1 /*
2 * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "accesstoken_callback_stubs.h"
17
18 #include "access_token.h"
19 #include "access_token_error.h"
20 #include "accesstoken_log.h"
21 #include "permission_state_change_info_parcel.h"
22 #include "string_ex.h"
23
24 #ifdef TOKEN_SYNC_ENABLE
25 #include "hap_token_info_for_sync_parcel.h"
26 #include "ipc_skeleton.h"
27 #endif // TOKEN_SYNC_ENABLE
28
29 namespace OHOS {
30 namespace Security {
31 namespace AccessToken {
32 namespace {
33 static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {
34 LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AccessTokenCallbackStubs"
35 };
36 #ifdef TOKEN_SYNC_ENABLE
37 static const int32_t ACCESSTOKEN_UID = 3020;
38 #endif // TOKEN_SYNC_ENABLE
39 }
40
OnRemoteRequest(uint32_t code,MessageParcel & data,MessageParcel & reply,MessageOption & option)41 int32_t PermissionStateChangeCallbackStub::OnRemoteRequest(
42 uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& option)
43 {
44 ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry, code: 0x%{public}x", code);
45 std::u16string descriptor = data.ReadInterfaceToken();
46 if (descriptor != IPermissionStateCallback::GetDescriptor()) {
47 ACCESSTOKEN_LOG_ERROR(LABEL, "Get unexpect descriptor: %{public}s", Str16ToStr8(descriptor).c_str());
48 return ERROR_IPC_REQUEST_FAIL;
49 }
50
51 int32_t msgCode = static_cast<int32_t>(code);
52 if (msgCode == static_cast<int32_t>(AccesstokenStateChangeInterfaceCode::PERMISSION_STATE_CHANGE)) {
53 PermStateChangeInfo result;
54 sptr<PermissionStateChangeInfoParcel> resultSptr = data.ReadParcelable<PermissionStateChangeInfoParcel>();
55 if (resultSptr == nullptr) {
56 ACCESSTOKEN_LOG_ERROR(LABEL, "ReadParcelable fail");
57 return ERR_READ_PARCEL_FAILED;
58 }
59
60 PermStateChangeCallback(resultSptr->changeInfo);
61 } else {
62 return IPCObjectStub::OnRemoteRequest(code, data, reply, option);
63 }
64 return RET_SUCCESS;
65 }
66
67 #ifdef TOKEN_SYNC_ENABLE
OnRemoteRequest(uint32_t code,MessageParcel & data,MessageParcel & reply,MessageOption & option)68 int32_t TokenSyncCallbackStub::OnRemoteRequest(
69 uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& option)
70 {
71 ACCESSTOKEN_LOG_INFO(LABEL, "Called.");
72 std::u16string descriptor = data.ReadInterfaceToken();
73 if (descriptor != ITokenSyncCallback::GetDescriptor()) {
74 ACCESSTOKEN_LOG_ERROR(LABEL, "Get unexpect descriptor, descriptor = %{public}s",
75 Str16ToStr8(descriptor).c_str());
76 return ERROR_IPC_REQUEST_FAIL;
77 }
78 int32_t msgCode = static_cast<int32_t>(code);
79 switch (msgCode) {
80 case static_cast<int32_t>(TokenSyncCallbackInterfaceCode::GET_REMOTE_HAP_TOKEN_INFO):
81 GetRemoteHapTokenInfoInner(data, reply);
82 break;
83 case static_cast<int32_t>(TokenSyncCallbackInterfaceCode::DELETE_REMOTE_HAP_TOKEN_INFO):
84 DeleteRemoteHapTokenInfoInner(data, reply);
85 break;
86 case static_cast<int32_t>(TokenSyncCallbackInterfaceCode::UPDATE_REMOTE_HAP_TOKEN_INFO):
87 UpdateRemoteHapTokenInfoInner(data, reply);
88 break;
89 default:
90 return IPCObjectStub::OnRemoteRequest(code, data, reply, option);
91 }
92 return RET_SUCCESS;
93 }
94
GetRemoteHapTokenInfoInner(MessageParcel & data,MessageParcel & reply)95 void TokenSyncCallbackStub::GetRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply)
96 {
97 if (!IsAccessTokenCalling()) {
98 ACCESSTOKEN_LOG_ERROR(LABEL, "Permission denied, func = %{public}s", __func__);
99 reply.WriteInt32(ERR_IDENTITY_CHECK_FAILED);
100 return;
101 }
102
103 std::string deviceID = data.ReadString();
104 AccessTokenID tokenID = data.ReadUint32();
105
106 int result = this->GetRemoteHapTokenInfo(deviceID, tokenID);
107 reply.WriteInt32(result);
108 }
109
DeleteRemoteHapTokenInfoInner(MessageParcel & data,MessageParcel & reply)110 void TokenSyncCallbackStub::DeleteRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply)
111 {
112 if (!IsAccessTokenCalling()) {
113 ACCESSTOKEN_LOG_ERROR(LABEL, "Permission denied, func = %{public}s", __func__);
114 reply.WriteInt32(ERR_IDENTITY_CHECK_FAILED);
115 return;
116 }
117
118 AccessTokenID tokenID = data.ReadUint32();
119 int result = this->DeleteRemoteHapTokenInfo(tokenID);
120 reply.WriteInt32(result);
121 }
122
UpdateRemoteHapTokenInfoInner(MessageParcel & data,MessageParcel & reply)123 void TokenSyncCallbackStub::UpdateRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply)
124 {
125 if (!IsAccessTokenCalling()) {
126 ACCESSTOKEN_LOG_ERROR(LABEL, "Permission denied, func = %{public}s", __func__);
127 reply.WriteInt32(ERR_IDENTITY_CHECK_FAILED);
128 return;
129 }
130
131 sptr<HapTokenInfoForSyncParcel> tokenInfoParcelPtr = data.ReadParcelable<HapTokenInfoForSyncParcel>();
132 int result = RET_FAILED;
133 if (tokenInfoParcelPtr != nullptr) {
134 result = this->UpdateRemoteHapTokenInfo(tokenInfoParcelPtr->hapTokenInfoForSyncParams);
135 }
136 reply.WriteInt32(result);
137 }
138
IsAccessTokenCalling() const139 bool TokenSyncCallbackStub::IsAccessTokenCalling() const
140 {
141 int callingUid = IPCSkeleton::GetCallingUid();
142 return callingUid == ACCESSTOKEN_UID;
143 }
144 #endif // TOKEN_SYNC_ENABLE
145 } // namespace AccessToken
146 } // namespace Security
147 } // namespace OHOS
148