fuchsia_tee_manager_config/
lib.rs

1// Copyright 2024 The Fuchsia Authors
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5use anyhow::{anyhow, Result};
6use serde::{Deserialize, Serialize};
7use std::path::PathBuf;
8
9#[derive(Serialize, Deserialize, Debug, Clone)]
10#[serde(rename_all = "camelCase", tag = "type")]
11enum Config {
12    GlobalPlatform(GlobalPlatformConfig),
13    BinderRpc,
14}
15
16// Configuration values specific to GlobalPlatform TAs.
17#[derive(Serialize, Deserialize, Debug, Clone)]
18#[serde(rename_all = "camelCase")]
19struct GlobalPlatformConfig {
20    /// Only create one instance of the trusted app and route all connections to it.
21    single_instance: bool,
22    /// Whether `single_instance` trusted apps support multiple separate sessions.
23    // TODO: Support multiSession functionality.
24    multi_session: bool,
25    /// The trusted app should continue running even in low power states and suspension.
26    // TODO: Support instanceKeepAlive functionality.
27    instance_keep_alive: bool,
28}
29
30/// Configuration for how to run a trusted application in Fuchsia.
31#[derive(Serialize, Deserialize, Debug, Clone)]
32#[serde(rename_all = "camelCase")]
33pub struct TAConfig {
34    /// The component url to run as the trusted application.
35    pub url: String,
36    /// Type-specific configuration.
37    config: Config,
38    /// Additional capabilities to pass to the component at `url`.
39    capabilities: Vec<()>,
40}
41
42impl TAConfig {
43    pub fn new(url: String) -> Self {
44        Self {
45            url,
46            config: Config::GlobalPlatform(GlobalPlatformConfig {
47                single_instance: false,
48                multi_session: false,
49                instance_keep_alive: false,
50            }),
51            capabilities: vec![],
52        }
53    }
54
55    pub fn global_platform(url: String) -> Self {
56        Self::new(url)
57    }
58
59    pub fn binder_rpc(url: String) -> Self {
60        Self { url, config: Config::BinderRpc, capabilities: vec![] }
61    }
62
63    pub fn parse_config(path: &PathBuf) -> Result<Self> {
64        let contents = std::fs::read_to_string(path)
65            .map_err(|e| anyhow!("Could not read config file at {path:?}: {e}"))?;
66        let parsed = serde_json::from_str(&contents)
67            .map_err(|e| anyhow!("Could not deserialize {path:?} from json: {e}"))?;
68        Ok(parsed)
69    }
70}