1 /* 2 * Copyright 2017 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #ifndef ATAP_UTIL_H_ 18 #define ATAP_UTIL_H_ 19 20 #ifdef __cplusplus 21 extern "C" { 22 #endif 23 24 #include "atap_ops.h" 25 #include "atap_sysdeps.h" 26 #include "atap_types.h" 27 28 #define ATAP_STRINGIFY(x) #x 29 #define ATAP_TO_STRING(x) ATAP_STRINGIFY(x) 30 31 #ifdef ATAP_ENABLE_DEBUG 32 /* Aborts the program if |expr| is false. 33 * 34 * This has no effect unless ATAP_ENABLE_DEBUG is defined. 35 */ 36 #define atap_assert(expr) \ 37 do { \ 38 if (!(expr)) { \ 39 atap_fatal("assert fail: " #expr "\n"); \ 40 } \ 41 } while (0) 42 #else 43 #define atap_assert(expr) 44 #endif 45 46 /* Aborts the program if reached. 47 * 48 * This has no effect unless ATAP_ENABLE_DEBUG is defined. 49 */ 50 #ifdef ATAP_ENABLE_DEBUG 51 #define atap_assert_not_reached() \ 52 do { \ 53 atap_fatal("assert_not_reached()\n"); \ 54 } while (0) 55 #else 56 #define atap_assert_not_reached() 57 #endif 58 59 /* Aborts the program if |addr| is not word-aligned. 60 * 61 * This has no effect unless ATAP_ENABLE_DEBUG is defined. 62 */ 63 #define atap_assert_aligned(addr) \ 64 atap_assert((((uintptr_t)addr) & (ATAP_ALIGNMENT_SIZE - 1)) == 0) 65 66 #ifdef ATAP_ENABLE_DEBUG 67 /* Print functions, used for diagnostics. 68 * 69 * These have no effect unless ATAP_ENABLE_DEBUG is defined. 70 */ 71 #define atap_debug(message) \ 72 do { \ 73 atap_printv(atap_basename(__FILE__), \ 74 ":", \ 75 ATAP_TO_STRING(__LINE__), \ 76 ": DEBUG: ", \ 77 message, \ 78 NULL); \ 79 } while (0) 80 #define atap_debugv(message, ...) \ 81 do { \ 82 atap_printv(atap_basename(__FILE__), \ 83 ":", \ 84 ATAP_TO_STRING(__LINE__), \ 85 ": DEBUG: ", \ 86 message, \ 87 ##__VA_ARGS__); \ 88 } while (0) 89 #else 90 #define atap_debug(message) 91 #define atap_debugv(message, ...) 92 #endif 93 94 /* Prints out a message. This is typically used if a runtime-error 95 * occurs. 96 */ 97 #define atap_error(message) \ 98 do { \ 99 atap_printv(atap_basename(__FILE__), \ 100 ":", \ 101 ATAP_TO_STRING(__LINE__), \ 102 ": ERROR: ", \ 103 message, \ 104 NULL); \ 105 } while (0) 106 #define atap_errorv(message, ...) \ 107 do { \ 108 atap_printv(atap_basename(__FILE__), \ 109 ":", \ 110 ATAP_TO_STRING(__LINE__), \ 111 ": ERROR: ", \ 112 message, \ 113 ##__VA_ARGS__); \ 114 } while (0) 115 116 /* Prints out a message and calls atap_abort(). 117 */ 118 #define atap_fatal(message) \ 119 do { \ 120 atap_printv(atap_basename(__FILE__), \ 121 ":", \ 122 ATAP_TO_STRING(__LINE__), \ 123 ": FATAL: ", \ 124 message, \ 125 NULL); \ 126 atap_abort(); \ 127 } while (0) 128 #define atap_fatalv(message, ...) \ 129 do { \ 130 atap_printv(atap_basename(__FILE__), \ 131 ":", \ 132 ATAP_TO_STRING(__LINE__), \ 133 ": FATAL: ", \ 134 message, \ 135 ##__VA_ARGS__); \ 136 atap_abort(); \ 137 } while (0) 138 139 /* Returns the basename of |str|. This is defined as the last path 140 * component, assuming the normal POSIX separator '/'. If there are no 141 * separators, returns |str|. 142 */ 143 const char* atap_basename(const char* str); 144 145 /* These write serialized structures to |buf|, and return 146 * |buf| + [number of bytes written]. 147 */ 148 uint8_t* append_to_buf(uint8_t* buf, const void* data, uint32_t data_size); 149 uint8_t* append_uint32_to_buf(uint8_t* buf, uint32_t x); 150 uint8_t* append_header_to_buf(uint8_t* buf, uint32_t message_length); 151 uint8_t* append_blob_to_buf(uint8_t* buf, const AtapBlob* blob); 152 uint8_t* append_cert_chain_to_buf(uint8_t* buf, 153 const AtapCertChain* cert_chain); 154 uint8_t* append_ca_request_to_buf(uint8_t* buf, 155 const AtapCaRequest* ca_request); 156 uint8_t* append_inner_ca_request_to_buf( 157 uint8_t* buf, const AtapInnerCaRequest* inner_ca_request); 158 159 /* These copy serialized data from |*buf_ptr| to the output structure, and 160 * increment |*buf_ptr| by [number of bytes copied]. Returns true on success, 161 * false when the serialized format is invalid. 162 */ 163 void copy_from_buf(uint8_t** buf_ptr, void* data, uint32_t data_size); 164 void copy_uint32_from_buf(uint8_t** buf_ptr, uint32_t* x); 165 bool copy_blob_from_buf(uint8_t** buf_ptr, AtapBlob* blob); 166 bool copy_cert_chain_from_buf(uint8_t** buf_ptr, AtapCertChain* cert_chain); 167 168 /* Returns the serialized size of structures. For AtapCaRequest and 169 * AtapInnerCaRequest, this includes the header. 170 */ 171 uint32_t blob_serialized_size(const AtapBlob* blob); 172 uint32_t cert_chain_serialized_size(const AtapCertChain* cert_chain); 173 uint32_t ca_request_serialized_size(const AtapCaRequest* ca_request); 174 uint32_t inner_ca_request_serialized_size( 175 const AtapInnerCaRequest* inner_ca_request); 176 177 /* Frees all data allocated for a structure. */ 178 void free_blob(AtapBlob blob); 179 void free_cert_chain(AtapCertChain cert_chain); 180 void free_inner_ca_request(AtapInnerCaRequest inner_ca_request); 181 void free_ca_request(AtapCaRequest ca_request); 182 183 /* These return true if the inputs are valid. For complicated message 184 * structures, each expected field is parsed and validated. 185 */ 186 bool validate_operation(AtapOperation operation); 187 bool validate_curve(AtapCurveType curve); 188 bool validate_encrypted_message(const uint8_t* buf, uint32_t buf_size); 189 bool validate_inner_ca_response(const uint8_t* buf, 190 uint32_t buf_size, 191 AtapOperation operation); 192 193 /* Derives the session key to |okm| using HKDF-SHA256 as the KDF. The input 194 * keying material (IKM) is |shared_secret|. The salt is the concatenation 195 * |ca_pubkey| + |device_pubkey|. |info| is "KEY" (without trailing NUL 196 * character) when deriving the encryption key, and "SIGN" when deriving the 197 * 16-byte nonce to be signed by the authentication key. 198 */ 199 AtapResult derive_session_key( 200 AtapOps* ops, 201 const uint8_t device_pubkey[ATAP_ECDH_KEY_LEN], 202 const uint8_t ca_pubkey[ATAP_ECDH_KEY_LEN], 203 const uint8_t shared_secret[ATAP_ECDH_SHARED_SECRET_LEN], 204 const char* info, 205 uint8_t* okm, 206 uint32_t okm_len); 207 208 #ifdef __cplusplus 209 } 210 #endif 211 212 #endif /* ATAP_UTIL_H_ */ 213