Home | History | Annotate | Download | only in libatap 
      1 /*
      2  * Copyright 2017 The Android Open Source Project
      3  *
      4  * Licensed under the Apache License, Version 2.0 (the "License");
      5  * you may not use this file except in compliance with the License.
      6  * You may obtain a copy of the License at
      7  *
      8  *      http://www.apache.org/licenses/LICENSE-2.0
      9  *
     10  * Unless required by applicable law or agreed to in writing, software
     11  * distributed under the License is distributed on an "AS IS" BASIS,
     12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     13  * See the License for the specific language governing permissions and
     14  * limitations under the License.
     15  */
     16 
     17 #ifndef ATAP_UTIL_H_
     18 #define ATAP_UTIL_H_
     19 
     20 #ifdef __cplusplus
     21 extern "C" {
     22 #endif
     23 
     24 #include "atap_ops.h"
     25 #include "atap_sysdeps.h"
     26 #include "atap_types.h"
     27 
     28 #define ATAP_STRINGIFY(x) #x
     29 #define ATAP_TO_STRING(x) ATAP_STRINGIFY(x)
     30 
     31 #ifdef ATAP_ENABLE_DEBUG
     32 /* Aborts the program if |expr| is false.
     33  *
     34  * This has no effect unless ATAP_ENABLE_DEBUG is defined.
     35  */
     36 #define atap_assert(expr)                     \
     37   do {                                        \
     38     if (!(expr)) {                            \
     39       atap_fatal("assert fail: " #expr "\n"); \
     40     }                                         \
     41   } while (0)
     42 #else
     43 #define atap_assert(expr)
     44 #endif
     45 
     46 /* Aborts the program if reached.
     47  *
     48  * This has no effect unless ATAP_ENABLE_DEBUG is defined.
     49  */
     50 #ifdef ATAP_ENABLE_DEBUG
     51 #define atap_assert_not_reached()         \
     52   do {                                    \
     53     atap_fatal("assert_not_reached()\n"); \
     54   } while (0)
     55 #else
     56 #define atap_assert_not_reached()
     57 #endif
     58 
     59 /* Aborts the program if |addr| is not word-aligned.
     60  *
     61  * This has no effect unless ATAP_ENABLE_DEBUG is defined.
     62  */
     63 #define atap_assert_aligned(addr) \
     64   atap_assert((((uintptr_t)addr) & (ATAP_ALIGNMENT_SIZE - 1)) == 0)
     65 
     66 #ifdef ATAP_ENABLE_DEBUG
     67 /* Print functions, used for diagnostics.
     68  *
     69  * These have no effect unless ATAP_ENABLE_DEBUG is defined.
     70  */
     71 #define atap_debug(message)               \
     72   do {                                    \
     73     atap_printv(atap_basename(__FILE__),  \
     74                 ":",                      \
     75                 ATAP_TO_STRING(__LINE__), \
     76                 ": DEBUG: ",              \
     77                 message,                  \
     78                 NULL);                    \
     79   } while (0)
     80 #define atap_debugv(message, ...)         \
     81   do {                                    \
     82     atap_printv(atap_basename(__FILE__),  \
     83                 ":",                      \
     84                 ATAP_TO_STRING(__LINE__), \
     85                 ": DEBUG: ",              \
     86                 message,                  \
     87                 ##__VA_ARGS__);           \
     88   } while (0)
     89 #else
     90 #define atap_debug(message)
     91 #define atap_debugv(message, ...)
     92 #endif
     93 
     94 /* Prints out a message. This is typically used if a runtime-error
     95  * occurs.
     96  */
     97 #define atap_error(message)               \
     98   do {                                    \
     99     atap_printv(atap_basename(__FILE__),  \
    100                 ":",                      \
    101                 ATAP_TO_STRING(__LINE__), \
    102                 ": ERROR: ",              \
    103                 message,                  \
    104                 NULL);                    \
    105   } while (0)
    106 #define atap_errorv(message, ...)         \
    107   do {                                    \
    108     atap_printv(atap_basename(__FILE__),  \
    109                 ":",                      \
    110                 ATAP_TO_STRING(__LINE__), \
    111                 ": ERROR: ",              \
    112                 message,                  \
    113                 ##__VA_ARGS__);           \
    114   } while (0)
    115 
    116 /* Prints out a message and calls atap_abort().
    117  */
    118 #define atap_fatal(message)               \
    119   do {                                    \
    120     atap_printv(atap_basename(__FILE__),  \
    121                 ":",                      \
    122                 ATAP_TO_STRING(__LINE__), \
    123                 ": FATAL: ",              \
    124                 message,                  \
    125                 NULL);                    \
    126     atap_abort();                         \
    127   } while (0)
    128 #define atap_fatalv(message, ...)         \
    129   do {                                    \
    130     atap_printv(atap_basename(__FILE__),  \
    131                 ":",                      \
    132                 ATAP_TO_STRING(__LINE__), \
    133                 ": FATAL: ",              \
    134                 message,                  \
    135                 ##__VA_ARGS__);           \
    136     atap_abort();                         \
    137   } while (0)
    138 
    139 /* Returns the basename of |str|. This is defined as the last path
    140  * component, assuming the normal POSIX separator '/'. If there are no
    141  * separators, returns |str|.
    142  */
    143 const char* atap_basename(const char* str);
    144 
    145 /* These write serialized structures to |buf|, and return
    146  * |buf| + [number of bytes written].
    147  */
    148 uint8_t* append_to_buf(uint8_t* buf, const void* data, uint32_t data_size);
    149 uint8_t* append_uint32_to_buf(uint8_t* buf, uint32_t x);
    150 uint8_t* append_header_to_buf(uint8_t* buf, uint32_t message_length);
    151 uint8_t* append_blob_to_buf(uint8_t* buf, const AtapBlob* blob);
    152 uint8_t* append_cert_chain_to_buf(uint8_t* buf,
    153                                   const AtapCertChain* cert_chain);
    154 uint8_t* append_ca_request_to_buf(uint8_t* buf,
    155                                   const AtapCaRequest* ca_request);
    156 uint8_t* append_inner_ca_request_to_buf(
    157     uint8_t* buf, const AtapInnerCaRequest* inner_ca_request);
    158 
    159 /* These copy serialized data from |*buf_ptr| to the output structure, and
    160  * increment |*buf_ptr| by [number of bytes copied]. Returns true on success,
    161  * false when the serialized format is invalid.
    162  */
    163 void copy_from_buf(uint8_t** buf_ptr, void* data, uint32_t data_size);
    164 void copy_uint32_from_buf(uint8_t** buf_ptr, uint32_t* x);
    165 bool copy_blob_from_buf(uint8_t** buf_ptr, AtapBlob* blob);
    166 bool copy_cert_chain_from_buf(uint8_t** buf_ptr, AtapCertChain* cert_chain);
    167 
    168 /* Returns the serialized size of structures. For AtapCaRequest and
    169  * AtapInnerCaRequest, this includes the header.
    170  */
    171 uint32_t blob_serialized_size(const AtapBlob* blob);
    172 uint32_t cert_chain_serialized_size(const AtapCertChain* cert_chain);
    173 uint32_t ca_request_serialized_size(const AtapCaRequest* ca_request);
    174 uint32_t inner_ca_request_serialized_size(
    175     const AtapInnerCaRequest* inner_ca_request);
    176 
    177 /* Frees all data allocated for a structure. */
    178 void free_blob(AtapBlob blob);
    179 void free_cert_chain(AtapCertChain cert_chain);
    180 void free_inner_ca_request(AtapInnerCaRequest inner_ca_request);
    181 void free_ca_request(AtapCaRequest ca_request);
    182 
    183 /* These return true if the inputs are valid. For complicated message
    184  * structures, each expected field is parsed and validated.
    185  */
    186 bool validate_operation(AtapOperation operation);
    187 bool validate_curve(AtapCurveType curve);
    188 bool validate_encrypted_message(const uint8_t* buf, uint32_t buf_size);
    189 bool validate_inner_ca_response(const uint8_t* buf,
    190                                 uint32_t buf_size,
    191                                 AtapOperation operation);
    192 
    193 /* Derives the session key to |okm| using HKDF-SHA256 as the KDF. The input
    194  * keying material (IKM) is |shared_secret|. The salt is the concatenation
    195  * |ca_pubkey| + |device_pubkey|. |info| is "KEY" (without trailing NUL
    196  * character) when deriving the encryption key, and "SIGN" when deriving the
    197  * 16-byte nonce to be signed by the authentication key.
    198  */
    199 AtapResult derive_session_key(
    200     AtapOps* ops,
    201     const uint8_t device_pubkey[ATAP_ECDH_KEY_LEN],
    202     const uint8_t ca_pubkey[ATAP_ECDH_KEY_LEN],
    203     const uint8_t shared_secret[ATAP_ECDH_SHARED_SECRET_LEN],
    204     const char* info,
    205     uint8_t* okm,
    206     uint32_t okm_len);
    207 
    208 #ifdef __cplusplus
    209 }
    210 #endif
    211 
    212 #endif /* ATAP_UTIL_H_ */
    213