1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "pin_auth_executor_hdi.h"
17
18 #include "hdf_base.h"
19 #include "iam_logger.h"
20 #include "iam_defines.h"
21 #include "hisysevent.h"
22 #include "pin_auth_executor_callback_hdi.h"
23
24 #define LOG_LABEL UserIam::Common::LABEL_PIN_AUTH_SA
25
26 namespace OHOS {
27 namespace UserIam {
28 namespace PinAuth {
29 using IamResultCode = OHOS::UserIam::UserAuth::ResultCode;
30 using IamExecutorRole = UserIam::UserAuth::ExecutorRole;
31
PinAuthExecutorHdi(const sptr<HDI::PinAuth::V1_0::IExecutor> & executorProxy)32 PinAuthExecutorHdi::PinAuthExecutorHdi(const sptr<HDI::PinAuth::V1_0::IExecutor> &executorProxy)
33 : executorProxy_(executorProxy)
34 {
35 }
36
GetExecutorInfo(UserAuth::ExecutorInfo & info)37 IamResultCode PinAuthExecutorHdi::GetExecutorInfo(UserAuth::ExecutorInfo &info)
38 {
39 if (executorProxy_ == nullptr) {
40 IAM_LOGE("executorProxy is null");
41 return IamResultCode::GENERAL_ERROR;
42 }
43
44 PinHdi::ExecutorInfo localInfo = { };
45 int32_t status = executorProxy_->GetExecutorInfo(localInfo);
46 IamResultCode result = ConvertResultCode(status);
47 if (result != IamResultCode::SUCCESS) {
48 IAM_LOGE("GetExecutorInfo fail ret=%{public}d", result);
49 return result;
50 }
51 int32_t ret = MoveHdiExecutorInfo(localInfo, info);
52 if (ret != IamResultCode::SUCCESS) {
53 IAM_LOGE("MoveHdiExecutorInfo fail ret=%{public}d", ret);
54 return IamResultCode::GENERAL_ERROR;
55 }
56 return IamResultCode::SUCCESS;
57 }
58
GetTemplateInfo(uint64_t templateId,UserAuth::TemplateInfo & info)59 IamResultCode PinAuthExecutorHdi::GetTemplateInfo(uint64_t templateId, UserAuth::TemplateInfo &info)
60 {
61 if (executorProxy_ == nullptr) {
62 IAM_LOGE("executorProxy is null");
63 return IamResultCode::GENERAL_ERROR;
64 }
65
66 PinHdi::TemplateInfo localInfo = {};
67 int32_t status = executorProxy_->GetTemplateInfo(templateId, localInfo);
68 IamResultCode result = ConvertResultCode(status);
69 if (result != IamResultCode::SUCCESS) {
70 IAM_LOGE("GetTemplateInfo fail ret=%{public}d", result);
71 return result;
72 }
73 int32_t ret = MoveHdiTemplateInfo(localInfo, info);
74 if (ret != IamResultCode::SUCCESS) {
75 IAM_LOGE("MoveHdiTemplateInfo fail ret=%{public}d", ret);
76 return IamResultCode::GENERAL_ERROR;
77 }
78 return IamResultCode::SUCCESS;
79 }
80
OnRegisterFinish(const std::vector<uint64_t> & templateIdList,const std::vector<uint8_t> & frameworkPublicKey,const std::vector<uint8_t> & extraInfo)81 IamResultCode PinAuthExecutorHdi::OnRegisterFinish(const std::vector<uint64_t> &templateIdList,
82 const std::vector<uint8_t> &frameworkPublicKey, const std::vector<uint8_t> &extraInfo)
83 {
84 if (executorProxy_ == nullptr) {
85 IAM_LOGE("executorProxy is null");
86 return IamResultCode::GENERAL_ERROR;
87 }
88 int32_t status = executorProxy_->OnRegisterFinish(templateIdList, frameworkPublicKey, extraInfo);
89 IamResultCode result = ConvertResultCode(status);
90 if (result != IamResultCode::SUCCESS) {
91 IAM_LOGE("OnRegisterFinish fail result %{public}d", status);
92 return result;
93 }
94
95 OHOS::HiviewDFX::HiSysEvent::Write("USERIAM_PIN", "USERIAM_TEMPLATE_CHANGE",
96 OHOS::HiviewDFX::HiSysEvent::EventType::SECURITY, "EXECUTOR_TYPE", UserAuth::PIN,
97 "CHANGE_TYPE", UserAuth::TRACE_DELETE_CREDENTIAL, "TRIGGER_REASON", "Reconciliation");
98 return IamResultCode::SUCCESS;
99 }
100
OnSetData(uint64_t scheduleId,uint64_t authSubType,const std::vector<uint8_t> & data)101 IamResultCode PinAuthExecutorHdi::OnSetData(uint64_t scheduleId, uint64_t authSubType,
102 const std::vector<uint8_t> &data)
103 {
104 if (executorProxy_ == nullptr) {
105 IAM_LOGE("executorProxy is null");
106 return IamResultCode::GENERAL_ERROR;
107 }
108 int32_t status = executorProxy_->OnSetData(scheduleId, authSubType, data);
109 IamResultCode result = ConvertResultCode(status);
110 if (result != IamResultCode::SUCCESS) {
111 IAM_LOGE("OnRegisterFinish fail ret=%{public}d", status);
112 return result;
113 }
114 return IamResultCode::SUCCESS;
115 }
116
Enroll(uint64_t scheduleId,uint32_t tokenId,const std::vector<uint8_t> & extraInfo,const std::shared_ptr<UserAuth::IExecuteCallback> & callbackObj)117 IamResultCode PinAuthExecutorHdi::Enroll(uint64_t scheduleId, uint32_t tokenId,
118 const std::vector<uint8_t> &extraInfo, const std::shared_ptr<UserAuth::IExecuteCallback> &callbackObj)
119 {
120 if (executorProxy_ == nullptr) {
121 IAM_LOGE("executorProxy is null");
122 return IamResultCode::GENERAL_ERROR;
123 }
124 if (callbackObj == nullptr) {
125 IAM_LOGE("callbackObj is null");
126 return IamResultCode::GENERAL_ERROR;
127 }
128 auto callback = sptr<PinHdi::IExecutorCallback>(new (std::nothrow) PinAuthExecutorCallbackHdi(callbackObj,
129 shared_from_this(), tokenId));
130 if (callback == nullptr) {
131 IAM_LOGE("callback is null");
132 return IamResultCode::GENERAL_ERROR;
133 }
134 int32_t status = executorProxy_->Enroll(scheduleId, extraInfo, callback);
135 IamResultCode result = ConvertResultCode(status);
136 if (result != IamResultCode::SUCCESS) {
137 IAM_LOGE("Enroll fail ret=%{public}d", result);
138 return result;
139 }
140 return IamResultCode::SUCCESS;
141 }
142
Authenticate(uint64_t scheduleId,uint32_t tokenId,const std::vector<uint64_t> & templateIdList,const std::vector<uint8_t> & extraInfo,const std::shared_ptr<UserAuth::IExecuteCallback> & callbackObj)143 IamResultCode PinAuthExecutorHdi::Authenticate(uint64_t scheduleId, uint32_t tokenId,
144 const std::vector<uint64_t> &templateIdList, const std::vector<uint8_t> &extraInfo,
145 const std::shared_ptr<UserAuth::IExecuteCallback> &callbackObj)
146 {
147 if (executorProxy_ == nullptr) {
148 IAM_LOGE("executorProxy is null");
149 return IamResultCode::GENERAL_ERROR;
150 }
151 if (callbackObj == nullptr) {
152 IAM_LOGE("callbackObj is null");
153 return IamResultCode::GENERAL_ERROR;
154 }
155 auto callback = sptr<PinHdi::IExecutorCallback>(new (std::nothrow) PinAuthExecutorCallbackHdi(callbackObj,
156 shared_from_this(), tokenId));
157 if (callback == nullptr) {
158 IAM_LOGE("callback is null");
159 return IamResultCode::GENERAL_ERROR;
160 }
161 if (templateIdList.size() == 0) {
162 IAM_LOGE("Error param");
163 return IamResultCode::GENERAL_ERROR;
164 }
165 int32_t status = executorProxy_->Authenticate(scheduleId, templateIdList[0], extraInfo, callback);
166 IamResultCode result = ConvertResultCode(status);
167 if (result != IamResultCode::SUCCESS) {
168 IAM_LOGE("Authenticate fail ret=%{public}d", result);
169 return result;
170 }
171 return IamResultCode::SUCCESS;
172 }
173
Identify(uint64_t scheduleId,uint32_t tokenId,const std::vector<uint8_t> & extraInfo,const std::shared_ptr<UserAuth::IExecuteCallback> & callbackObj)174 IamResultCode PinAuthExecutorHdi::Identify(uint64_t scheduleId, uint32_t tokenId,
175 const std::vector<uint8_t> &extraInfo, const std::shared_ptr<UserAuth::IExecuteCallback> &callbackObj)
176 {
177 IAM_LOGI("Adaptor frame interface, temporarily useless");
178 static_cast<void>(scheduleId);
179 static_cast<void>(tokenId);
180 static_cast<void>(extraInfo);
181 static_cast<void>(callbackObj);
182 return IamResultCode::SUCCESS;
183 }
184
Delete(const std::vector<uint64_t> & templateIdList)185 IamResultCode PinAuthExecutorHdi::Delete(const std::vector<uint64_t> &templateIdList)
186 {
187 if (executorProxy_ == nullptr) {
188 IAM_LOGE("executorProxy is null");
189 return IamResultCode::GENERAL_ERROR;
190 }
191 int32_t status = executorProxy_->Delete(templateIdList[0]);
192 IamResultCode result = ConvertResultCode(status);
193 if (result != IamResultCode::SUCCESS) {
194 IAM_LOGE("Delete fail ret=%{public}d", result);
195 return result;
196 }
197 return IamResultCode::SUCCESS;
198 }
199
Cancel(uint64_t scheduleId)200 IamResultCode PinAuthExecutorHdi::Cancel(uint64_t scheduleId)
201 {
202 if (executorProxy_ == nullptr) {
203 IAM_LOGE("executorProxy is null");
204 return IamResultCode::GENERAL_ERROR;
205 }
206 int32_t status = executorProxy_->Cancel(scheduleId);
207 IamResultCode result = ConvertResultCode(status);
208 if (result != IamResultCode::SUCCESS) {
209 IAM_LOGE("Cancel fail ret=%{public}d", result);
210 return result;
211 }
212 return IamResultCode::SUCCESS;
213 }
214
SendCommand(UserAuth::PropertyMode commandId,const std::vector<uint8_t> & extraInfo,const std::shared_ptr<UserAuth::IExecuteCallback> & callbackObj)215 IamResultCode PinAuthExecutorHdi::SendCommand(UserAuth::PropertyMode commandId,
216 const std::vector<uint8_t> &extraInfo, const std::shared_ptr<UserAuth::IExecuteCallback> &callbackObj)
217 {
218 IAM_LOGI("Adaptor frame interface, temporarily useless");
219 static_cast<void>(commandId);
220 static_cast<void>(extraInfo);
221 static_cast<void>(callbackObj);
222 return IamResultCode::SUCCESS;
223 }
224
MoveHdiExecutorInfo(PinHdi::ExecutorInfo & in,UserAuth::ExecutorInfo & out)225 IamResultCode PinAuthExecutorHdi::MoveHdiExecutorInfo(PinHdi::ExecutorInfo &in, UserAuth::ExecutorInfo &out)
226 {
227 out.executorSensorHint = static_cast<uint32_t>(in.sensorId);
228 out.executorMatcher = in.executorType;
229 int32_t ret = ConvertExecutorRole(in.executorRole, out.executorRole);
230 if (ret != IamResultCode::SUCCESS) {
231 IAM_LOGE("executorProxy is null");
232 return IamResultCode::GENERAL_ERROR;
233 }
234 ret = ConvertAuthType(in.authType, out.authType);
235 if (ret != IamResultCode::SUCCESS) {
236 IAM_LOGE("ConvertAuthType fail ret=%{public}d", ret);
237 return IamResultCode::GENERAL_ERROR;
238 }
239 ret = ConvertExecutorSecureLevel(in.esl, out.esl);
240 if (ret != IamResultCode::SUCCESS) {
241 IAM_LOGE("ConvertExecutorSecureLevel fail ret=%{public}d", ret);
242 return IamResultCode::GENERAL_ERROR;
243 }
244 in.publicKey.swap(out.publicKey);
245 return IamResultCode::SUCCESS;
246 }
247
MoveHdiTemplateInfo(PinHdi::TemplateInfo & in,UserAuth::TemplateInfo & out)248 IamResultCode PinAuthExecutorHdi::MoveHdiTemplateInfo(PinHdi::TemplateInfo &in, UserAuth::TemplateInfo &out)
249 {
250 out.executorType = in.executorType;
251 out.freezingTime = in.lockoutDuration;
252 out.remainTimes = in.remainAttempts;
253 in.extraInfo.swap(out.extraInfo);
254 return IamResultCode::SUCCESS;
255 }
256
ConvertCommandId(const UserAuth::PropertyMode in,PinHdi::CommandId & out)257 IamResultCode PinAuthExecutorHdi::ConvertCommandId(const UserAuth::PropertyMode in, PinHdi::CommandId &out)
258 {
259 IAM_LOGI("Adaptor frame interface, temporarily useless");
260 static_cast<void>(in);
261 static_cast<void>(out);
262 return IamResultCode::SUCCESS;
263 }
264
ConvertAuthType(const PinHdi::AuthType in,UserAuth::AuthType & out)265 IamResultCode PinAuthExecutorHdi::ConvertAuthType(const PinHdi::AuthType in, UserAuth::AuthType &out)
266 {
267 static const std::map<PinHdi::AuthType, UserAuth::AuthType> data = {
268 {PinHdi::PIN, UserAuth::AuthType::PIN},
269 };
270 if (data.count(in) == 0) {
271 IAM_LOGE("authType %{public}d is invalid", in);
272 return IamResultCode::GENERAL_ERROR;
273 }
274 out = data.at(in);
275 return IamResultCode::SUCCESS;
276 }
277
ConvertExecutorRole(const PinHdi::ExecutorRole in,IamExecutorRole & out)278 IamResultCode PinAuthExecutorHdi::ConvertExecutorRole(const PinHdi::ExecutorRole in, IamExecutorRole &out)
279 {
280 static const std::map<PinHdi::ExecutorRole, IamExecutorRole> data = {
281 { PinHdi::ExecutorRole::COLLECTOR, IamExecutorRole::COLLECTOR },
282 { PinHdi::ExecutorRole::VERIFIER, IamExecutorRole::VERIFIER },
283 { PinHdi::ExecutorRole::ALL_IN_ONE, IamExecutorRole::ALL_IN_ONE},
284 };
285 if (data.count(in) == 0) {
286 IAM_LOGE("executorRole %{public}d is invalid", in);
287 return IamResultCode::GENERAL_ERROR;
288 }
289 out = data.at(in);
290 return IamResultCode::SUCCESS;
291 }
292
ConvertExecutorSecureLevel(const PinHdi::ExecutorSecureLevel in,UserAuth::ExecutorSecureLevel & out)293 IamResultCode PinAuthExecutorHdi::ConvertExecutorSecureLevel(const PinHdi::ExecutorSecureLevel in,
294 UserAuth::ExecutorSecureLevel &out)
295 {
296 static const std::map<PinHdi::ExecutorSecureLevel, UserAuth::ExecutorSecureLevel> data = {
297 { PinHdi::ExecutorSecureLevel::ESL0, UserAuth::ExecutorSecureLevel::ESL0 },
298 { PinHdi::ExecutorSecureLevel::ESL1, UserAuth::ExecutorSecureLevel::ESL1 },
299 { PinHdi::ExecutorSecureLevel::ESL2, UserAuth::ExecutorSecureLevel::ESL2 },
300 { PinHdi::ExecutorSecureLevel::ESL3, UserAuth::ExecutorSecureLevel::ESL3 },
301 };
302 if (data.count(in) == 0) {
303 IAM_LOGE("executorSecureLevel %{public}d is invalid", in);
304 return IamResultCode::GENERAL_ERROR;
305 }
306 out = data.at(in);
307 return IamResultCode::SUCCESS;
308 }
309
ConvertResultCode(const int32_t in)310 IamResultCode PinAuthExecutorHdi::ConvertResultCode(const int32_t in)
311 {
312 HDF_STATUS hdfIn = static_cast<HDF_STATUS>(in);
313 static const std::map<HDF_STATUS, IamResultCode> data = {
314 {HDF_SUCCESS, IamResultCode::SUCCESS},
315 {HDF_FAILURE, IamResultCode::FAIL},
316 {HDF_ERR_TIMEOUT, IamResultCode::TIMEOUT},
317 {HDF_ERR_QUEUE_FULL, IamResultCode::BUSY},
318 {HDF_ERR_DEVICE_BUSY, IamResultCode::BUSY},
319 };
320
321 IamResultCode out;
322 if (data.count(hdfIn) == 0) {
323 out = IamResultCode::GENERAL_ERROR;
324 } else {
325 out = data.at(hdfIn);
326 }
327 IAM_LOGE("covert hdi result code %{public}d to framework result code %{public}d", in, out);
328 return out;
329 }
330 } // PinAuth
331 } // UserIam
332 } // OHOS
333