Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 2759df0d authored by Shikha Panwar's avatar Shikha Panwar
Browse files

[Secretkeeper] In-memory KeyValueStore

We introduce InMemoryStore, an implementation of KeyValueStore trait.
This can be used for implementing backends that VTS can run against.

Bug: 291224769
Test: atest VtsSecretkeeperTargetTest
Change-Id: Id109ee3bd38ec0979953b6285019c97d418172ef
parent 3d3dab48
Loading
Loading
Loading
Loading
+1 −0
Original line number Diff line number Diff line
@@ -35,6 +35,7 @@ rust_binary {
        "libauthgraph_hal",
        "libbinder_rs",
        "liblog_rust",
        "libsecretkeeper_comm_nostd",
        "libsecretkeeper_core_nostd",
        "libsecretkeeper_hal",
    ],
+12 −7
Original line number Diff line number Diff line
@@ -15,17 +15,21 @@
 */

//! Non-secure implementation of the Secretkeeper HAL.
mod store;

use log::{error, info, Level};
use std::sync::{Arc, Mutex};
use authgraph_boringssl as boring;
use authgraph_core::ta::{Role, AuthGraphTa};
use authgraph_core::keyexchange::{MAX_OPENED_SESSIONS, AuthGraphParticipant};
use authgraph_core::keyexchange::{AuthGraphParticipant, MAX_OPENED_SESSIONS};
use authgraph_core::ta::{AuthGraphTa, Role};
use authgraph_hal::channel::SerializedChannel;
use log::{error, info, Level};
use secretkeeper_core::ta::SecretkeeperTa;
use secretkeeper_hal::SecretkeeperService;
use authgraph_hal::channel::SerializedChannel;
use std::sync::Arc;
use std::sync::Mutex;
use store::InMemoryStore;

use android_hardware_security_secretkeeper::aidl::android::hardware::security::secretkeeper::ISecretkeeper::{
    ISecretkeeper, BpSecretkeeper,
    BpSecretkeeper, ISecretkeeper,
};
use std::cell::RefCell;
use std::rc::Rc;
@@ -53,8 +57,9 @@ impl LocalTa {
        // The TA code expects to run single threaded, so spawn a thread to run it in.
        std::thread::spawn(move || {
            let mut crypto_impls = boring::crypto_trait_impls();
            let storage_impl = Box::new(InMemoryStore::default());
            let sk_ta = Rc::new(RefCell::new(
                SecretkeeperTa::new(&mut crypto_impls)
                SecretkeeperTa::new(&mut crypto_impls, storage_impl)
                    .expect("Failed to create local Secretkeeper TA"),
            ));
            let mut ag_ta = AuthGraphTa::new(
+36 −0
Original line number Diff line number Diff line
/*
 * Copyright (C) 2023 The Android Open Source Project
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
use secretkeeper_comm::data_types::error::Error;
use secretkeeper_core::store::KeyValueStore;
use std::collections::HashMap;

/// An in-memory implementation of KeyValueStore. Please note that this is entirely for
/// testing purposes. Refer to the documentation of `PolicyGatedStorage` & Secretkeeper HAL for
/// persistence requirements.
#[derive(Default)]
pub struct InMemoryStore(HashMap<Vec<u8>, Vec<u8>>);
impl KeyValueStore for InMemoryStore {
    fn store(&mut self, key: &[u8], val: &[u8]) -> Result<(), Error> {
        // This will overwrite the value if key is already present.
        let _ = self.0.insert(key.to_vec(), val.to_vec());
        Ok(())
    }

    fn get(&self, key: &[u8]) -> Result<Option<Vec<u8>>, Error> {
        let optional_val = self.0.get(key);
        Ok(optional_val.cloned())
    }
}