1 /* 2 * Copyright (c) 2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef FOUNDATION_APPEXECFWK_SERVICES_BUNDLEMGR_INCLUDE_BUNDLE_INSTALL_CHECKER_H 17 #define FOUNDATION_APPEXECFWK_SERVICES_BUNDLEMGR_INCLUDE_BUNDLE_INSTALL_CHECKER_H 18 19 #include <memory> 20 #include <string> 21 #include <vector> 22 #include <algorithm> 23 24 #include "app_privilege_capability.h" 25 #include "app_provision_info.h" 26 #include "appexecfwk_errors.h" 27 #include "bundle_pack_info.h" 28 #include "bundle_verify_mgr.h" 29 #include "inner_bundle_info.h" 30 #include "install_param.h" 31 32 namespace OHOS { 33 namespace AppExecFwk { 34 struct InstallCheckParam { 35 bool isPreInstallApp = false; 36 bool removable = true; 37 bool needSendEvent = true; 38 // is shell token 39 bool isCallByShell = false; 40 bool isInstalledForAllUser = false; 41 // status of install bundle permission 42 PermissionStatus installBundlePermissionStatus = PermissionStatus::NOT_VERIFIED_PERMISSION_STATUS; 43 // status of install enterprise bundle permission 44 PermissionStatus installEnterpriseBundlePermissionStatus = PermissionStatus::NOT_VERIFIED_PERMISSION_STATUS; 45 // status of install enterprise normal bundle permission 46 PermissionStatus installEtpNormalBundlePermissionStatus = PermissionStatus::NOT_VERIFIED_PERMISSION_STATUS; 47 // status of install enterprise mdm bundle permission 48 PermissionStatus installEtpMdmBundlePermissionStatus = PermissionStatus::NOT_VERIFIED_PERMISSION_STATUS; 49 // status of install internaltesting bundle permission 50 PermissionStatus installInternaltestingBundlePermissionStatus = PermissionStatus::NOT_VERIFIED_PERMISSION_STATUS; 51 52 Constants::AppType appType = Constants::AppType::THIRD_PARTY_APP; 53 int64_t crowdtestDeadline = Constants::INVALID_CROWDTEST_DEADLINE; // for crowdtesting type hap 54 std::string specifiedDistributionType; 55 }; 56 57 class BundleInstallChecker { 58 public: 59 /** 60 * @brief Check syscap. 61 * @param bundlePaths Indicates the file paths of all HAP packages. 62 * @return Returns ERR_OK if the syscap satisfy; returns error code otherwise. 63 */ 64 ErrCode CheckSysCap(const std::vector<std::string> &bundlePaths); 65 66 /** 67 * @brief Check signature info of multiple haps. 68 * @param bundlePaths Indicates the file paths of all HAP packages. 69 * @param hapVerifyRes Indicates the signature info. 70 * @param readFile Indicates using READ or MMAP to get content of the file. 71 * @return Returns ERR_OK if the every hap has signature info and all haps have same signature info. 72 */ 73 ErrCode CheckMultipleHapsSignInfo( 74 const std::vector<std::string> &bundlePaths, 75 std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes, bool readFile = false); 76 77 /** 78 * @brief To check the hap hash param. 79 * @param infos .Indicates all innerBundleInfo for all haps need to be installed. 80 * @param hashParams .Indicates all hashParams in installParam. 81 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 82 */ 83 ErrCode CheckHapHashParams( 84 std::unordered_map<std::string, InnerBundleInfo> &infos, 85 std::map<std::string, std::string> hashParams); 86 87 /** 88 * @brief To check the version code and bundleName in all haps. 89 * @param infos .Indicates all innerBundleInfo for all haps need to be installed. 90 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 91 */ 92 ErrCode CheckAppLabelInfo(const std::unordered_map<std::string, InnerBundleInfo> &infos); 93 /** 94 * @brief To check native file in all haps. 95 * @param infos .Indicates all innerBundleInfo for all haps need to be installed. 96 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 97 */ 98 ErrCode CheckMultiNativeFile(std::unordered_map<std::string, InnerBundleInfo> &infos); 99 /** 100 * @brief To check ark native file in all haps. 101 * @param infos .Indicates all innerBundleInfo for all haps need to be installed. 102 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 103 */ 104 ErrCode CheckMultiArkNativeFile(std::unordered_map<std::string, InnerBundleInfo> &infos); 105 /** 106 * @brief To check native so in all haps. 107 * @param infos .Indicates all innerBundleInfo for all haps need to be installed. 108 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 109 */ 110 ErrCode CheckMultiNativeSo(std::unordered_map<std::string, InnerBundleInfo> &infos); 111 /** 112 * @brief To parse hap files and to obtain innerBundleInfo of each hap. 113 * @param bundlePaths Indicates the file paths of all HAP packages. 114 * @param checkParam Indicates the install check parameters. 115 * @param hapVerifyRes Indicates all signature info of all haps. 116 * @param infos Indicates the innerBundleinfo of each hap. 117 * @return Returns ERR_OK if each hap is parsed successfully; returns error code otherwise. 118 */ 119 ErrCode ParseHapFiles( 120 const std::vector<std::string> &bundlePaths, 121 const InstallCheckParam &checkParam, 122 std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes, 123 std::unordered_map<std::string, InnerBundleInfo> &infos); 124 /** 125 * @brief To check dependency whether or not exists. 126 * @param infos Indicates all innerBundleInfo for all haps need to be installed. 127 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 128 */ 129 ErrCode CheckDependency(std::unordered_map<std::string, InnerBundleInfo> &infos); 130 131 void ResetProperties(); 132 IsContainEntry()133 bool IsContainEntry() 134 { 135 return isContainEntry_; 136 } 137 138 ErrCode CheckEnterpriseForAllUser(std::unordered_map<std::string, InnerBundleInfo> &infos, 139 const InstallCheckParam &checkParam, const std::string &distributionType); 140 141 ErrCode CheckHspInstallCondition(std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes); 142 143 ErrCode CheckInstallPermission(const InstallCheckParam &checkParam, 144 const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes); 145 146 bool VaildInstallPermission(const InstallParam &installParam, 147 const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes); 148 149 bool VaildEnterpriseInstallPermission(const InstallParam &installParam, 150 const Security::Verify::ProvisionInfo &provisionInfo); 151 152 bool VaildInstallPermissionForShare(const InstallCheckParam &checkParam, 153 const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes); 154 155 bool VaildEnterpriseInstallPermissionForShare(const InstallCheckParam &checkParam, 156 const Security::Verify::ProvisionInfo &provisionInfo); 157 158 ErrCode CheckModuleNameForMulitHaps(const std::unordered_map<std::string, InnerBundleInfo> &infos); 159 160 bool IsExistedDistroModule(const InnerBundleInfo &newInfo, const InnerBundleInfo &info) const; 161 162 bool IsContainModuleName(const InnerBundleInfo &newInfo, const InnerBundleInfo &info) const; 163 164 ErrCode CheckDeviceType(std::unordered_map<std::string, InnerBundleInfo> &infos) const; 165 166 AppProvisionInfo ConvertToAppProvisionInfo(const Security::Verify::ProvisionInfo &provisionInfo) const; 167 168 ErrCode CheckProxyDatas(const InnerBundleInfo &info) const; 169 170 ErrCode CheckIsolationMode(const std::unordered_map<std::string, InnerBundleInfo> &infos) const; 171 172 ErrCode CheckSignatureFileDir(const std::string &signatureFileDir) const; 173 174 ErrCode CheckDeveloperMode(const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes) const; 175 176 ErrCode CheckAllowEnterpriseBundle(const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes) const; 177 178 bool CheckEnterpriseBundle(Security::Verify::HapVerifyResult &hapVerifyRes) const; 179 bool CheckInternaltestingBundle(Security::Verify::HapVerifyResult &hapVerifyRes) const; 180 bool CheckSupportAppTypes( 181 const std::unordered_map<std::string, InnerBundleInfo> &infos, const std::string &supportAppTypes) const; 182 183 std::string GetCheckResultMsg() const; 184 185 void SetCheckResultMsg(const std::string checkResultMsg); 186 187 ErrCode CheckAppDistributionType(const Security::Verify::AppDistType type); 188 189 ErrCode CheckAppDistributionType(const std::string distributionType); 190 191 int32_t GetAppDistributionTypeEnum(const std::string distributionType) const; 192 private: 193 194 ErrCode ParseBundleInfo( 195 const std::string &bundleFilePath, 196 InnerBundleInfo &info, 197 BundlePackInfo &packInfo) const; 198 199 ErrCode CheckSystemSize( 200 const std::string &bundlePath, 201 const Constants::AppType appType) const; 202 203 void SetEntryInstallationFree( 204 const BundlePackInfo &bundlePackInfo, 205 InnerBundleInfo &innerBundleInfo); 206 207 void SetPackInstallationFree(BundlePackInfo &bundlePackInfo, const InnerBundleInfo &innerBundleInfo) const; 208 209 void CollectProvisionInfo( 210 const Security::Verify::ProvisionInfo &provisionInfo, 211 const AppPrivilegeCapability &appPrivilegeCapability, 212 InnerBundleInfo &newInfo); 213 214 void GetPrivilegeCapability( 215 const InstallCheckParam &checkParam, InnerBundleInfo &newInfo); 216 217 void ParseAppPrivilegeCapability( 218 const Security::Verify::ProvisionInfo &provisionInfo, 219 AppPrivilegeCapability &appPrivilegeCapability); 220 221 ErrCode CheckMainElement(const InnerBundleInfo &info); 222 223 ErrCode CheckBundleName(const std::string &provisionInfoBundleName, const std::string &bundleName); 224 225 void FetchPrivilegeCapabilityFromPreConfig( 226 const std::string &bundleName, 227 const std::vector<std::string> &appSignatures, 228 AppPrivilegeCapability &appPrivilegeCapability); 229 230 bool MatchSignature(const std::vector<std::string> &appSignatures, const std::string &signature); 231 232 bool GetPrivilegeCapabilityValue(const std::vector<std::string> &existInJson, 233 const std::string &key, bool existInPreJson, bool existInProvision); 234 235 ErrCode ProcessBundleInfoByPrivilegeCapability(const AppPrivilegeCapability &appPrivilegeCapability, 236 InnerBundleInfo &innerBundleInfo); 237 238 bool NeedCheckDependency(const Dependency &dependency, const InnerBundleInfo &info); 239 240 bool FindModuleInInstallingPackage( 241 const std::string &moduleName, 242 const std::string &bundleName, 243 const std::unordered_map<std::string, InnerBundleInfo> &infos); 244 245 bool FindModuleInInstalledPackage( 246 const std::string &moduleName, 247 const std::string &bundleName, 248 uint32_t versionCode); 249 250 bool isContainEntry_ = false; 251 252 void SetAppProvisionMetadata(const std::vector<Security::Verify::Metadata> &provisionMetadatas, 253 InnerBundleInfo &newInfo); 254 255 bool CheckProxyPermissionLevel(const std::string &permissionName) const; 256 bool MatchOldSignatures(const std::string &bundleName, const std::vector<std::string> &appSignatures); 257 bool CheckProvisionInfoIsValid(const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes); 258 std::tuple<bool, std::string, std::string> GetValidReleaseType( 259 const std::unordered_map<std::string, InnerBundleInfo> &infos); 260 bool DetermineCloneApp(const InnerBundleInfo &innerBundleInfo, int32_t &cloneNum); 261 262 std::string checkResultMsg_ = ""; 263 }; 264 } // namespace AppExecFwk 265 } // namespace OHOS 266 #endif // FOUNDATION_APPEXECFWK_SERVICES_BUNDLEMGR_INCLUDE_BUNDLE_INSTALL_CHECKER_H