Evolution-x/hardware_interfaces
1
0
Fork 0
mirror of https://github.com/Evolution-X/hardware_interfaces synced 2026-02-01 11:36:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix wrongly initialized test key.

Browse Source 
According to spec the test key has 32 bytes set to TextKeyBits::BYTE.
The VTS test and default implmementation only set the first 16 bytes and
left the remaining 16 bytes zero.

This bug fixes both, the VTS test and the default implementation.

Also some long overdue changes to how the auth token key is handled
by the generic operation.

Bug: 78456249
Test: VtsHalConfirmationUIV1_0TargetTest
Change-Id: I509f2c2a99704ee00625e6f6169479771a3bc17a
This commit is contained in:
Janis Danisevskis
2018-04-23 08:56:16 -07:00
parent 3c50fab048
commit fe584fb317
5 changed files with 36 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
confirmationui/1.0/default/PlatformSpecifics.cpp
View File

@@ -36,11 +36,11 @@ MonotonicClockTimeStamper::TimeStamp MonotonicClockTimeStamper::now() {
}
}
support::NullOr<support::array<uint8_t, 32>> HMacImplementation::hmac256(
const uint8_t key[32], std::initializer_list<support::ByteBufferProxy> buffers) {
support::NullOr<support::hmac_t> HMacImplementation::hmac256(
const support::auth_token_key_t& key, std::initializer_list<support::ByteBufferProxy> buffers) {
HMAC_CTX hmacCtx;
HMAC_CTX_init(&hmacCtx);
if (!HMAC_Init_ex(&hmacCtx, key, 32, EVP_sha256(), nullptr)) {
if (!HMAC_Init_ex(&hmacCtx, key.data(), key.size(), EVP_sha256(), nullptr)) {
return {};
}
for (auto& buffer : buffers) {
@@ -48,7 +48,7 @@ support::NullOr<support::array<uint8_t, 32>> HMacImplementation::hmac256(
return {};
}
}
support::array<uint8_t, 32> result;
support::hmac_t result;
if (!HMAC_Final(&hmacCtx, result.data(), nullptr)) {
return {};
}

5
confirmationui/1.0/default/PlatformSpecifics.h
View File

@@ -48,8 +48,9 @@ struct MonotonicClockTimeStamper {
class HMacImplementation {
public:
static support::NullOr<support::array<uint8_t, 32>> hmac256(
const uint8_t key[32], std::initializer_list<support::ByteBufferProxy> buffers);
static support::NullOr<support::hmac_t> hmac256(
const support::auth_token_key_t& key,
std::initializer_list<support::ByteBufferProxy> buffers);
};
class MyOperation : public generic::Operation<sp<IConfirmationResultCallback>,

23
confirmationui/1.0/vts/functional/VtsHalConfirmationUIV1_0TargetTest.cpp
View File

@@ -46,13 +46,16 @@ namespace V1_0 {
namespace test {
namespace {
const support::auth_token_key_t testKey(static_cast<uint8_t>(TestKeyBits::BYTE));
class HMacImplementation {
public:
static support::NullOr<support::array<uint8_t, 32>> hmac256(
const uint8_t key[32], std::initializer_list<support::ByteBufferProxy> buffers) {
static support::NullOr<support::hmac_t> hmac256(
const support::auth_token_key_t& key,
std::initializer_list<support::ByteBufferProxy> buffers) {
HMAC_CTX hmacCtx;
HMAC_CTX_init(&hmacCtx);
if (!HMAC_Init_ex(&hmacCtx, key, 32, EVP_sha256(), nullptr)) {
if (!HMAC_Init_ex(&hmacCtx, key.data(), key.size(), EVP_sha256(), nullptr)) {
return {};
}
for (auto& buffer : buffers) {
@@ -60,7 +63,7 @@ class HMacImplementation {
return {};
}
}
support::array<uint8_t, 32> result;
support::hmac_t result;
if (!HMAC_Final(&hmacCtx, result.data(), nullptr)) {
return {};
}
@@ -70,23 +73,15 @@ class HMacImplementation {
using HMacer = support::HMac<HMacImplementation>;
constexpr uint8_t testKeyByte = static_cast<uint8_t>(TestKeyBits::BYTE);
template <typename... Data>
hidl_vec<uint8_t> testHMAC(const Data&... data) {
constexpr uint8_t testKey[32] = {testKeyByte, testKeyByte, testKeyByte, testKeyByte,
testKeyByte, testKeyByte, testKeyByte, testKeyByte,
testKeyByte, testKeyByte, testKeyByte, testKeyByte,
testKeyByte, testKeyByte, testKeyByte, testKeyByte};
constexpr uint8_t hmac_size_bytes = sizeof testKey;
auto hmac = HMacer::hmac256(testKey, data...);
if (!hmac.isOk()) {
EXPECT_TRUE(false) << "Failed to compute test hmac. This is a self-test error.";
return {};
}
hidl_vec<uint8_t> result(hmac_size_bytes);
copy(hmac.value().data(), hmac.value().data() + hmac_size_bytes, result.data());
hidl_vec<uint8_t> result(hmac.value().size());
copy(hmac.value().data(), hmac.value().data() + hmac.value().size(), result.data());
return result;
}

17
confirmationui/support/include/android/hardware/confirmationui/1.0/generic/GenericOperation.h
View File

@@ -99,7 +99,8 @@ class Operation {
void setPending() { error_ = ResponseCode::OK; }
void setHmacKey(const uint8_t (&key)[32]) { hmacKey_ = {key}; }
void setHmacKey(const auth_token_key_t& key) { hmacKey_ = key; }
NullOr<auth_token_key_t> hmacKey() const { return hmacKey_; }
void abort() {
if (isPending()) {
@@ -112,7 +113,7 @@ class Operation {
if (isPending()) error_ = ResponseCode::Canceled;
}
void finalize(const uint8_t key[32]) {
void finalize(const auth_token_key_t& key) {
if (error_ == ResponseCode::Ignored) return;
resultCB_->result(error_, getMessage(), userConfirm(key));
error_ = ResponseCode::Ignored;
@@ -127,11 +128,7 @@ class Operation {
}
ResponseCode deliverSecureInputEvent(const HardwareAuthToken& secureInputToken) {
constexpr uint8_t testKeyByte = static_cast<uint8_t>(TestKeyBits::BYTE);
constexpr uint8_t testKey[32] = {testKeyByte, testKeyByte, testKeyByte, testKeyByte,
testKeyByte, testKeyByte, testKeyByte, testKeyByte,
testKeyByte, testKeyByte, testKeyByte, testKeyByte,
testKeyByte, testKeyByte, testKeyByte, testKeyByte};
const auth_token_key_t testKey(static_cast<uint8_t>(TestKeyBits::BYTE));
auto hmac = HMacer::hmac256(testKey, "\0", bytes_cast(secureInputToken.challenge),
bytes_cast(secureInputToken.userId),
@@ -171,7 +168,7 @@ class Operation {
result.setToExternal(formattedMessageBuffer_, formattedMessageLength_);
return result;
}
hidl_vec<uint8_t> userConfirm(const uint8_t key[32]) {
hidl_vec<uint8_t> userConfirm(const auth_token_key_t& key) {
if (error_ != ResponseCode::OK) return {};
confirmationTokenScratchpad_ = HMacer::hmac256(key, "confirmation token", getMessage());
if (!confirmationTokenScratchpad_.isOk()) {
@@ -188,10 +185,10 @@ class Operation {
uint8_t formattedMessageBuffer_[uint32_t(MessageSize::MAX)];
char promptStringBuffer_[uint32_t(MessageSize::MAX)];
size_t formattedMessageLength_ = 0;
NullOr<array<uint8_t, 32>> confirmationTokenScratchpad_;
NullOr<hmac_t> confirmationTokenScratchpad_;
Callback resultCB_;
typename TimeStamper::TimeStamp startTime_;
NullOr<array<uint8_t, 32>> hmacKey_;
NullOr<auth_token_key_t> hmacKey_;
};
} // namespace

15
confirmationui/support/include/android/hardware/confirmationui/support/confirmationui_utils.h
View File

@@ -81,17 +81,23 @@ class array {
public:
array() : data_{} {}
array(const T (&data)[elements]) { std::copy(data, data + elements, data_); }
explicit array(const T& v) { fill(v); }
T* data() { return data_; }
const T* data() const { return data_; }
constexpr size_t size() const { return elements; }
operator const array_type&() const { return data_; }
T* begin() { return data_; }
T* end() { return data_ + elements; }
const T* begin() const { return data_; }
const T* end() const { return data_ + elements; }
void fill(const T& v) {
for (size_t i = 0; i < elements; ++i) {
data_[i] = v;
}
}
private:
array_type data_;
};
@@ -157,6 +163,11 @@ class ByteBufferProxy {
size_t size_;
};
constexpr uint8_t auth_token_key_size = 32;
constexpr uint8_t hmac_size_bytes = support::auth_token_key_size;
using auth_token_key_t = array<uint8_t, auth_token_key_size>;
using hmac_t = auth_token_key_t;
/**
* Implementer are expected to provide an implementation with the following prototype:
* static NullOr<array<uint8_t, 32>> hmac256(const uint8_t key[32],
@@ -166,7 +177,7 @@ template <typename Impl>
class HMac {
public:
template <typename... Data>
static NullOr<array<uint8_t, 32>> hmac256(const uint8_t key[32], const Data&... data) {
static NullOr<hmac_t> hmac256(const auth_token_key_t& key, const Data&... data) {
return Impl::hmac256(key, {data...});
}
};