1 /* 2 * Copyright (C) 2017 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #ifndef KEYSTORE_CONFIRMATION_MANAGER_H_ 18 #define KEYSTORE_CONFIRMATION_MANAGER_H_ 19 20 #include <android/hardware/confirmationui/1.0/IConfirmationUI.h> 21 #include <android/hardware/confirmationui/1.0/types.h> 22 #include <binder/Binder.h> 23 #include <binder/IBinder.h> 24 #include <binder/Status.h> 25 #include <keystore/keymaster_types.h> 26 #include <map> 27 #include <mutex> 28 #include <utils/LruCache.h> 29 #include <utils/StrongPointer.h> 30 #include <vector> 31 32 #include "confirmationui_rate_limiting.h" 33 34 namespace keystore { 35 36 using android::binder::Status; 37 using android::hardware::confirmationui::V1_0::IConfirmationResultCallback; 38 using ConfirmationResponseCode = android::hardware::confirmationui::V1_0::ResponseCode; 39 40 class ConfirmationManager; 41 42 class ConfirmationManager : public android::hardware::hidl_death_recipient, 43 public IConfirmationResultCallback { 44 public: 45 explicit ConfirmationManager(android::IBinder::DeathRecipient* deathRecipient); 46 47 // Calls into the confirmationui HAL to start a new prompt. 48 // 49 // Returns OperationPending if another application is already 50 // showing a confirmation. Otherwise returns the return code from 51 // the HAL. 52 Status presentConfirmationPrompt(const android::sp<android::IBinder>& listener, 53 const android::String16& promptText, 54 const hidl_vec<uint8_t>& extraData, 55 const android::String16& locale, int uiOptionsAsFlags, 56 int32_t* aidl_return); 57 58 // Calls into the confirmationui HAL to cancel displaying a 59 // prompt. 60 // 61 // Returns OperatingPending if another application is showing a 62 // confirmation. Otherwise returns the return code from the HAL. 63 Status cancelConfirmationPrompt(const android::sp<android::IBinder>& listener, 64 int32_t* aidl_return); 65 66 // Checks if the confirmationUI HAL is available. 67 Status isConfirmationPromptSupported(bool* aidl_return); 68 69 // Gets the latest confirmation token received from the ConfirmationUI HAL. 70 hidl_vec<uint8_t> getLatestConfirmationToken(); 71 72 // Called by KeyStoreService when a client binder has died. 73 void binderDied(const android::wp<android::IBinder>& who); 74 75 // hidl_death_recipient overrides: 76 virtual void serviceDied(uint64_t cookie, 77 const android::wp<android::hidl::base::V1_0::IBase>& who) override; 78 79 // IConfirmationResultCallback overrides: 80 android::hardware::Return<void> result(ConfirmationResponseCode responseCode, 81 const hidl_vec<uint8_t>& dataThatWasConfirmed, 82 const hidl_vec<uint8_t>& confirmationToken) override; 83 84 private: 85 friend class ConfirmationResultCallback; 86 87 // Set rate limiting to not decrement on next abort and aborts 88 // confirmationui. 89 void cancelPrompt(); 90 91 void finalizeTransaction(ConfirmationResponseCode responseCode, 92 hidl_vec<uint8_t> dataThatWasConfirmed); 93 94 // This mutex protects all data below it. 95 std::mutex mMutex; 96 97 // The mCurrentListener and mCurrentConfirmationUI fields are set 98 // if and only if a prompt is currently showing. 99 android::sp<android::IBinder> mCurrentListener; 100 android::sp<android::hardware::confirmationui::V1_0::IConfirmationUI> mCurrentConfirmationUI; 101 android::IBinder::DeathRecipient* mDeathRecipient; 102 hidl_vec<uint8_t> mLatestConfirmationToken; 103 RateLimiting<> mRateLimiting; 104 }; 105 106 } // namespace keystore 107 108 #endif // KEYSTORE_CONFIRMATION_MANAGER_H_ 109