binder: Add getCertificate / addTrustedPeerCerticate.

getCertificate returns the self-signed certificate on this context. addTrustedPeerCertificate adds a peer certificate as trusted by this context. Test: binderRpcTest Bug: 195166979 Change-Id: I0e4fadd8e3391dc39f551e4b80e9411b16b696ab
author: Yifan Hong <elsk@google.com> 2021-08-16 17:13:58 -0700
committer: Yifan Hong <elsk@google.com> 2021-08-23 13:58:26 -0700
commit: 588d59c6ae1abcad5012d33b15bf4a064315f9ee (patch)
tree: 1b4ffbcb76395aed3265aa04ac20454735f1ce4a /libs
parent: 1af485881bce567ed9412b889f22b92c9b1a7e1c (diff)
3 files changed, 43 insertions, 1 deletions
diff --git a/libs/binder/RpcTransportRaw.cpp b/libs/binder/RpcTransportRaw.cpp
index d77fc52c61..930df12c2e 100644
--- a/libs/binder/RpcTransportRaw.cpp
+++ b/libs/binder/RpcTransportRaw.cpp
@@ -111,7 +111,10 @@ public:
     std::unique_ptr<RpcTransport> newTransport(android::base::unique_fd fd, FdTrigger*) const {
         return std::make_unique<RpcTransportRaw>(std::move(fd));
     }
+    std::string getCertificate(CertificateFormat) const override { return {}; }
+    status_t addTrustedPeerCertificate(CertificateFormat, std::string_view) override { return OK; }
 };
+
 } // namespace
 
 std::unique_ptr<RpcTransportCtx> RpcTransportCtxFactoryRaw::newServerCtx() const {
diff --git a/libs/binder/RpcTransportTls.cpp b/libs/binder/RpcTransportTls.cpp
index 82c558b4be..e6cb04e0a4 100644
--- a/libs/binder/RpcTransportTls.cpp
+++ b/libs/binder/RpcTransportTls.cpp
@@ -456,12 +456,24 @@ public:
     static std::unique_ptr<RpcTransportCtxTls> create();
     std::unique_ptr<RpcTransport> newTransport(android::base::unique_fd fd,
                                                FdTrigger* fdTrigger) const override;
+    std::string getCertificate(CertificateFormat) const override;
+    status_t addTrustedPeerCertificate(CertificateFormat, std::string_view cert) override;
 
 protected:
     virtual void preHandshake(Ssl* ssl) const = 0;
     bssl::UniquePtr<SSL_CTX> mCtx;
 };
 
+std::string RpcTransportCtxTls::getCertificate(CertificateFormat) const {
+    // TODO(b/195166979): return certificate here
+    return {};
+}
+
+status_t RpcTransportCtxTls::addTrustedPeerCertificate(CertificateFormat, std::string_view) {
+    // TODO(b/195166979): set certificate here
+    return OK;
+}
+
 // Common implementation for creating server and client contexts. The child class, |Impl|, is
 // provided as a template argument so that this function can initialize an |Impl| object.
 template <typename Impl, typename>
diff --git a/libs/binder/include/binder/RpcTransport.h b/libs/binder/include/binder/RpcTransport.h
index 1b6951986e..8d08b34ef4 100644
--- a/libs/binder/include/binder/RpcTransport.h
+++ b/libs/binder/include/binder/RpcTransport.h
@@ -29,7 +29,13 @@ namespace android {
 
 class FdTrigger;
 
+enum class CertificateFormat {
+    PEM,
+    // TODO(b/195166979): support other formats, e.g. DER
+};
+
 // Represents a socket connection.
+// No thread-safety is guaranteed for these APIs.
 class RpcTransport {
 public:
     virtual ~RpcTransport() = default;
@@ -53,22 +59,43 @@ protected:
 };
 
 // Represents the context that generates the socket connection.
+// All APIs are thread-safe. See RpcTransportCtxRaw and RpcTransportCtxTls for details.
 class RpcTransportCtx {
 public:
     virtual ~RpcTransportCtx() = default;
 
     // Create a new RpcTransport object.
     //
-    // Implemenion details: for TLS, this function may incur I/O. |fdTrigger| may be used
+    // Implementation details: for TLS, this function may incur I/O. |fdTrigger| may be used
     // to interrupt I/O. This function blocks until handshake is finished.
     [[nodiscard]] virtual std::unique_ptr<RpcTransport> newTransport(
             android::base::unique_fd fd, FdTrigger *fdTrigger) const = 0;
 
+    // Return the preconfigured certificate of this context.
+    //
+    // Implementation details:
+    // - For raw sockets, this always returns empty string.
+    // - For TLS, this returns the certificate. See RpcTransportTls for details.
+    [[nodiscard]] virtual std::string getCertificate(CertificateFormat format) const = 0;
+
+    // Add a trusted peer certificate. Peers presenting this certificate are accepted.
+    //
+    // Caller must ensure that newTransport() are called after all trusted peer certificates
+    // are added. Otherwise, RpcTransport-s created before may not trust peer certificates
+    // added later.
+    //
+    // Implementation details:
+    // - For raw sockets, this always returns OK.
+    // - For TLS, this adds trusted peer certificate. See RpcTransportTls for details.
+    [[nodiscard]] virtual status_t addTrustedPeerCertificate(CertificateFormat format,
+                                                             std::string_view cert) = 0;
+
 protected:
     RpcTransportCtx() = default;
 };
 
 // A factory class that generates RpcTransportCtx.
+// All APIs are thread-safe.
 class RpcTransportCtxFactory {
 public:
     virtual ~RpcTransportCtxFactory() = default;
author	Yifan Hong <elsk@google.com>	2021-08-16 17:13:58 -0700
committer	Yifan Hong <elsk@google.com>	2021-08-23 13:58:26 -0700
commit	588d59c6ae1abcad5012d33b15bf4a064315f9ee (patch)
tree	1b4ffbcb76395aed3265aa04ac20454735f1ce4a /libs
parent	1af485881bce567ed9412b889f22b92c9b1a7e1c (diff)