Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / 69f0bc52a8578c8d97060d4284efc4c465f206b0 / . / keystore2 / src / metrics.rs
blob: 10a465ca4706875c3935a027372d9a1844a915ea [file] [log] [blame]
Hasini Gunasingheb7142972021-02-20 03:11:27 +0000[diff] [blame]1// Copyright 2021, The Android Open Source Project
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15//! This module provides convenience functions for keystore2 logging.
16use crate::error::get_error_code;
Pavel Grafov94243c22021-04-21 18:03:11 +0100[diff] [blame]17use crate::globals::{DB, LOGS_HANDLER};
Hasini Gunasingheb7142972021-02-20 03:11:27 +0000[diff] [blame]18use crate::key_parameter::KeyParameterValue as KsKeyParamValue;
Hasini Gunasinghe0aba68a2021-03-19 00:43:52 +0000[diff] [blame]19use crate::operation::Outcome;
Hasini Gunasingheb7142972021-02-20 03:11:27 +0000[diff] [blame]20use android_hardware_security_keymint::aidl::android::hardware::security::keymint::{
21 Algorithm::Algorithm, BlockMode::BlockMode, Digest::Digest, EcCurve::EcCurve,
22 HardwareAuthenticatorType::HardwareAuthenticatorType, KeyOrigin::KeyOrigin,
23 KeyParameter::KeyParameter, KeyPurpose::KeyPurpose, PaddingMode::PaddingMode,
Hasini Gunasinghe9617fd92021-04-01 22:27:07 +0000[diff] [blame]24 SecurityLevel::SecurityLevel,
Hasini Gunasingheb7142972021-02-20 03:11:27 +0000[diff] [blame]25};
Hasini Gunasinghe69f0bc52021-05-15 02:08:39 +0000[diff] [blame^]26use anyhow::{anyhow, Result};
Seth Moore78c091f2021-04-09 21:38:30 +0000[diff] [blame]27use keystore2_system_property::PropertyWatcher;
28use statslog_rust::{
29 keystore2_key_creation_event_reported::{
30 Algorithm as StatsdAlgorithm, EcCurve as StatsdEcCurve, KeyOrigin as StatsdKeyOrigin,
31 Keystore2KeyCreationEventReported, SecurityLevel as StatsdKeyCreationSecurityLevel,
32 UserAuthType as StatsdUserAuthType,
33 },
34 keystore2_key_operation_event_reported::{
35 Keystore2KeyOperationEventReported, Outcome as StatsdOutcome, Purpose as StatsdKeyPurpose,
36 SecurityLevel as StatsdKeyOperationSecurityLevel,
37 },
38 keystore2_storage_stats::StorageType as StatsdStorageType,
Hasini Gunasingheb7142972021-02-20 03:11:27 +0000[diff] [blame]39};
Seth Moore78c091f2021-04-09 21:38:30 +0000[diff] [blame]40use statslog_rust_header::Atoms;
41use statspull_rust::{set_pull_atom_callback, StatsPullResult};
Hasini Gunasinghe0aba68a2021-03-19 00:43:52 +0000[diff] [blame]42
Hasini Gunasinghe69f0bc52021-05-15 02:08:39 +0000[diff] [blame^]43// Waits and returns Ok if boot is completed.
44fn wait_for_boot_completed() -> Result<()> {
45 let watcher = PropertyWatcher::new("sys.boot_completed");
46 match watcher {
47 Ok(mut watcher) => {
48 loop {
49 let wait_result = watcher.wait();
50 match wait_result {
51 Ok(_) => {
52 let value_result =
53 watcher.read(|_name, value| Ok(value.trim().to_string()));
54 match value_result {
55 Ok(value) => {
56 if value == "1" {
57 break;
58 }
59 }
60 Err(e) => {
61 log::error!(
62 "In wait_for_boot_completed: Failed while reading property. {}",
63 e
64 );
65 return Err(anyhow!("Error in waiting for boot completion."));
66 }
67 }
68 }
69 Err(e) => {
70 log::error!("In wait_for_boot_completed: Failed while waiting. {}", e);
71 return Err(anyhow!("Error in waiting for boot completion."));
72 }
73 }
74 }
75 Ok(())
76 }
77 Err(e) => {
78 log::error!("In wait_for_boot_completed: Failed to create PropertyWatcher. {}", e);
79 Err(anyhow!("Error in waiting for boot completion."))
80 }
81 }
82}
83
Hasini Gunasingheb7142972021-02-20 03:11:27 +0000[diff] [blame]84fn create_default_key_creation_atom() -> Keystore2KeyCreationEventReported {
85 // If a value is not present, fields represented by bitmaps and i32 fields
86 // will take 0, except error_code which defaults to 1 indicating NO_ERROR and key_size,
87 // and auth_time_out which default to -1.
88 // The boolean fields are set to false by default.
89 // Some keymint enums do have 0 as an enum variant value. In such cases, the corresponding
90 // enum variant value in atoms.proto is incremented by 1, in order to have 0 as the reserved
91 // value for unspecified fields.
92 Keystore2KeyCreationEventReported {
93 algorithm: StatsdAlgorithm::AlgorithmUnspecified,
94 key_size: -1,
95 key_origin: StatsdKeyOrigin::OriginUnspecified,
96 user_auth_type: StatsdUserAuthType::AuthTypeUnspecified,
97 user_auth_key_timeout_seconds: -1,
98 padding_mode_bitmap: 0,
99 digest_bitmap: 0,
100 block_mode_bitmap: 0,
101 purpose_bitmap: 0,
102 ec_curve: StatsdEcCurve::EcCurveUnspecified,
103 // as per keystore2/ResponseCode.aidl, 1 is reserved for NO_ERROR
104 error_code: 1,
105 attestation_requested: false,
Hasini Gunasinghe9617fd92021-04-01 22:27:07 +0000[diff] [blame]106 security_level: StatsdKeyCreationSecurityLevel::SecurityLevelUnspecified,
Hasini Gunasingheb7142972021-02-20 03:11:27 +0000[diff] [blame]107 }
108}
109
Hasini Gunasinghe0aba68a2021-03-19 00:43:52 +0000[diff] [blame]110fn create_default_key_operation_atom() -> Keystore2KeyOperationEventReported {
111 Keystore2KeyOperationEventReported {
112 purpose: StatsdKeyPurpose::KeyPurposeUnspecified,
113 padding_mode_bitmap: 0,
114 digest_bitmap: 0,
115 block_mode_bitmap: 0,
116 outcome: StatsdOutcome::OutcomeUnspecified,
117 error_code: 1,
118 key_upgraded: false,
Hasini Gunasinghe9617fd92021-04-01 22:27:07 +0000[diff] [blame]119 security_level: StatsdKeyOperationSecurityLevel::SecurityLevelUnspecified,
Hasini Gunasinghe0aba68a2021-03-19 00:43:52 +0000[diff] [blame]120 }
121}
122
123/// Log key creation events via statsd API.
Hasini Gunasinghe9617fd92021-04-01 22:27:07 +0000[diff] [blame]124pub fn log_key_creation_event_stats<U>(
125 sec_level: SecurityLevel,
126 key_params: &[KeyParameter],
Seth Moore78c091f2021-04-09 21:38:30 +0000[diff] [blame]127 result: &Result<U>,
Hasini Gunasinghe9617fd92021-04-01 22:27:07 +0000[diff] [blame]128) {
129 let key_creation_event_stats =
130 construct_key_creation_event_stats(sec_level, key_params, result);
Hasini Gunasingheb7142972021-02-20 03:11:27 +0000[diff] [blame]131
Pavel Grafov94243c22021-04-21 18:03:11 +0100[diff] [blame]132 LOGS_HANDLER.queue_lo(move |_| {
Hasini Gunasinghe69f0bc52021-05-15 02:08:39 +0000[diff] [blame^]133 if let Ok(()) = wait_for_boot_completed() {
134 if let Err(e) = key_creation_event_stats.stats_write() {
135 log::error!("Error in logging key creation event in the async task. {:?}", e);
136 }
Hasini Gunasinghe19022812021-04-19 21:31:30 +0000[diff] [blame]137 }
138 });
Hasini Gunasingheb7142972021-02-20 03:11:27 +0000[diff] [blame]139}
140
Hasini Gunasinghe0aba68a2021-03-19 00:43:52 +0000[diff] [blame]141/// Log key operation events via statsd API.
142pub fn log_key_operation_event_stats(
Hasini Gunasinghe9617fd92021-04-01 22:27:07 +0000[diff] [blame]143 sec_level: SecurityLevel,
Hasini Gunasinghe0aba68a2021-03-19 00:43:52 +0000[diff] [blame]144 key_purpose: KeyPurpose,
145 op_params: &[KeyParameter],
146 op_outcome: &Outcome,
147 key_upgraded: bool,
148) {
Hasini Gunasinghe9617fd92021-04-01 22:27:07 +0000[diff] [blame]149 let key_operation_event_stats = construct_key_operation_event_stats(
150 sec_level,
151 key_purpose,
152 op_params,
153 op_outcome,
154 key_upgraded,
155 );
Hasini Gunasinghe0aba68a2021-03-19 00:43:52 +0000[diff] [blame]156
Pavel Grafov94243c22021-04-21 18:03:11 +0100[diff] [blame]157 LOGS_HANDLER.queue_lo(move |_| {
Hasini Gunasinghe69f0bc52021-05-15 02:08:39 +0000[diff] [blame^]158 if let Ok(()) = wait_for_boot_completed() {
159 if let Err(e) = key_operation_event_stats.stats_write() {
160 log::error!("Error in logging key operation event in the async task. {:?}", e);
161 }
Hasini Gunasinghe19022812021-04-19 21:31:30 +0000[diff] [blame]162 }
163 });
Hasini Gunasinghe0aba68a2021-03-19 00:43:52 +0000[diff] [blame]164}
165
Hasini Gunasingheb7142972021-02-20 03:11:27 +0000[diff] [blame]166fn construct_key_creation_event_stats<U>(
Hasini Gunasinghe9617fd92021-04-01 22:27:07 +0000[diff] [blame]167 sec_level: SecurityLevel,
Hasini Gunasingheb7142972021-02-20 03:11:27 +0000[diff] [blame]168 key_params: &[KeyParameter],
Seth Moore78c091f2021-04-09 21:38:30 +0000[diff] [blame]169 result: &Result<U>,
Hasini Gunasingheb7142972021-02-20 03:11:27 +0000[diff] [blame]170) -> Keystore2KeyCreationEventReported {
171 let mut key_creation_event_atom = create_default_key_creation_atom();
172
173 if let Err(ref e) = result {
174 key_creation_event_atom.error_code = get_error_code(e);
175 }
176
Hasini Gunasinghe9617fd92021-04-01 22:27:07 +0000[diff] [blame]177 key_creation_event_atom.security_level = match sec_level {
178 SecurityLevel::SOFTWARE => StatsdKeyCreationSecurityLevel::SecurityLevelSoftware,
179 SecurityLevel::TRUSTED_ENVIRONMENT => {
180 StatsdKeyCreationSecurityLevel::SecurityLevelTrustedEnvironment
181 }
182 SecurityLevel::STRONGBOX => StatsdKeyCreationSecurityLevel::SecurityLevelStrongbox,
183 //KEYSTORE is not a valid variant here
184 _ => StatsdKeyCreationSecurityLevel::SecurityLevelUnspecified,
185 };
186
Hasini Gunasingheb7142972021-02-20 03:11:27 +0000[diff] [blame]187 for key_param in key_params.iter().map(KsKeyParamValue::from) {
188 match key_param {
189 KsKeyParamValue::Algorithm(a) => {
190 key_creation_event_atom.algorithm = match a {
191 Algorithm::RSA => StatsdAlgorithm::Rsa,
192 Algorithm::EC => StatsdAlgorithm::Ec,
193 Algorithm::AES => StatsdAlgorithm::Aes,
194 Algorithm::TRIPLE_DES => StatsdAlgorithm::TripleDes,
195 Algorithm::HMAC => StatsdAlgorithm::Hmac,
196 _ => StatsdAlgorithm::AlgorithmUnspecified,
197 }
198 }
199 KsKeyParamValue::KeySize(s) => {
200 key_creation_event_atom.key_size = s;
201 }
202 KsKeyParamValue::KeyOrigin(o) => {
203 key_creation_event_atom.key_origin = match o {
204 KeyOrigin::GENERATED => StatsdKeyOrigin::Generated,
205 KeyOrigin::DERIVED => StatsdKeyOrigin::Derived,
206 KeyOrigin::IMPORTED => StatsdKeyOrigin::Imported,
207 KeyOrigin::RESERVED => StatsdKeyOrigin::Reserved,
208 KeyOrigin::SECURELY_IMPORTED => StatsdKeyOrigin::SecurelyImported,
209 _ => StatsdKeyOrigin::OriginUnspecified,
210 }
211 }
212 KsKeyParamValue::HardwareAuthenticatorType(a) => {
213 key_creation_event_atom.user_auth_type = match a {
214 HardwareAuthenticatorType::NONE => StatsdUserAuthType::None,
215 HardwareAuthenticatorType::PASSWORD => StatsdUserAuthType::Password,
216 HardwareAuthenticatorType::FINGERPRINT => StatsdUserAuthType::Fingerprint,
217 HardwareAuthenticatorType::ANY => StatsdUserAuthType::Any,
218 _ => StatsdUserAuthType::AuthTypeUnspecified,
219 }
220 }
221 KsKeyParamValue::AuthTimeout(t) => {
222 key_creation_event_atom.user_auth_key_timeout_seconds = t;
223 }
224 KsKeyParamValue::PaddingMode(p) => {
225 key_creation_event_atom.padding_mode_bitmap =
226 compute_padding_mode_bitmap(&key_creation_event_atom.padding_mode_bitmap, p);
227 }
228 KsKeyParamValue::Digest(d) => {
229 key_creation_event_atom.digest_bitmap =
230 compute_digest_bitmap(&key_creation_event_atom.digest_bitmap, d);
231 }
232 KsKeyParamValue::BlockMode(b) => {
233 key_creation_event_atom.block_mode_bitmap =
234 compute_block_mode_bitmap(&key_creation_event_atom.block_mode_bitmap, b);
235 }
236 KsKeyParamValue::KeyPurpose(k) => {
237 key_creation_event_atom.purpose_bitmap =
238 compute_purpose_bitmap(&key_creation_event_atom.purpose_bitmap, k);
239 }
240 KsKeyParamValue::EcCurve(e) => {
241 key_creation_event_atom.ec_curve = match e {
242 EcCurve::P_224 => StatsdEcCurve::P224,
243 EcCurve::P_256 => StatsdEcCurve::P256,
244 EcCurve::P_384 => StatsdEcCurve::P384,
245 EcCurve::P_521 => StatsdEcCurve::P521,
246 _ => StatsdEcCurve::EcCurveUnspecified,
247 }
248 }
249 KsKeyParamValue::AttestationChallenge(_) => {
250 key_creation_event_atom.attestation_requested = true;
251 }
252 _ => {}
253 }
254 }
255 key_creation_event_atom
256}
257
Hasini Gunasinghe0aba68a2021-03-19 00:43:52 +0000[diff] [blame]258fn construct_key_operation_event_stats(
Hasini Gunasinghe9617fd92021-04-01 22:27:07 +0000[diff] [blame]259 sec_level: SecurityLevel,
Hasini Gunasinghe0aba68a2021-03-19 00:43:52 +0000[diff] [blame]260 key_purpose: KeyPurpose,
261 op_params: &[KeyParameter],
262 op_outcome: &Outcome,
263 key_upgraded: bool,
264) -> Keystore2KeyOperationEventReported {
265 let mut key_operation_event_atom = create_default_key_operation_atom();
266
Hasini Gunasinghe9617fd92021-04-01 22:27:07 +0000[diff] [blame]267 key_operation_event_atom.security_level = match sec_level {
268 SecurityLevel::SOFTWARE => StatsdKeyOperationSecurityLevel::SecurityLevelSoftware,
269 SecurityLevel::TRUSTED_ENVIRONMENT => {
270 StatsdKeyOperationSecurityLevel::SecurityLevelTrustedEnvironment
271 }
272 SecurityLevel::STRONGBOX => StatsdKeyOperationSecurityLevel::SecurityLevelStrongbox,
273 //KEYSTORE is not a valid variant here
274 _ => StatsdKeyOperationSecurityLevel::SecurityLevelUnspecified,
275 };
276
Hasini Gunasinghe0aba68a2021-03-19 00:43:52 +0000[diff] [blame]277 key_operation_event_atom.key_upgraded = key_upgraded;
278
279 key_operation_event_atom.purpose = match key_purpose {
280 KeyPurpose::ENCRYPT => StatsdKeyPurpose::Encrypt,
281 KeyPurpose::DECRYPT => StatsdKeyPurpose::Decrypt,
282 KeyPurpose::SIGN => StatsdKeyPurpose::Sign,
283 KeyPurpose::VERIFY => StatsdKeyPurpose::Verify,
284 KeyPurpose::WRAP_KEY => StatsdKeyPurpose::WrapKey,
285 KeyPurpose::AGREE_KEY => StatsdKeyPurpose::AgreeKey,
286 KeyPurpose::ATTEST_KEY => StatsdKeyPurpose::AttestKey,
287 _ => StatsdKeyPurpose::KeyPurposeUnspecified,
288 };
289
290 key_operation_event_atom.outcome = match op_outcome {
291 Outcome::Unknown | Outcome::Dropped => StatsdOutcome::Dropped,
292 Outcome::Success => StatsdOutcome::Success,
293 Outcome::Abort => StatsdOutcome::Abort,
294 Outcome::Pruned => StatsdOutcome::Pruned,
295 Outcome::ErrorCode(e) => {
296 key_operation_event_atom.error_code = e.0;
297 StatsdOutcome::Error
298 }
299 };
300
301 for key_param in op_params.iter().map(KsKeyParamValue::from) {
302 match key_param {
303 KsKeyParamValue::PaddingMode(p) => {
304 key_operation_event_atom.padding_mode_bitmap =
305 compute_padding_mode_bitmap(&key_operation_event_atom.padding_mode_bitmap, p);
306 }
307 KsKeyParamValue::Digest(d) => {
308 key_operation_event_atom.digest_bitmap =
309 compute_digest_bitmap(&key_operation_event_atom.digest_bitmap, d);
310 }
311 KsKeyParamValue::BlockMode(b) => {
312 key_operation_event_atom.block_mode_bitmap =
313 compute_block_mode_bitmap(&key_operation_event_atom.block_mode_bitmap, b);
314 }
315 _ => {}
316 }
317 }
318
319 key_operation_event_atom
320}
321
Hasini Gunasingheb7142972021-02-20 03:11:27 +0000[diff] [blame]322fn compute_purpose_bitmap(purpose_bitmap: &i32, purpose: KeyPurpose) -> i32 {
323 let mut bitmap = *purpose_bitmap;
324 match purpose {
325 KeyPurpose::ENCRYPT => {
326 bitmap |= 1 << KeyPurposeBitPosition::ENCRYPT_BIT_POS as i32;
327 }
328 KeyPurpose::DECRYPT => {
329 bitmap |= 1 << KeyPurposeBitPosition::DECRYPT_BIT_POS as i32;
330 }
331 KeyPurpose::SIGN => {
332 bitmap |= 1 << KeyPurposeBitPosition::SIGN_BIT_POS as i32;
333 }
334 KeyPurpose::VERIFY => {
335 bitmap |= 1 << KeyPurposeBitPosition::VERIFY_BIT_POS as i32;
336 }
337 KeyPurpose::WRAP_KEY => {
338 bitmap |= 1 << KeyPurposeBitPosition::WRAP_KEY_BIT_POS as i32;
339 }
340 KeyPurpose::AGREE_KEY => {
341 bitmap |= 1 << KeyPurposeBitPosition::AGREE_KEY_BIT_POS as i32;
342 }
343 KeyPurpose::ATTEST_KEY => {
344 bitmap |= 1 << KeyPurposeBitPosition::ATTEST_KEY_BIT_POS as i32;
345 }
346 _ => {}
347 }
348 bitmap
349}
350
351fn compute_padding_mode_bitmap(padding_mode_bitmap: &i32, padding_mode: PaddingMode) -> i32 {
352 let mut bitmap = *padding_mode_bitmap;
353 match padding_mode {
354 PaddingMode::NONE => {
355 bitmap |= 1 << PaddingModeBitPosition::NONE_BIT_POSITION as i32;
356 }
357 PaddingMode::RSA_OAEP => {
358 bitmap |= 1 << PaddingModeBitPosition::RSA_OAEP_BIT_POS as i32;
359 }
360 PaddingMode::RSA_PSS => {
361 bitmap |= 1 << PaddingModeBitPosition::RSA_PSS_BIT_POS as i32;
362 }
363 PaddingMode::RSA_PKCS1_1_5_ENCRYPT => {
364 bitmap |= 1 << PaddingModeBitPosition::RSA_PKCS1_1_5_ENCRYPT_BIT_POS as i32;
365 }
366 PaddingMode::RSA_PKCS1_1_5_SIGN => {
367 bitmap |= 1 << PaddingModeBitPosition::RSA_PKCS1_1_5_SIGN_BIT_POS as i32;
368 }
369 PaddingMode::PKCS7 => {
370 bitmap |= 1 << PaddingModeBitPosition::PKCS7_BIT_POS as i32;
371 }
372 _ => {}
373 }
374 bitmap
375}
376
377fn compute_digest_bitmap(digest_bitmap: &i32, digest: Digest) -> i32 {
378 let mut bitmap = *digest_bitmap;
379 match digest {
380 Digest::NONE => {
381 bitmap |= 1 << DigestBitPosition::NONE_BIT_POSITION as i32;
382 }
383 Digest::MD5 => {
384 bitmap |= 1 << DigestBitPosition::MD5_BIT_POS as i32;
385 }
386 Digest::SHA1 => {
387 bitmap |= 1 << DigestBitPosition::SHA_1_BIT_POS as i32;
388 }
389 Digest::SHA_2_224 => {
390 bitmap |= 1 << DigestBitPosition::SHA_2_224_BIT_POS as i32;
391 }
392 Digest::SHA_2_256 => {
393 bitmap |= 1 << DigestBitPosition::SHA_2_256_BIT_POS as i32;
394 }
395 Digest::SHA_2_384 => {
396 bitmap |= 1 << DigestBitPosition::SHA_2_384_BIT_POS as i32;
397 }
398 Digest::SHA_2_512 => {
399 bitmap |= 1 << DigestBitPosition::SHA_2_512_BIT_POS as i32;
400 }
401 _ => {}
402 }
403 bitmap
404}
405
406fn compute_block_mode_bitmap(block_mode_bitmap: &i32, block_mode: BlockMode) -> i32 {
407 let mut bitmap = *block_mode_bitmap;
408 match block_mode {
409 BlockMode::ECB => {
410 bitmap |= 1 << BlockModeBitPosition::ECB_BIT_POS as i32;
411 }
412 BlockMode::CBC => {
413 bitmap |= 1 << BlockModeBitPosition::CBC_BIT_POS as i32;
414 }
415 BlockMode::CTR => {
416 bitmap |= 1 << BlockModeBitPosition::CTR_BIT_POS as i32;
417 }
418 BlockMode::GCM => {
419 bitmap |= 1 << BlockModeBitPosition::GCM_BIT_POS as i32;
420 }
421 _ => {}
422 }
423 bitmap
424}
Seth Moore78c091f2021-04-09 21:38:30 +0000[diff] [blame]425
426/// Registers pull metrics callbacks
Hasini Gunasinghe69f0bc52021-05-15 02:08:39 +0000[diff] [blame^]427pub fn register_pull_metrics_callbacks() {
Seth Moore78c091f2021-04-09 21:38:30 +0000[diff] [blame]428 // Before registering the callbacks with statsd, we have to wait for the system to finish
429 // booting up. This avoids possible races that may occur at startup. For example, statsd
430 // depends on a companion service, and if registration happens too soon it will fail since
431 // the companion service isn't up yet.
Hasini Gunasinghe69f0bc52021-05-15 02:08:39 +0000[diff] [blame^]432 LOGS_HANDLER.queue_lo(move |_| {
433 if let Ok(()) = wait_for_boot_completed() {
Seth Moore78c091f2021-04-09 21:38:30 +0000[diff] [blame]434 set_pull_atom_callback(Atoms::Keystore2StorageStats, None, pull_metrics_callback);
Hasini Gunasinghe69f0bc52021-05-15 02:08:39 +0000[diff] [blame^]435 log::info!("Pull metrics callbacks successfully registered.")
Seth Moore78c091f2021-04-09 21:38:30 +0000[diff] [blame]436 }
Hasini Gunasinghe69f0bc52021-05-15 02:08:39 +0000[diff] [blame^]437 });
Seth Moore78c091f2021-04-09 21:38:30 +0000[diff] [blame]438}
439
440fn pull_metrics_callback() -> StatsPullResult {
441 let mut result = StatsPullResult::new();
442 let mut append = |stat| {
443 match stat {
444 Ok(s) => result.push(Box::new(s)),
445 Err(error) => {
446 log::error!("pull_metrics_callback: Error getting storage stat: {}", error)
447 }
448 };
449 };
450 DB.with(|db| {
451 let mut db = db.borrow_mut();
452 append(db.get_storage_stat(StatsdStorageType::Database));
453 append(db.get_storage_stat(StatsdStorageType::KeyEntry));
454 append(db.get_storage_stat(StatsdStorageType::KeyEntryIdIndex));
455 append(db.get_storage_stat(StatsdStorageType::KeyEntryDomainNamespaceIndex));
456 append(db.get_storage_stat(StatsdStorageType::BlobEntry));
457 append(db.get_storage_stat(StatsdStorageType::BlobEntryKeyEntryIdIndex));
458 append(db.get_storage_stat(StatsdStorageType::KeyParameter));
459 append(db.get_storage_stat(StatsdStorageType::KeyParameterKeyEntryIdIndex));
460 append(db.get_storage_stat(StatsdStorageType::KeyMetadata));
461 append(db.get_storage_stat(StatsdStorageType::KeyMetadataKeyEntryIdIndex));
462 append(db.get_storage_stat(StatsdStorageType::Grant));
463 append(db.get_storage_stat(StatsdStorageType::AuthToken));
464 append(db.get_storage_stat(StatsdStorageType::BlobMetadata));
465 append(db.get_storage_stat(StatsdStorageType::BlobMetadataBlobEntryIdIndex));
466 });
467 result
468}
469
Hasini Gunasingheb7142972021-02-20 03:11:27 +0000[diff] [blame]470/// Enum defining the bit position for each padding mode. Since padding mode can be repeatable, it
471/// is represented using a bitmap.
472#[allow(non_camel_case_types)]
473#[repr(i32)]
474pub enum PaddingModeBitPosition {
475 ///Bit position in the PaddingMode bitmap for NONE.
476 NONE_BIT_POSITION = 0,
477 ///Bit position in the PaddingMode bitmap for RSA_OAEP.
478 RSA_OAEP_BIT_POS = 1,
479 ///Bit position in the PaddingMode bitmap for RSA_PSS.
480 RSA_PSS_BIT_POS = 2,
481 ///Bit position in the PaddingMode bitmap for RSA_PKCS1_1_5_ENCRYPT.
482 RSA_PKCS1_1_5_ENCRYPT_BIT_POS = 3,
483 ///Bit position in the PaddingMode bitmap for RSA_PKCS1_1_5_SIGN.
484 RSA_PKCS1_1_5_SIGN_BIT_POS = 4,
485 ///Bit position in the PaddingMode bitmap for RSA_PKCS7.
486 PKCS7_BIT_POS = 5,
487}
488
489/// Enum defining the bit position for each digest type. Since digest can be repeatable in
490/// key parameters, it is represented using a bitmap.
491#[allow(non_camel_case_types)]
492#[repr(i32)]
493pub enum DigestBitPosition {
494 ///Bit position in the Digest bitmap for NONE.
495 NONE_BIT_POSITION = 0,
496 ///Bit position in the Digest bitmap for MD5.
497 MD5_BIT_POS = 1,
498 ///Bit position in the Digest bitmap for SHA1.
499 SHA_1_BIT_POS = 2,
500 ///Bit position in the Digest bitmap for SHA_2_224.
501 SHA_2_224_BIT_POS = 3,
502 ///Bit position in the Digest bitmap for SHA_2_256.
503 SHA_2_256_BIT_POS = 4,
504 ///Bit position in the Digest bitmap for SHA_2_384.
505 SHA_2_384_BIT_POS = 5,
506 ///Bit position in the Digest bitmap for SHA_2_512.
507 SHA_2_512_BIT_POS = 6,
508}
509
510/// Enum defining the bit position for each block mode type. Since block mode can be repeatable in
511/// key parameters, it is represented using a bitmap.
512#[allow(non_camel_case_types)]
513#[repr(i32)]
514enum BlockModeBitPosition {
515 ///Bit position in the BlockMode bitmap for ECB.
516 ECB_BIT_POS = 1,
517 ///Bit position in the BlockMode bitmap for CBC.
518 CBC_BIT_POS = 2,
519 ///Bit position in the BlockMode bitmap for CTR.
520 CTR_BIT_POS = 3,
521 ///Bit position in the BlockMode bitmap for GCM.
522 GCM_BIT_POS = 4,
523}
524
525/// Enum defining the bit position for each key purpose. Since key purpose can be repeatable in
526/// key parameters, it is represented using a bitmap.
527#[allow(non_camel_case_types)]
528#[repr(i32)]
529enum KeyPurposeBitPosition {
530 ///Bit position in the KeyPurpose bitmap for Encrypt.
531 ENCRYPT_BIT_POS = 1,
532 ///Bit position in the KeyPurpose bitmap for Decrypt.
533 DECRYPT_BIT_POS = 2,
534 ///Bit position in the KeyPurpose bitmap for Sign.
535 SIGN_BIT_POS = 3,
536 ///Bit position in the KeyPurpose bitmap for Verify.
537 VERIFY_BIT_POS = 4,
538 ///Bit position in the KeyPurpose bitmap for Wrap Key.
539 WRAP_KEY_BIT_POS = 5,
540 ///Bit position in the KeyPurpose bitmap for Agree Key.
541 AGREE_KEY_BIT_POS = 6,
542 ///Bit position in the KeyPurpose bitmap for Attest Key.
543 ATTEST_KEY_BIT_POS = 7,
544}