1 /*
2 * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #include "auth_interface.h"
16
17 #include <securec.h>
18 #include <stdbool.h>
19 #include <stdint.h>
20
21 #include "auth_device_common_key.h"
22 #include "auth_deviceprofile.h"
23 #include "auth_hichain.h"
24 #include "auth_hichain_adapter.h"
25 #include "auth_log.h"
26 #include "auth_manager.h"
27 #include "auth_meta_manager.h"
28 #include "bus_center_manager.h"
29 #include "customized_security_protocol.h"
30 #include "lnn_decision_db.h"
31 #include "lnn_distributed_net_ledger.h"
32 #include "lnn_feature_capability.h"
33 #include "lnn_meta_node_interface.h"
34 #include "lnn_ohos_account.h"
35 #include "lnn_parameter_utils.h"
36 #include "softbus_adapter_mem.h"
37 #include "softbus_def.h"
38
39 #define SHORT_ACCOUNT_HASH_LEN 2
40
41 typedef struct {
42 int32_t module;
43 AuthTransListener listener;
44 } ModuleListener;
45
46 static ModuleListener g_moduleListener[] = {
47 {
48 .module = MODULE_P2P_LINK,
49 .listener = { NULL, NULL },
50 },
51 {
52 .module = MODULE_P2P_LISTEN,
53 .listener = { NULL, NULL },
54 },
55 {
56 .module = MODULE_UDP_INFO,
57 .listener = { NULL, NULL },
58 },
59 {
60 .module = MODULE_TIME_SYNC,
61 .listener = { NULL, NULL },
62 },
63 {
64 .module = MODULE_P2P_NETWORKING_SYNC,
65 .listener = { NULL, NULL },
66 },
67 {
68 .module = MODULE_AUTH_SYNC_INFO,
69 .listener = { NULL, NULL },
70 },
71 {
72 .module = MODULE_PTK_VERIFY,
73 .listener = { NULL, NULL },
74 }
75 };
76
RegAuthTransListener(int32_t module, const AuthTransListener *listener)77 int32_t RegAuthTransListener(int32_t module, const AuthTransListener *listener)
78 {
79 AUTH_LOGI(AUTH_CONN, "Trans: add listener, module=%{public}d", module);
80 if (listener == NULL || listener->onDataReceived == NULL) {
81 AUTH_LOGE(AUTH_CONN, "Trans: invalid listener");
82 return SOFTBUS_INVALID_PARAM;
83 }
84 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
85 if (g_moduleListener[i].module == module) {
86 g_moduleListener[i].listener.onDataReceived = listener->onDataReceived;
87 g_moduleListener[i].listener.onDisconnected = listener->onDisconnected;
88 g_moduleListener[i].listener.onException = listener->onException;
89 return SOFTBUS_OK;
90 }
91 }
92 AUTH_LOGE(AUTH_CONN, "Trans: unknown module=%{public}d", module);
93 return SOFTBUS_ERR;
94 }
95
UnregAuthTransListener(int32_t module)96 void UnregAuthTransListener(int32_t module)
97 {
98 AUTH_LOGI(AUTH_CONN, "Trans: remove listener, module=%{public}d", module);
99 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
100 if (g_moduleListener[i].module == module) {
101 g_moduleListener[i].listener.onDataReceived = NULL;
102 g_moduleListener[i].listener.onDisconnected = NULL;
103 g_moduleListener[i].listener.onException = NULL;
104 return;
105 }
106 }
107 }
108
IsSupportFeatureByCapaBit(uint32_t feature, AuthCapability capaBit)109 bool IsSupportFeatureByCapaBit(uint32_t feature, AuthCapability capaBit)
110 {
111 return ((feature & (1 << (uint32_t)capaBit)) != 0);
112 }
113
NotifyTransDataReceived(AuthHandle authHandle, const AuthDataHead *head, const uint8_t *data, uint32_t len)114 static void NotifyTransDataReceived(AuthHandle authHandle,
115 const AuthDataHead *head, const uint8_t *data, uint32_t len)
116 {
117 AuthTransListener *listener = NULL;
118 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
119 if (g_moduleListener[i].module == head->module) {
120 listener = &(g_moduleListener[i].listener);
121 break;
122 }
123 }
124 if (listener == NULL || listener->onDataReceived == NULL) {
125 AUTH_LOGI(AUTH_CONN, "Trans: onDataReceived not found");
126 return;
127 }
128 AuthTransData transData = {
129 .module = head->module,
130 .flag = head->flag,
131 .seq = head->seq,
132 .len = len,
133 .data = data,
134 };
135 listener->onDataReceived(authHandle, &transData);
136 }
137
NotifyTransDisconnected(AuthHandle authHandle)138 static void NotifyTransDisconnected(AuthHandle authHandle)
139 {
140 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
141 if (g_moduleListener[i].listener.onDisconnected != NULL) {
142 g_moduleListener[i].listener.onDisconnected(authHandle);
143 }
144 }
145 }
146
NotifyTransException(AuthHandle authHandle, int32_t error)147 static void NotifyTransException(AuthHandle authHandle, int32_t error)
148 {
149 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
150 if (g_moduleListener[i].listener.onException != NULL) {
151 g_moduleListener[i].listener.onException(authHandle, error);
152 }
153 }
154 }
155
CheckSessionKeyAvailable(SessionKeyList *list, AuthLinkType type)156 static int32_t CheckSessionKeyAvailable(SessionKeyList *list, AuthLinkType type)
157 {
158 if (!CheckSessionKeyListExistType(list, type)) {
159 AUTH_LOGI(AUTH_CONN, "client sessionkey invalid, type=%{public}d", type);
160 return SOFTBUS_AUTH_SESSION_KEY_INVALID;
161 }
162 if (CheckSessionKeyListHasOldKey(list, type)) {
163 AUTH_LOGI(AUTH_CONN, "client sessionkey is old, type=%{public}d", type);
164 return SOFTBUS_AUTH_SESSION_KEY_TOO_OLD;
165 }
166 return SOFTBUS_OK;
167 }
168
AuthCheckSessionKeyValidByConnInfo(const char *networkId, const AuthConnInfo *connInfo)169 int32_t AuthCheckSessionKeyValidByConnInfo(const char *networkId, const AuthConnInfo *connInfo)
170 {
171 if (networkId == NULL || connInfo == NULL) {
172 AUTH_LOGE(AUTH_CONN, "param is null");
173 return SOFTBUS_INVALID_PARAM;
174 }
175 NodeInfo nodeInfo;
176 (void)memset_s(&nodeInfo, sizeof(NodeInfo), 0, sizeof(NodeInfo));
177 if (LnnGetRemoteNodeInfoById(networkId, CATEGORY_NETWORK_ID, &nodeInfo) != SOFTBUS_OK) {
178 return SOFTBUS_NETWORK_GET_NODE_INFO_ERR;
179 }
180 if (!IsSupportFeatureByCapaBit(nodeInfo.authCapacity, BIT_SUPPORT_NORMALIZED_LINK)) {
181 return SOFTBUS_OK;
182 }
183 AuthManager *authClient = GetAuthManagerByConnInfo(connInfo, false);
184 AuthManager *authServer = GetAuthManagerByConnInfo(connInfo, true);
185 int64_t authId = AUTH_INVALID_ID;
186 AuthLinkType type = connInfo->type;
187 if (authClient == NULL && authServer == NULL) {
188 if (connInfo->type == AUTH_LINK_TYPE_BR) {
189 AUTH_LOGI(AUTH_CONN, "check ble sessionkey");
190 authId = AuthDeviceGetIdByUuid(nodeInfo.uuid, AUTH_LINK_TYPE_BLE, false);
191 authClient = GetAuthManagerByAuthId(authId);
192 authId = AuthDeviceGetIdByUuid(nodeInfo.uuid, AUTH_LINK_TYPE_BLE, true);
193 authServer = GetAuthManagerByAuthId(authId);
194 type = AUTH_LINK_TYPE_BLE;
195 }
196 if (authClient == NULL && authServer == NULL) {
197 AUTH_LOGE(AUTH_CONN, "client and server auth not found, type=%{public}d", type);
198 return SOFTBUS_AUTH_NOT_FOUND;
199 }
200 }
201 int32_t ret = SOFTBUS_OK;
202 do {
203 if (authClient != NULL) {
204 ret = CheckSessionKeyAvailable(&authClient->sessionKeyList, type);
205 if (ret != SOFTBUS_OK) {
206 break;
207 }
208 }
209 if (authServer != NULL) {
210 ret = CheckSessionKeyAvailable(&authServer->sessionKeyList, type);
211 if (ret != SOFTBUS_OK) {
212 break;
213 }
214 }
215 } while (false);
216 DelDupAuthManager(authClient);
217 DelDupAuthManager(authServer);
218 return ret;
219 }
220
AuthCheckSessionKeyValidByAuthHandle(const AuthHandle *authHandle)221 int32_t AuthCheckSessionKeyValidByAuthHandle(const AuthHandle *authHandle)
222 {
223 if (authHandle == NULL) {
224 AUTH_LOGE(AUTH_CONN, "param is null");
225 return SOFTBUS_INVALID_PARAM;
226 }
227 AuthManager *auth = GetAuthManagerByAuthId(authHandle->authId);
228 if (auth == NULL) {
229 AUTH_LOGE(AUTH_CONN, "not found auth manager, type=%{public}d, authId=%{public}" PRId64,
230 authHandle->type, authHandle->authId);
231 return SOFTBUS_AUTH_NOT_FOUND;
232 }
233 int32_t ret = SOFTBUS_OK;
234 if (!CheckSessionKeyListExistType(&auth->sessionKeyList, (AuthLinkType)authHandle->type)) {
235 AUTH_LOGI(AUTH_CONN, "sessionkey invalid, authId=%{public}" PRId64", type=%{public}d",
236 authHandle->authId, authHandle->type);
237 ret = SOFTBUS_AUTH_SESSION_KEY_INVALID;
238 }
239 DelDupAuthManager(auth);
240 return ret;
241 }
242
AuthOpenConn(const AuthConnInfo *info, uint32_t requestId, const AuthConnCallback *callback, bool isMeta)243 int32_t AuthOpenConn(const AuthConnInfo *info, uint32_t requestId, const AuthConnCallback *callback,
244 bool isMeta)
245 {
246 if (info == NULL || callback == NULL) {
247 AUTH_LOGE(AUTH_CONN, "info or callback is null");
248 return SOFTBUS_INVALID_PARAM;
249 }
250 if (isMeta) {
251 return AuthMetaOpenConn(info, requestId, callback);
252 }
253 return AuthDeviceOpenConn(info, requestId, callback);
254 }
255
AuthPostTransData(AuthHandle authHandle, const AuthTransData *dataInfo)256 int32_t AuthPostTransData(AuthHandle authHandle, const AuthTransData *dataInfo)
257 {
258 if (authHandle.type < AUTH_LINK_TYPE_WIFI || authHandle.type >= AUTH_LINK_TYPE_MAX) {
259 AUTH_LOGE(AUTH_CONN, "authHandle type error");
260 return SOFTBUS_INVALID_PARAM;
261 }
262 AuthManager *auth = GetAuthManagerByAuthId(authHandle.authId);
263 if (auth != NULL) {
264 DelDupAuthManager(auth);
265 return AuthDevicePostTransData(authHandle, dataInfo);
266 }
267 return AuthMetaPostTransData(authHandle.authId, dataInfo);
268 }
269
AuthCloseConn(AuthHandle authHandle)270 void AuthCloseConn(AuthHandle authHandle)
271 {
272 if (authHandle.type < AUTH_LINK_TYPE_WIFI || authHandle.type >= AUTH_LINK_TYPE_MAX) {
273 AUTH_LOGE(AUTH_CONN, "authHandle type error");
274 return;
275 }
276 AuthManager *auth = GetAuthManagerByAuthId(authHandle.authId);
277 if (auth != NULL) {
278 DelDupAuthManager(auth);
279 AuthDeviceCloseConn(authHandle);
280 return;
281 }
282 AuthMetaCloseConn(authHandle.authId);
283 }
284
AuthAllocConn(const char *networkId, uint32_t authRequestId, AuthConnCallback *callback)285 int32_t AuthAllocConn(const char *networkId, uint32_t authRequestId, AuthConnCallback *callback)
286 {
287 if (networkId == NULL || callback == NULL) {
288 AUTH_LOGE(AUTH_CONN, "param invalid");
289 return SOFTBUS_INVALID_PARAM;
290 }
291 return AuthAllocLane(networkId, authRequestId, callback);
292 }
293
AuthFreeConn(const AuthHandle *authHandle)294 void AuthFreeConn(const AuthHandle *authHandle)
295 {
296 if (authHandle == NULL) {
297 AUTH_LOGE(AUTH_CONN, "param invalid");
298 return;
299 }
300 AuthFreeLane(authHandle);
301 DelAuthReqInfoByAuthHandle(authHandle);
302 }
303
AuthGetPreferConnInfo(const char *uuid, AuthConnInfo *connInfo, bool isMeta)304 int32_t AuthGetPreferConnInfo(const char *uuid, AuthConnInfo *connInfo, bool isMeta)
305 {
306 if (isMeta) {
307 return AuthMetaGetPreferConnInfo(uuid, connInfo);
308 }
309 return AuthDeviceGetPreferConnInfo(uuid, connInfo);
310 }
311
AuthGetConnInfoByType(const char *uuid, AuthLinkType type, AuthConnInfo *connInfo, bool isMeta)312 int32_t AuthGetConnInfoByType(const char *uuid, AuthLinkType type, AuthConnInfo *connInfo, bool isMeta)
313 {
314 if (isMeta) {
315 return SOFTBUS_INVALID_PARAM;
316 }
317 return AuthDeviceGetConnInfoByType(uuid, type, connInfo);
318 }
319
AuthGetP2pConnInfo(const char *uuid, AuthConnInfo *connInfo, bool isMeta)320 int32_t AuthGetP2pConnInfo(const char *uuid, AuthConnInfo *connInfo, bool isMeta)
321 {
322 if (isMeta) {
323 return AUTH_INVALID_ID;
324 }
325 return AuthDeviceGetP2pConnInfo(uuid, connInfo);
326 }
327
AuthGetHmlConnInfo(const char *uuid, AuthConnInfo *connInfo, bool isMeta)328 int32_t AuthGetHmlConnInfo(const char *uuid, AuthConnInfo *connInfo, bool isMeta)
329 {
330 if (isMeta) {
331 return AUTH_INVALID_ID;
332 }
333 return AuthDeviceGetHmlConnInfo(uuid, connInfo);
334 }
335
336 /* for ProxyChannel & P2P TcpDirectchannel */
AuthGetLatestIdByUuid(const char *uuid, AuthLinkType type, bool isMeta, AuthHandle *authHandle)337 void AuthGetLatestIdByUuid(const char *uuid, AuthLinkType type, bool isMeta, AuthHandle *authHandle)
338 {
339 if (authHandle == NULL) {
340 AUTH_LOGE(AUTH_CONN, "authHandle is null");
341 return;
342 }
343 authHandle->authId = AUTH_INVALID_ID;
344 if (isMeta) {
345 return;
346 }
347 AuthDeviceGetLatestIdByUuid(uuid, type, authHandle);
348 }
349
AuthGetIdByConnInfo(const AuthConnInfo *connInfo, bool isServer, bool isMeta)350 int64_t AuthGetIdByConnInfo(const AuthConnInfo *connInfo, bool isServer, bool isMeta)
351 {
352 if (isMeta) {
353 return AuthMetaGetIdByConnInfo(connInfo, isServer);
354 }
355 return AuthDeviceGetIdByConnInfo(connInfo, isServer);
356 }
357
AuthGetIdByUuid(const char *uuid, AuthLinkType type, bool isServer, bool isMeta)358 int64_t AuthGetIdByUuid(const char *uuid, AuthLinkType type, bool isServer, bool isMeta)
359 {
360 if (isMeta) {
361 return AuthMetaGetIdByUuid(uuid, type, isServer);
362 }
363 return AuthDeviceGetIdByUuid(uuid, type, isServer);
364 }
365
AuthGetAuthHandleByIndex(const AuthConnInfo *connInfo, bool isServer, int32_t index, AuthHandle *authHandle)366 int32_t AuthGetAuthHandleByIndex(const AuthConnInfo *connInfo, bool isServer, int32_t index,
367 AuthHandle *authHandle)
368 {
369 if (connInfo == NULL || authHandle == NULL) {
370 AUTH_LOGE(AUTH_CONN, "param is null");
371 return SOFTBUS_INVALID_PARAM;
372 }
373 int32_t ret = SOFTBUS_OK;
374 char networkId[NETWORK_ID_BUF_LEN] = { 0 };
375 NodeInfo info;
376 (void)memset_s(&info, sizeof(NodeInfo), 0, sizeof(NodeInfo));
377 switch (connInfo->type) {
378 case AUTH_LINK_TYPE_WIFI:
379 ret = LnnGetRemoteNodeInfoByKey(connInfo->info.ipInfo.ip, &info);
380 if (ret != SOFTBUS_OK) {
381 AUTH_LOGE(AUTH_CONN, "get remote nodeInfo by ip failed, ret=%{public}d", ret);
382 return ret;
383 }
384 break;
385 case AUTH_LINK_TYPE_BLE:
386 if (LnnGetNetworkIdByUdidHash(connInfo->info.bleInfo.deviceIdHash, UDID_HASH_LEN, networkId,
387 sizeof(networkId)) != SOFTBUS_OK) {
388 AUTH_LOGE(AUTH_CONN, "get networkId fail");
389 return SOFTBUS_NOT_FIND;
390 }
391 ret = LnnGetRemoteNodeInfoByKey(networkId, &info);
392 if (ret != SOFTBUS_OK) {
393 AUTH_LOGE(AUTH_CONN, "get remote nodeInfo by networkId failed, ret=%{public}d", ret);
394 return ret;
395 }
396 break;
397 case AUTH_LINK_TYPE_BR:
398 ret = LnnGetRemoteNodeInfoByKey(connInfo->info.brInfo.brMac, &info);
399 if (ret != SOFTBUS_OK) {
400 AUTH_LOGE(AUTH_CONN, "get remote nodeInfo by brMac failed, ret=%{public}d", ret);
401 return ret;
402 }
403 break;
404 default:
405 AUTH_LOGE(AUTH_CONN, "unknown connType. type=%{public}d", connInfo->type);
406 return SOFTBUS_INVALID_PARAM;
407 }
408 if (!IsSupportFeatureByCapaBit(info.feature, BIT_SUPPORT_NORMALIZED_LINK)) {
409 AUTH_LOGE(AUTH_CONN, "not support normalize");
410 return SOFTBUS_AUTH_NOT_SUPPORT_NORMALIZE;
411 }
412 return AuthDeviceGetAuthHandleByIndex(info.deviceInfo.deviceUdid, isServer, index, authHandle);
413 }
414
FillAuthSessionInfo(AuthSessionInfo *info, const NodeInfo *nodeInfo, AuthDeviceKeyInfo *keyInfo, bool hasDeviceKey)415 static int32_t FillAuthSessionInfo(AuthSessionInfo *info, const NodeInfo *nodeInfo, AuthDeviceKeyInfo *keyInfo,
416 bool hasDeviceKey)
417 {
418 uint8_t localUdidHash[UDID_HASH_LEN] = {0};
419 if (LnnGetLocalByteInfo(BYTE_KEY_UDID_HASH, localUdidHash, UDID_HASH_LEN) != SOFTBUS_OK) {
420 AUTH_LOGE(AUTH_KEY, "get local udid hash fail");
421 return SOFTBUS_ERR;
422 }
423 bool isSupportNormalizedKey = IsSupportFeatureByCapaBit(nodeInfo->authCapacity, BIT_SUPPORT_NORMALIZED_LINK);
424 if (!hasDeviceKey) {
425 int32_t ret = memcmp(localUdidHash, info->connInfo.info.bleInfo.deviceIdHash, SHORT_HASH_LEN);
426 keyInfo->isServerSide = ret < 0 ? true : false;
427 keyInfo->keyIndex = GenSeq(keyInfo->isServerSide);
428 }
429 info->isServer = keyInfo->isServerSide;
430 info->connId = (uint64_t)keyInfo->keyIndex;
431 info->version = SOFTBUS_NEW_V2;
432 info->normalizedType = isSupportNormalizedKey ? NORMALIZED_SUPPORT : NORMALIZED_NOT_SUPPORT;
433 info->normalizedIndex = keyInfo->keyIndex;
434 if (strcpy_s(info->uuid, sizeof(info->uuid), nodeInfo->uuid) != EOK ||
435 strcpy_s(info->udid, sizeof(info->udid), nodeInfo->deviceInfo.deviceUdid) != EOK) {
436 AUTH_LOGE(AUTH_KEY, "restore manager fail because copy uuid/udid fail");
437 return SOFTBUS_ERR;
438 }
439 return SOFTBUS_OK;
440 }
441
AuthDirectOnlineProcessSessionKey(AuthSessionInfo *info, AuthDeviceKeyInfo *keyInfo, int64_t *authId)442 static int32_t AuthDirectOnlineProcessSessionKey(AuthSessionInfo *info, AuthDeviceKeyInfo *keyInfo, int64_t *authId)
443 {
444 SessionKey sessionKey;
445 (void)memset_s(&sessionKey, sizeof(SessionKey), 0, sizeof(SessionKey));
446 if (memcpy_s(sessionKey.value, sizeof(sessionKey.value), keyInfo->deviceKey, sizeof(keyInfo->deviceKey)) != EOK) {
447 AUTH_LOGE(AUTH_KEY, "restore manager fail because memcpy device key");
448 return SOFTBUS_MEM_ERR;
449 }
450 sessionKey.len = keyInfo->keyLen;
451 if (AuthManagerSetSessionKey(keyInfo->keyIndex, info, &sessionKey, false, keyInfo->isOldKey) != SOFTBUS_OK) {
452 AUTH_LOGE(AUTH_KEY, "set sessionkey fail, index=%{public}" PRId64, keyInfo->keyIndex);
453 (void)memset_s(&sessionKey, sizeof(SessionKey), 0, sizeof(SessionKey));
454 return SOFTBUS_ERR;
455 }
456 AuthManager *auth = GetAuthManagerByConnInfo(&info->connInfo, info->isServer);
457 if (auth == NULL) {
458 AUTH_LOGE(AUTH_KEY, "authManager is null");
459 (void)memset_s(&sessionKey, sizeof(SessionKey), 0, sizeof(SessionKey));
460 return SOFTBUS_ERR;
461 }
462 *authId = auth->authId;
463 DelDupAuthManager(auth);
464 (void)memset_s(&sessionKey, sizeof(SessionKey), 0, sizeof(SessionKey));
465 return SOFTBUS_OK;
466 }
467
AuthDirectOnlineWithoutSessionKey(AuthSessionInfo *info, AuthDeviceKeyInfo *keyInfo, int64_t *authId)468 static int32_t AuthDirectOnlineWithoutSessionKey(AuthSessionInfo *info, AuthDeviceKeyInfo *keyInfo, int64_t *authId)
469 {
470 if (AuthDirectOnlineCreateAuthManager(keyInfo->keyIndex, info) != SOFTBUS_OK) {
471 AUTH_LOGE(AUTH_KEY, "create auth manager fail, index=%{public}" PRId64, keyInfo->keyIndex);
472 return SOFTBUS_ERR;
473 }
474 AuthManager *auth = GetAuthManagerByConnInfo(&info->connInfo, info->isServer);
475 if (auth == NULL) {
476 AUTH_LOGE(AUTH_KEY, "authManager is null");
477 return SOFTBUS_ERR;
478 }
479 *authId = auth->authId;
480 DelDupAuthManager(auth);
481 return SOFTBUS_OK;
482 }
483
AuthRestoreAuthManager(const char *udidHash, const AuthConnInfo *connInfo, uint32_t requestId, NodeInfo *nodeInfo, int64_t *authId)484 int32_t AuthRestoreAuthManager(const char *udidHash,
485 const AuthConnInfo *connInfo, uint32_t requestId, NodeInfo *nodeInfo, int64_t *authId)
486 {
487 if (udidHash == NULL || connInfo == NULL || nodeInfo == NULL || authId == NULL) {
488 AUTH_LOGE(AUTH_CONN, "restore manager fail because para error");
489 return SOFTBUS_ERR;
490 }
491 // get device key
492 bool hasDeviceKey = false;
493 AuthDeviceKeyInfo keyInfo = {0};
494 bool isSupportCloud = IsCloudSyncEnabled() && IsFeatureSupport(nodeInfo->feature, BIT_CLOUD_SYNC_DEVICE_INFO);
495 if (AuthFindLatestNormalizeKey(udidHash, &keyInfo, !isSupportCloud) == SOFTBUS_OK ||
496 AuthFindDeviceKey(udidHash, connInfo->type, &keyInfo) == SOFTBUS_OK) {
497 hasDeviceKey = true;
498 }
499 if (!isSupportCloud && (!hasDeviceKey || keyInfo.isOldKey)) {
500 AUTH_LOGE(AUTH_KEY, "restore manager fail because device key not exist");
501 (void)memset_s(&keyInfo, sizeof(AuthDeviceKeyInfo), 0, sizeof(AuthDeviceKeyInfo));
502 return SOFTBUS_ERR;
503 }
504 if (SoftBusGenerateStrHash((unsigned char *)nodeInfo->deviceInfo.deviceUdid,
505 strlen(nodeInfo->deviceInfo.deviceUdid), (unsigned char *)connInfo->info.bleInfo.deviceIdHash) != SOFTBUS_OK) {
506 AUTH_LOGE(AUTH_KEY, "restore manager fail because generate strhash");
507 (void)memset_s(&keyInfo, sizeof(AuthDeviceKeyInfo), 0, sizeof(AuthDeviceKeyInfo));
508 return SOFTBUS_ERR;
509 }
510 AuthSessionInfo info;
511 (void)memset_s(&info, sizeof(AuthSessionInfo), 0, sizeof(AuthSessionInfo));
512 info.requestId = requestId;
513 info.connInfo = *connInfo;
514 info.isOldKey = keyInfo.isOldKey;
515 if (FillAuthSessionInfo(&info, nodeInfo, &keyInfo, hasDeviceKey) != SOFTBUS_OK) {
516 AUTH_LOGE(AUTH_KEY, "fill authSessionInfo fail");
517 (void)memset_s(&keyInfo, sizeof(AuthDeviceKeyInfo), 0, sizeof(AuthDeviceKeyInfo));
518 return SOFTBUS_ERR;
519 }
520 int32_t ret = hasDeviceKey ? AuthDirectOnlineProcessSessionKey(&info, &keyInfo, authId) :
521 AuthDirectOnlineWithoutSessionKey(&info, &keyInfo, authId);
522 (void)memset_s(&keyInfo, sizeof(AuthDeviceKeyInfo), 0, sizeof(AuthDeviceKeyInfo));
523 return ret;
524 }
525
AuthEncrypt(AuthHandle *authHandle, const uint8_t *inData, uint32_t inLen, uint8_t *outData, uint32_t *outLen)526 int32_t AuthEncrypt(AuthHandle *authHandle, const uint8_t *inData, uint32_t inLen, uint8_t *outData,
527 uint32_t *outLen)
528 {
529 if (authHandle == NULL) {
530 AUTH_LOGE(AUTH_KEY, "authHandle is null");
531 return SOFTBUS_INVALID_PARAM;
532 }
533 AuthManager *auth = GetAuthManagerByAuthId(authHandle->authId);
534 if (auth != NULL) {
535 DelDupAuthManager(auth);
536 return AuthDeviceEncrypt(authHandle, inData, inLen, outData, outLen);
537 }
538 return AuthMetaEncrypt(authHandle->authId, inData, inLen, outData, outLen);
539 }
540
AuthDecrypt(AuthHandle *authHandle, const uint8_t *inData, uint32_t inLen, uint8_t *outData, uint32_t *outLen)541 int32_t AuthDecrypt(AuthHandle *authHandle, const uint8_t *inData, uint32_t inLen, uint8_t *outData,
542 uint32_t *outLen)
543 {
544 if (authHandle == NULL) {
545 AUTH_LOGE(AUTH_KEY, "authHandle is null");
546 return SOFTBUS_INVALID_PARAM;
547 }
548 AuthManager *auth = GetAuthManagerByAuthId(authHandle->authId);
549 if (auth != NULL) {
550 DelDupAuthManager(auth);
551 return AuthDeviceDecrypt(authHandle, inData, inLen, outData, outLen);
552 }
553 return AuthMetaDecrypt(authHandle->authId, inData, inLen, outData, outLen);
554 }
555
AuthSetP2pMac(int64_t authId, const char *p2pMac)556 int32_t AuthSetP2pMac(int64_t authId, const char *p2pMac)
557 {
558 AuthManager *auth = GetAuthManagerByAuthId(authId);
559 if (auth != NULL) {
560 DelDupAuthManager(auth);
561 return AuthDeviceSetP2pMac(authId, p2pMac);
562 }
563 return AuthMetaSetP2pMac(authId, p2pMac);
564 }
565
AuthGetConnInfo(AuthHandle authHandle, AuthConnInfo *connInfo)566 int32_t AuthGetConnInfo(AuthHandle authHandle, AuthConnInfo *connInfo)
567 {
568 if (authHandle.type < AUTH_LINK_TYPE_WIFI || authHandle.type >= AUTH_LINK_TYPE_MAX) {
569 AUTH_LOGE(AUTH_CONN, "authHandle type error");
570 return SOFTBUS_INVALID_PARAM;
571 }
572 AuthManager *auth = GetAuthManagerByAuthId(authHandle.authId);
573 if (auth != NULL) {
574 DelDupAuthManager(auth);
575 return AuthDeviceGetConnInfo(authHandle, connInfo);
576 }
577 return AuthMetaGetConnInfo(authHandle.authId, connInfo);
578 }
579
AuthGetDeviceUuid(int64_t authId, char *uuid, uint16_t size)580 int32_t AuthGetDeviceUuid(int64_t authId, char *uuid, uint16_t size)
581 {
582 AuthManager *auth = GetAuthManagerByAuthId(authId);
583 if (auth != NULL) {
584 DelDupAuthManager(auth);
585 return AuthDeviceGetDeviceUuid(authId, uuid, size);
586 }
587 return AuthMetaGetDeviceUuid(authId, uuid, size);
588 }
589
AuthGetVersion(int64_t authId, SoftBusVersion *version)590 int32_t AuthGetVersion(int64_t authId, SoftBusVersion *version)
591 {
592 return AuthDeviceGetVersion(authId, version);
593 }
594
AuthGetServerSide(int64_t authId, bool *isServer)595 int32_t AuthGetServerSide(int64_t authId, bool *isServer)
596 {
597 AuthManager *auth = GetAuthManagerByAuthId(authId);
598 if (auth != NULL) {
599 DelDupAuthManager(auth);
600 return AuthDeviceGetServerSide(authId, isServer);
601 }
602 return AuthMetaGetServerSide(authId, isServer);
603 }
604
AuthGetMetaType(int64_t authId, bool *isMetaAuth)605 int32_t AuthGetMetaType(int64_t authId, bool *isMetaAuth)
606 {
607 if (isMetaAuth == NULL) {
608 AUTH_LOGW(AUTH_CONN, "invalid param");
609 return SOFTBUS_INVALID_PARAM;
610 }
611 AuthManager *auth = GetAuthManagerByAuthId(authId);
612 if (auth != NULL) {
613 DelDupAuthManager(auth);
614 *isMetaAuth = false;
615 return SOFTBUS_OK;
616 }
617 *isMetaAuth = true;
618 return SOFTBUS_OK;
619 }
620
AuthGetGroupType(const char *udid, const char *uuid)621 uint32_t AuthGetGroupType(const char *udid, const char *uuid)
622 {
623 uint32_t type = 0;
624 if (udid == NULL || uuid == NULL) {
625 AUTH_LOGW(AUTH_HICHAIN, "udid or uuid is null");
626 return type;
627 }
628 type |= CheckDeviceInGroupByType(udid, uuid, AUTH_GROUP_ACCOUNT) ? GROUP_TYPE_ACCOUNT : 0;
629 type |= CheckDeviceInGroupByType(udid, uuid, AUTH_GROUP_P2P) ? GROUP_TYPE_P2P : 0;
630 type |= CheckDeviceInGroupByType(udid, uuid, AUTH_GROUP_MESH) ? GROUP_TYPE_MESH : 0;
631 type |= CheckDeviceInGroupByType(udid, uuid, AUTH_GROUP_COMPATIBLE) ? GROUP_TYPE_COMPATIBLE : 0;
632 return type;
633 }
634
AuthIsPotentialTrusted(const DeviceInfo *device)635 bool AuthIsPotentialTrusted(const DeviceInfo *device)
636 {
637 uint8_t localAccountHash[SHA_256_HASH_LEN] = {0};
638 DeviceInfo defaultInfo;
639 (void)memset_s(&defaultInfo, sizeof(DeviceInfo), 0, sizeof(DeviceInfo));
640
641 if (device == NULL) {
642 AUTH_LOGE(AUTH_HICHAIN, "device is null");
643 return false;
644 }
645 if (memcmp(device->devId, defaultInfo.devId, SHA_256_HASH_LEN) == 0) {
646 AUTH_LOGW(AUTH_HICHAIN, "devId is empty");
647 return false;
648 }
649 if (memcmp(device->accountHash, defaultInfo.accountHash, SHORT_ACCOUNT_HASH_LEN) == 0) {
650 AUTH_LOGI(AUTH_HICHAIN, "devId accountHash is empty");
651 return true;
652 }
653 if (LnnGetLocalByteInfo(BYTE_KEY_ACCOUNT_HASH, localAccountHash, SHA_256_HASH_LEN) != SOFTBUS_OK) {
654 AUTH_LOGE(AUTH_HICHAIN, "get local accountHash fail");
655 return false;
656 }
657 if (memcmp(localAccountHash, device->accountHash, SHORT_ACCOUNT_HASH_LEN) == 0 && !LnnIsDefaultOhosAccount()) {
658 AUTH_LOGD(AUTH_HICHAIN, "account is same, continue verify progress. account=%{public}02X%{public}02X",
659 device->accountHash[0], device->accountHash[1]);
660 return true;
661 }
662 if (IsPotentialTrustedDevice(ID_TYPE_DEVID, device->devId, false, false) ||
663 IsPotentialTrustedDeviceDp(device->devId)) {
664 AUTH_LOGI(AUTH_HICHAIN, "device is potential trusted, continue verify progress");
665 return true;
666 }
667 return false;
668 }
669
IsSameAccountDevice(const DeviceInfo *device)670 bool IsSameAccountDevice(const DeviceInfo *device)
671 {
672 if (device == NULL) {
673 AUTH_LOGE(AUTH_HICHAIN, "invalid param");
674 return false;
675 }
676
677 uint8_t localAccountHash[SHA_256_HASH_LEN] = { 0 };
678 if (LnnGetLocalByteInfo(BYTE_KEY_ACCOUNT_HASH, localAccountHash, SHA_256_HASH_LEN) != SOFTBUS_OK) {
679 AUTH_LOGE(AUTH_HICHAIN, "get local accountHash fail");
680 return false;
681 }
682 if (memcmp(localAccountHash, device->accountHash, SHORT_ACCOUNT_HASH_LEN) == 0 && !LnnIsDefaultOhosAccount()) {
683 AUTH_LOGI(AUTH_HICHAIN, "account is same, continue check same account group relation.");
684 return true;
685 }
686 return false;
687 }
688
AuthHasSameAccountGroup(void)689 bool AuthHasSameAccountGroup(void)
690 {
691 if (IsSameAccountGroupDevice()) {
692 AUTH_LOGI(AUTH_HICHAIN, "device has same account group relation, continue verify progress");
693 return true;
694 }
695 return false;
696 }
697
AuthHasTrustedRelation(void)698 TrustedReturnType AuthHasTrustedRelation(void)
699 {
700 uint32_t num = 0;
701 char *udidArray = NULL;
702
703 if (LnnGetTrustedDevInfoFromDb(&udidArray, &num) != SOFTBUS_OK) {
704 AUTH_LOGE(AUTH_CONN, "auth get trusted dev info fail");
705 return TRUSTED_RELATION_IGNORE;
706 }
707 SoftBusFree(udidArray);
708 AUTH_LOGD(AUTH_CONN, "auth get trusted relation num=%{public}u", num);
709 return (num != 0) ? TRUSTED_RELATION_YES : TRUSTED_RELATION_NO;
710 }
711
IsAuthHasTrustedRelation(void)712 bool IsAuthHasTrustedRelation(void)
713 {
714 bool hasTrustedRelation = (AuthHasTrustedRelation() == TRUSTED_RELATION_YES) ? true : false;
715 return hasTrustedRelation;
716 }
717
AuthCheckMetaExist(const AuthConnInfo *connInfo, bool *isExist)718 int32_t AuthCheckMetaExist(const AuthConnInfo *connInfo, bool *isExist)
719 {
720 if (connInfo == NULL || isExist == NULL) {
721 AUTH_LOGE(AUTH_CONN, "invalid param");
722 return SOFTBUS_INVALID_PARAM;
723 }
724 AuthMetaCheckMetaExist(connInfo, isExist);
725 return SOFTBUS_OK;
726 }
727
AuthInit(void)728 int32_t AuthInit(void)
729 {
730 AuthTransCallback callBack = {
731 .onDataReceived = NotifyTransDataReceived,
732 .onDisconnected = NotifyTransDisconnected,
733 .onException = NotifyTransException,
734 };
735 int32_t ret = AuthDeviceInit(&callBack);
736 if (ret == SOFTBUS_ERR || ret == SOFTBUS_INVALID_PARAM) {
737 AUTH_LOGE(AUTH_INIT, "auth device init failed");
738 return SOFTBUS_ERR;
739 }
740 ret = RegHichainSaStatusListener();
741 if (ret != SOFTBUS_OK && ret != SOFTBUS_NOT_IMPLEMENT) {
742 AUTH_LOGE(AUTH_INIT, "regHichainSaStatusListener failed");
743 return SOFTBUS_ERR;
744 }
745 ret = CustomizedSecurityProtocolInit();
746 if (ret != SOFTBUS_OK && ret != SOFTBUS_NOT_IMPLEMENT) {
747 AUTH_LOGI(AUTH_INIT, "customized protocol init failed, ret=%{public}d", ret);
748 return ret;
749 }
750 AuthLoadDeviceKey();
751 return AuthMetaInit(&callBack);
752 }
753
AuthDeinit(void)754 void AuthDeinit(void)
755 {
756 AuthDeviceDeinit();
757 CustomizedSecurityProtocolDeinit();
758 AuthMetaDeinit();
759 }
760
AuthServerDeathCallback(const char *pkgName, int32_t pid)761 void AuthServerDeathCallback(const char *pkgName, int32_t pid)
762 {
763 DelAuthMetaManagerByPid(pkgName, pid);
764 ClearMetaNodeRequestByPid(pkgName, pid);
765 }
766