1 /*
2 * Copyright (c) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "security_manager_proxy.h"
17
18 #include "edm_constants.h"
19 #include "edm_log.h"
20 #include "func_code.h"
21
22 namespace OHOS {
23 namespace EDM {
24 std::shared_ptr<SecurityManagerProxy> SecurityManagerProxy::instance_ = nullptr;
25 std::mutex SecurityManagerProxy::mutexLock_;
26 const std::u16string DESCRIPTOR = u"ohos.edm.IEnterpriseDeviceMgr";
27
GetSecurityManagerProxy()28 std::shared_ptr<SecurityManagerProxy> SecurityManagerProxy::GetSecurityManagerProxy()
29 {
30 if (instance_ == nullptr) {
31 std::lock_guard<std::mutex> lock(mutexLock_);
32 if (instance_ == nullptr) {
33 std::shared_ptr<SecurityManagerProxy> temp = std::make_shared<SecurityManagerProxy>();
34 instance_ = temp;
35 }
36 }
37 return instance_;
38 }
39
GetSecurityPatchTag(const AppExecFwk::ElementName & admin,std::string & securityPatchTag)40 int32_t SecurityManagerProxy::GetSecurityPatchTag(const AppExecFwk::ElementName &admin, std::string &securityPatchTag)
41 {
42 EDMLOGD("SecurityManagerProxy::GetSecurityPatchTag");
43 MessageParcel data;
44 MessageParcel reply;
45 data.WriteInterfaceToken(DESCRIPTOR);
46 data.WriteInt32(WITHOUT_USERID);
47 data.WriteString(WITHOUT_PERMISSION_TAG);
48 data.WriteInt32(HAS_ADMIN);
49 data.WriteParcelable(&admin);
50 EnterpriseDeviceMgrProxy::GetInstance()->GetPolicy(EdmInterfaceCode::GET_SECURITY_PATCH_TAG, data, reply);
51 int32_t ret = ERR_INVALID_VALUE;
52 bool blRes = reply.ReadInt32(ret) && (ret == ERR_OK);
53 if (!blRes) {
54 EDMLOGE("EnterpriseDeviceMgrProxy:GetPolicy fail. %{public}d", ret);
55 return ret;
56 }
57 reply.ReadString(securityPatchTag);
58 return ret;
59 }
60
GetDeviceEncryptionStatus(const AppExecFwk::ElementName & admin,DeviceEncryptionStatus & deviceEncryptionStatus)61 int32_t SecurityManagerProxy::GetDeviceEncryptionStatus(const AppExecFwk::ElementName &admin,
62 DeviceEncryptionStatus &deviceEncryptionStatus)
63 {
64 EDMLOGD("SecurityManagerProxy::GetDeviceEncryptionStatus");
65 MessageParcel data;
66 MessageParcel reply;
67 data.WriteInterfaceToken(DESCRIPTOR);
68 data.WriteInt32(WITHOUT_USERID);
69 data.WriteString(WITHOUT_PERMISSION_TAG);
70 data.WriteInt32(HAS_ADMIN);
71 data.WriteParcelable(&admin);
72 EnterpriseDeviceMgrProxy::GetInstance()->GetPolicy(EdmInterfaceCode::GET_DEVICE_ENCRYPTION_STATUS, data, reply);
73 int32_t ret = ERR_INVALID_VALUE;
74 bool blRes = reply.ReadInt32(ret) && (ret == ERR_OK);
75 if (!blRes) {
76 EDMLOGW("EnterpriseDeviceMgrProxy:GetPolicy fail. %{public}d", ret);
77 return ret;
78 }
79 reply.ReadBool(deviceEncryptionStatus.isEncrypted);
80 return ERR_OK;
81 }
82
SetPasswordPolicy(const AppExecFwk::ElementName & admin,const PasswordPolicy & policy)83 int32_t SecurityManagerProxy::SetPasswordPolicy(const AppExecFwk::ElementName &admin, const PasswordPolicy &policy)
84 {
85 EDMLOGD("SecurityManagerProxy::SetPasswordPolicy");
86 MessageParcel data;
87 std::uint32_t funcCode =
88 POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::SET, EdmInterfaceCode::PASSWORD_POLICY);
89 data.WriteInterfaceToken(DESCRIPTOR);
90 data.WriteInt32(WITHOUT_USERID);
91 data.WriteParcelable(&admin);
92 data.WriteString(WITHOUT_PERMISSION_TAG);
93 data.WriteString(policy.complexityReg);
94 data.WriteInt64(policy.validityPeriod);
95 data.WriteString(policy.additionalDescription);
96 return EnterpriseDeviceMgrProxy::GetInstance()->HandleDevicePolicy(funcCode, data);
97 }
98
GetPasswordPolicy(PasswordPolicy & policy)99 int32_t SecurityManagerProxy::GetPasswordPolicy(PasswordPolicy &policy)
100 {
101 EDMLOGD("SecurityManagerProxy::GetPasswordPolicy innerapi");
102 return GetPasswordPolicy(nullptr, policy);
103 }
104
GetPasswordPolicy(const AppExecFwk::ElementName & admin,PasswordPolicy & policy)105 int32_t SecurityManagerProxy::GetPasswordPolicy(const AppExecFwk::ElementName &admin, PasswordPolicy &policy)
106 {
107 EDMLOGD("SecurityManagerProxy::GetPasswordPolicy");
108 return GetPasswordPolicy(&admin, policy);
109 }
110
GetPasswordPolicy(const AppExecFwk::ElementName * admin,PasswordPolicy & policy)111 int32_t SecurityManagerProxy::GetPasswordPolicy(const AppExecFwk::ElementName *admin, PasswordPolicy &policy)
112 {
113 MessageParcel data;
114 MessageParcel reply;
115 data.WriteInterfaceToken(DESCRIPTOR);
116 data.WriteInt32(WITHOUT_USERID);
117 if (admin == nullptr) {
118 data.WriteString(EdmConstants::PERMISSION_TAG_SYSTEM_API);
119 data.WriteInt32(WITHOUT_ADMIN);
120 } else {
121 data.WriteString(WITHOUT_PERMISSION_TAG);
122 data.WriteInt32(HAS_ADMIN);
123 data.WriteParcelable(admin);
124 }
125 EnterpriseDeviceMgrProxy::GetInstance()->GetPolicy(EdmInterfaceCode::PASSWORD_POLICY, data, reply);
126 int32_t ret = ERR_INVALID_VALUE;
127 reply.ReadInt32(ret);
128 if (ret != ERR_OK) {
129 EDMLOGW("EnterpriseDeviceMgrProxy:GetPolicy fail. %{public}d", ret);
130 return ret;
131 }
132 policy.complexityReg = reply.ReadString();
133 reply.ReadInt64(policy.validityPeriod);
134 policy.additionalDescription = reply.ReadString();
135 return ERR_OK;
136 }
137
GetRootCheckStatus(const AppExecFwk::ElementName & admin,std::string & info)138 int32_t SecurityManagerProxy::GetRootCheckStatus(const AppExecFwk::ElementName &admin, std::string &info)
139 {
140 EDMLOGD("SecurityManagerProxy::GetRootCheckStatus");
141 MessageParcel data;
142 MessageParcel reply;
143 data.WriteInterfaceToken(DESCRIPTOR);
144 data.WriteInt32(WITHOUT_USERID);
145 data.WriteString(WITHOUT_PERMISSION_TAG);
146 data.WriteInt32(HAS_ADMIN);
147 data.WriteParcelable(&admin);
148 std::uint32_t funcCode =
149 POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::GET, EdmInterfaceCode::POLICY_CODE_END + 8);
150 EnterpriseDeviceMgrProxy::GetInstance()->GetPolicy(funcCode, data, reply);
151 int32_t ret = ERR_INVALID_VALUE;
152 bool blRes = reply.ReadInt32(ret) && (ret == ERR_OK);
153 if (!blRes) {
154 EDMLOGW("EnterpriseDeviceMgrProxy:GetPolicy fail. %{public}d", ret);
155 return ret;
156 }
157 reply.ReadString(info);
158 return ERR_OK;
159 }
160
SetAppClipboardPolicy(const AppExecFwk::ElementName & admin,const int32_t tokenId,const int32_t policy)161 int32_t SecurityManagerProxy::SetAppClipboardPolicy(const AppExecFwk::ElementName &admin, const int32_t tokenId,
162 const int32_t policy)
163 {
164 EDMLOGD("SecurityManagerProxy::SetAppClipboardPolicy");
165 MessageParcel data;
166 std::uint32_t funcCode =
167 POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::SET, EdmInterfaceCode::CLIPBOARD_POLICY);
168 data.WriteInterfaceToken(DESCRIPTOR);
169 data.WriteInt32(WITHOUT_USERID);
170 data.WriteParcelable(&admin);
171 data.WriteString(WITHOUT_PERMISSION_TAG);
172 data.WriteInt32(tokenId);
173 data.WriteInt32(policy);
174 return EnterpriseDeviceMgrProxy::GetInstance()->HandleDevicePolicy(funcCode, data);
175 }
176
GetAppClipboardPolicy(const AppExecFwk::ElementName & admin,const int32_t tokenId,std::string & policy)177 int32_t SecurityManagerProxy::GetAppClipboardPolicy(const AppExecFwk::ElementName &admin, const int32_t tokenId,
178 std::string &policy)
179 {
180 EDMLOGD("SecurityManagerProxy::GetAppClipboardPolicy");
181 MessageParcel data;
182 MessageParcel reply;
183 data.WriteInterfaceToken(DESCRIPTOR);
184 data.WriteInt32(WITHOUT_USERID);
185 data.WriteString(WITHOUT_PERMISSION_TAG);
186 data.WriteInt32(HAS_ADMIN);
187 data.WriteParcelable(&admin);
188 data.WriteInt32(tokenId);
189 EnterpriseDeviceMgrProxy::GetInstance()->GetPolicy(EdmInterfaceCode::CLIPBOARD_POLICY, data, reply);
190 int32_t ret = ERR_INVALID_VALUE;
191 reply.ReadInt32(ret);
192 if (ret != ERR_OK) {
193 EDMLOGW("EnterpriseDeviceMgrProxy:GetPolicy fail. %{public}d", ret);
194 return ret;
195 }
196 policy = reply.ReadString();
197 return ERR_OK;
198 }
199 } // namespace EDM
200 } // namespace OHOS
201