From cc59770c9cd96b18d483df162d7b2658b2b57a9a Mon Sep 17 00:00:00 2001 From: libo429 Date: Mon, 24 Mar 2025 09:35:44 +0800 Subject: [PATCH] clean ACL when updata version Signed-off-by: libo429 --- .../include/deviceprofile_connector.h | 1 + .../src/deviceprofile_connector.cpp | 16 +++ .../include/device_manager_service_impl.h | 1 + .../device_manager_service_impl_lite.h | 1 + .../src/device_manager_service_impl.cpp | 19 ++++ .../src/device_manager_service_impl_lite.cpp | 5 + .../service/include/device_manager_service.h | 1 + .../include/idevice_manager_service_impl.h | 1 + .../service/src/device_manager_service.cpp | 10 ++ .../src/ipc/standard/ipc_server_stub.cpp | 5 + utils/BUILD.gn | 3 + .../device_version/dm_config_device_version.h | 31 ++++++ utils/include/kvadapter/kv_adapter_manager.h | 2 + .../dm_config_device_version.cpp | 98 +++++++++++++++++++ utils/src/kvadapter/kv_adapter_manager.cpp | 22 +++++ 15 files changed, 216 insertions(+) create mode 100644 utils/include/device_version/dm_config_device_version.h create mode 100644 utils/src/device_version/dm_config_device_version.cpp diff --git a/commondependency/include/deviceprofile_connector.h b/commondependency/include/deviceprofile_connector.h index 3cff80ef8..cec31d8a9 100644 --- a/commondependency/include/deviceprofile_connector.h +++ b/commondependency/include/deviceprofile_connector.h @@ -185,6 +185,7 @@ public: std::multimap GetDeviceIdAndUserId(const std::string &localUdid, int32_t localUserId); void HandleSyncBackgroundUserIdEvent(const std::vector &remoteUserIds, const std::string &remoteUdid, const std::vector &localUserIds, std::string &localUdid); + int32_t GetLocalDevUserId(std::string localUdid, DistributedDeviceProfile::AccessControlProfile profile); void HandleDeviceUnBind(int32_t bindType, const std::string &peerUdid, const std::string &localUdid, int32_t localUserId, const std::string &localAccountId); int32_t SubscribeDeviceProfileInited(sptr dpInitedCallback); diff --git a/commondependency/src/deviceprofile_connector.cpp b/commondependency/src/deviceprofile_connector.cpp index 2d7890f66..6f6317fc3 100644 --- a/commondependency/src/deviceprofile_connector.cpp +++ b/commondependency/src/deviceprofile_connector.cpp @@ -1765,6 +1765,22 @@ int32_t DeviceProfileConnector::UpdateAclDeviceName(const std::string &udid, con return ERR_DM_FAILED; } +int32_t DeviceProfileConnector::GetLocalDevUserId(std::string localUdid, + DistributedDeviceProfile::AccessControlProfile profile) +{ + std::string accesserDeviceId = profile.GetAccesser().GetAccesserDeviceId(); + int32_t accesseruserId = profile.GetAccesser().GetAccesserUserId(); + std::string accesseeDeviceId = profile.GetAccessee().GetAccesseeDeviceId(); + int32_t accesseeuserId = profile.GetAccessee().GetAccesseeUserId(); + if (accesserDeviceId == localUdid) { + return accesseruserId; + } + if (accesseeDeviceId == localUdid) { + return accesseeuserId; + } + return -1; +} + int32_t DeviceProfileConnector::PutLocalServiceInfo( const DistributedDeviceProfile::LocalServiceInfo &localServiceInfo) { diff --git a/services/implementation/include/device_manager_service_impl.h b/services/implementation/include/device_manager_service_impl.h index f13848c3d..ef7f3586f 100644 --- a/services/implementation/include/device_manager_service_impl.h +++ b/services/implementation/include/device_manager_service_impl.h @@ -129,6 +129,7 @@ public: const std::vector &backgroundUserIds, const std::string &remoteUdid, bool isCheckUserStatus); void HandleUserSwitched(const std::vector &deviceVec, int32_t currentUserId, int32_t beforeUserId); + void ClearAllCredentialAndACL(); std::multimap GetDeviceIdAndUserId(int32_t localUserId); int32_t SaveOnlineDeviceInfo(const std::vector &deviceList); void HandleDeviceUnBind(int32_t bindType, const std::string &peerUdid, diff --git a/services/implementation/include/device_manager_service_impl_lite.h b/services/implementation/include/device_manager_service_impl_lite.h index 2ad955b5e..0581347a1 100644 --- a/services/implementation/include/device_manager_service_impl_lite.h +++ b/services/implementation/include/device_manager_service_impl_lite.h @@ -131,6 +131,7 @@ public: void HandleDeviceNotTrust(const std::string &udid); int32_t GetBindLevel(const std::string &pkgName, const std::string &localUdid, const std::string &udid, uint64_t &tokenId); + void ClearAllCredentialAndACL(); std::multimap GetDeviceIdAndUserId(int32_t userId, const std::string &accountId); void HandleAccountLogoutEvent(int32_t remoteUserId, const std::string &remoteAccountHash, const std::string &remoteUdid); diff --git a/services/implementation/src/device_manager_service_impl.cpp b/services/implementation/src/device_manager_service_impl.cpp index 0d6451e7a..edd9aa0eb 100644 --- a/services/implementation/src/device_manager_service_impl.cpp +++ b/services/implementation/src/device_manager_service_impl.cpp @@ -1032,6 +1032,25 @@ int32_t DeviceManagerServiceImpl::RegisterAuthenticationType(int32_t authenticat return authMgr_->RegisterAuthenticationType(authenticationType); } +void DeviceManagerServiceImpl::ClearAllCredentialAndACL() +{ + LOGI("start"); + int32_t userId; + std::string deviceId; + std::vector profiles; + profiles = DeviceProfileConnector::GetInstance().GetAllAccessControlProfile(); + char localDeviceId[DEVICE_UUID_LENGTH] = {0}; + GetDevUdid(localDeviceId, DEVICE_UUID_LENGTH); + for (auto &item : profiles) { + deviceId = item.GetTrustDeviceId(); + userId = DeviceProfileConnector::GetInstance().GetLocalDevUserId(localDeviceId, item); + hiChainConnector_->DeleteAllGroup(userId); + DeviceProfileConnector::GetInstance().DeleteAccessControlById(item.GetAccessControlId()); + hiChainAuthConnector_->DeleteCredential(deviceId, userId); + } + LOGI("end"); +} + void DeviceManagerServiceImpl::DeleteAlwaysAllowTimeOut() { LOGI("Start DeleteAlwaysAllowTimeOut"); diff --git a/services/implementation/src/device_manager_service_impl_lite.cpp b/services/implementation/src/device_manager_service_impl_lite.cpp index f82b8f95f..bdaf95954 100644 --- a/services/implementation/src/device_manager_service_impl_lite.cpp +++ b/services/implementation/src/device_manager_service_impl_lite.cpp @@ -446,6 +446,11 @@ int32_t DeviceManagerServiceImpl::GetBindLevel(const std::string &pkgName, const return DEVICE_BIUND_LEVEL; } +void DeviceManagerServiceImpl::ClearAllCredentialAndACL() +{ + return; +} + std::multimap DeviceManagerServiceImpl::GetDeviceIdAndUserId(int32_t userId, const std::string &accountId) { diff --git a/services/service/include/device_manager_service.h b/services/service/include/device_manager_service.h index a78a2152c..9c5b0be98 100644 --- a/services/service/include/device_manager_service.h +++ b/services/service/include/device_manager_service.h @@ -233,6 +233,7 @@ public: int32_t GetLocalServiceInfoByBundleNameAndPinExchangeType(const std::string &bundleName, int32_t pinExchangeType, DMLocalServiceInfo &serviceInfo); void ClearPublishIdCache(const std::string &pkgName); + void ClearBindInfo(); bool IsPC(); int32_t GetDeviceNetworkIdList(const std::string &pkgName, const NetworkIdQueryFilter &queryFilter, std::vector &networkIds); diff --git a/services/service/include/idevice_manager_service_impl.h b/services/service/include/idevice_manager_service_impl.h index 8ba83a8ad..26fefc2d0 100644 --- a/services/service/include/idevice_manager_service_impl.h +++ b/services/service/include/idevice_manager_service_impl.h @@ -251,6 +251,7 @@ public: virtual void HandleSyncUserIdEvent(const std::vector &foregroundUserIds, const std::vector &backgroundUserIds, const std::string &remoteUdid, bool isCheckUserStatus) = 0; virtual void HandleRemoteUserRemoved(int32_t userId, const std::string &remoteUdid) = 0; + virtual void ClearAllCredentialAndACL() = 0; virtual std::map GetDeviceIdAndBindLevel(int32_t userId) = 0; virtual std::multimap GetDeviceIdAndUserId(int32_t localUserId) = 0; virtual int32_t SaveOnlineDeviceInfo(const std::vector &deviceList) = 0; diff --git a/services/service/src/device_manager_service.cpp b/services/service/src/device_manager_service.cpp index 493f45f55..b1912b4af 100644 --- a/services/service/src/device_manager_service.cpp +++ b/services/service/src/device_manager_service.cpp @@ -3297,6 +3297,16 @@ void DeviceManagerService::ClearPublishIdCache(const std::string &pkgName) advertiseMgr_->ClearPublishIdCache(pkgName); } +void DeviceManagerService::ClearBindInfo() +{ + LOGI("start"); + if (!IsDMServiceImplReady()) { + LOGE("ClearBindInfo failed, instance not init or init failed."); + return; + } + dmServiceImpl_->ClearAllCredentialAndACL(); +} + bool DeviceManagerService::IsPC() { if (softbusListener_ == nullptr) { diff --git a/services/service/src/ipc/standard/ipc_server_stub.cpp b/services/service/src/ipc/standard/ipc_server_stub.cpp index d185bf774..4bc96f9dc 100644 --- a/services/service/src/ipc/standard/ipc_server_stub.cpp +++ b/services/service/src/ipc/standard/ipc_server_stub.cpp @@ -37,6 +37,7 @@ #include "dm_log.h" #include "multiple_user_connector.h" #include "permission_manager.h" +#include "dm_config_device_version.h" namespace OHOS { namespace DistributedHardware { @@ -154,6 +155,10 @@ void IpcServerStub::OnAddSystemAbility(int32_t systemAbilityId, const std::strin LOGI("OnAddSystemAbility systemAbilityId:%{public}d added!", systemAbilityId); if (systemAbilityId == SOFTBUS_SERVER_SA_ID) { HandleSoftBusServerAdd(); + if (CheckVersionIsUpdate() == true) { + DeviceManagerService::GetInstance().ClearBindInfo(); + UpdateVersion(); + } return; } diff --git a/utils/BUILD.gn b/utils/BUILD.gn index ebb78bc0d..e516bef1c 100644 --- a/utils/BUILD.gn +++ b/utils/BUILD.gn @@ -74,6 +74,7 @@ if (defined(ohos_lite)) { include_dirs = [ "include", "include/crypto", + "include/device_version", "include/kvadapter", "include/fwkload/standard", "include/appInfo/standard", @@ -111,6 +112,7 @@ if (defined(ohos_lite)) { "${common_path}/src/json_object.cpp", "src/appInfo/standard/app_manager.cpp", "src/crypto/dm_crypto.cpp", + "src/device_version/dm_config_device_version.cpp", "src/dm_random.cpp", "src/kvadapter/dm_kv_info.cpp", "src/kvadapter/kv_adapter.cpp", @@ -140,6 +142,7 @@ if (defined(ohos_lite)) { "eventhandler:libeventhandler", "ffrt:libffrt", "hilog:libhilog", + "init:libbegetutil", "ipc:ipc_core", "ipc:ipc_single", "openssl:libcrypto_shared", diff --git a/utils/include/device_version/dm_config_device_version.h b/utils/include/device_version/dm_config_device_version.h new file mode 100644 index 000000000..7b0a7d33e --- /dev/null +++ b/utils/include/device_version/dm_config_device_version.h @@ -0,0 +1,31 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef OHOS_DM_CONFIG_DEVICE_VERSION_H +#define OHOS_DM_CONFIG_DEVICE_VERSION_H + +#include + +namespace OHOS { +namespace DistributedHardware { +void UpdateVersion(void); +bool CheckVersionIsUpdate(void); +std::string GetParameterString(const char *key, const std::string &defValue = ""); +void GetCurrentVersion(std::string ¤tVersion); +std::string EncryptValue(const std::string originValue); +std::string BytesConvertToHexString(const unsigned char *bytes, int byteLen); +} // namespace DistributedHardware +} // namespace OHOS +#endif // OHOS_DM_CONFIG_DEVICE_VERSION_H diff --git a/utils/include/kvadapter/kv_adapter_manager.h b/utils/include/kvadapter/kv_adapter_manager.h index 8dacc074c..bb9cd7af0 100644 --- a/utils/include/kvadapter/kv_adapter_manager.h +++ b/utils/include/kvadapter/kv_adapter_manager.h @@ -38,6 +38,8 @@ public: int32_t Get(const std::string &key, DmKVValue &value); int32_t DeleteAgedEntry(); int32_t AppUnintall(const std::string &appId); + int32_t Put(const std::string &key, std::string &value); + int32_t Get(const std::string &key, std::string &value); private: KVAdapterManager() = default; diff --git a/utils/src/device_version/dm_config_device_version.cpp b/utils/src/device_version/dm_config_device_version.cpp new file mode 100644 index 000000000..23be8e1fb --- /dev/null +++ b/utils/src/device_version/dm_config_device_version.cpp @@ -0,0 +1,98 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "dm_config_device_version.h" + +#include +#include "parameter.h" +#include "dm_log.h" +#include "kv_adapter_manager.h" + +namespace OHOS { +namespace DistributedHardware { +static constexpr const int HALF_BYTE_LEN = 4; +static constexpr char HEX_CHARS[] = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'}; +static constexpr const char *PREVIOUS_VERSION_KEY = "product_base_version.previous_version"; +static constexpr const char *PRODUCT_BASE_VERSION_REAL_KEY = "const.comp.hl.product_base_version.real"; +static constexpr const char *PRODUCT_CUST_VERSION_REAL_KEY = "const.comp.hl.product_cust_version.real"; +static constexpr const char *PRODUCT_PRELOAD_VERSION_REAL_KEY = "const.comp.hl.product_preload_version.real"; +static constexpr const char *CUST_CVERSION_KEY = "const.cust.cversion"; +static constexpr const char *CUST_CUSTPATH_KEY = "const.cust.custPath"; +inline const int32_t PROP_SYSPARA_SIZE = 128; + +std::string GetParameterString(const char *key, const std::string &defValue) +{ + char valueStr[PROP_SYSPARA_SIZE] = { 0 }; + GetParameter(key, defValue.c_str(), valueStr, PROP_SYSPARA_SIZE); + return valueStr; +} + +void UpdateVersion(void) +{ + std::string currentVersion = ""; + GetCurrentVersion(currentVersion); + LOGI("update config version"); + KVAdapterManager::GetInstance().Put(PREVIOUS_VERSION_KEY, currentVersion); +} + +bool CheckVersionIsUpdate(void) +{ + std::string currentVersion = ""; + std::string previousVersion = ""; + KVAdapterManager::GetInstance().Get(PREVIOUS_VERSION_KEY, previousVersion); + GetCurrentVersion(currentVersion); + LOGI("check version is update currentVersion: %{public}s, previousVersion: %{public}s", + currentVersion.c_str(), previousVersion.c_str()); + return currentVersion != previousVersion; +} + +void GetCurrentVersion(std::string ¤tVersion) +{ + std::string originVersion = GetParameterString(PRODUCT_BASE_VERSION_REAL_KEY); + originVersion.append(GetParameterString(PRODUCT_CUST_VERSION_REAL_KEY)); + originVersion.append(GetParameterString(PRODUCT_PRELOAD_VERSION_REAL_KEY)); + originVersion.append(GetParameterString(CUST_CVERSION_KEY)); + originVersion.append(GetParameterString(CUST_CUSTPATH_KEY)); + currentVersion = EncryptValue(originVersion); +} + +std::string EncryptValue(const std::string originValue) +{ + unsigned char hash[SHA256_DIGEST_LENGTH]; + SHA256_CTX sha256; + SHA256_Init(&sha256); + SHA256_Update(&sha256, originValue.c_str(), originValue.size()); + SHA256_Final(hash, &sha256); + std::string encryptValue = BytesConvertToHexString(hash, SHA256_DIGEST_LENGTH); + return encryptValue; +} + +std::string BytesConvertToHexString(const unsigned char *bytes, int byteLen) +{ + if (bytes == nullptr) { + return ""; + } + std::string str = ""; + for (int i = 0; i < byteLen; i++) { + int b = 0; + b = 0x0f & (bytes[i] >> HALF_BYTE_LEN); + str.push_back(HEX_CHARS[b]); + b = 0x0f & bytes[i]; + str.push_back(HEX_CHARS[b]); + } + return str; +} +} // namespace DistributedHardware +} // namespace OHOS diff --git a/utils/src/kvadapter/kv_adapter_manager.cpp b/utils/src/kvadapter/kv_adapter_manager.cpp index d6bc63755..70dc3630e 100644 --- a/utils/src/kvadapter/kv_adapter_manager.cpp +++ b/utils/src/kvadapter/kv_adapter_manager.cpp @@ -110,6 +110,28 @@ int32_t KVAdapterManager::Get(const std::string &key, DmKVValue &value) return DM_OK; } +int32_t KVAdapterManager::Put(const std::string &key, std::string &value) +{ + std::string dmKey = DM_KV_STORE_PREFIX + key; + CHECK_NULL_RETURN(kvAdapter_, ERR_DM_POINT_NULL); + if (kvAdapter_->Put(dmKey, value) != DM_OK) { + LOGE("Put kv value failed, dmKey: %{public}s", GetAnonyString(dmKey).c_str()); + return ERR_DM_FAILED; + } + return DM_OK; +} + +int32_t KVAdapterManager::Get(const std::string &key, std::string &value) +{ + std::string dmKey = DM_KV_STORE_PREFIX + key; + CHECK_NULL_RETURN(kvAdapter_, ERR_DM_POINT_NULL); + if (kvAdapter_->Get(dmKey, value) != DM_OK) { + LOGE("Get kv value failed, dmKey: %{public}s", GetAnonyString(dmKey).c_str()); + return ERR_DM_FAILED; + } + return DM_OK; +} + int32_t KVAdapterManager::DeleteAgedEntry() { int64_t nowTime = GetSecondsSince1970ToNow(); -- Gitee