1 /*
2 * Copyright (C) 2022-2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "executor_message.h"
17
18 #include "securec.h"
19 #include "adaptor_algorithm.h"
20 #include "adaptor_log.h"
21 #include "adaptor_memory.h"
22 #include "adaptor_time.h"
23 #include "coauth.h"
24 #include "ed25519_key.h"
25 #include "hmac_key.h"
26 #include "idm_database.h"
27 #include "udid_manager.h"
28 #include "user_sign_centre.h"
29
30 #ifdef IAM_TEST_ENABLE
31 #define IAM_STATIC
32 #else
33 #define IAM_STATIC static
34 #endif
35
SignData(const Uint8Array * dataTlv,Uint8Array * signDataTlv,SignParam signParam)36 IAM_STATIC ResultCode SignData(const Uint8Array *dataTlv, Uint8Array *signDataTlv, SignParam signParam)
37 {
38 Buffer data = GetTmpBuffer(dataTlv->data, dataTlv->len, dataTlv->len);
39 if (!IsBufferValid(&data)) {
40 LOG_ERROR("data is invalid");
41 return RESULT_GENERAL_ERROR;
42 }
43 ResultCode result = RESULT_SUCCESS;
44 Buffer *signData = NULL;
45 if (signParam.keyType == KEY_TYPE_CROSS_DEVICE) {
46 signData = HmacSign(&data, signParam);
47 } else {
48 signData = ExecutorMsgSign(&data);
49 }
50 if (!IsBufferValid(signData)) {
51 LOG_ERROR("signData is invalid");
52 return RESULT_GENERAL_ERROR;
53 }
54 if (memcpy_s(signDataTlv->data, signDataTlv->len, signData->buf, signData->contentSize) != EOK) {
55 LOG_ERROR("copy sign to signDtaTlv failed");
56 result = RESULT_GENERAL_ERROR;
57 goto FAIL;
58 }
59 signDataTlv->len = signData->contentSize;
60 LOG_INFO("sign data success");
61
62 FAIL:
63 DestoryBuffer(signData);
64 return result;
65 }
66
GetAttributeDataAndSignTlv(const Attribute * attribute,Uint8Array * retDataAndSignTlv,SignParam signParam)67 IAM_STATIC ResultCode GetAttributeDataAndSignTlv(const Attribute *attribute, Uint8Array *retDataAndSignTlv,
68 SignParam signParam)
69 {
70 Attribute *dataAndSignAttribute = CreateEmptyAttribute();
71 Uint8Array dataTlv = { Malloc(MAX_EXECUTOR_MSG_LEN), MAX_EXECUTOR_MSG_LEN };
72 Uint8Array signTlv = { Malloc(ED25519_FIX_SIGN_BUFFER_SIZE), ED25519_FIX_SIGN_BUFFER_SIZE };
73
74 ResultCode result = RESULT_GENERAL_ERROR;
75 do {
76 if (dataAndSignAttribute == NULL || IS_ARRAY_NULL(dataTlv) || IS_ARRAY_NULL(signTlv)) {
77 LOG_ERROR("dataAndSignAttribute or dataTlv or signTlv is NULL");
78 break;
79 }
80 result = GetAttributeSerializedMsg(attribute, &dataTlv);
81 if (result != RESULT_SUCCESS) {
82 LOG_ERROR("GetAttributeSerializedMsg for data fail");
83 break;
84 }
85
86 result = SetAttributeUint8Array(dataAndSignAttribute, ATTR_DATA, dataTlv);
87 if (result != RESULT_SUCCESS) {
88 LOG_ERROR("SetAttributeUint8Array for data fail");
89 break;
90 }
91 if (signParam.needSignature) {
92 result = SignData(&dataTlv, &signTlv, signParam);
93 if (result != RESULT_SUCCESS) {
94 LOG_ERROR("SignData fail");
95 break;
96 }
97 result = SetAttributeUint8Array(dataAndSignAttribute, ATTR_SIGNATURE, signTlv);
98 if (result != RESULT_SUCCESS) {
99 LOG_ERROR("SetAttributeUint8Array for signature fail");
100 break;
101 }
102 }
103 result = GetAttributeSerializedMsg(dataAndSignAttribute, retDataAndSignTlv);
104 if (result != RESULT_SUCCESS) {
105 LOG_ERROR("GetAttributeSerializedMsg fail");
106 break;
107 }
108 } while (0);
109
110 Free(signTlv.data);
111 Free(dataTlv.data);
112 FreeAttribute(&dataAndSignAttribute);
113 return result;
114 }
115
GetAttributeExecutorMsg(const Attribute * attribute,Uint8Array * retMsg,SignParam signParam)116 ResultCode GetAttributeExecutorMsg(const Attribute *attribute, Uint8Array *retMsg, SignParam signParam)
117 {
118 IF_TRUE_LOGE_AND_RETURN_VAL(attribute == NULL, RESULT_GENERAL_ERROR);
119 IF_TRUE_LOGE_AND_RETURN_VAL(retMsg == NULL, RESULT_GENERAL_ERROR);
120 IF_TRUE_LOGE_AND_RETURN_VAL(IS_ARRAY_NULL(*retMsg), RESULT_GENERAL_ERROR);
121
122 Attribute *rootAttribute = CreateEmptyAttribute();
123 Uint8Array dataAndSignTlv = { Malloc(MAX_EXECUTOR_MSG_LEN), MAX_EXECUTOR_MSG_LEN };
124
125 ResultCode result = RESULT_GENERAL_ERROR;
126 do {
127 if (rootAttribute == NULL || IS_ARRAY_NULL(dataAndSignTlv)) {
128 LOG_ERROR("rootAttribute or dataAndSignTlv is NULL");
129 break;
130 }
131
132 result = GetAttributeDataAndSignTlv(attribute, &dataAndSignTlv, signParam);
133 if (result != RESULT_SUCCESS) {
134 LOG_ERROR("GetAttributeDataAndSignTlv fail");
135 break;
136 }
137 result = SetAttributeUint8Array(rootAttribute, ATTR_ROOT, dataAndSignTlv);
138 if (result != RESULT_SUCCESS) {
139 LOG_ERROR("SetAttributeUint8Array fail");
140 break;
141 }
142 result = GetAttributeSerializedMsg(rootAttribute, retMsg);
143 if (result != RESULT_SUCCESS) {
144 LOG_ERROR("GetAttributeSerializedMsg fail");
145 break;
146 }
147 } while (0);
148
149 Free(dataAndSignTlv.data);
150 FreeAttribute(&rootAttribute);
151 return result;
152 }
153
Ed25519VerifyData(uint64_t scheduleId,Uint8Array dataTlv,Uint8Array signTlv)154 IAM_STATIC ResultCode Ed25519VerifyData(uint64_t scheduleId, Uint8Array dataTlv, Uint8Array signTlv)
155 {
156 ResultCode result = RESULT_GENERAL_ERROR;
157 const CoAuthSchedule *currentSchedule = GetCoAuthSchedule(scheduleId);
158 IF_TRUE_LOGE_AND_RETURN_VAL(currentSchedule == NULL, result);
159 Buffer *publicKey = NULL;
160 for (uint32_t index = 0; index < currentSchedule->executorSize; ++index) {
161 const ExecutorInfoHal *executor = &((currentSchedule->executors)[index]);
162 if (executor->executorRole == VERIFIER || executor->executorRole == ALL_IN_ONE) {
163 publicKey = CreateBufferByData(executor->pubKey, PUBLIC_KEY_LEN);
164 break;
165 }
166 }
167 Buffer data = GetTmpBuffer(dataTlv.data, dataTlv.len, dataTlv.len);
168 Buffer sign = GetTmpBuffer(signTlv.data, signTlv.len, signTlv.len);
169 if (!IsBufferValid(publicKey) || !IsBufferValid(&data) || !IsBufferValid(&sign)) {
170 LOG_ERROR("data or sign is invalid");
171 goto FAIL;
172 }
173 result = (ResultCode)Ed25519Verify(publicKey, &data, &sign);
174 if (result != RESULT_SUCCESS) {
175 LOG_ERROR("verify sign failed");
176 goto FAIL;
177 }
178 LOG_INFO("Ed25519 verify success");
179
180 FAIL:
181 DestoryBuffer(publicKey);
182 return result;
183 }
184
VerifyDataTlvSignature(const Attribute * dataAndSignAttribute,const Uint8Array dataTlv,SignParam signParam)185 IAM_STATIC ResultCode VerifyDataTlvSignature(const Attribute *dataAndSignAttribute, const Uint8Array dataTlv,
186 SignParam signParam)
187 {
188 Attribute *dataAttribute = CreateAttributeFromSerializedMsg(dataTlv);
189 Uint8Array signTlv = { Malloc(MAX_EXECUTOR_MSG_LEN), MAX_EXECUTOR_MSG_LEN };
190
191 ResultCode result = RESULT_GENERAL_ERROR;
192 do {
193 if (dataAttribute == NULL || IS_ARRAY_NULL(signTlv)) {
194 LOG_ERROR("dataAttribute or signTlv is null");
195 break;
196 }
197 result = GetAttributeUint8Array(dataAndSignAttribute, ATTR_SIGNATURE, &signTlv);
198 if (result != RESULT_SUCCESS) {
199 LOG_ERROR("GetAttributeUint8Array fail");
200 break;
201 }
202 if (signParam.keyType == KEY_TYPE_CROSS_DEVICE) {
203 Buffer data = GetTmpBuffer(dataTlv.data, dataTlv.len, dataTlv.len);
204 Buffer sign = GetTmpBuffer(signTlv.data, signTlv.len, signTlv.len);
205 result = HmacVerify(&data, &sign, signParam);
206 if (result != RESULT_SUCCESS) {
207 LOG_ERROR("HmacVerify fail");
208 break;
209 }
210 } else {
211 uint64_t scheduleId;
212 result = GetAttributeUint64(dataAttribute, ATTR_SCHEDULE_ID, &scheduleId);
213 if (result != RESULT_SUCCESS) {
214 LOG_ERROR("GetAttributeUint64 scheduleId fail");
215 break;
216 }
217 result = Ed25519VerifyData(scheduleId, dataTlv, signTlv);
218 if (result != RESULT_SUCCESS) {
219 LOG_ERROR("Ed25519VerifyData fail");
220 break;
221 }
222 }
223 } while (0);
224
225 Free(signTlv.data);
226 FreeAttribute(&dataAttribute);
227 return result;
228 }
229
CreateAttributeFromDataAndSignTlv(const Uint8Array dataAndSignTlv,SignParam signParam)230 IAM_STATIC Attribute *CreateAttributeFromDataAndSignTlv(const Uint8Array dataAndSignTlv, SignParam signParam)
231 {
232 Attribute *dataAndSignAttribute = CreateAttributeFromSerializedMsg(dataAndSignTlv);
233 Uint8Array dataTlv = { Malloc(MAX_EXECUTOR_MSG_LEN), MAX_EXECUTOR_MSG_LEN };
234
235 Attribute *attribute = NULL;
236 do {
237 if (dataAndSignAttribute == NULL || IS_ARRAY_NULL(dataTlv)) {
238 LOG_ERROR("dataAndSignAttribute or dataTlv is null");
239 break;
240 }
241 if (GetAttributeUint8Array(dataAndSignAttribute, ATTR_DATA, &dataTlv) != RESULT_SUCCESS) {
242 LOG_ERROR("GetAttributeUint8Array fail");
243 break;
244 }
245 if (signParam.needSignature) {
246 if (VerifyDataTlvSignature(dataAndSignAttribute, dataTlv, signParam) != RESULT_SUCCESS) {
247 LOG_ERROR("VerifyDataTlvSignature fail");
248 break;
249 }
250 }
251 attribute = CreateAttributeFromSerializedMsg(dataTlv);
252 if (attribute == NULL) {
253 LOG_ERROR("CreateAttributeFromSerializedMsg fail");
254 break;
255 }
256 } while (0);
257
258 Free(dataTlv.data);
259 FreeAttribute(&dataAndSignAttribute);
260 return attribute;
261 }
262
CreateAttributeFromExecutorMsg(const Uint8Array msg,SignParam signParam)263 IAM_STATIC Attribute *CreateAttributeFromExecutorMsg(const Uint8Array msg, SignParam signParam)
264 {
265 IF_TRUE_LOGE_AND_RETURN_VAL(IS_ARRAY_NULL(msg), NULL);
266
267 Attribute *msgAttribute = CreateAttributeFromSerializedMsg(msg);
268 Uint8Array dataAndSignTlv = { Malloc(MAX_EXECUTOR_MSG_LEN), MAX_EXECUTOR_MSG_LEN };
269
270 Attribute *attribute = NULL;
271 do {
272 if (msgAttribute == NULL || IS_ARRAY_NULL(dataAndSignTlv)) {
273 LOG_ERROR("msgAttribute or dataAndSignTlv is null");
274 break;
275 }
276
277 ResultCode result = GetAttributeUint8Array(msgAttribute, ATTR_ROOT, &dataAndSignTlv);
278 if (result != RESULT_SUCCESS) {
279 LOG_ERROR("GetAttributeUint8Array fail");
280 break;
281 }
282
283 attribute = CreateAttributeFromDataAndSignTlv(dataAndSignTlv, signParam);
284 if (attribute == NULL) {
285 LOG_ERROR("CreateAttributeFromDataAndSignTlv fail");
286 break;
287 }
288 } while (0);
289
290 Free(dataAndSignTlv.data);
291 FreeAttribute(&msgAttribute);
292 return attribute;
293 }
294
GetRootSecretFromAttribute(const Attribute * attribute,ExecutorResultInfo * resultInfo)295 IAM_STATIC void GetRootSecretFromAttribute(const Attribute *attribute, ExecutorResultInfo *resultInfo)
296 {
297 Uint8Array array = { Malloc(ROOT_SECRET_LEN), ROOT_SECRET_LEN };
298 IF_TRUE_LOGE_AND_RETURN(IS_ARRAY_NULL(array));
299 ResultCode result = GetAttributeUint8Array(attribute, ATTR_ROOT_SECRET, &(array));
300 if (result != RESULT_SUCCESS) {
301 LOG_ERROR("There is no rootSecret in this attribute");
302 goto EXIT;
303 }
304 if (array.len != ROOT_SECRET_LEN) {
305 LOG_ERROR("rootSecret len is invalid");
306 goto EXIT;
307 }
308 resultInfo->rootSecret = CreateBufferByData(array.data, array.len);
309 if (!IsBufferValid(resultInfo->rootSecret)) {
310 LOG_ERROR("Generate rootSecret buffer failed");
311 goto EXIT;
312 }
313 LOG_INFO("get rootSecret success");
314
315 EXIT:
316 (void)memset_s(array.data, ROOT_SECRET_LEN, 0, ROOT_SECRET_LEN);
317 Free(array.data);
318 }
319
GetOldRootSecretFromAttribute(const Attribute * attribute,ExecutorResultInfo * resultInfo)320 IAM_STATIC void GetOldRootSecretFromAttribute(const Attribute *attribute, ExecutorResultInfo *resultInfo)
321 {
322 Uint8Array array = { Malloc(ROOT_SECRET_LEN), ROOT_SECRET_LEN };
323 IF_TRUE_LOGE_AND_RETURN(IS_ARRAY_NULL(array));
324 ResultCode result = GetAttributeUint8Array(attribute, ATTR_OLD_ROOT_SECRET, &(array));
325 if (result != RESULT_SUCCESS) {
326 LOG_ERROR("There is no old rootSecret in this attribute");
327 goto EXIT;
328 }
329 if (array.len != ROOT_SECRET_LEN) {
330 LOG_ERROR("rootSecret len is invalid");
331 goto EXIT;
332 }
333 resultInfo->oldRootSecret = CreateBufferByData(array.data, array.len);
334 if (!IsBufferValid(resultInfo->oldRootSecret)) {
335 LOG_ERROR("Generate old rootSecret buffer failed");
336 goto EXIT;
337 }
338 LOG_INFO("get old rootSecret success");
339
340 EXIT:
341 (void)memset_s(array.data, ROOT_SECRET_LEN, 0, ROOT_SECRET_LEN);
342 Free(array.data);
343 }
344
345
GetExecutorResultInfoFromAttribute(const Attribute * attribute,ExecutorResultInfo * resultInfo)346 IAM_STATIC ResultCode GetExecutorResultInfoFromAttribute(const Attribute *attribute, ExecutorResultInfo *resultInfo)
347 {
348 ResultCode result = RESULT_GENERAL_ERROR;
349 result = GetAttributeInt32(attribute, ATTR_RESULT_CODE, &(resultInfo->result));
350 if (result != RESULT_SUCCESS) {
351 LOG_ERROR("GetAttributeInt32 result failed");
352 return result;
353 }
354 result = GetAttributeUint64(attribute, ATTR_TEMPLATE_ID, &(resultInfo->templateId));
355 if (result != RESULT_SUCCESS) {
356 LOG_ERROR("GetAttributeUint64 templateId failed");
357 return result;
358 }
359 result = GetAttributeUint64(attribute, ATTR_SCHEDULE_ID, &(resultInfo->scheduleId));
360 if (result != RESULT_SUCCESS) {
361 LOG_ERROR("GetAttributeUint64 scheduleId failed");
362 return result;
363 }
364 result = GetAttributeUint64(attribute, ATTR_PIN_SUB_TYPE, &(resultInfo->authSubType));
365 if (result != RESULT_SUCCESS) {
366 LOG_ERROR("GetAttributeUint64 authSubType failed");
367 return result;
368 }
369 result = GetAttributeInt32(attribute, ATTR_REMAIN_ATTEMPTS, &(resultInfo->remainTimes));
370 if (result != RESULT_SUCCESS) {
371 LOG_ERROR("GetAttributeInt32 remainTimes failed");
372 return result;
373 }
374 result = GetAttributeInt32(attribute, ATTR_LOCKOUT_DURATION, &(resultInfo->freezingTime));
375 if (result != RESULT_SUCCESS) {
376 LOG_ERROR("GetAttributeInt32 freezingTime failed");
377 return result;
378 }
379 result = GetAttributeUint32(attribute, ATTR_CAPABILITY_LEVEL, &(resultInfo->capabilityLevel));
380 if (result != RESULT_SUCCESS) {
381 LOG_ERROR("GetAttributeUint32 capabilityLevel failed");
382 return result;
383 }
384
385 // Only pin auth has rootSecret
386 GetRootSecretFromAttribute(attribute, resultInfo);
387 GetOldRootSecretFromAttribute(attribute, resultInfo);
388 return RESULT_SUCCESS;
389 }
390
CreateExecutorResultInfo(const Buffer * tlv)391 ExecutorResultInfo *CreateExecutorResultInfo(const Buffer *tlv)
392 {
393 if (!IsBufferValid(tlv)) {
394 LOG_ERROR("param is invalid");
395 return NULL;
396 }
397
398 Uint8Array msg = { tlv->buf, tlv->contentSize };
399 SignParam signParam = { .needSignature = true, .keyType = KEY_TYPE_EXECUTOR };
400 Attribute *attribute = CreateAttributeFromExecutorMsg(msg, signParam);
401 if (attribute == NULL) {
402 LOG_ERROR("CreateAttributeFromExecutorMsg failed");
403 return NULL;
404 }
405
406 ExecutorResultInfo *result = Malloc(sizeof(ExecutorResultInfo));
407 if (result == NULL) {
408 LOG_ERROR("malloc failed");
409 FreeAttribute(&attribute);
410 return result;
411 }
412 (void)memset_s(result, sizeof(ExecutorResultInfo), 0, sizeof(ExecutorResultInfo));
413
414 if (GetExecutorResultInfoFromAttribute(attribute, result) != RESULT_SUCCESS) {
415 LOG_ERROR("GetExecutorResultInfoFromAttribute failed");
416 FreeAttribute(&attribute);
417 DestroyExecutorResultInfo(result);
418 return NULL;
419 }
420
421 FreeAttribute(&attribute);
422 return result;
423 }
424
DestroyExecutorResultInfo(ExecutorResultInfo * result)425 void DestroyExecutorResultInfo(ExecutorResultInfo *result)
426 {
427 if (result == NULL) {
428 return;
429 }
430 if (result->rootSecret != NULL) {
431 DestoryBuffer(result->rootSecret);
432 }
433 if (result->oldRootSecret != NULL) {
434 DestoryBuffer(result->oldRootSecret);
435 }
436 Free(result);
437 }
438
SetExecutorMsgToAttribute(uint32_t authType,uint32_t authPropertyMode,const Uint64Array * templateIds,Attribute * attribute)439 IAM_STATIC ResultCode SetExecutorMsgToAttribute(uint32_t authType, uint32_t authPropertyMode,
440 const Uint64Array *templateIds, Attribute *attribute)
441 {
442 ResultCode result = SetAttributeUint32(attribute, ATTR_PROPERTY_MODE, authPropertyMode);
443 if (result != RESULT_SUCCESS) {
444 LOG_ERROR("SetAttributeUint32 propertyMode failed");
445 return RESULT_GENERAL_ERROR;
446 }
447 result = SetAttributeUint32(attribute, ATTR_TYPE, authType);
448 if (result != RESULT_SUCCESS) {
449 LOG_ERROR("SetAttributeUint32 authType failed");
450 return RESULT_GENERAL_ERROR;
451 }
452 Uint64Array templateIdsIn = { templateIds->data, templateIds->len };
453 result = SetAttributeUint64Array(attribute, ATTR_TEMPLATE_ID_LIST, templateIdsIn);
454 if (result != RESULT_SUCCESS) {
455 LOG_ERROR("SetAttributeUint64Array templateIdsIn failed");
456 return RESULT_GENERAL_ERROR;
457 }
458 uint64_t time = GetSystemTime();
459 result = SetAttributeUint64(attribute, ATTR_TIME_STAMP, time);
460 if (result != RESULT_SUCCESS) {
461 LOG_ERROR("SetAttributeUint64 time failed");
462 return RESULT_GENERAL_ERROR;
463 }
464
465 return RESULT_SUCCESS;
466 }
467
468
CreateExecutorMsg(uint32_t authType,uint32_t authPropertyMode,const Uint64Array * templateIds)469 IAM_STATIC Buffer *CreateExecutorMsg(uint32_t authType, uint32_t authPropertyMode, const Uint64Array *templateIds)
470 {
471 if (templateIds == NULL) {
472 LOG_ERROR("templateIds is null");
473 return NULL;
474 }
475 Buffer *retBuffer = NULL;
476 Uint8Array retInfo = { Malloc(MAX_EXECUTOR_MSG_LEN), MAX_EXECUTOR_MSG_LEN };
477 Attribute *attribute = CreateEmptyAttribute();
478 if (attribute == NULL || IS_ARRAY_NULL(retInfo)) {
479 LOG_ERROR("generate attribute or retInfo failed");
480 goto FAIL;
481 }
482
483 ResultCode result = SetExecutorMsgToAttribute(authType, authPropertyMode, templateIds, attribute);
484 if (result != RESULT_SUCCESS) {
485 LOG_ERROR("set msg to attribute failed");
486 goto FAIL;
487 }
488
489 if (authPropertyMode == PROPERTY_MODE_UNFREEZE) {
490 SignParam signParam = { .needSignature = true, .keyType = KEY_TYPE_EXECUTOR };
491 result = GetAttributeExecutorMsg(attribute, &retInfo, signParam);
492 } else {
493 SignParam signParam = { .needSignature = false };
494 result = GetAttributeExecutorMsg(attribute, &retInfo, signParam);
495 }
496 if (result != RESULT_SUCCESS) {
497 LOG_ERROR("GetAttributeExecutorMsg failed");
498 goto FAIL;
499 }
500
501 retBuffer = CreateBufferByData(retInfo.data, retInfo.len);
502 if (!IsBufferValid(retBuffer)) {
503 LOG_ERROR("generate result buffer failed");
504 goto FAIL;
505 }
506 LOG_INFO("CreateExecutorMsg success");
507
508 FAIL:
509 FreeAttribute(&attribute);
510 Free(retInfo.data);
511 return retBuffer;
512 }
513
DestoryExecutorMsg(void * data)514 IAM_STATIC void DestoryExecutorMsg(void *data)
515 {
516 if (data == NULL) {
517 return;
518 }
519 ExecutorMsg *msg = (ExecutorMsg *)data;
520 DestoryBuffer(msg->msg);
521 Free(msg);
522 }
523
GetExecutorTemplateList(int32_t userId,const ExecutorInfoHal * executorNode,Uint64Array * templateIds)524 IAM_STATIC ResultCode GetExecutorTemplateList(
525 int32_t userId, const ExecutorInfoHal *executorNode, Uint64Array *templateIds)
526 {
527 CredentialCondition condition = {};
528 SetCredentialConditionUserId(&condition, userId);
529 SetCredentialConditionAuthType(&condition, executorNode->authType);
530 SetCredentialConditionExecutorSensorHint(&condition, executorNode->executorSensorHint);
531 SetCredentialConditionNeedAbandonPin(&condition);
532 LinkedList *credList = QueryCredentialLimit(&condition);
533 if (credList == NULL) {
534 LOG_ERROR("query credential failed");
535 DestroyLinkedList(credList);
536 return RESULT_UNKNOWN;
537 }
538 uint32_t credListNum = credList->getSize(credList);
539 if (credListNum > MAX_CREDENTIAL) {
540 LOG_ERROR("cred num is invalid");
541 DestroyLinkedList(credList);
542 return RESULT_REACH_LIMIT;
543 }
544 if (credListNum == 0) {
545 templateIds->data = NULL;
546 templateIds->len = 0;
547 DestroyLinkedList(credList);
548 return RESULT_SUCCESS;
549 }
550 templateIds->data = (uint64_t *)Malloc(sizeof(uint64_t) * credListNum);
551 if (templateIds->data == NULL) {
552 LOG_ERROR("data malloc failed");
553 DestroyLinkedList(credList);
554 return RESULT_NO_MEMORY;
555 }
556 templateIds->len = 0;
557 LinkedListNode *temp = credList->head;
558 while (temp != NULL) {
559 if (temp->data == NULL) {
560 LOG_ERROR("link node is invalid");
561 DestroyLinkedList(credList);
562 Free(templateIds->data);
563 templateIds->data = NULL;
564 return RESULT_UNKNOWN;
565 }
566 CredentialInfoHal *credentialHal = (CredentialInfoHal *)temp->data;
567 templateIds->data[templateIds->len] = credentialHal->templateId;
568 ++(templateIds->len);
569 temp = temp->next;
570 }
571 DestroyLinkedList(credList);
572 return RESULT_SUCCESS;
573 }
574
AssemblyMessage(int32_t userId,const ExecutorInfoHal * executorNode,uint32_t authPropertyMode,LinkedList * executorMsg)575 IAM_STATIC ResultCode AssemblyMessage(
576 int32_t userId, const ExecutorInfoHal *executorNode, uint32_t authPropertyMode, LinkedList *executorMsg)
577 {
578 Uint64Array templateIds;
579 ResultCode ret = GetExecutorTemplateList(userId, executorNode, &templateIds);
580 if (ret != RESULT_SUCCESS) {
581 LOG_ERROR("get template list failed");
582 return ret;
583 }
584 if (templateIds.len == 0) {
585 return RESULT_SUCCESS;
586 }
587 ExecutorMsg *msg = (ExecutorMsg *)Malloc(sizeof(ExecutorMsg));
588 if (msg == NULL) {
589 LOG_ERROR("msg is null");
590 Free(templateIds.data);
591 return RESULT_NO_MEMORY;
592 }
593 msg->executorIndex = executorNode->executorIndex;
594 msg->msg = CreateExecutorMsg(executorNode->authType, authPropertyMode, &templateIds);
595 if (msg->msg == NULL) {
596 LOG_ERROR("msg's msg is null");
597 Free(templateIds.data);
598 DestoryExecutorMsg(msg);
599 return RESULT_NO_MEMORY;
600 }
601 ret = executorMsg->insert(executorMsg, msg);
602 if (ret != RESULT_SUCCESS) {
603 LOG_ERROR("insert msg failed");
604 DestoryExecutorMsg(msg);
605 }
606 Free(templateIds.data);
607 return ret;
608 }
609
TraverseExecutor(int32_t userId,uint32_t executorRole,uint32_t authPropertyMode,LinkedList * executorMsg)610 IAM_STATIC ResultCode TraverseExecutor(
611 int32_t userId, uint32_t executorRole, uint32_t authPropertyMode, LinkedList *executorMsg)
612 {
613 ExecutorCondition condition = {};
614 SetExecutorConditionExecutorRole(&condition, executorRole);
615 LinkedList *executors = QueryExecutor(&condition);
616 if (executors == NULL) {
617 LOG_ERROR("query executor failed");
618 return RESULT_UNKNOWN;
619 }
620 LinkedListNode *temp = executors->head;
621 while (temp != NULL) {
622 if (temp->data == NULL) {
623 LOG_ERROR("list node is invalid");
624 DestroyLinkedList(executors);
625 return RESULT_UNKNOWN;
626 }
627 ExecutorInfoHal *executorNode = (ExecutorInfoHal *)temp->data;
628 if (executorNode->authType != PIN_AUTH) {
629 ResultCode ret = AssemblyMessage(userId, executorNode, authPropertyMode, executorMsg);
630 if (ret != RESULT_SUCCESS) {
631 LOG_ERROR("assembly message failed");
632 DestroyLinkedList(executors);
633 return ret;
634 }
635 }
636 temp = temp->next;
637 }
638 DestroyLinkedList(executors);
639 return RESULT_SUCCESS;
640 }
641
GetExecutorMsgList(int32_t userId,uint32_t authPropertyMode,LinkedList ** executorMsg)642 ResultCode GetExecutorMsgList(int32_t userId, uint32_t authPropertyMode, LinkedList **executorMsg)
643 {
644 if (executorMsg == NULL) {
645 LOG_ERROR("executorMsg is null");
646 return RESULT_BAD_PARAM;
647 }
648 *executorMsg = CreateLinkedList(DestoryExecutorMsg);
649 if (*executorMsg == NULL) {
650 LOG_ERROR("create list failed");
651 return RESULT_NO_MEMORY;
652 }
653 ResultCode ret = TraverseExecutor(userId, ALL_IN_ONE, authPropertyMode, *executorMsg);
654 if (ret != RESULT_SUCCESS) {
655 LOG_ERROR("traverse allInOne executor failed");
656 DestroyLinkedList(*executorMsg);
657 *executorMsg = NULL;
658 }
659 return ret;
660 }
661
GetExecutorInfoHalFromAttribute(const Attribute * attribute,ExecutorInfoHal * resultInfo)662 IAM_STATIC ResultCode GetExecutorInfoHalFromAttribute(const Attribute *attribute, ExecutorInfoHal *resultInfo)
663 {
664 ResultCode result = RESULT_GENERAL_ERROR;
665 result = GetAttributeUint64(attribute, ATTR_EXECUTOR_INDEX, &(resultInfo->executorIndex));
666 if (result != RESULT_SUCCESS) {
667 LOG_ERROR("GetAttributeUint64 executorIndex failed");
668 return result;
669 }
670 result = GetAttributeUint32(attribute, ATTR_TYPE, &(resultInfo->authType));
671 if (result != RESULT_SUCCESS) {
672 LOG_ERROR("GetAttributeUint32 authType failed");
673 return result;
674 }
675 result = GetAttributeUint32(attribute, ATTR_EXECUTOR_ROLE, &(resultInfo->executorRole));
676 if (result != RESULT_SUCCESS) {
677 LOG_ERROR("GetAttributeUint32 executorRole failed");
678 return result;
679 }
680 result = GetAttributeUint32(attribute, ATTR_ESL, &(resultInfo->esl));
681 if (result != RESULT_SUCCESS) {
682 LOG_ERROR("GetAttributeUint32 esl failed");
683 return result;
684 }
685 Uint8Array pubKeyTlv = { resultInfo->pubKey, PUBLIC_KEY_LEN };
686 result = GetAttributeUint8Array(attribute, ATTR_PUBLIC_KEY, &pubKeyTlv);
687 if (result != RESULT_SUCCESS) {
688 LOG_ERROR("GetAttributeUint8Array pubKey fail");
689 return result;
690 }
691 return RESULT_SUCCESS;
692 }
693
GetExecutorInfoHal(Uint8Array tlv,ExecutorInfoHal * executorInfo)694 IAM_STATIC ResultCode GetExecutorInfoHal(Uint8Array tlv, ExecutorInfoHal *executorInfo)
695 {
696 Attribute *attribute = CreateAttributeFromSerializedMsg(tlv);
697 if (attribute == NULL) {
698 LOG_ERROR("CreateAttributeFromSerializedMsg fail");
699 return RESULT_GENERAL_ERROR;
700 }
701
702 ResultCode result = GetExecutorInfoHalFromAttribute(attribute, executorInfo);
703 FreeAttribute(&attribute);
704 if (result != RESULT_SUCCESS) {
705 LOG_ERROR("GetExecutorInfoHalFromAttribute failed");
706 return RESULT_GENERAL_ERROR;
707 }
708
709 return RESULT_SUCCESS;
710 }
711
GetAuthAttrsFromAttribute(const Attribute * attribute,Uint8Array * authAttrs)712 IAM_STATIC ResultCode GetAuthAttrsFromAttribute(const Attribute *attribute, Uint8Array *authAttrs)
713 {
714 ResultCode result = GetAttributeUint8Array(attribute, ATTR_ATTRS, authAttrs);
715 if (result != RESULT_SUCCESS) {
716 LOG_ERROR("GetAttributeUint8Array authAttrs fail");
717 }
718 return result;
719 }
720
GetRemoteExecutorInfoInner(Attribute * attribute,Uint8Array * authAttrs,Uint8Array * subMsgs,int * subMsgSize)721 IAM_STATIC ResultCode GetRemoteExecutorInfoInner(Attribute *attribute, Uint8Array *authAttrs, Uint8Array *subMsgs,
722 int *subMsgSize)
723 {
724 if (GetAuthAttrsFromAttribute(attribute, authAttrs) != RESULT_SUCCESS) {
725 LOG_ERROR("GetAuthAttrsFromAttribute failed");
726 return RESULT_GENERAL_ERROR;
727 }
728 if (ParseMultiDataSerializedMsg(*authAttrs, subMsgs, subMsgSize) != RESULT_SUCCESS) {
729 LOG_ERROR("ParseMultiDataSerializedMsg failed");
730 return RESULT_GENERAL_ERROR;
731 }
732 return RESULT_SUCCESS;
733 }
734
GetRemoteExecutorInfo(const Buffer * msg,Uint8Array peerUdid,Uint8Array * subMsgs,int * subMsgSize)735 IAM_STATIC ResultCode GetRemoteExecutorInfo(const Buffer *msg, Uint8Array peerUdid,
736 Uint8Array *subMsgs, int *subMsgSize)
737 {
738 Uint8Array msgArray = { msg->buf, msg->contentSize };
739 SignParam signParam = { .needSignature = true, .keyType = KEY_TYPE_CROSS_DEVICE, .peerUdid = peerUdid};
740 Attribute *attribute = CreateAttributeFromExecutorMsg(msgArray, signParam);
741 Uint8Array authAttrs = { Malloc(MAX_EXECUTOR_MSG_LEN), MAX_EXECUTOR_MSG_LEN };
742 if (attribute == NULL || authAttrs.data == NULL) {
743 LOG_ERROR("authAttrs malloc failed");
744 FreeAttribute(&attribute);
745 Free(authAttrs.data);
746 return RESULT_GENERAL_ERROR;
747 }
748
749 ResultCode result = GetRemoteExecutorInfoInner(attribute, &authAttrs, subMsgs, subMsgSize);
750
751 FreeAttribute(&attribute);
752 Free(authAttrs.data);
753 return result;
754 }
755
CheckRemoteExecutorInfoInner(Uint8Array * subMsgs,int subMsgSize,ExecutorInfoHal * infoToCheck)756 static bool CheckRemoteExecutorInfoInner(Uint8Array *subMsgs, int subMsgSize, ExecutorInfoHal *infoToCheck)
757 {
758 for (int i = 0; i < subMsgSize; i++) {
759 Uint8Array subMsg = subMsgs[i];
760 ExecutorInfoHal executorInfo = {};
761 ResultCode result = GetExecutorInfoHal(subMsg, &executorInfo);
762 if (result != RESULT_SUCCESS) {
763 LOG_ERROR("GetExecutorInfoHal failed");
764 return false;
765 }
766 if ((executorInfo.authType == infoToCheck->authType) &&
767 (executorInfo.executorRole == infoToCheck->executorRole) &&
768 (executorInfo.esl == infoToCheck->esl) &&
769 (memcmp(executorInfo.pubKey, infoToCheck->pubKey, PUBLIC_KEY_LEN) == 0)) {
770 return true;
771 }
772 }
773 LOG_ERROR("no matching executor info found");
774 return false;
775 }
776
CheckRemoteExecutorInfo(const Buffer * msg,ExecutorInfoHal * infoToCheck)777 bool CheckRemoteExecutorInfo(const Buffer *msg, ExecutorInfoHal *infoToCheck)
778 {
779 if (!IsBufferValid(msg) || (infoToCheck == NULL)) {
780 LOG_ERROR("param is invalid");
781 return RESULT_BAD_PARAM;
782 }
783 Uint8Array peerUdid = { infoToCheck->deviceUdid, sizeof(infoToCheck->deviceUdid) };
784 Uint8Array subMsgs[MAX_SUB_MSG_NUM] = {0};
785 int subMsgSize = MAX_SUB_MSG_NUM;
786 ResultCode result = GetRemoteExecutorInfo(msg, peerUdid, &subMsgs[0], &subMsgSize);
787 if (result != RESULT_SUCCESS) {
788 LOG_ERROR("GetRemoteExecutorInfo failed");
789 return false;
790 }
791
792 bool checkPass = CheckRemoteExecutorInfoInner(subMsgs, subMsgSize, infoToCheck);
793
794 for (int i = 0; i < MAX_SUB_MSG_NUM; i++) {
795 Free(subMsgs[i].data);
796 }
797
798 return checkPass;
799 }
800
SetExecutorCollectMsgToAttribute(ScheduleInfoParam * scheduleInfo,const Uint8Array * publicKey,const Uint8Array challenge,Attribute * attribute)801 IAM_STATIC ResultCode SetExecutorCollectMsgToAttribute(ScheduleInfoParam *scheduleInfo, const Uint8Array *publicKey,
802 const Uint8Array challenge, Attribute *attribute)
803 {
804 Uint8Array localUdid = { scheduleInfo->localUdid, sizeof(scheduleInfo->localUdid) };
805 Uint8Array remoteUdid = { scheduleInfo->remoteUdid, sizeof(scheduleInfo->remoteUdid) };
806
807 ResultCode result = SetAttributeUint64(attribute, ATTR_SCHEDULE_ID, scheduleInfo->scheduleId);
808 if (result != RESULT_SUCCESS) {
809 LOG_ERROR("SetAttributeUint64 scheduleId failed");
810 return RESULT_GENERAL_ERROR;
811 }
812
813 result = SetAttributeUint8Array(attribute, ATTR_LOCAL_UDID, localUdid);
814 if (result != RESULT_SUCCESS) {
815 LOG_ERROR("SetAttributeUint8Array for localUdid fail");
816 return RESULT_GENERAL_ERROR;
817 }
818 result = SetAttributeUint8Array(attribute, ATTR_PEER_UDID, remoteUdid);
819 if (result != RESULT_SUCCESS) {
820 LOG_ERROR("SetAttributeUint8Array for peerUdid fail");
821 return RESULT_GENERAL_ERROR;
822 }
823 Uint8Array publicKeyIn = { publicKey->data, publicKey->len };
824 result = SetAttributeUint8Array(attribute, ATTR_PUBLIC_KEY, publicKeyIn);
825 if (result != RESULT_SUCCESS) {
826 LOG_ERROR("SetAttributeUint8Array for publicKey fail");
827 return RESULT_GENERAL_ERROR;
828 }
829 result = SetAttributeUint8Array(attribute, ATTR_CHALLENGE, challenge);
830 if (result != RESULT_SUCCESS) {
831 LOG_ERROR("SetAttributeUint8Array for challenge fail");
832 return RESULT_GENERAL_ERROR;
833 }
834 return RESULT_SUCCESS;
835 }
836
CreateExecutorCollectMsg(const Attribute * attributeSchedule,ScheduleInfoParam * scheduleInfo)837 IAM_STATIC Buffer *CreateExecutorCollectMsg(const Attribute *attributeSchedule, ScheduleInfoParam *scheduleInfo)
838 {
839 uint8_t publicKeyData[PUBLIC_KEY_LEN] = {};
840 Uint8Array publicKey = { publicKeyData, PUBLIC_KEY_LEN };
841 ResultCode result = GetAttributeUint8Array(attributeSchedule, ATTR_PUBLIC_KEY, &publicKey);
842 if (result != RESULT_SUCCESS) {
843 LOG_ERROR("GetAttributeUint8Array publicKey fail");
844 return NULL;
845 }
846
847 uint8_t challengeData[CHALLENGE_LEN] = {};
848 Uint8Array challenge = { challengeData, CHALLENGE_LEN };
849 ResultCode getChallengeRet = GetAttributeUint8Array(attributeSchedule, ATTR_CHALLENGE, &challenge);
850 if (getChallengeRet != RESULT_SUCCESS) {
851 LOG_ERROR("GetAttributeUint8Array challenge fail");
852 return NULL;
853 }
854
855 Buffer *retBuffer = NULL;
856 Attribute *attribute = CreateEmptyAttribute();
857 Uint8Array retInfo = { Malloc(MAX_EXECUTOR_MSG_LEN), MAX_EXECUTOR_MSG_LEN };
858 if (attribute == NULL || IS_ARRAY_NULL(retInfo)) {
859 LOG_ERROR("attribute is null");
860 goto FAIL;
861 }
862 result = SetExecutorCollectMsgToAttribute(scheduleInfo, &publicKey, challenge, attribute);
863 if (result != RESULT_SUCCESS) {
864 LOG_ERROR("set msg to attribute failed");
865 goto FAIL;
866 }
867
868 SignParam signParam = { .needSignature = true, .keyType = KEY_TYPE_EXECUTOR };
869 result = GetAttributeExecutorMsg(attribute, &retInfo, signParam);
870 if (result != RESULT_SUCCESS) {
871 LOG_ERROR("GetAttributeExecutorMsg failed");
872 goto FAIL;
873 }
874
875 retBuffer = CreateBufferByData(retInfo.data, retInfo.len);
876 if (!IsBufferValid(retBuffer)) {
877 LOG_ERROR("generate result buffer failed");
878 goto FAIL;
879 }
880 LOG_INFO("CreateExecutorCollectMsg success");
881
882 FAIL:
883 FreeAttribute(&attribute);
884 Free(retInfo.data);
885 return retBuffer;
886 }
887
GetExecutorIndexByCondition(uint32_t authType,uint32_t executorMatcher,Uint8Array deviceUdid,uint32_t executorRole,uint64_t * executorIndex)888 static ResultCode GetExecutorIndexByCondition(uint32_t authType, uint32_t executorMatcher,
889 Uint8Array deviceUdid, uint32_t executorRole, uint64_t *executorIndex)
890 {
891 ExecutorCondition condition = {};
892 SetExecutorConditionAuthType(&condition, authType);
893 SetExecutorConditionExecutorMatcher(&condition, executorMatcher);
894 SetExecutorConditionExecutorRole(&condition, executorRole);
895 SetExecutorConditionDeviceUdid(&condition, deviceUdid);
896
897 LinkedList *executorList = QueryExecutor(&condition);
898 if (executorList == NULL) {
899 LOG_ERROR("query executor failed");
900 return RESULT_UNKNOWN;
901 }
902
903 if (executorList->getSize(executorList) != 1) {
904 LOG_ERROR("executor list len is invalid");
905 DestroyLinkedList(executorList);
906 return RESULT_TYPE_NOT_SUPPORT;
907 }
908
909 LinkedListNode *temp = executorList->head;
910 if (temp == NULL) {
911 LOG_ERROR("get executorList head failed");
912 DestroyLinkedList(executorList);
913 return RESULT_UNKNOWN;
914 }
915 ExecutorInfoHal *executorInfo = (ExecutorInfoHal *)temp->data;
916 if (executorInfo == NULL) {
917 LOG_ERROR("executorInfo is invalid");
918 DestroyLinkedList(executorList);
919 return RESULT_UNKNOWN;
920 }
921
922 *executorIndex = executorInfo->executorIndex;
923 DestroyLinkedList(executorList);
924 return RESULT_SUCCESS;
925 }
926
GetScheduleInfoFromAttributeInner(const Attribute * attribute,ScheduleInfoParam * scheduleInfo)927 IAM_STATIC ResultCode GetScheduleInfoFromAttributeInner(const Attribute *attribute, ScheduleInfoParam *scheduleInfo)
928 {
929 ResultCode result = GetAttributeUint64(attribute, ATTR_SCHEDULE_ID, &(scheduleInfo->scheduleId));
930 if (result != RESULT_SUCCESS) {
931 LOG_ERROR("GetAttributeUint64 scheduleId failed");
932 return result;
933 }
934 result = GetAttributeUint32(attribute, ATTR_TYPE, &(scheduleInfo->authType));
935 if (result != RESULT_SUCCESS) {
936 LOG_ERROR("GetAttributeUint32 authType failed");
937 return result;
938 }
939 result = GetAttributeUint32(attribute, ATTR_EXECUTOR_MATCHER, &(scheduleInfo->executorMatcher));
940 if (result != RESULT_SUCCESS) {
941 LOG_ERROR("GetAttributeUint32 executorMatcher failed");
942 return result;
943 }
944 result = GetAttributeInt32(attribute, ATTR_SCHEDULE_MODE, &(scheduleInfo->scheduleMode));
945 if (result != RESULT_SUCCESS) {
946 LOG_ERROR("GetAttributeInt32 scheduleMode failed");
947 return result;
948 }
949 Uint8Array remoteUdid = { scheduleInfo->remoteUdid, UDID_LEN };
950 result = GetAttributeUint8Array(attribute, ATTR_VERIFIER_UDID, &remoteUdid);
951 if (result != RESULT_SUCCESS) {
952 LOG_ERROR("GetAttributeUint8Array remoteUdid failed");
953 }
954 return result;
955 }
956
GetScheduleInfoFromAttribute(const Attribute * attribute,ScheduleInfoParam * scheduleInfo)957 IAM_STATIC ResultCode GetScheduleInfoFromAttribute(const Attribute *attribute, ScheduleInfoParam *scheduleInfo)
958 {
959 ResultCode result = GetScheduleInfoFromAttributeInner(attribute, scheduleInfo);
960 if (result != RESULT_SUCCESS) {
961 LOG_ERROR("GetScheduleInfoFromAttributeInner failed");
962 return result;
963 }
964 uint32_t executorRole;
965 result = GetAttributeUint32(attribute, ATTR_EXECUTOR_ROLE, &executorRole);
966 if (result != RESULT_SUCCESS) {
967 LOG_ERROR("GetAttributeUint32 scheduleMode failed");
968 return result;
969 }
970
971 Uint8Array collectorUdid = { scheduleInfo->localUdid, UDID_LEN };
972 result = GetAttributeUint8Array(attribute, ATTR_COLLECTOR_UDID, &collectorUdid);
973 if (result != RESULT_SUCCESS) {
974 LOG_ERROR("GetAttributeUint8Array localUdid failed");
975 return result;
976 }
977
978 if (!IsLocalUdid(collectorUdid)) {
979 LOG_ERROR("collector udid is not local udid");
980 return RESULT_GENERAL_ERROR;
981 }
982
983 result = GetExecutorIndexByCondition(scheduleInfo->authType, scheduleInfo->executorMatcher,
984 collectorUdid, executorRole, &scheduleInfo->executorIndex);
985 if (result != RESULT_SUCCESS) {
986 LOG_ERROR("GetExecutorIndex failed");
987 return result;
988 }
989
990 scheduleInfo->executorMessages = CreateExecutorCollectMsg(attribute, scheduleInfo);
991 if (!IsBufferValid(scheduleInfo->executorMessages)) {
992 LOG_ERROR("create executorMessages failed");
993 result = RESULT_GENERAL_ERROR;
994 }
995 return result;
996 }
997
CreateScheduleInfo(const Buffer * tlv,Uint8Array peerUdid,ScheduleInfoParam * scheduleInfo)998 ResultCode CreateScheduleInfo(const Buffer *tlv, Uint8Array peerUdid, ScheduleInfoParam *scheduleInfo)
999 {
1000 if (!IsBufferValid(tlv) || IS_ARRAY_NULL(peerUdid) || (scheduleInfo == NULL)) {
1001 LOG_ERROR("param is invalid");
1002 return RESULT_BAD_PARAM;
1003 }
1004
1005 Uint8Array msg = { tlv->buf, tlv->contentSize };
1006 SignParam signParam = { .needSignature = true, .keyType = KEY_TYPE_CROSS_DEVICE, .peerUdid = peerUdid };
1007 Attribute *attribute = CreateAttributeFromExecutorMsg(msg, signParam);
1008 if (attribute == NULL) {
1009 LOG_ERROR("CreateAttributeFromExecutorMsg failed");
1010 return RESULT_GENERAL_ERROR;
1011 }
1012
1013 ResultCode result = GetScheduleInfoFromAttribute(attribute, scheduleInfo);
1014 if (result != RESULT_SUCCESS) {
1015 LOG_ERROR("GetScheduleInfoFromAttribute failed");
1016 }
1017 FreeAttribute(&attribute);
1018 return result;
1019 }
1020
GetAuthResultInfoFromAttribute(const Attribute * attribute,AuthResultParam * authResultInfo)1021 IAM_STATIC ResultCode GetAuthResultInfoFromAttribute(const Attribute *attribute, AuthResultParam *authResultInfo)
1022 {
1023 ResultCode result = GetAttributeInt32(attribute, ATTR_RESULT, &(authResultInfo->result));
1024 if (result != RESULT_SUCCESS) {
1025 LOG_ERROR("GetAttributeInt32 result failed");
1026 return result;
1027 }
1028 result = GetAttributeInt32(attribute, ATTR_LOCKOUT_DURATION, &(authResultInfo->lockoutDuration));
1029 if (result != RESULT_SUCCESS) {
1030 LOG_ERROR("GetAttributeInt32 lockoutDuration failed");
1031 return result;
1032 }
1033 result = GetAttributeInt32(attribute, ATTR_REMAIN_ATTEMPTS, &(authResultInfo->remainAttempts));
1034 if (result != RESULT_SUCCESS) {
1035 LOG_ERROR("GetAttributeInt32 remainAttempts failed");
1036 return result;
1037 }
1038 result = GetAttributeInt32(attribute, ATTR_USER_ID, &(authResultInfo->userId));
1039 if (result != RESULT_SUCCESS) {
1040 LOG_ERROR("GetAttributeInt32 userId failed");
1041 return result;
1042 }
1043
1044 uint8_t tokenData[AUTH_TOKEN_LEN] = {};
1045 Uint8Array tokenArray = { tokenData, AUTH_TOKEN_LEN };
1046 result = GetAttributeUint8Array(attribute, ATTR_TOKEN, &tokenArray);
1047 if (result != RESULT_SUCCESS) {
1048 LOG_ERROR("GetAttributeUint8Array token fail");
1049 return result;
1050 }
1051 authResultInfo->token = CreateBufferByData(tokenArray.data, tokenArray.len);
1052 if (!IsBufferValid(authResultInfo->token)) {
1053 LOG_ERROR("CreateBuffer token fail");
1054 return RESULT_BAD_COPY;
1055 }
1056 return RESULT_SUCCESS;
1057 }
1058
CreateAuthResultInfo(const Buffer * tlv,AuthResultParam * authResultInfo)1059 ResultCode CreateAuthResultInfo(const Buffer *tlv, AuthResultParam *authResultInfo)
1060 {
1061 if (!IsBufferValid(tlv) || (authResultInfo == NULL)) {
1062 LOG_ERROR("param is invalid");
1063 return RESULT_BAD_PARAM;
1064 }
1065
1066 Uint8Array msg = { tlv->buf, tlv->contentSize };
1067 Uint8Array peerUdid = { .data = authResultInfo->remoteUdid, .len = UDID_LEN };
1068 SignParam signParam = { .needSignature = true, .keyType = KEY_TYPE_CROSS_DEVICE, .peerUdid = peerUdid };
1069 Attribute *attribute = CreateAttributeFromExecutorMsg(msg, signParam);
1070 if (attribute == NULL) {
1071 LOG_ERROR("CreateAttributeFromExecutorMsg failed");
1072 return RESULT_GENERAL_ERROR;
1073 }
1074
1075 ResultCode result = GetAuthResultInfoFromAttribute(attribute, authResultInfo);
1076 if (result != RESULT_SUCCESS) {
1077 LOG_ERROR("GetAuthResultInfoFromAttribute failed");
1078 }
1079 FreeAttribute(&attribute);
1080 return result;
1081 }
1082
SetExecutorInfoMsgToAttribute(ExecutorInfoHal * executorInfo,Attribute * attribute)1083 IAM_STATIC ResultCode SetExecutorInfoMsgToAttribute(ExecutorInfoHal *executorInfo, Attribute *attribute)
1084 {
1085 ResultCode result = SetAttributeUint64(attribute, ATTR_EXECUTOR_INDEX, executorInfo->executorIndex);
1086 if (result != RESULT_SUCCESS) {
1087 LOG_ERROR("SetAttributeUint64 executorIndex failed");
1088 return RESULT_GENERAL_ERROR;
1089 }
1090 result = SetAttributeUint32(attribute, ATTR_TYPE, executorInfo->authType);
1091 if (result != RESULT_SUCCESS) {
1092 LOG_ERROR("SetAttributeUint32 authType failed");
1093 return RESULT_GENERAL_ERROR;
1094 }
1095 result = SetAttributeUint32(attribute, ATTR_EXECUTOR_ROLE, executorInfo->executorRole);
1096 if (result != RESULT_SUCCESS) {
1097 LOG_ERROR("SetAttributeUint32 executorRole failed");
1098 return RESULT_GENERAL_ERROR;
1099 }
1100 result = SetAttributeUint32(attribute, ATTR_ESL, executorInfo->esl);
1101 if (result != RESULT_SUCCESS) {
1102 LOG_ERROR("SetAttributeUint32 esl failed");
1103 return RESULT_GENERAL_ERROR;
1104 }
1105 Uint8Array publicKeyIn = { executorInfo->pubKey, PUBLIC_KEY_LEN };
1106 result = SetAttributeUint8Array(attribute, ATTR_PUBLIC_KEY, publicKeyIn);
1107 if (result != RESULT_SUCCESS) {
1108 LOG_ERROR("SetAttributeUint8Array for pubKey fail");
1109 return RESULT_GENERAL_ERROR;
1110 }
1111 return RESULT_SUCCESS;
1112 }
1113
GetExecutorInfoMsg(ExecutorInfoHal * executorInfo,Uint8Array * retMsg)1114 ResultCode GetExecutorInfoMsg(ExecutorInfoHal *executorInfo, Uint8Array *retMsg)
1115 {
1116 ResultCode result = RESULT_GENERAL_ERROR;
1117 Attribute *attribute = CreateEmptyAttribute();
1118 if (attribute == NULL) {
1119 LOG_ERROR("CreateEmptyAttribute failed");
1120 return RESULT_GENERAL_ERROR;
1121 }
1122 result = SetExecutorInfoMsgToAttribute(executorInfo, attribute);
1123 if (result != RESULT_SUCCESS) {
1124 LOG_ERROR("set msg to attribute failed");
1125 goto FAIL;
1126 }
1127 result = GetAttributeSerializedMsg(attribute, retMsg);
1128 if (result != RESULT_SUCCESS) {
1129 LOG_ERROR("GetAttributeSerializedMsg fail");
1130 goto FAIL;
1131 }
1132
1133 FAIL:
1134 FreeAttribute(&attribute);
1135 return result;
1136 }
1137
GetExecutorInfoTlv(Uint8Array attrsTlv,Uint8Array peerUdid)1138 Buffer *GetExecutorInfoTlv(Uint8Array attrsTlv, Uint8Array peerUdid)
1139 {
1140 if (IS_ARRAY_NULL(attrsTlv) || IS_ARRAY_NULL(peerUdid)) {
1141 LOG_ERROR("attrsTlv is NULL");
1142 return NULL;
1143 }
1144
1145 Buffer *retBuffer = NULL;
1146 Attribute *attribute = CreateEmptyAttribute();
1147 Uint8Array retInfo = { Malloc(MAX_EXECUTOR_MSG_LEN), MAX_EXECUTOR_MSG_LEN };
1148 if (attribute == NULL || IS_ARRAY_NULL(retInfo)) {
1149 LOG_ERROR("attribute or retInfo is NULL");
1150 goto FAIL;
1151 }
1152 ResultCode result = SetAttributeUint8Array(attribute, ATTR_ATTRS, attrsTlv);
1153 if (result != RESULT_SUCCESS) {
1154 LOG_ERROR("SetAttributeUint8Array for attrs fail");
1155 goto FAIL;
1156 }
1157
1158 SignParam signParam = { .needSignature = true, .keyType = KEY_TYPE_CROSS_DEVICE, .peerUdid = peerUdid };
1159 result = GetAttributeExecutorMsg(attribute, &retInfo, signParam);
1160 if (result != RESULT_SUCCESS) {
1161 LOG_ERROR("GetAttributeExecutorMsg failed");
1162 goto FAIL;
1163 }
1164
1165 retBuffer = CreateBufferByData(retInfo.data, retInfo.len);
1166 if (!IsBufferValid(retBuffer)) {
1167 LOG_ERROR("generate result buffer failed");
1168 goto FAIL;
1169 }
1170 LOG_INFO("GetExecutorInfoTlv success");
1171
1172 FAIL:
1173 FreeAttribute(&attribute);
1174 Free(retInfo.data);
1175 return retBuffer;
1176 }
1177