/* * Copyright (C) 2021 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #define LOG_TAG "RpcTlsTestUtils" #include #include #include #include "../Utils.h" // for TEST_AND_RETURN namespace android { bssl::UniquePtr makeKeyPairForSelfSignedCert() { bssl::UniquePtr ec_key(EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); if (ec_key == nullptr || !EC_KEY_generate_key(ec_key.get())) { ALOGE("Failed to generate key pair."); return nullptr; } bssl::UniquePtr pkey(EVP_PKEY_new()); // Use set1 instead of assign to avoid leaking ec_key when assign fails. set1 increments // the refcount of the ec_key, so it is okay to release it at the end of this function. if (pkey == nullptr || !EVP_PKEY_set1_EC_KEY(pkey.get(), ec_key.get())) { ALOGE("Failed to assign key pair."); return nullptr; } return pkey; } bssl::UniquePtr makeSelfSignedCert(EVP_PKEY* pkey, const uint32_t validSeconds) { bssl::UniquePtr x509(X509_new()); bssl::UniquePtr serial(BN_new()); bssl::UniquePtr serialLimit(BN_new()); TEST_AND_RETURN(nullptr, BN_lshift(serialLimit.get(), BN_value_one(), 128)); TEST_AND_RETURN(nullptr, BN_rand_range(serial.get(), serialLimit.get())); TEST_AND_RETURN(nullptr, BN_to_ASN1_INTEGER(serial.get(), X509_get_serialNumber(x509.get()))); TEST_AND_RETURN(nullptr, X509_gmtime_adj(X509_getm_notBefore(x509.get()), 0)); TEST_AND_RETURN(nullptr, X509_gmtime_adj(X509_getm_notAfter(x509.get()), validSeconds)); X509_NAME* subject = X509_get_subject_name(x509.get()); TEST_AND_RETURN(nullptr, X509_NAME_add_entry_by_txt(subject, "O", MBSTRING_ASC, reinterpret_cast("Android"), -1, -1, 0)); TEST_AND_RETURN(nullptr, X509_NAME_add_entry_by_txt(subject, "CN", MBSTRING_ASC, reinterpret_cast("BinderRPC"), -1, -1, 0)); TEST_AND_RETURN(nullptr, X509_set_issuer_name(x509.get(), subject)); TEST_AND_RETURN(nullptr, X509_set_pubkey(x509.get(), pkey)); TEST_AND_RETURN(nullptr, X509_sign(x509.get(), pkey, EVP_sha256())); return x509; } status_t RpcAuthSelfSigned::configure(SSL_CTX* ctx) { auto pkey = makeKeyPairForSelfSignedCert(); TEST_AND_RETURN(UNKNOWN_ERROR, pkey != nullptr); auto cert = makeSelfSignedCert(pkey.get(), mValidSeconds); TEST_AND_RETURN(UNKNOWN_ERROR, cert != nullptr); TEST_AND_RETURN(INVALID_OPERATION, SSL_CTX_use_PrivateKey(ctx, pkey.get())); TEST_AND_RETURN(INVALID_OPERATION, SSL_CTX_use_certificate(ctx, cert.get())); return OK; } status_t RpcAuthPreSigned::configure(SSL_CTX* ctx) { if (!SSL_CTX_use_PrivateKey(ctx, mPkey.get())) { return INVALID_OPERATION; } if (!SSL_CTX_use_certificate(ctx, mCert.get())) { return INVALID_OPERATION; } return OK; } status_t RpcCertificateVerifierSimple::verify(const SSL* ssl, uint8_t* outAlert) { const char* logPrefix = SSL_is_server(ssl) ? "Server" : "Client"; bssl::UniquePtr peerCert(SSL_get_peer_certificate(ssl)); // Does not set error queue LOG_ALWAYS_FATAL_IF(peerCert == nullptr, "%s: libssl should not ask to verify non-existing cert", logPrefix); std::lock_guard lock(mMutex); for (const auto& trustedCert : mTrustedPeerCertificates) { if (0 == X509_cmp(trustedCert.get(), peerCert.get())) { return OK; } } *outAlert = SSL_AD_CERTIFICATE_UNKNOWN; return PERMISSION_DENIED; } status_t RpcCertificateVerifierSimple::addTrustedPeerCertificate(RpcCertificateFormat format, const std::vector& cert) { bssl::UniquePtr x509 = deserializeCertificate(cert, format); if (x509 == nullptr) { ALOGE("Certificate is not in the proper format %s", PrintToString(format).c_str()); return BAD_VALUE; } std::lock_guard lock(mMutex); mTrustedPeerCertificates.push_back(std::move(x509)); return OK; } } // namespace android