1 /*
2 * Copyright (c) 2022-2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #include "authentication_impl.h"
16
17 #include "hdi_wrapper.h"
18 #include "iam_hitrace_helper.h"
19 #include "iam_logger.h"
20 #include "schedule_node_helper.h"
21
22 #define LOG_LABEL UserIam::Common::LABEL_USER_AUTH_SA
23 namespace OHOS {
24 namespace UserIam {
25 namespace UserAuth {
AuthenticationImpl(uint64_t contextId,const AuthenticationPara & authPara)26 AuthenticationImpl::AuthenticationImpl(uint64_t contextId, const AuthenticationPara &authPara)
27 : contextId_(contextId), authPara_(authPara)
28 {
29 }
30
~AuthenticationImpl()31 AuthenticationImpl::~AuthenticationImpl()
32 {
33 Cancel();
34 }
35
SetLatestError(int32_t error)36 void AuthenticationImpl::SetLatestError(int32_t error)
37 {
38 if (error != ResultCode::SUCCESS) {
39 latestError_ = error;
40 }
41 }
42
GetLatestError() const43 int32_t AuthenticationImpl::GetLatestError() const
44 {
45 return latestError_;
46 }
47
SetExecutor(uint32_t executorIndex)48 void AuthenticationImpl::SetExecutor(uint32_t executorIndex)
49 {
50 executorIndex_ = executorIndex;
51 }
52
SetChallenge(const std::vector<uint8_t> & challenge)53 void AuthenticationImpl::SetChallenge(const std::vector<uint8_t> &challenge)
54 {
55 challenge_ = challenge;
56 }
57
SetAccessTokenId(uint32_t tokenId)58 void AuthenticationImpl::SetAccessTokenId(uint32_t tokenId)
59 {
60 tokenId_ = tokenId;
61 }
62
SetEndAfterFirstFail(bool endAfterFirstFail)63 void AuthenticationImpl::SetEndAfterFirstFail(bool endAfterFirstFail)
64 {
65 endAfterFirstFail_ = endAfterFirstFail;
66 }
67
GetAccessTokenId() const68 uint32_t AuthenticationImpl::GetAccessTokenId() const
69 {
70 return tokenId_;
71 }
72
GetAuthExecutorMsgs() const73 std::vector<Authentication::AuthExecutorMsg> AuthenticationImpl::GetAuthExecutorMsgs() const
74 {
75 return authExecutorMsgs_;
76 }
77
Start(std::vector<std::shared_ptr<ScheduleNode>> & scheduleList,std::shared_ptr<ScheduleNodeCallback> callback)78 bool AuthenticationImpl::Start(std::vector<std::shared_ptr<ScheduleNode>> &scheduleList,
79 std::shared_ptr<ScheduleNodeCallback> callback)
80 {
81 IAM_LOGE("UserId:%{public}d AuthType:%{public}d ATL:%{public}u", authPara_.userId, authPara_.authType,
82 authPara_.atl);
83 auto hdi = HdiWrapper::GetHdiInstance();
84 if (!hdi) {
85 IAM_LOGE("bad hdi");
86 return false;
87 }
88 HdiAuthSolution solution = {
89 .userId = authPara_.userId,
90 .authTrustLevel = authPara_.atl,
91 .authType = static_cast<HdiAuthType>(authPara_.authType),
92 .executorSensorHint = executorSensorHint,
93 .challenge = challenge_,
94 .callerName = authPara_.callerName,
95 .apiVersion = authPara_.sdkVersion,
96 };
97 std::vector<HdiScheduleInfo> infos;
98 IamHitraceHelper traceHelper("hdi BeginAuthentication");
99 auto result = hdi->BeginAuthenticationV1_2(contextId_, solution, infos);
100 if (result != HDF_SUCCESS) {
101 IAM_LOGE("hdi BeginAuthentication failed, err is %{public}d", result);
102 SetLatestError(result);
103 return false;
104 }
105 if (infos.empty()) {
106 IAM_LOGE("hdi BeginAuthentication failed, infos is empty");
107 return false;
108 }
109
110 ScheduleNodeHelper::NodeOptionalPara para;
111 para.tokenId = tokenId_;
112 para.endAfterFirstFail = endAfterFirstFail_;
113
114 if (!ScheduleNodeHelper::BuildFromHdi(infos, callback, scheduleList, para)) {
115 IAM_LOGE("BuildFromHdi failed");
116 return false;
117 }
118
119 running_ = true;
120 return true;
121 }
122
Update(const std::vector<uint8_t> & scheduleResult,AuthResultInfo & resultInfo)123 bool AuthenticationImpl::Update(const std::vector<uint8_t> &scheduleResult, AuthResultInfo &resultInfo)
124 {
125 auto hdi = HdiWrapper::GetHdiInstance();
126 if (!hdi) {
127 IAM_LOGE("bad hdi");
128 return false;
129 }
130
131 HdiAuthResultInfo info;
132 auto result = hdi->UpdateAuthenticationResult(contextId_, scheduleResult, info);
133 if (result != HDF_SUCCESS) {
134 IAM_LOGE("hdi UpdateAuthenticationResult failed, err is %{public}d", result);
135 SetLatestError(result);
136 }
137
138 for (auto &[executorIndex, commandId, msg] : info.msgs) {
139 Authentication::AuthExecutorMsg authExecutorMsg = {executorIndex, commandId, msg};
140 authExecutorMsgs_.emplace_back(authExecutorMsg);
141 }
142
143 resultInfo.result = static_cast<decltype(resultInfo.result)>(info.result);
144 resultInfo.freezingTime = info.lockoutDuration;
145 resultInfo.remainTimes = info.remainAttempts;
146 resultInfo.token = info.token;
147 resultInfo.rootSecret = info.rootSecret;
148
149 if (resultInfo.result != SUCCESS) {
150 SetLatestError(resultInfo.result);
151 }
152
153 return result == HDF_SUCCESS && resultInfo.result == SUCCESS;
154 }
155
Cancel()156 bool AuthenticationImpl::Cancel()
157 {
158 if (!running_) {
159 return false;
160 }
161 running_ = false;
162
163 auto hdi = HdiWrapper::GetHdiInstance();
164 if (!hdi) {
165 IAM_LOGE("bad hdi");
166 return false;
167 }
168
169 auto result = hdi->CancelAuthentication(contextId_);
170 if (result != HDF_SUCCESS) {
171 IAM_LOGE("hdi CancelAuthentication failed, err is %{public}d", result);
172 SetLatestError(result);
173 return false;
174 }
175 return true;
176 }
177 } // namespace UserAuth
178 } // namespace UserIam
179 } // namespace OHOS