diff --git a/services/implementation/include/authentication/auth_message_processor.h b/services/implementation/include/authentication/auth_message_processor.h index b23468ec55810a8413baf0e40ed771aa34827fc3..d21279a34ad47be10783315c8473819e23a254e9 100644 --- a/services/implementation/include/authentication/auth_message_processor.h +++ b/services/implementation/include/authentication/auth_message_processor.h @@ -116,8 +116,8 @@ private: void CreatePublicKeyMessageExt(nlohmann::json &json); void ParsePublicKeyMessageExt(nlohmann::json &json); void GetJsonObj(nlohmann::json &jsonObj); - void CreateReqVersionMessage(nlohmann::json &jsonObj); - void ParseReqVersionMessage(nlohmann::json &json); + void CreateReqReCheckMessage(nlohmann::json &jsonObj); + void ParseReqReCheckMessage(nlohmann::json &json); private: std::weak_ptr authMgr_; diff --git a/services/implementation/include/authentication/auth_request_state.h b/services/implementation/include/authentication/auth_request_state.h index 62b659b0fd7b3597b6f936ca1d2f71efbd156c2f..d567bf18c31341bddca5b97380af41b5bfe91a3b 100644 --- a/services/implementation/include/authentication/auth_request_state.h +++ b/services/implementation/include/authentication/auth_request_state.h @@ -200,13 +200,13 @@ public: int32_t Enter() override; }; -class AuthRequestVersion : public AuthRequestState { +class AuthRequestReCheckMsg : public AuthRequestState { public: int32_t GetStateType() override; int32_t Enter() override; }; -class AuthRequestVersionDone : public AuthRequestState { +class AuthRequestReCheckMsgDone : public AuthRequestState { public: int32_t GetStateType() override; int32_t Enter() override; diff --git a/services/implementation/include/authentication/auth_response_state.h b/services/implementation/include/authentication/auth_response_state.h index 1335755a5fed2bcab9f6f25e4322028b5c3a9895..873d3fddfe98e5fae3b837bc83ff84789a40ad8c 100644 --- a/services/implementation/include/authentication/auth_response_state.h +++ b/services/implementation/include/authentication/auth_response_state.h @@ -119,7 +119,7 @@ public: int32_t Enter() override; }; -class AuthResponseVersion : public AuthResponseState { +class AuthResponseReCheckMsg : public AuthResponseState { public: int32_t GetStateType() override; int32_t Enter() override; diff --git a/services/implementation/include/authentication/dm_auth_manager.h b/services/implementation/include/authentication/dm_auth_manager.h index 3d0a431728cf5ec6e785c1d59fcabd95a845ba50..84522721e8abac1f71a34a70bb10d0d439d6fe93 100644 --- a/services/implementation/include/authentication/dm_auth_manager.h +++ b/services/implementation/include/authentication/dm_auth_manager.h @@ -48,8 +48,8 @@ typedef enum AuthState { AUTH_REQUEST_CREDENTIAL, AUTH_REQUEST_CREDENTIAL_DONE, AUTH_REQUEST_AUTH_FINISH, - AUTH_REQUEST_VERSION, - AUTH_REQUEST_VERSION_DONE, + AUTH_REQUEST_RECHECK_MSG, + AUTH_REQUEST_RECHECK_MSG_DONE, AUTH_RESPONSE_INIT = 20, AUTH_RESPONSE_NEGOTIATE, @@ -59,7 +59,7 @@ typedef enum AuthState { AUTH_RESPONSE_FINISH, AUTH_RESPONSE_CREDENTIAL, AUTH_RESPONSE_AUTH_FINISH, - AUTH_RESPONSE_VERSION, + AUTH_RESPONSE_RECHECK_MSG, } AuthState; enum DmMsgType : int32_t { @@ -79,8 +79,8 @@ enum DmMsgType : int32_t { MSG_TYPE_RESP_AUTH_EXT, MSG_TYPE_REQ_PUBLICKEY, MSG_TYPE_RESP_PUBLICKEY, - MSG_TYPE_REQ_VERSION, - MSG_TYPE_RESP_VERSION, + MSG_TYPE_REQ_RECHECK_MSG, + MSG_TYPE_RESP_RECHECK_MSG, MSG_TYPE_REQ_AUTH_DEVICE_NEGOTIATE = 600, MSG_TYPE_RESP_AUTH_DEVICE_NEGOTIATE = 700, }; @@ -189,6 +189,7 @@ typedef struct DmAuthResponseContext { std::string hostPkgLabel; bool isFinish = false; std::string edition; + int32_t localBindLevel; } DmAuthResponseContext; class AuthMessageProcessor; @@ -513,9 +514,9 @@ public: int32_t DeleteGroup(const std::string &pkgName, const std::string &deviceId); int32_t DeleteGroup(const std::string &pkgName, int32_t userId, const std::string &deviceId); int32_t StopAuthenticateDevice(const std::string &pkgName); - void RequestVersion(); - void ResponseVersion(); - void RequestVersionDone(); + void RequestReCheckMsg(); + void ResponseReCheckMsg(); + void RequestReCheckMsgDone(); private: int32_t ImportCredential(std::string &deviceId, std::string &publicKey); void GetAuthParam(const std::string &pkgName, int32_t authType, const std::string &deviceId, @@ -549,6 +550,8 @@ private: void SetProcessInfo(); int32_t GetCloseSessionDelaySeconds(std::string &delaySecondsStr); void ConverToFinish(); + bool IsSinkMsgValid(); + bool IsSourceMsgValid(); private: std::shared_ptr softbusConnector_; diff --git a/services/implementation/src/authentication/auth_message_processor.cpp b/services/implementation/src/authentication/auth_message_processor.cpp index 54c46dee24d0d9726ca1cb0912301c322ca3e86b..b67246a0b4afb00059c8509d13377ccd84db51e2 100644 --- a/services/implementation/src/authentication/auth_message_processor.cpp +++ b/services/implementation/src/authentication/auth_message_processor.cpp @@ -144,9 +144,9 @@ std::string AuthMessageProcessor::CreateSimpleMessage(int32_t msgType) case MSG_TYPE_RESP_PUBLICKEY: CreatePublicKeyMessageExt(jsonObj); break; - case MSG_TYPE_REQ_VERSION: - case MSG_TYPE_RESP_VERSION: - CreateReqVersionMessage(jsonObj); + case MSG_TYPE_REQ_RECHECK_MSG: + case MSG_TYPE_RESP_RECHECK_MSG: + CreateReqReCheckMessage(jsonObj); break; default: break; @@ -330,9 +330,9 @@ int32_t AuthMessageProcessor::ParseMessage(const std::string &message) case MSG_TYPE_RESP_PUBLICKEY: ParsePublicKeyMessageExt(jsonObject); break; - case MSG_TYPE_REQ_VERSION: - case MSG_TYPE_RESP_VERSION: - ParseReqVersionMessage(jsonObject); + case MSG_TYPE_REQ_RECHECK_MSG: + case MSG_TYPE_RESP_RECHECK_MSG: + ParseReqReCheckMessage(jsonObject); break; default: break; @@ -665,10 +665,16 @@ std::string AuthMessageProcessor::CreateDeviceAuthMessage(int32_t msgType, const return SafetyDump(jsonObj); } -void AuthMessageProcessor::CreateReqVersionMessage(nlohmann::json &jsonObj) +void AuthMessageProcessor::CreateReqReCheckMessage(nlohmann::json &jsonObj) { nlohmann::json jsonTemp; jsonTemp[TAG_EDITION] = authResponseContext_->edition; + jsonTemp[TAG_LOCAL_DEVICE_ID] = authResponseContext_->localDeviceId; + jsonTemp[TAG_LOCAL_USERID] = authResponseContext_->localUserId; + jsonTemp[TAG_LOCAL_ACCOUNTID] = authResponseContext_->localAccountId; + jsonTemp[TAG_TOKENID] = authResponseContext_->tokenId; + jsonTemp[TAG_BUNDLE_NAME] = authResponseContext_->bundleName; + jsonTemp[TAG_BIND_LEVEL] = authResponseContext_->bindLevel; std::string strTemp = SafetyDump(jsonTemp); std::string encryptStr = ""; CHECK_NULL_VOID(cryptoMgr_); @@ -679,7 +685,7 @@ void AuthMessageProcessor::CreateReqVersionMessage(nlohmann::json &jsonObj) jsonObj[TAG_CRYPTIC_MSG] = encryptStr; } -void AuthMessageProcessor::ParseReqVersionMessage(nlohmann::json &json) +void AuthMessageProcessor::ParseReqReCheckMessage(nlohmann::json &json) { std::string encryptStr = ""; if (IsString(json, TAG_CRYPTIC_MSG)) { @@ -687,6 +693,12 @@ void AuthMessageProcessor::ParseReqVersionMessage(nlohmann::json &json) } std::string decryptStr = ""; authResponseContext_->edition = ""; + authResponseContext_->localDeviceId = ""; + authResponseContext_->localUserId = 0; + authResponseContext_->localAccountId = ""; + authResponseContext_->tokenId = 0; + authResponseContext_->bundleName = ""; + authResponseContext_->localBindLevel = -1; CHECK_NULL_VOID(cryptoMgr_); if (cryptoMgr_->DecryptMessage(encryptStr, decryptStr) != DM_OK) { LOGE("DecryptMessage failed."); @@ -700,6 +712,24 @@ void AuthMessageProcessor::ParseReqVersionMessage(nlohmann::json &json) if (IsString(jsonObject, TAG_EDITION)) { authResponseContext_->edition = jsonObject[TAG_EDITION].get(); } + if (IsString(jsonObject, TAG_LOCAL_DEVICE_ID)) { + authResponseContext_->localDeviceId = jsonObject[TAG_LOCAL_DEVICE_ID].get(); + } + if (IsInt32(jsonObject, TAG_LOCAL_USERID)) { + authResponseContext_->localUserId = jsonObject[TAG_LOCAL_USERID].get(); + } + if (IsString(jsonObject, TAG_LOCAL_ACCOUNTID)) { + authResponseContext_->localAccountId = jsonObject[TAG_LOCAL_ACCOUNTID].get(); + } + if (IsInt64(jsonObject, TAG_TOKENID)) { + authResponseContext_->tokenId = jsonObject[TAG_TOKENID].get(); + } + if (IsString(jsonObject, TAG_BUNDLE_NAME)) { + authResponseContext_->bundleName = jsonObject[TAG_BUNDLE_NAME].get(); + } + if (IsInt32(jsonObject, TAG_BIND_LEVEL)) { + authResponseContext_->localBindLevel = jsonObject[TAG_BIND_LEVEL].get(); + } } int32_t AuthMessageProcessor::SaveSessionKey(const uint8_t *sessionKey, const uint32_t keyLen) @@ -714,4 +744,4 @@ void AuthMessageProcessor::SetEncryptFlag(bool flag) encryptFlag_ = flag; } } // namespace DistributedHardware -} // namespace OHOS +} // namespace OHOS \ No newline at end of file diff --git a/services/implementation/src/authentication/auth_request_state.cpp b/services/implementation/src/authentication/auth_request_state.cpp index 2a74286dc964ff47764ca2c3a6f567318a24438b..20bd1a9934bd1d3f6080f3aa12160d14cf3a7fcb 100644 --- a/services/implementation/src/authentication/auth_request_state.cpp +++ b/services/implementation/src/authentication/auth_request_state.cpp @@ -215,35 +215,35 @@ int32_t AuthRequestAuthFinish::Enter() return DM_OK; } -int32_t AuthRequestVersion::GetStateType() +int32_t AuthRequestReCheckMsg::GetStateType() { - return AuthState::AUTH_REQUEST_VERSION; + return AuthState::AUTH_REQUEST_RECHECK_MSG; } -int32_t AuthRequestVersion::Enter() +int32_t AuthRequestReCheckMsg::Enter() { std::shared_ptr stateAuthManager = authManager_.lock(); if (stateAuthManager == nullptr) { LOGE("AuthRequestState::authManager_ null"); return ERR_DM_FAILED; } - stateAuthManager->RequestVersion(); + stateAuthManager->RequestReCheckMsg(); return DM_OK; } -int32_t AuthRequestVersionDone::GetStateType() +int32_t AuthRequestReCheckMsgDone::GetStateType() { - return AuthState::AUTH_REQUEST_VERSION_DONE; + return AuthState::AUTH_REQUEST_RECHECK_MSG_DONE; } -int32_t AuthRequestVersionDone::Enter() +int32_t AuthRequestReCheckMsgDone::Enter() { std::shared_ptr stateAuthManager = authManager_.lock(); if (stateAuthManager == nullptr) { LOGE("AuthRequestState::authManager_ null"); return ERR_DM_FAILED; } - stateAuthManager->RequestVersionDone(); + stateAuthManager->RequestReCheckMsgDone(); return DM_OK; } } // namespace DistributedHardware diff --git a/services/implementation/src/authentication/auth_response_state.cpp b/services/implementation/src/authentication/auth_response_state.cpp index f8b5214dabd8e3d814c9f059dcec43e851241ebe..7f969dac28975bb3f03b4acfff3bf9387087e87c 100644 --- a/services/implementation/src/authentication/auth_response_state.cpp +++ b/services/implementation/src/authentication/auth_response_state.cpp @@ -179,19 +179,19 @@ int32_t AuthResponseAuthFinish::Enter() return DM_OK; } -int32_t AuthResponseVersion::GetStateType() +int32_t AuthResponseReCheckMsg::GetStateType() { - return AuthState::AUTH_RESPONSE_VERSION; + return AuthState::AUTH_RESPONSE_RECHECK_MSG; } -int32_t AuthResponseVersion::Enter() +int32_t AuthResponseReCheckMsg::Enter() { std::shared_ptr stateAuthManager = authManager_.lock(); if (stateAuthManager == nullptr) { LOGE("AuthResponseCredential authManager_ is null"); return ERR_DM_FAILED; } - stateAuthManager->ResponseVersion(); + stateAuthManager->ResponseReCheckMsg(); return DM_OK; } } // namespace DistributedHardware diff --git a/services/implementation/src/authentication/dm_auth_manager.cpp b/services/implementation/src/authentication/dm_auth_manager.cpp index c4ec173f814ae40f2e47b4ff7e2a8067f37da056..b4ee47fd25a4ab3987922d1df27362c6fa1ad501 100644 --- a/services/implementation/src/authentication/dm_auth_manager.cpp +++ b/services/implementation/src/authentication/dm_auth_manager.cpp @@ -207,7 +207,7 @@ void DmAuthManager::GetAuthParam(const std::string &pkgName, int32_t authType, authRequestContext_->deviceId = deviceId; authRequestContext_->addr = deviceId; authRequestContext_->dmVersion = DM_VERSION_5_0_3; - uint32_t tokenId; + uint32_t tokenId = 0 ; MultipleUserConnector::GetTokenIdAndForegroundUserId(tokenId, authRequestContext_->localUserId); authRequestContext_->tokenId = static_cast(tokenId); authRequestContext_->localAccountId = @@ -462,8 +462,7 @@ void DmAuthManager::DeleteOffLineTimer(int32_t sessionId) void DmAuthManager::OnSessionOpened(int32_t sessionId, int32_t sessionSide, int32_t result) { - LOGI("DmAuthManager::OnSessionOpened, sessionId = %{public}d and sessionSide = %{public}d result = %{public}d", - sessionId, sessionSide, result); + LOGI("sessionId = %{public}d and sessionSide = %{public}d result = %{public}d", sessionId, sessionSide, result); DeleteOffLineTimer(sessionId); if (sessionSide == AUTH_SESSION_SIDE_SERVER) { if (authResponseState_ == nullptr && authRequestState_ == nullptr) { @@ -472,6 +471,7 @@ void DmAuthManager::OnSessionOpened(int32_t sessionId, int32_t sessionSide, int3 authResponseState_->SetAuthManager(shared_from_this()); authResponseState_->Enter(); authResponseContext_ = std::make_shared(); + authResponseContext_->sessionId = sessionId; if (timer_ == nullptr) { timer_ = std::make_shared(); } @@ -491,19 +491,19 @@ void DmAuthManager::OnSessionOpened(int32_t sessionId, int32_t sessionSide, int3 authMessageProcessor->SetResponseContext(authResponseContext); std::string message = authMessageProcessor->CreateSimpleMessage(MSG_TYPE_REQ_AUTH_TERMINATE); softbusConnector_->GetSoftbusSession()->SendData(sessionId, message); + softbusConnector_->GetSoftbusSession()->CloseAuthSession(sessionId); } } else { if (authResponseState_ == nullptr && authRequestState_ != nullptr && authRequestState_->GetStateType() == AuthState::AUTH_REQUEST_INIT) { authRequestContext_->sessionId = sessionId; + authResponseContext_->sessionId = sessionId; authMessageProcessor_->SetRequestContext(authRequestContext_); authRequestState_->SetAuthContext(authRequestContext_); authRequestState_->TransitionTo(std::make_shared()); struct RadarInfo info = { .funcName = "OnSessionOpened" }; info.channelId = sessionId; - if (!DmRadarHelper::GetInstance().ReportAuthSendRequest(info)) { - LOGE("ReportAuthSendRequest failed"); - } + DmRadarHelper::GetInstance().ReportAuthSendRequest(info); } else { softbusConnector_->GetSoftbusSession()->CloseAuthSession(sessionId); LOGE("DmAuthManager::OnSessionOpened but request state is wrong"); @@ -547,9 +547,9 @@ void DmAuthManager::ProcessSourceMsg() authRequestState_->TransitionTo(std::make_shared()); } break; - case MSG_TYPE_RESP_VERSION: - if (authRequestState_->GetStateType() == AuthState::AUTH_REQUEST_VERSION) { - authRequestState_->TransitionTo(std::make_shared()); + case MSG_TYPE_RESP_RECHECK_MSG: + if (authRequestState_->GetStateType() == AuthState::AUTH_REQUEST_RECHECK_MSG) { + authRequestState_->TransitionTo(std::make_shared()); } break; default: @@ -588,13 +588,13 @@ void DmAuthManager::ProcessSinkMsg() break; case MSG_TYPE_REQ_PUBLICKEY: if (authResponseState_->GetStateType() == AuthState::AUTH_RESPONSE_AUTH_FINISH || - authResponseState_->GetStateType() == AuthState::AUTH_RESPONSE_VERSION) { + authResponseState_->GetStateType() == AuthState::AUTH_RESPONSE_RECHECK_MSG) { authResponseState_->TransitionTo(std::make_shared()); } break; - case MSG_TYPE_REQ_VERSION: + case MSG_TYPE_REQ_RECHECK_MSG: if (authResponseState_->GetStateType() == AuthState::AUTH_RESPONSE_AUTH_FINISH) { - authResponseState_->TransitionTo(std::make_shared()); + authResponseState_->TransitionTo(std::make_shared()); } break; default: @@ -604,7 +604,10 @@ void DmAuthManager::ProcessSinkMsg() void DmAuthManager::OnDataReceived(const int32_t sessionId, const std::string message) { - if (authResponseContext_ == nullptr || authMessageProcessor_ == nullptr) { + LOGI("sessionId %{public}d, authResponseContext_->sessionId %{public}d.", sessionId, + authResponseContext_->sessionId); + if (authResponseContext_ == nullptr || authMessageProcessor_ == nullptr || + sessionId != authResponseContext_->sessionId) { LOGE("OnDataReceived failed, authResponseContext or authMessageProcessor_ is nullptr."); return; } @@ -685,6 +688,10 @@ void DmAuthManager::OnMemberJoin(int64_t requestId, int32_t status) } else { if (++authTimes_ >= MAX_AUTH_TIMES) { authResponseContext_->isFinish = false; + authResponseContext_->reply = ERR_DM_BIND_PIN_CODE_ERROR; + authResponseContext_->state = AuthState::AUTH_RESPONSE_SHOW; + isFinishOfLocal_ = false; + authResponseState_->TransitionTo(std::make_shared()); } } } else { @@ -997,12 +1004,7 @@ void DmAuthManager::GetAuthRequestContext() } else { authResponseContext_->isOnline = false; } - bool haveCredential = hiChainAuthConnector_->QueryCredential(remoteDeviceId_, authRequestContext_->localUserId); - if (authResponseContext_->haveCredential && haveCredential) { - authResponseContext_->haveCredential = true; - } else { - authResponseContext_->haveCredential = false; - } + authResponseContext_->haveCredential = false; } void DmAuthManager::ProcessAuthRequestExt(const int32_t &sessionId) @@ -1965,9 +1967,9 @@ void DmAuthManager::GenerateCredential(std::string &publicKey) GetDevUdid(localDeviceId, DEVICE_UUID_LENGTH); std::string localUdid = localDeviceId; int32_t osAccountId = MultipleUserConnector::GetCurrentAccountUserID(); - hiChainAuthConnector_->GenerateCredential(localUdid, osAccountId, publicKey); + hiChainAuthConnector_->GetCredential(localUdid, osAccountId, publicKey); if (publicKey == "") { - hiChainAuthConnector_->GetCredential(localUdid, osAccountId, publicKey); + hiChainAuthConnector_->GenerateCredential(localUdid, osAccountId, publicKey); } } @@ -1975,9 +1977,9 @@ void DmAuthManager::RequestCredentialDone() { LOGI("DmAuthManager ExchangeCredentailDone start"); CHECK_NULL_VOID(authResponseContext_); - if (authResponseContext_->publicKey != "" && + if (authResponseContext_->publicKey == "" || ImportCredential(remoteDeviceId_, authResponseContext_->publicKey) != DM_OK) { - LOGE("ResponseCredential import credential failed."); + LOGE("RequestCredentialDone import credential failed."); } if (timer_ != nullptr) { timer_->DeleteTimer(std::string(AUTHENTICATE_TIMEOUT_TASK)); @@ -2008,10 +2010,13 @@ void DmAuthManager::ResponseCredential() authResponseState_->TransitionTo(std::make_shared()); softbusConnector_->GetSoftbusSession()->CloseAuthSession(authResponseContext_->sessionId); } + PutAccessControlList(); std::string publicKey = ""; GenerateCredential(publicKey); if (ImportCredential(remoteDeviceId_, authResponseContext_->publicKey) != DM_OK) { LOGE("ResponseCredential import credential failed."); + authResponseState_->TransitionTo(std::make_shared()); + softbusConnector_->GetSoftbusSession()->CloseAuthSession(authResponseContext_->sessionId); } authResponseContext_->publicKey = publicKey; std::string message = authMessageProcessor_->CreateSimpleMessage(MSG_TYPE_RESP_PUBLICKEY); @@ -2066,7 +2071,7 @@ void DmAuthManager::SrcAuthDeviceFinish() } softbusConnector_->HandleDeviceOnline(remoteDeviceId_, authForm_); if (CompareVersion(remoteVersion_, std::string(DM_VERSION_5_0_2))) { - authRequestState_->TransitionTo(std::make_shared()); + authRequestState_->TransitionTo(std::make_shared()); } else { authRequestState_->TransitionTo(std::make_shared()); } @@ -2082,7 +2087,7 @@ void DmAuthManager::SrcAuthDeviceFinish() if (!authResponseContext_->isOnline && !authResponseContext_->haveCredential) { authUiStateMgr_->UpdateUiState(DmUiStateMsg::MSG_CANCEL_PIN_CODE_INPUT); if (CompareVersion(remoteVersion_, std::string(DM_VERSION_5_0_2))) { - authRequestState_->TransitionTo(std::make_shared()); + authRequestState_->TransitionTo(std::make_shared()); } else { authRequestState_->TransitionTo(std::make_shared()); } @@ -2118,12 +2123,12 @@ void DmAuthManager::AuthDeviceFinish(int64_t requestId) if (CompareVersion(remoteVersion_, std::string(DM_VERSION_5_0_2))) { LOGI("Set EncryptFlag true."); authMessageProcessor_->SetEncryptFlag(true); + } else { + PutAccessControlList(); } if (authRequestState_ != nullptr && authResponseState_ == nullptr) { - PutAccessControlList(); SrcAuthDeviceFinish(); } else if (authRequestState_ == nullptr && authResponseState_ != nullptr) { - PutAccessControlList(); SinkAuthDeviceFinish(); } } @@ -2133,7 +2138,15 @@ void DmAuthManager::AuthDeviceError(int64_t requestId, int32_t errorCode) LOGI("AuthDeviceError start."); isAuthDevice_ = false; if (authRequestState_ == nullptr || authResponseState_ != nullptr) { - LOGD("AuthDeviceError sink return."); + authTimes_++; + LOGI("AuthDeviceError sink authTimes %{public}d.", authTimes_); + if (authTimes_ >= MAX_AUTH_TIMES) { + authResponseContext_->isFinish = false; + authResponseContext_->reply = ERR_DM_AUTH_CODE_INCORRECT; + authResponseContext_->state = AuthState::AUTH_RESPONSE_SHOW; + isFinishOfLocal_ = false; + authResponseState_->TransitionTo(std::make_shared()); + } return; } if (authResponseContext_->authType == AUTH_TYPE_IMPORT_AUTH_CODE) { @@ -2262,7 +2275,8 @@ void DmAuthManager::ProcRespNegotiateExt(const int32_t &sessionId) authResponseContext_->isOnline = softbusConnector_->CheckIsOnline(remoteDeviceId_); authResponseContext_->haveCredential = - hiChainAuthConnector_->QueryCredential(authResponseContext_->deviceId, authResponseContext_->localUserId); + hiChainAuthConnector_->QueryCredential(authResponseContext_->deviceId, + MultipleUserConnector::GetFirstForegroundUserId()); if (!IsAuthTypeSupported(authResponseContext_->authType)) { LOGE("DmAuthManager::AuthenticateDevice authType %{public}d not support.", authResponseContext_->authType); authResponseContext_->reply = ERR_DM_UNSUPPORTED_AUTH_TYPE; @@ -2330,7 +2344,10 @@ void DmAuthManager::ProcIncompatible(const int32_t &sessionId) void DmAuthManager::OnAuthDeviceDataReceived(const int32_t sessionId, const std::string message) { - if (authResponseContext_ == nullptr || authMessageProcessor_ == nullptr || hiChainAuthConnector_ == nullptr) { + LOGI("sessionId %{public}d, authResponseContext_->sessionId %{public}d.", sessionId, + authResponseContext_->sessionId); + if (authResponseContext_ == nullptr || authMessageProcessor_ == nullptr || hiChainAuthConnector_ == nullptr || + authResponseContext_->sessionId != sessionId) { LOGE("OnAuthDeviceDataReceived param is invalid"); return; } @@ -2418,19 +2435,19 @@ void DmAuthManager::PutAccessControlList() DmAccessee accessee; accessee.trustBundleName = authResponseContext_->peerBundleName; if (authRequestState_ != nullptr && authResponseState_ == nullptr) { - accesser.requestTokenId = static_cast(authResponseContext_->tokenId); + accesser.requestTokenId = static_cast(authRequestContext_->tokenId); accesser.requestUserId = authRequestContext_->localUserId; accesser.requestAccountId = authRequestContext_->localAccountId; accesser.requestDeviceId = authRequestContext_->localDeviceId; accessee.trustTokenId = static_cast(authResponseContext_->remoteTokenId); accessee.trustUserId = authRequestContext_->remoteUserId; accessee.trustAccountId = authRequestContext_->remoteAccountId; - accessee.trustDeviceId = authResponseContext_->deviceId; + accessee.trustDeviceId = remoteDeviceId_; } else if (authRequestState_ == nullptr && authResponseState_ != nullptr) { accesser.requestTokenId = static_cast(authResponseContext_->remoteTokenId); accesser.requestUserId = authResponseContext_->remoteUserId; accesser.requestAccountId = authResponseContext_->remoteAccountId; - accesser.requestDeviceId = authResponseContext_->localDeviceId; + accesser.requestDeviceId = remoteDeviceId_; accessee.trustTokenId = static_cast(authResponseContext_->tokenId); accessee.trustUserId = authResponseContext_->localUserId; accessee.trustAccountId = authResponseContext_->localAccountId; @@ -2732,20 +2749,32 @@ void DmAuthManager::ConverToFinish() authRequestState_->TransitionTo(std::make_shared()); } -void DmAuthManager::RequestVersion() +void DmAuthManager::RequestReCheckMsg() { LOGI("dmVersion %{public}s.", DM_VERSION_5_0_3); + char localDeviceId[DEVICE_UUID_LENGTH] = {0}; + GetDevUdid(localDeviceId, DEVICE_UUID_LENGTH); + uint32_t tokenId = 0; + int32_t localUserId = 0; + MultipleUserConnector::GetTokenIdAndForegroundUserId(tokenId, localUserId); + std::string localAccountId = MultipleUserConnector::GetOhosAccountIdByUserId(localUserId); authResponseContext_->edition = DM_VERSION_5_0_3; + authResponseContext_->localDeviceId = static_cast(localDeviceId); + authResponseContext_->localUserId = localUserId; + authResponseContext_->localAccountId = localAccountId; + authResponseContext_->tokenId = authRequestContext_->tokenId; + authResponseContext_->bundleName = authRequestContext_->hostPkgName; + authResponseContext_->bindLevel = authRequestContext_->bindLevel; authMessageProcessor_->SetResponseContext(authResponseContext_); - std::string message = authMessageProcessor_->CreateSimpleMessage(MSG_TYPE_REQ_VERSION); + std::string message = authMessageProcessor_->CreateSimpleMessage(MSG_TYPE_REQ_RECHECK_MSG); softbusConnector_->GetSoftbusSession()->SendData(authResponseContext_->sessionId, message); } -void DmAuthManager::ResponseVersion() +void DmAuthManager::ResponseReCheckMsg() { LOGI("remoteVersion %{public}s, authResponseContext_->edition %{public}s.", remoteVersion_.c_str(), authResponseContext_->edition.c_str()); - if (authResponseContext_->edition != remoteVersion_) { + if (!IsSinkMsgValid()) { LOGE("peer deviceId not trust."); authResponseContext_->isFinish = false; isFinishOfLocal_ = false; @@ -2755,17 +2784,28 @@ void DmAuthManager::ResponseVersion() softbusConnector_->GetSoftbusSession()->CloseAuthSession(sessionId); return; } + char localDeviceId[DEVICE_UUID_LENGTH] = {0}; + GetDevUdid(localDeviceId, DEVICE_UUID_LENGTH); authResponseContext_->edition = DM_VERSION_5_0_3; + authResponseContext_->localDeviceId = std::string(localDeviceId); + authResponseContext_->localUserId = MultipleUserConnector::GetFirstForegroundUserId(); + authResponseContext_->localAccountId = + MultipleUserConnector::GetOhosAccountIdByUserId(authResponseContext_->localUserId); + if (AppManager::GetInstance().GetHapTokenIdByName(authResponseContext_->localUserId, + authResponseContext_->peerBundleName, 0, authResponseContext_->tokenId) != DM_OK) { + LOGE("get tokenId by bundleName failed %{public}s", GetAnonyString(authResponseContext_->bundleName).c_str()); + } + authResponseContext_->bundleName = authResponseContext_->peerBundleName; authMessageProcessor_->SetEncryptFlag(true); - std::string message = authMessageProcessor_->CreateSimpleMessage(MSG_TYPE_RESP_VERSION); + std::string message = authMessageProcessor_->CreateSimpleMessage(MSG_TYPE_RESP_RECHECK_MSG); softbusConnector_->GetSoftbusSession()->SendData(authResponseContext_->sessionId, message); } -void DmAuthManager::RequestVersionDone() +void DmAuthManager::RequestReCheckMsgDone() { LOGI("remoteVersion %{public}s, authResponseContext_->edition %{public}s.", remoteVersion_.c_str(), authResponseContext_->edition.c_str()); - if (authResponseContext_->edition != remoteVersion_) { + if (!IsSourceMsgValid()) { LOGE("peer deviceId not trust."); authResponseContext_->isFinish = false; isFinishOfLocal_ = false; @@ -2773,7 +2813,37 @@ void DmAuthManager::RequestVersionDone() authRequestState_->TransitionTo(std::make_shared()); return; } + PutAccessControlList(); authRequestState_->TransitionTo(std::make_shared()); } + +bool DmAuthManager::IsSinkMsgValid() +{ + if (authResponseContext_->edition != remoteVersion_ || + authResponseContext_->localDeviceId != remoteDeviceId_ || + authResponseContext_->localUserId != authResponseContext_->remoteUserId || + authResponseContext_->localAccountId != authResponseContext_->remoteAccountId || + authResponseContext_->tokenId != authResponseContext_->remoteTokenId || + authResponseContext_->bundleName != authResponseContext_->hostPkgName || + authResponseContext_->localBindLevel != authResponseContext_->bindLevel) { + return false; + } + return true; +} + +bool DmAuthManager::IsSourceMsgValid() +{ + if (authResponseContext_->edition != remoteVersion_ || + authResponseContext_->localDeviceId != remoteDeviceId_ || + authResponseContext_->localUserId != authRequestContext_->remoteUserId || + authResponseContext_->localAccountId != authRequestContext_->remoteAccountId || + authResponseContext_->tokenId != authResponseContext_->remoteTokenId || + authResponseContext_->bundleName != authResponseContext_->peerBundleName || + authResponseContext_->localBindLevel != authResponseContext_->bindLevel) { + return false; + } + authResponseContext_->localAccountId = authRequestContext_->localAccountId; + return true; +} } // namespace DistributedHardware } // namespace OHOS