main.rs - trusty/app/keymint - Git at Google

 /*
  * Copyright (C) 2022 The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 //! Main entrypoint for KeyMint/Rust trusted application (TA) on Trusty.

 use keymint::{
     AttestationIds, CertSignInfo, SharedSddManager, TrustyAes, TrustyKeys, TrustyMonotonicClock,
     TrustyRng, TrustyRpc, TrustySecureDeletionSecretManager, TrustyStorageKeyWrapper,
 };
 use kmr_common::crypto;
 use kmr_crypto_boring::{
     aes::BoringAes, aes_cmac::BoringAesCmac, des::BoringDes, ec::BoringEc, eq::BoringEq,
     hmac::BoringHmac, rsa::BoringRsa,
 };
 use kmr_ta::{HardwareInfo, RpcInfo, RpcInfoV3};
 use log::info;

 fn log_formatter(record: &log::Record) -> String {
     // line number should be present, so keeping it simple by just returning a 0.
     let line = record.line().unwrap_or(0);
     let file = record.file().unwrap_or("unknown file");
     format!("{}: {}:{} {}\n", record.level(), file, line, record.args())
 }

 fn main() {
     let config = trusty_log::TrustyLoggerConfig::default()
         .with_min_level(log::Level::Info)
         .format(&log_formatter);
     trusty_log::init_with_config(config);

     info!("Hello from Keymint Rust!");

     let hw_info = HardwareInfo {
         version_number: 3,
         security_level: kmr_common::wire::keymint::SecurityLevel::TrustedEnvironment,
         impl_name: "TEE KeyMint in Rust",
         author_name: "Google",
         unique_id: "TEE KeyMint TA",
     };

     let rpc_info_v3 = RpcInfoV3 {
         author_name: "Google",
         unique_id: "TEE KeyMint TA",
         fused: false,
         supported_num_of_keys_in_csr: kmr_wire::rpc::MINIMUM_SUPPORTED_KEYS_IN_CSR,
     };

     let mut rng = TrustyRng::default();
     let clock = TrustyMonotonicClock;
     let aes = TrustyAes::default();
     let imp = crypto::Implementation {
         rng: &mut rng,
         clock: Some(&clock),
         compare: &BoringEq,
         aes: &aes,
         des: &BoringDes,
         hmac: &BoringHmac,
         rsa: &BoringRsa::default(),
         ec: &BoringEc::default(),
         ckdf: &BoringAesCmac,
         hkdf: &BoringHmac,
     };
     let sign_info = CertSignInfo;
     let mut att_ids = AttestationIds;
     let trusty_keys = TrustyKeys;
     let key_wrapper = TrustyStorageKeyWrapper;
     let sdd_mgr = TrustySecureDeletionSecretManager::new();
     let mut shared_sdd_mgr = SharedSddManager::new(sdd_mgr);
     let mut legacy_sdd_mgr = shared_sdd_mgr.clone();
     let mut legacy_key = keymint::TrustyLegacyKeyBlobHandler {
         aes: &BoringAes,
         hkdf: &BoringHmac,
         sdd_mgr: Some(&mut legacy_sdd_mgr),
         keys: &trusty_keys,
     };
     let trusty_rpc = TrustyRpc;
     let dev = kmr_ta::device::Implementation {
         keys: &trusty_keys,
         sign_info: &sign_info,
         attest_ids: Some(&mut att_ids),
         sdd_mgr: Some(&mut shared_sdd_mgr),
         bootloader: &kmr_ta::device::BootloaderDone,
         sk_wrapper: Some(&key_wrapper),
         tup: &kmr_ta::device::TrustedPresenceUnsupported,
         legacy_key: Some(&mut legacy_key),
         rpc: &trusty_rpc,
     };
     keymint::handle_port_connections(hw_info, RpcInfo::V3(rpc_info_v3), imp, dev)
         .expect("handle_port_connections returned an error");
 }
	/*
	* Copyright (C) 2022 The Android Open Source Project
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	//! Main entrypoint for KeyMint/Rust trusted application (TA) on Trusty.

	use keymint::{
	AttestationIds, CertSignInfo, SharedSddManager, TrustyAes, TrustyKeys, TrustyMonotonicClock,
	TrustyRng, TrustyRpc, TrustySecureDeletionSecretManager, TrustyStorageKeyWrapper,
	};
	use kmr_common::crypto;
	use kmr_crypto_boring::{
	aes::BoringAes, aes_cmac::BoringAesCmac, des::BoringDes, ec::BoringEc, eq::BoringEq,
	hmac::BoringHmac, rsa::BoringRsa,
	};
	use kmr_ta::{HardwareInfo, RpcInfo, RpcInfoV3};
	use log::info;

	fn log_formatter(record: &log::Record) -> String {
	// line number should be present, so keeping it simple by just returning a 0.
	let line = record.line().unwrap_or(0);
	let file = record.file().unwrap_or("unknown file");
	format!("{}: {}:{} {}\n", record.level(), file, line, record.args())
	}

	fn main() {
	let config = trusty_log::TrustyLoggerConfig::default()
	.with_min_level(log::Level::Info)
	.format(&log_formatter);
	trusty_log::init_with_config(config);

	info!("Hello from Keymint Rust!");

	let hw_info = HardwareInfo {
	version_number: 3,
	security_level: kmr_common::wire::keymint::SecurityLevel::TrustedEnvironment,
	impl_name: "TEE KeyMint in Rust",
	author_name: "Google",
	unique_id: "TEE KeyMint TA",
	};

	let rpc_info_v3 = RpcInfoV3 {
	author_name: "Google",
	unique_id: "TEE KeyMint TA",
	fused: false,
	supported_num_of_keys_in_csr: kmr_wire::rpc::MINIMUM_SUPPORTED_KEYS_IN_CSR,
	};

	let mut rng = TrustyRng::default();
	let clock = TrustyMonotonicClock;
	let aes = TrustyAes::default();
	let imp = crypto::Implementation {
	rng: &mut rng,
	clock: Some(&clock),
	compare: &BoringEq,
	aes: &aes,
	des: &BoringDes,
	hmac: &BoringHmac,
	rsa: &BoringRsa::default(),
	ec: &BoringEc::default(),
	ckdf: &BoringAesCmac,
	hkdf: &BoringHmac,
	};
	let sign_info = CertSignInfo;
	let mut att_ids = AttestationIds;
	let trusty_keys = TrustyKeys;
	let key_wrapper = TrustyStorageKeyWrapper;
	let sdd_mgr = TrustySecureDeletionSecretManager::new();
	let mut shared_sdd_mgr = SharedSddManager::new(sdd_mgr);
	let mut legacy_sdd_mgr = shared_sdd_mgr.clone();
	let mut legacy_key = keymint::TrustyLegacyKeyBlobHandler {
	aes: &BoringAes,
	hkdf: &BoringHmac,
	sdd_mgr: Some(&mut legacy_sdd_mgr),
	keys: &trusty_keys,
	};
	let trusty_rpc = TrustyRpc;
	let dev = kmr_ta::device::Implementation {
	keys: &trusty_keys,
	sign_info: &sign_info,
	attest_ids: Some(&mut att_ids),
	sdd_mgr: Some(&mut shared_sdd_mgr),
	bootloader: &kmr_ta::device::BootloaderDone,
	sk_wrapper: Some(&key_wrapper),
	tup: &kmr_ta::device::TrustedPresenceUnsupported,
	legacy_key: Some(&mut legacy_key),
	rpc: &trusty_rpc,
	};
	keymint::handle_port_connections(hw_info, RpcInfo::V3(rpc_info_v3), imp, dev)
	.expect("handle_port_connections returned an error");
	}