adb_auth_host.c revision f4ed516643ee8ed3a59ad1a8048f7ce5f47f93fb
1/* 2 * Copyright (C) 2012 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17#include <stdio.h> 18 19#ifdef _WIN32 20# define WIN32_LEAN_AND_MEAN 21# include "windows.h" 22# include "shlobj.h" 23#else 24# include <sys/types.h> 25# include <sys/stat.h> 26# include <unistd.h> 27#endif 28#include <string.h> 29 30#include "sysdeps.h" 31#include "adb.h" 32#include "adb_auth.h" 33 34/* HACK: we need the RSAPublicKey struct 35 * but RSA_verify conflits with openssl */ 36#define RSA_verify RSA_verify_mincrypt 37#include "mincrypt/rsa.h" 38#undef RSA_verify 39 40#include <cutils/list.h> 41 42#include <openssl/evp.h> 43#include <openssl/objects.h> 44#include <openssl/pem.h> 45#include <openssl/rsa.h> 46#include <openssl/sha.h> 47 48#define TRACE_TAG TRACE_AUTH 49 50#define ANDROID_PATH ".android" 51#define ADB_KEY_FILE "adb_key" 52 53 54struct adb_private_key { 55 struct listnode node; 56 RSA *rsa; 57}; 58 59static struct listnode key_list; 60 61 62/* Convert OpenSSL RSA private key to android pre-computed RSAPublicKey format */ 63static int RSA_to_RSAPublicKey(RSA *rsa, RSAPublicKey *pkey) 64{ 65 unsigned int i; 66 67 BN_CTX* ctx = BN_CTX_new(); 68 BIGNUM* r32 = BN_new(); 69 BIGNUM* rr = BN_new(); 70 BIGNUM* r = BN_new(); 71 BIGNUM* rem = BN_new(); 72 BIGNUM* n = BN_new(); 73 BIGNUM* n0inv = BN_new(); 74 75 if (RSA_size(rsa) != RSANUMBYTES) 76 return 0; 77 78 BN_set_bit(r32, 32); 79 BN_copy(n, rsa->n); 80 BN_set_bit(r, RSANUMWORDS * 32); 81 BN_mod_sqr(rr, r, n, ctx); 82 BN_div(NULL, rem, n, r32, ctx); 83 BN_mod_inverse(n0inv, rem, r32, ctx); 84 85 pkey->len = RSANUMWORDS; 86 pkey->n0inv = 0 - BN_get_word(n0inv); 87 for (i = 0; i < RSANUMWORDS; i++) { 88 BN_div(rr, rem, rr, r32, ctx); 89 pkey->rr[i] = BN_get_word(rem); 90 BN_div(n, rem, n, r32, ctx); 91 pkey->n[i] = BN_get_word(rem); 92 } 93 pkey->exponent = BN_get_word(rsa->e); 94 95 BN_free(n0inv); 96 BN_free(n); 97 BN_free(rem); 98 BN_free(r); 99 BN_free(rr); 100 BN_free(r32); 101 BN_CTX_free(ctx); 102 103 return 1; 104} 105 106static void get_user_info(char *buf, size_t len) 107{ 108 char hostname[1024], username[1024]; 109 int ret; 110 111#ifndef _WIN32 112 ret = gethostname(hostname, sizeof(hostname)); 113 if (ret < 0) 114#endif 115 strcpy(hostname, "unknown"); 116 117#if !defined _WIN32 && !defined ADB_HOST_ON_TARGET 118 ret = getlogin_r(username, sizeof(username)); 119 if (ret < 0) 120#endif 121 strcpy(username, "unknown"); 122 123 ret = snprintf(buf, len, " %s@%s", username, hostname); 124 if (ret >= (signed)len) 125 buf[len - 1] = '\0'; 126} 127 128static int write_public_keyfile(RSA *private_key, const char *private_key_path) 129{ 130 RSAPublicKey pkey; 131 BIO *bio, *b64, *bfile; 132 char path[PATH_MAX], info[MAX_PAYLOAD]; 133 int ret; 134 135 ret = snprintf(path, sizeof(path), "%s.pub", private_key_path); 136 if (ret >= (signed)sizeof(path)) 137 return 0; 138 139 ret = RSA_to_RSAPublicKey(private_key, &pkey); 140 if (!ret) { 141 D("Failed to convert to publickey\n"); 142 return 0; 143 } 144 145 bfile = BIO_new_file(path, "w"); 146 if (!bfile) { 147 D("Failed to open '%s'\n", path); 148 return 0; 149 } 150 151 D("Writing public key to '%s'\n", path); 152 153 b64 = BIO_new(BIO_f_base64()); 154 BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL); 155 156 bio = BIO_push(b64, bfile); 157 BIO_write(bio, &pkey, sizeof(pkey)); 158 BIO_flush(bio); 159 BIO_pop(b64); 160 BIO_free(b64); 161 162 get_user_info(info, sizeof(info)); 163 BIO_write(bfile, info, strlen(info)); 164 BIO_flush(bfile); 165 BIO_free_all(bfile); 166 167 return 1; 168} 169 170static int generate_key(const char *file) 171{ 172 EVP_PKEY* pkey = EVP_PKEY_new(); 173 BIGNUM* exponent = BN_new(); 174 RSA* rsa = RSA_new(); 175 FILE *f = NULL; 176 int ret = 0; 177 178 D("generate_key '%s'\n", file); 179 180 if (!pkey || !exponent || !rsa) { 181 D("Failed to allocate key\n"); 182 goto out; 183 } 184 185 BN_set_word(exponent, RSA_F4); 186 RSA_generate_key_ex(rsa, 2048, exponent, NULL); 187 EVP_PKEY_set1_RSA(pkey, rsa); 188 189 f = fopen(file, "w"); 190 if (!f) { 191 D("Failed to open '%s'\n", file); 192 goto out; 193 } 194 195 if (!PEM_write_PrivateKey(f, pkey, NULL, NULL, 0, NULL, NULL)) { 196 D("Failed to write key\n"); 197 goto out; 198 } 199 200 if (!write_public_keyfile(rsa, file)) { 201 D("Failed to write public key\n"); 202 goto out; 203 } 204 205 ret = 1; 206 207out: 208 if (f) 209 fclose(f); 210 EVP_PKEY_free(pkey); 211 RSA_free(rsa); 212 BN_free(exponent); 213 return ret; 214} 215 216static int read_key(const char *file, struct listnode *list) 217{ 218 struct adb_private_key *key; 219 FILE *f; 220 221 D("read_key '%s'\n", file); 222 223 f = fopen(file, "r"); 224 if (!f) { 225 D("Failed to open '%s'\n", file); 226 return 0; 227 } 228 229 key = malloc(sizeof(*key)); 230 if (!key) { 231 D("Failed to alloc key\n"); 232 fclose(f); 233 return 0; 234 } 235 key->rsa = RSA_new(); 236 237 if (!PEM_read_RSAPrivateKey(f, &key->rsa, NULL, NULL)) { 238 D("Failed to read key\n"); 239 fclose(f); 240 RSA_free(key->rsa); 241 free(key); 242 return 0; 243 } 244 245 fclose(f); 246 list_add_tail(list, &key->node); 247 return 1; 248} 249 250static int get_user_keyfilepath(char *filename, size_t len) 251{ 252 const char *format, *home; 253 char android_dir[PATH_MAX]; 254 struct stat buf; 255#ifdef _WIN32 256 char path[PATH_MAX]; 257 home = getenv("ANDROID_SDK_HOME"); 258 if (!home) { 259 SHGetFolderPath(NULL, CSIDL_PROFILE, NULL, 0, path); 260 home = path; 261 } 262 format = "%s\\%s"; 263#else 264 home = getenv("HOME"); 265 if (!home) 266 return -1; 267 format = "%s/%s"; 268#endif 269 270 D("home '%s'\n", home); 271 272 if (snprintf(android_dir, sizeof(android_dir), format, home, 273 ANDROID_PATH) >= (int)sizeof(android_dir)) 274 return -1; 275 276 if (stat(android_dir, &buf)) { 277 if (adb_mkdir(android_dir, 0750) < 0) { 278 D("Cannot mkdir '%s'", android_dir); 279 return -1; 280 } 281 } 282 283 return snprintf(filename, len, format, android_dir, ADB_KEY_FILE); 284} 285 286static int get_user_key(struct listnode *list) 287{ 288 struct stat buf; 289 char path[PATH_MAX]; 290 int ret; 291 292 ret = get_user_keyfilepath(path, sizeof(path)); 293 if (ret < 0 || ret >= (signed)sizeof(path)) { 294 D("Error getting user key filename"); 295 return 0; 296 } 297 298 D("user key '%s'\n", path); 299 300 if (stat(path, &buf) == -1) { 301 if (!generate_key(path)) { 302 D("Failed to generate new key\n"); 303 return 0; 304 } 305 } 306 307 return read_key(path, list); 308} 309 310static void get_vendor_keys(struct listnode *list) 311{ 312 const char *adb_keys_path; 313 char keys_path[MAX_PAYLOAD]; 314 char *keys = keys_path; 315 char *path; 316 struct stat buf; 317 318 adb_keys_path = getenv("ADB_VENDOR_KEYS"); 319 if (!adb_keys_path) 320 return; 321 strncpy(keys_path, adb_keys_path, sizeof(keys_path)); 322 323 do { 324 path = strsep(&keys, ";"); 325 D("Reading: %s\n", path); 326 327 if (stat(path, &buf)) { 328 D("Can't read '%s'\n", path); 329 continue; 330 } 331 332 if (!read_key(path, list)) 333 continue; 334 335 } while (keys); 336} 337 338int adb_auth_sign(void *node, void *token, size_t token_size, void *sig) 339{ 340 unsigned int len; 341 struct adb_private_key *key = node_to_item(node, struct adb_private_key, node); 342 343 if (!RSA_sign(NID_sha1, token, token_size, sig, &len, key->rsa)) { 344 return 0; 345 } 346 347 D("adb_auth_sign len=%d\n", len); 348 return (int)len; 349} 350 351void *adb_auth_nextkey(void *current) 352{ 353 struct listnode *item; 354 355 if (list_empty(&key_list)) 356 return NULL; 357 358 if (!current) 359 return list_head(&key_list); 360 361 list_for_each(item, &key_list) { 362 if (item == current) { 363 /* current is the last item, we tried all the keys */ 364 if (item->next == &key_list) 365 return NULL; 366 return item->next; 367 } 368 } 369 370 return NULL; 371} 372 373int adb_auth_get_userkey(unsigned char *data, size_t len) 374{ 375 char path[PATH_MAX]; 376 char *file; 377 int ret; 378 379 ret = get_user_keyfilepath(path, sizeof(path) - 4); 380 if (ret < 0 || ret >= (signed)(sizeof(path) - 4)) { 381 D("Error getting user key filename"); 382 return 0; 383 } 384 strcat(path, ".pub"); 385 386 file = load_file(path, (unsigned*)&ret); 387 if (!file) { 388 D("Can't load '%s'\n", path); 389 return 0; 390 } 391 392 if (len < (size_t)(ret + 1)) { 393 D("%s: Content too large ret=%d\n", path, ret); 394 return 0; 395 } 396 397 memcpy(data, file, ret); 398 data[ret] = '\0'; 399 400 return ret + 1; 401} 402 403void adb_auth_init(void) 404{ 405 int ret; 406 407 D("adb_auth_init\n"); 408 409 list_init(&key_list); 410 411 ret = get_user_key(&key_list); 412 if (!ret) { 413 D("Failed to get user key\n"); 414 return; 415 } 416 417 get_vendor_keys(&key_list); 418} 419