] = GROUP_TYPE_IDENTICAL_ACCOUNT_GROUP;
1659 std::string queryParams = jsonObj.dump();
1660
1661 int32_t osAccountUserId = MultipleUserConnector::GetCurrentAccountUserID();
1662 if (osAccountUserId < 0) {
1663 LOGE("get current process account user id failed");
1664 return "";
1665 }
1666 std::vector<GroupInfo> groupList;
1667 if (!hiChainConnector_->GetGroupInfo(osAccountUserId, queryParams, groupList)) {
1668 return "";
1669 }
1670 nlohmann::json jsonAccountObj;
1671 for (auto &groupInfo : groupList) {
1672 jsonAccountObj.push_back(Crypto::GetGroupIdHash(groupInfo.groupId));
1673 }
1674 return jsonAccountObj.dump();
1675 }
1676
ImportAuthCode(const std::string & pkgName,const std::string & authCode)1677 int32_t DmAuthManager::ImportAuthCode(const std::string &pkgName, const std::string &authCode)
1678 {
1679 if (authCode.empty() || pkgName.empty()) {
1680 LOGE("ImportAuthCode failed, authCode or pkgName is empty");
1681 return ERR_DM_INPUT_PARA_INVALID;
1682 }
1683 importAuthCode_ = authCode;
1684 importPkgName_ = pkgName;
1685 return DM_OK;
1686 }
1687
BindTarget(const std::string & pkgName,const PeerTargetId & targetId,const std::map<std::string,std::string> & bindParam)1688 int32_t DmAuthManager::BindTarget(const std::string &pkgName, const PeerTargetId &targetId,
1689 const std::map<std::string, std::string> &bindParam)
1690 {
1691 struct RadarInfo info = {
1692 .funcName = "AuthenticateDevice",
1693 .stageRes = static_cast<int32_t>(StageRes::STAGE_SUCC),
1694 .bizState = static_cast<int32_t>(BizState::BIZ_STATE_END),
1695 };
1696 if (!DmRadarHelper::GetInstance().ReportDiscoverUserRes(info)) {
1697 LOGE("ReportDiscoverUserRes failed");
1698 }
1699 if (pkgName.empty()) {
1700 LOGE("DmAuthManager::BindTarget failed, pkgName is empty.");
1701 return ERR_DM_INPUT_PARA_INVALID;
1702 }
1703 int32_t authType = -1;
1704 if (ParseAuthType(bindParam, authType) != DM_OK) {
1705 LOGE("DmAuthManager::BindTarget failed, key: %{public}s error.", PARAM_KEY_AUTH_TYPE);
1706 return ERR_DM_INPUT_PARA_INVALID;
1707 }
1708 peerTargetId_ = targetId;
1709 std::string deviceId = "";
1710 std::string addrType;
1711 if (bindParam.count(PARAM_KEY_CONN_ADDR_TYPE) != 0) {
1712 addrType = bindParam.at(PARAM_KEY_CONN_ADDR_TYPE);
1713 }
1714 if (ParseConnectAddr(targetId, deviceId, addrType) == DM_OK) {
1715 return AuthenticateDevice(pkgName, authType, deviceId, ParseExtraFromMap(bindParam));
1716 } else if (!targetId.deviceId.empty()) {
1717 return AuthenticateDevice(pkgName, authType, targetId.deviceId, ParseExtraFromMap(bindParam));
1718 } else {
1719 LOGE("DmAuthManager::BindTarget failed, targetId is error.");
1720 return ERR_DM_INPUT_PARA_INVALID;
1721 }
1722 }
1723
ParseConnectAddr(const PeerTargetId & targetId,std::string & deviceId,std::string & addrType)1724 int32_t DmAuthManager::ParseConnectAddr(const PeerTargetId &targetId, std::string &deviceId, std::string &addrType)
1725 {
1726 int32_t index = 0;
1727 std::shared_ptr<DeviceInfo> deviceInfo = std::make_shared<DeviceInfo>();
1728 ConnectionAddr addr;
1729 if (!targetId.wifiIp.empty() && targetId.wifiIp.length() <= IP_STR_MAX_LEN) {
1730 LOGI("DmAuthManager::ParseConnectAddr parse wifiIp: %{public}s.", GetAnonyString(targetId.wifiIp).c_str());
1731 if (!addrType.empty()) {
1732 addr.type = static_cast<ConnectionAddrType>(std::atoi(addrType.c_str()));
1733 } else {
1734 addr.type = ConnectionAddrType::CONNECTION_ADDR_WLAN;
1735 }
1736 memcpy_s(addr.info.ip.ip, IP_STR_MAX_LEN, targetId.wifiIp.c_str(), targetId.wifiIp.length());
1737 addr.info.ip.port = targetId.wifiPort;
1738 deviceInfo->addr[index] = addr;
1739 deviceId = targetId.wifiIp;
1740 index++;
1741 } else if (!targetId.brMac.empty() && targetId.brMac.length() <= BT_MAC_LEN) {
1742 LOGI("DmAuthManager::ParseConnectAddr parse brMac: %{public}s.", GetAnonyString(targetId.brMac).c_str());
1743 addr.type = ConnectionAddrType::CONNECTION_ADDR_BR;
1744 memcpy_s(addr.info.br.brMac, BT_MAC_LEN, targetId.brMac.c_str(), targetId.brMac.length());
1745 deviceInfo->addr[index] = addr;
1746 deviceId = targetId.brMac;
1747 index++;
1748 } else if (!targetId.bleMac.empty() && targetId.bleMac.length() <= BT_MAC_LEN) {
1749 LOGI("DmAuthManager::ParseConnectAddr parse bleMac: %{public}s.", GetAnonyString(targetId.bleMac).c_str());
1750 addr.type = ConnectionAddrType::CONNECTION_ADDR_BLE;
1751 memcpy_s(addr.info.ble.bleMac, BT_MAC_LEN, targetId.bleMac.c_str(), targetId.bleMac.length());
1752 if (!targetId.deviceId.empty()) {
1753 Crypto::ConvertHexStringToBytes(addr.info.ble.udidHash, UDID_HASH_LEN,
1754 targetId.deviceId.c_str(), targetId.deviceId.length());
1755 }
1756 deviceInfo->addr[index] = addr;
1757 deviceId = targetId.bleMac;
1758 index++;
1759 } else {
1760 LOGE("DmAuthManager::ParseConnectAddr failed, not addr.");
1761 return ERR_DM_INPUT_PARA_INVALID;
1762 }
1763
1764 deviceInfo->addrNum = static_cast<uint32_t>(index);
1765 if (softbusConnector_->AddMemberToDiscoverMap(deviceId, deviceInfo) != DM_OK) {
1766 LOGE("DmAuthManager::ParseConnectAddr failed, AddMemberToDiscoverMap failed.");
1767 return ERR_DM_INPUT_PARA_INVALID;
1768 }
1769 deviceInfo = nullptr;
1770 return DM_OK;
1771 }
1772
ParseAuthType(const std::map<std::string,std::string> & bindParam,int32_t & authType)1773 int32_t DmAuthManager::ParseAuthType(const std::map<std::string, std::string> &bindParam, int32_t &authType)
1774 {
1775 auto iter = bindParam.find(PARAM_KEY_AUTH_TYPE);
1776 if (iter == bindParam.end()) {
1777 LOGE("DmAuthManager::ParseAuthType bind param key: %{public}s not exist.", PARAM_KEY_AUTH_TYPE);
1778 return ERR_DM_INPUT_PARA_INVALID;
1779 }
1780 std::string authTypeStr = iter->second;
1781 if (authTypeStr.empty()) {
1782 LOGE("DmAuthManager::ParseAuthType bind param %{public}s is empty.", PARAM_KEY_AUTH_TYPE);
1783 return ERR_DM_INPUT_PARA_INVALID;
1784 }
1785 if (authTypeStr.length() > 1) {
1786 LOGE("DmAuthManager::ParseAuthType bind param %{public}s length is unsupported.", PARAM_KEY_AUTH_TYPE);
1787 return ERR_DM_INPUT_PARA_INVALID;
1788 }
1789 if (!isdigit(authTypeStr[0])) {
1790 LOGE("DmAuthManager::ParseAuthType bind param %{public}s fromat is unsupported.", PARAM_KEY_AUTH_TYPE);
1791 return ERR_DM_INPUT_PARA_INVALID;
1792 }
1793 authType = std::atoi(authTypeStr.c_str());
1794 return DM_OK;
1795 }
1796
ParseExtraFromMap(const std::map<std::string,std::string> & bindParam)1797 std::string DmAuthManager::ParseExtraFromMap(const std::map<std::string, std::string> &bindParam)
1798 {
1799 auto iter = bindParam.find(PARAM_KEY_BIND_EXTRA_DATA);
1800 if (iter != bindParam.end()) {
1801 return iter->second;
1802 }
1803 return ConvertMapToJsonString(bindParam);
1804 }
1805
IsAuthCodeReady(const std::string & pkgName)1806 bool DmAuthManager::IsAuthCodeReady(const std::string &pkgName)
1807 {
1808 if (importAuthCode_.empty() || importPkgName_.empty()) {
1809 LOGE("DmAuthManager::IsAuthCodeReady, auth code not ready.");
1810 return false;
1811 }
1812 if (pkgName != importPkgName_) {
1813 LOGE("IsAuthCodeReady failed, pkgName not supported.");
1814 return false;
1815 }
1816 return true;
1817 }
1818
DeleteAuthCode()1819 int32_t DmAuthManager::DeleteAuthCode()
1820 {
1821 if (authResponseContext_->authType == AUTH_TYPE_IMPORT_AUTH_CODE) {
1822 importAuthCode_ = "";
1823 importPkgName_ = "";
1824 }
1825 return DM_OK;
1826 }
1827
GetAuthCode(const std::string & pkgName,int32_t & pinCode)1828 int32_t DmAuthManager::GetAuthCode(const std::string &pkgName, int32_t &pinCode)
1829 {
1830 if (importAuthCode_.empty() || importPkgName_.empty()) {
1831 LOGE("GetAuthCode failed, auth code not exist.");
1832 return ERR_DM_FAILED;
1833 }
1834 if (pkgName != importPkgName_) {
1835 LOGE("GetAuthCode failed, pkgName not supported.");
1836 return ERR_DM_FAILED;
1837 }
1838 pinCode = std::atoi(importAuthCode_.c_str());
1839 return DM_OK;
1840 }
1841
IsAuthTypeSupported(const int32_t & authType)1842 bool DmAuthManager::IsAuthTypeSupported(const int32_t &authType)
1843 {
1844 if (authenticationMap_.find(authType) == authenticationMap_.end()) {
1845 LOGE("IsAuthTypeSupported failed, authType is not supported.");
1846 return false;
1847 }
1848 return true;
1849 }
1850
GenerateBindResultContent()1851 std::string DmAuthManager::GenerateBindResultContent()
1852 {
1853 nlohmann::json jsonObj;
1854 jsonObj[DM_BIND_RESULT_NETWORK_ID] = authResponseContext_->networkId;
1855 if (remoteDeviceId_.empty()) {
1856 jsonObj[TAG_DEVICE_ID] = "";
1857 } else {
1858 char deviceIdHash[DM_MAX_DEVICE_ID_LEN] = {0};
1859 Crypto::GetUdidHash(remoteDeviceId_, reinterpret_cast<uint8_t *>(deviceIdHash));
1860 jsonObj[TAG_DEVICE_ID] = deviceIdHash;
1861 }
1862 std::string content = jsonObj.dump();
1863 return content;
1864 }
1865
RequestCredential()1866 void DmAuthManager::RequestCredential()
1867 {
1868 LOGI("DmAuthManager::RequestCredential start.");
1869 std::string publicKey = "";
1870 GenerateCredential(publicKey);
1871 authResponseContext_->publicKey = publicKey;
1872 std::string message = authMessageProcessor_->CreateSimpleMessage(MSG_TYPE_REQ_PUBLICKEY);
1873 softbusConnector_->GetSoftbusSession()->SendData(authResponseContext_->sessionId, message);
1874 }
1875
GenerateCredential(std::string & publicKey)1876 void DmAuthManager::GenerateCredential(std::string &publicKey)
1877 {
1878 LOGI("DmAuthManager::GenerateCredential start.");
1879 char localDeviceId[DEVICE_UUID_LENGTH] = {0};
1880 GetDevUdid(localDeviceId, DEVICE_UUID_LENGTH);
1881 std::string localUdid = localDeviceId;
1882 int32_t osAccountId = MultipleUserConnector::GetCurrentAccountUserID();
1883 hiChainAuthConnector_->GenerateCredential(localUdid, osAccountId, publicKey);
1884 if (publicKey == "") {
1885 hiChainAuthConnector_->GetCredential(localUdid, osAccountId, publicKey);
1886 }
1887 }
1888
RequestCredentialDone()1889 void DmAuthManager::RequestCredentialDone()
1890 {
1891 LOGI("DmAuthManager ExchangeCredentailDone start");
1892 if (authResponseContext_ == nullptr) {
1893 LOGE("failed to JoinNeWork because authResponseContext_ is nullptr");
1894 return;
1895 }
1896 if (ImportCredential(remoteDeviceId_, authResponseContext_->publicKey) != DM_OK) {
1897 LOGE("ResponseCredential import credential failed.");
1898 }
1899 if (timer_ != nullptr) {
1900 timer_->DeleteTimer(std::string(AUTHENTICATE_TIMEOUT_TASK));
1901 }
1902
1903 softbusConnector_->JoinLnn(authRequestContext_->ip);
1904 authResponseContext_->state = AuthState::AUTH_REQUEST_FINISH;
1905 authRequestContext_->reason = DM_OK;
1906 authRequestState_->TransitionTo(std::make_shared<AuthRequestFinishState>());
1907 }
1908
ImportCredential(std::string & deviceId,std::string & publicKey)1909 int32_t DmAuthManager::ImportCredential(std::string &deviceId, std::string &publicKey)
1910 {
1911 LOGI("DmAuthManager::ImportCredential");
1912 int32_t osAccountId = MultipleUserConnector::GetCurrentAccountUserID();
1913 return hiChainAuthConnector_->ImportCredential(osAccountId, deviceId, publicKey);
1914 }
1915
EstablishUnbindChannel(const std::string & deviceIdHash)1916 int32_t DmAuthManager::EstablishUnbindChannel(const std::string &deviceIdHash)
1917 {
1918 LOGI("DmAuthManager::EstablishUnbindChannel");
1919 std::string netWorkId = softbusConnector_->GetNetworkIdByDeviceId(deviceIdHash);
1920 int32_t sessionId = softbusConnector_->GetSoftbusSession()->OpenUnbindSession(netWorkId);
1921 if (sessionId < 0) {
1922 LOGE("OpenAuthSession failed, stop the syncdeleteacl.");
1923 authResponseContext_ = std::make_shared<DmAuthResponseContext>();
1924 authResponseContext_->state = AuthState::AUTH_REQUEST_SYNCDELETE;
1925 authResponseContext_->hostPkgName = authRequestContext_->hostPkgName;
1926 authRequestContext_->reason = sessionId;
1927 if (authRequestState_ != nullptr) {
1928 authRequestState_->TransitionTo(std::make_shared<AuthRequestSyncDeleteAclNone>());
1929 }
1930 }
1931 return DM_OK;
1932 }
1933
RequestSyncDeleteAcl()1934 void DmAuthManager::RequestSyncDeleteAcl()
1935 {
1936 LOGI("RequestSyncDeleteAcl start.");
1937 std::string message = authMessageProcessor_->CreateSimpleMessage(MSG_TYPE_REQ_SYNC_DELETE);
1938 softbusConnector_->GetSoftbusSession()->SendData(authRequestContext_->sessionId, message);
1939 if (timer_ == nullptr) {
1940 timer_ = std::make_shared<DmTimer>();
1941 }
1942 timer_->StartTimer(std::string(SYNC_DELETE_TIMEOUT_TASK), SYNC_DELETE_TIMEOUT,
1943 [this] (std::string name) {
1944 DmAuthManager::HandleSyncDeleteTimeout(name);
1945 });
1946 }
1947
SrcSyncDeleteAclDone()1948 void DmAuthManager::SrcSyncDeleteAclDone()
1949 {
1950 LOGI("DmAuthManager::SrcSyncDeleteAclDone, isFinishOfLocal: %{public}d", isFinishOfLocal_);
1951 if (isFinishOfLocal_) {
1952 authMessageProcessor_->SetResponseContext(authResponseContext_);
1953 std::string message = authMessageProcessor_->CreateSimpleMessage(MSG_TYPE_REQ_SYNC_DELETE_DONE);
1954 softbusConnector_->GetSoftbusSession()->SendData(authResponseContext_->sessionId, message);
1955 usleep(USLEEP_TIME_MS);
1956 }
1957 if (authResponseContext_->reply == DM_OK) {
1958 char localUdid[DEVICE_UUID_LENGTH] = {0};
1959 GetDevUdid(localUdid, DEVICE_UUID_LENGTH);
1960 if (hiChainConnector_->IsDevicesInP2PGroup(remoteDeviceId_, localUdid) &&
1961 DeviceProfileConnector::GetInstance().CheckDevIdInAclForDevBind(authRequestContext_->hostPkgName,
1962 remoteDeviceId_)) {
1963 DeleteGroup(authRequestContext_->hostPkgName, remoteDeviceId_);
1964 }
1965 DeleteAcl(authRequestContext_->hostPkgName, remoteDeviceId_);
1966 }
1967 softbusConnector_->GetSoftbusSession()->CloseUnbindSession(authRequestContext_->sessionId);
1968 if (timer_ != nullptr) {
1969 timer_->DeleteAll();
1970 }
1971 isFinishOfLocal_ = true;
1972 authRequestContext_ = nullptr;
1973 authResponseContext_ = nullptr;
1974 authRequestState_ = nullptr;
1975 authMessageProcessor_ = nullptr;
1976 }
1977
SinkSyncDeleteAclDone()1978 void DmAuthManager::SinkSyncDeleteAclDone()
1979 {
1980 LOGI("DmAuthManager::SinkSyncDeleteAclDone, isFinishOfLocal: %{public}d", isFinishOfLocal_);
1981 if (isFinishOfLocal_) {
1982 authMessageProcessor_->SetResponseContext(authResponseContext_);
1983 std::string message = authMessageProcessor_->CreateSimpleMessage(MSG_TYPE_REQ_SYNC_DELETE_DONE);
1984 softbusConnector_->GetSoftbusSession()->SendData(authResponseContext_->sessionId, message);
1985 if (authResponseContext_->reply == DM_OK) {
1986 char localUdid[DEVICE_UUID_LENGTH] = {0};
1987 GetDevUdid(localUdid, DEVICE_UUID_LENGTH);
1988 if (hiChainConnector_->IsDevicesInP2PGroup(remoteDeviceId_, localUdid) &&
1989 DeviceProfileConnector::GetInstance().CheckDevIdInAclForDevBind(authResponseContext_->hostPkgName,
1990 remoteDeviceId_)) {
1991 DeleteGroup(authResponseContext_->hostPkgName, remoteDeviceId_);
1992 }
1993 DeleteAcl(authResponseContext_->hostPkgName, remoteDeviceId_);
1994 }
1995 }
1996 if (timer_ != nullptr) {
1997 timer_->DeleteAll();
1998 }
1999 isFinishOfLocal_ = true;
2000 authResponseContext_ = nullptr;
2001 authResponseState_ = nullptr;
2002 authMessageProcessor_ = nullptr;
2003 }
2004
SyncDeleteAclDone()2005 void DmAuthManager::SyncDeleteAclDone()
2006 {
2007 LOGI("SyncDeleteAclDone start.");
2008 if (authRequestState_ != nullptr) {
2009 SrcSyncDeleteAclDone();
2010 } else if (authResponseState_ != nullptr) {
2011 SinkSyncDeleteAclDone();
2012 }
2013 }
2014
ResponseCredential()2015 void DmAuthManager::ResponseCredential()
2016 {
2017 LOGI("DmAuthManager::ResponseCredential start.");
2018 std::string publicKey = "";
2019 GenerateCredential(publicKey);
2020 if (ImportCredential(remoteDeviceId_, authResponseContext_->publicKey) != DM_OK) {
2021 LOGE("ResponseCredential import credential failed.");
2022 }
2023 authResponseContext_->publicKey = publicKey;
2024 std::string message = authMessageProcessor_->CreateSimpleMessage(MSG_TYPE_RESP_PUBLICKEY);
2025 softbusConnector_->GetSoftbusSession()->SendData(authResponseContext_->sessionId, message);
2026 }
2027
ResponseSyncDeleteAcl()2028 void DmAuthManager::ResponseSyncDeleteAcl()
2029 {
2030 LOGI("ResponseSyncDeleteAcl start.");
2031 if (timer_ != nullptr) {
2032 timer_->DeleteTimer(std::string(SYNC_DELETE_TIMEOUT_TASK));
2033 }
2034 remoteDeviceId_ = authResponseContext_->localDeviceId;
2035 authResponseState_->TransitionTo(std::make_shared<AuthResponseSyncDeleteAclNone>());
2036 }
2037
AuthDeviceTransmit(int64_t requestId,const uint8_t * data,uint32_t dataLen)2038 bool DmAuthManager::AuthDeviceTransmit(int64_t requestId, const uint8_t *data, uint32_t dataLen)
2039 {
2040 LOGI("DmAuthManager::onTransmit start.");
2041 if (requestId != authResponseContext_->requestId) {
2042 LOGE("DmAuthManager::onTransmit requestId %{public}" PRId64"is error.", requestId);
2043 return false;
2044 }
2045 std::string message = "";
2046 if (authRequestState_ != nullptr && authResponseState_ == nullptr) {
2047 LOGI("SoftbusSession send msgType %{public}d.", MSG_TYPE_REQ_AUTH_DEVICE_NEGOTIATE);
2048 message = authMessageProcessor_->CreateDeviceAuthMessage(MSG_TYPE_REQ_AUTH_DEVICE_NEGOTIATE, data, dataLen);
2049 } else if (authRequestState_ == nullptr && authResponseState_ != nullptr) {
2050 LOGI("SoftbusSession send msgType %{public}d.", MSG_TYPE_RESP_AUTH_DEVICE_NEGOTIATE);
2051 message = authMessageProcessor_->CreateDeviceAuthMessage(MSG_TYPE_RESP_AUTH_DEVICE_NEGOTIATE, data, dataLen);
2052 }
2053 if (softbusConnector_->GetSoftbusSession()->SendData(authResponseContext_->sessionId, message) != DM_OK) {
2054 LOGE("SoftbusSession send data failed.");
2055 return false;
2056 }
2057 return true;
2058 }
2059
SrcAuthDeviceFinish()2060 void DmAuthManager::SrcAuthDeviceFinish()
2061 {
2062 if (authResponseContext_->isOnline) {
2063 if (authResponseContext_->confirmOperation == USER_OPERATION_TYPE_ALLOW_AUTH ||
2064 (authResponseContext_->confirmOperation == USER_OPERATION_TYPE_ALLOW_AUTH_ALWAYS &&
2065 authResponseContext_->haveCredential)) {
2066 if (authResponseContext_->bindLevel == APP && !authResponseContext_->isIdenticalAccount) {
2067 softbusConnector_->SetPkgName(authResponseContext_->hostPkgName);
2068 }
2069 softbusConnector_->HandleDeviceOnline(remoteDeviceId_, authForm_);
2070 if (timer_ != nullptr) {
2071 timer_->DeleteTimer(std::string(AUTHENTICATE_TIMEOUT_TASK));
2072 }
2073 authRequestContext_->reason = DM_OK;
2074 authResponseContext_->state = AuthState::AUTH_REQUEST_FINISH;
2075 authRequestState_->TransitionTo(std::make_shared<AuthRequestFinishState>());
2076 return;
2077 }
2078 if (authResponseContext_->confirmOperation == USER_OPERATION_TYPE_ALLOW_AUTH_ALWAYS &&
2079 !authResponseContext_->haveCredential) {
2080 authUiStateMgr_->UpdateUiState(DmUiStateMsg::MSG_CANCEL_PIN_CODE_INPUT);
2081 if (authResponseContext_->bindLevel == APP && !authResponseContext_->isIdenticalAccount) {
2082 softbusConnector_->SetPkgName(authResponseContext_->hostPkgName);
2083 }
2084 softbusConnector_->HandleDeviceOnline(remoteDeviceId_, authForm_);
2085 authRequestState_->TransitionTo(std::make_shared<AuthRequestCredential>());
2086 return;
2087 }
2088 }
2089 if (!authResponseContext_->isOnline && authResponseContext_->haveCredential) {
2090 softbusConnector_->JoinLnn(authRequestContext_->ip);
2091 if (timer_ != nullptr) {
2092 timer_->DeleteTimer(std::string(AUTHENTICATE_TIMEOUT_TASK));
2093 }
2094 authRequestContext_->reason = DM_OK;
2095 authResponseContext_->state = AuthState::AUTH_REQUEST_FINISH;
2096 authRequestState_->TransitionTo(std::make_shared<AuthRequestFinishState>());
2097 return;
2098 }
2099 if (!authResponseContext_->isOnline && !authResponseContext_->haveCredential) {
2100 authUiStateMgr_->UpdateUiState(DmUiStateMsg::MSG_CANCEL_PIN_CODE_INPUT);
2101 authRequestState_->TransitionTo(std::make_shared<AuthRequestCredential>());
2102 return;
2103 }
2104 }
2105
SinkAuthDeviceFinish()2106 void DmAuthManager::SinkAuthDeviceFinish()
2107 {
2108 if (!authResponseContext_->haveCredential) {
2109 authUiStateMgr_->UpdateUiState(DmUiStateMsg::MSG_CANCEL_PIN_CODE_SHOW);
2110 }
2111 if (authResponseContext_->isOnline) {
2112 LOGI("The device is online.");
2113 if (authResponseContext_->bindLevel == APP && !authResponseContext_->isIdenticalAccount) {
2114 softbusConnector_->SetPkgName(authResponseContext_->hostPkgName);
2115 }
2116 softbusConnector_->HandleDeviceOnline(remoteDeviceId_, authForm_);
2117 }
2118 }
2119
AuthDeviceFinish(int64_t requestId)2120 void DmAuthManager::AuthDeviceFinish(int64_t requestId)
2121 {
2122 LOGI("DmAuthManager::AuthDeviceFinish start.");
2123 if (requestId != authResponseContext_->requestId) {
2124 LOGE("DmAuthManager::onTransmit requestId %{public}" PRId64 "is error.", requestId);
2125 return;
2126 }
2127 isAuthDevice_ = false;
2128 if (timer_ != nullptr) {
2129 timer_->DeleteTimer(std::string(AUTH_DEVICE_TIMEOUT_TASK));
2130 }
2131
2132 if (authRequestState_ != nullptr && authResponseState_ == nullptr) {
2133 PutAccessControlList();
2134 SrcAuthDeviceFinish();
2135 } else if (authRequestState_ == nullptr && authResponseState_ != nullptr) {
2136 PutAccessControlList();
2137 SinkAuthDeviceFinish();
2138 }
2139 }
2140
AuthDeviceError(int64_t requestId,int32_t errorCode)2141 void DmAuthManager::AuthDeviceError(int64_t requestId, int32_t errorCode)
2142 {
2143 LOGI("AuthDeviceError start.");
2144 isAuthDevice_ = false;
2145 if (authRequestState_ == nullptr || authResponseState_ != nullptr) {
2146 LOGD("AuthDeviceError sink return.");
2147 return;
2148 }
2149 if (authResponseContext_->authType == AUTH_TYPE_IMPORT_AUTH_CODE) {
2150 authResponseContext_->state = AuthState::AUTH_REQUEST_JOIN;
2151 authRequestContext_->reason = ERR_DM_AUTH_CODE_INCORRECT;
2152 authRequestState_->TransitionTo(std::make_shared<AuthRequestFinishState>());
2153 return;
2154 }
2155 authTimes_++;
2156 if (timer_ != nullptr) {
2157 timer_->DeleteTimer(std::string(AUTH_DEVICE_TIMEOUT_TASK));
2158 }
2159
2160 if (errorCode != DM_OK || requestId != authResponseContext_->requestId) {
2161 if (authRequestState_ != nullptr && authTimes_ >= MAX_AUTH_TIMES) {
2162 authResponseContext_->state = AuthState::AUTH_REQUEST_JOIN;
2163 authRequestContext_->reason = ERR_DM_INPUT_PARA_INVALID;
2164 authRequestState_->TransitionTo(std::make_shared<AuthRequestFinishState>());
2165 } else {
2166 if (timer_ != nullptr) {
2167 timer_->StartTimer(std::string(INPUT_TIMEOUT_TASK),
2168 GetTaskTimeout(INPUT_TIMEOUT_TASK, INPUT_TIMEOUT), [this] (std::string name) {
2169 DmAuthManager::HandleAuthenticateTimeout(name);
2170 });
2171 }
2172 authUiStateMgr_->UpdateUiState(DmUiStateMsg::MSG_PIN_CODE_ERROR);
2173 }
2174 }
2175 }
2176
AuthDeviceSessionKey(int64_t requestId,const uint8_t * sessionKey,uint32_t sessionKeyLen)2177 void DmAuthManager::AuthDeviceSessionKey(int64_t requestId, const uint8_t *sessionKey, uint32_t sessionKeyLen)
2178 {
2179 LOGI("DmAuthManager::AuthDeviceSessionKey start.");
2180 if (requestId != authResponseContext_->requestId) {
2181 LOGE("DmAuthManager::onTransmit requestId %{public}" PRId64 "is error.", requestId);
2182 return;
2183 }
2184 sessionKey_ = sessionKey;
2185 sessionKeyLen_ = sessionKeyLen;
2186 }
2187
GetRemoteDeviceId(std::string & deviceId)2188 void DmAuthManager::GetRemoteDeviceId(std::string &deviceId)
2189 {
2190 LOGI("GetRemoteDeviceId start.");
2191 deviceId = remoteDeviceId_;
2192 }
2193
CompatiblePutAcl()2194 void DmAuthManager::CompatiblePutAcl()
2195 {
2196 LOGI("DmAuthManager::CompatiblePutAcl");
2197 char localDeviceId[DEVICE_UUID_LENGTH] = {0};
2198 GetDevUdid(localDeviceId, DEVICE_UUID_LENGTH);
2199 std::string localUdid = static_cast<std::string>(localDeviceId);
2200 char mUdidHash[DM_MAX_DEVICE_ID_LEN] = {0};
2201 Crypto::GetUdidHash(localUdid, reinterpret_cast<uint8_t *>(mUdidHash));
2202 std::string localUdidHash = static_cast<std::string>(mUdidHash);
2203 DmAclInfo aclInfo;
2204 aclInfo.bindLevel = DEVICE;
2205 aclInfo.bindType = DM_POINT_TO_POINT;
2206 aclInfo.trustDeviceId = remoteDeviceId_;
2207 if (action_ == USER_OPERATION_TYPE_ALLOW_AUTH_ALWAYS) {
2208 aclInfo.authenticationType = ALLOW_AUTH_ALWAYS;
2209 } else if (action_ == USER_OPERATION_TYPE_ALLOW_AUTH) {
2210 aclInfo.authenticationType = ALLOW_AUTH_ONCE;
2211 }
2212 aclInfo.deviceIdHash = localUdidHash;
2213
2214 DmAccesser accesser;
2215 accesser.requestTokenId = static_cast<uint64_t>(authResponseContext_->tokenId);
2216 accesser.requestBundleName = authResponseContext_->hostPkgName;
2217 if (authRequestState_ != nullptr && authResponseState_ == nullptr) {
2218 accesser.requestUserId = MultipleUserConnector::GetCurrentAccountUserID();
2219 accesser.requestAccountId = MultipleUserConnector::GetOhosAccountId();
2220 accesser.requestDeviceId = localUdid;
2221 } else if (authRequestState_ == nullptr && authResponseState_ != nullptr) {
2222 accesser.requestDeviceId = authResponseContext_->localDeviceId;
2223 }
2224
2225 DmAccessee accessee;
2226 accessee.trustTokenId = static_cast<uint64_t>(authResponseContext_->tokenId);
2227 accessee.trustBundleName = authResponseContext_->hostPkgName;
2228 if (authRequestState_ != nullptr && authResponseState_ == nullptr) {
2229 accessee.trustDeviceId = remoteDeviceId_;
2230 } else if (authRequestState_ == nullptr && authResponseState_ != nullptr) {
2231 accessee.trustUserId = MultipleUserConnector::GetCurrentAccountUserID();
2232 accessee.trustAccountId = MultipleUserConnector::GetOhosAccountId();
2233 accessee.trustDeviceId = localUdid;
2234 }
2235 DeviceProfileConnector::GetInstance().PutAccessControlList(aclInfo, accesser, accessee);
2236 }
2237
CommonEventCallback(int32_t userId,std::string commonEventType)2238 void DmAuthManager::CommonEventCallback(int32_t userId, std::string commonEventType)
2239 {
2240 LOGI("DmAuthManager::CommonEventCallback");
2241 if (commonEventType == EventFwk::CommonEventSupport::COMMON_EVENT_HWID_LOGOUT) {
2242 AccountIdLogoutEventCallback(userId);
2243 } else if (commonEventType == EventFwk::CommonEventSupport::COMMON_EVENT_USER_SWITCHED) {
2244 int32_t userId = MultipleUserConnector::GetCurrentAccountUserID();
2245 std::string accountId = MultipleUserConnector::GetOhosAccountId();
2246 LOGI("user_switched event accountId: %{public}s, userId: %{public}s",
2247 GetAnonyString(accountId).c_str(), GetAnonyInt32(userId).c_str());
2248 if (userId > 0) {
2249 MultipleUserConnector::SetSwitchOldUserId(userId);
2250 MultipleUserConnector::SetSwitchOldAccountId(accountId);
2251 }
2252 }
2253 }
2254
AccountIdLogoutEventCallback(int32_t userId)2255 void DmAuthManager::AccountIdLogoutEventCallback(int32_t userId)
2256 {
2257 LOGI("DmAuthManager::AccountIdLogoutEventCallback");
2258 std::string oldAccountId = MultipleUserConnector::GetSwitchOldAccountId();
2259 std::string currentAccountId = MultipleUserConnector::GetOhosAccountId();
2260 MultipleUserConnector::SetSwitchOldAccountId(currentAccountId);
2261 if (oldAccountId == currentAccountId) {
2262 LOGE("The account logout is error.");
2263 return;
2264 }
2265 if (currentAccountId == "ohosAnonymousUid" &&
2266 DeviceProfileConnector::GetInstance().CheckIdenticalAccount(userId, oldAccountId)) {
2267 DeviceProfileConnector::GetInstance().DeleteAccessControlList(userId, oldAccountId);
2268 hiChainConnector_->DeleteAllGroup(userId);
2269 }
2270 }
2271
UserSwitchEventCallback(int32_t userId)2272 void DmAuthManager::UserSwitchEventCallback(int32_t userId)
2273 {
2274 LOGI("UserSwitchEventCallback start.");
2275 std::string oldAccountId = MultipleUserConnector::GetSwitchOldAccountId();
2276 int32_t oldUserId = MultipleUserConnector::GetSwitchOldUserId();
2277 DeviceProfileConnector::GetInstance().DeleteP2PAccessControlList(oldUserId, oldAccountId);
2278 DeviceProfileConnector::GetInstance().DeleteP2PAccessControlList(userId, oldAccountId);
2279 hiChainConnector_->DeleteP2PGroup(userId);
2280 }
2281
UserChangeEventCallback(int32_t userId)2282 void DmAuthManager::UserChangeEventCallback(int32_t userId)
2283 {
2284 LOGI("DmAuthManager::UserChangeEventCallback");
2285 std::string oldAccountId = MultipleUserConnector::GetSwitchOldAccountId();
2286 int32_t oldUseId = MultipleUserConnector::GetSwitchOldUserId();
2287 DeviceProfileConnector::GetInstance().DeleteP2PAccessControlList(oldUseId, oldAccountId);
2288 DeviceProfileConnector::GetInstance().DeleteP2PAccessControlList(userId, oldAccountId);
2289 hiChainConnector_->DeleteP2PGroup(userId);
2290 }
2291
HandleSyncDeleteTimeout(std::string name)2292 void DmAuthManager::HandleSyncDeleteTimeout(std::string name)
2293 {
2294 LOGI("DmAuthManager::HandleSyncDeleteTimeout start timer name %{public}s", name.c_str());
2295 if (authRequestState_ != nullptr && authRequestState_->GetStateType() != AuthState::AUTH_REQUEST_SYNCDELETE_DONE) {
2296 if (authResponseContext_ == nullptr) {
2297 authResponseContext_ = std::make_shared<DmAuthResponseContext>();
2298 }
2299 authResponseContext_->state = authRequestState_->GetStateType();
2300 authResponseContext_->reply = ERR_DM_TIME_OUT;
2301 authRequestState_->TransitionTo(std::make_shared<AuthRequestSyncDeleteAclNone>());
2302 }
2303
2304 if (authResponseState_ != nullptr &&
2305 authResponseState_->GetStateType() != AuthState::AUTH_RESPONSE_SYNCDELETE_DONE) {
2306 authResponseContext_->state = authResponseState_->GetStateType();
2307 authResponseContext_->reply = ERR_DM_TIME_OUT;
2308 authResponseState_->TransitionTo(std::make_shared<AuthResponseSyncDeleteAclNone>());
2309 }
2310 LOGI("DmAuthManager::HandleSyncDeleteTimeout start complete");
2311 }
2312
DeleteAcl(const std::string & pkgName,const std::string & deviceId)2313 int32_t DmAuthManager::DeleteAcl(const std::string &pkgName, const std::string &deviceId)
2314 {
2315 char localUdid[DEVICE_UUID_LENGTH] = {0};
2316 GetDevUdid(localUdid, DEVICE_UUID_LENGTH);
2317 std::string localDeviceId = static_cast<std::string>(localUdid);
2318 DmOfflineParam offlineParam =
2319 DeviceProfileConnector::GetInstance().DeleteAccessControlList(pkgName, localDeviceId, deviceId);
2320 if (offlineParam.bindType == INVALIED_TYPE) {
2321 LOGE("Acl not contain the pkgName bind data.");
2322 return ERR_DM_FAILED;
2323 } else if (offlineParam.bindType == APP_PEER_TO_PEER_TYPE && offlineParam.leftAclNumber != 0) {
2324 LOGI("The pkgName unbind app-level type leftAclNumber not zero.");
2325 softbusConnector_->SetPkgName(pkgName);
2326 softbusConnector_->HandleDeviceOffline(deviceId);
2327 } else if (offlineParam.bindType == APP_PEER_TO_PEER_TYPE && offlineParam.leftAclNumber == 0) {
2328 LOGI("The pkgName unbind app-level type leftAclNumber is zero.");
2329 softbusConnector_->SetPkgName(pkgName);
2330 hiChainAuthConnector_->DeleteCredential(deviceId, MultipleUserConnector::GetCurrentAccountUserID());
2331 } else if (offlineParam.bindType == DEVICE_PEER_TO_PEER_TYPE && offlineParam.leftAclNumber != 0) {
2332 LOGI("Unbind deivce-level, retain identical account bind type.");
2333 } else if (offlineParam.bindType == DEVICE_PEER_TO_PEER_TYPE && offlineParam.leftAclNumber == 0) {
2334 LOGI("Unbind deivce-level, retain null.");
2335 hiChainAuthConnector_->DeleteCredential(deviceId, MultipleUserConnector::GetCurrentAccountUserID());
2336 }
2337 return DM_OK;
2338 }
2339
ProcRespNegotiateExt(const int32_t & sessionId)2340 void DmAuthManager::ProcRespNegotiateExt(const int32_t &sessionId)
2341 {
2342 LOGI("DmAuthManager::ProcRespNegotiateExt start.");
2343 remoteDeviceId_ = authResponseContext_->localDeviceId;
2344 std::string accountId = MultipleUserConnector::GetOhosAccountId();
2345 int32_t userId = MultipleUserConnector::GetCurrentAccountUserID();
2346 MultipleUserConnector::SetSwitchOldAccountId(accountId);
2347 MultipleUserConnector::SetSwitchOldUserId(userId);
2348 authResponseContext_->isIdenticalAccount = false;
2349 if (authResponseContext_->localAccountId == accountId && accountId != "ohosAnonymousUid") {
2350 authResponseContext_->isIdenticalAccount = true;
2351 }
2352 authResponseContext_->remoteAccountId = authResponseContext_->localAccountId;
2353 authResponseContext_->localAccountId = accountId;
2354 authResponseContext_->remoteUserId = authResponseContext_->localUserId;
2355 authResponseContext_->localUserId = userId;
2356 char localDeviceId[DEVICE_UUID_LENGTH] = {0};
2357 GetDevUdid(localDeviceId, DEVICE_UUID_LENGTH);
2358 authResponseContext_->deviceId = authResponseContext_->localDeviceId;
2359 authResponseContext_->localDeviceId = static_cast<std::string>(localDeviceId);
2360 authResponseContext_->bindType =
2361 DeviceProfileConnector::GetInstance().GetBindTypeByPkgName(authResponseContext_->hostPkgName,
2362 authResponseContext_->localDeviceId, authResponseContext_->deviceId);
2363 authResponseContext_->authed = !authResponseContext_->bindType.empty();
2364 if (authResponseContext_->authed && authResponseContext_->authType == AUTH_TYPE_IMPORT_AUTH_CODE &&
2365 !importAuthCode_.empty()) {
2366 authResponseContext_->importAuthCode = Crypto::Sha256(importAuthCode_);
2367 }
2368 authResponseContext_->isOnline = softbusConnector_->CheckIsOnline(remoteDeviceId_);
2369 authResponseContext_->haveCredential =
2370 hiChainAuthConnector_->QueryCredential(authResponseContext_->deviceId, authResponseContext_->localUserId);
2371 if (!IsAuthTypeSupported(authResponseContext_->authType)) {
2372 LOGE("DmAuthManager::AuthenticateDevice authType %{public}d not support.", authResponseContext_->authType);
2373 authResponseContext_->reply = ERR_DM_UNSUPPORTED_AUTH_TYPE;
2374 } else {
2375 authPtr_ = authenticationMap_[authResponseContext_->authType];
2376 }
2377 if (IsAuthCodeReady(authResponseContext_->hostPkgName)) {
2378 authResponseContext_->isAuthCodeReady = true;
2379 } else {
2380 authResponseContext_->isAuthCodeReady = false;
2381 }
2382 std::string message = authMessageProcessor_->CreateSimpleMessage(MSG_TYPE_RESP_NEGOTIATE);
2383 softbusConnector_->GetSoftbusSession()->SendData(sessionId, message);
2384 }
2385
ProcRespNegotiate(const int32_t & sessionId)2386 void DmAuthManager::ProcRespNegotiate(const int32_t &sessionId)
2387 {
2388 LOGI("DmAuthManager::ProcRespNegotiate session id");
2389 AbilityNegotiate();
2390 authResponseContext_->isOnline = softbusConnector_->CheckIsOnline(remoteDeviceId_);
2391 std::string message = authMessageProcessor_->CreateSimpleMessage(MSG_TYPE_RESP_NEGOTIATE);
2392 nlohmann::json jsonObject = nlohmann::json::parse(message, nullptr, false);
2393 if (jsonObject.is_discarded()) {
2394 softbusConnector_->GetSoftbusSession()->SendData(sessionId, message);
2395 return;
2396 }
2397 if (!IsBool(jsonObject, TAG_CRYPTO_SUPPORT)) {
2398 LOGE("err json string.");
2399 softbusConnector_->GetSoftbusSession()->SendData(sessionId, message);
2400 return;
2401 }
2402 if (IsIdenticalAccount()) {
2403 jsonObject[TAG_IDENTICAL_ACCOUNT] = true;
2404 if (authResponseContext_->authType == AUTH_TYPE_IMPORT_AUTH_CODE && !importAuthCode_.empty()) {
2405 jsonObject[TAG_IMPORT_AUTH_CODE] = Crypto::Sha256(importAuthCode_);
2406 }
2407 }
2408 jsonObject[TAG_ACCOUNT_GROUPID] = GetAccountGroupIdHash();
2409 authResponseContext_ = authResponseState_->GetAuthContext();
2410 if (jsonObject[TAG_CRYPTO_SUPPORT] == true && authResponseContext_->cryptoSupport) {
2411 if (IsString(jsonObject, TAG_CRYPTO_NAME) && IsString(jsonObject, TAG_CRYPTO_VERSION)) {
2412 if (jsonObject[TAG_CRYPTO_NAME] == authResponseContext_->cryptoName &&
2413 jsonObject[TAG_CRYPTO_VERSION] == authResponseContext_->cryptoVer) {
2414 isCryptoSupport_ = true;
2415 softbusConnector_->GetSoftbusSession()->SendData(sessionId, message);
2416 return;
2417 }
2418 }
2419 }
2420 jsonObject[TAG_CRYPTO_SUPPORT] = false;
2421 message = jsonObject.dump();
2422 softbusConnector_->GetSoftbusSession()->SendData(sessionId, message);
2423 }
2424
ProcIncompatible(const int32_t & sessionId)2425 void DmAuthManager::ProcIncompatible(const int32_t &sessionId)
2426 {
2427 LOGI("DmAuthManager::ProcIncompatible sessionId %{public}d.", sessionId);
2428 nlohmann::json respNegotiateMsg;
2429 respNegotiateMsg[TAG_REPLY] = ERR_DM_VERSION_INCOMPATIBLE;
2430 respNegotiateMsg[TAG_VER] = DM_ITF_VER;
2431 respNegotiateMsg[TAG_MSG_TYPE] = MSG_TYPE_RESP_NEGOTIATE;
2432 std::string message = respNegotiateMsg.dump();
2433 softbusConnector_->GetSoftbusSession()->SendData(sessionId, message);
2434 }
2435
OnAuthDeviceDataReceived(const int32_t sessionId,const std::string message)2436 void DmAuthManager::OnAuthDeviceDataReceived(const int32_t sessionId, const std::string message)
2437 {
2438 authResponseContext_->sessionId = sessionId;
2439 authMessageProcessor_->SetResponseContext(authResponseContext_);
2440 nlohmann::json jsonObject = nlohmann::json::parse(message, nullptr, false);
2441 if (jsonObject.is_discarded()) {
2442 LOGE("DecodeRequestAuth jsonStr error");
2443 return;
2444 }
2445 if (!IsString(jsonObject, TAG_DATA) || !IsInt32(jsonObject, TAG_DATA_LEN) || !IsInt32(jsonObject, TAG_MSG_TYPE)) {
2446 LOGE("Auth device data is error.");
2447 return;
2448 }
2449 LOGI("OnAuthDeviceDataReceived start msgType %{public}d.", jsonObject[TAG_MSG_TYPE].get<int32_t>());
2450 std::string authData = jsonObject[TAG_DATA].get<std::string>();
2451 int32_t osAccountId = MultipleUserConnector::GetCurrentAccountUserID();
2452 hiChainAuthConnector_->ProcessAuthData(authResponseContext_->requestId, authData, osAccountId);
2453 }
2454
BindSocketFail()2455 void DmAuthManager::BindSocketFail()
2456 {
2457 LOGE("BindSocketFail");
2458 authResponseContext_->reply = DM_OK;
2459 isFinishOfLocal_ = false;
2460 authResponseContext_->hostPkgName = authRequestContext_->hostPkgName;
2461 }
2462
BindSocketSuccess(int32_t socket)2463 void DmAuthManager::BindSocketSuccess(int32_t socket)
2464 {
2465 LOGI("BindSocketSuccess");
2466 if (authResponseState_ == nullptr && authRequestState_ != nullptr &&
2467 authRequestState_->GetStateType() == AuthState::AUTH_REQUEST_DELETE_INIT) {
2468 authRequestContext_->sessionId = socket;
2469 authRequestState_->SetAuthContext(authRequestContext_);
2470 authMessageProcessor_->SetRequestContext(authRequestContext_);
2471 authResponseContext_->localDeviceId = authRequestContext_->localDeviceId;
2472 authResponseContext_->hostPkgName = authRequestContext_->hostPkgName;
2473 authMessageProcessor_->SetResponseContext(authResponseContext_);
2474 authRequestState_->TransitionTo(std::make_shared<AuthRequestSyncDeleteAcl>());
2475 } else {
2476 softbusConnector_->GetSoftbusSession()->CloseUnbindSession(socket);
2477 LOGE("DmAuthManager::BindSocketSuccess but request state is wrong");
2478 }
2479 }
2480
OnUnbindSessionOpened(int32_t socket,PeerSocketInfo info)2481 void DmAuthManager::OnUnbindSessionOpened(int32_t socket, PeerSocketInfo info)
2482 {
2483 LOGI("DmAuthManager::OnUnbindSessionOpened socket: %{public}d, peerSocketName: %{public}s, peerNetworkId:"
2484 "%{public}s, peerPkgName: %{public}s", socket, info.name, GetAnonyString(info.networkId).c_str(), info.pkgName);
2485 if (authResponseState_ == nullptr && authRequestState_ == nullptr) {
2486 authMessageProcessor_ = std::make_shared<AuthMessageProcessor>(shared_from_this());
2487 authResponseState_ = std::make_shared<AuthResponseInitState>();
2488 authResponseState_->SetAuthManager(shared_from_this());
2489 authResponseState_->Enter();
2490 authResponseContext_ = std::make_shared<DmAuthResponseContext>();
2491 if (timer_ == nullptr) {
2492 timer_ = std::make_shared<DmTimer>();
2493 }
2494 timer_->StartTimer(std::string(SYNC_DELETE_TIMEOUT_TASK), SYNC_DELETE_TIMEOUT,
2495 [this] (std::string name) {
2496 DmAuthManager::HandleSyncDeleteTimeout(name);
2497 });
2498 } else {
2499 std::shared_ptr<AuthMessageProcessor> authMessageProcessor =
2500 std::make_shared<AuthMessageProcessor>(shared_from_this());
2501 std::shared_ptr<DmAuthResponseContext> authResponseContext = std::make_shared<DmAuthResponseContext>();
2502 authResponseContext->reply = ERR_DM_SYNC_DELETE_DEVICE_REPEATED;
2503 authMessageProcessor->SetResponseContext(authResponseContext);
2504 std::string message = authMessageProcessor->CreateSimpleMessage(MSG_TYPE_REQ_SYNC_DELETE_DONE);
2505 softbusConnector_->GetSoftbusSession()->SendData(socket, message);
2506 }
2507 }
2508
DeleteGroup(const std::string & pkgName,const std::string & deviceId)2509 int32_t DmAuthManager::DeleteGroup(const std::string &pkgName, const std::string &deviceId)
2510 {
2511 LOGI("DmAuthManager::DeleteGroup");
2512 if (pkgName.empty()) {
2513 LOGE("Invalid parameter, pkgName is empty.");
2514 return ERR_DM_FAILED;
2515 }
2516 std::vector<OHOS::DistributedHardware::GroupInfo> groupList;
2517 hiChainConnector_->GetRelatedGroups(deviceId, groupList);
2518 if (groupList.size() > 0) {
2519 std::string groupId = "";
2520 groupId = groupList.front().groupId;
2521 hiChainConnector_->DeleteGroup(groupId);
2522 } else {
2523 LOGE("DmAuthManager::UnAuthenticateDevice groupList.size = 0");
2524 return ERR_DM_FAILED;
2525 }
2526 if (softbusConnector_ != nullptr) {
2527 softbusConnector_->EraseUdidFromMap(deviceId);
2528 }
2529 return DM_OK;
2530 }
2531
PutAccessControlList()2532 void DmAuthManager::PutAccessControlList()
2533 {
2534 char localDeviceId[DEVICE_UUID_LENGTH] = {0};
2535 GetDevUdid(localDeviceId, DEVICE_UUID_LENGTH);
2536 std::string localUdid = static_cast<std::string>(localDeviceId);
2537 char mUdidHash[DM_MAX_DEVICE_ID_LEN] = {0};
2538 Crypto::GetUdidHash(localUdid, reinterpret_cast<uint8_t *>(mUdidHash));
2539 std::string localUdidHash = static_cast<std::string>(mUdidHash);
2540 DmAclInfo aclInfo;
2541 aclInfo.bindType = DM_ACROSS_ACCOUNT;
2542 if (authResponseContext_->isIdenticalAccount) {
2543 aclInfo.bindType = DM_IDENTICAL_ACCOUNT;
2544 authForm_ = DmAuthForm::IDENTICAL_ACCOUNT;
2545 } else if (authResponseContext_->localAccountId == "ohosAnonymousUid" ||
2546 authResponseContext_->remoteAccountId == "ohosAnonymousUid") {
2547 aclInfo.bindType = DM_POINT_TO_POINT;
2548 authForm_ = DmAuthForm::PEER_TO_PEER;
2549 }
2550 aclInfo.bindLevel = authResponseContext_->bindLevel;
2551 aclInfo.trustDeviceId = remoteDeviceId_;
2552 aclInfo.authenticationType = ALLOW_AUTH_ONCE;
2553 if (authResponseContext_->confirmOperation == USER_OPERATION_TYPE_ALLOW_AUTH_ALWAYS) {
2554 aclInfo.authenticationType = ALLOW_AUTH_ALWAYS;
2555 }
2556 aclInfo.deviceIdHash = localUdidHash;
2557 DmAccesser accesser;
2558 accesser.requestTokenId = static_cast<uint64_t>(authResponseContext_->tokenId);
2559 accesser.requestBundleName = authResponseContext_->hostPkgName;
2560 if (authRequestState_ != nullptr && authResponseState_ == nullptr) {
2561 accesser.requestUserId = authRequestContext_->localUserId;
2562 accesser.requestAccountId = authRequestContext_->localAccountId;
2563 accesser.requestDeviceId = authRequestContext_->localDeviceId;
2564 } else if (authRequestState_ == nullptr && authResponseState_ != nullptr) {
2565 accesser.requestUserId = authResponseContext_->remoteUserId;
2566 accesser.requestAccountId = authResponseContext_->remoteAccountId;
2567 accesser.requestDeviceId = authResponseContext_->localDeviceId;
2568 }
2569 DmAccessee accessee;
2570 accessee.trustTokenId = static_cast<uint64_t>(authResponseContext_->tokenId);
2571 accessee.trustBundleName = authResponseContext_->hostPkgName;
2572 if (authRequestState_ != nullptr && authResponseState_ == nullptr) {
2573 accessee.trustUserId = authRequestContext_->remoteUserId;
2574 accessee.trustAccountId = authRequestContext_->remoteAccountId;
2575 accessee.trustDeviceId = authResponseContext_->deviceId;
2576 } else if (authRequestState_ == nullptr && authResponseState_ != nullptr) {
2577 accessee.trustUserId = authResponseContext_->localUserId;
2578 accessee.trustAccountId = authResponseContext_->localAccountId;
2579 accessee.trustDeviceId = localUdid;
2580 }
2581 DeviceProfileConnector::GetInstance().PutAccessControlList(aclInfo, accesser, accessee);
2582 }
2583
HandleSessionHeartbeat(std::string name)2584 void DmAuthManager::HandleSessionHeartbeat(std::string name)
2585 {
2586 if (timer_ != nullptr) {
2587 timer_->DeleteTimer(std::string(SESSION_HEARTBEAT_TIMEOUT_TASK));
2588 }
2589 LOGI("DmAuthManager::HandleSessionHeartbeat name %{public}s", name.c_str());
2590 nlohmann::json jsonObj;
2591 jsonObj[TAG_SESSION_HEARTBEAT] = TAG_SESSION_HEARTBEAT;
2592 std::string message = jsonObj.dump();
2593 softbusConnector_->GetSoftbusSession()->SendHeartbeatData(authResponseContext_->sessionId, message);
2594
2595 if (authRequestState_ != nullptr) {
2596 if (timer_ != nullptr) {
2597 timer_->StartTimer(std::string(SESSION_HEARTBEAT_TIMEOUT_TASK),
2598 GetTaskTimeout(SESSION_HEARTBEAT_TIMEOUT_TASK, SESSION_HEARTBEAT_TIMEOUT), [this] (std::string name) {
2599 DmAuthManager::HandleSessionHeartbeat(name);
2600 });
2601 }
2602 }
2603 LOGI("DmAuthManager::HandleSessionHeartbeat complete");
2604 }
2605
CheckTrustState()2606 int32_t DmAuthManager::CheckTrustState()
2607 {
2608 if (authResponseContext_->isOnline && authResponseContext_->authType == AUTH_TYPE_IMPORT_AUTH_CODE) {
2609 SetReasonAndFinish(DM_OK, AuthState::AUTH_REQUEST_FINISH);
2610 return ALREADY_BIND;
2611 }
2612 if (authResponseContext_->isIdenticalAccount) {
2613 if (IsIdenticalAccount()) {
2614 softbusConnector_->JoinLnn(authResponseContext_->deviceId);
2615 authResponseContext_->state = AuthState::AUTH_REQUEST_FINISH;
2616 authRequestContext_->reason = DM_OK;
2617 authRequestState_->TransitionTo(std::make_shared<AuthRequestFinishState>());
2618 return ALREADY_BIND;
2619 }
2620 }
2621 if (authResponseContext_->reply == ERR_DM_AUTH_PEER_REJECT) {
2622 if (hiChainConnector_->IsDevicesInP2PGroup(authResponseContext_->localDeviceId,
2623 authRequestContext_->localDeviceId)) {
2624 if (!DeviceProfileConnector::GetInstance().CheckSrcDevIdInAclForDevBind(authResponseContext_->hostPkgName,
2625 authResponseContext_->localDeviceId)) {
2626 CompatiblePutAcl();
2627 }
2628 softbusConnector_->JoinLnn(authResponseContext_->deviceId);
2629 authResponseContext_->state = AuthState::AUTH_REQUEST_FINISH;
2630 authRequestState_->TransitionTo(std::make_shared<AuthRequestFinishState>());
2631 return ALREADY_BIND;
2632 }
2633 }
2634 if (authResponseContext_->reply == ERR_DM_UNSUPPORTED_AUTH_TYPE ||
2635 (authResponseContext_->authType == AUTH_TYPE_IMPORT_AUTH_CODE &&
2636 authResponseContext_->isAuthCodeReady == false)) {
2637 authResponseContext_->state = AuthState::AUTH_REQUEST_FINISH;
2638 authRequestContext_->reason = ERR_DM_BIND_PEER_UNSUPPORTED;
2639 authRequestState_->TransitionTo(std::make_shared<AuthRequestFinishState>());
2640 return ERR_DM_BIND_PEER_UNSUPPORTED;
2641 }
2642 return DM_OK;
2643 }
2644
GetBundleLable(const std::string & bundleName)2645 std::string DmAuthManager::GetBundleLable(const std::string &bundleName)
2646 {
2647 auto samgr = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager();
2648 if (samgr == nullptr) {
2649 LOGE("Get ability manager failed");
2650 return bundleName;
2651 }
2652
2653 sptr<IRemoteObject> object = samgr->GetSystemAbility(BUNDLE_MGR_SERVICE_SYS_ABILITY_ID);
2654 if (object == nullptr) {
2655 LOGE("object is NULL.");
2656 return bundleName;
2657 }
2658
2659 sptr<OHOS::AppExecFwk::IBundleMgr> bms = iface_cast<OHOS::AppExecFwk::IBundleMgr>(object);
2660 if (bms == nullptr) {
2661 LOGE("bundle manager service is NULL.");
2662 return bundleName;
2663 }
2664
2665 auto bundleResourceProxy = bms->GetBundleResourceProxy();
2666 if (bundleResourceProxy == nullptr) {
2667 LOGE("GetBundleResourceProxy fail");
2668 return bundleName;
2669 }
2670 AppExecFwk::BundleResourceInfo resourceInfo;
2671 auto result = bundleResourceProxy->GetBundleResourceInfo(bundleName,
2672 static_cast<uint32_t>(OHOS::AppExecFwk::ResourceFlag::GET_RESOURCE_INFO_ALL), resourceInfo);
2673 if (result != ERR_OK) {
2674 LOGE("GetBundleResourceInfo failed");
2675 return bundleName;
2676 }
2677 LOGI("bundle resource label is %{public}s ", (resourceInfo.label).c_str());
2678 return resourceInfo.label;
2679 }
2680
IsScreenLocked()2681 bool DmAuthManager::IsScreenLocked()
2682 {
2683 bool isLocked = false;
2684 #if defined(SUPPORT_SCREENLOCK)
2685 isLocked = OHOS::ScreenLock::ScreenLockManager::GetInstance()->IsScreenLocked();
2686 #endif
2687 LOGI("IsScreenLocked isLocked: %{public}d.", isLocked);
2688 return isLocked;
2689 }
2690
OnScreenLocked()2691 void DmAuthManager::OnScreenLocked()
2692 {
2693 if (authResponseContext_ != nullptr && AUTH_TYPE_IMPORT_AUTH_CODE == authResponseContext_->authType) {
2694 LOGI("OnScreenLocked authtype is: %{public}d, no need stop bind.", authResponseContext_->authType);
2695 return;
2696 }
2697 if (authRequestState_ == nullptr) {
2698 LOGE("OnScreenLocked authRequestState_ is nullptr.");
2699 return;
2700 }
2701 if (authRequestState_->GetStateType() == AuthState::AUTH_REQUEST_NEGOTIATE ||
2702 authRequestState_->GetStateType() == AuthState::AUTH_REQUEST_INIT) {
2703 LOGI("OnScreenLocked stop bind.");
2704 SetReasonAndFinish(ERR_DM_BIND_USER_CANCEL, STATUS_DM_AUTH_DEFAULT);
2705 return;
2706 }
2707 if (authRequestState_->GetStateType() == AuthState::AUTH_REQUEST_JOIN) {
2708 LOGI("OnScreenLocked stop user input.");
2709 if (authUiStateMgr_ != nullptr) {
2710 authUiStateMgr_->UpdateUiState(DmUiStateMsg::MSG_CANCEL_PIN_CODE_INPUT);
2711 }
2712 SetReasonAndFinish(ERR_DM_BIND_USER_CANCEL, STATUS_DM_AUTH_DEFAULT);
2713 return;
2714 }
2715 if (authRequestState_->GetStateType() == AuthState::AUTH_REQUEST_NEGOTIATE_DONE) {
2716 LOGI("OnScreenLocked stop confirm.");
2717 SetReasonAndFinish(ERR_DM_BIND_USER_CANCEL, STATUS_DM_AUTH_DEFAULT);
2718 }
2719 }
2720
HandleDeviceNotTrust(const std::string & udid)2721 void DmAuthManager::HandleDeviceNotTrust(const std::string &udid)
2722 {
2723 LOGI("DmAuthManager::HandleDeviceNotTrust udid: %{public}s.", GetAnonyString(udid).c_str());
2724 if (udid.empty()) {
2725 LOGE("DmAuthManager::HandleDeviceNotTrust udid is empty.");
2726 return;
2727 }
2728 DeviceProfileConnector::GetInstance().DeleteAccessControlList(udid);
2729 CHECK_NULL_VOID(hiChainConnector_);
2730 hiChainConnector_->DeleteAllGroupByUdid(udid);
2731 }
2732
ConvertSrcVersion(const std::string & version,const std::string & edition)2733 std::string DmAuthManager::ConvertSrcVersion(const std::string &version, const std::string &edition)
2734 {
2735 std::string srcVersion = "";
2736 if (version == "" && edition != "") {
2737 srcVersion = edition;
2738 } else if (version == "" && edition == "") {
2739 srcVersion = DM_VERSION_5_0_1;
2740 } else if (version != "" && edition == "") {
2741 srcVersion = version;
2742 }
2743 LOGI("ConvertSrcVersion version %{public}s, edition %{public}s, srcVersion is %{public}s.",
2744 version.c_str(), edition.c_str(), srcVersion.c_str());
2745 return srcVersion;
2746 }
2747
ConvertSinkVersion(const std::string & version)2748 std::string DmAuthManager::ConvertSinkVersion(const std::string &version)
2749 {
2750 std::string sinkVersion = "";
2751 if (version == "") {
2752 sinkVersion = DM_VERSION_4_1_5_1;
2753 } else {
2754 sinkVersion = version;
2755 }
2756 LOGI("ConvertSinkVersion version %{public}s, sinkVersion is %{public}s.", version.c_str(), sinkVersion.c_str());
2757 return sinkVersion;
2758 }
2759
CompareVersion(const std::string & remoteVersion,const std::string & oldVersion)2760 bool DmAuthManager::CompareVersion(const std::string &remoteVersion, const std::string &oldVersion)
2761 {
2762 LOGI("remoteVersion %{public}s, oldVersion %{public}s.", remoteVersion.c_str(), oldVersion.c_str());
2763 std::vector<int32_t> remoteVersionVec;
2764 std::vector<int32_t> oldVersionVec;
2765 VersionSplitToInt(remoteVersion, '.', remoteVersionVec);
2766 VersionSplitToInt(oldVersion, '.', oldVersionVec);
2767 return CompareVecNum(remoteVersionVec, oldVersionVec);
2768 }
2769
SetAuthType(int32_t authType)2770 void DmAuthManager::SetAuthType(int32_t authType)
2771 {
2772 authType_ = authType;
2773 }
2774
GetTaskTimeout(const char * taskName,int32_t taskTimeOut)2775 int32_t DmAuthManager::GetTaskTimeout(const char* taskName, int32_t taskTimeOut)
2776 {
2777 LOGI("GetTaskTimeout, taskName: %{public}s, authType_: %{public}d", taskName, authType_.load());
2778 if (AUTH_TYPE_IMPORT_AUTH_CODE == authType_) {
2779 auto timeout = TASK_TIME_OUT_MAP.find(std::string(taskName));
2780 if (timeout != TASK_TIME_OUT_MAP.end()) {
2781 return timeout->second;
2782 }
2783 }
2784 return taskTimeOut;
2785 }
2786 } // namespace DistributedHardware
2787 } // namespace OHOS