blob: 6f8fdd4c2bfdbea2f866a4f0e248bca6c67bc1ec [file] [log] [blame]
// Copyright 2019 The Chromium OS Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef U2FD_U2F_DAEMON_H_
#define U2FD_U2F_DAEMON_H_
#include <memory>
#include <string>
#include <vector>
#include <attestation/proto_bindings/interface.pb.h>
#include <attestation-client/attestation/dbus-proxies.h>
#include <base/optional.h>
#include <brillo/daemons/dbus_daemon.h>
#include <brillo/dbus/dbus_object.h>
#include <brillo/dbus/dbus_signal.h>
#include <metrics/metrics_library.h>
#include <power_manager-client/power_manager/dbus-proxies.h>
#include <session_manager/dbus-proxies.h>
#include <u2f/proto_bindings/u2f_interface.pb.h>
#include "u2fd/tpm_vendor_cmd.h"
#include "u2fd/u2f_msg_handler.h"
#include "u2fd/u2fhid.h"
#include "u2fd/webauthn_handler.h"
namespace u2f {
enum class U2fMode : uint8_t;
// U2F Daemon; starts/runs the virtual USB HID U2F device, and implements the
// U2F DBus interface.
class U2fDaemon : public brillo::DBusServiceDaemon {
U2fDaemon(bool force_u2f,
bool force_g2f,
bool g2f_allowlist_data,
bool legacy_kh_fallback,
uint32_t vendor_id,
uint32_t product_id);
U2fDaemon(const U2fDaemon&) = delete;
U2fDaemon& operator=(const U2fDaemon&) = delete;
int OnInit() override;
// Registers the U2F interface.
void RegisterDBusObjectsAsync(
brillo::dbus_utils::AsyncEventSequencer* sequencer) override;
// Callback for device policy status change. Checks if the device policy is
// available, and if so, starts the U2F service and the WebAuthn handler.
void TryStartService(const std::string& /* unused dbus signal status */);
// Starts the U2F service and the WebAuthn handler.
int StartService();
// Starts the U2F service, and creates the virtual USB HID device. Calling
// after the service is started is a no-op. Returns:
// EX_OK on success
// EX_CONFIG if the service is disabled (by flags and/or policy)
// EX_PROTOCOL if the cr50 version is incompatible or virtual HID device
// cannot be initialized EX_IOERR if DBus cannot be initialized
int StartU2fHidService();
// Initializes DBus proxies for PowerManager, SessionManager, and Trunks.
bool InitializeDBusProxies();
// Helpers to create these members.
void CreateU2fMsgHandler(bool allow_g2f_attestation,
bool include_g2f_allowlisting_data);
void CreateU2fHid();
void InitializeWebAuthnHandler();
// Sends a DBus signal that indicates to Chrome a 'Press Power Button'
// notification should be displayed.
void SendWinkSignal();
// Calls PowerManager to request that power button presses be ignored for a
// short time.
void IgnorePowerButtonPress();
// Returns a certified copy of the G2F certificate from attestationd, or
// base::nullopt on error. The size of the G2F certificate is variable, and
// must be specified in |g2f_cert_size|.
base::Optional<attestation::GetCertifiedNvIndexReply> GetCertifiedG2fCert(
int g2f_cert_size);
// U2F Behavior Flags
const bool force_u2f_;
const bool force_g2f_;
const bool g2f_allowlist_data_;
const bool legacy_kh_fallback_;
// Virtual USB Device ID
uint32_t vendor_id_;
uint32_t product_id_;
// DBus
std::unique_ptr<brillo::dbus_utils::DBusObject> dbus_object_;
// Signal sent by this daemon
// Proxies to call other daemons
u2f::TpmVendorCommandProxy tpm_proxy_;
dbus::ObjectProxy* attestation_proxy_; // Not Owned.
std::unique_ptr<org::chromium::PowerManagerProxy> pm_proxy_;
std::unique_ptr<org::chromium::SessionManagerInterfaceProxy> sm_proxy_;
// User state; uses sm_proxy_.
std::unique_ptr<UserState> user_state_;
// Virtual USB Device
std::unique_ptr<u2f::U2fHid> u2fhid_;
std::unique_ptr<u2f::U2fMessageHandler> u2f_msg_handler_;
// WebAuthn DBus Interface Implementation
WebAuthnHandler webauthn_handler_;
// UMA, used by Virtual USB Device
MetricsLibrary metrics_library_;
} // namespace u2f
#endif // U2FD_U2F_DAEMON_H_