1 /******************************************************************************
2  *
3  *  Copyright 2021 NXP
4  *
5  *  Licensed under the Apache License, Version 2.0 (the "License");
6  *  you may not use this file except in compliance with the License.
7  *  You may obtain a copy of the License at
8  *
9  *  http://www.apache.org/licenses/LICENSE-2.0
10  *
11  *  Unless required by applicable law or agreed to in writing, software
12  *  distributed under the License is distributed on an "AS IS" BASIS,
13  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  *  See the License for the specific language governing permissions and
15  *  limitations under the License.
16  *
17  ******************************************************************************/
18 
19 #ifndef _SBACCESSCONTROLLER_H_
20 #define _SBACCESSCONTROLLER_H_
21 #include <IntervalTimer.h>
22 #include <vector>
23 
24 #define EARLY_BOOT_ENDED_CMD (0x35)  // INS Received from VOLD when earlyboot state ends
25 #define BEGIN_OPERATION_CMD (0x30)   // begin()
26 #define FINISH_OPERATION_CMD (0x32)  // finish()
27 #define ABORT_OPERATION_CMD (0x33)   // abort()
28 
29 // Session timeout values during Applet upgrade
30 #define SMALLEST_SESSION_TIMEOUT (0)       // 0 msec, during actual upgrade process
31 #define UPGRADE_SESSION_TIMEOUT (5 * 100)  // 500 msecs, teared scenario
32 
33 #define SB_ACCESS_BLOCK_TIMER (40 * 1000)  // 40 secs,Block access to SB applet during upgrade
34 
35 // Other Session timeout
36 #define REGULAR_SESSION_TIMEOUT (3 * 1000)     // 3 secs,default value
37 #define CRYPTO_OP_SESSION_TIMEOUT (20 * 1000)  // 20 sec,for begin() operation
38 
39 enum BOOTSTATE {
40     SB_EARLY_BOOT = 0,
41     SB_EARLY_BOOT_ENDED,
42 };
43 namespace keymint::javacard {
44 class SBAccessController {
45   public:
46     /**
47      * Constructor
48      */
SBAccessController()49     SBAccessController() : mIsUpdateInProgress(false), mBootState(SB_EARLY_BOOT) {}
50 
51     /**
52      * Controls Applet selection
53      * 1) Not allowed when actual upgrade is in progress for 40 secs
54      * 2) Only allowed for allow listed cmds during early boot in upgrade teared case
55      * 3) Allowed in all other cases
56      * Params : void
57      * Returns : true if Applet select is allowed else false
58      */
59     bool isSelectAllowed();
60 
61     /**
62      * Parses SELECT cmd response to record if Applet upgrade is in progress
63      * Params : R-APDU to SELECT cmd
64      * Returns : void
65      */
66     void parseResponse(std::vector<uint8_t>& responseApdu);
67 
68     /**
69      * Determines if current INS is allowed
70      * Params : one bytes INS value
71      * Returns : true if cmd is allowed else false
72      */
73     bool isOperationAllowed(uint8_t cmdIns);
74 
75     /**
76      * Provides session timeout value for Logical channel mgmt
77      * 1) UPGRADE_SESSION_TIMEOUT for upgrade teared scenario during early boot
78      * 2) SMALLEST_SESSION_TIMEOUT during actual upgrade process
79      * 3) CRYPTO_OP_SESSION_TIMEOUT for crypto begin()
80      * 4) REGULAR_SESSION_TIMEOUT for all other operations
81      * Params : void
82      * Returns : Session timeout value in ms
83      */
84     int getSessionTimeout();
85     /**
86      * Helper function to check if all allowed cmds
87      * are received to mark mBootState as BOOT_ENDED
88      * Params: void
89      * Returns: void
90      */
91     void updateBootState();
92 
93   private:
94     bool mIsUpdateInProgress;  // stores Applet upgrade state
95     BOOTSTATE mBootState;
96 
97     IntervalTimer mTimer;        // track Applet upgrade progress
98     IntervalTimer mTimerCrypto;  // track crypto operations
99     void startTimer(bool isStart, IntervalTimer& t, int timeout,
100                     void (*timerFunc)(union sigval arg));
101 };
102 }  // namespace keymint::javacard
103 #endif /* _SBACCESSCONTROLLER_H_ */
104