Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 83dee8e4 authored by Benoit Goby's avatar Benoit Goby Committed by Android (Google) Code Review
Browse files

Merge "adb: Read secure adb keys on every auth request"

parents 078ca5e3 345cb066

adb/adb_auth.h

+0 −2
Original line number Diff line number Diff line
@@ -36,7 +36,6 @@ int adb_auth_get_userkey(unsigned char *data, size_t len); 
static inline int adb_auth_generate_token(void *token, size_t token_size) { return 0; }

static inline int adb_auth_verify(void *token, void *sig, int siglen) { return 0; }

static inline void adb_auth_confirm_key(unsigned char *data, size_t len, atransport *t) { }

static inline void adb_auth_reload_keys(void) { }



#else // !ADB_HOST
@@ -47,7 +46,6 @@ static inline int adb_auth_get_userkey(unsigned char *data, size_t len) { return 
int adb_auth_generate_token(void *token, size_t token_size);

int adb_auth_verify(void *token, void *sig, int siglen);

void adb_auth_confirm_key(unsigned char *data, size_t len, atransport *t);

void adb_auth_reload_keys(void);



#endif // ADB_HOST

adb/adb_auth_client.c

+11 −12
Original line number Diff line number Diff line
@@ -34,8 +34,6 @@ struct adb_public_key { 
    RSAPublicKey key;

};



static struct listnode key_list;



static char *key_paths[] = {

    "/adb_keys",

    "/data/misc/adb/adb_keys",
@@ -102,18 +100,18 @@ static void free_keys(struct listnode *list) 
    }

}



void adb_auth_reload_keys(void)

static void load_keys(struct listnode *list)

{

    char *path;

    char **paths = key_paths;

    struct stat buf;



    free_keys(&key_list);

    list_init(list);



    while ((path = *paths++)) {

        if (!stat(path, &buf)) {

            D("Loading keys from '%s'\n", path);

            read_keys(path, &key_list);

            read_keys(path, list);

        }

    }

}
@@ -137,19 +135,24 @@ int adb_auth_verify(void *token, void *sig, int siglen) 
{

    struct listnode *item;

    struct adb_public_key *key;

    int ret;

    struct listnode key_list;

    int ret = 0;



    if (siglen != RSANUMBYTES)

        return 0;



    load_keys(&key_list);



    list_for_each(item, &key_list) {

        key = node_to_item(item, struct adb_public_key, node);

        ret = RSA_verify(&key->key, sig, siglen, token);

        if (ret)

            return 1;

            break;

    }



    return 0;

    free_keys(&key_list);



    return ret;

}



static void adb_auth_event(int fd, unsigned events, void *data)
@@ -166,7 +169,6 @@ static void adb_auth_event(int fd, unsigned events, void *data) 
            framework_fd = -1;

        }

        else if (ret == 2 && response[0] == 'O' && response[1] == 'K') {

            adb_auth_reload_keys();

            adb_auth_verified(t);

        }

    }
@@ -225,9 +227,6 @@ void adb_auth_init(void) 
{

    int fd, ret;



    list_init(&key_list);

    adb_auth_reload_keys();



    fd = android_get_control_socket("adbd");

    if (fd < 0) {

        D("Failed to get adbd socket\n");