diff options
author | Tao Bao | 2017-03-20 19:09:13 -0500 |
---|---|---|
committer | Tao Bao | 2017-03-21 00:13:56 -0500 |
commit | 76fdb2419bfec0e747db2530379484a3dc571f34 (patch) | |
tree | aba97506271d30aad9c52d438caf0f83fd084dad /verifier.cpp | |
parent | 110102f37e76c2630ff510dfc1734478a2d81206 (diff) | |
download | platform-bootable-recovery-76fdb2419bfec0e747db2530379484a3dc571f34.tar.gz platform-bootable-recovery-76fdb2419bfec0e747db2530379484a3dc571f34.tar.xz platform-bootable-recovery-76fdb2419bfec0e747db2530379484a3dc571f34.zip |
verify_file: Add constness to a few addresses.
We should not touch any data while verifying packages (or parsing the
in-memory ASN.1 structures).
Test: mmma bootable/recovery
Test: recovery_component_test passes.
Test: recovery_unit_test passes.
Change-Id: Ie990662c6451ec066a1807b3081c9296afbdb0bf
Diffstat (limited to 'verifier.cpp')
-rw-r--r-- | verifier.cpp | 107 |
1 files changed, 53 insertions, 54 deletions
diff --git a/verifier.cpp b/verifier.cpp index 3beaa6e0..fa344d74 100644 --- a/verifier.cpp +++ b/verifier.cpp | |||
@@ -24,6 +24,7 @@ | |||
24 | #include <algorithm> | 24 | #include <algorithm> |
25 | #include <functional> | 25 | #include <functional> |
26 | #include <memory> | 26 | #include <memory> |
27 | #include <vector> | ||
27 | 28 | ||
28 | #include <android-base/logging.h> | 29 | #include <android-base/logging.h> |
29 | #include <openssl/bn.h> | 30 | #include <openssl/bn.h> |
@@ -60,51 +61,53 @@ static constexpr size_t MiB = 1024 * 1024; | |||
60 | * SEQUENCE (SignatureAlgorithmIdentifier) | 61 | * SEQUENCE (SignatureAlgorithmIdentifier) |
61 | * OCTET STRING (SignatureValue) | 62 | * OCTET STRING (SignatureValue) |
62 | */ | 63 | */ |
63 | static bool read_pkcs7(uint8_t* pkcs7_der, size_t pkcs7_der_len, uint8_t** sig_der, | 64 | static bool read_pkcs7(const uint8_t* pkcs7_der, size_t pkcs7_der_len, |
64 | size_t* sig_der_length) { | 65 | std::vector<uint8_t>* sig_der) { |
65 | asn1_context_t* ctx = asn1_context_new(pkcs7_der, pkcs7_der_len); | 66 | CHECK(sig_der != nullptr); |
66 | if (ctx == NULL) { | 67 | sig_der->clear(); |
67 | return false; | 68 | |
68 | } | 69 | asn1_context_t* ctx = asn1_context_new(pkcs7_der, pkcs7_der_len); |
70 | if (ctx == NULL) { | ||
71 | return false; | ||
72 | } | ||
69 | 73 | ||
70 | asn1_context_t* pkcs7_seq = asn1_sequence_get(ctx); | 74 | asn1_context_t* pkcs7_seq = asn1_sequence_get(ctx); |
71 | if (pkcs7_seq != NULL && asn1_sequence_next(pkcs7_seq)) { | 75 | if (pkcs7_seq != NULL && asn1_sequence_next(pkcs7_seq)) { |
72 | asn1_context_t *signed_data_app = asn1_constructed_get(pkcs7_seq); | 76 | asn1_context_t *signed_data_app = asn1_constructed_get(pkcs7_seq); |
73 | if (signed_data_app != NULL) { | 77 | if (signed_data_app != NULL) { |
74 | asn1_context_t* signed_data_seq = asn1_sequence_get(signed_data_app); | 78 | asn1_context_t* signed_data_seq = asn1_sequence_get(signed_data_app); |
75 | if (signed_data_seq != NULL | 79 | if (signed_data_seq != NULL |
76 | && asn1_sequence_next(signed_data_seq) | 80 | && asn1_sequence_next(signed_data_seq) |
77 | && asn1_sequence_next(signed_data_seq) | 81 | && asn1_sequence_next(signed_data_seq) |
78 | && asn1_sequence_next(signed_data_seq) | 82 | && asn1_sequence_next(signed_data_seq) |
79 | && asn1_constructed_skip_all(signed_data_seq)) { | 83 | && asn1_constructed_skip_all(signed_data_seq)) { |
80 | asn1_context_t *sig_set = asn1_set_get(signed_data_seq); | 84 | asn1_context_t *sig_set = asn1_set_get(signed_data_seq); |
81 | if (sig_set != NULL) { | 85 | if (sig_set != NULL) { |
82 | asn1_context_t* sig_seq = asn1_sequence_get(sig_set); | 86 | asn1_context_t* sig_seq = asn1_sequence_get(sig_set); |
83 | if (sig_seq != NULL | 87 | if (sig_seq != NULL |
84 | && asn1_sequence_next(sig_seq) | 88 | && asn1_sequence_next(sig_seq) |
85 | && asn1_sequence_next(sig_seq) | 89 | && asn1_sequence_next(sig_seq) |
86 | && asn1_sequence_next(sig_seq) | 90 | && asn1_sequence_next(sig_seq) |
87 | && asn1_sequence_next(sig_seq)) { | 91 | && asn1_sequence_next(sig_seq)) { |
88 | uint8_t* sig_der_ptr; | 92 | const uint8_t* sig_der_ptr; |
89 | if (asn1_octet_string_get(sig_seq, &sig_der_ptr, sig_der_length)) { | 93 | size_t sig_der_length; |
90 | *sig_der = (uint8_t*) malloc(*sig_der_length); | 94 | if (asn1_octet_string_get(sig_seq, &sig_der_ptr, &sig_der_length)) { |
91 | if (*sig_der != NULL) { | 95 | sig_der->resize(sig_der_length); |
92 | memcpy(*sig_der, sig_der_ptr, *sig_der_length); | 96 | std::copy(sig_der_ptr, sig_der_ptr + sig_der_length, sig_der->begin()); |
93 | } | ||
94 | } | ||
95 | asn1_context_free(sig_seq); | ||
96 | } | ||
97 | asn1_context_free(sig_set); | ||
98 | } | ||
99 | asn1_context_free(signed_data_seq); | ||
100 | } | 97 | } |
101 | asn1_context_free(signed_data_app); | 98 | asn1_context_free(sig_seq); |
99 | } | ||
100 | asn1_context_free(sig_set); | ||
102 | } | 101 | } |
103 | asn1_context_free(pkcs7_seq); | 102 | asn1_context_free(signed_data_seq); |
103 | } | ||
104 | asn1_context_free(signed_data_app); | ||
104 | } | 105 | } |
105 | asn1_context_free(ctx); | 106 | asn1_context_free(pkcs7_seq); |
107 | } | ||
108 | asn1_context_free(ctx); | ||
106 | 109 | ||
107 | return *sig_der != NULL; | 110 | return !sig_der->empty(); |
108 | } | 111 | } |
109 | 112 | ||
110 | /* | 113 | /* |
@@ -115,7 +118,7 @@ static bool read_pkcs7(uint8_t* pkcs7_der, size_t pkcs7_der_len, uint8_t** sig_d | |||
115 | * Returns VERIFY_SUCCESS or VERIFY_FAILURE (if any error is encountered or no key matches the | 118 | * Returns VERIFY_SUCCESS or VERIFY_FAILURE (if any error is encountered or no key matches the |
116 | * signature). | 119 | * signature). |
117 | */ | 120 | */ |
118 | int verify_file(unsigned char* addr, size_t length, const std::vector<Certificate>& keys, | 121 | int verify_file(const unsigned char* addr, size_t length, const std::vector<Certificate>& keys, |
119 | const std::function<void(float)>& set_progress) { | 122 | const std::function<void(float)>& set_progress) { |
120 | if (set_progress) { | 123 | if (set_progress) { |
121 | set_progress(0.0); | 124 | set_progress(0.0); |
@@ -136,7 +139,7 @@ int verify_file(unsigned char* addr, size_t length, const std::vector<Certificat | |||
136 | return VERIFY_FAILURE; | 139 | return VERIFY_FAILURE; |
137 | } | 140 | } |
138 | 141 | ||
139 | unsigned char* footer = addr + length - FOOTER_SIZE; | 142 | const unsigned char* footer = addr + length - FOOTER_SIZE; |
140 | 143 | ||
141 | if (footer[2] != 0xff || footer[3] != 0xff) { | 144 | if (footer[2] != 0xff || footer[3] != 0xff) { |
142 | LOG(ERROR) << "footer is wrong"; | 145 | LOG(ERROR) << "footer is wrong"; |
@@ -168,7 +171,7 @@ int verify_file(unsigned char* addr, size_t length, const std::vector<Certificat | |||
168 | // (2 bytes) and the comment data. | 171 | // (2 bytes) and the comment data. |
169 | size_t signed_len = length - eocd_size + EOCD_HEADER_SIZE - 2; | 172 | size_t signed_len = length - eocd_size + EOCD_HEADER_SIZE - 2; |
170 | 173 | ||
171 | unsigned char* eocd = addr + length - eocd_size; | 174 | const unsigned char* eocd = addr + length - eocd_size; |
172 | 175 | ||
173 | // If this is really is the EOCD record, it will begin with the magic number $50 $4b $05 $06. | 176 | // If this is really is the EOCD record, it will begin with the magic number $50 $4b $05 $06. |
174 | if (eocd[0] != 0x50 || eocd[1] != 0x4b || eocd[2] != 0x05 || eocd[3] != 0x06) { | 177 | if (eocd[0] != 0x50 || eocd[1] != 0x4b || eocd[2] != 0x05 || eocd[3] != 0x06) { |
@@ -177,7 +180,7 @@ int verify_file(unsigned char* addr, size_t length, const std::vector<Certificat | |||
177 | } | 180 | } |
178 | 181 | ||
179 | for (size_t i = 4; i < eocd_size-3; ++i) { | 182 | for (size_t i = 4; i < eocd_size-3; ++i) { |
180 | if (eocd[i ] == 0x50 && eocd[i+1] == 0x4b && eocd[i+2] == 0x05 && eocd[i+3] == 0x06) { | 183 | if (eocd[i] == 0x50 && eocd[i+1] == 0x4b && eocd[i+2] == 0x05 && eocd[i+3] == 0x06) { |
181 | // If the sequence $50 $4b $05 $06 appears anywhere after the real one, libziparchive will | 184 | // If the sequence $50 $4b $05 $06 appears anywhere after the real one, libziparchive will |
182 | // find the later (wrong) one, which could be exploitable. Fail the verification if this | 185 | // find the later (wrong) one, which could be exploitable. Fail the verification if this |
183 | // sequence occurs anywhere after the real one. | 186 | // sequence occurs anywhere after the real one. |
@@ -226,16 +229,14 @@ int verify_file(unsigned char* addr, size_t length, const std::vector<Certificat | |||
226 | uint8_t sha256[SHA256_DIGEST_LENGTH]; | 229 | uint8_t sha256[SHA256_DIGEST_LENGTH]; |
227 | SHA256_Final(sha256, &sha256_ctx); | 230 | SHA256_Final(sha256, &sha256_ctx); |
228 | 231 | ||
229 | uint8_t* sig_der = nullptr; | 232 | const uint8_t* signature = eocd + eocd_size - signature_start; |
230 | size_t sig_der_length = 0; | ||
231 | |||
232 | uint8_t* signature = eocd + eocd_size - signature_start; | ||
233 | size_t signature_size = signature_start - FOOTER_SIZE; | 233 | size_t signature_size = signature_start - FOOTER_SIZE; |
234 | 234 | ||
235 | LOG(INFO) << "signature (offset: " << std::hex << (length - signature_start) << ", length: " | 235 | LOG(INFO) << "signature (offset: " << std::hex << (length - signature_start) << ", length: " |
236 | << signature_size << "): " << print_hex(signature, signature_size); | 236 | << signature_size << "): " << print_hex(signature, signature_size); |
237 | 237 | ||
238 | if (!read_pkcs7(signature, signature_size, &sig_der, &sig_der_length)) { | 238 | std::vector<uint8_t> sig_der; |
239 | if (!read_pkcs7(signature, signature_size, &sig_der)) { | ||
239 | LOG(ERROR) << "Could not find signature DER block"; | 240 | LOG(ERROR) << "Could not find signature DER block"; |
240 | return VERIFY_FAILURE; | 241 | return VERIFY_FAILURE; |
241 | } | 242 | } |
@@ -262,22 +263,21 @@ int verify_file(unsigned char* addr, size_t length, const std::vector<Certificat | |||
262 | // The 6 bytes is the "(signature_start) $ff $ff (comment_size)" that the signing tool appends | 263 | // The 6 bytes is the "(signature_start) $ff $ff (comment_size)" that the signing tool appends |
263 | // after the signature itself. | 264 | // after the signature itself. |
264 | if (key.key_type == Certificate::KEY_TYPE_RSA) { | 265 | if (key.key_type == Certificate::KEY_TYPE_RSA) { |
265 | if (!RSA_verify(hash_nid, hash, key.hash_len, sig_der, sig_der_length, key.rsa.get())) { | 266 | if (!RSA_verify(hash_nid, hash, key.hash_len, sig_der.data(), sig_der.size(), |
267 | key.rsa.get())) { | ||
266 | LOG(INFO) << "failed to verify against RSA key " << i; | 268 | LOG(INFO) << "failed to verify against RSA key " << i; |
267 | continue; | 269 | continue; |
268 | } | 270 | } |
269 | 271 | ||
270 | LOG(INFO) << "whole-file signature verified against RSA key " << i; | 272 | LOG(INFO) << "whole-file signature verified against RSA key " << i; |
271 | free(sig_der); | ||
272 | return VERIFY_SUCCESS; | 273 | return VERIFY_SUCCESS; |
273 | } else if (key.key_type == Certificate::KEY_TYPE_EC && key.hash_len == SHA256_DIGEST_LENGTH) { | 274 | } else if (key.key_type == Certificate::KEY_TYPE_EC && key.hash_len == SHA256_DIGEST_LENGTH) { |
274 | if (!ECDSA_verify(0, hash, key.hash_len, sig_der, sig_der_length, key.ec.get())) { | 275 | if (!ECDSA_verify(0, hash, key.hash_len, sig_der.data(), sig_der.size(), key.ec.get())) { |
275 | LOG(INFO) << "failed to verify against EC key " << i; | 276 | LOG(INFO) << "failed to verify against EC key " << i; |
276 | continue; | 277 | continue; |
277 | } | 278 | } |
278 | 279 | ||
279 | LOG(INFO) << "whole-file signature verified against EC key " << i; | 280 | LOG(INFO) << "whole-file signature verified against EC key " << i; |
280 | free(sig_der); | ||
281 | return VERIFY_SUCCESS; | 281 | return VERIFY_SUCCESS; |
282 | } else { | 282 | } else { |
283 | LOG(INFO) << "Unknown key type " << key.key_type; | 283 | LOG(INFO) << "Unknown key type " << key.key_type; |
@@ -291,7 +291,6 @@ int verify_file(unsigned char* addr, size_t length, const std::vector<Certificat | |||
291 | if (need_sha256) { | 291 | if (need_sha256) { |
292 | LOG(INFO) << "SHA-256 digest: " << print_hex(sha256, SHA256_DIGEST_LENGTH); | 292 | LOG(INFO) << "SHA-256 digest: " << print_hex(sha256, SHA256_DIGEST_LENGTH); |
293 | } | 293 | } |
294 | free(sig_der); | ||
295 | LOG(ERROR) << "failed to verify whole-file signature"; | 294 | LOG(ERROR) << "failed to verify whole-file signature"; |
296 | return VERIFY_FAILURE; | 295 | return VERIFY_FAILURE; |
297 | } | 296 | } |