1 /*
2 * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #include "auth_interface.h"
16
17 #include <securec.h>
18 #include <stdbool.h>
19 #include <stdint.h>
20
21 #include "auth_device_common_key.h"
22 #include "auth_deviceprofile.h"
23 #include "auth_hichain.h"
24 #include "auth_hichain_adapter.h"
25 #include "auth_log.h"
26 #include "auth_manager.h"
27 #include "auth_meta_manager.h"
28 #include "bus_center_manager.h"
29 #include "customized_security_protocol.h"
30 #include "lnn_decision_db.h"
31 #include "lnn_distributed_net_ledger.h"
32 #include "lnn_feature_capability.h"
33 #include "lnn_meta_node_interface.h"
34 #include "lnn_ohos_account.h"
35 #include "lnn_parameter_utils.h"
36 #include "softbus_adapter_mem.h"
37 #include "softbus_def.h"
38
39 #define SHORT_ACCOUNT_HASH_LEN 2
40
41 typedef struct {
42 int32_t module;
43 AuthTransListener listener;
44 } ModuleListener;
45
46 static ModuleListener g_moduleListener[] = {
47 {
48 .module = MODULE_P2P_LINK,
49 .listener = { NULL, NULL },
50 },
51 {
52 .module = MODULE_P2P_LISTEN,
53 .listener = { NULL, NULL },
54 },
55 {
56 .module = MODULE_UDP_INFO,
57 .listener = { NULL, NULL },
58 },
59 {
60 .module = MODULE_TIME_SYNC,
61 .listener = { NULL, NULL },
62 },
63 {
64 .module = MODULE_P2P_NETWORKING_SYNC,
65 .listener = { NULL, NULL },
66 },
67 {
68 .module = MODULE_AUTH_SYNC_INFO,
69 .listener = { NULL, NULL },
70 },
71 {
72 .module = MODULE_PTK_VERIFY,
73 .listener = { NULL, NULL },
74 }
75 };
76
RegAuthTransListener(int32_t module,const AuthTransListener * listener)77 int32_t RegAuthTransListener(int32_t module, const AuthTransListener *listener)
78 {
79 AUTH_LOGI(AUTH_CONN, "Trans: add listener, module=%{public}d", module);
80 if (listener == NULL || listener->onDataReceived == NULL) {
81 AUTH_LOGE(AUTH_CONN, "Trans: invalid listener");
82 return SOFTBUS_INVALID_PARAM;
83 }
84 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
85 if (g_moduleListener[i].module == module) {
86 g_moduleListener[i].listener.onDataReceived = listener->onDataReceived;
87 g_moduleListener[i].listener.onDisconnected = listener->onDisconnected;
88 g_moduleListener[i].listener.onException = listener->onException;
89 return SOFTBUS_OK;
90 }
91 }
92 AUTH_LOGE(AUTH_CONN, "Trans: unknown module=%{public}d", module);
93 return SOFTBUS_ERR;
94 }
95
UnregAuthTransListener(int32_t module)96 void UnregAuthTransListener(int32_t module)
97 {
98 AUTH_LOGI(AUTH_CONN, "Trans: remove listener, module=%{public}d", module);
99 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
100 if (g_moduleListener[i].module == module) {
101 g_moduleListener[i].listener.onDataReceived = NULL;
102 g_moduleListener[i].listener.onDisconnected = NULL;
103 return;
104 }
105 }
106 }
107
IsSupportFeatureByCapaBit(uint32_t feature,AuthCapability capaBit)108 bool IsSupportFeatureByCapaBit(uint32_t feature, AuthCapability capaBit)
109 {
110 return ((feature & (1 << (uint32_t)capaBit)) != 0);
111 }
112
NotifyTransDataReceived(AuthHandle authHandle,const AuthDataHead * head,const uint8_t * data,uint32_t len)113 static void NotifyTransDataReceived(AuthHandle authHandle,
114 const AuthDataHead *head, const uint8_t *data, uint32_t len)
115 {
116 AuthTransListener *listener = NULL;
117 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
118 if (g_moduleListener[i].module == head->module) {
119 listener = &(g_moduleListener[i].listener);
120 break;
121 }
122 }
123 if (listener == NULL || listener->onDataReceived == NULL) {
124 AUTH_LOGI(AUTH_CONN, "Trans: onDataReceived not found");
125 return;
126 }
127 AuthTransData transData = {
128 .module = head->module,
129 .flag = head->flag,
130 .seq = head->seq,
131 .len = len,
132 .data = data,
133 };
134 listener->onDataReceived(authHandle, &transData);
135 }
136
NotifyTransDisconnected(AuthHandle authHandle)137 static void NotifyTransDisconnected(AuthHandle authHandle)
138 {
139 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
140 if (g_moduleListener[i].listener.onDisconnected != NULL) {
141 g_moduleListener[i].listener.onDisconnected(authHandle);
142 }
143 }
144 }
145
NotifyTransException(AuthHandle authHandle,int32_t error)146 static void NotifyTransException(AuthHandle authHandle, int32_t error)
147 {
148 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
149 if (g_moduleListener[i].listener.onException != NULL) {
150 g_moduleListener[i].listener.onException(authHandle, error);
151 }
152 }
153 }
154
CheckSessionKeyAvailable(SessionKeyList * list,AuthLinkType type)155 static int32_t CheckSessionKeyAvailable(SessionKeyList *list, AuthLinkType type)
156 {
157 if (!CheckSessionKeyListExistType(list, type)) {
158 AUTH_LOGI(AUTH_CONN, "client sessionkey invalid, type=%{public}d", type);
159 return SOFTBUS_AUTH_SESSION_KEY_INVALID;
160 }
161 if (CheckSessionKeyListHasOldKey(list, type)) {
162 AUTH_LOGI(AUTH_CONN, "client sessionkey is old, type=%{public}d", type);
163 return SOFTBUS_AUTH_SESSION_KEY_TOO_OLD;
164 }
165 return SOFTBUS_OK;
166 }
167
AuthCheckSessionKeyValidByConnInfo(const char * networkId,const AuthConnInfo * connInfo)168 int32_t AuthCheckSessionKeyValidByConnInfo(const char *networkId, const AuthConnInfo *connInfo)
169 {
170 if (networkId == NULL || connInfo == NULL) {
171 AUTH_LOGE(AUTH_CONN, "param is null");
172 return SOFTBUS_INVALID_PARAM;
173 }
174 NodeInfo nodeInfo;
175 (void)memset_s(&nodeInfo, sizeof(NodeInfo), 0, sizeof(NodeInfo));
176 if (LnnGetRemoteNodeInfoById(networkId, CATEGORY_NETWORK_ID, &nodeInfo) != SOFTBUS_OK) {
177 return SOFTBUS_NETWORK_GET_NODE_INFO_ERR;
178 }
179 if (!IsSupportFeatureByCapaBit(nodeInfo.authCapacity, BIT_SUPPORT_NORMALIZED_LINK)) {
180 return SOFTBUS_OK;
181 }
182 AuthManager *authClient = GetAuthManagerByConnInfo(connInfo, false);
183 AuthManager *authServer = GetAuthManagerByConnInfo(connInfo, true);
184 int64_t authId = AUTH_INVALID_ID;
185 AuthLinkType type = connInfo->type;
186 if (authClient == NULL && authServer == NULL) {
187 if (connInfo->type == AUTH_LINK_TYPE_BR) {
188 AUTH_LOGI(AUTH_CONN, "check ble sessionkey");
189 authId = AuthDeviceGetIdByUuid(nodeInfo.uuid, AUTH_LINK_TYPE_BLE, false);
190 authClient = GetAuthManagerByAuthId(authId);
191 authId = AuthDeviceGetIdByUuid(nodeInfo.uuid, AUTH_LINK_TYPE_BLE, true);
192 authServer = GetAuthManagerByAuthId(authId);
193 type = AUTH_LINK_TYPE_BLE;
194 }
195 if (authClient == NULL && authServer == NULL) {
196 AUTH_LOGE(AUTH_CONN, "client and server auth not found, type=%{public}d", type);
197 return SOFTBUS_AUTH_NOT_FOUND;
198 }
199 }
200 int32_t ret = SOFTBUS_OK;
201 do {
202 if (authClient != NULL) {
203 ret = CheckSessionKeyAvailable(&authClient->sessionKeyList, type);
204 if (ret != SOFTBUS_OK) {
205 break;
206 }
207 }
208 if (authServer != NULL) {
209 ret = CheckSessionKeyAvailable(&authServer->sessionKeyList, type);
210 if (ret != SOFTBUS_OK) {
211 break;
212 }
213 }
214 } while (false);
215 DelDupAuthManager(authClient);
216 DelDupAuthManager(authServer);
217 return ret;
218 }
219
AuthCheckSessionKeyValidByAuthHandle(const AuthHandle * authHandle)220 int32_t AuthCheckSessionKeyValidByAuthHandle(const AuthHandle *authHandle)
221 {
222 if (authHandle == NULL) {
223 AUTH_LOGE(AUTH_CONN, "param is null");
224 return SOFTBUS_INVALID_PARAM;
225 }
226 if (authHandle->type < AUTH_LINK_TYPE_WIFI || authHandle->type >= AUTH_LINK_TYPE_MAX) {
227 AUTH_LOGE(AUTH_CONN, "authHandle type error");
228 return SOFTBUS_INVALID_PARAM;
229 }
230 AuthManager *auth = GetAuthManagerByAuthId(authHandle->authId);
231 if (auth == NULL) {
232 AUTH_LOGE(AUTH_CONN, "not found auth manager, type=%{public}d, authId=%{public}" PRId64,
233 authHandle->type, authHandle->authId);
234 return SOFTBUS_AUTH_NOT_FOUND;
235 }
236 int32_t ret = SOFTBUS_OK;
237 if (!CheckSessionKeyListExistType(&auth->sessionKeyList, (AuthLinkType)authHandle->type)) {
238 AUTH_LOGI(AUTH_CONN, "sessionkey invalid, authId=%{public}" PRId64", type=%{public}d",
239 authHandle->authId, authHandle->type);
240 ret = SOFTBUS_AUTH_SESSION_KEY_INVALID;
241 }
242 DelDupAuthManager(auth);
243 return ret;
244 }
245
AuthOpenConn(const AuthConnInfo * info,uint32_t requestId,const AuthConnCallback * callback,bool isMeta)246 int32_t AuthOpenConn(const AuthConnInfo *info, uint32_t requestId, const AuthConnCallback *callback,
247 bool isMeta)
248 {
249 if (info == NULL || callback == NULL) {
250 AUTH_LOGE(AUTH_CONN, "info or callback is null");
251 return SOFTBUS_INVALID_PARAM;
252 }
253 if (isMeta) {
254 return AuthMetaOpenConn(info, requestId, callback);
255 }
256 return AuthDeviceOpenConn(info, requestId, callback);
257 }
258
AuthPostTransData(AuthHandle authHandle,const AuthTransData * dataInfo)259 int32_t AuthPostTransData(AuthHandle authHandle, const AuthTransData *dataInfo)
260 {
261 if (authHandle.type < AUTH_LINK_TYPE_WIFI || authHandle.type >= AUTH_LINK_TYPE_MAX) {
262 AUTH_LOGE(AUTH_CONN, "authHandle type error");
263 return SOFTBUS_INVALID_PARAM;
264 }
265 AuthManager *auth = GetAuthManagerByAuthId(authHandle.authId);
266 if (auth != NULL) {
267 DelDupAuthManager(auth);
268 return AuthDevicePostTransData(authHandle, dataInfo);
269 }
270 return AuthMetaPostTransData(authHandle.authId, dataInfo);
271 }
272
AuthCloseConn(AuthHandle authHandle)273 void AuthCloseConn(AuthHandle authHandle)
274 {
275 if (authHandle.type < AUTH_LINK_TYPE_WIFI || authHandle.type >= AUTH_LINK_TYPE_MAX) {
276 AUTH_LOGE(AUTH_CONN, "authHandle type error");
277 return;
278 }
279 AuthManager *auth = GetAuthManagerByAuthId(authHandle.authId);
280 if (auth != NULL) {
281 DelDupAuthManager(auth);
282 AuthDeviceCloseConn(authHandle);
283 return;
284 }
285 AuthMetaCloseConn(authHandle.authId);
286 }
287
AuthAllocConn(const char * networkId,uint32_t authRequestId,AuthConnCallback * callback)288 int32_t AuthAllocConn(const char *networkId, uint32_t authRequestId, AuthConnCallback *callback)
289 {
290 if (networkId == NULL || callback == NULL) {
291 AUTH_LOGE(AUTH_CONN, "param invalid");
292 return SOFTBUS_INVALID_PARAM;
293 }
294 return AuthAllocLane(networkId, authRequestId, callback);
295 }
296
AuthFreeConn(const AuthHandle * authHandle)297 void AuthFreeConn(const AuthHandle *authHandle)
298 {
299 if (authHandle == NULL) {
300 AUTH_LOGE(AUTH_CONN, "param invalid");
301 return;
302 }
303 AuthFreeLane(authHandle);
304 DelAuthReqInfoByAuthHandle(authHandle);
305 }
306
AuthGetPreferConnInfo(const char * uuid,AuthConnInfo * connInfo,bool isMeta)307 int32_t AuthGetPreferConnInfo(const char *uuid, AuthConnInfo *connInfo, bool isMeta)
308 {
309 if (isMeta) {
310 return AuthMetaGetPreferConnInfo(uuid, connInfo);
311 }
312 return AuthDeviceGetPreferConnInfo(uuid, connInfo);
313 }
314
AuthGetConnInfoByType(const char * uuid,AuthLinkType type,AuthConnInfo * connInfo,bool isMeta)315 int32_t AuthGetConnInfoByType(const char *uuid, AuthLinkType type, AuthConnInfo *connInfo, bool isMeta)
316 {
317 if (isMeta) {
318 return SOFTBUS_INVALID_PARAM;
319 }
320 return AuthDeviceGetConnInfoByType(uuid, type, connInfo);
321 }
322
AuthGetP2pConnInfo(const char * uuid,AuthConnInfo * connInfo,bool isMeta)323 int32_t AuthGetP2pConnInfo(const char *uuid, AuthConnInfo *connInfo, bool isMeta)
324 {
325 if (isMeta) {
326 return AUTH_INVALID_ID;
327 }
328 return AuthDeviceGetP2pConnInfo(uuid, connInfo);
329 }
330
AuthGetHmlConnInfo(const char * uuid,AuthConnInfo * connInfo,bool isMeta)331 int32_t AuthGetHmlConnInfo(const char *uuid, AuthConnInfo *connInfo, bool isMeta)
332 {
333 if (isMeta) {
334 return AUTH_INVALID_ID;
335 }
336 return AuthDeviceGetHmlConnInfo(uuid, connInfo);
337 }
338
339 /* for ProxyChannel & P2P TcpDirectchannel */
AuthGetLatestIdByUuid(const char * uuid,AuthLinkType type,bool isMeta,AuthHandle * authHandle)340 void AuthGetLatestIdByUuid(const char *uuid, AuthLinkType type, bool isMeta, AuthHandle *authHandle)
341 {
342 if (authHandle == NULL) {
343 AUTH_LOGE(AUTH_CONN, "authHandle is null");
344 return;
345 }
346 authHandle->authId = AUTH_INVALID_ID;
347 if (isMeta) {
348 return;
349 }
350 AuthDeviceGetLatestIdByUuid(uuid, type, authHandle);
351 }
352
AuthGetIdByConnInfo(const AuthConnInfo * connInfo,bool isServer,bool isMeta)353 int64_t AuthGetIdByConnInfo(const AuthConnInfo *connInfo, bool isServer, bool isMeta)
354 {
355 if (isMeta) {
356 return AuthMetaGetIdByConnInfo(connInfo, isServer);
357 }
358 return AuthDeviceGetIdByConnInfo(connInfo, isServer);
359 }
360
AuthGetIdByUuid(const char * uuid,AuthLinkType type,bool isServer,bool isMeta)361 int64_t AuthGetIdByUuid(const char *uuid, AuthLinkType type, bool isServer, bool isMeta)
362 {
363 if (isMeta) {
364 return AuthMetaGetIdByUuid(uuid, type, isServer);
365 }
366 return AuthDeviceGetIdByUuid(uuid, type, isServer);
367 }
368
AuthGetAuthHandleByIndex(const AuthConnInfo * connInfo,bool isServer,int32_t index,AuthHandle * authHandle)369 int32_t AuthGetAuthHandleByIndex(const AuthConnInfo *connInfo, bool isServer, int32_t index,
370 AuthHandle *authHandle)
371 {
372 if (connInfo == NULL || authHandle == NULL) {
373 AUTH_LOGE(AUTH_CONN, "param is null");
374 return SOFTBUS_INVALID_PARAM;
375 }
376 int32_t ret = SOFTBUS_OK;
377 char networkId[NETWORK_ID_BUF_LEN] = { 0 };
378 NodeInfo info;
379 (void)memset_s(&info, sizeof(NodeInfo), 0, sizeof(NodeInfo));
380 switch (connInfo->type) {
381 case AUTH_LINK_TYPE_WIFI:
382 ret = LnnGetRemoteNodeInfoByKey(connInfo->info.ipInfo.ip, &info);
383 if (ret != SOFTBUS_OK) {
384 AUTH_LOGE(AUTH_CONN, "get remote nodeInfo by ip failed, ret=%{public}d", ret);
385 return ret;
386 }
387 break;
388 case AUTH_LINK_TYPE_BLE:
389 if (LnnGetNetworkIdByUdidHash(connInfo->info.bleInfo.deviceIdHash, UDID_HASH_LEN, networkId,
390 sizeof(networkId)) != SOFTBUS_OK) {
391 AUTH_LOGE(AUTH_CONN, "get networkId fail");
392 return SOFTBUS_NOT_FIND;
393 }
394 ret = LnnGetRemoteNodeInfoByKey(networkId, &info);
395 if (ret != SOFTBUS_OK) {
396 AUTH_LOGE(AUTH_CONN, "get remote nodeInfo by networkId failed, ret=%{public}d", ret);
397 return ret;
398 }
399 break;
400 case AUTH_LINK_TYPE_BR:
401 ret = LnnGetRemoteNodeInfoByKey(connInfo->info.brInfo.brMac, &info);
402 if (ret != SOFTBUS_OK) {
403 AUTH_LOGE(AUTH_CONN, "get remote nodeInfo by brMac failed, ret=%{public}d", ret);
404 return ret;
405 }
406 break;
407 default:
408 AUTH_LOGE(AUTH_CONN, "unknown connType. type=%{public}d", connInfo->type);
409 return SOFTBUS_INVALID_PARAM;
410 }
411 if (!IsSupportFeatureByCapaBit(info.feature, BIT_SUPPORT_NORMALIZED_LINK)) {
412 AUTH_LOGE(AUTH_CONN, "not support normalize");
413 return SOFTBUS_AUTH_NOT_SUPPORT_NORMALIZE;
414 }
415 return AuthDeviceGetAuthHandleByIndex(info.deviceInfo.deviceUdid, isServer, index, authHandle);
416 }
417
FillAuthSessionInfo(AuthSessionInfo * info,const NodeInfo * nodeInfo,AuthDeviceKeyInfo * keyInfo,bool hasDeviceKey)418 static int32_t FillAuthSessionInfo(AuthSessionInfo *info, const NodeInfo *nodeInfo, AuthDeviceKeyInfo *keyInfo,
419 bool hasDeviceKey)
420 {
421 uint8_t localUdidHash[UDID_HASH_LEN] = {0};
422 if (LnnGetLocalByteInfo(BYTE_KEY_UDID_HASH, localUdidHash, UDID_HASH_LEN) != SOFTBUS_OK) {
423 AUTH_LOGE(AUTH_KEY, "get local udid hash fail");
424 return SOFTBUS_ERR;
425 }
426 bool isSupportNormalizedKey = IsSupportFeatureByCapaBit(nodeInfo->authCapacity, BIT_SUPPORT_NORMALIZED_LINK);
427 if (!hasDeviceKey) {
428 int32_t ret = memcmp(localUdidHash, info->connInfo.info.bleInfo.deviceIdHash, SHORT_HASH_LEN);
429 keyInfo->isServerSide = ret < 0 ? true : false;
430 keyInfo->keyIndex = GenSeq(keyInfo->isServerSide);
431 }
432 info->isServer = keyInfo->isServerSide;
433 info->connId = (uint64_t)keyInfo->keyIndex;
434 info->version = SOFTBUS_NEW_V2;
435 info->normalizedType = isSupportNormalizedKey ? NORMALIZED_SUPPORT : NORMALIZED_NOT_SUPPORT;
436 info->normalizedIndex = keyInfo->keyIndex;
437 if (strcpy_s(info->uuid, sizeof(info->uuid), nodeInfo->uuid) != EOK ||
438 strcpy_s(info->udid, sizeof(info->udid), nodeInfo->deviceInfo.deviceUdid) != EOK) {
439 AUTH_LOGE(AUTH_KEY, "restore manager fail because copy uuid/udid fail");
440 return SOFTBUS_ERR;
441 }
442 return SOFTBUS_OK;
443 }
444
AuthDirectOnlineProcessSessionKey(AuthSessionInfo * info,AuthDeviceKeyInfo * keyInfo,int64_t * authId)445 static int32_t AuthDirectOnlineProcessSessionKey(AuthSessionInfo *info, AuthDeviceKeyInfo *keyInfo, int64_t *authId)
446 {
447 SessionKey sessionKey;
448 (void)memset_s(&sessionKey, sizeof(SessionKey), 0, sizeof(SessionKey));
449 if (memcpy_s(sessionKey.value, sizeof(sessionKey.value), keyInfo->deviceKey, sizeof(keyInfo->deviceKey)) != EOK) {
450 AUTH_LOGE(AUTH_KEY, "restore manager fail because memcpy device key");
451 return SOFTBUS_MEM_ERR;
452 }
453 sessionKey.len = keyInfo->keyLen;
454 if (AuthManagerSetSessionKey(keyInfo->keyIndex, info, &sessionKey, false, keyInfo->isOldKey) != SOFTBUS_OK) {
455 AUTH_LOGE(AUTH_KEY, "set sessionkey fail, index=%{public}" PRId64, keyInfo->keyIndex);
456 (void)memset_s(&sessionKey, sizeof(SessionKey), 0, sizeof(SessionKey));
457 return SOFTBUS_ERR;
458 }
459 AuthManager *auth = GetAuthManagerByConnInfo(&info->connInfo, info->isServer);
460 if (auth == NULL) {
461 AUTH_LOGE(AUTH_KEY, "authManager is null");
462 (void)memset_s(&sessionKey, sizeof(SessionKey), 0, sizeof(SessionKey));
463 return SOFTBUS_ERR;
464 }
465 *authId = auth->authId;
466 DelDupAuthManager(auth);
467 (void)memset_s(&sessionKey, sizeof(SessionKey), 0, sizeof(SessionKey));
468 return SOFTBUS_OK;
469 }
470
AuthDirectOnlineWithoutSessionKey(AuthSessionInfo * info,AuthDeviceKeyInfo * keyInfo,int64_t * authId)471 static int32_t AuthDirectOnlineWithoutSessionKey(AuthSessionInfo *info, AuthDeviceKeyInfo *keyInfo, int64_t *authId)
472 {
473 if (AuthDirectOnlineCreateAuthManager(keyInfo->keyIndex, info) != SOFTBUS_OK) {
474 AUTH_LOGE(AUTH_KEY, "create auth manager fail, index=%{public}" PRId64, keyInfo->keyIndex);
475 return SOFTBUS_ERR;
476 }
477 AuthManager *auth = GetAuthManagerByConnInfo(&info->connInfo, info->isServer);
478 if (auth == NULL) {
479 AUTH_LOGE(AUTH_KEY, "authManager is null");
480 return SOFTBUS_ERR;
481 }
482 *authId = auth->authId;
483 DelDupAuthManager(auth);
484 return SOFTBUS_OK;
485 }
486
AuthRestoreAuthManager(const char * udidHash,const AuthConnInfo * connInfo,uint32_t requestId,NodeInfo * nodeInfo,int64_t * authId)487 int32_t AuthRestoreAuthManager(const char *udidHash,
488 const AuthConnInfo *connInfo, uint32_t requestId, NodeInfo *nodeInfo, int64_t *authId)
489 {
490 if (udidHash == NULL || connInfo == NULL || nodeInfo == NULL || authId == NULL) {
491 AUTH_LOGE(AUTH_CONN, "restore manager fail because para error");
492 return SOFTBUS_ERR;
493 }
494 // get device key
495 bool hasDeviceKey = false;
496 AuthDeviceKeyInfo keyInfo = {0};
497 bool isSupportCloud = IsCloudSyncEnabled() && IsFeatureSupport(nodeInfo->feature, BIT_CLOUD_SYNC_DEVICE_INFO);
498 if (AuthFindLatestNormalizeKey(udidHash, &keyInfo, !isSupportCloud) == SOFTBUS_OK ||
499 AuthFindDeviceKey(udidHash, connInfo->type, &keyInfo) == SOFTBUS_OK) {
500 hasDeviceKey = true;
501 }
502 if (!isSupportCloud && (!hasDeviceKey || keyInfo.isOldKey)) {
503 AUTH_LOGE(AUTH_KEY, "restore manager fail because device key not exist");
504 (void)memset_s(&keyInfo, sizeof(AuthDeviceKeyInfo), 0, sizeof(AuthDeviceKeyInfo));
505 return SOFTBUS_ERR;
506 }
507 if (SoftBusGenerateStrHash((unsigned char *)nodeInfo->deviceInfo.deviceUdid,
508 strlen(nodeInfo->deviceInfo.deviceUdid), (unsigned char *)connInfo->info.bleInfo.deviceIdHash) != SOFTBUS_OK) {
509 AUTH_LOGE(AUTH_KEY, "restore manager fail because generate strhash");
510 (void)memset_s(&keyInfo, sizeof(AuthDeviceKeyInfo), 0, sizeof(AuthDeviceKeyInfo));
511 return SOFTBUS_ERR;
512 }
513 AuthSessionInfo info;
514 (void)memset_s(&info, sizeof(AuthSessionInfo), 0, sizeof(AuthSessionInfo));
515 info.requestId = requestId;
516 info.connInfo = *connInfo;
517 info.isOldKey = keyInfo.isOldKey;
518 if (FillAuthSessionInfo(&info, nodeInfo, &keyInfo, hasDeviceKey) != SOFTBUS_OK) {
519 AUTH_LOGE(AUTH_KEY, "fill authSessionInfo fail");
520 (void)memset_s(&keyInfo, sizeof(AuthDeviceKeyInfo), 0, sizeof(AuthDeviceKeyInfo));
521 return SOFTBUS_ERR;
522 }
523 int32_t ret = hasDeviceKey ? AuthDirectOnlineProcessSessionKey(&info, &keyInfo, authId) :
524 AuthDirectOnlineWithoutSessionKey(&info, &keyInfo, authId);
525 (void)memset_s(&keyInfo, sizeof(AuthDeviceKeyInfo), 0, sizeof(AuthDeviceKeyInfo));
526 return ret;
527 }
528
AuthEncrypt(AuthHandle * authHandle,const uint8_t * inData,uint32_t inLen,uint8_t * outData,uint32_t * outLen)529 int32_t AuthEncrypt(AuthHandle *authHandle, const uint8_t *inData, uint32_t inLen, uint8_t *outData,
530 uint32_t *outLen)
531 {
532 if (authHandle == NULL) {
533 AUTH_LOGE(AUTH_KEY, "authHandle is null");
534 return SOFTBUS_INVALID_PARAM;
535 }
536 AuthManager *auth = GetAuthManagerByAuthId(authHandle->authId);
537 if (auth != NULL) {
538 DelDupAuthManager(auth);
539 return AuthDeviceEncrypt(authHandle, inData, inLen, outData, outLen);
540 }
541 return AuthMetaEncrypt(authHandle->authId, inData, inLen, outData, outLen);
542 }
543
AuthDecrypt(AuthHandle * authHandle,const uint8_t * inData,uint32_t inLen,uint8_t * outData,uint32_t * outLen)544 int32_t AuthDecrypt(AuthHandle *authHandle, const uint8_t *inData, uint32_t inLen, uint8_t *outData,
545 uint32_t *outLen)
546 {
547 if (authHandle == NULL) {
548 AUTH_LOGE(AUTH_KEY, "authHandle is null");
549 return SOFTBUS_INVALID_PARAM;
550 }
551 AuthManager *auth = GetAuthManagerByAuthId(authHandle->authId);
552 if (auth != NULL) {
553 DelDupAuthManager(auth);
554 return AuthDeviceDecrypt(authHandle, inData, inLen, outData, outLen);
555 }
556 return AuthMetaDecrypt(authHandle->authId, inData, inLen, outData, outLen);
557 }
558
AuthSetP2pMac(int64_t authId,const char * p2pMac)559 int32_t AuthSetP2pMac(int64_t authId, const char *p2pMac)
560 {
561 AuthManager *auth = GetAuthManagerByAuthId(authId);
562 if (auth != NULL) {
563 DelDupAuthManager(auth);
564 return AuthDeviceSetP2pMac(authId, p2pMac);
565 }
566 return AuthMetaSetP2pMac(authId, p2pMac);
567 }
568
AuthGetConnInfo(AuthHandle authHandle,AuthConnInfo * connInfo)569 int32_t AuthGetConnInfo(AuthHandle authHandle, AuthConnInfo *connInfo)
570 {
571 if (authHandle.type < AUTH_LINK_TYPE_WIFI || authHandle.type >= AUTH_LINK_TYPE_MAX) {
572 AUTH_LOGE(AUTH_CONN, "authHandle type error");
573 return SOFTBUS_INVALID_PARAM;
574 }
575 AuthManager *auth = GetAuthManagerByAuthId(authHandle.authId);
576 if (auth != NULL) {
577 DelDupAuthManager(auth);
578 return AuthDeviceGetConnInfo(authHandle, connInfo);
579 }
580 return AuthMetaGetConnInfo(authHandle.authId, connInfo);
581 }
582
AuthGetDeviceUuid(int64_t authId,char * uuid,uint16_t size)583 int32_t AuthGetDeviceUuid(int64_t authId, char *uuid, uint16_t size)
584 {
585 AuthManager *auth = GetAuthManagerByAuthId(authId);
586 if (auth != NULL) {
587 DelDupAuthManager(auth);
588 return AuthDeviceGetDeviceUuid(authId, uuid, size);
589 }
590 return AuthMetaGetDeviceUuid(authId, uuid, size);
591 }
592
AuthGetVersion(int64_t authId,SoftBusVersion * version)593 int32_t AuthGetVersion(int64_t authId, SoftBusVersion *version)
594 {
595 return AuthDeviceGetVersion(authId, version);
596 }
597
AuthGetServerSide(int64_t authId,bool * isServer)598 int32_t AuthGetServerSide(int64_t authId, bool *isServer)
599 {
600 AuthManager *auth = GetAuthManagerByAuthId(authId);
601 if (auth != NULL) {
602 DelDupAuthManager(auth);
603 return AuthDeviceGetServerSide(authId, isServer);
604 }
605 return AuthMetaGetServerSide(authId, isServer);
606 }
607
AuthGetMetaType(int64_t authId,bool * isMetaAuth)608 int32_t AuthGetMetaType(int64_t authId, bool *isMetaAuth)
609 {
610 if (isMetaAuth == NULL) {
611 AUTH_LOGW(AUTH_CONN, "invalid param");
612 return SOFTBUS_INVALID_PARAM;
613 }
614 AuthManager *auth = GetAuthManagerByAuthId(authId);
615 if (auth != NULL) {
616 DelDupAuthManager(auth);
617 *isMetaAuth = false;
618 return SOFTBUS_OK;
619 }
620 *isMetaAuth = true;
621 return SOFTBUS_OK;
622 }
623
AuthGetGroupType(const char * udid,const char * uuid)624 uint32_t AuthGetGroupType(const char *udid, const char *uuid)
625 {
626 uint32_t type = 0;
627 if (udid == NULL || uuid == NULL) {
628 AUTH_LOGW(AUTH_HICHAIN, "udid or uuid is null");
629 return type;
630 }
631 type |= CheckDeviceInGroupByType(udid, uuid, AUTH_GROUP_ACCOUNT) ? GROUP_TYPE_ACCOUNT : 0;
632 type |= CheckDeviceInGroupByType(udid, uuid, AUTH_GROUP_P2P) ? GROUP_TYPE_P2P : 0;
633 type |= CheckDeviceInGroupByType(udid, uuid, AUTH_GROUP_MESH) ? GROUP_TYPE_MESH : 0;
634 type |= CheckDeviceInGroupByType(udid, uuid, AUTH_GROUP_COMPATIBLE) ? GROUP_TYPE_COMPATIBLE : 0;
635 return type;
636 }
637
AuthIsPotentialTrusted(const DeviceInfo * device)638 bool AuthIsPotentialTrusted(const DeviceInfo *device)
639 {
640 uint8_t localAccountHash[SHA_256_HASH_LEN] = {0};
641 DeviceInfo defaultInfo;
642 (void)memset_s(&defaultInfo, sizeof(DeviceInfo), 0, sizeof(DeviceInfo));
643
644 if (device == NULL) {
645 AUTH_LOGE(AUTH_HICHAIN, "device is null");
646 return false;
647 }
648 if (memcmp(device->devId, defaultInfo.devId, SHA_256_HASH_LEN) == 0) {
649 AUTH_LOGW(AUTH_HICHAIN, "devId is empty");
650 return false;
651 }
652 if (memcmp(device->accountHash, defaultInfo.accountHash, SHORT_ACCOUNT_HASH_LEN) == 0) {
653 AUTH_LOGI(AUTH_HICHAIN, "devId accountHash is empty");
654 return true;
655 }
656 if (LnnGetLocalByteInfo(BYTE_KEY_ACCOUNT_HASH, localAccountHash, SHA_256_HASH_LEN) != SOFTBUS_OK) {
657 AUTH_LOGE(AUTH_HICHAIN, "get local accountHash fail");
658 return false;
659 }
660 if (memcmp(localAccountHash, device->accountHash, SHORT_ACCOUNT_HASH_LEN) == 0 && !LnnIsDefaultOhosAccount()) {
661 AUTH_LOGD(AUTH_HICHAIN, "account is same, continue verify progress. account=%{public}02X%{public}02X",
662 device->accountHash[0], device->accountHash[1]);
663 return true;
664 }
665 if (IsPotentialTrustedDevice(ID_TYPE_DEVID, device->devId, false, false) ||
666 IsPotentialTrustedDeviceDp(device->devId)) {
667 AUTH_LOGI(AUTH_HICHAIN, "device is potential trusted, continue verify progress");
668 return true;
669 }
670 return false;
671 }
672
IsSameAccountDevice(const DeviceInfo * device)673 bool IsSameAccountDevice(const DeviceInfo *device)
674 {
675 if (device == NULL) {
676 AUTH_LOGE(AUTH_HICHAIN, "invalid param");
677 return false;
678 }
679
680 uint8_t localAccountHash[SHA_256_HASH_LEN] = { 0 };
681 if (LnnGetLocalByteInfo(BYTE_KEY_ACCOUNT_HASH, localAccountHash, SHA_256_HASH_LEN) != SOFTBUS_OK) {
682 AUTH_LOGE(AUTH_HICHAIN, "get local accountHash fail");
683 return false;
684 }
685 if (memcmp(localAccountHash, device->accountHash, SHORT_ACCOUNT_HASH_LEN) == 0 && !LnnIsDefaultOhosAccount()) {
686 AUTH_LOGI(AUTH_HICHAIN, "account is same, continue check same account group relation.");
687 return true;
688 }
689 return false;
690 }
691
AuthHasSameAccountGroup(void)692 bool AuthHasSameAccountGroup(void)
693 {
694 if (IsSameAccountGroupDevice()) {
695 AUTH_LOGI(AUTH_HICHAIN, "device has same account group relation, continue verify progress");
696 return true;
697 }
698 return false;
699 }
700
AuthHasTrustedRelation(void)701 TrustedReturnType AuthHasTrustedRelation(void)
702 {
703 uint32_t num = 0;
704 char *udidArray = NULL;
705
706 if (LnnGetTrustedDevInfoFromDb(&udidArray, &num) != SOFTBUS_OK) {
707 AUTH_LOGE(AUTH_CONN, "auth get trusted dev info fail");
708 return TRUSTED_RELATION_IGNORE;
709 }
710 SoftBusFree(udidArray);
711 AUTH_LOGD(AUTH_CONN, "auth get trusted relation num=%{public}u", num);
712 return (num != 0) ? TRUSTED_RELATION_YES : TRUSTED_RELATION_NO;
713 }
714
IsAuthHasTrustedRelation(void)715 bool IsAuthHasTrustedRelation(void)
716 {
717 bool hasTrustedRelation = (AuthHasTrustedRelation() == TRUSTED_RELATION_YES) ? true : false;
718 return hasTrustedRelation;
719 }
720
AuthCheckMetaExist(const AuthConnInfo * connInfo,bool * isExist)721 int32_t AuthCheckMetaExist(const AuthConnInfo *connInfo, bool *isExist)
722 {
723 if (connInfo == NULL || isExist == NULL) {
724 AUTH_LOGE(AUTH_CONN, "invalid param");
725 return SOFTBUS_INVALID_PARAM;
726 }
727 AuthMetaCheckMetaExist(connInfo, isExist);
728 return SOFTBUS_OK;
729 }
730
AuthInit(void)731 int32_t AuthInit(void)
732 {
733 AuthTransCallback callBack = {
734 .onDataReceived = NotifyTransDataReceived,
735 .onDisconnected = NotifyTransDisconnected,
736 .onException = NotifyTransException,
737 };
738 int32_t ret = AuthDeviceInit(&callBack);
739 if (ret == SOFTBUS_ERR || ret == SOFTBUS_INVALID_PARAM) {
740 AUTH_LOGE(AUTH_INIT, "auth device init failed");
741 return SOFTBUS_ERR;
742 }
743 ret = RegHichainSaStatusListener();
744 if (ret != SOFTBUS_OK && ret != SOFTBUS_NOT_IMPLEMENT) {
745 AUTH_LOGE(AUTH_INIT, "regHichainSaStatusListener failed");
746 return SOFTBUS_ERR;
747 }
748 ret = CustomizedSecurityProtocolInit();
749 if (ret != SOFTBUS_OK && ret != SOFTBUS_NOT_IMPLEMENT) {
750 AUTH_LOGI(AUTH_INIT, "customized protocol init failed, ret=%{public}d", ret);
751 return ret;
752 }
753 AuthLoadDeviceKey();
754 return AuthMetaInit(&callBack);
755 }
756
AuthDeinit(void)757 void AuthDeinit(void)
758 {
759 AuthDeviceDeinit();
760 CustomizedSecurityProtocolDeinit();
761 AuthMetaDeinit();
762 }
763
AuthServerDeathCallback(const char * pkgName,int32_t pid)764 void AuthServerDeathCallback(const char *pkgName, int32_t pid)
765 {
766 DelAuthMetaManagerByPid(pkgName, pid);
767 ClearMetaNodeRequestByPid(pkgName, pid);
768 }
769