binder: Add RpcCertificateVerifier.

    return "tls";

}

std::unique_ptr<RpcTransportCtxFactory> RpcTransportCtxFactoryTls::make() {

    return std::unique_ptr<RpcTransportCtxFactoryTls>(new RpcTransportCtxFactoryTls());

std::unique_ptr<RpcTransportCtxFactory> RpcTransportCtxFactoryTls::make(

        std::shared_ptr<RpcCertificateVerifier> verifier) {

    if (verifier == nullptr) {

        ALOGE("%s: Must provide a certificate verifier", __PRETTY_FUNCTION__);

        return nullptr;

    }

    return std::unique_ptr<RpcTransportCtxFactoryTls>(

            new RpcTransportCtxFactoryTls(std::move(verifier)));

}

} // namespace android

/*

 * Copyright (C) 2021 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

#pragma once

#include <openssl/ssl.h>

#include <utils/Errors.h>

namespace android {

// An interface with a function that verifies a peer certificate. It is a wrapper over the custom

// verify function (see SSL_CTX_set_custom_verify).

class RpcCertificateVerifier {

public:

    virtual ~RpcCertificateVerifier() = default;

    virtual status_t verify(const X509* peerCert, uint8_t* outAlert) = 0;

};

} // namespace android

#pragma once

#include <binder/RpcCertificateVerifier.h>

#include <binder/RpcTransport.h>

namespace android {

// RpcTransportCtxFactory with TLS enabled with self-signed certificate.

class RpcTransportCtxFactoryTls : public RpcTransportCtxFactory {

public:

    static std::unique_ptr<RpcTransportCtxFactory> make();

    static std::unique_ptr<RpcTransportCtxFactory> make(std::shared_ptr<RpcCertificateVerifier>);

    std::unique_ptr<RpcTransportCtx> newServerCtx() const override;

    std::unique_ptr<RpcTransportCtx> newClientCtx() const override;

    const char* toCString() const override;

private:

    RpcTransportCtxFactoryTls() = default;

    RpcTransportCtxFactoryTls(std::shared_ptr<RpcCertificateVerifier> verifier)

          : mCertVerifier(std::move(verifier)){};

    std::shared_ptr<RpcCertificateVerifier> mCertVerifier;

};

} // namespace android

    srcs: [

        "binderRpcTest.cpp",

        "RpcCertificateVerifierSimple.cpp",

    ],

    shared_libs: [

        "libbinder",

/*

 * Copyright (C) 2021 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

#define LOG_TAG "RpcCertificateVerifierSimple"

#include <log/log.h>

#include "RpcCertificateVerifierSimple.h"

namespace android {

status_t RpcCertificateVerifierSimple::verify(const X509*, uint8_t*) {

    // TODO(b/195166979): implement this

    return OK;

}

} // namespace android