diff options
Diffstat (limited to 'identity/aidl/default/common/IdentityCredentialStore.cpp')
| -rw-r--r-- | identity/aidl/default/common/IdentityCredentialStore.cpp | 52 |
1 files changed, 41 insertions, 11 deletions
diff --git a/identity/aidl/default/common/IdentityCredentialStore.cpp b/identity/aidl/default/common/IdentityCredentialStore.cpp index 4703ffe646..bbc2cefb8f 100644 --- a/identity/aidl/default/common/IdentityCredentialStore.cpp +++ b/identity/aidl/default/common/IdentityCredentialStore.cpp @@ -17,6 +17,7 @@ #define LOG_TAG "IdentityCredentialStore" #include <android-base/logging.h> +#include <android/binder_manager.h> #include "IdentityCredential.h" #include "IdentityCredentialStore.h" @@ -25,15 +26,24 @@ namespace aidl::android::hardware::identity { +using ::aidl::android::hardware::security::keymint::IRemotelyProvisionedComponent; + +IdentityCredentialStore::IdentityCredentialStore(sp<SecureHardwareProxyFactory> hwProxyFactory, + optional<string> remotelyProvisionedComponent) + : hwProxyFactory_(hwProxyFactory), + remotelyProvisionedComponentName_(remotelyProvisionedComponent) { + hardwareInformation_.credentialStoreName = "Identity Credential Reference Implementation"; + hardwareInformation_.credentialStoreAuthorName = "Google"; + hardwareInformation_.dataChunkSize = kGcmChunkSize; + hardwareInformation_.isDirectAccess = false; + hardwareInformation_.supportedDocTypes = {}; + hardwareInformation_.isRemoteKeyProvisioningSupported = + remotelyProvisionedComponentName_.has_value(); +} + ndk::ScopedAStatus IdentityCredentialStore::getHardwareInformation( HardwareInformation* hardwareInformation) { - HardwareInformation hw; - hw.credentialStoreName = "Identity Credential Reference Implementation"; - hw.credentialStoreAuthorName = "Google"; - hw.dataChunkSize = kGcmChunkSize; - hw.isDirectAccess = false; - hw.supportedDocTypes = {}; - *hardwareInformation = hw; + *hardwareInformation = hardwareInformation_; return ndk::ScopedAStatus::ok(); } @@ -42,7 +52,8 @@ ndk::ScopedAStatus IdentityCredentialStore::createCredential( shared_ptr<IWritableIdentityCredential>* outWritableCredential) { sp<SecureHardwareProvisioningProxy> hwProxy = hwProxyFactory_->createProvisioningProxy(); shared_ptr<WritableIdentityCredential> wc = - ndk::SharedRefBase::make<WritableIdentityCredential>(hwProxy, docType, testCredential); + ndk::SharedRefBase::make<WritableIdentityCredential>(hwProxy, docType, testCredential, + hardwareInformation_); if (!wc->initialize()) { return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage( IIdentityCredentialStore::STATUS_FAILED, @@ -63,7 +74,7 @@ ndk::ScopedAStatus IdentityCredentialStore::getCredential( } shared_ptr<IdentityCredential> credential = ndk::SharedRefBase::make<IdentityCredential>( - hwProxyFactory_, credentialData, nullptr /* session */); + hwProxyFactory_, credentialData, nullptr /* session */, hardwareInformation_); auto ret = credential->initialize(); if (ret != IIdentityCredentialStore::STATUS_OK) { return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage( @@ -83,8 +94,8 @@ ndk::ScopedAStatus IdentityCredentialStore::createPresentationSession( } sp<SecureHardwareSessionProxy> hwProxy = hwProxyFactory_->createSessionProxy(); - shared_ptr<PresentationSession> session = - ndk::SharedRefBase::make<PresentationSession>(hwProxyFactory_, hwProxy); + shared_ptr<PresentationSession> session = ndk::SharedRefBase::make<PresentationSession>( + hwProxyFactory_, hwProxy, hardwareInformation_); auto ret = session->initialize(); if (ret != IIdentityCredentialStore::STATUS_OK) { return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage( @@ -94,4 +105,23 @@ ndk::ScopedAStatus IdentityCredentialStore::createPresentationSession( return ndk::ScopedAStatus::ok(); } +ndk::ScopedAStatus IdentityCredentialStore::getRemotelyProvisionedComponent( + shared_ptr<IRemotelyProvisionedComponent>* outRemotelyProvisionedComponent) { + if (!remotelyProvisionedComponentName_) { + return ndk::ScopedAStatus(AStatus_fromExceptionCodeWithMessage( + EX_UNSUPPORTED_OPERATION, "Remote key provisioning is not supported")); + } + + ndk::SpAIBinder binder( + AServiceManager_waitForService(remotelyProvisionedComponentName_->c_str())); + if (binder.get() == nullptr) { + return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage( + IIdentityCredentialStore::STATUS_FAILED, + "Unable to get remotely provisioned component")); + } + + *outRemotelyProvisionedComponent = IRemotelyProvisionedComponent::fromBinder(binder); + return ndk::ScopedAStatus::ok(); +} + } // namespace aidl::android::hardware::identity |