1 /*
2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "dlp_permission_kit.h"
17 #include <string>
18 #include <thread>
19 #include <vector>
20 #include "datetime_ex.h"
21 #include "dlp_permission_client.h"
22 #include "dlp_permission_log.h"
23 #include "permission_policy.h"
24
25 namespace OHOS {
26 namespace Security {
27 namespace DlpPermission {
28 namespace {
29 static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_DLP_PERMISSION, "DlpPermissionKit"};
30 const int64_t TIME_WAIT_TIME_OUT = 10;
31 const int64_t PARSE_WAIT_TIME_OUT = 5;
32 } // namespace
33
OnGenerateDlpCertificate(int32_t result,const std::vector<uint8_t> & cert)34 void ClientGenerateDlpCertificateCallback::OnGenerateDlpCertificate(int32_t result, const std::vector<uint8_t>& cert)
35 {
36 DLP_LOG_INFO(LABEL, "Callback");
37 this->result_ = result;
38 if (result == DLP_OK) {
39 this->cert_ = cert;
40 }
41 std::unique_lock<std::mutex> lck(generateMtx_);
42 this->isCallBack_ = true;
43 generateCv_.notify_all();
44 }
45
OnParseDlpCertificate(int32_t result,const PermissionPolicy & policy,const std::vector<uint8_t> & cert)46 void ClientParseDlpCertificateCallback::OnParseDlpCertificate(int32_t result, const PermissionPolicy& policy,
47 const std::vector<uint8_t>& cert)
48 {
49 DLP_LOG_INFO(LABEL, "Callback");
50 this->result_ = result;
51 if (result == DLP_OK) {
52 this->policy_.CopyPermissionPolicy(policy);
53 this->offlineCert_ = cert;
54 }
55 std::unique_lock<std::mutex> lck(parseMtx_);
56 this->isCallBack_ = true;
57 parseCv_.notify_all();
58 }
59
GenerateDlpCertificate(const PermissionPolicy & policy,std::vector<uint8_t> & cert)60 int32_t DlpPermissionKit::GenerateDlpCertificate(const PermissionPolicy& policy, std::vector<uint8_t>& cert)
61 {
62 std::shared_ptr<ClientGenerateDlpCertificateCallback> callback =
63 std::make_shared<ClientGenerateDlpCertificateCallback>();
64 int32_t res = DlpPermissionClient::GetInstance().GenerateDlpCertificate(policy, callback);
65 if (res != DLP_OK) {
66 DLP_LOG_ERROR(LABEL, "begin generate cert fail, error: %{public}d", res);
67 return res;
68 }
69
70 // wait callback
71 {
72 std::unique_lock<std::mutex> lck(callback->generateMtx_);
73 if (!callback->isCallBack_) {
74 callback->generateCv_.wait_for(lck, std::chrono::seconds(TIME_WAIT_TIME_OUT));
75 }
76 }
77 if (!callback->isCallBack_) {
78 DLP_LOG_ERROR(LABEL, "service did not call back! timeout!");
79 return DLP_SERVICE_ERROR_CREDENTIAL_TASK_TIMEOUT;
80 }
81 DLP_LOG_INFO(LABEL, "get callback succeed!");
82 if (callback->result_ == DLP_OK) {
83 cert = callback->cert_;
84 }
85 return callback->result_;
86 }
87
ParseDlpCertificate(sptr<CertParcel> & certParcel,PermissionPolicy & policy,const std::string & appId,const bool & offlineAccess)88 int32_t DlpPermissionKit::ParseDlpCertificate(sptr<CertParcel>& certParcel, PermissionPolicy& policy,
89 const std::string& appId, const bool& offlineAccess)
90 {
91 std::shared_ptr<ClientParseDlpCertificateCallback> callback = std::make_shared<ClientParseDlpCertificateCallback>();
92 int32_t res = DlpPermissionClient::GetInstance().ParseDlpCertificate(certParcel, callback, appId, offlineAccess);
93 if (res != DLP_OK) {
94 DLP_LOG_INFO(LABEL, "ParseDlpCertificate return %{public}d", res);
95 return res;
96 }
97
98 // wait callback
99 {
100 std::unique_lock<std::mutex> lck(callback->parseMtx_);
101 if (!callback->isCallBack_) {
102 callback->parseCv_.wait_for(lck, std::chrono::seconds(PARSE_WAIT_TIME_OUT));
103 }
104 }
105
106 if (!callback->isCallBack_) {
107 return DLP_CREDENTIAL_ERROR_NO_INTERNET;
108 }
109
110 if (callback->result_ == DLP_OK) {
111 policy.CopyPermissionPolicy(callback->policy_);
112 certParcel->offlineCert = callback->offlineCert_;
113 }
114
115 return callback->result_;
116 }
117
InstallDlpSandbox(const std::string & bundleName,DLPFileAccess dlpFileAccess,int32_t userId,SandboxInfo & sandboxInfo,const std::string & uri)118 int32_t DlpPermissionKit::InstallDlpSandbox(const std::string& bundleName, DLPFileAccess dlpFileAccess, int32_t userId,
119 SandboxInfo& sandboxInfo, const std::string& uri)
120 {
121 return DlpPermissionClient::GetInstance().InstallDlpSandbox(bundleName, dlpFileAccess, userId, sandboxInfo, uri);
122 }
123
UninstallDlpSandbox(const std::string & bundleName,int32_t appIndex,int32_t userId)124 int32_t DlpPermissionKit::UninstallDlpSandbox(const std::string& bundleName, int32_t appIndex, int32_t userId)
125 {
126 return DlpPermissionClient::GetInstance().UninstallDlpSandbox(bundleName, appIndex, userId);
127 }
128
GetSandboxExternalAuthorization(int sandboxUid,const AAFwk::Want & want,SandBoxExternalAuthorType & authType)129 int32_t DlpPermissionKit::GetSandboxExternalAuthorization(int sandboxUid,
130 const AAFwk::Want& want, SandBoxExternalAuthorType& authType)
131 {
132 return DlpPermissionClient::GetInstance().GetSandboxExternalAuthorization(sandboxUid, want, authType);
133 }
134
QueryDlpFileCopyableByTokenId(bool & copyable,uint32_t tokenId)135 int32_t DlpPermissionKit::QueryDlpFileCopyableByTokenId(bool& copyable, uint32_t tokenId)
136 {
137 return DlpPermissionClient::GetInstance().QueryDlpFileCopyableByTokenId(copyable, tokenId);
138 }
139
QueryDlpFileAccess(DLPPermissionInfo & permInfo)140 int32_t DlpPermissionKit::QueryDlpFileAccess(DLPPermissionInfo& permInfo)
141 {
142 return DlpPermissionClient::GetInstance().QueryDlpFileAccess(permInfo);
143 }
144
IsInDlpSandbox(bool & inSandbox)145 int32_t DlpPermissionKit::IsInDlpSandbox(bool& inSandbox)
146 {
147 return DlpPermissionClient::GetInstance().IsInDlpSandbox(inSandbox);
148 }
149
GetDlpSupportFileType(std::vector<std::string> & supportFileType)150 int32_t DlpPermissionKit::GetDlpSupportFileType(std::vector<std::string>& supportFileType)
151 {
152 return DlpPermissionClient::GetInstance().GetDlpSupportFileType(supportFileType);
153 }
154
RegisterDlpSandboxChangeCallback(const std::shared_ptr<DlpSandboxChangeCallbackCustomize> & callback)155 int32_t DlpPermissionKit::RegisterDlpSandboxChangeCallback(
156 const std::shared_ptr<DlpSandboxChangeCallbackCustomize> &callback)
157 {
158 return DlpPermissionClient::GetInstance().RegisterDlpSandboxChangeCallback(callback);
159 }
160
UnregisterDlpSandboxChangeCallback(bool & result)161 int32_t DlpPermissionKit::UnregisterDlpSandboxChangeCallback(bool &result)
162 {
163 return DlpPermissionClient::GetInstance().UnregisterDlpSandboxChangeCallback(result);
164 }
165
RegisterOpenDlpFileCallback(const std::shared_ptr<OpenDlpFileCallbackCustomize> & callback)166 int32_t DlpPermissionKit::RegisterOpenDlpFileCallback(const std::shared_ptr<OpenDlpFileCallbackCustomize>& callback)
167 {
168 return DlpPermissionClient::GetInstance().RegisterOpenDlpFileCallback(callback);
169 }
170
UnRegisterOpenDlpFileCallback(const std::shared_ptr<OpenDlpFileCallbackCustomize> & callback)171 int32_t DlpPermissionKit::UnRegisterOpenDlpFileCallback(const std::shared_ptr<OpenDlpFileCallbackCustomize>& callback)
172 {
173 return DlpPermissionClient::GetInstance().UnRegisterOpenDlpFileCallback(callback);
174 }
175
GetDlpGatheringPolicy(bool & isGathering)176 int32_t DlpPermissionKit::GetDlpGatheringPolicy(bool& isGathering)
177 {
178 return DlpPermissionClient::GetInstance().GetDlpGatheringPolicy(isGathering);
179 }
180
SetRetentionState(const std::vector<std::string> & docUriVec)181 int32_t DlpPermissionKit::SetRetentionState(const std::vector<std::string>& docUriVec)
182 {
183 return DlpPermissionClient::GetInstance().SetRetentionState(docUriVec);
184 }
185
CancelRetentionState(const std::vector<std::string> & docUriVec)186 int32_t DlpPermissionKit::CancelRetentionState(const std::vector<std::string>& docUriVec)
187 {
188 return DlpPermissionClient::GetInstance().CancelRetentionState(docUriVec);
189 }
190
GetRetentionSandboxList(const std::string & bundleName,std::vector<RetentionSandBoxInfo> & retentionSandBoxInfoVec)191 int32_t DlpPermissionKit::GetRetentionSandboxList(const std::string& bundleName,
192 std::vector<RetentionSandBoxInfo>& retentionSandBoxInfoVec)
193 {
194 return DlpPermissionClient::GetInstance().GetRetentionSandboxList(bundleName, retentionSandBoxInfoVec);
195 }
196
ClearUnreservedSandbox()197 int32_t DlpPermissionKit::ClearUnreservedSandbox()
198 {
199 return DlpPermissionClient::GetInstance().ClearUnreservedSandbox();
200 }
201
GetDLPFileVisitRecord(std::vector<VisitedDLPFileInfo> & infoVec)202 int32_t DlpPermissionKit::GetDLPFileVisitRecord(std::vector<VisitedDLPFileInfo>& infoVec)
203 {
204 return DlpPermissionClient::GetInstance().GetDLPFileVisitRecord(infoVec);
205 }
206
SetMDMPolicy(const std::vector<std::string> & appIdList)207 int32_t DlpPermissionKit::SetMDMPolicy(const std::vector<std::string>& appIdList)
208 {
209 return DlpPermissionClient::GetInstance().SetMDMPolicy(appIdList);
210 }
211
GetMDMPolicy(std::vector<std::string> & appIdList)212 int32_t DlpPermissionKit::GetMDMPolicy(std::vector<std::string>& appIdList)
213 {
214 return DlpPermissionClient::GetInstance().GetMDMPolicy(appIdList);
215 }
216
RemoveMDMPolicy()217 int32_t DlpPermissionKit::RemoveMDMPolicy()
218 {
219 return DlpPermissionClient::GetInstance().RemoveMDMPolicy();
220 }
221
SetSandboxAppConfig(const std::string & configInfo)222 int32_t DlpPermissionKit::SetSandboxAppConfig(const std::string& configInfo)
223 {
224 return DlpPermissionClient::GetInstance().SetSandboxAppConfig(configInfo);
225 }
226
CleanSandboxAppConfig()227 int32_t DlpPermissionKit::CleanSandboxAppConfig()
228 {
229 return DlpPermissionClient::GetInstance().CleanSandboxAppConfig();
230 }
231
GetSandboxAppConfig(std::string & configInfo)232 int32_t DlpPermissionKit::GetSandboxAppConfig(std::string& configInfo)
233 {
234 return DlpPermissionClient::GetInstance().GetSandboxAppConfig(configInfo);
235 }
236
IsDLPFeatureProvided(bool & isProvideDLPFeature)237 int32_t DlpPermissionKit::IsDLPFeatureProvided(bool& isProvideDLPFeature)
238 {
239 return DlpPermissionClient::GetInstance().IsDLPFeatureProvided(isProvideDLPFeature);
240 }
241
SetReadFlag(uint32_t uid)242 int32_t DlpPermissionKit::SetReadFlag(uint32_t uid)
243 {
244 return DlpPermissionClient::GetInstance().SetReadFlag(uid);
245 }
246 } // namespace DlpPermission
247 } // namespace Security
248 } // namespace OHOS
249