Loading services/core/java/com/android/server/signedconfig/SignatureVerifier.java +28 −9 Original line number Diff line number Diff line Loading @@ -43,13 +43,18 @@ public class SignatureVerifier { private static final String DEBUG_KEY = "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEaAn2XVifsLTHg616nTsOMVmlhBoECGbTEBTKKvdd2hO60" + "pj1pnU8SMkhYfaNxZuKgw9LNvOwlFwStboIYeZ3lQ=="; private static final String PROD_KEY = "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE+lky6wKyGL6lE1VrD0YTMHwb0Xwc+tzC8MvnrzVxodvTp" + "VY/jV7V+Zktcx+pry43XPABFRXtbhTo+qykhyBA1g=="; private final SignedConfigEvent mEvent; private final PublicKey mDebugKey; private final PublicKey mProdKey; public SignatureVerifier(SignedConfigEvent event) { mEvent = event; mDebugKey = createKey(DEBUG_KEY); mDebugKey = Build.IS_DEBUGGABLE ? createKey(DEBUG_KEY) : null; mProdKey = createKey(PROD_KEY); } private static PublicKey createKey(String base64) { Loading @@ -70,6 +75,14 @@ public class SignatureVerifier { } } private boolean verifyWithPublicKey(PublicKey key, byte[] data, byte[] signature) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException { Signature verifier = Signature.getInstance("SHA256withECDSA"); verifier.initVerify(key); verifier.update(data); return verifier.verify(signature); } /** * Verify a signature for signed config. * Loading @@ -93,10 +106,7 @@ public class SignatureVerifier { if (Build.IS_DEBUGGABLE) { if (mDebugKey != null) { if (DBG) Slog.w(TAG, "Trying to verify signature using debug key"); Signature verifier = Signature.getInstance("SHA256withECDSA"); verifier.initVerify(mDebugKey); verifier.update(data); if (verifier.verify(signature)) { if (verifyWithPublicKey(mDebugKey, data, signature)) { Slog.i(TAG, "Verified config using debug key"); mEvent.verifiedWith = StatsLog.SIGNED_CONFIG_REPORTED__VERIFIED_WITH__DEBUG; return true; Loading @@ -107,9 +117,18 @@ public class SignatureVerifier { Slog.w(TAG, "Debuggable build, but have no debug key"); } } // TODO verify production key. Slog.w(TAG, "NO PRODUCTION KEY YET, FAILING VERIFICATION"); if (mProdKey == null) { Slog.e(TAG, "No prod key; construction failed?"); return false; } if (verifyWithPublicKey(mProdKey, data, signature)) { Slog.i(TAG, "Verified config using production key"); mEvent.verifiedWith = StatsLog.SIGNED_CONFIG_REPORTED__VERIFIED_WITH__PRODUCTION; return true; } else { if (DBG) Slog.i(TAG, "Verification failed using production key"); mEvent.status = StatsLog.SIGNED_CONFIG_REPORTED__STATUS__SIGNATURE_CHECK_FAILED; return false; } } } tools/signedconfig/prod_public.pem 0 → 100644 +5 −0 Original line number Diff line number Diff line -----BEGIN PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE+lky6wKyGL6lE1VrD0YTMHwb0Xwc +tzC8MvnrzVxodvTpVY/jV7V+Zktcx+pry43XPABFRXtbhTo+qykhyBA1g== -----END PUBLIC KEY----- tools/signedconfig/verify_b64.sh +27 −1 Original line number Diff line number Diff line Loading @@ -7,4 +7,30 @@ # The arg values can be taken from the debug log for SignedConfigService when verbose logging is # enabled. openssl dgst -sha256 -verify $(dirname $0)/debug_public.pem -signature <(echo $2 | base64 -d) <(echo $1 | base64 -d) function verify() { D=${1} S=${2} K=${3} echo Trying ${K} openssl dgst -sha256 -verify $(dirname $0)/${K} -signature <(echo ${S} | base64 -d) <(echo ${D} | base64 -d) } PROD_KEY_NAME=prod_public.pem DEBUG_KEY_NAME=debug_public.pem SIGNATURE="$2" DATA="$1" echo DATA: ${DATA} echo SIGNATURE: ${SIGNATURE} if verify "${DATA}" "${SIGNATURE}" "${PROD_KEY_NAME}"; then echo Verified with ${PROD_KEY_NAME} exit 0 fi if verify "${DATA}" "${SIGNATURE}" "${DEBUG_KEY_NAME}"; then echo Verified with ${DEBUG_KEY_NAME} exit 0 fi exit 1 Loading
services/core/java/com/android/server/signedconfig/SignatureVerifier.java +28 −9 Original line number Diff line number Diff line Loading @@ -43,13 +43,18 @@ public class SignatureVerifier { private static final String DEBUG_KEY = "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEaAn2XVifsLTHg616nTsOMVmlhBoECGbTEBTKKvdd2hO60" + "pj1pnU8SMkhYfaNxZuKgw9LNvOwlFwStboIYeZ3lQ=="; private static final String PROD_KEY = "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE+lky6wKyGL6lE1VrD0YTMHwb0Xwc+tzC8MvnrzVxodvTp" + "VY/jV7V+Zktcx+pry43XPABFRXtbhTo+qykhyBA1g=="; private final SignedConfigEvent mEvent; private final PublicKey mDebugKey; private final PublicKey mProdKey; public SignatureVerifier(SignedConfigEvent event) { mEvent = event; mDebugKey = createKey(DEBUG_KEY); mDebugKey = Build.IS_DEBUGGABLE ? createKey(DEBUG_KEY) : null; mProdKey = createKey(PROD_KEY); } private static PublicKey createKey(String base64) { Loading @@ -70,6 +75,14 @@ public class SignatureVerifier { } } private boolean verifyWithPublicKey(PublicKey key, byte[] data, byte[] signature) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException { Signature verifier = Signature.getInstance("SHA256withECDSA"); verifier.initVerify(key); verifier.update(data); return verifier.verify(signature); } /** * Verify a signature for signed config. * Loading @@ -93,10 +106,7 @@ public class SignatureVerifier { if (Build.IS_DEBUGGABLE) { if (mDebugKey != null) { if (DBG) Slog.w(TAG, "Trying to verify signature using debug key"); Signature verifier = Signature.getInstance("SHA256withECDSA"); verifier.initVerify(mDebugKey); verifier.update(data); if (verifier.verify(signature)) { if (verifyWithPublicKey(mDebugKey, data, signature)) { Slog.i(TAG, "Verified config using debug key"); mEvent.verifiedWith = StatsLog.SIGNED_CONFIG_REPORTED__VERIFIED_WITH__DEBUG; return true; Loading @@ -107,9 +117,18 @@ public class SignatureVerifier { Slog.w(TAG, "Debuggable build, but have no debug key"); } } // TODO verify production key. Slog.w(TAG, "NO PRODUCTION KEY YET, FAILING VERIFICATION"); if (mProdKey == null) { Slog.e(TAG, "No prod key; construction failed?"); return false; } if (verifyWithPublicKey(mProdKey, data, signature)) { Slog.i(TAG, "Verified config using production key"); mEvent.verifiedWith = StatsLog.SIGNED_CONFIG_REPORTED__VERIFIED_WITH__PRODUCTION; return true; } else { if (DBG) Slog.i(TAG, "Verification failed using production key"); mEvent.status = StatsLog.SIGNED_CONFIG_REPORTED__STATUS__SIGNATURE_CHECK_FAILED; return false; } } }
tools/signedconfig/prod_public.pem 0 → 100644 +5 −0 Original line number Diff line number Diff line -----BEGIN PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE+lky6wKyGL6lE1VrD0YTMHwb0Xwc +tzC8MvnrzVxodvTpVY/jV7V+Zktcx+pry43XPABFRXtbhTo+qykhyBA1g== -----END PUBLIC KEY-----
tools/signedconfig/verify_b64.sh +27 −1 Original line number Diff line number Diff line Loading @@ -7,4 +7,30 @@ # The arg values can be taken from the debug log for SignedConfigService when verbose logging is # enabled. openssl dgst -sha256 -verify $(dirname $0)/debug_public.pem -signature <(echo $2 | base64 -d) <(echo $1 | base64 -d) function verify() { D=${1} S=${2} K=${3} echo Trying ${K} openssl dgst -sha256 -verify $(dirname $0)/${K} -signature <(echo ${S} | base64 -d) <(echo ${D} | base64 -d) } PROD_KEY_NAME=prod_public.pem DEBUG_KEY_NAME=debug_public.pem SIGNATURE="$2" DATA="$1" echo DATA: ${DATA} echo SIGNATURE: ${SIGNATURE} if verify "${DATA}" "${SIGNATURE}" "${PROD_KEY_NAME}"; then echo Verified with ${PROD_KEY_NAME} exit 0 fi if verify "${DATA}" "${SIGNATURE}" "${DEBUG_KEY_NAME}"; then echo Verified with ${DEBUG_KEY_NAME} exit 0 fi exit 1
