1 /*
2  * Copyright (C) 2023 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *    http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "account_related_cred_plugin.h"
17 
18 #include "account_auth_plugin_proxy.h"
19 #include "asy_token_manager.h"
20 #include "hc_log.h"
21 #include "sym_token_manager.h"
22 
ProcessAsyTokens(int32_t osAccountId,int32_t cmdId,CJson * in,CJson * out)23 static int32_t ProcessAsyTokens(int32_t osAccountId, int32_t cmdId, CJson *in, CJson *out)
24 {
25     switch (cmdId) {
26         case IMPORT_SELF_CREDENTIAL:
27         case IMPORT_TRUSTED_CREDENTIALS:
28             return GetAccountAuthTokenManager()->addToken(osAccountId, cmdId, in);
29         case DELETE_SELF_CREDENTIAL:
30         case DELETE_TRUSTED_CREDENTIALS: {
31             const char *userId = GetStringFromJson(in, FIELD_USER_ID);
32             if (userId == NULL) {
33                 LOGE("Failed to get user id.");
34                 return HC_ERR_JSON_GET;
35             }
36             const char *deviceId = GetStringFromJson(in, FIELD_DEVICE_ID);
37             if (deviceId == NULL) {
38                 LOGE("Failed to get deviceId from json!");
39                 return HC_ERR_JSON_GET;
40             }
41             return GetAccountAuthTokenManager()->deleteToken(osAccountId, userId, deviceId);
42         }
43         case REQUEST_SIGNATURE:
44             if (out == NULL) {
45                 LOGE("Params: out is null.");
46                 return HC_ERR_NULL_PTR;
47             }
48             return GetAccountAuthTokenManager()->getRegisterProof(osAccountId, in, out);
49         default:
50             LOGE("Operation is not supported for: %d.", cmdId);
51             return HC_ERR_NOT_SUPPORT;
52     }
53 }
54 
ProcessSymTokens(int32_t osAccountId,int32_t cmdId,CJson * in,CJson * out)55 static int32_t ProcessSymTokens(int32_t osAccountId, int32_t cmdId, CJson *in, CJson *out)
56 {
57     (void)out;
58     switch (cmdId) {
59         case IMPORT_SELF_CREDENTIAL:
60         case IMPORT_TRUSTED_CREDENTIALS:
61             return GetSymTokenManager()->addToken(osAccountId, cmdId, in);
62         case DELETE_SELF_CREDENTIAL:
63         case DELETE_TRUSTED_CREDENTIALS: {
64             const char *userId = GetStringFromJson(in, FIELD_USER_ID);
65             if (userId == NULL) {
66                 LOGE("Failed to get userId from json!");
67                 return HC_ERR_JSON_GET;
68             }
69             const char *deviceId = GetStringFromJson(in, FIELD_DEVICE_ID);
70             if (deviceId == NULL) {
71                 LOGE("Failed to get deviceId from json!");
72                 return HC_ERR_JSON_GET;
73             }
74             return GetSymTokenManager()->deleteToken(osAccountId, userId, deviceId);
75         }
76         default:
77             LOGE("Operation is not supported for: %d.", cmdId);
78             return HC_ERR_NOT_SUPPORT;
79     }
80 }
81 
ProcessAccountCredentials(int32_t osAccountId,int32_t cmdId,CJson * in,CJson * out)82 static int32_t ProcessAccountCredentials(int32_t osAccountId, int32_t cmdId, CJson *in, CJson *out)
83 {
84     if (HasAccountAuthPlugin() == HC_SUCCESS) {
85         return ExcuteCredMgrCmd(osAccountId, cmdId, in, out);
86     }
87     if (in == NULL) {
88         LOGE("The input param: in is null.");
89         return HC_ERR_NULL_PTR;
90     }
91     int32_t credentialType = INVALID_CRED;
92     if (GetIntFromJson(in, FIELD_CREDENTIAL_TYPE, &credentialType) != HC_SUCCESS) {
93         LOGE("Failed to get credentialType from json!");
94         return HC_ERR_JSON_GET;
95     }
96     if (credentialType == ASYMMETRIC_CRED) {
97         return ProcessAsyTokens(osAccountId, cmdId, in, out);
98     } else if (credentialType == SYMMETRIC_CRED) {
99         return ProcessSymTokens(osAccountId, cmdId, in, out);
100     } else {
101         LOGE("Invalid credential type! [CredType]: %d", credentialType);
102         return HC_ERR_NOT_SUPPORT;
103     }
104 }
105 
InitAccountRelatedCredPlugin(void)106 static int32_t InitAccountRelatedCredPlugin(void)
107 {
108     InitTokenManager();
109     InitSymTokenManager();
110     return HC_SUCCESS;
111 }
112 
DestroyAccountRelatedCredPlugin(void)113 static void DestroyAccountRelatedCredPlugin(void)
114 {
115     DestroyTokenManager();
116     DestroySymTokenManager();
117 }
118 
119 static CredPlugin g_instance = {
120     .pluginName = ACCOUNT_RELATED_PLUGIN,
121     .init = InitAccountRelatedCredPlugin,
122     .destroy = DestroyAccountRelatedCredPlugin,
123     .procCred = ProcessAccountCredentials
124 };
125 
GetAccountRelatedCredPlugin(void)126 CredPlugin *GetAccountRelatedCredPlugin(void)
127 {
128     return &g_instance;
129 }
130