1 /*
2 * Copyright (c) 2022-2025 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #include "auth_interface.h"
16
17 #include <securec.h>
18 #include <stdbool.h>
19 #include <stdint.h>
20
21 #include "auth_apply_key_process.h"
22 #include "auth_deviceprofile.h"
23 #include "auth_hichain.h"
24 #include "auth_hichain_adapter.h"
25 #include "auth_identity_service_adapter.h"
26 #include "auth_log.h"
27 #include "auth_manager.h"
28 #include "auth_uk_manager.h"
29 #include "bus_center_manager.h"
30 #include "g_enhance_lnn_func.h"
31 #include "g_enhance_auth_func.h"
32 #include "g_enhance_auth_func_pack.h"
33 #include "g_enhance_lnn_func_pack.h"
34 #include "lnn_decision_db.h"
35 #include "lnn_distributed_net_ledger.h"
36 #include "lnn_feature_capability.h"
37 #include "lnn_ohos_account.h"
38 #include "lnn_log.h"
39 #include "lnn_init_monitor.h"
40 #include "softbus_adapter_mem.h"
41 #include "softbus_def.h"
42 #include "softbus_init_common.h"
43
44 #define SHORT_ACCOUNT_HASH_LEN 2
45
46 typedef struct {
47 int32_t module;
48 AuthTransListener listener;
49 } ModuleListener;
50
51 static ModuleListener g_moduleListener[] = {
52 {
53 .module = MODULE_P2P_LINK,
54 .listener = { NULL, NULL },
55 },
56 {
57 .module = MODULE_P2P_LISTEN,
58 .listener = { NULL, NULL },
59 },
60 {
61 .module = MODULE_UDP_INFO,
62 .listener = { NULL, NULL },
63 },
64 {
65 .module = MODULE_TIME_SYNC,
66 .listener = { NULL, NULL },
67 },
68 {
69 .module = MODULE_P2P_NETWORKING_SYNC,
70 .listener = { NULL, NULL },
71 },
72 {
73 .module = MODULE_AUTH_SYNC_INFO,
74 .listener = { NULL, NULL },
75 },
76 {
77 .module = MODULE_PTK_VERIFY,
78 .listener = { NULL, NULL },
79 },
80 {
81 .module = MODULE_SESSION_KEY_AUTH,
82 .listener = { NULL, NULL },
83 },
84 {
85 .module = MODULE_SLE_AUTH_CMD,
86 .listener = { NULL, NULL },
87 },
88 {
89 .module = MODULE_APPLY_KEY_CONNECTION,
90 .listener = { NULL, NULL },
91 },
92 {
93 .module = MODULE_VIRTUAL_LINK,
94 .listener = { NULL, NULL },
95 },
96 };
97
RegAuthTransListener(int32_t module,const AuthTransListener * listener)98 int32_t RegAuthTransListener(int32_t module, const AuthTransListener *listener)
99 {
100 AUTH_LOGI(AUTH_CONN, "Trans: add listener, module=%{public}d", module);
101 if (listener == NULL || listener->onDataReceived == NULL) {
102 AUTH_LOGE(AUTH_CONN, "Trans: invalid listener");
103 return SOFTBUS_INVALID_PARAM;
104 }
105 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
106 if (g_moduleListener[i].module == module) {
107 g_moduleListener[i].listener.onDataReceived = listener->onDataReceived;
108 g_moduleListener[i].listener.onDisconnected = listener->onDisconnected;
109 g_moduleListener[i].listener.onException = listener->onException;
110 return SOFTBUS_OK;
111 }
112 }
113 AUTH_LOGE(AUTH_CONN, "Trans: unknown module=%{public}d", module);
114 return SOFTBUS_AUTH_LISTENER_MODULE_INVALID;
115 }
116
UnregAuthTransListener(int32_t module)117 void UnregAuthTransListener(int32_t module)
118 {
119 AUTH_LOGI(AUTH_CONN, "Trans: remove listener, module=%{public}d", module);
120 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
121 if (g_moduleListener[i].module == module) {
122 g_moduleListener[i].listener.onDataReceived = NULL;
123 g_moduleListener[i].listener.onDisconnected = NULL;
124 g_moduleListener[i].listener.onException = NULL;
125 return;
126 }
127 }
128 }
129
IsSupportFeatureByCapaBit(uint32_t feature,AuthCapability capaBit)130 bool IsSupportFeatureByCapaBit(uint32_t feature, AuthCapability capaBit)
131 {
132 return ((feature & (1 << (uint32_t)capaBit)) != 0);
133 }
134
NotifyTransDataReceived(AuthHandle authHandle,const AuthDataHead * head,const uint8_t * data,uint32_t len)135 static void NotifyTransDataReceived(AuthHandle authHandle, const AuthDataHead *head, const uint8_t *data, uint32_t len)
136 {
137 AuthTransListener *listener = NULL;
138 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
139 if (g_moduleListener[i].module == head->module) {
140 listener = &(g_moduleListener[i].listener);
141 break;
142 }
143 }
144 if (listener == NULL || listener->onDataReceived == NULL) {
145 AUTH_LOGI(AUTH_CONN, "Trans: onDataReceived not found");
146 return;
147 }
148 AuthTransData transData = {
149 .module = head->module,
150 .flag = head->flag,
151 .seq = head->seq,
152 .len = len,
153 .data = data,
154 };
155 listener->onDataReceived(authHandle, &transData);
156 }
157
NotifyTransDisconnected(AuthHandle authHandle)158 static void NotifyTransDisconnected(AuthHandle authHandle)
159 {
160 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
161 if (g_moduleListener[i].listener.onDisconnected != NULL) {
162 g_moduleListener[i].listener.onDisconnected(authHandle);
163 }
164 }
165 }
166
NotifyTransException(AuthHandle authHandle,int32_t error)167 static void NotifyTransException(AuthHandle authHandle, int32_t error)
168 {
169 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
170 if (g_moduleListener[i].listener.onException != NULL) {
171 g_moduleListener[i].listener.onException(authHandle, error);
172 }
173 }
174 }
175
CheckSessionKeyAvailable(SessionKeyList * list,AuthLinkType type)176 static int32_t CheckSessionKeyAvailable(SessionKeyList *list, AuthLinkType type)
177 {
178 if (!CheckSessionKeyListExistType(list, type)) {
179 AUTH_LOGI(AUTH_CONN, "client sessionkey invalid, type=%{public}d", type);
180 return SOFTBUS_AUTH_SESSION_KEY_INVALID;
181 }
182 if (CheckSessionKeyListHasOldKey(list, type)) {
183 AUTH_LOGI(AUTH_CONN, "client sessionkey is old, type=%{public}d", type);
184 return SOFTBUS_AUTH_SESSION_KEY_TOO_OLD;
185 }
186 return SOFTBUS_OK;
187 }
188
AuthCheckSessionKeyValidByConnInfo(const char * networkId,const AuthConnInfo * connInfo)189 int32_t AuthCheckSessionKeyValidByConnInfo(const char *networkId, const AuthConnInfo *connInfo)
190 {
191 if (networkId == NULL || connInfo == NULL) {
192 AUTH_LOGE(AUTH_CONN, "param is null");
193 return SOFTBUS_INVALID_PARAM;
194 }
195 NodeInfo nodeInfo;
196 (void)memset_s(&nodeInfo, sizeof(NodeInfo), 0, sizeof(NodeInfo));
197 if (LnnGetRemoteNodeInfoById(networkId, CATEGORY_NETWORK_ID, &nodeInfo) != SOFTBUS_OK) {
198 return SOFTBUS_NETWORK_GET_NODE_INFO_ERR;
199 }
200 if (!IsSupportFeatureByCapaBit(nodeInfo.authCapacity, BIT_SUPPORT_NORMALIZED_LINK)) {
201 return SOFTBUS_OK;
202 }
203 AuthManager *authClient = GetAuthManagerByConnInfo(connInfo, false);
204 AuthManager *authServer = GetAuthManagerByConnInfo(connInfo, true);
205 int64_t authId = AUTH_INVALID_ID;
206 AuthLinkType type = connInfo->type;
207 if (authClient == NULL && authServer == NULL) {
208 if (connInfo->type == AUTH_LINK_TYPE_BR || connInfo->type == AUTH_LINK_TYPE_SLE) {
209 AUTH_LOGI(AUTH_CONN, "check ble sessionkey");
210 authId = AuthDeviceGetIdByUuid(nodeInfo.uuid, AUTH_LINK_TYPE_BLE, false);
211 authClient = GetAuthManagerByAuthId(authId);
212 authId = AuthDeviceGetIdByUuid(nodeInfo.uuid, AUTH_LINK_TYPE_BLE, true);
213 authServer = GetAuthManagerByAuthId(authId);
214 type = AUTH_LINK_TYPE_BLE;
215 }
216 if (authClient == NULL && authServer == NULL) {
217 AUTH_LOGE(AUTH_CONN, "client and server auth not found, type=%{public}d", type);
218 return SOFTBUS_AUTH_NOT_FOUND;
219 }
220 }
221 int32_t ret = SOFTBUS_OK;
222 do {
223 if (authClient != NULL) {
224 ret = CheckSessionKeyAvailable(&authClient->sessionKeyList, type);
225 if (ret != SOFTBUS_OK) {
226 break;
227 }
228 }
229 if (authServer != NULL) {
230 ret = CheckSessionKeyAvailable(&authServer->sessionKeyList, type);
231 if (ret != SOFTBUS_OK) {
232 break;
233 }
234 }
235 } while (false);
236 DelDupAuthManager(authClient);
237 DelDupAuthManager(authServer);
238 return ret;
239 }
240
AuthCheckSessionKeyValidByAuthHandle(const AuthHandle * authHandle)241 int32_t AuthCheckSessionKeyValidByAuthHandle(const AuthHandle *authHandle)
242 {
243 if (authHandle == NULL) {
244 AUTH_LOGE(AUTH_CONN, "param is null");
245 return SOFTBUS_INVALID_PARAM;
246 }
247 if (authHandle->type < AUTH_LINK_TYPE_WIFI || authHandle->type >= AUTH_LINK_TYPE_MAX) {
248 AUTH_LOGE(AUTH_CONN, "authHandle type error");
249 return SOFTBUS_INVALID_PARAM;
250 }
251 AuthManager *auth = GetAuthManagerByAuthId(authHandle->authId);
252 if (auth == NULL) {
253 AUTH_LOGE(AUTH_CONN, "not found auth manager, type=%{public}d, authId=%{public}" PRId64, authHandle->type,
254 authHandle->authId);
255 return SOFTBUS_AUTH_NOT_FOUND;
256 }
257 int32_t ret = SOFTBUS_OK;
258 if (!CheckSessionKeyListExistType(&auth->sessionKeyList, (AuthLinkType)authHandle->type)) {
259 AUTH_LOGI(AUTH_CONN, "sessionkey invalid, authId=%{public}" PRId64 ", type=%{public}d", authHandle->authId,
260 authHandle->type);
261 ret = SOFTBUS_AUTH_SESSION_KEY_INVALID;
262 }
263 DelDupAuthManager(auth);
264 return ret;
265 }
266
AuthOpenConn(const AuthConnInfo * info,uint32_t requestId,const AuthConnCallback * callback,bool isMeta)267 int32_t AuthOpenConn(const AuthConnInfo *info, uint32_t requestId, const AuthConnCallback *callback, bool isMeta)
268 {
269 if (info == NULL || callback == NULL) {
270 AUTH_LOGE(AUTH_CONN, "info or callback is null");
271 return SOFTBUS_INVALID_PARAM;
272 }
273 if (isMeta) {
274 return AuthMetaOpenConnPacked(info, requestId, callback);
275 }
276 return AuthDeviceOpenConn(info, requestId, callback);
277 }
278
AuthPostTransData(AuthHandle authHandle,const AuthTransData * dataInfo)279 int32_t AuthPostTransData(AuthHandle authHandle, const AuthTransData *dataInfo)
280 {
281 if (authHandle.type < AUTH_LINK_TYPE_WIFI || authHandle.type >= AUTH_LINK_TYPE_MAX) {
282 AUTH_LOGE(AUTH_CONN, "authHandle type error");
283 return SOFTBUS_INVALID_PARAM;
284 }
285 AuthManager *auth = GetAuthManagerByAuthId(authHandle.authId);
286 if (auth != NULL) {
287 DelDupAuthManager(auth);
288 return AuthDevicePostTransData(authHandle, dataInfo);
289 }
290 return AuthMetaPostTransDataPacked(authHandle.authId, dataInfo);
291 }
292
AuthCloseConn(AuthHandle authHandle)293 void AuthCloseConn(AuthHandle authHandle)
294 {
295 if (authHandle.type < AUTH_LINK_TYPE_WIFI || authHandle.type >= AUTH_LINK_TYPE_MAX) {
296 AUTH_LOGE(AUTH_CONN, "authHandle type error");
297 return;
298 }
299 AuthManager *auth = GetAuthManagerByAuthId(authHandle.authId);
300 if (auth != NULL) {
301 DelDupAuthManager(auth);
302 AuthDeviceCloseConn(authHandle);
303 return;
304 }
305 AuthMetaCloseConnPacked(authHandle.authId);
306 }
307
AuthRemoveAuthManagerByAuthHandle(AuthHandle authHandle)308 void AuthRemoveAuthManagerByAuthHandle(AuthHandle authHandle)
309 {
310 if (authHandle.type < AUTH_LINK_TYPE_WIFI || authHandle.type >= AUTH_LINK_TYPE_MAX) {
311 AUTH_LOGE(AUTH_CONN, "authHandle type error");
312 return;
313 }
314 RemoveAuthManagerByAuthId(authHandle);
315 }
316
AuthGetPreferConnInfo(const char * uuid,AuthConnInfo * connInfo,bool isMeta)317 int32_t AuthGetPreferConnInfo(const char *uuid, AuthConnInfo *connInfo, bool isMeta)
318 {
319 if (isMeta) {
320 return AuthMetaGetPreferConnInfoPacked(uuid, connInfo);
321 }
322 return AuthDeviceGetPreferConnInfo(uuid, connInfo);
323 }
324
AuthGetConnInfoByType(const char * uuid,AuthLinkType type,AuthConnInfo * connInfo,bool isMeta)325 int32_t AuthGetConnInfoByType(const char *uuid, AuthLinkType type, AuthConnInfo *connInfo, bool isMeta)
326 {
327 if (isMeta) {
328 return SOFTBUS_INVALID_PARAM;
329 }
330 return AuthDeviceGetConnInfoByType(uuid, type, connInfo);
331 }
332
AuthGetConnInfoBySide(const char * uuid,AuthConnInfo * connInfo,bool isMeta,bool isClient)333 int32_t AuthGetConnInfoBySide(const char *uuid, AuthConnInfo *connInfo, bool isMeta, bool isClient)
334 {
335 if (isMeta) {
336 return AuthMetaGetConnInfoBySidePacked(uuid, isClient, connInfo);
337 }
338 return AuthDeviceGetPreferConnInfo(uuid, connInfo);
339 }
340
AuthGetP2pConnInfo(const char * uuid,AuthConnInfo * connInfo,bool isMeta)341 int32_t AuthGetP2pConnInfo(const char *uuid, AuthConnInfo *connInfo, bool isMeta)
342 {
343 if (isMeta) {
344 return AUTH_INVALID_ID;
345 }
346 return AuthDeviceGetP2pConnInfo(uuid, connInfo);
347 }
348
AuthGetUsbConnInfo(const char * uuid,AuthConnInfo * connInfo,bool isMeta)349 int32_t AuthGetUsbConnInfo(const char *uuid, AuthConnInfo *connInfo, bool isMeta)
350 {
351 if (isMeta) {
352 return AUTH_INVALID_ID;
353 }
354 return AuthDeviceGetUsbConnInfo(uuid, connInfo);
355 }
356
AuthGetHmlConnInfo(const char * uuid,AuthConnInfo * connInfo,bool isMeta)357 int32_t AuthGetHmlConnInfo(const char *uuid, AuthConnInfo *connInfo, bool isMeta)
358 {
359 if (isMeta) {
360 return AUTH_INVALID_ID;
361 }
362 return AuthDeviceGetHmlConnInfo(uuid, connInfo);
363 }
364
365 /* for ProxyChannel & P2P TcpDirectchannel */
AuthGetLatestIdByUuid(const char * uuid,AuthLinkType type,bool isMeta,AuthHandle * authHandle)366 void AuthGetLatestIdByUuid(const char *uuid, AuthLinkType type, bool isMeta, AuthHandle *authHandle)
367 {
368 if (authHandle == NULL) {
369 AUTH_LOGE(AUTH_CONN, "authHandle is null");
370 return;
371 }
372 authHandle->authId = AUTH_INVALID_ID;
373 if (isMeta) {
374 return;
375 }
376 AuthDeviceGetLatestIdByUuid(uuid, type, authHandle);
377 }
378
AuthGetIdByConnInfo(const AuthConnInfo * connInfo,bool isServer,bool isMeta)379 int64_t AuthGetIdByConnInfo(const AuthConnInfo *connInfo, bool isServer, bool isMeta)
380 {
381 if (isMeta) {
382 return AuthMetaGetIdByConnInfoPacked(connInfo, isServer);
383 }
384 return AuthDeviceGetIdByConnInfo(connInfo, isServer);
385 }
386
AuthGetIdByUuid(const char * uuid,AuthLinkType type,bool isServer,bool isMeta)387 int64_t AuthGetIdByUuid(const char *uuid, AuthLinkType type, bool isServer, bool isMeta)
388 {
389 if (isMeta) {
390 return AuthMetaGetIdByUuidPacked(uuid, type, isServer);
391 }
392 return AuthDeviceGetIdByUuid(uuid, type, isServer);
393 }
394
AuthGetAuthHandleByIndex(const AuthConnInfo * connInfo,bool isServer,int32_t index,AuthHandle * authHandle)395 int32_t AuthGetAuthHandleByIndex(const AuthConnInfo *connInfo, bool isServer, int32_t index, AuthHandle *authHandle)
396 {
397 if (connInfo == NULL || authHandle == NULL) {
398 AUTH_LOGE(AUTH_CONN, "param is null");
399 return SOFTBUS_INVALID_PARAM;
400 }
401 int32_t ret = SOFTBUS_OK;
402 char networkId[NETWORK_ID_BUF_LEN] = { 0 };
403 NodeInfo info;
404 (void)memset_s(&info, sizeof(NodeInfo), 0, sizeof(NodeInfo));
405 switch (connInfo->type) {
406 case AUTH_LINK_TYPE_WIFI:
407 case AUTH_LINK_TYPE_SESSION_KEY:
408 ret = LnnGetRemoteNodeInfoByKey(connInfo->info.ipInfo.ip, &info);
409 if (ret != SOFTBUS_OK) {
410 AUTH_LOGE(AUTH_CONN, "get remote nodeInfo by ip failed, ret=%{public}d", ret);
411 return ret;
412 }
413 break;
414 case AUTH_LINK_TYPE_BLE:
415 ret = AuthGetAuthHandleByIndexForBle(connInfo, networkId, &info);
416 if (ret != SOFTBUS_OK) {
417 return ret;
418 }
419 break;
420 case AUTH_LINK_TYPE_BR:
421 ret = LnnGetRemoteNodeInfoByKey(connInfo->info.brInfo.brMac, &info);
422 if (ret != SOFTBUS_OK) {
423 AUTH_LOGE(AUTH_CONN, "get remote nodeInfo by brMac failed, ret=%{public}d", ret);
424 return ret;
425 }
426 break;
427 case AUTH_LINK_TYPE_SLE:
428 ret = LnnGetRemoteNodeInfoByKey(connInfo->info.sleInfo.networkId, &info);
429 if (ret != SOFTBUS_OK) {
430 AUTH_LOGE(AUTH_CONN, "get remote nodeInfo by sle networkId failed, ret = %{public}d", ret);
431 return ret;
432 }
433 break;
434 default:
435 AUTH_LOGE(AUTH_CONN, "unknown connType. type=%{public}d", connInfo->type);
436 return SOFTBUS_INVALID_PARAM;
437 }
438 if (!IsSupportFeatureByCapaBit(info.feature, BIT_SUPPORT_NORMALIZED_LINK)) {
439 AUTH_LOGE(AUTH_CONN, "not support normalize");
440 return SOFTBUS_AUTH_NOT_SUPPORT_NORMALIZE;
441 }
442 return AuthDeviceGetAuthHandleByIndex(info.deviceInfo.deviceUdid, isServer, index, authHandle);
443 }
444
AuthGetAuthHandleByIndexForBle(const AuthConnInfo * connInfo,char * networkId,NodeInfo * info)445 int32_t AuthGetAuthHandleByIndexForBle(const AuthConnInfo *connInfo, char *networkId, NodeInfo *info)
446 {
447 if (connInfo == NULL || networkId == NULL || info == NULL) {
448 AUTH_LOGE(AUTH_CONN, "get auth handle by index fail because para error");
449 return SOFTBUS_INVALID_PARAM;
450 }
451 if (LnnGetNetworkIdByUdidHash(connInfo->info.bleInfo.deviceIdHash, UDID_HASH_LEN, networkId, NETWORK_ID_BUF_LEN,
452 true) != SOFTBUS_OK) {
453 AUTH_LOGE(AUTH_CONN, "get networkId fail");
454 return SOFTBUS_NOT_FIND;
455 }
456 int32_t ret = LnnGetRemoteNodeInfoByKey(networkId, info);
457 if (ret != SOFTBUS_OK) {
458 AUTH_LOGE(AUTH_CONN, "get remote nodeInfo by networkId failed, ret=%{public}d", ret);
459 return ret;
460 }
461 return ret;
462 }
463
FillAuthSessionInfo(AuthSessionInfo * info,const NodeInfo * nodeInfo,AuthDeviceKeyInfo * keyInfo,bool hasDeviceKey)464 static int32_t FillAuthSessionInfo(
465 AuthSessionInfo *info, const NodeInfo *nodeInfo, AuthDeviceKeyInfo *keyInfo, bool hasDeviceKey)
466 {
467 uint8_t localUdidHash[UDID_HASH_LEN] = { 0 };
468 if (LnnGetLocalByteInfo(BYTE_KEY_UDID_HASH, localUdidHash, UDID_HASH_LEN) != SOFTBUS_OK) {
469 AUTH_LOGE(AUTH_KEY, "get local udid hash fail");
470 return SOFTBUS_NETWORK_GET_NODE_INFO_ERR;
471 }
472 bool isSupportNormalizedKey = IsSupportFeatureByCapaBit(nodeInfo->authCapacity, BIT_SUPPORT_NORMALIZED_LINK);
473 if (!hasDeviceKey) {
474 int32_t ret = memcmp(localUdidHash, info->connInfo.info.bleInfo.deviceIdHash, SHORT_HASH_LEN);
475 keyInfo->isServerSide = ret < 0 ? true : false;
476 keyInfo->keyIndex = GenSeq(keyInfo->isServerSide);
477 }
478 info->isServer = keyInfo->isServerSide;
479 info->connId = (uint64_t)keyInfo->keyIndex;
480 info->version = SOFTBUS_NEW_V2;
481 info->normalizedType = isSupportNormalizedKey ? NORMALIZED_SUPPORT : NORMALIZED_NOT_SUPPORT;
482 info->normalizedIndex = keyInfo->keyIndex;
483 if (strcpy_s(info->uuid, sizeof(info->uuid), nodeInfo->uuid) != EOK ||
484 strcpy_s(info->udid, sizeof(info->udid), nodeInfo->deviceInfo.deviceUdid) != EOK) {
485 AUTH_LOGE(AUTH_KEY, "restore manager fail because copy uuid/udid fail");
486 return SOFTBUS_STRCPY_ERR;
487 }
488 return SOFTBUS_OK;
489 }
490
AuthDirectOnlineProcessSessionKey(AuthSessionInfo * info,AuthDeviceKeyInfo * keyInfo,int64_t * authId)491 static int32_t AuthDirectOnlineProcessSessionKey(AuthSessionInfo *info, AuthDeviceKeyInfo *keyInfo, int64_t *authId)
492 {
493 SessionKey sessionKey;
494 (void)memset_s(&sessionKey, sizeof(SessionKey), 0, sizeof(SessionKey));
495 if (memcpy_s(sessionKey.value, sizeof(sessionKey.value), keyInfo->deviceKey, sizeof(keyInfo->deviceKey)) != EOK) {
496 AUTH_LOGE(AUTH_KEY, "restore manager fail because memcpy device key");
497 return SOFTBUS_MEM_ERR;
498 }
499 sessionKey.len = keyInfo->keyLen;
500 if (AuthManagerSetSessionKey(keyInfo->keyIndex, info, &sessionKey, false, keyInfo->isOldKey) != SOFTBUS_OK) {
501 AUTH_LOGE(AUTH_KEY, "set sessionkey fail, index=%{public}" PRId64, keyInfo->keyIndex);
502 (void)memset_s(&sessionKey, sizeof(SessionKey), 0, sizeof(SessionKey));
503 return SOFTBUS_AUTH_SESSION_KEY_PROC_ERR;
504 }
505 AuthManager *auth = GetAuthManagerByConnInfo(&info->connInfo, info->isServer);
506 if (auth == NULL) {
507 AUTH_LOGE(AUTH_KEY, "authManager is null");
508 (void)memset_s(&sessionKey, sizeof(SessionKey), 0, sizeof(SessionKey));
509 return SOFTBUS_AUTH_NOT_FOUND;
510 }
511 *authId = auth->authId;
512 DelDupAuthManager(auth);
513 (void)memset_s(&sessionKey, sizeof(SessionKey), 0, sizeof(SessionKey));
514 return SOFTBUS_OK;
515 }
516
AuthDirectOnlineWithoutSessionKey(AuthSessionInfo * info,AuthDeviceKeyInfo * keyInfo,int64_t * authId)517 static int32_t AuthDirectOnlineWithoutSessionKey(AuthSessionInfo *info, AuthDeviceKeyInfo *keyInfo, int64_t *authId)
518 {
519 int32_t ret = AuthDirectOnlineCreateAuthManager(keyInfo->keyIndex, info);
520 if (ret != SOFTBUS_OK) {
521 AUTH_LOGE(AUTH_KEY, "create auth manager fail, index=%{public}" PRId64, keyInfo->keyIndex);
522 return ret;
523 }
524 AuthManager *auth = GetAuthManagerByConnInfo(&info->connInfo, info->isServer);
525 if (auth == NULL) {
526 AUTH_LOGE(AUTH_KEY, "authManager is null");
527 return SOFTBUS_AUTH_NOT_FOUND;
528 }
529 *authId = auth->authId;
530 DelDupAuthManager(auth);
531 return SOFTBUS_OK;
532 }
533
AuthRestoreAuthManager(const char * udidHash,const AuthConnInfo * connInfo,uint32_t requestId,NodeInfo * nodeInfo,int64_t * authId)534 int32_t AuthRestoreAuthManager(
535 const char *udidHash, const AuthConnInfo *connInfo, uint32_t requestId, NodeInfo *nodeInfo, int64_t *authId)
536 {
537 if (udidHash == NULL || connInfo == NULL || nodeInfo == NULL || authId == NULL) {
538 AUTH_LOGE(AUTH_CONN, "restore manager fail because para error");
539 return SOFTBUS_INVALID_PARAM;
540 }
541 // get device key
542 bool hasDeviceKey = false;
543 AuthDeviceKeyInfo keyInfo = { 0 };
544 bool isSupportCloud = IsCloudSyncEnabledPacked() &&
545 IsFeatureSupport(nodeInfo->feature, BIT_CLOUD_SYNC_DEVICE_INFO);
546 if (AuthFindLatestNormalizeKeyPacked(udidHash, &keyInfo, !isSupportCloud) == SOFTBUS_OK ||
547 AuthFindDeviceKeyPacked(udidHash, connInfo->type, &keyInfo) == SOFTBUS_OK) {
548 hasDeviceKey = true;
549 }
550 if (!isSupportCloud && (!hasDeviceKey || keyInfo.isOldKey)) {
551 AUTH_LOGE(AUTH_KEY, "restore manager fail because device key not exist");
552 (void)memset_s(&keyInfo, sizeof(AuthDeviceKeyInfo), 0, sizeof(AuthDeviceKeyInfo));
553 return SOFTBUS_AUTH_MANAGER_RESTORE_FAIL;
554 }
555 if (SoftBusGenerateStrHash((unsigned char *)nodeInfo->deviceInfo.deviceUdid,
556 strlen(nodeInfo->deviceInfo.deviceUdid), (unsigned char *)connInfo->info.bleInfo.deviceIdHash) != SOFTBUS_OK) {
557 AUTH_LOGE(AUTH_KEY, "restore manager fail because generate strhash");
558 (void)memset_s(&keyInfo, sizeof(AuthDeviceKeyInfo), 0, sizeof(AuthDeviceKeyInfo));
559 return SOFTBUS_NETWORK_GENERATE_STR_HASH_ERR;
560 }
561 AuthSessionInfo info;
562 (void)memset_s(&info, sizeof(AuthSessionInfo), 0, sizeof(AuthSessionInfo));
563 info.requestId = requestId;
564 info.connInfo = *connInfo;
565 info.isOldKey = keyInfo.isOldKey;
566 int32_t ret = FillAuthSessionInfo(&info, nodeInfo, &keyInfo, hasDeviceKey);
567 if (ret != SOFTBUS_OK) {
568 AUTH_LOGE(AUTH_KEY, "fill authSessionInfo fail");
569 (void)memset_s(&keyInfo, sizeof(AuthDeviceKeyInfo), 0, sizeof(AuthDeviceKeyInfo));
570 return ret;
571 }
572 ret = hasDeviceKey ? AuthDirectOnlineProcessSessionKey(&info, &keyInfo, authId) :
573 AuthDirectOnlineWithoutSessionKey(&info, &keyInfo, authId);
574 (void)memset_s(&keyInfo, sizeof(AuthDeviceKeyInfo), 0, sizeof(AuthDeviceKeyInfo));
575 return ret;
576 }
577
AuthEncrypt(AuthHandle * authHandle,const uint8_t * inData,uint32_t inLen,uint8_t * outData,uint32_t * outLen)578 int32_t AuthEncrypt(AuthHandle *authHandle, const uint8_t *inData, uint32_t inLen, uint8_t *outData, uint32_t *outLen)
579 {
580 if (authHandle == NULL) {
581 AUTH_LOGE(AUTH_KEY, "authHandle is null");
582 return SOFTBUS_INVALID_PARAM;
583 }
584 AuthManager *auth = GetAuthManagerByAuthId(authHandle->authId);
585 if (auth != NULL) {
586 DelDupAuthManager(auth);
587 return AuthDeviceEncrypt(authHandle, inData, inLen, outData, outLen);
588 }
589 return AuthMetaEncryptPacked(authHandle->authId, inData, inLen, outData, outLen);
590 }
591
AuthDecrypt(AuthHandle * authHandle,const uint8_t * inData,uint32_t inLen,uint8_t * outData,uint32_t * outLen)592 int32_t AuthDecrypt(AuthHandle *authHandle, const uint8_t *inData, uint32_t inLen, uint8_t *outData, uint32_t *outLen)
593 {
594 if (authHandle == NULL) {
595 AUTH_LOGE(AUTH_KEY, "authHandle is null");
596 return SOFTBUS_INVALID_PARAM;
597 }
598 AuthManager *auth = GetAuthManagerByAuthId(authHandle->authId);
599 if (auth != NULL) {
600 DelDupAuthManager(auth);
601 return AuthDeviceDecrypt(authHandle, inData, inLen, outData, outLen);
602 }
603 return AuthMetaDecryptPacked(authHandle->authId, inData, inLen, outData, outLen);
604 }
605
AuthSetP2pMac(int64_t authId,const char * p2pMac)606 int32_t AuthSetP2pMac(int64_t authId, const char *p2pMac)
607 {
608 AuthManager *auth = GetAuthManagerByAuthId(authId);
609 if (auth != NULL) {
610 DelDupAuthManager(auth);
611 return AuthDeviceSetP2pMac(authId, p2pMac);
612 }
613 return AuthMetaSetP2pMacPacked(authId, p2pMac);
614 }
615
AuthGetConnInfo(AuthHandle authHandle,AuthConnInfo * connInfo)616 int32_t AuthGetConnInfo(AuthHandle authHandle, AuthConnInfo *connInfo)
617 {
618 if (authHandle.type < AUTH_LINK_TYPE_WIFI || authHandle.type >= AUTH_LINK_TYPE_MAX) {
619 AUTH_LOGE(AUTH_CONN, "authHandle type error");
620 return SOFTBUS_INVALID_PARAM;
621 }
622 AuthManager *auth = GetAuthManagerByAuthId(authHandle.authId);
623 if (auth != NULL) {
624 DelDupAuthManager(auth);
625 return AuthDeviceGetConnInfo(authHandle, connInfo);
626 }
627 return AuthMetaGetConnInfoPacked(authHandle.authId, connInfo);
628 }
629
AuthGetDeviceUuid(int64_t authId,char * uuid,uint16_t size)630 int32_t AuthGetDeviceUuid(int64_t authId, char *uuid, uint16_t size)
631 {
632 AuthManager *auth = GetAuthManagerByAuthId(authId);
633 if (auth != NULL) {
634 DelDupAuthManager(auth);
635 return AuthDeviceGetDeviceUuid(authId, uuid, size);
636 }
637 return AuthMetaGetDeviceUuidPacked(authId, uuid, size);
638 }
639
AuthGetVersion(int64_t authId,SoftBusVersion * version)640 int32_t AuthGetVersion(int64_t authId, SoftBusVersion *version)
641 {
642 return AuthDeviceGetVersion(authId, version);
643 }
644
AuthGetServerSide(int64_t authId,bool * isServer)645 int32_t AuthGetServerSide(int64_t authId, bool *isServer)
646 {
647 AuthManager *auth = GetAuthManagerByAuthId(authId);
648 if (auth != NULL) {
649 DelDupAuthManager(auth);
650 return AuthDeviceGetServerSide(authId, isServer);
651 }
652 return AuthMetaGetServerSidePacked(authId, isServer);
653 }
654
AuthGetMetaType(int64_t authId,bool * isMetaAuth)655 int32_t AuthGetMetaType(int64_t authId, bool *isMetaAuth)
656 {
657 if (isMetaAuth == NULL) {
658 AUTH_LOGW(AUTH_CONN, "invalid param");
659 return SOFTBUS_INVALID_PARAM;
660 }
661 AuthManager *auth = GetAuthManagerByAuthId(authId);
662 if (auth != NULL) {
663 DelDupAuthManager(auth);
664 *isMetaAuth = false;
665 return SOFTBUS_OK;
666 }
667 *isMetaAuth = true;
668 return SOFTBUS_OK;
669 }
670
AuthGetGroupType(const char * udid,const char * uuid)671 uint32_t AuthGetGroupType(const char *udid, const char *uuid)
672 {
673 uint32_t type = 0;
674 if (udid == NULL || uuid == NULL) {
675 AUTH_LOGW(AUTH_HICHAIN, "udid or uuid is null");
676 return type;
677 }
678 type |= CheckDeviceInGroupByType(udid, uuid, AUTH_GROUP_ACCOUNT) ? GROUP_TYPE_ACCOUNT : 0;
679 type |= CheckDeviceInGroupByType(udid, uuid, AUTH_GROUP_P2P) ? GROUP_TYPE_P2P : 0;
680 type |= CheckDeviceInGroupByType(udid, uuid, AUTH_GROUP_MESH) ? GROUP_TYPE_MESH : 0;
681 type |= CheckDeviceInGroupByType(udid, uuid, AUTH_GROUP_COMPATIBLE) ? GROUP_TYPE_COMPATIBLE : 0;
682 return type;
683 }
684
AuthIsPotentialTrusted(const DeviceInfo * device,bool isOnlyPointToPoint)685 bool AuthIsPotentialTrusted(const DeviceInfo *device, bool isOnlyPointToPoint)
686 {
687 uint8_t localAccountHash[SHA_256_HASH_LEN] = { 0 };
688 DeviceInfo defaultInfo;
689 (void)memset_s(&defaultInfo, sizeof(DeviceInfo), 0, sizeof(DeviceInfo));
690
691 if (device == NULL) {
692 AUTH_LOGE(AUTH_HICHAIN, "device is null");
693 return false;
694 }
695 if (memcmp(device->devId, defaultInfo.devId, SHA_256_HASH_LEN) == 0) {
696 AUTH_LOGW(AUTH_HICHAIN, "devId is empty");
697 return false;
698 }
699 if (memcmp(device->accountHash, defaultInfo.accountHash, SHORT_ACCOUNT_HASH_LEN) == 0) {
700 AUTH_LOGI(AUTH_HICHAIN, "devId accountHash is empty");
701 return true;
702 }
703 if (LnnGetLocalByteInfo(BYTE_KEY_ACCOUNT_HASH, localAccountHash, SHA_256_HASH_LEN) != SOFTBUS_OK) {
704 AUTH_LOGE(AUTH_HICHAIN, "get local accountHash fail");
705 return false;
706 }
707 if (memcmp(localAccountHash, device->accountHash, SHORT_ACCOUNT_HASH_LEN) == 0 && !LnnIsDefaultOhosAccount()) {
708 AUTH_LOGD(AUTH_HICHAIN, "account is same, continue verify progress. account=%{public}02X%{public}02X",
709 device->accountHash[0], device->accountHash[1]);
710 return true;
711 }
712 if (IdServiceIsPotentialTrustedDevice(device->devId, device->accountHash, false) ||
713 IsPotentialTrustedDevice(ID_TYPE_DEVID, device->devId, false, isOnlyPointToPoint) ||
714 IsPotentialTrustedDeviceDp(device->devId, isOnlyPointToPoint)) {
715 AUTH_LOGI(AUTH_HICHAIN, "device is potential trusted, continue verify progress");
716 return true;
717 }
718
719 return false;
720 }
721
IsSameAccountDevice(const DeviceInfo * device)722 bool IsSameAccountDevice(const DeviceInfo *device)
723 {
724 if (device == NULL) {
725 AUTH_LOGE(AUTH_HICHAIN, "invalid param");
726 return false;
727 }
728
729 uint8_t localAccountHash[SHA_256_HASH_LEN] = { 0 };
730 if (LnnGetLocalByteInfo(BYTE_KEY_ACCOUNT_HASH, localAccountHash, SHA_256_HASH_LEN) != SOFTBUS_OK) {
731 AUTH_LOGE(AUTH_HICHAIN, "get local accountHash fail");
732 return false;
733 }
734 if (memcmp(localAccountHash, device->accountHash, SHORT_ACCOUNT_HASH_LEN) == 0 && !LnnIsDefaultOhosAccount()) {
735 AUTH_LOGI(AUTH_HICHAIN, "account is same, continue check same account group relation.");
736 return true;
737 }
738 return false;
739 }
740
AuthHasSameAccountGroup(void)741 bool AuthHasSameAccountGroup(void)
742 {
743 if (IsSameAccountGroupDevice()) {
744 AUTH_LOGI(AUTH_HICHAIN, "device has same account group relation, continue verify progress");
745 return true;
746 }
747 return false;
748 }
749
AuthHasTrustedRelation(void)750 TrustedReturnType AuthHasTrustedRelation(void)
751 {
752 uint32_t num = 0;
753 char *udidArray = NULL;
754
755 if (LnnGetTrustedDevInfoFromDb(&udidArray, &num) != SOFTBUS_OK) {
756 AUTH_LOGE(AUTH_CONN, "auth get trusted dev info fail");
757 return TRUSTED_RELATION_IGNORE;
758 }
759 SoftBusFree(udidArray);
760 AUTH_LOGI(AUTH_CONN, "auth get trusted relation num=%{public}u", num);
761 return (num != 0) ? TRUSTED_RELATION_YES : TRUSTED_RELATION_NO;
762 }
763
IsAuthHasTrustedRelation(void)764 bool IsAuthHasTrustedRelation(void)
765 {
766 bool hasTrustedRelation = (AuthHasTrustedRelation() == TRUSTED_RELATION_YES) ? true : false;
767 return hasTrustedRelation;
768 }
769
AuthCheckMetaExist(const AuthConnInfo * connInfo,bool * isExist)770 int32_t AuthCheckMetaExist(const AuthConnInfo *connInfo, bool *isExist)
771 {
772 if (connInfo == NULL || isExist == NULL) {
773 AUTH_LOGE(AUTH_CONN, "invalid param");
774 return SOFTBUS_INVALID_PARAM;
775 }
776 AuthMetaCheckMetaExistPacked(connInfo, isExist);
777 return SOFTBUS_OK;
778 }
779
IsSameAccountId(int64_t accountId)780 bool IsSameAccountId(int64_t accountId)
781 {
782 int64_t localAccountId = 0;
783 int32_t ret = LnnGetLocalNum64Info(NUM_KEY_ACCOUNT_LONG, &localAccountId);
784 if (ret != SOFTBUS_OK) {
785 LNN_LOGE(AUTH_CONN, "get local accountId fail");
786 return false;
787 }
788 if (localAccountId == accountId && !LnnIsDefaultOhosAccount()) {
789 return true;
790 }
791 LNN_LOGI(AUTH_CONN, "not same account");
792 return false;
793 }
794
AuthInit(void)795 int32_t AuthInit(void)
796 {
797 AuthTransCallback callBack = {
798 .onDataReceived = NotifyTransDataReceived,
799 .onDisconnected = NotifyTransDisconnected,
800 .onException = NotifyTransException,
801 };
802 int32_t ret = AuthDeviceInit(&callBack);
803 if (ret != SOFTBUS_OK) {
804 AUTH_LOGE(AUTH_INIT, "auth device init failed");
805 return SOFTBUS_AUTH_INIT_FAIL;
806 }
807 ret = RegHichainSaStatusListener();
808 if (ret != SOFTBUS_OK && ret != SOFTBUS_NOT_IMPLEMENT) {
809 AUTH_LOGE(AUTH_INIT, "regHichainSaStatusListener failed");
810 LnnInitModuleStatusSet(INIT_DEPS_HICHAIN, DEPS_STATUS_FAILED);
811 LnnInitModuleReturnSet(INIT_DEPS_HICHAIN, ret);
812 return SOFTBUS_AUTH_HICHAIN_SA_PROC_ERR;
813 }
814 LnnInitModuleStatusSet(INIT_DEPS_HICHAIN, DEPS_STATUS_SUCCESS);
815 ret = CustomizedSecurityProtocolInitPacked();
816 if (ret != SOFTBUS_OK && ret != SOFTBUS_NOT_IMPLEMENT) {
817 AUTH_LOGI(AUTH_INIT, "customized protocol init failed, ret=%{public}d", ret);
818 return ret;
819 }
820 ret = UkNegotiateInit();
821 if (ret != SOFTBUS_OK) {
822 AUTH_LOGE(AUTH_INIT, "user key nego init failed, ret=%{public}d", ret);
823 return ret;
824 }
825 ApplyKeyNegoInit();
826 AuthLoadDeviceKeyPacked();
827 return AuthMetaInitPacked(&callBack);
828 }
829
AuthDeinit(void)830 void AuthDeinit(void)
831 {
832 AuthDeviceDeinit();
833 CustomizedSecurityProtocolDeinitPacked();
834 UkNegotiateDeinit();
835 ApplyKeyNegoDeinit();
836 AuthMetaDeinitPacked();
837 }
838
AuthServerDeathCallback(const char * pkgName,int32_t pid)839 void AuthServerDeathCallback(const char *pkgName, int32_t pid)
840 {
841 DelAuthMetaManagerByPidPacked(pkgName, pid);
842 ClearMetaNodeRequestByPidPacked(pkgName, pid);
843 }
844