1From d0409619b496f4f864ecd6471264ad2173caa5a7 Mon Sep 17 00:00:00 2001 2From: Ziyuan Xu <xzy.xu@rock-chips.com> 3Date: Thu, 4 Jun 2020 17:52:40 +0800 4Subject: [PATCH 19/20] adbd: Support rsa key authentication 5 6The auth key is /etc/adbkey.pub as default that should match with 7~/.android/adbkey.pub on PC. 8 9Signed-off-by: Ziyuan Xu <xzy.xu@rock-chips.com> 10Signed-off-by: Jeffy Chen <jeffy.chen@rock-chips.com> 11--- 12 core/adbd/adb.c | 6 ++++-- 13 core/adbd/adb_auth.h | 2 +- 14 core/adbd/adb_auth_client.c | 43 ++++++++++++++----------------------- 15 3 files changed, 21 insertions(+), 30 deletions(-) 16 17diff --git a/core/adbd/adb.c b/core/adbd/adb.c 18index 32173f2..37d230c 100644 19--- a/core/adbd/adb.c 20+++ b/core/adbd/adb.c 21@@ -559,7 +559,9 @@ void handle_packet(apacket *p, atransport *t) 22 send_auth_request(t); 23 } 24 } else if (p->msg.arg0 == ADB_AUTH_RSAPUBLICKEY) { 25- adb_auth_confirm_key(p->data, p->msg.data_length, t); 26+ if (adb_auth_confirm_key(p->data)) { 27+ adb_auth_verified(t); 28+ } 29 } 30 break; 31 32@@ -1231,7 +1233,7 @@ int adb_main(int is_daemon, int server_port) 33 } 34 #else 35 //property_get("ro.adb.secure", value, "0"); 36- auth_enabled = 0;//!strcmp(value, "1"); 37+ auth_enabled = !!getenv("ADBD_RSA_KEY_FILE"); 38 if (auth_enabled) 39 adb_auth_init(); 40 41diff --git a/core/adbd/adb_auth.h b/core/adbd/adb_auth.h 42index 1fffa49..c788838 100644 43--- a/core/adbd/adb_auth.h 44+++ b/core/adbd/adb_auth.h 45@@ -46,7 +46,7 @@ static inline int adb_auth_get_userkey(unsigned char *data, size_t len) { return 46 47 int adb_auth_generate_token(void *token, size_t token_size); 48 int adb_auth_verify(void *token, void *sig, int siglen); 49-void adb_auth_confirm_key(unsigned char *data, size_t len, atransport *t); 50+bool adb_auth_confirm_key(unsigned char *data); 51 void adb_auth_reload_keys(void); 52 53 #endif // ADB_HOST 54diff --git a/core/adbd/adb_auth_client.c b/core/adbd/adb_auth_client.c 55index 068d837..34a19dc 100644 56--- a/core/adbd/adb_auth_client.c 57+++ b/core/adbd/adb_auth_client.c 58@@ -172,36 +172,25 @@ static void adb_auth_event(int fd, unsigned events, void *data) 59 } 60 } 61 62-void adb_auth_confirm_key(unsigned char *key, size_t len, atransport *t) 63+bool adb_auth_confirm_key(unsigned char *key) 64 { 65- char msg[MAX_PAYLOAD]; 66- int ret; 67- 68- if (framework_fd < 0) { 69- D("Client not connected\n"); 70- return; 71+ char *auth_key_file = getenv("ADBD_RSA_KEY_FILE") ?: "/etc/adbkey.pub"; 72+ char msg[MAX_PAYLOAD] = {0}; 73+ if(-1 == snprintf(msg,sizeof(msg),"%s",key)){ 74+ D("Could not read pc pub msg"); 75+ return false; 76 } 77- 78- if (key[len - 1] != '\0') { 79- D("Key must be a null-terminated string\n"); 80- return; 81+ char buff[MAX_PAYLOAD] = {0}; 82+ FILE *fp = NULL; 83+ fp = fopen(auth_key_file, "r"); 84+ if (NULL == fp) { 85+ D("Could not read pub\n"); 86+ fclose(fp); 87+ return false; 88 } 89- 90- ret = snprintf(msg, sizeof(msg), "PK%s", key); 91- if (ret >= (signed)sizeof(msg)) { 92- D("Key too long. ret=%d", ret); 93- return; 94- } 95- D("Sending '%s'\n", msg); 96- 97- ret = unix_write(framework_fd, msg, ret); 98- if (ret < 0) { 99- D("Failed to write PK, errno=%d\n", errno); 100- return; 101- } 102- 103- fdevent_install(&t->auth_fde, framework_fd, adb_auth_event, t); 104- fdevent_add(&t->auth_fde, FDE_READ); 105+ fgets(buff,MAX_PAYLOAD,fp); 106+ fclose(fp); 107+ return strcmp(msg,buff) ? false : true; 108 } 109 110 static void adb_auth_listener(int fd, unsigned events, void *data) 111-- 1122.20.1 113 114