Loading security/authgraph/aidl/Android.bp +1 −1 Original line number Diff line number Diff line Loading @@ -34,7 +34,7 @@ aidl_interface { platform_apis: true, }, ndk: { apps_enabled: false, enabled: true, }, rust: { enabled: true, Loading security/authgraph/aidl/vts/functional/lib.rs +2 −1 Original line number Diff line number Diff line Loading @@ -26,6 +26,7 @@ use android_hardware_security_authgraph::aidl::android::hardware::security::auth use authgraph_boringssl as boring; use authgraph_core::{error::Error as AgError, keyexchange as ke}; use coset::CborSerializable; use std::{cell::RefCell, rc::Rc}; pub mod sink; pub mod source; Loading @@ -34,7 +35,7 @@ pub mod source; pub fn test_ag_participant() -> Result<ke::AuthGraphParticipant, AgError> { Ok(ke::AuthGraphParticipant::new( boring::crypto_trait_impls(), Box::<boring::test_device::AgDevice>::default(), Rc::new(RefCell::new(boring::test_device::AgDevice::default())), ke::MAX_OPENED_SESSIONS, )?) } Loading security/authgraph/default/src/fuzzer.rs +1 −2 Original line number Diff line number Diff line Loading @@ -22,10 +22,9 @@ use authgraph_hal::service::AuthGraphService; use authgraph_nonsecure::LocalTa; use binder_random_parcel_rs::fuzz_service; use libfuzzer_sys::fuzz_target; use std::sync::{Arc, Mutex}; fuzz_target!(|data: &[u8]| { let local_ta = LocalTa::new().expect("Failed to create an AuthGraph local TA."); let service = AuthGraphService::new_as_binder(Arc::new(Mutex::new(local_ta))); let service = AuthGraphService::new_as_binder(local_ta); fuzz_service(&mut service.as_binder(), data); }); security/authgraph/default/src/lib.rs +37 −11 Original line number Diff line number Diff line Loading @@ -22,36 +22,62 @@ use authgraph_core::{ ta::{AuthGraphTa, Role}, }; use authgraph_hal::channel::SerializedChannel; use std::sync::{Arc, Mutex}; use std::cell::RefCell; use std::rc::Rc; use std::sync::{mpsc, Mutex}; /// Implementation of the AuthGraph TA that runs locally in-process (and which is therefore /// insecure). pub struct LocalTa { ta: Arc<Mutex<AuthGraphTa>>, channels: Mutex<Channels>, } struct Channels { in_tx: mpsc::Sender<Vec<u8>>, out_rx: mpsc::Receiver<Vec<u8>>, } impl LocalTa { /// Create a new instance. pub fn new() -> Result<Self, error::Error> { Ok(Self { ta: Arc::new(Mutex::new(AuthGraphTa::new( // Create a pair of channels to communicate with the TA thread. let (in_tx, in_rx) = mpsc::channel(); let (out_tx, out_rx) = mpsc::channel(); // The TA code expects to run single threaded, so spawn a thread to run it in. std::thread::spawn(move || { let mut ta = AuthGraphTa::new( keyexchange::AuthGraphParticipant::new( boring::crypto_trait_impls(), Box::<boring::test_device::AgDevice>::default(), Rc::new(RefCell::new(boring::test_device::AgDevice::default())), keyexchange::MAX_OPENED_SESSIONS, )?, ) .expect("failed to create AG participant"), Role::Both, ))), ); // Loop forever processing request messages. loop { let req_data: Vec<u8> = in_rx.recv().expect("failed to receive next req"); let rsp_data = ta.process(&req_data); out_tx.send(rsp_data).expect("failed to send out rsp"); } }); Ok(Self { channels: Mutex::new(Channels { in_tx, out_rx }), }) } } /// Pretend to be a serialized channel to the TA, but actually just directly invoke the TA with /// incoming requests. impl SerializedChannel for LocalTa { const MAX_SIZE: usize = usize::MAX; fn execute(&mut self, req_data: &[u8]) -> binder::Result<Vec<u8>> { Ok(self.ta.lock().unwrap().process(req_data)) fn execute(&self, req_data: &[u8]) -> binder::Result<Vec<u8>> { // Serialize across both request and response. let channels = self.channels.lock().unwrap(); channels .in_tx .send(req_data.to_vec()) .expect("failed to send in request"); Ok(channels.out_rx.recv().expect("failed to receive response")) } } security/authgraph/default/src/main.rs +2 −4 Original line number Diff line number Diff line Loading @@ -25,7 +25,6 @@ use authgraph_hal::service; use authgraph_nonsecure::LocalTa; use log::{error, info}; use std::sync::{Arc, Mutex}; static SERVICE_NAME: &str = "android.hardware.security.authgraph.IAuthGraphKeyExchange"; static SERVICE_INSTANCE: &str = "nonsecure"; Loading Loading @@ -65,9 +64,8 @@ fn inner_main() -> Result<(), HalServiceError> { binder::ProcessState::start_thread_pool(); // Register the service let local_ta = LocalTa::new().map_err(|e| format!("Failed to create the TA because: {e:?}"))?; let service = service::AuthGraphService::new_as_binder(Arc::new(Mutex::new(local_ta))); let local_ta = LocalTa::new().map_err(|e| format!("Failed to create the TA because: {e:?}"))?; let service = service::AuthGraphService::new_as_binder(local_ta); let service_name = format!("{}/{}", SERVICE_NAME, SERVICE_INSTANCE); binder::add_service(&service_name, service.as_binder()).map_err(|e| { format!( Loading Loading
security/authgraph/aidl/Android.bp +1 −1 Original line number Diff line number Diff line Loading @@ -34,7 +34,7 @@ aidl_interface { platform_apis: true, }, ndk: { apps_enabled: false, enabled: true, }, rust: { enabled: true, Loading
security/authgraph/aidl/vts/functional/lib.rs +2 −1 Original line number Diff line number Diff line Loading @@ -26,6 +26,7 @@ use android_hardware_security_authgraph::aidl::android::hardware::security::auth use authgraph_boringssl as boring; use authgraph_core::{error::Error as AgError, keyexchange as ke}; use coset::CborSerializable; use std::{cell::RefCell, rc::Rc}; pub mod sink; pub mod source; Loading @@ -34,7 +35,7 @@ pub mod source; pub fn test_ag_participant() -> Result<ke::AuthGraphParticipant, AgError> { Ok(ke::AuthGraphParticipant::new( boring::crypto_trait_impls(), Box::<boring::test_device::AgDevice>::default(), Rc::new(RefCell::new(boring::test_device::AgDevice::default())), ke::MAX_OPENED_SESSIONS, )?) } Loading
security/authgraph/default/src/fuzzer.rs +1 −2 Original line number Diff line number Diff line Loading @@ -22,10 +22,9 @@ use authgraph_hal::service::AuthGraphService; use authgraph_nonsecure::LocalTa; use binder_random_parcel_rs::fuzz_service; use libfuzzer_sys::fuzz_target; use std::sync::{Arc, Mutex}; fuzz_target!(|data: &[u8]| { let local_ta = LocalTa::new().expect("Failed to create an AuthGraph local TA."); let service = AuthGraphService::new_as_binder(Arc::new(Mutex::new(local_ta))); let service = AuthGraphService::new_as_binder(local_ta); fuzz_service(&mut service.as_binder(), data); });
security/authgraph/default/src/lib.rs +37 −11 Original line number Diff line number Diff line Loading @@ -22,36 +22,62 @@ use authgraph_core::{ ta::{AuthGraphTa, Role}, }; use authgraph_hal::channel::SerializedChannel; use std::sync::{Arc, Mutex}; use std::cell::RefCell; use std::rc::Rc; use std::sync::{mpsc, Mutex}; /// Implementation of the AuthGraph TA that runs locally in-process (and which is therefore /// insecure). pub struct LocalTa { ta: Arc<Mutex<AuthGraphTa>>, channels: Mutex<Channels>, } struct Channels { in_tx: mpsc::Sender<Vec<u8>>, out_rx: mpsc::Receiver<Vec<u8>>, } impl LocalTa { /// Create a new instance. pub fn new() -> Result<Self, error::Error> { Ok(Self { ta: Arc::new(Mutex::new(AuthGraphTa::new( // Create a pair of channels to communicate with the TA thread. let (in_tx, in_rx) = mpsc::channel(); let (out_tx, out_rx) = mpsc::channel(); // The TA code expects to run single threaded, so spawn a thread to run it in. std::thread::spawn(move || { let mut ta = AuthGraphTa::new( keyexchange::AuthGraphParticipant::new( boring::crypto_trait_impls(), Box::<boring::test_device::AgDevice>::default(), Rc::new(RefCell::new(boring::test_device::AgDevice::default())), keyexchange::MAX_OPENED_SESSIONS, )?, ) .expect("failed to create AG participant"), Role::Both, ))), ); // Loop forever processing request messages. loop { let req_data: Vec<u8> = in_rx.recv().expect("failed to receive next req"); let rsp_data = ta.process(&req_data); out_tx.send(rsp_data).expect("failed to send out rsp"); } }); Ok(Self { channels: Mutex::new(Channels { in_tx, out_rx }), }) } } /// Pretend to be a serialized channel to the TA, but actually just directly invoke the TA with /// incoming requests. impl SerializedChannel for LocalTa { const MAX_SIZE: usize = usize::MAX; fn execute(&mut self, req_data: &[u8]) -> binder::Result<Vec<u8>> { Ok(self.ta.lock().unwrap().process(req_data)) fn execute(&self, req_data: &[u8]) -> binder::Result<Vec<u8>> { // Serialize across both request and response. let channels = self.channels.lock().unwrap(); channels .in_tx .send(req_data.to_vec()) .expect("failed to send in request"); Ok(channels.out_rx.recv().expect("failed to receive response")) } }
security/authgraph/default/src/main.rs +2 −4 Original line number Diff line number Diff line Loading @@ -25,7 +25,6 @@ use authgraph_hal::service; use authgraph_nonsecure::LocalTa; use log::{error, info}; use std::sync::{Arc, Mutex}; static SERVICE_NAME: &str = "android.hardware.security.authgraph.IAuthGraphKeyExchange"; static SERVICE_INSTANCE: &str = "nonsecure"; Loading Loading @@ -65,9 +64,8 @@ fn inner_main() -> Result<(), HalServiceError> { binder::ProcessState::start_thread_pool(); // Register the service let local_ta = LocalTa::new().map_err(|e| format!("Failed to create the TA because: {e:?}"))?; let service = service::AuthGraphService::new_as_binder(Arc::new(Mutex::new(local_ta))); let local_ta = LocalTa::new().map_err(|e| format!("Failed to create the TA because: {e:?}"))?; let service = service::AuthGraphService::new_as_binder(local_ta); let service_name = format!("{}/{}", SERVICE_NAME, SERVICE_INSTANCE); binder::add_service(&service_name, service.as_binder()).map_err(|e| { format!( Loading
