1 /*
2 * Copyright (c) 2022-2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #include "auth_interface.h"
16
17 #include <securec.h>
18 #include <stdbool.h>
19 #include <stdint.h>
20
21 #include "auth_deviceprofile.h"
22 #include "auth_device_common_key.h"
23 #include "auth_hichain.h"
24 #include "auth_hichain_adapter.h"
25 #include "auth_log.h"
26 #include "auth_manager.h"
27 #include "auth_meta_manager.h"
28 #include "bus_center_manager.h"
29 #include "customized_security_protocol.h"
30 #include "lnn_decision_db.h"
31 #include "lnn_ohos_account.h"
32 #include "softbus_adapter_mem.h"
33 #include "softbus_def.h"
34
35 #define SHORT_ACCOUNT_HASH_LEN 2
36
37 typedef struct {
38 int32_t module;
39 AuthTransListener listener;
40 } ModuleListener;
41
42 static ModuleListener g_moduleListener[] = {
43 {
44 .module = MODULE_P2P_LINK,
45 .listener = { NULL, NULL },
46 },
47 {
48 .module = MODULE_P2P_LISTEN,
49 .listener = { NULL, NULL },
50 },
51 {
52 .module = MODULE_UDP_INFO,
53 .listener = { NULL, NULL },
54 },
55 {
56 .module = MODULE_TIME_SYNC,
57 .listener = { NULL, NULL },
58 }
59 };
60
RegAuthTransListener(int32_t module,const AuthTransListener * listener)61 int32_t RegAuthTransListener(int32_t module, const AuthTransListener *listener)
62 {
63 AUTH_LOGI(AUTH_CONN, "Trans: add listener, module=%{public}d", module);
64 if (listener == NULL || listener->onDataReceived == NULL) {
65 AUTH_LOGE(AUTH_CONN, "Trans: invalid listener");
66 return SOFTBUS_INVALID_PARAM;
67 }
68 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
69 if (g_moduleListener[i].module == module) {
70 g_moduleListener[i].listener.onDataReceived = listener->onDataReceived;
71 g_moduleListener[i].listener.onDisconnected = listener->onDisconnected;
72 return SOFTBUS_OK;
73 }
74 }
75 AUTH_LOGE(AUTH_CONN, "Trans: unknown module=%{public}d", module);
76 return SOFTBUS_ERR;
77 }
78
UnregAuthTransListener(int32_t module)79 void UnregAuthTransListener(int32_t module)
80 {
81 AUTH_LOGI(AUTH_CONN, "Trans: remove listener, module=%{public}d", module);
82 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
83 if (g_moduleListener[i].module == module) {
84 g_moduleListener[i].listener.onDataReceived = NULL;
85 g_moduleListener[i].listener.onDisconnected = NULL;
86 return;
87 }
88 }
89 }
90
NotifyTransDataReceived(int64_t authId,const AuthDataHead * head,const uint8_t * data,uint32_t len)91 static void NotifyTransDataReceived(int64_t authId,
92 const AuthDataHead *head, const uint8_t *data, uint32_t len)
93 {
94 AuthTransListener *listener = NULL;
95 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
96 if (g_moduleListener[i].module == head->module) {
97 listener = &(g_moduleListener[i].listener);
98 break;
99 }
100 }
101 if (listener == NULL || listener->onDataReceived == NULL) {
102 AUTH_LOGI(AUTH_CONN, "Trans: onDataReceived not found");
103 return;
104 }
105 AuthTransData transData = {
106 .module = head->module,
107 .flag = head->flag,
108 .seq = head->seq,
109 .len = len,
110 .data = data,
111 };
112 listener->onDataReceived(authId, &transData);
113 }
114
NotifyTransDisconnected(int64_t authId)115 static void NotifyTransDisconnected(int64_t authId)
116 {
117 for (uint32_t i = 0; i < sizeof(g_moduleListener) / sizeof(ModuleListener); i++) {
118 if (g_moduleListener[i].listener.onDisconnected != NULL) {
119 g_moduleListener[i].listener.onDisconnected(authId);
120 }
121 }
122 }
123
AuthOpenConn(const AuthConnInfo * info,uint32_t requestId,const AuthConnCallback * callback,bool isMeta)124 int32_t AuthOpenConn(const AuthConnInfo *info, uint32_t requestId, const AuthConnCallback *callback,
125 bool isMeta)
126 {
127 if (info == NULL || callback == NULL) {
128 AUTH_LOGE(AUTH_CONN, "info or callback is null");
129 return SOFTBUS_INVALID_PARAM;
130 }
131 if (isMeta) {
132 return AuthMetaOpenConn(info, requestId, callback);
133 }
134 return AuthDeviceOpenConn(info, requestId, callback);
135 }
136
AuthPostTransData(int64_t authId,const AuthTransData * dataInfo)137 int32_t AuthPostTransData(int64_t authId, const AuthTransData *dataInfo)
138 {
139 AuthManager *auth = GetAuthManagerByAuthId(authId);
140 if (auth != NULL) {
141 DelAuthManager(auth, false);
142 return AuthDevicePostTransData(authId, dataInfo);
143 }
144 return AuthMetaPostTransData(authId, dataInfo);
145 }
146
AuthCloseConn(int64_t authId)147 void AuthCloseConn(int64_t authId)
148 {
149 AuthManager *auth = GetAuthManagerByAuthId(authId);
150 if (auth != NULL) {
151 DelAuthManager(auth, false);
152 AuthDeviceCloseConn(authId);
153 return;
154 }
155 AuthMetaCloseConn(authId);
156 }
157
AuthGetPreferConnInfo(const char * uuid,AuthConnInfo * connInfo,bool isMeta)158 int32_t AuthGetPreferConnInfo(const char *uuid, AuthConnInfo *connInfo, bool isMeta)
159 {
160 if (isMeta) {
161 return AuthMetaGetPreferConnInfo(uuid, connInfo);
162 }
163 return AuthDeviceGetPreferConnInfo(uuid, connInfo);
164 }
165
AuthGetP2pConnInfo(const char * uuid,AuthConnInfo * connInfo,bool isMeta)166 int32_t AuthGetP2pConnInfo(const char *uuid, AuthConnInfo *connInfo, bool isMeta)
167 {
168 if (isMeta) {
169 return AUTH_INVALID_ID;
170 }
171 return AuthDeviceGetP2pConnInfo(uuid, connInfo);
172 }
173
174 /* for ProxyChannel & P2P TcpDirectchannel */
AuthGetLatestIdByUuid(const char * uuid,AuthLinkType type,bool isMeta)175 int64_t AuthGetLatestIdByUuid(const char *uuid, AuthLinkType type, bool isMeta)
176 {
177 if (isMeta) {
178 return AUTH_INVALID_ID;
179 }
180 return AuthDeviceGetLatestIdByUuid(uuid, type);
181 }
182
AuthGetIdByConnInfo(const AuthConnInfo * connInfo,bool isServer,bool isMeta)183 int64_t AuthGetIdByConnInfo(const AuthConnInfo *connInfo, bool isServer, bool isMeta)
184 {
185 if (isMeta) {
186 return AuthMetaGetIdByConnInfo(connInfo, isServer);
187 }
188 return AuthDeviceGetIdByConnInfo(connInfo, isServer);
189 }
190
AuthGetIdByUuid(const char * uuid,AuthLinkType type,bool isServer,bool isMeta)191 int64_t AuthGetIdByUuid(const char *uuid, AuthLinkType type, bool isServer, bool isMeta)
192 {
193 if (isMeta) {
194 return AuthMetaGetIdByUuid(uuid, type, isServer);
195 }
196 return AuthDeviceGetIdByUuid(uuid, type, isServer);
197 }
198
AuthRestoreAuthManager(const char * udidHash,const AuthConnInfo * connInfo,uint32_t requestId,NodeInfo * nodeInfo,int64_t * authId)199 int32_t AuthRestoreAuthManager(const char *udidHash,
200 const AuthConnInfo *connInfo, uint32_t requestId, NodeInfo *nodeInfo, int64_t *authId)
201 {
202 if (udidHash == NULL || connInfo == NULL || nodeInfo == NULL || authId == NULL) {
203 AUTH_LOGE(AUTH_CONN, "restore manager fail because para error");
204 return SOFTBUS_ERR;
205 }
206 // get device key
207 AuthDeviceKeyInfo keyInfo = {0};
208 if (AuthFindDeviceKey(udidHash, connInfo->type, &keyInfo) != SOFTBUS_OK) {
209 AUTH_LOGI(AUTH_KEY, "restore manager fail because device key not exist");
210 return SOFTBUS_ERR;
211 }
212 if (SoftBusGenerateStrHash((unsigned char *)nodeInfo->deviceInfo.deviceUdid,
213 strlen(nodeInfo->deviceInfo.deviceUdid), (unsigned char *)connInfo->info.bleInfo.deviceIdHash) != SOFTBUS_OK) {
214 AUTH_LOGI(AUTH_KEY, "restore manager fail because generate strhash");
215 return SOFTBUS_ERR;
216 }
217 AuthSessionInfo info;
218 SessionKey sessionKey;
219 (void)memset_s(&info, sizeof(AuthSessionInfo), 0, sizeof(AuthSessionInfo));
220 (void)memset_s(&sessionKey, sizeof(SessionKey), 0, sizeof(SessionKey));
221 info.requestId = requestId;
222 info.isServer = keyInfo.isServerSide;
223 info.connId = keyInfo.keyIndex;
224 info.connInfo = *connInfo;
225 info.version = SOFTBUS_NEW_V2;
226 if (strcpy_s(info.uuid, sizeof(info.uuid), nodeInfo->uuid) != EOK ||
227 strcpy_s(info.udid, sizeof(info.udid), nodeInfo->deviceInfo.deviceUdid) != EOK) {
228 AUTH_LOGW(AUTH_KEY, "restore manager fail because copy uuid/udid fail");
229 return SOFTBUS_ERR;
230 }
231 if (memcpy_s(sessionKey.value, sizeof(sessionKey.value), keyInfo.deviceKey, sizeof(keyInfo.deviceKey)) != EOK) {
232 AUTH_LOGE(AUTH_KEY, "restore manager fail because memcpy device key");
233 return SOFTBUS_MEM_ERR;
234 }
235 sessionKey.len = keyInfo.keyLen;
236 *authId = keyInfo.keyIndex;
237 return AuthManagerSetSessionKey(keyInfo.keyIndex, &info, &sessionKey, false);
238 }
239
AuthEncrypt(int64_t authId,const uint8_t * inData,uint32_t inLen,uint8_t * outData,uint32_t * outLen)240 int32_t AuthEncrypt(int64_t authId, const uint8_t *inData, uint32_t inLen, uint8_t *outData,
241 uint32_t *outLen)
242 {
243 AuthManager *auth = GetAuthManagerByAuthId(authId);
244 if (auth != NULL) {
245 DelAuthManager(auth, false);
246 return AuthDeviceEncrypt(authId, inData, inLen, outData, outLen);
247 }
248 return AuthMetaEncrypt(authId, inData, inLen, outData, outLen);
249 }
250
AuthDecrypt(int64_t authId,const uint8_t * inData,uint32_t inLen,uint8_t * outData,uint32_t * outLen)251 int32_t AuthDecrypt(int64_t authId, const uint8_t *inData, uint32_t inLen, uint8_t *outData,
252 uint32_t *outLen)
253 {
254 AuthManager *auth = GetAuthManagerByAuthId(authId);
255 if (auth != NULL) {
256 DelAuthManager(auth, false);
257 return AuthDeviceDecrypt(authId, inData, inLen, outData, outLen);
258 }
259 return AuthMetaDecrypt(authId, inData, inLen, outData, outLen);
260 }
261
AuthSetP2pMac(int64_t authId,const char * p2pMac)262 int32_t AuthSetP2pMac(int64_t authId, const char *p2pMac)
263 {
264 AuthManager *auth = GetAuthManagerByAuthId(authId);
265 if (auth != NULL) {
266 DelAuthManager(auth, false);
267 return AuthDeviceSetP2pMac(authId, p2pMac);
268 }
269 return AuthMetaSetP2pMac(authId, p2pMac);
270 }
271
AuthGetConnInfo(int64_t authId,AuthConnInfo * connInfo)272 int32_t AuthGetConnInfo(int64_t authId, AuthConnInfo *connInfo)
273 {
274 AuthManager *auth = GetAuthManagerByAuthId(authId);
275 if (auth != NULL) {
276 DelAuthManager(auth, false);
277 return AuthDeviceGetConnInfo(authId, connInfo);
278 }
279 return AuthMetaGetConnInfo(authId, connInfo);
280 }
281
AuthGetDeviceUuid(int64_t authId,char * uuid,uint16_t size)282 int32_t AuthGetDeviceUuid(int64_t authId, char *uuid, uint16_t size)
283 {
284 AuthManager *auth = GetAuthManagerByAuthId(authId);
285 if (auth != NULL) {
286 DelAuthManager(auth, false);
287 return AuthDeviceGetDeviceUuid(authId, uuid, size);
288 }
289 return AuthMetaGetDeviceUuid(authId, uuid, size);
290 }
291
AuthGetVersion(int64_t authId,SoftBusVersion * version)292 int32_t AuthGetVersion(int64_t authId, SoftBusVersion *version)
293 {
294 return AuthDeviceGetVersion(authId, version);
295 }
296
AuthGetServerSide(int64_t authId,bool * isServer)297 int32_t AuthGetServerSide(int64_t authId, bool *isServer)
298 {
299 AuthManager *auth = GetAuthManagerByAuthId(authId);
300 if (auth != NULL) {
301 DelAuthManager(auth, false);
302 return AuthDeviceGetServerSide(authId, isServer);
303 }
304 return AuthMetaGetServerSide(authId, isServer);
305 }
306
AuthGetMetaType(int64_t authId,bool * isMetaAuth)307 int32_t AuthGetMetaType(int64_t authId, bool *isMetaAuth)
308 {
309 if (isMetaAuth == NULL) {
310 AUTH_LOGW(AUTH_CONN, "invalid param");
311 return SOFTBUS_INVALID_PARAM;
312 }
313 AuthManager *auth = GetAuthManagerByAuthId(authId);
314 if (auth != NULL) {
315 DelAuthManager(auth, false);
316 *isMetaAuth = false;
317 return SOFTBUS_OK;
318 }
319 *isMetaAuth = true;
320 return SOFTBUS_OK;
321 }
322
AuthGetGroupType(const char * udid,const char * uuid)323 int32_t AuthGetGroupType(const char *udid, const char *uuid)
324 {
325 int32_t type = 0;
326 if (udid == NULL || uuid == NULL) {
327 AUTH_LOGW(AUTH_HICHAIN, "udid or uuid is null");
328 return type;
329 }
330 type |= CheckDeviceInGroupByType(udid, uuid, AUTH_GROUP_ACCOUNT) ? GROUP_TYPE_ACCOUNT : 0;
331 type |= CheckDeviceInGroupByType(udid, uuid, AUTH_GROUP_P2P) ? GROUP_TYPE_P2P : 0;
332 type |= CheckDeviceInGroupByType(udid, uuid, AUTH_GROUP_MESH) ? GROUP_TYPE_MESH : 0;
333 type |= CheckDeviceInGroupByType(udid, uuid, AUTH_GROUP_COMPATIBLE) ? GROUP_TYPE_COMPATIBLE : 0;
334 return type;
335 }
336
AuthIsPotentialTrusted(const DeviceInfo * device)337 bool AuthIsPotentialTrusted(const DeviceInfo *device)
338 {
339 uint8_t localAccountHash[SHA_256_HASH_LEN] = {0};
340 DeviceInfo defaultInfo;
341 (void)memset_s(&defaultInfo, sizeof(DeviceInfo), 0, sizeof(DeviceInfo));
342
343 if (device == NULL) {
344 AUTH_LOGE(AUTH_HICHAIN, "device is null");
345 return false;
346 }
347 if (memcmp(device->devId, defaultInfo.devId, SHA_256_HASH_LEN) == 0) {
348 AUTH_LOGW(AUTH_HICHAIN, "devId is empty");
349 return false;
350 }
351 if (memcmp(device->accountHash, defaultInfo.accountHash, SHORT_ACCOUNT_HASH_LEN) == 0) {
352 AUTH_LOGI(AUTH_HICHAIN, "devId accountHash is empty");
353 return true;
354 }
355 if (LnnGetLocalByteInfo(BYTE_KEY_ACCOUNT_HASH, localAccountHash, SHA_256_HASH_LEN) != SOFTBUS_OK) {
356 AUTH_LOGE(AUTH_HICHAIN, "get local accountHash fail");
357 return false;
358 }
359 if (memcmp(localAccountHash, device->accountHash, SHORT_ACCOUNT_HASH_LEN) == 0 && !LnnIsDefaultOhosAccount()) {
360 AUTH_LOGD(AUTH_HICHAIN, "account is same, continue verify progress. account=%{public}02X%{public}02X",
361 device->accountHash[0], device->accountHash[1]);
362 return true;
363 }
364 if (IsPotentialTrustedDevice(ID_TYPE_DEVID, device->devId, false, false) ||
365 IsPotentialTrustedDeviceDp(device->devId)) {
366 AUTH_LOGD(AUTH_HICHAIN, "device is potential trusted, continue verify progress");
367 return true;
368 }
369 return false;
370 }
371
AuthHasTrustedRelation(void)372 TrustedReturnType AuthHasTrustedRelation(void)
373 {
374 uint32_t num = 0;
375 char *udidArray = NULL;
376
377 if (LnnGetTrustedDevInfoFromDb(&udidArray, &num) != SOFTBUS_OK) {
378 AUTH_LOGE(AUTH_CONN, "auth get trusted dev info fail");
379 return TRUSTED_RELATION_IGNORE;
380 }
381 SoftBusFree(udidArray);
382 AUTH_LOGD(AUTH_CONN, "auth get trusted relation num=%{public}u", num);
383 return (num != 0) ? TRUSTED_RELATION_YES : TRUSTED_RELATION_NO;
384 }
385
IsAuthHasTrustedRelation(void)386 bool IsAuthHasTrustedRelation(void)
387 {
388 bool hasTrustedRelation = (AuthHasTrustedRelation() == TRUSTED_RELATION_YES) ? true : false;
389 return hasTrustedRelation;
390 }
391
AuthDeleteStoredAuthKey(const char * udid,int32_t discoveryType)392 void AuthDeleteStoredAuthKey(const char *udid, int32_t discoveryType)
393 {
394 AuthLinkType linkType;
395 switch (discoveryType) {
396 case DISCOVERY_TYPE_WIFI:
397 linkType = AUTH_LINK_TYPE_WIFI;
398 break;
399 case DISCOVERY_TYPE_BLE:
400 linkType = AUTH_LINK_TYPE_BLE;
401 break;
402 case DISCOVERY_TYPE_BR:
403 linkType = AUTH_LINK_TYPE_BR;
404 break;
405 case DISCOVERY_TYPE_P2P:
406 linkType = AUTH_LINK_TYPE_P2P;
407 break;
408 default:
409 AUTH_LOGE(AUTH_KEY, "unkown support discType=%{public}d", discoveryType);
410 return;
411 }
412 AuthRemoveDeviceKey(udid, (int32_t)linkType);
413 }
414
AuthInit(void)415 int32_t AuthInit(void)
416 {
417 AuthTransCallback callBack = {
418 .OnDataReceived = NotifyTransDataReceived,
419 .OnDisconnected = NotifyTransDisconnected,
420 };
421 int32_t ret = AuthDeviceInit(&callBack);
422 if (ret == SOFTBUS_ERR || ret == SOFTBUS_INVALID_PARAM) {
423 AUTH_LOGE(AUTH_INIT, "auth device init failed");
424 return SOFTBUS_ERR;
425 }
426 ret = RegHichainSaStatusListener();
427 if (ret != SOFTBUS_OK && ret != SOFTBUS_NOT_IMPLEMENT) {
428 AUTH_LOGE(AUTH_INIT, "regHichainSaStatusListener failed");
429 return SOFTBUS_ERR;
430 }
431 ret = CustomizedSecurityProtocolInit();
432 if (ret != SOFTBUS_OK && ret != SOFTBUS_NOT_IMPLEMENT) {
433 AUTH_LOGI(AUTH_INIT, "customized protocol init failed, ret=%{public}d", ret);
434 return ret;
435 }
436 AuthLoadDeviceKey();
437 return AuthMetaInit(&callBack);
438 }
439
AuthDeinit(void)440 void AuthDeinit(void)
441 {
442 AuthDeviceDeinit();
443 CustomizedSecurityProtocolDeinit();
444 AuthMetaDeinit();
445 }
446
AuthServerDeathCallback(const char * pkgName,int32_t pid)447 void AuthServerDeathCallback(const char *pkgName, int32_t pid)
448 {
449 DelAuthMetaManagerByPid(pkgName, pid);
450 }
451