1 /*
2 * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #include "auth_interface.h"
16
17 #include <securec.h>
18 #include <stdbool.h>
19 #include <stdint.h>
20
21 #include "auth_device_common_key.h"
22 #include "auth_deviceprofile.h"
23 #include "auth_hichain.h"
24 #include "auth_hichain_adapter.h"
25 #include "auth_log.h"
26 #include "auth_manager.h"
27 #include "auth_meta_manager.h"
28 #include "bus_center_manager.h"
29 #include "customized_security_protocol.h"
30 #include "lnn_decision_db.h"
31 #include "lnn_distributed_net_ledger.h"
32 #include "lnn_feature_capability.h"
33 #include "lnn_meta_node_interface.h"
34 #include "lnn_ohos_account.h"
35 #include "lnn_parameter_utils.h"
36 #include "softbus_adapter_mem.h"
37 #include "softbus_def.h"
38 #include "lnn_init_monitor.h"
39
40 #define SHORT_ACCOUNT_HASH_LEN 2
41
42 typedef struct {
43 int32_t module;
44 AuthTransListener listener;
45 } ModuleListener;
46
47 static ModuleListener g_moduleListener[] = {
48 {
49 .module = MODULE_P2P_LINK,
50 .listener = { NULL, NULL },
51 },
52 {
53 .module = MODULE_P2P_LISTEN,
54 .listener = { NULL, NULL },
55 },
56 {
57 .module = MODULE_UDP_INFO,
58 .listener = { NULL, NULL },
59 },
60 {
61 .module = MODULE_TIME_SYNC,
62 .listener = { NULL, NULL },
63 },
64 {
65 .module = MODULE_P2P_NETWORKING_SYNC,
66 .listener = { NULL, NULL },
67 },
68 {
69 .module = MODULE_AUTH_SYNC_INFO,
70 .listener = { NULL, NULL },
71 },
72 {
73 .module = MODULE_PTK_VERIFY,
74 .listener = { NULL, NULL },
75 }
76 };
77
RegAuthTransListener(int32_t module,const AuthTransListener * listener)78 int32_t RegAuthTransListener(int32_t module, const AuthTransListener *listener)
79 {
80 AUTH_LOGI(AUTH_CONN, "Trans: add listener, module=%{public}d", module);
81 if (listener == NULL || listener->onDataReceived == NULL) {
82 AUTH_LOGE(AUTH_CONN, "Trans: invalid listener");
83 return SOFTBUS_INVALID_PARAM;
84 }
85 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
86 if (g_moduleListener[i].module == module) {
87 g_moduleListener[i].listener.onDataReceived = listener->onDataReceived;
88 g_moduleListener[i].listener.onDisconnected = listener->onDisconnected;
89 g_moduleListener[i].listener.onException = listener->onException;
90 return SOFTBUS_OK;
91 }
92 }
93 AUTH_LOGE(AUTH_CONN, "Trans: unknown module=%{public}d", module);
94 return SOFTBUS_AUTH_LISTENER_MODULE_INVALID;
95 }
96
UnregAuthTransListener(int32_t module)97 void UnregAuthTransListener(int32_t module)
98 {
99 AUTH_LOGI(AUTH_CONN, "Trans: remove listener, module=%{public}d", module);
100 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
101 if (g_moduleListener[i].module == module) {
102 g_moduleListener[i].listener.onDataReceived = NULL;
103 g_moduleListener[i].listener.onDisconnected = NULL;
104 g_moduleListener[i].listener.onException = NULL;
105 return;
106 }
107 }
108 }
109
IsSupportFeatureByCapaBit(uint32_t feature,AuthCapability capaBit)110 bool IsSupportFeatureByCapaBit(uint32_t feature, AuthCapability capaBit)
111 {
112 return ((feature & (1 << (uint32_t)capaBit)) != 0);
113 }
114
NotifyTransDataReceived(AuthHandle authHandle,const AuthDataHead * head,const uint8_t * data,uint32_t len)115 static void NotifyTransDataReceived(AuthHandle authHandle, const AuthDataHead *head, const uint8_t *data, uint32_t len)
116 {
117 AuthTransListener *listener = NULL;
118 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
119 if (g_moduleListener[i].module == head->module) {
120 listener = &(g_moduleListener[i].listener);
121 break;
122 }
123 }
124 if (listener == NULL || listener->onDataReceived == NULL) {
125 AUTH_LOGI(AUTH_CONN, "Trans: onDataReceived not found");
126 return;
127 }
128 AuthTransData transData = {
129 .module = head->module,
130 .flag = head->flag,
131 .seq = head->seq,
132 .len = len,
133 .data = data,
134 };
135 listener->onDataReceived(authHandle, &transData);
136 }
137
NotifyTransDisconnected(AuthHandle authHandle)138 static void NotifyTransDisconnected(AuthHandle authHandle)
139 {
140 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
141 if (g_moduleListener[i].listener.onDisconnected != NULL) {
142 g_moduleListener[i].listener.onDisconnected(authHandle);
143 }
144 }
145 }
146
NotifyTransException(AuthHandle authHandle,int32_t error)147 static void NotifyTransException(AuthHandle authHandle, int32_t error)
148 {
149 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
150 if (g_moduleListener[i].listener.onException != NULL) {
151 g_moduleListener[i].listener.onException(authHandle, error);
152 }
153 }
154 }
155
CheckSessionKeyAvailable(SessionKeyList * list,AuthLinkType type)156 static int32_t CheckSessionKeyAvailable(SessionKeyList *list, AuthLinkType type)
157 {
158 if (!CheckSessionKeyListExistType(list, type)) {
159 AUTH_LOGI(AUTH_CONN, "client sessionkey invalid, type=%{public}d", type);
160 return SOFTBUS_AUTH_SESSION_KEY_INVALID;
161 }
162 if (CheckSessionKeyListHasOldKey(list, type)) {
163 AUTH_LOGI(AUTH_CONN, "client sessionkey is old, type=%{public}d", type);
164 return SOFTBUS_AUTH_SESSION_KEY_TOO_OLD;
165 }
166 return SOFTBUS_OK;
167 }
168
AuthCheckSessionKeyValidByConnInfo(const char * networkId,const AuthConnInfo * connInfo)169 int32_t AuthCheckSessionKeyValidByConnInfo(const char *networkId, const AuthConnInfo *connInfo)
170 {
171 if (networkId == NULL || connInfo == NULL) {
172 AUTH_LOGE(AUTH_CONN, "param is null");
173 return SOFTBUS_INVALID_PARAM;
174 }
175 NodeInfo nodeInfo;
176 (void)memset_s(&nodeInfo, sizeof(NodeInfo), 0, sizeof(NodeInfo));
177 if (LnnGetRemoteNodeInfoById(networkId, CATEGORY_NETWORK_ID, &nodeInfo) != SOFTBUS_OK) {
178 return SOFTBUS_NETWORK_GET_NODE_INFO_ERR;
179 }
180 if (!IsSupportFeatureByCapaBit(nodeInfo.authCapacity, BIT_SUPPORT_NORMALIZED_LINK)) {
181 return SOFTBUS_OK;
182 }
183 AuthManager *authClient = GetAuthManagerByConnInfo(connInfo, false);
184 AuthManager *authServer = GetAuthManagerByConnInfo(connInfo, true);
185 int64_t authId = AUTH_INVALID_ID;
186 AuthLinkType type = connInfo->type;
187 if (authClient == NULL && authServer == NULL) {
188 if (connInfo->type == AUTH_LINK_TYPE_BR) {
189 AUTH_LOGI(AUTH_CONN, "check ble sessionkey");
190 authId = AuthDeviceGetIdByUuid(nodeInfo.uuid, AUTH_LINK_TYPE_BLE, false);
191 authClient = GetAuthManagerByAuthId(authId);
192 authId = AuthDeviceGetIdByUuid(nodeInfo.uuid, AUTH_LINK_TYPE_BLE, true);
193 authServer = GetAuthManagerByAuthId(authId);
194 type = AUTH_LINK_TYPE_BLE;
195 }
196 if (authClient == NULL && authServer == NULL) {
197 AUTH_LOGE(AUTH_CONN, "client and server auth not found, type=%{public}d", type);
198 return SOFTBUS_AUTH_NOT_FOUND;
199 }
200 }
201 int32_t ret = SOFTBUS_OK;
202 do {
203 if (authClient != NULL) {
204 ret = CheckSessionKeyAvailable(&authClient->sessionKeyList, type);
205 if (ret != SOFTBUS_OK) {
206 break;
207 }
208 }
209 if (authServer != NULL) {
210 ret = CheckSessionKeyAvailable(&authServer->sessionKeyList, type);
211 if (ret != SOFTBUS_OK) {
212 break;
213 }
214 }
215 } while (false);
216 DelDupAuthManager(authClient);
217 DelDupAuthManager(authServer);
218 return ret;
219 }
220
AuthCheckSessionKeyValidByAuthHandle(const AuthHandle * authHandle)221 int32_t AuthCheckSessionKeyValidByAuthHandle(const AuthHandle *authHandle)
222 {
223 if (authHandle == NULL) {
224 AUTH_LOGE(AUTH_CONN, "param is null");
225 return SOFTBUS_INVALID_PARAM;
226 }
227 if (authHandle->type < AUTH_LINK_TYPE_WIFI || authHandle->type >= AUTH_LINK_TYPE_MAX) {
228 AUTH_LOGE(AUTH_CONN, "authHandle type error");
229 return SOFTBUS_INVALID_PARAM;
230 }
231 AuthManager *auth = GetAuthManagerByAuthId(authHandle->authId);
232 if (auth == NULL) {
233 AUTH_LOGE(AUTH_CONN, "not found auth manager, type=%{public}d, authId=%{public}" PRId64, authHandle->type,
234 authHandle->authId);
235 return SOFTBUS_AUTH_NOT_FOUND;
236 }
237 int32_t ret = SOFTBUS_OK;
238 if (!CheckSessionKeyListExistType(&auth->sessionKeyList, (AuthLinkType)authHandle->type)) {
239 AUTH_LOGI(AUTH_CONN, "sessionkey invalid, authId=%{public}" PRId64 ", type=%{public}d", authHandle->authId,
240 authHandle->type);
241 ret = SOFTBUS_AUTH_SESSION_KEY_INVALID;
242 }
243 DelDupAuthManager(auth);
244 return ret;
245 }
246
AuthOpenConn(const AuthConnInfo * info,uint32_t requestId,const AuthConnCallback * callback,bool isMeta)247 int32_t AuthOpenConn(const AuthConnInfo *info, uint32_t requestId, const AuthConnCallback *callback, bool isMeta)
248 {
249 if (info == NULL || callback == NULL) {
250 AUTH_LOGE(AUTH_CONN, "info or callback is null");
251 return SOFTBUS_INVALID_PARAM;
252 }
253 if (isMeta) {
254 return AuthMetaOpenConn(info, requestId, callback);
255 }
256 return AuthDeviceOpenConn(info, requestId, callback);
257 }
258
AuthPostTransData(AuthHandle authHandle,const AuthTransData * dataInfo)259 int32_t AuthPostTransData(AuthHandle authHandle, const AuthTransData *dataInfo)
260 {
261 if (authHandle.type < AUTH_LINK_TYPE_WIFI || authHandle.type >= AUTH_LINK_TYPE_MAX) {
262 AUTH_LOGE(AUTH_CONN, "authHandle type error");
263 return SOFTBUS_INVALID_PARAM;
264 }
265 AuthManager *auth = GetAuthManagerByAuthId(authHandle.authId);
266 if (auth != NULL) {
267 DelDupAuthManager(auth);
268 return AuthDevicePostTransData(authHandle, dataInfo);
269 }
270 return AuthMetaPostTransData(authHandle.authId, dataInfo);
271 }
272
AuthCloseConn(AuthHandle authHandle)273 void AuthCloseConn(AuthHandle authHandle)
274 {
275 if (authHandle.type < AUTH_LINK_TYPE_WIFI || authHandle.type >= AUTH_LINK_TYPE_MAX) {
276 AUTH_LOGE(AUTH_CONN, "authHandle type error");
277 return;
278 }
279 AuthManager *auth = GetAuthManagerByAuthId(authHandle.authId);
280 if (auth != NULL) {
281 DelDupAuthManager(auth);
282 AuthDeviceCloseConn(authHandle);
283 return;
284 }
285 AuthMetaCloseConn(authHandle.authId);
286 }
287
AuthRemoveAuthManagerByAuthHandle(AuthHandle authHandle)288 void AuthRemoveAuthManagerByAuthHandle(AuthHandle authHandle)
289 {
290 if (authHandle.type < AUTH_LINK_TYPE_WIFI || authHandle.type >= AUTH_LINK_TYPE_MAX) {
291 AUTH_LOGE(AUTH_CONN, "authHandle type error");
292 return;
293 }
294 RemoveAuthManagerByAuthId(authHandle);
295 }
296
AuthGetPreferConnInfo(const char * uuid,AuthConnInfo * connInfo,bool isMeta)297 int32_t AuthGetPreferConnInfo(const char *uuid, AuthConnInfo *connInfo, bool isMeta)
298 {
299 if (isMeta) {
300 return AuthMetaGetPreferConnInfo(uuid, connInfo);
301 }
302 return AuthDeviceGetPreferConnInfo(uuid, connInfo);
303 }
304
AuthGetConnInfoByType(const char * uuid,AuthLinkType type,AuthConnInfo * connInfo,bool isMeta)305 int32_t AuthGetConnInfoByType(const char *uuid, AuthLinkType type, AuthConnInfo *connInfo, bool isMeta)
306 {
307 if (isMeta) {
308 return SOFTBUS_INVALID_PARAM;
309 }
310 return AuthDeviceGetConnInfoByType(uuid, type, connInfo);
311 }
312
AuthGetConnInfoBySide(const char * uuid,AuthConnInfo * connInfo,bool isMeta,bool isClient)313 int32_t AuthGetConnInfoBySide(const char *uuid, AuthConnInfo *connInfo, bool isMeta, bool isClient)
314 {
315 if (isMeta) {
316 return AuthMetaGetConnInfoBySide(uuid, isClient, connInfo);
317 }
318 return AuthDeviceGetPreferConnInfo(uuid, connInfo);
319 }
320
AuthGetP2pConnInfo(const char * uuid,AuthConnInfo * connInfo,bool isMeta)321 int32_t AuthGetP2pConnInfo(const char *uuid, AuthConnInfo *connInfo, bool isMeta)
322 {
323 if (isMeta) {
324 return AUTH_INVALID_ID;
325 }
326 return AuthDeviceGetP2pConnInfo(uuid, connInfo);
327 }
328
AuthGetHmlConnInfo(const char * uuid,AuthConnInfo * connInfo,bool isMeta)329 int32_t AuthGetHmlConnInfo(const char *uuid, AuthConnInfo *connInfo, bool isMeta)
330 {
331 if (isMeta) {
332 return AUTH_INVALID_ID;
333 }
334 return AuthDeviceGetHmlConnInfo(uuid, connInfo);
335 }
336
337 /* for ProxyChannel & P2P TcpDirectchannel */
AuthGetLatestIdByUuid(const char * uuid,AuthLinkType type,bool isMeta,AuthHandle * authHandle)338 void AuthGetLatestIdByUuid(const char *uuid, AuthLinkType type, bool isMeta, AuthHandle *authHandle)
339 {
340 if (authHandle == NULL) {
341 AUTH_LOGE(AUTH_CONN, "authHandle is null");
342 return;
343 }
344 authHandle->authId = AUTH_INVALID_ID;
345 if (isMeta) {
346 return;
347 }
348 AuthDeviceGetLatestIdByUuid(uuid, type, authHandle);
349 }
350
AuthGetIdByConnInfo(const AuthConnInfo * connInfo,bool isServer,bool isMeta)351 int64_t AuthGetIdByConnInfo(const AuthConnInfo *connInfo, bool isServer, bool isMeta)
352 {
353 if (isMeta) {
354 return AuthMetaGetIdByConnInfo(connInfo, isServer);
355 }
356 return AuthDeviceGetIdByConnInfo(connInfo, isServer);
357 }
358
AuthGetIdByUuid(const char * uuid,AuthLinkType type,bool isServer,bool isMeta)359 int64_t AuthGetIdByUuid(const char *uuid, AuthLinkType type, bool isServer, bool isMeta)
360 {
361 if (isMeta) {
362 return AuthMetaGetIdByUuid(uuid, type, isServer);
363 }
364 return AuthDeviceGetIdByUuid(uuid, type, isServer);
365 }
366
AuthGetAuthHandleByIndex(const AuthConnInfo * connInfo,bool isServer,int32_t index,AuthHandle * authHandle)367 int32_t AuthGetAuthHandleByIndex(const AuthConnInfo *connInfo, bool isServer, int32_t index, AuthHandle *authHandle)
368 {
369 if (connInfo == NULL || authHandle == NULL) {
370 AUTH_LOGE(AUTH_CONN, "param is null");
371 return SOFTBUS_INVALID_PARAM;
372 }
373 int32_t ret = SOFTBUS_OK;
374 char networkId[NETWORK_ID_BUF_LEN] = { 0 };
375 NodeInfo info;
376 (void)memset_s(&info, sizeof(NodeInfo), 0, sizeof(NodeInfo));
377 switch (connInfo->type) {
378 case AUTH_LINK_TYPE_WIFI:
379 case AUTH_LINK_TYPE_SESSION_KEY:
380 ret = LnnGetRemoteNodeInfoByKey(connInfo->info.ipInfo.ip, &info);
381 if (ret != SOFTBUS_OK) {
382 AUTH_LOGE(AUTH_CONN, "get remote nodeInfo by ip failed, ret=%{public}d", ret);
383 return ret;
384 }
385 break;
386 case AUTH_LINK_TYPE_BLE:
387 if (LnnGetNetworkIdByUdidHash(connInfo->info.bleInfo.deviceIdHash, UDID_HASH_LEN, networkId,
388 sizeof(networkId), true) != SOFTBUS_OK) {
389 AUTH_LOGE(AUTH_CONN, "get networkId fail");
390 return SOFTBUS_NOT_FIND;
391 }
392 ret = LnnGetRemoteNodeInfoByKey(networkId, &info);
393 if (ret != SOFTBUS_OK) {
394 AUTH_LOGE(AUTH_CONN, "get remote nodeInfo by networkId failed, ret=%{public}d", ret);
395 return ret;
396 }
397 break;
398 case AUTH_LINK_TYPE_BR:
399 ret = LnnGetRemoteNodeInfoByKey(connInfo->info.brInfo.brMac, &info);
400 if (ret != SOFTBUS_OK) {
401 AUTH_LOGE(AUTH_CONN, "get remote nodeInfo by brMac failed, ret=%{public}d", ret);
402 return ret;
403 }
404 break;
405 default:
406 AUTH_LOGE(AUTH_CONN, "unknown connType. type=%{public}d", connInfo->type);
407 return SOFTBUS_INVALID_PARAM;
408 }
409 if (!IsSupportFeatureByCapaBit(info.feature, BIT_SUPPORT_NORMALIZED_LINK)) {
410 AUTH_LOGE(AUTH_CONN, "not support normalize");
411 return SOFTBUS_AUTH_NOT_SUPPORT_NORMALIZE;
412 }
413 return AuthDeviceGetAuthHandleByIndex(info.deviceInfo.deviceUdid, isServer, index, authHandle);
414 }
415
FillAuthSessionInfo(AuthSessionInfo * info,const NodeInfo * nodeInfo,AuthDeviceKeyInfo * keyInfo,bool hasDeviceKey)416 static int32_t FillAuthSessionInfo(
417 AuthSessionInfo *info, const NodeInfo *nodeInfo, AuthDeviceKeyInfo *keyInfo, bool hasDeviceKey)
418 {
419 uint8_t localUdidHash[UDID_HASH_LEN] = { 0 };
420 if (LnnGetLocalByteInfo(BYTE_KEY_UDID_HASH, localUdidHash, UDID_HASH_LEN) != SOFTBUS_OK) {
421 AUTH_LOGE(AUTH_KEY, "get local udid hash fail");
422 return SOFTBUS_NETWORK_GET_NODE_INFO_ERR;
423 }
424 bool isSupportNormalizedKey = IsSupportFeatureByCapaBit(nodeInfo->authCapacity, BIT_SUPPORT_NORMALIZED_LINK);
425 if (!hasDeviceKey) {
426 int32_t ret = memcmp(localUdidHash, info->connInfo.info.bleInfo.deviceIdHash, SHORT_HASH_LEN);
427 keyInfo->isServerSide = ret < 0 ? true : false;
428 keyInfo->keyIndex = GenSeq(keyInfo->isServerSide);
429 }
430 info->isServer = keyInfo->isServerSide;
431 info->connId = (uint64_t)keyInfo->keyIndex;
432 info->version = SOFTBUS_NEW_V2;
433 info->normalizedType = isSupportNormalizedKey ? NORMALIZED_SUPPORT : NORMALIZED_NOT_SUPPORT;
434 info->normalizedIndex = keyInfo->keyIndex;
435 if (strcpy_s(info->uuid, sizeof(info->uuid), nodeInfo->uuid) != EOK ||
436 strcpy_s(info->udid, sizeof(info->udid), nodeInfo->deviceInfo.deviceUdid) != EOK) {
437 AUTH_LOGE(AUTH_KEY, "restore manager fail because copy uuid/udid fail");
438 return SOFTBUS_STRCPY_ERR;
439 }
440 return SOFTBUS_OK;
441 }
442
AuthDirectOnlineProcessSessionKey(AuthSessionInfo * info,AuthDeviceKeyInfo * keyInfo,int64_t * authId)443 static int32_t AuthDirectOnlineProcessSessionKey(AuthSessionInfo *info, AuthDeviceKeyInfo *keyInfo, int64_t *authId)
444 {
445 SessionKey sessionKey;
446 (void)memset_s(&sessionKey, sizeof(SessionKey), 0, sizeof(SessionKey));
447 if (memcpy_s(sessionKey.value, sizeof(sessionKey.value), keyInfo->deviceKey, sizeof(keyInfo->deviceKey)) != EOK) {
448 AUTH_LOGE(AUTH_KEY, "restore manager fail because memcpy device key");
449 return SOFTBUS_MEM_ERR;
450 }
451 sessionKey.len = keyInfo->keyLen;
452 if (AuthManagerSetSessionKey(keyInfo->keyIndex, info, &sessionKey, false, keyInfo->isOldKey) != SOFTBUS_OK) {
453 AUTH_LOGE(AUTH_KEY, "set sessionkey fail, index=%{public}" PRId64, keyInfo->keyIndex);
454 (void)memset_s(&sessionKey, sizeof(SessionKey), 0, sizeof(SessionKey));
455 return SOFTBUS_AUTH_SESSION_KEY_PROC_ERR;
456 }
457 AuthManager *auth = GetAuthManagerByConnInfo(&info->connInfo, info->isServer);
458 if (auth == NULL) {
459 AUTH_LOGE(AUTH_KEY, "authManager is null");
460 (void)memset_s(&sessionKey, sizeof(SessionKey), 0, sizeof(SessionKey));
461 return SOFTBUS_AUTH_NOT_FOUND;
462 }
463 *authId = auth->authId;
464 DelDupAuthManager(auth);
465 (void)memset_s(&sessionKey, sizeof(SessionKey), 0, sizeof(SessionKey));
466 return SOFTBUS_OK;
467 }
468
AuthDirectOnlineWithoutSessionKey(AuthSessionInfo * info,AuthDeviceKeyInfo * keyInfo,int64_t * authId)469 static int32_t AuthDirectOnlineWithoutSessionKey(AuthSessionInfo *info, AuthDeviceKeyInfo *keyInfo, int64_t *authId)
470 {
471 int32_t ret = AuthDirectOnlineCreateAuthManager(keyInfo->keyIndex, info);
472 if (ret != SOFTBUS_OK) {
473 AUTH_LOGE(AUTH_KEY, "create auth manager fail, index=%{public}" PRId64, keyInfo->keyIndex);
474 return ret;
475 }
476 AuthManager *auth = GetAuthManagerByConnInfo(&info->connInfo, info->isServer);
477 if (auth == NULL) {
478 AUTH_LOGE(AUTH_KEY, "authManager is null");
479 return SOFTBUS_AUTH_NOT_FOUND;
480 }
481 *authId = auth->authId;
482 DelDupAuthManager(auth);
483 return SOFTBUS_OK;
484 }
485
AuthRestoreAuthManager(const char * udidHash,const AuthConnInfo * connInfo,uint32_t requestId,NodeInfo * nodeInfo,int64_t * authId)486 int32_t AuthRestoreAuthManager(
487 const char *udidHash, const AuthConnInfo *connInfo, uint32_t requestId, NodeInfo *nodeInfo, int64_t *authId)
488 {
489 if (udidHash == NULL || connInfo == NULL || nodeInfo == NULL || authId == NULL) {
490 AUTH_LOGE(AUTH_CONN, "restore manager fail because para error");
491 return SOFTBUS_INVALID_PARAM;
492 }
493 // get device key
494 bool hasDeviceKey = false;
495 AuthDeviceKeyInfo keyInfo = { 0 };
496 bool isSupportCloud = IsCloudSyncEnabled() && IsFeatureSupport(nodeInfo->feature, BIT_CLOUD_SYNC_DEVICE_INFO);
497 if (AuthFindLatestNormalizeKey(udidHash, &keyInfo, !isSupportCloud) == SOFTBUS_OK ||
498 AuthFindDeviceKey(udidHash, connInfo->type, &keyInfo) == SOFTBUS_OK) {
499 hasDeviceKey = true;
500 }
501 if (!isSupportCloud && (!hasDeviceKey || keyInfo.isOldKey)) {
502 AUTH_LOGE(AUTH_KEY, "restore manager fail because device key not exist");
503 (void)memset_s(&keyInfo, sizeof(AuthDeviceKeyInfo), 0, sizeof(AuthDeviceKeyInfo));
504 return SOFTBUS_AUTH_MANAGER_RESTORE_FAIL;
505 }
506 if (SoftBusGenerateStrHash((unsigned char *)nodeInfo->deviceInfo.deviceUdid,
507 strlen(nodeInfo->deviceInfo.deviceUdid), (unsigned char *)connInfo->info.bleInfo.deviceIdHash) != SOFTBUS_OK) {
508 AUTH_LOGE(AUTH_KEY, "restore manager fail because generate strhash");
509 (void)memset_s(&keyInfo, sizeof(AuthDeviceKeyInfo), 0, sizeof(AuthDeviceKeyInfo));
510 return SOFTBUS_NETWORK_GENERATE_STR_HASH_ERR;
511 }
512 AuthSessionInfo info;
513 (void)memset_s(&info, sizeof(AuthSessionInfo), 0, sizeof(AuthSessionInfo));
514 info.requestId = requestId;
515 info.connInfo = *connInfo;
516 info.isOldKey = keyInfo.isOldKey;
517 int32_t ret = FillAuthSessionInfo(&info, nodeInfo, &keyInfo, hasDeviceKey);
518 if (ret != SOFTBUS_OK) {
519 AUTH_LOGE(AUTH_KEY, "fill authSessionInfo fail");
520 (void)memset_s(&keyInfo, sizeof(AuthDeviceKeyInfo), 0, sizeof(AuthDeviceKeyInfo));
521 return ret;
522 }
523 ret = hasDeviceKey ? AuthDirectOnlineProcessSessionKey(&info, &keyInfo, authId) :
524 AuthDirectOnlineWithoutSessionKey(&info, &keyInfo, authId);
525 (void)memset_s(&keyInfo, sizeof(AuthDeviceKeyInfo), 0, sizeof(AuthDeviceKeyInfo));
526 return ret;
527 }
528
AuthEncrypt(AuthHandle * authHandle,const uint8_t * inData,uint32_t inLen,uint8_t * outData,uint32_t * outLen)529 int32_t AuthEncrypt(AuthHandle *authHandle, const uint8_t *inData, uint32_t inLen, uint8_t *outData, uint32_t *outLen)
530 {
531 if (authHandle == NULL) {
532 AUTH_LOGE(AUTH_KEY, "authHandle is null");
533 return SOFTBUS_INVALID_PARAM;
534 }
535 AuthManager *auth = GetAuthManagerByAuthId(authHandle->authId);
536 if (auth != NULL) {
537 DelDupAuthManager(auth);
538 return AuthDeviceEncrypt(authHandle, inData, inLen, outData, outLen);
539 }
540 return AuthMetaEncrypt(authHandle->authId, inData, inLen, outData, outLen);
541 }
542
AuthDecrypt(AuthHandle * authHandle,const uint8_t * inData,uint32_t inLen,uint8_t * outData,uint32_t * outLen)543 int32_t AuthDecrypt(AuthHandle *authHandle, const uint8_t *inData, uint32_t inLen, uint8_t *outData, uint32_t *outLen)
544 {
545 if (authHandle == NULL) {
546 AUTH_LOGE(AUTH_KEY, "authHandle is null");
547 return SOFTBUS_INVALID_PARAM;
548 }
549 AuthManager *auth = GetAuthManagerByAuthId(authHandle->authId);
550 if (auth != NULL) {
551 DelDupAuthManager(auth);
552 return AuthDeviceDecrypt(authHandle, inData, inLen, outData, outLen);
553 }
554 return AuthMetaDecrypt(authHandle->authId, inData, inLen, outData, outLen);
555 }
556
AuthSetP2pMac(int64_t authId,const char * p2pMac)557 int32_t AuthSetP2pMac(int64_t authId, const char *p2pMac)
558 {
559 AuthManager *auth = GetAuthManagerByAuthId(authId);
560 if (auth != NULL) {
561 DelDupAuthManager(auth);
562 return AuthDeviceSetP2pMac(authId, p2pMac);
563 }
564 return AuthMetaSetP2pMac(authId, p2pMac);
565 }
566
AuthGetConnInfo(AuthHandle authHandle,AuthConnInfo * connInfo)567 int32_t AuthGetConnInfo(AuthHandle authHandle, AuthConnInfo *connInfo)
568 {
569 if (authHandle.type < AUTH_LINK_TYPE_WIFI || authHandle.type >= AUTH_LINK_TYPE_MAX) {
570 AUTH_LOGE(AUTH_CONN, "authHandle type error");
571 return SOFTBUS_INVALID_PARAM;
572 }
573 AuthManager *auth = GetAuthManagerByAuthId(authHandle.authId);
574 if (auth != NULL) {
575 DelDupAuthManager(auth);
576 return AuthDeviceGetConnInfo(authHandle, connInfo);
577 }
578 return AuthMetaGetConnInfo(authHandle.authId, connInfo);
579 }
580
AuthGetDeviceUuid(int64_t authId,char * uuid,uint16_t size)581 int32_t AuthGetDeviceUuid(int64_t authId, char *uuid, uint16_t size)
582 {
583 AuthManager *auth = GetAuthManagerByAuthId(authId);
584 if (auth != NULL) {
585 DelDupAuthManager(auth);
586 return AuthDeviceGetDeviceUuid(authId, uuid, size);
587 }
588 return AuthMetaGetDeviceUuid(authId, uuid, size);
589 }
590
AuthGetVersion(int64_t authId,SoftBusVersion * version)591 int32_t AuthGetVersion(int64_t authId, SoftBusVersion *version)
592 {
593 return AuthDeviceGetVersion(authId, version);
594 }
595
AuthGetServerSide(int64_t authId,bool * isServer)596 int32_t AuthGetServerSide(int64_t authId, bool *isServer)
597 {
598 AuthManager *auth = GetAuthManagerByAuthId(authId);
599 if (auth != NULL) {
600 DelDupAuthManager(auth);
601 return AuthDeviceGetServerSide(authId, isServer);
602 }
603 return AuthMetaGetServerSide(authId, isServer);
604 }
605
AuthGetMetaType(int64_t authId,bool * isMetaAuth)606 int32_t AuthGetMetaType(int64_t authId, bool *isMetaAuth)
607 {
608 if (isMetaAuth == NULL) {
609 AUTH_LOGW(AUTH_CONN, "invalid param");
610 return SOFTBUS_INVALID_PARAM;
611 }
612 AuthManager *auth = GetAuthManagerByAuthId(authId);
613 if (auth != NULL) {
614 DelDupAuthManager(auth);
615 *isMetaAuth = false;
616 return SOFTBUS_OK;
617 }
618 *isMetaAuth = true;
619 return SOFTBUS_OK;
620 }
621
AuthGetGroupType(const char * udid,const char * uuid)622 uint32_t AuthGetGroupType(const char *udid, const char *uuid)
623 {
624 uint32_t type = 0;
625 if (udid == NULL || uuid == NULL) {
626 AUTH_LOGW(AUTH_HICHAIN, "udid or uuid is null");
627 return type;
628 }
629 type |= CheckDeviceInGroupByType(udid, uuid, AUTH_GROUP_ACCOUNT) ? GROUP_TYPE_ACCOUNT : 0;
630 type |= CheckDeviceInGroupByType(udid, uuid, AUTH_GROUP_P2P) ? GROUP_TYPE_P2P : 0;
631 type |= CheckDeviceInGroupByType(udid, uuid, AUTH_GROUP_MESH) ? GROUP_TYPE_MESH : 0;
632 type |= CheckDeviceInGroupByType(udid, uuid, AUTH_GROUP_COMPATIBLE) ? GROUP_TYPE_COMPATIBLE : 0;
633 return type;
634 }
635
AuthIsPotentialTrusted(const DeviceInfo * device)636 bool AuthIsPotentialTrusted(const DeviceInfo *device)
637 {
638 uint8_t localAccountHash[SHA_256_HASH_LEN] = { 0 };
639 DeviceInfo defaultInfo;
640 (void)memset_s(&defaultInfo, sizeof(DeviceInfo), 0, sizeof(DeviceInfo));
641
642 if (device == NULL) {
643 AUTH_LOGE(AUTH_HICHAIN, "device is null");
644 return false;
645 }
646 if (memcmp(device->devId, defaultInfo.devId, SHA_256_HASH_LEN) == 0) {
647 AUTH_LOGW(AUTH_HICHAIN, "devId is empty");
648 return false;
649 }
650 if (memcmp(device->accountHash, defaultInfo.accountHash, SHORT_ACCOUNT_HASH_LEN) == 0) {
651 AUTH_LOGI(AUTH_HICHAIN, "devId accountHash is empty");
652 return true;
653 }
654 if (LnnGetLocalByteInfo(BYTE_KEY_ACCOUNT_HASH, localAccountHash, SHA_256_HASH_LEN) != SOFTBUS_OK) {
655 AUTH_LOGE(AUTH_HICHAIN, "get local accountHash fail");
656 return false;
657 }
658 if (memcmp(localAccountHash, device->accountHash, SHORT_ACCOUNT_HASH_LEN) == 0 && !LnnIsDefaultOhosAccount()) {
659 AUTH_LOGD(AUTH_HICHAIN, "account is same, continue verify progress. account=%{public}02X%{public}02X",
660 device->accountHash[0], device->accountHash[1]);
661 return true;
662 }
663 if (IsPotentialTrustedDevice(ID_TYPE_DEVID, device->devId, false, true) ||
664 IsPotentialTrustedDeviceDp(device->devId, true)) {
665 AUTH_LOGI(AUTH_HICHAIN, "device is potential trusted, continue verify progress");
666 return true;
667 }
668 return false;
669 }
670
IsSameAccountDevice(const DeviceInfo * device)671 bool IsSameAccountDevice(const DeviceInfo *device)
672 {
673 if (device == NULL) {
674 AUTH_LOGE(AUTH_HICHAIN, "invalid param");
675 return false;
676 }
677
678 uint8_t localAccountHash[SHA_256_HASH_LEN] = { 0 };
679 if (LnnGetLocalByteInfo(BYTE_KEY_ACCOUNT_HASH, localAccountHash, SHA_256_HASH_LEN) != SOFTBUS_OK) {
680 AUTH_LOGE(AUTH_HICHAIN, "get local accountHash fail");
681 return false;
682 }
683 if (memcmp(localAccountHash, device->accountHash, SHORT_ACCOUNT_HASH_LEN) == 0 && !LnnIsDefaultOhosAccount()) {
684 AUTH_LOGI(AUTH_HICHAIN, "account is same, continue check same account group relation.");
685 return true;
686 }
687 return false;
688 }
689
AuthHasSameAccountGroup(void)690 bool AuthHasSameAccountGroup(void)
691 {
692 if (IsSameAccountGroupDevice()) {
693 AUTH_LOGI(AUTH_HICHAIN, "device has same account group relation, continue verify progress");
694 return true;
695 }
696 return false;
697 }
698
AuthHasTrustedRelation(void)699 TrustedReturnType AuthHasTrustedRelation(void)
700 {
701 uint32_t num = 0;
702 char *udidArray = NULL;
703
704 if (LnnGetTrustedDevInfoFromDb(&udidArray, &num) != SOFTBUS_OK) {
705 AUTH_LOGE(AUTH_CONN, "auth get trusted dev info fail");
706 return TRUSTED_RELATION_IGNORE;
707 }
708 SoftBusFree(udidArray);
709 AUTH_LOGD(AUTH_CONN, "auth get trusted relation num=%{public}u", num);
710 return (num != 0) ? TRUSTED_RELATION_YES : TRUSTED_RELATION_NO;
711 }
712
IsAuthHasTrustedRelation(void)713 bool IsAuthHasTrustedRelation(void)
714 {
715 bool hasTrustedRelation = (AuthHasTrustedRelation() == TRUSTED_RELATION_YES) ? true : false;
716 return hasTrustedRelation;
717 }
718
AuthCheckMetaExist(const AuthConnInfo * connInfo,bool * isExist)719 int32_t AuthCheckMetaExist(const AuthConnInfo *connInfo, bool *isExist)
720 {
721 if (connInfo == NULL || isExist == NULL) {
722 AUTH_LOGE(AUTH_CONN, "invalid param");
723 return SOFTBUS_INVALID_PARAM;
724 }
725 AuthMetaCheckMetaExist(connInfo, isExist);
726 return SOFTBUS_OK;
727 }
728
AuthInit(void)729 int32_t AuthInit(void)
730 {
731 AuthTransCallback callBack = {
732 .onDataReceived = NotifyTransDataReceived,
733 .onDisconnected = NotifyTransDisconnected,
734 .onException = NotifyTransException,
735 };
736 int32_t ret = AuthDeviceInit(&callBack);
737 if (ret != SOFTBUS_OK) {
738 AUTH_LOGE(AUTH_INIT, "auth device init failed");
739 return SOFTBUS_AUTH_INIT_FAIL;
740 }
741 ret = RegHichainSaStatusListener();
742 if (ret != SOFTBUS_OK && ret != SOFTBUS_NOT_IMPLEMENT) {
743 AUTH_LOGE(AUTH_INIT, "regHichainSaStatusListener failed");
744 LnnInitModuleStatusSet(INIT_DEPS_HICHAIN, DEPS_STATUS_FAILED);
745 LnnInitModuleReturnSet(INIT_DEPS_HICHAIN, ret);
746 return SOFTBUS_AUTH_HICHAIN_SA_PROC_ERR;
747 }
748 LnnInitModuleStatusSet(INIT_DEPS_HICHAIN, DEPS_STATUS_SUCCESS);
749 ret = CustomizedSecurityProtocolInit();
750 if (ret != SOFTBUS_OK && ret != SOFTBUS_NOT_IMPLEMENT) {
751 AUTH_LOGI(AUTH_INIT, "customized protocol init failed, ret=%{public}d", ret);
752 return ret;
753 }
754 AuthLoadDeviceKey();
755 return AuthMetaInit(&callBack);
756 }
757
AuthDeinit(void)758 void AuthDeinit(void)
759 {
760 AuthDeviceDeinit();
761 CustomizedSecurityProtocolDeinit();
762 AuthMetaDeinit();
763 }
764
AuthServerDeathCallback(const char * pkgName,int32_t pid)765 void AuthServerDeathCallback(const char *pkgName, int32_t pid)
766 {
767 DelAuthMetaManagerByPid(pkgName, pid);
768 ClearMetaNodeRequestByPid(pkgName, pid);
769 }
770