The Android Open Source Project | c24a8e6 | 2009-03-03 19:28:42 -0800 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2008 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
xunchang | 2478885 | 2019-03-22 16:08:52 -0700 | [diff] [blame] | 17 | #pragma once |
The Android Open Source Project | c24a8e6 | 2009-03-03 19:28:42 -0800 | [diff] [blame] | 18 | |
Tianjie Xu | 8256698 | 2018-10-10 15:44:17 -0700 | [diff] [blame] | 19 | #include <stdint.h> |
| 20 | |
Tao Bao | 5e53501 | 2017-03-16 17:37:38 -0700 | [diff] [blame] | 21 | #include <functional> |
Tao Bao | 71e3e09 | 2016-02-02 14:02:27 -0800 | [diff] [blame] | 22 | #include <memory> |
| 23 | #include <vector> |
| 24 | |
Mattias Nissler | 452df6d | 2016-04-04 16:17:01 +0200 | [diff] [blame] | 25 | #include <openssl/ec_key.h> |
| 26 | #include <openssl/rsa.h> |
| 27 | #include <openssl/sha.h> |
The Android Open Source Project | c24a8e6 | 2009-03-03 19:28:42 -0800 | [diff] [blame] | 28 | |
xunchang | 37304f3 | 2019-03-12 12:40:14 -0700 | [diff] [blame] | 29 | constexpr size_t MiB = 1024 * 1024; |
| 30 | |
xunchang | f07ed2e | 2019-02-25 14:14:01 -0800 | [diff] [blame] | 31 | using HasherUpdateCallback = std::function<void(const uint8_t* addr, uint64_t size)>; |
| 32 | |
Mattias Nissler | 452df6d | 2016-04-04 16:17:01 +0200 | [diff] [blame] | 33 | struct RSADeleter { |
Mikhail Lappo | b49767c | 2017-03-23 21:44:26 +0100 | [diff] [blame] | 34 | void operator()(RSA* rsa) const { |
Mattias Nissler | 452df6d | 2016-04-04 16:17:01 +0200 | [diff] [blame] | 35 | RSA_free(rsa); |
| 36 | } |
| 37 | }; |
| 38 | |
| 39 | struct ECKEYDeleter { |
Mikhail Lappo | b49767c | 2017-03-23 21:44:26 +0100 | [diff] [blame] | 40 | void operator()(EC_KEY* ec_key) const { |
Mattias Nissler | 452df6d | 2016-04-04 16:17:01 +0200 | [diff] [blame] | 41 | EC_KEY_free(ec_key); |
| 42 | } |
| 43 | }; |
Kenny Root | 7a4adb5 | 2013-10-09 10:14:35 -0700 | [diff] [blame] | 44 | |
Tao Bao | 71e3e09 | 2016-02-02 14:02:27 -0800 | [diff] [blame] | 45 | struct Certificate { |
xunchang | 2478885 | 2019-03-22 16:08:52 -0700 | [diff] [blame] | 46 | typedef enum { |
| 47 | KEY_TYPE_RSA, |
| 48 | KEY_TYPE_EC, |
| 49 | } KeyType; |
Kenny Root | 7a4adb5 | 2013-10-09 10:14:35 -0700 | [diff] [blame] | 50 | |
xunchang | 2478885 | 2019-03-22 16:08:52 -0700 | [diff] [blame] | 51 | Certificate(int hash_len_, KeyType key_type_, std::unique_ptr<RSA, RSADeleter>&& rsa_, |
| 52 | std::unique_ptr<EC_KEY, ECKEYDeleter>&& ec_) |
| 53 | : hash_len(hash_len_), key_type(key_type_), rsa(std::move(rsa_)), ec(std::move(ec_)) {} |
Tao Bao | 71e3e09 | 2016-02-02 14:02:27 -0800 | [diff] [blame] | 54 | |
xunchang | 2478885 | 2019-03-22 16:08:52 -0700 | [diff] [blame] | 55 | // SHA_DIGEST_LENGTH (SHA-1) or SHA256_DIGEST_LENGTH (SHA-256) |
| 56 | int hash_len; |
| 57 | KeyType key_type; |
| 58 | std::unique_ptr<RSA, RSADeleter> rsa; |
| 59 | std::unique_ptr<EC_KEY, ECKEYDeleter> ec; |
Tao Bao | 71e3e09 | 2016-02-02 14:02:27 -0800 | [diff] [blame] | 60 | }; |
Doug Zongker | 30362a6 | 2013-04-10 11:32:17 -0700 | [diff] [blame] | 61 | |
xunchang | f07ed2e | 2019-02-25 14:14:01 -0800 | [diff] [blame] | 62 | class VerifierInterface { |
| 63 | public: |
| 64 | virtual ~VerifierInterface() = default; |
| 65 | |
| 66 | // Returns the package size in bytes. |
| 67 | virtual uint64_t GetPackageSize() const = 0; |
| 68 | |
| 69 | // Reads |byte_count| data starting from |offset|, and puts the result in |buffer|. |
| 70 | virtual bool ReadFullyAtOffset(uint8_t* buffer, uint64_t byte_count, uint64_t offset) = 0; |
| 71 | |
| 72 | // Updates the hash contexts for |length| bytes data starting from |start|. |
| 73 | virtual bool UpdateHashAtOffset(const std::vector<HasherUpdateCallback>& hashers, uint64_t start, |
| 74 | uint64_t length) = 0; |
| 75 | |
| 76 | // Updates the progress in fraction during package verification. |
| 77 | virtual void SetProgress(float progress) = 0; |
| 78 | }; |
| 79 | |
| 80 | // Looks for an RSA signature embedded in the .ZIP file comment given the path to the zip. |
| 81 | // Verifies that it matches one of the given public keys. Returns VERIFY_SUCCESS or |
| 82 | // VERIFY_FAILURE (if any error is encountered or no key matches the signature). |
| 83 | int verify_file(VerifierInterface* package, const std::vector<Certificate>& keys); |
Doug Zongker | 60151a2 | 2009-08-12 18:30:03 -0700 | [diff] [blame] | 84 | |
xunchang | 908ad77 | 2019-03-26 09:54:34 -0700 | [diff] [blame] | 85 | // Checks that the RSA key has a modulus of 2048 or 4096 bits long, and public exponent is 3 or |
| 86 | // 65537. |
Tianjie Xu | b5110de | 2018-10-23 23:31:43 -0700 | [diff] [blame] | 87 | bool CheckRSAKey(const std::unique_ptr<RSA, RSADeleter>& rsa); |
| 88 | |
| 89 | // Checks that the field size of the curve for the EC key is 256 bits. |
| 90 | bool CheckECKey(const std::unique_ptr<EC_KEY, ECKEYDeleter>& ec_key); |
| 91 | |
Tianjie Xu | 8256698 | 2018-10-10 15:44:17 -0700 | [diff] [blame] | 92 | // Parses a PEM-encoded x509 certificate from the given buffer and saves it into |cert|. Returns |
| 93 | // false if there is a parsing failure or the signature's encryption algorithm is not supported. |
| 94 | bool LoadCertificateFromBuffer(const std::vector<uint8_t>& pem_content, Certificate* cert); |
| 95 | |
Tianjie Xu | 0dd9685 | 2018-10-15 11:44:14 -0700 | [diff] [blame] | 96 | // Iterates over the zip entries with the suffix "x509.pem" and returns a list of recognized |
| 97 | // certificates. Returns an empty list if we fail to parse any of the entries. |
| 98 | std::vector<Certificate> LoadKeysFromZipfile(const std::string& zip_name); |
| 99 | |
xunchang | 2478885 | 2019-03-22 16:08:52 -0700 | [diff] [blame] | 100 | #define VERIFY_SUCCESS 0 |
| 101 | #define VERIFY_FAILURE 1 |