1 /* 2 * Copyright (c) 2023 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 //! This module defines asset-related data structures. 17 18 use std::collections::HashMap; 19 20 mod extension; 21 #[macro_use] 22 pub mod macros; 23 24 impl_enum_trait! { 25 /// An enum type containing the data type definitions for Asset attribute value. 26 #[derive(Eq, PartialEq)] 27 pub enum DataType { 28 /// The data type of Asset attribute value is bool. 29 Bool = 1 << 28, 30 31 /// The data type of Asset attribute value is uint32. 32 Number = 2 << 28, 33 34 /// The data type of Asset attribute value is byte array. 35 Bytes = 3 << 28, 36 } 37 } 38 39 impl_tag_trait! { 40 /// An emum type that indicates the tag of the asset attribute. 41 #[derive(Clone, Copy)] 42 #[derive(Debug)] 43 #[derive(Eq, Hash, PartialEq)] 44 pub enum Tag { 45 /// A tag whose value is a byte array indicating the sensitive user data such as passwords and tokens. 46 Secret = DataType::Bytes as isize | 0x01, 47 48 /// A tag whose value is a byte array identifying an Asset. 49 Alias = DataType::Bytes as isize | 0x02, 50 51 /// A tag whose value is a 32-bit unsigned integer indicating when the Asset can be accessed. 52 Accessibility = DataType::Number as isize | 0x03, 53 54 /// A tag whose value is a bool indicating whether a screen lock password is set for the device. 55 RequirePasswordSet = DataType::Bool as isize | 0x04, 56 57 /// A tag whose value is a 32-bit unsigned integer indicating 58 /// the user authentication type for Asset access control. 59 AuthType = DataType::Number as isize | 0x05, 60 61 /// A tag whose value is a 32-bit unsigned integer indicating 62 /// the validity period in seconds of user authentication. 63 AuthValidityPeriod = DataType::Number as isize | 0x06, 64 65 /// A tag whose value is a byte array indicating the authentication challenge for anti-replay protection. 66 AuthChallenge = DataType::Bytes as isize | 0x07, 67 68 /// A tag whose value is a byte array indicating the authentication token after a user is verified. 69 AuthToken = DataType::Bytes as isize | 0x08, 70 71 /// A tag whose value is a 32-bit unsigned integer indicating the type of Asset synchronization. 72 SyncType = DataType::Number as isize | 0x10, 73 74 /// A tag whose value is a bool indicating whether Asset is stored persistently. 75 IsPersistent = DataType::Bool as isize | 0x11, 76 77 /// A tag whose value is a byte array indicating the first user-defined Asset data label (not allow to update). 78 DataLabelCritical1 = DataType::Bytes as isize | 0x20, 79 80 /// A tag whose value is a byte array indicating the second user-defined Asset data label (not allow to update). 81 DataLabelCritical2 = DataType::Bytes as isize | 0x21, 82 83 /// A tag whose value is a byte array indicating the third user-defined Asset data label (not allow to update). 84 DataLabelCritical3 = DataType::Bytes as isize | 0x22, 85 86 /// A tag whose value is a byte array indicating the fourth user-defined Asset data label (not allow to update). 87 DataLabelCritical4 = DataType::Bytes as isize | 0x23, 88 89 /// A tag whose value is a byte array indicating the first user-defined Asset data label (allow to update). 90 DataLabelNormal1 = DataType::Bytes as isize | 0x30, 91 92 /// A tag whose value is a byte array indicating the second user-defined Asset data label (allow to update). 93 DataLabelNormal2 = DataType::Bytes as isize | 0x31, 94 95 /// A tag whose value is a byte array indicating the third user-defined Asset data label (allow to update). 96 DataLabelNormal3 = DataType::Bytes as isize | 0x32, 97 98 /// A tag whose value is a byte array indicating the fourth user-defined Asset data label (allow to update). 99 DataLabelNormal4 = DataType::Bytes as isize | 0x33, 100 101 /// A tag whose value is a 32-bit unsigned integer indicating the return type of the queried Asset. 102 ReturnType = DataType::Number as isize | 0x40, 103 104 /// A tag whose value is a 32-bit unsigned integer indicating the maximum number of returned Assets in a query. 105 ReturnLimit = DataType::Number as isize | 0x41, 106 107 /// A tag whose value is a 32-bit unsigned integer indicating the offset of return data in batch query. 108 ReturnOffset = DataType::Number as isize | 0x42, 109 110 /// A tag whose value is a 32-bit unsigned integer indicating how the query results are sorted. 111 ReturnOrderedBy = DataType::Number as isize | 0x43, 112 113 /// A tag whose value is a 32-bit unsigned integer indicating the strategy for resolving Asset conflicts. 114 ConflictResolution = DataType::Number as isize | 0x44, 115 } 116 } 117 118 /// A type that indicates the secret or attribute value of an Asset tag. 119 #[derive(Clone)] 120 #[derive(Debug)] 121 #[derive(Eq, Hash, PartialEq)] 122 #[repr(C)] 123 pub enum Value { 124 /// Asset attribute value, whose data type is bool. 125 Bool(bool), 126 127 /// Asset attribute value, whose data type is number. 128 Number(u32), 129 130 /// Asset attribute value, whose data type is byte array. 131 Bytes(Vec<u8>), 132 } 133 134 impl Drop for Value { drop(&mut self)135 fn drop(&mut self) { 136 if let Value::Bytes(bytes) = self { 137 bytes.fill(0); 138 } 139 } 140 } 141 142 /// A Map type containing tag-value pairs that describe the attributes of an Asset. 143 pub type AssetMap = HashMap<Tag, Value>; 144 145 impl_enum_trait! { 146 /// An enum type containing the Asset error codes. 147 #[derive(Clone, Copy)] 148 #[derive(Debug)] 149 #[derive(Eq, Hash, PartialEq)] 150 pub enum ErrCode { 151 /// The error code indicates that the caller doesn't have the permission. 152 PermissionDenied = 201, 153 154 /// The error code indicates that the argument is invalid. 155 InvalidArgument = 401, 156 157 /// The error code indicates that the ASSET Service is unavailable. 158 ServiceUnavailable = 24000001, 159 160 /// The error code indicates that the queried Asset can not be found. 161 NotFound = 24000002, 162 163 /// The error code indicates that the Asset already exists. 164 Duplicated = 24000003, 165 166 /// The error code indicates that the access to Asset is denied. 167 AccessDenied = 24000004, 168 169 /// The error code indicates that the screen lock status mismatches. 170 StatusMismatch = 24000005, 171 172 /// The error code indicates insufficient memory. 173 OutOfMemory = 24000006, 174 175 /// The error code indicates that the Asset is corrupted. 176 DataCorrupted = 24000007, 177 178 /// The error code indicates that the database operation is failed. 179 DatabaseError = 24000008, 180 181 /// The error code indicates that the cryptography operation is failed. 182 CryptoError = 24000009, 183 184 /// The error code indicates that the ipc communication is abnormal. 185 IpcError = 24000010, 186 187 /// The error code indicates that the operation of calling Bundle Manager Service is failed. 188 BmsError = 24000011, 189 190 /// The error code indicates that the operation of calling OS Account Service is failed. 191 AccountError = 24000012, 192 193 /// The error code indicates that the operation of calling Access Token Service is failed. 194 AccessTokenError = 24000013, 195 196 /// The error code indicates that the operation of file is failed. 197 FileOperationError = 24000014, 198 199 /// The error code indicates that the operation of getting system time failed. 200 GetSystemTimeError = 24000015, 201 202 /// The error code indicates that the cache exceeds the limit. 203 LimitExceeded = 24000016, 204 205 /// The error code indicates that the capability is not supported. 206 Unsupported = 24000017, 207 } 208 } 209 210 /// A struct containing the Asset result code and error message. 211 #[derive(Debug)] 212 pub struct AssetError { 213 /// Error code for error occurred. 214 pub code: ErrCode, 215 216 /// Error message for error occurred. 217 pub msg: String, 218 } 219 220 /// Alias of the Asset result type. 221 pub type Result<T> = std::result::Result<T, AssetError>; 222 223 impl_enum_trait! { 224 /// An enum type indicates when the Asset is accessible. 225 #[repr(C)] 226 #[derive(Debug)] 227 #[derive(Clone, Copy)] 228 #[derive(PartialEq, Eq)] 229 #[derive(Default)] 230 pub enum Accessibility { 231 /// The secret value in the Asset can only be accessed after the device power on. 232 DevicePowerOn = 0, 233 234 /// The secret value in the Asset can only be accessed after the device is first unlocked. 235 #[default] 236 DeviceFirstUnlocked = 1, 237 238 /// The secret value in the Asset can only be accessed while the device is unlocked. 239 DeviceUnlocked = 2, 240 } 241 } 242 243 impl_enum_trait! { 244 /// An enum type indicates the user authentication type for Asset access control. 245 #[derive(Debug)] 246 #[derive(Clone, Copy)] 247 #[derive(PartialEq, Eq)] 248 #[derive(Default)] 249 pub enum AuthType { 250 /// The access to an Asset doesn't require user authentication. 251 #[default] 252 None = 0x00, 253 254 /// The access to an Asset requires user authentication using either PIN/pattern/password or biometric traits. 255 Any = 0xFF, 256 } 257 } 258 259 impl_enum_trait! { 260 /// An enum type indicates the type of Asset synchronization. 261 #[derive(Debug)] 262 #[derive(Clone, Copy)] 263 #[derive(PartialEq, Eq)] 264 #[derive(Default)] 265 pub enum SyncType { 266 /// An Asset with this attribute value is never allowed to be transferred out. 267 #[default] 268 Never = 0, 269 270 /// An Asset with this attribute value can only be restored to the device from which it was transferred out. 271 ThisDevice = 1 << 0, 272 273 /// An Asset with this attribute value can only be transferred out to a trusted device (user authorized). 274 TrustedDevice = 1 << 1, 275 } 276 } 277 278 impl_enum_trait! { 279 /// An enum type indicates the strategy for conflict resolution when handling duplicated Asset alias. 280 #[derive(Default)] 281 pub enum ConflictResolution { 282 /// Directly overwrite an Asset with duplicated alias when a conflict is detected. 283 Overwrite = 0, 284 285 /// Throw an error so that the caller can take measures when a conflict is detected. 286 #[default] 287 ThrowError = 1, 288 } 289 } 290 291 impl_enum_trait! { 292 /// An enum type indicates the return type of the queried Asset. 293 #[derive(Default)] 294 pub enum ReturnType { 295 /// Specify that the return data should contain both secret value and attributes. 296 All = 0, 297 298 /// Specify that the return data contains only attributes. 299 #[default] 300 Attributes = 1, 301 } 302 } 303 304 /// Expended abililty for HashMap. 305 pub trait Extension<K> { 306 /// Insert an attribute into the collection. insert_attr(&mut self, key: K, value: impl Conversion)307 fn insert_attr(&mut self, key: K, value: impl Conversion); 308 309 /// Get an attribute of bool type from the collection. get_bool_attr(&self, key: &K) -> Result<bool>310 fn get_bool_attr(&self, key: &K) -> Result<bool>; 311 312 /// Get an attribute of enum type from the collection. get_enum_attr<T: TryFrom<u32, Error = AssetError>>(&self, key: &K) -> Result<T>313 fn get_enum_attr<T: TryFrom<u32, Error = AssetError>>(&self, key: &K) -> Result<T>; 314 315 /// Get an attribute of number type from the collection. get_num_attr(&self, key: &K) -> Result<u32>316 fn get_num_attr(&self, key: &K) -> Result<u32>; 317 318 /// Get an attribute of bytes type from the collection. get_bytes_attr(&self, key: &K) -> Result<&Vec<u8>>319 fn get_bytes_attr(&self, key: &K) -> Result<&Vec<u8>>; 320 } 321 322 /// Conversion between a specific type and the Asset Value type. 323 pub trait Conversion { 324 /// Get the data type of Asset Enum type. data_type(&self) -> DataType325 fn data_type(&self) -> DataType; 326 327 /// Convert the Asset Enum type to the Value variant. into_value(self) -> Value328 fn into_value(self) -> Value; 329 } 330