Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / 01688560f9e96da774dc95cd6a716a0d81eded76 / . / provisioner / rkp_factory_extraction_tool.cpp
blob: 7c5454a26a2a8d2a54f16d9e22090b5662848332 [file] [log] [blame]
Max Biresf60987e2021-04-16 13:35:20 -0700[diff] [blame]1/*
2 * Copyright 2021 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include <string>
18#include <vector>
19
20#include <aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.h>
21#include <android/binder_manager.h>
22#include <cppbor.h>
Seth Moore01688562021-06-22 12:59:32 -0700[diff] [blame^]23#include <gflags/gflags.h>
Max Biresf60987e2021-04-16 13:35:20 -0700[diff] [blame]24#include <keymaster/cppcose/cppcose.h>
25#include <log/log.h>
Seth Moore6dfb02a2021-06-18 15:43:09 -0700[diff] [blame]26#include <remote_prov/remote_prov_utils.h>
Max Biresf60987e2021-04-16 13:35:20 -0700[diff] [blame]27#include <vintf/VintfObject.h>
28
29using std::set;
30using std::string;
31using std::vector;
32
33using aidl::android::hardware::security::keymint::DeviceInfo;
34using aidl::android::hardware::security::keymint::IRemotelyProvisionedComponent;
35using aidl::android::hardware::security::keymint::MacedPublicKey;
36using aidl::android::hardware::security::keymint::ProtectedData;
Seth Moore6dfb02a2021-06-18 15:43:09 -0700[diff] [blame]37using aidl::android::hardware::security::keymint::remote_prov::generateEekChain;
Seth Moore01688562021-06-22 12:59:32 -0700[diff] [blame^]38using aidl::android::hardware::security::keymint::remote_prov::getProdEekChain;
Max Biresf60987e2021-04-16 13:35:20 -0700[diff] [blame]39
40using android::vintf::HalManifest;
41using android::vintf::VintfObject;
42
43using namespace cppbor;
44using namespace cppcose;
45
Seth Moore01688562021-06-22 12:59:32 -0700[diff] [blame^]46DEFINE_bool(test_mode, false, "If enabled, a fake EEK key/cert are used.");
47
Max Biresf60987e2021-04-16 13:35:20 -0700[diff] [blame]48namespace {
49
50const string kPackage = "android.hardware.security.keymint";
51const string kInterface = "IRemotelyProvisionedComponent";
52const string kFormattedName = kPackage + "." + kInterface + "/";
53
Max Biresf60987e2021-04-16 13:35:20 -0700[diff] [blame]54std::vector<uint8_t> getChallenge() {
55 return std::vector<uint8_t>(0);
56}
57
58std::vector<uint8_t> composeCertificateRequest(ProtectedData&& protectedData,
59 DeviceInfo&& deviceInfo) {
60 Array emptyMacedKeysToSign;
61 emptyMacedKeysToSign
62 .add(std::vector<uint8_t>(0)) // empty protected headers as bstr
63 .add(Map()) // empty unprotected headers
64 .add(Null()) // nil for the payload
65 .add(std::vector<uint8_t>(0)); // empty tag as bstr
66 Array certificateRequest;
67 certificateRequest.add(EncodedItem(std::move(deviceInfo.deviceInfo)))
68 .add(getChallenge()) // fake challenge
69 .add(EncodedItem(std::move(protectedData.protectedData)))
70 .add(std::move(emptyMacedKeysToSign));
71 return certificateRequest.encode();
72}
73
74int32_t errorMsg(string name) {
75 std::cerr << "Failed for rkp instance: " << name;
76 return -1;
77}
78
Seth Moore01688562021-06-22 12:59:32 -0700[diff] [blame^]79std::vector<uint8_t> getEekChain() {
80 if (FLAGS_test_mode) {
81 const std::vector<uint8_t> kFakeEekId = {'f', 'a', 'k', 'e', 0};
82 auto eekOrErr = generateEekChain(3 /* chainlength */, kFakeEekId);
83 LOG_FATAL_IF(!eekOrErr, "Failed to generate test EEK somehow: %s",
84 eekOrErr.message().c_str());
85 auto [eek, ignored_pubkey, ignored_privkey] = eekOrErr.moveValue();
86 return eek;
87 }
88
89 return getProdEekChain();
90}
91
Max Biresf60987e2021-04-16 13:35:20 -0700[diff] [blame]92} // namespace
93
Seth Moore01688562021-06-22 12:59:32 -0700[diff] [blame^]94int main(int argc, char** argv) {
95 gflags::ParseCommandLineFlags(&argc, &argv, /*remove_flags=*/true);
96
97 const std::vector<uint8_t> eek_chain = getEekChain();
98
Max Biresf60987e2021-04-16 13:35:20 -0700[diff] [blame]99 std::shared_ptr<const HalManifest> manifest = VintfObject::GetDeviceHalManifest();
100 set<string> rkpNames = manifest->getAidlInstances(kPackage, kInterface);
101 for (auto name : rkpNames) {
102 string fullName = kFormattedName + name;
103 if (!AServiceManager_isDeclared(fullName.c_str())) {
104 ALOGE("Could not find the following instance declared in the manifest: %s\n",
105 fullName.c_str());
106 return errorMsg(name);
107 }
108 AIBinder* rkpAiBinder = AServiceManager_getService(fullName.c_str());
109 ::ndk::SpAIBinder rkp_binder(rkpAiBinder);
110 auto rkp_service = IRemotelyProvisionedComponent::fromBinder(rkp_binder);
111 std::vector<uint8_t> keysToSignMac;
112 std::vector<MacedPublicKey> emptyKeys;
113
Max Biresf60987e2021-04-16 13:35:20 -0700[diff] [blame]114 DeviceInfo deviceInfo;
115 ProtectedData protectedData;
116 if (rkp_service) {
117 ALOGE("extracting bundle");
118 ::ndk::ScopedAStatus status = rkp_service->generateCertificateRequest(
Seth Moore01688562021-06-22 12:59:32 -0700[diff] [blame^]119 FLAGS_test_mode, emptyKeys, eek_chain, getChallenge(), &deviceInfo, &protectedData,
Max Biresf60987e2021-04-16 13:35:20 -0700[diff] [blame]120 &keysToSignMac);
121 if (!status.isOk()) {
122 ALOGE("Bundle extraction failed. Error code: %d", status.getServiceSpecificError());
123 return errorMsg(name);
124 }
Max Biresf60987e2021-04-16 13:35:20 -0700[diff] [blame]125 std::vector<uint8_t> certificateRequest =
126 composeCertificateRequest(std::move(protectedData), std::move(deviceInfo));
127 std::copy(certificateRequest.begin(), certificateRequest.end(),
128 std::ostream_iterator<char>(std::cout));
129 }
130 }
131}