Gitiles
Code Review Sign In
gerrit.omnirom.org / android_frameworks_native / 13c9006286d01d7b6de4aca0853d994d695f808b^! / . / libs / binder / tests / binderRpcTest.cpp
commit13c9006286d01d7b6de4aca0853d994d695f808b[log] [tgz]
authorYifan Hong <elsk@google.com>Thu Sep 09 14:59:53 2021 -0700
committerYifan Hong <elsk@google.com>Fri Sep 10 16:40:40 2021 -0700
tree59f2327aed4fe90bcf4397e7e44029e794b3c376
parent3e2c136a3824282ac3a72774348b7f30c815ba74 [diff] [blame]
binder: Add RpcCertificateVerifier.

An interface with a function that verifies a peer certificate.
It is a wrapper over the custom
verify function (see SSL_CTX_set_custom_verify).

Also, RpcTransportCtxFactoryTls::make() requests
an RpcCertificateVerifier.

Bug: 198833574
Test: binderRpcTest
Change-Id: I6e63bc84ede07735baaf8e02fda53a97775c3dcc

diff --git a/libs/binder/tests/binderRpcTest.cpp b/libs/binder/tests/binderRpcTest.cpp
index 7c405d3..8a03de2 100644
--- a/libs/binder/tests/binderRpcTest.cpp
+++ b/libs/binder/tests/binderRpcTest.cpp

@@ -46,6 +46,7 @@
 #include "../RpcSocketAddress.h" // for testing preconnected clients
 #include "../RpcState.h"   // for debugging
 #include "../vm_sockets.h" // for VMADDR_*
+#include "RpcCertificateVerifierSimple.h"
 
 using namespace std::chrono_literals;
 
@@ -61,12 +62,18 @@
     return {RpcSecurity::RAW, RpcSecurity::TLS};
 }
 
-static inline std::unique_ptr<RpcTransportCtxFactory> newFactory(RpcSecurity rpcSecurity) {
+static inline std::unique_ptr<RpcTransportCtxFactory> newFactory(
+        RpcSecurity rpcSecurity, std::shared_ptr<RpcCertificateVerifier> verifier = nullptr) {
     switch (rpcSecurity) {
         case RpcSecurity::RAW:
             return RpcTransportCtxFactoryRaw::make();
-        case RpcSecurity::TLS:
-            return RpcTransportCtxFactoryTls::make();
+        case RpcSecurity::TLS: {
+            // TODO(b/198833574): exchange keys and set proper verifier
+            if (verifier == nullptr) {
+                verifier = std::make_shared<RpcCertificateVerifierSimple>();
+            }
+            return RpcTransportCtxFactoryTls::make(std::move(verifier));
+        }
         default:
             LOG_ALWAYS_FATAL("Unknown RpcSecurity %d", rpcSecurity);
     }