1 /*
2 * Copyright (C) 2022-2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "executor_message.h"
17
18 #include "securec.h"
19 #include "adaptor_algorithm.h"
20 #include "adaptor_log.h"
21 #include "adaptor_memory.h"
22 #include "adaptor_time.h"
23 #include "coauth.h"
24 #include "ed25519_key.h"
25 #include "hmac_key.h"
26 #include "idm_database.h"
27 #include "udid_manager.h"
28 #include "user_sign_centre.h"
29
30 #ifdef IAM_TEST_ENABLE
31 #define IAM_STATIC
32 #else
33 #define IAM_STATIC static
34 #endif
35
SignData(const Uint8Array *dataTlv, Uint8Array *signDataTlv, SignParam signParam)36 IAM_STATIC ResultCode SignData(const Uint8Array *dataTlv, Uint8Array *signDataTlv, SignParam signParam)
37 {
38 Buffer data = GetTmpBuffer(dataTlv->data, dataTlv->len, dataTlv->len);
39 if (!IsBufferValid(&data)) {
40 LOG_ERROR("data is invalid");
41 return RESULT_GENERAL_ERROR;
42 }
43 ResultCode result = RESULT_SUCCESS;
44 Buffer *signData = NULL;
45 if (signParam.keyType == KEY_TYPE_CROSS_DEVICE) {
46 signData = HmacSign(&data, signParam);
47 } else {
48 signData = ExecutorMsgSign(&data);
49 }
50 if (!IsBufferValid(signData)) {
51 LOG_ERROR("signData is invalid");
52 return RESULT_GENERAL_ERROR;
53 }
54 if (memcpy_s(signDataTlv->data, signDataTlv->len, signData->buf, signData->contentSize) != EOK) {
55 LOG_ERROR("copy sign to signDtaTlv failed");
56 result = RESULT_GENERAL_ERROR;
57 goto FAIL;
58 }
59 signDataTlv->len = signData->contentSize;
60 LOG_INFO("sign data success");
61
62 FAIL:
63 DestoryBuffer(signData);
64 return result;
65 }
66
GetAttributeDataAndSignTlv(const Attribute *attribute, Uint8Array *retDataAndSignTlv, SignParam signParam)67 IAM_STATIC ResultCode GetAttributeDataAndSignTlv(const Attribute *attribute, Uint8Array *retDataAndSignTlv,
68 SignParam signParam)
69 {
70 Attribute *dataAndSignAttribute = CreateEmptyAttribute();
71 Uint8Array dataTlv = { Malloc(MAX_EXECUTOR_MSG_LEN), MAX_EXECUTOR_MSG_LEN };
72 Uint8Array signTlv = { Malloc(ED25519_FIX_SIGN_BUFFER_SIZE), ED25519_FIX_SIGN_BUFFER_SIZE };
73
74 ResultCode result = RESULT_GENERAL_ERROR;
75 do {
76 if (dataAndSignAttribute == NULL || IS_ARRAY_NULL(dataTlv) || IS_ARRAY_NULL(signTlv)) {
77 LOG_ERROR("dataAndSignAttribute or dataTlv or signTlv is NULL");
78 break;
79 }
80 result = GetAttributeSerializedMsg(attribute, &dataTlv);
81 if (result != RESULT_SUCCESS) {
82 LOG_ERROR("GetAttributeSerializedMsg for data fail");
83 break;
84 }
85
86 result = SetAttributeUint8Array(dataAndSignAttribute, ATTR_DATA, dataTlv);
87 if (result != RESULT_SUCCESS) {
88 LOG_ERROR("SetAttributeUint8Array for data fail");
89 break;
90 }
91 if (signParam.needSignature) {
92 result = SignData(&dataTlv, &signTlv, signParam);
93 if (result != RESULT_SUCCESS) {
94 LOG_ERROR("SignData fail");
95 break;
96 }
97 result = SetAttributeUint8Array(dataAndSignAttribute, ATTR_SIGNATURE, signTlv);
98 if (result != RESULT_SUCCESS) {
99 LOG_ERROR("SetAttributeUint8Array for signature fail");
100 break;
101 }
102 }
103 result = GetAttributeSerializedMsg(dataAndSignAttribute, retDataAndSignTlv);
104 if (result != RESULT_SUCCESS) {
105 LOG_ERROR("GetAttributeSerializedMsg fail");
106 break;
107 }
108 } while (0);
109
110 Free(signTlv.data);
111 Free(dataTlv.data);
112 FreeAttribute(&dataAndSignAttribute);
113 return result;
114 }
115
GetAttributeExecutorMsg(const Attribute *attribute, Uint8Array *retMsg, SignParam signParam)116 ResultCode GetAttributeExecutorMsg(const Attribute *attribute, Uint8Array *retMsg, SignParam signParam)
117 {
118 IF_TRUE_LOGE_AND_RETURN_VAL(attribute == NULL, RESULT_GENERAL_ERROR);
119 IF_TRUE_LOGE_AND_RETURN_VAL(retMsg == NULL, RESULT_GENERAL_ERROR);
120 IF_TRUE_LOGE_AND_RETURN_VAL(IS_ARRAY_NULL(*retMsg), RESULT_GENERAL_ERROR);
121
122 Attribute *rootAttribute = CreateEmptyAttribute();
123 Uint8Array dataAndSignTlv = { Malloc(MAX_EXECUTOR_MSG_LEN), MAX_EXECUTOR_MSG_LEN };
124
125 ResultCode result = RESULT_GENERAL_ERROR;
126 do {
127 if (rootAttribute == NULL || IS_ARRAY_NULL(dataAndSignTlv)) {
128 LOG_ERROR("rootAttribute or dataAndSignTlv is NULL");
129 break;
130 }
131
132 result = GetAttributeDataAndSignTlv(attribute, &dataAndSignTlv, signParam);
133 if (result != RESULT_SUCCESS) {
134 LOG_ERROR("GetAttributeDataAndSignTlv fail");
135 break;
136 }
137 result = SetAttributeUint8Array(rootAttribute, ATTR_ROOT, dataAndSignTlv);
138 if (result != RESULT_SUCCESS) {
139 LOG_ERROR("SetAttributeUint8Array fail");
140 break;
141 }
142 result = GetAttributeSerializedMsg(rootAttribute, retMsg);
143 if (result != RESULT_SUCCESS) {
144 LOG_ERROR("GetAttributeSerializedMsg fail");
145 break;
146 }
147 } while (0);
148
149 Free(dataAndSignTlv.data);
150 FreeAttribute(&rootAttribute);
151 return result;
152 }
153
Ed25519VerifyData(uint64_t scheduleId, Uint8Array dataTlv, Uint8Array signTlv)154 IAM_STATIC ResultCode Ed25519VerifyData(uint64_t scheduleId, Uint8Array dataTlv, Uint8Array signTlv)
155 {
156 ResultCode result = RESULT_GENERAL_ERROR;
157 const CoAuthSchedule *currentSchedule = GetCoAuthSchedule(scheduleId);
158 IF_TRUE_LOGE_AND_RETURN_VAL(currentSchedule == NULL, result);
159 Buffer *publicKey = NULL;
160 for (uint32_t index = 0; index < currentSchedule->executorSize; ++index) {
161 const ExecutorInfoHal *executor = &((currentSchedule->executors)[index]);
162 if (executor->executorRole == VERIFIER || executor->executorRole == ALL_IN_ONE) {
163 publicKey = CreateBufferByData(executor->pubKey, PUBLIC_KEY_LEN);
164 break;
165 }
166 }
167 Buffer data = GetTmpBuffer(dataTlv.data, dataTlv.len, dataTlv.len);
168 Buffer sign = GetTmpBuffer(signTlv.data, signTlv.len, signTlv.len);
169 if (!IsBufferValid(publicKey) || !IsBufferValid(&data) || !IsBufferValid(&sign)) {
170 LOG_ERROR("data or sign is invalid");
171 goto FAIL;
172 }
173 result = (ResultCode)Ed25519Verify(publicKey, &data, &sign);
174 if (result != RESULT_SUCCESS) {
175 LOG_ERROR("verify sign failed");
176 goto FAIL;
177 }
178 LOG_INFO("Ed25519 verify success");
179
180 FAIL:
181 DestoryBuffer(publicKey);
182 return result;
183 }
184
VerifyDataTlvSignature(const Attribute *dataAndSignAttribute, const Uint8Array dataTlv, SignParam signParam)185 IAM_STATIC ResultCode VerifyDataTlvSignature(const Attribute *dataAndSignAttribute, const Uint8Array dataTlv,
186 SignParam signParam)
187 {
188 Attribute *dataAttribute = CreateAttributeFromSerializedMsg(dataTlv);
189 Uint8Array signTlv = { Malloc(MAX_EXECUTOR_MSG_LEN), MAX_EXECUTOR_MSG_LEN };
190
191 ResultCode result = RESULT_GENERAL_ERROR;
192 do {
193 if (dataAttribute == NULL || IS_ARRAY_NULL(signTlv)) {
194 LOG_ERROR("dataAttribute or signTlv is null");
195 break;
196 }
197 result = GetAttributeUint8Array(dataAndSignAttribute, ATTR_SIGNATURE, &signTlv);
198 if (result != RESULT_SUCCESS) {
199 LOG_ERROR("GetAttributeUint8Array fail");
200 break;
201 }
202 if (signParam.keyType == KEY_TYPE_CROSS_DEVICE) {
203 Buffer data = GetTmpBuffer(dataTlv.data, dataTlv.len, dataTlv.len);
204 Buffer sign = GetTmpBuffer(signTlv.data, signTlv.len, signTlv.len);
205 result = HmacVerify(&data, &sign, signParam);
206 if (result != RESULT_SUCCESS) {
207 LOG_ERROR("HmacVerify fail");
208 break;
209 }
210 } else {
211 uint64_t scheduleId;
212 result = GetAttributeUint64(dataAttribute, ATTR_SCHEDULE_ID, &scheduleId);
213 if (result != RESULT_SUCCESS) {
214 LOG_ERROR("GetAttributeUint64 scheduleId fail");
215 break;
216 }
217 result = Ed25519VerifyData(scheduleId, dataTlv, signTlv);
218 if (result != RESULT_SUCCESS) {
219 LOG_ERROR("Ed25519VerifyData fail");
220 break;
221 }
222 }
223 } while (0);
224
225 Free(signTlv.data);
226 FreeAttribute(&dataAttribute);
227 return result;
228 }
229
CreateAttributeFromDataAndSignTlv(const Uint8Array dataAndSignTlv, SignParam signParam)230 IAM_STATIC Attribute *CreateAttributeFromDataAndSignTlv(const Uint8Array dataAndSignTlv, SignParam signParam)
231 {
232 Attribute *dataAndSignAttribute = CreateAttributeFromSerializedMsg(dataAndSignTlv);
233 Uint8Array dataTlv = { Malloc(MAX_EXECUTOR_MSG_LEN), MAX_EXECUTOR_MSG_LEN };
234
235 Attribute *attribute = NULL;
236 do {
237 if (dataAndSignAttribute == NULL || IS_ARRAY_NULL(dataTlv)) {
238 LOG_ERROR("dataAndSignAttribute or dataTlv is null");
239 break;
240 }
241 if (GetAttributeUint8Array(dataAndSignAttribute, ATTR_DATA, &dataTlv) != RESULT_SUCCESS) {
242 LOG_ERROR("GetAttributeUint8Array fail");
243 break;
244 }
245 if (signParam.needSignature) {
246 if (VerifyDataTlvSignature(dataAndSignAttribute, dataTlv, signParam) != RESULT_SUCCESS) {
247 LOG_ERROR("VerifyDataTlvSignature fail");
248 break;
249 }
250 }
251 attribute = CreateAttributeFromSerializedMsg(dataTlv);
252 if (attribute == NULL) {
253 LOG_ERROR("CreateAttributeFromSerializedMsg fail");
254 break;
255 }
256 } while (0);
257
258 Free(dataTlv.data);
259 FreeAttribute(&dataAndSignAttribute);
260 return attribute;
261 }
262
CreateAttributeFromExecutorMsg(const Uint8Array msg, SignParam signParam)263 IAM_STATIC Attribute *CreateAttributeFromExecutorMsg(const Uint8Array msg, SignParam signParam)
264 {
265 IF_TRUE_LOGE_AND_RETURN_VAL(IS_ARRAY_NULL(msg), NULL);
266
267 Attribute *msgAttribute = CreateAttributeFromSerializedMsg(msg);
268 Uint8Array dataAndSignTlv = { Malloc(MAX_EXECUTOR_MSG_LEN), MAX_EXECUTOR_MSG_LEN };
269
270 Attribute *attribute = NULL;
271 do {
272 if (msgAttribute == NULL || IS_ARRAY_NULL(dataAndSignTlv)) {
273 LOG_ERROR("msgAttribute or dataAndSignTlv is null");
274 break;
275 }
276
277 ResultCode result = GetAttributeUint8Array(msgAttribute, ATTR_ROOT, &dataAndSignTlv);
278 if (result != RESULT_SUCCESS) {
279 LOG_ERROR("GetAttributeUint8Array fail");
280 break;
281 }
282
283 attribute = CreateAttributeFromDataAndSignTlv(dataAndSignTlv, signParam);
284 if (attribute == NULL) {
285 LOG_ERROR("CreateAttributeFromDataAndSignTlv fail");
286 break;
287 }
288 } while (0);
289
290 Free(dataAndSignTlv.data);
291 FreeAttribute(&msgAttribute);
292 return attribute;
293 }
294
GetRootSecretFromAttribute(const Attribute *attribute, ExecutorResultInfo *resultInfo)295 IAM_STATIC void GetRootSecretFromAttribute(const Attribute *attribute, ExecutorResultInfo *resultInfo)
296 {
297 Uint8Array array = { Malloc(ROOT_SECRET_LEN), ROOT_SECRET_LEN };
298 IF_TRUE_LOGE_AND_RETURN(IS_ARRAY_NULL(array));
299 ResultCode result = GetAttributeUint8Array(attribute, ATTR_ROOT_SECRET, &(array));
300 if (result != RESULT_SUCCESS) {
301 LOG_ERROR("There is no rootSecret in this attribute");
302 goto EXIT;
303 }
304 if (array.len != ROOT_SECRET_LEN) {
305 LOG_ERROR("rootSecret len is invalid");
306 goto EXIT;
307 }
308 resultInfo->rootSecret = CreateBufferByData(array.data, array.len);
309 if (!IsBufferValid(resultInfo->rootSecret)) {
310 LOG_ERROR("Generate rootSecret buffer failed");
311 goto EXIT;
312 }
313 LOG_INFO("get rootSecret success");
314
315 EXIT:
316 (void)memset_s(array.data, ROOT_SECRET_LEN, 0, ROOT_SECRET_LEN);
317 Free(array.data);
318 }
319
GetExecutorResultInfoFromAttribute(const Attribute *attribute, ExecutorResultInfo *resultInfo)320 IAM_STATIC ResultCode GetExecutorResultInfoFromAttribute(const Attribute *attribute, ExecutorResultInfo *resultInfo)
321 {
322 ResultCode result = RESULT_GENERAL_ERROR;
323 result = GetAttributeInt32(attribute, ATTR_RESULT_CODE, &(resultInfo->result));
324 if (result != RESULT_SUCCESS) {
325 LOG_ERROR("GetAttributeInt32 result failed");
326 return result;
327 }
328 result = GetAttributeUint64(attribute, ATTR_TEMPLATE_ID, &(resultInfo->templateId));
329 if (result != RESULT_SUCCESS) {
330 LOG_ERROR("GetAttributeUint64 templateId failed");
331 return result;
332 }
333 result = GetAttributeUint64(attribute, ATTR_SCHEDULE_ID, &(resultInfo->scheduleId));
334 if (result != RESULT_SUCCESS) {
335 LOG_ERROR("GetAttributeUint64 scheduleId failed");
336 return result;
337 }
338 result = GetAttributeUint64(attribute, ATTR_PIN_SUB_TYPE, &(resultInfo->authSubType));
339 if (result != RESULT_SUCCESS) {
340 LOG_ERROR("GetAttributeUint64 authSubType failed");
341 return result;
342 }
343 result = GetAttributeInt32(attribute, ATTR_REMAIN_ATTEMPTS, &(resultInfo->remainTimes));
344 if (result != RESULT_SUCCESS) {
345 LOG_ERROR("GetAttributeInt32 remainTimes failed");
346 return result;
347 }
348 result = GetAttributeInt32(attribute, ATTR_LOCKOUT_DURATION, &(resultInfo->freezingTime));
349 if (result != RESULT_SUCCESS) {
350 LOG_ERROR("GetAttributeInt32 freezingTime failed");
351 return result;
352 }
353 result = GetAttributeUint32(attribute, ATTR_CAPABILITY_LEVEL, &(resultInfo->capabilityLevel));
354 if (result != RESULT_SUCCESS) {
355 LOG_ERROR("GetAttributeUint32 capabilityLevel failed");
356 return result;
357 }
358
359 // Only pin auth has rootSecret
360 GetRootSecretFromAttribute(attribute, resultInfo);
361 return RESULT_SUCCESS;
362 }
363
CreateExecutorResultInfo(const Buffer *tlv)364 ExecutorResultInfo *CreateExecutorResultInfo(const Buffer *tlv)
365 {
366 if (!IsBufferValid(tlv)) {
367 LOG_ERROR("param is invalid");
368 return NULL;
369 }
370
371 Uint8Array msg = { tlv->buf, tlv->contentSize };
372 SignParam signParam = { .needSignature = true, .keyType = KEY_TYPE_EXECUTOR };
373 Attribute *attribute = CreateAttributeFromExecutorMsg(msg, signParam);
374 if (attribute == NULL) {
375 LOG_ERROR("CreateAttributeFromExecutorMsg failed");
376 return NULL;
377 }
378
379 ExecutorResultInfo *result = Malloc(sizeof(ExecutorResultInfo));
380 if (result == NULL) {
381 LOG_ERROR("malloc failed");
382 FreeAttribute(&attribute);
383 return result;
384 }
385 (void)memset_s(result, sizeof(ExecutorResultInfo), 0, sizeof(ExecutorResultInfo));
386
387 if (GetExecutorResultInfoFromAttribute(attribute, result) != RESULT_SUCCESS) {
388 LOG_ERROR("GetExecutorResultInfoFromAttribute failed");
389 FreeAttribute(&attribute);
390 DestroyExecutorResultInfo(result);
391 return NULL;
392 }
393
394 FreeAttribute(&attribute);
395 return result;
396 }
397
DestroyExecutorResultInfo(ExecutorResultInfo *result)398 void DestroyExecutorResultInfo(ExecutorResultInfo *result)
399 {
400 if (result == NULL) {
401 return;
402 }
403 if (result->rootSecret != NULL) {
404 DestoryBuffer(result->rootSecret);
405 }
406 Free(result);
407 }
408
SetExecutorMsgToAttribute(uint32_t authType, uint32_t authPropertyMode, const Uint64Array *templateIds, Attribute *attribute)409 IAM_STATIC ResultCode SetExecutorMsgToAttribute(uint32_t authType, uint32_t authPropertyMode,
410 const Uint64Array *templateIds, Attribute *attribute)
411 {
412 ResultCode result = SetAttributeUint32(attribute, ATTR_PROPERTY_MODE, authPropertyMode);
413 if (result != RESULT_SUCCESS) {
414 LOG_ERROR("SetAttributeUint32 propertyMode failed");
415 return RESULT_GENERAL_ERROR;
416 }
417 result = SetAttributeUint32(attribute, ATTR_TYPE, authType);
418 if (result != RESULT_SUCCESS) {
419 LOG_ERROR("SetAttributeUint32 authType failed");
420 return RESULT_GENERAL_ERROR;
421 }
422 Uint64Array templateIdsIn = { templateIds->data, templateIds->len };
423 result = SetAttributeUint64Array(attribute, ATTR_TEMPLATE_ID_LIST, templateIdsIn);
424 if (result != RESULT_SUCCESS) {
425 LOG_ERROR("SetAttributeUint64Array templateIdsIn failed");
426 return RESULT_GENERAL_ERROR;
427 }
428 uint64_t time = GetSystemTime();
429 result = SetAttributeUint64(attribute, ATTR_TIME_STAMP, time);
430 if (result != RESULT_SUCCESS) {
431 LOG_ERROR("SetAttributeUint64 time failed");
432 return RESULT_GENERAL_ERROR;
433 }
434
435 return RESULT_SUCCESS;
436 }
437
438
CreateExecutorMsg(uint32_t authType, uint32_t authPropertyMode, const Uint64Array *templateIds)439 IAM_STATIC Buffer *CreateExecutorMsg(uint32_t authType, uint32_t authPropertyMode, const Uint64Array *templateIds)
440 {
441 if (templateIds == NULL) {
442 LOG_ERROR("templateIds is null");
443 return NULL;
444 }
445 Buffer *retBuffer = NULL;
446 Uint8Array retInfo = { Malloc(MAX_EXECUTOR_MSG_LEN), MAX_EXECUTOR_MSG_LEN };
447 Attribute *attribute = CreateEmptyAttribute();
448 if (attribute == NULL || IS_ARRAY_NULL(retInfo)) {
449 LOG_ERROR("generate attribute or retInfo failed");
450 goto FAIL;
451 }
452
453 ResultCode result = SetExecutorMsgToAttribute(authType, authPropertyMode, templateIds, attribute);
454 if (result != RESULT_SUCCESS) {
455 LOG_ERROR("set msg to attribute failed");
456 goto FAIL;
457 }
458
459 if (authPropertyMode == PROPERTY_MODE_UNFREEZE) {
460 SignParam signParam = { .needSignature = true, .keyType = KEY_TYPE_EXECUTOR };
461 result = GetAttributeExecutorMsg(attribute, &retInfo, signParam);
462 } else {
463 SignParam signParam = { .needSignature = false };
464 result = GetAttributeExecutorMsg(attribute, &retInfo, signParam);
465 }
466 if (result != RESULT_SUCCESS) {
467 LOG_ERROR("GetAttributeExecutorMsg failed");
468 goto FAIL;
469 }
470
471 retBuffer = CreateBufferByData(retInfo.data, retInfo.len);
472 if (!IsBufferValid(retBuffer)) {
473 LOG_ERROR("generate result buffer failed");
474 goto FAIL;
475 }
476 LOG_INFO("CreateExecutorMsg success");
477
478 FAIL:
479 FreeAttribute(&attribute);
480 Free(retInfo.data);
481 return retBuffer;
482 }
483
DestoryExecutorMsg(void *data)484 IAM_STATIC void DestoryExecutorMsg(void *data)
485 {
486 if (data == NULL) {
487 return;
488 }
489 ExecutorMsg *msg = (ExecutorMsg *)data;
490 DestoryBuffer(msg->msg);
491 Free(msg);
492 }
493
GetExecutorTemplateList( int32_t userId, const ExecutorInfoHal *executorNode, Uint64Array *templateIds)494 IAM_STATIC ResultCode GetExecutorTemplateList(
495 int32_t userId, const ExecutorInfoHal *executorNode, Uint64Array *templateIds)
496 {
497 CredentialCondition condition = {};
498 SetCredentialConditionUserId(&condition, userId);
499 SetCredentialConditionAuthType(&condition, executorNode->authType);
500 SetCredentialConditionExecutorSensorHint(&condition, executorNode->executorSensorHint);
501 LinkedList *credList = QueryCredentialLimit(&condition);
502 if (credList == NULL) {
503 LOG_ERROR("query credential failed");
504 DestroyLinkedList(credList);
505 return RESULT_UNKNOWN;
506 }
507 uint32_t credListNum = credList->getSize(credList);
508 if (credListNum > MAX_CREDENTIAL) {
509 LOG_ERROR("cred num is invalid");
510 DestroyLinkedList(credList);
511 return RESULT_REACH_LIMIT;
512 }
513 if (credListNum == 0) {
514 templateIds->data = NULL;
515 templateIds->len = 0;
516 DestroyLinkedList(credList);
517 return RESULT_SUCCESS;
518 }
519 templateIds->data = (uint64_t *)Malloc(sizeof(uint64_t) * credListNum);
520 if (templateIds->data == NULL) {
521 LOG_ERROR("data malloc failed");
522 DestroyLinkedList(credList);
523 return RESULT_NO_MEMORY;
524 }
525 templateIds->len = 0;
526 LinkedListNode *temp = credList->head;
527 while (temp != NULL) {
528 if (temp->data == NULL) {
529 LOG_ERROR("link node is invalid");
530 DestroyLinkedList(credList);
531 Free(templateIds->data);
532 templateIds->data = NULL;
533 return RESULT_UNKNOWN;
534 }
535 CredentialInfoHal *credentialHal = (CredentialInfoHal *)temp->data;
536 templateIds->data[templateIds->len] = credentialHal->templateId;
537 ++(templateIds->len);
538 temp = temp->next;
539 }
540 DestroyLinkedList(credList);
541 return RESULT_SUCCESS;
542 }
543
AssemblyMessage( int32_t userId, const ExecutorInfoHal *executorNode, uint32_t authPropertyMode, LinkedList *executorMsg)544 IAM_STATIC ResultCode AssemblyMessage(
545 int32_t userId, const ExecutorInfoHal *executorNode, uint32_t authPropertyMode, LinkedList *executorMsg)
546 {
547 Uint64Array templateIds;
548 ResultCode ret = GetExecutorTemplateList(userId, executorNode, &templateIds);
549 if (ret != RESULT_SUCCESS) {
550 LOG_ERROR("get template list failed");
551 return ret;
552 }
553 if (templateIds.len == 0) {
554 return RESULT_SUCCESS;
555 }
556 ExecutorMsg *msg = (ExecutorMsg *)Malloc(sizeof(ExecutorMsg));
557 if (msg == NULL) {
558 LOG_ERROR("msg is null");
559 Free(templateIds.data);
560 return RESULT_NO_MEMORY;
561 }
562 msg->executorIndex = executorNode->executorIndex;
563 msg->msg = CreateExecutorMsg(executorNode->authType, authPropertyMode, &templateIds);
564 if (msg->msg == NULL) {
565 LOG_ERROR("msg's msg is null");
566 Free(templateIds.data);
567 DestoryExecutorMsg(msg);
568 return RESULT_NO_MEMORY;
569 }
570 ret = executorMsg->insert(executorMsg, msg);
571 if (ret != RESULT_SUCCESS) {
572 LOG_ERROR("insert msg failed");
573 DestoryExecutorMsg(msg);
574 }
575 Free(templateIds.data);
576 return ret;
577 }
578
TraverseExecutor( int32_t userId, uint32_t executorRole, uint32_t authPropertyMode, LinkedList *executorMsg)579 IAM_STATIC ResultCode TraverseExecutor(
580 int32_t userId, uint32_t executorRole, uint32_t authPropertyMode, LinkedList *executorMsg)
581 {
582 ExecutorCondition condition = {};
583 SetExecutorConditionExecutorRole(&condition, executorRole);
584 LinkedList *executors = QueryExecutor(&condition);
585 if (executors == NULL) {
586 LOG_ERROR("query executor failed");
587 return RESULT_UNKNOWN;
588 }
589 LinkedListNode *temp = executors->head;
590 while (temp != NULL) {
591 if (temp->data == NULL) {
592 LOG_ERROR("list node is invalid");
593 DestroyLinkedList(executors);
594 return RESULT_UNKNOWN;
595 }
596 ExecutorInfoHal *executorNode = (ExecutorInfoHal *)temp->data;
597 if (executorNode->authType != PIN_AUTH) {
598 ResultCode ret = AssemblyMessage(userId, executorNode, authPropertyMode, executorMsg);
599 if (ret != RESULT_SUCCESS) {
600 LOG_ERROR("assembly message failed");
601 DestroyLinkedList(executors);
602 return ret;
603 }
604 }
605 temp = temp->next;
606 }
607 DestroyLinkedList(executors);
608 return RESULT_SUCCESS;
609 }
610
GetExecutorMsgList(int32_t userId, uint32_t authPropertyMode, LinkedList **executorMsg)611 ResultCode GetExecutorMsgList(int32_t userId, uint32_t authPropertyMode, LinkedList **executorMsg)
612 {
613 if (executorMsg == NULL) {
614 LOG_ERROR("executorMsg is null");
615 return RESULT_BAD_PARAM;
616 }
617 *executorMsg = CreateLinkedList(DestoryExecutorMsg);
618 if (*executorMsg == NULL) {
619 LOG_ERROR("create list failed");
620 return RESULT_NO_MEMORY;
621 }
622 ResultCode ret = TraverseExecutor(userId, ALL_IN_ONE, authPropertyMode, *executorMsg);
623 if (ret != RESULT_SUCCESS) {
624 LOG_ERROR("traverse allInOne executor failed");
625 DestroyLinkedList(*executorMsg);
626 *executorMsg = NULL;
627 }
628 return ret;
629 }
630
GetExecutorInfoHalFromAttribute(const Attribute *attribute, ExecutorInfoHal *resultInfo)631 IAM_STATIC ResultCode GetExecutorInfoHalFromAttribute(const Attribute *attribute, ExecutorInfoHal *resultInfo)
632 {
633 ResultCode result = RESULT_GENERAL_ERROR;
634 result = GetAttributeUint64(attribute, ATTR_EXECUTOR_INDEX, &(resultInfo->executorIndex));
635 if (result != RESULT_SUCCESS) {
636 LOG_ERROR("GetAttributeUint64 executorIndex failed");
637 return result;
638 }
639 result = GetAttributeUint32(attribute, ATTR_TYPE, &(resultInfo->authType));
640 if (result != RESULT_SUCCESS) {
641 LOG_ERROR("GetAttributeUint32 authType failed");
642 return result;
643 }
644 result = GetAttributeUint32(attribute, ATTR_EXECUTOR_ROLE, &(resultInfo->executorRole));
645 if (result != RESULT_SUCCESS) {
646 LOG_ERROR("GetAttributeUint32 executorRole failed");
647 return result;
648 }
649 result = GetAttributeUint32(attribute, ATTR_ESL, &(resultInfo->esl));
650 if (result != RESULT_SUCCESS) {
651 LOG_ERROR("GetAttributeUint32 esl failed");
652 return result;
653 }
654 Uint8Array pubKeyTlv = { resultInfo->pubKey, PUBLIC_KEY_LEN };
655 result = GetAttributeUint8Array(attribute, ATTR_PUBLIC_KEY, &pubKeyTlv);
656 if (result != RESULT_SUCCESS) {
657 LOG_ERROR("GetAttributeUint8Array pubKey fail");
658 return result;
659 }
660 return RESULT_SUCCESS;
661 }
662
GetExecutorInfoHal(Uint8Array tlv, ExecutorInfoHal *executorInfo)663 IAM_STATIC ResultCode GetExecutorInfoHal(Uint8Array tlv, ExecutorInfoHal *executorInfo)
664 {
665 Attribute *attribute = CreateAttributeFromSerializedMsg(tlv);
666 if (attribute == NULL) {
667 LOG_ERROR("CreateAttributeFromSerializedMsg fail");
668 return RESULT_GENERAL_ERROR;
669 }
670
671 ResultCode result = GetExecutorInfoHalFromAttribute(attribute, executorInfo);
672 FreeAttribute(&attribute);
673 if (result != RESULT_SUCCESS) {
674 LOG_ERROR("GetExecutorInfoHalFromAttribute failed");
675 return RESULT_GENERAL_ERROR;
676 }
677
678 return RESULT_SUCCESS;
679 }
680
GetAuthAttrsFromAttribute(const Attribute *attribute, Uint8Array *authAttrs)681 IAM_STATIC ResultCode GetAuthAttrsFromAttribute(const Attribute *attribute, Uint8Array *authAttrs)
682 {
683 ResultCode result = GetAttributeUint8Array(attribute, ATTR_ATTRS, authAttrs);
684 if (result != RESULT_SUCCESS) {
685 LOG_ERROR("GetAttributeUint8Array authAttrs fail");
686 }
687 return result;
688 }
689
GetRemoteExecutorInfoInner(Attribute *attribute, Uint8Array *authAttrs, Uint8Array *subMsgs, int *subMsgSize)690 IAM_STATIC ResultCode GetRemoteExecutorInfoInner(Attribute *attribute, Uint8Array *authAttrs, Uint8Array *subMsgs,
691 int *subMsgSize)
692 {
693 if (GetAuthAttrsFromAttribute(attribute, authAttrs) != RESULT_SUCCESS) {
694 LOG_ERROR("GetAuthAttrsFromAttribute failed");
695 return RESULT_GENERAL_ERROR;
696 }
697 if (ParseMultiDataSerializedMsg(*authAttrs, subMsgs, subMsgSize) != RESULT_SUCCESS) {
698 LOG_ERROR("ParseMultiDataSerializedMsg failed");
699 return RESULT_GENERAL_ERROR;
700 }
701 return RESULT_SUCCESS;
702 }
703
GetRemoteExecutorInfo(const Buffer *msg, Uint8Array peerUdid, Uint8Array *subMsgs, int *subMsgSize)704 IAM_STATIC ResultCode GetRemoteExecutorInfo(const Buffer *msg, Uint8Array peerUdid, Uint8Array *subMsgs, int *subMsgSize)
705 {
706 Uint8Array msgArray = { msg->buf, msg->contentSize };
707 SignParam signParam = { .needSignature = true, .keyType = KEY_TYPE_CROSS_DEVICE, .peerUdid = peerUdid};
708 Attribute *attribute = CreateAttributeFromExecutorMsg(msgArray, signParam);
709 Uint8Array authAttrs = { Malloc(MAX_EXECUTOR_MSG_LEN), MAX_EXECUTOR_MSG_LEN };
710 if (attribute == NULL || authAttrs.data == NULL) {
711 LOG_ERROR("authAttrs malloc failed");
712 FreeAttribute(&attribute);
713 Free(authAttrs.data);
714 return RESULT_GENERAL_ERROR;
715 }
716
717 ResultCode result = GetRemoteExecutorInfoInner(attribute, &authAttrs, subMsgs, subMsgSize);
718
719 FreeAttribute(&attribute);
720 Free(authAttrs.data);
721 return result;
722 }
723
CheckRemoteExecutorInfoInner(Uint8Array *subMsgs, int subMsgSize, ExecutorInfoHal *infoToCheck)724 static bool CheckRemoteExecutorInfoInner(Uint8Array *subMsgs, int subMsgSize, ExecutorInfoHal *infoToCheck)
725 {
726 for (int i = 0; i < subMsgSize; i++) {
727 Uint8Array subMsg = subMsgs[i];
728 ExecutorInfoHal executorInfo = {};
729 ResultCode result = GetExecutorInfoHal(subMsg, &executorInfo);
730 if (result != RESULT_SUCCESS) {
731 LOG_ERROR("GetExecutorInfoHal failed");
732 return false;
733 }
734 if ((executorInfo.authType == infoToCheck->authType) &&
735 (executorInfo.executorRole == infoToCheck->executorRole) &&
736 (executorInfo.esl == infoToCheck->esl) &&
737 (memcmp(executorInfo.pubKey, infoToCheck->pubKey, PUBLIC_KEY_LEN) == 0)) {
738 return true;
739 }
740 }
741 LOG_ERROR("no matching executor info found");
742 return false;
743 }
744
CheckRemoteExecutorInfo(const Buffer *msg, ExecutorInfoHal *infoToCheck)745 bool CheckRemoteExecutorInfo(const Buffer *msg, ExecutorInfoHal *infoToCheck)
746 {
747 if (!IsBufferValid(msg) || (infoToCheck == NULL)) {
748 LOG_ERROR("param is invalid");
749 return RESULT_BAD_PARAM;
750 }
751 Uint8Array peerUdid = { infoToCheck->deviceUdid, sizeof(infoToCheck->deviceUdid) };
752 Uint8Array subMsgs[MAX_SUB_MSG_NUM] = {0};
753 int subMsgSize = MAX_SUB_MSG_NUM;
754 ResultCode result = GetRemoteExecutorInfo(msg, peerUdid, &subMsgs[0], &subMsgSize);
755 if (result != RESULT_SUCCESS) {
756 LOG_ERROR("GetRemoteExecutorInfo failed");
757 return false;
758 }
759
760 bool checkPass = CheckRemoteExecutorInfoInner(subMsgs, subMsgSize, infoToCheck);
761
762 for (int i = 0; i < MAX_SUB_MSG_NUM; i++) {
763 Free(subMsgs[i].data);
764 }
765
766 return checkPass;
767 }
768
SetExecutorCollectMsgToAttribute(ScheduleInfoParam *scheduleInfo, const Uint8Array *publicKey, const Uint8Array challenge, Attribute *attribute)769 IAM_STATIC ResultCode SetExecutorCollectMsgToAttribute(ScheduleInfoParam *scheduleInfo, const Uint8Array *publicKey, const Uint8Array challenge, Attribute *attribute)
770 {
771 Uint8Array localUdid = { scheduleInfo->localUdid, sizeof(scheduleInfo->localUdid) };
772 Uint8Array remoteUdid = { scheduleInfo->remoteUdid, sizeof(scheduleInfo->remoteUdid) };
773
774 ResultCode result = SetAttributeUint64(attribute, ATTR_SCHEDULE_ID, scheduleInfo->scheduleId);
775 if (result != RESULT_SUCCESS) {
776 LOG_ERROR("SetAttributeUint64 scheduleId failed");
777 return RESULT_GENERAL_ERROR;
778 }
779
780 result = SetAttributeUint8Array(attribute, ATTR_LOCAL_UDID, localUdid);
781 if (result != RESULT_SUCCESS) {
782 LOG_ERROR("SetAttributeUint8Array for localUdid fail");
783 return RESULT_GENERAL_ERROR;
784 }
785 result = SetAttributeUint8Array(attribute, ATTR_PEER_UDID, remoteUdid);
786 if (result != RESULT_SUCCESS) {
787 LOG_ERROR("SetAttributeUint8Array for peerUdid fail");
788 return RESULT_GENERAL_ERROR;
789 }
790 Uint8Array publicKeyIn = { publicKey->data, publicKey->len };
791 result = SetAttributeUint8Array(attribute, ATTR_PUBLIC_KEY, publicKeyIn);
792 if (result != RESULT_SUCCESS) {
793 LOG_ERROR("SetAttributeUint8Array for publicKey fail");
794 return RESULT_GENERAL_ERROR;
795 }
796 result = SetAttributeUint8Array(attribute, ATTR_CHALLENGE, challenge);
797 if (result != RESULT_SUCCESS) {
798 LOG_ERROR("SetAttributeUint8Array for challenge fail");
799 return RESULT_GENERAL_ERROR;
800 }
801 return RESULT_SUCCESS;
802 }
803
CreateExecutorCollectMsg(const Attribute *attributeSchedule, ScheduleInfoParam *scheduleInfo)804 IAM_STATIC Buffer *CreateExecutorCollectMsg(const Attribute *attributeSchedule, ScheduleInfoParam *scheduleInfo)
805 {
806 uint8_t publicKeyData[PUBLIC_KEY_LEN] = {};
807 Uint8Array publicKey = { publicKeyData, PUBLIC_KEY_LEN };
808 ResultCode result = GetAttributeUint8Array(attributeSchedule, ATTR_PUBLIC_KEY, &publicKey);
809 if (result != RESULT_SUCCESS) {
810 LOG_ERROR("GetAttributeUint8Array publicKey fail");
811 return NULL;
812 }
813
814 uint8_t challengeData[CHALLENGE_LEN] = {};
815 Uint8Array challenge = { challengeData, CHALLENGE_LEN };
816 ResultCode getChallengeRet = GetAttributeUint8Array(attributeSchedule, ATTR_CHALLENGE, &challenge);
817 if (getChallengeRet != RESULT_SUCCESS) {
818 LOG_ERROR("GetAttributeUint8Array challenge fail");
819 return NULL;
820 }
821
822 Buffer *retBuffer = NULL;
823 Attribute *attribute = CreateEmptyAttribute();
824 Uint8Array retInfo = { Malloc(MAX_EXECUTOR_MSG_LEN), MAX_EXECUTOR_MSG_LEN };
825 if (attribute == NULL || IS_ARRAY_NULL(retInfo)) {
826 LOG_ERROR("attribute is null");
827 goto FAIL;
828 }
829 result = SetExecutorCollectMsgToAttribute(scheduleInfo, &publicKey, challenge, attribute);
830 if (result != RESULT_SUCCESS) {
831 LOG_ERROR("set msg to attribute failed");
832 goto FAIL;
833 }
834
835 SignParam signParam = { .needSignature = true, .keyType = KEY_TYPE_EXECUTOR };
836 result = GetAttributeExecutorMsg(attribute, &retInfo, signParam);
837 if (result != RESULT_SUCCESS) {
838 LOG_ERROR("GetAttributeExecutorMsg failed");
839 goto FAIL;
840 }
841
842 retBuffer = CreateBufferByData(retInfo.data, retInfo.len);
843 if (!IsBufferValid(retBuffer)) {
844 LOG_ERROR("generate result buffer failed");
845 goto FAIL;
846 }
847 LOG_INFO("CreateExecutorCollectMsg success");
848
849 FAIL:
850 FreeAttribute(&attribute);
851 Free(retInfo.data);
852 return retBuffer;
853 }
854
GetExecutorIndexByCondition(uint32_t authType, uint32_t executorMatcher, Uint8Array deviceUdid, uint32_t executorRole, uint64_t *executorIndex)855 static ResultCode GetExecutorIndexByCondition(uint32_t authType, uint32_t executorMatcher,
856 Uint8Array deviceUdid, uint32_t executorRole, uint64_t *executorIndex)
857 {
858 ExecutorCondition condition = {};
859 SetExecutorConditionAuthType(&condition, authType);
860 SetExecutorConditionExecutorMatcher(&condition, executorMatcher);
861 SetExecutorConditionExecutorRole(&condition, executorRole);
862 SetExecutorConditionDeviceUdid(&condition, deviceUdid);
863
864 LinkedList *executorList = QueryExecutor(&condition);
865 if (executorList == NULL) {
866 LOG_ERROR("query executor failed");
867 return RESULT_UNKNOWN;
868 }
869
870 if (executorList->getSize(executorList) != 1) {
871 LOG_ERROR("executor list len is invalid");
872 DestroyLinkedList(executorList);
873 return RESULT_TYPE_NOT_SUPPORT;
874 }
875
876 LinkedListNode *temp = executorList->head;
877 if (temp == NULL) {
878 LOG_ERROR("get executorList head failed");
879 DestroyLinkedList(executorList);
880 return RESULT_UNKNOWN;
881 }
882 ExecutorInfoHal *executorInfo = (ExecutorInfoHal *)temp->data;
883 if (executorInfo == NULL) {
884 LOG_ERROR("executorInfo is invalid");
885 DestroyLinkedList(executorList);
886 return RESULT_UNKNOWN;
887 }
888
889 *executorIndex = executorInfo->executorIndex;
890 DestroyLinkedList(executorList);
891 return RESULT_SUCCESS;
892 }
893
GetScheduleInfoFromAttributeInner(const Attribute *attribute, ScheduleInfoParam *scheduleInfo)894 IAM_STATIC ResultCode GetScheduleInfoFromAttributeInner(const Attribute *attribute, ScheduleInfoParam *scheduleInfo)
895 {
896 ResultCode result = GetAttributeUint64(attribute, ATTR_SCHEDULE_ID, &(scheduleInfo->scheduleId));
897 if (result != RESULT_SUCCESS) {
898 LOG_ERROR("GetAttributeUint64 scheduleId failed");
899 return result;
900 }
901 result = GetAttributeUint32(attribute, ATTR_TYPE, &(scheduleInfo->authType));
902 if (result != RESULT_SUCCESS) {
903 LOG_ERROR("GetAttributeUint32 authType failed");
904 return result;
905 }
906 result = GetAttributeUint32(attribute, ATTR_EXECUTOR_MATCHER, &(scheduleInfo->executorMatcher));
907 if (result != RESULT_SUCCESS) {
908 LOG_ERROR("GetAttributeUint32 executorMatcher failed");
909 return result;
910 }
911 result = GetAttributeInt32(attribute, ATTR_SCHEDULE_MODE, &(scheduleInfo->scheduleMode));
912 if (result != RESULT_SUCCESS) {
913 LOG_ERROR("GetAttributeInt32 scheduleMode failed");
914 return result;
915 }
916 Uint8Array remoteUdid = { scheduleInfo->remoteUdid, UDID_LEN };
917 result = GetAttributeUint8Array(attribute, ATTR_VERIFIER_UDID, &remoteUdid);
918 if (result != RESULT_SUCCESS) {
919 LOG_ERROR("GetAttributeUint8Array remoteUdid failed");
920 }
921 return result;
922 }
923
GetScheduleInfoFromAttribute(const Attribute *attribute, ScheduleInfoParam *scheduleInfo)924 IAM_STATIC ResultCode GetScheduleInfoFromAttribute(const Attribute *attribute, ScheduleInfoParam *scheduleInfo)
925 {
926 ResultCode result = GetScheduleInfoFromAttributeInner(attribute, scheduleInfo);
927 if (result != RESULT_SUCCESS) {
928 LOG_ERROR("GetScheduleInfoFromAttributeInner failed");
929 return result;
930 }
931 uint32_t executorRole;
932 result = GetAttributeUint32(attribute, ATTR_EXECUTOR_ROLE, &executorRole);
933 if (result != RESULT_SUCCESS) {
934 LOG_ERROR("GetAttributeUint32 scheduleMode failed");
935 return result;
936 }
937
938 Uint8Array collectorUdid = { scheduleInfo->localUdid, UDID_LEN };
939 result = GetAttributeUint8Array(attribute, ATTR_COLLECTOR_UDID, &collectorUdid);
940 if (result != RESULT_SUCCESS) {
941 LOG_ERROR("GetAttributeUint8Array localUdid failed");
942 return result;
943 }
944
945 if (!IsLocalUdid(collectorUdid)) {
946 LOG_ERROR("collector udid is not local udid");
947 return RESULT_GENERAL_ERROR;
948 }
949
950 result = GetExecutorIndexByCondition(scheduleInfo->authType, scheduleInfo->executorMatcher,
951 collectorUdid, executorRole, &scheduleInfo->executorIndex);
952 if (result != RESULT_SUCCESS) {
953 LOG_ERROR("GetExecutorIndex failed");
954 return result;
955 }
956
957 scheduleInfo->executorMessages = CreateExecutorCollectMsg(attribute, scheduleInfo);
958 if (!IsBufferValid(scheduleInfo->executorMessages)) {
959 LOG_ERROR("create executorMessages failed");
960 result = RESULT_GENERAL_ERROR;
961 }
962 return result;
963 }
964
CreateScheduleInfo(const Buffer *tlv, Uint8Array peerUdid, ScheduleInfoParam *scheduleInfo)965 ResultCode CreateScheduleInfo(const Buffer *tlv, Uint8Array peerUdid, ScheduleInfoParam *scheduleInfo)
966 {
967 if (!IsBufferValid(tlv) || IS_ARRAY_NULL(peerUdid) || (scheduleInfo == NULL)) {
968 LOG_ERROR("param is invalid");
969 return RESULT_BAD_PARAM;
970 }
971
972 Uint8Array msg = { tlv->buf, tlv->contentSize };
973 SignParam signParam = { .needSignature = true, .keyType = KEY_TYPE_CROSS_DEVICE, .peerUdid = peerUdid };
974 Attribute *attribute = CreateAttributeFromExecutorMsg(msg, signParam);
975 if (attribute == NULL) {
976 LOG_ERROR("CreateAttributeFromExecutorMsg failed");
977 return RESULT_GENERAL_ERROR;
978 }
979
980 ResultCode result = GetScheduleInfoFromAttribute(attribute, scheduleInfo);
981 if (result != RESULT_SUCCESS) {
982 LOG_ERROR("GetScheduleInfoFromAttribute failed");
983 }
984 FreeAttribute(&attribute);
985 return result;
986 }
987
GetAuthResultInfoFromAttribute(const Attribute *attribute, AuthResultParam *authResultInfo)988 IAM_STATIC ResultCode GetAuthResultInfoFromAttribute(const Attribute *attribute, AuthResultParam *authResultInfo)
989 {
990 ResultCode result = GetAttributeInt32(attribute, ATTR_RESULT, &(authResultInfo->result));
991 if (result != RESULT_SUCCESS) {
992 LOG_ERROR("GetAttributeInt32 result failed");
993 return result;
994 }
995 result = GetAttributeInt32(attribute, ATTR_LOCKOUT_DURATION, &(authResultInfo->lockoutDuration));
996 if (result != RESULT_SUCCESS) {
997 LOG_ERROR("GetAttributeInt32 lockoutDuration failed");
998 return result;
999 }
1000 result = GetAttributeInt32(attribute, ATTR_REMAIN_ATTEMPTS, &(authResultInfo->remainAttempts));
1001 if (result != RESULT_SUCCESS) {
1002 LOG_ERROR("GetAttributeInt32 remainAttempts failed");
1003 return result;
1004 }
1005 result = GetAttributeInt32(attribute, ATTR_USER_ID, &(authResultInfo->userId));
1006 if (result != RESULT_SUCCESS) {
1007 LOG_ERROR("GetAttributeInt32 userId failed");
1008 return result;
1009 }
1010
1011 uint8_t tokenData[AUTH_TOKEN_LEN] = {};
1012 Uint8Array tokenArray = { tokenData, AUTH_TOKEN_LEN };
1013 result = GetAttributeUint8Array(attribute, ATTR_TOKEN, &tokenArray);
1014 if (result != RESULT_SUCCESS) {
1015 LOG_ERROR("GetAttributeUint8Array token fail");
1016 return result;
1017 }
1018 authResultInfo->token = CreateBufferByData(tokenArray.data, tokenArray.len);
1019 if (!IsBufferValid(authResultInfo->token)) {
1020 LOG_ERROR("CreateBuffer token fail");
1021 return RESULT_BAD_COPY;
1022 }
1023 return RESULT_SUCCESS;
1024 }
1025
CreateAuthResultInfo(const Buffer *tlv, AuthResultParam *authResultInfo)1026 ResultCode CreateAuthResultInfo(const Buffer *tlv, AuthResultParam *authResultInfo)
1027 {
1028 if (!IsBufferValid(tlv) || (authResultInfo == NULL)) {
1029 LOG_ERROR("param is invalid");
1030 return RESULT_BAD_PARAM;
1031 }
1032
1033 Uint8Array msg = { tlv->buf, tlv->contentSize };
1034 Uint8Array peerUdid = { .data = authResultInfo->remoteUdid, .len = UDID_LEN };
1035 SignParam signParam = { .needSignature = true, .keyType = KEY_TYPE_CROSS_DEVICE, .peerUdid = peerUdid };
1036 Attribute *attribute = CreateAttributeFromExecutorMsg(msg, signParam);
1037 if (attribute == NULL) {
1038 LOG_ERROR("CreateAttributeFromExecutorMsg failed");
1039 return RESULT_GENERAL_ERROR;
1040 }
1041
1042 ResultCode result = GetAuthResultInfoFromAttribute(attribute, authResultInfo);
1043 if (result != RESULT_SUCCESS) {
1044 LOG_ERROR("GetAuthResultInfoFromAttribute failed");
1045 }
1046 FreeAttribute(&attribute);
1047 return result;
1048 }
1049
SetExecutorInfoMsgToAttribute(ExecutorInfoHal *executorInfo, Attribute *attribute)1050 IAM_STATIC ResultCode SetExecutorInfoMsgToAttribute(ExecutorInfoHal *executorInfo, Attribute *attribute)
1051 {
1052 ResultCode result = SetAttributeUint64(attribute, ATTR_EXECUTOR_INDEX, executorInfo->executorIndex);
1053 if (result != RESULT_SUCCESS) {
1054 LOG_ERROR("SetAttributeUint64 executorIndex failed");
1055 return RESULT_GENERAL_ERROR;
1056 }
1057 result = SetAttributeUint32(attribute, ATTR_TYPE, executorInfo->authType);
1058 if (result != RESULT_SUCCESS) {
1059 LOG_ERROR("SetAttributeUint32 authType failed");
1060 return RESULT_GENERAL_ERROR;
1061 }
1062 result = SetAttributeUint32(attribute, ATTR_EXECUTOR_ROLE, executorInfo->executorRole);
1063 if (result != RESULT_SUCCESS) {
1064 LOG_ERROR("SetAttributeUint32 executorRole failed");
1065 return RESULT_GENERAL_ERROR;
1066 }
1067 result = SetAttributeUint32(attribute, ATTR_ESL, executorInfo->esl);
1068 if (result != RESULT_SUCCESS) {
1069 LOG_ERROR("SetAttributeUint32 esl failed");
1070 return RESULT_GENERAL_ERROR;
1071 }
1072 Uint8Array publicKeyIn = { executorInfo->pubKey, PUBLIC_KEY_LEN };
1073 result = SetAttributeUint8Array(attribute, ATTR_PUBLIC_KEY, publicKeyIn);
1074 if (result != RESULT_SUCCESS) {
1075 LOG_ERROR("SetAttributeUint8Array for pubKey fail");
1076 return RESULT_GENERAL_ERROR;
1077 }
1078 return RESULT_SUCCESS;
1079 }
1080
GetExecutorInfoMsg(ExecutorInfoHal *executorInfo, Uint8Array *retMsg)1081 ResultCode GetExecutorInfoMsg(ExecutorInfoHal *executorInfo, Uint8Array *retMsg)
1082 {
1083 ResultCode result = RESULT_GENERAL_ERROR;
1084 Attribute *attribute = CreateEmptyAttribute();
1085 if (attribute == NULL) {
1086 LOG_ERROR("CreateEmptyAttribute failed");
1087 return RESULT_GENERAL_ERROR;
1088 }
1089 result = SetExecutorInfoMsgToAttribute(executorInfo, attribute);
1090 if (result != RESULT_SUCCESS) {
1091 LOG_ERROR("set msg to attribute failed");
1092 goto FAIL;
1093 }
1094 result = GetAttributeSerializedMsg(attribute, retMsg);
1095 if (result != RESULT_SUCCESS) {
1096 LOG_ERROR("GetAttributeSerializedMsg fail");
1097 goto FAIL;
1098 }
1099
1100 FAIL:
1101 FreeAttribute(&attribute);
1102 return result;
1103 }
1104
GetExecutorInfoTlv(Uint8Array attrsTlv, Uint8Array peerUdid)1105 Buffer *GetExecutorInfoTlv(Uint8Array attrsTlv, Uint8Array peerUdid)
1106 {
1107 if (IS_ARRAY_NULL(attrsTlv) || IS_ARRAY_NULL(peerUdid)) {
1108 LOG_ERROR("attrsTlv is NULL");
1109 return NULL;
1110 }
1111
1112 Buffer *retBuffer = NULL;
1113 Attribute *attribute = CreateEmptyAttribute();
1114 Uint8Array retInfo = { Malloc(MAX_EXECUTOR_MSG_LEN), MAX_EXECUTOR_MSG_LEN };
1115 if (attribute == NULL || IS_ARRAY_NULL(retInfo)) {
1116 LOG_ERROR("attribute or retInfo is NULL");
1117 goto FAIL;
1118 }
1119 ResultCode result = SetAttributeUint8Array(attribute, ATTR_ATTRS, attrsTlv);
1120 if (result != RESULT_SUCCESS) {
1121 LOG_ERROR("SetAttributeUint8Array for attrs fail");
1122 goto FAIL;
1123 }
1124
1125 SignParam signParam = { .needSignature = true, .keyType = KEY_TYPE_CROSS_DEVICE, .peerUdid = peerUdid };
1126 result = GetAttributeExecutorMsg(attribute, &retInfo, signParam);
1127 if (result != RESULT_SUCCESS) {
1128 LOG_ERROR("GetAttributeExecutorMsg failed");
1129 goto FAIL;
1130 }
1131
1132 retBuffer = CreateBufferByData(retInfo.data, retInfo.len);
1133 if (!IsBufferValid(retBuffer)) {
1134 LOG_ERROR("generate result buffer failed");
1135 goto FAIL;
1136 }
1137 LOG_INFO("GetExecutorInfoTlv success");
1138
1139 FAIL:
1140 FreeAttribute(&attribute);
1141 Free(retInfo.data);
1142 return retBuffer;
1143 }
1144