Merge "adb: split up adb_auth.cpp." am: 4a8b178c

# get enough of adb in here that we no longer need minadb. https://b/17626262

LIBADB_SRC_FILES := \

    adb.cpp \

    adb_auth.cpp \

    adb_io.cpp \

    adb_listeners.cpp \

    adb_trace.cpp \

LOCAL_CFLAGS := $(LIBADB_CFLAGS) -DADB_HOST=0

LOCAL_SRC_FILES := \

    $(LIBADB_SRC_FILES) \

    adb_auth_client.cpp \

    adbd_auth.cpp \

    jdwp_service.cpp \

    usb_linux_client.cpp \

        break;

    case A_AUTH:

        if (p->msg.arg0 == ADB_AUTH_TOKEN) {

        switch (p->msg.arg0) {

#if ADB_HOST

            case ADB_AUTH_TOKEN:

                t->connection_state = kCsUnauthorized;

                send_auth_response(p->data, p->msg.data_length, t);

        } else if (p->msg.arg0 == ADB_AUTH_SIGNATURE) {

            if (adb_auth_verify(t->token, sizeof(t->token), p->data, p->msg.data_length)) {

                adb_auth_verified(t);

                break;

#else

            case ADB_AUTH_SIGNATURE:

                if (adbd_auth_verify(t->token, sizeof(t->token), p->data, p->msg.data_length)) {

                    adbd_auth_verified(t);

                    t->failed_auth_attempts = 0;

                } else {

                    if (t->failed_auth_attempts++ > 256) adb_sleep_ms(1000);

                    send_auth_request(t);

                }

        } else if (p->msg.arg0 == ADB_AUTH_RSAPUBLICKEY) {

            adb_auth_confirm_key(p->data, p->msg.data_length, t);

                break;

            case ADB_AUTH_RSAPUBLICKEY:

                adbd_auth_confirm_key(p->data, p->msg.data_length, t);

                break;

#endif

            default:

                t->connection_state = kCsOffline;

                handle_offline(t);

                break;

        }

        break;

/*

 * Copyright (C) 2015 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

#define TRACE_TAG ADB

#include "adb.h"

#include "adb_auth.h"

#include "transport.h"

#include <errno.h>

#include <stdio.h>

#include <string.h>

#include <sys/types.h>

#include <unistd.h>

bool auth_required = true;

void send_auth_request(atransport *t)

{

    LOG(INFO) << "Calling send_auth_request...";

    if (!adb_auth_generate_token(t->token, sizeof(t->token))) {

        PLOG(ERROR) << "Error generating token";

        return;

    }

    apacket* p = get_apacket();

    memcpy(p->data, t->token, sizeof(t->token));

    p->msg.command = A_AUTH;

    p->msg.arg0 = ADB_AUTH_TOKEN;

    p->msg.data_length = sizeof(t->token);

    send_packet(p, t);

}

static void send_auth_publickey(atransport* t) {

    LOG(INFO) << "Calling send_auth_publickey";

    std::string key = adb_auth_get_userkey();

    if (key.empty()) {

        D("Failed to get user public key");

        return;

    }

    if (key.size() >= MAX_PAYLOAD_V1) {

        D("User public key too large (%zu B)", key.size());

        return;

    }

    apacket* p = get_apacket();

    memcpy(p->data, key.c_str(), key.size() + 1);

    p->msg.command = A_AUTH;

    p->msg.arg0 = ADB_AUTH_RSAPUBLICKEY;

    // adbd expects a null-terminated string.

    p->msg.data_length = key.size() + 1;

    send_packet(p, t);

}

void send_auth_response(uint8_t* token, size_t token_size, atransport* t) {

    std::shared_ptr<RSA> key = t->NextKey();

    if (key == nullptr) {

        // No more private keys to try, send the public key.

        send_auth_publickey(t);

        return;

    }

    LOG(INFO) << "Calling send_auth_response";

    apacket* p = get_apacket();

    int ret = adb_auth_sign(key.get(), token, token_size, p->data);

    if (!ret) {

        D("Error signing the token");

        put_apacket(p);

        return;

    }

    p->msg.command = A_AUTH;

    p->msg.arg0 = ADB_AUTH_SIGNATURE;

    p->msg.data_length = ret;

    send_packet(p, t);

}

void adb_auth_verified(atransport *t)

{

    handle_online(t);

    send_connect(t);

}

#include <openssl/rsa.h>

extern bool auth_required;

int adb_auth_keygen(const char* filename);

void adb_auth_verified(atransport *t);

void send_auth_request(atransport *t);

void send_auth_response(uint8_t *token, size_t token_size, atransport *t);

/* AUTH packets first argument */

/* Request */

#define ADB_AUTH_TOKEN         1

#if ADB_HOST

void adb_auth_init();

int adb_auth_keygen(const char* filename);

int adb_auth_sign(RSA* key, const unsigned char* token, size_t token_size, unsigned char* sig);

std::string adb_auth_get_userkey();

std::deque<std::shared_ptr<RSA>> adb_auth_get_private_keys();

static inline bool adb_auth_generate_token(void*, size_t) { abort(); }

static inline bool adb_auth_verify(void*, size_t, void*, int) { abort(); }

static inline void adb_auth_confirm_key(unsigned char*, size_t, atransport*) { abort(); }

void send_auth_response(uint8_t *token, size_t token_size, atransport *t);

#else // !ADB_HOST

static inline int adb_auth_sign(void*, const unsigned char*, size_t, unsigned char*) { abort(); }

static inline std::string adb_auth_get_userkey() { abort(); }

static inline std::deque<std::shared_ptr<RSA>> adb_auth_get_private_keys() { abort(); }

extern bool auth_required;

void adbd_auth_init(void);

void adbd_auth_verified(atransport *t);

void adbd_cloexec_auth_socket();

bool adb_auth_generate_token(void* token, size_t token_size);

bool adb_auth_verify(uint8_t* token, size_t token_size, uint8_t* sig, int sig_len);

void adb_auth_confirm_key(unsigned char *data, size_t len, atransport *t);

bool adbd_auth_verify(uint8_t* token, size_t token_size, uint8_t* sig, int sig_len);

void adbd_auth_confirm_key(unsigned char *data, size_t len, atransport *t);

void send_auth_request(atransport *t);

#endif // ADB_HOST

#include "adb_auth.h"

#include "adb_utils.h"

#include "sysdeps.h"

#include "transport.h"

static std::mutex& g_keys_mutex = *new std::mutex;

static std::map<std::string, std::shared_ptr<RSA>>& g_keys =

        read_keys(path.c_str());

    }

}

static void send_auth_publickey(atransport* t) {

    LOG(INFO) << "Calling send_auth_publickey";

    std::string key = adb_auth_get_userkey();

    if (key.empty()) {

        D("Failed to get user public key");

        return;

    }

    if (key.size() >= MAX_PAYLOAD_V1) {

        D("User public key too large (%zu B)", key.size());

        return;

    }

    apacket* p = get_apacket();

    memcpy(p->data, key.c_str(), key.size() + 1);

    p->msg.command = A_AUTH;

    p->msg.arg0 = ADB_AUTH_RSAPUBLICKEY;

    // adbd expects a null-terminated string.

    p->msg.data_length = key.size() + 1;

    send_packet(p, t);

}

void send_auth_response(uint8_t* token, size_t token_size, atransport* t) {

    std::shared_ptr<RSA> key = t->NextKey();

    if (key == nullptr) {

        // No more private keys to try, send the public key.

        send_auth_publickey(t);

        return;

    }

    LOG(INFO) << "Calling send_auth_response";

    apacket* p = get_apacket();

    int ret = adb_auth_sign(key.get(), token, token_size, p->data);

    if (!ret) {

        D("Error signing the token");

        put_apacket(p);

        return;

    }

    p->msg.command = A_AUTH;

    p->msg.arg0 = ADB_AUTH_SIGNATURE;

    p->msg.data_length = ret;

    send_packet(p, t);

}