Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2012 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
Yabin Cui | 19bec5b | 2015-09-22 15:52:57 -0700 | [diff] [blame] | 17 | #define TRACE_TAG AUTH |
Dan Albert | db6fe64 | 2015-03-19 15:21:08 -0700 | [diff] [blame] | 18 | |
| 19 | #include "sysdeps.h" |
| 20 | #include "adb_auth.h" |
Yurii Zubrytskyi | 70ae70a | 2016-05-25 15:17:10 -0700 | [diff] [blame] | 21 | #include "adb_utils.h" |
Dan Albert | db6fe64 | 2015-03-19 15:21:08 -0700 | [diff] [blame] | 22 | |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 23 | #include <stdio.h> |
Christopher Ferris | 054d170 | 2014-11-06 14:34:24 -0800 | [diff] [blame] | 24 | #include <stdlib.h> |
Dan Albert | db6fe64 | 2015-03-19 15:21:08 -0700 | [diff] [blame] | 25 | #include <string.h> |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 26 | |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 27 | #include "adb.h" |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 28 | |
David Pursell | c573d52 | 2016-01-27 08:52:53 -0800 | [diff] [blame] | 29 | #include <android-base/errors.h> |
Elliott Hughes | e0a6e2a | 2016-05-26 22:43:19 -0700 | [diff] [blame^] | 30 | #include <android-base/file.h> |
Yurii Zubrytskyi | 09ecaa5 | 2016-05-26 09:46:10 -0700 | [diff] [blame] | 31 | #include <android-base/stringprintf.h> |
Elliott Hughes | f55ead9 | 2015-12-04 22:00:26 -0800 | [diff] [blame] | 32 | #include <android-base/strings.h> |
Mattias Nissler | a947b49 | 2016-03-31 16:32:09 +0200 | [diff] [blame] | 33 | #include <crypto_utils/android_pubkey.h> |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 34 | #include <cutils/list.h> |
| 35 | |
| 36 | #include <openssl/evp.h> |
| 37 | #include <openssl/objects.h> |
| 38 | #include <openssl/pem.h> |
| 39 | #include <openssl/rsa.h> |
| 40 | #include <openssl/sha.h> |
| 41 | |
Adam Langley | 29f6cdb | 2014-09-03 14:34:47 -0700 | [diff] [blame] | 42 | #if defined(OPENSSL_IS_BORINGSSL) |
| 43 | #include <openssl/base64.h> |
| 44 | #endif |
| 45 | |
Dan Albert | 3d978e6 | 2015-07-09 20:35:09 +0000 | [diff] [blame] | 46 | #define ANDROID_PATH ".android" |
| 47 | #define ADB_KEY_FILE "adbkey" |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 48 | |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 49 | struct adb_private_key { |
| 50 | struct listnode node; |
| 51 | RSA *rsa; |
| 52 | }; |
| 53 | |
| 54 | static struct listnode key_list; |
| 55 | |
| 56 | |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 57 | static void get_user_info(char *buf, size_t len) |
| 58 | { |
| 59 | char hostname[1024], username[1024]; |
Nick Kralevich | 6183c96 | 2014-11-13 15:17:29 -0800 | [diff] [blame] | 60 | int ret = -1; |
| 61 | |
| 62 | if (getenv("HOSTNAME") != NULL) { |
| 63 | strncpy(hostname, getenv("HOSTNAME"), sizeof(hostname)); |
| 64 | hostname[sizeof(hostname)-1] = '\0'; |
| 65 | ret = 0; |
| 66 | } |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 67 | |
| 68 | #ifndef _WIN32 |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 69 | if (ret < 0) |
Nick Kralevich | 6183c96 | 2014-11-13 15:17:29 -0800 | [diff] [blame] | 70 | ret = gethostname(hostname, sizeof(hostname)); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 71 | #endif |
Nick Kralevich | 6183c96 | 2014-11-13 15:17:29 -0800 | [diff] [blame] | 72 | if (ret < 0) |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 73 | strcpy(hostname, "unknown"); |
| 74 | |
Nick Kralevich | 6183c96 | 2014-11-13 15:17:29 -0800 | [diff] [blame] | 75 | ret = -1; |
| 76 | |
| 77 | if (getenv("LOGNAME") != NULL) { |
| 78 | strncpy(username, getenv("LOGNAME"), sizeof(username)); |
| 79 | username[sizeof(username)-1] = '\0'; |
| 80 | ret = 0; |
| 81 | } |
| 82 | |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 83 | #if !defined _WIN32 && !defined ADB_HOST_ON_TARGET |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 84 | if (ret < 0) |
Nick Kralevich | 6183c96 | 2014-11-13 15:17:29 -0800 | [diff] [blame] | 85 | ret = getlogin_r(username, sizeof(username)); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 86 | #endif |
Nick Kralevich | 6183c96 | 2014-11-13 15:17:29 -0800 | [diff] [blame] | 87 | if (ret < 0) |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 88 | strcpy(username, "unknown"); |
| 89 | |
| 90 | ret = snprintf(buf, len, " %s@%s", username, hostname); |
| 91 | if (ret >= (signed)len) |
| 92 | buf[len - 1] = '\0'; |
| 93 | } |
| 94 | |
| 95 | static int write_public_keyfile(RSA *private_key, const char *private_key_path) |
| 96 | { |
Mattias Nissler | a947b49 | 2016-03-31 16:32:09 +0200 | [diff] [blame] | 97 | uint8_t binary_key_data[ANDROID_PUBKEY_ENCODED_SIZE]; |
| 98 | uint8_t* base64_key_data = nullptr; |
| 99 | size_t base64_key_length = 0; |
Adam Langley | 29f6cdb | 2014-09-03 14:34:47 -0700 | [diff] [blame] | 100 | FILE *outfile = NULL; |
Tamas Berghammer | a1c60c0 | 2015-07-13 19:12:28 +0100 | [diff] [blame] | 101 | char path[PATH_MAX], info[MAX_PAYLOAD_V1]; |
Adam Langley | 29f6cdb | 2014-09-03 14:34:47 -0700 | [diff] [blame] | 102 | int ret = 0; |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 103 | |
Mattias Nissler | a947b49 | 2016-03-31 16:32:09 +0200 | [diff] [blame] | 104 | if (!android_pubkey_encode(private_key, binary_key_data, |
| 105 | sizeof(binary_key_data))) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 106 | D("Failed to convert to publickey"); |
Mattias Nissler | a947b49 | 2016-03-31 16:32:09 +0200 | [diff] [blame] | 107 | goto out; |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 108 | } |
| 109 | |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 110 | D("Writing public key to '%s'", path); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 111 | |
Adam Langley | 29f6cdb | 2014-09-03 14:34:47 -0700 | [diff] [blame] | 112 | #if defined(OPENSSL_IS_BORINGSSL) |
Mattias Nissler | a947b49 | 2016-03-31 16:32:09 +0200 | [diff] [blame] | 113 | if (!EVP_EncodedLength(&base64_key_length, sizeof(binary_key_data))) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 114 | D("Public key too large to base64 encode"); |
Adam Langley | 29f6cdb | 2014-09-03 14:34:47 -0700 | [diff] [blame] | 115 | goto out; |
| 116 | } |
| 117 | #else |
| 118 | /* While we switch from OpenSSL to BoringSSL we have to implement |
| 119 | * |EVP_EncodedLength| here. */ |
Mattias Nissler | a947b49 | 2016-03-31 16:32:09 +0200 | [diff] [blame] | 120 | base64_key_length = 1 + ((sizeof(binary_key_data) + 2) / 3 * 4); |
Adam Langley | 29f6cdb | 2014-09-03 14:34:47 -0700 | [diff] [blame] | 121 | #endif |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 122 | |
Mattias Nissler | a947b49 | 2016-03-31 16:32:09 +0200 | [diff] [blame] | 123 | base64_key_data = new uint8_t[base64_key_length]; |
| 124 | if (base64_key_data == nullptr) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 125 | D("Allocation failure"); |
Adam Langley | 29f6cdb | 2014-09-03 14:34:47 -0700 | [diff] [blame] | 126 | goto out; |
| 127 | } |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 128 | |
Mattias Nissler | a947b49 | 2016-03-31 16:32:09 +0200 | [diff] [blame] | 129 | base64_key_length = EVP_EncodeBlock(base64_key_data, binary_key_data, |
| 130 | sizeof(binary_key_data)); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 131 | get_user_info(info, sizeof(info)); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 132 | |
Mattias Nissler | a947b49 | 2016-03-31 16:32:09 +0200 | [diff] [blame] | 133 | if (snprintf(path, sizeof(path), "%s.pub", private_key_path) >= |
| 134 | (int)sizeof(path)) { |
| 135 | D("Path too long while writing public key"); |
| 136 | goto out; |
| 137 | } |
| 138 | |
| 139 | outfile = fopen(path, "w"); |
| 140 | if (!outfile) { |
| 141 | D("Failed to open '%s'", path); |
| 142 | goto out; |
| 143 | } |
| 144 | |
| 145 | if (fwrite(base64_key_data, base64_key_length, 1, outfile) != 1 || |
Adam Langley | 29f6cdb | 2014-09-03 14:34:47 -0700 | [diff] [blame] | 146 | fwrite(info, strlen(info), 1, outfile) != 1) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 147 | D("Write error while writing public key"); |
Adam Langley | 29f6cdb | 2014-09-03 14:34:47 -0700 | [diff] [blame] | 148 | goto out; |
| 149 | } |
| 150 | |
| 151 | ret = 1; |
| 152 | |
| 153 | out: |
| 154 | if (outfile != NULL) { |
| 155 | fclose(outfile); |
| 156 | } |
Mattias Nissler | a947b49 | 2016-03-31 16:32:09 +0200 | [diff] [blame] | 157 | delete[] base64_key_data; |
Adam Langley | 29f6cdb | 2014-09-03 14:34:47 -0700 | [diff] [blame] | 158 | return ret; |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 159 | } |
| 160 | |
| 161 | static int generate_key(const char *file) |
| 162 | { |
| 163 | EVP_PKEY* pkey = EVP_PKEY_new(); |
| 164 | BIGNUM* exponent = BN_new(); |
| 165 | RSA* rsa = RSA_new(); |
Benoit Goby | cb37c50 | 2012-08-31 12:14:21 -0700 | [diff] [blame] | 166 | mode_t old_mask; |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 167 | FILE *f = NULL; |
| 168 | int ret = 0; |
| 169 | |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 170 | D("generate_key '%s'", file); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 171 | |
| 172 | if (!pkey || !exponent || !rsa) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 173 | D("Failed to allocate key"); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 174 | goto out; |
| 175 | } |
| 176 | |
| 177 | BN_set_word(exponent, RSA_F4); |
| 178 | RSA_generate_key_ex(rsa, 2048, exponent, NULL); |
| 179 | EVP_PKEY_set1_RSA(pkey, rsa); |
| 180 | |
Benoit Goby | cb37c50 | 2012-08-31 12:14:21 -0700 | [diff] [blame] | 181 | old_mask = umask(077); |
| 182 | |
Spencer Low | 60bca2d | 2015-05-07 19:08:29 -0700 | [diff] [blame] | 183 | f = fopen(file, "w"); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 184 | if (!f) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 185 | D("Failed to open '%s'", file); |
Benoit Goby | cb37c50 | 2012-08-31 12:14:21 -0700 | [diff] [blame] | 186 | umask(old_mask); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 187 | goto out; |
| 188 | } |
| 189 | |
Benoit Goby | cb37c50 | 2012-08-31 12:14:21 -0700 | [diff] [blame] | 190 | umask(old_mask); |
| 191 | |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 192 | if (!PEM_write_PrivateKey(f, pkey, NULL, NULL, 0, NULL, NULL)) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 193 | D("Failed to write key"); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 194 | goto out; |
| 195 | } |
| 196 | |
| 197 | if (!write_public_keyfile(rsa, file)) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 198 | D("Failed to write public key"); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 199 | goto out; |
| 200 | } |
| 201 | |
| 202 | ret = 1; |
| 203 | |
| 204 | out: |
| 205 | if (f) |
| 206 | fclose(f); |
| 207 | EVP_PKEY_free(pkey); |
| 208 | RSA_free(rsa); |
| 209 | BN_free(exponent); |
| 210 | return ret; |
| 211 | } |
| 212 | |
| 213 | static int read_key(const char *file, struct listnode *list) |
| 214 | { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 215 | D("read_key '%s'", file); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 216 | |
Spencer Low | 60bca2d | 2015-05-07 19:08:29 -0700 | [diff] [blame] | 217 | FILE* fp = fopen(file, "r"); |
Elliott Hughes | fb2ba51 | 2015-04-24 23:02:00 -0700 | [diff] [blame] | 218 | if (!fp) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 219 | D("Failed to open '%s': %s", file, strerror(errno)); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 220 | return 0; |
| 221 | } |
| 222 | |
Elliott Hughes | fb2ba51 | 2015-04-24 23:02:00 -0700 | [diff] [blame] | 223 | adb_private_key* key = new adb_private_key; |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 224 | key->rsa = RSA_new(); |
| 225 | |
Elliott Hughes | fb2ba51 | 2015-04-24 23:02:00 -0700 | [diff] [blame] | 226 | if (!PEM_read_RSAPrivateKey(fp, &key->rsa, NULL, NULL)) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 227 | D("Failed to read key"); |
Elliott Hughes | fb2ba51 | 2015-04-24 23:02:00 -0700 | [diff] [blame] | 228 | fclose(fp); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 229 | RSA_free(key->rsa); |
Elliott Hughes | fb2ba51 | 2015-04-24 23:02:00 -0700 | [diff] [blame] | 230 | delete key; |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 231 | return 0; |
| 232 | } |
| 233 | |
Elliott Hughes | fb2ba51 | 2015-04-24 23:02:00 -0700 | [diff] [blame] | 234 | fclose(fp); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 235 | list_add_tail(list, &key->node); |
| 236 | return 1; |
| 237 | } |
| 238 | |
Dan Albert | 3d978e6 | 2015-07-09 20:35:09 +0000 | [diff] [blame] | 239 | static int get_user_keyfilepath(char *filename, size_t len) |
| 240 | { |
Yurii Zubrytskyi | 09ecaa5 | 2016-05-26 09:46:10 -0700 | [diff] [blame] | 241 | const std::string home = adb_get_homedir_path(true); |
Yurii Zubrytskyi | 70ae70a | 2016-05-25 15:17:10 -0700 | [diff] [blame] | 242 | D("home '%s'", home.c_str()); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 243 | |
Yurii Zubrytskyi | 09ecaa5 | 2016-05-26 09:46:10 -0700 | [diff] [blame] | 244 | const std::string android_dir = |
| 245 | android::base::StringPrintf("%s%c%s", home.c_str(), |
| 246 | OS_PATH_SEPARATOR, ANDROID_PATH); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 247 | |
Yurii Zubrytskyi | 09ecaa5 | 2016-05-26 09:46:10 -0700 | [diff] [blame] | 248 | struct stat buf; |
| 249 | if (stat(android_dir.c_str(), &buf)) { |
| 250 | if (adb_mkdir(android_dir.c_str(), 0750) < 0) { |
| 251 | D("Cannot mkdir '%s'", android_dir.c_str()); |
Dan Albert | 3d978e6 | 2015-07-09 20:35:09 +0000 | [diff] [blame] | 252 | return -1; |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 253 | } |
| 254 | } |
| 255 | |
Yurii Zubrytskyi | 09ecaa5 | 2016-05-26 09:46:10 -0700 | [diff] [blame] | 256 | return snprintf(filename, len, "%s%c%s", |
| 257 | android_dir.c_str(), OS_PATH_SEPARATOR, ADB_KEY_FILE); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 258 | } |
| 259 | |
| 260 | static int get_user_key(struct listnode *list) |
| 261 | { |
Dan Albert | 3d978e6 | 2015-07-09 20:35:09 +0000 | [diff] [blame] | 262 | struct stat buf; |
| 263 | char path[PATH_MAX]; |
| 264 | int ret; |
| 265 | |
| 266 | ret = get_user_keyfilepath(path, sizeof(path)); |
| 267 | if (ret < 0 || ret >= (signed)sizeof(path)) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 268 | D("Error getting user key filename"); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 269 | return 0; |
| 270 | } |
| 271 | |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 272 | D("user key '%s'", path); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 273 | |
Dan Albert | 3d978e6 | 2015-07-09 20:35:09 +0000 | [diff] [blame] | 274 | if (stat(path, &buf) == -1) { |
| 275 | if (!generate_key(path)) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 276 | D("Failed to generate new key"); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 277 | return 0; |
| 278 | } |
| 279 | } |
| 280 | |
Dan Albert | 3d978e6 | 2015-07-09 20:35:09 +0000 | [diff] [blame] | 281 | return read_key(path, list); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 282 | } |
| 283 | |
Elliott Hughes | fb2ba51 | 2015-04-24 23:02:00 -0700 | [diff] [blame] | 284 | static void get_vendor_keys(struct listnode* key_list) { |
| 285 | const char* adb_keys_path = getenv("ADB_VENDOR_KEYS"); |
| 286 | if (adb_keys_path == nullptr) { |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 287 | return; |
Elliott Hughes | fb2ba51 | 2015-04-24 23:02:00 -0700 | [diff] [blame] | 288 | } |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 289 | |
Elliott Hughes | 8595283 | 2015-10-07 15:59:35 -0700 | [diff] [blame] | 290 | for (const auto& path : android::base::Split(adb_keys_path, ENV_PATH_SEPARATOR_STR)) { |
Elliott Hughes | fb2ba51 | 2015-04-24 23:02:00 -0700 | [diff] [blame] | 291 | if (!read_key(path.c_str(), key_list)) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 292 | D("Failed to read '%s'", path.c_str()); |
Elliott Hughes | fb2ba51 | 2015-04-24 23:02:00 -0700 | [diff] [blame] | 293 | } |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 294 | } |
| 295 | } |
| 296 | |
Dan Albert | f30d73c | 2015-02-25 17:51:28 -0800 | [diff] [blame] | 297 | int adb_auth_sign(void *node, const unsigned char* token, size_t token_size, |
| 298 | unsigned char* sig) |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 299 | { |
| 300 | unsigned int len; |
| 301 | struct adb_private_key *key = node_to_item(node, struct adb_private_key, node); |
| 302 | |
Sami Tolvanen | b92a35c | 2015-01-27 16:48:35 +0000 | [diff] [blame] | 303 | if (token_size != TOKEN_SIZE) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 304 | D("Unexpected token size %zd", token_size); |
Sami Tolvanen | b92a35c | 2015-01-27 16:48:35 +0000 | [diff] [blame] | 305 | return 0; |
| 306 | } |
| 307 | |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 308 | if (!RSA_sign(NID_sha1, token, token_size, sig, &len, key->rsa)) { |
| 309 | return 0; |
| 310 | } |
| 311 | |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 312 | D("adb_auth_sign len=%d", len); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 313 | return (int)len; |
| 314 | } |
| 315 | |
| 316 | void *adb_auth_nextkey(void *current) |
| 317 | { |
| 318 | struct listnode *item; |
| 319 | |
| 320 | if (list_empty(&key_list)) |
| 321 | return NULL; |
| 322 | |
| 323 | if (!current) |
| 324 | return list_head(&key_list); |
| 325 | |
| 326 | list_for_each(item, &key_list) { |
| 327 | if (item == current) { |
| 328 | /* current is the last item, we tried all the keys */ |
| 329 | if (item->next == &key_list) |
| 330 | return NULL; |
| 331 | return item->next; |
| 332 | } |
| 333 | } |
| 334 | |
| 335 | return NULL; |
| 336 | } |
| 337 | |
Elliott Hughes | e0a6e2a | 2016-05-26 22:43:19 -0700 | [diff] [blame^] | 338 | std::string adb_auth_get_userkey() { |
Dan Albert | 3d978e6 | 2015-07-09 20:35:09 +0000 | [diff] [blame] | 339 | char path[PATH_MAX]; |
| 340 | int ret = get_user_keyfilepath(path, sizeof(path) - 4); |
| 341 | if (ret < 0 || ret >= (signed)(sizeof(path) - 4)) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 342 | D("Error getting user key filename"); |
Elliott Hughes | e0a6e2a | 2016-05-26 22:43:19 -0700 | [diff] [blame^] | 343 | return ""; |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 344 | } |
Dan Albert | 3d978e6 | 2015-07-09 20:35:09 +0000 | [diff] [blame] | 345 | strcat(path, ".pub"); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 346 | |
Elliott Hughes | e0a6e2a | 2016-05-26 22:43:19 -0700 | [diff] [blame^] | 347 | std::string content; |
| 348 | if (!android::base::ReadFileToString(path, &content)) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 349 | D("Can't load '%s'", path); |
Elliott Hughes | e0a6e2a | 2016-05-26 22:43:19 -0700 | [diff] [blame^] | 350 | return ""; |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 351 | } |
Elliott Hughes | e0a6e2a | 2016-05-26 22:43:19 -0700 | [diff] [blame^] | 352 | return content; |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 353 | } |
| 354 | |
Nick Kralevich | 6183c96 | 2014-11-13 15:17:29 -0800 | [diff] [blame] | 355 | int adb_auth_keygen(const char* filename) { |
Nick Kralevich | 6183c96 | 2014-11-13 15:17:29 -0800 | [diff] [blame] | 356 | return (generate_key(filename) == 0); |
| 357 | } |
| 358 | |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 359 | void adb_auth_init(void) |
| 360 | { |
| 361 | int ret; |
| 362 | |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 363 | D("adb_auth_init"); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 364 | |
| 365 | list_init(&key_list); |
| 366 | |
| 367 | ret = get_user_key(&key_list); |
| 368 | if (!ret) { |
Yabin Cui | 815ad88 | 2015-09-02 17:44:28 -0700 | [diff] [blame] | 369 | D("Failed to get user key"); |
Benoit Goby | 2cc19e4 | 2012-04-12 12:23:49 -0700 | [diff] [blame] | 370 | return; |
| 371 | } |
| 372 | |
| 373 | get_vendor_keys(&key_list); |
| 374 | } |