Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_core / 607fd5424a6e3ebb1acfc60bcd0cc411209d3c6d / . / adb / daemon / auth.cpp
blob: ec4ab4ad222a64429922baa3b3c554e319dc7ec9 [file] [log] [blame]
Benoit Gobyd5fcafa2012-04-12 12:23:49 -0700[diff] [blame]1/*
2 * Copyright (C) 2012 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
Yabin Cuiaed3c612015-09-22 15:52:57 -0700[diff] [blame]17#define TRACE_TAG AUTH
Dan Albert33134262015-03-19 15:21:08 -0700[diff] [blame]18
Elliott Hughes0aeb5052016-06-29 17:42:01 -0700[diff] [blame]19#include "sysdeps.h"
Dan Albert33134262015-03-19 15:21:08 -0700[diff] [blame]20
Dan Albert76649012015-02-24 15:51:19 -0800[diff] [blame]21#include <resolv.h>
Benoit Gobyd5fcafa2012-04-12 12:23:49 -0700[diff] [blame]22#include <stdio.h>
23#include <string.h>
Benoit Gobyd5fcafa2012-04-12 12:23:49 -0700[diff] [blame]24
Michael Groover7eeda6b2019-04-25 18:33:35 -0700[diff] [blame]25#include <algorithm>
Josh Gao607fd542019-12-09 15:44:57 -0800[diff] [blame^]26#include <iomanip>
27#include <map>
Elliott Hughes0aeb5052016-06-29 17:42:01 -0700[diff] [blame]28#include <memory>
29
Josh Gao27523262019-10-22 12:30:39 -0700[diff] [blame]30#include <adbd_auth.h>
Elliott Hughes0aeb5052016-06-29 17:42:01 -0700[diff] [blame]31#include <android-base/file.h>
Josh Gao607fd542019-12-09 15:44:57 -0800[diff] [blame^]32#include <android-base/no_destructor.h>
Elliott Hughes0aeb5052016-06-29 17:42:01 -0700[diff] [blame]33#include <android-base/strings.h>
34#include <crypto_utils/android_pubkey.h>
Mattias Nissler097b6bb2016-03-31 16:32:09 +0200[diff] [blame]35#include <openssl/obj_mac.h>
36#include <openssl/rsa.h>
37#include <openssl/sha.h>
38
Josh Gao607fd542019-12-09 15:44:57 -0800[diff] [blame^]39#include "adb.h"
40#include "adb_auth.h"
41#include "adb_io.h"
42#include "fdevent/fdevent.h"
43#include "transport.h"
44#include "types.h"
45
Josh Gao27523262019-10-22 12:30:39 -0700[diff] [blame]46static AdbdAuthContext* auth_ctx;
Benoit Gobyd5fcafa2012-04-12 12:23:49 -0700[diff] [blame]47
Michael Groover3857dea2018-12-28 20:35:37 -0800[diff] [blame]48static void adb_disconnected(void* unused, atransport* t);
49static struct adisconnect adb_disconnect = {adb_disconnected, nullptr};
Benoit Gobyd5fcafa2012-04-12 12:23:49 -0700[diff] [blame]50
Josh Gao607fd542019-12-09 15:44:57 -0800[diff] [blame^]51static android::base::NoDestructor<std::map<uint32_t, weak_ptr<atransport>>> transports;
52static uint32_t transport_auth_id = 0;
53
Josh Gao3bd28792016-10-05 19:02:29 -0700[diff] [blame]54bool auth_required = true;
55
Josh Gao607fd542019-12-09 15:44:57 -0800[diff] [blame^]56static void* transport_to_callback_arg(atransport* transport) {
57 uint32_t id = transport_auth_id++;
58 (*transports)[id] = transport->weak();
59 return reinterpret_cast<void*>(id);
60}
61
62static atransport* transport_from_callback_arg(void* id) {
63 uint64_t id_u64 = reinterpret_cast<uint64_t>(id);
64 if (id_u64 > std::numeric_limits<uint32_t>::max()) {
65 LOG(FATAL) << "transport_from_callback_arg called on out of range value: " << id_u64;
66 }
67
68 uint32_t id_u32 = static_cast<uint32_t>(id_u64);
69 auto it = transports->find(id_u32);
70 if (it == transports->end()) {
71 LOG(ERROR) << "transport_from_callback_arg failed to find transport for id " << id_u32;
72 return nullptr;
73 }
74
75 atransport* t = it->second.get();
76 if (!t) {
77 LOG(WARNING) << "transport_from_callback_arg found already destructed transport";
78 return nullptr;
79 }
80
81 transports->erase(it);
82 return t;
83}
84
Josh Gao27523262019-10-22 12:30:39 -0700[diff] [blame]85static void IteratePublicKeys(std::function<bool(std::string_view public_key)> f) {
86 adbd_auth_get_public_keys(
87 auth_ctx,
88 [](const char* public_key, size_t len, void* arg) {
89 return (*static_cast<decltype(f)*>(arg))(std::string_view(public_key, len));
90 },
91 &f);
Benoit Gobyd5fcafa2012-04-12 12:23:49 -0700[diff] [blame]92}
93
Josh Gao27523262019-10-22 12:30:39 -0700[diff] [blame]94bool adbd_auth_verify(const char* token, size_t token_size, const std::string& sig,
95 std::string* auth_key) {
96 bool authorized = false;
97 auth_key->clear();
Michael Groover7eeda6b2019-04-25 18:33:35 -0700[diff] [blame]98
Josh Gao27523262019-10-22 12:30:39 -0700[diff] [blame]99 IteratePublicKeys([&](std::string_view public_key) {
100 // TODO: do we really have to support both ' ' and '\t'?
101 std::vector<std::string> split = android::base::Split(std::string(public_key), " \t");
102 uint8_t keybuf[ANDROID_PUBKEY_ENCODED_SIZE + 1];
103 const std::string& pubkey = split[0];
104 if (b64_pton(pubkey.c_str(), keybuf, sizeof(keybuf)) != ANDROID_PUBKEY_ENCODED_SIZE) {
105 LOG(ERROR) << "Invalid base64 key " << pubkey;
106 return true;
107 }
108
109 RSA* key = nullptr;
110 if (!android_pubkey_decode(keybuf, ANDROID_PUBKEY_ENCODED_SIZE, &key)) {
111 LOG(ERROR) << "Failed to parse key " << pubkey;
112 return true;
113 }
114
115 bool verified =
116 (RSA_verify(NID_sha1, reinterpret_cast<const uint8_t*>(token), token_size,
117 reinterpret_cast<const uint8_t*>(sig.c_str()), sig.size(), key) == 1);
118 RSA_free(key);
119 if (verified) {
120 *auth_key = public_key;
121 authorized = true;
122 return false;
123 }
124
125 return true;
126 });
127
128 return authorized;
Michael Groover7eeda6b2019-04-25 18:33:35 -0700[diff] [blame]129}
130
Josh Gao3bd28792016-10-05 19:02:29 -0700[diff] [blame]131static bool adbd_auth_generate_token(void* token, size_t token_size) {
Elliott Hughes0aeb5052016-06-29 17:42:01 -0700[diff] [blame]132 FILE* fp = fopen("/dev/urandom", "re");
133 if (!fp) return false;
134 bool okay = (fread(token, token_size, 1, fp) == 1);
135 fclose(fp);
136 return okay;
Benoit Gobyd5fcafa2012-04-12 12:23:49 -0700[diff] [blame]137}
138
Pavel Labath64d9adc2015-03-17 11:03:36 -0700[diff] [blame]139void adbd_cloexec_auth_socket() {
140 int fd = android_get_control_socket("adbd");
141 if (fd == -1) {
Elliott Hughes0aeb5052016-06-29 17:42:01 -0700[diff] [blame]142 PLOG(ERROR) << "Failed to get adbd socket";
Benoit Gobyd5fcafa2012-04-12 12:23:49 -0700[diff] [blame]143 return;
144 }
Nick Kralevichfe8d7f42014-07-18 20:57:35 -0700[diff] [blame]145 fcntl(fd, F_SETFD, FD_CLOEXEC);
Pavel Labath64d9adc2015-03-17 11:03:36 -0700[diff] [blame]146}
Benoit Gobyd5fcafa2012-04-12 12:23:49 -0700[diff] [blame]147
Josh Gao27523262019-10-22 12:30:39 -0700[diff] [blame]148static void adbd_auth_key_authorized(void* arg, uint64_t id) {
149 LOG(INFO) << "adb client authorized";
Josh Gao607fd542019-12-09 15:44:57 -0800[diff] [blame^]150 fdevent_run_on_main_thread([=]() {
151 LOG(INFO) << "arg = " << reinterpret_cast<uintptr_t>(arg);
152 auto* transport = transport_from_callback_arg(arg);
153 if (!transport) {
154 LOG(ERROR) << "authorization received for deleted transport, ignoring";
155 return;
156 }
157 transport->auth_id = id;
158 adbd_auth_verified(transport);
159 });
Josh Gao27523262019-10-22 12:30:39 -0700[diff] [blame]160}
161
Pavel Labath64d9adc2015-03-17 11:03:36 -0700[diff] [blame]162void adbd_auth_init(void) {
Josh Gao27523262019-10-22 12:30:39 -0700[diff] [blame]163 AdbdAuthCallbacks cb;
164 cb.version = 1;
165 cb.callbacks.v1.key_authorized = adbd_auth_key_authorized;
166 auth_ctx = adbd_auth_new(&cb);
167 std::thread([]() {
168 adb_thread_setname("adbd auth");
169 adbd_auth_run(auth_ctx);
170 LOG(FATAL) << "auth thread terminated";
171 }).detach();
Benoit Gobyd5fcafa2012-04-12 12:23:49 -0700[diff] [blame]172}
Josh Gao3bd28792016-10-05 19:02:29 -0700[diff] [blame]173
174void send_auth_request(atransport* t) {
175 LOG(INFO) << "Calling send_auth_request...";
176
177 if (!adbd_auth_generate_token(t->token, sizeof(t->token))) {
178 PLOG(ERROR) << "Error generating token";
179 return;
180 }
181
182 apacket* p = get_apacket();
Josh Gao3bd28792016-10-05 19:02:29 -0700[diff] [blame]183 p->msg.command = A_AUTH;
184 p->msg.arg0 = ADB_AUTH_TOKEN;
185 p->msg.data_length = sizeof(t->token);
Josh Gaof571fcb2018-02-05 18:49:10 -0800[diff] [blame]186 p->payload.assign(t->token, t->token + sizeof(t->token));
Josh Gao3bd28792016-10-05 19:02:29 -0700[diff] [blame]187 send_packet(p, t);
188}
189
Josh Gao184f5712017-07-26 11:06:55 -0700[diff] [blame]190void adbd_auth_verified(atransport* t) {
191 LOG(INFO) << "adb client authorized";
Josh Gao3bd28792016-10-05 19:02:29 -0700[diff] [blame]192 handle_online(t);
193 send_connect(t);
194}
Josh Gao27523262019-10-22 12:30:39 -0700[diff] [blame]195
196static void adb_disconnected(void* unused, atransport* t) {
197 LOG(INFO) << "ADB disconnect";
198 adbd_auth_notify_disconnect(auth_ctx, t->auth_id);
199}
200
201void adbd_auth_confirm_key(atransport* t) {
202 LOG(INFO) << "prompting user to authorize key";
203 t->AddDisconnect(&adb_disconnect);
Josh Gao607fd542019-12-09 15:44:57 -0800[diff] [blame^]204 adbd_auth_prompt_user(auth_ctx, t->auth_key.data(), t->auth_key.size(),
205 transport_to_callback_arg(t));
Josh Gao27523262019-10-22 12:30:39 -0700[diff] [blame]206}
207
208void adbd_notify_framework_connected_key(atransport* t) {
209 adbd_auth_notify_auth(auth_ctx, t->auth_key.data(), t->auth_key.size());
210}