1094332d3Sopenharmony_ci/*
2094332d3Sopenharmony_ci * Copyright (c) 2024 Huawei Device Co., Ltd.
3094332d3Sopenharmony_ci * Licensed under the Apache License, Version 2.0 (the "License");
4094332d3Sopenharmony_ci * you may not use this file except in compliance with the License.
5094332d3Sopenharmony_ci * You may obtain a copy of the License at
6094332d3Sopenharmony_ci *
7094332d3Sopenharmony_ci *     http://www.apache.org/licenses/LICENSE-2.0
8094332d3Sopenharmony_ci *
9094332d3Sopenharmony_ci * Unless required by applicable law or agreed to in writing, software
10094332d3Sopenharmony_ci * distributed under the License is distributed on an "AS IS" BASIS,
11094332d3Sopenharmony_ci * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12094332d3Sopenharmony_ci * See the License for the specific language governing permissions and
13094332d3Sopenharmony_ci * limitations under the License.
14094332d3Sopenharmony_ci */
15094332d3Sopenharmony_ci
16094332d3Sopenharmony_ci#include "verifier_impl.h"
17094332d3Sopenharmony_ci#include <cinttypes>
18094332d3Sopenharmony_ci#include <hdf_base.h>
19094332d3Sopenharmony_ci#include <securec.h>
20094332d3Sopenharmony_ci#include "executor_impl_common.h"
21094332d3Sopenharmony_ci#include "iam_logger.h"
22094332d3Sopenharmony_ci
23094332d3Sopenharmony_ci#undef LOG_TAG
24094332d3Sopenharmony_ci#define LOG_TAG "PIN_AUTH_IMPL_V"
25094332d3Sopenharmony_ci
26094332d3Sopenharmony_cinamespace OHOS {
27094332d3Sopenharmony_cinamespace HDI {
28094332d3Sopenharmony_cinamespace PinAuth {
29094332d3Sopenharmony_ciVerifierImpl::VerifierImpl(std::shared_ptr<OHOS::UserIam::PinAuth::PinAuth> pinHdi)
30094332d3Sopenharmony_ci    : pinHdi_(pinHdi),
31094332d3Sopenharmony_ci      threadPool_("pin_verifier_async")
32094332d3Sopenharmony_ci{
33094332d3Sopenharmony_ci    threadPool_.Start(1);
34094332d3Sopenharmony_ci}
35094332d3Sopenharmony_ci
36094332d3Sopenharmony_ciVerifierImpl::~VerifierImpl()
37094332d3Sopenharmony_ci{
38094332d3Sopenharmony_ci    threadPool_.Stop();
39094332d3Sopenharmony_ci}
40094332d3Sopenharmony_ci
41094332d3Sopenharmony_ciint32_t VerifierImpl::GetExecutorInfo(HdiExecutorInfo &executorInfo)
42094332d3Sopenharmony_ci{
43094332d3Sopenharmony_ci    IAM_LOGI("start");
44094332d3Sopenharmony_ci    if (pinHdi_ == nullptr) {
45094332d3Sopenharmony_ci        IAM_LOGE("pinHdi_ is nullptr");
46094332d3Sopenharmony_ci        return HDF_FAILURE;
47094332d3Sopenharmony_ci    }
48094332d3Sopenharmony_ci    executorInfo.sensorId = SENSOR_ID;
49094332d3Sopenharmony_ci    executorInfo.executorMatcher = EXECUTOR_MATCHER;
50094332d3Sopenharmony_ci    executorInfo.executorRole = HdiExecutorRole::VERIFIER;
51094332d3Sopenharmony_ci    executorInfo.authType = HdiAuthType::PIN;
52094332d3Sopenharmony_ci    uint32_t eslRet = 0;
53094332d3Sopenharmony_ci    int32_t result = pinHdi_->GetExecutorInfo(HdiExecutorRole::VERIFIER, executorInfo.publicKey, eslRet,
54094332d3Sopenharmony_ci        executorInfo.maxTemplateAcl);
55094332d3Sopenharmony_ci    if (result != SUCCESS) {
56094332d3Sopenharmony_ci        IAM_LOGE("Get verifier ExecutorInfo failed, fail code:%{public}d", result);
57094332d3Sopenharmony_ci        return HDF_FAILURE;
58094332d3Sopenharmony_ci    }
59094332d3Sopenharmony_ci    executorInfo.esl = static_cast<HdiExecutorSecureLevel>(eslRet);
60094332d3Sopenharmony_ci    return HDF_SUCCESS;
61094332d3Sopenharmony_ci}
62094332d3Sopenharmony_ci
63094332d3Sopenharmony_ciint32_t VerifierImpl::OnRegisterFinish(const std::vector<uint64_t> &templateIdList,
64094332d3Sopenharmony_ci    const std::vector<uint8_t> &frameworkPublicKey, const std::vector<uint8_t> &extraInfo)
65094332d3Sopenharmony_ci{
66094332d3Sopenharmony_ci    IAM_LOGI("start");
67094332d3Sopenharmony_ci    static_cast<void>(templateIdList);
68094332d3Sopenharmony_ci    static_cast<void>(extraInfo);
69094332d3Sopenharmony_ci    if (pinHdi_ == nullptr) {
70094332d3Sopenharmony_ci        IAM_LOGE("pinHdi_ is nullptr");
71094332d3Sopenharmony_ci        return HDF_FAILURE;
72094332d3Sopenharmony_ci    }
73094332d3Sopenharmony_ci    int32_t result = pinHdi_->SetVerifierFwkParam(frameworkPublicKey);
74094332d3Sopenharmony_ci    if (result != SUCCESS) {
75094332d3Sopenharmony_ci        IAM_LOGE("Hdi SetVerifierFwkParam fail");
76094332d3Sopenharmony_ci        return HDF_FAILURE;
77094332d3Sopenharmony_ci    }
78094332d3Sopenharmony_ci    return HDF_SUCCESS;
79094332d3Sopenharmony_ci}
80094332d3Sopenharmony_ci
81094332d3Sopenharmony_cibool VerifierImpl::IsCurrentSchedule(uint64_t scheduleId)
82094332d3Sopenharmony_ci{
83094332d3Sopenharmony_ci    if (!scheduleId_.has_value()) {
84094332d3Sopenharmony_ci        IAM_LOGE("verify schedule not exist");
85094332d3Sopenharmony_ci        return false;
86094332d3Sopenharmony_ci    }
87094332d3Sopenharmony_ci    if (scheduleId_.value() != scheduleId) {
88094332d3Sopenharmony_ci        IAM_LOGE("verify schedule:%{public}x not match current:%{public}x",
89094332d3Sopenharmony_ci            (uint16_t)scheduleId, (uint16_t)scheduleId_.value());
90094332d3Sopenharmony_ci        return false;
91094332d3Sopenharmony_ci    }
92094332d3Sopenharmony_ci    return true;
93094332d3Sopenharmony_ci}
94094332d3Sopenharmony_ci
95094332d3Sopenharmony_civoid VerifierImpl::CancelCurrentAuth(int32_t errorCode)
96094332d3Sopenharmony_ci{
97094332d3Sopenharmony_ci    if (!scheduleId_.has_value()) {
98094332d3Sopenharmony_ci        return;
99094332d3Sopenharmony_ci    }
100094332d3Sopenharmony_ci    if (pinHdi_->CancelVerifierAuth() != SUCCESS) {
101094332d3Sopenharmony_ci        IAM_LOGE("Hdi CancelVerify fail");
102094332d3Sopenharmony_ci    }
103094332d3Sopenharmony_ci    CallError(callback_, errorCode);
104094332d3Sopenharmony_ci    scheduleId_ = std::nullopt;
105094332d3Sopenharmony_ci    callback_ = nullptr;
106094332d3Sopenharmony_ci}
107094332d3Sopenharmony_ci
108094332d3Sopenharmony_ciint32_t VerifierImpl::Cancel(uint64_t scheduleId)
109094332d3Sopenharmony_ci{
110094332d3Sopenharmony_ci    IAM_LOGI("start %{public}x", (uint16_t)scheduleId);
111094332d3Sopenharmony_ci    if (pinHdi_ == nullptr) {
112094332d3Sopenharmony_ci        IAM_LOGE("pinHdi_ is nullptr");
113094332d3Sopenharmony_ci        return HDF_FAILURE;
114094332d3Sopenharmony_ci    }
115094332d3Sopenharmony_ci    threadPool_.AddTask([this, id = scheduleId]() {
116094332d3Sopenharmony_ci        if (IsCurrentSchedule(id)) {
117094332d3Sopenharmony_ci            CancelCurrentAuth();
118094332d3Sopenharmony_ci        }
119094332d3Sopenharmony_ci    });
120094332d3Sopenharmony_ci    return HDF_SUCCESS;
121094332d3Sopenharmony_ci}
122094332d3Sopenharmony_ci
123094332d3Sopenharmony_civoid VerifierImpl::HandleVerifierMsg(uint64_t scheduleId, const std::vector<uint8_t> &msg)
124094332d3Sopenharmony_ci{
125094332d3Sopenharmony_ci    IAM_LOGI("start");
126094332d3Sopenharmony_ci    std::vector<uint8_t> msgOut;
127094332d3Sopenharmony_ci    bool isAuthEnd = false;
128094332d3Sopenharmony_ci    int32_t compareResult = FAIL;
129094332d3Sopenharmony_ci    if (pinHdi_->SendMessageToVerifier(scheduleId, msg, msgOut, isAuthEnd, compareResult) != SUCCESS) {
130094332d3Sopenharmony_ci        IAM_LOGE("Hdi SendMessageToVerifier fail");
131094332d3Sopenharmony_ci        return;
132094332d3Sopenharmony_ci    }
133094332d3Sopenharmony_ci    if (!isAuthEnd) {
134094332d3Sopenharmony_ci        int32_t result = callback_->OnMessage(HdiExecutorRole::COLLECTOR, msgOut);
135094332d3Sopenharmony_ci        if (result != SUCCESS) {
136094332d3Sopenharmony_ci            IAM_LOGE("Send verifier ack msg fail");
137094332d3Sopenharmony_ci            CancelCurrentAuth(result);
138094332d3Sopenharmony_ci            return;
139094332d3Sopenharmony_ci        }
140094332d3Sopenharmony_ci    } else {
141094332d3Sopenharmony_ci        int32_t result = callback_->OnResult(compareResult, msgOut);
142094332d3Sopenharmony_ci        if (result != SUCCESS) {
143094332d3Sopenharmony_ci            IAM_LOGE("call OnResult fail");
144094332d3Sopenharmony_ci            CancelCurrentAuth(result);
145094332d3Sopenharmony_ci            return;
146094332d3Sopenharmony_ci        }
147094332d3Sopenharmony_ci    }
148094332d3Sopenharmony_ci}
149094332d3Sopenharmony_ci
150094332d3Sopenharmony_ciint32_t VerifierImpl::SendMessage(uint64_t scheduleId, int32_t srcRole, const std::vector<uint8_t> &msg)
151094332d3Sopenharmony_ci{
152094332d3Sopenharmony_ci    IAM_LOGI("start schedule:%{public}x src:%{public}d", (uint16_t)scheduleId, srcRole);
153094332d3Sopenharmony_ci    if (pinHdi_ == nullptr) {
154094332d3Sopenharmony_ci        IAM_LOGE("pinHdi_ is nullptr");
155094332d3Sopenharmony_ci        return HDF_FAILURE;
156094332d3Sopenharmony_ci    }
157094332d3Sopenharmony_ci    threadPool_.AddTask([this, id = scheduleId, role = srcRole, msgIn = msg]() {
158094332d3Sopenharmony_ci        if (!IsCurrentSchedule(id)) {
159094332d3Sopenharmony_ci            return;
160094332d3Sopenharmony_ci        }
161094332d3Sopenharmony_ci        if (role == HdiExecutorRole::COLLECTOR) {
162094332d3Sopenharmony_ci            return HandleVerifierMsg(id, msgIn);
163094332d3Sopenharmony_ci        }
164094332d3Sopenharmony_ci        IAM_LOGE("message from %{public}d not handled", role);
165094332d3Sopenharmony_ci    });
166094332d3Sopenharmony_ci    return HDF_SUCCESS;
167094332d3Sopenharmony_ci}
168094332d3Sopenharmony_ci
169094332d3Sopenharmony_ciint32_t VerifierImpl::Authenticate(uint64_t scheduleId, const std::vector<uint64_t> &templateIdList,
170094332d3Sopenharmony_ci    const std::vector<uint8_t> &extraInfo, const sptr<HdiIExecutorCallback> &callbackObj)
171094332d3Sopenharmony_ci{
172094332d3Sopenharmony_ci    IAM_LOGI("start %{public}x", (uint16_t)scheduleId);
173094332d3Sopenharmony_ci    if (callbackObj == nullptr) {
174094332d3Sopenharmony_ci        IAM_LOGE("callbackObj is nullptr");
175094332d3Sopenharmony_ci        return HDF_FAILURE;
176094332d3Sopenharmony_ci    }
177094332d3Sopenharmony_ci    if ((pinHdi_ == nullptr) || (templateIdList.size() != 1)) {
178094332d3Sopenharmony_ci        IAM_LOGE("pinHdi_ is nullptr or templateIdList size not 1");
179094332d3Sopenharmony_ci        CallError(callbackObj, INVALID_PARAMETERS);
180094332d3Sopenharmony_ci        return HDF_FAILURE;
181094332d3Sopenharmony_ci    }
182094332d3Sopenharmony_ci    threadPool_.AddTask(
183094332d3Sopenharmony_ci        [this, id = scheduleId, templateId = templateIdList, extra = extraInfo, callback = callbackObj]() {
184094332d3Sopenharmony_ci            CancelCurrentAuth();
185094332d3Sopenharmony_ci            std::vector<uint8_t> msg;
186094332d3Sopenharmony_ci            int32_t result = pinHdi_->VerifierAuth(id, templateId[0], extra, msg);
187094332d3Sopenharmony_ci            if (result != SUCCESS) {
188094332d3Sopenharmony_ci                IAM_LOGE("VerifierAuth fail");
189094332d3Sopenharmony_ci                callback->OnResult(result, msg);
190094332d3Sopenharmony_ci                return;
191094332d3Sopenharmony_ci            }
192094332d3Sopenharmony_ci            scheduleId_ = id;
193094332d3Sopenharmony_ci            callback_ = callback;
194094332d3Sopenharmony_ci        });
195094332d3Sopenharmony_ci    return HDF_SUCCESS;
196094332d3Sopenharmony_ci}
197094332d3Sopenharmony_ci
198094332d3Sopenharmony_ciint32_t VerifierImpl::NotifyCollectorReady(uint64_t scheduleId)
199094332d3Sopenharmony_ci{
200094332d3Sopenharmony_ci    IAM_LOGI("start %{public}x", (uint16_t)scheduleId);
201094332d3Sopenharmony_ci    static_cast<void>(scheduleId);
202094332d3Sopenharmony_ci    return HDF_SUCCESS;
203094332d3Sopenharmony_ci}
204094332d3Sopenharmony_ci
205094332d3Sopenharmony_ci} // PinAuth
206094332d3Sopenharmony_ci} // HDI
207094332d3Sopenharmony_ci} // OHOS