From c1ab6aa453105cbc8cb7b50d9acefa21203d735d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E9=9F=A9=E9=9C=87?= <hanzhen10@huawei.com>
Date: Tue, 15 Mar 2022 11:42:42 +0800
Subject: [PATCH 1/2] fix type
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: 韩震 <hanzhen10@huawei.com>
Change-Id: Ib4a4c09d797a745cfd3f35f4f2e2c36df94c50f0
---
 common/coauth/inc/executor_message.h          | 65 ++++++++++++++-----
 common/idm/src/user_idm_funcs.c               |  8 +++
 interfaces/innerkits/BUILD.gn                 |  4 +-
 .../innerkits/include/coauth_info_define.h    |  4 +-
 interfaces/innerkits/src/auth_attributes.cpp  |  2 +-
 test/unittest/src/coauth_test.cpp             | 10 +--
 6 files changed, 68 insertions(+), 25 deletions(-)

diff --git a/common/coauth/inc/executor_message.h b/common/coauth/inc/executor_message.h
index 62909c1..86df719 100644
--- a/common/coauth/inc/executor_message.h
+++ b/common/coauth/inc/executor_message.h
@@ -22,23 +22,54 @@
 #include "defines.h"
 
 typedef enum AuthAttributeType {
-    AUTH_INVALID = 0,
-    AUTH_ROOT = 1000000,
-    AUTH_RESULT_CODE = 1000001,
-    AUTH_SIGNATURE = 1000002,
-    AUTH_IDENTIFY_MODE = 1000003,
-    AUTH_TEMPLATE_ID = 1000004,
-    AUTH_TEMPLATE_ID_LIST = 1000005,
-    AUTH_REMAIN_COUNT = 1000006,
-    AUTH_REMAIN_TIME = 1000007,
-    AUTH_SCHEDULE_ID = 1000008,
-    AUTH_CALLER_NAME = 1000009,
-    AUTH_SCHEDULE_VERSION = 1000010,
-    AUTH_LOCK_OUT_TEMPLATE = 1000011,
-    AUTH_UNLOCK_TEMPLATE = 1000012,
-    AUTH_DATA = 1000013,
-    AUTH_SUBTYPE = 1000014,
-    AUTH_CAPABILITY_LEVEL = 1000015,
+    /* Root tag */
+    AUTH_ROOT = 100000,
+    /* Result code */
+    AUTH_RESULT_CODE = 100001,
+    /* Tag of signature data in TLV */
+    AUTH_SIGNATURE = 100004,
+    /* Identify mode */
+    AUTH_IDENTIFY_MODE = 100005,
+    /* Tag of templateId data in TLV */
+    AUTH_TEMPLATE_ID = 100006,
+    /* Tag of templateId list data in TLV */
+    AUTH_TEMPLATE_ID_LIST = 100007,
+    /* Expected attribute, tag of remain count in TLV */
+    AUTH_REMAIN_COUNT = 100009,
+    /* Remain time */
+    AUTH_REMAIN_TIME = 100010,
+    /* Session id, required when decode in C */
+    AUTH_SCHEDULE_ID = 100014,
+    /* Package name */
+    AUTH_CALLER_NAME = 100015,
+    /* Schedule version */
+    AUTH_SCHEDULE_VERSION = 100016,
+    /* Tag of lock out template in TLV */
+    AUTH_LOCK_OUT_TEMPLATE = 100018,
+    /* Tag of unlock template in TLV */
+    AUTH_UNLOCK_TEMPLATE = 100019,
+    /* Tag of data */
+    AUTH_DATA = 100020,
+    /* Tag of auth subType */
+    AUTH_SUBTYPE = 100021,
+    /* Tag of auth schedule mode */
+    AUTH_SCHEDULE_MODE = 100022,
+    /* Tag of property */
+    AUTH_PROPERTY_MODE = 100023,
+    /* Tag of auth type */
+    AUTH_TYPE = 100024,
+    /* Tag of cred id */
+    AUTH_CREDENTIAL_ID = 100025,
+    /* Controller */
+    AUTH_CONTROLLER = 100026,
+    /* calleruid */
+    AUTH_CALLER_UID = 100027,
+    /* result */
+    AUTH_RESULT = 100028,
+    /* capability level */
+    AUTH_CAPABILITY_LEVEL = 100029,
+    /* algorithm setinfo */
+    ALGORITHM_INFO,
 } AuthAttributeType;
 
 typedef struct ExecutorResultInfo {
diff --git a/common/idm/src/user_idm_funcs.c b/common/idm/src/user_idm_funcs.c
index 4842790..442f73b 100644
--- a/common/idm/src/user_idm_funcs.c
+++ b/common/idm/src/user_idm_funcs.c
@@ -34,6 +34,10 @@ static int32_t PinPermissionCheck(int32_t userId, UserAuthTokenHal *authToken)
         return RESULT_SUCCESS;
     } else if (ret == RESULT_SUCCESS) {
         LOG_INFO("pin already exists, legal token is required");
+        if (authToken->authType != PIN_AUTH) {
+            LOG_ERROR("need pin token");
+            return RESULT_VERIFY_TOKEN_FAIL;
+        }
         uint64_t challenge;
         ret = GetChallenge(&challenge);
         if (ret != RESULT_SUCCESS || challenge != authToken->challenge) {
@@ -53,6 +57,10 @@ static int32_t PinPermissionCheck(int32_t userId, UserAuthTokenHal *authToken)
 
 static int32_t FacePermissionCheck(int32_t userId, UserAuthTokenHal *authToken)
 {
+    if (authToken->authType != PIN_AUTH) {
+        LOG_ERROR("need pin token");
+        return RESULT_VERIFY_TOKEN_FAIL;
+    }
     CredentialInfoHal credentialInfo;
     int32_t ret = QueryCredentialInfo(userId, FACE_AUTH, &credentialInfo);
     if (ret != RESULT_NOT_FOUND) {
diff --git a/interfaces/innerkits/BUILD.gn b/interfaces/innerkits/BUILD.gn
index 1d1db97..54bb47d 100644
--- a/interfaces/innerkits/BUILD.gn
+++ b/interfaces/innerkits/BUILD.gn
@@ -58,7 +58,9 @@ ohos_shared_library("coauth_framework") {
     "${coauth_utils_path}:utils_config",
   ]
 
-  deps = [ "//utils/native/base:utils" ]
+  deps = [
+    "//utils/native/base:utils",
+  ]
 
   external_deps = [
     "hiviewdfx_hilog_native:libhilog",
diff --git a/interfaces/innerkits/include/coauth_info_define.h b/interfaces/innerkits/include/coauth_info_define.h
index 440041b..45feb56 100644
--- a/interfaces/innerkits/include/coauth_info_define.h
+++ b/interfaces/innerkits/include/coauth_info_define.h
@@ -39,7 +39,7 @@ enum AuthAttributeType {
     /* Remain time */
     AUTH_REMAIN_TIME = 100010,
     /* Session id, required when decode in C */
-    AUTH_SESSION_ID = 100014,
+    AUTH_SCHEDULE_ID = 100014,
     /* Package name */
     AUTH_CALLER_NAME = 100015,
     /* Schedule version */
@@ -66,6 +66,8 @@ enum AuthAttributeType {
     AUTH_CALLER_UID = 100027,
     /* result */
     AUTH_RESULT = 100028,
+    /* capability level */
+    AUTH_CAPABILITY_LEVEL = 100029,
     /* algorithm setinfo */
     ALGORITHM_INFO
 };
diff --git a/interfaces/innerkits/src/auth_attributes.cpp b/interfaces/innerkits/src/auth_attributes.cpp
index f798982..d6dfdc6 100644
--- a/interfaces/innerkits/src/auth_attributes.cpp
+++ b/interfaces/innerkits/src/auth_attributes.cpp
@@ -29,7 +29,7 @@ AuthAttributes::AuthAttributes()
                                 {AUTH_TEMPLATE_ID_LIST, UINT64ARRAYTYPE},
                                 {AUTH_REMAIN_COUNT, UINT32TYPE},
                                 {AUTH_REMAIN_TIME, UINT32TYPE},
-                                {AUTH_SESSION_ID, UINT64TYPE},
+                                {AUTH_SCHEDULE_ID, UINT64TYPE},
                                 {AUTH_CALLER_NAME, UINT8ARRAYTYPE},
                                 {AUTH_SCHEDULE_VERSION, UINT32TYPE},
                                 {AUTH_LOCK_OUT_TEMPLATE, UINT64TYPE},
diff --git a/test/unittest/src/coauth_test.cpp b/test/unittest/src/coauth_test.cpp
index 8ce3fc2..9c4d446 100644
--- a/test/unittest/src/coauth_test.cpp
+++ b/test/unittest/src/coauth_test.cpp
@@ -421,7 +421,7 @@ HWTEST_F(CoAuthTest, UseriamUtTest014, TestSize.Level0)
     conditions.SetUint32Value(AUTH_TYPE, FACE);
     conditions.SetBoolValue(AUTH_CONTROLLER, 0);
     conditions.SetUint32Value(AUTH_SCHEDULE_MODE, 1);
-    conditions.SetUint64Value(AUTH_SESSION_ID, 1);
+    conditions.SetUint64Value(AUTH_SCHEDULE_ID, 1);
 
     std::vector<uint64_t> val1;
     val1.push_back(1);
@@ -455,7 +455,7 @@ HWTEST_F(CoAuthTest, UseriamUtTest015, TestSize.Level0)
     conditions.SetUint32Value(AUTH_TYPE, FACE);
     conditions.SetBoolValue(AUTH_CONTROLLER, 0);
     conditions.SetUint32Value(AUTH_SCHEDULE_MODE, 1);
-    conditions.SetUint64Value(AUTH_SESSION_ID, 1);
+    conditions.SetUint64Value(AUTH_SCHEDULE_ID, 1);
 
     std::vector<uint64_t> val1;
     val1.push_back(1);
@@ -477,7 +477,7 @@ HWTEST_F(CoAuthTest, UseriamUtTest016, TestSize.Level0)
     conditions.SetUint32Value(AUTH_TYPE, FACE);
     conditions.SetBoolValue(AUTH_CONTROLLER, 0);
     conditions.SetUint32Value(AUTH_SCHEDULE_MODE, 1);
-    conditions.SetUint64Value(AUTH_SESSION_ID, 1);
+    conditions.SetUint64Value(AUTH_SCHEDULE_ID, 1);
 
     std::vector<uint64_t> val1;
     val1.push_back(1);
@@ -499,7 +499,7 @@ HWTEST_F(CoAuthTest, UseriamUtTest017, TestSize.Level0)
     AuthResPool::AuthAttributes conditions;
     conditions.SetBoolValue(AUTH_CONTROLLER, 0);
     conditions.SetUint32Value(AUTH_SCHEDULE_MODE, 1);
-    conditions.SetUint64Value(AUTH_SESSION_ID, 1);
+    conditions.SetUint64Value(AUTH_SCHEDULE_ID, 1);
 
     std::vector<uint64_t> val1;
     val1.push_back(1);
@@ -522,7 +522,7 @@ HWTEST_F(CoAuthTest, UseriamUtTest018, TestSize.Level0)
     conditions.SetUint32Value(AUTH_TYPE, PIN);
     conditions.SetBoolValue(AUTH_CONTROLLER, 0);
     conditions.SetUint32Value(AUTH_SCHEDULE_MODE, 1);
-    conditions.SetUint64Value(AUTH_SESSION_ID, 1);
+    conditions.SetUint64Value(AUTH_SCHEDULE_ID, 1);
     conditions.SetUint32Value(AUTH_PROPERTY_MODE, 1);
     conditions.SetUint64Value(AUTH_TEMPLATE_ID, 1);
 
-- 
Gitee


From 8c3c07e0a7d1f23a8e94bb7c6c12e18037cc6dfe Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E9=9F=A9=E9=9C=87?= <hanzhen10@huawei.com>
Date: Tue, 15 Mar 2022 14:09:44 +0800
Subject: [PATCH 2/2] fix format_check
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: 韩震 <hanzhen10@huawei.com>
Change-Id: I1c2090fac9f13760f28e13ba4624edbc2b486244
---
 interfaces/innerkits/BUILD.gn | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/interfaces/innerkits/BUILD.gn b/interfaces/innerkits/BUILD.gn
index 54bb47d..1d1db97 100644
--- a/interfaces/innerkits/BUILD.gn
+++ b/interfaces/innerkits/BUILD.gn
@@ -58,9 +58,7 @@ ohos_shared_library("coauth_framework") {
     "${coauth_utils_path}:utils_config",
   ]
 
-  deps = [
-    "//utils/native/base:utils",
-  ]
+  deps = [ "//utils/native/base:utils" ]
 
   external_deps = [
     "hiviewdfx_hilog_native:libhilog",
-- 
Gitee