• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2022 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #ifndef FOUNDATION_APPEXECFWK_SERVICES_BUNDLEMGR_INCLUDE_BUNDLE_INSTALL_CHECKER_H
17 #define FOUNDATION_APPEXECFWK_SERVICES_BUNDLEMGR_INCLUDE_BUNDLE_INSTALL_CHECKER_H
18 
19 #include <memory>
20 #include <string>
21 #include <vector>
22 
23 #include "app_privilege_capability.h"
24 #include "app_provision_info.h"
25 #include "appexecfwk_errors.h"
26 #include "bundle_pack_info.h"
27 #include "bundle_verify_mgr.h"
28 #include "inner_bundle_info.h"
29 #include "install_param.h"
30 
31 namespace OHOS {
32 namespace AppExecFwk {
33 struct InstallCheckParam {
34     bool isPreInstallApp = false;
35     bool removable = true;
36     // status of install bundle permission
37     PermissionStatus installBundlePermissionStatus = PermissionStatus::NOT_VERIFIED_PERMISSION_STATUS;
38     // status of install enterprise bundle permission
39     PermissionStatus installEnterpriseBundlePermissionStatus = PermissionStatus::NOT_VERIFIED_PERMISSION_STATUS;
40     // status of install enterprise normal bundle permission
41     PermissionStatus installEtpNormalBundlePermissionStatus = PermissionStatus::NOT_VERIFIED_PERMISSION_STATUS;
42     // status of install enterprise mdm bundle permission
43     PermissionStatus installEtpMdmBundlePermissionStatus = PermissionStatus::NOT_VERIFIED_PERMISSION_STATUS;
44     // is shell token
45     bool isCallByShell = false;
46     Constants::AppType appType = Constants::AppType::THIRD_PARTY_APP;
47     int64_t crowdtestDeadline = Constants::INVALID_CROWDTEST_DEADLINE; // for crowdtesting type hap
48 };
49 
50 class BundleInstallChecker {
51 public:
52     /**
53      * @brief Check syscap.
54      * @param bundlePaths Indicates the file paths of all HAP packages.
55      * @return Returns ERR_OK if the syscap satisfy; returns error code otherwise.
56      */
57     ErrCode CheckSysCap(const std::vector<std::string> &bundlePaths);
58 
59     /**
60      * @brief Check signature info of multiple haps.
61      * @param bundlePaths Indicates the file paths of all HAP packages.
62      * @param hapVerifyRes Indicates the signature info.
63      * @return Returns ERR_OK if the every hap has signature info and all haps have same signature info.
64      */
65     ErrCode CheckMultipleHapsSignInfo(
66         const std::vector<std::string> &bundlePaths,
67         std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes);
68 
69     /**
70      * @brief To check the hap hash param.
71      * @param infos .Indicates all innerBundleInfo for all haps need to be installed.
72      * @param hashParams .Indicates all hashParams in installParam.
73      * @return Returns ERR_OK if haps checking successfully; returns error code otherwise.
74      */
75     ErrCode CheckHapHashParams(
76         std::unordered_map<std::string, InnerBundleInfo> &infos,
77         std::map<std::string, std::string> hashParams);
78 
79     /**
80      * @brief To check the version code and bundleName in all haps.
81      * @param infos .Indicates all innerBundleInfo for all haps need to be installed.
82      * @return Returns ERR_OK if haps checking successfully; returns error code otherwise.
83      */
84     ErrCode CheckAppLabelInfo(const std::unordered_map<std::string, InnerBundleInfo> &infos);
85     /**
86      * @brief To check native file in all haps.
87      * @param infos .Indicates all innerBundleInfo for all haps need to be installed.
88      * @return Returns ERR_OK if haps checking successfully; returns error code otherwise.
89      */
90     ErrCode CheckMultiNativeFile(std::unordered_map<std::string, InnerBundleInfo> &infos);
91     /**
92      * @brief To check ark native file in all haps.
93      * @param infos .Indicates all innerBundleInfo for all haps need to be installed.
94      * @return Returns ERR_OK if haps checking successfully; returns error code otherwise.
95      */
96     ErrCode CheckMultiArkNativeFile(std::unordered_map<std::string, InnerBundleInfo> &infos);
97     /**
98      * @brief To check native so in all haps.
99      * @param infos .Indicates all innerBundleInfo for all haps need to be installed.
100      * @return Returns ERR_OK if haps checking successfully; returns error code otherwise.
101      */
102     ErrCode CheckMultiNativeSo(std::unordered_map<std::string, InnerBundleInfo> &infos);
103     /**
104      * @brief To parse hap files and to obtain innerBundleInfo of each hap.
105      * @param bundlePaths Indicates the file paths of all HAP packages.
106      * @param checkParam Indicates the install check parameters.
107      * @param hapVerifyRes Indicates all signature info of all haps.
108      * @param infos Indicates the innerBundleinfo of each hap.
109      * @return Returns ERR_OK if each hap is parsed successfully; returns error code otherwise.
110      */
111     ErrCode ParseHapFiles(
112         const std::vector<std::string> &bundlePaths,
113         const InstallCheckParam &checkParam,
114         std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes,
115         std::unordered_map<std::string, InnerBundleInfo> &infos);
116     /**
117      * @brief To check dependency whether or not exists.
118      * @param infos Indicates all innerBundleInfo for all haps need to be installed.
119      * @return Returns ERR_OK if haps checking successfully; returns error code otherwise.
120      */
121     ErrCode CheckDependency(std::unordered_map<std::string, InnerBundleInfo> &infos);
122 
123     void ResetProperties();
124 
IsContainEntry()125     bool IsContainEntry()
126     {
127         return isContainEntry_;
128     }
129 
130     ErrCode CheckHspInstallCondition(std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes);
131 
132     ErrCode CheckInstallPermission(const InstallCheckParam &checkParam,
133         const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes);
134 
135     bool VaildInstallPermission(const InstallParam &installParam,
136         const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes);
137 
138     bool VaildEnterpriseInstallPermission(const InstallParam &installParam,
139         const Security::Verify::ProvisionInfo &provisionInfo);
140 
141     bool VaildInstallPermissionForShare(const InstallCheckParam &checkParam,
142         const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes);
143 
144     bool VaildEnterpriseInstallPermissionForShare(const InstallCheckParam &checkParam,
145         const Security::Verify::ProvisionInfo &provisionInfo);
146 
147     ErrCode CheckModuleNameForMulitHaps(const std::unordered_map<std::string, InnerBundleInfo> &infos) const;
148 
149     bool IsExistedDistroModule(const InnerBundleInfo &newInfo, const InnerBundleInfo &info) const;
150 
151     bool IsContainModuleName(const InnerBundleInfo &newInfo, const InnerBundleInfo &info) const;
152 
153     ErrCode CheckDeviceType(std::unordered_map<std::string, InnerBundleInfo> &infos) const;
154 
155     AppProvisionInfo ConvertToAppProvisionInfo(const Security::Verify::ProvisionInfo &provisionInfo) const;
156 
157     ErrCode CheckProxyDatas(const InnerBundleInfo &info) const;
158 
159     ErrCode CheckIsolationMode(const std::unordered_map<std::string, InnerBundleInfo> &infos) const;
160 
161     ErrCode CheckSignatureFileDir(const std::string &signatureFileDir) const;
162 
163     ErrCode CheckDeveloperMode(const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes) const;
164 
165     ErrCode CheckAllowEnterpriseBundle(const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes) const;
166 
167     bool CheckEnterpriseBundle(Security::Verify::HapVerifyResult &hapVerifyRes) const;
168 
169 private:
170 
171     ErrCode ParseBundleInfo(
172         const std::string &bundleFilePath,
173         InnerBundleInfo &info,
174         BundlePackInfo &packInfo) const;
175 
176     ErrCode CheckSystemSize(
177         const std::string &bundlePath,
178         const Constants::AppType appType) const;
179 
180     void SetEntryInstallationFree(
181         const BundlePackInfo &bundlePackInfo,
182         InnerBundleInfo &innerBundleInfo);
183 
184     void SetPackInstallationFree(BundlePackInfo &bundlePackInfo, const InnerBundleInfo &innerBundleInfo) const;
185 
186     void CollectProvisionInfo(
187         const Security::Verify::ProvisionInfo &provisionInfo,
188         const AppPrivilegeCapability &appPrivilegeCapability,
189         InnerBundleInfo &newInfo);
190 
191     void GetPrivilegeCapability(
192         const InstallCheckParam &checkParam, InnerBundleInfo &newInfo);
193 
194     void ParseAppPrivilegeCapability(
195         const Security::Verify::ProvisionInfo &provisionInfo,
196         AppPrivilegeCapability &appPrivilegeCapability);
197 
198     ErrCode CheckMainElement(const InnerBundleInfo &info);
199 
200     ErrCode CheckBundleName(const std::string &provisionInfoBundleName, const std::string &bundleName);
201 
202     void FetchPrivilegeCapabilityFromPreConfig(
203         const std::string &bundleName,
204         const std::string &appSignature,
205         AppPrivilegeCapability &appPrivilegeCapability);
206 
207     bool MatchSignature(const std::vector<std::string> &appSignatures, const std::string &signature);
208 
209     bool GetPrivilegeCapabilityValue(const std::vector<std::string> &existInJson,
210         const std::string &key, bool existInPreJson, bool existInProvision);
211 
212     ErrCode ProcessBundleInfoByPrivilegeCapability(const AppPrivilegeCapability &appPrivilegeCapability,
213         InnerBundleInfo &innerBundleInfo);
214 
215     bool NeedCheckDependency(const Dependency &dependency, const InnerBundleInfo &info);
216 
217     bool FindModuleInInstallingPackage(
218         const std::string &moduleName,
219         const std::string &bundleName,
220         const std::unordered_map<std::string, InnerBundleInfo> &infos);
221 
222     bool FindModuleInInstalledPackage(
223         const std::string &moduleName,
224         const std::string &bundleName,
225         uint32_t versionCode);
226 
227     bool isContainEntry_ = false;
228 
229     void SetAppProvisionMetadata(const std::vector<Security::Verify::Metadata> &provisionMetadatas,
230         InnerBundleInfo &newInfo);
231 
232     bool CheckProxyPermissionLevel(const std::string &permissionName) const;
233     bool MatchOldSignatures(const std::string &bundleName, const std::vector<std::string> &appSignatures);
234     bool CheckProvisionInfoIsValid(const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes);
235 };
236 }  // namespace AppExecFwk
237 }  // namespace OHOS
238 #endif  // FOUNDATION_APPEXECFWK_SERVICES_BUNDLEMGR_INCLUDE_BUNDLE_INSTALL_CHECKER_H