Loading security/keymint/aidl/default/Android.bp +7 −1 Original line number Diff line number Diff line Loading @@ -2,7 +2,11 @@ cc_binary { name: "android.hardware.security.keymint-service", relative_install_path: "hw", init_rc: ["android.hardware.security.keymint-service.rc"], vintf_fragments: ["android.hardware.security.keymint-service.xml"], vintf_fragments: [ "android.hardware.security.keymint-service.xml", "android.hardware.security.sharedsecret-service.xml", "android.hardware.security.secureclock-service.xml", ], vendor: true, cflags: [ "-Wall", Loading @@ -10,6 +14,8 @@ cc_binary { ], shared_libs: [ "android.hardware.security.keymint-V1-ndk_platform", "android.hardware.security.sharedsecret-unstable-ndk_platform", "android.hardware.security.secureclock-unstable-ndk_platform", "libbase", "libbinder_ndk", "libcppbor", Loading security/keymint/aidl/default/android.hardware.security.secureclock-service.xml 0 → 100644 +6 −0 Original line number Diff line number Diff line <manifest version="1.0" type="device"> <hal format="aidl"> <name>android.hardware.security.secureclock</name> <fqname>ISecureClock/default</fqname> </hal> </manifest> security/keymint/aidl/default/android.hardware.security.sharedsecret-service.xml 0 → 100644 +6 −0 Original line number Diff line number Diff line <manifest version="1.0" type="device"> <hal format="aidl"> <name>android.hardware.security.sharedsecret</name> <fqname>ISharedSecret/default</fqname> </hal> </manifest> security/keymint/aidl/default/service.cpp +22 −9 Original line number Diff line number Diff line Loading @@ -21,25 +21,38 @@ #include <android/binder_process.h> #include <AndroidKeyMintDevice.h> #include <AndroidSecureClock.h> #include <AndroidSharedSecret.h> #include <keymaster/soft_keymaster_logger.h> using aidl::android::hardware::security::keymint::AndroidKeyMintDevice; using aidl::android::hardware::security::keymint::SecurityLevel; using aidl::android::hardware::security::secureclock::AndroidSecureClock; using aidl::android::hardware::security::sharedsecret::AndroidSharedSecret; template <typename T, class... Args> std::shared_ptr<T> addService(Args&&... args) { std::shared_ptr<T> ser = ndk::SharedRefBase::make<T>(std::forward<Args>(args)...); auto instanceName = std::string(T::descriptor) + "/default"; LOG(INFO) << "adding keymint service instance: " << instanceName; binder_status_t status = AServiceManager_addService(ser->asBinder().get(), instanceName.c_str()); CHECK(status == STATUS_OK); return ser; } int main() { // Zero threads seems like a useless pool, but below we'll join this thread to it, increasing // the pool size to 1. ABinderProcess_setThreadPoolMaxThreadCount(0); std::shared_ptr<AndroidKeyMintDevice> keyMint = ndk::SharedRefBase::make<AndroidKeyMintDevice>(SecurityLevel::SOFTWARE); keymaster::SoftKeymasterLogger logger; const auto instanceName = std::string(AndroidKeyMintDevice::descriptor) + "/default"; LOG(INFO) << "instance: " << instanceName; binder_status_t status = AServiceManager_addService(keyMint->asBinder().get(), instanceName.c_str()); CHECK(status == STATUS_OK); // Add Keymint Service std::shared_ptr<AndroidKeyMintDevice> keyMint = addService<AndroidKeyMintDevice>(SecurityLevel::SOFTWARE); // Add Secure Clock Service addService<AndroidSecureClock>(keyMint); // Add Shared Secret Service addService<AndroidSharedSecret>(keyMint); ABinderProcess_joinThreadPool(); return EXIT_FAILURE; // should not reach } security/secureclock/aidl/aidl_api/android.hardware.security.secureclock/current/android/hardware/security/secureclock/ISecureClock.aidl +15 −2 Original line number Diff line number Diff line /////////////////////////////////////////////////////////////////////////////// /* * Copyright (C) 2020 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * limitations under the License. *//////////////////////////////////////////////////////////////////////////////// // THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. // /////////////////////////////////////////////////////////////////////////////// Loading @@ -20,5 +33,5 @@ package android.hardware.security.secureclock; @VintfStability interface ISecureClock { android.hardware.security.secureclock.TimeStampToken generateTimeStamp(in long challenge); const String TIME_STAMP_MAC_LABEL = "Time Verification"; const String TIME_STAMP_MAC_LABEL = "Auth Verification"; } Loading
security/keymint/aidl/default/Android.bp +7 −1 Original line number Diff line number Diff line Loading @@ -2,7 +2,11 @@ cc_binary { name: "android.hardware.security.keymint-service", relative_install_path: "hw", init_rc: ["android.hardware.security.keymint-service.rc"], vintf_fragments: ["android.hardware.security.keymint-service.xml"], vintf_fragments: [ "android.hardware.security.keymint-service.xml", "android.hardware.security.sharedsecret-service.xml", "android.hardware.security.secureclock-service.xml", ], vendor: true, cflags: [ "-Wall", Loading @@ -10,6 +14,8 @@ cc_binary { ], shared_libs: [ "android.hardware.security.keymint-V1-ndk_platform", "android.hardware.security.sharedsecret-unstable-ndk_platform", "android.hardware.security.secureclock-unstable-ndk_platform", "libbase", "libbinder_ndk", "libcppbor", Loading
security/keymint/aidl/default/android.hardware.security.secureclock-service.xml 0 → 100644 +6 −0 Original line number Diff line number Diff line <manifest version="1.0" type="device"> <hal format="aidl"> <name>android.hardware.security.secureclock</name> <fqname>ISecureClock/default</fqname> </hal> </manifest>
security/keymint/aidl/default/android.hardware.security.sharedsecret-service.xml 0 → 100644 +6 −0 Original line number Diff line number Diff line <manifest version="1.0" type="device"> <hal format="aidl"> <name>android.hardware.security.sharedsecret</name> <fqname>ISharedSecret/default</fqname> </hal> </manifest>
security/keymint/aidl/default/service.cpp +22 −9 Original line number Diff line number Diff line Loading @@ -21,25 +21,38 @@ #include <android/binder_process.h> #include <AndroidKeyMintDevice.h> #include <AndroidSecureClock.h> #include <AndroidSharedSecret.h> #include <keymaster/soft_keymaster_logger.h> using aidl::android::hardware::security::keymint::AndroidKeyMintDevice; using aidl::android::hardware::security::keymint::SecurityLevel; using aidl::android::hardware::security::secureclock::AndroidSecureClock; using aidl::android::hardware::security::sharedsecret::AndroidSharedSecret; template <typename T, class... Args> std::shared_ptr<T> addService(Args&&... args) { std::shared_ptr<T> ser = ndk::SharedRefBase::make<T>(std::forward<Args>(args)...); auto instanceName = std::string(T::descriptor) + "/default"; LOG(INFO) << "adding keymint service instance: " << instanceName; binder_status_t status = AServiceManager_addService(ser->asBinder().get(), instanceName.c_str()); CHECK(status == STATUS_OK); return ser; } int main() { // Zero threads seems like a useless pool, but below we'll join this thread to it, increasing // the pool size to 1. ABinderProcess_setThreadPoolMaxThreadCount(0); std::shared_ptr<AndroidKeyMintDevice> keyMint = ndk::SharedRefBase::make<AndroidKeyMintDevice>(SecurityLevel::SOFTWARE); keymaster::SoftKeymasterLogger logger; const auto instanceName = std::string(AndroidKeyMintDevice::descriptor) + "/default"; LOG(INFO) << "instance: " << instanceName; binder_status_t status = AServiceManager_addService(keyMint->asBinder().get(), instanceName.c_str()); CHECK(status == STATUS_OK); // Add Keymint Service std::shared_ptr<AndroidKeyMintDevice> keyMint = addService<AndroidKeyMintDevice>(SecurityLevel::SOFTWARE); // Add Secure Clock Service addService<AndroidSecureClock>(keyMint); // Add Shared Secret Service addService<AndroidSharedSecret>(keyMint); ABinderProcess_joinThreadPool(); return EXIT_FAILURE; // should not reach }
security/secureclock/aidl/aidl_api/android.hardware.security.secureclock/current/android/hardware/security/secureclock/ISecureClock.aidl +15 −2 Original line number Diff line number Diff line /////////////////////////////////////////////////////////////////////////////// /* * Copyright (C) 2020 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * limitations under the License. *//////////////////////////////////////////////////////////////////////////////// // THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. // /////////////////////////////////////////////////////////////////////////////// Loading @@ -20,5 +33,5 @@ package android.hardware.security.secureclock; @VintfStability interface ISecureClock { android.hardware.security.secureclock.TimeStampToken generateTimeStamp(in long challenge); const String TIME_STAMP_MAC_LABEL = "Time Verification"; const String TIME_STAMP_MAC_LABEL = "Auth Verification"; }
