1 /*
2  * Copyright (c) 2021 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "os_account_manager.h"
17 #include "crypto/filesystem_crypto.h"
18 
19 #include <vector>
20 #include "storage_daemon_communication/storage_daemon_communication.h"
21 #include "storage_service_constant.h"
22 #include "storage_service_errno.h"
23 #include "storage_service_log.h"
24 
25 using namespace OHOS::AccountSA;
26 namespace OHOS {
27 namespace StorageManager {
FileSystemCrypto()28 FileSystemCrypto::FileSystemCrypto()
29 {
30     LOGI("DEBUG FileSystemCrypto constructer");
31 }
32 
~FileSystemCrypto()33 FileSystemCrypto::~FileSystemCrypto()
34 {
35     LOGI("DEBUG ~FileSystemCrypto destructer ~");
36 }
37 
CheckUserIdRange(int32_t userId)38 int32_t FileSystemCrypto::CheckUserIdRange(int32_t userId)
39 {
40     if (userId < StorageService::START_USER_ID || userId > StorageService::MAX_USER_ID) {
41         LOGE("FileSystemCrypto: userId:%{public}d is out of range", userId);
42         return E_USERID_RANGE;
43     }
44     return E_OK;
45 }
46 
GenerateUserKeys(uint32_t userId,uint32_t flags)47 int32_t FileSystemCrypto::GenerateUserKeys(uint32_t userId, uint32_t flags)
48 {
49     LOGI("UserId: %{public}u, flags:  %{public}u", userId, flags);
50     int32_t err = CheckUserIdRange(userId);
51     if (err != E_OK) {
52         LOGE("User ID out of range");
53         return err;
54     }
55     std::shared_ptr<StorageDaemonCommunication> sdCommunication;
56     sdCommunication = DelayedSingleton<StorageDaemonCommunication>::GetInstance();
57     err = sdCommunication->GenerateUserKeys(userId, flags);
58     return err;
59 }
60 
DeleteUserKeys(uint32_t userId)61 int32_t FileSystemCrypto::DeleteUserKeys(uint32_t userId)
62 {
63     LOGI("UserId: %{public}u", userId);
64     int32_t err = CheckUserIdRange(userId);
65     if (err != E_OK) {
66         LOGE("User ID out of range");
67         return err;
68     }
69     std::shared_ptr<StorageDaemonCommunication> sdCommunication;
70     sdCommunication = DelayedSingleton<StorageDaemonCommunication>::GetInstance();
71     err = sdCommunication->DeleteUserKeys(userId);
72     return err;
73 }
74 
UpdateUserAuth(uint32_t userId,uint64_t secureUid,const std::vector<uint8_t> & token,const std::vector<uint8_t> & oldSecret,const std::vector<uint8_t> & newSecret)75 int32_t FileSystemCrypto::UpdateUserAuth(uint32_t userId, uint64_t secureUid,
76                                          const std::vector<uint8_t> &token,
77                                          const std::vector<uint8_t> &oldSecret,
78                                          const std::vector<uint8_t> &newSecret)
79 {
80     LOGI("UserId: %{public}u", userId);
81     int32_t err = CheckUserIdRange(userId);
82     if (err != E_OK) {
83         LOGE("User ID out of range");
84         return err;
85     }
86     std::shared_ptr<StorageDaemonCommunication> sdCommunication;
87     sdCommunication = DelayedSingleton<StorageDaemonCommunication>::GetInstance();
88     err = sdCommunication->UpdateUserAuth(userId, secureUid, token, oldSecret, newSecret);
89     return err;
90 }
91 
ActiveUserKey(uint32_t userId,const std::vector<uint8_t> & token,const std::vector<uint8_t> & secret)92 int32_t FileSystemCrypto::ActiveUserKey(uint32_t userId,
93                                         const std::vector<uint8_t> &token,
94                                         const std::vector<uint8_t> &secret)
95 {
96     LOGI("UserId: %{public}u", userId);
97     int32_t err = CheckUserIdRange(userId);
98     if (err != E_OK) {
99         LOGE("User ID out of range");
100         return err;
101     }
102     std::shared_ptr<StorageDaemonCommunication> sdCommunication;
103     sdCommunication = DelayedSingleton<StorageDaemonCommunication>::GetInstance();
104     err = sdCommunication->ActiveUserKey(userId, token, secret);
105     return err;
106 }
107 
InactiveUserKey(uint32_t userId)108 int32_t FileSystemCrypto::InactiveUserKey(uint32_t userId)
109 {
110     LOGI("UserId: %{public}u", userId);
111     int32_t err = CheckUserIdRange(userId);
112     if (err != E_OK) {
113         LOGE("User ID out of range");
114         return err;
115     }
116     std::shared_ptr<StorageDaemonCommunication> sdCommunication;
117     sdCommunication = DelayedSingleton<StorageDaemonCommunication>::GetInstance();
118     err = sdCommunication->InactiveUserKey(userId);
119     return err;
120 }
121 
LockUserScreen(uint32_t userId)122 int32_t FileSystemCrypto::LockUserScreen(uint32_t userId)
123 {
124     LOGD("UserId: %{public}u", userId);
125     int32_t err = CheckUserIdRange(userId);
126     if (err != E_OK) {
127         LOGE("User ID out of range");
128         return err;
129     }
130     std::shared_ptr<StorageDaemonCommunication> sdCommunication;
131     sdCommunication = DelayedSingleton<StorageDaemonCommunication>::GetInstance();
132     return sdCommunication->LockUserScreen(userId);
133 }
134 
UnlockUserScreen(uint32_t userId,const std::vector<uint8_t> & token,const std::vector<uint8_t> & secret)135 int32_t FileSystemCrypto::UnlockUserScreen(uint32_t userId,
136                                            const std::vector<uint8_t> &token,
137                                            const std::vector<uint8_t> &secret)
138 {
139     LOGI("UserId: %{public}u", userId);
140     int32_t err = CheckUserIdRange(userId);
141     if (err != E_OK) {
142         LOGE("User ID out of range");
143         return err;
144     }
145     std::shared_ptr<StorageDaemonCommunication> sdCommunication;
146     sdCommunication = DelayedSingleton<StorageDaemonCommunication>::GetInstance();
147     return sdCommunication->UnlockUserScreen(userId, token, secret);
148 }
149 
GetFileEncryptStatus(uint32_t userId,bool & isEncrypted,bool needCheckDirMount)150 int32_t FileSystemCrypto::GetFileEncryptStatus(uint32_t userId, bool &isEncrypted, bool needCheckDirMount)
151 {
152     LOGI("UserId: %{public}u", userId);
153     int32_t err = CheckUserIdRange(userId);
154     if (err != E_OK) {
155         LOGE("User ID out of range");
156         return err;
157     }
158     std::shared_ptr<StorageDaemonCommunication> sdCommunication;
159     sdCommunication = DelayedSingleton<StorageDaemonCommunication>::GetInstance();
160     return sdCommunication->GetFileEncryptStatus(userId, isEncrypted, needCheckDirMount);
161 }
162 
GetLockScreenStatus(uint32_t userId,bool & lockScreenStatus)163 int32_t FileSystemCrypto::GetLockScreenStatus(uint32_t userId, bool &lockScreenStatus)
164 {
165     LOGI("UserId: %{public}u", userId);
166     int32_t err = CheckUserIdRange(userId);
167     if (err != E_OK) {
168         LOGE("User ID out of range");
169         return err;
170     }
171     std::shared_ptr<StorageDaemonCommunication> sdCommunication;
172     sdCommunication = DelayedSingleton<StorageDaemonCommunication>::GetInstance();
173     return sdCommunication->GetLockScreenStatus(userId, lockScreenStatus);
174 }
175 
GenerateAppkey(uint32_t hashId,uint32_t userId,std::string & keyId)176 int32_t FileSystemCrypto::GenerateAppkey(uint32_t hashId, uint32_t userId, std::string &keyId)
177 {
178     LOGI("UserId: %{public}u", userId);
179     int32_t err = CheckUserIdRange(userId);
180     if (err != E_OK) {
181         LOGE("User ID out of range");
182         return err;
183     }
184     std::shared_ptr<StorageDaemonCommunication> sdCommunication;
185     sdCommunication = DelayedSingleton<StorageDaemonCommunication>::GetInstance();
186     return sdCommunication->GenerateAppkey(userId, hashId, keyId);
187 }
188 
DeleteAppkey(const std::string keyId)189 int32_t FileSystemCrypto::DeleteAppkey(const std::string keyId)
190 {
191     std::vector<int32_t> ids;
192     int ret = AccountSA::OsAccountManager::QueryActiveOsAccountIds(ids);
193     if (ret != 0 || ids.empty()) {
194         LOGE("Query active userid failed, ret = %{public}u", ret);
195         return ret;
196     }
197     int32_t userId = ids[0];
198     LOGI("UserId: %{public}u", userId);
199     int32_t err = CheckUserIdRange(userId);
200     if (err != E_OK) {
201         LOGE("User ID out of range");
202         return err;
203     }
204     std::shared_ptr<StorageDaemonCommunication> sdCommunication;
205     sdCommunication = DelayedSingleton<StorageDaemonCommunication>::GetInstance();
206     return sdCommunication->DeleteAppkey(userId, keyId);
207 }
208 
UpdateKeyContext(uint32_t userId)209 int32_t FileSystemCrypto::UpdateKeyContext(uint32_t userId)
210 {
211     LOGI("UserId: %{public}u", userId);
212     int32_t err = CheckUserIdRange(userId);
213     if (err != E_OK) {
214         LOGE("User ID out of range");
215         return err;
216     }
217     std::shared_ptr<StorageDaemonCommunication> sdCommunication;
218     sdCommunication = DelayedSingleton<StorageDaemonCommunication>::GetInstance();
219     err = sdCommunication->UpdateKeyContext(userId);
220     return err;
221 }
222 }
223 }
224