1 /* 2 * Copyright (c) 2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef FOUNDATION_APPEXECFWK_SERVICES_BUNDLEMGR_INCLUDE_BUNDLE_INSTALL_CHECKER_H 17 #define FOUNDATION_APPEXECFWK_SERVICES_BUNDLEMGR_INCLUDE_BUNDLE_INSTALL_CHECKER_H 18 19 #include <memory> 20 #include <string> 21 #include <vector> 22 23 #include "app_privilege_capability.h" 24 #include "app_provision_info.h" 25 #include "appexecfwk_errors.h" 26 #include "bundle_pack_info.h" 27 #include "bundle_verify_mgr.h" 28 #include "inner_bundle_info.h" 29 #include "install_param.h" 30 31 namespace OHOS { 32 namespace AppExecFwk { 33 struct InstallCheckParam { 34 bool isPreInstallApp = false; 35 bool removable = true; 36 bool needSendEvent = true; 37 // status of install bundle permission 38 PermissionStatus installBundlePermissionStatus = PermissionStatus::NOT_VERIFIED_PERMISSION_STATUS; 39 // status of install enterprise bundle permission 40 PermissionStatus installEnterpriseBundlePermissionStatus = PermissionStatus::NOT_VERIFIED_PERMISSION_STATUS; 41 // status of install enterprise normal bundle permission 42 PermissionStatus installEtpNormalBundlePermissionStatus = PermissionStatus::NOT_VERIFIED_PERMISSION_STATUS; 43 // status of install enterprise mdm bundle permission 44 PermissionStatus installEtpMdmBundlePermissionStatus = PermissionStatus::NOT_VERIFIED_PERMISSION_STATUS; 45 // status of install internaltesting bundle permission 46 PermissionStatus installInternaltestingBundlePermissionStatus = PermissionStatus::NOT_VERIFIED_PERMISSION_STATUS; 47 // is shell token 48 bool isCallByShell = false; 49 Constants::AppType appType = Constants::AppType::THIRD_PARTY_APP; 50 int64_t crowdtestDeadline = Constants::INVALID_CROWDTEST_DEADLINE; // for crowdtesting type hap 51 std::string specifiedDistributionType; 52 }; 53 54 class BundleInstallChecker { 55 public: 56 /** 57 * @brief Check syscap. 58 * @param bundlePaths Indicates the file paths of all HAP packages. 59 * @return Returns ERR_OK if the syscap satisfy; returns error code otherwise. 60 */ 61 ErrCode CheckSysCap(const std::vector<std::string> &bundlePaths); 62 63 /** 64 * @brief Check signature info of multiple haps. 65 * @param bundlePaths Indicates the file paths of all HAP packages. 66 * @param hapVerifyRes Indicates the signature info. 67 * @param readFile Indicates using READ or MMAP to get content of the file. 68 * @return Returns ERR_OK if the every hap has signature info and all haps have same signature info. 69 */ 70 ErrCode CheckMultipleHapsSignInfo( 71 const std::vector<std::string> &bundlePaths, 72 std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes, bool readFile = false); 73 74 /** 75 * @brief To check the hap hash param. 76 * @param infos .Indicates all innerBundleInfo for all haps need to be installed. 77 * @param hashParams .Indicates all hashParams in installParam. 78 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 79 */ 80 ErrCode CheckHapHashParams( 81 std::unordered_map<std::string, InnerBundleInfo> &infos, 82 std::map<std::string, std::string> hashParams); 83 84 /** 85 * @brief To check the version code and bundleName in all haps. 86 * @param infos .Indicates all innerBundleInfo for all haps need to be installed. 87 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 88 */ 89 ErrCode CheckAppLabelInfo(const std::unordered_map<std::string, InnerBundleInfo> &infos); 90 /** 91 * @brief To check native file in all haps. 92 * @param infos .Indicates all innerBundleInfo for all haps need to be installed. 93 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 94 */ 95 ErrCode CheckMultiNativeFile(std::unordered_map<std::string, InnerBundleInfo> &infos); 96 /** 97 * @brief To check ark native file in all haps. 98 * @param infos .Indicates all innerBundleInfo for all haps need to be installed. 99 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 100 */ 101 ErrCode CheckMultiArkNativeFile(std::unordered_map<std::string, InnerBundleInfo> &infos); 102 /** 103 * @brief To check native so in all haps. 104 * @param infos .Indicates all innerBundleInfo for all haps need to be installed. 105 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 106 */ 107 ErrCode CheckMultiNativeSo(std::unordered_map<std::string, InnerBundleInfo> &infos); 108 /** 109 * @brief To parse hap files and to obtain innerBundleInfo of each hap. 110 * @param bundlePaths Indicates the file paths of all HAP packages. 111 * @param checkParam Indicates the install check parameters. 112 * @param hapVerifyRes Indicates all signature info of all haps. 113 * @param infos Indicates the innerBundleinfo of each hap. 114 * @return Returns ERR_OK if each hap is parsed successfully; returns error code otherwise. 115 */ 116 ErrCode ParseHapFiles( 117 const std::vector<std::string> &bundlePaths, 118 const InstallCheckParam &checkParam, 119 std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes, 120 std::unordered_map<std::string, InnerBundleInfo> &infos); 121 /** 122 * @brief To check dependency whether or not exists. 123 * @param infos Indicates all innerBundleInfo for all haps need to be installed. 124 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 125 */ 126 ErrCode CheckDependency(std::unordered_map<std::string, InnerBundleInfo> &infos); 127 128 void ResetProperties(); 129 IsContainEntry()130 bool IsContainEntry() 131 { 132 return isContainEntry_; 133 } 134 135 ErrCode CheckHspInstallCondition(std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes); 136 137 ErrCode CheckInstallPermission(const InstallCheckParam &checkParam, 138 const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes); 139 140 bool VaildInstallPermission(const InstallParam &installParam, 141 const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes); 142 143 bool VaildEnterpriseInstallPermission(const InstallParam &installParam, 144 const Security::Verify::ProvisionInfo &provisionInfo); 145 146 bool VaildInstallPermissionForShare(const InstallCheckParam &checkParam, 147 const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes); 148 149 bool VaildEnterpriseInstallPermissionForShare(const InstallCheckParam &checkParam, 150 const Security::Verify::ProvisionInfo &provisionInfo); 151 152 ErrCode CheckModuleNameForMulitHaps(const std::unordered_map<std::string, InnerBundleInfo> &infos); 153 154 bool IsExistedDistroModule(const InnerBundleInfo &newInfo, const InnerBundleInfo &info) const; 155 156 bool IsContainModuleName(const InnerBundleInfo &newInfo, const InnerBundleInfo &info) const; 157 158 ErrCode CheckDeviceType(std::unordered_map<std::string, InnerBundleInfo> &infos) const; 159 160 AppProvisionInfo ConvertToAppProvisionInfo(const Security::Verify::ProvisionInfo &provisionInfo) const; 161 162 ErrCode CheckProxyDatas(const InnerBundleInfo &info) const; 163 164 ErrCode CheckIsolationMode(const std::unordered_map<std::string, InnerBundleInfo> &infos) const; 165 166 ErrCode CheckSignatureFileDir(const std::string &signatureFileDir) const; 167 168 ErrCode CheckDeveloperMode(const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes) const; 169 170 ErrCode CheckAllowEnterpriseBundle(const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes) const; 171 172 bool CheckEnterpriseBundle(Security::Verify::HapVerifyResult &hapVerifyRes) const; 173 bool CheckInternaltestingBundle(Security::Verify::HapVerifyResult &hapVerifyRes) const; 174 bool CheckSupportAppTypes( 175 const std::unordered_map<std::string, InnerBundleInfo> &infos, const std::string &supportAppTypes) const; 176 177 std::string GetCheckResultMsg() const; 178 179 void SetCheckResultMsg(const std::string checkResultMsg); 180 181 private: 182 183 ErrCode ParseBundleInfo( 184 const std::string &bundleFilePath, 185 InnerBundleInfo &info, 186 BundlePackInfo &packInfo) const; 187 188 ErrCode CheckSystemSize( 189 const std::string &bundlePath, 190 const Constants::AppType appType) const; 191 192 void SetEntryInstallationFree( 193 const BundlePackInfo &bundlePackInfo, 194 InnerBundleInfo &innerBundleInfo); 195 196 void SetPackInstallationFree(BundlePackInfo &bundlePackInfo, const InnerBundleInfo &innerBundleInfo) const; 197 198 void CollectProvisionInfo( 199 const Security::Verify::ProvisionInfo &provisionInfo, 200 const AppPrivilegeCapability &appPrivilegeCapability, 201 InnerBundleInfo &newInfo); 202 203 void GetPrivilegeCapability( 204 const InstallCheckParam &checkParam, InnerBundleInfo &newInfo); 205 206 void ParseAppPrivilegeCapability( 207 const Security::Verify::ProvisionInfo &provisionInfo, 208 AppPrivilegeCapability &appPrivilegeCapability); 209 210 ErrCode CheckMainElement(const InnerBundleInfo &info); 211 212 ErrCode CheckBundleName(const std::string &provisionInfoBundleName, const std::string &bundleName); 213 214 void FetchPrivilegeCapabilityFromPreConfig( 215 const std::string &bundleName, 216 const std::vector<std::string> &appSignatures, 217 AppPrivilegeCapability &appPrivilegeCapability); 218 219 bool MatchSignature(const std::vector<std::string> &appSignatures, const std::string &signature); 220 221 bool GetPrivilegeCapabilityValue(const std::vector<std::string> &existInJson, 222 const std::string &key, bool existInPreJson, bool existInProvision); 223 224 ErrCode ProcessBundleInfoByPrivilegeCapability(const AppPrivilegeCapability &appPrivilegeCapability, 225 InnerBundleInfo &innerBundleInfo); 226 227 bool NeedCheckDependency(const Dependency &dependency, const InnerBundleInfo &info); 228 229 bool FindModuleInInstallingPackage( 230 const std::string &moduleName, 231 const std::string &bundleName, 232 const std::unordered_map<std::string, InnerBundleInfo> &infos); 233 234 bool FindModuleInInstalledPackage( 235 const std::string &moduleName, 236 const std::string &bundleName, 237 uint32_t versionCode); 238 239 bool isContainEntry_ = false; 240 241 void SetAppProvisionMetadata(const std::vector<Security::Verify::Metadata> &provisionMetadatas, 242 InnerBundleInfo &newInfo); 243 244 bool CheckProxyPermissionLevel(const std::string &permissionName) const; 245 bool MatchOldSignatures(const std::string &bundleName, const std::vector<std::string> &appSignatures); 246 bool CheckProvisionInfoIsValid(const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes); 247 std::tuple<bool, std::string, std::string> GetValidReleaseType( 248 const std::unordered_map<std::string, InnerBundleInfo> &infos); 249 void DetermineCloneNum(InnerBundleInfo &innerBundleInfo); 250 251 std::string checkResultMsg_ = ""; 252 }; 253 } // namespace AppExecFwk 254 } // namespace OHOS 255 #endif // FOUNDATION_APPEXECFWK_SERVICES_BUNDLEMGR_INCLUDE_BUNDLE_INSTALL_CHECKER_H