1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #include "auth_interface.h"
16
17 #include <securec.h>
18 #include <stdbool.h>
19 #include <stdint.h>
20
21 #include "auth_device_common_key.h"
22 #include "auth_hichain.h"
23 #include "auth_hichain_adapter.h"
24 #include "auth_manager.h"
25 #include "auth_meta_manager.h"
26 #include "bus_center_manager.h"
27 #include "lnn_decision_db.h"
28 #include "lnn_ohos_account.h"
29 #include "softbus_adapter_mem.h"
30 #include "softbus_def.h"
31
32 #define SHORT_ACCOUNT_HASH_LEN 2
33
34 typedef struct {
35 int32_t module;
36 AuthTransListener listener;
37 } ModuleListener;
38
39 static ModuleListener g_moduleListener[] = {
40 {
41 .module = MODULE_P2P_LINK,
42 .listener = { NULL, NULL },
43 },
44 {
45 .module = MODULE_P2P_LISTEN,
46 .listener = { NULL, NULL },
47 },
48 {
49 .module = MODULE_UDP_INFO,
50 .listener = { NULL, NULL },
51 },
52 {
53 .module = MODULE_TIME_SYNC,
54 .listener = { NULL, NULL },
55 }
56 };
57
RegAuthTransListener(int32_t module,const AuthTransListener * listener)58 NO_SANITIZE("cfi") int32_t RegAuthTransListener(int32_t module, const AuthTransListener *listener)
59 {
60 SoftBusLog(SOFTBUS_LOG_AUTH, SOFTBUS_LOG_INFO, "AuthTrans: add listener, module = %d.", module);
61 if (listener == NULL || listener->onDataReceived == NULL) {
62 SoftBusLog(SOFTBUS_LOG_AUTH, SOFTBUS_LOG_ERROR, "AuthTrans: invalid listener.");
63 return SOFTBUS_INVALID_PARAM;
64 }
65 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
66 if (g_moduleListener[i].module == module) {
67 g_moduleListener[i].listener.onDataReceived = listener->onDataReceived;
68 g_moduleListener[i].listener.onDisconnected = listener->onDisconnected;
69 return SOFTBUS_OK;
70 }
71 }
72 SoftBusLog(SOFTBUS_LOG_AUTH, SOFTBUS_LOG_ERROR, "AuthTrans: unknown module(=%d).", module);
73 return SOFTBUS_ERR;
74 }
75
UnregAuthTransListener(int32_t module)76 NO_SANITIZE("cfi") void UnregAuthTransListener(int32_t module)
77 {
78 SoftBusLog(SOFTBUS_LOG_AUTH, SOFTBUS_LOG_INFO, "AuthTrans: remove listener, module=%d.", module);
79 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
80 if (g_moduleListener[i].module == module) {
81 g_moduleListener[i].listener.onDataReceived = NULL;
82 g_moduleListener[i].listener.onDisconnected = NULL;
83 return;
84 }
85 }
86 }
87
NotifyTransDataReceived(int64_t authId,const AuthDataHead * head,const uint8_t * data,uint32_t len)88 NO_SANITIZE("cfi") static void NotifyTransDataReceived(int64_t authId,
89 const AuthDataHead *head, const uint8_t *data, uint32_t len)
90 {
91 AuthTransListener *listener = NULL;
92 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
93 if (g_moduleListener[i].module == head->module) {
94 listener = &(g_moduleListener[i].listener);
95 break;
96 }
97 }
98 if (listener == NULL || listener->onDataReceived == NULL) {
99 SoftBusLog(SOFTBUS_LOG_AUTH, SOFTBUS_LOG_INFO, "AuthTrans: onDataReceived not found.");
100 return;
101 }
102 AuthTransData transData = {
103 .module = head->module,
104 .flag = head->flag,
105 .seq = head->seq,
106 .len = len,
107 .data = data,
108 };
109 listener->onDataReceived(authId, &transData);
110 }
111
NotifyTransDisconnected(int64_t authId)112 NO_SANITIZE("cfi") static void NotifyTransDisconnected(int64_t authId)
113 {
114 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
115 if (g_moduleListener[i].listener.onDisconnected != NULL) {
116 g_moduleListener[i].listener.onDisconnected(authId);
117 }
118 }
119 }
120
AuthOpenConn(const AuthConnInfo * info,uint32_t requestId,const AuthConnCallback * callback,bool isMeta)121 NO_SANITIZE("cfi") int32_t AuthOpenConn(const AuthConnInfo *info, uint32_t requestId, const AuthConnCallback *callback,
122 bool isMeta)
123 {
124 if (isMeta) {
125 return AuthMetaOpenConn(info, requestId, callback);
126 }
127 return AuthDeviceOpenConn(info, requestId, callback);
128 }
129
AuthPostTransData(int64_t authId,const AuthTransData * dataInfo)130 NO_SANITIZE("cfi") int32_t AuthPostTransData(int64_t authId, const AuthTransData *dataInfo)
131 {
132 AuthManager *auth = GetAuthManagerByAuthId(authId);
133 if (auth != NULL) {
134 DelAuthManager(auth, false);
135 return AuthDevicePostTransData(authId, dataInfo);
136 }
137 return AuthMetaPostTransData(authId, dataInfo);
138 }
139
AuthCloseConn(int64_t authId)140 NO_SANITIZE("cfi") void AuthCloseConn(int64_t authId)
141 {
142 AuthManager *auth = GetAuthManagerByAuthId(authId);
143 if (auth != NULL) {
144 DelAuthManager(auth, false);
145 AuthDeviceCloseConn(authId);
146 return;
147 }
148 AuthMetaCloseConn(authId);
149 }
150
AuthGetPreferConnInfo(const char * uuid,AuthConnInfo * connInfo,bool isMeta)151 NO_SANITIZE("cfi") int32_t AuthGetPreferConnInfo(const char *uuid, AuthConnInfo *connInfo, bool isMeta)
152 {
153 if (isMeta) {
154 return AuthMetaGetPreferConnInfo(uuid, connInfo);
155 }
156 return AuthDeviceGetPreferConnInfo(uuid, connInfo);
157 }
158
159 /* for ProxyChannel & P2P TcpDirectchannel */
AuthGetLatestIdByUuid(const char * uuid,AuthLinkType type,bool isMeta)160 NO_SANITIZE("cfi") int64_t AuthGetLatestIdByUuid(const char *uuid, AuthLinkType type, bool isMeta)
161 {
162 if (isMeta) {
163 return AUTH_INVALID_ID;
164 }
165 return AuthDeviceGetLatestIdByUuid(uuid, type);
166 }
167
AuthGetIdByConnInfo(const AuthConnInfo * connInfo,bool isServer,bool isMeta)168 NO_SANITIZE("cfi") int64_t AuthGetIdByConnInfo(const AuthConnInfo *connInfo, bool isServer, bool isMeta)
169 {
170 if (isMeta) {
171 return AuthMetaGetIdByConnInfo(connInfo, isServer);
172 }
173 return AuthDeviceGetIdByConnInfo(connInfo, isServer);
174 }
175
AuthGetIdByUuid(const char * uuid,AuthLinkType type,bool isServer,bool isMeta)176 NO_SANITIZE("cfi") int64_t AuthGetIdByUuid(const char *uuid, AuthLinkType type, bool isServer, bool isMeta)
177 {
178 if (isMeta) {
179 return AuthMetaGetIdByUuid(uuid, type, isServer);
180 }
181 return AuthDeviceGetIdByUuid(uuid, type, isServer);
182 }
183
AuthRestoreAuthManager(const char * udidHash,const AuthConnInfo * connInfo,int32_t requestId,NodeInfo * nodeInfo,int64_t * authId)184 NO_SANITIZE("cfi") int32_t AuthRestoreAuthManager(const char *udidHash,
185 const AuthConnInfo *connInfo, int32_t requestId, NodeInfo *nodeInfo, int64_t *authId)
186 {
187 if (udidHash == NULL || connInfo == NULL || nodeInfo == NULL || authId == NULL) {
188 SoftBusLog(SOFTBUS_LOG_AUTH, SOFTBUS_LOG_WARN, "restore manager fail because para error");
189 return SOFTBUS_ERR;
190 }
191 // get device key
192 AuthDeviceKeyInfo keyInfo = {0};
193 if (AuthFindDeviceKey(udidHash, connInfo->type, &keyInfo) != SOFTBUS_OK) {
194 SoftBusLog(SOFTBUS_LOG_AUTH, SOFTBUS_LOG_INFO, "restore manager fail because device key not exist");
195 return SOFTBUS_ERR;
196 }
197 if (SoftBusGenerateStrHash((unsigned char *)nodeInfo->deviceInfo.deviceUdid,
198 strlen(nodeInfo->deviceInfo.deviceUdid), (unsigned char *)connInfo->info.bleInfo.deviceIdHash) != SOFTBUS_OK) {
199 SoftBusLog(SOFTBUS_LOG_AUTH, SOFTBUS_LOG_INFO, "restore manager fail because generate strhash");
200 return SOFTBUS_ERR;
201 }
202 AuthSessionInfo info;
203 SessionKey sessionKey;
204 (void)memset_s(&info, sizeof(AuthSessionInfo), 0, sizeof(AuthSessionInfo));
205 (void)memset_s(&sessionKey, sizeof(SessionKey), 0, sizeof(SessionKey));
206 info.requestId = requestId;
207 info.isServer = keyInfo.isServerSide;
208 info.connId = keyInfo.keyIndex;
209 info.connInfo = *connInfo;
210 info.version = SOFTBUS_NEW_V2;
211 if (strcpy_s(info.uuid, sizeof(info.uuid), nodeInfo->uuid) != EOK ||
212 strcpy_s(info.udid, sizeof(info.udid), nodeInfo->deviceInfo.deviceUdid) != EOK) {
213 SoftBusLog(SOFTBUS_LOG_AUTH, SOFTBUS_LOG_WARN, "restore manager fail because copy uuid/udid fail");
214 return SOFTBUS_ERR;
215 }
216 if (memcpy_s(sessionKey.value, sizeof(sessionKey.value), keyInfo.deviceKey, sizeof(keyInfo.deviceKey)) != EOK) {
217 SoftBusLog(SOFTBUS_LOG_AUTH, SOFTBUS_LOG_ERROR, "restore manager fail because memcpy device key");
218 return SOFTBUS_MEM_ERR;
219 }
220 sessionKey.len = keyInfo.keyLen;
221 *authId = keyInfo.keyIndex;
222 return AuthManagerSetSessionKey(keyInfo.keyIndex, &info, &sessionKey, false);
223 }
224
AuthEncrypt(int64_t authId,const uint8_t * inData,uint32_t inLen,uint8_t * outData,uint32_t * outLen)225 NO_SANITIZE("cfi") int32_t AuthEncrypt(int64_t authId, const uint8_t *inData, uint32_t inLen, uint8_t *outData,
226 uint32_t *outLen)
227 {
228 AuthManager *auth = GetAuthManagerByAuthId(authId);
229 if (auth != NULL) {
230 DelAuthManager(auth, false);
231 return AuthDeviceEncrypt(authId, inData, inLen, outData, outLen);
232 }
233 return AuthMetaEncrypt(authId, inData, inLen, outData, outLen);
234 }
235
AuthDecrypt(int64_t authId,const uint8_t * inData,uint32_t inLen,uint8_t * outData,uint32_t * outLen)236 NO_SANITIZE("cfi") int32_t AuthDecrypt(int64_t authId, const uint8_t *inData, uint32_t inLen, uint8_t *outData,
237 uint32_t *outLen)
238 {
239 AuthManager *auth = GetAuthManagerByAuthId(authId);
240 if (auth != NULL) {
241 DelAuthManager(auth, false);
242 return AuthDeviceDecrypt(authId, inData, inLen, outData, outLen);
243 }
244 return AuthMetaDecrypt(authId, inData, inLen, outData, outLen);
245 }
246
AuthSetP2pMac(int64_t authId,const char * p2pMac)247 NO_SANITIZE("cfi") int32_t AuthSetP2pMac(int64_t authId, const char *p2pMac)
248 {
249 AuthManager *auth = GetAuthManagerByAuthId(authId);
250 if (auth != NULL) {
251 DelAuthManager(auth, false);
252 return AuthDeviceSetP2pMac(authId, p2pMac);
253 }
254 return AuthMetaSetP2pMac(authId, p2pMac);
255 }
256
AuthGetConnInfo(int64_t authId,AuthConnInfo * connInfo)257 NO_SANITIZE("cfi") int32_t AuthGetConnInfo(int64_t authId, AuthConnInfo *connInfo)
258 {
259 AuthManager *auth = GetAuthManagerByAuthId(authId);
260 if (auth != NULL) {
261 DelAuthManager(auth, false);
262 return AuthDeviceGetConnInfo(authId, connInfo);
263 }
264 return AuthMetaGetConnInfo(authId, connInfo);
265 }
266
AuthGetDeviceUuid(int64_t authId,char * uuid,uint16_t size)267 NO_SANITIZE("cfi") int32_t AuthGetDeviceUuid(int64_t authId, char *uuid, uint16_t size)
268 {
269 AuthManager *auth = GetAuthManagerByAuthId(authId);
270 if (auth != NULL) {
271 DelAuthManager(auth, false);
272 return AuthDeviceGetDeviceUuid(authId, uuid, size);
273 }
274 return AuthMetaGetDeviceUuid(authId, uuid, size);
275 }
276
AuthGetVersion(int64_t authId,SoftBusVersion * version)277 NO_SANITIZE("cfi") int32_t AuthGetVersion(int64_t authId, SoftBusVersion *version)
278 {
279 return AuthDeviceGetVersion(authId, version);
280 }
281
AuthGetServerSide(int64_t authId,bool * isServer)282 NO_SANITIZE("cfi") int32_t AuthGetServerSide(int64_t authId, bool *isServer)
283 {
284 AuthManager *auth = GetAuthManagerByAuthId(authId);
285 if (auth != NULL) {
286 DelAuthManager(auth, false);
287 return AuthDeviceGetServerSide(authId, isServer);
288 }
289 return AuthMetaGetServerSide(authId, isServer);
290 }
291
AuthGetMetaType(int64_t authId,bool * isMetaAuth)292 NO_SANITIZE("cfi") int32_t AuthGetMetaType(int64_t authId, bool *isMetaAuth)
293 {
294 if (isMetaAuth == NULL) {
295 SoftBusLog(SOFTBUS_LOG_AUTH, SOFTBUS_LOG_ERROR, "invalid param.");
296 return SOFTBUS_INVALID_PARAM;
297 }
298 AuthManager *auth = GetAuthManagerByAuthId(authId);
299 if (auth != NULL) {
300 DelAuthManager(auth, false);
301 *isMetaAuth = false;
302 return SOFTBUS_OK;
303 }
304 *isMetaAuth = true;
305 return SOFTBUS_OK;
306 }
307
AuthGetGroupType(const char * udid,const char * uuid)308 NO_SANITIZE("cfi") int32_t AuthGetGroupType(const char *udid, const char *uuid)
309 {
310 int32_t type = 0;
311 if (udid == NULL || uuid == NULL) {
312 ALOGI("udid or uuid is null!");
313 return type;
314 }
315 type |= CheckDeviceInGroupByType(udid, uuid, AUTH_GROUP_ACCOUNT) ? GROUP_TYPE_ACCOUNT : 0;
316 type |= CheckDeviceInGroupByType(udid, uuid, AUTH_GROUP_P2P) ? GROUP_TYPE_P2P : 0;
317 type |= CheckDeviceInGroupByType(udid, uuid, AUTH_GROUP_MESH) ? GROUP_TYPE_MESH : 0;
318 type |= CheckDeviceInGroupByType(udid, uuid, AUTH_GROUP_COMPATIBLE) ? GROUP_TYPE_COMPATIBLE : 0;
319 return type;
320 }
321
AuthIsPotentialTrusted(const DeviceInfo * device,bool validAccount)322 NO_SANITIZE("cfi") bool AuthIsPotentialTrusted(const DeviceInfo *device, bool validAccount)
323 {
324 uint8_t localAccountHash[SHA_256_HASH_LEN] = {0};
325 DeviceInfo defaultInfo;
326 (void)memset_s(&defaultInfo, sizeof(DeviceInfo), 0, sizeof(DeviceInfo));
327
328 if (device == NULL) {
329 ALOGE("device is null");
330 return false;
331 }
332 if (memcmp(device->devId, defaultInfo.devId, SHA_256_HASH_LEN) == 0) {
333 ALOGI("devId is empty");
334 return false;
335 }
336 if (!validAccount) {
337 return true;
338 }
339 if (IsPotentialTrustedDevice(ID_TYPE_DEVID, device->devId, false)) {
340 ALOGI("device is potential trusted, continue verify progress");
341 return true;
342 }
343 if (LnnGetLocalByteInfo(BYTE_KEY_ACCOUNT_HASH, localAccountHash, SHA_256_HASH_LEN) != SOFTBUS_OK) {
344 ALOGE("get local accountHash fail");
345 return false;
346 }
347 if (memcmp(localAccountHash, device->accountHash, SHORT_ACCOUNT_HASH_LEN) == 0 && !LnnIsDefaultOhosAccount()) {
348 ALOGD("account:%02X%02X is same, continue verify progress", device->accountHash[0], device->accountHash[1]);
349 return true;
350 }
351 return false;
352 }
353
AuthHasTrustedRelation(void)354 NO_SANITIZE("cfi") TrustedReturnType AuthHasTrustedRelation(void)
355 {
356 uint32_t num = 0;
357 char *udidArray = NULL;
358
359 if (LnnGetTrustedDevInfoFromDb(&udidArray, &num) != SOFTBUS_OK) {
360 SoftBusLog(SOFTBUS_LOG_AUTH, SOFTBUS_LOG_ERROR, "auth get trusted dev info fail");
361 return TRUSTED_RELATION_IGNORE;
362 }
363 SoftBusFree(udidArray);
364 return (num != 0) ? TRUSTED_RELATION_YES : TRUSTED_RELATION_NO;
365 }
366
AuthDeleteStoredAuthKey(const char * udid,int32_t discoveryType)367 void AuthDeleteStoredAuthKey(const char *udid, int32_t discoveryType)
368 {
369 AuthLinkType linkType;
370 switch (discoveryType) {
371 case DISCOVERY_TYPE_WIFI:
372 linkType = AUTH_LINK_TYPE_WIFI;
373 break;
374 case DISCOVERY_TYPE_BLE:
375 linkType = AUTH_LINK_TYPE_BLE;
376 break;
377 case DISCOVERY_TYPE_BR:
378 linkType = AUTH_LINK_TYPE_BR;
379 break;
380 case DISCOVERY_TYPE_P2P:
381 linkType = AUTH_LINK_TYPE_P2P;
382 break;
383 default:
384 ALOGE("unkown support type:%d", discoveryType);
385 return;
386 }
387 AuthRemoveDeviceKey(udid, (int32_t)linkType);
388 }
389
AuthInit(void)390 NO_SANITIZE("cfi") int32_t AuthInit(void)
391 {
392 AuthTransCallback callBack = {
393 .OnDataReceived = NotifyTransDataReceived,
394 .OnDisconnected = NotifyTransDisconnected,
395 };
396 int32_t ret = AuthDeviceInit(&callBack);
397 if (ret != SOFTBUS_OK) {
398 SoftBusLog(SOFTBUS_LOG_AUTH, SOFTBUS_LOG_ERROR, "auth device init failed");
399 return ret;
400 }
401 AuthLoadDeviceKey();
402 return AuthMetaInit(&callBack);
403 }
404
AuthDeinit(void)405 NO_SANITIZE("cfi") void AuthDeinit(void)
406 {
407 AuthDeviceDeinit();
408 AuthMetaDeinit();
409 }
410
AuthServerDeathCallback(const char * pkgName,int32_t pid)411 NO_SANITIZE("cfi") void AuthServerDeathCallback(const char *pkgName, int32_t pid)
412 {
413 DelAuthMetaManagerByPid(pkgName, pid);
414 }
415