1 /*
2 * Copyright (c) 2022-2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "privacy_manager_proxy.h"
17
18 #include "accesstoken_log.h"
19 #include "privacy_error.h"
20
21 namespace OHOS {
22 namespace Security {
23 namespace AccessToken {
24 namespace {
25 static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {
26 LOG_CORE, SECURITY_DOMAIN_PRIVACY, "PrivacyManagerProxy"
27 };
28
29 #ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
30 static const int MAX_SEC_COMP_ENHANCE_SIZE = 1000;
31 #endif
32 }
33
PrivacyManagerProxy(const sptr<IRemoteObject> & impl)34 PrivacyManagerProxy::PrivacyManagerProxy(const sptr<IRemoteObject>& impl)
35 : IRemoteProxy<IPrivacyManager>(impl) {
36 }
37
~PrivacyManagerProxy()38 PrivacyManagerProxy::~PrivacyManagerProxy()
39 {}
40
AddPermissionUsedRecord(AccessTokenID tokenID,const std::string & permissionName,int32_t successCount,int32_t failCount,bool asyncMode)41 int32_t PrivacyManagerProxy::AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName,
42 int32_t successCount, int32_t failCount, bool asyncMode)
43 {
44 MessageParcel data;
45 data.WriteInterfaceToken(IPrivacyManager::GetDescriptor());
46 if (!data.WriteUint32(tokenID)) {
47 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(%{public}d)", tokenID);
48 return PrivacyError::ERR_WRITE_PARCEL_FAILED;
49 }
50 if (!data.WriteString(permissionName)) {
51 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteString(permissionName)");
52 return PrivacyError::ERR_WRITE_PARCEL_FAILED;
53 }
54 if (!data.WriteInt32(successCount)) {
55 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(successCount)");
56 return PrivacyError::ERR_WRITE_PARCEL_FAILED;
57 }
58 if (!data.WriteInt32(failCount)) {
59 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(failCount)");
60 return PrivacyError::ERR_WRITE_PARCEL_FAILED;
61 }
62
63 MessageParcel reply;
64 if (!SendRequest(PrivacyInterfaceCode::ADD_PERMISSION_USED_RECORD, data, reply, asyncMode)) {
65 return PrivacyError::ERR_SERVICE_ABNORMAL;
66 }
67
68 return reply.ReadInt32();
69 }
70
StartUsingPermission(AccessTokenID tokenID,const std::string & permissionName)71 int32_t PrivacyManagerProxy::StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName)
72 {
73 MessageParcel data;
74 data.WriteInterfaceToken(IPrivacyManager::GetDescriptor());
75 if (!data.WriteUint32(tokenID)) {
76 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(%{public}d)", tokenID);
77 return PrivacyError::ERR_WRITE_PARCEL_FAILED;
78 }
79 if (!data.WriteString(permissionName)) {
80 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteString(permissionName)");
81 return PrivacyError::ERR_WRITE_PARCEL_FAILED;
82 }
83
84 MessageParcel reply;
85 if (!SendRequest(PrivacyInterfaceCode::START_USING_PERMISSION, data, reply)) {
86 return PrivacyError::ERR_SERVICE_ABNORMAL;
87 }
88
89 return reply.ReadInt32();
90 }
91
StartUsingPermission(AccessTokenID tokenID,const std::string & permissionName,const sptr<IRemoteObject> & callback)92 int32_t PrivacyManagerProxy::StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName,
93 const sptr<IRemoteObject>& callback)
94 {
95 MessageParcel data;
96 data.WriteInterfaceToken(IPrivacyManager::GetDescriptor());
97 if (!data.WriteUint32(tokenID)) {
98 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(%{public}d)", tokenID);
99 return PrivacyError::ERR_WRITE_PARCEL_FAILED;
100 }
101 if (!data.WriteString(permissionName)) {
102 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteString(permissionName)");
103 return PrivacyError::ERR_WRITE_PARCEL_FAILED;
104 }
105 if (!data.WriteRemoteObject(callback)) {
106 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write remote object.");
107 return PrivacyError::ERR_WRITE_PARCEL_FAILED;
108 }
109
110 MessageParcel reply;
111 if (!SendRequest(PrivacyInterfaceCode::START_USING_PERMISSION_CALLBACK, data, reply)) {
112 ACCESSTOKEN_LOG_ERROR(LABEL, "SendRequest fail");
113 return PrivacyError::ERR_SERVICE_ABNORMAL;
114 }
115
116 int32_t ret = reply.ReadInt32();
117 ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", ret);
118 return ret;
119 }
120
StopUsingPermission(AccessTokenID tokenID,const std::string & permissionName)121 int32_t PrivacyManagerProxy::StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName)
122 {
123 MessageParcel data;
124 data.WriteInterfaceToken(IPrivacyManager::GetDescriptor());
125 if (!data.WriteUint32(tokenID)) {
126 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(%{public}d)", tokenID);
127 return PrivacyError::ERR_WRITE_PARCEL_FAILED;
128 }
129 if (!data.WriteString(permissionName)) {
130 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteString(permissionName)");
131 return PrivacyError::ERR_WRITE_PARCEL_FAILED;
132 }
133
134 MessageParcel reply;
135 if (!SendRequest(PrivacyInterfaceCode::STOP_USING_PERMISSION, data, reply)) {
136 return PrivacyError::ERR_SERVICE_ABNORMAL;
137 }
138
139 return reply.ReadInt32();
140 }
141
RemovePermissionUsedRecords(AccessTokenID tokenID,const std::string & deviceID)142 int32_t PrivacyManagerProxy::RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID)
143 {
144 MessageParcel data;
145 data.WriteInterfaceToken(IPrivacyManager::GetDescriptor());
146 if (!data.WriteUint32(tokenID)) {
147 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(%{public}d)", tokenID);
148 return PrivacyError::ERR_WRITE_PARCEL_FAILED;
149 }
150 if (!data.WriteString(deviceID)) {
151 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteString(deviceID)");
152 return PrivacyError::ERR_WRITE_PARCEL_FAILED;
153 }
154
155 MessageParcel reply;
156 if (!SendRequest(PrivacyInterfaceCode::DELETE_PERMISSION_USED_RECORDS, data, reply)) {
157 return PrivacyError::ERR_SERVICE_ABNORMAL;
158 }
159
160 return reply.ReadInt32();
161 }
162
GetPermissionUsedRecords(const PermissionUsedRequestParcel & request,PermissionUsedResultParcel & result)163 int32_t PrivacyManagerProxy::GetPermissionUsedRecords(const PermissionUsedRequestParcel& request,
164 PermissionUsedResultParcel& result)
165 {
166 MessageParcel data;
167 data.WriteInterfaceToken(IPrivacyManager::GetDescriptor());
168 if (!data.WriteParcelable(&request)) {
169 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteParcelable(request)");
170 return PrivacyError::ERR_WRITE_PARCEL_FAILED;
171 }
172
173 MessageParcel reply;
174 if (!SendRequest(PrivacyInterfaceCode::GET_PERMISSION_USED_RECORDS, data, reply)) {
175 return PrivacyError::ERR_SERVICE_ABNORMAL;
176 }
177
178 int32_t ret = reply.ReadInt32();
179 if (ret != RET_SUCCESS) {
180 return ret;
181 }
182 sptr<PermissionUsedResultParcel> resultSptr = reply.ReadParcelable<PermissionUsedResultParcel>();
183 if (resultSptr == nullptr) {
184 ACCESSTOKEN_LOG_ERROR(LABEL, "ReadParcelable fail");
185 return PrivacyError::ERR_READ_PARCEL_FAILED;
186 }
187 result = *resultSptr;
188 return ret;
189 }
190
GetPermissionUsedRecords(const PermissionUsedRequestParcel & request,const sptr<OnPermissionUsedRecordCallback> & callback)191 int32_t PrivacyManagerProxy::GetPermissionUsedRecords(const PermissionUsedRequestParcel& request,
192 const sptr<OnPermissionUsedRecordCallback>& callback)
193 {
194 MessageParcel data;
195 data.WriteInterfaceToken(IPrivacyManager::GetDescriptor());
196 if (!data.WriteParcelable(&request)) {
197 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteParcelable(request)");
198 return PrivacyError::ERR_WRITE_PARCEL_FAILED;
199 }
200 if (!data.WriteRemoteObject(callback->AsObject())) {
201 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteRemoteObject(callback)");
202 return PrivacyError::ERR_WRITE_PARCEL_FAILED;
203 }
204
205 MessageParcel reply;
206 if (!SendRequest(PrivacyInterfaceCode::GET_PERMISSION_USED_RECORDS_ASYNC, data, reply)) {
207 return PrivacyError::ERR_SERVICE_ABNORMAL;
208 }
209
210 return reply.ReadInt32();
211 }
212
RegisterPermActiveStatusCallback(std::vector<std::string> & permList,const sptr<IRemoteObject> & callback)213 int32_t PrivacyManagerProxy::RegisterPermActiveStatusCallback(
214 std::vector<std::string>& permList, const sptr<IRemoteObject>& callback)
215 {
216 MessageParcel data;
217 if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) {
218 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write WriteInterfaceToken.");
219 return PrivacyError::ERR_WRITE_PARCEL_FAILED;
220 }
221
222 uint32_t listSize = permList.size();
223 if (!data.WriteUint32(listSize)) {
224 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write listSize");
225 return PrivacyError::ERR_WRITE_PARCEL_FAILED;
226 }
227 for (uint32_t i = 0; i < listSize; i++) {
228 if (!data.WriteString(permList[i])) {
229 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write permList[%{public}d], %{public}s", i, permList[i].c_str());
230 return PrivacyError::ERR_WRITE_PARCEL_FAILED;
231 }
232 }
233
234 if (!data.WriteRemoteObject(callback)) {
235 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write remote object.");
236 return PrivacyError::ERR_WRITE_PARCEL_FAILED;
237 }
238 MessageParcel reply;
239 if (!SendRequest(PrivacyInterfaceCode::REGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK, data, reply)) {
240 return PrivacyError::ERR_SERVICE_ABNORMAL;
241 }
242
243 return reply.ReadInt32();
244 }
245
UnRegisterPermActiveStatusCallback(const sptr<IRemoteObject> & callback)246 int32_t PrivacyManagerProxy::UnRegisterPermActiveStatusCallback(const sptr<IRemoteObject>& callback)
247 {
248 MessageParcel data;
249 if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) {
250 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write WriteInterfaceToken.");
251 return PrivacyError::ERR_WRITE_PARCEL_FAILED;
252 }
253 if (!data.WriteRemoteObject(callback)) {
254 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write remote object.");
255 return PrivacyError::ERR_WRITE_PARCEL_FAILED;
256 }
257 MessageParcel reply;
258 if (!SendRequest(
259 PrivacyInterfaceCode::UNREGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK, data, reply)) {
260 return PrivacyError::ERR_SERVICE_ABNORMAL;
261 }
262
263 return reply.ReadInt32();
264 }
265
IsAllowedUsingPermission(AccessTokenID tokenID,const std::string & permissionName)266 bool PrivacyManagerProxy::IsAllowedUsingPermission(AccessTokenID tokenID, const std::string& permissionName)
267 {
268 MessageParcel data;
269 MessageParcel reply;
270 if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) {
271 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write WriteInterfaceToken.");
272 return false;
273 }
274 if (!data.WriteUint32(tokenID)) {
275 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(%{public}d)", tokenID);
276 return false;
277 }
278 if (!data.WriteString(permissionName)) {
279 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteString(%{public}s)", permissionName.c_str());
280 return false;
281 }
282 if (!SendRequest(PrivacyInterfaceCode::IS_ALLOWED_USING_PERMISSION, data, reply)) {
283 return PrivacyError::ERR_SERVICE_ABNORMAL;
284 }
285
286 return reply.ReadBool();
287 }
288
289 #ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
RegisterSecCompEnhance(const SecCompEnhanceDataParcel & enhance)290 int32_t PrivacyManagerProxy::RegisterSecCompEnhance(const SecCompEnhanceDataParcel& enhance)
291 {
292 MessageParcel data;
293 MessageParcel reply;
294 if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) {
295 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write WriteInterfaceToken.");
296 return PrivacyError::ERR_WRITE_PARCEL_FAILED;
297 }
298
299 if (!data.WriteParcelable(&enhance)) {
300 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write parcel.");
301 return PrivacyError::ERR_WRITE_PARCEL_FAILED;
302 }
303
304 if (!SendRequest(PrivacyInterfaceCode::REGISTER_SEC_COMP_ENHANCE, data, reply)) {
305 return PrivacyError::ERR_SERVICE_ABNORMAL;
306 }
307
308 return reply.ReadInt32();
309 }
310
DepositSecCompEnhance(const std::vector<SecCompEnhanceDataParcel> & enhanceParcelList)311 int32_t PrivacyManagerProxy::DepositSecCompEnhance(const std::vector<SecCompEnhanceDataParcel>& enhanceParcelList)
312 {
313 MessageParcel data;
314 MessageParcel reply;
315 if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) {
316 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write WriteInterfaceToken.");
317 return PrivacyError::ERR_WRITE_PARCEL_FAILED;
318 }
319 if (!data.WriteUint32(enhanceParcelList.size())) {
320 ACCESSTOKEN_LOG_INFO(LABEL, "Failed to write uint32.");
321 return PrivacyError::ERR_WRITE_PARCEL_FAILED;
322 }
323
324 for (const auto& parcel : enhanceParcelList) {
325 if (!data.WriteParcelable(&parcel)) {
326 ACCESSTOKEN_LOG_INFO(LABEL, "Failed to write parcel.");
327 continue;
328 }
329 }
330
331 if (!SendRequest(PrivacyInterfaceCode::DEPOSIT_SEC_COMP_ENHANCE, data, reply)) {
332 return PrivacyError::ERR_SERVICE_ABNORMAL;
333 }
334
335 return reply.ReadInt32();
336 }
337
RecoverSecCompEnhance(std::vector<SecCompEnhanceDataParcel> & enhanceParcelList)338 int32_t PrivacyManagerProxy::RecoverSecCompEnhance(std::vector<SecCompEnhanceDataParcel>& enhanceParcelList)
339 {
340 MessageParcel data;
341 MessageParcel reply;
342 if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) {
343 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write WriteInterfaceToken.");
344 return PrivacyError::ERR_WRITE_PARCEL_FAILED;
345 }
346
347 if (!SendRequest(PrivacyInterfaceCode::RECOVER_SEC_COMP_ENHANCE, data, reply)) {
348 return PrivacyError::ERR_SERVICE_ABNORMAL;
349 }
350
351 int32_t result = reply.ReadInt32();
352 if (result != RET_SUCCESS) {
353 return result;
354 }
355
356 uint32_t size = reply.ReadUint32();
357 if (size > MAX_SEC_COMP_ENHANCE_SIZE) {
358 ACCESSTOKEN_LOG_ERROR(LABEL, "size = %{public}d get from request is invalid", size);
359 return PrivacyError::ERR_OVERSIZE;
360 }
361 for (uint32_t i = 0; i < size; i++) {
362 sptr<SecCompEnhanceDataParcel> parcel = reply.ReadParcelable<SecCompEnhanceDataParcel>();
363 if (parcel != nullptr) {
364 enhanceParcelList.emplace_back(*parcel);
365 }
366 }
367 return result;
368 }
369 #endif
370
SendRequest(PrivacyInterfaceCode code,MessageParcel & data,MessageParcel & reply,bool asyncMode)371 bool PrivacyManagerProxy::SendRequest(
372 PrivacyInterfaceCode code, MessageParcel& data, MessageParcel& reply, bool asyncMode)
373 {
374 int flag = 0;
375 if (asyncMode) {
376 flag = static_cast<int>(MessageOption::TF_ASYNC);
377 } else {
378 flag = static_cast<int>(MessageOption::TF_SYNC);
379 }
380 MessageOption option(flag);
381 sptr<IRemoteObject> remote = Remote();
382 if (remote == nullptr) {
383 ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null.");
384 return false;
385 }
386
387 int32_t result = remote->SendRequest(static_cast<uint32_t>(code), data, reply, option);
388 if (result != NO_ERROR) {
389 ACCESSTOKEN_LOG_ERROR(LABEL, "SendRequest fail, result: %{public}d", result);
390 return false;
391 }
392 return true;
393 }
394 } // namespace AccessToken
395 } // namespace Security
396 } // namespace OHOS
397