1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #define LOG_TAG "BundleChecker"
16
17 #include "bundle_checker.h"
18 #include <memory>
19 #include "accesstoken_kit.h"
20 #include "hap_token_info.h"
21 #include "log_print.h"
22 #include "utils/crypto.h"
23 namespace OHOS {
24 namespace DistributedData {
25 using namespace Security::AccessToken;
26 __attribute__((used)) BundleChecker BundleChecker::instance_;
BundleChecker()27 BundleChecker::BundleChecker() noexcept
28 {
29 CheckerManager::GetInstance().RegisterPlugin(
30 "BundleChecker", [this]() -> auto { return this; });
31 }
32
~BundleChecker()33 BundleChecker::~BundleChecker()
34 {
35 }
36
Initialize()37 void BundleChecker::Initialize()
38 {
39 }
40
SetTrustInfo(const CheckerManager::Trust & trust)41 bool BundleChecker::SetTrustInfo(const CheckerManager::Trust &trust)
42 {
43 trusts_[trust.bundleName] = trust.appId;
44 return true;
45 }
46
SetDistrustInfo(const CheckerManager::Distrust & distrust)47 bool BundleChecker::SetDistrustInfo(const CheckerManager::Distrust &distrust)
48 {
49 distrusts_[distrust.bundleName] = distrust.appId;
50 return true;
51 }
52
SetSwitchesInfo(const CheckerManager::Switches & switches)53 bool BundleChecker::SetSwitchesInfo(const CheckerManager::Switches &switches)
54 {
55 switches_[switches.bundleName] = switches.appId;
56 return true;
57 }
58
GetAppId(const CheckerManager::StoreInfo & info)59 std::string BundleChecker::GetAppId(const CheckerManager::StoreInfo &info)
60 {
61 if (AccessTokenKit::GetTokenTypeFlag(info.tokenId) != TOKEN_HAP) {
62 return "";
63 }
64 HapTokenInfo tokenInfo;
65 auto result = AccessTokenKit::GetHapTokenInfo(info.tokenId, tokenInfo);
66 if (result != RET_SUCCESS) {
67 ZLOGE("token:0x%{public}x, result:%{public}d", info.tokenId, result);
68 return "";
69 }
70 if (!info.bundleName.empty() && tokenInfo.bundleName != info.bundleName) {
71 ZLOGE("bundlename:%{public}s <-> %{public}s", info.bundleName.c_str(), tokenInfo.bundleName.c_str());
72 return "";
73 }
74 auto it = trusts_.find(info.bundleName);
75 if (it != trusts_.end() && (it->second == tokenInfo.appID)) {
76 return info.bundleName;
77 }
78 ZLOGD("bundleName:%{public}s, appId:%{public}s", info.bundleName.c_str(), tokenInfo.appID.c_str());
79 return Crypto::Sha256(tokenInfo.appID);
80 }
81
IsValid(const CheckerManager::StoreInfo & info)82 bool BundleChecker::IsValid(const CheckerManager::StoreInfo &info)
83 {
84 if (AccessTokenKit::GetTokenTypeFlag(info.tokenId) != TOKEN_HAP) {
85 return false;
86 }
87
88 HapTokenInfo tokenInfo;
89 if (AccessTokenKit::GetHapTokenInfo(info.tokenId, tokenInfo) != RET_SUCCESS) {
90 return false;
91 }
92
93 return tokenInfo.bundleName == info.bundleName;
94 }
95
IsDistrust(const CheckerManager::StoreInfo & info)96 bool BundleChecker::IsDistrust(const CheckerManager::StoreInfo &info)
97 {
98 if (AccessTokenKit::GetTokenTypeFlag(info.tokenId) != TOKEN_HAP) {
99 return false;
100 }
101 HapTokenInfo tokenInfo;
102 auto result = AccessTokenKit::GetHapTokenInfo(info.tokenId, tokenInfo);
103 if (result != RET_SUCCESS) {
104 ZLOGE("token:0x%{public}x, result:%{public}d", info.tokenId, result);
105 return false;
106 }
107 if (!info.bundleName.empty() && tokenInfo.bundleName != info.bundleName) {
108 ZLOGE("bundlename:%{public}s <-> %{public}s", info.bundleName.c_str(), tokenInfo.bundleName.c_str());
109 return false;
110 }
111 auto it = distrusts_.find(info.bundleName);
112 if (it != distrusts_.end() && (it->second == tokenInfo.appID)) {
113 return true;
114 }
115 return false;
116 }
117
IsSwitches(const CheckerManager::StoreInfo & info)118 bool BundleChecker::IsSwitches(const CheckerManager::StoreInfo &info)
119 {
120 return false;
121 }
122
GetDynamicStores()123 std::vector<CheckerManager::StoreInfo> BundleChecker::GetDynamicStores()
124 {
125 return dynamicStores_;
126 }
127
GetStaticStores()128 std::vector<CheckerManager::StoreInfo> BundleChecker::GetStaticStores()
129 {
130 return staticStores_;
131 }
132
IsDynamic(const CheckerManager::StoreInfo & info)133 bool BundleChecker::IsDynamic(const CheckerManager::StoreInfo &info)
134 {
135 for (const auto &store : dynamicStores_) {
136 if (info.bundleName == store.bundleName && info.storeId == store.storeId) {
137 return true;
138 }
139 }
140 return false;
141 }
142
IsStatic(const CheckerManager::StoreInfo & info)143 bool BundleChecker::IsStatic(const CheckerManager::StoreInfo &info)
144 {
145 for (const auto &store : staticStores_) {
146 if (info.bundleName == store.bundleName && info.storeId == store.storeId) {
147 return true;
148 }
149 }
150 return false;
151 }
152
AddDynamicStore(const CheckerManager::StoreInfo & storeInfo)153 bool BundleChecker::AddDynamicStore(const CheckerManager::StoreInfo &storeInfo)
154 {
155 dynamicStores_.push_back(storeInfo);
156 return true;
157 }
158
AddStaticStore(const CheckerManager::StoreInfo & storeInfo)159 bool BundleChecker::AddStaticStore(const CheckerManager::StoreInfo &storeInfo)
160 {
161 staticStores_.push_back(storeInfo);
162 return true;
163 }
164 } // namespace DistributedData
165 } // namespace OHOS