1 /* 2 * Copyright (c) 2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef FOUNDATION_APPEXECFWK_SERVICES_BUNDLEMGR_INCLUDE_BUNDLE_INSTALL_CHECKER_H 17 #define FOUNDATION_APPEXECFWK_SERVICES_BUNDLEMGR_INCLUDE_BUNDLE_INSTALL_CHECKER_H 18 19 #include <memory> 20 #include <string> 21 #include <vector> 22 23 #include "app_privilege_capability.h" 24 #include "app_provision_info.h" 25 #include "appexecfwk_errors.h" 26 #include "bundle_pack_info.h" 27 #include "bundle_verify_mgr.h" 28 #include "inner_bundle_info.h" 29 #include "install_param.h" 30 31 namespace OHOS { 32 namespace AppExecFwk { 33 struct InstallCheckParam { 34 bool isPreInstallApp = false; 35 bool removable = true; 36 bool needSendEvent = true; 37 // status of install bundle permission 38 PermissionStatus installBundlePermissionStatus = PermissionStatus::NOT_VERIFIED_PERMISSION_STATUS; 39 // status of install enterprise bundle permission 40 PermissionStatus installEnterpriseBundlePermissionStatus = PermissionStatus::NOT_VERIFIED_PERMISSION_STATUS; 41 // status of install enterprise normal bundle permission 42 PermissionStatus installEtpNormalBundlePermissionStatus = PermissionStatus::NOT_VERIFIED_PERMISSION_STATUS; 43 // status of install enterprise mdm bundle permission 44 PermissionStatus installEtpMdmBundlePermissionStatus = PermissionStatus::NOT_VERIFIED_PERMISSION_STATUS; 45 // is shell token 46 bool isCallByShell = false; 47 Constants::AppType appType = Constants::AppType::THIRD_PARTY_APP; 48 int64_t crowdtestDeadline = Constants::INVALID_CROWDTEST_DEADLINE; // for crowdtesting type hap 49 std::string specifiedDistributionType; 50 }; 51 52 class BundleInstallChecker { 53 public: 54 /** 55 * @brief Check syscap. 56 * @param bundlePaths Indicates the file paths of all HAP packages. 57 * @return Returns ERR_OK if the syscap satisfy; returns error code otherwise. 58 */ 59 ErrCode CheckSysCap(const std::vector<std::string> &bundlePaths); 60 61 /** 62 * @brief Check signature info of multiple haps. 63 * @param bundlePaths Indicates the file paths of all HAP packages. 64 * @param hapVerifyRes Indicates the signature info. 65 * @param readFile Indicates using READ or MMAP to get content of the file. 66 * @return Returns ERR_OK if the every hap has signature info and all haps have same signature info. 67 */ 68 ErrCode CheckMultipleHapsSignInfo( 69 const std::vector<std::string> &bundlePaths, 70 std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes, bool readFile = false); 71 72 /** 73 * @brief To check the hap hash param. 74 * @param infos .Indicates all innerBundleInfo for all haps need to be installed. 75 * @param hashParams .Indicates all hashParams in installParam. 76 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 77 */ 78 ErrCode CheckHapHashParams( 79 std::unordered_map<std::string, InnerBundleInfo> &infos, 80 std::map<std::string, std::string> hashParams); 81 82 /** 83 * @brief To check the version code and bundleName in all haps. 84 * @param infos .Indicates all innerBundleInfo for all haps need to be installed. 85 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 86 */ 87 ErrCode CheckAppLabelInfo(const std::unordered_map<std::string, InnerBundleInfo> &infos); 88 /** 89 * @brief To check native file in all haps. 90 * @param infos .Indicates all innerBundleInfo for all haps need to be installed. 91 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 92 */ 93 ErrCode CheckMultiNativeFile(std::unordered_map<std::string, InnerBundleInfo> &infos); 94 /** 95 * @brief To check ark native file in all haps. 96 * @param infos .Indicates all innerBundleInfo for all haps need to be installed. 97 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 98 */ 99 ErrCode CheckMultiArkNativeFile(std::unordered_map<std::string, InnerBundleInfo> &infos); 100 /** 101 * @brief To check native so in all haps. 102 * @param infos .Indicates all innerBundleInfo for all haps need to be installed. 103 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 104 */ 105 ErrCode CheckMultiNativeSo(std::unordered_map<std::string, InnerBundleInfo> &infos); 106 /** 107 * @brief To parse hap files and to obtain innerBundleInfo of each hap. 108 * @param bundlePaths Indicates the file paths of all HAP packages. 109 * @param checkParam Indicates the install check parameters. 110 * @param hapVerifyRes Indicates all signature info of all haps. 111 * @param infos Indicates the innerBundleinfo of each hap. 112 * @return Returns ERR_OK if each hap is parsed successfully; returns error code otherwise. 113 */ 114 ErrCode ParseHapFiles( 115 const std::vector<std::string> &bundlePaths, 116 const InstallCheckParam &checkParam, 117 std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes, 118 std::unordered_map<std::string, InnerBundleInfo> &infos); 119 /** 120 * @brief To check dependency whether or not exists. 121 * @param infos Indicates all innerBundleInfo for all haps need to be installed. 122 * @return Returns ERR_OK if haps checking successfully; returns error code otherwise. 123 */ 124 ErrCode CheckDependency(std::unordered_map<std::string, InnerBundleInfo> &infos); 125 126 void ResetProperties(); 127 IsContainEntry()128 bool IsContainEntry() 129 { 130 return isContainEntry_; 131 } 132 133 ErrCode CheckHspInstallCondition(std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes); 134 135 ErrCode CheckInstallPermission(const InstallCheckParam &checkParam, 136 const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes); 137 138 bool VaildInstallPermission(const InstallParam &installParam, 139 const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes); 140 141 bool VaildEnterpriseInstallPermission(const InstallParam &installParam, 142 const Security::Verify::ProvisionInfo &provisionInfo); 143 144 bool VaildInstallPermissionForShare(const InstallCheckParam &checkParam, 145 const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes); 146 147 bool VaildEnterpriseInstallPermissionForShare(const InstallCheckParam &checkParam, 148 const Security::Verify::ProvisionInfo &provisionInfo); 149 150 ErrCode CheckModuleNameForMulitHaps(const std::unordered_map<std::string, InnerBundleInfo> &infos); 151 152 bool IsExistedDistroModule(const InnerBundleInfo &newInfo, const InnerBundleInfo &info) const; 153 154 bool IsContainModuleName(const InnerBundleInfo &newInfo, const InnerBundleInfo &info) const; 155 156 ErrCode CheckDeviceType(std::unordered_map<std::string, InnerBundleInfo> &infos) const; 157 158 AppProvisionInfo ConvertToAppProvisionInfo(const Security::Verify::ProvisionInfo &provisionInfo) const; 159 160 ErrCode CheckProxyDatas(const InnerBundleInfo &info) const; 161 162 ErrCode CheckIsolationMode(const std::unordered_map<std::string, InnerBundleInfo> &infos) const; 163 164 ErrCode CheckSignatureFileDir(const std::string &signatureFileDir) const; 165 166 ErrCode CheckDeveloperMode(const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes) const; 167 168 ErrCode CheckAllowEnterpriseBundle(const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes) const; 169 170 bool CheckEnterpriseBundle(Security::Verify::HapVerifyResult &hapVerifyRes) const; 171 bool CheckSupportAppTypes( 172 const std::unordered_map<std::string, InnerBundleInfo> &infos, const std::string &supportAppTypes) const; 173 174 std::string GetCheckResultMsg() const; 175 176 void SetCheckResultMsg(const std::string checkResultMsg); 177 178 private: 179 180 ErrCode ParseBundleInfo( 181 const std::string &bundleFilePath, 182 InnerBundleInfo &info, 183 BundlePackInfo &packInfo) const; 184 185 ErrCode CheckSystemSize( 186 const std::string &bundlePath, 187 const Constants::AppType appType) const; 188 189 void SetEntryInstallationFree( 190 const BundlePackInfo &bundlePackInfo, 191 InnerBundleInfo &innerBundleInfo); 192 193 void SetPackInstallationFree(BundlePackInfo &bundlePackInfo, const InnerBundleInfo &innerBundleInfo) const; 194 195 void CollectProvisionInfo( 196 const Security::Verify::ProvisionInfo &provisionInfo, 197 const AppPrivilegeCapability &appPrivilegeCapability, 198 InnerBundleInfo &newInfo); 199 200 void GetPrivilegeCapability( 201 const InstallCheckParam &checkParam, InnerBundleInfo &newInfo); 202 203 void ParseAppPrivilegeCapability( 204 const Security::Verify::ProvisionInfo &provisionInfo, 205 AppPrivilegeCapability &appPrivilegeCapability); 206 207 ErrCode CheckMainElement(const InnerBundleInfo &info); 208 209 ErrCode CheckBundleName(const std::string &provisionInfoBundleName, const std::string &bundleName); 210 211 void FetchPrivilegeCapabilityFromPreConfig( 212 const std::string &bundleName, 213 const std::vector<std::string> &appSignatures, 214 AppPrivilegeCapability &appPrivilegeCapability); 215 216 bool MatchSignature(const std::vector<std::string> &appSignatures, const std::string &signature); 217 218 bool GetPrivilegeCapabilityValue(const std::vector<std::string> &existInJson, 219 const std::string &key, bool existInPreJson, bool existInProvision); 220 221 ErrCode ProcessBundleInfoByPrivilegeCapability(const AppPrivilegeCapability &appPrivilegeCapability, 222 InnerBundleInfo &innerBundleInfo); 223 224 bool NeedCheckDependency(const Dependency &dependency, const InnerBundleInfo &info); 225 226 bool FindModuleInInstallingPackage( 227 const std::string &moduleName, 228 const std::string &bundleName, 229 const std::unordered_map<std::string, InnerBundleInfo> &infos); 230 231 bool FindModuleInInstalledPackage( 232 const std::string &moduleName, 233 const std::string &bundleName, 234 uint32_t versionCode); 235 236 bool isContainEntry_ = false; 237 238 void SetAppProvisionMetadata(const std::vector<Security::Verify::Metadata> &provisionMetadatas, 239 InnerBundleInfo &newInfo); 240 241 bool CheckProxyPermissionLevel(const std::string &permissionName) const; 242 bool MatchOldSignatures(const std::string &bundleName, const std::vector<std::string> &appSignatures); 243 bool CheckProvisionInfoIsValid(const std::vector<Security::Verify::HapVerifyResult> &hapVerifyRes); 244 std::tuple<bool, std::string, std::string> GetValidReleaseType( 245 const std::unordered_map<std::string, InnerBundleInfo> &infos); 246 void DetermineCloneNum(InnerBundleInfo &innerBundleInfo); 247 248 std::string checkResultMsg_ = ""; 249 }; 250 } // namespace AppExecFwk 251 } // namespace OHOS 252 #endif // FOUNDATION_APPEXECFWK_SERVICES_BUNDLEMGR_INCLUDE_BUNDLE_INSTALL_CHECKER_H