• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 *     http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #define LOG_TAG "BundleChecker"
16 
17 #include "bundle_checker.h"
18 #include <memory>
19 #include "accesstoken_kit.h"
20 #include "bundlemgr/bundle_mgr_proxy.h"
21 #include "hap_token_info.h"
22 #include "ipc_skeleton.h"
23 #include "iservice_registry.h"
24 #include "log_print.h"
25 #include "system_ability_definition.h"
26 #include "utils/crypto.h"
27 
28 namespace OHOS {
29 namespace DistributedData {
30 using namespace Security::AccessToken;
31 __attribute__((used)) BundleChecker BundleChecker::instance_;
BundleChecker()32 BundleChecker::BundleChecker() noexcept
33 {
34     CheckerManager::GetInstance().RegisterPlugin(
35         "BundleChecker", [this]() -> auto { return this; });
36 }
37 
~BundleChecker()38 BundleChecker::~BundleChecker()
39 {
40 }
41 
Initialize()42 void BundleChecker::Initialize()
43 {
44 }
45 
SetTrustInfo(const CheckerManager::Trust & trust)46 bool BundleChecker::SetTrustInfo(const CheckerManager::Trust &trust)
47 {
48     trusts_[trust.bundleName] = trust.appId;
49     return true;
50 }
51 
SetDistrustInfo(const CheckerManager::Distrust & distrust)52 bool BundleChecker::SetDistrustInfo(const CheckerManager::Distrust &distrust)
53 {
54     distrusts_[distrust.bundleName] = distrust.appId;
55     return true;
56 }
57 
SetSwitchesInfo(const CheckerManager::Switches & switches)58 bool BundleChecker::SetSwitchesInfo(const CheckerManager::Switches &switches)
59 {
60     switches_[switches.bundleName] = switches.appId;
61     return true;
62 }
63 
GetKey(const std::string & bundleName,int32_t userId)64 std::string BundleChecker::GetKey(const std::string &bundleName, int32_t userId)
65 {
66     return bundleName + "###" + std::to_string(userId);
67 }
68 
GetAppidFromCache(const std::string & bundleName,int32_t userId)69 std::string BundleChecker::GetAppidFromCache(const std::string &bundleName, int32_t userId)
70 {
71     std::string appId;
72     std::string key = GetKey(bundleName, userId);
73     appIds_.Get(key, appId);
74     return appId;
75 }
76 
GetBundleAppId(const CheckerManager::StoreInfo & info)77 std::string BundleChecker::GetBundleAppId(const CheckerManager::StoreInfo &info)
78 {
79     int32_t userId = info.uid / OHOS::AppExecFwk::Constants::BASE_USER_RANGE;
80     std::string appId = GetAppidFromCache(info.bundleName, userId);
81     if (!appId.empty()) {
82         return appId;
83     }
84     auto samgrProxy = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager();
85     if (samgrProxy == nullptr) {
86         ZLOGE("Failed to get system ability mgr.");
87         return "";
88     }
89     auto bundleMgrProxy = samgrProxy->GetSystemAbility(BUNDLE_MGR_SERVICE_SYS_ABILITY_ID);
90     if (bundleMgrProxy == nullptr) {
91         ZLOGE("Failed to Get BMS SA.");
92         return "";
93     }
94     auto bundleManager = iface_cast<AppExecFwk::IBundleMgr>(bundleMgrProxy);
95     if (bundleManager == nullptr) {
96         ZLOGE("Failed to get bundle manager");
97         return "";
98     }
99     appId = bundleManager->GetAppIdByBundleName(info.bundleName, userId);
100     if (appId.empty()) {
101         ZLOGE("GetAppIdByBundleName failed appId:%{public}s, bundleName:%{public}s, uid:%{public}d",
102             appId.c_str(), info.bundleName.c_str(), userId);
103     } else {
104         appIds_.Set(GetKey(info.bundleName, userId), appId);
105     }
106     return appId;
107 }
108 
DeleteCache(const std::string & bundleName,int32_t user,int32_t index)109 void BundleChecker::DeleteCache(const std::string &bundleName, int32_t user, int32_t index)
110 {
111     std::string key = GetKey(bundleName, user);
112     appIds_.Delete(key);
113 }
114 
ClearCache()115 void BundleChecker::ClearCache()
116 {
117     appIds_.ResetCapacity(0);
118     appIds_.ResetCapacity(CACHE_SIZE);
119 }
120 
GetAppId(const CheckerManager::StoreInfo & info)121 std::string BundleChecker::GetAppId(const CheckerManager::StoreInfo &info)
122 {
123     if (AccessTokenKit::GetTokenTypeFlag(info.tokenId) != TOKEN_HAP) {
124         return "";
125     }
126     auto appId = GetBundleAppId(info);
127     if (appId.empty()) {
128         return "";
129     }
130     auto it = trusts_.find(info.bundleName);
131     if (it != trusts_.end() && (it->second == appId)) {
132         return info.bundleName;
133     }
134     ZLOGD("bundleName:%{public}s, appId:%{public}s", info.bundleName.c_str(), appId.c_str());
135     return Crypto::Sha256(appId);
136 }
137 
IsValid(const CheckerManager::StoreInfo & info)138 bool BundleChecker::IsValid(const CheckerManager::StoreInfo &info)
139 {
140     if (AccessTokenKit::GetTokenTypeFlag(info.tokenId) != TOKEN_HAP) {
141         return false;
142     }
143 
144     HapTokenInfo tokenInfo;
145     if (AccessTokenKit::GetHapTokenInfo(info.tokenId, tokenInfo) != RET_SUCCESS) {
146         return false;
147     }
148     return tokenInfo.bundleName == info.bundleName;
149 }
150 
IsDistrust(const CheckerManager::StoreInfo & info)151 bool BundleChecker::IsDistrust(const CheckerManager::StoreInfo &info)
152 {
153     if (AccessTokenKit::GetTokenTypeFlag(info.tokenId) != TOKEN_HAP) {
154         return false;
155     }
156     auto appId = GetBundleAppId(info);
157     if (appId.empty()) {
158         return false;
159     }
160     auto it = distrusts_.find(info.bundleName);
161     if (it != distrusts_.end() && (it->second == appId)) {
162         return true;
163     }
164     return false;
165 }
166 
IsSwitches(const CheckerManager::StoreInfo & info)167 bool BundleChecker::IsSwitches(const CheckerManager::StoreInfo &info)
168 {
169     return false;
170 }
171 
GetDynamicStores()172 std::vector<CheckerManager::StoreInfo> BundleChecker::GetDynamicStores()
173 {
174     return dynamicStores_;
175 }
176 
GetStaticStores()177 std::vector<CheckerManager::StoreInfo> BundleChecker::GetStaticStores()
178 {
179     return staticStores_;
180 }
181 
IsDynamic(const CheckerManager::StoreInfo & info)182 bool BundleChecker::IsDynamic(const CheckerManager::StoreInfo &info)
183 {
184     for (const auto &store : dynamicStores_) {
185         if (info.bundleName == store.bundleName && info.storeId == store.storeId) {
186             return true;
187         }
188     }
189     return false;
190 }
191 
IsStatic(const CheckerManager::StoreInfo & info)192 bool BundleChecker::IsStatic(const CheckerManager::StoreInfo &info)
193 {
194     for (const auto &store : staticStores_) {
195         if (info.bundleName == store.bundleName && info.storeId == store.storeId) {
196             return true;
197         }
198     }
199     return false;
200 }
201 
AddDynamicStore(const CheckerManager::StoreInfo & storeInfo)202 bool BundleChecker::AddDynamicStore(const CheckerManager::StoreInfo &storeInfo)
203 {
204     dynamicStores_.push_back(storeInfo);
205     return true;
206 }
207 
AddStaticStore(const CheckerManager::StoreInfo & storeInfo)208 bool BundleChecker::AddStaticStore(const CheckerManager::StoreInfo &storeInfo)
209 {
210     staticStores_.push_back(storeInfo);
211     return true;
212 }
213 } // namespace DistributedData
214 } // namespace OHOS