1 /*
2 * Copyright (C) 2022-2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "executor_message.h"
17
18 #include "securec.h"
19 #include "adaptor_algorithm.h"
20 #include "adaptor_log.h"
21 #include "adaptor_memory.h"
22 #include "adaptor_time.h"
23 #include "coauth.h"
24 #include "ed25519_key.h"
25 #include "idm_database.h"
26
27 #define ROOT_SECRET_LEN 32
28
29 #ifdef IAM_TEST_ENABLE
30 #define IAM_STATIC
31 #else
32 #define IAM_STATIC static
33 #endif
34
SignData(const Uint8Array * dataTlv,Uint8Array * signDataTlv)35 IAM_STATIC ResultCode SignData(const Uint8Array *dataTlv, Uint8Array *signDataTlv)
36 {
37 Buffer data = GetTmpBuffer(dataTlv->data, dataTlv->len, dataTlv->len);
38 if (!IsBufferValid(&data)) {
39 LOG_ERROR("data is invalid");
40 return RESULT_GENERAL_ERROR;
41 }
42 ResultCode result = RESULT_SUCCESS;
43 Buffer *signData = ExecutorMsgSign(&data);
44 if (!IsBufferValid(signData)) {
45 LOG_ERROR("signData is invalid");
46 return RESULT_GENERAL_ERROR;
47 }
48 if (signData->contentSize != ED25519_FIX_SIGN_BUFFER_SIZE) {
49 LOG_ERROR("sign data len invalid");
50 result = RESULT_GENERAL_ERROR;
51 goto FAIL;
52 }
53
54 if (memcpy_s(signDataTlv->data, signDataTlv->len, signData->buf, signData->contentSize) != EOK) {
55 LOG_ERROR("copy sign to signDtaTlv failed");
56 result = RESULT_GENERAL_ERROR;
57 goto FAIL;
58 }
59 signDataTlv->len = signData->contentSize;
60 LOG_INFO("sign data success");
61
62 FAIL:
63 DestoryBuffer(signData);
64 return result;
65 }
66
GetAttributeDataAndSignTlv(const Attribute * attribute,bool needSignature,Uint8Array * retDataAndSignTlv)67 IAM_STATIC ResultCode GetAttributeDataAndSignTlv(const Attribute *attribute, bool needSignature,
68 Uint8Array *retDataAndSignTlv)
69 {
70 Attribute *dataAndSignAttribute = CreateEmptyAttribute();
71 Uint8Array dataTlv = { Malloc(MAX_EXECUTOR_MSG_LEN), MAX_EXECUTOR_MSG_LEN };
72 Uint8Array signTlv = { Malloc(ED25519_FIX_SIGN_BUFFER_SIZE), ED25519_FIX_SIGN_BUFFER_SIZE };
73
74 ResultCode result = RESULT_GENERAL_ERROR;
75 do {
76 if (dataAndSignAttribute == NULL || IS_ARRAY_NULL(dataTlv) || IS_ARRAY_NULL(signTlv)) {
77 LOG_ERROR("dataAndSignAttribute or dataTlv or signTlv is NULL");
78 break;
79 }
80 result = GetAttributeSerializedMsg(attribute, &dataTlv);
81 if (result != RESULT_SUCCESS) {
82 LOG_ERROR("GetAttributeSerializedMsg for data fail");
83 break;
84 }
85
86 result = SetAttributeUint8Array(dataAndSignAttribute, AUTH_DATA, dataTlv);
87 if (result != RESULT_SUCCESS) {
88 LOG_ERROR("SetAttributeUint8Array for data fail");
89 break;
90 }
91 if (needSignature) {
92 result = SignData(&dataTlv, &signTlv);
93 if (result != RESULT_SUCCESS) {
94 LOG_ERROR("SignData fail");
95 break;
96 }
97 result = SetAttributeUint8Array(dataAndSignAttribute, AUTH_SIGNATURE, signTlv);
98 if (result != RESULT_SUCCESS) {
99 LOG_ERROR("SetAttributeUint8Array for signature fail");
100 break;
101 }
102 }
103 result = GetAttributeSerializedMsg(dataAndSignAttribute, retDataAndSignTlv);
104 if (result != RESULT_SUCCESS) {
105 LOG_ERROR("GetAttributeSerializedMsg fail");
106 break;
107 }
108 } while (0);
109
110 Free(signTlv.data);
111 Free(dataTlv.data);
112 FreeAttribute(&dataAndSignAttribute);
113 return result;
114 }
115
GetAttributeExecutorMsg(const Attribute * attribute,bool needSignature,Uint8Array * retMsg)116 ResultCode GetAttributeExecutorMsg(const Attribute *attribute, bool needSignature, Uint8Array *retMsg)
117 {
118 IF_TRUE_LOGE_AND_RETURN_VAL(attribute == NULL, RESULT_GENERAL_ERROR);
119 IF_TRUE_LOGE_AND_RETURN_VAL(retMsg == NULL, RESULT_GENERAL_ERROR);
120 IF_TRUE_LOGE_AND_RETURN_VAL(IS_ARRAY_NULL(*retMsg), RESULT_GENERAL_ERROR);
121
122 Attribute *rootAttribute = CreateEmptyAttribute();
123 Uint8Array dataAndSignTlv = { Malloc(MAX_EXECUTOR_MSG_LEN), MAX_EXECUTOR_MSG_LEN };
124
125 ResultCode result = RESULT_GENERAL_ERROR;
126 do {
127 if (rootAttribute == NULL || IS_ARRAY_NULL(dataAndSignTlv)) {
128 LOG_ERROR("rootAttribute or dataAndSignTlv is NULL");
129 break;
130 }
131
132 result = GetAttributeDataAndSignTlv(attribute, needSignature, &dataAndSignTlv);
133 if (result != RESULT_SUCCESS) {
134 LOG_ERROR("GetAttributeDataAndSignTlv fail");
135 break;
136 }
137 result = SetAttributeUint8Array(rootAttribute, AUTH_ROOT, dataAndSignTlv);
138 if (result != RESULT_SUCCESS) {
139 LOG_ERROR("SetAttributeUint8Array fail");
140 break;
141 }
142 result = GetAttributeSerializedMsg(rootAttribute, retMsg);
143 if (result != RESULT_SUCCESS) {
144 LOG_ERROR("GetAttributeSerializedMsg fail");
145 break;
146 }
147 } while (0);
148
149 Free(dataAndSignTlv.data);
150 FreeAttribute(&rootAttribute);
151 return result;
152 }
153
Ed25519VerifyData(uint64_t scheduleId,Uint8Array dataTlv,Uint8Array signTlv)154 IAM_STATIC ResultCode Ed25519VerifyData(uint64_t scheduleId, Uint8Array dataTlv, Uint8Array signTlv)
155 {
156 ResultCode result = RESULT_GENERAL_ERROR;
157 const CoAuthSchedule *currentSchedule = GetCoAuthSchedule(scheduleId);
158 IF_TRUE_LOGE_AND_RETURN_VAL(currentSchedule == NULL, result);
159 Buffer *publicKey = NULL;
160 for (uint32_t index = 0; index < currentSchedule->executorSize; ++index) {
161 const ExecutorInfoHal *executor = &((currentSchedule->executors)[index]);
162 if (executor->executorRole == VERIFIER || executor->executorRole == ALL_IN_ONE) {
163 publicKey = CreateBufferByData(executor->pubKey, PUBLIC_KEY_LEN);
164 break;
165 }
166 }
167 Buffer data = GetTmpBuffer(dataTlv.data, dataTlv.len, dataTlv.len);
168 Buffer sign = GetTmpBuffer(signTlv.data, signTlv.len, signTlv.len);
169 if (!IsBufferValid(publicKey) || !IsBufferValid(&data) || !IsBufferValid(&sign)) {
170 LOG_ERROR("data or sign is invalid");
171 goto FAIL;
172 }
173 result = (ResultCode)Ed25519Verify(publicKey, &data, &sign);
174 if (result != RESULT_SUCCESS) {
175 LOG_ERROR("verify sign failed");
176 goto FAIL;
177 }
178 LOG_INFO("Ed25519 verify success");
179
180 FAIL:
181 DestoryBuffer(publicKey);
182 return result;
183 }
184
VerifyDataTlvSignature(const Attribute * dataAndSignAttribute,const Uint8Array dataTlv)185 IAM_STATIC ResultCode VerifyDataTlvSignature(const Attribute *dataAndSignAttribute, const Uint8Array dataTlv)
186 {
187 Attribute *dataAttribute = CreateAttributeFromSerializedMsg(dataTlv);
188 Uint8Array signTlv = { Malloc(MAX_EXECUTOR_MSG_LEN), MAX_EXECUTOR_MSG_LEN };
189
190 ResultCode result = RESULT_GENERAL_ERROR;
191 do {
192 if (dataAttribute == NULL || IS_ARRAY_NULL(signTlv)) {
193 LOG_ERROR("dataAttribute or signTlv is null");
194 break;
195 }
196 result = GetAttributeUint8Array(dataAndSignAttribute, AUTH_SIGNATURE, &signTlv);
197 if (result != RESULT_SUCCESS) {
198 LOG_ERROR("GetAttributeUint8Array fail");
199 break;
200 }
201
202 uint64_t scheduleId;
203 result = GetAttributeUint64(dataAttribute, AUTH_SCHEDULE_ID, &scheduleId);
204 if (result != RESULT_SUCCESS) {
205 LOG_ERROR("GetAttributeUint64 scheduleId fail");
206 break;
207 }
208 result = Ed25519VerifyData(scheduleId, dataTlv, signTlv);
209 if (result != RESULT_SUCCESS) {
210 LOG_ERROR("Ed25519VerifyData fail");
211 break;
212 }
213 } while (0);
214
215 Free(signTlv.data);
216 FreeAttribute(&dataAttribute);
217 return result;
218 }
219
CreateAttributeFromDataAndSignTlv(const Uint8Array dataAndSignTlv,bool needVerifySignature)220 IAM_STATIC Attribute *CreateAttributeFromDataAndSignTlv(const Uint8Array dataAndSignTlv, bool needVerifySignature)
221 {
222 Attribute *dataAndSignAttribute = CreateAttributeFromSerializedMsg(dataAndSignTlv);
223 Uint8Array dataTlv = { Malloc(MAX_EXECUTOR_MSG_LEN), MAX_EXECUTOR_MSG_LEN };
224
225 Attribute *attribute = NULL;
226 do {
227 if (dataAndSignAttribute == NULL || IS_ARRAY_NULL(dataTlv)) {
228 LOG_ERROR("dataAndSignAttribute or dataTlv is null");
229 break;
230 }
231 if (GetAttributeUint8Array(dataAndSignAttribute, AUTH_DATA, &dataTlv) != RESULT_SUCCESS) {
232 LOG_ERROR("GetAttributeUint8Array fail");
233 break;
234 }
235 if (needVerifySignature) {
236 if (VerifyDataTlvSignature(dataAndSignAttribute, dataTlv) != RESULT_SUCCESS) {
237 LOG_ERROR("VerifyDataTlvSignature fail");
238 break;
239 }
240 }
241 attribute = CreateAttributeFromSerializedMsg(dataTlv);
242 if (attribute == NULL) {
243 LOG_ERROR("CreateAttributeFromSerializedMsg fail");
244 break;
245 }
246 } while (0);
247
248 Free(dataTlv.data);
249 FreeAttribute(&dataAndSignAttribute);
250 return attribute;
251 }
252
CreateAttributeFromExecutorMsg(const Uint8Array msg,bool needVerifySignature)253 IAM_STATIC Attribute *CreateAttributeFromExecutorMsg(const Uint8Array msg, bool needVerifySignature)
254 {
255 IF_TRUE_LOGE_AND_RETURN_VAL(IS_ARRAY_NULL(msg), NULL);
256
257 Attribute *msgAttribute = CreateAttributeFromSerializedMsg(msg);
258 Uint8Array dataAndSignTlv = { Malloc(MAX_EXECUTOR_MSG_LEN), MAX_EXECUTOR_MSG_LEN };
259
260 Attribute *attribute = NULL;
261 do {
262 if (msgAttribute == NULL || IS_ARRAY_NULL(dataAndSignTlv)) {
263 LOG_ERROR("msgAttribute or dataAndSignTlv is null");
264 break;
265 }
266
267 ResultCode result = GetAttributeUint8Array(msgAttribute, AUTH_ROOT, &dataAndSignTlv);
268 if (result != RESULT_SUCCESS) {
269 LOG_ERROR("GetAttributeUint8Array fail");
270 break;
271 }
272
273 attribute = CreateAttributeFromDataAndSignTlv(dataAndSignTlv, needVerifySignature);
274 if (attribute == NULL) {
275 LOG_ERROR("CreateAttributeFromDataAndSignTlv fail");
276 break;
277 }
278 } while (0);
279
280 (void)memset_s(dataAndSignTlv.data, MAX_EXECUTOR_MSG_LEN, 0, MAX_EXECUTOR_MSG_LEN);
281 Free(dataAndSignTlv.data);
282 FreeAttribute(&msgAttribute);
283 return attribute;
284 }
285
GetRootSecretFromAttribute(const Attribute * attribute,ExecutorResultInfo * resultInfo)286 IAM_STATIC void GetRootSecretFromAttribute(const Attribute *attribute, ExecutorResultInfo *resultInfo)
287 {
288 Uint8Array array = { Malloc(ROOT_SECRET_LEN), ROOT_SECRET_LEN };
289 IF_TRUE_LOGE_AND_RETURN(IS_ARRAY_NULL(array));
290 ResultCode result = GetAttributeUint8Array(attribute, AUTH_ROOT_SECRET, &(array));
291 if (result != RESULT_SUCCESS) {
292 LOG_ERROR("There is no rootSecret in this attribute");
293 goto EXIT;
294 }
295 if (array.len != ROOT_SECRET_LEN) {
296 LOG_ERROR("rootSecret len is invalid");
297 goto EXIT;
298 }
299 resultInfo->rootSecret = CreateBufferByData(array.data, array.len);
300 if (!IsBufferValid(resultInfo->rootSecret)) {
301 LOG_ERROR("Generate rootSecret buffer failed");
302 goto EXIT;
303 }
304 LOG_INFO("get rootSecret success");
305
306 EXIT:
307 (void)memset_s(array.data, ROOT_SECRET_LEN, 0, ROOT_SECRET_LEN);
308 Free(array.data);
309 }
310
GetExecutorResultInfoFromAttribute(const Attribute * attribute,ExecutorResultInfo * resultInfo)311 IAM_STATIC ResultCode GetExecutorResultInfoFromAttribute(const Attribute *attribute, ExecutorResultInfo *resultInfo)
312 {
313 ResultCode result = RESULT_GENERAL_ERROR;
314 result = GetAttributeInt32(attribute, AUTH_RESULT_CODE, &(resultInfo->result));
315 if (result != RESULT_SUCCESS) {
316 LOG_ERROR("GetAttributeInt32 result failed");
317 return result;
318 }
319 result = GetAttributeUint64(attribute, AUTH_TEMPLATE_ID, &(resultInfo->templateId));
320 if (result != RESULT_SUCCESS) {
321 LOG_ERROR("GetAttributeUint64 templateId failed");
322 return result;
323 }
324 result = GetAttributeUint64(attribute, AUTH_SCHEDULE_ID, &(resultInfo->scheduleId));
325 if (result != RESULT_SUCCESS) {
326 LOG_ERROR("GetAttributeUint64 scheduleId failed");
327 return result;
328 }
329 result = GetAttributeUint64(attribute, AUTH_SUB_TYPE, &(resultInfo->authSubType));
330 if (result != RESULT_SUCCESS) {
331 LOG_ERROR("GetAttributeUint64 authSubType failed");
332 return result;
333 }
334 result = GetAttributeInt32(attribute, AUTH_REMAIN_COUNT, &(resultInfo->remainTimes));
335 if (result != RESULT_SUCCESS) {
336 LOG_ERROR("GetAttributeInt32 remainTimes failed");
337 return result;
338 }
339 result = GetAttributeInt32(attribute, AUTH_REMAIN_TIME, &(resultInfo->freezingTime));
340 if (result != RESULT_SUCCESS) {
341 LOG_ERROR("GetAttributeInt32 freezingTime failed");
342 return result;
343 }
344 result = GetAttributeUint32(attribute, AUTH_CAPABILITY_LEVEL, &(resultInfo->capabilityLevel));
345 if (result != RESULT_SUCCESS) {
346 LOG_ERROR("GetAttributeUint32 capabilityLevel failed");
347 return result;
348 }
349
350 // Only pin auth has rootSecret
351 GetRootSecretFromAttribute(attribute, resultInfo);
352 return RESULT_SUCCESS;
353 }
354
CreateExecutorResultInfo(const Buffer * tlv)355 ExecutorResultInfo *CreateExecutorResultInfo(const Buffer *tlv)
356 {
357 if (!IsBufferValid(tlv)) {
358 LOG_ERROR("param is invalid");
359 return NULL;
360 }
361
362 Uint8Array msg = { tlv->buf, tlv->contentSize };
363 Attribute *attribute = CreateAttributeFromExecutorMsg(msg, true);
364 if (attribute == NULL) {
365 LOG_ERROR("CreateAttributeFromExecutorMsg failed");
366 return NULL;
367 }
368
369 ExecutorResultInfo *result = Malloc(sizeof(ExecutorResultInfo));
370 if (result == NULL) {
371 LOG_ERROR("malloc failed");
372 FreeAttribute(&attribute);
373 return result;
374 }
375 (void)memset_s(result, sizeof(ExecutorResultInfo), 0, sizeof(ExecutorResultInfo));
376
377 if (GetExecutorResultInfoFromAttribute(attribute, result) != RESULT_SUCCESS) {
378 LOG_ERROR("GetExecutorResultInfoFromAttribute failed");
379 FreeAttribute(&attribute);
380 DestoryExecutorResultInfo(result);
381 return NULL;
382 }
383
384 FreeAttribute(&attribute);
385 return result;
386 }
387
DestoryExecutorResultInfo(ExecutorResultInfo * result)388 void DestoryExecutorResultInfo(ExecutorResultInfo *result)
389 {
390 if (result == NULL) {
391 return;
392 }
393 if (result->rootSecret != NULL) {
394 DestoryBuffer(result->rootSecret);
395 }
396 Free(result);
397 }
398
SetExecutorMsgToAttribute(uint32_t authType,uint32_t authPropertyMode,const Uint64Array * templateIds,Attribute * attribute)399 IAM_STATIC ResultCode SetExecutorMsgToAttribute(uint32_t authType, uint32_t authPropertyMode,
400 const Uint64Array *templateIds, Attribute *attribute)
401 {
402 ResultCode result = SetAttributeUint32(attribute, AUTH_PROPERTY_MODE, authPropertyMode);
403 if (result != RESULT_SUCCESS) {
404 LOG_ERROR("SetAttributeUint32 propertyMode failed");
405 return RESULT_GENERAL_ERROR;
406 }
407 result = SetAttributeUint32(attribute, AUTH_TYPE, authType);
408 if (result != RESULT_SUCCESS) {
409 LOG_ERROR("SetAttributeUint32 authType failed");
410 return RESULT_GENERAL_ERROR;
411 }
412 Uint64Array templateIdsIn = { templateIds->data, templateIds->len };
413 result = SetAttributeUint64Array(attribute, AUTH_TEMPLATE_ID_LIST, templateIdsIn);
414 if (result != RESULT_SUCCESS) {
415 LOG_ERROR("SetAttributeUint64Array templateIdsIn failed");
416 return RESULT_GENERAL_ERROR;
417 }
418 uint64_t time = GetSystemTime();
419 result = SetAttributeUint64(attribute, AUTH_TIME_STAMP, time);
420 if (result != RESULT_SUCCESS) {
421 LOG_ERROR("SetAttributeUint64 time failed");
422 return RESULT_GENERAL_ERROR;
423 }
424
425 return RESULT_SUCCESS;
426 }
427
428
CreateExecutorMsg(uint32_t authType,uint32_t authPropertyMode,const Uint64Array * templateIds)429 IAM_STATIC Buffer *CreateExecutorMsg(uint32_t authType, uint32_t authPropertyMode, const Uint64Array *templateIds)
430 {
431 if (templateIds == NULL) {
432 LOG_ERROR("templateIds is null");
433 return NULL;
434 }
435 Buffer *retBuffer = NULL;
436 Uint8Array retInfo = { Malloc(MAX_EXECUTOR_MSG_LEN), MAX_EXECUTOR_MSG_LEN };
437 Attribute *attribute = CreateEmptyAttribute();
438 if (attribute == NULL || IS_ARRAY_NULL(retInfo)) {
439 LOG_ERROR("generate attribute or retInfo failed");
440 goto FAIL;
441 }
442
443 ResultCode result = SetExecutorMsgToAttribute(authType, authPropertyMode, templateIds, attribute);
444 if (result != RESULT_SUCCESS) {
445 LOG_ERROR("set msg to attribute failed");
446 goto FAIL;
447 }
448
449 if (authPropertyMode == PROPERTY_MODE_UNFREEZE) {
450 result = GetAttributeExecutorMsg(attribute, true, &retInfo);
451 } else {
452 result = GetAttributeExecutorMsg(attribute, false, &retInfo);
453 }
454 if (result != RESULT_SUCCESS) {
455 LOG_ERROR("GetAttributeExecutorMsg failed");
456 goto FAIL;
457 }
458
459 retBuffer = CreateBufferByData(retInfo.data, retInfo.len);
460 if (!IsBufferValid(retBuffer)) {
461 LOG_ERROR("generate result buffer failed");
462 goto FAIL;
463 }
464 LOG_INFO("CreateExecutorMsg success");
465
466 FAIL:
467 FreeAttribute(&attribute);
468 Free(retInfo.data);
469 return retBuffer;
470 }
471
DestoryExecutorMsg(void * data)472 IAM_STATIC void DestoryExecutorMsg(void *data)
473 {
474 if (data == NULL) {
475 return;
476 }
477 ExecutorMsg *msg = (ExecutorMsg *)data;
478 DestoryBuffer(msg->msg);
479 Free(msg);
480 }
481
GetExecutorTemplateList(int32_t userId,const ExecutorInfoHal * executorNode,Uint64Array * templateIds)482 IAM_STATIC ResultCode GetExecutorTemplateList(
483 int32_t userId, const ExecutorInfoHal *executorNode, Uint64Array *templateIds)
484 {
485 CredentialCondition condition = {};
486 SetCredentialConditionUserId(&condition, userId);
487 SetCredentialConditionAuthType(&condition, executorNode->authType);
488 SetCredentialConditionExecutorSensorHint(&condition, executorNode->executorSensorHint);
489 LinkedList *credList = QueryCredentialLimit(&condition);
490 if (credList == NULL) {
491 LOG_ERROR("query credential failed");
492 DestroyLinkedList(credList);
493 return RESULT_UNKNOWN;
494 }
495 uint32_t credListNum = credList->getSize(credList);
496 if (credListNum > MAX_CREDENTIAL) {
497 LOG_ERROR("cred num is invalid");
498 DestroyLinkedList(credList);
499 return RESULT_REACH_LIMIT;
500 }
501 if (credListNum == 0) {
502 templateIds->data = NULL;
503 templateIds->len = 0;
504 DestroyLinkedList(credList);
505 return RESULT_SUCCESS;
506 }
507 templateIds->data = (uint64_t *)Malloc(sizeof(uint64_t) * credListNum);
508 if (templateIds->data == NULL) {
509 LOG_ERROR("data malloc failed");
510 DestroyLinkedList(credList);
511 return RESULT_NO_MEMORY;
512 }
513 templateIds->len = 0;
514 LinkedListNode *temp = credList->head;
515 while (temp != NULL) {
516 if (temp->data == NULL) {
517 LOG_ERROR("link node is invalid");
518 DestroyLinkedList(credList);
519 Free(templateIds->data);
520 templateIds->data = NULL;
521 return RESULT_UNKNOWN;
522 }
523 CredentialInfoHal *credentialHal = (CredentialInfoHal *)temp->data;
524 templateIds->data[templateIds->len] = credentialHal->templateId;
525 ++(templateIds->len);
526 temp = temp->next;
527 }
528 DestroyLinkedList(credList);
529 return RESULT_SUCCESS;
530 }
531
AssemblyMessage(int32_t userId,const ExecutorInfoHal * executorNode,uint32_t authPropertyMode,LinkedList * executorMsg)532 IAM_STATIC ResultCode AssemblyMessage(
533 int32_t userId, const ExecutorInfoHal *executorNode, uint32_t authPropertyMode, LinkedList *executorMsg)
534 {
535 Uint64Array templateIds;
536 ResultCode ret = GetExecutorTemplateList(userId, executorNode, &templateIds);
537 if (ret != RESULT_SUCCESS) {
538 LOG_ERROR("get template list failed");
539 return ret;
540 }
541 if (templateIds.len == 0) {
542 return RESULT_SUCCESS;
543 }
544 ExecutorMsg *msg = (ExecutorMsg *)Malloc(sizeof(ExecutorMsg));
545 if (msg == NULL) {
546 LOG_ERROR("msg is null");
547 Free(templateIds.data);
548 return RESULT_NO_MEMORY;
549 }
550 msg->executorIndex = executorNode->executorIndex;
551 msg->msg = CreateExecutorMsg(executorNode->authType, authPropertyMode, &templateIds);
552 if (msg->msg == NULL) {
553 LOG_ERROR("msg's msg is null");
554 Free(templateIds.data);
555 DestoryExecutorMsg(msg);
556 return RESULT_NO_MEMORY;
557 }
558 ret = executorMsg->insert(executorMsg, msg);
559 if (ret != RESULT_SUCCESS) {
560 LOG_ERROR("insert msg failed");
561 DestoryExecutorMsg(msg);
562 }
563 Free(templateIds.data);
564 return ret;
565 }
566
TraverseExecutor(int32_t userId,uint32_t executorRole,uint32_t authPropertyMode,LinkedList * executorMsg)567 IAM_STATIC ResultCode TraverseExecutor(
568 int32_t userId, uint32_t executorRole, uint32_t authPropertyMode, LinkedList *executorMsg)
569 {
570 ExecutorCondition condition = {};
571 SetExecutorConditionExecutorRole(&condition, executorRole);
572 LinkedList *executors = QueryExecutor(&condition);
573 if (executors == NULL) {
574 LOG_ERROR("query executor failed");
575 return RESULT_UNKNOWN;
576 }
577 LinkedListNode *temp = executors->head;
578 while (temp != NULL) {
579 if (temp->data == NULL) {
580 LOG_ERROR("list node is invalid");
581 DestroyLinkedList(executors);
582 return RESULT_UNKNOWN;
583 }
584 ExecutorInfoHal *executorNode = (ExecutorInfoHal *)temp->data;
585 if (executorNode->authType != PIN_AUTH) {
586 ResultCode ret = AssemblyMessage(userId, executorNode, authPropertyMode, executorMsg);
587 if (ret != RESULT_SUCCESS) {
588 LOG_ERROR("assembly message failed");
589 DestroyLinkedList(executors);
590 return ret;
591 }
592 }
593 temp = temp->next;
594 }
595 DestroyLinkedList(executors);
596 return RESULT_SUCCESS;
597 }
598
GetExecutorMsgList(int32_t userId,uint32_t authPropertyMode,LinkedList ** executorMsg)599 ResultCode GetExecutorMsgList(int32_t userId, uint32_t authPropertyMode, LinkedList **executorMsg)
600 {
601 if (executorMsg == NULL) {
602 LOG_ERROR("executorMsg is null");
603 return RESULT_BAD_PARAM;
604 }
605 *executorMsg = CreateLinkedList(DestoryExecutorMsg);
606 if (*executorMsg == NULL) {
607 LOG_ERROR("create list failed");
608 return RESULT_NO_MEMORY;
609 }
610 ResultCode ret = TraverseExecutor(userId, VERIFIER, authPropertyMode, *executorMsg);
611 if (ret != RESULT_SUCCESS) {
612 LOG_ERROR("traverse verifier failed");
613 DestroyLinkedList(*executorMsg);
614 *executorMsg = NULL;
615 return ret;
616 }
617 ret = TraverseExecutor(userId, ALL_IN_ONE, authPropertyMode, *executorMsg);
618 if (ret != RESULT_SUCCESS) {
619 LOG_ERROR("traverse allInOne executor failed");
620 DestroyLinkedList(*executorMsg);
621 *executorMsg = NULL;
622 }
623 return ret;
624 }
625