libs/binder/tests/RpcTlsTestUtils.cpp


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118

/*
 * Copyright (C) 2021 The Android Open Source Project
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#define LOG_TAG "RpcTlsTestUtils"
#include <log/log.h>

#include <binder/RpcTlsTestUtils.h>

#include <binder/RpcTlsUtils.h>

#include "../Utils.h" // for TEST_AND_RETURN

namespace android {

bssl::UniquePtr<EVP_PKEY> makeKeyPairForSelfSignedCert() {
    bssl::UniquePtr<EC_KEY> ec_key(EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
    if (ec_key == nullptr || !EC_KEY_generate_key(ec_key.get())) {
        ALOGE("Failed to generate key pair.");
        return nullptr;
    }
    bssl::UniquePtr<EVP_PKEY> pkey(EVP_PKEY_new());
    // Use set1 instead of assign to avoid leaking ec_key when assign fails. set1 increments
    // the refcount of the ec_key, so it is okay to release it at the end of this function.
    if (pkey == nullptr || !EVP_PKEY_set1_EC_KEY(pkey.get(), ec_key.get())) {
        ALOGE("Failed to assign key pair.");
        return nullptr;
    }
    return pkey;
}

bssl::UniquePtr<X509> makeSelfSignedCert(EVP_PKEY* pkey, const uint32_t validSeconds) {
    bssl::UniquePtr<X509> x509(X509_new());
    bssl::UniquePtr<BIGNUM> serial(BN_new());
    bssl::UniquePtr<BIGNUM> serialLimit(BN_new());
    TEST_AND_RETURN(nullptr, BN_lshift(serialLimit.get(), BN_value_one(), 128));
    TEST_AND_RETURN(nullptr, BN_rand_range(serial.get(), serialLimit.get()));
    TEST_AND_RETURN(nullptr, BN_to_ASN1_INTEGER(serial.get(), X509_get_serialNumber(x509.get())));
    TEST_AND_RETURN(nullptr, X509_gmtime_adj(X509_getm_notBefore(x509.get()), 0));
    TEST_AND_RETURN(nullptr, X509_gmtime_adj(X509_getm_notAfter(x509.get()), validSeconds));

    X509_NAME* subject = X509_get_subject_name(x509.get());
    TEST_AND_RETURN(nullptr,
                    X509_NAME_add_entry_by_txt(subject, "O", MBSTRING_ASC,
                                               reinterpret_cast<const uint8_t*>("Android"), -1, -1,
                                               0));
    TEST_AND_RETURN(nullptr,
                    X509_NAME_add_entry_by_txt(subject, "CN", MBSTRING_ASC,
                                               reinterpret_cast<const uint8_t*>("BinderRPC"), -1,
                                               -1, 0));
    TEST_AND_RETURN(nullptr, X509_set_issuer_name(x509.get(), subject));

    TEST_AND_RETURN(nullptr, X509_set_pubkey(x509.get(), pkey));
    TEST_AND_RETURN(nullptr, X509_sign(x509.get(), pkey, EVP_sha256()));
    return x509;
}

status_t RpcAuthSelfSigned::configure(SSL_CTX* ctx) {
    auto pkey = makeKeyPairForSelfSignedCert();
    TEST_AND_RETURN(UNKNOWN_ERROR, pkey != nullptr);
    auto cert = makeSelfSignedCert(pkey.get(), mValidSeconds);
    TEST_AND_RETURN(UNKNOWN_ERROR, cert != nullptr);
    TEST_AND_RETURN(INVALID_OPERATION, SSL_CTX_use_PrivateKey(ctx, pkey.get()));
    TEST_AND_RETURN(INVALID_OPERATION, SSL_CTX_use_certificate(ctx, cert.get()));
    return OK;
}

status_t RpcAuthPreSigned::configure(SSL_CTX* ctx) {
    if (!SSL_CTX_use_PrivateKey(ctx, mPkey.get())) {
        return INVALID_OPERATION;
    }
    if (!SSL_CTX_use_certificate(ctx, mCert.get())) {
        return INVALID_OPERATION;
    }
    return OK;
}

status_t RpcCertificateVerifierSimple::verify(const SSL* ssl, uint8_t* outAlert) {
    const char* logPrefix = SSL_is_server(ssl) ? "Server" : "Client";
    bssl::UniquePtr<X509> peerCert(SSL_get_peer_certificate(ssl)); // Does not set error queue
    LOG_ALWAYS_FATAL_IF(peerCert == nullptr,
                        "%s: libssl should not ask to verify non-existing cert", logPrefix);

    std::lock_guard<std::mutex> lock(mMutex);
    for (const auto& trustedCert : mTrustedPeerCertificates) {
        if (0 == X509_cmp(trustedCert.get(), peerCert.get())) {
            return OK;
        }
    }
    *outAlert = SSL_AD_CERTIFICATE_UNKNOWN;
    return PERMISSION_DENIED;
}

status_t RpcCertificateVerifierSimple::addTrustedPeerCertificate(RpcCertificateFormat format,
                                                                 const std::vector<uint8_t>& cert) {
    bssl::UniquePtr<X509> x509 = deserializeCertificate(cert, format);
    if (x509 == nullptr) {
        ALOGE("Certificate is not in the proper format %s", PrintToString(format).c_str());
        return BAD_VALUE;
    }
    std::lock_guard<std::mutex> lock(mMutex);
    mTrustedPeerCertificates.push_back(std::move(x509));
    return OK;
}

} // namespace android