1 /*
2 * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "accesstoken_callback_stubs.h"
17
18 #include "access_token.h"
19 #include "access_token_error.h"
20 #include "accesstoken_common_log.h"
21 #include "permission_state_change_info_parcel.h"
22 #include "string_ex.h"
23
24 #ifdef TOKEN_SYNC_ENABLE
25 #include "hap_token_info_for_sync_parcel.h"
26 #include "ipc_skeleton.h"
27 #endif // TOKEN_SYNC_ENABLE
28
29 namespace OHOS {
30 namespace Security {
31 namespace AccessToken {
32 namespace {
33 #ifdef TOKEN_SYNC_ENABLE
34 static const int32_t ACCESSTOKEN_UID = 3020;
35 #endif // TOKEN_SYNC_ENABLE
36 }
37
OnRemoteRequest(uint32_t code,MessageParcel & data,MessageParcel & reply,MessageOption & option)38 int32_t PermissionStateChangeCallbackStub::OnRemoteRequest(
39 uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& option)
40 {
41 LOGD(ATM_DOMAIN, ATM_TAG, "Entry, code: 0x%{public}x", code);
42 std::u16string descriptor = data.ReadInterfaceToken();
43 if (descriptor != IPermissionStateCallback::GetDescriptor()) {
44 LOGE(ATM_DOMAIN, ATM_TAG, "Get unexpect descriptor: %{public}s", Str16ToStr8(descriptor).c_str());
45 return ERROR_IPC_REQUEST_FAIL;
46 }
47
48 int32_t msgCode = static_cast<int32_t>(code);
49 if (msgCode == static_cast<int32_t>(AccesstokenStateChangeInterfaceCode::PERMISSION_STATE_CHANGE)) {
50 PermStateChangeInfo result;
51 sptr<PermissionStateChangeInfoParcel> resultSptr = data.ReadParcelable<PermissionStateChangeInfoParcel>();
52 if (resultSptr == nullptr) {
53 LOGE(ATM_DOMAIN, ATM_TAG, "ReadParcelable fail");
54 return ERR_READ_PARCEL_FAILED;
55 }
56
57 PermStateChangeCallback(resultSptr->changeInfo);
58 } else {
59 return IPCObjectStub::OnRemoteRequest(code, data, reply, option);
60 }
61 return RET_SUCCESS;
62 }
63
64 #ifdef TOKEN_SYNC_ENABLE
OnRemoteRequest(uint32_t code,MessageParcel & data,MessageParcel & reply,MessageOption & option)65 int32_t TokenSyncCallbackStub::OnRemoteRequest(
66 uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& option)
67 {
68 LOGI(ATM_DOMAIN, ATM_TAG, "Called.");
69 std::u16string descriptor = data.ReadInterfaceToken();
70 if (descriptor != ITokenSyncCallback::GetDescriptor()) {
71 LOGE(ATM_DOMAIN, ATM_TAG, "Get unexpect descriptor, descriptor = %{public}s",
72 Str16ToStr8(descriptor).c_str());
73 return ERROR_IPC_REQUEST_FAIL;
74 }
75 int32_t msgCode = static_cast<int32_t>(code);
76 switch (msgCode) {
77 case static_cast<int32_t>(TokenSyncCallbackInterfaceCode::GET_REMOTE_HAP_TOKEN_INFO):
78 GetRemoteHapTokenInfoInner(data, reply);
79 break;
80 case static_cast<int32_t>(TokenSyncCallbackInterfaceCode::DELETE_REMOTE_HAP_TOKEN_INFO):
81 DeleteRemoteHapTokenInfoInner(data, reply);
82 break;
83 case static_cast<int32_t>(TokenSyncCallbackInterfaceCode::UPDATE_REMOTE_HAP_TOKEN_INFO):
84 UpdateRemoteHapTokenInfoInner(data, reply);
85 break;
86 default:
87 return IPCObjectStub::OnRemoteRequest(code, data, reply, option);
88 }
89 return RET_SUCCESS;
90 }
91
GetRemoteHapTokenInfoInner(MessageParcel & data,MessageParcel & reply)92 void TokenSyncCallbackStub::GetRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply)
93 {
94 if (!IsAccessTokenCalling()) {
95 LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied, func = %{public}s", __func__);
96 reply.WriteInt32(ERR_IDENTITY_CHECK_FAILED);
97 return;
98 }
99
100 std::string deviceID = data.ReadString();
101 AccessTokenID tokenID = data.ReadUint32();
102
103 int result = this->GetRemoteHapTokenInfo(deviceID, tokenID);
104 reply.WriteInt32(result);
105 }
106
DeleteRemoteHapTokenInfoInner(MessageParcel & data,MessageParcel & reply)107 void TokenSyncCallbackStub::DeleteRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply)
108 {
109 if (!IsAccessTokenCalling()) {
110 LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied, func = %{public}s", __func__);
111 reply.WriteInt32(ERR_IDENTITY_CHECK_FAILED);
112 return;
113 }
114
115 AccessTokenID tokenID = data.ReadUint32();
116 int result = this->DeleteRemoteHapTokenInfo(tokenID);
117 reply.WriteInt32(result);
118 }
119
UpdateRemoteHapTokenInfoInner(MessageParcel & data,MessageParcel & reply)120 void TokenSyncCallbackStub::UpdateRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply)
121 {
122 if (!IsAccessTokenCalling()) {
123 LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied, func = %{public}s", __func__);
124 reply.WriteInt32(ERR_IDENTITY_CHECK_FAILED);
125 return;
126 }
127
128 sptr<HapTokenInfoForSyncParcel> tokenInfoParcelPtr = data.ReadParcelable<HapTokenInfoForSyncParcel>();
129 int result = RET_FAILED;
130 if (tokenInfoParcelPtr != nullptr) {
131 result = this->UpdateRemoteHapTokenInfo(tokenInfoParcelPtr->hapTokenInfoForSyncParams);
132 }
133 reply.WriteInt32(result);
134 }
135
IsAccessTokenCalling() const136 bool TokenSyncCallbackStub::IsAccessTokenCalling() const
137 {
138 int callingUid = IPCSkeleton::GetCallingUid();
139 return callingUid == ACCESSTOKEN_UID;
140 }
141 #endif // TOKEN_SYNC_ENABLE
142 } // namespace AccessToken
143 } // namespace Security
144 } // namespace OHOS
145