1 /*
2 * Copyright (C) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "compatible_auth_sub_session_common.h"
17
18 #include "account_auth_plugin_proxy.h"
19 #include "account_module_defines.h"
20 #include "account_related_group_auth.h"
21 #include "compatible_auth_sub_session_util.h"
22 #include "data_manager.h"
23 #include "dev_auth_module_manager.h"
24 #include "group_auth_data_operation.h"
25 #include "hc_log.h"
26 #include "hc_time.h"
27 #include "hc_types.h"
28 #include "hitrace_adapter.h"
29 #include "performance_dumper.h"
30
31 #define MIN_PROTOCOL_VERSION "1.0.0"
32 IMPLEMENT_HC_VECTOR(ParamsVecForAuth, void *, 1)
33
GetAccountRelatedCandidateGroups(int32_t osAccountId,const CJson * param,bool isDeviceLevel,bool isClient,GroupEntryVec * vec)34 static void GetAccountRelatedCandidateGroups(int32_t osAccountId, const CJson *param, bool isDeviceLevel, bool isClient,
35 GroupEntryVec *vec)
36 {
37 QueryGroupParams queryParams = InitQueryGroupParams();
38 if (!isDeviceLevel || !isClient) {
39 queryParams.groupVisibility = GROUP_VISIBILITY_PUBLIC;
40 }
41 BaseGroupAuth *groupAuth = GetGroupAuth(ACCOUNT_RELATED_GROUP_AUTH_TYPE);
42 if (groupAuth == NULL) {
43 LOGE("Account related group auth object is null!");
44 return;
45 }
46 ((AccountRelatedGroupAuth *)groupAuth)->getAccountCandidateGroup(osAccountId, param, &queryParams, vec);
47 if (vec->size(vec) != 0) {
48 return;
49 }
50 LOGI("Account related groups not found!");
51 if (HasAccountAuthPlugin() != HC_SUCCESS) {
52 return;
53 }
54 CJson *input = CreateJson();
55 if (input == NULL) {
56 return;
57 }
58 CJson *output = CreateJson();
59 if (output == NULL) {
60 FreeJson(input);
61 return;
62 }
63 int32_t ret = ExcuteCredMgrCmd(osAccountId, QUERY_SELF_CREDENTIAL_INFO, input, output);
64 if (ret != HC_SUCCESS) {
65 LOGE("Account cred is empty.");
66 }
67 FreeJson(input);
68 FreeJson(output);
69 }
70
GetAccountUnrelatedCandidateGroups(int32_t osAccountId,bool isDeviceLevel,bool isClient,GroupEntryVec * vec)71 static void GetAccountUnrelatedCandidateGroups(int32_t osAccountId, bool isDeviceLevel, bool isClient,
72 GroupEntryVec *vec)
73 {
74 QueryGroupParams queryParams = InitQueryGroupParams();
75 if (!isDeviceLevel || !isClient) {
76 queryParams.groupVisibility = GROUP_VISIBILITY_PUBLIC;
77 }
78 queryParams.groupType = PEER_TO_PEER_GROUP;
79 if (QueryGroups(osAccountId, &queryParams, vec) != HC_SUCCESS) {
80 LOGE("Failed to query p2p groups!");
81 return;
82 }
83 if (vec->size(vec) == 0) {
84 LOGI("p2p groups not found!");
85 }
86 }
87
GetCandidateGroups(int32_t osAccountId,const CJson * param,GroupEntryVec * vec)88 static void GetCandidateGroups(int32_t osAccountId, const CJson *param, GroupEntryVec *vec)
89 {
90 bool isDeviceLevel = false;
91 bool isClient = true;
92 (void)GetBoolFromJson(param, FIELD_IS_DEVICE_LEVEL, &isDeviceLevel);
93 if (GetBoolFromJson(param, FIELD_IS_CLIENT, &isClient) != HC_SUCCESS) {
94 LOGE("Failed to get isClient!");
95 return;
96 }
97 if (isDeviceLevel && isClient) {
98 LOGI("Try to get device-level candidate groups for auth.");
99 }
100 GetAccountRelatedCandidateGroups(osAccountId, param, isDeviceLevel, isClient, vec);
101 GetAccountUnrelatedCandidateGroups(osAccountId, isDeviceLevel, isClient, vec);
102 }
103
GetGroupInfoByGroupId(int32_t osAccountId,const char * groupId,GroupEntryVec * groupEntryVec)104 static void GetGroupInfoByGroupId(int32_t osAccountId, const char *groupId,
105 GroupEntryVec *groupEntryVec)
106 {
107 QueryGroupParams queryParams = InitQueryGroupParams();
108 queryParams.groupId = groupId;
109 if (QueryGroups(osAccountId, &queryParams, groupEntryVec) != HC_SUCCESS) {
110 LOGE("Failed to query groups for groupId: %s!", groupId);
111 }
112 }
113
AddGeneralParams(const char * groupId,int32_t groupType,const TrustedDeviceEntry * localAuthInfo,CJson * paramsData)114 static int32_t AddGeneralParams(const char *groupId, int32_t groupType, const TrustedDeviceEntry *localAuthInfo,
115 CJson *paramsData)
116 {
117 if (AddStringToJson(paramsData, FIELD_GROUP_ID, groupId) != HC_SUCCESS) {
118 LOGE("Failed to add groupId for client auth!");
119 return HC_ERR_JSON_ADD;
120 }
121 int32_t authForm = GroupTypeToAuthForm(groupType);
122 if (AddIntToJson(paramsData, FIELD_AUTH_FORM, authForm) != HC_SUCCESS) {
123 LOGE("Failed to add authFrom for client auth!");
124 return HC_ERR_JSON_ADD;
125 }
126 const char *serviceType = StringGet(&(localAuthInfo->serviceType));
127 if ((groupType == COMPATIBLE_GROUP) && (serviceType != NULL)) {
128 if (AddStringToJson(paramsData, FIELD_SERVICE_TYPE, serviceType) != HC_SUCCESS) {
129 LOGE("Failed to add serviceType for client compatible group auth!");
130 return HC_ERR_JSON_ADD;
131 }
132 } else {
133 if (AddStringToJson(paramsData, FIELD_SERVICE_TYPE, groupId) != HC_SUCCESS) {
134 LOGE("Failed to add serviceType with groupId for client auth!");
135 return HC_ERR_JSON_ADD;
136 }
137 }
138 return HC_SUCCESS;
139 }
140
ExtractAndAddParams(int32_t osAccountId,const char * groupId,const TrustedGroupEntry * groupInfo,CJson * paramsData)141 static int32_t ExtractAndAddParams(int32_t osAccountId, const char *groupId,
142 const TrustedGroupEntry *groupInfo, CJson *paramsData)
143 {
144 TrustedDeviceEntry *localAuthInfo = CreateDeviceEntry();
145 if (localAuthInfo == NULL) {
146 LOGE("Failed to allocate memory for localAuthInfo!");
147 return HC_ERR_ALLOC_MEMORY;
148 }
149 int32_t groupType = groupInfo->type;
150 int32_t authForm = GroupTypeToAuthForm(groupType);
151 int32_t res = GaGetLocalDeviceInfo(osAccountId, groupId, localAuthInfo);
152 if (res != HC_SUCCESS) {
153 DestroyDeviceEntry(localAuthInfo);
154 return res;
155 }
156 res = AddGeneralParams(groupId, groupType, localAuthInfo, paramsData);
157 if (res != HC_SUCCESS) {
158 DestroyDeviceEntry(localAuthInfo);
159 return res;
160 }
161 BaseGroupAuth *groupAuth = GetGroupAuth(GetAuthType(authForm));
162 if (groupAuth == NULL) {
163 LOGE("Failed to get group auth handle!");
164 DestroyDeviceEntry(localAuthInfo);
165 return HC_ERR_NULL_PTR;
166 }
167 res = groupAuth->fillDeviceAuthInfo(osAccountId, groupInfo, localAuthInfo, paramsData);
168 DestroyDeviceEntry(localAuthInfo);
169 if (res != HC_SUCCESS) {
170 LOGE("Failed to fill device auth info!");
171 }
172 return res;
173 }
174
FillAuthParams(int32_t osAccountId,const CJson * param,const GroupEntryVec * vec,ParamsVecForAuth * paramsVec)175 static int32_t FillAuthParams(int32_t osAccountId, const CJson *param,
176 const GroupEntryVec *vec, ParamsVecForAuth *paramsVec)
177 {
178 const char *pkgName = GetStringFromJson(param, FIELD_SERVICE_PKG_NAME);
179 if (pkgName == NULL) {
180 LOGE("Pkg name is null, can't extract params from db!");
181 return HC_ERR_NULL_PTR;
182 }
183 const char *peerUdid = GetStringFromJson(param, FIELD_PEER_CONN_DEVICE_ID);
184 const char *peerAuthId = GetStringFromJson(param, FIELD_PEER_ID_FROM_REQUEST);
185 if (peerAuthId == NULL) {
186 peerAuthId = GetStringFromJson(param, FIELD_PEER_AUTH_ID);
187 }
188 uint32_t index;
189 TrustedGroupEntry **ptr = NULL;
190 FOR_EACH_HC_VECTOR(*vec, index, ptr) {
191 const TrustedGroupEntry *groupInfo = (TrustedGroupEntry *)(*ptr);
192 const char *groupId = StringGet(&(groupInfo->id));
193 if (groupId == NULL) {
194 continue;
195 }
196 if (!GaIsGroupAccessible(osAccountId, groupId, pkgName)) {
197 continue;
198 }
199 if (!GaIsDeviceInGroup(groupInfo->type, osAccountId, peerUdid, peerAuthId, groupId)) {
200 continue;
201 }
202 CJson *paramsData = DuplicateJson(param);
203 if (paramsData == NULL) {
204 LOGE("Failed to duplicate auth param data!");
205 return HC_ERR_JSON_FAIL;
206 }
207 if (ExtractAndAddParams(osAccountId, groupId, groupInfo, paramsData) != HC_SUCCESS) {
208 LOGE("Failed to extract and add param!");
209 FreeJson(paramsData);
210 continue;
211 }
212 paramsVec->pushBack(paramsVec, (const void **)¶msData);
213 }
214 LOGI("The candidate group size is: %u", paramsVec->size(paramsVec));
215 return HC_SUCCESS;
216 }
217
GetCandidateAuthInfo(int32_t osAccountId,const char * groupId,const CJson * param,ParamsVecForAuth * authParamsVec)218 static int32_t GetCandidateAuthInfo(int32_t osAccountId, const char *groupId,
219 const CJson *param, ParamsVecForAuth *authParamsVec)
220 {
221 GroupEntryVec vec = CreateGroupEntryVec();
222 if (groupId == NULL) {
223 LOGI("No groupId specified, extract group info without groupId.");
224 GetCandidateGroups(osAccountId, param, &vec);
225 } else {
226 LOGI("GroupId specified, extract group info with the groupId.");
227 GetGroupInfoByGroupId(osAccountId, groupId, &vec);
228 }
229 if (vec.size(&vec) == 0) {
230 LOGW("No satisfied candidate group!");
231 ClearGroupEntryVec(&vec);
232 return HC_ERR_NO_CANDIDATE_GROUP;
233 }
234 int32_t res = FillAuthParams(osAccountId, param, &vec, authParamsVec);
235 ClearGroupEntryVec(&vec);
236 return res;
237 }
238
AddInfoToErrorData(CJson * sendToPeer,const CJson * authParam)239 static int32_t AddInfoToErrorData(CJson *sendToPeer, const CJson *authParam)
240 {
241 int32_t authForm = AUTH_FORM_INVALID_TYPE;
242 if (GetIntFromJson(authParam, FIELD_AUTH_FORM, &authForm) != HC_SUCCESS) {
243 LOGE("Failed to get authForm from authParam!");
244 return HC_ERR_JSON_GET;
245 }
246 if (AddIntToJson(sendToPeer, FIELD_AUTH_FORM, authForm) != HC_SUCCESS) {
247 LOGE("Failed to add authForm for peer!");
248 return HC_ERR_JSON_ADD;
249 }
250 if ((authForm == AUTH_FORM_IDENTICAL_ACCOUNT) && (AddIntToJson(sendToPeer, FIELD_STEP, ERR_MSG) != HC_SUCCESS)) {
251 LOGE("Failed to add step for peer!");
252 return HC_ERR_JSON_ADD;
253 }
254 return HC_SUCCESS;
255 }
256
AddVersionMsgToError(CJson * errorToPeer)257 static int32_t AddVersionMsgToError(CJson *errorToPeer)
258 {
259 CJson *version = CreateJson();
260 if (version == NULL) {
261 LOGE("Failed to create json for version!");
262 return HC_ERR_JSON_CREATE;
263 }
264 CJson *payload = CreateJson();
265 if (payload == NULL) {
266 LOGE("Failed to create json for payload!");
267 FreeJson(version);
268 return HC_ERR_JSON_CREATE;
269 }
270 int32_t res = HC_SUCCESS;
271 do {
272 if (AddStringToJson(version, FIELD_MIN_VERSION, MIN_PROTOCOL_VERSION) != HC_SUCCESS) {
273 LOGE("Failed to add min version to json!");
274 res = HC_ERR_JSON_ADD;
275 break;
276 }
277 if (AddStringToJson(version, FIELD_CURRENT_VERSION, MIN_PROTOCOL_VERSION) != HC_SUCCESS) {
278 LOGE("Failed to add max version to json!");
279 res = HC_ERR_JSON_ADD;
280 break;
281 }
282 if (AddObjToJson(payload, FIELD_VERSION, version) != HC_SUCCESS) {
283 LOGE("Add version object to errorToPeer failed.");
284 res = HC_ERR_JSON_ADD;
285 break;
286 }
287 if (AddIntToJson(payload, FIELD_ERROR_CODE, -1) != HC_SUCCESS) {
288 LOGE("Failed to add errorCode for peer!");
289 res = HC_ERR_JSON_ADD;
290 break;
291 }
292 if (AddObjToJson(errorToPeer, FIELD_PAYLOAD, payload) != HC_SUCCESS) {
293 LOGE("Failed to add error data!");
294 res = HC_ERR_JSON_ADD;
295 break;
296 }
297 } while (0);
298 FreeJson(version);
299 FreeJson(payload);
300 return res;
301 }
302
PrepareErrorMsgToPeer(const CJson * authParam,CJson * errorToPeer)303 static int32_t PrepareErrorMsgToPeer(const CJson *authParam, CJson *errorToPeer)
304 {
305 int32_t res = AddInfoToErrorData(errorToPeer, authParam);
306 if (res != HC_SUCCESS) {
307 LOGE("Failed to add info to error data!");
308 return res;
309 }
310 if (AddIntToJson(errorToPeer, FIELD_GROUP_ERROR_MSG, GROUP_ERR_MSG) != HC_SUCCESS) {
311 LOGE("Failed to add groupErrorMsg for peer!");
312 return HC_ERR_JSON_ADD;
313 }
314 if (AddIntToJson(errorToPeer, FIELD_MESSAGE, GROUP_ERR_MSG) != HC_SUCCESS) {
315 LOGE("Failed to add message for peer!");
316 return HC_ERR_JSON_ADD;
317 }
318 return AddVersionMsgToError(errorToPeer);
319 }
320
ReturnErrorToPeerBySession(const CJson * authParam,const DeviceAuthCallback * callback)321 static int32_t ReturnErrorToPeerBySession(const CJson *authParam, const DeviceAuthCallback *callback)
322 {
323 int64_t requestId = 0;
324 if (GetInt64FromJson(authParam, FIELD_REQUEST_ID, &requestId) != HC_SUCCESS) {
325 LOGE("Failed to get request ID!");
326 return HC_ERR_JSON_GET;
327 }
328 CJson *errorToPeer = CreateJson();
329 if (errorToPeer == NULL) {
330 LOGE("Failed to allocate memory for errorToPeer!");
331 return HC_ERR_ALLOC_MEMORY;
332 }
333 int32_t res = PrepareErrorMsgToPeer(authParam, errorToPeer);
334 if (res != HC_SUCCESS) {
335 FreeJson(errorToPeer);
336 return res;
337 }
338 char *errorToPeerStr = PackJsonToString(errorToPeer);
339 FreeJson(errorToPeer);
340 if (errorToPeerStr == NULL) {
341 LOGE("Failed to pack errorToPeer to string!");
342 return HC_ERR_ALLOC_MEMORY;
343 }
344 if ((callback == NULL) || (callback->onTransmit == NULL)) {
345 LOGE("The callback of onTransmit is null!");
346 FreeJsonString(errorToPeerStr);
347 return HC_ERR_NULL_PTR;
348 }
349 LOGD("Begin transmit error msg to peer by session!");
350 if (!callback->onTransmit(requestId, (uint8_t *)errorToPeerStr, HcStrlen(errorToPeerStr) + 1)) {
351 LOGE("Failed to transmit error msg by session!");
352 FreeJsonString(errorToPeerStr);
353 return HC_ERR_TRANSMIT_FAIL;
354 }
355 LOGD("End transmit error msg to peer by session!");
356 FreeJsonString(errorToPeerStr);
357 return HC_SUCCESS;
358 }
359
ReturnErrorToPeerByTask(CJson * sendToPeer,const CJson * authParam,const DeviceAuthCallback * callback)360 static int32_t ReturnErrorToPeerByTask(CJson *sendToPeer, const CJson *authParam,
361 const DeviceAuthCallback *callback)
362 {
363 int64_t requestId = 0;
364 if (GetInt64FromJson(authParam, FIELD_REQUEST_ID, &requestId) != HC_SUCCESS) {
365 LOGE("Failed to get request id!");
366 return HC_ERR_JSON_GET;
367 }
368 int32_t res = AddInfoToErrorData(sendToPeer, authParam);
369 if (res != HC_SUCCESS) {
370 LOGE("Failed to add info to error data!");
371 return res;
372 }
373 char *sendToPeerStr = PackJsonToString(sendToPeer);
374 if (sendToPeerStr == NULL) {
375 LOGE("Failed to pack json to string!");
376 return HC_ERR_ALLOC_MEMORY;
377 }
378 if ((callback == NULL) || (callback->onTransmit == NULL)) {
379 LOGE("The callback of onTransmit is null!");
380 FreeJsonString(sendToPeerStr);
381 return HC_ERR_NULL_PTR;
382 }
383 LOGD("Begin transmit error msg to peer by task!");
384 if (!callback->onTransmit(requestId, (uint8_t *)sendToPeerStr, HcStrlen(sendToPeerStr) + 1)) {
385 LOGE("Failed to transmit error msg by task!");
386 FreeJsonString(sendToPeerStr);
387 return HC_ERR_TRANSMIT_FAIL;
388 }
389 LOGD("End transmit error msg to peer by task!");
390 FreeJsonString(sendToPeerStr);
391 return HC_SUCCESS;
392 }
393
ReturnTransmitData(const CompatibleAuthSubSession * session,CJson * out)394 static int32_t ReturnTransmitData(const CompatibleAuthSubSession *session, CJson *out)
395 {
396 CJson *sendToPeer = GetObjFromJson(out, FIELD_SEND_TO_PEER);
397 if (sendToPeer == NULL) {
398 LOGI("The transmit data to peer is null!");
399 return HC_ERR_JSON_GET;
400 }
401 CJson *authParam = (session->paramsList).get(&(session->paramsList), session->currentIndex);
402 if (authParam == NULL) {
403 LOGE("The json data in session is null!");
404 return HC_ERR_NULL_PTR;
405 }
406 int64_t requestId = 0;
407 if (GetInt64FromJson(authParam, FIELD_REQUEST_ID, &requestId) != HC_SUCCESS) {
408 LOGE("Failed to get request id!");
409 return HC_ERR_JSON_GET;
410 }
411
412 int32_t ret = AddGroupAuthTransmitData(session, false, sendToPeer);
413 if (ret != HC_SUCCESS) {
414 LOGE("Failed to add extra data!");
415 return ret;
416 }
417 char *outStr = PackJsonToString(sendToPeer);
418 if (outStr == NULL) {
419 LOGE("Failed to pack outStr for onTransmit!");
420 return HC_ERR_ALLOC_MEMORY;
421 }
422
423 const DeviceAuthCallback *callback = session->base.callback;
424 if ((callback == NULL) || (callback->onTransmit == NULL)) {
425 LOGE("The callback for transmit is null!");
426 FreeJsonString(outStr);
427 return HC_ERR_NULL_PTR;
428 }
429 LOGI("Start to transmit data to peer for auth!");
430 DEV_AUTH_START_TRACE(TRACE_TAG_SEND_DATA);
431 UPDATE_PERFORM_DATA_BY_SELF_INDEX(requestId, HcGetCurTimeInMillis());
432 if (!callback->onTransmit(requestId, (uint8_t *)outStr, HcStrlen(outStr) + 1)) {
433 LOGE("Failed to transmit data to peer!");
434 FreeJsonString(outStr);
435 return HC_ERR_TRANSMIT_FAIL;
436 }
437 DEV_AUTH_FINISH_TRACE();
438 LOGI("End transmit data to peer for auth!");
439 FreeJsonString(outStr);
440 return HC_SUCCESS;
441 }
442
ReturnFinishData(const CompatibleAuthSubSession * session,const CJson * out)443 static void ReturnFinishData(const CompatibleAuthSubSession *session, const CJson *out)
444 {
445 ParamsVecForAuth list = session->paramsList;
446 const CJson *authParam = list.get(&list, session->currentIndex);
447 if (authParam == NULL) {
448 LOGE("The json data in session is null!");
449 return;
450 }
451 int64_t requestId = 0;
452 if (GetInt64FromJson(authParam, FIELD_REQUEST_ID, &requestId) != HC_SUCCESS) {
453 LOGE("Failed to get request id!");
454 return;
455 }
456 int32_t authForm = AUTH_FORM_INVALID_TYPE;
457 if (GetIntFromJson(authParam, FIELD_AUTH_FORM, &authForm) != HC_SUCCESS) {
458 LOGE("Failed to get auth type!");
459 return;
460 }
461 BaseGroupAuth *groupAuth = GetGroupAuth(GetAuthType(authForm));
462 if (groupAuth != NULL) {
463 DEV_AUTH_START_TRACE(TRACE_TAG_ON_SESSION_FINISH);
464 groupAuth->onFinish(requestId, authParam, out, session->base.callback);
465 DEV_AUTH_FINISH_TRACE();
466 }
467 }
468
AuthOnNextGroupIfExist(CompatibleAuthSubSession * session)469 int32_t AuthOnNextGroupIfExist(CompatibleAuthSubSession *session)
470 {
471 if (session->currentIndex >= session->paramsList.size(&session->paramsList) - 1) {
472 LOGD("There is no alternative auth group.");
473 return HC_ERR_NO_CANDIDATE_GROUP;
474 }
475 session->currentIndex++;
476 CJson *paramInNextSession = (session->paramsList).get(&(session->paramsList), session->currentIndex);
477 if (paramInNextSession == NULL) {
478 LOGE("The json data in session is null!");
479 return HC_ERR_NULL_PTR;
480 }
481 int64_t requestId = 0;
482 if (GetInt64FromJson(paramInNextSession, FIELD_REQUEST_ID, &requestId) != HC_SUCCESS) {
483 LOGE("Failed to get request id!");
484 return HC_ERR_JSON_GET;
485 }
486 RESET_PERFORM_DATA(requestId);
487 CJson *outNext = CreateJson();
488 if (outNext == NULL) {
489 LOGE("Failed to create json for outNext!");
490 return HC_ERR_ALLOC_MEMORY;
491 }
492 int32_t res;
493 do {
494 int32_t status = 0;
495 res = CreateAndProcessAuthTask(session, paramInNextSession, outNext, &status);
496 if (res != HC_SUCCESS) {
497 break;
498 }
499 res = HandleAuthTaskStatus(session, outNext, status);
500 } while (0);
501 if (res != HC_SUCCESS) {
502 LOGW("Failed to auth on current group, try to auth on next group!");
503 DestroyTask(session->base.curTaskId, GetAuthModuleType(paramInNextSession));
504 res = ProcessClientAuthError(session, outNext);
505 }
506 FreeJson(outNext);
507 return res;
508 }
509
CreateAuthParamsList(ParamsVecForAuth * vec)510 void CreateAuthParamsList(ParamsVecForAuth *vec)
511 {
512 *vec = CREATE_HC_VECTOR(ParamsVecForAuth);
513 }
514
DestroyAuthParamsList(ParamsVecForAuth * vec)515 void DestroyAuthParamsList(ParamsVecForAuth *vec)
516 {
517 DESTROY_HC_VECTOR(ParamsVecForAuth, vec);
518 }
519
GetAuthParamsVec(int32_t osAccountId,const CJson * param,ParamsVecForAuth * authParamsVec)520 int32_t GetAuthParamsVec(int32_t osAccountId, const CJson *param, ParamsVecForAuth *authParamsVec)
521 {
522 const char *groupId = GetStringFromJson(param, FIELD_GROUP_ID);
523 if (groupId == NULL) {
524 groupId = GetStringFromJson(param, FIELD_SERVICE_TYPE);
525 }
526 return GetCandidateAuthInfo(osAccountId, groupId, param, authParamsVec);
527 }
528
CreateAndProcessAuthTask(CompatibleAuthSubSession * session,CJson * paramInSession,CJson * out,int32_t * status)529 int32_t CreateAndProcessAuthTask(CompatibleAuthSubSession *session, CJson *paramInSession, CJson *out, int32_t *status)
530 {
531 int32_t moduleType = GetAuthModuleType(paramInSession);
532 if (moduleType == DAS_MODULE) {
533 const char *servicePkgName = GetStringFromJson(paramInSession, FIELD_SERVICE_PKG_NAME);
534 if (servicePkgName == NULL) {
535 LOGE("servicePkgName is null!");
536 return HC_ERR_JSON_GET;
537 }
538 if (AddStringToJson(paramInSession, FIELD_PKG_NAME, servicePkgName) != HC_SUCCESS) {
539 LOGE("Failed to add pkg name to json!");
540 return HC_ERR_JSON_ADD;
541 }
542 }
543 session->base.curTaskId = 0;
544 DEV_AUTH_START_TRACE(TRACE_TAG_CREATE_AUTH_TASK);
545 int32_t res = CreateTask(&(session->base.curTaskId), paramInSession, out, moduleType);
546 DEV_AUTH_FINISH_TRACE();
547 if (res != HC_SUCCESS) {
548 LOGE("Failed to create task for auth!");
549 return res;
550 }
551 DEV_AUTH_START_TRACE(TRACE_TAG_PROCESS_AUTH_TASK);
552 res = ProcessTask(session->base.curTaskId, paramInSession, out, status, moduleType);
553 DEV_AUTH_FINISH_TRACE();
554 ClearCachedData(paramInSession);
555 if (res != HC_SUCCESS) {
556 DestroyTask(session->base.curTaskId, GetAuthModuleType(paramInSession));
557 LOGE("Failed to process task for auth!");
558 }
559 return res;
560 }
561
ClearCachedData(CJson * paramInSession)562 void ClearCachedData(CJson *paramInSession)
563 {
564 DeleteItemFromJson(paramInSession, FIELD_PAYLOAD);
565 DeleteItemFromJson(paramInSession, FIELD_SELF_AUTH_ID);
566 DeleteItemFromJson(paramInSession, FIELD_OPERATION_CODE);
567 }
568
ProcessClientAuthError(CompatibleAuthSubSession * session,const CJson * out)569 int32_t ProcessClientAuthError(CompatibleAuthSubSession *session, const CJson *out)
570 {
571 ParamsVecForAuth list = session->paramsList;
572 CJson *paramInSession = list.get(&list, session->currentIndex);
573 if (paramInSession == NULL) {
574 LOGE("The json data in session is null!");
575 return HC_ERR_NULL_PTR;
576 }
577 CJson *sendToPeer = GetObjFromJson(out, FIELD_SEND_TO_PEER);
578 if (sendToPeer != NULL && ReturnErrorToPeerByTask(sendToPeer, paramInSession,
579 session->base.callback) != HC_SUCCESS) {
580 LOGE("Failed to return task's error msg to peer!");
581 return HC_ERR_INFORM_ERR;
582 }
583 int32_t res = AuthOnNextGroupIfExist(session);
584 if (res != HC_SUCCESS) {
585 LOGE("Failed to auth on next group!");
586 }
587 return res;
588 }
589
ProcessServerAuthError(CompatibleAuthSubSession * session,const CJson * out)590 void ProcessServerAuthError(CompatibleAuthSubSession *session, const CJson *out)
591 {
592 ParamsVecForAuth list = session->paramsList;
593 CJson *paramInSession = list.get(&list, session->currentIndex);
594 if (paramInSession == NULL) {
595 LOGE("The json data in session is null!");
596 return;
597 }
598 CJson *sendToPeer = GetObjFromJson(out, FIELD_SEND_TO_PEER);
599 if (sendToPeer != NULL && ReturnErrorToPeerByTask(sendToPeer, paramInSession,
600 session->base.callback) != HC_SUCCESS) {
601 LOGE("Failed to return task's error msg to peer!");
602 }
603 }
604
AddGroupAuthTransmitData(const CompatibleAuthSubSession * session,bool isClientFirst,CJson * sendToPeer)605 int32_t AddGroupAuthTransmitData(const CompatibleAuthSubSession *session, bool isClientFirst, CJson *sendToPeer)
606 {
607 ParamsVecForAuth list = session->paramsList;
608 CJson *authParam = list.get(&list, session->currentIndex);
609 if (authParam == NULL) {
610 LOGE("The json data in session is null!");
611 return HC_ERR_NULL_PTR;
612 }
613 bool isDeviceLevel = false;
614 int32_t authForm = AUTH_FORM_INVALID_TYPE;
615 (void)GetIntFromJson(authParam, FIELD_AUTH_FORM, &authForm);
616 if (isClientFirst && (authForm == AUTH_FORM_IDENTICAL_ACCOUNT || authForm == AUTH_FORM_ACROSS_ACCOUNT)) {
617 (void)GetBoolFromJson(authParam, FIELD_IS_DEVICE_LEVEL, &isDeviceLevel);
618 }
619 /* Disable device-level auth. */
620 if (AddBoolToJson(sendToPeer, FIELD_IS_DEVICE_LEVEL, isDeviceLevel) != HC_SUCCESS) {
621 LOGE("Failed to add device level!");
622 return HC_ERR_JSON_ADD;
623 }
624 bool isClient = true;
625 if (GetBoolFromJson(authParam, FIELD_IS_CLIENT, &isClient)) {
626 LOGE("Failed to get isClient!");
627 return HC_ERR_JSON_GET;
628 }
629 if (isClient && (session->currentIndex < (list.size(&list) - 1))) {
630 CJson *nextParam = list.get(&list, session->currentIndex + 1);
631 if (nextParam == NULL) {
632 LOGE("Failed to get next auth params!");
633 return HC_ERR_NULL_PTR;
634 }
635 const char *altGroup = GetStringFromJson(nextParam, FIELD_SERVICE_TYPE);
636 if ((altGroup != NULL) && (AddStringToJson(sendToPeer, FIELD_ALTERNATIVE, altGroup) != HC_SUCCESS)) {
637 LOGE("Failed to add alternative group!");
638 return HC_ERR_JSON_ADD;
639 }
640 }
641 return HC_SUCCESS;
642 }
643
HandleAuthTaskStatus(const CompatibleAuthSubSession * session,CJson * out,int32_t status)644 int32_t HandleAuthTaskStatus(const CompatibleAuthSubSession *session, CJson *out, int32_t status)
645 {
646 int32_t res = HC_SUCCESS;
647 switch (status) {
648 case IGNORE_MSG:
649 LOGI("Ignore this msg.");
650 break;
651 case CONTINUE:
652 res = ReturnTransmitData(session, out);
653 if (res != HC_SUCCESS) {
654 LOGE("Failed to transmit data to peer!");
655 }
656 break;
657 case FINISH:
658 ReturnFinishData(session, out);
659 ClearSensitiveStringInJson(out, FIELD_SESSION_KEY);
660 res = FINISH;
661 break;
662 default:
663 LOGE("Invalid status after process task!");
664 res = HC_ERR_INVALID_PARAMS;
665 break;
666 }
667 return res;
668 }
669
NotifyPeerAuthError(const CJson * authParam,const DeviceAuthCallback * callback)670 void NotifyPeerAuthError(const CJson *authParam, const DeviceAuthCallback *callback)
671 {
672 if (ReturnErrorToPeerBySession(authParam, callback) != HC_SUCCESS) {
673 LOGE("Failed to return error to peer by session!");
674 }
675 }