Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2012 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
Yabin Cui | 19bec5b | 2015-09-22 15:52:57 -0700 | [diff] [blame] | 17 | #define TRACE_TAG AUTH |
Dan Albert | db6fe64 | 2015-03-19 15:21:08 -0700 | [diff] [blame] | 18 | |
| 19 | #include "sysdeps.h" |
| 20 | #include "adb_auth.h" |
Yurii Zubrytskyi | 70ae70a | 2016-05-25 15:17:10 -0700 | [diff] [blame] | 21 | #include "adb_utils.h" |
Dan Albert | db6fe64 | 2015-03-19 15:21:08 -0700 | [diff] [blame] | 22 | |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 23 | #include <stdio.h> |
Christopher Ferris | 054d170 | 2014-11-06 14:34:24 -0800 | [diff] [blame] | 24 | #include <stdlib.h> |
Dan Albert | db6fe64 | 2015-03-19 15:21:08 -0700 | [diff] [blame] | 25 | #include <string.h> |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 26 | |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 27 | #include "adb.h" |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 28 | |
David Pursell | c573d52 | 2016-01-27 08:52:53 -0800 | [diff] [blame] | 29 | #include <android-base/errors.h> |
Yurii Zubrytskyi | 09ecaa5 | 2016-05-26 09:46:10 -0700 | [diff] [blame^] | 30 | #include <android-base/stringprintf.h> |
Elliott Hughes | f55ead9 | 2015-12-04 22:00:26 -0800 | [diff] [blame] | 31 | #include <android-base/strings.h> |
Mattias Nissler | a947b49 | 2016-03-31 16:32:09 +0200 | [diff] [blame] | 32 | #include <crypto_utils/android_pubkey.h> |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 33 | #include <cutils/list.h> |
| 34 | |
| 35 | #include <openssl/evp.h> |
| 36 | #include <openssl/objects.h> |
| 37 | #include <openssl/pem.h> |
| 38 | #include <openssl/rsa.h> |
| 39 | #include <openssl/sha.h> |
| 40 | |
Adam Langley | 29f6cdb | 2014-09-03 14:34:47 -0700 | [diff] [blame] | 41 | #if defined(OPENSSL_IS_BORINGSSL) |
| 42 | #include <openssl/base64.h> |
| 43 | #endif |
| 44 | |
Dan Albert | 3d978e6 | 2015-07-09 20:35:09 +0000 | [diff] [blame] | 45 | #define ANDROID_PATH ".android" |
| 46 | #define ADB_KEY_FILE "adbkey" |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 47 | |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 48 | struct adb_private_key { |
| 49 | struct listnode node; |
| 50 | RSA *rsa; |
| 51 | }; |
| 52 | |
| 53 | static struct listnode key_list; |
| 54 | |
| 55 | |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 56 | static void get_user_info(char *buf, size_t len) |
| 57 | { |
| 58 | char hostname[1024], username[1024]; |
Nick Kralevich | 6183c96 | 2014-11-13 15:17:29 -0800 | [diff] [blame] | 59 | int ret = -1; |
| 60 | |
| 61 | if (getenv("HOSTNAME") != NULL) { |
| 62 | strncpy(hostname, getenv("HOSTNAME"), sizeof(hostname)); |
| 63 | hostname[sizeof(hostname)-1] = '\0'; |
| 64 | ret = 0; |
| 65 | } |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 66 | |
| 67 | #ifndef _WIN32 |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 68 | if (ret < 0) |
Nick Kralevich | 6183c96 | 2014-11-13 15:17:29 -0800 | [diff] [blame] | 69 | ret = gethostname(hostname, sizeof(hostname)); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 70 | #endif |
Nick Kralevich | 6183c96 | 2014-11-13 15:17:29 -0800 | [diff] [blame] | 71 | if (ret < 0) |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 72 | strcpy(hostname, "unknown"); |
| 73 | |
Nick Kralevich | 6183c96 | 2014-11-13 15:17:29 -0800 | [diff] [blame] | 74 | ret = -1; |
| 75 | |
| 76 | if (getenv("LOGNAME") != NULL) { |
| 77 | strncpy(username, getenv("LOGNAME"), sizeof(username)); |
| 78 | username[sizeof(username)-1] = '\0'; |
| 79 | ret = 0; |
| 80 | } |
| 81 | |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 82 | #if !defined _WIN32 && !defined ADB_HOST_ON_TARGET |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 83 | if (ret < 0) |
Nick Kralevich | 6183c96 | 2014-11-13 15:17:29 -0800 | [diff] [blame] | 84 | ret = getlogin_r(username, sizeof(username)); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 85 | #endif |
Nick Kralevich | 6183c96 | 2014-11-13 15:17:29 -0800 | [diff] [blame] | 86 | if (ret < 0) |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 87 | strcpy(username, "unknown"); |
| 88 | |
| 89 | ret = snprintf(buf, len, " %s@%s", username, hostname); |
| 90 | if (ret >= (signed)len) |
| 91 | buf[len - 1] = '\0'; |
| 92 | } |
| 93 | |
| 94 | static int write_public_keyfile(RSA *private_key, const char *private_key_path) |
| 95 | { |
Mattias Nissler | a947b49 | 2016-03-31 16:32:09 +0200 | [diff] [blame] | 96 | uint8_t binary_key_data[ANDROID_PUBKEY_ENCODED_SIZE]; |
| 97 | uint8_t* base64_key_data = nullptr; |
| 98 | size_t base64_key_length = 0; |
Adam Langley | 29f6cdb | 2014-09-03 14:34:47 -0700 | [diff] [blame] | 99 | FILE *outfile = NULL; |
Tamas Berghammer | a1c60c0 | 2015-07-13 19:12:28 +0100 | [diff] [blame] | 100 | char path[PATH_MAX], info[MAX_PAYLOAD_V1]; |
Adam Langley | 29f6cdb | 2014-09-03 14:34:47 -0700 | [diff] [blame] | 101 | int ret = 0; |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 102 | |
Mattias Nissler | a947b49 | 2016-03-31 16:32:09 +0200 | [diff] [blame] | 103 | if (!android_pubkey_encode(private_key, binary_key_data, |
| 104 | sizeof(binary_key_data))) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 105 | D("Failed to convert to publickey"); |
Mattias Nissler | a947b49 | 2016-03-31 16:32:09 +0200 | [diff] [blame] | 106 | goto out; |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 107 | } |
| 108 | |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 109 | D("Writing public key to '%s'", path); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 110 | |
Adam Langley | 29f6cdb | 2014-09-03 14:34:47 -0700 | [diff] [blame] | 111 | #if defined(OPENSSL_IS_BORINGSSL) |
Mattias Nissler | a947b49 | 2016-03-31 16:32:09 +0200 | [diff] [blame] | 112 | if (!EVP_EncodedLength(&base64_key_length, sizeof(binary_key_data))) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 113 | D("Public key too large to base64 encode"); |
Adam Langley | 29f6cdb | 2014-09-03 14:34:47 -0700 | [diff] [blame] | 114 | goto out; |
| 115 | } |
| 116 | #else |
| 117 | /* While we switch from OpenSSL to BoringSSL we have to implement |
| 118 | * |EVP_EncodedLength| here. */ |
Mattias Nissler | a947b49 | 2016-03-31 16:32:09 +0200 | [diff] [blame] | 119 | base64_key_length = 1 + ((sizeof(binary_key_data) + 2) / 3 * 4); |
Adam Langley | 29f6cdb | 2014-09-03 14:34:47 -0700 | [diff] [blame] | 120 | #endif |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 121 | |
Mattias Nissler | a947b49 | 2016-03-31 16:32:09 +0200 | [diff] [blame] | 122 | base64_key_data = new uint8_t[base64_key_length]; |
| 123 | if (base64_key_data == nullptr) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 124 | D("Allocation failure"); |
Adam Langley | 29f6cdb | 2014-09-03 14:34:47 -0700 | [diff] [blame] | 125 | goto out; |
| 126 | } |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 127 | |
Mattias Nissler | a947b49 | 2016-03-31 16:32:09 +0200 | [diff] [blame] | 128 | base64_key_length = EVP_EncodeBlock(base64_key_data, binary_key_data, |
| 129 | sizeof(binary_key_data)); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 130 | get_user_info(info, sizeof(info)); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 131 | |
Mattias Nissler | a947b49 | 2016-03-31 16:32:09 +0200 | [diff] [blame] | 132 | if (snprintf(path, sizeof(path), "%s.pub", private_key_path) >= |
| 133 | (int)sizeof(path)) { |
| 134 | D("Path too long while writing public key"); |
| 135 | goto out; |
| 136 | } |
| 137 | |
| 138 | outfile = fopen(path, "w"); |
| 139 | if (!outfile) { |
| 140 | D("Failed to open '%s'", path); |
| 141 | goto out; |
| 142 | } |
| 143 | |
| 144 | if (fwrite(base64_key_data, base64_key_length, 1, outfile) != 1 || |
Adam Langley | 29f6cdb | 2014-09-03 14:34:47 -0700 | [diff] [blame] | 145 | fwrite(info, strlen(info), 1, outfile) != 1) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 146 | D("Write error while writing public key"); |
Adam Langley | 29f6cdb | 2014-09-03 14:34:47 -0700 | [diff] [blame] | 147 | goto out; |
| 148 | } |
| 149 | |
| 150 | ret = 1; |
| 151 | |
| 152 | out: |
| 153 | if (outfile != NULL) { |
| 154 | fclose(outfile); |
| 155 | } |
Mattias Nissler | a947b49 | 2016-03-31 16:32:09 +0200 | [diff] [blame] | 156 | delete[] base64_key_data; |
Adam Langley | 29f6cdb | 2014-09-03 14:34:47 -0700 | [diff] [blame] | 157 | return ret; |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 158 | } |
| 159 | |
| 160 | static int generate_key(const char *file) |
| 161 | { |
| 162 | EVP_PKEY* pkey = EVP_PKEY_new(); |
| 163 | BIGNUM* exponent = BN_new(); |
| 164 | RSA* rsa = RSA_new(); |
Benoit Goby | cb37c50 | 2012-08-31 12:14:21 -0700 | [diff] [blame] | 165 | mode_t old_mask; |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 166 | FILE *f = NULL; |
| 167 | int ret = 0; |
| 168 | |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 169 | D("generate_key '%s'", file); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 170 | |
| 171 | if (!pkey || !exponent || !rsa) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 172 | D("Failed to allocate key"); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 173 | goto out; |
| 174 | } |
| 175 | |
| 176 | BN_set_word(exponent, RSA_F4); |
| 177 | RSA_generate_key_ex(rsa, 2048, exponent, NULL); |
| 178 | EVP_PKEY_set1_RSA(pkey, rsa); |
| 179 | |
Benoit Goby | cb37c50 | 2012-08-31 12:14:21 -0700 | [diff] [blame] | 180 | old_mask = umask(077); |
| 181 | |
Spencer Low | 60bca2d | 2015-05-07 19:08:29 -0700 | [diff] [blame] | 182 | f = fopen(file, "w"); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 183 | if (!f) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 184 | D("Failed to open '%s'", file); |
Benoit Goby | cb37c50 | 2012-08-31 12:14:21 -0700 | [diff] [blame] | 185 | umask(old_mask); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 186 | goto out; |
| 187 | } |
| 188 | |
Benoit Goby | cb37c50 | 2012-08-31 12:14:21 -0700 | [diff] [blame] | 189 | umask(old_mask); |
| 190 | |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 191 | if (!PEM_write_PrivateKey(f, pkey, NULL, NULL, 0, NULL, NULL)) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 192 | D("Failed to write key"); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 193 | goto out; |
| 194 | } |
| 195 | |
| 196 | if (!write_public_keyfile(rsa, file)) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 197 | D("Failed to write public key"); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 198 | goto out; |
| 199 | } |
| 200 | |
| 201 | ret = 1; |
| 202 | |
| 203 | out: |
| 204 | if (f) |
| 205 | fclose(f); |
| 206 | EVP_PKEY_free(pkey); |
| 207 | RSA_free(rsa); |
| 208 | BN_free(exponent); |
| 209 | return ret; |
| 210 | } |
| 211 | |
| 212 | static int read_key(const char *file, struct listnode *list) |
| 213 | { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 214 | D("read_key '%s'", file); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 215 | |
Spencer Low | 60bca2d | 2015-05-07 19:08:29 -0700 | [diff] [blame] | 216 | FILE* fp = fopen(file, "r"); |
Elliott Hughes | fb2ba51 | 2015-04-24 23:02:00 -0700 | [diff] [blame] | 217 | if (!fp) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 218 | D("Failed to open '%s': %s", file, strerror(errno)); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 219 | return 0; |
| 220 | } |
| 221 | |
Elliott Hughes | fb2ba51 | 2015-04-24 23:02:00 -0700 | [diff] [blame] | 222 | adb_private_key* key = new adb_private_key; |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 223 | key->rsa = RSA_new(); |
| 224 | |
Elliott Hughes | fb2ba51 | 2015-04-24 23:02:00 -0700 | [diff] [blame] | 225 | if (!PEM_read_RSAPrivateKey(fp, &key->rsa, NULL, NULL)) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 226 | D("Failed to read key"); |
Elliott Hughes | fb2ba51 | 2015-04-24 23:02:00 -0700 | [diff] [blame] | 227 | fclose(fp); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 228 | RSA_free(key->rsa); |
Elliott Hughes | fb2ba51 | 2015-04-24 23:02:00 -0700 | [diff] [blame] | 229 | delete key; |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 230 | return 0; |
| 231 | } |
| 232 | |
Elliott Hughes | fb2ba51 | 2015-04-24 23:02:00 -0700 | [diff] [blame] | 233 | fclose(fp); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 234 | list_add_tail(list, &key->node); |
| 235 | return 1; |
| 236 | } |
| 237 | |
Dan Albert | 3d978e6 | 2015-07-09 20:35:09 +0000 | [diff] [blame] | 238 | static int get_user_keyfilepath(char *filename, size_t len) |
| 239 | { |
Yurii Zubrytskyi | 09ecaa5 | 2016-05-26 09:46:10 -0700 | [diff] [blame^] | 240 | const std::string home = adb_get_homedir_path(true); |
Yurii Zubrytskyi | 70ae70a | 2016-05-25 15:17:10 -0700 | [diff] [blame] | 241 | D("home '%s'", home.c_str()); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 242 | |
Yurii Zubrytskyi | 09ecaa5 | 2016-05-26 09:46:10 -0700 | [diff] [blame^] | 243 | const std::string android_dir = |
| 244 | android::base::StringPrintf("%s%c%s", home.c_str(), |
| 245 | OS_PATH_SEPARATOR, ANDROID_PATH); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 246 | |
Yurii Zubrytskyi | 09ecaa5 | 2016-05-26 09:46:10 -0700 | [diff] [blame^] | 247 | struct stat buf; |
| 248 | if (stat(android_dir.c_str(), &buf)) { |
| 249 | if (adb_mkdir(android_dir.c_str(), 0750) < 0) { |
| 250 | D("Cannot mkdir '%s'", android_dir.c_str()); |
Dan Albert | 3d978e6 | 2015-07-09 20:35:09 +0000 | [diff] [blame] | 251 | return -1; |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 252 | } |
| 253 | } |
| 254 | |
Yurii Zubrytskyi | 09ecaa5 | 2016-05-26 09:46:10 -0700 | [diff] [blame^] | 255 | return snprintf(filename, len, "%s%c%s", |
| 256 | android_dir.c_str(), OS_PATH_SEPARATOR, ADB_KEY_FILE); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 257 | } |
| 258 | |
| 259 | static int get_user_key(struct listnode *list) |
| 260 | { |
Dan Albert | 3d978e6 | 2015-07-09 20:35:09 +0000 | [diff] [blame] | 261 | struct stat buf; |
| 262 | char path[PATH_MAX]; |
| 263 | int ret; |
| 264 | |
| 265 | ret = get_user_keyfilepath(path, sizeof(path)); |
| 266 | if (ret < 0 || ret >= (signed)sizeof(path)) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 267 | D("Error getting user key filename"); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 268 | return 0; |
| 269 | } |
| 270 | |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 271 | D("user key '%s'", path); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 272 | |
Dan Albert | 3d978e6 | 2015-07-09 20:35:09 +0000 | [diff] [blame] | 273 | if (stat(path, &buf) == -1) { |
| 274 | if (!generate_key(path)) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 275 | D("Failed to generate new key"); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 276 | return 0; |
| 277 | } |
| 278 | } |
| 279 | |
Dan Albert | 3d978e6 | 2015-07-09 20:35:09 +0000 | [diff] [blame] | 280 | return read_key(path, list); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 281 | } |
| 282 | |
Elliott Hughes | fb2ba51 | 2015-04-24 23:02:00 -0700 | [diff] [blame] | 283 | static void get_vendor_keys(struct listnode* key_list) { |
| 284 | const char* adb_keys_path = getenv("ADB_VENDOR_KEYS"); |
| 285 | if (adb_keys_path == nullptr) { |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 286 | return; |
Elliott Hughes | fb2ba51 | 2015-04-24 23:02:00 -0700 | [diff] [blame] | 287 | } |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 288 | |
Elliott Hughes | 8595283 | 2015-10-07 15:59:35 -0700 | [diff] [blame] | 289 | for (const auto& path : android::base::Split(adb_keys_path, ENV_PATH_SEPARATOR_STR)) { |
Elliott Hughes | fb2ba51 | 2015-04-24 23:02:00 -0700 | [diff] [blame] | 290 | if (!read_key(path.c_str(), key_list)) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 291 | D("Failed to read '%s'", path.c_str()); |
Elliott Hughes | fb2ba51 | 2015-04-24 23:02:00 -0700 | [diff] [blame] | 292 | } |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 293 | } |
| 294 | } |
| 295 | |
Dan Albert | f30d73c | 2015-02-25 17:51:28 -0800 | [diff] [blame] | 296 | int adb_auth_sign(void *node, const unsigned char* token, size_t token_size, |
| 297 | unsigned char* sig) |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 298 | { |
| 299 | unsigned int len; |
| 300 | struct adb_private_key *key = node_to_item(node, struct adb_private_key, node); |
| 301 | |
Sami Tolvanen | b92a35c | 2015-01-27 16:48:35 +0000 | [diff] [blame] | 302 | if (token_size != TOKEN_SIZE) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 303 | D("Unexpected token size %zd", token_size); |
Sami Tolvanen | b92a35c | 2015-01-27 16:48:35 +0000 | [diff] [blame] | 304 | return 0; |
| 305 | } |
| 306 | |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 307 | if (!RSA_sign(NID_sha1, token, token_size, sig, &len, key->rsa)) { |
| 308 | return 0; |
| 309 | } |
| 310 | |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 311 | D("adb_auth_sign len=%d", len); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 312 | return (int)len; |
| 313 | } |
| 314 | |
| 315 | void *adb_auth_nextkey(void *current) |
| 316 | { |
| 317 | struct listnode *item; |
| 318 | |
| 319 | if (list_empty(&key_list)) |
| 320 | return NULL; |
| 321 | |
| 322 | if (!current) |
| 323 | return list_head(&key_list); |
| 324 | |
| 325 | list_for_each(item, &key_list) { |
| 326 | if (item == current) { |
| 327 | /* current is the last item, we tried all the keys */ |
| 328 | if (item->next == &key_list) |
| 329 | return NULL; |
| 330 | return item->next; |
| 331 | } |
| 332 | } |
| 333 | |
| 334 | return NULL; |
| 335 | } |
| 336 | |
| 337 | int adb_auth_get_userkey(unsigned char *data, size_t len) |
| 338 | { |
Dan Albert | 3d978e6 | 2015-07-09 20:35:09 +0000 | [diff] [blame] | 339 | char path[PATH_MAX]; |
| 340 | int ret = get_user_keyfilepath(path, sizeof(path) - 4); |
| 341 | if (ret < 0 || ret >= (signed)(sizeof(path) - 4)) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 342 | D("Error getting user key filename"); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 343 | return 0; |
| 344 | } |
Dan Albert | 3d978e6 | 2015-07-09 20:35:09 +0000 | [diff] [blame] | 345 | strcat(path, ".pub"); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 346 | |
Dan Albert | f30d73c | 2015-02-25 17:51:28 -0800 | [diff] [blame] | 347 | // TODO(danalbert): ReadFileToString |
Spencer Low | 3a2421b | 2015-05-22 20:09:06 -0700 | [diff] [blame] | 348 | // Note that on Windows, load_file() does not do CR/LF translation, but |
| 349 | // ReadFileToString() uses the C Runtime which uses CR/LF translation by |
| 350 | // default (by is overridable with _setmode()). |
Dan Albert | f30d73c | 2015-02-25 17:51:28 -0800 | [diff] [blame] | 351 | unsigned size; |
Dan Albert | 3d978e6 | 2015-07-09 20:35:09 +0000 | [diff] [blame] | 352 | char* file_data = reinterpret_cast<char*>(load_file(path, &size)); |
Dan Albert | f30d73c | 2015-02-25 17:51:28 -0800 | [diff] [blame] | 353 | if (file_data == nullptr) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 354 | D("Can't load '%s'", path); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 355 | return 0; |
| 356 | } |
| 357 | |
Dan Albert | f30d73c | 2015-02-25 17:51:28 -0800 | [diff] [blame] | 358 | if (len < (size_t)(size + 1)) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 359 | D("%s: Content too large ret=%d", path, size); |
Dan Albert | f30d73c | 2015-02-25 17:51:28 -0800 | [diff] [blame] | 360 | free(file_data); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 361 | return 0; |
| 362 | } |
| 363 | |
Dan Albert | f30d73c | 2015-02-25 17:51:28 -0800 | [diff] [blame] | 364 | memcpy(data, file_data, size); |
| 365 | free(file_data); |
| 366 | file_data = nullptr; |
| 367 | data[size] = '\0'; |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 368 | |
Dan Albert | f30d73c | 2015-02-25 17:51:28 -0800 | [diff] [blame] | 369 | return size + 1; |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 370 | } |
| 371 | |
Nick Kralevich | 6183c96 | 2014-11-13 15:17:29 -0800 | [diff] [blame] | 372 | int adb_auth_keygen(const char* filename) { |
Nick Kralevich | 6183c96 | 2014-11-13 15:17:29 -0800 | [diff] [blame] | 373 | return (generate_key(filename) == 0); |
| 374 | } |
| 375 | |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 376 | void adb_auth_init(void) |
| 377 | { |
| 378 | int ret; |
| 379 | |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 380 | D("adb_auth_init"); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 381 | |
| 382 | list_init(&key_list); |
| 383 | |
| 384 | ret = get_user_key(&key_list); |
| 385 | if (!ret) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 386 | D("Failed to get user key"); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 387 | return; |
| 388 | } |
| 389 | |
| 390 | get_vendor_keys(&key_list); |
| 391 | } |