1 /*
2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "security_manager_addon.h"
17
18 #include <fcntl.h>
19 #include <fstream>
20 #include "cJSON.h"
21 #include "cjson_check.h"
22 #include "device_settings_proxy.h"
23 #include "edm_constants.h"
24 #include "edm_log.h"
25 #include "pixel_map_napi.h"
26
27 using namespace OHOS::EDM;
28
29 constexpr int64_t MAX_VALIDITY_PERIOD = 31536000000000; // 60 * 60 * 24 * 365 * 1000 * 1000
30 constexpr int32_t MAX_WATERMARK_IMAGE_SIZE = 512000; // 500 * 1024
31 static const std::string VALIDITY_PERIOD_OUT_OF_RANGE_ERROR = "validityPeriod out of range!";
32
Init(napi_env env,napi_value exports)33 napi_value SecurityManagerAddon::Init(napi_env env, napi_value exports)
34 {
35 napi_value nClipboardPolicy = nullptr;
36 NAPI_CALL(env, napi_create_object(env, &nClipboardPolicy));
37 CreateClipboardPolicyObject(env, nClipboardPolicy);
38 napi_property_descriptor property[] = {
39 DECLARE_NAPI_FUNCTION("getSecurityPatchTag", GetSecurityPatchTag),
40 DECLARE_NAPI_FUNCTION("getDeviceEncryptionStatus", GetDeviceEncryptionStatus),
41 DECLARE_NAPI_FUNCTION("setPasswordPolicy", SetPasswordPolicy),
42 DECLARE_NAPI_FUNCTION("getPasswordPolicy", GetPasswordPolicy),
43 DECLARE_NAPI_FUNCTION("getSecurityStatus", GetSecurityStatus),
44 DECLARE_NAPI_FUNCTION("installUserCertificate", InstallUserCertificate),
45 DECLARE_NAPI_FUNCTION("uninstallUserCertificate", UninstallUserCertificate),
46 DECLARE_NAPI_FUNCTION("setAppClipboardPolicy", SetAppClipboardPolicy),
47 DECLARE_NAPI_FUNCTION("getAppClipboardPolicy", GetAppClipboardPolicy),
48 DECLARE_NAPI_FUNCTION("setWatermarkImage", SetWatermarkImage),
49 DECLARE_NAPI_FUNCTION("cancelWatermarkImage", CancelWatermarkImage),
50 DECLARE_NAPI_PROPERTY("ClipboardPolicy", nClipboardPolicy),
51 };
52 NAPI_CALL(env, napi_define_properties(env, exports, sizeof(property) / sizeof(property[0]), property));
53 return exports;
54 }
55
GetSecurityPatchTag(napi_env env,napi_callback_info info)56 napi_value SecurityManagerAddon::GetSecurityPatchTag(napi_env env, napi_callback_info info)
57 {
58 EDMLOGI("NAPI_GetSecurityPatchTag called");
59 size_t argc = ARGS_SIZE_ONE;
60 napi_value argv[ARGS_SIZE_ONE] = {nullptr};
61 napi_value thisArg = nullptr;
62 void *data = nullptr;
63 OHOS::AppExecFwk::ElementName elementName;
64
65 NAPI_CALL(env, napi_get_cb_info(env, info, &argc, argv, &thisArg, &data));
66 ASSERT_AND_THROW_PARAM_ERROR(env, argc >= ARGS_SIZE_ONE, "parameter count error");
67 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_ZERO], napi_object), "parameter type error");
68 bool boolret = ParseElementName(env, elementName, argv[ARR_INDEX_ZERO]);
69 ASSERT_AND_THROW_PARAM_ERROR(env, boolret, "element name param error");
70 EDMLOGD(
71 "EnableAdmin: elementName.bundlename %{public}s, "
72 "elementName.abilityname:%{public}s",
73 elementName.GetBundleName().c_str(),
74 elementName.GetAbilityName().c_str());
75 std::string stringRet;
76 auto securityManagerProxy = SecurityManagerProxy::GetSecurityManagerProxy();
77 int32_t ret = securityManagerProxy->GetSecurityPatchTag(elementName, stringRet);
78 if (FAILED(ret)) {
79 napi_throw(env, CreateError(env, ret));
80 return nullptr;
81 }
82 napi_value securityPatchTag;
83 napi_create_string_utf8(env, stringRet.c_str(), stringRet.size(), &securityPatchTag);
84 return securityPatchTag;
85 }
86
GetDeviceEncryptionStatus(napi_env env,napi_callback_info info)87 napi_value SecurityManagerAddon::GetDeviceEncryptionStatus(napi_env env, napi_callback_info info)
88 {
89 EDMLOGI("NAPI_GetDeviceEncryptionStatus called");
90 size_t argc = ARGS_SIZE_ONE;
91 napi_value argv[ARGS_SIZE_ONE] = { nullptr };
92 napi_value thisArg = nullptr;
93 void* data = nullptr;
94 OHOS::AppExecFwk::ElementName elementName;
95 NAPI_CALL(env, napi_get_cb_info(env, info, &argc, argv, &thisArg, &data));
96 ASSERT_AND_THROW_PARAM_ERROR(env, argc >= ARGS_SIZE_ONE, "parameter count error");
97 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_ZERO], napi_object), "parameter type error");
98 bool boolret = ParseElementName(env, elementName, argv[ARR_INDEX_ZERO]);
99 ASSERT_AND_THROW_PARAM_ERROR(env, boolret, "element name param error");
100 EDMLOGD(
101 "EnableAdmin: elementName.bundlename %{public}s, "
102 "elementName.abilityname:%{public}s",
103 elementName.GetBundleName().c_str(),
104 elementName.GetAbilityName().c_str());
105 DeviceEncryptionStatus deviceEncryptionStatus;
106 auto securityManagerProxy = SecurityManagerProxy::GetSecurityManagerProxy();
107 int32_t ret = securityManagerProxy->GetDeviceEncryptionStatus(elementName, deviceEncryptionStatus);
108 if (FAILED(ret)) {
109 napi_throw(env, CreateError(env, ret));
110 return nullptr;
111 }
112 return ConvertDeviceEncryptionStatus(env, deviceEncryptionStatus);
113 }
114
ConvertDeviceEncryptionStatus(napi_env env,DeviceEncryptionStatus & deviceEncryptionStatus)115 napi_value SecurityManagerAddon::ConvertDeviceEncryptionStatus(napi_env env,
116 DeviceEncryptionStatus &deviceEncryptionStatus)
117 {
118 napi_value objDeviceEncryptionStatus = nullptr;
119 napi_create_object(env, &objDeviceEncryptionStatus);
120 napi_value nIsEncrypted;
121 napi_get_boolean(env, deviceEncryptionStatus.isEncrypted, &nIsEncrypted);
122 napi_set_named_property(env, objDeviceEncryptionStatus, "isEncrypted", nIsEncrypted);
123 return objDeviceEncryptionStatus;
124 }
125
SetPasswordPolicy(napi_env env,napi_callback_info info)126 napi_value SecurityManagerAddon::SetPasswordPolicy(napi_env env, napi_callback_info info)
127 {
128 EDMLOGI("NAPI_SetPasswordPolicy called");
129 size_t argc = ARGS_SIZE_TWO;
130 napi_value argv[ARGS_SIZE_TWO] = { nullptr };
131 napi_value thisArg = nullptr;
132 void* data = nullptr;
133 OHOS::AppExecFwk::ElementName elementName;
134 NAPI_CALL(env, napi_get_cb_info(env, info, &argc, argv, &thisArg, &data));
135 ASSERT_AND_THROW_PARAM_ERROR(env, argc >= ARGS_SIZE_TWO, "parameter count error");
136 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_ZERO], napi_object), "admin type error");
137 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_ONE], napi_object),
138 "passwordPolicy type error");
139
140 PasswordPolicy policy;
141 ASSERT_AND_THROW_PARAM_ERROR(env, ParseElementName(env, elementName, argv[ARR_INDEX_ZERO]),
142 "Parameter admin error");
143 ASSERT_AND_THROW_PARAM_ERROR(env,
144 JsObjectToString(env, argv[ARR_INDEX_ONE], "complexityRegex", false, policy.complexityReg),
145 "Parameter passwordPolicy error");
146 ASSERT_AND_THROW_PARAM_ERROR(env,
147 JsObjectToLong(env, argv[ARR_INDEX_ONE], "validityPeriod", false, policy.validityPeriod),
148 "Parameter passwordPolicy error");
149 if (policy.validityPeriod > MAX_VALIDITY_PERIOD || policy.validityPeriod < 0) {
150 napi_throw(env, CreateError(env, EdmReturnErrCode::PARAM_ERROR, VALIDITY_PERIOD_OUT_OF_RANGE_ERROR));
151 return nullptr;
152 }
153 ASSERT_AND_THROW_PARAM_ERROR(env,
154 JsObjectToString(env, argv[ARR_INDEX_ONE], "additionalDescription", false, policy.additionalDescription),
155 "Parameter passwordPolicy error");
156 int32_t retCode = SecurityManagerProxy::GetSecurityManagerProxy()->SetPasswordPolicy(elementName, policy);
157 if (FAILED(retCode)) {
158 napi_throw(env, CreateError(env, retCode));
159 }
160 return nullptr;
161 }
162
GetPasswordPolicy(napi_env env,napi_callback_info info)163 napi_value SecurityManagerAddon::GetPasswordPolicy(napi_env env, napi_callback_info info)
164 {
165 EDMLOGI("NAPI_GetPasswordPolicy called");
166 size_t argc = ARGS_SIZE_ONE;
167 napi_value argv[ARGS_SIZE_ONE] = { nullptr };
168 napi_value thisArg = nullptr;
169 void* data = nullptr;
170 OHOS::AppExecFwk::ElementName elementName;
171 NAPI_CALL(env, napi_get_cb_info(env, info, &argc, argv, &thisArg, &data));
172
173 PasswordPolicy policy;
174 int32_t retCode = EdmReturnErrCode::SYSTEM_ABNORMALLY;
175 if (argc >= ARGS_SIZE_ONE) {
176 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_ZERO], napi_object), "admin type error");
177 ASSERT_AND_THROW_PARAM_ERROR(env, ParseElementName(env, elementName, argv[ARR_INDEX_ZERO]),
178 "Parameter admin error");
179 retCode = SecurityManagerProxy::GetSecurityManagerProxy()->GetPasswordPolicy(elementName, policy);
180 } else {
181 retCode = SecurityManagerProxy::GetSecurityManagerProxy()->GetPasswordPolicy(policy);
182 }
183
184 if (FAILED(retCode)) {
185 napi_throw(env, CreateError(env, retCode));
186 return nullptr;
187 }
188 napi_value ret;
189 napi_value complexityReg;
190 napi_value validityPeriod;
191 napi_value additionalDescription;
192 napi_create_object(env, &ret);
193 napi_create_string_utf8(env, policy.complexityReg.c_str(), NAPI_AUTO_LENGTH, &complexityReg);
194 napi_create_int64(env, policy.validityPeriod, &validityPeriod);
195 napi_create_string_utf8(env, policy.additionalDescription.c_str(), NAPI_AUTO_LENGTH, &additionalDescription);
196 napi_set_named_property(env, ret, "complexityRegex", complexityReg);
197 napi_set_named_property(env, ret, "validityPeriod", validityPeriod);
198 napi_set_named_property(env, ret, "additionalDescription", additionalDescription);
199 return ret;
200 }
201
GetSecurityStatus(napi_env env,napi_callback_info info)202 napi_value SecurityManagerAddon::GetSecurityStatus(napi_env env, napi_callback_info info)
203 {
204 EDMLOGI("NAPI_GetSecurityStatus called");
205 size_t argc = ARGS_SIZE_TWO;
206 napi_value argv[ARGS_SIZE_TWO] = { nullptr };
207 napi_value thisArg = nullptr;
208 void* data = nullptr;
209 OHOS::AppExecFwk::ElementName elementName;
210 NAPI_CALL(env, napi_get_cb_info(env, info, &argc, argv, &thisArg, &data));
211 ASSERT_AND_THROW_PARAM_ERROR(env, argc >= ARGS_SIZE_TWO, "parameter count error");
212 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_ZERO], napi_object), "parameter type error");
213 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_ONE], napi_string),
214 "The second parameter must be string.");
215 bool boolret = ParseElementName(env, elementName, argv[ARR_INDEX_ZERO]);
216 ASSERT_AND_THROW_PARAM_ERROR(env, boolret, "element name param error");
217 EDMLOGD(
218 "EnableAdmin: elementName.bundlename %{public}s, "
219 "elementName.abilityname:%{public}s",
220 elementName.GetBundleName().c_str(),
221 elementName.GetAbilityName().c_str());
222 std::string item;
223 boolret = ParseString(env, item, argv[ARR_INDEX_ONE]);
224 ASSERT_AND_THROW_PARAM_ERROR(env, boolret, "param 'item' parse error");
225 std::string stringRet;
226 auto securityManagerProxy = SecurityManagerProxy::GetSecurityManagerProxy();
227 int32_t ret = ERR_OK;
228 if (item == EdmConstants::SecurityManager::PATCH) {
229 ret = securityManagerProxy->GetSecurityPatchTag(elementName, stringRet);
230 } else if (item == EdmConstants::SecurityManager::ENCRYPTION) {
231 DeviceEncryptionStatus deviceEncryptionStatus;
232 ret = securityManagerProxy->GetDeviceEncryptionStatus(elementName, deviceEncryptionStatus);
233 if (SUCCEEDED(ret)) {
234 ret = ConvertDeviceEncryptionToJson(env, deviceEncryptionStatus, stringRet);
235 }
236 } else if (item == EdmConstants::SecurityManager::ROOT) {
237 ret = securityManagerProxy->GetRootCheckStatus(elementName, stringRet);
238 } else {
239 ret = EdmReturnErrCode::INTERFACE_UNSUPPORTED;
240 }
241 if (FAILED(ret)) {
242 napi_throw(env, CreateError(env, ret));
243 return nullptr;
244 }
245 napi_value status;
246 napi_create_string_utf8(env, stringRet.c_str(), stringRet.size(), &status);
247 return status;
248 }
249
ConvertDeviceEncryptionToJson(napi_env env,DeviceEncryptionStatus & deviceEncryptionStatus,std::string & stringRet)250 int32_t SecurityManagerAddon::ConvertDeviceEncryptionToJson(napi_env env,
251 DeviceEncryptionStatus &deviceEncryptionStatus, std::string &stringRet)
252 {
253 cJSON *json = nullptr;
254 CJSON_CREATE_OBJECT_AND_CHECK(json, EdmReturnErrCode::SYSTEM_ABNORMALLY);
255 cJSON_AddBoolToObject(json, "isEncrypted", deviceEncryptionStatus.isEncrypted);
256 char *jsonStr = cJSON_PrintUnformatted(json);
257 if (jsonStr == nullptr) {
258 cJSON_Delete(json);
259 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
260 }
261 stringRet = std::string(jsonStr);
262 cJSON_Delete(json);
263 cJSON_free(jsonStr);
264 return ERR_OK;
265 }
266
InstallUserCertificate(napi_env env,napi_callback_info info)267 napi_value SecurityManagerAddon::InstallUserCertificate(napi_env env, napi_callback_info info)
268 {
269 EDMLOGI("NAPI_InstallUserCertificate called");
270 size_t argc = ARGS_SIZE_THREE;
271 napi_value argv[ARGS_SIZE_THREE] = {nullptr};
272 napi_value thisArg = nullptr;
273 void *data = nullptr;
274 NAPI_CALL(env, napi_get_cb_info(env, info, &argc, argv, &thisArg, &data));
275 ASSERT_AND_THROW_PARAM_ERROR(env, argc >= ARGS_SIZE_TWO, "parameter count error");
276 bool matchFlag = MatchValueType(env, argv[ARR_INDEX_ZERO], napi_object);
277 ASSERT_AND_THROW_PARAM_ERROR(env, matchFlag, "parameter want error");
278 matchFlag = MatchValueType(env, argv[ARR_INDEX_ONE], napi_object);
279 ASSERT_AND_THROW_PARAM_ERROR(env, matchFlag, "parameter certblob error");
280 auto asyncCallbackInfo = new (std::nothrow) AsyncCertCallbackInfo();
281 if (asyncCallbackInfo == nullptr) {
282 return nullptr;
283 }
284 std::unique_ptr<AsyncCertCallbackInfo> callbackPtr{asyncCallbackInfo};
285 bool retAdmin = ParseElementName(env, asyncCallbackInfo->elementName, argv[ARR_INDEX_ZERO]);
286 ASSERT_AND_THROW_PARAM_ERROR(env, retAdmin, "element name param error");
287 EDMLOGD(
288 "InstallUserCertificate: asyncCallbackInfo->elementName.bundlename %{public}s, "
289 "asyncCallbackInfo->abilityname:%{public}s",
290 asyncCallbackInfo->elementName.GetBundleName().c_str(),
291 asyncCallbackInfo->elementName.GetAbilityName().c_str());
292
293 bool retCertBlob = ParseCertBlob(env, argv[ARR_INDEX_ONE], asyncCallbackInfo);
294 ASSERT_AND_THROW_PARAM_ERROR(env, retCertBlob, "element cert blob error");
295
296 napi_value asyncWorkReturn = HandleAsyncWork(env, asyncCallbackInfo, "InstallUserCertificate",
297 NativeInstallUserCertificate, NativeStringCallbackComplete);
298 callbackPtr.release();
299 return asyncWorkReturn;
300 }
301
NativeInstallUserCertificate(napi_env env,void * data)302 void SecurityManagerAddon::NativeInstallUserCertificate(napi_env env, void *data)
303 {
304 EDMLOGI("NAPI_NativeInstallUserCertificate called");
305 if (data == nullptr) {
306 EDMLOGE("data is nullptr");
307 return;
308 }
309 AsyncCertCallbackInfo *asyncCallbackInfo = static_cast<AsyncCertCallbackInfo *>(data);
310 asyncCallbackInfo->ret = DeviceSettingsProxy::GetDeviceSettingsProxy()->InstallUserCertificate(
311 asyncCallbackInfo->elementName, asyncCallbackInfo->certArray, asyncCallbackInfo->alias,
312 asyncCallbackInfo->stringRet, asyncCallbackInfo->innerCodeMsg);
313 }
314
UninstallUserCertificate(napi_env env,napi_callback_info info)315 napi_value SecurityManagerAddon::UninstallUserCertificate(napi_env env, napi_callback_info info)
316 {
317 EDMLOGI("NAPI_UninstallUserCertificate called");
318 size_t argc = ARGS_SIZE_THREE;
319 napi_value argv[ARGS_SIZE_THREE] = {nullptr};
320 napi_value thisArg = nullptr;
321 void *data = nullptr;
322 NAPI_CALL(env, napi_get_cb_info(env, info, &argc, argv, &thisArg, &data));
323 ASSERT_AND_THROW_PARAM_ERROR(env, argc >= ARGS_SIZE_TWO, "parameter count error");
324 bool matchFlag = MatchValueType(env, argv[ARR_INDEX_ZERO], napi_object);
325 ASSERT_AND_THROW_PARAM_ERROR(env, matchFlag, "parameter want error");
326 matchFlag = MatchValueType(env, argv[ARR_INDEX_ONE], napi_string);
327 ASSERT_AND_THROW_PARAM_ERROR(env, matchFlag, "parameter uri error");
328 auto asyncCallbackInfo = new (std::nothrow) AsyncCertCallbackInfo();
329 if (asyncCallbackInfo == nullptr) {
330 return nullptr;
331 }
332 std::unique_ptr<AsyncCertCallbackInfo> callbackPtr{asyncCallbackInfo};
333 bool retAdmin = ParseElementName(env, asyncCallbackInfo->elementName, argv[ARR_INDEX_ZERO]);
334 ASSERT_AND_THROW_PARAM_ERROR(env, retAdmin, "element name param error");
335 EDMLOGD(
336 "UninstallUserCertificate: asyncCallbackInfo->elementName.bundlename %{public}s, "
337 "asyncCallbackInfo->abilityname:%{public}s",
338 asyncCallbackInfo->elementName.GetBundleName().c_str(),
339 asyncCallbackInfo->elementName.GetAbilityName().c_str());
340
341 bool retAlias = ParseString(env, asyncCallbackInfo->alias, argv[ARR_INDEX_ONE]);
342 ASSERT_AND_THROW_PARAM_ERROR(env, retAlias, "element alias error");
343
344 napi_value asyncWorkReturn = HandleAsyncWork(env, asyncCallbackInfo, "uninstallUserCertificate",
345 NativeUninstallUserCertificate, NativeVoidCallbackComplete);
346 callbackPtr.release();
347 return asyncWorkReturn;
348 }
349
NativeUninstallUserCertificate(napi_env env,void * data)350 void SecurityManagerAddon::NativeUninstallUserCertificate(napi_env env, void *data)
351 {
352 EDMLOGI("NAPI_NativeUninstallUserCertificate called");
353 if (data == nullptr) {
354 EDMLOGE("data is nullptr");
355 return;
356 }
357 AsyncCertCallbackInfo *asyncCallbackInfo = static_cast<AsyncCertCallbackInfo *>(data);
358 asyncCallbackInfo->ret = DeviceSettingsProxy::GetDeviceSettingsProxy()->UninstallUserCertificate(
359 asyncCallbackInfo->elementName, asyncCallbackInfo->alias, asyncCallbackInfo->innerCodeMsg);
360 }
361
ParseCertBlob(napi_env env,napi_value object,AsyncCertCallbackInfo * asyncCertCallbackInfo)362 bool SecurityManagerAddon::ParseCertBlob(napi_env env, napi_value object, AsyncCertCallbackInfo *asyncCertCallbackInfo)
363 {
364 napi_valuetype type = napi_undefined;
365 NAPI_CALL_BASE(env, napi_typeof(env, object, &type), false);
366 if (type != napi_object) {
367 EDMLOGE("type of param certblob is not object");
368 return false;
369 }
370 if (!JsObjectToU8Vector(env, object, "inData", asyncCertCallbackInfo->certArray)) {
371 EDMLOGE("uint8Array to vector failed");
372 return false;
373 }
374 return JsObjectToString(env, object, "alias", true, asyncCertCallbackInfo->alias);
375 }
376
SetAppClipboardPolicy(napi_env env,napi_callback_info info)377 napi_value SecurityManagerAddon::SetAppClipboardPolicy(napi_env env, napi_callback_info info)
378 {
379 EDMLOGI("NAPI_SetAppClipboardPolicy called");
380 size_t argc = ARGS_SIZE_THREE;
381 napi_value argv[ARGS_SIZE_THREE] = {nullptr};
382 napi_value thisArg = nullptr;
383 void *data = nullptr;
384 NAPI_CALL(env, napi_get_cb_info(env, info, &argc, argv, &thisArg, &data));
385 ASSERT_AND_THROW_PARAM_ERROR(env, argc >= ARGS_SIZE_THREE, "parameter count error");
386 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_ZERO], napi_object), "admin type error");
387 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_ONE], napi_number), "tokenId type error");
388 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_TWO], napi_number),
389 "clipboardPolicy type error");
390
391 OHOS::AppExecFwk::ElementName elementName;
392 int32_t tokenId = 0;
393 int32_t policy = 0;
394 ASSERT_AND_THROW_PARAM_ERROR(env, ParseElementName(env, elementName, argv[ARR_INDEX_ZERO]),
395 "Parameter admin error");
396 ASSERT_AND_THROW_PARAM_ERROR(env, ParseInt(env, tokenId, argv[ARR_INDEX_ONE]),
397 "Parameter tokenId error");
398 ASSERT_AND_THROW_PARAM_ERROR(env, ParseInt(env, policy, argv[ARR_INDEX_TWO]),
399 "Parameter clipboardPolicy error");
400 int32_t retCode =
401 SecurityManagerProxy::GetSecurityManagerProxy()->SetAppClipboardPolicy(elementName, tokenId, policy);
402 if (FAILED(retCode)) {
403 napi_throw(env, CreateError(env, retCode));
404 }
405 return nullptr;
406 }
407
GetAppClipboardPolicy(napi_env env,napi_callback_info info)408 napi_value SecurityManagerAddon::GetAppClipboardPolicy(napi_env env, napi_callback_info info)
409 {
410 EDMLOGI("NAPI_GetAppClipboardPolicy called");
411 size_t argc = ARGS_SIZE_TWO;
412 napi_value argv[ARGS_SIZE_TWO] = {nullptr};
413 napi_value thisArg = nullptr;
414 void *data = nullptr;
415 NAPI_CALL(env, napi_get_cb_info(env, info, &argc, argv, &thisArg, &data));
416 ASSERT_AND_THROW_PARAM_ERROR(env, argc >= ARGS_SIZE_ONE, "parameter count error");
417 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_ZERO], napi_object), "admin type error");
418
419 OHOS::AppExecFwk::ElementName elementName;
420 int32_t tokenId = 0;
421 std::string policy;
422 ASSERT_AND_THROW_PARAM_ERROR(env, ParseElementName(env, elementName, argv[ARR_INDEX_ZERO]),
423 "Parameter admin error");
424
425 if (argc > ARGS_SIZE_ONE) {
426 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_ONE], napi_number), "tokenId type error");
427 ASSERT_AND_THROW_PARAM_ERROR(env, ParseInt(env, tokenId, argv[ARR_INDEX_ONE]),
428 "Parameter tokenId error");
429 }
430 int32_t retCode =
431 SecurityManagerProxy::GetSecurityManagerProxy()->GetAppClipboardPolicy(elementName, tokenId, policy);
432 if (FAILED(retCode)) {
433 napi_throw(env, CreateError(env, retCode));
434 return nullptr;
435 }
436 napi_value clipboardPolicy;
437 napi_create_string_utf8(env, policy.c_str(), NAPI_AUTO_LENGTH, &clipboardPolicy);
438 return clipboardPolicy;
439 }
440
CreateClipboardPolicyObject(napi_env env,napi_value value)441 void SecurityManagerAddon::CreateClipboardPolicyObject(napi_env env, napi_value value)
442 {
443 napi_value nDefault;
444 NAPI_CALL_RETURN_VOID(env, napi_create_int32(env, static_cast<int32_t>(ClipboardPolicy::DEFAULT), &nDefault));
445 NAPI_CALL_RETURN_VOID(env, napi_set_named_property(env, value, "DEFAULT", nDefault));
446 napi_value nInApp;
447 NAPI_CALL_RETURN_VOID(env, napi_create_int32(env, static_cast<int32_t>(ClipboardPolicy::IN_APP), &nInApp));
448 NAPI_CALL_RETURN_VOID(env, napi_set_named_property(env, value, "IN_APP", nInApp));
449 napi_value nLocalDevice;
450 NAPI_CALL_RETURN_VOID(env,
451 napi_create_int32(env, static_cast<int32_t>(ClipboardPolicy::LOCAL_DEVICE), &nLocalDevice));
452 NAPI_CALL_RETURN_VOID(env, napi_set_named_property(env, value, "LOCAL_DEVICE", nLocalDevice));
453 napi_value nCrossDevice;
454 NAPI_CALL_RETURN_VOID(env,
455 napi_create_int32(env, static_cast<int32_t>(ClipboardPolicy::CROSS_DEVICE), &nCrossDevice));
456 NAPI_CALL_RETURN_VOID(env, napi_set_named_property(env, value, "CROSS_DEVICE", nCrossDevice));
457 }
458
SetWatermarkImage(napi_env env,napi_callback_info info)459 napi_value SecurityManagerAddon::SetWatermarkImage(napi_env env, napi_callback_info info)
460 {
461 EDMLOGI("NAPI_SetWatermarkImage called");
462 size_t argc = ARGS_SIZE_FOUR;
463 napi_value argv[ARGS_SIZE_FOUR] = {nullptr};
464 napi_value thisArg = nullptr;
465 void *data = nullptr;
466 NAPI_CALL(env, napi_get_cb_info(env, info, &argc, argv, &thisArg, &data));
467 ASSERT_AND_THROW_PARAM_ERROR(env, argc >= ARGS_SIZE_FOUR, "parameter count error");
468 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_ZERO], napi_object), "admin type error");
469 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_ONE], napi_string), "bundleName type error");
470 napi_valuetype imageValueType = napi_undefined;
471 NAPI_CALL(env, napi_typeof(env, argv[ARR_INDEX_TWO], &imageValueType));
472 ASSERT_AND_THROW_PARAM_ERROR(env, imageValueType == napi_object || imageValueType == napi_string,
473 "image type error");
474 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_THREE], napi_number),
475 "accountId type error");
476
477 OHOS::AppExecFwk::ElementName elementName;
478 std::string bundleName;
479 std::shared_ptr<Media::PixelMap> pixelMap;
480 int32_t accountId = -1;
481 ASSERT_AND_THROW_PARAM_ERROR(env, ParseElementName(env, elementName, argv[ARR_INDEX_ZERO]),
482 "Parameter admin error");
483 ASSERT_AND_THROW_PARAM_ERROR(env, ParseString(env, bundleName, argv[ARR_INDEX_ONE]),
484 "Parameter bundleName error");
485 if (imageValueType == napi_object) {
486 pixelMap = Media::PixelMapNapi::GetPixelMap(env, argv[ARR_INDEX_TWO]);
487 } else {
488 std::string url;
489 ASSERT_AND_THROW_PARAM_ERROR(env, ParseString(env, url, argv[ARR_INDEX_TWO]),
490 "Parameter pixelMap error");
491 pixelMap = Decode(url);
492 }
493 ASSERT_AND_THROW_PARAM_ERROR(env, pixelMap != nullptr &&
494 pixelMap->GetByteCount() <= MAX_WATERMARK_IMAGE_SIZE, "Parameter pixelMap error");
495 ASSERT_AND_THROW_PARAM_ERROR(env, ParseInt(env, accountId, argv[ARR_INDEX_THREE]),
496 "Parameter accountId error");
497 napi_throw(env, CreateError(env, EdmReturnErrCode::INTERFACE_UNSUPPORTED));
498 return nullptr;
499 }
500
CancelWatermarkImage(napi_env env,napi_callback_info info)501 napi_value SecurityManagerAddon::CancelWatermarkImage(napi_env env, napi_callback_info info)
502 {
503 EDMLOGI("NAPI_CancelWatermarkImage called");
504 size_t argc = ARGS_SIZE_THREE;
505 napi_value argv[ARGS_SIZE_THREE] = {nullptr};
506 napi_value thisArg = nullptr;
507 void *data = nullptr;
508 NAPI_CALL(env, napi_get_cb_info(env, info, &argc, argv, &thisArg, &data));
509 ASSERT_AND_THROW_PARAM_ERROR(env, argc >= ARGS_SIZE_THREE, "parameter count error");
510 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_ZERO], napi_object), "admin type error");
511 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_ONE], napi_string), "bundleName type error");
512 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_TWO], napi_number),
513 "accountId type error");
514
515 OHOS::AppExecFwk::ElementName elementName;
516 std::string bundleName;
517 int32_t accountId = -1;
518 ASSERT_AND_THROW_PARAM_ERROR(env, ParseElementName(env, elementName, argv[ARR_INDEX_ZERO]),
519 "Parameter admin error");
520 ASSERT_AND_THROW_PARAM_ERROR(env, ParseString(env, bundleName, argv[ARR_INDEX_ONE]),
521 "Parameter bundleName error");
522 ASSERT_AND_THROW_PARAM_ERROR(env, ParseInt(env, accountId, argv[ARR_INDEX_TWO]),
523 "Parameter accountId error");
524 napi_throw(env, CreateError(env, EdmReturnErrCode::INTERFACE_UNSUPPORTED));
525 return nullptr;
526 }
527
Decode(const std::string url)528 std::shared_ptr<OHOS::Media::PixelMap> SecurityManagerAddon::Decode(const std::string url)
529 {
530 char canonicalPath[PATH_MAX + 1] = { 0 };
531 if (url.size() > PATH_MAX || realpath(url.c_str(), canonicalPath) == nullptr) {
532 EDMLOGE("realpath error");
533 return nullptr;
534 }
535 int fd = open(canonicalPath, O_RDONLY);
536 if (fd == -1) {
537 EDMLOGE("Decode Open file fail!");
538 return nullptr;
539 }
540 uint32_t ret = ERR_INVALID_VALUE;
541 std::shared_ptr<int> fdPtr(&fd, [](int *fd) {
542 close(*fd);
543 *fd = -1;
544 });
545 Media::SourceOptions sourceOption;
546 auto imageSourcePtr = Media::ImageSource::CreateImageSource(*fdPtr, sourceOption, ret);
547 if (ret != ERR_OK) {
548 EDMLOGE("CreateImageSource error");
549 return nullptr;
550 }
551 Media::DecodeOptions option;
552 auto pixelMapPtr = imageSourcePtr->CreatePixelMap(option, ret);
553 if (ret != ERR_OK) {
554 EDMLOGE("CreatePixelMap error");
555 return nullptr;
556 }
557 return std::shared_ptr<Media::PixelMap>(std::move(pixelMapPtr));
558 }
559
560 static napi_module g_securityModule = {
561 .nm_version = 1,
562 .nm_flags = 0,
563 .nm_filename = nullptr,
564 .nm_register_func = SecurityManagerAddon::Init,
565 .nm_modname = "enterprise.securityManager",
566 .nm_priv = ((void *)0),
567 .reserved = {0},
568 };
569
SecurityManagerRegister()570 extern "C" __attribute__((constructor)) void SecurityManagerRegister()
571 {
572 napi_module_register(&g_securityModule);
573 }
574