|
| 1 | +// |
| 2 | +// Copyright 2022 The Project Oak Authors |
| 3 | +// |
| 4 | +// Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | +// you may not use this file except in compliance with the License. |
| 6 | +// You may obtain a copy of the License at |
| 7 | +// |
| 8 | +// http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | +// |
| 10 | +// Unless required by applicable law or agreed to in writing, software |
| 11 | +// distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | +// See the License for the specific language governing permissions and |
| 14 | +// limitations under the License. |
| 15 | +// |
| 16 | + |
| 17 | +//! Server-side implementation of the bidirectional gRPC remote attestation handshake |
| 18 | +//! protocol. |
| 19 | +//! |
| 20 | +//! A simplified version of the implementation from the `grpc_unary_attestation` |
| 21 | +//! crate. TODO(#2741): Refactor this to share more code between the two runtimes. |
| 22 | +
|
| 23 | +use alloc::{boxed::Box, sync::Arc, vec::Vec}; |
| 24 | +use lru::LruCache; |
| 25 | +use oak_remote_attestation::handshaker::{ |
| 26 | + Encryptor, ServerHandshaker, SessionId, SessionState, SessionTracker, |
| 27 | +}; |
| 28 | + |
| 29 | +pub struct AttestationHandler<F> { |
| 30 | + session_tracker: SessionTracker, |
| 31 | + request_handler: F, |
| 32 | +} |
| 33 | + |
| 34 | +const MOCK_TEE_CERTIFICATE: [u8; 0] = []; |
| 35 | +const MOCK_ADDITIONAL_INFO: [u8; 0] = []; |
| 36 | + |
| 37 | +impl<F> AttestationHandler<F> |
| 38 | +where |
| 39 | + F: Send + Sync + Clone + FnOnce(Vec<u8>) -> Vec<u8>, |
| 40 | +{ |
| 41 | + pub fn create(request_handler: F) -> Self { |
| 42 | + let session_tracker = |
| 43 | + SessionTracker::create(MOCK_TEE_CERTIFICATE.to_vec(), MOCK_ADDITIONAL_INFO.to_vec()); |
| 44 | + |
| 45 | + Self { |
| 46 | + session_tracker, |
| 47 | + request_handler, |
| 48 | + } |
| 49 | + } |
| 50 | + |
| 51 | + pub fn message(&mut self, session_id: SessionId, request: Vec<u8>) -> Vec<u8> { |
| 52 | + let mut session_state = { |
| 53 | + self.session_tracker |
| 54 | + .pop_session_state(session_id) |
| 55 | + .expect("Couldn't pop session state") |
| 56 | + }; |
| 57 | + let response_body = match session_state { |
| 58 | + SessionState::HandshakeInProgress(ref mut handshaker) => { |
| 59 | + handshaker |
| 60 | + .next_step(&request) |
| 61 | + .expect("Couldn't process handshake message") |
| 62 | + // After receiving a valid `ClientIdentity` message |
| 63 | + // (the last step of the key exchange) |
| 64 | + // ServerHandshaker.next_step returns `None`. For unary |
| 65 | + // request we do want to send an explicit confirmation in |
| 66 | + // the form of a status message. Hence in case of `None` |
| 67 | + // fallback to a default (empty) response. |
| 68 | + .unwrap_or_default() |
| 69 | + } |
| 70 | + SessionState::EncryptedMessageExchange(ref mut encryptor) => { |
| 71 | + let decrypted_request = encryptor |
| 72 | + .decrypt(&request) |
| 73 | + .expect("Couldn't decrypt response"); |
| 74 | + |
| 75 | + let response = (self.request_handler.clone())(decrypted_request); |
| 76 | + |
| 77 | + encryptor |
| 78 | + .encrypt(&response) |
| 79 | + .expect("Couldn't encrypt response") |
| 80 | + } |
| 81 | + }; |
| 82 | + |
| 83 | + self.session_tracker |
| 84 | + .put_session_state(session_id, session_state); |
| 85 | + |
| 86 | + response_body |
| 87 | + } |
| 88 | +} |
0 commit comments