1 /* 2 * Copyright (C) 2021-2023 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef DEVICE_AUTH_H 17 #define DEVICE_AUTH_H 18 19 #include <stdint.h> 20 #include <stdbool.h> 21 22 #if defined(__LINUX__) || defined(_UNIX) 23 #define DEVICE_AUTH_API_PUBLIC __attribute__ ((visibility("default"))) 24 #else 25 #define DEVICE_AUTH_API_PUBLIC 26 #endif 27 28 #define FIELD_GROUP_ID "groupId" 29 #define FIELD_GROUP_TYPE "groupType" 30 #define FIELD_GROUP_NAME "groupName" 31 #define FIELD_PEER_DEVICE_ID "peerDeviceId" 32 #define FIELD_IS_ADMIN "isAdmin" 33 #define FIELD_CREDENTIAL_TYPE "credentialType" 34 #define FIELD_IS_FORCE_DELETE "isForceDelete" 35 #define FIELD_IS_IGNORE_CHANNEL "isIgnoreChannel" 36 #define FIELD_CONNECT_PARAMS "connectParams" 37 #define FIELD_ADD_ID "addId" 38 #define FIELD_DELETE_ID "deleteId" 39 #define FIELD_APP_ID "appId" 40 #define FIELD_SERVICE_TYPE "serviceType" 41 #define FIELD_IS_DEVICE_LEVEL "isDeviceLevel" 42 #define FIELD_ALTERNATIVE "alternative" 43 #define FIELD_PEER_UDID "peerUdid" 44 #define FIELD_PEER_CONN_DEVICE_ID "peerConnDeviceId" 45 #define FIELD_KEY_LENGTH "keyLength" 46 #define FIELD_IS_CLIENT "isClient" 47 #define FIELD_SESSION_KEY "sessionKey" 48 #define FIELD_AUTH_FORM "authForm" 49 #define FIELD_CONFIRMATION "confirmation" 50 #define FIELD_GROUP_OWNER "groupOwner" 51 #define FIELD_PEER_AUTH_ID "peerAuthId" 52 #define FIELD_PEER_USER_TYPE "peerUserType" 53 #define FIELD_PEER_USER_ID "peerUserId" 54 #define FIELD_SERVICE_PKG_NAME "servicePkgName" 55 #define FIELD_USER_TYPE "userType" 56 #define FIELD_USER_ID "userId" 57 #define FIELD_SHARED_USER_ID "sharedUserId" 58 #define FIELD_OWNER_USER_ID "ownerUserId" 59 #define FIELD_DEVICE_ID "deviceId" 60 #define FIELD_PIN_CODE "pinCode" 61 #define FIELD_AUTH_ID "authId" 62 #define FIELD_UDID "udid" 63 #define FIELD_IS_SELF_PK "isSelfPk" 64 #define FIELD_GROUP_VISIBILITY "groupVisibility" 65 #define FIELD_EXPIRE_TIME "expireTime" 66 #define FIELD_IS_DELETE_ALL "isDeleteAll" 67 #define FIELD_OS_ACCOUNT_ID "osAccountId" 68 #define FIELD_AUTH_CODE "authCode" 69 #define FIELD_DEVICE_LIST "deviceList" 70 #define FIELD_IS_UDID_HASH "isUdidHash" 71 72 /** 73 * @brief type of local system account 74 */ 75 typedef enum { 76 /** default local system account */ 77 DEFAULT_OS_ACCOUNT = 0, 78 /** the local system account of foreground user */ 79 ANY_OS_ACCOUNT = -2, 80 } OsAccountEnum; 81 82 /** 83 * @brief describes all group types 84 */ 85 typedef enum { 86 /** refers to all group types and is used to query group information */ 87 ALL_GROUP = 0, 88 /** group type of the same clound account */ 89 IDENTICAL_ACCOUNT_GROUP = 1, 90 /** group type of the p2p binding */ 91 PEER_TO_PEER_GROUP = 256, 92 /** group type shared to other cloud accounts */ 93 ACROSS_ACCOUNT_AUTHORIZE_GROUP = 1282 94 } GroupType; 95 96 /** 97 * @brief describes all group visibility types 98 */ 99 typedef enum { 100 /** visibility type of private group */ 101 GROUP_VISIBILITY_PRIVATE = 0, 102 /** visibility type of public group */ 103 GROUP_VISIBILITY_PUBLIC = -1 104 } GroupVisibility; 105 106 /** 107 * @brief describes all group operation codes 108 */ 109 typedef enum { 110 /** opeation code for group creation */ 111 GROUP_CREATE = 0, 112 /** opeation code for group destruction */ 113 GROUP_DISBAND = 1, 114 /** opeation code for inviting the peer device to join the local trusted group */ 115 MEMBER_INVITE = 2, 116 /** opeation code for joining the peer trusted group */ 117 MEMBER_JOIN = 3, 118 /** opeation code for unbinding with peer device */ 119 MEMBER_DELETE = 4, 120 } GroupOperationCode; 121 122 /** 123 * @brief describes all group authentication types 124 */ 125 typedef enum { 126 /** invalid group authentication type */ 127 AUTH_FORM_INVALID_TYPE = -1, 128 /** p2p group authentication type */ 129 AUTH_FORM_ACCOUNT_UNRELATED = 0, 130 /** group authentication type of the same cloud account */ 131 AUTH_FORM_IDENTICAL_ACCOUNT = 1, 132 /** group authentication type shared to other cloud accounts */ 133 AUTH_FORM_ACROSS_ACCOUNT = 2, 134 } GroupAuthForm; 135 136 /** 137 * @brief describes all credential types 138 */ 139 typedef enum { 140 /** symmetrical credential type */ 141 SYMMETRIC_CRED = 1, 142 /** asymmetric credential type */ 143 ASYMMETRIC_CRED = 2, 144 } CredType; 145 146 /** 147 * @brief describes all device types 148 */ 149 typedef enum { 150 /** device type is accessory */ 151 DEVICE_TYPE_ACCESSORY = 0, 152 /** device type is controller */ 153 DEVICE_TYPE_CONTROLLER = 1, 154 /** device type is proxy */ 155 DEVICE_TYPE_PROXY = 2 156 } UserType; 157 158 /** 159 * @brief describes request response results 160 */ 161 typedef enum { 162 /** reject the request from the peer device */ 163 REQUEST_REJECTED = 0x80000005, 164 /** accept the request from the peer device */ 165 REQUEST_ACCEPTED = 0x80000006, 166 } RequestResponse; 167 168 /** 169 * @brief This structure provides the ability to monitor changes in trusted groups and devices. 170 */ 171 typedef struct { 172 /** Call it when a new group is created. */ 173 void (*onGroupCreated)(const char *groupInfo); 174 /** Call it when a group is destroyed. */ 175 void (*onGroupDeleted)(const char *groupInfo); 176 /** Call it when a group adds a trusted device. */ 177 void (*onDeviceBound)(const char *peerUdid, const char *groupInfo); 178 /** Call it when a group deletes a trusted device. */ 179 void (*onDeviceUnBound)(const char *peerUdid, const char *groupInfo); 180 /** Call it when a device has no trust relationship in all groups. */ 181 void (*onDeviceNotTrusted)(const char *peerUdid); 182 /** Call it when a device has no trust relationship in all groups of a certain type. */ 183 void (*onLastGroupDeleted)(const char *peerUdid, int groupType); 184 void (*onTrustedDeviceNumChanged)(int curTrustedDeviceNum); 185 } DataChangeListener; 186 187 /** 188 * @brief This structure describes the callbacks that need to be provided by the business. 189 */ 190 typedef struct { 191 /** Call it when there is data to be sent. */ 192 bool (*onTransmit)(int64_t requestId, const uint8_t *data, uint32_t dataLen); 193 /** Call it when the session key is returned. */ 194 void (*onSessionKeyReturned)(int64_t requestId, const uint8_t *sessionKey, uint32_t sessionKeyLen); 195 /** Call it when the asynchronous operation is successful. */ 196 void (*onFinish)(int64_t requestId, int operationCode, const char *returnData); 197 /** Call it when the asynchronous operation fails. */ 198 void (*onError)(int64_t requestId, int operationCode, int errorCode, const char *errorReturn); 199 /** Call it when receiving requests from other devices. */ 200 char *(*onRequest)(int64_t requestId, int operationCode, const char *reqParams); 201 } DeviceAuthCallback; 202 203 /** 204 * @brief This structure provides all the capabilities of group authentication. 205 */ 206 typedef struct { 207 /** This interface is used to process authentication data. */ 208 int32_t (*processData)(int64_t authReqId, const uint8_t *data, uint32_t dataLen, 209 const DeviceAuthCallback *gaCallback); 210 /** This interface is used to initiate authentication between devices. */ 211 int32_t (*authDevice)(int32_t osAccountId, int64_t authReqId, const char *authParams, 212 const DeviceAuthCallback *gaCallback); 213 /** This interface is used to cancel an authentication process. */ 214 void (*cancelRequest)(int64_t requestId, const char *appId); 215 /** This interface is used to get real info by pseudonym id. */ 216 int32_t (*getRealInfo)(int32_t osAccountId, const char *pseudonymId, char **realInfo); 217 /** This interface is used to get pseudonym id by an index. */ 218 int32_t (*getPseudonymId)(int32_t osAccountId, const char *indexKey, char **pseudonymId); 219 } GroupAuthManager; 220 221 typedef struct { 222 /** This interface is used to register business callbacks. */ 223 int32_t (*regCallback)(const char *appId, const DeviceAuthCallback *callback); 224 /** This interface is used to unregister business callbacks. */ 225 int32_t (*unRegCallback)(const char *appId); 226 /** This interface is used to register callback for data change monitoring. */ 227 int32_t (*regDataChangeListener)(const char *appId, const DataChangeListener *listener); 228 /** This interface is used to unregister callback for data change monitoring. */ 229 int32_t (*unRegDataChangeListener)(const char *appId); 230 /** This interface is used to create a trusted group. */ 231 int32_t (*createGroup)(int32_t osAccountId, int64_t requestId, const char *appId, const char *createParams); 232 /** This interface is used to delete a trusted group. */ 233 int32_t (*deleteGroup)(int32_t osAccountId, int64_t requestId, const char *appId, const char *disbandParams); 234 /** This interface is used to add a trusted device to a trusted group. */ 235 int32_t (*addMemberToGroup)(int32_t osAccountId, int64_t requestId, const char *appId, const char *addParams); 236 /** This interface is used to delete a trusted device from a trusted group. */ 237 int32_t (*deleteMemberFromGroup)(int32_t osAccountId, int64_t requestId, const char *appId, 238 const char *deleteParams); 239 /** This interface is used to process data of binding or unbinding devices. */ 240 int32_t (*processData)(int64_t requestId, const uint8_t *data, uint32_t dataLen); 241 /** This interface is used to batch add trusted devices with account relationships. */ 242 int32_t (*addMultiMembersToGroup)(int32_t osAccountId, const char *appId, const char *addParams); 243 /** This interface is used to batch delete trusted devices with account relationships. */ 244 int32_t (*delMultiMembersFromGroup)(int32_t osAccountId, const char *appId, const char *deleteParams); 245 /** This interface is used to obtain the registration information of the local device. */ 246 int32_t (*getRegisterInfo)(const char *reqJsonStr, char **returnRegisterInfo); 247 /** This interface is used to check whether the specified application has access rights to the group. */ 248 int32_t (*checkAccessToGroup)(int32_t osAccountId, const char *appId, const char *groupId); 249 /** This interface is used to obtain all public key information related to a device. */ 250 int32_t (*getPkInfoList)(int32_t osAccountId, const char *appId, const char *queryParams, char **returnInfoList, 251 uint32_t *returnInfoNum); 252 /** This interface is used to obtain group information of a group. */ 253 int32_t (*getGroupInfoById)(int32_t osAccountId, const char *appId, const char *groupId, char **returnGroupInfo); 254 /** This interface is used to obtain the group information of groups that meet the query parameters. */ 255 int32_t (*getGroupInfo)(int32_t osAccountId, const char *appId, const char *queryParams, 256 char **returnGroupVec, uint32_t *groupNum); 257 /** This interface is used to obtain all group information of a specific group type. */ 258 int32_t (*getJoinedGroups)(int32_t osAccountId, const char *appId, int groupType, 259 char **returnGroupVec, uint32_t *groupNum); 260 /** This interface is used to obtain all group information related to a certain device. */ 261 int32_t (*getRelatedGroups)(int32_t osAccountId, const char *appId, const char *peerDeviceId, 262 char **returnGroupVec, uint32_t *groupNum); 263 /** This interface is used to obtain the information of a trusted device. */ 264 int32_t (*getDeviceInfoById)(int32_t osAccountId, const char *appId, const char *deviceId, const char *groupId, 265 char **returnDeviceInfo); 266 /** This interface is used to obtain all trusted device information in a group. */ 267 int32_t (*getTrustedDevices)(int32_t osAccountId, const char *appId, const char *groupId, 268 char **returnDevInfoVec, uint32_t *deviceNum); 269 /** This interface is used to query whether a specified device exists in the group. */ 270 bool (*isDeviceInGroup)(int32_t osAccountId, const char *appId, const char *groupId, const char *deviceId); 271 /** This interface is used to cancel a binding or unbinding process. */ 272 void (*cancelRequest)(int64_t requestId, const char *appId); 273 /** This interface is used to destroy the information returned by the internal allocated memory. */ 274 void (*destroyInfo)(char **returnInfo); 275 } DeviceGroupManager; 276 277 #ifdef __cplusplus 278 extern "C" { 279 #endif 280 281 /** 282 * @brief Initialize device auth service. 283 * 284 * This API is used to initialize device auth service. 285 * 286 * @return When the service initialization is successful, it returns HC_SUCCESS. 287 * Otherwise, it returns other values. 288 * @see DestroyDeviceAuthService 289 */ 290 DEVICE_AUTH_API_PUBLIC int InitDeviceAuthService(void); 291 292 /** 293 * @brief Destroy device auth service. 294 * 295 * This API is used to destroy device auth service. 296 * 297 * @see InitDeviceAuthService 298 */ 299 DEVICE_AUTH_API_PUBLIC void DestroyDeviceAuthService(void); 300 301 /** 302 * @brief Get group authentication instance. 303 * 304 * This API is used to get group authentication instance. 305 * The InitDeviceAuthService function must be called before using this method. 306 * 307 * @return When the method call result is successful, it returns GroupAuthManager instance. 308 * Otherwise, it returns NULL. 309 */ 310 DEVICE_AUTH_API_PUBLIC const GroupAuthManager *GetGaInstance(void); 311 312 /** 313 * @brief Get group management instance. 314 * 315 * This API is used to get group management instance. 316 * The InitDeviceAuthService function must be called before using this method. 317 * 318 * @return When the method call result is successful, it returns DeviceGroupManager instance. 319 * Otherwise, it returns NULL. 320 */ 321 DEVICE_AUTH_API_PUBLIC const DeviceGroupManager *GetGmInstance(void); 322 323 #ifdef __cplusplus 324 } 325 #endif 326 #endif 327