1 /*
2  * Copyright 2020, The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *     http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 /******************************************************************************
17  **
18  ** The original Work has been changed by NXP.
19  **
20  ** Licensed under the Apache License, Version 2.0 (the "License");
21  ** you may not use this file except in compliance with the License.
22  ** You may obtain a copy of the License at
23  **
24  ** http://www.apache.org/licenses/LICENSE-2.0
25  **
26  ** Unless required by applicable law or agreed to in writing, software
27  ** distributed under the License is distributed on an "AS IS" BASIS,
28  ** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
29  ** See the License for the specific language governing permissions and
30  ** limitations under the License.
31  **
32  ** Copyright 2020-2023 NXP
33  **
34  *********************************************************************************/
35 #define LOG_TAG "javacard.strongbox-service"
36 
37 #include <android-base/logging.h>
38 #include <android/binder_manager.h>
39 #include <android/binder_process.h>
40 
41 #include "JavacardKeyMintDevice.h"
42 #include <aidl/android/hardware/security/keymint/SecurityLevel.h>
43 
44 #include "JavacardSecureElement.h"
45 #include "JavacardSharedSecret.h"
46 #include "keymint_utils.h"
47 #include "JavacardRemotelyProvisionedComponentDevice.h"
48 #if defined OMAPI_TRANSPORT
49 #include <OmapiTransport.h>
50 #elif defined HAL_TO_HAL_TRANSPORT
51 #include <HalToHalTransport.h>
52 #else
53 #include <SocketTransport.h>
54 #endif
55 
56 using aidl::android::hardware::security::keymint::JavacardKeyMintDevice;
57 using aidl::android::hardware::security::keymint::
58     JavacardRemotelyProvisionedComponentDevice;
59 using aidl::android::hardware::security::keymint::SecurityLevel;
60 using aidl::android::hardware::security::sharedsecret::JavacardSharedSecret;
61 using namespace keymint::javacard;
62 
63 const std::vector<uint8_t> gStrongBoxAppletAID = {0xA0, 0x00, 0x00, 0x00, 0x62};
64 
addService(Args &&...args)65 template <typename T, class... Args> std::shared_ptr<T> addService(Args&&... args) {
66     std::shared_ptr<T> ser = ndk::SharedRefBase::make<T>(std::forward<Args>(args)...);
67     auto instanceName = std::string(T::descriptor) + "/strongbox";
68     LOG(INFO) << "adding javacard strongbox service instance: " << instanceName;
69     binder_status_t status =
70         AServiceManager_addService(ser->asBinder().get(), instanceName.c_str());
71     CHECK(status == STATUS_OK);
72     return ser;
73 }
74 
main()75 int main() {
76     LOG(INFO) << "Starting javacard strongbox service";
77     ABinderProcess_setThreadPoolMaxThreadCount(0);
78     // Javacard Secure Element
79 #if defined OMAPI_TRANSPORT
80     std::shared_ptr<JavacardSecureElement> card =
81         std::make_shared<JavacardSecureElement>(OmapiTransport::make(gStrongBoxAppletAID), getOsVersion(),
82                                                 getOsPatchlevel(), getVendorPatchlevel());
83 #elif defined HAL_TO_HAL_TRANSPORT
84     std::shared_ptr<JavacardSecureElement> card =
85         std::make_shared<JavacardSecureElement>(std::make_shared<HalToHalTransport>(gStrongBoxAppletAID), getOsVersion(),
86                                                 getOsPatchlevel(), getVendorPatchlevel());
87 #else
88     std::shared_ptr<JavacardSecureElement> card =
89         std::make_shared<JavacardSecureElement>(std::make_shared<SocketTransport>(gStrongBoxAppletAID), getOsVersion(),
90                                                 getOsPatchlevel(), getVendorPatchlevel());
91 #endif
92     // Add Keymint Service
93     addService<JavacardKeyMintDevice>(card);
94     // Add Shared Secret Service
95     addService<JavacardSharedSecret>(card);
96     // Add Remotely Provisioned Component Service
97     addService<JavacardRemotelyProvisionedComponentDevice>(card);
98 
99     LOG(INFO) << "Joining thread pool";
100     ABinderProcess_joinThreadPool();
101     return EXIT_FAILURE;  // should not reach
102 }
103