From 32dc8a2793bab6cf6e77a657e6f833e5e16e3e6c Mon Sep 17 00:00:00 2001 From: tan-qingliu Date: Sat, 28 Jun 2025 10:38:16 +0800 Subject: [PATCH] =?UTF-8?q?=E8=AF=81=E4=B9=A6=E7=AE=A1=E7=90=86arkts?= =?UTF-8?q?=E9=9D=99=E6=80=81=E5=8C=96ani=E5=AE=9E=E7=8E=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: tan-qingliu --- BUILD.gn | 22 + bundle.json | 3 +- interfaces/kits/ani/BUILD.gn | 28 + .../kits/ani/certificate_manager_ani/BUILD.gn | 85 +++ .../ets/@ohos.security.certManager.ets | 441 +++++++++++++ .../include/cm_abort_impl.h | 40 ++ .../include/cm_finish_impl.h | 74 +++ .../include/cm_get_app_cert_impl.h | 54 ++ .../include/cm_get_ca_list_impl.h | 60 ++ .../include/cm_get_cert_info_impl.h | 42 ++ .../include/cm_get_cert_store_path.h | 55 ++ .../include/cm_get_cred_list_impl.h | 49 ++ .../include/cm_init_impl.h | 41 ++ .../include/cm_install_private_cert_impl.h | 50 ++ .../include/cm_install_user_ca_sync_impl.h | 44 ++ .../include/cm_is_authorized_app_impl.h | 40 ++ .../include/cm_uninstall_private_cert_impl.h | 40 ++ .../include/cm_uninstall_user_ca_sync_impl.h | 40 ++ .../include/cm_update_impl.h | 42 ++ .../src/cm_abort_impl.cpp | 60 ++ .../certificate_manager_ani/src/cm_ani.cpp | 227 +++++++ .../src/cm_finish_impl.cpp | 186 ++++++ .../src/cm_get_app_cert_impl.cpp | 92 +++ .../src/cm_get_ca_list_impl.cpp | 87 +++ .../src/cm_get_cert_info_impl.cpp | 91 +++ .../src/cm_get_cert_store_path.cpp | 125 ++++ .../src/cm_get_cred_list_impl.cpp | 84 +++ .../src/cm_init_impl.cpp | 80 +++ .../src/cm_install_private_cert_impl.cpp | 107 ++++ .../src/cm_install_user_ca_sync_impl.cpp | 94 +++ .../src/cm_is_authorized_app_impl.cpp | 63 ++ .../src/cm_uninstall_private_cert_impl.cpp | 67 ++ .../src/cm_uninstall_user_ca_sync_impl.cpp | 61 ++ .../src/cm_update_impl.cpp | 66 ++ .../certificate_manager_dialog_ani/BUILD.gn | 86 +++ .../ets/@ohos.security.certManagerDialog.ets | 210 ++++++ .../include/cm_open_auth_dialog.h | 34 + .../include/cm_open_cert_detail_dialog.h | 43 ++ .../include/cm_open_certmanager_dialog.h | 40 ++ .../include/cm_open_dialog.h | 118 ++++ .../include/cm_open_install_dialog.h | 45 ++ .../include/cm_open_uninstall_dialog.h | 44 ++ .../src/cm_dialog_ani.cpp | 98 +++ .../src/cm_open_auth_dialog.cpp | 61 ++ .../src/cm_open_cert_detail_dialog.cpp | 87 +++ .../src/cm_open_certmanager_dialog.cpp | 73 +++ .../src/cm_open_dialog.cpp | 243 +++++++ .../src/cm_open_install_dialog.cpp | 119 ++++ .../src/cm_open_uninstall_dialog.cpp | 107 ++++ interfaces/kits/ani/cm_ani_common/BUILD.gn | 73 +++ .../builder/include/cm_result_builder.h | 53 ++ .../builder/src/cm_result_builder.cpp | 319 +++++++++ .../impl/include/cm_ani_async_impl.h | 51 ++ .../impl/include/cm_ani_common.h | 39 ++ .../cm_ani_common/impl/include/cm_ani_impl.h | 43 ++ .../impl/src/cm_ani_async_impl.cpp | 109 ++++ .../cm_ani_common/impl/src/cm_ani_common.cpp | 118 ++++ .../cm_ani_common/impl/src/cm_ani_impl.cpp | 81 +++ .../utils/include/cm_ani_utils.h | 67 ++ .../cm_ani_common/utils/src/cm_ani_utils.cpp | 604 ++++++++++++++++++ .../kits/common/include/cm_api_common.h | 130 ++++ .../common/include/cm_dialog_api_common.h | 103 +++ .../kits/common/src/cm_dialog_api_common.cpp | 70 ++ 63 files changed, 6007 insertions(+), 1 deletion(-) create mode 100644 interfaces/kits/ani/BUILD.gn create mode 100644 interfaces/kits/ani/certificate_manager_ani/BUILD.gn create mode 100644 interfaces/kits/ani/certificate_manager_ani/ets/@ohos.security.certManager.ets create mode 100644 interfaces/kits/ani/certificate_manager_ani/include/cm_abort_impl.h create mode 100644 interfaces/kits/ani/certificate_manager_ani/include/cm_finish_impl.h create mode 100644 interfaces/kits/ani/certificate_manager_ani/include/cm_get_app_cert_impl.h create mode 100644 interfaces/kits/ani/certificate_manager_ani/include/cm_get_ca_list_impl.h create mode 100644 interfaces/kits/ani/certificate_manager_ani/include/cm_get_cert_info_impl.h create mode 100644 interfaces/kits/ani/certificate_manager_ani/include/cm_get_cert_store_path.h create mode 100644 interfaces/kits/ani/certificate_manager_ani/include/cm_get_cred_list_impl.h create mode 100644 interfaces/kits/ani/certificate_manager_ani/include/cm_init_impl.h create mode 100644 interfaces/kits/ani/certificate_manager_ani/include/cm_install_private_cert_impl.h create mode 100644 interfaces/kits/ani/certificate_manager_ani/include/cm_install_user_ca_sync_impl.h create mode 100644 interfaces/kits/ani/certificate_manager_ani/include/cm_is_authorized_app_impl.h create mode 100644 interfaces/kits/ani/certificate_manager_ani/include/cm_uninstall_private_cert_impl.h create mode 100644 interfaces/kits/ani/certificate_manager_ani/include/cm_uninstall_user_ca_sync_impl.h create mode 100644 interfaces/kits/ani/certificate_manager_ani/include/cm_update_impl.h create mode 100644 interfaces/kits/ani/certificate_manager_ani/src/cm_abort_impl.cpp create mode 100644 interfaces/kits/ani/certificate_manager_ani/src/cm_ani.cpp create mode 100644 interfaces/kits/ani/certificate_manager_ani/src/cm_finish_impl.cpp create mode 100644 interfaces/kits/ani/certificate_manager_ani/src/cm_get_app_cert_impl.cpp create mode 100644 interfaces/kits/ani/certificate_manager_ani/src/cm_get_ca_list_impl.cpp create mode 100644 interfaces/kits/ani/certificate_manager_ani/src/cm_get_cert_info_impl.cpp create mode 100644 interfaces/kits/ani/certificate_manager_ani/src/cm_get_cert_store_path.cpp create mode 100644 interfaces/kits/ani/certificate_manager_ani/src/cm_get_cred_list_impl.cpp create mode 100644 interfaces/kits/ani/certificate_manager_ani/src/cm_init_impl.cpp create mode 100644 interfaces/kits/ani/certificate_manager_ani/src/cm_install_private_cert_impl.cpp create mode 100644 interfaces/kits/ani/certificate_manager_ani/src/cm_install_user_ca_sync_impl.cpp create mode 100644 interfaces/kits/ani/certificate_manager_ani/src/cm_is_authorized_app_impl.cpp create mode 100644 interfaces/kits/ani/certificate_manager_ani/src/cm_uninstall_private_cert_impl.cpp create mode 100644 interfaces/kits/ani/certificate_manager_ani/src/cm_uninstall_user_ca_sync_impl.cpp create mode 100644 interfaces/kits/ani/certificate_manager_ani/src/cm_update_impl.cpp create mode 100644 interfaces/kits/ani/certificate_manager_dialog_ani/BUILD.gn create mode 100644 interfaces/kits/ani/certificate_manager_dialog_ani/ets/@ohos.security.certManagerDialog.ets create mode 100644 interfaces/kits/ani/certificate_manager_dialog_ani/include/cm_open_auth_dialog.h create mode 100644 interfaces/kits/ani/certificate_manager_dialog_ani/include/cm_open_cert_detail_dialog.h create mode 100644 interfaces/kits/ani/certificate_manager_dialog_ani/include/cm_open_certmanager_dialog.h create mode 100644 interfaces/kits/ani/certificate_manager_dialog_ani/include/cm_open_dialog.h create mode 100644 interfaces/kits/ani/certificate_manager_dialog_ani/include/cm_open_install_dialog.h create mode 100644 interfaces/kits/ani/certificate_manager_dialog_ani/include/cm_open_uninstall_dialog.h create mode 100644 interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_dialog_ani.cpp create mode 100644 interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_open_auth_dialog.cpp create mode 100644 interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_open_cert_detail_dialog.cpp create mode 100644 interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_open_certmanager_dialog.cpp create mode 100644 interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_open_dialog.cpp create mode 100644 interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_open_install_dialog.cpp create mode 100644 interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_open_uninstall_dialog.cpp create mode 100644 interfaces/kits/ani/cm_ani_common/BUILD.gn create mode 100644 interfaces/kits/ani/cm_ani_common/builder/include/cm_result_builder.h create mode 100644 interfaces/kits/ani/cm_ani_common/builder/src/cm_result_builder.cpp create mode 100644 interfaces/kits/ani/cm_ani_common/impl/include/cm_ani_async_impl.h create mode 100644 interfaces/kits/ani/cm_ani_common/impl/include/cm_ani_common.h create mode 100644 interfaces/kits/ani/cm_ani_common/impl/include/cm_ani_impl.h create mode 100644 interfaces/kits/ani/cm_ani_common/impl/src/cm_ani_async_impl.cpp create mode 100644 interfaces/kits/ani/cm_ani_common/impl/src/cm_ani_common.cpp create mode 100644 interfaces/kits/ani/cm_ani_common/impl/src/cm_ani_impl.cpp create mode 100644 interfaces/kits/ani/cm_ani_common/utils/include/cm_ani_utils.h create mode 100644 interfaces/kits/ani/cm_ani_common/utils/src/cm_ani_utils.cpp create mode 100644 interfaces/kits/common/include/cm_api_common.h create mode 100644 interfaces/kits/common/include/cm_dialog_api_common.h create mode 100644 interfaces/kits/common/src/cm_dialog_api_common.cpp diff --git a/BUILD.gn b/BUILD.gn index 2c2edd4..c37a496 100644 --- a/BUILD.gn +++ b/BUILD.gn @@ -37,6 +37,26 @@ group("cert_manager_napi") { } } +group("cert_manager_ani") { + if (os_level == "standard") { + if (support_jsapi) { + deps = [ + "./interfaces/kits/ani:certmanager_ani_group", + ] + } + } +} + +group("cert_manager_dialog_ani") { + if (os_level == "standard") { + if (support_jsapi) { + deps = [ + "./interfaces/kits/ani:certmanager_dialog_ani_group", + ] + } + } +} + group("cert_manager_cjapi") { if (os_level == "standard") { deps = [ "./interfaces/kits/cj:cj_cert_manager_ffi" ] @@ -54,6 +74,8 @@ group("cipher_napi") { group("cert_manager_type_base") { if (os_level == "standard") { deps = [ + ":cert_manager_ani", + ":cert_manager_dialog_ani", ":cert_manager_cjapi", ":cert_manager_napi", "./config:trusted_system_certificate0", diff --git a/bundle.json b/bundle.json index 6e65729..15638fc 100644 --- a/bundle.json +++ b/bundle.json @@ -58,7 +58,8 @@ "safwk", "samgr", "security_guard", - "openssl" + "openssl", + "runtime_core" ] }, "build": { diff --git a/interfaces/kits/ani/BUILD.gn b/interfaces/kits/ani/BUILD.gn new file mode 100644 index 0000000..592f255 --- /dev/null +++ b/interfaces/kits/ani/BUILD.gn @@ -0,0 +1,28 @@ +# Copyright (c) 2025-2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos.gni") + +group("certmanager_ani_group") { + deps = [ + "./certificate_manager_ani:certmanager_ani", + "./certificate_manager_ani:certmanager_ani_abc_etc" + ] +} + +group("certmanager_dialog_ani_group") { + deps = [ + "./certificate_manager_dialog_ani:certmanager_dialog_ani", + "./certificate_manager_dialog_ani:certmanager_dialog_ani_abc_etc" + ] +} \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/BUILD.gn b/interfaces/kits/ani/certificate_manager_ani/BUILD.gn new file mode 100644 index 0000000..267adf0 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/BUILD.gn @@ -0,0 +1,85 @@ +# Copyright (c) 2025-2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/components/ets_frontend/ets2abc_config.gni") +import("//base/security/certificate_manager/cert_manager.gni") +import("//build/ohos.gni") + +ohos_shared_library("certmanager_ani") { + branch_protector_ret = "pac_ret" + sanitize = { + cfi = true + cfi_cross_dso = true + boundary_sanitize = true + debug = false + integer_overflow = true + ubsan = true + cfi_vcall_icall_only = true + } + include_dirs = [ + "include", + ] + sources = [ + "./src/cm_ani.cpp", + "./src/cm_install_private_cert_impl.cpp", + "./src/cm_uninstall_private_cert_impl.cpp", + "./src/cm_get_app_cert_impl.cpp", + "./src/cm_get_cred_list_impl.cpp", + "./src/cm_init_impl.cpp", + "./src/cm_update_impl.cpp", + "./src/cm_finish_impl.cpp", + "./src/cm_abort_impl.cpp", + "./src/cm_is_authorized_app_impl.cpp", + "./src/cm_get_ca_list_impl.cpp", + "./src/cm_get_cert_info_impl.cpp", + "./src/cm_get_cert_store_path.cpp", + "./src/cm_install_user_ca_sync_impl.cpp", + "./src/cm_uninstall_user_ca_sync_impl.cpp", + ] + external_deps = [ + "c_utils:utils", + "runtime_core:ani", + "ipc:ipc_core", + "bundle_framework:appexecfwk_base", + "bundle_framework:appexecfwk_core", + "os_account:os_account_innerkits", + "samgr:samgr_proxy", + ] + cflags_cc = [ + "-Wall", + "-Werror", + ] + deps = [ + "${cert_manager_root_dir}/frameworks/cert_manager_standard/main/common:libcert_manager_common_standard_static", + "${cert_manager_root_dir}/interfaces/innerkits/cert_manager_standard/main:cert_manager_sdk", + "${cert_manager_root_dir}/interfaces/kits/ani/cm_ani_common:cm_ani_common_static", + ] + + subsystem_name = "security" + part_name = "certificate_manager" +} + +generate_static_abc("certmanager_abc") { + base_url = "./ets" + files = [ "./ets/@ohos.security.certManager.ets" ] + is_boot_abc = "True" + device_dst_file = "/system/framework/certmanager_abc.abc" +} + +ohos_prebuilt_etc("certmanager_ani_abc_etc") { + source = "$target_out_dir/certmanager_abc.abc" + module_install_dir = "framework" + subsystem_name = "security" + part_name = "certificate_manager" + deps = [ ":certmanager_abc" ] +} diff --git a/interfaces/kits/ani/certificate_manager_ani/ets/@ohos.security.certManager.ets b/interfaces/kits/ani/certificate_manager_ani/ets/@ohos.security.certManager.ets new file mode 100644 index 0000000..ab3641f --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/ets/@ohos.security.certManager.ets @@ -0,0 +1,441 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import type { BusinessError, AsyncCallback } from '@ohos.base'; + +native function installPrivateCertificateNative(keystore: ArrayBuffer, keystorePwd: string, + certAlias: string): NativeResult; + +native function uninstallPrivateCertificateNative(keyUri: string): NativeResult; + +native function getAllAppPrivateCertificatesNative(): NativeResult; + +native function getPrivateCertificateNative(keyUri: string): NativeResult; + +native function initNative(authUri: string, + spec: certificateManager.CMSignatureSpec): NativeResult; + +native function updateNative(handle: ArrayBuffer, data: ArrayBuffer): NativeResult; + +native function finishNative(handle: ArrayBuffer, signature?: ArrayBuffer): NativeResult; + +native function abortNative(handle: ArrayBuffer): NativeResult; + +native function getPublicCertificateNative(keyUri: string): NativeResult; + +native function isAuthorizedAppNative(keyUri: string): NativeResult; + +native function getAllUserCANative(): NativeResult; + +native function getAllUserCAByScopeNative( + scope: certificateManager.CertScope +): NativeResult; + +native function getUserCANative(certUri: string): NativeResult; + +native function getAllSystemCredNative(): NativeResult; + +native function getPrivateCertificatesNative(): NativeResult; + +native function getCertificateStorePathNative( + certType: certificateManager.CertType, + certScope: certificateManager.CertScope +): NativeResult; + +native function installUserCASyncNative( + cert: ArrayBuffer, + certScope: certificateManager.CertScope +): NativeResult; + +native function uninstallUserCASyncNative(certUri: string): NativeResult; + +native function installPrivateCertWithLevelNative( + keystore: ArrayBuffer, + keystorePwd: string, + certAlias: string, + level: certificateManager.AuthStorageLevel +): NativeResult; + +class NativeResult { + code: int; + message: string = ""; + result?: T; +} + +class CredentialAbstractClass implements certificateManager.CredentialAbstract { + type: string = ''; + alias: string = ''; + keyUri: string = ''; +} + +class CMResultClass implements certificateManager.CMResult{ + certList?: Array; + certInfo?: certificateManager.CertInfo; + credentialList?: Array; + credential?: certificateManager.Credential; + appUidList?: Array; + uri?: string; + outData?: Uint8Array; +} + +class CredentialClass implements certificateManager.Credential { + type: string = ''; + alias: string = ''; + keyUri: string = ''; + certNum: int; + keyNum: int; + credentialData: Uint8Array = new Uint8Array(); +} + +class CMHandleClass implements certificateManager.CMHandle { + handle: Uint8Array = new Uint8Array(); +} + +class CertAbstractClass implements certificateManager.CertAbstract { + uri: string = ''; + certAlias: string = ''; + state: boolean = false; + subjectName: string = ''; +} + +class CertInfoClass implements certificateManager.CertInfo { + uri: string = ''; + certAlias: string = ''; + state: boolean = false; + issuerName: string = ''; + subjectName: string = ''; + serial: string = ''; + notBefore: string = ''; + notAfter: string = ''; + fingerprintSha256: string = ''; + cert: Uint8Array = new Uint8Array(); +} + +export namespace certificateManager { + + static { + loadLibrary("certmanager_ani.z"); + } + + export enum CMErrorCode { + CM_ERROR_NO_PERMISSION = 201, + CM_ERROR_NOT_SYSTEM_APP = 202, + CM_ERROR_INVALID_PARAMS = 401, + CM_ERROR_GENERIC = 17500001, + CM_ERROR_NO_FOUND = 17500002, + CM_ERROR_INCORRECT_FORMAT = 17500003, + CM_ERROR_MAX_CERT_COUNT_REACHED = 17500004, + CM_ERROR_NO_AUTHORIZATION = 17500005, + CM_ERROR_DEVICE_ENTER_ADVSECMODE = 17500007, + CM_ERROR_STORE_PATH_NOT_SUPPORTED = 17500009 + } + + export interface CertInfo { + uri: string; + certAlias: string; + state: boolean; + issuerName: string; + subjectName: string; + serial: string; + notBefore: string; + notAfter: string; + fingerprintSha256: string; + cert: Uint8Array; + } + + export interface CertAbstract { + uri: string; + certAlias: string; + state: boolean; + subjectName: string; + } + + export interface Credential { + type: string; + alias: string; + keyUri: string; + certNum: int; + keyNum: int; + credentialData: Uint8Array; + } + + export interface CredentialAbstract { + type: string; + alias: string; + keyUri: string; + } + + export interface CMResult { + certList?: Array; + certInfo?: CertInfo; + credentialList?: Array; + credential?: Credential; + appUidList?: Array; + uri?: string; + outData?: Uint8Array; + } + + export enum CmKeyPurpose { + CM_KEY_PURPOSE_SIGN = 4, + CM_KEY_PURPOSE_VERIFY = 8 + } + + export enum CmKeyDigest { + CM_DIGEST_NONE = 0, + CM_DIGEST_MD5 = 1, + CM_DIGEST_SHA1 = 2, + CM_DIGEST_SHA224 = 3, + CM_DIGEST_SHA256 = 4, + CM_DIGEST_SHA384 = 5, + CM_DIGEST_SHA512 = 6, + CM_DIGEST_SM3 = 7 + } + + export enum CmKeyPadding { + CM_PADDING_NONE = 0, + CM_PADDING_PSS = 1, + CM_PADDING_PKCS1_V1_5 = 2 + } + + export interface CMSignatureSpec { + purpose: CmKeyPurpose; + padding?: CmKeyPadding; + digest?: CmKeyDigest; + } + + export interface CMHandle { + handle: Uint8Array; + } + + function taskExecuteReturn(pool: Promise, callback: AsyncCallback, result: T): void { + pool.then((ret: NullishType) => { + let nativeResult: NativeResult = ret as NativeResult; + let err = new BusinessError(); + if (nativeResult.result !== undefined) { + result = nativeResult.result as T; + } + if (nativeResult.code === 0) { + err.code = 0; + callback(err, result); + } else { + err.code = nativeResult.code; + err.message = nativeResult.message; + callback(err, result); + } + }); + } + + export enum CertType { + CA_CERT_SYSTEM = 0, + CA_CERT_USER = 1 + } + + export enum CertScope { + CURRENT_USER = 1, + GLOBAL_USER = 2 + } + + export interface CertStoreProperty { + certType: CertType; + certScope?: CertScope; + } + + export enum AuthStorageLevel { + EL1 = 1, + EL2 = 2, + EL4 = 4, + } + + function createPromise(task: () => NativeResult, result: T): Promise { + return new Promise((resolve, reject: (error: BusinessError) => void) => { + let nativeResult: NativeResult = task(); + if (nativeResult.result !== undefined) { + result = nativeResult.result as T; + } + if (nativeResult.code === 0) { + resolve(result); + } else { + let error: BusinessError = { code: nativeResult.code, message: nativeResult.message }; + reject(error); + } + }) + } + + export function installPrivateCertificate( + keystore: Uint8Array, + keystorePwd: string, + certAlias: string, + callback: AsyncCallback + ): void { + let pool = taskpool.execute(installPrivateCertificateNative, keystore.buffer, keystorePwd, certAlias); + taskExecuteReturn(pool, callback, {}); + } + + export function installPrivateCertificate( + keystore: Uint8Array, + keystorePwd: string, + certAlias: string + ): Promise { + return createPromise(() => installPrivateCertificateNative(keystore.buffer, keystorePwd, certAlias), {}); + } + + export function uninstallPrivateCertificate(keyUri: string, callback: AsyncCallback): void { + let pool = taskpool.execute(uninstallPrivateCertificateNative, keyUri); + taskExecuteReturn(pool, callback, undefined); + } + + export function uninstallPrivateCertificate(keyUri: string): Promise { + return createPromise(() => uninstallPrivateCertificateNative(keyUri), undefined); + } + + export function getAllAppPrivateCertificates(callback: AsyncCallback): void { + let pool = taskpool.execute(getAllAppPrivateCertificatesNative); + taskExecuteReturn(pool, callback, {}); + } + + export function getAllAppPrivateCertificates(): Promise { + return createPromise(() => getAllAppPrivateCertificatesNative(), {}); + } + + export function getPrivateCertificate(keyUri: string, callback: AsyncCallback): void { + let pool = taskpool.execute(getPrivateCertificateNative, keyUri); + taskExecuteReturn(pool, callback, {}); + } + + export function getPrivateCertificate(keyUri: string): Promise { + return createPromise(() => getPrivateCertificateNative(keyUri), {}); + } + + export function init(authUri: string, spec: CMSignatureSpec, callback: AsyncCallback): void { + let result: CMHandle = { handle: new Uint8Array() }; + let pool = taskpool.execute(initNative, authUri, spec); + taskExecuteReturn(pool, callback, result); + } + + export function init(authUri: string, spec: CMSignatureSpec): Promise { + let result: CMHandle = { handle: new Uint8Array() }; + return createPromise(() => initNative(authUri, spec), result); + } + + export function update(handle: Uint8Array, data: Uint8Array, callback: AsyncCallback): void { + let pool = taskpool.execute(updateNative, handle.buffer, data.buffer); + taskExecuteReturn(pool, callback, undefined); + } + + export function update(handle: Uint8Array, data: Uint8Array): Promise { + return createPromise(() => updateNative(handle.buffer, data.buffer), undefined); + } + + export function finish(handle: Uint8Array, callback: AsyncCallback): void { + let pool = taskpool.execute(finishNative, handle.buffer, undefined); + taskExecuteReturn(pool, callback, {}); + } + + export function finish(handle: Uint8Array, signature: Uint8Array, callback: AsyncCallback): void { + let pool = taskpool.execute(finishNative, handle.buffer, signature.buffer); + taskExecuteReturn(pool, callback, {}); + } + + export function finish(handle: Uint8Array, signature?: Uint8Array): Promise { + return createPromise(() => finishNative(handle.buffer, signature?.buffer?? undefined), {}); + } + + export function abort(handle: Uint8Array, callback: AsyncCallback): void { + let pool = taskpool.execute(abortNative, handle.buffer); + taskExecuteReturn(pool, callback, undefined); + } + + export function abort(handle: Uint8Array): Promise { + return createPromise(() => abortNative(handle.buffer), undefined); + } + + export function getPublicCertificate(keyUri: string): Promise { + return createPromise(() => getPublicCertificateNative(keyUri), {}); + } + + export function isAuthorizedApp(keyUri: string): Promise { + return createPromise(() => isAuthorizedAppNative(keyUri), false); + } + + export function getAllUserTrustedCertificates(): Promise { + return createPromise(() => getAllUserCANative(), {}); + } + + export function getAllUserTrustedCertificates(scope: CertScope): Promise { + return createPromise(() => getAllUserCAByScopeNative(scope), {}); + } + + export function getUserTrustedCertificate(certUri: string): Promise { + return createPromise(() => getUserCANative(certUri), {}); + } + + export function getAllSystemAppCertificates(): Promise { + return createPromise(() => getAllSystemCredNative(), {}); + } + + export function getPrivateCertificates(): Promise { + return createPromise(() => getPrivateCertificatesNative(), {}); + } + + export function getCertificateStorePath(property: CertStoreProperty): string { + let certType: CertType = property.certType; + let certScope: CertScope = property.certScope?? CertScope.CURRENT_USER; + let nativeResult: NativeResult = getCertificateStorePathNative(certType, certScope); + if (nativeResult.code === 0) { + return nativeResult.result?? ''; + } else { + let error = new BusinessError(); + error.code = nativeResult.code; + error.message = nativeResult.message; + throw error; + } + } + + export function installUserTrustedCertificateSync(cert: Uint8Array, certScope: CertScope) : CMResult { + let nativeResult: NativeResult = installUserCASyncNative(cert.buffer, certScope); + if (nativeResult.code === 0) { + let result: CMResult = nativeResult.result?? {} as CMResult; + return result; + } else { + let error = new BusinessError(); + error.code = nativeResult.code; + error.message = nativeResult.message; + throw error; + } + } + + export function uninstallUserTrustedCertificateSync(certUri: string) : void { + let nativeResult: NativeResult = uninstallUserCASyncNative(certUri); + if (nativeResult.code === 0) { + return; + } else { + let error = new BusinessError(); + error.code = nativeResult.code; + error.message = nativeResult.message; + throw error; + } + } + + export function installPrivateCertificate( + keystore: Uint8Array, + keystorePwd: string, + certAlias: string, + level: AuthStorageLevel): Promise { + return createPromise( + () => installPrivateCertWithLevelNative(keystore.buffer, keystorePwd, certAlias, level), + {} + ); + } +} diff --git a/interfaces/kits/ani/certificate_manager_ani/include/cm_abort_impl.h b/interfaces/kits/ani/certificate_manager_ani/include/cm_abort_impl.h new file mode 100644 index 0000000..2a675ef --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/include/cm_abort_impl.h @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_ABORT_IMPL_H +#define CM_ABORT_IMPL_H + +#include "cm_ani_impl.h" +#include "cm_log.h" + +namespace OHOS::Security::CertManager::Ani { +class CmAbortImpl : public CertManagerAniImpl { +private: + /* ani params */ + ani_arraybuffer aniHandle = nullptr; + /* parsed params */ + CmBlob handle; +public: + CmAbortImpl(ani_env *env, ani_arraybuffer aniHandle); + ~CmAbortImpl() {}; + + int32_t Init() override; + int32_t GetParamsFromEnv() override; + int32_t InvokeInnerApi() override; + int32_t UnpackResult() override; + void OnFinish() override; +}; +} +#endif // CM_ABORT_IMPL_H \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/include/cm_finish_impl.h b/interfaces/kits/ani/certificate_manager_ani/include/cm_finish_impl.h new file mode 100644 index 0000000..4859377 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/include/cm_finish_impl.h @@ -0,0 +1,74 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_FINISH_IMPL_H +#define CM_FINISH_IMPL_H + +#include +#include "cm_ani_impl.h" +#include "cm_log.h" + +namespace OHOS::Security::CertManager::Ani { +class CmFinishImpl : public CertManagerAniImpl { +public: + /* ani params */ + ani_arraybuffer aniHandle = nullptr; + ani_arraybuffer aniSignature = nullptr; + /* parsed params */ + CmBlob handle; + CmBlob signature; + CmFinishImpl(ani_env *env); + ~CmFinishImpl() {}; + + int32_t GetParamsFromEnv() override; + void OnFinish() override; +}; + +class CmSignatureFinishImpl : public CmFinishImpl { +public: + CmSignatureFinishImpl(ani_env *env, ani_arraybuffer aniHandle); + ~CmSignatureFinishImpl() {}; + + int32_t Init() override; + int32_t InvokeInnerApi() override; + int32_t UnpackResult() override; +}; + +class CmVerifyFinishImpl : public CmFinishImpl { +public: + CmVerifyFinishImpl(ani_env *env, ani_arraybuffer aniHandle, ani_arraybuffer aniSignature); + ~CmVerifyFinishImpl() {}; + + int32_t Init() override; + int32_t InvokeInnerApi() override; + int32_t UnpackResult() override; + int32_t GetParamsFromEnv() override; +}; + +class CmFinishImplProxy : public CertManagerAniImpl { +private: + std::shared_ptr finishImpl = nullptr; +public: + CmFinishImplProxy(ani_env *env, ani_arraybuffer aniHandle, ani_arraybuffer aniSignature); + ~CmFinishImplProxy() {}; + + int32_t Init() override; + int32_t GetParamsFromEnv() override; + int32_t InvokeInnerApi() override; + int32_t UnpackResult() override; + void OnFinish() override; +}; +} +#endif // CM_FINISH_IMPL_H \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/include/cm_get_app_cert_impl.h b/interfaces/kits/ani/certificate_manager_ani/include/cm_get_app_cert_impl.h new file mode 100644 index 0000000..55eee29 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/include/cm_get_app_cert_impl.h @@ -0,0 +1,54 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_GET_APP_PRIVATE_CERT_H +#define CM_GET_APP_PRIVATE_CERT_H + +#include "cm_ani_impl.h" +#include "cm_log.h" +#include "cm_log.h" +#include "cm_ani_common.h" + +namespace OHOS::Security::CertManager::Ani { +class CmGetAppCertImpl : public CertManagerAniImpl { +private: + ani_string aniKeyuri; + CmBlob keyuri = { 0 }; + Credential *credential = nullptr; + uint32_t store = -1; +public: + CmGetAppCertImpl(ani_env *env, ani_string aniKeyuri, uint32_t store); + ~CmGetAppCertImpl() {}; + + int32_t Init() override; + int32_t GetParamsFromEnv() override; + int32_t InvokeInnerApi() override; + int32_t UnpackResult() override; + void OnFinish() override; +}; + +class CmGetAppPrivateCertImpl : public CmGetAppCertImpl { +public: + CmGetAppPrivateCertImpl(ani_env *env, ani_string aniKeyuri) + : CmGetAppCertImpl(env, aniKeyuri, APPLICATION_PRIVATE_CERTIFICATE_STORE) {} +}; + +class CmGetAppPublicCertImpl : public CmGetAppCertImpl { +public: + CmGetAppPublicCertImpl(ani_env *env, ani_string aniKeyuri) + : CmGetAppCertImpl(env, aniKeyuri, APPLICATION_CERTIFICATE_STORE) {} +}; +} +#endif // CM_GET_APP_PRIVATE_CERT_H \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/include/cm_get_ca_list_impl.h b/interfaces/kits/ani/certificate_manager_ani/include/cm_get_ca_list_impl.h new file mode 100644 index 0000000..538fbee --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/include/cm_get_ca_list_impl.h @@ -0,0 +1,60 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_GET_ALL_USER_CA_H +#define CM_GET_ALL_USER_CA_H + +#include "cm_ani_impl.h" +#include "cm_log.h" +#include "cert_manager_api.h" + +namespace OHOS::Security::CertManager::Ani { +class CmGetCaListImpl : public CertManagerAniImpl { +protected: + CertList certList = { 0 }; +public: + CmGetCaListImpl(ani_env *env); + ~CmGetCaListImpl() {}; + + int32_t Init() override; + int32_t GetParamsFromEnv() override; + int32_t UnpackResult() override; + void OnFinish() override; +}; + +class CmGetAllUserCaImpl : public CmGetCaListImpl { +public: + CmGetAllUserCaImpl(ani_env *env) : CmGetCaListImpl(env) {}; + ~CmGetAllUserCaImpl() {}; + + int32_t InvokeInnerApi() override + { + return CmGetUserCertList(CM_USER_TRUSTED_STORE, &this->certList); + } +}; + +class CmGetAllUserCaByScopeImpl : public CmGetCaListImpl { +private: + ani_enum_item aniScope; + enum CmCertScope scope = CM_ALL_USER; +public: + CmGetAllUserCaByScopeImpl(ani_env *env, ani_enum_item aniScope); + ~CmGetAllUserCaByScopeImpl() {}; + + int32_t InvokeInnerApi() override; + int32_t GetParamsFromEnv() override; +}; +} +#endif // CM_GET_ALL_USER_CA_H \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/include/cm_get_cert_info_impl.h b/interfaces/kits/ani/certificate_manager_ani/include/cm_get_cert_info_impl.h new file mode 100644 index 0000000..12d6715 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/include/cm_get_cert_info_impl.h @@ -0,0 +1,42 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_GET_USER_CA_IMPL_H +#define CM_GET_USER_CA_IMPL_H + +#include "cm_ani_impl.h" +#include "cm_log.h" + +namespace OHOS::Security::CertManager::Ani { +class CmGetCertInfoImpl : public CertManagerAniImpl { +private: + /* ani params */ + ani_string aniCertUri; + /* parsed params */ + CmBlob certUri; + CertInfo *certificate; + uint32_t store; +public: + CmGetCertInfoImpl(ani_env *env, ani_string aniCertUri, uint32_t store); + ~CmGetCertInfoImpl() {}; + + int32_t Init() override; + int32_t GetParamsFromEnv() override; + int32_t InvokeInnerApi() override; + int32_t UnpackResult() override; + void OnFinish() override; +}; +} +#endif // CM_TEMPLATE_IMPL_H \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/include/cm_get_cert_store_path.h b/interfaces/kits/ani/certificate_manager_ani/include/cm_get_cert_store_path.h new file mode 100644 index 0000000..ff9a179 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/include/cm_get_cert_store_path.h @@ -0,0 +1,55 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_GET_CERT_STORE_PATH_H +#define CM_GET_CERT_STORE_PATH_H + +#include + +#include "cm_ani_impl.h" +#include "cm_log.h" + +#include "bundle_mgr_proxy.h" +#include "iservice_registry.h" +#include "os_account_manager.h" +#include "system_ability_definition.h" + +namespace OHOS::Security::CertManager::Ani { +class CmGetCertStorePathImpl : public CertManagerAniImpl { +private: + /* ani params */ + ani_enum_item aniCertType; + ani_enum_item aniCertScope; + /* parsed params */ + uint32_t certType; + uint32_t certScope; + + std::string path = ""; + + sptr GetBundleMgrProxy(); + int32_t GetUserCaStorePath(); + +public: + CmGetCertStorePathImpl(ani_env *env, ani_enum_item aniCertType, ani_enum_item aniCertScope); + ~CmGetCertStorePathImpl() {}; + + int32_t Init() override; + int32_t GetParamsFromEnv() override; + int32_t InvokeInnerApi() override; + int32_t UnpackResult() override; + void OnFinish() override; +}; +} +#endif // CM_GET_CERT_STORE_PATH_H \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/include/cm_get_cred_list_impl.h b/interfaces/kits/ani/certificate_manager_ani/include/cm_get_cred_list_impl.h new file mode 100644 index 0000000..4ec1f5e --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/include/cm_get_cred_list_impl.h @@ -0,0 +1,49 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_GET_ALL_APP_PRIVATE_CERTS_IMPL_H +#define CM_GET_ALL_APP_PRIVATE_CERTS_IMPL_H + +#include "cm_ani_impl.h" +#include "cm_log.h" +#include "cert_manager_api.h" + +namespace OHOS::Security::CertManager::Ani { +class CmGetCredListImpl : public CertManagerAniImpl { +protected: + CredentialList *credentialList = nullptr; + uint32_t store; +public: + CmGetCredListImpl(ani_env *env, uint32_t store); + ~CmGetCredListImpl() {}; + + int32_t Init() override; + int32_t GetParamsFromEnv() override; + int32_t InvokeInnerApi() override; + int32_t UnpackResult() override; + void OnFinish() override; +}; + +class CmGetPrivateCredListImpl : public CmGetCredListImpl { +public: + CmGetPrivateCredListImpl(ani_env *env, uint32_t store) : CmGetCredListImpl(env, store) {} + + int32_t InvokeInnerApi() override + { + return CmCallingGetAppCertList(this->store, this->credentialList); + } +}; +} +#endif // CM_GET_ALL_APP_PRIVATE_CERTS_IMPL_H \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/include/cm_init_impl.h b/interfaces/kits/ani/certificate_manager_ani/include/cm_init_impl.h new file mode 100644 index 0000000..04d8d80 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/include/cm_init_impl.h @@ -0,0 +1,41 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_INIT_IMPL_H +#define CM_INIT_IMPL_H + +#include "cm_ani_impl.h" +#include "cm_log.h" + +namespace OHOS::Security::CertManager::Ani { +class CmInitImpl : public CertManagerAniImpl { +private: + ani_string aniAuthUri; + ani_object spec; + CmBlob authUri { 0 }; + CmSignatureSpec signatureSpec = { 0 }; + CmBlob handle { 0 }; +public: + CmInitImpl(ani_env *env, ani_string aniAuthUri, ani_object spec); + ~CmInitImpl() {}; + + int32_t Init() override; + int32_t GetParamsFromEnv() override; + int32_t InvokeInnerApi() override; + int32_t UnpackResult() override; + void OnFinish() override; +}; +} +#endif // CM_INIT_IMPL_H \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/include/cm_install_private_cert_impl.h b/interfaces/kits/ani/certificate_manager_ani/include/cm_install_private_cert_impl.h new file mode 100644 index 0000000..a4ab3ee --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/include/cm_install_private_cert_impl.h @@ -0,0 +1,50 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_INSTALL_PRIVATE_CERT_IMPL_H +#define CM_INSTALL_PRIVATE_CERT_IMPL_H + +#include "cm_ani_impl.h" +#include "cm_log.h" +#include "cert_manager_api.h" + +namespace OHOS::Security::CertManager::Ani { +class CmInstallPrivateCertImpl : public CertManagerAniImpl { +private: + /* ani params */ + ani_arraybuffer aniKeystore = nullptr; + ani_string aniKeystorePwd = nullptr; + ani_string aniCertAlias = nullptr; + /* parsed params */ + CmBlob keystore = {}; + CmBlob keystorePwd = {}; + CmBlob certAlias = {}; + CmBlob retUri = {}; + + enum CmAuthStorageLevel level = CM_AUTH_STORAGE_LEVEL_EL1; +public: + CmInstallPrivateCertImpl(ani_env *env, ani_arraybuffer aniKeystore, ani_string aniKeystorePwd, + ani_string aniCertAlias); + ~CmInstallPrivateCertImpl() {}; + + int32_t Init() override; + int32_t GetParamsFromEnv() override; + int32_t InvokeInnerApi() override; + int32_t UnpackResult() override; + void OnFinish() override; + int32_t SetLevel(ani_enum_item aniLevel); +}; +} +#endif \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/include/cm_install_user_ca_sync_impl.h b/interfaces/kits/ani/certificate_manager_ani/include/cm_install_user_ca_sync_impl.h new file mode 100644 index 0000000..49f1d8d --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/include/cm_install_user_ca_sync_impl.h @@ -0,0 +1,44 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_INSTALL_USER_CA_SYNC_IMPL_H +#define CM_INSTALL_USER_CA_SYNC_IMPL_H + +#include "cm_ani_impl.h" +#include "cm_log.h" + +namespace OHOS::Security::CertManager::Ani { +class CmInstallUserCaSyncImpl : public CertManagerAniImpl { +private: + /* ani params */ + ani_arraybuffer aniCertData; + ani_enum_item aniCertScope; + /* parsed params */ + CmBlob certData; + uint32_t certScope; + + CmBlob certUri; +public: + CmInstallUserCaSyncImpl(ani_env *env, ani_arraybuffer aniCertData, ani_enum_item aniCertScope); + ~CmInstallUserCaSyncImpl() {}; + + int32_t Init() override; + int32_t GetParamsFromEnv() override; + int32_t InvokeInnerApi() override; + int32_t UnpackResult() override; + void OnFinish() override; +}; +} +#endif // CM_INSTALL_USER_CA_SYNC_IMPL_H \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/include/cm_is_authorized_app_impl.h b/interfaces/kits/ani/certificate_manager_ani/include/cm_is_authorized_app_impl.h new file mode 100644 index 0000000..69a89da --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/include/cm_is_authorized_app_impl.h @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_IS_AUTHORIZED_APP_H +#define CM_IS_AUTHORIZED_APP_H + +#include "cm_ani_impl.h" +#include "cm_log.h" + +namespace OHOS::Security::CertManager::Ani { +class CmIsAuthorizedAppImpl : public CertManagerAniImpl { +private: + /* ani params */ + [[maybe_unused]]ani_string aniKeyUri; + /* parsed params */ + [[maybe_unused]]CmBlob keyUri; +public: + CmIsAuthorizedAppImpl(ani_env *env, ani_string aniKeyUri); + ~CmIsAuthorizedAppImpl() {}; + + int32_t Init() override; + int32_t GetParamsFromEnv() override; + int32_t InvokeInnerApi() override; + int32_t UnpackResult() override; + void OnFinish() override; +}; +} +#endif // CM_IS_AUTHORIZED_APP_H \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/include/cm_uninstall_private_cert_impl.h b/interfaces/kits/ani/certificate_manager_ani/include/cm_uninstall_private_cert_impl.h new file mode 100644 index 0000000..c10c1df --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/include/cm_uninstall_private_cert_impl.h @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_UNINSTALL_PRIVATE_CERT_IMPL_H +#define CM_UNINSTALL_PRIVATE_CERT_IMPL_H + +#include "cm_ani_impl.h" +#include "cm_type.h" + +namespace OHOS::Security::CertManager::Ani { +class CmUninstallPrivateCertImpl : public CertManagerAniImpl { +private: + /* ani params */ + ani_string aniKeyuri; + /* parsed params */ + CmBlob keyuri; +public: + CmUninstallPrivateCertImpl(ani_env *env, ani_string aniKeyuri); + ~CmUninstallPrivateCertImpl() {}; + + int32_t Init() override; + int32_t GetParamsFromEnv() override; + int32_t InvokeInnerApi() override; + int32_t UnpackResult() override; + void OnFinish() override; +}; +} +#endif \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/include/cm_uninstall_user_ca_sync_impl.h b/interfaces/kits/ani/certificate_manager_ani/include/cm_uninstall_user_ca_sync_impl.h new file mode 100644 index 0000000..ad00c60 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/include/cm_uninstall_user_ca_sync_impl.h @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_UNINSTALL_USER_CA_SYNC_IMPL_H +#define CM_UNINSTALL_USER_CA_SYNC_IMPL_H + +#include "cm_ani_impl.h" +#include "cm_type.h" + +namespace OHOS::Security::CertManager::Ani { +class CmUninstallUserCaSyncImpl : public CertManagerAniImpl { +private: + /* ani params */ + ani_string aniCertUri; + /* parsed params */ + CmBlob certUri; +public: + CmUninstallUserCaSyncImpl(ani_env *env, ani_string aniCertUri); + ~CmUninstallUserCaSyncImpl() {}; + + int32_t Init() override; + int32_t GetParamsFromEnv() override; + int32_t InvokeInnerApi() override; + int32_t UnpackResult() override; + void OnFinish() override; +}; +} +#endif // CM_UNINSTALL_USER_CA_SYNC_IMPL_H \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/include/cm_update_impl.h b/interfaces/kits/ani/certificate_manager_ani/include/cm_update_impl.h new file mode 100644 index 0000000..9825ff0 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/include/cm_update_impl.h @@ -0,0 +1,42 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_UPDATE_IMPL_H +#define CM_UPDATE_IMPL_H + +#include "cm_ani_impl.h" +#include "cm_log.h" + +namespace OHOS::Security::CertManager::Ani { +class CmUpdateImpl : public CertManagerAniImpl { +private: + /* ani params */ + ani_arraybuffer aniHandle = nullptr; + ani_arraybuffer aniData = nullptr; + /* parsed params */ + CmBlob handle { 0 }; + CmBlob data { 0 }; +public: + CmUpdateImpl(ani_env *env, ani_arraybuffer aniHandle, ani_arraybuffer aniData); + ~CmUpdateImpl() {}; + + int32_t Init() override; + int32_t GetParamsFromEnv() override; + int32_t InvokeInnerApi() override; + int32_t UnpackResult() override; + void OnFinish() override; +}; +} +#endif // CM_UPDATE_IMPL_H \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/src/cm_abort_impl.cpp b/interfaces/kits/ani/certificate_manager_ani/src/cm_abort_impl.cpp new file mode 100644 index 0000000..6ee3d49 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/src/cm_abort_impl.cpp @@ -0,0 +1,60 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cm_abort_impl.h" +#include "cm_mem.h" +#include "cm_ani_utils.h" +#include "cert_manager_api.h" + +namespace OHOS::Security::CertManager::Ani { +CmAbortImpl::CmAbortImpl(ani_env *env, ani_arraybuffer aniHandle) : CertManagerAniImpl(env) +{ + this->aniHandle = aniHandle; +} + +int32_t CmAbortImpl::Init() +{ + return CM_SUCCESS; +} + +int32_t CmAbortImpl::GetParamsFromEnv() +{ + if (this->env == nullptr) { + CM_LOG_E("check env is null."); + return CMR_ERROR_NULL_POINTER; + } + int32_t ret = AniUtils::ParseUint8Array(this->env, this->aniHandle, this->handle); + if (ret != CM_SUCCESS) { + CM_LOG_E("parse handle failed, ret = %d", ret); + return ret; + } + return CM_SUCCESS; +} + +int32_t CmAbortImpl::InvokeInnerApi() +{ + return CmAbort(&this->handle); +} + +int32_t CmAbortImpl::UnpackResult() +{ + return CM_SUCCESS; +} + +void CmAbortImpl::OnFinish() +{ + return; +} +} \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/src/cm_ani.cpp b/interfaces/kits/ani/certificate_manager_ani/src/cm_ani.cpp new file mode 100644 index 0000000..da540ca --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/src/cm_ani.cpp @@ -0,0 +1,227 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "ani.h" +#include "cm_log.h" +#include "cm_install_private_cert_impl.h" +#include "cm_uninstall_private_cert_impl.h" +#include "cm_get_app_cert_impl.h" +#include "cm_get_cred_list_impl.h" +#include "cm_init_impl.h" +#include "cm_update_impl.h" +#include "cm_finish_impl.h" +#include "cm_abort_impl.h" +#include "cm_is_authorized_app_impl.h" +#include "cm_get_ca_list_impl.h" +#include "cm_get_cert_info_impl.h" +#include "cm_install_user_ca_sync_impl.h" +#include "cm_get_cert_store_path.h" +#include "cm_uninstall_user_ca_sync_impl.h" + +namespace OHOS::Security::CertManager::Ani { +static ani_object installPrivateCertificateNative(ani_env *env, ani_arraybuffer keystore, ani_string keystorePwd, + ani_string certAlias) +{ + auto installPrivateCertImpl = std::make_shared(env, keystore, keystorePwd, certAlias); + return installPrivateCertImpl->Invoke(); +} + +static ani_object installPrivateCertWithLevelNative(ani_env *env, ani_arraybuffer keystore, ani_string keystorePwd, + ani_string certAlias, ani_enum_item level) +{ + auto installPrivateCertImpl = std::make_shared(env, keystore, keystorePwd, certAlias); + installPrivateCertImpl->resultCode = installPrivateCertImpl->SetLevel(level); + if (installPrivateCertImpl->resultCode != CM_SUCCESS) { + CM_LOG_E("invalid level param"); + return installPrivateCertImpl->GenerateResult(); + } + return installPrivateCertImpl->Invoke(); +} + +static ani_object uninstallPrivateCertificateNative(ani_env *env, ani_string keyuri) +{ + auto uninstallPrivateCertImpl = std::make_shared(env, keyuri); + return uninstallPrivateCertImpl->Invoke(); +} + +static ani_object getAllAppPrivateCertificatesNative(ani_env *env) +{ + auto getAllAppPrivateCertificatesImpl = + std::make_shared(env, APPLICATION_PRIVATE_CERTIFICATE_STORE); + return getAllAppPrivateCertificatesImpl->Invoke(); +} + +static ani_object getPrivateCertificatesNative(ani_env *env) +{ + auto getPrivateCredListImpl = + std::make_shared(env, APPLICATION_PRIVATE_CERTIFICATE_STORE); + return getPrivateCredListImpl->Invoke(); +} + +static ani_object getAllSystemCredNative(ani_env *env) +{ + auto getAllSystemCredImpl = std::make_shared(env, APPLICATION_SYSTEM_CERTIFICATE_STORE); + return getAllSystemCredImpl->Invoke(); +} + +static ani_object getPrivateCertificateNative(ani_env *env, ani_string aniKeyuri) +{ + auto getPrivateCertificateImpl = std::make_shared(env, aniKeyuri); + return getPrivateCertificateImpl->Invoke(); +} + +static ani_object getPublicCertificateNative(ani_env *env, ani_string aniKeyuri) +{ + auto getPublicCertImpl = std::make_shared(env, aniKeyuri); + return getPublicCertImpl->Invoke(); +} + +static ani_object initNative(ani_env *env, ani_string aniAuthUri, ani_object spec) +{ + auto initImpl = std::make_shared(env, aniAuthUri, spec); + return initImpl->Invoke(); +} + +static ani_object updateNative(ani_env *env, ani_arraybuffer aniHandle, ani_arraybuffer aniData) +{ + auto updateImpl = std::make_shared(env, aniHandle, aniData); + return updateImpl->Invoke(); +} + +static ani_object finishNative(ani_env *env, ani_arraybuffer aniHandle, ani_arraybuffer aniSignature) +{ + auto finishImpl = std::make_shared(env, aniHandle, aniSignature); + return finishImpl->Invoke(); +} + +static ani_object abortNative(ani_env *env, ani_arraybuffer aniHandle) +{ + auto abortImpl = std::make_shared(env, aniHandle); + return abortImpl->Invoke(); +} + +static ani_object isAuthorizedAppNative(ani_env *env, ani_string aniKeyUri) +{ + auto isAuthorizedAppImpl = std::make_shared(env, aniKeyUri); + return isAuthorizedAppImpl->Invoke(); +} + +static ani_object getAllUserCANative(ani_env *env, ani_string aniKeyUri) +{ + auto getAllUserCaImpl = std::make_shared(env); + return getAllUserCaImpl->Invoke(); +} + +static ani_object getAllUserCAByScopeNative(ani_env *env, ani_enum_item aniScope) +{ + auto getAllUserCaByScopeImpl = std::make_shared(env, aniScope); + return getAllUserCaByScopeImpl->Invoke(); +} + +static ani_object getUserCANative(ani_env *env, ani_string aniCertUri) +{ + auto getCertInfoImpl = std::make_shared(env, aniCertUri, CM_USER_TRUSTED_STORE); + return getCertInfoImpl->Invoke(); +} + +static ani_object installUserCASyncNative(ani_env *env, ani_arraybuffer aniCertData, ani_enum_item aniCertScope) +{ + auto installUserCaSyncImpl = std::make_shared(env, aniCertData, aniCertScope); + return installUserCaSyncImpl->Invoke(); +} + +static ani_object uninstallUserCASyncNative(ani_env *env, ani_string aniCertUri) +{ + auto uninstallUserCaSyncImpl = std::make_shared(env, aniCertUri); + return uninstallUserCaSyncImpl->Invoke(); +} + +static ani_object getCertificateStorePathNative(ani_env *env, ani_enum_item aniCertType, ani_enum_item aniCertScope) +{ + auto getCertStorePathImpl = std::make_shared(env, aniCertType, aniCertScope); + return getCertStorePathImpl->Invoke(); +} + +static const std::array NATIVE_METHODS { + ani_native_function {"installPrivateCertificateNative", nullptr, + reinterpret_cast(installPrivateCertificateNative)}, + ani_native_function {"installPrivateCertWithLevelNative", nullptr, + reinterpret_cast(installPrivateCertWithLevelNative)}, + ani_native_function {"uninstallPrivateCertificateNative", nullptr, + reinterpret_cast(uninstallPrivateCertificateNative)}, + ani_native_function {"getAllAppPrivateCertificatesNative", nullptr, + reinterpret_cast(getAllAppPrivateCertificatesNative)}, + ani_native_function {"getPrivateCertificateNative", nullptr, + reinterpret_cast(getPrivateCertificateNative)}, + ani_native_function {"initNative", nullptr, + reinterpret_cast(initNative)}, + ani_native_function {"updateNative", nullptr, + reinterpret_cast(updateNative)}, + ani_native_function {"finishNative", nullptr, + reinterpret_cast(finishNative)}, + ani_native_function {"abortNative", nullptr, + reinterpret_cast(abortNative)}, + ani_native_function {"getPublicCertificateNative", nullptr, + reinterpret_cast(getPublicCertificateNative)}, + ani_native_function {"isAuthorizedAppNative", nullptr, + reinterpret_cast(isAuthorizedAppNative)}, + ani_native_function {"getAllUserCANative", nullptr, + reinterpret_cast(getAllUserCANative)}, + ani_native_function {"getAllUserCAByScopeNative", nullptr, + reinterpret_cast(getAllUserCAByScopeNative)}, + ani_native_function {"getUserCANative", nullptr, + reinterpret_cast(getUserCANative)}, + ani_native_function {"getAllSystemCredNative", nullptr, + reinterpret_cast(getAllSystemCredNative)}, + ani_native_function {"getPrivateCertificatesNative", nullptr, + reinterpret_cast(getPrivateCertificatesNative)}, + ani_native_function {"getCertificateStorePathNative", nullptr, + reinterpret_cast(getCertificateStorePathNative)}, + ani_native_function {"installUserCASyncNative", nullptr, + reinterpret_cast(installUserCASyncNative)}, + ani_native_function {"uninstallUserCASyncNative", nullptr, + reinterpret_cast(uninstallUserCASyncNative)}, +}; +} + +ANI_EXPORT ani_status ANI_Constructor(ani_vm *vm, uint32_t *result) +{ + if (vm == nullptr || result == nullptr) { + return ANI_INVALID_ARGS; + } + ani_env *env; + auto ret = vm->GetEnv(ANI_VERSION_1, &env); + if (ret != ANI_OK) { + CM_LOG_E("GetEnv failed, ret = %d", static_cast(ret)); + return ret; + } + ani_module module; + ret = env->FindModule("L@ohos/security/certManager;", &module); + if (ret != ANI_OK) { + CM_LOG_E("FindModule failed, ret = %d", static_cast(ret)); + return ret; + } + + ret = env->Module_BindNativeFunctions(module, OHOS::Security::CertManager::Ani::NATIVE_METHODS.data(), + OHOS::Security::CertManager::Ani::NATIVE_METHODS.size()); + if (ret != ANI_OK) { + CM_LOG_E("Module_BindNativeFunctions failed, ret = %d", static_cast(ret)); + return ret; + } + *result = ANI_VERSION_1; + return ANI_OK; +} \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/src/cm_finish_impl.cpp b/interfaces/kits/ani/certificate_manager_ani/src/cm_finish_impl.cpp new file mode 100644 index 0000000..2417c27 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/src/cm_finish_impl.cpp @@ -0,0 +1,186 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cm_finish_impl.h" +#include "cm_mem.h" +#include "cm_ani_utils.h" +#include "cert_manager_api.h" +#include "cm_ani_common.h" +#include "cm_result_builder.h" +#include "securec.h" + +namespace OHOS::Security::CertManager::Ani { +// CmFinishImpl +CmFinishImpl::CmFinishImpl(ani_env *env) : CertManagerAniImpl(env) {} + +int32_t CmFinishImpl::GetParamsFromEnv() +{ + if (this->env == nullptr) { + CM_LOG_E("Install private cert failed, env is null."); + return CMR_ERROR_NULL_POINTER; + } + int32_t ret = AniUtils::ParseUint8Array(this->env, this->aniHandle, this->handle); + if (ret != CM_SUCCESS) { + CM_LOG_E("parse handle failed, ret = %d", ret); + return ret; + } + return CM_SUCCESS; +} + +void CmFinishImpl::OnFinish() +{ + CM_FREE_BLOB(this->signature); + return; +} + +// CmSignatureFinishImpl +CmSignatureFinishImpl::CmSignatureFinishImpl(ani_env *env, ani_arraybuffer aniHandle) : CmFinishImpl(env) +{ + this->aniHandle = aniHandle; +} + +int32_t CmSignatureFinishImpl::Init() +{ + this->signature.data = static_cast(CmMalloc(OUT_SIGNATURE_SIZE)); + if (this->signature.data == nullptr) { + CM_LOG_E("malloc signature data failed."); + return CMR_ERROR_MALLOC_FAIL; + } + (void)memset_s(this->signature.data, OUT_SIGNATURE_SIZE, 0, OUT_SIGNATURE_SIZE); + this->signature.size = OUT_SIGNATURE_SIZE; + return CM_SUCCESS; +} + +int32_t CmSignatureFinishImpl::InvokeInnerApi() +{ + CmBlob inData = { 0, nullptr }; + return CmFinish(&this->handle, &inData, &this->signature); +} + +int32_t CmSignatureFinishImpl::UnpackResult() +{ + CMResultBuilder resultBuilder(this->env); + int32_t ret = resultBuilder + .setOutData(&this->signature) + ->build(); + if (ret != CM_SUCCESS) { + CM_LOG_E("unpack result failed."); + return ret; + } + this->result = resultBuilder.cmResult; + return CM_SUCCESS; +} + +// CmVerifyFinishImpl +CmVerifyFinishImpl::CmVerifyFinishImpl(ani_env *env, ani_arraybuffer aniHandle, + ani_arraybuffer aniSignature) : CmFinishImpl(env) +{ + this->aniHandle = aniHandle; + this->aniSignature = aniSignature; +} + +int32_t CmVerifyFinishImpl::Init() +{ + return CM_SUCCESS; +} + +int32_t CmVerifyFinishImpl::GetParamsFromEnv() +{ + int32_t ret = CmFinishImpl::GetParamsFromEnv(); + if (ret != CM_SUCCESS) { + CM_LOG_E("verify finish parse handle failed, ret = %d", ret); + return ret; + } + ret = AniUtils::ParseUint8Array(this->env, this->aniSignature, this->signature); + if (ret != CM_SUCCESS) { + CM_LOG_E("parse signature failed, ret = %d", ret); + return ret; + } + return CM_SUCCESS; +} + +int32_t CmVerifyFinishImpl::InvokeInnerApi() +{ + CmBlob outData = { 0, nullptr }; + return CmFinish(&this->handle, &this->signature, &outData); +} + +int32_t CmVerifyFinishImpl::UnpackResult() +{ + CMResultBuilder resultBuilder(this->env); + int32_t ret = resultBuilder.build(); + if (ret != CM_SUCCESS) { + CM_LOG_E("unpack result failed."); + return ret; + } + this->result = resultBuilder.cmResult; + return CM_SUCCESS; +} + +CmFinishImplProxy::CmFinishImplProxy(ani_env *env, ani_arraybuffer aniHandle, + ani_arraybuffer aniSignature) : CertManagerAniImpl(env) +{ + if (AniUtils::IsUndefined(env, aniSignature)) { + this->finishImpl = std::make_shared(env, aniHandle); + } else { + this->finishImpl = std::make_shared(env, aniHandle, aniSignature); + } +} + +int32_t CmFinishImplProxy::Init() +{ + if (this->finishImpl == nullptr) { + CM_LOG_E("finishImpl is nullptr"); + return CMR_ERROR_NULL_POINTER; + } + return this->finishImpl->Init(); +} + +int32_t CmFinishImplProxy::GetParamsFromEnv() +{ + if (this->finishImpl == nullptr) { + CM_LOG_E("finishImpl is nullptr"); + return CMR_ERROR_NULL_POINTER; + } + return this->finishImpl->GetParamsFromEnv(); +} + +int32_t CmFinishImplProxy::InvokeInnerApi() +{ + if (this->finishImpl == nullptr) { + CM_LOG_E("finishImpl is nullptr"); + return CMR_ERROR_NULL_POINTER; + } + return this->finishImpl->InvokeInnerApi(); +} + +int32_t CmFinishImplProxy::UnpackResult() +{ + if (this->finishImpl == nullptr) { + CM_LOG_E("finishImpl is nullptr"); + return CMR_ERROR_NULL_POINTER; + } + return this->finishImpl->UnpackResult(); +} + +void CmFinishImplProxy::OnFinish() +{ + if (this->finishImpl == nullptr) { + CM_LOG_E("finishImpl is nullptr"); + return; + } + this->finishImpl->OnFinish(); +} +} \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/src/cm_get_app_cert_impl.cpp b/interfaces/kits/ani/certificate_manager_ani/src/cm_get_app_cert_impl.cpp new file mode 100644 index 0000000..05db973 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/src/cm_get_app_cert_impl.cpp @@ -0,0 +1,92 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cm_get_app_cert_impl.h" +#include "cm_log.h" +#include "securec.h" +#include "cm_mem.h" +#include "cert_manager_api.h" +#include "cm_result_builder.h" +#include "cm_ani_utils.h" + +namespace OHOS::Security::CertManager::Ani { +CmGetAppCertImpl::CmGetAppCertImpl(ani_env *env, ani_string aniKeyuri, uint32_t store) : CertManagerAniImpl(env) +{ + this->aniKeyuri = aniKeyuri; + this->store = store; +} + +int32_t CmGetAppCertImpl::Init() +{ + this->credential = static_cast(CmMalloc(sizeof(Credential))); + if (this->credential == nullptr) { + CM_LOG_E("malloc credential buffer failed"); + return CMR_ERROR_MALLOC_FAIL; + } + (void)memset_s(this->credential, sizeof(Credential), 0, sizeof(Credential)); + this->credential->credData.data = static_cast(CmMalloc(MAX_LEN_CERTIFICATE_CHAIN)); + if (this->credential->credData.data == nullptr) { + CM_LOG_E("malloc credData buffer failed"); + return CMR_ERROR_MALLOC_FAIL; + } + (void)memset_s(this->credential->credData.data, MAX_LEN_CERTIFICATE_CHAIN, 0, MAX_LEN_CERTIFICATE_CHAIN); + this->credential->credData.size = MAX_LEN_CERTIFICATE_CHAIN; + return CM_SUCCESS; +} + +int32_t CmGetAppCertImpl::GetParamsFromEnv() +{ + int32_t ret = AniUtils::ParseString(this->env, this->aniKeyuri, this->keyuri); + if (ret != CM_SUCCESS) { + CM_LOG_E("parse keyuri failed, ret = %d", ret); + return ret; + } + return CM_SUCCESS; +} + +int32_t CmGetAppCertImpl::InvokeInnerApi() +{ + return CmGetAppCert(&this->keyuri, this->store, this->credential); +} + +int32_t CmGetAppCertImpl::UnpackResult() +{ + CMResultBuilder resultBuilder(this->env); + int32_t ret = resultBuilder + .setCredential(this->credential) + ->build(); + if (ret != CM_SUCCESS) { + CM_LOG_E("unpack result failed."); + return ret; + } + this->result = resultBuilder.cmResult; + return CM_SUCCESS; +} + +void CmGetAppCertImpl::OnFinish() +{ + CM_FREE_BLOB(keyuri); + if (this->credential == nullptr) { + return; + } + if (this->credential->credData.data != nullptr) { + CmFree(this->credential->credData.data); + this->credential->credData.data = nullptr; + } + CmFree(this->credential); + this->credential = nullptr; + return; +} +} \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/src/cm_get_ca_list_impl.cpp b/interfaces/kits/ani/certificate_manager_ani/src/cm_get_ca_list_impl.cpp new file mode 100644 index 0000000..61d6ed6 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/src/cm_get_ca_list_impl.cpp @@ -0,0 +1,87 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cm_get_ca_list_impl.h" +#include "cm_mem.h" +#include "cm_ani_utils.h" +#include "securec.h" +#include "cm_result_builder.h" + +namespace OHOS::Security::CertManager::Ani { +CmGetCaListImpl::CmGetCaListImpl(ani_env *env) : CertManagerAniImpl(env) {} + +int32_t CmGetCaListImpl::Init() +{ + uint32_t buffSize = MAX_COUNT_CERTIFICATE_ALL * sizeof(struct CertAbstract); + this->certList.certAbstract = static_cast(CmMalloc(buffSize)); + if (this->certList.certAbstract == nullptr) { + CM_LOG_E("malloc certificateList certAbstract fail"); + return CMR_ERROR_MALLOC_FAIL; + } + (void)memset_s(this->certList.certAbstract, buffSize, 0, buffSize); + this->certList.certsCount = MAX_COUNT_CERTIFICATE_ALL; + return CM_SUCCESS; +} + +int32_t CmGetCaListImpl::GetParamsFromEnv() +{ + return CM_SUCCESS; +} + +int32_t CmGetCaListImpl::UnpackResult() +{ + CMResultBuilder resultBuilder(this->env); + int32_t ret = resultBuilder + .setCertList(&this->certList) + ->build(); + if (ret != CM_SUCCESS) { + CM_LOG_E("unpack result failed."); + return ret; + } + this->result = resultBuilder.cmResult; + return CM_SUCCESS; +} + +void CmGetCaListImpl::OnFinish() +{ + CM_FREE_PTR(this->certList.certAbstract); + this->certList.certsCount = 0; + return; +} + +CmGetAllUserCaByScopeImpl::CmGetAllUserCaByScopeImpl(ani_env *env, ani_enum_item aniScope) : CmGetCaListImpl(env) +{ + this->aniScope = aniScope; +} + +int32_t CmGetAllUserCaByScopeImpl::GetParamsFromEnv() +{ + if (env->EnumItem_GetValue_Int(this->aniScope, (ani_int *)&this->scope) != ANI_OK) { + CM_LOG_E("get scopeEnum value failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + return CM_SUCCESS; +} + +int32_t CmGetAllUserCaByScopeImpl::InvokeInnerApi() +{ + if (this->scope == CM_CURRENT_USER || this->scope == CM_GLOBAL_USER) { + struct UserCAProperty prop = { INIT_INVALID_VALUE, this->scope }; + return CmGetUserCACertList(&prop, &this->certList); + } else { + return CmGetUserCertList(CM_USER_TRUSTED_STORE, &this->certList); + } +} +} \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/src/cm_get_cert_info_impl.cpp b/interfaces/kits/ani/certificate_manager_ani/src/cm_get_cert_info_impl.cpp new file mode 100644 index 0000000..e98cada --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/src/cm_get_cert_info_impl.cpp @@ -0,0 +1,91 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cm_get_cert_info_impl.h" +#include "cm_mem.h" +#include "cm_ani_utils.h" +#include "securec.h" +#include "cert_manager_api.h" +#include "cm_result_builder.h" + +namespace OHOS::Security::CertManager::Ani { +CmGetCertInfoImpl::CmGetCertInfoImpl(ani_env *env, ani_string aniCertUri, uint32_t store) : CertManagerAniImpl(env) +{ + this->aniCertUri = aniCertUri; + this->store = store; +} + +int32_t CmGetCertInfoImpl::Init() +{ + this->certificate = static_cast(CmMalloc(sizeof(struct CertInfo))); + if (this->certificate == nullptr) { + CM_LOG_E("malloc certificate fail"); + return CMR_ERROR_MALLOC_FAIL; + } + (void)memset_s(this->certificate, sizeof(struct CertInfo), 0, sizeof(struct CertInfo)); + + this->certificate->certInfo.data = static_cast(CmMalloc(MAX_LEN_CERTIFICATE)); + if (this->certificate->certInfo.data == nullptr) { + CM_LOG_E("malloc certificate certInfo data fail"); + return CMR_ERROR_MALLOC_FAIL; + } + this->certificate->certInfo.size = MAX_LEN_CERTIFICATE; + return CM_SUCCESS; +} + +int32_t CmGetCertInfoImpl::GetParamsFromEnv() +{ + int32_t ret = AniUtils::ParseString(this->env, this->aniCertUri, this->certUri); + if (ret != CM_SUCCESS) { + CM_LOG_E("parse certUri failed, ret = %d", ret); + return ret; + } + return CM_SUCCESS; +} + +int32_t CmGetCertInfoImpl::InvokeInnerApi() +{ + if (this->store == CM_SYSTEM_TRUSTED_STORE) { + return CmGetCertInfo(&this->certUri, this->store, this->certificate); + } else { + return CmGetUserCertInfo(&this->certUri, this->store, this->certificate); + } +} + +int32_t CmGetCertInfoImpl::UnpackResult() +{ + CMResultBuilder resultBuilder(this->env); + int32_t ret = resultBuilder + .setCertInfo(this->certificate) + ->build(); + if (ret != CM_SUCCESS) { + CM_LOG_E("unpack result failed."); + return ret; + } + this->result = resultBuilder.cmResult; + return CM_SUCCESS; +} + +void CmGetCertInfoImpl::OnFinish() +{ + CM_FREE_BLOB(this->certUri); + if (this->certificate == nullptr) { + return; + } + CM_FREE_BLOB(this->certificate->certInfo); + CM_FREE_PTR(this->certificate); + return; +} +} \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/src/cm_get_cert_store_path.cpp b/interfaces/kits/ani/certificate_manager_ani/src/cm_get_cert_store_path.cpp new file mode 100644 index 0000000..88a4f96 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/src/cm_get_cert_store_path.cpp @@ -0,0 +1,125 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cm_get_cert_store_path.h" +#include "cm_mem.h" +#include "cm_ani_utils.h" + +namespace OHOS::Security::CertManager::Ani { +CmGetCertStorePathImpl::CmGetCertStorePathImpl(ani_env *env, ani_enum_item aniCertType, + ani_enum_item aniCertScope) : CertManagerAniImpl(env) +{ + this->aniCertType = aniCertType; + this->aniCertScope = aniCertScope; +} + +int32_t CmGetCertStorePathImpl::Init() +{ + return CM_SUCCESS; +} + +int32_t CmGetCertStorePathImpl::GetParamsFromEnv() +{ + if (env->EnumItem_GetValue_Int(aniCertType, (ani_int *)&certType) != ANI_OK) { + CM_LOG_E("get certType enumItem failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + if (env->EnumItem_GetValue_Int(aniCertScope, (ani_int *)&certScope) != ANI_OK) { + CM_LOG_E("get certScope enumItem failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + return CM_SUCCESS; +} + +sptr CmGetCertStorePathImpl::GetBundleMgrProxy() +{ + auto systemAbilityManager = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); + if (!systemAbilityManager) { + CM_LOG_E("Failed to get system ability mgr."); + return nullptr; + } + + auto remoteObject = systemAbilityManager->GetSystemAbility(BUNDLE_MGR_SERVICE_SYS_ABILITY_ID); + if (!remoteObject) { + CM_LOG_E("Failed to get bundle manager proxy."); + return nullptr; + } + return iface_cast(remoteObject); +} + +int32_t CmGetCertStorePathImpl::GetUserCaStorePath() +{ + path = CA_STORE_PATH_USER_SANDBOX_BASE; + if (certScope == CM_GLOBAL_USER) { + path += "0"; + return CM_SUCCESS; + } + + int32_t userId = 0; + sptr bundleMgrProxy = GetBundleMgrProxy(); + if (bundleMgrProxy == nullptr) { + CM_LOG_E("Failed to get bundle manager proxy."); + return CM_FAILURE; + } + + OHOS::AppExecFwk::BundleInfo bundleInfo; + int32_t flags = static_cast(OHOS::AppExecFwk::GetBundleInfoFlag::GET_BUNDLE_INFO_DEFAULT) | + static_cast(OHOS::AppExecFwk::GetBundleInfoFlag::GET_BUNDLE_INFO_WITH_APPLICATION); + int32_t ret = bundleMgrProxy->GetBundleInfoForSelf(flags, bundleInfo); + if (ret != 0) { + CM_LOG_E("Failed to get bundle info for self"); + return CM_FAILURE; + } + + ret = AccountSA::OsAccountManager::GetOsAccountLocalIdFromUid(bundleInfo.applicationInfo.uid, userId); + if (ret != 0) { + CM_LOG_E("Failed to get userid from uid[%d]", bundleInfo.applicationInfo.uid); + return CM_FAILURE; + } + + path += std::to_string(userId); + return CM_SUCCESS; +} + +int32_t CmGetCertStorePathImpl::InvokeInnerApi() +{ + path = ""; + if (certType == CM_CA_CERT_SYSTEM) { + path = CA_STORE_PATH_SYSTEM; + } else { + int32_t ret = GetUserCaStorePath(); + if (ret != CM_SUCCESS) { + CM_LOG_E("Failed to get user ca path."); + return ret; + } + } + return CM_SUCCESS; +} + +int32_t CmGetCertStorePathImpl::UnpackResult() +{ + this->result = AniUtils::GenerateCharStr(this->env, this->path.c_str(), this->path.size()); + if (this->result == nullptr) { + CM_LOG_E("generate result error."); + return CM_FAILURE; + } + return CM_SUCCESS; +} + +void CmGetCertStorePathImpl::OnFinish() +{ + return; +} +} \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/src/cm_get_cred_list_impl.cpp b/interfaces/kits/ani/certificate_manager_ani/src/cm_get_cred_list_impl.cpp new file mode 100644 index 0000000..8209456 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/src/cm_get_cred_list_impl.cpp @@ -0,0 +1,84 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cm_get_cred_list_impl.h" +#include "cm_log.h" +#include "securec.h" +#include "cm_mem.h" +#include "cm_result_builder.h" +#include "cm_ani_common.h" + +namespace OHOS::Security::CertManager::Ani { +CmGetCredListImpl::CmGetCredListImpl(ani_env *env, uint32_t store) : CertManagerAniImpl(env) +{ + this->store = store; +} +int32_t CmGetCredListImpl::Init() +{ + credentialList = static_cast(CmMalloc(sizeof(struct CredentialList))); + if (this->credentialList == nullptr) { + CM_LOG_E("malloc credentialList failed"); + return CMR_ERROR_MALLOC_FAIL; + } + uint32_t buffSize = (MAX_COUNT_CERTIFICATE * sizeof(struct CredentialAbstract)); + credentialList->credentialAbstract = static_cast(CmMalloc(buffSize)); + if (this->credentialList->credentialAbstract == nullptr) { + CM_LOG_E("malloc credentialAbstract buffer failed"); + return CMR_ERROR_MALLOC_FAIL; + } + (void)memset_s(this->credentialList->credentialAbstract, buffSize, 0, buffSize); + this->credentialList->credentialCount = MAX_COUNT_CERTIFICATE; + return CM_SUCCESS; +} + +int32_t CmGetCredListImpl::GetParamsFromEnv() +{ + return CM_SUCCESS; +} + +int32_t CmGetCredListImpl::InvokeInnerApi() +{ + return CmGetAppCertList(this->store, this->credentialList); +} + +int32_t CmGetCredListImpl::UnpackResult() +{ + // credentialList + CMResultBuilder resultBuilder(this->env); + int32_t ret = resultBuilder + .setCredentialList(this->credentialList) + ->build(); + if (ret != CM_SUCCESS) { + CM_LOG_E("unpack result failed."); + return ret; + } + this->result = resultBuilder.cmResult; + return CM_SUCCESS; +} + +void CmGetCredListImpl::OnFinish() +{ + if (credentialList == nullptr) { + return; + } + if (credentialList->credentialAbstract != nullptr) { + CmFree(credentialList->credentialAbstract); + credentialList->credentialAbstract = nullptr; + } + CmFree(credentialList); + credentialList = nullptr; + return; +} +} \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/src/cm_init_impl.cpp b/interfaces/kits/ani/certificate_manager_ani/src/cm_init_impl.cpp new file mode 100644 index 0000000..05e1921 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/src/cm_init_impl.cpp @@ -0,0 +1,80 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cm_init_impl.h" +#include "cm_log.h" +#include "securec.h" +#include "cm_mem.h" +#include "cert_manager_api.h" +#include "cm_result_builder.h" +#include "cm_ani_utils.h" +#include "cm_ani_common.h" + +namespace OHOS::Security::CertManager::Ani { +CmInitImpl::CmInitImpl(ani_env *env, ani_string aniAuthUri, ani_object spec) : CertManagerAniImpl(env) +{ + this->aniAuthUri = aniAuthUri; + this->spec = spec; +} + +int32_t CmInitImpl::Init() +{ + this->handle.data = static_cast(CmMalloc(OUT_HANDLE_SIZE)); + if (this->handle.data == nullptr) { + CM_LOG_E("malloc credData buffer failed"); + return CMR_ERROR_MALLOC_FAIL; + } + (void)memset_s(this->handle.data, OUT_HANDLE_SIZE, 0, OUT_HANDLE_SIZE); + this->handle.size = OUT_HANDLE_SIZE; + return CM_SUCCESS; +} + +int32_t CmInitImpl::GetParamsFromEnv() +{ + int32_t ret = AniUtils::ParseString(this->env, this->aniAuthUri, this->authUri); + if (ret != CM_SUCCESS) { + CM_LOG_E("parse authUri failed, ret = %d", ret); + return ret; + } + ret = AniUtils::ParseSignatureSpec(this->env, this->spec, &this->signatureSpec); + if (ret != CM_SUCCESS) { + CM_LOG_E("parse signatureSpec failed, ret = %d", ret); + return ret; + } + return CM_SUCCESS; +} + +int32_t CmInitImpl::InvokeInnerApi() +{ + return CmInit(&this->authUri, &this->signatureSpec, &this->handle); +} + +int32_t CmInitImpl::UnpackResult() +{ + int32_t ret = AniUtils::GenerateCMHandle(this->env, &this->handle, this->result); + if (ret != CM_SUCCESS) { + CM_LOG_E("generate cmHandle failed, ret = %d", ret); + return ret; + } + return CM_SUCCESS; +} + +void CmInitImpl::OnFinish() +{ + CM_FREE_BLOB(this->authUri); + CM_FREE_BLOB(this->handle); + return; +} +} \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/src/cm_install_private_cert_impl.cpp b/interfaces/kits/ani/certificate_manager_ani/src/cm_install_private_cert_impl.cpp new file mode 100644 index 0000000..aeabba2 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/src/cm_install_private_cert_impl.cpp @@ -0,0 +1,107 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cm_install_private_cert_impl.h" +#include "cm_log.h" +#include "cm_ani_utils.h" +#include "cm_ani_common.h" +#include "cert_manager_api.h" +#include "cm_result_builder.h" +#include "cm_mem.h" + +namespace OHOS::Security::CertManager::Ani { +CmInstallPrivateCertImpl::CmInstallPrivateCertImpl(ani_env *env, ani_arraybuffer aniKeystore, + ani_string aniKeystorePwd, ani_string aniCertAlias) : CertManagerAniImpl(env) +{ + this->aniKeystore = aniKeystore; + this->aniKeystorePwd = aniKeystorePwd; + this->aniCertAlias = aniCertAlias; +} + +int32_t CmInstallPrivateCertImpl::Init() +{ + this->retUri.data = static_cast(CmMalloc(MAX_LEN_URI)); + if (this->retUri.data == nullptr) { + CM_LOG_E("init uri failed."); + return CMR_ERROR_MALLOC_FAIL; + } + this->retUri.size = MAX_LEN_URI; + return CM_SUCCESS; +} + +int32_t CmInstallPrivateCertImpl::GetParamsFromEnv() +{ + if (this->env == nullptr) { + CM_LOG_E("Install private cert failed, env is null."); + return CMR_ERROR_NULL_POINTER; + } + int32_t ret = AniUtils::ParseUint8Array(this->env, this->aniKeystore, this->keystore); + if (ret != CM_SUCCESS) { + CM_LOG_E("parse keystore failed, ret = %d", ret); + return ret; + } + ret = AniUtils::ParseString(this->env, this->aniKeystorePwd, this->keystorePwd); + if (ret != CM_SUCCESS) { + CM_LOG_E("parse keystorePwd failed, ret = %d", ret); + return ret; + } + ret = AniUtils::ParseString(this->env, this->aniCertAlias, this->certAlias); + if (ret != CM_SUCCESS) { + CM_LOG_E("parse certAlias failed, ret = %d", ret); + return ret; + } + return CM_SUCCESS; +} + +int32_t CmInstallPrivateCertImpl::InvokeInnerApi() +{ + struct CmAppCertParam certParam = { &this->keystore, &this->keystorePwd, &this->certAlias, + APPLICATION_PRIVATE_CERTIFICATE_STORE, INIT_INVALID_VALUE, level }; + + return CmInstallAppCertEx(&certParam, &this->retUri); +} + +int32_t CmInstallPrivateCertImpl::UnpackResult() +{ + CMResultBuilder resultBuilder(this->env); + int32_t ret = resultBuilder + .setUri(&this->retUri) + ->build(); + if (ret != CM_SUCCESS) { + CM_LOG_E("unpack result failed."); + return ret; + } + this->result = resultBuilder.cmResult; + return CM_SUCCESS; +} + +void CmInstallPrivateCertImpl::OnFinish() +{ + CM_FREE_BLOB(this->keystorePwd); + CM_FREE_BLOB(this->certAlias); + CM_FREE_BLOB(this->retUri); +} + +int32_t CmInstallPrivateCertImpl::SetLevel(ani_enum_item aniLevel) +{ + uint32_t levelValue = 0; + if (env->EnumItem_GetValue_Int(aniLevel, (ani_int *)&levelValue) != ANI_OK) { + CM_LOG_E("get certType enumItem failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + level = static_cast(levelValue); + return CM_SUCCESS; +} +} \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/src/cm_install_user_ca_sync_impl.cpp b/interfaces/kits/ani/certificate_manager_ani/src/cm_install_user_ca_sync_impl.cpp new file mode 100644 index 0000000..9fdcbd2 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/src/cm_install_user_ca_sync_impl.cpp @@ -0,0 +1,94 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cm_install_user_ca_sync_impl.h" +#include "cm_mem.h" +#include "cm_ani_utils.h" +#include "cert_manager_api.h" +#include "cm_ani_common.h" +#include "cm_result_builder.h" + +namespace OHOS::Security::CertManager::Ani { +CmInstallUserCaSyncImpl::CmInstallUserCaSyncImpl(ani_env *env, ani_arraybuffer aniCertData, + ani_enum_item aniCertScope) : CertManagerAniImpl(env) +{ + this->aniCertData = aniCertData; + this->aniCertScope = aniCertScope; +} + +int32_t CmInstallUserCaSyncImpl::Init() +{ + this->certUri.data = static_cast(CmMalloc(OUT_AUTH_URI_SIZE)); + if (this->certUri.data == nullptr) { + CM_LOG_E("init certUri failed."); + return CMR_ERROR_MALLOC_FAIL; + } + this->certUri.size = OUT_AUTH_URI_SIZE; + return CM_SUCCESS; +} + +int32_t CmInstallUserCaSyncImpl::GetParamsFromEnv() +{ + int32_t ret = AniUtils::ParseUint8Array(env, aniCertData, certData); + if (ret != CM_SUCCESS) { + CM_LOG_E("parse certData failed, ret = %d", ret); + return ret; + } + if (env->EnumItem_GetValue_Int(aniCertScope, (ani_int *)&certScope) != ANI_OK) { + CM_LOG_E("get certScope enumItem failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + return CM_SUCCESS; +} + +int32_t CmInstallUserCaSyncImpl::InvokeInnerApi() +{ + // alias is empty string + uint8_t alias[1] = { 0 }; + CmBlob certAlias = { .size = sizeof(alias), .data = alias }; + + uint32_t userId = 0; + if (certScope == CM_CURRENT_USER) { + userId = INIT_INVALID_VALUE; + } else if (certScope == CM_GLOBAL_USER) { + userId = 0; + } else { + CM_LOG_E("invalid certificate certScope"); + return CMR_ERROR_INVALID_ARGUMENT; + } + + return CmInstallUserCACert(&certData, &certAlias, userId, true, &certUri); +} + +int32_t CmInstallUserCaSyncImpl::UnpackResult() +{ + CMResultBuilder resultBuilder(this->env); + int32_t ret = resultBuilder + .setUri(&this->certUri) + ->build(); + if (ret != CM_SUCCESS) { + CM_LOG_E("unpack result failed."); + return ret; + } + this->result = resultBuilder.cmResult; + return CM_SUCCESS; +} + +void CmInstallUserCaSyncImpl::OnFinish() +{ + CM_FREE_BLOB(certUri); + return; +} +} \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/src/cm_is_authorized_app_impl.cpp b/interfaces/kits/ani/certificate_manager_ani/src/cm_is_authorized_app_impl.cpp new file mode 100644 index 0000000..fc527e9 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/src/cm_is_authorized_app_impl.cpp @@ -0,0 +1,63 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cm_is_authorized_app_impl.h" +#include "cm_mem.h" +#include "cm_ani_utils.h" +#include "cert_manager_api.h" + +namespace OHOS::Security::CertManager::Ani { +CmIsAuthorizedAppImpl::CmIsAuthorizedAppImpl(ani_env *env, ani_string aniKeyUri) : CertManagerAniImpl(env) +{ + this->aniKeyUri = aniKeyUri; +} + +int32_t CmIsAuthorizedAppImpl::Init() +{ + return CM_SUCCESS; +} + +int32_t CmIsAuthorizedAppImpl::GetParamsFromEnv() +{ + int32_t ret = AniUtils::ParseString(this->env, this->aniKeyUri, this->keyUri); + if (ret != CM_SUCCESS) { + CM_LOG_E("parse keyuri failed, ret = %d", ret); + return ret; + } + return CM_SUCCESS; +} + +int32_t CmIsAuthorizedAppImpl::InvokeInnerApi() +{ + return CmIsAuthorizedApp(&this->keyUri); +} + +int32_t CmIsAuthorizedAppImpl::UnpackResult() +{ + if (this->resultCode == CM_SUCCESS) { + AniUtils::CreateBooleanObject(this->env, true, this->result); + } else if (this->resultCode == CMR_ERROR_AUTH_CHECK_FAILED) { + AniUtils::CreateBooleanObject(this->env, false, this->result); + this->resultCode = CM_SUCCESS; + } + return CM_SUCCESS; +} + +void CmIsAuthorizedAppImpl::OnFinish() +{ + CM_FREE_BLOB(this->keyUri); + return; +} +} \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/src/cm_uninstall_private_cert_impl.cpp b/interfaces/kits/ani/certificate_manager_ani/src/cm_uninstall_private_cert_impl.cpp new file mode 100644 index 0000000..9ab16f1 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/src/cm_uninstall_private_cert_impl.cpp @@ -0,0 +1,67 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cm_uninstall_private_cert_impl.h" +#include "cm_log.h" +#include "cm_ani_utils.h" +#include "cert_manager_api.h" +#include "cm_mem.h" +#include "cm_ani_common.h" + +namespace OHOS::Security::CertManager::Ani { +CmUninstallPrivateCertImpl::CmUninstallPrivateCertImpl(ani_env *env, ani_string aniKeyuri) : CertManagerAniImpl(env) +{ + this->aniKeyuri = aniKeyuri; +} + +int32_t CmUninstallPrivateCertImpl::Init() +{ + return CM_SUCCESS; +} + +int32_t CmUninstallPrivateCertImpl::GetParamsFromEnv() +{ + if (this->env == nullptr) { + CM_LOG_E("uninstall private cert failed, env is null."); + return CMR_ERROR_NULL_POINTER; + } + int32_t ret = AniUtils::ParseString(this->env, this->aniKeyuri, this->keyuri); + if (ret != CM_SUCCESS) { + CM_LOG_E("parse keyuri failed, ret = %d", ret); + return ret; + } + return CM_SUCCESS; +} + +int32_t CmUninstallPrivateCertImpl::InvokeInnerApi() +{ + int32_t ret = CmUninstallAppCert(&this->keyuri, APPLICATION_PRIVATE_CERTIFICATE_STORE); + if (ret == CMR_ERROR_NOT_EXIST) { + CM_LOG_I("uninstall private cert uri not exist."); + return CM_SUCCESS; + } + return ret; +} + +int32_t CmUninstallPrivateCertImpl::UnpackResult() +{ + return CM_SUCCESS; +} + +void CmUninstallPrivateCertImpl::OnFinish() +{ + CM_FREE_BLOB(this->keyuri); +} +} \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/src/cm_uninstall_user_ca_sync_impl.cpp b/interfaces/kits/ani/certificate_manager_ani/src/cm_uninstall_user_ca_sync_impl.cpp new file mode 100644 index 0000000..66ecc7a --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/src/cm_uninstall_user_ca_sync_impl.cpp @@ -0,0 +1,61 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cm_uninstall_user_ca_sync_impl.h" +#include "cm_log.h" +#include "cm_ani_utils.h" +#include "cert_manager_api.h" +#include "cm_mem.h" + +namespace OHOS::Security::CertManager::Ani { +CmUninstallUserCaSyncImpl::CmUninstallUserCaSyncImpl(ani_env *env, ani_string aniCertUri) : CertManagerAniImpl(env) +{ + this->aniCertUri = aniCertUri; +} + +int32_t CmUninstallUserCaSyncImpl::Init() +{ + return CM_SUCCESS; +} + +int32_t CmUninstallUserCaSyncImpl::GetParamsFromEnv() +{ + if (this->env == nullptr) { + CM_LOG_E("uninstall private cert failed, env is null."); + return CMR_ERROR_NULL_POINTER; + } + int32_t ret = AniUtils::ParseString(this->env, this->aniCertUri, this->certUri); + if (ret != CM_SUCCESS) { + CM_LOG_E("parse certUri failed, ret = %d", ret); + return ret; + } + return CM_SUCCESS; +} + +int32_t CmUninstallUserCaSyncImpl::InvokeInnerApi() +{ + return CmUninstallUserTrustedCert(&this->certUri); +} + +int32_t CmUninstallUserCaSyncImpl::UnpackResult() +{ + return CM_SUCCESS; +} + +void CmUninstallUserCaSyncImpl::OnFinish() +{ + CM_FREE_BLOB(this->certUri); +} +} \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_ani/src/cm_update_impl.cpp b/interfaces/kits/ani/certificate_manager_ani/src/cm_update_impl.cpp new file mode 100644 index 0000000..e731c13 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_ani/src/cm_update_impl.cpp @@ -0,0 +1,66 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cm_update_impl.h" +#include "cm_mem.h" +#include "cm_ani_utils.h" +#include "cert_manager_api.h" + +namespace OHOS::Security::CertManager::Ani { +CmUpdateImpl::CmUpdateImpl(ani_env *env, ani_arraybuffer aniHandle, ani_arraybuffer aniData) : CertManagerAniImpl(env) +{ + this->aniHandle = aniHandle; + this->aniData = aniData; +} + +int32_t CmUpdateImpl::Init() +{ + return CM_SUCCESS; +} + +int32_t CmUpdateImpl::GetParamsFromEnv() +{ + if (this->env == nullptr) { + CM_LOG_E("Install private cert failed, env is null."); + return CMR_ERROR_NULL_POINTER; + } + int32_t ret = AniUtils::ParseUint8Array(this->env, this->aniHandle, this->handle); + if (ret != CM_SUCCESS) { + CM_LOG_E("parse handle failed, ret = %d", ret); + return ret; + } + ret = AniUtils::ParseUint8Array(this->env, this->aniData, this->data); + if (ret != CM_SUCCESS) { + CM_LOG_E("parse data failed, ret = %d", ret); + return ret; + } + return CM_SUCCESS; +} + +int32_t CmUpdateImpl::InvokeInnerApi() +{ + return CmUpdate(&this->handle, &this->data); +} + +int32_t CmUpdateImpl::UnpackResult() +{ + return CM_SUCCESS; +} + +void CmUpdateImpl::OnFinish() +{ + return; +} +} \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_dialog_ani/BUILD.gn b/interfaces/kits/ani/certificate_manager_dialog_ani/BUILD.gn new file mode 100644 index 0000000..862daab --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_dialog_ani/BUILD.gn @@ -0,0 +1,86 @@ +# Copyright (c) 2025-2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/components/ets_frontend/ets2abc_config.gni") +import("//base/security/certificate_manager/cert_manager.gni") +import("//build/ohos.gni") + +ohos_shared_library("certmanager_dialog_ani") { + branch_protector_ret = "pac_ret" + sanitize = { + cfi = true + cfi_cross_dso = true + boundary_sanitize = true + debug = false + integer_overflow = true + ubsan = true + cfi_vcall_icall_only = true + } + include_dirs = [ + "include", + ] + sources = [ + "./src/cm_dialog_ani.cpp", + "./src/cm_open_dialog.cpp", + "./src/cm_open_certmanager_dialog.cpp", + "./src/cm_open_install_dialog.cpp", + "./src/cm_open_uninstall_dialog.cpp", + "./src/cm_open_cert_detail_dialog.cpp", + "./src/cm_open_auth_dialog.cpp", + "../../common/src/cm_dialog_api_common.cpp", + ] + external_deps = [ + "c_utils:utils", + "runtime_core:ani", + "ability_base:base", + "ability_base:want", + "ability_runtime:ani_base_context", + "ability_runtime:ability_context_native", + "ability_runtime:ability_manager", + "ability_runtime:abilitykit_native", + "ability_runtime:app_context", + "access_token:libaccesstoken_sdk", + "ace_engine:ace_uicontent", + "ipc:ipc_core", + "ipc:ipc_single", + "samgr:samgr_proxy", + "runtime_core:libarkruntime", + ] + cflags_cc = [ + "-Wall", + "-Werror", + ] + deps = [ + "${cert_manager_root_dir}/frameworks/cert_manager_standard/main/common:libcert_manager_common_standard_static", + "${cert_manager_root_dir}/interfaces/innerkits/cert_manager_standard/main:cert_manager_sdk", + "${cert_manager_root_dir}/interfaces/kits/ani/cm_ani_common:cm_ani_common_static", + ] + + subsystem_name = "security" + part_name = "certificate_manager" +} + +generate_static_abc("certmanager_dialog_abc") { + base_url = "./ets" + files = [ "./ets/@ohos.security.certManagerDialog.ets" ] + is_boot_abc = "True" + device_dst_file = "/system/framework/certmanager_dialog_abc.abc" +} + +ohos_prebuilt_etc("certmanager_dialog_ani_abc_etc") { + source = "$target_out_dir/certmanager_dialog_abc.abc" + module_install_dir = "framework" + subsystem_name = "security" + part_name = "certificate_manager" + deps = [ ":certmanager_dialog_abc" ] +} diff --git a/interfaces/kits/ani/certificate_manager_dialog_ani/ets/@ohos.security.certManagerDialog.ets b/interfaces/kits/ani/certificate_manager_dialog_ani/ets/@ohos.security.certManagerDialog.ets new file mode 100644 index 0000000..a316ce7 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_dialog_ani/ets/@ohos.security.certManagerDialog.ets @@ -0,0 +1,210 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import type common from '@ohos.app.ability.common'; +import type { BusinessError, AsyncCallback } from '@ohos.base'; +import type buffer from '@ohos.buffer' + +native function openCertificateManagerDialogNative( + context: common.Context, + pageType: certificateManagerDialog.CertificateDialogPageType, + callback: AsyncCallbackWrapper +): NativeResult; + +native function openInstallCertificateDialogNative( + context: common.Context, + params: InstallDialogParams, + callback: AsyncCallbackWrapper +): NativeResult; + +interface InstallDialogParams { + certType: certificateManagerDialog.CertificateType, + certScope: certificateManagerDialog.CertificateScope, + certStr: string, +} + +native function openUninstallCertificateDialogNative( + context: common.Context, + certType: certificateManagerDialog.CertificateType, + certUri: string, + callback: AsyncCallbackWrapper +): NativeResult; + +native function openCertificateDetailDialogNative( + context: common.Context, + cert: string, + showInstallButton: boolean, + callback: AsyncCallbackWrapper +): NativeResult; + +native function openAuthorizeDialogNative(context: common.Context, + callback: AsyncCallbackWrapper): NativeResult; + +class NativeResult { + code: int; + message: string = ""; + result?: T; +} + +class AsyncCallbackWrapper { + private wrapperCallback: AsyncCallback = (err: BusinessError | null, data: T | undefined) => {}; + + constructor(callback: AsyncCallback) { + this.wrapperCallback = callback; + } + + invoke(err: BusinessError, data: T) { + this.wrapperCallback(err, data); + } +} + +export namespace certificateManagerDialog { + + static { + loadLibrary("certmanager_dialog_ani.z"); + } + + export enum CertificateDialogErrorCode { + ERROR_GENERIC = 29700001, + ERROR_OPERATION_CANCELED = 29700002, + ERROR_OPERATION_FAILED = 29700003, + ERROR_DEVICE_NOT_SUPPORTED = 29700004, + ERROR_NOT_COMPLY_SECURITY_POLICY = 29700005, + } + + export enum CertificateDialogPageType { + PAGE_MAIN = 1, + PAGE_CA_CERTIFICATE = 2, + PAGE_CREDENTIAL = 3, + PAGE_INSTALL_CERTIFICATE = 4 + } + + export enum CertificateType { + CA_CERT = 1 + } + + export enum CertificateScope { + NOT_SPECIFIED = 0, + CURRENT_USER = 1, + GLOBAL_USER = 2, + } + + export function openCertificateManagerDialog(context: common.Context, pageType: CertificateDialogPageType): Promise { + return new Promise((resolve, reject: (error: BusinessError) => void) => { + let callback = new AsyncCallbackWrapper((err: BusinessError | null) => { + if (err?.code !== 0) { + reject(err as BusinessError); + } else { + resolve(undefined); + } + }); + let result: NativeResult = openCertificateManagerDialogNative(context, pageType, callback); + if (result.code !== 0) { + let err = new BusinessError(); + err.code = result.code; + err.message = result.message; + reject(err); + } + }); + } + + export function openInstallCertificateDialog(context: common.Context, certType: CertificateType, certScope: CertificateScope, cert: Uint8Array): Promise { + return new Promise((resolve, reject: (error: BusinessError) => void) => { + let callback = new AsyncCallbackWrapper((err: BusinessError | null, data: string | undefined) => { + if (err?.code !== 0) { + reject(err as BusinessError); + } else { + resolve(data?? ''); + } + }); + // convert cert data to base64 string + let certStringBase64 = buffer.from(cert.buffer).toString('base64'); + let result: NativeResult = openInstallCertificateDialogNative(context, { + certType: certType, + certScope: certScope, + certStr: certStringBase64 + }, callback); + if (result.code !== 0) { + let err = new BusinessError(); + err.code = result.code; + err.message = result.message; + reject(err); + } + }); + } + + export function openUninstallCertificateDialog(context: common.Context, certType: CertificateType, certUri: string): Promise { + return new Promise((resolve, reject: (error: BusinessError) => void) => { + let callback = new AsyncCallbackWrapper((err: BusinessError | null) => { + if (err?.code !== 0) { + reject(err as BusinessError); + } else { + resolve(undefined); + } + }); + let result: NativeResult = openUninstallCertificateDialogNative(context, certType, certUri, callback); + if (result.code !== 0) { + let err = new BusinessError(); + err.code = result.code; + err.message = result.message; + reject(err); + } + }); + } + + export interface CertificateDialogProperty { + showInstallButton: boolean; + } + + export function openCertificateDetailDialog(context: common.Context, cert: Uint8Array, property: CertificateDialogProperty): Promise { + return new Promise((resolve, reject: (error: BusinessError) => void) => { + let callback = new AsyncCallbackWrapper((err: BusinessError | null) => { + if (err?.code !== 0) { + reject(err as BusinessError); + } else { + resolve(undefined); + } + }); + // convert cert data to base64 string + let certStringBase64 = buffer.from(cert.buffer).toString('base64'); + let result: NativeResult = openCertificateDetailDialogNative(context, certStringBase64, property.showInstallButton, callback); + if (result.code !== 0) { + let err = new BusinessError(); + err.code = result.code; + err.message = result.message; + reject(err); + } + }); + } + + export function openAuthorizeDialog(context: common.Context): Promise { + return new Promise((resolve, reject: (error: BusinessError) => void) => { + let callback = new AsyncCallbackWrapper((err: BusinessError | null, data: string | undefined) => { + if (err?.code !== 0) { + reject(err as BusinessError); + } else { + resolve(data?? ''); + } + }); + let result: NativeResult = openAuthorizeDialogNative(context, callback); + if (result.code !== 0) { + let err = new BusinessError(); + err.code = result.code; + err.message = result.message; + reject(err); + } + }); + } +} diff --git a/interfaces/kits/ani/certificate_manager_dialog_ani/include/cm_open_auth_dialog.h b/interfaces/kits/ani/certificate_manager_dialog_ani/include/cm_open_auth_dialog.h new file mode 100644 index 0000000..4516756 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_dialog_ani/include/cm_open_auth_dialog.h @@ -0,0 +1,34 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_OPEN_AUTH_DIALOG_H +#define CM_OPEN_AUTH_DIALOG_H + +#include "cm_ani_async_impl.h" +#include "cm_log.h" +#include "cm_open_dialog.h" + +namespace OHOS::Security::CertManager::Ani { +class CmOpenAuthDialog : public CertManagerAsyncImpl { +public: + CmOpenAuthDialog(ani_env *env, ani_object aniContext, ani_object callback); + ~CmOpenAuthDialog() {}; + + int32_t UnpackResult() override; + void OnFinish() override; + int32_t InvokeAsyncWork() override; +}; +} +#endif // CM_OPEN_AUTH_DIALOG_H \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_dialog_ani/include/cm_open_cert_detail_dialog.h b/interfaces/kits/ani/certificate_manager_dialog_ani/include/cm_open_cert_detail_dialog.h new file mode 100644 index 0000000..7061bed --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_dialog_ani/include/cm_open_cert_detail_dialog.h @@ -0,0 +1,43 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_OPEN_CERT_DETAIL_DIALOG_H +#define CM_OPEN_CERT_DETAIL_DIALOG_H + +#include "cm_ani_async_impl.h" +#include "cm_log.h" +#include "cm_open_dialog.h" + +namespace OHOS::Security::CertManager::Ani { +class CmOpenCertDetailDialog : public CertManagerAsyncImpl { +private: + /* ani params */ + ani_boolean showInstallButton; + ani_string aniCert; + /* parsed params */ + CmBlob cert = { 0 }; + +public: + CmOpenCertDetailDialog(ani_env *env, ani_object aniContext, ani_string aniCert, ani_boolean showInstallButton, + ani_object callback); + ~CmOpenCertDetailDialog() {}; + + int32_t GetParamsFromEnv() override; + int32_t UnpackResult() override; + void OnFinish() override; + int32_t InvokeAsyncWork() override; +}; +} +#endif // CM_OPEN_CERT_DETAIL_DIALOG_H \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_dialog_ani/include/cm_open_certmanager_dialog.h b/interfaces/kits/ani/certificate_manager_dialog_ani/include/cm_open_certmanager_dialog.h new file mode 100644 index 0000000..76aa61c --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_dialog_ani/include/cm_open_certmanager_dialog.h @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_OPEN_CERTMANAGER_DIALOG_H +#define CM_OPEN_CERTMANAGER_DIALOG_H + +#include "cm_ani_async_impl.h" +#include "cm_log.h" +#include "cm_open_dialog.h" + +namespace OHOS::Security::CertManager::Ani { +class CmOpenCertManagerDialog : public CertManagerAsyncImpl { +private: + /* ani params */ + ani_enum_item aniPageType; + /* parsed params */ + CmDialogPageType pageType; +public: + CmOpenCertManagerDialog(ani_env *env, ani_object aniContext, ani_enum_item aniPageType, ani_object callback); + ~CmOpenCertManagerDialog() {}; + + int32_t GetParamsFromEnv() override; + int32_t UnpackResult() override; + void OnFinish() override; + int32_t InvokeAsyncWork() override; +}; +} +#endif // CM_OPEN_CERTMANAGER_DIALOG_H \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_dialog_ani/include/cm_open_dialog.h b/interfaces/kits/ani/certificate_manager_dialog_ani/include/cm_open_dialog.h new file mode 100644 index 0000000..9243652 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_dialog_ani/include/cm_open_dialog.h @@ -0,0 +1,118 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_OPEN_DIALOG_H +#define CM_OPEN_DIALOG_H + +#include "ani.h" +#include "cm_type.h" +#include "ability_context.h" +#include "ui_content.h" +#include "iservice_registry.h" +#include "bundle_mgr_proxy.h" +#include "system_ability_definition.h" +#include "accesstoken_kit.h" +#include "ipc_skeleton.h" + +namespace OHOS::Security::CertManager::Ani { +const std::string PARAM_UI_EXTENSION_TYPE = "ability.want.params.uiExtensionType"; +const std::string SYS_COMMON_UI = "sys/commonUI"; +const std::string CERT_MANAGER_BUNDLENAME = "com.ohos.certmanager"; +const std::string CERT_MANAGER_ABILITYNAME = "CertPickerUIExtAbility"; +const std::string CERT_MANAGER_PAGE_TYPE = "pageType"; +const std::string CERT_MANAGER_CERTSCOPE_TYPE = "certScope"; +const std::string CERT_MANAGER_CERTIFICATE_DATA = "cert"; +const std::string CERT_MANAGER_CALLER_BUNDLENAME = "bundleName"; +const std::string CERT_MANAGER_CALLER_UID = "appUid"; +const std::string CERT_MANAGER_CERT_URI = "certUri"; +const std::string CERT_MANAGER_OPERATION_TYPE = "operationType"; +const std::string CERT_MANAGER_SHOW_INSTALL_BUTTON = "showInstallButton"; + +constexpr int32_t PARAM0 = 0; +constexpr int32_t PARAM1 = 1; +constexpr int32_t PARAM2 = 2; +constexpr int32_t PARAM3 = 3; +constexpr int32_t PARAM_SIZE_TWO = 2; +constexpr int32_t PARAM_SIZE_THREE = 3; +constexpr int32_t PARAM_SIZE_FOUR = 4; + +enum CmDialogPageType { + PAGE_MAIN = 1, + PAGE_CA_CERTIFICATE = 2, + PAGE_CREDENTIAL = 3, + PAGE_INSTALL_CERTIFICATE = 4, + PAGE_INSTALL_CA_GUIDE = 5, + PAGE_REQUEST_AUTHORIZE = 6 +}; + +enum CmCertificateType { + CA_CERT = 1 +}; + +enum CertificateScope { + NOT_SPECIFIED = 0, + CURRENT_USER = 1, + GLOBAL_USER = 2 +}; + +struct CmOpeonInstallDialogParams { + ani_enum_item aniCertType; + ani_enum_item aniCertScope; + ani_string aniCert; +}; + +enum OperationType { + DIALOG_OPERATION_INSTALL = 1, + DIALOG_OPERATION_UNINSTALL = 2, + DIALOG_OPERATION_DETAIL = 3, +}; + +using namespace OHOS::AbilityRuntime; + +class CmAniUIExtensionCallback { +public: + CmAniUIExtensionCallback(ani_vm *vm, std::shared_ptr context, ani_ref aniCallback); + virtual ~CmAniUIExtensionCallback(); + void SetSessionId(const int32_t sessionId); + void OnRelease(const int32_t releaseCode); + void OnResult(const int32_t resultCode, const OHOS::AAFwk::Want &result); + void OnError(const int32_t code, const std::string &name, const std::string &message); + void OnRemoteReady(const std::shared_ptr &uiProxy); + void OnDestroy(); + void invokeCallback(ani_env *env, int32_t code, ani_object result); + virtual void OnReceive(const OHOS::AAFwk::WantParams &request); + virtual ani_object GetDefaultResult(ani_env *env); + +protected: + ani_vm *vm; + ani_ref aniCallback = nullptr; + bool isReleased = false; + int32_t sessionId = 0; + std::shared_ptr context = nullptr; + std::mutex lockIsReleased; +}; + +class CmAniUIExtensionCallbackString : public CmAniUIExtensionCallback { +public: + CmAniUIExtensionCallbackString(ani_vm *vm, std::shared_ptr context, ani_ref aniCallback); + ~CmAniUIExtensionCallbackString() {} + void OnReceive(const OHOS::AAFwk::WantParams &request) override; + ani_object GetDefaultResult(ani_env *env) override; +}; + +int32_t StartUIExtensionAbility(std::shared_ptr context, OHOS::AAFwk::Want want, + std::shared_ptr uiExtCallback); +}; +#endif \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_dialog_ani/include/cm_open_install_dialog.h b/interfaces/kits/ani/certificate_manager_dialog_ani/include/cm_open_install_dialog.h new file mode 100644 index 0000000..c6ef5d8 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_dialog_ani/include/cm_open_install_dialog.h @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_OPEN_INSTALL_DIALOG_H +#define CM_OPEN_INSTALL_DIALOG_H + +#include "cm_ani_async_impl.h" +#include "cm_log.h" +#include "cm_open_dialog.h" +#include "cm_dialog_api_common.h" + +namespace OHOS::Security::CertManager::Ani { +class CmOpenInstallDialog : public CertManagerAsyncImpl { +private: + /* ani params */ + ani_enum_item aniCertType; + ani_enum_item aniCertScope; + ani_string aniCert; + /* parsed params */ + CmDialogPageType pageType; + CertificateScope certScope; + CmBlob cert = { 0 }; +public: + CmOpenInstallDialog(ani_env *env, ani_object aniContext, ani_object callback, ani_object params); + ~CmOpenInstallDialog() {}; + + int32_t GetParamsFromEnv() override; + int32_t UnpackResult() override; + void OnFinish() override; + int32_t InvokeAsyncWork() override; +}; +} +#endif // CM_OPEN_INSTALL_DIALOG_H \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_dialog_ani/include/cm_open_uninstall_dialog.h b/interfaces/kits/ani/certificate_manager_dialog_ani/include/cm_open_uninstall_dialog.h new file mode 100644 index 0000000..ca0e4a0 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_dialog_ani/include/cm_open_uninstall_dialog.h @@ -0,0 +1,44 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_OPEN_UNINSTALL_DIALOG_H +#define CM_OPEN_UNINSTALL_DIALOG_H + +#include "cm_ani_async_impl.h" +#include "cm_log.h" +#include "cm_open_dialog.h" + +namespace OHOS::Security::CertManager::Ani { +class CmOpenUninstallDialog : public CertManagerAsyncImpl { +private: + /* ani params */ + ani_enum_item aniCertType; + ani_string aniCertUri; + /* parsed params */ + CmDialogPageType pageType; + CmBlob certUri = { 0 }; + +public: + CmOpenUninstallDialog(ani_env *env, ani_object aniContext, ani_enum_item aniCertType, ani_string aniCertUri, + ani_object callback); + ~CmOpenUninstallDialog() {}; + + int32_t GetParamsFromEnv() override; + int32_t UnpackResult() override; + void OnFinish() override; + int32_t InvokeAsyncWork() override; +}; +} +#endif // CM_OPEN_UNINSTALL_DIALOG_H \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_dialog_ani.cpp b/interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_dialog_ani.cpp new file mode 100644 index 0000000..a919156 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_dialog_ani.cpp @@ -0,0 +1,98 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "ani.h" +#include "cm_log.h" +#include "cm_open_certmanager_dialog.h" +#include "cm_open_install_dialog.h" +#include "cm_open_uninstall_dialog.h" +#include "cm_open_cert_detail_dialog.h" +#include "cm_open_auth_dialog.h" + +namespace OHOS::Security::CertManager::Ani { +ani_object openCertificateManagerDialogNative(ani_env *env, ani_object context, ani_enum_item pageType, + ani_object callback) +{ + auto openCertmanagerDialogImpl = std::make_shared(env, context, pageType, callback); + return openCertmanagerDialogImpl->Invoke(); +} + +ani_object openInstallCertificateDialogNative(ani_env *env, ani_object context, ani_object params, + ani_object callback) +{ + auto openInstallDialogImpl = std::make_shared(env, context, callback, params); + return openInstallDialogImpl->Invoke(); +} +ani_object openUninstallCertificateDialogNative(ani_env *env, ani_object context, ani_enum_item certType, + ani_string certUri, ani_object callback) +{ + auto openUninstallDialogImpl = std::make_shared(env, context, certType, certUri, callback); + return openUninstallDialogImpl->Invoke(); +} + +ani_object openCertificateDetailDialogNative(ani_env *env, ani_object context, ani_string cert, + ani_boolean showInstallButton, ani_object callback) +{ + auto openCertDetailDialogImpl = std::make_shared(env, context, cert, showInstallButton, + callback); + return openCertDetailDialogImpl->Invoke(); +} + +ani_object openAuthorizeDialogNative(ani_env *env, ani_object context, ani_object callback) +{ + auto openAuthDialogImpl = std::make_shared(env, context, callback); + return openAuthDialogImpl->Invoke(); +} +} + +ANI_EXPORT ani_status ANI_Constructor(ani_vm *vm, uint32_t *result) +{ + if (vm == nullptr || result == nullptr) { + return ANI_INVALID_ARGS; + } + ani_env *env; + auto ret = vm->GetEnv(ANI_VERSION_1, &env); + if (ret != ANI_OK) { + CM_LOG_E("GetEnv failed, ret = %d", static_cast(ret)); + return ret; + } + ani_module module; + ret = env->FindModule("L@ohos/security/certManagerDialog;", &module); + if (ret != ANI_OK) { + CM_LOG_E("FindModule failed, ret = %d", static_cast(ret)); + return ret; + } + const std::array methods { + ani_native_function {"openCertificateManagerDialogNative", nullptr, + reinterpret_cast(OHOS::Security::CertManager::Ani::openCertificateManagerDialogNative)}, + ani_native_function {"openInstallCertificateDialogNative", nullptr, + reinterpret_cast(OHOS::Security::CertManager::Ani::openInstallCertificateDialogNative)}, + ani_native_function {"openUninstallCertificateDialogNative", nullptr, + reinterpret_cast(OHOS::Security::CertManager::Ani::openUninstallCertificateDialogNative)}, + ani_native_function {"openCertificateDetailDialogNative", nullptr, + reinterpret_cast(OHOS::Security::CertManager::Ani::openCertificateDetailDialogNative)}, + ani_native_function {"openAuthorizeDialogNative", nullptr, + reinterpret_cast(OHOS::Security::CertManager::Ani::openAuthorizeDialogNative)}, + }; + ret = env->Module_BindNativeFunctions(module, methods.data(), methods.size()); + if (ret != ANI_OK) { + CM_LOG_E("Module_BindNativeFunctions failed, ret = %d", static_cast(ret)); + return ret; + } + *result = ANI_VERSION_1; + return ANI_OK; +} \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_open_auth_dialog.cpp b/interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_open_auth_dialog.cpp new file mode 100644 index 0000000..017d23a --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_open_auth_dialog.cpp @@ -0,0 +1,61 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cm_open_auth_dialog.h" +#include "cm_mem.h" +#include "cm_ani_utils.h" +#include "cm_ani_common.h" +#include "syspara/parameters.h" +#include "cm_log.h" +#include "cm_dialog_api_common.h" + +namespace OHOS::Security::CertManager::Ani { +using namespace Dialog; +CmOpenAuthDialog::CmOpenAuthDialog(ani_env *env, ani_object aniContext, ani_object callback) + : CertManagerAsyncImpl(env, aniContext, callback) {} + +int32_t CmOpenAuthDialog::InvokeAsyncWork() +{ + CM_LOG_D("InvokeAsyncWork start"); + std::string lableName = ""; + int32_t ret = GetCallerLabelName(this->abilityContext, lableName); + if (ret != CM_SUCCESS) { + CM_LOG_E("get caller lableName failed, ret = %d", ret); + return ret; + } + + OHOS::AAFwk::Want want; + want.SetElementName(CERT_MANAGER_BUNDLENAME, CERT_MANAGER_ABILITYNAME); + want.SetParam(CERT_MANAGER_CALLER_BUNDLENAME, lableName); + want.SetParam(CERT_MANAGER_CALLER_UID, static_cast(getuid())); + want.SetParam(PARAM_UI_EXTENSION_TYPE, SYS_COMMON_UI); + want.SetParam(CERT_MANAGER_PAGE_TYPE, static_cast(PAGE_REQUEST_AUTHORIZE)); + + auto uiExtensionCallback = std::make_shared(this->vm, this->abilityContext, + this->globalCallback); + + return StartUIExtensionAbility(this->abilityContext, want, uiExtensionCallback); +} + +int32_t CmOpenAuthDialog::UnpackResult() +{ + return CM_SUCCESS; +} + +void CmOpenAuthDialog::OnFinish() +{ + return; +} +} \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_open_cert_detail_dialog.cpp b/interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_open_cert_detail_dialog.cpp new file mode 100644 index 0000000..3089c96 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_open_cert_detail_dialog.cpp @@ -0,0 +1,87 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cm_open_cert_detail_dialog.h" +#include "cm_mem.h" +#include "cm_ani_utils.h" +#include "cm_ani_common.h" +#include "syspara/parameters.h" +#include "cm_log.h" +#include "cm_dialog_api_common.h" + +namespace OHOS::Security::CertManager::Ani { +using namespace Dialog; +CmOpenCertDetailDialog::CmOpenCertDetailDialog(ani_env *env, ani_object aniContext, ani_string aniCert, + ani_boolean showInstallButton, ani_object callback) : CertManagerAsyncImpl(env, aniContext, callback) +{ + this->showInstallButton = showInstallButton; + this->aniCert = aniCert; +} + +int32_t CmOpenCertDetailDialog::GetParamsFromEnv() +{ + if (OHOS::system::GetParameter("const.product.devicetype", "") != "2in1") { + CM_LOG_E("deviceType is not 2in1"); + return DIALOG_ERROR_NOT_SUPPORTED; + } + int32_t ret = CertManagerAsyncImpl::GetParamsFromEnv(); + if (ret != CM_SUCCESS) { + CM_LOG_E("parse params failed. ret = %d", ret); + return ret; + } + ani_env *vmEnv = GetEnv(this->vm); + if (vmEnv == nullptr) { + CM_LOG_E("get env failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + + ret = AniUtils::ParseString(vmEnv, this->aniCert, this->cert); + if (ret != CM_SUCCESS) { + CM_LOG_E("parse cert failed, ret = %d", ret); + return ret; + } + return CM_SUCCESS; +} + +int32_t CmOpenCertDetailDialog::InvokeAsyncWork() +{ + CM_LOG_D("InvokeAsyncWork start"); + std::string certStr(reinterpret_cast(this->cert.data), this->cert.size); + + OHOS::AAFwk::Want want; + want.SetElementName(CERT_MANAGER_BUNDLENAME, CERT_MANAGER_ABILITYNAME); + want.SetParam(PARAM_UI_EXTENSION_TYPE, SYS_COMMON_UI); + want.SetParam(CERT_MANAGER_CERTIFICATE_DATA, certStr); + want.SetParam(CERT_MANAGER_OPERATION_TYPE, DIALOG_OPERATION_DETAIL); + want.SetParam(CERT_MANAGER_SHOW_INSTALL_BUTTON, static_cast(this->showInstallButton)); + want.SetParam(CERT_MANAGER_PAGE_TYPE, static_cast(PAGE_INSTALL_CA_GUIDE)); + + auto uiExtensionCallback = std::make_shared(this->vm, this->abilityContext, + this->globalCallback); + + return StartUIExtensionAbility(this->abilityContext, want, uiExtensionCallback); +} + +int32_t CmOpenCertDetailDialog::UnpackResult() +{ + return CM_SUCCESS; +} + +void CmOpenCertDetailDialog::OnFinish() +{ + CM_FREE_BLOB(this->cert); + return; +} +} \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_open_certmanager_dialog.cpp b/interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_open_certmanager_dialog.cpp new file mode 100644 index 0000000..b70c637 --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_open_certmanager_dialog.cpp @@ -0,0 +1,73 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cm_open_certmanager_dialog.h" +#include "cm_mem.h" +#include "cm_ani_utils.h" +#include "cm_ani_common.h" + +namespace OHOS::Security::CertManager::Ani { +CmOpenCertManagerDialog::CmOpenCertManagerDialog(ani_env *env, ani_object aniContext, + ani_enum_item aniPageType, ani_object callback) : CertManagerAsyncImpl(env, aniContext, callback) +{ + this->aniPageType = aniPageType; +} + +int32_t CmOpenCertManagerDialog::GetParamsFromEnv() +{ + int32_t ret = CertManagerAsyncImpl::GetParamsFromEnv(); + if (ret != CM_SUCCESS) { + CM_LOG_E("parse params failed. ret = %d", ret); + return ret; + } + ani_env *vmEnv = GetEnv(this->vm); + if (vmEnv == nullptr) { + CM_LOG_E("get env failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + int32_t pageTypeValue = 0; + if (vmEnv->EnumItem_GetValue_Int(this->aniPageType, (ani_int *)&pageTypeValue) != ANI_OK) { + CM_LOG_E("get pageType value failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + this->pageType = static_cast(pageTypeValue); + return CM_SUCCESS; +} + +int32_t CmOpenCertManagerDialog::InvokeAsyncWork() +{ + CM_LOG_D("InvokeAsyncWork start"); + OHOS::AAFwk::Want want; + + want.SetElementName(CERT_MANAGER_BUNDLENAME, CERT_MANAGER_ABILITYNAME); + want.SetParam(CERT_MANAGER_PAGE_TYPE, static_cast(this->pageType)); + want.SetParam(PARAM_UI_EXTENSION_TYPE, SYS_COMMON_UI); + + auto uiExtensionCallback = std::make_shared(this->vm, this->abilityContext, + this->globalCallback); + + return StartUIExtensionAbility(this->abilityContext, want, uiExtensionCallback); +} + +int32_t CmOpenCertManagerDialog::UnpackResult() +{ + return CM_SUCCESS; +} + +void CmOpenCertManagerDialog::OnFinish() +{ + return; +} +} \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_open_dialog.cpp b/interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_open_dialog.cpp new file mode 100644 index 0000000..4c6b60f --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_open_dialog.cpp @@ -0,0 +1,243 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include "cm_open_dialog.h" + +#include +#include +#include +#include "securec.h" +#include "cm_ani_utils.h" +#include "cm_ani_common.h" + +#include "cm_log.h" + +namespace OHOS::Security::CertManager::Ani { +using namespace OHOS::AbilityRuntime; + +CmAniUIExtensionCallback::CmAniUIExtensionCallback(ani_vm *vm, std::shared_ptr context, + ani_ref aniCallback) +{ + this->vm = vm; + this->context = context; + this->aniCallback = aniCallback; +} + +CmAniUIExtensionCallback::~CmAniUIExtensionCallback() {} + +void CmAniUIExtensionCallback::SetSessionId(const int32_t sessionId) +{ + this->sessionId = sessionId; +} + +ani_object CmAniUIExtensionCallback::GetDefaultResult(ani_env *env) +{ + ani_ref nullRef; + env->GetNull(&nullRef); + return reinterpret_cast(nullRef); +} + +void CmAniUIExtensionCallback::invokeCallback(ani_env *env, const int32_t code, ani_object result) +{ + CM_LOG_D("CmAniUIExtensionCallback::invokeCallback"); + { + std::lock_guard lock(this->lockIsReleased); + if (this->isReleased) { + CM_LOG_W("callback has invoked."); + return; + } + this->isReleased = true; + } + if (this->context != nullptr) { + auto uiContent = this->context->GetUIContent(); + if (uiContent != nullptr) { + CM_LOG_D("close ModalUIExtension"); + uiContent->CloseModalUIExtension(this->sessionId); + } + } + + int32_t ret; + ani_object businessError{}; + if (code != CM_SUCCESS) { + businessError = GetDialogAniErrorResult(env, code); + if (businessError == nullptr) { + CM_LOG_E("get businessError failed."); + return; + } + } else { + ret = AniUtils::GenerateBusinessError(env, CM_SUCCESS, "", businessError); + if (ret != CM_SUCCESS) { + CM_LOG_E("generate businessError failed."); + return; + } + } + + ani_status status = env->Object_CallMethodByName_Void(reinterpret_cast(this->aniCallback), "invoke", + "L@ohos/base/BusinessError;Lstd/core/Object;:V", businessError, result); + if (status != ANI_OK) { + CM_LOG_E("invoke callback failed. status = %d", static_cast(status)); + return; + } + env->GlobalReference_Delete(this->aniCallback); + this->vm->DetachCurrentThread(); + return; +} + +void CmAniUIExtensionCallback::OnRelease(const int32_t releaseCode) +{ + CM_LOG_D("UIExtensionComponent OnRelease, releaseCode: %d", releaseCode); + ani_env *env = GetEnv(this->vm); + if (env == nullptr) { + CM_LOG_E("get env failed."); + return; + } + this->invokeCallback(env, releaseCode, this->GetDefaultResult(env)); +} + +void CmAniUIExtensionCallback::OnResult(const int32_t resultCode, const OHOS::AAFwk::Want &result) +{ + CM_LOG_D("UIExtensionComponent OnResult, resultCode: %d", resultCode); + ani_env *env = GetEnv(this->vm); + if (env == nullptr) { + CM_LOG_E("get env failed."); + return; + } + this->invokeCallback(env, resultCode, this->GetDefaultResult(env)); +} + +void CmAniUIExtensionCallback::OnReceive(const OHOS::AAFwk::WantParams &request) +{ + CM_LOG_D("UIExtensionComponent OnReceive"); + ani_env *env = GetEnv(this->vm); + if (env == nullptr) { + CM_LOG_E("get env failed."); + return; + } + this->invokeCallback(env, CM_SUCCESS, this->GetDefaultResult(env)); +} + +void CmAniUIExtensionCallback::OnError(const int32_t code, const std::string &name, const std::string &message) +{ + CM_LOG_D("UIExtensionComponent OnError, code: %d, name: %s, message: %s", code, name.c_str(), message.c_str()); + ani_env *env = GetEnv(this->vm); + if (env == nullptr) { + CM_LOG_E("get env failed."); + return; + } + this->invokeCallback(env, code, this->GetDefaultResult(env)); +} + +void CmAniUIExtensionCallback::OnRemoteReady(const std::shared_ptr &uiProxy) +{ + CM_LOG_D("UIExtensionComponent OnRemoteReady"); +} + +void CmAniUIExtensionCallback::OnDestroy() +{ + CM_LOG_D("UIExtensionComponent OnDestroy"); + ani_env *env = GetEnv(this->vm); + if (env == nullptr) { + CM_LOG_E("get env failed."); + return; + } + this->invokeCallback(env, CM_SUCCESS, this->GetDefaultResult(env)); +} + +CmAniUIExtensionCallbackString::CmAniUIExtensionCallbackString( + ani_vm *vm, + std::shared_ptr context, + ani_ref aniCallback +) : CmAniUIExtensionCallback(vm, context, aniCallback) {} + +ani_object CmAniUIExtensionCallbackString::GetDefaultResult(ani_env *env) +{ + ani_string aniResult = AniUtils::GenerateCharStr(env, "", 0); + return reinterpret_cast(aniResult); +} + +void CmAniUIExtensionCallbackString::OnReceive(const OHOS::AAFwk::WantParams &request) +{ + CM_LOG_D("UIExtensionComponent OnReceive"); + ani_env *env = GetEnv(this->vm); + if (env == nullptr) { + CM_LOG_E("get env failed."); + return; + } + std::string result = request.GetStringParam("uri"); + ani_string aniResult = AniUtils::GenerateCharStr(env, result.c_str(), result.size()); + if (aniResult == nullptr) { + aniResult = reinterpret_cast(GetDefaultResult(env)); + } + this->invokeCallback(env, CM_SUCCESS, reinterpret_cast(aniResult)); +} + +static bool CheckBasicPermission(void) +{ + AccessToken::AccessTokenID tokenId = OHOS::IPCSkeleton::GetCallingTokenID(); + + int result = AccessToken::AccessTokenKit::VerifyAccessToken(tokenId, "ohos.permission.ACCESS_CERT_MANAGER"); + if (result == AccessToken::PERMISSION_GRANTED) { + return true; + } + + return false; +} + +int32_t StartUIExtensionAbility(std::shared_ptr context, OHOS::AAFwk::Want want, + std::shared_ptr uiExtCallback) +{ + /* + * Before starting the UIExtension, the permission is verified for interception. + * The verification will be performed again in the process of starting the com.ohos.certmanager application. + */ + CM_LOG_D("begin StartUIExtensionAbility"); + if (!CheckBasicPermission()) { + CM_LOG_E("not has basic permission"); + return CMR_DIALOG_ERROR_PERMISSION_DENIED; + } + + if (context == nullptr) { + CM_LOG_E("check context is nullptr"); + return CMR_DIALOG_ERROR_PARAM_INVALID; + } + + auto uiContent = context->GetUIContent(); + if (uiContent == nullptr) { + CM_LOG_E("uiContent is null"); + return CMR_DIALOG_ERROR_PARAM_INVALID; + } + + OHOS::Ace::ModalUIExtensionCallbacks extensionCallbacks = { + [uiExtCallback](int32_t releaseCode) { uiExtCallback->OnRelease(releaseCode); }, + [uiExtCallback](int32_t resultCode, const OHOS::AAFwk::Want &result) { + uiExtCallback->OnResult(resultCode, result); }, + [uiExtCallback](const OHOS::AAFwk::WantParams &request) { uiExtCallback->OnReceive(request); }, + [uiExtCallback](int32_t errorCode, const std::string &name, const std::string &message) { + uiExtCallback->OnError(errorCode, name, message); }, + [uiExtCallback](const std::shared_ptr &uiProxy) { + uiExtCallback->OnRemoteReady(uiProxy); }, + [uiExtCallback]() { uiExtCallback->OnDestroy(); } + }; + + OHOS::Ace::ModalUIExtensionConfig uiExtConfig; + uiExtConfig.isProhibitBack = false; + int32_t sessionId = uiContent->CreateModalUIExtension(want, extensionCallbacks, uiExtConfig); + if (sessionId == 0) { + CM_LOG_E("CreateModalUIExtension failed"); + return CMR_DIALOG_ERROR_PARAM_INVALID; + } + uiExtCallback->SetSessionId(sessionId); + return CM_SUCCESS; +} +} \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_open_install_dialog.cpp b/interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_open_install_dialog.cpp new file mode 100644 index 0000000..431944d --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_open_install_dialog.cpp @@ -0,0 +1,119 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cm_open_install_dialog.h" +#include "cm_mem.h" +#include "cm_ani_utils.h" +#include "cm_ani_common.h" +#include "syspara/parameters.h" +#include "cm_log.h" +#include "cm_dialog_api_common.h" + +namespace OHOS::Security::CertManager::Ani { +using namespace Dialog; +CmOpenInstallDialog::CmOpenInstallDialog(ani_env *env, ani_object aniContext, ani_object callback, + ani_object params) : CertManagerAsyncImpl(env, aniContext, callback) +{ + if (env == nullptr) { + return; + } + env->Object_GetPropertyByName_Ref(params, "certType", reinterpret_cast(&this->aniCertType)); + env->Object_GetPropertyByName_Ref(params, "certScope", reinterpret_cast(&this->aniCertScope)); + env->Object_GetPropertyByName_Ref(params, "certStr", reinterpret_cast(&this->aniCert)); +} + +int32_t CmOpenInstallDialog::GetParamsFromEnv() +{ + if (OHOS::system::GetParameter("const.product.devicetype", "") != "2in1") { + CM_LOG_E("deviceType is not 2in1"); + return DIALOG_ERROR_NOT_SUPPORTED; + } + int32_t ret = CertManagerAsyncImpl::GetParamsFromEnv(); + if (ret != CM_SUCCESS) { + CM_LOG_E("parse params failed. ret = %d", ret); + return ret; + } + ani_env *vmEnv = GetEnv(this->vm); + if (vmEnv == nullptr) { + CM_LOG_E("get env failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + + int32_t aniCertType = 0; + if (vmEnv->EnumItem_GetValue_Int(this->aniCertType, (ani_int *)&aniCertType) != ANI_OK) { + CM_LOG_E("get certType value failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + switch (static_cast(aniCertType)) { + case CmCertificateType::CA_CERT: + this->pageType = CmDialogPageType::PAGE_INSTALL_CA_GUIDE; + break; + default: + return CM_SUCCESS; + } + + int32_t aniCertScope = 0; + if (vmEnv->EnumItem_GetValue_Int(this->aniCertScope, (ani_int *)&aniCertScope) != ANI_OK) { + CM_LOG_E("get certScope value failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + this->certScope = static_cast(aniCertType); + + ret = AniUtils::ParseString(vmEnv, this->aniCert, this->cert); + if (ret != CM_SUCCESS) { + CM_LOG_E("parse cert failed, ret = %d", ret); + return ret; + } + return CM_SUCCESS; +} + +int32_t CmOpenInstallDialog::InvokeAsyncWork() +{ + CM_LOG_D("InvokeAsyncWork start"); + std::string certStr(reinterpret_cast(this->cert.data), this->cert.size); + + std::string lableName = ""; + int32_t ret = GetCallerLabelName(this->abilityContext, lableName); + if (ret != CM_SUCCESS) { + CM_LOG_E("get caller lableName failed, ret = %d", ret); + return ret; + } + + OHOS::AAFwk::Want want; + want.SetElementName(CERT_MANAGER_BUNDLENAME, CERT_MANAGER_ABILITYNAME); + want.SetParam(CERT_MANAGER_PAGE_TYPE, static_cast(this->pageType)); + want.SetParam(CERT_MANAGER_CERTIFICATE_DATA, certStr); + want.SetParam(CERT_MANAGER_CERTSCOPE_TYPE, static_cast(this->certScope)); + want.SetParam(CERT_MANAGER_CALLER_BUNDLENAME, lableName); + want.SetParam(PARAM_UI_EXTENSION_TYPE, SYS_COMMON_UI); + want.SetParam(CERT_MANAGER_OPERATION_TYPE, static_cast(DIALOG_OPERATION_INSTALL)); + + auto uiExtensionCallback = std::make_shared(this->vm, this->abilityContext, + this->globalCallback); + + return StartUIExtensionAbility(this->abilityContext, want, uiExtensionCallback); +} + +int32_t CmOpenInstallDialog::UnpackResult() +{ + return CM_SUCCESS; +} + +void CmOpenInstallDialog::OnFinish() +{ + CM_FREE_BLOB(this->cert); + return; +} +} \ No newline at end of file diff --git a/interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_open_uninstall_dialog.cpp b/interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_open_uninstall_dialog.cpp new file mode 100644 index 0000000..4e7b58b --- /dev/null +++ b/interfaces/kits/ani/certificate_manager_dialog_ani/src/cm_open_uninstall_dialog.cpp @@ -0,0 +1,107 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cm_open_uninstall_dialog.h" +#include "cm_mem.h" +#include "cm_ani_utils.h" +#include "cm_ani_common.h" +#include "syspara/parameters.h" +#include "cm_log.h" +#include "cm_dialog_api_common.h" + +namespace OHOS::Security::CertManager::Ani { +using namespace Dialog; +CmOpenUninstallDialog::CmOpenUninstallDialog(ani_env *env, ani_object aniContext, ani_enum_item aniCertType, + ani_string aniCertUri, ani_object callback) : CertManagerAsyncImpl(env, aniContext, callback) +{ + this->aniCertType = aniCertType; + this->aniCertUri = aniCertUri; +} + +int32_t CmOpenUninstallDialog::GetParamsFromEnv() +{ + if (OHOS::system::GetParameter("const.product.devicetype", "") != "2in1") { + CM_LOG_E("deviceType is not 2in1"); + return DIALOG_ERROR_NOT_SUPPORTED; + } + int32_t ret = CertManagerAsyncImpl::GetParamsFromEnv(); + if (ret != CM_SUCCESS) { + CM_LOG_E("parse params failed. ret = %d", ret); + return ret; + } + ani_env *vmEnv = GetEnv(this->vm); + if (vmEnv == nullptr) { + CM_LOG_E("get env failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + + int32_t aniCertType = 0; + if (vmEnv->EnumItem_GetValue_Int(this->aniCertType, (ani_int *)&aniCertType) != ANI_OK) { + CM_LOG_E("get certType value failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + switch (static_cast(aniCertType)) { + case CmCertificateType::CA_CERT: + this->pageType = CmDialogPageType::PAGE_INSTALL_CA_GUIDE; + break; + default: + return CMR_ERROR_INVALID_ARGUMENT; + } + + ret = AniUtils::ParseString(vmEnv, this->aniCertUri, this->certUri); + if (ret != CM_SUCCESS) { + CM_LOG_E("parse aniCertUri failed, ret = %d", ret); + return ret; + } + return CM_SUCCESS; +} + +int32_t CmOpenUninstallDialog::InvokeAsyncWork() +{ + CM_LOG_D("InvokeAsyncWork start"); + std::string uriStr(reinterpret_cast(this->certUri.data), this->certUri.size); + + std::string lableName = ""; + int32_t ret = GetCallerLabelName(this->abilityContext, lableName); + if (ret != CM_SUCCESS) { + CM_LOG_E("get caller lableName failed, ret = %d", ret); + return ret; + } + + OHOS::AAFwk::Want want; + want.SetElementName(CERT_MANAGER_BUNDLENAME, CERT_MANAGER_ABILITYNAME); + want.SetParam(CERT_MANAGER_PAGE_TYPE, static_cast(this->pageType)); + want.SetParam(CERT_MANAGER_CALLER_BUNDLENAME, lableName); + want.SetParam(CERT_MANAGER_CERT_URI, uriStr); + want.SetParam(PARAM_UI_EXTENSION_TYPE, SYS_COMMON_UI); + want.SetParam(CERT_MANAGER_OPERATION_TYPE, DIALOG_OPERATION_UNINSTALL); + + auto uiExtensionCallback = std::make_shared(this->vm, this->abilityContext, + this->globalCallback); + + return StartUIExtensionAbility(this->abilityContext, want, uiExtensionCallback); +} + +int32_t CmOpenUninstallDialog::UnpackResult() +{ + return CM_SUCCESS; +} + +void CmOpenUninstallDialog::OnFinish() +{ + CM_FREE_BLOB(this->certUri); + return; +} +} \ No newline at end of file diff --git a/interfaces/kits/ani/cm_ani_common/BUILD.gn b/interfaces/kits/ani/cm_ani_common/BUILD.gn new file mode 100644 index 0000000..579a6c9 --- /dev/null +++ b/interfaces/kits/ani/cm_ani_common/BUILD.gn @@ -0,0 +1,73 @@ +# Copyright (c) 2025-2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//base/security/certificate_manager/cert_manager.gni") +import("//build/ohos.gni") + +config("cm_ani_common_config") { + include_dirs = [ + "./builder/include", + "./impl/include", + "./utils/include", + "../../common/include", + ] +} + +ohos_static_library("cm_ani_common_static") { + branch_protector_ret = "pac_ret" + sanitize = { + cfi = true + cfi_cross_dso = true + boundary_sanitize = true + debug = false + integer_overflow = true + ubsan = true + cfi_vcall_icall_only = true + } + public_configs = [ ":cm_ani_common_config" ] + include_dirs = [ + "./builder/include", + "./impl/include", + "./utils/include", + "../../common/include", + ] + sources = [ + "./builder/src/cm_result_builder.cpp", + "./impl/src/cm_ani_impl.cpp", + "./impl/src/cm_ani_common.cpp", + "./impl/src/cm_ani_async_impl.cpp", + "./utils/src/cm_ani_utils.cpp", + ] + external_deps = [ + "c_utils:utils", + "runtime_core:ani", + "runtime_core:ani_helpers", + "ability_base:base", + "ability_runtime:ani_base_context", + "ability_runtime:ability_context_native", + "ability_runtime:ability_manager", + "ability_runtime:abilitykit_native", + "ability_runtime:app_context", + ] + cflags_cc = [ + "-Wall", + "-Werror", + ] + deps = [ + "${cert_manager_root_dir}/frameworks/cert_manager_standard/main/common:libcert_manager_common_standard_static", + "${cert_manager_root_dir}/interfaces/innerkits/cert_manager_standard/main:cert_manager_sdk", + ] + complete_static_lib = true + subsystem_name = "security" + part_name = "certificate_manager" +} diff --git a/interfaces/kits/ani/cm_ani_common/builder/include/cm_result_builder.h b/interfaces/kits/ani/cm_ani_common/builder/include/cm_result_builder.h new file mode 100644 index 0000000..0425644 --- /dev/null +++ b/interfaces/kits/ani/cm_ani_common/builder/include/cm_result_builder.h @@ -0,0 +1,53 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_RESULT_BUILDER_H +#define CM_RESULT_BUILDER_H + +#include "ani.h" +#include "cm_type.h" + +namespace OHOS::Security::CertManager::Ani { +class CMResultBuilder { +private: + ani_env *env = nullptr; + CmBlob *uri = nullptr; + CredentialList *credentialList = nullptr; + Credential *credential = nullptr; + CertList *certList = nullptr; + CmBlob *outData = nullptr; + CertInfo *certInfo = nullptr; + + int32_t buildUri(); + int32_t buildCredentialList(); + int32_t buildCredential(); + int32_t buildCertList(); + int32_t buildCertInfo(); + int32_t credentialSetStringProperty(ani_object credentialObj); + int32_t buildOutData(); +public: + ani_object cmResult; + CMResultBuilder(ani_env *env); + + CMResultBuilder *setUri(CmBlob *uri); + CMResultBuilder *setCredentialList(CredentialList *credentialList); + CMResultBuilder *setCredential(Credential *credential); + CMResultBuilder *setCertList(CertList *certList); + CMResultBuilder *setCertInfo(CertInfo *certInfo); + CMResultBuilder *setOutData(CmBlob *outData); + int32_t build(); +}; +} // OHOS::Security::CertManager::Ani +#endif // CM_RESULT_BUILDER_H \ No newline at end of file diff --git a/interfaces/kits/ani/cm_ani_common/builder/src/cm_result_builder.cpp b/interfaces/kits/ani/cm_ani_common/builder/src/cm_result_builder.cpp new file mode 100644 index 0000000..84f317b --- /dev/null +++ b/interfaces/kits/ani/cm_ani_common/builder/src/cm_result_builder.cpp @@ -0,0 +1,319 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cm_result_builder.h" +#include "ani.h" +#include "cm_ani_utils.h" +#include "cm_type.h" +#include "cm_log.h" +#include + +namespace OHOS::Security::CertManager::Ani { +CMResultBuilder::CMResultBuilder(ani_env *env) +{ + this->env = env; +} + +CMResultBuilder *CMResultBuilder::setUri(CmBlob *uri) +{ + this->uri = uri; + return this; +} + +int32_t CMResultBuilder::buildUri() +{ + if (uri == nullptr) { + CM_LOG_D("cmResult uri is nullptr"); + return CM_SUCCESS; + } + ani_string uriString = AniUtils::GenerateString(env, *uri); + if (uriString == nullptr) { + CM_LOG_E("cmResult generate uri failed"); + return CMR_ERROR_INVALID_ARGUMENT; + } + + ani_status status = env->Object_SetPropertyByName_Ref(cmResult, "uri", uriString); + if (status != ANI_OK) { + CM_LOG_E("cmResult set property uri failed. ret = %d", static_cast(status)); + return CMR_ERROR_INVALID_ARGUMENT; + } + return CM_SUCCESS; +} + +CMResultBuilder *CMResultBuilder::setCredentialList(CredentialList *credentialList) +{ + this->credentialList = credentialList; + return this; +} + +int32_t CMResultBuilder::buildCredentialList() +{ + if (credentialList == nullptr) { + CM_LOG_D("cmResult credentialList is nullptr"); + return CM_SUCCESS; + } + uint32_t credCount = credentialList->credentialCount; + CredentialAbstract *credentialAbstract = credentialList->credentialAbstract; + if (credCount == 0 || credentialAbstract == nullptr) { + return CM_SUCCESS; + } + + ani_array_ref aniCredArray; + int32_t ret = AniUtils::GenerateCredArray(env, credentialAbstract, credCount, aniCredArray); + if (ret != CM_SUCCESS) { + CM_LOG_E("generate cred array failed."); + return ret; + } + ani_status status = env->Object_SetPropertyByName_Ref(cmResult, "credentialList", aniCredArray); + if (status != ANI_OK) { + CM_LOG_E("cmResult set property credentialList failed. ret = %d", static_cast(status)); + return CMR_ERROR_INVALID_ARGUMENT; + } + return CM_SUCCESS; +} + +CMResultBuilder *CMResultBuilder::setCredential(Credential *credential) +{ + this->credential = credential; + return this; +} + +int32_t CMResultBuilder::credentialSetStringProperty(ani_object credentialObj) +{ + CmBlob typeBlob = { strlen(credential->type), (uint8_t *)credential->type }; + CmBlob aliasBlob = { strlen(credential->alias), (uint8_t *)credential->alias }; + CmBlob keyuriBlob = { strlen(credential->keyUri), (uint8_t *)credential->keyUri }; + ani_string typeString = AniUtils::GenerateString(env, typeBlob); + ani_string aliasString = AniUtils::GenerateString(env, aliasBlob); + ani_string keyuriString = AniUtils::GenerateString(env, keyuriBlob); + if (typeString == nullptr || aliasString == nullptr || keyuriString == nullptr) { + CM_LOG_E("credential generate string failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + if (env->Object_SetPropertyByName_Ref(credentialObj, "type", typeString) != ANI_OK) { + CM_LOG_E("set credential property type faild"); + return CMR_ERROR_INVALID_ARGUMENT; + } + if (env->Object_SetPropertyByName_Ref(credentialObj, "alias", aliasString) != ANI_OK) { + CM_LOG_E("set credential property alias faild"); + return CMR_ERROR_INVALID_ARGUMENT; + } + if (env->Object_SetPropertyByName_Ref(credentialObj, "keyUri", keyuriString) != ANI_OK) { + CM_LOG_E("set credential property keyUri faild"); + return CMR_ERROR_INVALID_ARGUMENT; + } + return CM_SUCCESS; +} + +int32_t CMResultBuilder::buildCredential() +{ + if (credential == nullptr) { + CM_LOG_D("cmResult credential is nullptr"); + return CM_SUCCESS; + } + ani_object credentialObj; + int32_t ret = AniUtils::GenerateCredentialObj(env, credentialObj); + if (ret != CM_SUCCESS) { + CM_LOG_I("generate credentialObj failed. ret = %d", ret); + return ret; + } + ret = credentialSetStringProperty(credentialObj); + if (ret != CM_SUCCESS) { + CM_LOG_I("credentialObj set string property failed. ret = %d", ret); + return ret; + } + ani_object credData; + ret = AniUtils::GenerateUint8Array(env, &credential->credData, credData); + if (ret != CM_SUCCESS) { + CM_LOG_I("generate credData object failed. ret = %d", ret); + return ret; + } + if (env->Object_SetPropertyByName_Int(credentialObj, "certNum", + static_cast(credential->certNum)) != ANI_OK) { + CM_LOG_E("set credential property certNum faild"); + return CMR_ERROR_INVALID_ARGUMENT; + } + if (env->Object_SetPropertyByName_Int(credentialObj, "keyNum", + static_cast(credential->keyNum)) != ANI_OK) { + CM_LOG_E("set credential property keyNum faild"); + return CMR_ERROR_INVALID_ARGUMENT; + } + if (env->Object_SetPropertyByName_Ref(credentialObj, "credentialData", credData) != ANI_OK) { + CM_LOG_E("set credential property credData faild"); + return CMR_ERROR_INVALID_ARGUMENT; + } + ani_status status = env->Object_SetPropertyByName_Ref(cmResult, "credential", credentialObj); + if (status != ANI_OK) { + CM_LOG_E("cmResult set property credentialList failed. ret = %d", static_cast(status)); + return CMR_ERROR_INVALID_ARGUMENT; + } + return CM_SUCCESS; +} + +CMResultBuilder *CMResultBuilder::setOutData(CmBlob *outData) +{ + this->outData = outData; + return this; +} + +int32_t CMResultBuilder::buildOutData() +{ + if (this->outData == nullptr) { + CM_LOG_D("cmResult outData is nullptr"); + return CM_SUCCESS; + } + ani_object aniOutData; + int32_t ret = AniUtils::GenerateUint8Array(env, this->outData, aniOutData); + if (ret != CM_SUCCESS) { + CM_LOG_E("generate outData failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + ani_status status = env->Object_SetPropertyByName_Ref(this->cmResult, "outData", aniOutData); + if (status != ANI_OK) { + CM_LOG_E("cmResult set property outData failed. ret = %d", static_cast(status)); + return CMR_ERROR_INVALID_ARGUMENT; + } + return CM_SUCCESS; +} + +CMResultBuilder *CMResultBuilder::setCertList(CertList *certList) +{ + this->certList = certList; + return this; +} + +int32_t CMResultBuilder::buildCertList() +{ + if (certList == nullptr) { + CM_LOG_D("cmResult certList is nullptr"); + return CM_SUCCESS; + } + uint32_t certCount = certList->certsCount; + CertAbstract *certAbstract = certList->certAbstract; + if (certCount == 0 || certAbstract == nullptr) { + return CM_SUCCESS; + } + + ani_array_ref aniCertArray; + int32_t ret = AniUtils::GenerateCertArray(env, certAbstract, certCount, aniCertArray); + if (ret != CM_SUCCESS) { + CM_LOG_E("generate cert array failed."); + return ret; + } + ani_status status = env->Object_SetPropertyByName_Ref(cmResult, "certList", aniCertArray); + if (status != ANI_OK) { + CM_LOG_E("cmResult set property certList failed. ret = %d", static_cast(status)); + return CMR_ERROR_INVALID_ARGUMENT; + } + return CM_SUCCESS; +} + +CMResultBuilder *CMResultBuilder::setCertInfo(CertInfo *certInfo) +{ + this->certInfo = certInfo; + return this; +} + +int32_t CMResultBuilder::buildCertInfo() +{ + if (this->certInfo == nullptr) { + CM_LOG_D("cmResult certInfo is nullptr"); + return CM_SUCCESS; + } + ani_object certInfoObj; + int32_t ret = AniUtils::GenerateCertInfo(this->env, certInfoObj); + if (ret != CM_SUCCESS) { + CM_LOG_E("generate certInfo failed."); + return ret; + } + std::map propertyMap; + propertyMap["uri"] = std::string(this->certInfo->uri); + propertyMap["certAlias"] = std::string(this->certInfo->certAlias); + propertyMap["issuerName"] = std::string(this->certInfo->issuerName); + propertyMap["subjectName"] = std::string(this->certInfo->subjectName); + propertyMap["serial"] = std::string(this->certInfo->serial); + propertyMap["notBefore"] = std::string(this->certInfo->notBefore); + propertyMap["notAfter"] = std::string(this->certInfo->notAfter); + propertyMap["fingerprintSha256"] = std::string(this->certInfo->fingerprintSha256); + ret = AniUtils::SetObjStringProperty(env, certInfoObj, propertyMap); + if (ret != CM_SUCCESS) { + CM_LOG_E("set certInfo property failed."); + return ret; + } + ani_status status = env->Object_SetPropertyByName_Boolean(certInfoObj, "state", + static_cast(this->certInfo->status)); + if (status != ANI_OK) { + CM_LOG_E("certInfo set state failed. ret = %d", static_cast(status)); + return CMR_ERROR_INVALID_ARGUMENT; + } + ani_object certInfoData; + ret = AniUtils::GenerateUint8Array(env, &this->certInfo->certInfo, certInfoData); + if (ret != CM_SUCCESS) { + CM_LOG_E("generate certInfo data failed."); + return ret; + } + status = env->Object_SetPropertyByName_Ref(certInfoObj, "cert", certInfoData); + if (status != ANI_OK) { + CM_LOG_E("certInfo set propterty cert failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + status = env->Object_SetPropertyByName_Ref(cmResult, "certInfo", certInfoObj); + if (status != ANI_OK) { + CM_LOG_E("cmResult set property certInfo failed. ret = %d", static_cast(status)); + return CMR_ERROR_INVALID_ARGUMENT; + } + return CM_SUCCESS; +} + +int32_t CMResultBuilder::build() +{ + int32_t ret = AniUtils::GenerateCmResult(env, cmResult); + if (ret != CM_SUCCESS) { + CM_LOG_E("cmResult build failed"); + return ret; + } + ret = buildUri(); + if (ret != CM_SUCCESS) { + CM_LOG_E("cmResult build uri failed."); + return ret; + } + ret = buildCredentialList(); + if (ret != CM_SUCCESS) { + CM_LOG_E("cmResult build credList failed."); + return ret; + } + ret = buildCredential(); + if (ret != CM_SUCCESS) { + CM_LOG_E("cmResult build credential failed."); + return ret; + } + ret = buildOutData(); + if (ret != CM_SUCCESS) { + CM_LOG_E("cmResult build outData failed."); + return ret; + } + ret = buildCertList(); + if (ret != CM_SUCCESS) { + CM_LOG_E("cmResult build certList failed."); + return ret; + } + ret = buildCertInfo(); + if (ret != CM_SUCCESS) { + CM_LOG_E("cmResult build certInfo failed."); + return ret; + } + return CM_SUCCESS; +} +} // OHOS::Security::CertManager::Ani \ No newline at end of file diff --git a/interfaces/kits/ani/cm_ani_common/impl/include/cm_ani_async_impl.h b/interfaces/kits/ani/cm_ani_common/impl/include/cm_ani_async_impl.h new file mode 100644 index 0000000..4e3b3bb --- /dev/null +++ b/interfaces/kits/ani/cm_ani_common/impl/include/cm_ani_async_impl.h @@ -0,0 +1,51 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_ANI_ASYNC_IMPL_H +#define CM_ANI_ASYNC_IMPL_H + +#include "cm_ani_impl.h" +#include "cm_type.h" +#include "ani_base_context.h" +#include "ability_context.h" + +namespace OHOS::Security::CertManager::Ani { +using namespace OHOS::AbilityRuntime; + +class CertManagerAsyncImpl : public CertManagerAniImpl { +public: + ani_env *env {}; + ani_vm *vm {}; + int32_t resultCode = 0; + ani_object result {}; + ani_object callback {}; + ani_ref globalCallback {}; + ani_object aniContext {}; + + std::shared_ptr abilityContext = nullptr; +public: + CertManagerAsyncImpl(ani_env *env, ani_object aniContext, ani_object callback); + virtual ~CertManagerAsyncImpl(); + + virtual int32_t InvokeAsyncWork() = 0; + int32_t GetParamsFromEnv() override; + int32_t InvokeInnerApi() override; + int32_t Init() override; + ani_object GenerateResult(); +}; + +} // OHOS::Security::CertManager::Ani + +#endif // CM_ANI_ASYNC_IMPL_H diff --git a/interfaces/kits/ani/cm_ani_common/impl/include/cm_ani_common.h b/interfaces/kits/ani/cm_ani_common/impl/include/cm_ani_common.h new file mode 100644 index 0000000..ddb6702 --- /dev/null +++ b/interfaces/kits/ani/cm_ani_common/impl/include/cm_ani_common.h @@ -0,0 +1,39 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_ANI_COMMON_H +#define CM_ANI_COMMON_H + +#include "ani.h" +#include "cm_type.h" + +namespace OHOS::Security::CertManager::Ani { +static const uint32_t OUT_SIGNATURE_SIZE = 1000; +static const uint32_t APPLICATION_CERTIFICATE_STORE = 0; +static const uint32_t APPLICATION_PRIVATE_CERTIFICATE_STORE = 3; +static const uint32_t APPLICATION_SYSTEM_CERTIFICATE_STORE = 4; +static const uint32_t OUT_HANDLE_SIZE = 8; +static const uint32_t OUT_AUTH_URI_SIZE = 1000; + +ani_object GetAniErrorResult(ani_env *env, int32_t resultCode); + +ani_object GetDialogAniErrorResult(ani_env *env, int32_t resultCode); + +ani_object GetAniDialogNativeResult(ani_env *env, int32_t resultCode); + +ani_env *GetEnv(ani_vm *vm); +} + +#endif \ No newline at end of file diff --git a/interfaces/kits/ani/cm_ani_common/impl/include/cm_ani_impl.h b/interfaces/kits/ani/cm_ani_common/impl/include/cm_ani_impl.h new file mode 100644 index 0000000..21cd00d --- /dev/null +++ b/interfaces/kits/ani/cm_ani_common/impl/include/cm_ani_impl.h @@ -0,0 +1,43 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_ANI_IMPL_H +#define CM_ANI_IMPL_H + +#include "ani.h" +#include "cm_type.h" + +namespace OHOS::Security::CertManager::Ani { +class CertManagerAniImpl { +public: + ani_env *env = nullptr; + int32_t resultCode = 0; + ani_object result = nullptr; +public: + CertManagerAniImpl(ani_env *env); + virtual ~CertManagerAniImpl(); + + virtual int32_t Init() = 0; + virtual int32_t GetParamsFromEnv() = 0; + virtual int32_t InvokeInnerApi() = 0; + virtual int32_t UnpackResult() = 0; + virtual void OnFinish() = 0; + + ani_object GenerateResult(); + ani_object Invoke(); +}; +} // OHOS::Security::CertManager::Ani + +#endif // CM_ANI_IMPL_H diff --git a/interfaces/kits/ani/cm_ani_common/impl/src/cm_ani_async_impl.cpp b/interfaces/kits/ani/cm_ani_common/impl/src/cm_ani_async_impl.cpp new file mode 100644 index 0000000..62c6d90 --- /dev/null +++ b/interfaces/kits/ani/cm_ani_common/impl/src/cm_ani_async_impl.cpp @@ -0,0 +1,109 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cm_ani_async_impl.h" +#include "cm_log.h" +#include "cm_ani_utils.h" +#include "cm_ani_common.h" +#include "ability_context.h" + +namespace OHOS::Security::CertManager::Ani { +using namespace OHOS::AbilityRuntime; + +CertManagerAsyncImpl::CertManagerAsyncImpl(ani_env *env, ani_object aniContext, + ani_object callback) : CertManagerAniImpl(env) +{ + env->GetVM(&this->vm); + this->callback = callback; + this->aniContext = aniContext; +} + +CertManagerAsyncImpl::~CertManagerAsyncImpl() {} + +int32_t CertManagerAsyncImpl::Init() +{ + ani_env *vmEnv = GetEnv(this->vm); + if (vmEnv == nullptr) { + CM_LOG_E("get env failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + if (vmEnv->GlobalReference_Create(reinterpret_cast(this->callback), &this->globalCallback) != ANI_OK) { + CM_LOG_E("failed to create global callback."); + return CMR_ERROR_INVALID_ARGUMENT; + } + return CM_SUCCESS; +} + +int32_t CertManagerAsyncImpl::GetParamsFromEnv() +{ + ani_env *vmEnv = GetEnv(this->vm); + if (vmEnv == nullptr) { + CM_LOG_E("get env failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + + ani_boolean stageMode = false; + ani_status status = IsStageContext(vmEnv, this->aniContext, stageMode); + if (status != ANI_OK || !stageMode) { + CM_LOG_E("check not stage mode."); + return CMR_ERROR_INVALID_ARGUMENT; + } + + auto context = GetStageModeContext(vmEnv, this->aniContext); + if (context == nullptr) { + CM_LOG_E("get stageMode context failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + + this->abilityContext = Context::ConvertTo(context); + if (this->abilityContext == nullptr) { + CM_LOG_E("convert context to abilityContext failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + return CM_SUCCESS; +} + +int32_t CertManagerAsyncImpl::InvokeAsyncWork() +{ + return CM_SUCCESS; +} + +int32_t CertManagerAsyncImpl::InvokeInnerApi() +{ + return this->InvokeAsyncWork(); +} + +ani_object CertManagerAsyncImpl::GenerateResult() +{ + ani_env *vmEnv = GetEnv(this->vm); + if (vmEnv == nullptr) { + CM_LOG_E("get env failed."); + return nullptr; + } + + int32_t ret; + if (this->resultCode != CM_SUCCESS) { + return GetAniDialogNativeResult(vmEnv, this->resultCode); + } + + ani_object nativeResult{}; + ret = AniUtils::GenerateNativeResult(vmEnv, this->resultCode, nullptr, this->result, nativeResult); + if (ret != CM_SUCCESS) { + CM_LOG_E("generate native result failed, ret = %d", ret); + return nullptr; + } + return nativeResult; +} +} // OHOS::Security::CertManager::Ani diff --git a/interfaces/kits/ani/cm_ani_common/impl/src/cm_ani_common.cpp b/interfaces/kits/ani/cm_ani_common/impl/src/cm_ani_common.cpp new file mode 100644 index 0000000..51fca18 --- /dev/null +++ b/interfaces/kits/ani/cm_ani_common/impl/src/cm_ani_common.cpp @@ -0,0 +1,118 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cm_ani_common.h" +#include "cm_api_common.h" +#include "cm_dialog_api_common.h" +#include "cm_ani_utils.h" +#include "cm_log.h" + +namespace OHOS::Security::CertManager::Ani { +using namespace OHOS::Security::CertManager; + +static int32_t TranformErrorCode(int32_t errorCode) +{ + auto iter = NATIVE_CODE_TO_JS_CODE_MAP.find(errorCode); + if (iter != NATIVE_CODE_TO_JS_CODE_MAP.end()) { + return iter->second; + } + return INNER_FAILURE; +} + +static int32_t TranformDialogErrorCode(int32_t errorCode) +{ + auto iter = Dialog::DIALOG_CODE_TO_JS_CODE_MAP.find(errorCode); + if (iter != Dialog::DIALOG_CODE_TO_JS_CODE_MAP.end()) { + return iter->second; + } + return INNER_FAILURE; +} + +static const char *GetJsErrorMsg(int32_t errCode) +{ + auto iter = NATIVE_CODE_TO_MSG_MAP.find(errCode); + if (iter != NATIVE_CODE_TO_MSG_MAP.end()) { + return (iter->second).c_str(); + } + return GENERIC_MSG.c_str(); +} + +static const char *GetDialogJsErrorMsg(int32_t errCode) +{ + auto iter = Dialog::DIALOG_CODE_TO_MSG_MAP.find(errCode); + if (iter != Dialog::DIALOG_CODE_TO_MSG_MAP.end()) { + return (iter->second).c_str(); + } + return GENERIC_MSG.c_str(); +} + +ani_object GetAniErrorResult(ani_env *env, int32_t resultCode) +{ + int32_t jsRet = TranformErrorCode(resultCode); + const char *msg = GetJsErrorMsg(resultCode); + ani_object retObj{}; + int32_t ret = AniUtils::GenerateNativeResult(env, jsRet, msg, nullptr, retObj); + if (ret != CM_SUCCESS) { + CM_LOG_E("generate err result failed, ret = %d", ret); + return nullptr; + } + return retObj; +} + +ani_object GetAniDialogNativeResult(ani_env *env, int32_t resultCode) +{ + int32_t jsRet = TranformDialogErrorCode(resultCode); + const char *msg = GetDialogJsErrorMsg(resultCode); + ani_object retObj{}; + int32_t ret = AniUtils::GenerateNativeResult(env, jsRet, msg, nullptr, retObj); + if (ret != CM_SUCCESS) { + CM_LOG_E("generate err result failed, ret = %d", ret); + return nullptr; + } + return retObj; +} + +ani_object GetDialogAniErrorResult(ani_env *env, int32_t resultCode) +{ + int32_t jsRet = TranformDialogErrorCode(resultCode); + const char *msg = GetDialogJsErrorMsg(resultCode); + ani_object retObj{}; + int32_t ret = AniUtils::GenerateBusinessError(env, jsRet, msg, retObj); + if (ret != CM_SUCCESS) { + CM_LOG_E("generate businessError failed, ret = %d", ret); + return nullptr; + } + return retObj; +} + +ani_env *GetEnv(ani_vm *vm) +{ + if (vm == nullptr) { + CM_LOG_E("aniVm is nullptr."); + return nullptr; + } + ani_env *env = nullptr; + ani_option interopEnabled {"--interop=enable", nullptr}; + ani_options aniArgs {1, &interopEnabled}; + ani_status status = vm->AttachCurrentThread(&aniArgs, ANI_VERSION_1, &env); + if (status != ANI_OK) { + status = vm->GetEnv(ANI_VERSION_1, &env); + if (status != ANI_OK) { + CM_LOG_E("get aniEnv failed, status = %d", static_cast(status)); + } + } + return env; +} +} \ No newline at end of file diff --git a/interfaces/kits/ani/cm_ani_common/impl/src/cm_ani_impl.cpp b/interfaces/kits/ani/cm_ani_common/impl/src/cm_ani_impl.cpp new file mode 100644 index 0000000..b1dee0c --- /dev/null +++ b/interfaces/kits/ani/cm_ani_common/impl/src/cm_ani_impl.cpp @@ -0,0 +1,81 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cm_ani_impl.h" +#include "cm_log.h" +#include "cm_ani_utils.h" +#include "cm_ani_common.h" + +namespace OHOS::Security::CertManager::Ani { + +CertManagerAniImpl::CertManagerAniImpl(ani_env *env) +{ + this->env = env; +} + +CertManagerAniImpl::~CertManagerAniImpl() {} + +ani_object CertManagerAniImpl::GenerateResult() +{ + int32_t ret; + if (this->resultCode != CM_SUCCESS) { + return GetAniErrorResult(this->env, this->resultCode); + } + ani_object nativeResult{}; + ret = AniUtils::GenerateNativeResult(env, this->resultCode, nullptr, this->result, nativeResult); + if (ret != CM_SUCCESS) { + CM_LOG_E("generate native result failed, ret = %d", ret); + return nullptr; + } + return nativeResult; +} + +ani_object CertManagerAniImpl::Invoke() +{ + CM_LOG_I("ani invoke start."); + if (this->env == nullptr) { + CM_LOG_E("ani invoke failed."); + return nullptr; + } + + int32_t ret = CM_SUCCESS; + do { + ret = this->Init(); + if (ret != CM_SUCCESS) { + CM_LOG_E("init failed."); + break; + } + ret = this->GetParamsFromEnv(); + if (ret != CM_SUCCESS) { + CM_LOG_E("get params failed."); + break; + } + ret = this->InvokeInnerApi(); + if (ret != CM_SUCCESS) { + CM_LOG_E("ani send request failed."); + break; + } + ret = this->UnpackResult(); + if (ret != CM_SUCCESS) { + CM_LOG_E("ani unpack result failed."); + break; + } + } while (0); + this->OnFinish(); + this->resultCode = ret; + CM_LOG_I("ani invoke end. ret = %d", this->resultCode); + return this->GenerateResult(); +} +} // OHOS::Security::CertManager::Ani diff --git a/interfaces/kits/ani/cm_ani_common/utils/include/cm_ani_utils.h b/interfaces/kits/ani/cm_ani_common/utils/include/cm_ani_utils.h new file mode 100644 index 0000000..138c3a4 --- /dev/null +++ b/interfaces/kits/ani/cm_ani_common/utils/include/cm_ani_utils.h @@ -0,0 +1,67 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_ANI_UTILS_H +#define CM_ANI_UTILS_H + +#include +#include +#include "cm_type.h" +#include "ani.h" + +namespace OHOS::Security::CertManager::Ani { +namespace AniUtils { +bool IsUndefined(ani_env *env, ani_object object); + +int32_t ParseUint8Array(ani_env *env, ani_arraybuffer uint8Array, CmBlob &outBlob); + +int32_t ParseString(ani_env *env, ani_string ani_str, CmBlob &strBlob); + +ani_string GenerateCharStr(ani_env *env, const char *strData, uint32_t length); + +ani_string GenerateString(ani_env *env, CmBlob &outBlob); + +int32_t GenerateNativeResult(ani_env *env, const int32_t code, const char *message, + ani_object result, ani_object &resultObjOut); + +int32_t CreateBooleanObject(ani_env *env, bool value, ani_object &resultObjOut); + +int32_t GenerateCmResult(ani_env *env, ani_object &resultObjOut); + +int32_t GenerateCredObj(ani_env *env, ani_string type, ani_string alias, ani_string keyuri, ani_object &resultObjOut); + +int32_t GenerateCredArray(ani_env *env, CredentialAbstract *credentialAbstract, uint32_t credCount, + ani_array_ref &outArrayRef); + +int32_t GenerateCredentialObj(ani_env *env, ani_object &resultObjOut); + +int32_t GenerateUint8Array(ani_env *env, const CmBlob *data, ani_object &resultObjOut); + +int32_t ParseSignatureSpec(ani_env *env, ani_object aniSpec, CmSignatureSpec *signatureSpec); + +int32_t GenerateCMHandle(ani_env *env, const CmBlob *handleData, ani_object &resultObjOut); + +int32_t GenerateCertObj(ani_env *env, CertAbstract *certAbstract, ani_object &resultObjOut); + +int32_t GenerateCertArray(ani_env *env, CertAbstract *certAbstract, uint32_t certCount, ani_array_ref &outArrayRef); + +int32_t GenerateCertInfo(ani_env *env, ani_object &resultObjectOut); + +int32_t SetObjStringProperty(ani_env *env, ani_object obj, std::map valueMap); + +int32_t GenerateBusinessError(ani_env *env, const int32_t errorCode, const char *message, ani_object &objectOut); +} // namespace AniUtils +} // namespace OHOS::Security::CertManager::Ani +#endif // CM_ANI_UTILS_H \ No newline at end of file diff --git a/interfaces/kits/ani/cm_ani_common/utils/src/cm_ani_utils.cpp b/interfaces/kits/ani/cm_ani_common/utils/src/cm_ani_utils.cpp new file mode 100644 index 0000000..b0bf005 --- /dev/null +++ b/interfaces/kits/ani/cm_ani_common/utils/src/cm_ani_utils.cpp @@ -0,0 +1,604 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cm_ani_utils.h" + +#include "cm_log.h" +#include "cm_mem.h" +#include "securec.h" +#include "cm_api_common.h" +#include "cm_ani_common.h" + +namespace OHOS::Security::CertManager::Ani { +namespace AniUtils { +const char *ETS_CTOR = ""; +const char *NATIVE_RESULT_CLASS = "L@ohos/security/certManager/NativeResult;"; +const char *CALLBACK_WRAPPER_CLASS = "L@ohos/security/certManagerDialog/AsyncCallbackWrapper;"; +const char *BUSINESS_ERROR_CLASS = "L@ohos/base/BusinessError;"; +const char *CM_RESULT_CLASS = "L@ohos/security/certManager/CMResultClass;"; +const char *CRED_ABSTRACT_CLASS = "L@ohos/security/certManager/CredentialAbstractClass;"; +const char *CREDENTIAL_CLASS = "L@ohos/security/certManager/CredentialClass;"; +const char *CERT_ABSTRACT_CLASS = "L@ohos/security/certManager/CertAbstractClass;"; +const char *CERT_INFO_CLASS = "L@ohos/security/certManager/CertInfoClass;"; +const char *UINT8_ARRAY_CLASS = "Lescompat/Uint8Array;"; +const char *KEY_PURPOSE_ENUM = "L@ohos/security/certManager/certificateManager/CmKeyPurpose;"; +const char *KEY_PADDING_ENUM = "L@ohos/security/certManager/certificateManager/CmKeyPadding;"; +const char *KEY_DIGEST_ENUM = "L@ohos/security/certManager/certificateManager/CmKeyDigest;"; +const char *CM_HANDLE_CLASS = "L@ohos/security/certManager/CMHandleClass;"; +const char *BOOLEAN_CLASS = "std.core.Boolean"; + +bool IsUndefined(ani_env *env, ani_object object) +{ + ani_boolean isUndefined; + ani_status status = env->Reference_IsUndefined(object, &isUndefined); + if (status != ANI_OK) { + CM_LOG_E("check ref is undefined failed."); + return true; + } + return (bool)isUndefined; +} + +int32_t ParseUint8Array(ani_env *env, ani_arraybuffer uint8Array, CmBlob &outBlob) +{ + if (env == nullptr) { + CM_LOG_E("env is nullptr."); + return CMR_ERROR_NULL_POINTER; + } + bool isUndefined = IsUndefined(env, uint8Array); + if (isUndefined) { + CM_LOG_E("check uint8Array is undefined"); + return CMR_ERROR_INVALID_ARGUMENT; + } + + void* resultData; + ani_size resultSize; + ani_status ret = env->ArrayBuffer_GetInfo(uint8Array, &resultData, &resultSize); + if (ret != ANI_OK) { + CM_LOG_E("get ani uint8Array buffer failed, ret = %d", static_cast(ret)); + return CMR_ERROR_INVALID_ARGUMENT; + } + outBlob.data = static_cast(resultData); + outBlob.size = resultSize; + return CM_SUCCESS; +} + +int32_t ParseString(ani_env *env, ani_string ani_str, CmBlob &outBlob) +{ + if (env == nullptr) { + CM_LOG_E("env is nullptr."); + return CMR_ERROR_NULL_POINTER; + } + ani_size strSize; + ani_status ret = env->String_GetUTF8Size(ani_str, &strSize); + if (ret != ANI_OK) { + CM_LOG_E("get ani string size failed, ret = %d", static_cast(ret)); + return CMR_ERROR_INVALID_ARGUMENT; + } + + char *strData = static_cast(CmMalloc(strSize + 1)); + if (strData == nullptr) { + CM_LOG_E("memory operation failed."); + return CMR_ERROR_MALLOC_FAIL; + } + + ani_size bytes_written = 0; + ret = env->String_GetUTF8(ani_str, strData, strSize + 1, &bytes_written); + if (ret != ANI_OK) { + CM_LOG_E("get ani string, ret = %d", static_cast(ret)); + return CMR_ERROR_INVALID_ARGUMENT; + } + + strData[bytes_written] = '\0'; + outBlob.data = (uint8_t *)strData; + outBlob.size = strSize + 1; + return CM_SUCCESS; +} + +ani_string GenerateCharStr(ani_env *env, const char *strData, uint32_t length) +{ + if (env == nullptr) { + CM_LOG_E("env is nullptr."); + return nullptr; + } + ani_string aniString{}; + ani_status ret = env->String_NewUTF8(strData, length, &aniString); + if (ret != ANI_OK) { + CM_LOG_E("generate ani string failed, ret = %d", static_cast(ret)); + return nullptr; + } + return aniString; +} + +ani_string GenerateString(ani_env *env, CmBlob &outBlob) +{ + return GenerateCharStr(env, (char *)outBlob.data, outBlob.size - 1); +} + +int32_t CreateBooleanObject(ani_env *env, bool value, ani_object &resultObjOut) +{ + if (env == nullptr) { + CM_LOG_E("env is nullptr."); + return CMR_ERROR_NULL_POINTER; + } + ani_class cls; + if (env->FindClass(BOOLEAN_CLASS, &cls) != ANI_OK) { + CM_LOG_E("find class failed, class %s not found.", BOOLEAN_CLASS); + return CMR_ERROR_INVALID_ARGUMENT; + } + + ani_method ctor; + if (env->Class_FindMethod(cls, ETS_CTOR, "z:", &ctor) != ANI_OK) { + CM_LOG_E("find class method failed, method %s not found.", ETS_CTOR); + return CMR_ERROR_INVALID_ARGUMENT; + } + + if (env->Object_New(cls, ctor, &resultObjOut) != ANI_OK) { + CM_LOG_E("create %s object failed.", BOOLEAN_CLASS); + return CMR_ERROR_INVALID_ARGUMENT; + } + return CM_SUCCESS; +} + +static int32_t CreateResultObject(ani_env *env, ani_object &resultObjOut, const char *mangling) +{ + if (env == nullptr || mangling == nullptr) { + CM_LOG_E("env is nullptr."); + return CMR_ERROR_NULL_POINTER; + } + ani_class cls; + if (env->FindClass(mangling, &cls) != ANI_OK) { + CM_LOG_E("find class failed, class %s not found.", mangling); + return CMR_ERROR_INVALID_ARGUMENT; + } + + ani_method ctor; + if (env->Class_FindMethod(cls, ETS_CTOR, ":V", &ctor) != ANI_OK) { + CM_LOG_E("find class method failed, method %s not found.", ETS_CTOR); + return CMR_ERROR_INVALID_ARGUMENT; + } + + if (env->Object_New(cls, ctor, &resultObjOut) != ANI_OK) { + CM_LOG_E("create %s object failed.", mangling); + return CMR_ERROR_INVALID_ARGUMENT; + } + return CM_SUCCESS; +} + +int32_t GenerateNativeResult(ani_env *env, const int32_t code, const char *message, + ani_object result, ani_object &resultObjOut) +{ + if (env == nullptr) { + CM_LOG_E("env is nullptr."); + return CMR_ERROR_NULL_POINTER; + } + if (CreateResultObject(env, resultObjOut, NATIVE_RESULT_CLASS) != CM_SUCCESS) { + CM_LOG_E("create native result object failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + + if (env->Object_SetFieldByName_Int(resultObjOut, "code", (ani_int)code) != ANI_OK) { + CM_LOG_E("Object_SetFieldByName_Int Failed result"); + return CMR_ERROR_INVALID_ARGUMENT; + } + + if (message != nullptr) { + ani_string resultMessage; + env->String_NewUTF8(message, strlen(message), &resultMessage); + ani_status status = env->Object_SetFieldByName_Ref(resultObjOut, "message", resultMessage); + if (status != ANI_OK) { + CM_LOG_E("Object_SetFieldByName_Ref Failed message"); + return CMR_ERROR_INVALID_ARGUMENT; + } + } + + if (result != nullptr) { + ani_status status = env->Object_SetFieldByName_Ref(resultObjOut, "result", result); + if (status != ANI_OK) { + CM_LOG_E("Object_SetFieldByName_Ref Failed result"); + return CMR_ERROR_INVALID_ARGUMENT; + } + } + return CM_SUCCESS; +} + +int32_t GenerateCmResult(ani_env *env, ani_object &resultObjOut) +{ + if (env == nullptr) { + CM_LOG_E("env is nullptr."); + return CMR_ERROR_NULL_POINTER; + } + if (CreateResultObject(env, resultObjOut, CM_RESULT_CLASS) != CM_SUCCESS) { + CM_LOG_E("create cmResult object failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + return CM_SUCCESS; +} + +int32_t GenerateCredObj(ani_env *env, ani_string type, ani_string alias, ani_string keyuri, ani_object &resultObjOut) +{ + if (env == nullptr) { + CM_LOG_E("env is nullptr."); + return CMR_ERROR_NULL_POINTER; + } + if (CreateResultObject(env, resultObjOut, CRED_ABSTRACT_CLASS) != CM_SUCCESS) { + CM_LOG_E("create credAbstract object object failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + + ani_status status = env->Object_SetPropertyByName_Ref(resultObjOut, "type", type); + if (status != ANI_OK) { + CM_LOG_E("cmRcredAbstractesult set field type failed. ret = %d", static_cast(status)); + return CMR_ERROR_INVALID_ARGUMENT; + } + status = env->Object_SetPropertyByName_Ref(resultObjOut, "alias", alias); + if (status != ANI_OK) { + CM_LOG_E("cmRcredAbstractesult set field alias failed. ret = %d", static_cast(status)); + return CMR_ERROR_INVALID_ARGUMENT; + } + status = env->Object_SetPropertyByName_Ref(resultObjOut, "keyUri", keyuri); + if (status != ANI_OK) { + CM_LOG_E("cmRcredAbstractesult set field keyUri failed. ret = %d", static_cast(status)); + return CMR_ERROR_INVALID_ARGUMENT; + } + return CM_SUCCESS; +} + +int32_t GenerateCredArray(ani_env *env, CredentialAbstract *credentialAbstract, uint32_t credCount, + ani_array_ref &outArrayRef) +{ + if (env == nullptr) { + CM_LOG_E("env is nullptr."); + return CMR_ERROR_NULL_POINTER; + } + ani_class credClass; + if (env->FindClass(CRED_ABSTRACT_CLASS, &credClass) != ANI_OK) { + CM_LOG_E("find class failed, class %s not found.", CRED_ABSTRACT_CLASS); + return CMR_ERROR_INVALID_ARGUMENT; + } + ani_ref undefinedRef; + env->GetUndefined(&undefinedRef); + ani_array_ref resultArray; + env->Array_New_Ref(credClass, credCount, undefinedRef, &resultArray); + for (uint32_t i = 0; i < credCount; i++) { + ani_string aniCredType{}; + ani_string aniCredAlias{}; + ani_string aniCredKeyuri{}; + env->String_NewUTF8(credentialAbstract[i].type, strlen(credentialAbstract[i].type), &aniCredType); + env->String_NewUTF8(credentialAbstract[i].alias, strlen(credentialAbstract[i].alias), &aniCredAlias); + env->String_NewUTF8(credentialAbstract[i].keyUri, strlen(credentialAbstract[i].keyUri), &aniCredKeyuri); + + ani_object credAbstractObj{}; + int32_t ret = GenerateCredObj(env, aniCredType, aniCredAlias, aniCredKeyuri, credAbstractObj); + if (ret != CM_SUCCESS) { + CM_LOG_E("generate cred object failed. ret = %d", ret); + return CMR_ERROR_INVALID_ARGUMENT; + } + if (env->Array_Set_Ref(resultArray, i, credAbstractObj) != ANI_OK) { + CM_LOG_E("credArray setRef failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + } + outArrayRef = resultArray; + return CM_SUCCESS; +} + +int32_t GenerateCredentialObj(ani_env *env, ani_object &resultObjOut) +{ + if (env == nullptr) { + CM_LOG_E("env is nullptr."); + return CMR_ERROR_NULL_POINTER; + } + if (CreateResultObject(env, resultObjOut, CREDENTIAL_CLASS) != CM_SUCCESS) { + CM_LOG_E("create credential object failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + return CM_SUCCESS; +} + +int32_t GenerateUint8Array(ani_env *env, const CmBlob *data, ani_object &resultObjOut) +{ + if (env == nullptr || data == nullptr) { + CM_LOG_E("env is nullptr."); + return CMR_ERROR_NULL_POINTER; + } + ani_class uint8ArrayClass; + if (env->FindClass(UINT8_ARRAY_CLASS, &uint8ArrayClass) != ANI_OK) { + CM_LOG_E("find class failed, class %s not found.", UINT8_ARRAY_CLASS); + return CMR_ERROR_INVALID_ARGUMENT; + } + + ani_method ctor; + if (env->Class_FindMethod(uint8ArrayClass, ETS_CTOR, "I:V", &ctor) != ANI_OK) { + CM_LOG_E("find class method failed, method %s not found.", ETS_CTOR); + return CMR_ERROR_INVALID_ARGUMENT; + } + + if (env->Object_New(uint8ArrayClass, ctor, &resultObjOut, data->size) != ANI_OK) { + CM_LOG_E("create %s object failed.", UINT8_ARRAY_CLASS); + return CMR_ERROR_INVALID_ARGUMENT; + } + ani_ref buffer; + env->Object_GetFieldByName_Ref(resultObjOut, "buffer", &buffer); + void *bufferPtr = nullptr; + size_t bufferLength; + if (env->ArrayBuffer_GetInfo(static_cast(buffer), &bufferPtr, &bufferLength) != ANI_OK) { + CM_LOG_E("get buffer ref failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + if (memcpy_s(bufferPtr, bufferLength, data->data, data->size) != EOK) { + CM_LOG_E("unit8array buffer memcpy failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + return CM_SUCCESS; +} + +static int32_t GetPurposeEnumValue(ani_env *env, ani_object aniSpec, uint32_t *value) +{ + ani_enum purposeEnum; + env->FindEnum(KEY_PURPOSE_ENUM, &purposeEnum); + ani_enum_item purpose; + if (env->Object_GetPropertyByName_Ref(aniSpec, "purpose", (ani_ref *)&purpose) != ANI_OK) { + CM_LOG_E("get purpose enumItem failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + if (env->EnumItem_GetValue_Int(purpose, (ani_int *)value) != ANI_OK) { + CM_LOG_E("get purposeEnum value failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + return CM_SUCCESS; +} + +static int32_t GetPaddingEnumValue(ani_env *env, ani_object aniSpec, uint32_t *value) +{ + ani_enum paddingEnum; + env->FindEnum(KEY_PADDING_ENUM, &paddingEnum); + ani_enum_item padding; + if (env->Object_GetPropertyByName_Ref(aniSpec, "padding", (ani_ref *)&padding) != ANI_OK) { + CM_LOG_E("get padding prop failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + if (IsUndefined(env, padding)) { + CM_LOG_D("padding prop is undefined, set default value."); + *value = CM_PADDING_PSS; + return CM_SUCCESS; + } + if (env->EnumItem_GetValue_Int(padding, (ani_int *)value) != ANI_OK) { + CM_LOG_E("get paddingEnum value failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + for (uint32_t i = 0; i < (sizeof(PADDING_MAP) / sizeof(PADDING_MAP[0])); i++) { + if (*value == PADDING_MAP[i].key) { + *value = PADDING_MAP[i].retPadding; + return CM_SUCCESS; + } + } + CM_LOG_E("padding do not exist in PADDING_MAP."); + return CMR_ERROR_INVALID_ARGUMENT; +} + +static int32_t GetDigestEnumValue(ani_env *env, ani_object aniSpec, uint32_t *value) +{ + ani_enum digestEnum; + env->FindEnum(KEY_DIGEST_ENUM, &digestEnum); + ani_enum_item digest; + if (env->Object_GetPropertyByName_Ref(aniSpec, "digest", (ani_ref *)&digest) != ANI_OK) { + CM_LOG_E("get digest prop failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + if (IsUndefined(env, digest)) { + CM_LOG_D("digest prop is undefined, set default value."); + *value = CM_DIGEST_SHA256; + return CM_SUCCESS; + } + if (env->EnumItem_GetValue_Int(digest, (ani_int *)value) != ANI_OK) { + CM_LOG_E("get digestEnum value failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + for (uint32_t i = 0; i < (sizeof(DIGEST_MAP) / sizeof(DIGEST_MAP[0])); i++) { + if (*value == DIGEST_MAP[i].key) { + *value = DIGEST_MAP[i].retDigest; + return CM_SUCCESS; + } + } + CM_LOG_E("digest do not exist in DIGEST_MAP."); + return CMR_ERROR_INVALID_ARGUMENT; +} + +int32_t ParseSignatureSpec(ani_env *env, ani_object aniSpec, CmSignatureSpec *signatureSpec) +{ + if (env == nullptr || signatureSpec == nullptr) { + CM_LOG_E("env is nullptr."); + return CMR_ERROR_NULL_POINTER; + } + int32_t ret = GetPurposeEnumValue(env, aniSpec, &signatureSpec->purpose); + if (ret != CM_SUCCESS) { + CM_LOG_E("get signatureSpec purpose failed."); + return ret; + } + ret = GetPaddingEnumValue(env, aniSpec, &signatureSpec->padding); + if (ret != CM_SUCCESS) { + CM_LOG_E("get signatureSpec padding failed."); + return ret; + } + ret = GetDigestEnumValue(env, aniSpec, &signatureSpec->digest); + if (ret != CM_SUCCESS) { + CM_LOG_E("get signatureSpec digest failed."); + return ret; + } + return CM_SUCCESS; +} + +int32_t GenerateCMHandle(ani_env *env, const CmBlob *handleData, ani_object &resultObjOut) +{ + if (env == nullptr) { + CM_LOG_E("env is nullptr."); + return CMR_ERROR_NULL_POINTER; + } + if (CreateResultObject(env, resultObjOut, CM_HANDLE_CLASS) != CM_SUCCESS) { + CM_LOG_E("create cmHandle object failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + ani_object handleUint8Array; + int32_t ret = GenerateUint8Array(env, handleData, handleUint8Array); + if (ret != CM_SUCCESS) { + CM_LOG_E("create cmHandle uint8Array failed."); + return ret; + } + if (env->Object_SetPropertyByName_Ref(resultObjOut, "handle", handleUint8Array) != ANI_OK) { + CM_LOG_E("cmHandle set property handle failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + return CM_SUCCESS; +} + +int32_t GenerateCertObj(ani_env *env, CertAbstract *certAbstract, ani_object &resultObjOut) +{ + if (env == nullptr) { + CM_LOG_E("env is nullptr."); + return CMR_ERROR_NULL_POINTER; + } + if (CreateResultObject(env, resultObjOut, CERT_ABSTRACT_CLASS) != CM_SUCCESS) { + CM_LOG_E("create certAbstract object object failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + + ani_string uri{}; + ani_string certAlias{}; + ani_string subjectName{}; + env->String_NewUTF8(certAbstract->uri, strlen(certAbstract->uri), &uri); + env->String_NewUTF8(certAbstract->certAlias, strlen(certAbstract->certAlias), &certAlias); + env->String_NewUTF8(certAbstract->subjectName, strlen(certAbstract->subjectName), &subjectName); + + ani_status status = env->Object_SetPropertyByName_Ref(resultObjOut, "uri", uri); + if (status != ANI_OK) { + CM_LOG_E("cmCertAbstractesult set field uri failed. ret = %d", static_cast(status)); + return CMR_ERROR_INVALID_ARGUMENT; + } + status = env->Object_SetPropertyByName_Ref(resultObjOut, "certAlias", certAlias); + if (status != ANI_OK) { + CM_LOG_E("cmCertAbstractesult set field certAlias failed. ret = %d", static_cast(status)); + return CMR_ERROR_INVALID_ARGUMENT; + } + status = env->Object_SetPropertyByName_Ref(resultObjOut, "subjectName", subjectName); + if (status != ANI_OK) { + CM_LOG_E("cmCertAbstractesult set field subjectName failed. ret = %d", static_cast(status)); + return CMR_ERROR_INVALID_ARGUMENT; + } + status = env->Object_SetPropertyByName_Boolean(resultObjOut, "state", + static_cast(certAbstract->status)); + if (status != ANI_OK) { + CM_LOG_E("cmCertAbstractesult set field state failed. ret = %d", static_cast(status)); + return CMR_ERROR_INVALID_ARGUMENT; + } + return CM_SUCCESS; +} + +int32_t GenerateCertArray(ani_env *env, CertAbstract *certAbstract, uint32_t certCount, ani_array_ref &outArrayRef) +{ + if (env == nullptr) { + CM_LOG_E("env is nullptr."); + return CMR_ERROR_NULL_POINTER; + } + ani_class certClass; + if (env->FindClass(CERT_ABSTRACT_CLASS, &certClass) != ANI_OK) { + CM_LOG_E("find class failed, class %s not found.", CRED_ABSTRACT_CLASS); + return CMR_ERROR_INVALID_ARGUMENT; + } + ani_ref undefinedRef; + env->GetUndefined(&undefinedRef); + ani_array_ref resultArray; + env->Array_New_Ref(certClass, certCount, undefinedRef, &resultArray); + for (uint32_t i = 0; i < certCount; i++) { + ani_object certAbstractObj{}; + int32_t ret = GenerateCertObj(env, &certAbstract[i], certAbstractObj); + if (ret != CM_SUCCESS) { + CM_LOG_E("generate cert object failed. ret = %d", ret); + return CMR_ERROR_INVALID_ARGUMENT; + } + if (env->Array_Set_Ref(resultArray, i, certAbstractObj) != ANI_OK) { + CM_LOG_E("certArray setRef failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + } + outArrayRef = resultArray; + return CM_SUCCESS; +} + +int32_t GenerateCertInfo(ani_env *env, ani_object &resultObjOut) +{ + if (env == nullptr) { + CM_LOG_E("env is nullptr."); + return CMR_ERROR_NULL_POINTER; + } + if (CreateResultObject(env, resultObjOut, CERT_INFO_CLASS) != CM_SUCCESS) { + CM_LOG_E("create certInfo object failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + return CM_SUCCESS; +} + +int32_t SetObjStringProperty(ani_env *env, ani_object obj, std::map valueMap) +{ + if (env == nullptr) { + CM_LOG_E("env is nullptr."); + return CMR_ERROR_NULL_POINTER; + } + ani_status status; + for (auto it = valueMap.begin(); it != valueMap.end(); ++it) { + ani_string strObj = GenerateCharStr(env, it->second.c_str(), it->second.size()); + if (strObj == nullptr) { + CM_LOG_E("generate string property %s obj failed", it->first.c_str()); + return CMR_ERROR_INVALID_ARGUMENT; + } + status = env->Object_SetPropertyByName_Ref(obj, it->first.c_str(), strObj); + if (status != ANI_OK) { + CM_LOG_E("set propterty %s failed。", it->first.c_str()); + return CMR_ERROR_INVALID_ARGUMENT; + } + } + return CM_SUCCESS; +} + +int32_t GenerateBusinessError(ani_env *env, const int32_t errorCode, const char *message, ani_object &objectOut) +{ + if (env == nullptr) { + CM_LOG_E("env is nullptr."); + return CMR_ERROR_NULL_POINTER; + } + + if (CreateResultObject(env, objectOut, BUSINESS_ERROR_CLASS) != CM_SUCCESS) { + CM_LOG_E("create businessError object failed."); + return CMR_ERROR_INVALID_ARGUMENT; + } + + if (env->Object_SetFieldByName_Double(objectOut, "code", static_cast(errorCode)) != ANI_OK) { + CM_LOG_E("set businessError field code error"); + return CMR_ERROR_INVALID_ARGUMENT; + } + + ani_string errMsg = GenerateCharStr(env, message, strlen(message)); + if (errMsg == nullptr) { + CM_LOG_D("errMsg is nullptr"); + return CM_SUCCESS; + } + + if (env->Object_SetPropertyByName_Ref(objectOut, "message", static_cast(errMsg)) != ANI_OK) { + CM_LOG_E("set businessError field message error"); + return CMR_ERROR_INVALID_ARGUMENT; + } + return CM_SUCCESS; +} +} // namespace AniUtils +} // namespace OHOS::Security::CertManager::Ani \ No newline at end of file diff --git a/interfaces/kits/common/include/cm_api_common.h b/interfaces/kits/common/include/cm_api_common.h new file mode 100644 index 0000000..a0ad642 --- /dev/null +++ b/interfaces/kits/common/include/cm_api_common.h @@ -0,0 +1,130 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_API_COMMON_H +#define CM_API_COMMON_H + +#include +#include "cm_type.h" + +namespace OHOS::Security::CertManager { +enum ErrorCode { + SUCCESS = 0, + HAS_NO_PERMISSION = 201, + NOT_SYSTEM_APP = 202, + PARAM_ERROR = 401, + INNER_FAILURE = 17500001, + NOT_FOUND = 17500002, + INVALID_CERT_FORMAT = 17500003, + MAX_CERT_COUNT_REACHED = 17500004, + NO_AUTHORIZATION = 17500005, + ALIAS_LENGTH_REACHED_LIMIT = 17500006, + DEVICE_ENTER_ADVSECMODE = 17500007, + PASSWORD_IS_ERROR = 17500008, +}; + +constexpr int CM_MAX_DATA_LEN = 0x6400000; // The maximum length is 100M + +static const std::string NO_PERMISSION_MSG = "the caller has no permission"; +static const std::string NOT_SYSTEM_APP_MSG = "the caller is not a system application"; +static const std::string INVALID_PARAMS_MSG = "the input parameters is invalid"; +static const std::string GENERIC_MSG = "there is an internal error"; +static const std::string NO_FOUND_MSG = "the certificate do not exist"; +static const std::string INCORRECT_FORMAT_MSG = "the input cert data is invalid"; +static const std::string MAX_CERT_COUNT_REACHED_MSG = "the count of certificates or credentials reach the max"; +static const std::string NO_AUTHORIZATION_MSG = "the application is not authorized by user"; +static const std::string ALIAS_LENGTH_REACHED_LIMIT_MSG = "the input alias length reaches the max"; +static const std::string DEVICE_ENTER_ADVSECMODE_MSG = "the device enters advanced security mode"; +static const std::string PASSWORD_IS_ERROR_MSG = "the input password is error"; + +static const std::unordered_map NATIVE_CODE_TO_JS_CODE_MAP = { + // invalid params + { CMR_ERROR_INVALID_ARGUMENT, PARAM_ERROR }, + + // no permission + { CMR_ERROR_PERMISSION_DENIED, HAS_NO_PERMISSION }, + { CMR_ERROR_NOT_SYSTEMP_APP, NOT_SYSTEM_APP }, + + { CMR_ERROR_INVALID_CERT_FORMAT, INVALID_CERT_FORMAT }, + { CMR_ERROR_INSUFFICIENT_DATA, INVALID_CERT_FORMAT }, + { CMR_ERROR_NOT_FOUND, NOT_FOUND }, + { CMR_ERROR_NOT_EXIST, NOT_FOUND }, + { CMR_ERROR_MAX_CERT_COUNT_REACHED, MAX_CERT_COUNT_REACHED }, + { CMR_ERROR_AUTH_CHECK_FAILED, NO_AUTHORIZATION }, + { CMR_ERROR_ALIAS_LENGTH_REACHED_LIMIT, ALIAS_LENGTH_REACHED_LIMIT }, + { CMR_ERROR_DEVICE_ENTER_ADVSECMODE, DEVICE_ENTER_ADVSECMODE }, + { CMR_ERROR_PASSWORD_IS_ERR, PASSWORD_IS_ERROR }, +}; + +static const std::unordered_map NATIVE_CODE_TO_MSG_MAP = { + { CMR_ERROR_PERMISSION_DENIED, NO_PERMISSION_MSG }, + { CMR_ERROR_NOT_SYSTEMP_APP, NOT_SYSTEM_APP_MSG }, + { CMR_ERROR_INVALID_ARGUMENT, INVALID_PARAMS_MSG }, + { CMR_ERROR_NOT_FOUND, NO_FOUND_MSG }, + { CMR_ERROR_NOT_EXIST, NO_FOUND_MSG }, + { CMR_ERROR_INVALID_CERT_FORMAT, INCORRECT_FORMAT_MSG }, + { CMR_ERROR_INSUFFICIENT_DATA, INCORRECT_FORMAT_MSG }, + { CMR_ERROR_MAX_CERT_COUNT_REACHED, MAX_CERT_COUNT_REACHED_MSG }, + { CMR_ERROR_AUTH_CHECK_FAILED, NO_AUTHORIZATION_MSG }, + { CMR_ERROR_ALIAS_LENGTH_REACHED_LIMIT, ALIAS_LENGTH_REACHED_LIMIT_MSG }, + { CMR_ERROR_DEVICE_ENTER_ADVSECMODE, DEVICE_ENTER_ADVSECMODE_MSG }, + { CMR_ERROR_PASSWORD_IS_ERR, PASSWORD_IS_ERROR_MSG }, +}; + +enum CmJSKeyDigest { + CM_JS_DIGEST_NONE = 0, + CM_JS_DIGEST_MD5 = 1, + CM_JS_DIGEST_SHA1 = 2, + CM_JS_DIGEST_SHA224 = 3, + CM_JS_DIGEST_SHA256 = 4, + CM_JS_DIGEST_SHA384 = 5, + CM_JS_DIGEST_SHA512 = 6, + CM_JS_DIGEST_SM3 = 7, +}; + +enum CmJSKeyPadding { + CM_JS_PADDING_NONE = 0, + CM_JS_PADDING_PSS = 1, + CM_JS_PADDING_PKCS1_V1_5 = 2, +}; + +struct CmJSKeyPaddingCmKeyPaddingMap { + CmJSKeyPadding key; + CmKeyPadding retPadding; +}; + +const struct CmJSKeyPaddingCmKeyPaddingMap PADDING_MAP[] = { + { CM_JS_PADDING_NONE, CM_PADDING_NONE }, + { CM_JS_PADDING_PSS, CM_PADDING_PSS }, + { CM_JS_PADDING_PKCS1_V1_5, CM_PADDING_PKCS1_V1_5 }, +}; + +struct CmJSKeyDigestCmKeyDigestMap { + CmJSKeyDigest key; + CmKeyDigest retDigest; +}; + +const struct CmJSKeyDigestCmKeyDigestMap DIGEST_MAP[] = { + { CM_JS_DIGEST_NONE, CM_DIGEST_NONE }, + { CM_JS_DIGEST_MD5, CM_DIGEST_MD5 }, + { CM_JS_DIGEST_SHA1, CM_DIGEST_SHA1 }, + { CM_JS_DIGEST_SHA224, CM_DIGEST_SHA224 }, + { CM_JS_DIGEST_SHA256, CM_DIGEST_SHA256 }, + { CM_JS_DIGEST_SHA384, CM_DIGEST_SHA384 }, + { CM_JS_DIGEST_SHA512, CM_DIGEST_SHA512 }, + { CM_JS_DIGEST_SM3, CM_DIGEST_SM3 }, +}; +} +#endif diff --git a/interfaces/kits/common/include/cm_dialog_api_common.h b/interfaces/kits/common/include/cm_dialog_api_common.h new file mode 100644 index 0000000..d1fdbb7 --- /dev/null +++ b/interfaces/kits/common/include/cm_dialog_api_common.h @@ -0,0 +1,103 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_DIALOG_API_COMMON_H +#define CM_DIALOG_API_COMMON_H + +#include +#include "cm_type.h" +#include "ability_context.h" +#include "cm_type.h" +#include "iservice_registry.h" +#include "system_ability_definition.h" + +namespace OHOS::Security::CertManager::Dialog { +using namespace OHOS::AbilityRuntime; + +enum ErrorCode { + SUCCESS = 0, + HAS_NO_PERMISSION = 201, + NOT_SYSTEM_APP = 202, + PARAM_ERROR = 401, + DIALOG_ERROR_GENERIC = 29700001, + DIALOG_ERROR_OPERATION_CANCELED = 29700002, + DIALOG_ERROR_INSTALL_FAILED = 29700003, + DIALOG_ERROR_NOT_SUPPORTED = 29700004, + DIALOG_ERROR_NOT_COMPLY_SECURITY_POLICY = 29700005, +}; +static const std::string DIALOG_NO_PERMISSION_MSG = "the caller has no permission"; +static const std::string DIALOG_INVALID_PARAMS_MSG = "the input parameters is invalid"; +static const std::string DIALOG_GENERIC_MSG = "there is an internal error"; +static const std::string DIALOG_OPERATION_CANCELS_MSG = "the user cancels the installation operation"; +static const std::string DIALOG_INSTALL_FAILED_MSG = "the user install certificate failed" + " in the certificate manager dialog"; +static const std::string DIALOG_NOT_SUPPORTED_MSG = "the API is not supported on this device"; + +static const std::string DIALOG_OPERATION_FAILED_MSG = "the user operation failed " + "in the certification manager dialog: "; +static const std::string PARSE_CERT_FAILED_MSG = "parse the certificate failed."; +static const std::string ADVANCED_SECURITY_MSG = "the device enters advanced security mode."; +static const std::string INCORRECT_FORMAT_MSG = "the certificate is in an invalid format."; +static const std::string MAX_QUANTITY_REACHED_MSG = "the number of certificates or credentials " + "reaches the maxinum allowed."; +static const std::string SA_INTERNAL_ERROR_MSG = "sa internal error."; +static const std::string NOT_EXIST_MSG = "the certificate dose not exist."; +static const std::string NOT_ENTERPRISE_DEVICE_MSG = "The operation does not comply with the device security policy," + "such as the device does not allow users to manage the ca certificate of the global user."; + +static const std::unordered_map DIALOG_CODE_TO_JS_CODE_MAP = { + // no permission + { CMR_DIALOG_ERROR_PERMISSION_DENIED, HAS_NO_PERMISSION }, + // internal error + { CMR_DIALOG_ERROR_INTERNAL, DIALOG_ERROR_GENERIC }, + // the user cancels the installation operation + { CMR_DIALOG_ERROR_OPERATION_CANCELS, DIALOG_ERROR_OPERATION_CANCELED }, + // the user install certificate failed in the certificate manager dialog + { CMR_DIALOG_ERROR_INSTALL_FAILED, DIALOG_ERROR_INSTALL_FAILED }, + // the API is not supported on this device + { CMR_DIALOG_ERROR_NOT_SUPPORTED, DIALOG_ERROR_NOT_SUPPORTED }, + // The input parameter is invalid + { CMR_DIALOG_ERROR_PARAM_INVALID, PARAM_ERROR }, + + { CMR_DIALOG_ERROR_PARSE_CERT_FAILED, DIALOG_ERROR_INSTALL_FAILED }, + { CMR_DIALOG_ERROR_ADVANCED_SECURITY, DIALOG_ERROR_INSTALL_FAILED }, + { CMR_DIALOG_ERROR_INCORRECT_FORMAT, DIALOG_ERROR_INSTALL_FAILED }, + { CMR_DIALOG_ERROR_MAX_QUANTITY_REACHED, DIALOG_ERROR_INSTALL_FAILED }, + { CMR_DIALOG_ERROR_SA_INTERNAL_ERROR, DIALOG_ERROR_INSTALL_FAILED }, + { CMR_DIALOG_ERROR_NOT_EXIST, DIALOG_ERROR_INSTALL_FAILED }, + { CMR_DIALOG_ERROR_NOT_ENTERPRISE_DEVICE, DIALOG_ERROR_NOT_COMPLY_SECURITY_POLICY }, +}; + +static const std::unordered_map DIALOG_CODE_TO_MSG_MAP = { + { CMR_DIALOG_ERROR_PERMISSION_DENIED, DIALOG_NO_PERMISSION_MSG }, + { CMR_DIALOG_ERROR_INTERNAL, DIALOG_GENERIC_MSG }, + { CMR_DIALOG_ERROR_OPERATION_CANCELS, DIALOG_OPERATION_CANCELS_MSG }, + { CMR_DIALOG_ERROR_INSTALL_FAILED, DIALOG_INSTALL_FAILED_MSG }, + { CMR_DIALOG_ERROR_NOT_SUPPORTED, DIALOG_NOT_SUPPORTED_MSG }, + { CMR_DIALOG_ERROR_NOT_ENTERPRISE_DEVICE, NOT_ENTERPRISE_DEVICE_MSG }, + { CMR_DIALOG_ERROR_PARAM_INVALID, DIALOG_INVALID_PARAMS_MSG }, + + { CMR_DIALOG_ERROR_PARSE_CERT_FAILED, DIALOG_OPERATION_FAILED_MSG + PARSE_CERT_FAILED_MSG }, + { CMR_DIALOG_ERROR_ADVANCED_SECURITY, DIALOG_OPERATION_FAILED_MSG + ADVANCED_SECURITY_MSG }, + { CMR_DIALOG_ERROR_INCORRECT_FORMAT, DIALOG_OPERATION_FAILED_MSG + INCORRECT_FORMAT_MSG }, + { CMR_DIALOG_ERROR_MAX_QUANTITY_REACHED, DIALOG_OPERATION_FAILED_MSG + MAX_QUANTITY_REACHED_MSG }, + { CMR_DIALOG_ERROR_SA_INTERNAL_ERROR, DIALOG_OPERATION_FAILED_MSG + SA_INTERNAL_ERROR_MSG }, + { CMR_DIALOG_ERROR_NOT_EXIST, DIALOG_OPERATION_FAILED_MSG + NOT_EXIST_MSG }, +}; + +int32_t GetCallerLabelName(std::shared_ptr abilityContext, + std::string &lableName); +} // namespace +#endif \ No newline at end of file diff --git a/interfaces/kits/common/src/cm_dialog_api_common.cpp b/interfaces/kits/common/src/cm_dialog_api_common.cpp new file mode 100644 index 0000000..8a5ab88 --- /dev/null +++ b/interfaces/kits/common/src/cm_dialog_api_common.cpp @@ -0,0 +1,70 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cm_dialog_api_common.h" +#include "bundle_mgr_proxy.h" +#include "cm_log.h" + +namespace OHOS::Security::CertManager::Dialog { +static OHOS::sptr GetBundleMgrProxy() +{ + auto systemAbilityManager = OHOS::SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); + if (!systemAbilityManager) { + CM_LOG_E("fail to get system ability mgr."); + return nullptr; + } + + auto remoteObject = systemAbilityManager->GetSystemAbility(OHOS::BUNDLE_MGR_SERVICE_SYS_ABILITY_ID); + if (!remoteObject) { + CM_LOG_E("fail to get bundle manager proxy."); + return nullptr; + } + return OHOS::iface_cast(remoteObject); +} + +int32_t GetCallerLabelName(std::shared_ptr abilityContext, + std::string &lableName) +{ + OHOS::sptr bundleMgrProxy = GetBundleMgrProxy(); + if (bundleMgrProxy == nullptr) { + CM_LOG_E("Failed to get bundle manager proxy."); + return CM_FAILURE; + } + + OHOS::AppExecFwk::BundleInfo bundleInfo; + int32_t flags = static_cast(OHOS::AppExecFwk::GetBundleInfoFlag::GET_BUNDLE_INFO_DEFAULT) | + static_cast(OHOS::AppExecFwk::GetBundleInfoFlag::GET_BUNDLE_INFO_WITH_APPLICATION) | + static_cast(OHOS::AppExecFwk::GetBundleInfoFlag::GET_BUNDLE_INFO_WITH_HAP_MODULE) | + static_cast(OHOS::AppExecFwk::GetBundleInfoFlag::GET_BUNDLE_INFO_WITH_ABILITY); + int32_t resCode = bundleMgrProxy->GetBundleInfoForSelf(flags, bundleInfo); + if (resCode != CM_SUCCESS) { + CM_LOG_E("Failed to get bundleInfo, resCode is %d", resCode); + return CM_FAILURE; + } + + if (abilityContext->GetResourceManager() == nullptr) { + CM_LOG_E("context get resourcemanager faild"); + return CMR_ERROR_NULL_POINTER; + } + + resCode = abilityContext->GetResourceManager()->GetStringById(bundleInfo.applicationInfo.labelId, lableName); + if (resCode != CM_SUCCESS) { + CM_LOG_E("getStringById is faild, resCode is %d", resCode); + return CM_FAILURE; + } + return CM_SUCCESS; +} + +} \ No newline at end of file -- Gitee