Gitiles
Code Review Sign In
gerrit.omnirom.org / android_frameworks_native / 1deca4b9eb224f704dc3ab4b17053ff94f49d6c5^! / . / libs / binder / tests / RpcCertificateVerifierSimple.h
commit1deca4b9eb224f704dc3ab4b17053ff94f49d6c5[log] [tgz]
authorYifan Hong <elsk@google.com>Fri Sep 10 16:16:44 2021 -0700
committerYifan Hong <elsk@google.com>Mon Sep 13 16:22:18 2021 -0700
tree5d861efa75334eeaf2b67fd32d26ae0bf6296f84
parent2ec5688a56fcf7147e086962f544f01128291325 [diff] [blame]
binder: implement simple TLS verification for testing

Implements RpcCertificateVerifierSimple with an algorithm
that treats all certificates as leaf certificates.

Fix existing tests to set certificates properly. Also
add a test that checks that bad certificates are rejected.

Also adds RpcCertificateUtils that includes function for
(de)serializing certificates. These util functions are useful
for implementing RpcCertificateVerifier.

Test: binderRpcTest
Bug: 195166979
Fixes: 196422181
Fixes: 198833574
Change-Id: I6c1f0f88fe5bc712f3890426d6da26c9ad046d79

diff --git a/libs/binder/tests/RpcCertificateVerifierSimple.h b/libs/binder/tests/RpcCertificateVerifierSimple.h
index aff5c7c..02aa3c6 100644
--- a/libs/binder/tests/RpcCertificateVerifierSimple.h
+++ b/libs/binder/tests/RpcCertificateVerifierSimple.h

@@ -16,14 +16,38 @@
 
 #pragma once
 
+#include <mutex>
+#include <string_view>
+#include <vector>
+
+#include <openssl/ssl.h>
+
+#include <binder/CertificateFormat.h>
 #include <binder/RpcCertificateVerifier.h>
 
 namespace android {
 
 // A simple certificate verifier for testing.
+// Keep a list of leaf certificates as trusted. No certificate chain support.
+//
+// All APIs are thread-safe. However, if verify() and addTrustedPeerCertificate() are called
+// simultaneously in different threads, it is not deterministic whether verify() will use the
+// certificate being added.
 class RpcCertificateVerifierSimple : public RpcCertificateVerifier {
 public:
     status_t verify(const X509*, uint8_t*) override;
+
+    // Add a trusted peer certificate. Peers presenting this certificate are accepted.
+    //
+    // Caller must ensure that RpcTransportCtx::newTransport() are called after all trusted peer
+    // certificates are added. Otherwise, RpcTransport-s created before may not trust peer
+    // certificates added later.
+    [[nodiscard]] status_t addTrustedPeerCertificate(CertificateFormat format,
+                                                     const std::vector<uint8_t>& cert);
+
+private:
+    std::mutex mMutex; // for below
+    std::vector<bssl::UniquePtr<X509>> mTrustedPeerCertificates;
 };
 
 } // namespace android