• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2022-2023 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 /**
17  * @file iam_common_defines.h
18  *
19  * @brief Some common defines in IAM.
20  * @since 3.1
21  * @version 3.2
22  */
23 
24 #ifndef IAM_COMMON_DEFINES_H
25 #define IAM_COMMON_DEFINES_H
26 
27 #include <cstddef>
28 #include <cstdint>
29 
30 namespace OHOS {
31 namespace UserIam {
32 namespace UserAuth {
33 /** Max length of challenge. */
34 constexpr size_t MAX_CHALLENG_LEN = 32;
35 constexpr int32_t USER_AUTH_TIP_SINGLE_AUTH_RESULT = 9999;
36 constexpr int INVALID_SOCKET_ID = -1;
37 constexpr int INVALID_USER_ID = -1;
38 constexpr int32_t MAIN_USER_ID = 100;
39 constexpr int32_t MAX_USER = 5;
40 /** Max value of verifyAuthToken allowable duration. */
41 constexpr uint32_t MAX_TOKEN_ALLOWABLE_DURATION = 24 * 60 * 60 * 1000;
42 
43 /**
44  * @brief Defines authentication type.
45  */
46 constexpr uint32_t MAX_AUTH_TYPE_SIZE = 6;
47 enum AuthType : int32_t {
48     /** Default authType. */
49     INVALID_AUTH_TYPE = -1,
50     /** All authentication types. */
51     ALL = 0,
52     /** Pin authentication. */
53     PIN = 1,
54     /** Face authentication. */
55     FACE = 2,
56     /** Fingerprint authentication. */
57     FINGERPRINT = 4,
58     /** Recovery key authentication. */
59     RECOVERY_KEY = 8,
60     /** Private pin authentication. */
61     PRIVATE_PIN = 16,
62     /** TUI pin authentication. */
63     TUI_PIN = 32,
64 };
65 
66 /**
67  * @brief Defines pin auth's subtype.
68  */
69 enum PinSubType : int32_t {
70     /** Default pin sub type. */
71     DEFAULT_PIN_SUB_TYPE = 0,
72     /** Digit password with fixed length of six. */
73     PIN_SIX = 10000,
74     /** Digit password with unfixed length. */
75     PIN_NUMBER = 10001,
76     /** Complex password with number and alphabet. */
77     PIN_MIXED = 10002,
78     /** Digit password with fixed length of four*/
79     PIN_FOUR = 10003,
80     /** Pattern password*/
81     PIN_PATTERN = 10004,
82     /** Password protection question */
83     PIN_QUESTION = 10005,
84     /** Max pin. */
85     PIN_MAX,
86 };
87 
88 /**
89  * @brief Enumerates executor roles.
90  */
91 enum ExecutorRole : int32_t {
92     /** Scheduler executor. */
93     SCHEDULER = 0,
94     /** The executor acts as a collector. */
95     COLLECTOR = 1,
96     /** The executor acts as a verifier. */
97     VERIFIER = 2,
98     /** The executor acts as a collector and verifier. */
99     ALL_IN_ONE = 3,
100 };
101 
102 /**
103  * @brief Enumerates executor security levels.
104  */
105 enum ExecutorSecureLevel : int32_t {
106     /** Executor secure level 0. */
107     ESL0 = 0,
108     /** Executor secure level 1. */
109     ESL1 = 1,
110     /** Executor secure level 2. */
111     ESL2 = 2,
112     /** Executor secure level 3. */
113     ESL3 = 3,
114 };
115 
116 /**
117  * @brief Authentication trust level
118  */
119 enum AuthTrustLevel : uint32_t {
120     /** Auth trust level 1. */
121     ATL1 = 10000,
122     /** Auth trust level 2. */
123     ATL2 = 20000,
124     /** Auth trust level 3. */
125     ATL3 = 30000,
126     /** Auth trust level 4. */
127     ATL4 = 40000,
128 };
129 
130 /**
131  * @brief Schedule mode.
132  */
133 enum ScheduleMode : int32_t {
134     /** The schedule mode is enrollment. */
135     ENROLL = 0,
136     /** The schedule mode is authentication. */
137     AUTH = 1,
138     /** The schedule mode is identification. */
139     IDENTIFY = 2,
140     /** The schedule mode is abandon. */
141     ABANDON = 4,
142 };
143 
144 /**
145  * @brief Property mode.
146  */
147 enum PropertyMode : uint32_t {
148     /** The property mode is init algorithm. */
149     PROPERTY_INIT_ALGORITHM = 1,
150     /** The property mode is delete. */
151     PROPERTY_MODE_DEL = 2,
152     /** The property mode is get. */
153     PROPERTY_MODE_GET = 3,
154     /** The property mode is set. */
155     PROPERTY_MODE_SET = 4,
156     /** The property mode is freeze. */
157     PROPERTY_MODE_FREEZE = 5,
158     /** The property mode is unfreeze. */
159     PROPERTY_MODE_UNFREEZE = 6,
160     /** The property mode is set cached templates. */
161     PROPERTY_MODE_SET_CACHED_TEMPLATES = 7,
162     /** The property mode is notify collector ready. */
163     PROPERTY_MODE_NOTIFY_COLLECTOR_READY = 8,
164     /** The property mode is risk event. */
165     PROPERTY_MODE_RISK_EVENT = 9,
166 };
167 
168 /**
169  * @brief Defines auth token type.
170  */
171 enum AuthTokenType: int32_t {
172     /** The auth token type is local auth. */
173     TOKEN_TYPE_LOCAL_AUTH = 0,
174     /** The auth token type is local resign. */
175     TOKEN_TYPE_LOCAL_RESIGN = 1,
176     /** The auth token type is local coauth. */
177     TOKEN_TYPE_LOCAL_COAUTH = 2,
178 };
179 
180 /**
181  * @brief The result code.
182  */
183 enum ResultCode : int32_t {
184     /** The result is success. */
185     SUCCESS = 0,
186     /** Compile fail. */
187     FAIL = 1,
188     /** The result is fail, because an unknown error occurred. */
189     GENERAL_ERROR = 2,
190     /** The result is fail, because the request was canceled. */
191     CANCELED = 3,
192     /** The result is fail ,because of time out. */
193     TIMEOUT = 4,
194     /** The result is fail ,because type is not support. */
195     TYPE_NOT_SUPPORT = 5,
196     /** The result is fail ,because trust level is not support. */
197     TRUST_LEVEL_NOT_SUPPORT = 6,
198     /** The result is fail, because the service was busy. */
199     BUSY = 7,
200     /** The result is fail, because parameters is invalid. */
201     INVALID_PARAMETERS = 8,
202     /** The result if fail, because the status is locked. */
203     LOCKED = 9,
204     /** The result is fail, because the user was not enrolled. */
205     NOT_ENROLLED = 10,
206     /** The result is fail, because canceled from widget. */
207     CANCELED_FROM_WIDGET = 11,
208     /** The result is fail, because the hardware is not supported. */
209     HARDWARE_NOT_SUPPORTED = 12,
210     /** The result is fail, because the pin credential is expired. */
211     PIN_EXPIRED = 13,
212     /** The result is fail, because the PIN_MIXED does not pass complexity check. */
213     COMPLEXITY_CHECK_FAILED = 14,
214     /** The result is fail, because the token integrity check failed. */
215     AUTH_TOKEN_CHECK_FAILED = 15,
216     /** The result is fail, because the token is expired. */
217     AUTH_TOKEN_EXPIRED = 16,
218     /** The result is fail, because the authentication type is inconsistent with the specified type,
219         or the authentication result exceeds the reusable duration. */
220     REUSE_AUTH_RESULT_FAILED = 17,
221     /** The result is fail, because something wrong from system. */
222     SYSTEM_ERROR_CODE_BEGIN = 1000,
223     /** The result is fail, because something wrong from ipc. */
224     IPC_ERROR = 1001,
225     /** The result is fail, because the context ID is invalid. */
226     INVALID_CONTEXT_ID = 1002,
227     /** The result is fail, because something wrong when read parcel. */
228     READ_PARCEL_ERROR = 1003,
229     /** The result is fail, because something wrong when write parcel. */
230     WRITE_PARCEL_ERROR = 1004,
231     /** The result is fail, because permission check is failed. */
232     CHECK_PERMISSION_FAILED = 1005,
233     /** The result is fail, because the hdi interface is invalid. */
234     INVALID_HDI_INTERFACE = 1006,
235     /** The result is fail, because the caller app is not system. */
236     CHECK_SYSTEM_APP_FAILED = 1007,
237     /** The result is fail, because remote device connection failed. */
238     REMOTE_DEVICE_CONNECTION_FAIL = 1008,
239     /** The result is fail, because device capability is not support. */
240     DEVICE_CAPABILITY_NOT_SUPPORT = 1009,
241     /** The result is fail, because something wrong from vendor. */
242     VENDOR_ERROR_CODE_BEGIN = 10000,
243 };
244 
245 /**
246  * @brief The auth intent.
247  */
248 enum AuthIntent : int32_t {
249     /**< The auth intention is default. */
250     DEFAULT = 0,
251     /**< The auth intention is unlock. */
252     UNLOCK = 1,
253     /**< The auth intention is silent auth. */
254     SILENT_AUTH = 2,
255     /**< The auth intention is question auth. */
256     QUESTION_AUTH = 3,
257     /**< The auth intention is abandoned pin auth. */
258     ABANDONED_PIN_AUTH = 4,
259 };
260 
261 constexpr uint64_t INVALID_EXECUTOR_INDEX = 0;
262 } // namespace UserAuth
263 } // namespace UserIam
264 } // namespace OHOS
265 #endif // IAM_COMMON_DEFINES_H
266