ConfirmationUI reference implementation

//

// Copyright (C) 2017 The Android Open Source Project

//

// Licensed under the Apache License, Version 2.0 (the "License");

// you may not use this file except in compliance with the License.

// You may obtain a copy of the License at

//

//      http://www.apache.org/licenses/LICENSE-2.0

//

// Unless required by applicable law or agreed to in writing, software

// distributed under the License is distributed on an "AS IS" BASIS,

// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

// See the License for the specific language governing permissions and

// limitations under the License.

//

cc_binary {

    name: "android.hardware.confirmationui@1.0-service",

    init_rc: ["android.hardware.confirmationui@1.0-service.rc"],

    vendor: true,

    relative_install_path: "hw",

    cflags: [

        "-Wall",

        "-Wextra",

        "-Werror",

    ],

    srcs: [

        "service.cpp",

        "ConfirmationUI.cpp",

        "PlatformSpecifics.cpp",

    ],

    shared_libs: [

        "android.hardware.confirmationui@1.0",

        "android.hardware.confirmationui-support-lib",

        "android.hardware.keymaster@4.0",

        "libcrypto",

        "libbase",

        "libhidlbase",

        "libhidltransport",

        "liblog",

        "libutils",

    ],

}

 No newline at end of file

/*

**

** Copyright 2017, The Android Open Source Project

**

** Licensed under the Apache License, Version 2.0 (the "License");

** you may not use this file except in compliance with the License.

** You may obtain a copy of the License at

**

**     http://www.apache.org/licenses/LICENSE-2.0

**

** Unless required by applicable law or agreed to in writing, software

** distributed under the License is distributed on an "AS IS" BASIS,

** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

** See the License for the specific language governing permissions and

** limitations under the License.

*/

#include "ConfirmationUI.h"

#include "PlatformSpecifics.h"

#include <android/hardware/confirmationui/support/cbor.h>

#include <android/hardware/confirmationui/support/confirmationui_utils.h>

#include <android/hardware/confirmationui/1.0/generic/GenericOperation.h>

#include <time.h>

namespace android {

namespace hardware {

namespace confirmationui {

namespace V1_0 {

namespace implementation {

using ::android::hardware::confirmationui::V1_0::generic::Operation;

using ::android::hardware::keymaster::V4_0::HardwareAuthToken;

uint8_t hmacKey[32];

// Methods from ::android::hardware::confirmationui::V1_0::IConfirmationUI follow.

Return<ResponseCode> ConfirmationUI::promptUserConfirmation(

    const sp<IConfirmationResultCallback>& resultCB, const hidl_string& promptText,

    const hidl_vec<uint8_t>& extraData, const hidl_string& locale,

    const hidl_vec<UIOption>& uiOptions) {

    auto& operation = MyOperation::get();

    return operation.init(resultCB, promptText, extraData, locale, uiOptions);

}

Return<ResponseCode> ConfirmationUI::deliverSecureInputEvent(

    const HardwareAuthToken& secureInputToken) {

    auto& operation = MyOperation::get();

    return operation.deliverSecureInputEvent(secureInputToken);

}

Return<void> ConfirmationUI::abort() {

    auto& operation = MyOperation::get();

    operation.abort();

    operation.finalize(hmacKey);

    return Void();

}

}  // namespace implementation

}  // namespace V1_0

}  // namespace confirmationui

}  // namespace hardware

}  // namespace android

/*

**

** Copyright 2017, The Android Open Source Project

**

** Licensed under the Apache License, Version 2.0 (the "License");

** you may not use this file except in compliance with the License.

** You may obtain a copy of the License at

**

**     http://www.apache.org/licenses/LICENSE-2.0

**

** Unless required by applicable law or agreed to in writing, software

** distributed under the License is distributed on an "AS IS" BASIS,

** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

** See the License for the specific language governing permissions and

** limitations under the License.

*/

#ifndef ANDROID_HARDWARE_CONFIRMATIONUI_V1_0_CONFIRMATIONUI_H

#define ANDROID_HARDWARE_CONFIRMATIONUI_V1_0_CONFIRMATIONUI_H

#include <android/hardware/confirmationui/1.0/IConfirmationUI.h>

#include <hidl/MQDescriptor.h>

#include <hidl/Status.h>

namespace android {

namespace hardware {

namespace confirmationui {

namespace V1_0 {

namespace implementation {

using ::android::hardware::hidl_array;

using ::android::hardware::hidl_memory;

using ::android::hardware::hidl_string;

using ::android::hardware::hidl_vec;

using ::android::hardware::Return;

using ::android::hardware::Void;

using ::android::sp;

struct ConfirmationUI : public IConfirmationUI {

    // Methods from ::android::hardware::confirmationui::V1_0::IConfirmationUI follow.

    Return<ResponseCode> promptUserConfirmation(const sp<IConfirmationResultCallback>& resultCB,

                                                const hidl_string& promptText,

                                                const hidl_vec<uint8_t>& extraData,

                                                const hidl_string& locale,

                                                const hidl_vec<UIOption>& uiOptions) override;

    Return<ResponseCode> deliverSecureInputEvent(

        const ::android::hardware::keymaster::V4_0::HardwareAuthToken& secureInputToken) override;

    Return<void> abort() override;

};

}  // namespace implementation

}  // namespace V1_0

}  // namespace confirmationui

}  // namespace hardware

}  // namespace android

#endif  // ANDROID_HARDWARE_CONFIRMATIONUI_V1_0_CONFIRMATIONUI_H

jdanis@google.com

swillden@google.com

/*

**

** Copyright 2017, The Android Open Source Project

**

** Licensed under the Apache License, Version 2.0 (the "License");

** you may not use this file except in compliance with the License.

** You may obtain a copy of the License at

**

**     http://www.apache.org/licenses/LICENSE-2.0

**

** Unless required by applicable law or agreed to in writing, software

** distributed under the License is distributed on an "AS IS" BASIS,

** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

** See the License for the specific language governing permissions and

** limitations under the License.

*/

#include "PlatformSpecifics.h"

#include <openssl/hmac.h>

#include <openssl/sha.h>

#include <time.h>

namespace android {

namespace hardware {

namespace confirmationui {

namespace V1_0 {

namespace implementation {

MonotonicClockTimeStamper::TimeStamp MonotonicClockTimeStamper::now() {

    timespec ts;

    if (!clock_gettime(CLOCK_BOOTTIME, &ts)) {

        return TimeStamp(ts.tv_sec * UINT64_C(1000) + ts.tv_nsec / UINT64_C(1000000));

    } else {

        return {};

    }

}

support::NullOr<support::array<uint8_t, 32>> HMacImplementation::hmac256(

    const uint8_t key[32], std::initializer_list<support::ByteBufferProxy> buffers) {

    HMAC_CTX hmacCtx;

    HMAC_CTX_init(&hmacCtx);

    if (!HMAC_Init_ex(&hmacCtx, key, 32, EVP_sha256(), nullptr)) {

        return {};

    }

    for (auto& buffer : buffers) {

        if (!HMAC_Update(&hmacCtx, buffer.data(), buffer.size())) {

            return {};

        }

    }

    support::array<uint8_t, 32> result;

    if (!HMAC_Final(&hmacCtx, result.data(), nullptr)) {

        return {};

    }

    return result;

}

}  // namespace implementation

}  // namespace V1_0

}  // namespace confirmationui

}  // namespace hardware

}  // namespace android