1 /* 2 * Copyright (c) 2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef FOUNDATION_APPEXECFWK_SERVICES_BUNDLEMGR_INCLUDE_BUNDLE_INSTALL_CHECKER_H 17 #define FOUNDATION_APPEXECFWK_SERVICES_BUNDLEMGR_INCLUDE_BUNDLE_INSTALL_CHECKER_H 18 19 #include <memory> 20 #include <string> 21 #include <vector> 22 #include <algorithm> 23 24 #include "app_privilege_capability.h" 25 #include "app_provision_info.h" 26 #include "appexecfwk_errors.h" 27 #include "bundle_pack_info.h" 28 #include "bundle_verify_mgr.h" 29 #include "inner_bundle_info.h" 30 #include "install_param.h" 31 32 namespace OHOS { 33 namespace AppExecFwk { 34 struct InstallCheckParam { 35 bool isPreInstallApp = false; 36 bool removable = true; 37 bool needSendEvent = true; 38 // is shell token 39 bool isCallByShell = false; 40 bool isInstalledForAllUser = false; 41 // status of install bundle permission 42 PermissionStatus installBundlePermissionStatus = PermissionStatus::NOT_VERIFIED_PERMISSION_STATUS; 43 // status of install enterprise bundle permission 44 PermissionStatus installEnterpriseBundlePermissionStatus = PermissionStatus::NOT_VERIFIED_PERMISSION_STATUS; 45 // status of install enterprise normal bundle permission 46 PermissionStatus installEtpNormalBundlePermissionStatus = PermissionStatus::NOT_VERIFIED_PERMISSION_STATUS; 47 // status of install enterprise mdm bundle permission 48 PermissionStatus installEtpMdmBundlePermissionStatus = PermissionStatus::NOT_VERIFIED_PERMISSION_STATUS; 49 // status of install internaltesting bundle permission 50 PermissionStatus installInternaltestingBundlePermissionStatus = PermissionStatus::NOT_VERIFIED_PERMISSION_STATUS; 51 52 Constants::AppType appType = Constants::AppType::THIRD_PARTY_APP; 53 int64_t crowdtestDeadline = Constants::INVALID_CROWDTEST_DEADLINE; // for crowdtesting type hap 54 std::string specifiedDistributionType; 55 }; 56 57 class BundleInstallChecker { 58 public: 59 /** 60 * @brief Check syscap. 61 * @param bundlePaths Indicates the file paths of all HAP packages. 62 * @return Returns ERR_OK if the syscap satisfy; returns error code otherwise. 63 */ 64 ErrCode CheckSysCap(const std::vector<std::string> &bundlePaths); 65 66 /** 67 * @brief Check signature info of multiple haps. 68 * @param bundlePaths Indicates the file paths of all HAP packages. 69 * @param hapVerifyRes Indicates the signature info. 70 * @param readFile Indicates using READ or MMAP to get content of the file. 71 * @return Returns ERR_OK if the every hap has signature info and all haps have same signature info. 72 */ 73 ErrCode CheckMultipleHapsSignInfo( 74 const std::vector<std::string> &bundlePaths, 75 std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes, bool readFile = false); 76 77 /** 78 * @brief To check the hap hash param. 79 * @param infos .Indicates all innerBundleInfo for all haps need to be installed. 80 * @param hashParams .Indicates all hashParams in installParam. 81 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 82 */ 83 ErrCode CheckHapHashParams( 84 std::unordered_map<std::string, InnerBundleInfo> &infos, 85 std::map<std::string, std::string> hashParams); 86 87 /** 88 * @brief To check the version code and bundleName in all haps. 89 * @param infos .Indicates all innerBundleInfo for all haps need to be installed. 90 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 91 */ 92 ErrCode CheckAppLabelInfo(const std::unordered_map<std::string, InnerBundleInfo> &infos); 93 /** 94 * @brief To check native file in all haps. 95 * @param infos .Indicates all innerBundleInfo for all haps need to be installed. 96 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 97 */ 98 ErrCode CheckMultiNativeFile(std::unordered_map<std::string, InnerBundleInfo> &infos); 99 /** 100 * @brief To check ark native file in all haps. 101 * @param infos .Indicates all innerBundleInfo for all haps need to be installed. 102 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 103 */ 104 ErrCode CheckMultiArkNativeFile(std::unordered_map<std::string, InnerBundleInfo> &infos); 105 /** 106 * @brief To check native so in all haps. 107 * @param infos .Indicates all innerBundleInfo for all haps need to be installed. 108 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 109 */ 110 ErrCode CheckMultiNativeSo(std::unordered_map<std::string, InnerBundleInfo> &infos); 111 /** 112 * @brief To parse hap files and to obtain innerBundleInfo of each hap. 113 * @param bundlePaths Indicates the file paths of all HAP packages. 114 * @param checkParam Indicates the install check parameters. 115 * @param hapVerifyRes Indicates all signature info of all haps. 116 * @param infos Indicates the innerBundleinfo of each hap. 117 * @return Returns ERR_OK if each hap is parsed successfully; returns error code otherwise. 118 */ 119 ErrCode ParseHapFiles( 120 const std::vector<std::string> &bundlePaths, 121 const InstallCheckParam &checkParam, 122 std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes, 123 std::unordered_map<std::string, InnerBundleInfo> &infos); 124 /** 125 * @brief To check dependency whether or not exists. 126 * @param infos Indicates all innerBundleInfo for all haps need to be installed. 127 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 128 */ 129 ErrCode CheckDependency(std::unordered_map<std::string, InnerBundleInfo> &infos); 130 131 void ResetProperties(); 132 IsContainEntry()133 bool IsContainEntry() 134 { 135 return isContainEntry_; 136 } 137 138 ErrCode CheckEnterpriseForAllUser(std::unordered_map<std::string, InnerBundleInfo> &infos, 139 const InstallCheckParam &checkParam, const std::string &distributionType); 140 141 ErrCode CheckHspInstallCondition(std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes, 142 const Security::AccessToken::AccessTokenID callerToken = 0); 143 144 ErrCode CheckInstallPermission(const InstallCheckParam &checkParam, 145 const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes); 146 147 bool VaildInstallPermission(const InstallParam &installParam, 148 const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes); 149 150 bool VaildEnterpriseInstallPermission(const InstallParam &installParam, 151 const Security::Verify::ProvisionInfo &provisionInfo); 152 153 bool VaildInstallPermissionForShare(const InstallCheckParam &checkParam, 154 const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes); 155 156 bool VaildEnterpriseInstallPermissionForShare(const InstallCheckParam &checkParam, 157 const Security::Verify::ProvisionInfo &provisionInfo); 158 159 ErrCode CheckModuleNameForMulitHaps(const std::unordered_map<std::string, InnerBundleInfo> &infos); 160 161 bool IsExistedDistroModule(const InnerBundleInfo &newInfo, const InnerBundleInfo &info) const; 162 163 bool IsContainModuleName(const InnerBundleInfo &newInfo, const InnerBundleInfo &info) const; 164 165 ErrCode CheckDeviceType(std::unordered_map<std::string, InnerBundleInfo> &infos) const; 166 167 bool IsSubSet(const std::vector<std::string> &mainSet, const std::vector<std::string> &subSet) const; 168 169 ErrCode CheckRequiredDeviceFeatures(std::unordered_map<std::string, InnerBundleInfo> &infos) const; 170 171 AppProvisionInfo ConvertToAppProvisionInfo(const Security::Verify::ProvisionInfo &provisionInfo) const; 172 173 ErrCode CheckProxyDatas(const InnerBundleInfo &info) const; 174 175 ErrCode CheckIsolationMode(const std::unordered_map<std::string, InnerBundleInfo> &infos) const; 176 177 ErrCode CheckSignatureFileDir(const std::string &signatureFileDir) const; 178 179 ErrCode CheckDeveloperMode(const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes, 180 const Security::AccessToken::AccessTokenID callerToken) const; 181 182 ErrCode CheckAllowEnterpriseBundle(const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes) const; 183 184 bool CheckEnterpriseBundle(Security::Verify::HapVerifyResult &hapVerifyRes) const; 185 bool CheckInternaltestingBundle(Security::Verify::HapVerifyResult &hapVerifyRes) const; 186 bool CheckSupportAppTypes( 187 const std::unordered_map<std::string, InnerBundleInfo> &infos, const std::string &supportAppTypes) const; 188 189 std::string GetCheckResultMsg() const; 190 191 void SetCheckResultMsg(const std::string checkResultMsg); 192 193 ErrCode CheckAppDistributionType(const Security::Verify::AppDistType type); 194 195 ErrCode CheckAppDistributionType(const std::string distributionType); 196 197 int32_t GetAppDistributionTypeEnum(const std::string distributionType) const; 198 199 ErrCode CheckNoU1Enable(const std::unordered_map<std::string, InnerBundleInfo> &newInfos); 200 201 ErrCode CheckU1EnableSameInHaps(const std::unordered_map<std::string, InnerBundleInfo> &infos, 202 const std::string &bundleName, bool &u1Enable); 203 bool DetermineCloneApp(InnerBundleInfo &innerBundleInfo); 204 private: 205 206 ErrCode ParseBundleInfo( 207 const std::string &bundleFilePath, 208 InnerBundleInfo &info, 209 BundlePackInfo &packInfo); 210 211 ErrCode CheckSystemSize( 212 const std::string &bundlePath, 213 const Constants::AppType appType) const; 214 215 void SetEntryInstallationFree( 216 const BundlePackInfo &bundlePackInfo, 217 InnerBundleInfo &innerBundleInfo); 218 219 void SetPackInstallationFree(BundlePackInfo &bundlePackInfo, const InnerBundleInfo &innerBundleInfo) const; 220 221 void CollectProvisionInfo( 222 const Security::Verify::ProvisionInfo &provisionInfo, 223 const AppPrivilegeCapability &appPrivilegeCapability, 224 InnerBundleInfo &newInfo); 225 226 void GetPrivilegeCapability( 227 const InstallCheckParam &checkParam, InnerBundleInfo &newInfo); 228 229 void ParseAppPrivilegeCapability( 230 const Security::Verify::ProvisionInfo &provisionInfo, 231 AppPrivilegeCapability &appPrivilegeCapability); 232 233 ErrCode CheckMainElement(const InnerBundleInfo &info); 234 235 ErrCode CheckBundleName(const std::string &provisionInfoBundleName, const std::string &bundleName); 236 237 void FetchPrivilegeCapabilityFromPreConfig( 238 const std::string &bundleName, 239 const std::vector<std::string> &appSignatures, 240 AppPrivilegeCapability &appPrivilegeCapability); 241 242 bool MatchSignature(const std::vector<std::string> &appSignatures, const std::string &signature); 243 244 bool GetPrivilegeCapabilityValue(const std::vector<std::string> &existInJson, 245 const std::string &key, bool existInPreJson, bool existInProvision); 246 247 ErrCode ProcessBundleInfoByPrivilegeCapability(const AppPrivilegeCapability &appPrivilegeCapability, 248 InnerBundleInfo &innerBundleInfo); 249 250 bool NeedCheckDependency(const Dependency &dependency, const InnerBundleInfo &info); 251 252 bool FindModuleInInstallingPackage( 253 const std::string &moduleName, 254 const std::string &bundleName, 255 const std::unordered_map<std::string, InnerBundleInfo> &infos); 256 257 bool FindModuleInInstalledPackage( 258 const std::string &moduleName, 259 const std::string &bundleName, 260 uint32_t versionCode); 261 262 bool isContainEntry_ = false; 263 264 void SetAppProvisionMetadata(const std::vector<Security::Verify::Metadata> &provisionMetadatas, 265 InnerBundleInfo &newInfo); 266 267 bool CheckProxyPermissionLevel(const std::string &permissionName) const; 268 bool MatchOldSignatures(const std::string &bundleName, const std::vector<std::string> &appSignatures); 269 bool CheckProvisionInfoIsValid(const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes); 270 std::tuple<bool, std::string, std::string> GetValidReleaseType( 271 const std::unordered_map<std::string, InnerBundleInfo> &infos); 272 273 std::string checkResultMsg_ = ""; 274 }; 275 } // namespace AppExecFwk 276 } // namespace OHOS 277 #endif // FOUNDATION_APPEXECFWK_SERVICES_BUNDLEMGR_INCLUDE_BUNDLE_INSTALL_CHECKER_H