1 /*
2 * Copyright (C) 2025 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 mod rng;
18 mod service;
19
20 use crate::service::FingerGuardService;
21 use alloc::rc::Rc;
22 use binder::BinderFeatures;
23 use fingerguard_api::aidl::IFingerGuard::BnFingerGuard;
24 use rpcbinder::RpcServer;
25 use tipc::{Manager, PortCfg, TipcError};
26
27 // The port on FingerGuard TA which the Fingerprint sensor HAL connects to.
28 const APP_SERVICE_PORT: &str = "com.android.trusty.rust.FingerGuard.V1";
29
30 const PORT_COUNT: usize = 1;
31 const CONNECTION_COUNT: usize = 1;
32
33 tipc::service_dispatcher! {
34 enum FingerGuardDispatcher {
35 RpcServer
36 }
37 }
init_and_start_loop() -> Result<(), TipcError>38 pub fn init_and_start_loop() -> Result<(), TipcError> {
39 trusty_log::init();
40
41 let mut dispatcher =
42 FingerGuardDispatcher::<PORT_COUNT>::new().expect("Could not create dispatcher");
43 let service = FingerGuardService::new();
44 let binder_service = BnFingerGuard::new_binder(service, BinderFeatures::default());
45 let rpc_service = RpcServer::new_per_session(move |_uuid| Some(binder_service.as_binder()));
46
47 // Allow secure (within trusty) and non-secure (outside trusty) connections.
48 // Originally only intended for non-secure connections, now allowed secure connection as well
49 // to facilitate the unit tests within the trusty environment.
50 let app_cfg = PortCfg::new(APP_SERVICE_PORT)
51 .expect("Could not create port config")
52 .allow_ta_connect()
53 .allow_ns_connect();
54 dispatcher
55 .add_service(Rc::new(rpc_service), app_cfg)
56 .expect("Could not add FingerGuardService to dispatcher");
57
58 // <_, _, 1, 1> means we define a Manager with a single port, and max one connection.
59 Manager::<_, _, PORT_COUNT, CONNECTION_COUNT>::new_with_dispatcher(dispatcher, [])
60 .expect("Could not create service manager")
61 .run_event_loop()
62 .expect("FingerGuard event loop failed");
63
64 Ok(())
65 }
66
67 #[cfg(test)]
68 mod tests {
69 test::init!();
70
71 #[test]
connect_server()72 fn connect_server() {
73 let _ = fingerguard_api::connect_finger_guard().unwrap();
74 }
75
76 #[test]
get_authenticator_id()77 fn get_authenticator_id() {
78 let service = fingerguard_api::connect_finger_guard().unwrap();
79 assert_eq!(service.getAuthenticatorId(0, 0), Ok(0));
80 }
81
82 #[test]
new_authenticator_id()83 fn new_authenticator_id() {
84 let service = fingerguard_api::connect_finger_guard().unwrap();
85 let new_id = service.newAuthenticatorId(1, 1).unwrap();
86 assert_ne!(new_id, 0_i64);
87 }
88 #[test]
new_and_get_authenticator_id()89 fn new_and_get_authenticator_id() {
90 let service = fingerguard_api::connect_finger_guard().unwrap();
91 let new_id = service.newAuthenticatorId(1, 1).unwrap();
92 let got_id = service.getAuthenticatorId(1, 1).unwrap();
93 assert_eq!(new_id, got_id);
94 }
95 }
96