openkylin
/
platform_system_core
mirror of https://gitee.com/openkylin/platform_system_core.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

Switch fs_mgr and adb to libcrypto_utils. 

Update code and dependencies to use BoringSSL + libcrypto_utils
instead of mincrypt.

Change-Id: Ic75164bd50c84b81b6310e27a67d4b3c174984f9
This commit is contained in:
Mattias Nissler 2016-03-31 16:32:09 +02:00 committed by Elliott Hughes
parent b62146dcab
commit 097b6bbc76
9 changed files with 122 additions and 165 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
adb/Android.mk
View File

@ -108,7 +108,7 @@ LOCAL_SANITIZE := $(adb_target_sanitize)
# Even though we're building a static library (and thus there's no link step for
# this to take effect), this adds the includes to our path.
LOCAL_STATIC_LIBRARIES := libbase
LOCAL_STATIC_LIBRARIES := libcrypto_utils_static libcrypto_static libbase
include $(BUILD_STATIC_LIBRARY)
@ -131,7 +131,7 @@ LOCAL_SANITIZE := $(adb_host_sanitize)
# Even though we're building a static library (and thus there's no link step for
# this to take effect), this adds the includes to our path.
LOCAL_STATIC_LIBRARIES := libcrypto_static libbase
LOCAL_STATIC_LIBRARIES := libcrypto_utils_static libcrypto_static libbase
LOCAL_C_INCLUDES_windows := development/host/windows/usb/api/
LOCAL_MULTILIB := first
@ -151,7 +151,7 @@ LOCAL_SRC_FILES := \
shell_service_test.cpp \
LOCAL_SANITIZE := $(adb_target_sanitize)
LOCAL_STATIC_LIBRARIES := libadbd
LOCAL_STATIC_LIBRARIES := libadbd libcrypto_utils_static libcrypto_static
LOCAL_SHARED_LIBRARIES := liblog libbase libcutils
include $(BUILD_NATIVE_TEST)
@ -191,6 +191,7 @@ LOCAL_SANITIZE := $(adb_host_sanitize)
LOCAL_SHARED_LIBRARIES := libbase
LOCAL_STATIC_LIBRARIES := \
libadb \
libcrypto_utils_static \
libcrypto_static \
libcutils \
libdiagnose_usb \
@ -219,7 +220,7 @@ LOCAL_CFLAGS_darwin := $(LIBADB_darwin_CFLAGS)
LOCAL_SRC_FILES := test_track_devices.cpp
LOCAL_SANITIZE := $(adb_host_sanitize)
LOCAL_SHARED_LIBRARIES := libbase
LOCAL_STATIC_LIBRARIES := libadb libcrypto_static libcutils
LOCAL_STATIC_LIBRARIES := libadb libcrypto_utils_static libcrypto_static libcutils
LOCAL_LDLIBS += -lrt -ldl -lpthread
include $(BUILD_HOST_EXECUTABLE)
endif
@ -271,6 +272,7 @@ LOCAL_SANITIZE := $(adb_host_sanitize)
LOCAL_STATIC_LIBRARIES := \
libadb \
libbase \
libcrypto_utils_static \
libcrypto_static \
libdiagnose_usb \
liblog \
@ -342,11 +344,11 @@ LOCAL_STATIC_LIBRARIES := \
libfec_rs \
libselinux \
liblog \
libmincrypt \
libext4_utils_static \
libsquashfs_utils \
libcutils \
libbase \
libcrypto_utils_static \
libcrypto_static \
libminijail

3
adb/adb.cpp
View File

@ -353,7 +353,8 @@ void handle_packet(apacket *p, atransport *t)
send_auth_publickey(t);
}
} else if (p->msg.arg0 == ADB_AUTH_SIGNATURE) {
if (adb_auth_verify(t->token, p->data, p->msg.data_length)) {
if (adb_auth_verify(t->token, sizeof(t->token),
p->data, p->msg.data_length)) {
adb_auth_verified(t);
t->failed_auth_attempts = 0;
} else {

19
adb/adb_auth.h
View File

@ -43,9 +43,15 @@ int adb_auth_sign(void *key, const unsigned char* token, size_t token_size,
void *adb_auth_nextkey(void *current);
int adb_auth_get_userkey(unsigned char *data, size_t len);
static inline int adb_auth_generate_token(void *token, size_t token_size) { return 0; }
static inline int adb_auth_verify(void *token, void *sig, int siglen) { return 0; }
static inline void adb_auth_confirm_key(unsigned char *data, size_t len, atransport *t) { }
static inline int adb_auth_generate_token(void *token, size_t token_size) {
return 0;
}
static inline int adb_auth_verify(void *token, size_t token_size,
void *sig, int siglen) {
return 0;
}
static inline void adb_auth_confirm_key(unsigned char *data, size_t len,
atransport *t) {}
#else // !ADB_HOST
@ -54,12 +60,15 @@ static inline int adb_auth_sign(void* key, const unsigned char* token,
return 0;
}
static inline void *adb_auth_nextkey(void *current) { return NULL; }
static inline int adb_auth_get_userkey(unsigned char *data, size_t len) { return 0; }
static inline int adb_auth_get_userkey(unsigned char *data, size_t len) {
return 0;
}
void adbd_auth_init(void);
void adbd_cloexec_auth_socket();
int adb_auth_generate_token(void *token, size_t token_size);
int adb_auth_verify(uint8_t* token, uint8_t* sig, int siglen);
int adb_auth_verify(uint8_t* token, size_t token_size,
uint8_t* sig, int siglen);
void adb_auth_confirm_key(unsigned char *data, size_t len, atransport *t);
#endif // ADB_HOST

35
adb/adb_auth_client.cpp
View File

@ -23,10 +23,14 @@
#include <stdio.h>
#include <string.h>
#include <openssl/obj_mac.h>
#include <openssl/rsa.h>
#include <openssl/sha.h>
#include <crypto_utils/android_pubkey.h>
#include "cutils/list.h"
#include "cutils/sockets.h"
#include "mincrypt/rsa.h"
#include "mincrypt/sha.h"
#include "adb.h"
#include "fdevent.h"
@ -34,7 +38,7 @@
struct adb_public_key {
struct listnode node;
RSAPublicKey key;
RSA* key;
};
static const char *key_paths[] = {
@ -66,9 +70,8 @@ static void read_keys(const char *file, struct listnode *list)
}
while (fgets(buf, sizeof(buf), f)) {
/* Allocate 4 extra bytes to decode the base64 data in-place */
auto key = reinterpret_cast<adb_public_key*>(
calloc(1, sizeof(adb_public_key) + 4));
calloc(1, sizeof(adb_public_key)));
if (key == nullptr) {
D("Can't malloc key");
break;
@ -78,15 +81,18 @@ static void read_keys(const char *file, struct listnode *list)
if (sep)
*sep = '\0';
ret = __b64_pton(buf, (u_char *)&key->key, sizeof(key->key) + 4);
if (ret != sizeof(key->key)) {
// b64_pton requires one additional byte in the target buffer for
// decoding to succeed. See http://b/28035006 for details.
uint8_t keybuf[ANDROID_PUBKEY_ENCODED_SIZE + 1];
ret = __b64_pton(buf, keybuf, sizeof(keybuf));
if (ret != ANDROID_PUBKEY_ENCODED_SIZE) {
D("%s: Invalid base64 data ret=%d", file, ret);
free(key);
continue;
}
if (key->key.len != RSANUMWORDS) {
D("%s: Invalid key len %d", file, key->key.len);
if (!android_pubkey_decode(keybuf, ret, &key->key)) {
D("%s: Failed to parse key", file);
free(key);
continue;
}
@ -104,7 +110,9 @@ static void free_keys(struct listnode *list)
while (!list_empty(list)) {
item = list_head(list);
list_remove(item);
free(node_to_item(item, struct adb_public_key, node));
adb_public_key* key = node_to_item(item, struct adb_public_key, node);
RSA_free(key->key);
free(key);
}
}
@ -139,20 +147,17 @@ int adb_auth_generate_token(void *token, size_t token_size)
return ret * token_size;
}
int adb_auth_verify(uint8_t* token, uint8_t* sig, int siglen)
int adb_auth_verify(uint8_t* token, size_t token_size, uint8_t* sig, int siglen)
{
struct listnode *item;
struct listnode key_list;
int ret = 0;
if (siglen != RSANUMBYTES)
return 0;
load_keys(&key_list);
list_for_each(item, &key_list) {
adb_public_key* key = node_to_item(item, struct adb_public_key, node);
ret = RSA_verify(&key->key, sig, siglen, token, SHA_DIGEST_SIZE);
ret = RSA_verify(NID_sha1, token, token_size, sig, siglen, key->key);
if (ret)
break;
}

105
adb/adb_auth_host.cpp
View File

@ -37,14 +37,9 @@
#include "adb.h"
/* HACK: we need the RSAPublicKey struct
* but RSA_verify conflits with openssl */
#define RSA_verify RSA_verify_mincrypt
#include "mincrypt/rsa.h"
#undef RSA_verify
#include <android-base/errors.h>
#include <android-base/strings.h>
#include <crypto_utils/android_pubkey.h>
#include <cutils/list.h>
#include <openssl/evp.h>
@ -68,54 +63,6 @@ struct adb_private_key {
static struct listnode key_list;
/* Convert OpenSSL RSA private key to android pre-computed RSAPublicKey format */
static int RSA_to_RSAPublicKey(RSA *rsa, RSAPublicKey *pkey)
{
int ret = 1;
unsigned int i;
BN_CTX* ctx = BN_CTX_new();
BIGNUM* r32 = BN_new();
BIGNUM* rr = BN_new();
BIGNUM* r = BN_new();
BIGNUM* rem = BN_new();
BIGNUM* n = BN_new();
BIGNUM* n0inv = BN_new();
if (RSA_size(rsa) != RSANUMBYTES) {
ret = 0;
goto out;
}
BN_set_bit(r32, 32);
BN_copy(n, rsa->n);
BN_set_bit(r, RSANUMWORDS * 32);
BN_mod_sqr(rr, r, n, ctx);
BN_div(NULL, rem, n, r32, ctx);
BN_mod_inverse(n0inv, rem, r32, ctx);
pkey->len = RSANUMWORDS;
pkey->n0inv = 0 - BN_get_word(n0inv);
for (i = 0; i < RSANUMWORDS; i++) {
BN_div(rr, rem, rr, r32, ctx);
pkey->rr[i] = BN_get_word(rem);
BN_div(n, rem, n, r32, ctx);
pkey->n[i] = BN_get_word(rem);
}
pkey->exponent = BN_get_word(rsa->e);
out:
BN_free(n0inv);
BN_free(n);
BN_free(rem);
BN_free(r);
BN_free(rr);
BN_free(r32);
BN_CTX_free(ctx);
return ret;
}
static void get_user_info(char *buf, size_t len)
{
char hostname[1024], username[1024];
@ -156,53 +103,55 @@ static void get_user_info(char *buf, size_t len)
static int write_public_keyfile(RSA *private_key, const char *private_key_path)
{
RSAPublicKey pkey;
uint8_t binary_key_data[ANDROID_PUBKEY_ENCODED_SIZE];
uint8_t* base64_key_data = nullptr;
size_t base64_key_length = 0;
FILE *outfile = NULL;
char path[PATH_MAX], info[MAX_PAYLOAD_V1];
uint8_t* encoded = nullptr;
size_t encoded_length;
int ret = 0;
if (snprintf(path, sizeof(path), "%s.pub", private_key_path) >=
(int)sizeof(path)) {
D("Path too long while writing public key");
return 0;
}
if (!RSA_to_RSAPublicKey(private_key, &pkey)) {
if (!android_pubkey_encode(private_key, binary_key_data,
sizeof(binary_key_data))) {
D("Failed to convert to publickey");
return 0;
}
outfile = fopen(path, "w");
if (!outfile) {
D("Failed to open '%s'", path);
return 0;
goto out;
}
D("Writing public key to '%s'", path);
#if defined(OPENSSL_IS_BORINGSSL)
if (!EVP_EncodedLength(&encoded_length, sizeof(pkey))) {
if (!EVP_EncodedLength(&base64_key_length, sizeof(binary_key_data))) {
D("Public key too large to base64 encode");
goto out;
}
#else
/* While we switch from OpenSSL to BoringSSL we have to implement
* |EVP_EncodedLength| here. */
encoded_length = 1 + ((sizeof(pkey) + 2) / 3 * 4);
base64_key_length = 1 + ((sizeof(binary_key_data) + 2) / 3 * 4);
#endif
encoded = new uint8_t[encoded_length];
if (encoded == nullptr) {
base64_key_data = new uint8_t[base64_key_length];
if (base64_key_data == nullptr) {
D("Allocation failure");
goto out;
}
encoded_length = EVP_EncodeBlock(encoded, (uint8_t*) &pkey, sizeof(pkey));
base64_key_length = EVP_EncodeBlock(base64_key_data, binary_key_data,
sizeof(binary_key_data));
get_user_info(info, sizeof(info));
if (fwrite(encoded, encoded_length, 1, outfile) != 1 ||
if (snprintf(path, sizeof(path), "%s.pub", private_key_path) >=
(int)sizeof(path)) {
D("Path too long while writing public key");
goto out;
}
outfile = fopen(path, "w");
if (!outfile) {
D("Failed to open '%s'", path);
goto out;
}
if (fwrite(base64_key_data, base64_key_length, 1, outfile) != 1 ||
fwrite(info, strlen(info), 1, outfile) != 1) {
D("Write error while writing public key");
goto out;
@ -214,7 +163,7 @@ static int write_public_keyfile(RSA *private_key, const char *private_key_path)
if (outfile != NULL) {
fclose(outfile);
}
delete[] encoded;
delete[] base64_key_data;
return ret;
}

2
fs_mgr/Android.mk
View File

@ -7,7 +7,7 @@ common_static_libraries := \
libfec \
libfec_rs \
libbase \
libmincrypt \
libcrypto_utils_static \
libcrypto_static \
libext4_utils_static \
libsquashfs_utils

29
fs_mgr/fs_mgr.c
View File

@ -14,35 +14,32 @@
* limitations under the License.
*/
#include <ctype.h>
#include <dirent.h>
#include <errno.h>
#include <fcntl.h>
#include <libgen.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <fcntl.h>
#include <ctype.h>
#include <sys/mount.h>
#include <sys/stat.h>
#include <errno.h>
#include <sys/swap.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <libgen.h>
#include <time.h>
#include <sys/swap.h>
#include <dirent.h>
#include <ext4.h>
#include <ext4_sb.h>
#include <ext4_crypt_init_extensions.h>
#include <unistd.h>
#include <ext4.h>
#include <ext4_crypt_init_extensions.h>
#include <ext4_sb.h>
#include <linux/loop.h>
#include <private/android_filesystem_config.h>
#include <cutils/android_reboot.h>
#include <cutils/partition_utils.h>
#include <cutils/properties.h>
#include <linux/loop.h>
#include <logwrap/logwrap.h>
#include "mincrypt/rsa.h"
#include "mincrypt/sha.h"
#include "mincrypt/sha256.h"
#include <private/android_filesystem_config.h>
#include "ext4_utils.h"
#include "wipe.h"

80
fs_mgr/fs_mgr_verity.cpp
View File

@ -14,29 +14,29 @@
* limitations under the License.
*/
#include <ctype.h>
#include <errno.h>
#include <fcntl.h>
#include <inttypes.h>
#include <libgen.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <fcntl.h>
#include <ctype.h>
#include <sys/mount.h>
#include <sys/stat.h>
#include <errno.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <libgen.h>
#include <time.h>
#include <unistd.h>
#include <android-base/file.h>
#include <private/android_filesystem_config.h>
#include <crypto_utils/android_pubkey.h>
#include <cutils/properties.h>
#include <logwrap/logwrap.h>
#include "mincrypt/rsa.h"
#include "mincrypt/sha.h"
#include "mincrypt/sha256.h"
#include <openssl/obj_mac.h>
#include <openssl/rsa.h>
#include <openssl/sha.h>
#include <private/android_filesystem_config.h>
#include "fec/io.h"
@ -83,48 +83,45 @@ struct verity_state {
extern struct fs_info info;
static RSAPublicKey *load_key(const char *path)
static RSA *load_key(const char *path)
{
RSAPublicKey* key = static_cast<RSAPublicKey*>(malloc(sizeof(RSAPublicKey)));
if (!key) {
ERROR("Can't malloc key\n");
return NULL;
}
uint8_t key_data[ANDROID_PUBKEY_ENCODED_SIZE];
FILE* f = fopen(path, "r");
if (!f) {
ERROR("Can't open '%s'\n", path);
free(key);
free(key_data);
return NULL;
}
if (!fread(key, sizeof(*key), 1, f)) {
if (!fread(key_data, sizeof(key_data), 1, f)) {
ERROR("Could not read key!\n");
fclose(f);
free(key);
return NULL;
}
if (key->len != RSANUMWORDS) {
ERROR("Invalid key length %d\n", key->len);
fclose(f);
free(key);
free(key_data);
return NULL;
}
fclose(f);
RSA* key = NULL;
if (!android_pubkey_decode(key_data, sizeof(key_data), &key)) {
ERROR("Could not parse key!\n");
free(key_data);
return NULL;
}
return key;
}
static int verify_table(const uint8_t *signature, const char *table,
uint32_t table_length)
static int verify_table(const uint8_t *signature, size_t signature_size,
const char *table, uint32_t table_length)
{
RSAPublicKey *key;
uint8_t hash_buf[SHA256_DIGEST_SIZE];
RSA *key;
uint8_t hash_buf[SHA256_DIGEST_LENGTH];
int retval = -1;
// Hash the table
SHA256_hash((uint8_t*)table, table_length, hash_buf);
SHA256((uint8_t*)table, table_length, hash_buf);
// Now get the public key from the keyfile
key = load_key(VERITY_TABLE_RSA_KEY);
@ -134,11 +131,8 @@ static int verify_table(const uint8_t *signature, const char *table,
}
// verify the result
if (!RSA_verify(key,
signature,
RSANUMBYTES,
(uint8_t*) hash_buf,
SHA256_DIGEST_SIZE)) {
if (!RSA_verify(NID_sha256, hash_buf, sizeof(hash_buf), signature,
signature_size, key)) {
ERROR("Couldn't verify table\n");
goto out;
}
@ -146,7 +140,7 @@ static int verify_table(const uint8_t *signature, const char *table,
retval = 0;
out:
free(key);
RSA_free(key);
return retval;
}
@ -610,8 +604,8 @@ static int compare_last_signature(struct fstab_rec *fstab, int *match)
off64_t offset = 0;
struct fec_handle *f = NULL;
struct fec_verity_metadata verity;
uint8_t curr[SHA256_DIGEST_SIZE];
uint8_t prev[SHA256_DIGEST_SIZE];
uint8_t curr[SHA256_DIGEST_LENGTH];
uint8_t prev[SHA256_DIGEST_LENGTH];
*match = 1;
@ -629,7 +623,7 @@ static int compare_last_signature(struct fstab_rec *fstab, int *match)
goto out;
}
SHA256_hash(verity.signature, RSANUMBYTES, curr);
SHA256(verity.signature, sizeof(verity.signature), curr);
if (snprintf(tag, sizeof(tag), VERITY_LASTSIG_TAG "_%s",
basename(fstab->mount_point)) >= (int)sizeof(tag)) {
@ -637,7 +631,7 @@ static int compare_last_signature(struct fstab_rec *fstab, int *match)
goto out;
}
if (metadata_find(fstab->verity_loc, tag, SHA256_DIGEST_SIZE,
if (metadata_find(fstab->verity_loc, tag, SHA256_DIGEST_LENGTH,
&offset) < 0) {
goto out;
}
@ -656,7 +650,7 @@ static int compare_last_signature(struct fstab_rec *fstab, int *match)
goto out;
}
*match = !memcmp(curr, prev, SHA256_DIGEST_SIZE);
*match = !memcmp(curr, prev, SHA256_DIGEST_LENGTH);
if (!*match) {
/* update current signature hash */
@ -919,7 +913,7 @@ int fs_mgr_setup_verity(struct fstab_rec *fstab)
}
// verify the signature on the table
if (verify_table(verity.signature, verity.table,
if (verify_table(verity.signature, sizeof(verity.signature), verity.table,
verity.table_length) < 0) {
if (params.mode == VERITY_MODE_LOGGING) {
// the user has been warned, allow mounting without dm-verity

2
init/Android.mk
View File

@ -95,7 +95,7 @@ LOCAL_STATIC_LIBRARIES := \
libc \
libselinux \
liblog \
libmincrypt \
libcrypto_utils_static \
libcrypto_static \
libc++_static \
libdl \