From c6e480c97d38ad608427954f64bdb88dc1d2b3c2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=BC=A0=E8=B7=83=E8=80=80?= Date: Mon, 20 Jan 2025 15:31:00 +0800 Subject: [PATCH 01/17] Fix IS proofType MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 张跃耀 --- .../legacy/creds_manager/src/creds_manager.c | 100 ++++++++++++------ .../identity_manager/inc/identity_defines.h | 2 +- .../inc/session/v2/dev_session_util.h | 2 +- .../src/session/v2/dev_session_util.c | 46 ++++++-- .../src/session/v2/dev_session_v2.c | 18 ++-- 5 files changed, 111 insertions(+), 57 deletions(-) diff --git a/services/legacy/creds_manager/src/creds_manager.c b/services/legacy/creds_manager/src/creds_manager.c index 9ff19f51..d0920ece 100644 --- a/services/legacy/creds_manager/src/creds_manager.c +++ b/services/legacy/creds_manager/src/creds_manager.c @@ -243,45 +243,70 @@ int32_t GetSharedSecretByPeerCert( return authIdentity->getSharedSecretByPeerCert(in, peerCertInfo, protocolType, sharedSecret); } +static int32_t ConvertISProofTypeToCertType(uint32_t protocolType, IdentityProofType *returnType) +{ + if (protocolType == PROOF_TYPE_PSK) { + *returnType = CERTIFICATED; + return IS_SUCCESS; + } else if (protocolType == PROOF_TYPE_PKI) { + *returnType = PRE_SHARED; + return IS_SUCCESS; + } + return IS_ERR_NOT_SUPPORT; +} + +static int32_t ConvertISAlgToCertAlg(uint32_t alg, Algorithm *returnAlg) +{ + if (alg == ALG_TYPE_P256) { + *returnAlg = P256; + return IS_SUCCESS; + } + return IS_ERR_NOT_SUPPORT; +} + static int32_t GetCertInfoIS(int32_t osAccountId, const CJson *credAuthInfo, CertInfo *certInfo) { const char *userId = GetStringFromJson(credAuthInfo, FIELD_USER_ID); if (userId == NULL) { LOGE("Failed to get user ID!"); - return HC_ERR_JSON_GET; + return IS_ERR_JSON_GET; } const char *authId = GetStringFromJson(credAuthInfo, FIELD_DEVICE_ID); if (authId == NULL) { LOGE("Failed to get auth ID!"); - return HC_ERR_JSON_GET; + return IS_ERR_JSON_GET; } AccountToken *token = CreateAccountToken(); if (token == NULL) { LOGE("Failed to create account token!"); - return HC_ERR_ALLOC_MEMORY; + return IS_ERR_ALLOC_MEMORY; } int32_t ret = GetAccountAuthTokenManager()->getToken(osAccountId, token, userId, authId); - if (ret != HC_SUCCESS) { + if (ret != IS_SUCCESS) { LOGE("Failed to get account token!"); DestroyAccountToken(token); return ret; } ret = GenerateCertInfo(&token->pkInfoStr, &token->pkInfoSignature, certInfo); DestroyAccountToken(token); - if (ret != HC_SUCCESS) { + if (ret != IS_SUCCESS) { LOGE("Failed to generate cert info!"); return ret; } uint32_t signAlg = 0; - if (GetUnsignedIntFromJson(credAuthInfo, FIELD_ALGORITHM_TYPE, &signAlg) != HC_SUCCESS) { + if (GetUnsignedIntFromJson(credAuthInfo, FIELD_ALGORITHM_TYPE, &signAlg) != IS_SUCCESS) { LOGE("Failed to get algorithm type!"); - return HC_ERR_JSON_GET; + return IS_ERR_JSON_GET; + } + ret = ConvertISAlgToCertAlg(sigAlg, &certInfo->signAlg); + if (ret != IS_SUCCESS) { + LOGE("unsupport algorithm type!"); + return ret; } - certInfo->signAlg = signAlg; certInfo->isPseudonym = true; - return HC_SUCCESS; + return IS_SUCCESS; } static int32_t SetPreShareUrl(const CJson *context, const CJson *credAuthInfo, IdentityInfo *info) @@ -289,13 +314,13 @@ static int32_t SetPreShareUrl(const CJson *context, const CJson *credAuthInfo, I CJson *preShareUrl = CreateJson(); if (preShareUrl == NULL) { LOGE("create preShareUrl failed!"); - return HC_ERR_ALLOC_MEMORY; + return IS_ERR_ALLOC_MEMORY; } int32_t credType = 0; - if (GetIntFromJson(credAuthInfo, FIELD_CRED_TYPE, &credType) != HC_SUCCESS) { + if (GetIntFromJson(credAuthInfo, FIELD_CRED_TYPE, &credType) != IS_SUCCESS) { LOGE("Get cred type failed!"); FreeJson(preShareUrl); - return HC_ERR_JSON_GET; + return IS_ERR_JSON_GET; } const char *pinCode = GetStringFromJson(context, FIELD_PIN_CODE); TrustType trustType; @@ -306,37 +331,37 @@ static int32_t SetPreShareUrl(const CJson *context, const CJson *credAuthInfo, I } else { trustType = TRUST_TYPE_P2P; } - if (AddIntToJson(preShareUrl, PRESHARED_URL_TRUST_TYPE, trustType) != HC_SUCCESS) { + if (AddIntToJson(preShareUrl, PRESHARED_URL_TRUST_TYPE, trustType) != IS_SUCCESS) { LOGE("Failed to add preshared url trust type!"); FreeJson(preShareUrl); - return HC_ERR_JSON_ADD; + return IS_ERR_JSON_ADD; } info->proof.preSharedUrl.val = (uint8_t *)PackJsonToString(preShareUrl); FreeJson(preShareUrl); if (info->proof.preSharedUrl.val == NULL) { LOGE("Failed to pack preShareUrl string!"); - return HC_ERR_PACKAGE_JSON_TO_STRING_FAIL; + return IS_ERR_PACKAGE_JSON_TO_STRING_FAIL; } info->proof.preSharedUrl.length = HcStrlen((const char *)info->proof.preSharedUrl.val); - return HC_SUCCESS; + return IS_SUCCESS; } static int32_t SetIdentityProof(const CJson *context, const CJson *credAuthInfo, IdentityInfo *info) { - int32_t res = HC_ERROR; + int32_t res = IS_ERROR; if (info->proofType == PRE_SHARED) { res = SetPreShareUrl(context, credAuthInfo, info); - if (res != HC_SUCCESS) { + if (res != IS_SUCCESS) { LOGE("Failed to set preshare url"); } } else { int32_t osAccountId = 0; - if (GetIntFromJson(context, FIELD_OS_ACCOUNT_ID, &osAccountId) != HC_SUCCESS) { + if (GetIntFromJson(context, FIELD_OS_ACCOUNT_ID, &osAccountId) != IS_SUCCESS) { LOGE("Failed to get osAccountId!"); - return HC_ERR_JSON_GET; + return IS_ERR_JSON_GET; } res = GetCertInfoIS(osAccountId, credAuthInfo, &info->proof.certInfo); - if (res != HC_SUCCESS) { + if (res != IS_SUCCESS) { LOGE("Failed to get cert info!"); } } @@ -348,7 +373,7 @@ static int32_t SetProtocolEntityIS(IdentityInfo *info) ProtocolEntity *entity = (ProtocolEntity *)HcMalloc(sizeof(ProtocolEntity), 0); if (entity == NULL) { LOGE("Failed to alloc memory for protocol entity!"); - return HC_ERR_ALLOC_MEMORY; + return IS_ERR_ALLOC_MEMORY; } if (info->proofType == PRE_SHARED) { #ifdef ENABLE_ACCOUNT_AUTH_ISO @@ -357,7 +382,7 @@ static int32_t SetProtocolEntityIS(IdentityInfo *info) #else LOGE("ISO not support!"); HcFree(entity); - return HC_ERR_NOT_SUPPORT; + return IS_ERR_NOT_SUPPORT; #endif } else if (info->proofType == CERTIFICATED) { #ifdef ENABLE_ACCOUNT_AUTH_EC_SPEKE @@ -366,59 +391,64 @@ static int32_t SetProtocolEntityIS(IdentityInfo *info) #else LOGE("ec speke not support!"); HcFree(entity); - return HC_ERR_NOT_SUPPORT; + return IS_ERR_NOT_SUPPORT; #endif } else { LOGE("unknown proof type!"); HcFree(entity); - return HC_ERR_INVALID_PARAMS; + return IS_ERR_INVALID_PARAMS; } if (info->protocolVec.pushBack(&info->protocolVec, (const ProtocolEntity **)&entity) == NULL) { HcFree(entity); LOGE("Failed to push protocol entity!"); - return HC_ERR_ALLOC_MEMORY; + return IS_ERR_ALLOC_MEMORY; } - return HC_SUCCESS; + return IS_SUCCESS; } int32_t GetIdentityInfoIS(const CJson *context, IdentityInfo **returnInfo) { if (context == NULL || returnInfo == NULL) { LOGE("Invalid input params!"); - return HC_ERR_INVALID_PARAMS; + return IS_ERR_INVALID_PARAMS; } CJson *credAuthInfo = GetObjFromJson(context, FIELD_SELF_CREDENTIAL_OBJ); if (credAuthInfo == NULL) { LOGE("Get self credAuthInfo fail."); - return HC_ERR_JSON_GET; + return IS_ERR_JSON_GET; } IdentityInfo *info = CreateIdentityInfo(); if (info == NULL) { LOGE("Failed to alloc memory for IdentityInfo!"); - return HC_ERR_JSON_GET; + return IS_ERR_JSON_GET; } info->IdInfoType = DEFAULT_ID_TYPE; - int res = HC_ERROR; + int res = IS_ERROR; do { uint32_t proofType = 0; res = GetUnsignedIntFromJson(credAuthInfo, FIELD_PROOF_TYPE, &proofType); info->proofType = proofType; - if (res != HC_SUCCESS) { + if (res != IS_SUCCESS) { LOGE("Get proofType fail."); break; } + res = ConvertISProofTypeToCertType(proofType, &info->proofType); + if (res != IS_SUCCESS) { + LOGE("unsupport proof type!"); + return res; + } res = SetIdentityProof(context, credAuthInfo, info); - if (res != HC_SUCCESS) { + if (res != IS_SUCCESS) { LOGE("Failed to get protocol entity!"); break; } res = SetProtocolEntityIS(info); - if (res != HC_SUCCESS) { + if (res != IS_SUCCESS) { LOGE("Failed to get protocol entity!"); break; } } while (0); - if (res != HC_SUCCESS) { + if (res != IS_SUCCESS) { DestroyIdentityInfo(info); return res; } diff --git a/services/legacy/identity_manager/inc/identity_defines.h b/services/legacy/identity_manager/inc/identity_defines.h index 50e77e1c..2eda36f5 100644 --- a/services/legacy/identity_manager/inc/identity_defines.h +++ b/services/legacy/identity_manager/inc/identity_defines.h @@ -56,7 +56,7 @@ typedef enum { KEY_TYPE_SYM, KEY_TYPE_ASYM } KeyType; typedef enum { TRUST_TYPE_PIN, TRUST_TYPE_P2P, TRUST_TYPE_UID } TrustType; -typedef enum { PRE_SHARED = 1, CERTIFICATED = 2 } IdentityProofType; +typedef enum { PRE_SHARED, CERTIFICATED } IdentityProofType; typedef enum { ALG_EC_SPEKE = 0x0001, ALG_DL_SPEKE = 0x0002, ALG_ISO = 0x0004 } ProtocolAlgType; diff --git a/services/session_manager/inc/session/v2/dev_session_util.h b/services/session_manager/inc/session/v2/dev_session_util.h index 1bfcf392..a9c163b3 100644 --- a/services/session_manager/inc/session/v2/dev_session_util.h +++ b/services/session_manager/inc/session/v2/dev_session_util.h @@ -31,7 +31,7 @@ int32_t SetPeerInfoToContext(CJson *context, const CJson *inputData); int32_t ReplaceAuthIdWithRandom(CJson *authData); int32_t CheckPeerPkInfoForPdid(const CJson *context, const CJson *inputData); int32_t GetRealPkInfoStr(int32_t osAccountId, const CJson *credInfo, char **returnPkInfoStr, bool *isPseudonym); -int32_t AddPkInfoWithPdid(const CJson *context, CJson *credInfo, const char *realPkInfoStr); +int32_t AddPkInfoWithPdid(const CJson *context, CJson *credInfo, bool isCredAuth, const char *realPkInfoStr); TrustedDeviceEntry *GetDeviceEntryById(int32_t osAccountId, const char *deviceId, bool isUdid, const char *groupId); int32_t BuildPeerCertInfo(const char *pkInfoStr, const char *pkInfoSignHexStr, int32_t signAlg, diff --git a/services/session_manager/src/session/v2/dev_session_util.c b/services/session_manager/src/session/v2/dev_session_util.c index 0ca0b426..7e296789 100644 --- a/services/session_manager/src/session/v2/dev_session_util.c +++ b/services/session_manager/src/session/v2/dev_session_util.c @@ -48,13 +48,8 @@ static TrustedDeviceEntry *GetPeerDeviceEntryByContext(int32_t osAccountId, cons return GetDeviceEntryById(osAccountId, peerDeviceId, isUdid, groupId); } -static int32_t GetPdidByContext(const CJson *context, char **returnPdid) +static int32_t GetUserIdByGroup(const CJson *context, int32_t osAccountId, const char **returnUserId) { - int32_t osAccountId; - if (GetIntFromJson(context, FIELD_OS_ACCOUNT_ID, &osAccountId) != HC_SUCCESS) { - LOGE("Failed to get osAccountId!"); - return HC_ERR_JSON_GET; - } TrustedDeviceEntry *deviceEntry = GetPeerDeviceEntryByContext(osAccountId, context); if (deviceEntry == NULL) { LOGE("Failed to get device entry!"); @@ -66,15 +61,44 @@ static int32_t GetPdidByContext(const CJson *context, char **returnPdid) DestroyDeviceEntry(deviceEntry); return HC_ERR_NULL_PTR; } + *returnUserId = userId; + DestroyDeviceEntry(deviceEntry); + return HC_SUCCESS; +} + +static int32_t GetUserIdByISInfo(const CJson *context, const char **returnUserId) +{ + CJson *credAuthInfo = GetObjFromJson(context, FIELD_SELF_CREDENTIAL_OBJ); + if (credAuthInfo == NULL) { + LOGE("Get self credAuthInfo fail."); + return IS_ERR_JSON_GET; + } + const char *userId = GetStringFromJson(credAuthInfo, FIELD_USER_ID); + if (userId == NULL) { + LOGE("Failed to get user ID!"); + return IS_ERR_JSON_GET; + } + *returnUserId = userId; + return IS_SUCCESS; +} + +static int32_t GetPdidByContext(const CJson *context, bool isCredAuth, char **returnPdid) +{ + int32_t osAccountId; + if (GetIntFromJson(context, FIELD_OS_ACCOUNT_ID, &osAccountId) != HC_SUCCESS) { + LOGE("Failed to get osAccountId!"); + return HC_ERR_JSON_GET; + } + const char *userId = StringGet(&deviceEntry->userId); + int32_t res = isCredAuth? GetUserIdByISInfo(context, &userId) + : GetUserIdByGroup(context, osAccountId, &userId); PseudonymManager *manager = GetPseudonymInstance(); if (manager == NULL) { LOGE("Pseudonym manager is null!"); - DestroyDeviceEntry(deviceEntry); return HC_ERR_NULL_PTR; } char *pdid = NULL; - int32_t res = manager->getPseudonymId(osAccountId, userId, &pdid); - DestroyDeviceEntry(deviceEntry); + res = manager->getPseudonymId(osAccountId, userId, &pdid); if (res != HC_SUCCESS) { LOGE("Failed to get pdid!"); return res; @@ -476,14 +500,14 @@ int32_t GetRealPkInfoStr(int32_t osAccountId, const CJson *credInfo, char **retu } } -int32_t AddPkInfoWithPdid(const CJson *context, CJson *credInfo, const char *realPkInfoStr) +int32_t AddPkInfoWithPdid(const CJson *context, CJson *credInfo, bool isCredAuth, const char *realPkInfoStr) { if (context == NULL || credInfo == NULL || realPkInfoStr == NULL) { LOGE("Invalid input params!"); return HC_ERR_INVALID_PARAMS; } char *pdid = NULL; - int32_t res = GetPdidByContext(context, &pdid); + int32_t res = GetPdidByContext(context, isCredAuth, &pdid); if (res != HC_SUCCESS) { LOGE("Failed to get pdid by context!"); return res; diff --git a/services/session_manager/src/session/v2/dev_session_v2.c b/services/session_manager/src/session/v2/dev_session_v2.c index 841b4b7b..a97d75c7 100644 --- a/services/session_manager/src/session/v2/dev_session_v2.c +++ b/services/session_manager/src/session/v2/dev_session_v2.c @@ -478,7 +478,7 @@ static int32_t AddCertCredInfo(SessionImpl *impl, IdentityInfo *cred, CJson *cre } int32_t res = HC_ERROR; if (cred->proof.certInfo.isPseudonym) { - res = AddPkInfoWithPdid(impl->context, credInfo, (const char *)cred->proof.certInfo.pkInfoStr.val); + res = AddPkInfoWithPdid(impl->context, credInfo, impl->isCredAuth, (const char *)cred->proof.certInfo.pkInfoStr.val); } if (res != HC_SUCCESS && AddStringToJson(credInfo, FIELD_PK_INFO, (const char *)cred->proof.certInfo.pkInfoStr.val) != HC_SUCCESS) { @@ -1096,20 +1096,20 @@ static int32_t AddAuthInfoToContextByCert(SessionImpl *impl) static int32_t AddAuthInfoToContextIS(SessionImpl *impl, IdentityInfo *cred) { if (cred->proofType == PRE_SHARED) { - return HC_SUCCESS; + return IS_SUCCESS; } char selfUdid[INPUT_UDID_LEN] = { 0 }; int32_t res = HcGetUdid((uint8_t *)selfUdid, INPUT_UDID_LEN); - if (res != HC_SUCCESS) { + if (res != IS_SUCCESS) { LOGE("Failed to get local udid!"); return res; } PRINT_SENSITIVE_DATA("SelfUdid", selfUdid); - if (AddStringToJson(impl->context, FIELD_AUTH_ID, selfUdid) != HC_SUCCESS) { + if (AddStringToJson(impl->context, FIELD_AUTH_ID, selfUdid) != IS_SUCCESS) { LOGE("add selfAuthId to json fail."); - return HC_ERR_JSON_ADD; + return IS_ERR_JSON_ADD; } - return HC_SUCCESS; + return IS_SUCCESS; } static int32_t AddAuthInfoToContextByCred(SessionImpl *impl, IdentityInfo *cred) @@ -1205,18 +1205,18 @@ static int32_t GetCredInfoIS(SessionImpl *impl) { IdentityInfo *info = NULL; int32_t res = GetIdentityInfoIS(impl->context, &info); - if (res != HC_SUCCESS) { + if (res != IS_SUCCESS) { LOGE("Get Identity by credAuthInfo fail."); return res; } if (impl->credList.pushBack(&impl->credList, (const IdentityInfo **)&info) == NULL) { DestroyIdentityInfo(info); LOGE("Failed to push protocol entity!"); - return HC_ERR_ALLOC_MEMORY; + return IS_ERR_ALLOC_MEMORY; } impl->credCurIndex = 0; impl->credTotalNum = 1; - return HC_SUCCESS; + return IS_SUCCESS; } static int32_t ProcStartEventInner(SessionImpl *impl, CJson *sessionMsg) -- Gitee From 7fa8f6bd8fc5797a30c0085f08dc8dfcb4e32c9d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=BC=A0=E8=B7=83=E8=80=80?= Date: Mon, 20 Jan 2025 15:33:22 +0800 Subject: [PATCH 02/17] Fix IS proofType MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 张跃耀 --- services/legacy/creds_manager/src/creds_manager.c | 1 - 1 file changed, 1 deletion(-) diff --git a/services/legacy/creds_manager/src/creds_manager.c b/services/legacy/creds_manager/src/creds_manager.c index d0920ece..29ab3ce5 100644 --- a/services/legacy/creds_manager/src/creds_manager.c +++ b/services/legacy/creds_manager/src/creds_manager.c @@ -427,7 +427,6 @@ int32_t GetIdentityInfoIS(const CJson *context, IdentityInfo **returnInfo) do { uint32_t proofType = 0; res = GetUnsignedIntFromJson(credAuthInfo, FIELD_PROOF_TYPE, &proofType); - info->proofType = proofType; if (res != IS_SUCCESS) { LOGE("Get proofType fail."); break; -- Gitee From 7a0428ad9f7e4d52896bb2f3a77d506a9b66d812 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=BC=A0=E8=B7=83=E8=80=80?= Date: Mon, 20 Jan 2025 15:36:09 +0800 Subject: [PATCH 03/17] Fix IS proofType MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 张跃耀 --- services/session_manager/src/session/v2/dev_session_util.c | 4 ++++ services/session_manager/src/session/v2/dev_session_v2.c | 3 ++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/services/session_manager/src/session/v2/dev_session_util.c b/services/session_manager/src/session/v2/dev_session_util.c index 7e296789..e041f243 100644 --- a/services/session_manager/src/session/v2/dev_session_util.c +++ b/services/session_manager/src/session/v2/dev_session_util.c @@ -92,6 +92,10 @@ static int32_t GetPdidByContext(const CJson *context, bool isCredAuth, char **re const char *userId = StringGet(&deviceEntry->userId); int32_t res = isCredAuth? GetUserIdByISInfo(context, &userId) : GetUserIdByGroup(context, osAccountId, &userId); + if (res != HC_SUCCESS) { + LOGE("Failed to get userId!"); + return res; + } PseudonymManager *manager = GetPseudonymInstance(); if (manager == NULL) { LOGE("Pseudonym manager is null!"); diff --git a/services/session_manager/src/session/v2/dev_session_v2.c b/services/session_manager/src/session/v2/dev_session_v2.c index a97d75c7..6a0dd9b9 100644 --- a/services/session_manager/src/session/v2/dev_session_v2.c +++ b/services/session_manager/src/session/v2/dev_session_v2.c @@ -478,7 +478,8 @@ static int32_t AddCertCredInfo(SessionImpl *impl, IdentityInfo *cred, CJson *cre } int32_t res = HC_ERROR; if (cred->proof.certInfo.isPseudonym) { - res = AddPkInfoWithPdid(impl->context, credInfo, impl->isCredAuth, (const char *)cred->proof.certInfo.pkInfoStr.val); + res = AddPkInfoWithPdid(impl->context, credInfo, impl->isCredAuth, + (const char *)cred->proof.certInfo.pkInfoStr.val); } if (res != HC_SUCCESS && AddStringToJson(credInfo, FIELD_PK_INFO, (const char *)cred->proof.certInfo.pkInfoStr.val) != HC_SUCCESS) { -- Gitee From c9bd7255f2ba36fde1f451dbd36947ba3e62b72c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=BC=A0=E8=B7=83=E8=80=80?= Date: Mon, 20 Jan 2025 15:40:38 +0800 Subject: [PATCH 04/17] Fix IS proofType MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 张跃耀 --- .../deviceauth/source/deviceauth_interface_test.cpp | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/test/unittest/deviceauth/source/deviceauth_interface_test.cpp b/test/unittest/deviceauth/source/deviceauth_interface_test.cpp index 1c922d5e..94b11e46 100644 --- a/test/unittest/deviceauth/source/deviceauth_interface_test.cpp +++ b/test/unittest/deviceauth/source/deviceauth_interface_test.cpp @@ -1261,22 +1261,22 @@ HWTEST_F(DeviceAuthInterfaceTest, DeviceAuthInterfaceTest027, TestSize.Level0) HWTEST_F(DeviceAuthInterfaceTest, DeviceAuthInterfaceTest028, TestSize.Level0) { // dev_session_util.c interface test - int32_t res = AddPkInfoWithPdid(nullptr, nullptr, nullptr); + int32_t res = AddPkInfoWithPdid(nullptr, nullptr, false, nullptr); ASSERT_NE(res, HC_SUCCESS); CJson *context = CreateJson(); - res = AddPkInfoWithPdid(context, nullptr, nullptr); + res = AddPkInfoWithPdid(context, nullptr, false, nullptr); ASSERT_NE(res, HC_SUCCESS); CJson *credJson = CreateJson(); - res = AddPkInfoWithPdid(context, credJson, nullptr); + res = AddPkInfoWithPdid(context, credJson, false, nullptr); ASSERT_NE(res, HC_SUCCESS); - res = AddPkInfoWithPdid(context, credJson, "TestRealPkInfo"); + res = AddPkInfoWithPdid(context, credJson, false, "TestRealPkInfo"); ASSERT_NE(res, HC_SUCCESS); CJson *realPkInfoJson = CreateJson(); (void)AddStringToJson(realPkInfoJson, FIELD_USER_ID, TEST_GROUP_ID); (void)AddStringToJson(realPkInfoJson, FIELD_DEVICE_ID, TEST_AUTH_ID); char *realPkInfoStr = PackJsonToString(realPkInfoJson); FreeJson(realPkInfoJson); - res = AddPkInfoWithPdid(context, credJson, realPkInfoStr); + res = AddPkInfoWithPdid(context, credJson, false, realPkInfoStr); FreeJsonString(realPkInfoStr); ASSERT_NE(res, HC_SUCCESS); FreeJson(context); -- Gitee From 064bbdb689fda66dec91f2796c84c45385d64e2d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=BC=A0=E8=B7=83=E8=80=80?= Date: Mon, 20 Jan 2025 16:04:58 +0800 Subject: [PATCH 05/17] Fix IS proofType MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 张跃耀 --- services/legacy/creds_manager/src/creds_manager.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/services/legacy/creds_manager/src/creds_manager.c b/services/legacy/creds_manager/src/creds_manager.c index 29ab3ce5..6710d9e2 100644 --- a/services/legacy/creds_manager/src/creds_manager.c +++ b/services/legacy/creds_manager/src/creds_manager.c @@ -246,10 +246,10 @@ int32_t GetSharedSecretByPeerCert( static int32_t ConvertISProofTypeToCertType(uint32_t protocolType, IdentityProofType *returnType) { if (protocolType == PROOF_TYPE_PSK) { - *returnType = CERTIFICATED; + *returnType = PRE_SHARED; return IS_SUCCESS; } else if (protocolType == PROOF_TYPE_PKI) { - *returnType = PRE_SHARED; + *returnType = CERTIFICATED; return IS_SUCCESS; } return IS_ERR_NOT_SUPPORT; -- Gitee From c706a6437ad0d9a836830b752a0046222c81b1ef Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=BC=A0=E8=B7=83=E8=80=80?= Date: Mon, 20 Jan 2025 16:22:31 +0800 Subject: [PATCH 06/17] Fix IS proofType MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 张跃耀 --- .../legacy/creds_manager/inc/creds_manager.h | 2 +- .../legacy/creds_manager/src/creds_manager.c | 26 ++++++++++++------- 2 files changed, 18 insertions(+), 10 deletions(-) diff --git a/services/legacy/creds_manager/inc/creds_manager.h b/services/legacy/creds_manager/inc/creds_manager.h index 66a2bd5b..c7d1a518 100644 --- a/services/legacy/creds_manager/inc/creds_manager.h +++ b/services/legacy/creds_manager/inc/creds_manager.h @@ -33,7 +33,7 @@ int32_t GetSharedSecretByPeerCert( const CJson *in, const CertInfo *peerCertInfo, ProtocolAlgType protocolType, Uint8Buff *sharedSecret); //IS -int32_t GetIdentityInfoIS(const CJson *context, IdentityInfo **returnInfo); +int32_t GetIdentityInfoIS(const CJson *context, bool isClient, IdentityInfo **returnInfo); #ifdef __cplusplus } #endif diff --git a/services/legacy/creds_manager/src/creds_manager.c b/services/legacy/creds_manager/src/creds_manager.c index 6710d9e2..eadda782 100644 --- a/services/legacy/creds_manager/src/creds_manager.c +++ b/services/legacy/creds_manager/src/creds_manager.c @@ -243,8 +243,12 @@ int32_t GetSharedSecretByPeerCert( return authIdentity->getSharedSecretByPeerCert(in, peerCertInfo, protocolType, sharedSecret); } -static int32_t ConvertISProofTypeToCertType(uint32_t protocolType, IdentityProofType *returnType) +static int32_t ConvertISProofTypeToCertType(uint32_t protocolType, bool isClient, IdentityProofType *returnType) { + if (!isClient) { + *returnType = protocolType; + return HC_SUCCESS; + } if (protocolType == PROOF_TYPE_PSK) { *returnType = PRE_SHARED; return IS_SUCCESS; @@ -255,8 +259,12 @@ static int32_t ConvertISProofTypeToCertType(uint32_t protocolType, IdentityProof return IS_ERR_NOT_SUPPORT; } -static int32_t ConvertISAlgToCertAlg(uint32_t alg, Algorithm *returnAlg) +static int32_t ConvertISAlgToCertAlg(uint32_t alg, bool isClient, Algorithm *returnAlg) { + if (!isClient) { + *returnAlg = alg; + return HC_SUCCESS; + } if (alg == ALG_TYPE_P256) { *returnAlg = P256; return IS_SUCCESS; @@ -264,7 +272,7 @@ static int32_t ConvertISAlgToCertAlg(uint32_t alg, Algorithm *returnAlg) return IS_ERR_NOT_SUPPORT; } -static int32_t GetCertInfoIS(int32_t osAccountId, const CJson *credAuthInfo, CertInfo *certInfo) +static int32_t GetCertInfoIS(int32_t osAccountId, bool isClient, const CJson *credAuthInfo, CertInfo *certInfo) { const char *userId = GetStringFromJson(credAuthInfo, FIELD_USER_ID); if (userId == NULL) { @@ -300,7 +308,7 @@ static int32_t GetCertInfoIS(int32_t osAccountId, const CJson *credAuthInfo, Cer LOGE("Failed to get algorithm type!"); return IS_ERR_JSON_GET; } - ret = ConvertISAlgToCertAlg(sigAlg, &certInfo->signAlg); + ret = ConvertISAlgToCertAlg(sigAlg, isClient, &certInfo->signAlg); if (ret != IS_SUCCESS) { LOGE("unsupport algorithm type!"); return ret; @@ -346,7 +354,7 @@ static int32_t SetPreShareUrl(const CJson *context, const CJson *credAuthInfo, I return IS_SUCCESS; } -static int32_t SetIdentityProof(const CJson *context, const CJson *credAuthInfo, IdentityInfo *info) +static int32_t SetIdentityProof(const CJson *context, bool isClient, const CJson *credAuthInfo, IdentityInfo *info) { int32_t res = IS_ERROR; if (info->proofType == PRE_SHARED) { @@ -360,7 +368,7 @@ static int32_t SetIdentityProof(const CJson *context, const CJson *credAuthInfo, LOGE("Failed to get osAccountId!"); return IS_ERR_JSON_GET; } - res = GetCertInfoIS(osAccountId, credAuthInfo, &info->proof.certInfo); + res = GetCertInfoIS(osAccountId, isClient, credAuthInfo, &info->proof.certInfo); if (res != IS_SUCCESS) { LOGE("Failed to get cert info!"); } @@ -406,7 +414,7 @@ static int32_t SetProtocolEntityIS(IdentityInfo *info) return IS_SUCCESS; } -int32_t GetIdentityInfoIS(const CJson *context, IdentityInfo **returnInfo) +int32_t GetIdentityInfoIS(const CJson *context, bool isClient, bool isClient, IdentityInfo **returnInfo) { if (context == NULL || returnInfo == NULL) { LOGE("Invalid input params!"); @@ -431,12 +439,12 @@ int32_t GetIdentityInfoIS(const CJson *context, IdentityInfo **returnInfo) LOGE("Get proofType fail."); break; } - res = ConvertISProofTypeToCertType(proofType, &info->proofType); + res = ConvertISProofTypeToCertType(proofType, isClient, &info->proofType); if (res != IS_SUCCESS) { LOGE("unsupport proof type!"); return res; } - res = SetIdentityProof(context, credAuthInfo, info); + res = SetIdentityProof(context, isClient, credAuthInfo, info); if (res != IS_SUCCESS) { LOGE("Failed to get protocol entity!"); break; -- Gitee From c02393f90a787ba18c21b140579e5edb9bdf552c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=BC=A0=E8=B7=83=E8=80=80?= Date: Mon, 20 Jan 2025 16:40:44 +0800 Subject: [PATCH 07/17] Fix IS proofType MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 张跃耀 --- .../legacy/creds_manager/src/creds_manager.c | 28 +++++++------------ 1 file changed, 10 insertions(+), 18 deletions(-) diff --git a/services/legacy/creds_manager/src/creds_manager.c b/services/legacy/creds_manager/src/creds_manager.c index eadda782..26be8928 100644 --- a/services/legacy/creds_manager/src/creds_manager.c +++ b/services/legacy/creds_manager/src/creds_manager.c @@ -243,12 +243,8 @@ int32_t GetSharedSecretByPeerCert( return authIdentity->getSharedSecretByPeerCert(in, peerCertInfo, protocolType, sharedSecret); } -static int32_t ConvertISProofTypeToCertType(uint32_t protocolType, bool isClient, IdentityProofType *returnType) +static int32_t ConvertISProofTypeToCertType(uint32_t protocolType, IdentityProofType *returnType) { - if (!isClient) { - *returnType = protocolType; - return HC_SUCCESS; - } if (protocolType == PROOF_TYPE_PSK) { *returnType = PRE_SHARED; return IS_SUCCESS; @@ -259,12 +255,8 @@ static int32_t ConvertISProofTypeToCertType(uint32_t protocolType, bool isClient return IS_ERR_NOT_SUPPORT; } -static int32_t ConvertISAlgToCertAlg(uint32_t alg, bool isClient, Algorithm *returnAlg) +static int32_t ConvertISAlgToCertAlg(uint32_t alg, Algorithm *returnAlg) { - if (!isClient) { - *returnAlg = alg; - return HC_SUCCESS; - } if (alg == ALG_TYPE_P256) { *returnAlg = P256; return IS_SUCCESS; @@ -272,7 +264,7 @@ static int32_t ConvertISAlgToCertAlg(uint32_t alg, bool isClient, Algorithm *ret return IS_ERR_NOT_SUPPORT; } -static int32_t GetCertInfoIS(int32_t osAccountId, bool isClient, const CJson *credAuthInfo, CertInfo *certInfo) +static int32_t GetCertInfoIS(int32_t osAccountId, const CJson *credAuthInfo, CertInfo *certInfo) { const char *userId = GetStringFromJson(credAuthInfo, FIELD_USER_ID); if (userId == NULL) { @@ -308,7 +300,7 @@ static int32_t GetCertInfoIS(int32_t osAccountId, bool isClient, const CJson *cr LOGE("Failed to get algorithm type!"); return IS_ERR_JSON_GET; } - ret = ConvertISAlgToCertAlg(sigAlg, isClient, &certInfo->signAlg); + ret = ConvertISAlgToCertAlg(sigAlg, &certInfo->signAlg); if (ret != IS_SUCCESS) { LOGE("unsupport algorithm type!"); return ret; @@ -354,7 +346,7 @@ static int32_t SetPreShareUrl(const CJson *context, const CJson *credAuthInfo, I return IS_SUCCESS; } -static int32_t SetIdentityProof(const CJson *context, bool isClient, const CJson *credAuthInfo, IdentityInfo *info) +static int32_t SetIdentityProof(const CJson *context, const CJson *credAuthInfo, IdentityInfo *info) { int32_t res = IS_ERROR; if (info->proofType == PRE_SHARED) { @@ -368,7 +360,7 @@ static int32_t SetIdentityProof(const CJson *context, bool isClient, const CJson LOGE("Failed to get osAccountId!"); return IS_ERR_JSON_GET; } - res = GetCertInfoIS(osAccountId, isClient, credAuthInfo, &info->proof.certInfo); + res = GetCertInfoIS(osAccountId, credAuthInfo, &info->proof.certInfo); if (res != IS_SUCCESS) { LOGE("Failed to get cert info!"); } @@ -414,7 +406,7 @@ static int32_t SetProtocolEntityIS(IdentityInfo *info) return IS_SUCCESS; } -int32_t GetIdentityInfoIS(const CJson *context, bool isClient, bool isClient, IdentityInfo **returnInfo) +int32_t GetIdentityInfoIS(const CJson *context, IdentityInfo **returnInfo) { if (context == NULL || returnInfo == NULL) { LOGE("Invalid input params!"); @@ -439,12 +431,12 @@ int32_t GetIdentityInfoIS(const CJson *context, bool isClient, bool isClient, Id LOGE("Get proofType fail."); break; } - res = ConvertISProofTypeToCertType(proofType, isClient, &info->proofType); + res = ConvertISProofTypeToCertType(proofType, &info->proofType); if (res != IS_SUCCESS) { LOGE("unsupport proof type!"); - return res; + break;; } - res = SetIdentityProof(context, isClient, credAuthInfo, info); + res = SetIdentityProof(context, credAuthInfo, info); if (res != IS_SUCCESS) { LOGE("Failed to get protocol entity!"); break; -- Gitee From 6d72879680cedbc26553413ca6b4cca6a1d7fc62 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=BC=A0=E8=B7=83=E8=80=80?= Date: Mon, 20 Jan 2025 16:45:16 +0800 Subject: [PATCH 08/17] Fix IS proofType MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 张跃耀 --- services/legacy/creds_manager/inc/creds_manager.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/legacy/creds_manager/inc/creds_manager.h b/services/legacy/creds_manager/inc/creds_manager.h index c7d1a518..66a2bd5b 100644 --- a/services/legacy/creds_manager/inc/creds_manager.h +++ b/services/legacy/creds_manager/inc/creds_manager.h @@ -33,7 +33,7 @@ int32_t GetSharedSecretByPeerCert( const CJson *in, const CertInfo *peerCertInfo, ProtocolAlgType protocolType, Uint8Buff *sharedSecret); //IS -int32_t GetIdentityInfoIS(const CJson *context, bool isClient, IdentityInfo **returnInfo); +int32_t GetIdentityInfoIS(const CJson *context, IdentityInfo **returnInfo); #ifdef __cplusplus } #endif -- Gitee From a788b82f5d6a32d109a4fdda785bbb7505c6cae6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=BC=A0=E8=B7=83=E8=80=80?= Date: Mon, 20 Jan 2025 16:54:33 +0800 Subject: [PATCH 09/17] Fix IS proofType MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 张跃耀 --- services/legacy/creds_manager/src/creds_manager.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/legacy/creds_manager/src/creds_manager.c b/services/legacy/creds_manager/src/creds_manager.c index 26be8928..db4d3c4d 100644 --- a/services/legacy/creds_manager/src/creds_manager.c +++ b/services/legacy/creds_manager/src/creds_manager.c @@ -305,7 +305,7 @@ static int32_t GetCertInfoIS(int32_t osAccountId, const CJson *credAuthInfo, Cer LOGE("unsupport algorithm type!"); return ret; } - certInfo->isPseudonym = true; + certInfo->isPseudonym = false; return IS_SUCCESS; } -- Gitee From de97baa599ff9fe61df5d5f8f8441658d15cb5c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=BC=A0=E8=B7=83=E8=80=80?= Date: Mon, 20 Jan 2025 17:03:59 +0800 Subject: [PATCH 10/17] Fix IS proofType MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 张跃耀 --- services/legacy/creds_manager/src/creds_manager.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/legacy/creds_manager/src/creds_manager.c b/services/legacy/creds_manager/src/creds_manager.c index db4d3c4d..4a1288b0 100644 --- a/services/legacy/creds_manager/src/creds_manager.c +++ b/services/legacy/creds_manager/src/creds_manager.c @@ -257,7 +257,7 @@ static int32_t ConvertISProofTypeToCertType(uint32_t protocolType, IdentityProof static int32_t ConvertISAlgToCertAlg(uint32_t alg, Algorithm *returnAlg) { - if (alg == ALG_TYPE_P256) { + if (alg == ALGO_TYPE_P256) { *returnAlg = P256; return IS_SUCCESS; } -- Gitee From 319a99eed271a960238eba49f446f896555219ca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=BC=A0=E8=B7=83=E8=80=80?= Date: Mon, 20 Jan 2025 17:05:08 +0800 Subject: [PATCH 11/17] Fix IS proofType MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 张跃耀 --- services/session_manager/src/session/v2/dev_session_util.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/session_manager/src/session/v2/dev_session_util.c b/services/session_manager/src/session/v2/dev_session_util.c index e041f243..7aebb6cb 100644 --- a/services/session_manager/src/session/v2/dev_session_util.c +++ b/services/session_manager/src/session/v2/dev_session_util.c @@ -89,7 +89,7 @@ static int32_t GetPdidByContext(const CJson *context, bool isCredAuth, char **re LOGE("Failed to get osAccountId!"); return HC_ERR_JSON_GET; } - const char *userId = StringGet(&deviceEntry->userId); + const char *userId = NULL; int32_t res = isCredAuth? GetUserIdByISInfo(context, &userId) : GetUserIdByGroup(context, osAccountId, &userId); if (res != HC_SUCCESS) { -- Gitee From 67528d5fb6e024a1a45285e4f722cd205d58aa9b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=BC=A0=E8=B7=83=E8=80=80?= Date: Mon, 20 Jan 2025 17:19:00 +0800 Subject: [PATCH 12/17] Fix IS proofType MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 张跃耀 --- .../legacy/creds_manager/src/creds_manager.c | 2 +- .../src/session/v2/dev_session_util.c | 18 +++++++++++++----- 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/services/legacy/creds_manager/src/creds_manager.c b/services/legacy/creds_manager/src/creds_manager.c index 4a1288b0..158b8ccf 100644 --- a/services/legacy/creds_manager/src/creds_manager.c +++ b/services/legacy/creds_manager/src/creds_manager.c @@ -300,7 +300,7 @@ static int32_t GetCertInfoIS(int32_t osAccountId, const CJson *credAuthInfo, Cer LOGE("Failed to get algorithm type!"); return IS_ERR_JSON_GET; } - ret = ConvertISAlgToCertAlg(sigAlg, &certInfo->signAlg); + ret = ConvertISAlgToCertAlg(signAlg, &certInfo->signAlg); if (ret != IS_SUCCESS) { LOGE("unsupport algorithm type!"); return ret; diff --git a/services/session_manager/src/session/v2/dev_session_util.c b/services/session_manager/src/session/v2/dev_session_util.c index 7aebb6cb..c430cefb 100644 --- a/services/session_manager/src/session/v2/dev_session_util.c +++ b/services/session_manager/src/session/v2/dev_session_util.c @@ -48,7 +48,7 @@ static TrustedDeviceEntry *GetPeerDeviceEntryByContext(int32_t osAccountId, cons return GetDeviceEntryById(osAccountId, peerDeviceId, isUdid, groupId); } -static int32_t GetUserIdByGroup(const CJson *context, int32_t osAccountId, const char **returnUserId) +static int32_t GetUserIdByGroup(const CJson *context, int32_t osAccountId, char **returnUserId) { TrustedDeviceEntry *deviceEntry = GetPeerDeviceEntryByContext(osAccountId, context); if (deviceEntry == NULL) { @@ -61,12 +61,15 @@ static int32_t GetUserIdByGroup(const CJson *context, int32_t osAccountId, const DestroyDeviceEntry(deviceEntry); return HC_ERR_NULL_PTR; } - *returnUserId = userId; + if (DeepCopyString(userId, returnUserId) != HC_SUCCESS) { + LOGE("Failed to copy userId!"); + return HC_ERR_ALLOC_MEMORY; + } DestroyDeviceEntry(deviceEntry); return HC_SUCCESS; } -static int32_t GetUserIdByISInfo(const CJson *context, const char **returnUserId) +static int32_t GetUserIdByISInfo(const CJson *context, char **returnUserId) { CJson *credAuthInfo = GetObjFromJson(context, FIELD_SELF_CREDENTIAL_OBJ); if (credAuthInfo == NULL) { @@ -78,7 +81,10 @@ static int32_t GetUserIdByISInfo(const CJson *context, const char **returnUserId LOGE("Failed to get user ID!"); return IS_ERR_JSON_GET; } - *returnUserId = userId; + if (DeepCopyString(userId, returnUserId) != HC_SUCCESS) { + LOGE("Failed to copy userId!"); + return HC_ERR_ALLOC_MEMORY; + } return IS_SUCCESS; } @@ -89,7 +95,7 @@ static int32_t GetPdidByContext(const CJson *context, bool isCredAuth, char **re LOGE("Failed to get osAccountId!"); return HC_ERR_JSON_GET; } - const char *userId = NULL; + char *userId = NULL; int32_t res = isCredAuth? GetUserIdByISInfo(context, &userId) : GetUserIdByGroup(context, osAccountId, &userId); if (res != HC_SUCCESS) { @@ -99,10 +105,12 @@ static int32_t GetPdidByContext(const CJson *context, bool isCredAuth, char **re PseudonymManager *manager = GetPseudonymInstance(); if (manager == NULL) { LOGE("Pseudonym manager is null!"); + HcFree(userId); return HC_ERR_NULL_PTR; } char *pdid = NULL; res = manager->getPseudonymId(osAccountId, userId, &pdid); + HcFree(userId); if (res != HC_SUCCESS) { LOGE("Failed to get pdid!"); return res; -- Gitee From b7cb09a2217d6b49918735b1965afe4030d63b9f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=BC=A0=E8=B7=83=E8=80=80?= Date: Mon, 20 Jan 2025 17:21:48 +0800 Subject: [PATCH 13/17] Fix IS proofType MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 张跃耀 --- .../legacy/creds_manager/src/creds_manager.c | 86 +++++++++---------- .../src/session/v2/dev_session_v2.c | 16 ++-- 2 files changed, 51 insertions(+), 51 deletions(-) diff --git a/services/legacy/creds_manager/src/creds_manager.c b/services/legacy/creds_manager/src/creds_manager.c index 158b8ccf..42667f12 100644 --- a/services/legacy/creds_manager/src/creds_manager.c +++ b/services/legacy/creds_manager/src/creds_manager.c @@ -25,14 +25,14 @@ static bool IsDirectAuth(const CJson *context) { bool isDirectAuth = false; - (void)GetBoolFromJson(context, FIELD_IS_DIRECT_AUTH, &isDirectAuth); + (void)GetBoolFromJson(context, FIELD_HC_DIRECT_AUTH, &isDirectAuth); return isDirectAuth; } static bool IsDeviceLevelAuth(const CJson *context) { bool isDeviceLevel = false; - (void)GetBoolFromJson(context, FIELD_IS_DEVICE_LEVEL, &isDeviceLevel); + (void)GetBoolFromJson(context, FIELD_HC_DEVICE_LEVEL, &isDeviceLevel); return isDeviceLevel; } @@ -247,21 +247,21 @@ static int32_t ConvertISProofTypeToCertType(uint32_t protocolType, IdentityProof { if (protocolType == PROOF_TYPE_PSK) { *returnType = PRE_SHARED; - return IS_SUCCESS; + return HC_SUCCESS; } else if (protocolType == PROOF_TYPE_PKI) { *returnType = CERTIFICATED; - return IS_SUCCESS; + return HC_SUCCESS; } - return IS_ERR_NOT_SUPPORT; + return HC_ERR_NOT_SUPPORT; } static int32_t ConvertISAlgToCertAlg(uint32_t alg, Algorithm *returnAlg) { if (alg == ALGO_TYPE_P256) { *returnAlg = P256; - return IS_SUCCESS; + return HC_SUCCESS; } - return IS_ERR_NOT_SUPPORT; + return HC_ERR_NOT_SUPPORT; } static int32_t GetCertInfoIS(int32_t osAccountId, const CJson *credAuthInfo, CertInfo *certInfo) @@ -269,44 +269,44 @@ static int32_t GetCertInfoIS(int32_t osAccountId, const CJson *credAuthInfo, Cer const char *userId = GetStringFromJson(credAuthInfo, FIELD_USER_ID); if (userId == NULL) { LOGE("Failed to get user ID!"); - return IS_ERR_JSON_GET; + return HC_ERR_JSON_GET; } const char *authId = GetStringFromJson(credAuthInfo, FIELD_DEVICE_ID); if (authId == NULL) { LOGE("Failed to get auth ID!"); - return IS_ERR_JSON_GET; + return HC_ERR_JSON_GET; } AccountToken *token = CreateAccountToken(); if (token == NULL) { LOGE("Failed to create account token!"); - return IS_ERR_ALLOC_MEMORY; + return HC_ERR_ALLOC_MEMORY; } int32_t ret = GetAccountAuthTokenManager()->getToken(osAccountId, token, userId, authId); - if (ret != IS_SUCCESS) { + if (ret != HC_SUCCESS) { LOGE("Failed to get account token!"); DestroyAccountToken(token); return ret; } ret = GenerateCertInfo(&token->pkInfoStr, &token->pkInfoSignature, certInfo); DestroyAccountToken(token); - if (ret != IS_SUCCESS) { + if (ret != HC_SUCCESS) { LOGE("Failed to generate cert info!"); return ret; } uint32_t signAlg = 0; - if (GetUnsignedIntFromJson(credAuthInfo, FIELD_ALGORITHM_TYPE, &signAlg) != IS_SUCCESS) { + if (GetUnsignedIntFromJson(credAuthInfo, FIELD_ALGORITHM_TYPE, &signAlg) != HC_SUCCESS) { LOGE("Failed to get algorithm type!"); - return IS_ERR_JSON_GET; + return HC_ERR_JSON_GET; } ret = ConvertISAlgToCertAlg(signAlg, &certInfo->signAlg); - if (ret != IS_SUCCESS) { + if (ret != HC_SUCCESS) { LOGE("unsupport algorithm type!"); return ret; } certInfo->isPseudonym = false; - return IS_SUCCESS; + return HC_SUCCESS; } static int32_t SetPreShareUrl(const CJson *context, const CJson *credAuthInfo, IdentityInfo *info) @@ -314,13 +314,13 @@ static int32_t SetPreShareUrl(const CJson *context, const CJson *credAuthInfo, I CJson *preShareUrl = CreateJson(); if (preShareUrl == NULL) { LOGE("create preShareUrl failed!"); - return IS_ERR_ALLOC_MEMORY; + return HC_ERR_ALLOC_MEMORY; } int32_t credType = 0; - if (GetIntFromJson(credAuthInfo, FIELD_CRED_TYPE, &credType) != IS_SUCCESS) { + if (GetIntFromJson(credAuthInfo, FIELD_CRED_TYPE, &credType) != HC_SUCCESS) { LOGE("Get cred type failed!"); FreeJson(preShareUrl); - return IS_ERR_JSON_GET; + return HC_ERR_JSON_GET; } const char *pinCode = GetStringFromJson(context, FIELD_PIN_CODE); TrustType trustType; @@ -331,37 +331,37 @@ static int32_t SetPreShareUrl(const CJson *context, const CJson *credAuthInfo, I } else { trustType = TRUST_TYPE_P2P; } - if (AddIntToJson(preShareUrl, PRESHARED_URL_TRUST_TYPE, trustType) != IS_SUCCESS) { + if (AddIntToJson(preShareUrl, PRESHARED_URL_TRUST_TYPE, trustType) != HC_SUCCESS) { LOGE("Failed to add preshared url trust type!"); FreeJson(preShareUrl); - return IS_ERR_JSON_ADD; + return HC_ERR_JSON_ADD; } info->proof.preSharedUrl.val = (uint8_t *)PackJsonToString(preShareUrl); FreeJson(preShareUrl); if (info->proof.preSharedUrl.val == NULL) { LOGE("Failed to pack preShareUrl string!"); - return IS_ERR_PACKAGE_JSON_TO_STRING_FAIL; + return HC_ERR_PACKAGE_JSON_TO_STRING_FAIL; } info->proof.preSharedUrl.length = HcStrlen((const char *)info->proof.preSharedUrl.val); - return IS_SUCCESS; + return HC_SUCCESS; } static int32_t SetIdentityProof(const CJson *context, const CJson *credAuthInfo, IdentityInfo *info) { - int32_t res = IS_ERROR; + int32_t res = HC_ERROR; if (info->proofType == PRE_SHARED) { res = SetPreShareUrl(context, credAuthInfo, info); - if (res != IS_SUCCESS) { + if (res != HC_SUCCESS) { LOGE("Failed to set preshare url"); } } else { int32_t osAccountId = 0; - if (GetIntFromJson(context, FIELD_OS_ACCOUNT_ID, &osAccountId) != IS_SUCCESS) { + if (GetIntFromJson(context, FIELD_OS_ACCOUNT_ID, &osAccountId) != HC_SUCCESS) { LOGE("Failed to get osAccountId!"); - return IS_ERR_JSON_GET; + return HC_ERR_JSON_GET; } res = GetCertInfoIS(osAccountId, credAuthInfo, &info->proof.certInfo); - if (res != IS_SUCCESS) { + if (res != HC_SUCCESS) { LOGE("Failed to get cert info!"); } } @@ -373,7 +373,7 @@ static int32_t SetProtocolEntityIS(IdentityInfo *info) ProtocolEntity *entity = (ProtocolEntity *)HcMalloc(sizeof(ProtocolEntity), 0); if (entity == NULL) { LOGE("Failed to alloc memory for protocol entity!"); - return IS_ERR_ALLOC_MEMORY; + return HC_ERR_ALLOC_MEMORY; } if (info->proofType == PRE_SHARED) { #ifdef ENABLE_ACCOUNT_AUTH_ISO @@ -382,7 +382,7 @@ static int32_t SetProtocolEntityIS(IdentityInfo *info) #else LOGE("ISO not support!"); HcFree(entity); - return IS_ERR_NOT_SUPPORT; + return HC_ERR_NOT_SUPPORT; #endif } else if (info->proofType == CERTIFICATED) { #ifdef ENABLE_ACCOUNT_AUTH_EC_SPEKE @@ -391,63 +391,63 @@ static int32_t SetProtocolEntityIS(IdentityInfo *info) #else LOGE("ec speke not support!"); HcFree(entity); - return IS_ERR_NOT_SUPPORT; + return HC_ERR_NOT_SUPPORT; #endif } else { LOGE("unknown proof type!"); HcFree(entity); - return IS_ERR_INVALID_PARAMS; + return HC_ERR_INVALID_PARAMS; } if (info->protocolVec.pushBack(&info->protocolVec, (const ProtocolEntity **)&entity) == NULL) { HcFree(entity); LOGE("Failed to push protocol entity!"); - return IS_ERR_ALLOC_MEMORY; + return HC_ERR_ALLOC_MEMORY; } - return IS_SUCCESS; + return HC_SUCCESS; } int32_t GetIdentityInfoIS(const CJson *context, IdentityInfo **returnInfo) { if (context == NULL || returnInfo == NULL) { LOGE("Invalid input params!"); - return IS_ERR_INVALID_PARAMS; + return HC_ERR_INVALID_PARAMS; } CJson *credAuthInfo = GetObjFromJson(context, FIELD_SELF_CREDENTIAL_OBJ); if (credAuthInfo == NULL) { LOGE("Get self credAuthInfo fail."); - return IS_ERR_JSON_GET; + return HC_ERR_JSON_GET; } IdentityInfo *info = CreateIdentityInfo(); if (info == NULL) { LOGE("Failed to alloc memory for IdentityInfo!"); - return IS_ERR_JSON_GET; + return HC_ERR_JSON_GET; } info->IdInfoType = DEFAULT_ID_TYPE; - int res = IS_ERROR; + int res = HC_ERROR; do { uint32_t proofType = 0; res = GetUnsignedIntFromJson(credAuthInfo, FIELD_PROOF_TYPE, &proofType); - if (res != IS_SUCCESS) { + if (res != HC_SUCCESS) { LOGE("Get proofType fail."); break; } res = ConvertISProofTypeToCertType(proofType, &info->proofType); - if (res != IS_SUCCESS) { + if (res != HC_SUCCESS) { LOGE("unsupport proof type!"); break;; } res = SetIdentityProof(context, credAuthInfo, info); - if (res != IS_SUCCESS) { + if (res != HC_SUCCESS) { LOGE("Failed to get protocol entity!"); break; } res = SetProtocolEntityIS(info); - if (res != IS_SUCCESS) { + if (res != HC_SUCCESS) { LOGE("Failed to get protocol entity!"); break; } } while (0); - if (res != IS_SUCCESS) { + if (res != HC_SUCCESS) { DestroyIdentityInfo(info); return res; } diff --git a/services/session_manager/src/session/v2/dev_session_v2.c b/services/session_manager/src/session/v2/dev_session_v2.c index 6a0dd9b9..d235697b 100644 --- a/services/session_manager/src/session/v2/dev_session_v2.c +++ b/services/session_manager/src/session/v2/dev_session_v2.c @@ -1097,20 +1097,20 @@ static int32_t AddAuthInfoToContextByCert(SessionImpl *impl) static int32_t AddAuthInfoToContextIS(SessionImpl *impl, IdentityInfo *cred) { if (cred->proofType == PRE_SHARED) { - return IS_SUCCESS; + return HC_SUCCESS; } char selfUdid[INPUT_UDID_LEN] = { 0 }; int32_t res = HcGetUdid((uint8_t *)selfUdid, INPUT_UDID_LEN); - if (res != IS_SUCCESS) { + if (res != HC_SUCCESS) { LOGE("Failed to get local udid!"); return res; } PRINT_SENSITIVE_DATA("SelfUdid", selfUdid); - if (AddStringToJson(impl->context, FIELD_AUTH_ID, selfUdid) != IS_SUCCESS) { + if (AddStringToJson(impl->context, FIELD_AUTH_ID, selfUdid) != HC_SUCCESS) { LOGE("add selfAuthId to json fail."); - return IS_ERR_JSON_ADD; + return HC_ERR_JSON_ADD; } - return IS_SUCCESS; + return HC_SUCCESS; } static int32_t AddAuthInfoToContextByCred(SessionImpl *impl, IdentityInfo *cred) @@ -1206,18 +1206,18 @@ static int32_t GetCredInfoIS(SessionImpl *impl) { IdentityInfo *info = NULL; int32_t res = GetIdentityInfoIS(impl->context, &info); - if (res != IS_SUCCESS) { + if (res != HC_SUCCESS) { LOGE("Get Identity by credAuthInfo fail."); return res; } if (impl->credList.pushBack(&impl->credList, (const IdentityInfo **)&info) == NULL) { DestroyIdentityInfo(info); LOGE("Failed to push protocol entity!"); - return IS_ERR_ALLOC_MEMORY; + return HC_ERR_ALLOC_MEMORY; } impl->credCurIndex = 0; impl->credTotalNum = 1; - return IS_SUCCESS; + return HC_SUCCESS; } static int32_t ProcStartEventInner(SessionImpl *impl, CJson *sessionMsg) -- Gitee From 3d83bdb3fcf9f16abf5352bb270f30fdb13f9868 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=BC=A0=E8=B7=83=E8=80=80?= Date: Mon, 20 Jan 2025 17:25:17 +0800 Subject: [PATCH 14/17] Fix IS proofType MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 张跃耀 --- services/legacy/creds_manager/src/creds_manager.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/services/legacy/creds_manager/src/creds_manager.c b/services/legacy/creds_manager/src/creds_manager.c index 42667f12..3d0ac301 100644 --- a/services/legacy/creds_manager/src/creds_manager.c +++ b/services/legacy/creds_manager/src/creds_manager.c @@ -25,14 +25,14 @@ static bool IsDirectAuth(const CJson *context) { bool isDirectAuth = false; - (void)GetBoolFromJson(context, FIELD_HC_DIRECT_AUTH, &isDirectAuth); + (void)GetBoolFromJson(context, FIELD_IS_DIRECT_AUTH, &isDirectAuth); return isDirectAuth; } static bool IsDeviceLevelAuth(const CJson *context) { bool isDeviceLevel = false; - (void)GetBoolFromJson(context, FIELD_HC_DEVICE_LEVEL, &isDeviceLevel); + (void)GetBoolFromJson(context, FIELD_IS_DEVICE_LEVEL, &isDeviceLevel); return isDeviceLevel; } -- Gitee From 9e1daa7c18c35ecc0ee0afe9bb2c02057f8dc538 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=BC=A0=E8=B7=83=E8=80=80?= Date: Mon, 20 Jan 2025 17:59:28 +0800 Subject: [PATCH 15/17] Fix IS proofType MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 张跃耀 --- services/legacy/creds_manager/src/creds_manager.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/legacy/creds_manager/src/creds_manager.c b/services/legacy/creds_manager/src/creds_manager.c index 3d0ac301..d9a09b6a 100644 --- a/services/legacy/creds_manager/src/creds_manager.c +++ b/services/legacy/creds_manager/src/creds_manager.c @@ -434,7 +434,7 @@ int32_t GetIdentityInfoIS(const CJson *context, IdentityInfo **returnInfo) res = ConvertISProofTypeToCertType(proofType, &info->proofType); if (res != HC_SUCCESS) { LOGE("unsupport proof type!"); - break;; + break; } res = SetIdentityProof(context, credAuthInfo, info); if (res != HC_SUCCESS) { -- Gitee From ce0fdc8edac103d30bbfc545d8fddce610ea90df Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=BC=A0=E8=B7=83=E8=80=80?= Date: Mon, 20 Jan 2025 18:04:24 +0800 Subject: [PATCH 16/17] Fix IS proofType MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 张跃耀 --- services/session_manager/src/session/v2/dev_session_util.c | 1 + 1 file changed, 1 insertion(+) diff --git a/services/session_manager/src/session/v2/dev_session_util.c b/services/session_manager/src/session/v2/dev_session_util.c index c430cefb..0cb416a0 100644 --- a/services/session_manager/src/session/v2/dev_session_util.c +++ b/services/session_manager/src/session/v2/dev_session_util.c @@ -63,6 +63,7 @@ static int32_t GetUserIdByGroup(const CJson *context, int32_t osAccountId, char } if (DeepCopyString(userId, returnUserId) != HC_SUCCESS) { LOGE("Failed to copy userId!"); + DestroyDeviceEntry(deviceEntry); return HC_ERR_ALLOC_MEMORY; } DestroyDeviceEntry(deviceEntry); -- Gitee From fdb7e78dae647e4d37699e0796475accff0cb11b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=BC=A0=E8=B7=83=E8=80=80?= Date: Mon, 20 Jan 2025 18:51:53 +0800 Subject: [PATCH 17/17] Fix IS proofType MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 张跃耀 --- services/session_manager/src/session/v2/dev_session_util.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/services/session_manager/src/session/v2/dev_session_util.c b/services/session_manager/src/session/v2/dev_session_util.c index 0cb416a0..aa45f420 100644 --- a/services/session_manager/src/session/v2/dev_session_util.c +++ b/services/session_manager/src/session/v2/dev_session_util.c @@ -513,7 +513,8 @@ int32_t GetRealPkInfoStr(int32_t osAccountId, const CJson *credInfo, char **retu } } -int32_t AddPkInfoWithPdid(const CJson *context, CJson *credInfo, bool isCredAuth, const char *realPkInfoStr) +int32_t AddPkInfoWithPdid(const CJson *context, CJson *credInfo, bool isCredAuth, + const char *realPkInfoStr) { if (context == NULL || credInfo == NULL || realPkInfoStr == NULL) { LOGE("Invalid input params!"); -- Gitee