diff --git a/frameworks/inner_api/security_component/include/i_sec_comp_service.h b/frameworks/inner_api/security_component/include/i_sec_comp_service.h index 155604b89e73a414bdc75cc2909a4f293213078b..b685ac72425884e65549c66f04d33b0251293cee 100644 --- a/frameworks/inner_api/security_component/include/i_sec_comp_service.h +++ b/frameworks/inner_api/security_component/include/i_sec_comp_service.h @@ -19,6 +19,7 @@ #include "access_token.h" #include "iremote_broker.h" #include "sec_comp_info.h" +#include "sec_comp_err.h" #include "security_component_service_ipc_interface_code.h" namespace OHOS { @@ -34,7 +35,7 @@ public: const std::string& componentInfo, int32_t& scId) = 0; virtual int32_t UpdateSecurityComponent(int32_t scId, const std::string& componentInfo) = 0; virtual int32_t UnregisterSecurityComponent(int32_t scId) = 0; - virtual int32_t ReportSecurityComponentClickEvent(int32_t scId, const std::string& componentInfo, + virtual SCErrInfo ReportSecurityComponentClickEvent(int32_t scId, const std::string& componentInfo, const SecCompClickEvent& clickInfo, sptr callerToken, sptr dialogCallback) = 0; virtual bool VerifySavePermission(AccessToken::AccessTokenID tokenId) = 0; virtual sptr GetEnhanceRemoteObject() = 0; diff --git a/frameworks/inner_api/security_component/include/sec_comp_client.h b/frameworks/inner_api/security_component/include/sec_comp_client.h index 563376e6675426c3cf38fac8c72f1686d5846d76..39d92de436821dad8e5aff7e5eafd97fe51b964f 100644 --- a/frameworks/inner_api/security_component/include/sec_comp_client.h +++ b/frameworks/inner_api/security_component/include/sec_comp_client.h @@ -33,7 +33,7 @@ public: int32_t RegisterSecurityComponent(SecCompType type, const std::string& componentInfo, int32_t& scId); int32_t UpdateSecurityComponent(int32_t scId, const std::string& componentInfo); int32_t UnregisterSecurityComponent(int32_t scId); - int32_t ReportSecurityComponentClickEvent(int32_t scId, + SCErrInfo ReportSecurityComponentClickEvent(int32_t scId, const std::string& componentInfo, const SecCompClickEvent& clickInfo, sptr callerToken, sptr dialogCallback); bool VerifySavePermission(AccessToken::AccessTokenID tokenId); diff --git a/frameworks/inner_api/security_component/include/sec_comp_proxy.h b/frameworks/inner_api/security_component/include/sec_comp_proxy.h index bb637ea3f660def6257ca48b1892a4aec9df9902..7ca59df2f4563146d8170b92dac3f45220fe30df 100644 --- a/frameworks/inner_api/security_component/include/sec_comp_proxy.h +++ b/frameworks/inner_api/security_component/include/sec_comp_proxy.h @@ -18,6 +18,7 @@ #include #include "i_sec_comp_service.h" #include "iremote_proxy.h" +#include "sec_comp_err.h" namespace OHOS { namespace Security { @@ -29,7 +30,7 @@ public: int32_t RegisterSecurityComponent(SecCompType type, const std::string& componentInfo, int32_t& scId) override; int32_t UpdateSecurityComponent(int32_t scId, const std::string& componentInfo) override; int32_t UnregisterSecurityComponent(int32_t scId) override; - int32_t ReportSecurityComponentClickEvent(int32_t scId, + SCErrInfo ReportSecurityComponentClickEvent(int32_t scId, const std::string& componentInfo, const SecCompClickEvent& clickInfo, sptr callerToken, sptr dialogCallback) override; bool VerifySavePermission(AccessToken::AccessTokenID tokenId) override; @@ -37,7 +38,7 @@ public: int32_t PreRegisterSecCompProcess() override; private: - int32_t SendReportClickEventRequest(MessageParcel& data); + SCErrInfo SendReportClickEventRequest(MessageParcel& data); static inline BrokerDelegator delegator_; std::mutex useIPCMutex_; }; diff --git a/frameworks/inner_api/security_component/src/sec_comp_client.cpp b/frameworks/inner_api/security_component/src/sec_comp_client.cpp index 26836a701ec0acdff079ea5283bbdd9d495d2218..0234c7376ede8be101be4a53cc3ae161074b076b 100644 --- a/frameworks/inner_api/security_component/src/sec_comp_client.cpp +++ b/frameworks/inner_api/security_component/src/sec_comp_client.cpp @@ -89,17 +89,21 @@ int32_t SecCompClient::UnregisterSecurityComponent(int32_t scId) return proxy->UnregisterSecurityComponent(scId); } -int32_t SecCompClient::ReportSecurityComponentClickEvent(int32_t scId, +SCErrInfo SecCompClient::ReportSecurityComponentClickEvent(int32_t scId, const std::string& componentInfo, const SecCompClickEvent& clickInfo, sptr callerToken, sptr dialogCallback) { + SCErrInfo errInfo; auto proxy = GetProxy(true); if (proxy == nullptr) { SC_LOG_ERROR(LABEL, "Proxy is null"); - return SC_SERVICE_ERROR_VALUE_INVALID; + errInfo.errCode = SC_SERVICE_ERROR_VALUE_INVALID; + errInfo.errMsg = "Service is not available"; + return errInfo; } - return proxy->ReportSecurityComponentClickEvent(scId, componentInfo, clickInfo, callerToken, dialogCallback); + return proxy->ReportSecurityComponentClickEvent(scId, componentInfo, clickInfo, + callerToken, dialogCallback); } bool SecCompClient::VerifySavePermission(AccessToken::AccessTokenID tokenId) diff --git a/frameworks/inner_api/security_component/src/sec_comp_kit.cpp b/frameworks/inner_api/security_component/src/sec_comp_kit.cpp index 6df28a158b61794794c47b5f8feb5698d3e67825..dcb10862474f46570ef5730e327b0a9ab31fdfa0 100644 --- a/frameworks/inner_api/security_component/src/sec_comp_kit.cpp +++ b/frameworks/inner_api/security_component/src/sec_comp_kit.cpp @@ -101,10 +101,11 @@ int32_t SecCompKit::UnregisterSecurityComponent(int32_t scId) return res; } -int32_t SecCompKit::ReportSecurityComponentClickEvent(int32_t scId, +SCErrInfo SecCompKit::ReportSecurityComponentClickEvent(int32_t scId, std::string& componentInfo, const SecCompClickEvent& clickInfo, sptr callerToken, OnFirstUseDialogCloseFunc&& callback) { + SCErrInfo errInfo; if (!SecCompCallerAuthorization::GetInstance().IsKitCaller( reinterpret_cast(__builtin_return_address(0)))) { SC_LOG_ERROR(LABEL, "report click event fail, caller invalid"); @@ -115,30 +116,38 @@ int32_t SecCompKit::ReportSecurityComponentClickEvent(int32_t scId, HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::SEC_COMPONENT, "CALLER_CHECK_FAILED", HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", uid, "CALLER_BUNDLE_NAME", bundleName, "CALLER_PID", IPCSkeleton::GetCallingRealPid(), "CALL_SCENE", "CLICK"); - return SC_SERVICE_ERROR_CALLER_INVALID; + errInfo.errCode = SC_SERVICE_ERROR_CALLER_INVALID; + errInfo.errMsg = "report click event fail, caller invalid"; + return errInfo; } if (callback == nullptr) { SC_LOG_ERROR(LABEL, "DialogCloseCallback is null"); - return SC_ENHANCE_ERROR_VALUE_INVALID; + errInfo.errCode = SC_ENHANCE_ERROR_VALUE_INVALID; + errInfo.errMsg = "DialogCloseCallback is null"; + return errInfo; } sptr callbackRemote = new (std::nothrow) SecCompDialogCallback(std::move(callback)); if (callbackRemote == nullptr) { SC_LOG_ERROR(LABEL, "New SecCompDialogCallback fail"); - return SC_SERVICE_ERROR_MEMORY_OPERATE_FAIL; + errInfo.errCode = SC_SERVICE_ERROR_MEMORY_OPERATE_FAIL; + errInfo.errMsg = "New SecCompDialogCallback fail"; + return errInfo; } if (!SecCompEnhanceAdapter::EnhanceDataPreprocess(scId, componentInfo)) { SC_LOG_ERROR(LABEL, "Preprocess security component fail"); - return SC_ENHANCE_ERROR_VALUE_INVALID; + errInfo.errCode = SC_ENHANCE_ERROR_VALUE_INVALID; + errInfo.errMsg = "Preprocess security component fail"; + return errInfo; } - int32_t res = + auto res = SecCompClient::GetInstance().ReportSecurityComponentClickEvent(scId, componentInfo, clickInfo, callerToken, callbackRemote); - if (res != SC_OK) { - SC_LOG_ERROR(LABEL, "report click event fail, error: %{public}d", res); + if (res.errCode!= SC_OK) { + SC_LOG_ERROR(LABEL, "report click event fail, error: %{public}d", res.errCode); } return res; } diff --git a/frameworks/inner_api/security_component/src/sec_comp_proxy.cpp b/frameworks/inner_api/security_component/src/sec_comp_proxy.cpp index f8eb8029cdb4b74d222bb51bbcf1229b30b7c98f..335045abc887578c8dd0aad646775bb7439c4c43 100644 --- a/frameworks/inner_api/security_component/src/sec_comp_proxy.cpp +++ b/frameworks/inner_api/security_component/src/sec_comp_proxy.cpp @@ -197,15 +197,17 @@ int32_t SecCompProxy::UnregisterSecurityComponent(int32_t scId) return res; } -int32_t SecCompProxy::SendReportClickEventRequest(MessageParcel& data) +SCErrInfo SecCompProxy::SendReportClickEventRequest(MessageParcel& data) { MessageParcel reply; MessageParcel deserializedReply; MessageOption option(MessageOption::TF_SYNC); sptr remote = Remote(); + SCErrInfo errInfo; if (remote == nullptr) { SC_LOG_ERROR(LABEL, "Report remote service is null."); - return SC_SERVICE_ERROR_IPC_REQUEST_FAIL; + errInfo.SetErrInfo(SC_SERVICE_ERROR_IPC_REQUEST_FAIL, "Report serialize session info failed."); + return errInfo; } int32_t requestResult = remote->SendRequest( static_cast(SecurityComponentServiceInterfaceCode::REPORT_SECURITY_COMPONENT_CLICK_EVENT), @@ -213,68 +215,88 @@ int32_t SecCompProxy::SendReportClickEventRequest(MessageParcel& data) if (!SecCompEnhanceAdapter::EnhanceClientDeserialize(reply, deserializedReply)) { SC_LOG_ERROR(LABEL, "Report deserialize session info failed."); - return SC_SERVICE_ERROR_PARCEL_OPERATE_FAIL; + errInfo.SetErrInfo(SC_SERVICE_ERROR_PARCEL_OPERATE_FAIL, "Report serialize session info failed."); + return errInfo; } if (requestResult != SC_OK) { SC_LOG_ERROR(LABEL, "Report request failed, result: %{public}d.", requestResult); - return requestResult; + errInfo.SetErrInfo(requestResult, "Report serialize session info failed."); + return errInfo; } int32_t res; if (!deserializedReply.ReadInt32(res)) { SC_LOG_ERROR(LABEL, "Report read res failed."); - return SC_SERVICE_ERROR_PARCEL_OPERATE_FAIL; + errInfo.SetErrInfo(SC_SERVICE_ERROR_PARCEL_OPERATE_FAIL, "Report read res failed."); + return errInfo; } - return res; + + std::string message; + if (!deserializedReply.ReadString(message)) { + SC_LOG_ERROR(LABEL, "Report read error message failed."); + errInfo.SetErrInfo(SC_SERVICE_ERROR_PARCEL_OPERATE_FAIL, "Report read error message failed."); + return errInfo; + } + errInfo.SetErrInfo(res, message); + return errInfo; } -int32_t SecCompProxy::ReportSecurityComponentClickEvent(int32_t scId, +SCErrInfo SecCompProxy::ReportSecurityComponentClickEvent(int32_t scId, const std::string& componentInfo, const SecCompClickEvent& clickInfo, sptr callerToken, sptr dialogCallback) { std::lock_guard lock(useIPCMutex_); MessageParcel rawData; MessageParcel data; + SCErrInfo errInfo; if (!data.WriteInterfaceToken(SecCompProxy::GetDescriptor())) { SC_LOG_ERROR(LABEL, "Report write descriptor failed."); - return SC_SERVICE_ERROR_PARCEL_OPERATE_FAIL; + errInfo.SetErrInfo(SC_SERVICE_ERROR_PARCEL_OPERATE_FAIL, "Report write descriptor failed."); + return errInfo; } if (!rawData.WriteInt32(scId)) { SC_LOG_ERROR(LABEL, "Report write scId failed."); - return SC_SERVICE_ERROR_PARCEL_OPERATE_FAIL; + errInfo.SetErrInfo(SC_SERVICE_ERROR_PARCEL_OPERATE_FAIL, "Report write scId failed."); + return errInfo; } if (!rawData.WriteString(componentInfo)) { SC_LOG_ERROR(LABEL, "Report write componentInfo failed."); - return SC_SERVICE_ERROR_PARCEL_OPERATE_FAIL; + errInfo.SetErrInfo(SC_SERVICE_ERROR_PARCEL_OPERATE_FAIL, "Report write componentInfo failed."); + return errInfo; } sptr parcel = new (std::nothrow) SecCompClickEventParcel(); if (parcel == nullptr) { SC_LOG_ERROR(LABEL, "Report new click event parcel failed."); - return SC_SERVICE_ERROR_PARCEL_OPERATE_FAIL; + errInfo.SetErrInfo(SC_SERVICE_ERROR_PARCEL_OPERATE_FAIL, "Report new click event parcel failed."); + return errInfo; } parcel->clickInfoParams_ = clickInfo; if (!rawData.WriteParcelable(parcel)) { SC_LOG_ERROR(LABEL, "Report write clickInfo failed."); - return SC_SERVICE_ERROR_PARCEL_OPERATE_FAIL; + errInfo.SetErrInfo(SC_SERVICE_ERROR_PARCEL_OPERATE_FAIL, "Report write clickInfo failed."); + return errInfo; } if ((callerToken != nullptr) && !data.WriteRemoteObject(callerToken)) { SC_LOG_ERROR(LABEL, "Report write caller token failed."); - return SC_SERVICE_ERROR_PARCEL_OPERATE_FAIL; + errInfo.SetErrInfo(SC_SERVICE_ERROR_PARCEL_OPERATE_FAIL, "Report write caller token failed."); + return errInfo; } if ((dialogCallback != nullptr) && !data.WriteRemoteObject(dialogCallback)) { SC_LOG_ERROR(LABEL, "Report write caller token failed."); - return SC_SERVICE_ERROR_PARCEL_OPERATE_FAIL; + errInfo.SetErrInfo(SC_SERVICE_ERROR_PARCEL_OPERATE_FAIL, "Report write caller token failed."); + return errInfo; } if (!SecCompEnhanceAdapter::EnhanceClientSerialize(rawData, data)) { SC_LOG_ERROR(LABEL, "Report serialize session info failed."); - return SC_SERVICE_ERROR_PARCEL_OPERATE_FAIL; + errInfo.SetErrInfo(SC_SERVICE_ERROR_PARCEL_OPERATE_FAIL, "Report serialize session info failed."); + return errInfo; } return SendReportClickEventRequest(data); diff --git a/frameworks/inner_api/security_component/test/unittest/src/sec_comp_kit_test.cpp b/frameworks/inner_api/security_component/test/unittest/src/sec_comp_kit_test.cpp index 11edd4a2abaf5550365ec2eac80d401b8513deed..89a16354863f3c216c5b92b2faf3ec112e996417 100644 --- a/frameworks/inner_api/security_component/test/unittest/src/sec_comp_kit_test.cpp +++ b/frameworks/inner_api/security_component/test/unittest/src/sec_comp_kit_test.cpp @@ -41,11 +41,11 @@ static void TestInCallerNotCheckList() int registerRes = SecCompKit::RegisterSecurityComponent(LOCATION_COMPONENT, emptyStr, scId); int updateRes = SecCompKit::UpdateSecurityComponent(scId, emptyStr); OnFirstUseDialogCloseFunc func = [] (int32_t) {}; - int reportRes = SecCompKit::ReportSecurityComponentClickEvent(scId, emptyStr, click, nullptr, std::move(func)); + auto reportRes = SecCompKit::ReportSecurityComponentClickEvent(scId, emptyStr, click, nullptr, std::move(func)); EXPECT_EQ(registerRes, SC_SERVICE_ERROR_CALLER_INVALID); EXPECT_EQ(updateRes, SC_SERVICE_ERROR_CALLER_INVALID); - EXPECT_EQ(reportRes, SC_SERVICE_ERROR_CALLER_INVALID); + EXPECT_EQ(reportRes.errCode, SC_SERVICE_ERROR_CALLER_INVALID); } static void TestInCallerCheckList() @@ -56,11 +56,11 @@ static void TestInCallerCheckList() int registerRes = SecCompKit::RegisterSecurityComponent(LOCATION_COMPONENT, emptyStr, scId); int updateRes = SecCompKit::UpdateSecurityComponent(scId, emptyStr); OnFirstUseDialogCloseFunc func = [] (int32_t) {}; - int reportRes = SecCompKit::ReportSecurityComponentClickEvent(scId, emptyStr, click, nullptr, std::move(func)); + auto reportRes = SecCompKit::ReportSecurityComponentClickEvent(scId, emptyStr, click, nullptr, std::move(func)); EXPECT_NE(registerRes, SC_SERVICE_ERROR_CALLER_INVALID); EXPECT_NE(updateRes, SC_SERVICE_ERROR_CALLER_INVALID); - EXPECT_NE(reportRes, SC_SERVICE_ERROR_CALLER_INVALID); + EXPECT_NE(reportRes.errCode, SC_SERVICE_ERROR_CALLER_INVALID); } } // namespace @@ -126,7 +126,8 @@ HWTEST_F(SecCompKitTest, ExceptCall001, TestSize.Level1) .point.timestamp = static_cast(std::chrono::high_resolution_clock::now().time_since_epoch().count()) }; OnFirstUseDialogCloseFunc func = nullptr; - EXPECT_NE(SC_OK, SecCompKit::ReportSecurityComponentClickEvent(scId, jsonStr, touch, nullptr, std::move(func))); + EXPECT_NE(SC_OK, SecCompKit::ReportSecurityComponentClickEvent(scId, jsonStr, touch, nullptr, + std::move(func)).errCode); EXPECT_NE(SC_OK, SecCompKit::UnregisterSecurityComponent(scId)); } diff --git a/frameworks/inner_api/security_component/test/unittest/src/sec_comp_register_callback_test.cpp b/frameworks/inner_api/security_component/test/unittest/src/sec_comp_register_callback_test.cpp index 4d199611d9dd3f79d9406951eb29e17a0c93fe2e..734e5b7bcb75b01b69bb300d199b17110d4116db 100644 --- a/frameworks/inner_api/security_component/test/unittest/src/sec_comp_register_callback_test.cpp +++ b/frameworks/inner_api/security_component/test/unittest/src/sec_comp_register_callback_test.cpp @@ -65,7 +65,7 @@ static __attribute__((noinline)) int32_t ReportSecurityComponentClickEvent( { SC_LOG_INFO(LABEL, "ReportSecurityComponentClickEvent enter"); return SecCompKit::ReportSecurityComponentClickEvent(scId, componentInfo, clickInfo, callerToken, - std::move(dialogCall)); + std::move(dialogCall)).errCode; } static __attribute__((noinline)) int32_t UpdateSecurityComponent(int32_t scId, std::string& componentInfo) @@ -220,7 +220,7 @@ HWTEST_F(SecCompRegisterCallbackTest, RegisterSecurityComponent004, TestSize.Lev ASSERT_NE(callback, nullptr); auto token = callback->AsObject(); OnFirstUseDialogCloseFunc func = [] (int32_t) {}; - EXPECT_EQ(SC_SERVICE_ERROR_CLICK_EVENT_INVALID, + EXPECT_EQ(SC_SERVICE_ERROR_COMPONENT_IS_COVERED, ReportSecurityComponentClickEvent(scId, saveInfo, clickInfo, token, std::move(func))); EXPECT_EQ(SC_OK, SecCompKit::UnregisterSecurityComponent(scId)); system("param set sec.comp.enhance 0"); @@ -255,7 +255,7 @@ HWTEST_F(SecCompRegisterCallbackTest, RegisterSecurityComponent005, TestSize.Lev ASSERT_NE(callback, nullptr); auto token = callback->AsObject(); OnFirstUseDialogCloseFunc func = [] (int32_t) {}; - EXPECT_EQ(SC_SERVICE_ERROR_CLICK_EVENT_INVALID, + EXPECT_EQ(SC_SERVICE_ERROR_COMPONENT_IS_COVERED, ReportSecurityComponentClickEvent(scId, saveInfo, clickInfo, token, std::move(func))); EXPECT_EQ(SC_OK, SecCompKit::UnregisterSecurityComponent(scId)); system("param set sec.comp.enhance 0"); @@ -307,7 +307,7 @@ HWTEST_F(SecCompRegisterCallbackTest, ReportSecurityComponentClickEvent001, Test ASSERT_NE(callback, nullptr); auto token = callback->AsObject(); OnFirstUseDialogCloseFunc func = [] (int32_t) {}; - ASSERT_EQ(SC_SERVICE_ERROR_CLICK_EVENT_INVALID, + ASSERT_EQ(SC_SERVICE_ERROR_COMPONENT_IS_COVERED, ReportSecurityComponentClickEvent(scId, saveInfo, clickInfo, token, std::move(func))); EXPECT_EQ(SC_OK, SecCompKit::UnregisterSecurityComponent(scId)); system("param set sec.comp.enhance 0"); @@ -385,7 +385,7 @@ HWTEST_F(SecCompRegisterCallbackTest, ReportSecurityComponentClickEvent003, Test ASSERT_EQ(SC_SERVICE_ERROR_CLICK_EVENT_INVALID, ReportSecurityComponentClickEvent(scId, saveInfo, clickInfo, token, std::move(func))); #else - ASSERT_EQ(SC_SERVICE_ERROR_CLICK_EVENT_INVALID, + ASSERT_EQ(SC_SERVICE_ERROR_COMPONENT_IS_COVERED, ReportSecurityComponentClickEvent(scId, saveInfo, clickInfo, token, std::move(func))); #endif EXPECT_EQ(SC_OK, SecCompKit::UnregisterSecurityComponent(scId)); @@ -456,7 +456,7 @@ HWTEST_F(SecCompRegisterCallbackTest, ReportClickWithoutHmac001, TestSize.Level1 ASSERT_NE(callback, nullptr); auto token = callback->AsObject(); OnFirstUseDialogCloseFunc func = [] (int32_t) {}; - EXPECT_EQ(SC_SERVICE_ERROR_CLICK_EVENT_INVALID, + EXPECT_EQ(SC_SERVICE_ERROR_COMPONENT_IS_COVERED, ReportSecurityComponentClickEvent(scId, locationInfo, clickInfo, token, std::move(func))); EXPECT_EQ(SC_OK, SecCompKit::UnregisterSecurityComponent(scId)); system("param set sec.comp.enhance 0"); @@ -493,7 +493,7 @@ HWTEST_F(SecCompRegisterCallbackTest, VerifySavePermission001, TestSize.Level1) ASSERT_NE(callback, nullptr); auto token = callback->AsObject(); OnFirstUseDialogCloseFunc func = [] (int32_t) {}; - ASSERT_EQ(SC_SERVICE_ERROR_CLICK_EVENT_INVALID, + ASSERT_EQ(SC_SERVICE_ERROR_COMPONENT_IS_COVERED, ReportSecurityComponentClickEvent(scId, saveInfo, clickInfo, token, std::move(func))); setuid(100); ASSERT_FALSE(SecCompKit::VerifySavePermission(TestCommon::HAP_TOKEN_ID)); @@ -533,7 +533,7 @@ HWTEST_F(SecCompRegisterCallbackTest, VerifySavePermission002, TestSize.Level1) ASSERT_NE(callback, nullptr); auto token = callback->AsObject(); OnFirstUseDialogCloseFunc func = [] (int32_t) {}; - ASSERT_EQ(SC_SERVICE_ERROR_CLICK_EVENT_INVALID, + ASSERT_EQ(SC_SERVICE_ERROR_COMPONENT_IS_COVERED, ReportSecurityComponentClickEvent(scId, saveInfo, clickInfo, token, std::move(func))); EXPECT_EQ(SC_OK, SecCompKit::UnregisterSecurityComponent(scId)); system("param set sec.comp.enhance 0"); @@ -568,7 +568,7 @@ HWTEST_F(SecCompRegisterCallbackTest, UnregisterSecurityComponent001, TestSize.L ASSERT_NE(callback, nullptr); auto token = callback->AsObject(); OnFirstUseDialogCloseFunc func = [] (int32_t) {}; - EXPECT_EQ(SC_SERVICE_ERROR_CLICK_EVENT_INVALID, + EXPECT_EQ(SC_SERVICE_ERROR_COMPONENT_IS_COVERED, ReportSecurityComponentClickEvent(scId, saveInfo, clickInfo, token, std::move(func))); EXPECT_EQ(SC_OK, SecCompKit::UnregisterSecurityComponent(scId)); system("param set sec.comp.enhance 0"); diff --git a/interfaces/inner_api/security_component/include/sec_comp_err.h b/interfaces/inner_api/security_component/include/sec_comp_err.h index 160f4300c2084312d878bbba1851db8cae3f55b9..2338220b61eda90e792f13d95aa0f4f2d79ae75a 100644 --- a/interfaces/inner_api/security_component/include/sec_comp_err.h +++ b/interfaces/inner_api/security_component/include/sec_comp_err.h @@ -16,6 +16,7 @@ #define FRAMEWORKS_COMMON_SECURITY_COMPONENT_ERR_H #include +#include namespace OHOS { namespace Security { @@ -37,6 +38,15 @@ enum SCErrCode : int32_t { SC_SERVICE_ERROR_CALLER_INVALID = -62, SC_SERVICE_ERROR_WAIT_FOR_DIALOG_CLOSE = -63, SC_SERVICE_ERROR_GRANT_CANCEL_FOR_DIALOG_CLOSE = -64, + SC_SERVICE_ERROR_COMPONENT_IS_COVERED = -65, + SC_SERVICE_ERROR_COMPONENT_DISPLAY_OUT = -66, + SC_SERVICE_ERROR_PARENT_COMPONENT_DISALLOWS_PROPERTY = -67, + SC_SERVICE_ERROR_SIZE_ANOMALY = -68, + SC_SERVICE_ERROR_TRANSPARENCE_ANOMALY = -69, + SC_SERVICE_ERROR_COLOR_SIMILARITY = -70, + SC_SERVICE_ERROR_COMPONENT_UNREGISTERED = -71, + SC_SERVICE_ERROR_COMPONENT_TEXT_OUT_OF_RANGE = -72, + SC_SERVICE_ERROR_PADDING_FAIL = -73, SC_ENHANCE_ERROR_NOT_EXIST_ENHANCE = -100, SC_ENHANCE_ERROR_VALUE_INVALID = -101, @@ -51,6 +61,16 @@ enum SCErrCode : int32_t { SC_ENHANCE_ERROR_CHALLENGE_CHECK_FAIL = -110, SC_ENHANCE_ERROR_CLICK_EXTRA_CHECK_FAIL = -111, }; + +struct SCErrInfo { + int32_t errCode = SC_OK; + std::string errMsg; + void SetErrInfo(int32_t code, const std::string& message) + { + errCode = code; + errMsg = message; + } +}; } // namespace SecurityComponent } // namespace Security } // namespace OHOS diff --git a/interfaces/inner_api/security_component/include/sec_comp_kit.h b/interfaces/inner_api/security_component/include/sec_comp_kit.h index a2649937bf93145ff7caf86fdc0a9ae214bc9bb2..237b91fe40d6508f7c4a47b26860441869e5e00d 100644 --- a/interfaces/inner_api/security_component/include/sec_comp_kit.h +++ b/interfaces/inner_api/security_component/include/sec_comp_kit.h @@ -20,6 +20,7 @@ #include "iremote_object.h" #include "sec_comp_info.h" #include "sec_comp_ui_register.h" +#include "sec_comp_err.h" namespace OHOS { namespace Security { @@ -29,7 +30,7 @@ public: static int32_t RegisterSecurityComponent(SecCompType type, std::string& componentInfo, int32_t& scId); static int32_t UpdateSecurityComponent(int32_t scId, std::string& componentInfo); static int32_t UnregisterSecurityComponent(int32_t scId); - static int32_t ReportSecurityComponentClickEvent(int32_t scId, + static SCErrInfo ReportSecurityComponentClickEvent(int32_t scId, std::string& componentInfo, const SecCompClickEvent& clickInfo, sptr callerToken, OnFirstUseDialogCloseFunc&& callback); diff --git a/interfaces/inner_api/security_component_common/sec_comp_info_helper.h b/interfaces/inner_api/security_component_common/sec_comp_info_helper.h index f9b6a8c06baad4cdc6a99e73dc59981082ed0939..b01a27a3d0f785ee064a8668f2280269ec9877a3 100644 --- a/interfaces/inner_api/security_component_common/sec_comp_info_helper.h +++ b/interfaces/inner_api/security_component_common/sec_comp_info_helper.h @@ -19,6 +19,7 @@ #include "nlohmann/json.hpp" #include "sec_comp_base.h" #include "sec_comp_info.h" +#include "sec_comp_err.h" namespace OHOS { namespace Security { @@ -37,8 +38,8 @@ T* ConstructComponent(const nlohmann::json& jsonComponent) class __attribute__((visibility("default"))) SecCompInfoHelper { public: static SecCompBase* ParseComponent(SecCompType type, const nlohmann::json& jsonComponent); - static bool CheckComponentValid(SecCompBase* comp); - static bool CheckRectValid(const SecCompRect& rect, const SecCompRect& windowRect, const uint64_t displayId); + static SCErrInfo CheckComponentValid(SecCompBase* comp); + static SCErrInfo CheckRectValid(const SecCompRect& rect, const SecCompRect& windowRect, const uint64_t displayId); private: static float GetWindowScale(int32_t windowId); diff --git a/services/security_component_service/sa/sa_main/first_use_dialog.cpp b/services/security_component_service/sa/sa_main/first_use_dialog.cpp index 5d8ab5d832f6c8d3a4c31323a361614d5b34b597..1a3b7d3f05e8bc900cae224411f7a58c4a760366 100644 --- a/services/security_component_service/sa/sa_main/first_use_dialog.cpp +++ b/services/security_component_service/sa/sa_main/first_use_dialog.cpp @@ -279,7 +279,8 @@ int32_t FirstUseDialog::GrantDialogWaitEntity(int32_t scId) SC_LOG_ERROR(LABEL, "Grant dialog wait security component %{public}d is nullptr", scId); return SC_SERVICE_ERROR_COMPONENT_NOT_EXIST; } - int32_t res = sc->GrantTempPermission(); + std::string message = ""; + int32_t res = sc->GrantTempPermission(message); if (res != SC_OK) { OHOS::AppExecFwk::BundleMgrClient bmsClient; std::string bundleName = ""; diff --git a/services/security_component_service/sa/sa_main/sec_comp_entity.cpp b/services/security_component_service/sa/sa_main/sec_comp_entity.cpp index 30a7caa938fef5feb2da78ada9ea707ed299e3f4..933876a67e5ce8a3cbac08a909602a0cfc87239a 100644 --- a/services/security_component_service/sa/sa_main/sec_comp_entity.cpp +++ b/services/security_component_service/sa/sa_main/sec_comp_entity.cpp @@ -46,10 +46,10 @@ constexpr const char *QUERY_KEYWORD = "accessibility_screenreader_enabled"; static bool IsScreenReadMode(); } -int32_t SecCompEntity::GrantTempPermission() +int32_t SecCompEntity::GrantTempPermission(std::string& message) { isGrant_ = true; - return SecCompPermManager::GetInstance().GrantTempPermission(tokenId_, componentInfo_); + return SecCompPermManager::GetInstance().GrantTempPermission(tokenId_, componentInfo_, message); } bool SecCompEntity::CompareComponentBasicInfo(SecCompBase* other, bool isRectCheck) const @@ -57,13 +57,16 @@ bool SecCompEntity::CompareComponentBasicInfo(SecCompBase* other, bool isRectChe return componentInfo_->CompareComponentBasicInfo(other, isRectCheck); } -int32_t SecCompEntity::CheckPointEvent(const SecCompClickEvent& clickInfo) const +int32_t SecCompEntity::CheckPointEvent(const SecCompClickEvent& clickInfo, std::string& message) const { auto current = static_cast( std::chrono::high_resolution_clock::now().time_since_epoch().count()) / TIME_CONVERSION_UNIT; if (clickInfo.point.timestamp < current - MAX_TOUCH_INTERVAL || clickInfo.point.timestamp > current) { SC_LOG_ERROR(LABEL, "touch timestamp invalid clickInfo. timestamp: %{public}llu, current: %{public}llu", static_cast(clickInfo.point.timestamp), static_cast(current)); + message = ", touch timestamp invalid clickInfo. timestamp: " + + std::to_string(clickInfo.point.timestamp) + ", " + + "current: " + std::to_string(current); return SC_SERVICE_ERROR_CLICK_EVENT_INVALID; } @@ -74,46 +77,57 @@ int32_t SecCompEntity::CheckPointEvent(const SecCompClickEvent& clickInfo) const clickInfo.point.touchX, clickInfo.point.touchY, componentInfo_->rect_.x_, componentInfo_->rect_.y_, componentInfo_->rect_.x_ + componentInfo_->rect_.width_, componentInfo_->rect_.y_ + componentInfo_->rect_.height_); + message = ", touch point is not in component rect = ( " + + std::to_string(clickInfo.point.touchX) + ", " + + std::to_string(clickInfo.point.touchY) + ", " + + std::to_string(componentInfo_->rect_.x_) + ", " + + std::to_string(componentInfo_->rect_.y_) + ", " + + std::to_string(componentInfo_->rect_.x_ + componentInfo_->rect_.width_) + + ", " + std::to_string(componentInfo_->rect_.y_ + componentInfo_->rect_.height_) + ")"; return SC_SERVICE_ERROR_CLICK_EVENT_INVALID; } return SC_OK; } -int32_t SecCompEntity::CheckKeyEvent(const SecCompClickEvent& clickInfo) const +int32_t SecCompEntity::CheckKeyEvent(const SecCompClickEvent& clickInfo, std::string& message) const { auto current = static_cast( std::chrono::high_resolution_clock::now().time_since_epoch().count()) / TIME_CONVERSION_UNIT; if (clickInfo.key.timestamp < current - MAX_TOUCH_INTERVAL || clickInfo.key.timestamp > current) { SC_LOG_ERROR(LABEL, "keyboard timestamp invalid clickInfo. timestamp: %{public}llu, current: %{public}llu", static_cast(clickInfo.key.timestamp), static_cast(current)); + message = ", keyboard timestamp invalid clickInfo. timestamp: " + + std::to_string(clickInfo.key.timestamp) + + "current: " + std::to_string(current); return SC_SERVICE_ERROR_CLICK_EVENT_INVALID; } if ((clickInfo.key.keyCode != KEY_SPACE) && (clickInfo.key.keyCode != KEY_ENTER) && (clickInfo.key.keyCode != KEY_NUMPAD_ENTER)) { SC_LOG_ERROR(LABEL, "keyboard keyCode invalid. keyCode: %{public}d", clickInfo.key.keyCode); + message = ", keyboard keyCode invalid. keyCode: " + std::to_string(clickInfo.key.keyCode); return SC_SERVICE_ERROR_CLICK_EVENT_INVALID; } return SC_OK; } -int32_t SecCompEntity::CheckClickInfo(const SecCompClickEvent& clickInfo) const +int32_t SecCompEntity::CheckClickInfo(const SecCompClickEvent& clickInfo, std::string& message) const { if (!WindowInfoHelper::CheckOtherWindowCoverComp(componentInfo_->windowId_, - componentInfo_->rect_)) { + componentInfo_->rect_, message)) { SC_LOG_ERROR(LABEL, "Component may be covered by other window"); - return SC_SERVICE_ERROR_CLICK_EVENT_INVALID; + return SC_SERVICE_ERROR_COMPONENT_IS_COVERED; } int32_t res = SC_SERVICE_ERROR_CLICK_EVENT_INVALID; bool isScreenReadMode = IsScreenReadMode(); if (clickInfo.type == ClickEventType::POINT_EVENT_TYPE && !isScreenReadMode) { - res = CheckPointEvent(clickInfo); + res = CheckPointEvent(clickInfo, message); } else if (clickInfo.type == ClickEventType::POINT_EVENT_TYPE && isScreenReadMode) { SC_LOG_WARN(LABEL, "Device is in screen read mode, skip event check."); return SC_OK; } else if (clickInfo.type == ClickEventType::KEY_EVENT_TYPE) { - res = CheckKeyEvent(clickInfo); + res = CheckKeyEvent(clickInfo, message); } if (res != SC_OK) { return res; @@ -122,6 +136,7 @@ int32_t SecCompEntity::CheckClickInfo(const SecCompClickEvent& clickInfo) const res = SecCompEnhanceAdapter::CheckExtraInfo(clickInfo); if (res == SC_SERVICE_ERROR_CLICK_EVENT_INVALID) { SC_LOG_ERROR(LABEL, "Click ExtraInfo is invalid"); + message = ", Click ExtraInfo is invalid"; return res; } @@ -134,6 +149,7 @@ int32_t SecCompEntity::CheckClickInfo(const SecCompClickEvent& clickInfo) const HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::SEC_COMPONENT, "CLICK_INFO_CHECK_FAILED", HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", uid, "CALLER_BUNDLE_NAME", bundleName, "CALLER_PID", IPCSkeleton::GetCallingPid(), "SC_ID", scId_, "SC_TYPE", componentInfo_->type_); + message = ", HMAC checkout failed"; return SC_ENHANCE_ERROR_CLICK_EXTRA_CHECK_FAIL; } return SC_OK; diff --git a/services/security_component_service/sa/sa_main/sec_comp_entity.h b/services/security_component_service/sa/sa_main/sec_comp_entity.h index 2bc4d64f16c118f3477fc51945c3e75afbc243b3..51143fd9df194e8ba7dad5c93ce7b49366346953 100644 --- a/services/security_component_service/sa/sa_main/sec_comp_entity.h +++ b/services/security_component_service/sa/sa_main/sec_comp_entity.h @@ -19,6 +19,7 @@ #include "accesstoken_kit.h" #include "sec_comp_base.h" #include "sec_comp_info.h" +#include "sec_comp_err.h" #include "sec_comp_perm_manager.h" namespace OHOS { @@ -31,7 +32,7 @@ public: : componentInfo_(component), tokenId_(token), scId_(scId), pid_(pid), uid_(uid) {}; ~SecCompEntity() = default; int32_t RevokeTempPermission(); - int32_t GrantTempPermission(); + int32_t GrantTempPermission(std::string& message); SecCompType GetType() const { if (componentInfo_ == nullptr) { @@ -46,7 +47,7 @@ public: } bool CompareComponentBasicInfo(SecCompBase* other, bool isRectCheck) const; - int32_t CheckClickInfo(const SecCompClickEvent& clickInfo) const; + int32_t CheckClickInfo(const SecCompClickEvent& clickInfo, std::string& message) const; std::shared_ptr componentInfo_; AccessToken::AccessTokenID tokenId_; @@ -55,8 +56,8 @@ public: int32_t uid_; private: - int32_t CheckKeyEvent(const SecCompClickEvent& clickInfo) const; - int32_t CheckPointEvent(const SecCompClickEvent& clickInfo) const; + int32_t CheckKeyEvent(const SecCompClickEvent& clickInfo, std::string& message) const; + int32_t CheckPointEvent(const SecCompClickEvent& clickInfo, std::string& message) const; bool isGrant_ = false; }; } // namespace SecurityComponent diff --git a/services/security_component_service/sa/sa_main/sec_comp_info_helper.cpp b/services/security_component_service/sa/sa_main/sec_comp_info_helper.cpp index a92c0d8a7a598ef2fc0a9e1a6637906d0dda369a..46d3a1acd5306d50f03f427a6e43b9b712ebd27d 100644 --- a/services/security_component_service/sa/sa_main/sec_comp_info_helper.cpp +++ b/services/security_component_service/sa/sa_main/sec_comp_info_helper.cpp @@ -33,6 +33,10 @@ namespace { constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_SECURITY_COMPONENT, "SecCompInfoHelper"}; static constexpr double MAX_RECT_PERCENT = 0.1F; // 10% static constexpr double ZERO_OFFSET = 0.0F; +const std::string OUT_OF_SCREEN = ", security component is out of screen, x = "; +const std::string OUT_OF_WINDOW = ", security component is out of window, x = "; +const std::string LARGER_THAN_TEN_PERCENT = ", security component is larger than 10 percent of screen, width = "; +const std::string SEC_COM_ID = "security component id = "; } void SecCompInfoHelper::AdjustSecCompRect(SecCompBase* comp, float scale) @@ -68,7 +72,7 @@ SecCompBase* SecCompInfoHelper::ParseComponent(SecCompType type, const nlohmann: return comp; } - comp->SetValid(CheckComponentValid(comp)); + comp->SetValid(CheckComponentValid(comp).errCode == SC_OK); return comp; } @@ -94,54 +98,125 @@ static bool GetScreenSize(double& width, double& height, const uint64_t displayI return true; } -bool SecCompInfoHelper::CheckRectValid(const SecCompRect& rect, const SecCompRect& windowRect, - const uint64_t displayId) +static SCErrInfo CheckRectDisplayOut(const SecCompRect& rect, const SecCompRect& windowRect, + double curScreenWidth, double curScreenHeight) { - double curScreenWidth = 0.0F; - double curScreenHeight = 0.0F; - if (!GetScreenSize(curScreenWidth, curScreenHeight, displayId)) { - SC_LOG_ERROR(LABEL, "Get screen size is invalid"); - return false; - } - - if (GreatOrEqual(0.0, rect.width_) || GreatOrEqual(0.0, rect.height_)) { - SC_LOG_ERROR(LABEL, "width or height is <= 0"); - return false; - } - + SCErrInfo errInfo; if (GreatNotEqual(ZERO_OFFSET, rect.x_) || GreatNotEqual(ZERO_OFFSET, rect.y_) || GreatNotEqual(rect.x_, curScreenWidth) || GreatNotEqual(rect.y_, curScreenHeight)) { SC_LOG_ERROR(LABEL, "SecurityComponentCheckFail: security component is out of screen"); - return false; + errInfo.SetErrInfo(SC_SERVICE_ERROR_COMPONENT_DISPLAY_OUT, OUT_OF_SCREEN + std::to_string(rect.x_) + + ", y = " + std::to_string(rect.y_) + ", curScreenWidth " + std::to_string(curScreenWidth) + + ", curScreenHeight " + std::to_string(curScreenHeight)); + return errInfo; } if (GreatOrEqual((rect.x_ + rect.width_), curScreenWidth) || GreatOrEqual((rect.y_ + rect.height_), curScreenHeight)) { SC_LOG_ERROR(LABEL, "SecurityComponentCheckFail: security component is out of screen"); - return false; + errInfo.SetErrInfo(SC_SERVICE_ERROR_COMPONENT_DISPLAY_OUT, OUT_OF_SCREEN + std::to_string(rect.x_) + + ", y = " + std::to_string(rect.y_) + ", width = " + std::to_string(rect.width_) + ", height = " + + std::to_string(rect.height_) + ", curScreenWidth " + std::to_string(curScreenWidth) + ", curScreenHeight " + + std::to_string(curScreenHeight)); + return errInfo; } if (GreatNotEqual(windowRect.x_, rect.x_) || GreatNotEqual(windowRect.y_, rect.y_) || GreatNotEqual(rect.x_ + rect.width_, windowRect.x_ + windowRect.width_) || GreatNotEqual(rect.y_ + rect.height_, windowRect.y_ + windowRect.height_)) { SC_LOG_ERROR(LABEL, "SecurityComponentCheckFail: security component is out of window"); - return false; + errInfo.SetErrInfo(SC_SERVICE_ERROR_COMPONENT_DISPLAY_OUT, OUT_OF_WINDOW + std::to_string(rect.x_) + + ", y = " + std::to_string(rect.y_) + ", width = " + std::to_string(rect.width_) + ", height = " + + std::to_string(rect.height_) + ", windowRect x = " + std::to_string(windowRect.x_) + ", windowRect y = " + + std::to_string(windowRect.y_) + ", windowRect width = " + std::to_string(windowRect.width_) + + ", windowRect height = " + std::to_string(windowRect.height_)); + return errInfo; } // check rect > 10% if (GreatOrEqual((rect.width_ * rect.height_), (curScreenWidth * curScreenHeight * MAX_RECT_PERCENT))) { SC_LOG_ERROR(LABEL, "SecurityComponentCheckFail: security component is larger than 10 percent of screen"); - return false; + errInfo.SetErrInfo(SC_SERVICE_ERROR_COMPONENT_DISPLAY_OUT, LARGER_THAN_TEN_PERCENT + + std::to_string(rect.width_) + ", height = " + std::to_string(rect.height_) + ", curScreenWidth " + + std::to_string(curScreenWidth) + ", curScreenHeight " + std::to_string(curScreenHeight)); + return errInfo; + } + return errInfo; +} + +SCErrInfo SecCompInfoHelper::CheckRectValid(const SecCompRect& rect, const SecCompRect& windowRect, + const uint64_t displayId) +{ + double curScreenWidth = 0.0F; + double curScreenHeight = 0.0F; + SCErrInfo errInfo; + if (!GetScreenSize(curScreenWidth, curScreenHeight, displayId)) { + SC_LOG_ERROR(LABEL, "Get screen size is invalid"); + errInfo.SetErrInfo(SC_SERVICE_ERROR_COMPONENT_INFO_INVALID, ", Get screen size is invalid"); + return errInfo; + } + + if (GreatOrEqual(0.0, rect.width_) || GreatOrEqual(0.0, rect.height_)) { + SC_LOG_ERROR(LABEL, "width or height is <= 0"); + errInfo.SetErrInfo(SC_SERVICE_ERROR_COMPONENT_INFO_INVALID, ", width or height is <= 0, width = " + + std::to_string(rect.width_) + ", height = " + std::to_string(rect.height_)); + return errInfo; + } + + errInfo = CheckRectDisplayOut(rect, windowRect, curScreenWidth, curScreenHeight); + if (errInfo.errCode != SC_OK) { + return errInfo; } SC_LOG_DEBUG(LABEL, "check component rect success."); - return true; + return errInfo; } -static bool CheckSecCompBaseButton(const SecCompBase* comp) +static SCErrInfo CheckSecCompBaseButtonColorSimilar(const SecCompBase* comp) +{ + SCErrInfo errInfo; + if ((comp->bg_ != SecCompBackground::NO_BG_TYPE) && !IsColorFullTransparent(comp->bgColor_) && + (comp->icon_ != NO_TEXT) && IsColorSimilar(comp->iconColor_, comp->bgColor_)) { + SC_LOG_INFO(LABEL, "SecurityComponentCheckFail: iconColor is similar with backgroundColor."); + errInfo.errMsg = "security component id = " + std::to_string(comp->nodeId_) + + ", scType = " + std::to_string(comp->type_) + + ", iconColor is similar with backgroundColor, iconColor = " + + std::to_string(comp->iconColor_.value) + ", bgColor = " + std::to_string(comp->bgColor_.value); + errInfo.errCode = SC_SERVICE_ERROR_COLOR_SIMILARITY; + return errInfo; + } + + if ((comp->bg_ != SecCompBackground::NO_BG_TYPE) && !IsColorFullTransparent(comp->bgColor_) && + (comp->text_ != NO_TEXT) && IsColorSimilar(comp->fontColor_, comp->bgColor_)) { + SC_LOG_INFO(LABEL, "SecurityComponentCheckFail: fontColor is similar with backgroundColor."); + errInfo.errMsg = "security component id = " + std::to_string(comp->nodeId_) + + ", scType = " + std::to_string(comp->type_) + + ", fontColor is similar with backgroundColor, fontColor = " + + std::to_string(comp->fontColor_.value) + ", bgColor = " + std::to_string(comp->bgColor_.value); + errInfo.errCode = SC_SERVICE_ERROR_COLOR_SIMILARITY; + return errInfo; + } + + if (comp->bg_ == SecCompBackground::NO_BG_TYPE && + ((comp->padding_.top != MIN_PADDING_WITHOUT_BG) || (comp->padding_.right != MIN_PADDING_WITHOUT_BG) || + (comp->padding_.bottom != MIN_PADDING_WITHOUT_BG) || (comp->padding_.left != MIN_PADDING_WITHOUT_BG))) { + SC_LOG_INFO(LABEL, "padding can not change without background."); + errInfo.errMsg = "security component id = " + std::to_string(comp->nodeId_) + + ", scType = " + std::to_string(comp->type_) + ", padding can not change without background"; + errInfo.errCode = SC_SERVICE_ERROR_PADDING_FAIL; + return errInfo; + } + + return errInfo; +} +static SCErrInfo CheckSecCompBaseButton(const SecCompBase* comp) { + SCErrInfo errInfo; if ((comp->text_ < 0) && (comp->icon_ < 0)) { SC_LOG_INFO(LABEL, "both text and icon do not exist."); - return false; + errInfo.errMsg = "security component id = " + std::to_string(comp->nodeId_) + + ", scType = " + std::to_string(comp->type_) + ", both text and icon do not exist."; + errInfo.errCode = SC_SERVICE_ERROR_COMPONENT_INFO_INVALID; + return errInfo; } if (comp->text_ >= 0) { DimensionT minFontSize; @@ -153,62 +228,93 @@ static bool CheckSecCompBaseButton(const SecCompBase* comp) if (comp->fontSize_ < minFontSize) { SC_LOG_INFO(LABEL, "SecurityComponentCheckFail: fontSize is too small."); - return false; + errInfo.errMsg = "security component id = " + std::to_string(comp->nodeId_) + + ", scType = " + std::to_string(comp->type_) + + ", fontSize is too small, fontSize = " + std::to_string(comp->fontSize_); + errInfo.errCode = SC_SERVICE_ERROR_SIZE_ANOMALY; + return errInfo; } } if ((comp->icon_ >= 0) && comp->iconSize_ < MIN_ICON_SIZE) { SC_LOG_INFO(LABEL, "SecurityComponentCheckFail: iconSize is too small."); - return false; + errInfo.errMsg = "security component id = " + std::to_string(comp->nodeId_) + + ", scType = " + std::to_string(comp->type_) + + ", iconSize is too small, iconSize = " + std::to_string(comp->iconSize_); + errInfo.errCode = SC_SERVICE_ERROR_SIZE_ANOMALY; + return errInfo; } - if ((comp->bg_ != SecCompBackground::NO_BG_TYPE) && !IsColorFullTransparent(comp->bgColor_) && - (((comp->text_ != NO_TEXT) && (IsColorSimilar(comp->fontColor_, comp->bgColor_))) || - ((comp->icon_ != NO_ICON) && (IsColorSimilar(comp->iconColor_, comp->bgColor_))))) { - SC_LOG_INFO(LABEL, "SecurityComponentCheckFail: fontColor or iconColor is similar with backgroundColor."); - return false; + auto res = CheckSecCompBaseButtonColorSimilar(comp); + if (res.errCode != SC_OK) { + return res; } - - if (comp->bg_ == SecCompBackground::NO_BG_TYPE && - ((comp->padding_.top != MIN_PADDING_WITHOUT_BG) || (comp->padding_.right != MIN_PADDING_WITHOUT_BG) || - (comp->padding_.bottom != MIN_PADDING_WITHOUT_BG) || (comp->padding_.left != MIN_PADDING_WITHOUT_BG))) { - SC_LOG_INFO(LABEL, "padding can not change without background."); - return false; - } - - return true; + return errInfo; } -static bool CheckSecCompBase(const SecCompBase* comp) +static SCErrInfo CheckSecCompBase(const SecCompBase* comp) { + SCErrInfo errInfo; if (comp->parentEffect_) { SC_LOG_ERROR(LABEL, "SecurityComponentCheckFail: the parents of security component have invalid effect."); - return false; + errInfo.errCode = SC_SERVICE_ERROR_PARENT_COMPONENT_DISALLOWS_PROPERTY; + return errInfo; } if ((comp->padding_.top < MIN_PADDING_SIZE) || (comp->padding_.right < MIN_PADDING_SIZE) || - (comp->padding_.bottom < MIN_PADDING_SIZE) || (comp->padding_.left < MIN_PADDING_SIZE) || - (comp->textIconSpace_ < MIN_PADDING_SIZE)) { - SC_LOG_ERROR(LABEL, "SecurityComponentCheckFail: padding or textIconSpace is too small."); - return false; + (comp->padding_.bottom < MIN_PADDING_SIZE) || (comp->padding_.left < MIN_PADDING_SIZE)) { + SC_LOG_ERROR(LABEL, "SecurityComponentCheckFail: padding is too small."); + errInfo.errMsg = SEC_COM_ID + std::to_string(comp->nodeId_) + + ", scType = " + std::to_string(comp->type_) + ", padding is too small , padding.top = " + + std::to_string(comp->padding_.top) + ", padding.right = " + std::to_string(comp->padding_.right) + + ", padding.bottom = " + std::to_string(comp->padding_.bottom) + + ", padding.left = " + std::to_string(comp->padding_.left); + errInfo.errCode = SC_SERVICE_ERROR_SIZE_ANOMALY; + return errInfo; } - if (((comp->text_ != NO_TEXT) && (IsColorTransparent(comp->fontColor_))) || - ((comp->icon_ != NO_ICON) && (IsColorTransparent(comp->iconColor_)))) { - SC_LOG_ERROR(LABEL, "SecurityComponentCheckFail: fontColor or iconColor is too transparent."); - return false; + if ((comp->textIconSpace_ < MIN_PADDING_SIZE)) { + SC_LOG_ERROR(LABEL, "SecurityComponentCheckFail: textIconSpace is too small."); + errInfo.errMsg = SEC_COM_ID + std::to_string(comp->nodeId_) + + ", scType = " + std::to_string(comp->type_) + ", textIconSpace is too small, textIconSpace = " + + std::to_string(comp->textIconSpace_); + errInfo.errCode = SC_SERVICE_ERROR_SIZE_ANOMALY; + return errInfo; } - if (!CheckSecCompBaseButton(comp)) { - return false; + + if ((comp->text_ != NO_TEXT) && (IsColorTransparent(comp->fontColor_))) { + SC_LOG_ERROR(LABEL, "SecurityComponentCheckFail: fontColor is too transparent."); + errInfo.errMsg = SEC_COM_ID + std::to_string(comp->nodeId_) + ", scType = " + std::to_string(comp->type_) + + ", fontColor is too transparent, fontColor = " + std::to_string(comp->fontColor_.value); + errInfo.errCode = SC_SERVICE_ERROR_TRANSPARENCE_ANOMALY; + return errInfo; } - return true; + + if ((comp->icon_ != NO_ICON) && (IsColorTransparent(comp->iconColor_))) { + SC_LOG_ERROR(LABEL, "SecurityComponentCheckFail: iconColor is too transparent."); + errInfo.SetErrInfo(SC_SERVICE_ERROR_TRANSPARENCE_ANOMALY, SEC_COM_ID + std::to_string(comp->nodeId_) + + ", scType = " + std::to_string(comp->type_) + ", iconColor is too transparent, iconColor = " + + std::to_string(comp->iconColor_.value)); + return errInfo; + } + + auto res = CheckSecCompBaseButton(comp); + if (res.errCode != SC_OK) { + SC_LOG_INFO(LABEL, "SecComp base is invalid."); + return res; + } + return errInfo; } -bool SecCompInfoHelper::CheckComponentValid(SecCompBase* comp) +SCErrInfo SecCompInfoHelper::CheckComponentValid(SecCompBase* comp) { + SCErrInfo errInfo; if ((comp == nullptr) || !IsComponentTypeValid(comp->type_)) { SC_LOG_INFO(LABEL, "comp is null or type is invalid."); - return false; + errInfo.errMsg = "security component id = " + std::to_string(comp->nodeId_) + + ", scType = " + std::to_string(comp->type_) + ", comp is null or type is invalid"; + errInfo.errCode = SC_SERVICE_ERROR_COMPONENT_INFO_INVALID; + return errInfo; } float scale = WindowInfoHelper::GetWindowScale(comp->windowId_); @@ -217,12 +323,12 @@ bool SecCompInfoHelper::CheckComponentValid(SecCompBase* comp) AdjustSecCompRect(comp, scale); } - if (!CheckSecCompBase(comp)) { + auto res = CheckSecCompBase(comp); + if (res.errCode != SC_OK) { SC_LOG_INFO(LABEL, "SecComp base is invalid."); - return false; + return res; } - - return true; + return errInfo; } } // namespace SecurityComponent } // namespace Security diff --git a/services/security_component_service/sa/sa_main/sec_comp_manager.cpp b/services/security_component_service/sa/sa_main/sec_comp_manager.cpp index bda0d42bdf80926701096f00d2908a230b91cc07..d694b917b36dfaaab71c80363bb847a1cba4c5b4 100644 --- a/services/security_component_service/sa/sa_main/sec_comp_manager.cpp +++ b/services/security_component_service/sa/sa_main/sec_comp_manager.cpp @@ -36,6 +36,7 @@ static constexpr int32_t MAX_INT_NUM = 0x7fffffff; static constexpr int32_t MAX_SINGLE_PROC_COMP_SIZE = 500; static constexpr unsigned long REPORT_REMOTE_OBJECT_SIZE = 2UL; static std::mutex g_instanceMutex; +const std::string START_DIALOG = "start dialog, onclick will be trap after dialog closed."; } SecCompManager::SecCompManager() @@ -443,7 +444,14 @@ int32_t SecCompManager::UnregisterSecurityComponent(int32_t scId, const SecCompC return DeleteSecurityComponentFromList(caller.pid, scId); } -int32_t SecCompManager::CheckClickSecurityComponentInfo(std::shared_ptr sc, int32_t scId, +static void ReportEvent(int32_t scId, SecCompType scType, const std::string& bundleName, int32_t uid) +{ + HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::SEC_COMPONENT, "COMPONENT_INFO_CHECK_FAILED", + HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", uid, "CALLER_BUNDLE_NAME", bundleName, + "CALLER_PID", IPCSkeleton::GetCallingPid(), "SC_ID", scId, "CALL_SCENE", "CLICK", "SC_TYPE", scType); +} + +SCErrInfo SecCompManager::CheckClickSecurityComponentInfo(std::shared_ptr sc, int32_t scId, const nlohmann::json& jsonComponent, const SecCompCallerInfo& caller) { SC_LOG_DEBUG(LABEL, "PID: %{public}d, Check security component", caller.pid); @@ -453,13 +461,18 @@ int32_t SecCompManager::CheckClickSecurityComponentInfo(std::shared_ptrGetValid())) { SC_LOG_ERROR(LABEL, "report component info invalid"); - HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::SEC_COMPONENT, "COMPONENT_INFO_CHECK_FAILED", - HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", uid, "CALLER_BUNDLE_NAME", bundleName, - "CALLER_PID", IPCSkeleton::GetCallingPid(), "SC_ID", scId, "CALL_SCENE", "CLICK", "SC_TYPE", - sc->GetType()); - return SC_SERVICE_ERROR_COMPONENT_INFO_INVALID; + ReportEvent(scId, sc->GetType(), bundleName, uid); + if (!reportComponentInfo->GetValid()) { + auto res = SecCompInfoHelper::CheckComponentValid(report); + if (res.errCode != SC_OK) { + return res; + } + } + errInfo.SetErrInfo(SC_SERVICE_ERROR_COMPONENT_INFO_INVALID, "ComponentInfo is null"); + return errInfo; } if (report && (report->isClipped_)) { HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::SEC_COMPONENT, "CLIP_CHECK_FAILED", @@ -467,14 +480,14 @@ int32_t SecCompManager::CheckClickSecurityComponentInfo(std::shared_ptrrect_, reportComponentInfo->windowRect_, - report->displayId_))) { + auto res = SecCompInfoHelper::CheckRectValid(reportComponentInfo->rect_, reportComponentInfo->windowRect_, + report->displayId_); + if (res.errCode != SC_OK) { SC_LOG_ERROR(LABEL, "compare component info failed."); - HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::SEC_COMPONENT, "COMPONENT_INFO_CHECK_FAILED", - HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", uid, "CALLER_BUNDLE_NAME", bundleName, - "CALLER_PID", IPCSkeleton::GetCallingPid(), "SC_ID", scId, "CALL_SCENE", "CLICK", "SC_TYPE", - sc->GetType()); - return SC_SERVICE_ERROR_COMPONENT_INFO_INVALID; + ReportEvent(scId, sc->GetType(), bundleName, uid); + errInfo.SetErrInfo(res.errCode, "security component id = " + std::to_string(sc->componentInfo_->nodeId_) + + ", scType = " + std::to_string(sc->GetType()) + res.errMsg); + return errInfo; } int32_t enhanceRes = SecCompEnhanceAdapter::CheckComponentInfoEnhance(caller.pid, reportComponentInfo, jsonComponent); @@ -482,11 +495,12 @@ int32_t SecCompManager::CheckClickSecurityComponentInfo(std::shared_ptrGetType(), "CLICK", enhanceRes); SC_LOG_ERROR(LABEL, "enhance check failed"); malicious_.AddAppToMaliciousAppList(caller.pid); - return enhanceRes; + errInfo.SetErrInfo(enhanceRes, "enhance check failed"); + return errInfo; } sc->componentInfo_ = reportComponentInfo; - return SC_OK; + return errInfo; } static void ReportEvent(std::string eventName, HiviewDFX::HiSysEvent::EventType eventType, int32_t scId, @@ -501,61 +515,83 @@ static void ReportEvent(std::string eventName, HiviewDFX::HiSysEvent::EventType "CALLER_PID", IPCSkeleton::GetCallingPid(), "SC_ID", scId, "SC_TYPE", scType); } -int32_t SecCompManager::ReportSecurityComponentClickEvent(int32_t scId, +static void ReportEvent(std::string eventName, int32_t scId, SecCompType scType) +{ + HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::SEC_COMPONENT, eventName, + HiviewDFX::HiSysEvent::EventType::BEHAVIOR, "CALLER_UID", IPCSkeleton::GetCallingUid(), + "CALLER_PID", IPCSkeleton::GetCallingPid(), "SC_ID", scId, "SC_TYPE", scType); +} + +SCErrInfo SecCompManager::CheckClickInfo(int32_t scId, const SecCompClickEvent& clickInfo, + std::shared_ptr sc, const SecCompCallerInfo& caller) +{ + std::string message; + SCErrInfo errInfo; + int32_t res = sc->CheckClickInfo(clickInfo, message); + if (res != SC_OK) { + ReportEvent("CLICK_INFO_CHECK_FAILED", HiviewDFX::HiSysEvent::EventType::SECURITY, + scId, sc->GetType()); + if (res == SC_ENHANCE_ERROR_CLICK_EXTRA_CHECK_FAIL) { + malicious_.AddAppToMaliciousAppList(caller.pid); + } + errInfo.errMsg = "scId = " + std::to_string(scId) + ", scType = " + std::to_string(sc->GetType()) + message; + errInfo.errCode = res; + return errInfo; + } + return errInfo; +} +SCErrInfo SecCompManager::ReportSecurityComponentClickEvent(int32_t scId, const nlohmann::json& jsonComponent, const SecCompCallerInfo& caller, const SecCompClickEvent& clickInfo, const std::vector>& remote) { + SCErrInfo errInfo; if (remote.size() < REPORT_REMOTE_OBJECT_SIZE) { - return SC_SERVICE_ERROR_VALUE_INVALID; + errInfo.SetErrInfo(SC_SERVICE_ERROR_VALUE_INVALID, "remote object size is invalid"); + return errInfo; } auto callerToken = remote[0]; auto dialogCallback = remote[1]; if (malicious_.IsInMaliciousAppList(caller.pid, caller.uid)) { SC_LOG_ERROR(LABEL, "app is in MaliciousAppList, never allow it"); - return SC_ENHANCE_ERROR_IN_MALICIOUS_LIST; + errInfo.SetErrInfo(SC_ENHANCE_ERROR_IN_MALICIOUS_LIST, "app is in MaliciousAppList, never allow it"); + return errInfo; } OHOS::Utils::UniqueReadGuard lk(this->componentInfoLock_); std::shared_ptr sc = GetSecurityComponentFromList(caller.pid, scId); if (sc == nullptr) { SC_LOG_ERROR(LABEL, "Can not find target component"); - return SC_SERVICE_ERROR_COMPONENT_NOT_EXIST; + errInfo.SetErrInfo(SC_SERVICE_ERROR_COMPONENT_NOT_EXIST, "Can not find target component"); + return errInfo; } - int32_t res = CheckClickSecurityComponentInfo(sc, scId, jsonComponent, caller); - if (res != SC_OK) { - return res; + errInfo = CheckClickSecurityComponentInfo(sc, scId, jsonComponent, caller); + if (errInfo.errCode != SC_OK) { + return errInfo; } - res = sc->CheckClickInfo(clickInfo); - if (res != SC_OK) { - ReportEvent("CLICK_INFO_CHECK_FAILED", HiviewDFX::HiSysEvent::EventType::SECURITY, - scId, sc->GetType()); - if (res == SC_ENHANCE_ERROR_CLICK_EXTRA_CHECK_FAIL) { - malicious_.AddAppToMaliciousAppList(caller.pid); - } - - return SC_SERVICE_ERROR_CLICK_EVENT_INVALID; + errInfo = CheckClickInfo(scId, clickInfo, sc, caller); + if (errInfo.errCode != SC_OK) { + return errInfo; } SecCompBase* report = SecCompInfoHelper::ParseComponent(sc->GetType(), jsonComponent); if (FirstUseDialog::GetInstance().NotifyFirstUseDialog(sc, callerToken, dialogCallback, report->displayId_) == SC_SERVICE_ERROR_WAIT_FOR_DIALOG_CLOSE) { SC_LOG_INFO(LABEL, "start dialog, onclick will be trap after dialog closed."); - return SC_SERVICE_ERROR_WAIT_FOR_DIALOG_CLOSE; + errInfo.SetErrInfo(SC_SERVICE_ERROR_WAIT_FOR_DIALOG_CLOSE, START_DIALOG); + return errInfo; } - - res = sc->GrantTempPermission(); + std::string message; + int32_t res = sc->GrantTempPermission(message); if (res != SC_OK) { - ReportEvent("TEMP_GRANT_FAILED", HiviewDFX::HiSysEvent::EventType::FAULT, - scId, sc->GetType()); - return res; + ReportEvent("TEMP_GRANT_FAILED", HiviewDFX::HiSysEvent::EventType::FAULT, scId, sc->GetType()); + errInfo.SetErrInfo(res, message); + return errInfo; } - HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::SEC_COMPONENT, "TEMP_GRANT_SUCCESS", - HiviewDFX::HiSysEvent::EventType::BEHAVIOR, "CALLER_UID", IPCSkeleton::GetCallingUid(), - "CALLER_PID", IPCSkeleton::GetCallingPid(), "SC_ID", scId, "SC_TYPE", sc->GetType()); - return res; + ReportEvent("TEMP_GRANT_SUCCESS", scId, sc->GetType()); + return errInfo; } void SecCompManager::DumpSecComp(std::string& dumpStr) diff --git a/services/security_component_service/sa/sa_main/sec_comp_manager.h b/services/security_component_service/sa/sa_main/sec_comp_manager.h index 04d85e4e2634f0f56c9723214e4611800ac70df3..fb53b040cb7bfcec2eb43cd4af8c548f5679045f 100644 --- a/services/security_component_service/sa/sa_main/sec_comp_manager.h +++ b/services/security_component_service/sa/sa_main/sec_comp_manager.h @@ -57,7 +57,7 @@ public: int32_t UpdateSecurityComponent(int32_t scId, const nlohmann::json& jsonComponent, const SecCompCallerInfo& caller); int32_t UnregisterSecurityComponent(int32_t scId, const SecCompCallerInfo& caller); - int32_t ReportSecurityComponentClickEvent(int32_t scId, const nlohmann::json& jsonComponent, + SCErrInfo ReportSecurityComponentClickEvent(int32_t scId, const nlohmann::json& jsonComponent, const SecCompCallerInfo& caller, const SecCompClickEvent& clickInfo, const std::vector>& remote); void NotifyProcessForeground(int32_t pid); @@ -77,11 +77,13 @@ private: AccessToken::AccessTokenID tokenId, std::shared_ptr newEntity); int32_t DeleteSecurityComponentFromList(int32_t pid, int32_t scId); std::shared_ptr GetSecurityComponentFromList(int32_t pid, int32_t scId); - int32_t CheckClickSecurityComponentInfo(std::shared_ptr sc, int32_t scId, + SCErrInfo CheckClickSecurityComponentInfo(std::shared_ptr sc, int32_t scId, const nlohmann::json& jsonComponent, const SecCompCallerInfo& caller); void SendCheckInfoEnhanceSysEvent(int32_t scId, SecCompType type, const std::string& scene, int32_t res); int32_t CreateScId(); + SCErrInfo CheckClickInfo(int32_t scId, const SecCompClickEvent& clickInfo, + std::shared_ptr sc, const SecCompCallerInfo& caller); OHOS::Utils::RWLock componentInfoLock_; std::mutex scIdMtx_; @@ -92,7 +94,7 @@ private: std::shared_ptr secRunner_; std::shared_ptr secHandler_; SecCompMaliciousApps malicious_; - + std::function exitSaProcessFunc_ = []() { return; }; DISALLOW_COPY_AND_MOVE(SecCompManager); }; diff --git a/services/security_component_service/sa/sa_main/sec_comp_perm_manager.cpp b/services/security_component_service/sa/sa_main/sec_comp_perm_manager.cpp index 9fd40aa63dd77b66872a15b834297f6c5186607a..bc8173356c16e4da1926bcc00abb4e0da02000b3 100644 --- a/services/security_component_service/sa/sa_main/sec_comp_perm_manager.cpp +++ b/services/security_component_service/sa/sa_main/sec_comp_perm_manager.cpp @@ -26,6 +26,11 @@ static const int32_t DELAY_REVOKE_MILLISECONDS = 10 * 1000; static const std::string REVOKE_TASK_PREFIX = "RevokeAll"; static const std::string REVOKE_SAVE_PERM_TASK_PREFIX = "RevokeSavePerm"; static std::mutex g_instanceMutex; +const std::string LOCATION_BUTTON_PERMISSION_FAIL = "Grant location permission fail, security component id = "; +const std::string PASTE_BUTTON_PERMISSION_FAIL = "Grant paste permission fail, security component id = "; +const std::string SAVE_BUTTON_PERMISSION_FAIL = + "Dlp sandbox app are not allowed to use save component, security component " + "id = "; } SecCompPermManager& SecCompPermManager::GetInstance() @@ -276,10 +281,11 @@ inline bool IsDlpSandboxCalling(AccessToken::AccessTokenID tokenId) } int32_t SecCompPermManager::GrantTempPermission(AccessToken::AccessTokenID tokenId, - const std::shared_ptr& componentInfo) + const std::shared_ptr& componentInfo, std::string& message) { if ((tokenId <= 0) || (componentInfo == nullptr)) { SC_LOG_ERROR(LABEL, "Grant component is null"); + message = "Grant component is null"; return SC_SERVICE_ERROR_PERMISSION_OPER_FAIL; } @@ -290,11 +296,13 @@ int32_t SecCompPermManager::GrantTempPermission(AccessToken::AccessTokenID token { res = GrantAppPermission(tokenId, "ohos.permission.APPROXIMATELY_LOCATION"); if (res != SC_OK) { + message = LOCATION_BUTTON_PERMISSION_FAIL + std::to_string(componentInfo->nodeId_); return SC_SERVICE_ERROR_PERMISSION_OPER_FAIL; } res = GrantAppPermission(tokenId, "ohos.permission.LOCATION"); if (res != SC_OK) { RevokeAppPermission(tokenId, "ohos.permission.APPROXIMATELY_LOCATION"); + message = LOCATION_BUTTON_PERMISSION_FAIL + std::to_string(componentInfo->nodeId_); return SC_SERVICE_ERROR_PERMISSION_OPER_FAIL; } SC_LOG_INFO(LABEL, "Grant location permission, scid = %{public}d.", componentInfo->nodeId_); @@ -303,6 +311,7 @@ int32_t SecCompPermManager::GrantTempPermission(AccessToken::AccessTokenID token case PASTE_COMPONENT: res = GrantAppPermission(tokenId, "ohos.permission.SECURE_PASTE"); if (res != SC_OK) { + message = PASTE_BUTTON_PERMISSION_FAIL + std::to_string(componentInfo->nodeId_); return SC_SERVICE_ERROR_PERMISSION_OPER_FAIL; } SC_LOG_INFO(LABEL, "Grant paste permission, scid = %{public}d.", componentInfo->nodeId_); @@ -310,12 +319,14 @@ int32_t SecCompPermManager::GrantTempPermission(AccessToken::AccessTokenID token case SAVE_COMPONENT: if (IsDlpSandboxCalling(tokenId)) { SC_LOG_INFO(LABEL, "Dlp sandbox app are not allowed to use save component."); + message = SAVE_BUTTON_PERMISSION_FAIL + std::to_string(componentInfo->nodeId_); return SC_SERVICE_ERROR_PERMISSION_OPER_FAIL; } SC_LOG_INFO(LABEL, "Grant save permission, scid = %{public}d.", componentInfo->nodeId_); return GrantTempSavePermission(tokenId); default: SC_LOG_ERROR(LABEL, "Parse component type unknown"); + message = "Parse component type unknown"; break; } return SC_SERVICE_ERROR_PERMISSION_OPER_FAIL; diff --git a/services/security_component_service/sa/sa_main/sec_comp_perm_manager.h b/services/security_component_service/sa/sa_main/sec_comp_perm_manager.h index aaa2817697cfa832ff7ccf0f1083fecd9901e442..37088a9d78edd2822204d5f3f9819609f1e0f2e5 100644 --- a/services/security_component_service/sa/sa_main/sec_comp_perm_manager.h +++ b/services/security_component_service/sa/sa_main/sec_comp_perm_manager.h @@ -33,7 +33,7 @@ public: static SecCompPermManager& GetInstance(); int32_t GrantTempPermission(AccessToken::AccessTokenID tokenId, - const std::shared_ptr& componentInfo); + const std::shared_ptr& componentInfo, std::string& message); int32_t GrantTempSavePermission(AccessToken::AccessTokenID tokenId); void RevokeTempSavePermission(AccessToken::AccessTokenID tokenId); bool VerifySavePermission(AccessToken::AccessTokenID tokenId); diff --git a/services/security_component_service/sa/sa_main/sec_comp_service.cpp b/services/security_component_service/sa/sa_main/sec_comp_service.cpp index 5f35b29f01205685ef733cc7bc6f8e3dfcf729fc..4b5d9f4240e04e5bed73f9db7e2f56fb6161a8bc 100644 --- a/services/security_component_service/sa/sa_main/sec_comp_service.cpp +++ b/services/security_component_service/sa/sa_main/sec_comp_service.cpp @@ -244,19 +244,21 @@ int32_t SecCompService::UnregisterSecurityComponent(int32_t scId) return SecCompManager::GetInstance().UnregisterSecurityComponent(scId, caller); } -int32_t SecCompService::ReportSecurityComponentClickEvent(int32_t scId, +SCErrInfo SecCompService::ReportSecurityComponentClickEvent(int32_t scId, const std::string& componentInfo, const SecCompClickEvent& clickInfo, sptr callerToken, sptr dialogCallback) { StartTrace(HITRACE_TAG_ACCESS_CONTROL, "SecurityComponentClick"); SecCompCallerInfo caller; nlohmann::json jsonRes; + SCErrInfo errInfo; if (ParseParams(componentInfo, caller, jsonRes) != SC_OK) { FinishTrace(HITRACE_TAG_ACCESS_CONTROL); - return SC_SERVICE_ERROR_VALUE_INVALID; + errInfo.SetErrInfo(SC_SERVICE_ERROR_VALUE_INVALID, "component info invalid"); + return errInfo; } std::vector> remoteArr = { callerToken, dialogCallback }; - int32_t res = + auto res = SecCompManager::GetInstance().ReportSecurityComponentClickEvent(scId, jsonRes, caller, clickInfo, remoteArr); FinishTrace(HITRACE_TAG_ACCESS_CONTROL); diff --git a/services/security_component_service/sa/sa_main/sec_comp_service.h b/services/security_component_service/sa/sa_main/sec_comp_service.h index ff955821541e8d24570bd8bbc9a334fe20ae1c65..0e885bc467dd779850588c537a52977c2c8e0d70 100644 --- a/services/security_component_service/sa/sa_main/sec_comp_service.h +++ b/services/security_component_service/sa/sa_main/sec_comp_service.h @@ -43,7 +43,7 @@ public: int32_t RegisterSecurityComponent(SecCompType type, const std::string& componentInfo, int32_t& scId) override; int32_t UpdateSecurityComponent(int32_t scId, const std::string& componentInfo) override; int32_t UnregisterSecurityComponent(int32_t scId) override; - int32_t ReportSecurityComponentClickEvent(int32_t scId, + SCErrInfo ReportSecurityComponentClickEvent(int32_t scId, const std::string& componentInfo, const SecCompClickEvent& clickInfo, sptr callerToken, sptr dialogCallback) override; bool VerifySavePermission(AccessToken::AccessTokenID tokenId) override; diff --git a/services/security_component_service/sa/sa_main/sec_comp_stub.cpp b/services/security_component_service/sa/sa_main/sec_comp_stub.cpp index b50d9322353aa9cf397563511941478fb1df058c..40a460bf3e3e9b6219cee6cfbefd4956d3bc0dec 100644 --- a/services/security_component_service/sa/sa_main/sec_comp_stub.cpp +++ b/services/security_component_service/sa/sa_main/sec_comp_stub.cpp @@ -166,7 +166,25 @@ int32_t SecCompStub::UnregisterSecurityComponentInner(MessageParcel& data, Messa return SC_OK; } +int32_t SecCompStub::ReportSecurityComponentClickEventResult(const SCErrInfo& errInfo, MessageParcel& reply) +{ + MessageParcel rawReply; + if (!rawReply.WriteInt32(errInfo.errCode)) { + SC_LOG_ERROR(LABEL, "Report security component result failed"); + return SC_SERVICE_ERROR_PARCEL_OPERATE_FAIL; + } + + if (!rawReply.WriteString(errInfo.errMsg)) { + SC_LOG_ERROR(LABEL, "Report security component error message failed"); + return SC_SERVICE_ERROR_PARCEL_OPERATE_FAIL; + } + if (!SecCompEnhanceAdapter::EnhanceSrvSerialize(rawReply, reply)) { + SC_LOG_ERROR(LABEL, "Report serialize session info failed"); + return SC_SERVICE_ERROR_PARCEL_OPERATE_FAIL; + } + return SC_OK; +} int32_t SecCompStub::ReportSecurityComponentClickEventInner(MessageParcel& data, MessageParcel& reply) { sptr callerToken = data.ReadRemoteObject(); @@ -207,20 +225,12 @@ int32_t SecCompStub::ReportSecurityComponentClickEventInner(MessageParcel& data, SC_LOG_ERROR(LABEL, "Report read clickInfo info failed"); return SC_SERVICE_ERROR_PARCEL_OPERATE_FAIL; } - - int32_t res = - this->ReportSecurityComponentClickEvent(scId, + auto result = this->ReportSecurityComponentClickEvent(scId, componentInfo, clickInfoParcel->clickInfoParams_, callerToken, dialogCallback); - MessageParcel rawReply; - if (!rawReply.WriteInt32(res)) { - SC_LOG_ERROR(LABEL, "Report security component result failed"); - return SC_SERVICE_ERROR_PARCEL_OPERATE_FAIL; - } - - if (!SecCompEnhanceAdapter::EnhanceSrvSerialize(rawReply, reply)) { - SC_LOG_ERROR(LABEL, "Report serialize session info failed"); - return SC_SERVICE_ERROR_PARCEL_OPERATE_FAIL; + int32_t res = ReportSecurityComponentClickEventResult(result, reply); + if (res != SC_OK) { + return res; } return SC_OK; diff --git a/services/security_component_service/sa/sa_main/sec_comp_stub.h b/services/security_component_service/sa/sa_main/sec_comp_stub.h index 57ce8b47fd3a86ac2de173b4645525dfd4796491..1383c3832b8e670420ff8d6b2462b5505d00b7d9 100644 --- a/services/security_component_service/sa/sa_main/sec_comp_stub.h +++ b/services/security_component_service/sa/sa_main/sec_comp_stub.h @@ -39,6 +39,7 @@ private: int32_t GetEnhanceRemoteObjectInner(MessageParcel& data, MessageParcel& reply); int32_t PreRegisterSecCompProcessInner(MessageParcel& data, MessageParcel& reply); bool IsMediaLibraryCalling(); + int32_t ReportSecurityComponentClickEventResult(const SCErrInfo& errInfo, MessageParcel& reply); using RequestFuncType = int32_t (SecCompStub::*)(MessageParcel& data, MessageParcel& reply); std::map requestFuncMap_; diff --git a/services/security_component_service/sa/sa_main/window_info_helper.cpp b/services/security_component_service/sa/sa_main/window_info_helper.cpp index 4af328b0763e81dcd0c0b5dba5caa96d828777ca..907769b9165bec113ad2d0180df292d609d6563e 100644 --- a/services/security_component_service/sa/sa_main/window_info_helper.cpp +++ b/services/security_component_service/sa/sa_main/window_info_helper.cpp @@ -63,7 +63,7 @@ static bool IsRectInWindRect(const Rosen::Rect& windRect, const SecCompRect& sec return true; } -bool WindowInfoHelper::CheckOtherWindowCoverComp(int32_t compWinId, const SecCompRect& secRect) +bool WindowInfoHelper::CheckOtherWindowCoverComp(int32_t compWinId, const SecCompRect& secRect, std::string& message) { if ((static_cast(compWinId) & UI_EXTENSION_MASK) == UI_EXTENSION_MASK) { SC_LOG_INFO(LABEL, "UI extension can not check"); @@ -72,6 +72,7 @@ bool WindowInfoHelper::CheckOtherWindowCoverComp(int32_t compWinId, const SecCom std::vector> infos; if (Rosen::WindowManager::GetInstance().GetUnreliableWindowInfo(compWinId, infos) != Rosen::WMError::WM_OK) { SC_LOG_ERROR(LABEL, "Get AccessibilityWindowInfo failed"); + message = ", Get AccessibilityWindowInfo failed"; return false; } @@ -98,6 +99,7 @@ bool WindowInfoHelper::CheckOtherWindowCoverComp(int32_t compWinId, const SecCom if (compLayer == INVALID_WINDOW_LAYER) { SC_LOG_ERROR(LABEL, "windId %{public}d component layer is wrong", compWinId); + message = ", windId " + std::to_string(compWinId) + "component layer is wrong"; return false; } @@ -112,6 +114,8 @@ bool WindowInfoHelper::CheckOtherWindowCoverComp(int32_t compWinId, const SecCom if (iter != layerList.end()) { SC_LOG_ERROR(LABEL, "component window %{public}d is covered by %{public}d, click check failed", compWinId, iter->first); + message = ", component window " + std::to_string(compWinId) + " is covered by " + + std::to_string(iter->first) + ", click check failed"; return false; } return true; diff --git a/services/security_component_service/sa/sa_main/window_info_helper.h b/services/security_component_service/sa/sa_main/window_info_helper.h index a831bc10d1f177fb4283e3e06d3ecafadb51729f..f1c088572f7eac23790351568253c5350c7423f7 100644 --- a/services/security_component_service/sa/sa_main/window_info_helper.h +++ b/services/security_component_service/sa/sa_main/window_info_helper.h @@ -24,7 +24,7 @@ namespace SecurityComponent { class __attribute__((visibility("default"))) WindowInfoHelper { public: static float GetWindowScale(int32_t windowId); - static bool CheckOtherWindowCoverComp(int32_t compWinId, const SecCompRect& secRect); + static bool CheckOtherWindowCoverComp(int32_t compWinId, const SecCompRect& secRect, std::string& message); public: static constexpr float FULL_SCREEN_SCALE = 1.0F; }; diff --git a/services/security_component_service/sa/test/unittest/src/sec_comp_entity_test.cpp b/services/security_component_service/sa/test/unittest/src/sec_comp_entity_test.cpp index b73a85cbbe5627823973cc41c480c8ff7b60aa39..50099d7389ac42581a565f6f2a67ae67e6ff27d5 100644 --- a/services/security_component_service/sa/test/unittest/src/sec_comp_entity_test.cpp +++ b/services/security_component_service/sa/test/unittest/src/sec_comp_entity_test.cpp @@ -71,17 +71,18 @@ HWTEST_F(SecCompEntityTest, GrantTempPermission001, TestSize.Level1) { entity_->isGrant_ = false; entity_->componentInfo_->type_ = UNKNOWN_SC_TYPE; - ASSERT_EQ(SC_SERVICE_ERROR_PERMISSION_OPER_FAIL, entity_->GrantTempPermission()); + std::string message; + ASSERT_EQ(SC_SERVICE_ERROR_PERMISSION_OPER_FAIL, entity_->GrantTempPermission(message)); ASSERT_TRUE(entity_->isGrant_); entity_->isGrant_ = false; entity_->componentInfo_->type_ = LOCATION_COMPONENT; - ASSERT_EQ(SC_OK, entity_->GrantTempPermission()); + ASSERT_EQ(SC_OK, entity_->GrantTempPermission(message)); ASSERT_TRUE(entity_->isGrant_); entity_->isGrant_ = false; entity_->componentInfo_->type_ = PASTE_COMPONENT; - ASSERT_EQ(SC_OK, entity_->GrantTempPermission()); + ASSERT_EQ(SC_OK, entity_->GrantTempPermission(message)); ASSERT_TRUE(entity_->isGrant_); } @@ -98,8 +99,8 @@ HWTEST_F(SecCompEntityTest, GrantTempPermission002, TestSize.Level1) entity_ = std::make_shared(pasteComponent, 0, 1, 1, 1); ASSERT_NE(nullptr, entity_); - - ASSERT_EQ(SC_SERVICE_ERROR_PERMISSION_OPER_FAIL, entity_->GrantTempPermission()); + std::string message; + ASSERT_EQ(SC_SERVICE_ERROR_PERMISSION_OPER_FAIL, entity_->GrantTempPermission(message)); } /** @@ -116,11 +117,12 @@ HWTEST_F(SecCompEntityTest, CheckClickInfo001, TestSize.Level1) .point.touchY = ServiceTestCommon::TEST_COORDINATE, .point.timestamp = 0, }; - ASSERT_NE(entity_->CheckClickInfo(touch), SC_OK); + std::string message; + ASSERT_NE(entity_->CheckClickInfo(touch, message), SC_OK); uint64_t current = static_cast(std::chrono::high_resolution_clock::now().time_since_epoch().count()); touch.point.timestamp = current + 10000L; // 10s - ASSERT_NE(entity_->CheckClickInfo(touch), SC_OK); + ASSERT_NE(entity_->CheckClickInfo(touch, message), SC_OK); entity_->componentInfo_->rect_.x_ = ServiceTestCommon::TEST_DIFF_COORDINATE; // click event will not hit this rect entity_->componentInfo_->rect_.y_ = ServiceTestCommon::TEST_DIFF_COORDINATE; @@ -128,7 +130,7 @@ HWTEST_F(SecCompEntityTest, CheckClickInfo001, TestSize.Level1) entity_->componentInfo_->rect_.height_ = ServiceTestCommon::TEST_DIFF_COORDINATE; touch.point.timestamp = static_cast( std::chrono::high_resolution_clock::now().time_since_epoch().count()) / ServiceTestCommon::TIME_CONVERSION_UNIT; - ASSERT_NE(entity_->CheckClickInfo(touch), SC_OK); + ASSERT_NE(entity_->CheckClickInfo(touch, message), SC_OK); entity_->componentInfo_->rect_.x_ = ServiceTestCommon::TEST_COORDINATE; entity_->componentInfo_->rect_.y_ = ServiceTestCommon::TEST_COORDINATE; @@ -137,7 +139,7 @@ HWTEST_F(SecCompEntityTest, CheckClickInfo001, TestSize.Level1) touch.extraInfo.data = buffer; touch.point.timestamp = static_cast( std::chrono::high_resolution_clock::now().time_since_epoch().count()) / ServiceTestCommon::TIME_CONVERSION_UNIT; - ASSERT_EQ(entity_->CheckClickInfo(touch), SC_OK); + ASSERT_EQ(entity_->CheckClickInfo(touch, message), SC_OK); } /** @@ -154,7 +156,8 @@ HWTEST_F(SecCompEntityTest, CheckClickInfo002, TestSize.Level1) .point.touchY = ServiceTestCommon::TEST_COORDINATE, .point.timestamp = static_cast(std::chrono::high_resolution_clock::now().time_since_epoch().count()), }; - ASSERT_NE(entity_->CheckClickInfo(touch), SC_OK); + std::string message; + ASSERT_NE(entity_->CheckClickInfo(touch, message), SC_OK); entity_->componentInfo_->rect_.x_ = ServiceTestCommon::TEST_COORDINATE; entity_->componentInfo_->rect_.y_ = ServiceTestCommon::TEST_COORDINATE; @@ -163,7 +166,7 @@ HWTEST_F(SecCompEntityTest, CheckClickInfo002, TestSize.Level1) // GetAccessibilityWindowInfo failed OHOS::Rosen::WindowManager::GetInstance().result_ = static_cast(-1); - ASSERT_EQ(entity_->CheckClickInfo(touch), SC_SERVICE_ERROR_CLICK_EVENT_INVALID); + ASSERT_EQ(entity_->CheckClickInfo(touch, message), SC_SERVICE_ERROR_COMPONENT_IS_COVERED); } /** @@ -191,22 +194,23 @@ HWTEST_F(SecCompEntityTest, CheckKeyEvent001, TestSize.Level1) { SecCompClickEvent clickInfo; clickInfo.type = ClickEventType::KEY_EVENT_TYPE; + std::string message; auto current = static_cast( std::chrono::high_resolution_clock::now().time_since_epoch().count()) / 1000; clickInfo.key.timestamp = current - 1000000L - 1; - ASSERT_EQ(SC_SERVICE_ERROR_CLICK_EVENT_INVALID, entity_->CheckClickInfo(clickInfo)); + ASSERT_EQ(SC_SERVICE_ERROR_CLICK_EVENT_INVALID, entity_->CheckClickInfo(clickInfo, message)); clickInfo.key.timestamp = current + 1; - ASSERT_EQ(SC_SERVICE_ERROR_CLICK_EVENT_INVALID, entity_->CheckClickInfo(clickInfo)); + ASSERT_EQ(SC_SERVICE_ERROR_CLICK_EVENT_INVALID, entity_->CheckClickInfo(clickInfo, message)); clickInfo.key.timestamp = current - 1; clickInfo.key.keyCode = 1; - ASSERT_EQ(SC_SERVICE_ERROR_CLICK_EVENT_INVALID, entity_->CheckClickInfo(clickInfo)); + ASSERT_EQ(SC_SERVICE_ERROR_CLICK_EVENT_INVALID, entity_->CheckClickInfo(clickInfo, message)); clickInfo.key.keyCode = KEY_SPACE; - ASSERT_EQ(SC_OK, entity_->CheckKeyEvent(clickInfo)); + ASSERT_EQ(SC_OK, entity_->CheckKeyEvent(clickInfo, message)); clickInfo.key.keyCode = KEY_ENTER; - ASSERT_EQ(SC_OK, entity_->CheckKeyEvent(clickInfo)); + ASSERT_EQ(SC_OK, entity_->CheckKeyEvent(clickInfo, message)); clickInfo.key.keyCode = KEY_NUMPAD_ENTER; - ASSERT_EQ(SC_OK, entity_->CheckKeyEvent(clickInfo)); + ASSERT_EQ(SC_OK, entity_->CheckKeyEvent(clickInfo, message)); } diff --git a/services/security_component_service/sa/test/unittest/src/sec_comp_info_helper_test.cpp b/services/security_component_service/sa/test/unittest/src/sec_comp_info_helper_test.cpp index 25e66cf43ca5b935ce140f4b84b775197d69be7d..8ee226be261cb620416f3da14e687fee8de66284 100644 --- a/services/security_component_service/sa/test/unittest/src/sec_comp_info_helper_test.cpp +++ b/services/security_component_service/sa/test/unittest/src/sec_comp_info_helper_test.cpp @@ -149,36 +149,36 @@ HWTEST_F(SecCompInfoHelperTest, ParseComponent004, TestSize.Level1) { SecCompRect rect = GetDefaultRect(); SecCompRect windowRect = GetDefaultRect(); - ASSERT_TRUE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0)); + ASSERT_TRUE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0).errCode == SC_OK); rect.x_ = ServiceTestCommon::TEST_INVALID_DIMENSION; - ASSERT_FALSE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0)); + ASSERT_FALSE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0).errCode == SC_OK); rect.x_ = g_testWidth; rect.y_ = ServiceTestCommon::TEST_INVALID_DIMENSION; - ASSERT_FALSE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0)); + ASSERT_FALSE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0).errCode == SC_OK); rect.y_ = g_testHeight; rect.x_ = g_curScreenWidth + 1; - ASSERT_FALSE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0)); + ASSERT_FALSE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0).errCode == SC_OK); rect.x_ = g_testWidth; rect.y_ = g_curScreenHeight + 1; - ASSERT_FALSE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0)); + ASSERT_FALSE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0).errCode == SC_OK); rect.y_ = g_testHeight; rect.width_ = g_curScreenWidth; rect.height_ = g_curScreenHeight; - ASSERT_FALSE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0)); + ASSERT_FALSE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0).errCode == SC_OK); rect.width_ = g_testWidth; rect.height_ = g_testHeight; rect.x_ = g_curScreenWidth - g_testWidth; - ASSERT_FALSE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0)); + ASSERT_FALSE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0).errCode == SC_OK); rect.x_ = g_testWidth; rect.y_ = g_curScreenHeight - g_testHeight; - ASSERT_FALSE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0)); + ASSERT_FALSE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0).errCode == SC_OK); rect.y_ = g_testHeight; } @@ -192,30 +192,30 @@ HWTEST_F(SecCompInfoHelperTest, ParseComponent005, TestSize.Level1) { SecCompRect rect = GetDefaultRect(); SecCompRect windowRect = GetDefaultRect(); - ASSERT_TRUE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0)); + ASSERT_TRUE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0).errCode == SC_OK); windowRect.x_ = g_testWidth + 1; - ASSERT_FALSE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0)); + ASSERT_FALSE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0).errCode == SC_OK); windowRect.x_ = g_testWidth; windowRect.y_ = g_testHeight + 1; - ASSERT_FALSE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0)); + ASSERT_FALSE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0).errCode == SC_OK); windowRect.y_ = g_testHeight; windowRect.width_ = g_testWidth - 1; - ASSERT_FALSE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0)); + ASSERT_FALSE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0).errCode == SC_OK); windowRect.width_ = g_testWidth; windowRect.height_ = g_testHeight - 1; - ASSERT_FALSE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0)); + ASSERT_FALSE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0).errCode == SC_OK); windowRect.height_ = g_testHeight; windowRect.width_ = ServiceTestCommon::TEST_INVALID_DIMENSION; - ASSERT_FALSE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0)); + ASSERT_FALSE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0).errCode == SC_OK); windowRect.width_ = g_testWidth; windowRect.height_ = ServiceTestCommon::TEST_INVALID_DIMENSION; - ASSERT_FALSE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0)); + ASSERT_FALSE(SecCompInfoHelper::CheckRectValid(rect, windowRect, 0).errCode == SC_OK); windowRect.height_ = g_testHeight; } @@ -504,14 +504,14 @@ HWTEST_F(SecCompInfoHelperTest, CheckComponentValid001, TestSize.Level1) ServiceTestCommon::BuildLocationComponentJson(jsonComponent); SecCompBase* comp = SecCompInfoHelper::ParseComponent(LOCATION_COMPONENT, jsonComponent); ASSERT_TRUE(comp->GetValid()); - ASSERT_TRUE(SecCompInfoHelper::CheckComponentValid(comp)); + ASSERT_TRUE(SecCompInfoHelper::CheckComponentValid(comp).errCode == SC_OK); jsonComponent[JsonTagConstants::JSON_COLORS_TAG] = nlohmann::json { { JsonTagConstants::JSON_FONT_COLOR_TAG, ServiceTestCommon::TEST_COLOR_RED }, { JsonTagConstants::JSON_ICON_COLOR_TAG, ServiceTestCommon::TEST_COLOR_BLACK }, { JsonTagConstants::JSON_BG_COLOR_TAG, ServiceTestCommon::TEST_COLOR_WHITE } }; comp = SecCompInfoHelper::ParseComponent(LOCATION_COMPONENT, jsonComponent); - ASSERT_TRUE(SecCompInfoHelper::CheckComponentValid(comp)); + ASSERT_TRUE(SecCompInfoHelper::CheckComponentValid(comp).errCode == SC_OK); } /** @@ -526,14 +526,14 @@ HWTEST_F(SecCompInfoHelperTest, CheckComponentValid002, TestSize.Level1) ServiceTestCommon::BuildLocationComponentJson(jsonComponent); SecCompBase* comp = SecCompInfoHelper::ParseComponent(LOCATION_COMPONENT, jsonComponent); comp->text_ = UNKNOWN_TEXT; - ASSERT_TRUE(SecCompInfoHelper::CheckComponentValid(comp)); + ASSERT_TRUE(SecCompInfoHelper::CheckComponentValid(comp).errCode == SC_OK); comp->text_ = static_cast(LocationDesc::SELECT_LOCATION); comp->icon_ = UNKNOWN_ICON; - ASSERT_TRUE(SecCompInfoHelper::CheckComponentValid(comp)); + ASSERT_TRUE(SecCompInfoHelper::CheckComponentValid(comp).errCode == SC_OK); comp->text_ = UNKNOWN_TEXT; - ASSERT_FALSE(SecCompInfoHelper::CheckComponentValid(comp)); + ASSERT_FALSE(SecCompInfoHelper::CheckComponentValid(comp).errCode == SC_OK); } /** @@ -548,10 +548,10 @@ HWTEST_F(SecCompInfoHelperTest, CheckComponentValid003, TestSize.Level1) ServiceTestCommon::BuildLocationComponentJson(jsonComponent); SecCompBase* comp = SecCompInfoHelper::ParseComponent(LOCATION_COMPONENT, jsonComponent); comp->type_ = SecCompType::UNKNOWN_SC_TYPE; - ASSERT_FALSE(SecCompInfoHelper::CheckComponentValid(comp)); + ASSERT_FALSE(SecCompInfoHelper::CheckComponentValid(comp).errCode == SC_OK); comp->type_ = SecCompType::MAX_SC_TYPE; - ASSERT_FALSE(SecCompInfoHelper::CheckComponentValid(comp)); + ASSERT_FALSE(SecCompInfoHelper::CheckComponentValid(comp).errCode == SC_OK); } /** @@ -580,7 +580,7 @@ HWTEST_F(SecCompInfoHelperTest, CheckComponentValid004, TestSize.Level1) otherWin->scaleVal_ = 0.0; list.emplace_back(otherWin); Rosen::WindowManager::GetInstance().list_ = list; - ASSERT_TRUE(SecCompInfoHelper::CheckComponentValid(comp)); + ASSERT_TRUE(SecCompInfoHelper::CheckComponentValid(comp).errCode == SC_OK); } /** @@ -596,7 +596,7 @@ HWTEST_F(SecCompInfoHelperTest, CheckComponentValid005, TestSize.Level1) SecCompBase* comp = SecCompInfoHelper::ParseComponent(LOCATION_COMPONENT, jsonComponent); Rosen::WindowManager::GetInstance().result_ = static_cast(-1); - ASSERT_TRUE(SecCompInfoHelper::CheckComponentValid(comp)); + ASSERT_TRUE(SecCompInfoHelper::CheckComponentValid(comp).errCode == SC_OK); } /** diff --git a/services/security_component_service/sa/test/unittest/src/sec_comp_manager_test.cpp b/services/security_component_service/sa/test/unittest/src/sec_comp_manager_test.cpp index ed7144a6ee4c68c733480dcd01513abdeb613378..fa5f01edac02d3c03c283e8396a4ad822f37def9 100644 --- a/services/security_component_service/sa/test/unittest/src/sec_comp_manager_test.cpp +++ b/services/security_component_service/sa/test/unittest/src/sec_comp_manager_test.cpp @@ -434,7 +434,7 @@ HWTEST_F(SecCompManagerTest, ReportSecurityComponentClickEvent001, TestSize.Leve std::vector> remote = { nullptr, nullptr }; ASSERT_NE(SC_OK, SecCompManager::GetInstance().ReportSecurityComponentClickEvent(1, - jsonVaild, caller, clickInfo, remote)); + jsonVaild, caller, clickInfo, remote).errCode); } /** @@ -487,16 +487,16 @@ HWTEST_F(SecCompManagerTest, CheckClickSecurityComponentInfo001, TestSize.Level1 jsonVaild[JsonTagConstants::JSON_SC_TYPE] = UNKNOWN_SC_TYPE; std::vector> remote = { nullptr, nullptr }; ASSERT_EQ(SC_SERVICE_ERROR_COMPONENT_INFO_INVALID, SecCompManager::GetInstance().ReportSecurityComponentClickEvent( - ServiceTestCommon::TEST_SC_ID_1, jsonVaild, caller, clickInfo, remote)); + ServiceTestCommon::TEST_SC_ID_1, jsonVaild, caller, clickInfo, remote).errCode); jsonVaild[JsonTagConstants::JSON_SC_TYPE] = LOCATION_COMPONENT; jsonVaild[JsonTagConstants::JSON_RECT][JsonTagConstants::JSON_RECT_X] = ServiceTestCommon::TEST_INVALID_DIMENSION; ASSERT_EQ(SC_SERVICE_ERROR_COMPONENT_INFO_INVALID, SecCompManager::GetInstance().ReportSecurityComponentClickEvent( - ServiceTestCommon::TEST_SC_ID_1, jsonVaild, caller, clickInfo, remote)); + ServiceTestCommon::TEST_SC_ID_1, jsonVaild, caller, clickInfo, remote).errCode); jsonVaild[JsonTagConstants::JSON_RECT][JsonTagConstants::JSON_RECT_X] = ServiceTestCommon::TEST_COORDINATE - 1; ASSERT_EQ(SC_SERVICE_ERROR_COMPONENT_INFO_INVALID, SecCompManager::GetInstance().ReportSecurityComponentClickEvent( - ServiceTestCommon::TEST_SC_ID_1, jsonVaild, caller, clickInfo, remote)); + ServiceTestCommon::TEST_SC_ID_1, jsonVaild, caller, clickInfo, remote).errCode); } /** diff --git a/services/security_component_service/sa/test/unittest/src/sec_comp_perm_manager_test.cpp b/services/security_component_service/sa/test/unittest/src/sec_comp_perm_manager_test.cpp index 4111522016986aa5aed2309d4b83cfd522740711..83617aefcb5ac40e15ff13131fc4e8d71b3009bc 100644 --- a/services/security_component_service/sa/test/unittest/src/sec_comp_perm_manager_test.cpp +++ b/services/security_component_service/sa/test/unittest/src/sec_comp_perm_manager_test.cpp @@ -196,6 +196,7 @@ HWTEST_F(SecCompPermManagerTest, GrantTempPermission001, TestSize.Level1) ASSERT_NE(nullptr, comp); std::shared_ptr shared_comp(comp); + std::string message; EXPECT_EQ(SC_SERVICE_ERROR_PERMISSION_OPER_FAIL, - permMgr.GrantTempPermission(*tokenid, shared_comp)); + permMgr.GrantTempPermission(*tokenid, shared_comp, message)); } \ No newline at end of file diff --git a/services/security_component_service/sa/test/unittest/src/sec_comp_service_mock_test.cpp b/services/security_component_service/sa/test/unittest/src/sec_comp_service_mock_test.cpp index 4e5454f25f946ebc11e1fdea6b49e1338eb78f2c..4800132fc7d39ac3645b4ad69a086854dda51868 100644 --- a/services/security_component_service/sa/test/unittest/src/sec_comp_service_mock_test.cpp +++ b/services/security_component_service/sa/test/unittest/src/sec_comp_service_mock_test.cpp @@ -115,7 +115,7 @@ HWTEST_F(SecCompServiceMockTest, RegisterSecurityComponent001, TestSize.Level1) }; EXPECT_EQ(SC_OK, secCompService_->ReportSecurityComponentClickEvent(scId, - saveInfo, touch, nullptr, nullptr)); + saveInfo, touch, nullptr, nullptr).errCode); EXPECT_EQ(SC_OK, secCompService_->UnregisterSecurityComponent(scId)); SecCompPermManager::GetInstance().applySaveCountMap_.clear(); } @@ -150,7 +150,7 @@ HWTEST_F(SecCompServiceMockTest, RegisterSecurityComponent002, TestSize.Level1) std::chrono::high_resolution_clock::now().time_since_epoch().count()) }; EXPECT_EQ(SC_SERVICE_ERROR_CLICK_EVENT_INVALID, - secCompService_->ReportSecurityComponentClickEvent(scId, saveInfo, touch, nullptr, nullptr)); + secCompService_->ReportSecurityComponentClickEvent(scId, saveInfo, touch, nullptr, nullptr).errCode); EXPECT_EQ(SC_OK, secCompService_->UnregisterSecurityComponent(scId)); SecCompPermManager::GetInstance().applySaveCountMap_.clear(); } @@ -191,7 +191,7 @@ HWTEST_F(SecCompServiceMockTest, RegisterSecurityComponent003, TestSize.Level1) }, }; EXPECT_EQ(SC_SERVICE_ERROR_PERMISSION_OPER_FAIL, - secCompService_->ReportSecurityComponentClickEvent(scId, saveInfo, touch, nullptr, nullptr)); + secCompService_->ReportSecurityComponentClickEvent(scId, saveInfo, touch, nullptr, nullptr).errCode); EXPECT_EQ(SC_OK, secCompService_->UnregisterSecurityComponent(scId)); SecCompPermManager::GetInstance().applySaveCountMap_.clear(); } @@ -232,7 +232,8 @@ HWTEST_F(SecCompServiceMockTest, ReportSecurityComponentClickEvent001, TestSize. }, }; - ASSERT_EQ(SC_OK, secCompService_->ReportSecurityComponentClickEvent(scId, saveInfo, clickInfo, nullptr, nullptr)); + ASSERT_EQ(SC_OK, secCompService_->ReportSecurityComponentClickEvent(scId, saveInfo, clickInfo, + nullptr, nullptr).errCode); // test 10s valid ASSERT_TRUE(secCompService_->VerifySavePermission(ServiceTestCommon::HAP_TOKEN_ID)); @@ -243,11 +244,13 @@ HWTEST_F(SecCompServiceMockTest, ReportSecurityComponentClickEvent001, TestSize. // test 10s multiple clicks clickInfo.point.timestamp = static_cast( std::chrono::high_resolution_clock::now().time_since_epoch().count()) / ServiceTestCommon::TIME_CONVERSION_UNIT; - ASSERT_EQ(SC_OK, secCompService_->ReportSecurityComponentClickEvent(scId, saveInfo, clickInfo, nullptr, nullptr)); + ASSERT_EQ(SC_OK, secCompService_->ReportSecurityComponentClickEvent(scId, saveInfo, clickInfo, + nullptr, nullptr).errCode); sleep(3); clickInfo.point.timestamp = static_cast( std::chrono::high_resolution_clock::now().time_since_epoch().count()) / ServiceTestCommon::TIME_CONVERSION_UNIT; - ASSERT_EQ(SC_OK, secCompService_->ReportSecurityComponentClickEvent(scId, saveInfo, clickInfo, nullptr, nullptr)); + ASSERT_EQ(SC_OK, secCompService_->ReportSecurityComponentClickEvent(scId, saveInfo, clickInfo, + nullptr, nullptr).errCode); sleep(8); ASSERT_TRUE(secCompService_->VerifySavePermission(ServiceTestCommon::HAP_TOKEN_ID)); sleep(2); @@ -292,7 +295,7 @@ HWTEST_F(SecCompServiceMockTest, ReportSecurityComponentClickEvent002, TestSize. }; ASSERT_EQ(SC_OK, - secCompService_->ReportSecurityComponentClickEvent(scId, locationInfo, clickInfo1, nullptr, nullptr)); + secCompService_->ReportSecurityComponentClickEvent(scId, locationInfo, clickInfo1, nullptr, nullptr).errCode); // test 10s valid ASSERT_EQ(AccessTokenKit::VerifyAccessToken(ServiceTestCommon::HAP_TOKEN_ID, "ohos.permission.LOCATION"), 0); diff --git a/services/security_component_service/sa/test/unittest/src/sec_comp_service_test.cpp b/services/security_component_service/sa/test/unittest/src/sec_comp_service_test.cpp index de46e83f8de25ba1f2ba9fd7998dc4ca6242a39c..b2ebbf5f246d3e809ba08dc5bd6952631de0b79d 100644 --- a/services/security_component_service/sa/test/unittest/src/sec_comp_service_test.cpp +++ b/services/security_component_service/sa/test/unittest/src/sec_comp_service_test.cpp @@ -274,7 +274,7 @@ HWTEST_F(SecCompServiceTest, ReportSecurityComponentClickEvent001, TestSize.Leve .extraInfo.dataSize = 16, }; EXPECT_EQ(SC_OK, - secCompService_->ReportSecurityComponentClickEvent(scId, locationInfo, touch, nullptr, nullptr)); + secCompService_->ReportSecurityComponentClickEvent(scId, locationInfo, touch, nullptr, nullptr).errCode); EXPECT_EQ(SC_OK, secCompService_->UnregisterSecurityComponent(scId)); setuid(uid); } @@ -363,7 +363,7 @@ HWTEST_F(SecCompServiceTest, GetCallerInfo002, TestSize.Level1) EXPECT_NE(secCompService_->UnregisterSecurityComponent(scId), SC_SERVICE_ERROR_VALUE_INVALID); struct SecCompClickEvent touchInfo; - EXPECT_EQ(secCompService_->ReportSecurityComponentClickEvent(scId, componentInfo, touchInfo, nullptr, nullptr), - SC_SERVICE_ERROR_VALUE_INVALID); + EXPECT_EQ(secCompService_->ReportSecurityComponentClickEvent(scId, componentInfo, touchInfo, + nullptr, nullptr).errCode, SC_SERVICE_ERROR_VALUE_INVALID); secCompService_->GetEnhanceRemoteObject(); } diff --git a/services/security_component_service/sa/test/unittest/src/sec_comp_stub_mock_test.h b/services/security_component_service/sa/test/unittest/src/sec_comp_stub_mock_test.h index 022d53334eebaf8e6172d09fdaf427479b88d31d..f4ae538e93fcc69155f217c1f44153a6f7b551b1 100644 --- a/services/security_component_service/sa/test/unittest/src/sec_comp_stub_mock_test.h +++ b/services/security_component_service/sa/test/unittest/src/sec_comp_stub_mock_test.h @@ -43,11 +43,12 @@ public: return 0; }; - int32_t ReportSecurityComponentClickEvent(int32_t scId, const std::string& componentInfo, + SCErrInfo ReportSecurityComponentClickEvent(int32_t scId, const std::string& componentInfo, const SecCompClickEvent& clickInfo, sptr callerToken, sptr dialogCall) override { - return 0; + SCErrInfo errInfo; + return errInfo; }; bool VerifySavePermission(AccessToken::AccessTokenID tokenId) override diff --git a/services/security_component_service/sa/test/unittest/src/sec_comp_stub_test.h b/services/security_component_service/sa/test/unittest/src/sec_comp_stub_test.h index 2c2c1c32847ed47a077b5a6af36cfa7038063cce..c908d4a27785a8bc6c36329a8b66037cddb5a2af 100644 --- a/services/security_component_service/sa/test/unittest/src/sec_comp_stub_test.h +++ b/services/security_component_service/sa/test/unittest/src/sec_comp_stub_test.h @@ -43,10 +43,11 @@ public: return 0; }; - int32_t ReportSecurityComponentClickEvent(int32_t scId, const std::string& componentInfo, + SCErrInfo ReportSecurityComponentClickEvent(int32_t scId, const std::string& componentInfo, const SecCompClickEvent& clickInfo, sptr callerToken, sptr dialogCall) override { - return 0; + SCErrInfo errInfo; + return errInfo; }; bool VerifySavePermission(AccessToken::AccessTokenID tokenId) override diff --git a/services/security_component_service/sa/test/unittest/src/window_info_helper_test.cpp b/services/security_component_service/sa/test/unittest/src/window_info_helper_test.cpp index 4f3ea0cb7565bb044cba0134c654221e6d1cb6c2..6a0999a2f667a938bc4fdb3e2e34440f6427f687 100644 --- a/services/security_component_service/sa/test/unittest/src/window_info_helper_test.cpp +++ b/services/security_component_service/sa/test/unittest/src/window_info_helper_test.cpp @@ -100,8 +100,8 @@ HWTEST_F(WindowInfoHelperTest, CheckOtherWindowCoverComp001, TestSize.Level1) ServiceTestCommon::TEST_COORDINATE, ServiceTestCommon::TEST_COORDINATE, ServiceTestCommon::TEST_COORDINATE, ServiceTestCommon::TEST_COORDINATE }; - - ASSERT_FALSE(WindowInfoHelper::CheckOtherWindowCoverComp(0, compRect)); + std::string message; + ASSERT_FALSE(WindowInfoHelper::CheckOtherWindowCoverComp(0, compRect, message)); } /** @@ -125,7 +125,8 @@ HWTEST_F(WindowInfoHelperTest, CheckOtherWindowCoverComp002, TestSize.Level1) ServiceTestCommon::TEST_COORDINATE, ServiceTestCommon::TEST_COORDINATE, ServiceTestCommon::TEST_COORDINATE, ServiceTestCommon::TEST_COORDINATE }; - ASSERT_FALSE(WindowInfoHelper::CheckOtherWindowCoverComp(0, compRect)); + std::string message; + ASSERT_FALSE(WindowInfoHelper::CheckOtherWindowCoverComp(0, compRect, message)); } /** @@ -149,5 +150,6 @@ HWTEST_F(WindowInfoHelperTest, CheckOtherWindowCoverComp003, TestSize.Level1) ServiceTestCommon::TEST_COORDINATE, ServiceTestCommon::TEST_COORDINATE, ServiceTestCommon::TEST_COORDINATE, ServiceTestCommon::TEST_COORDINATE }; - ASSERT_TRUE(WindowInfoHelper::CheckOtherWindowCoverComp(0, compRect)); + std::string message; + ASSERT_TRUE(WindowInfoHelper::CheckOtherWindowCoverComp(0, compRect, message)); }