1 /*
2 * Copyright (C) 2020 The Android Open Source Project
3 *
4 * Permission is hereby granted, free of charge, to any person
5 * obtaining a copy of this software and associated documentation
6 * files (the "Software"), to deal in the Software without
7 * restriction, including without limitation the rights to use, copy,
8 * modify, merge, publish, distribute, sublicense, and/or sell copies
9 * of the Software, and to permit persons to whom the Software is
10 * furnished to do so, subject to the following conditions:
11 *
12 * The above copyright notice and this permission notice shall be
13 * included in all copies or substantial portions of the Software.
14 *
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
17 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
19 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
20 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
21 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22 * SOFTWARE.
23 */
24
25 #include <libavb/avb_crypto.h>
26 #include <libavb/avb_rsa.h>
27 #include <libavb/avb_sha.h>
28 #include <libavb/avb_util.h>
29
30 #include "avb_aftl_types.h"
31 #include "avb_aftl_util.h"
32 #include "avb_aftl_validate.h"
33
34 /* Performs a SHA256 hash operation on data. */
avb_aftl_sha256(uint8_t * data,uint64_t length,uint8_t hash[AVB_AFTL_HASH_SIZE])35 bool avb_aftl_sha256(uint8_t* data,
36 uint64_t length,
37 uint8_t hash[AVB_AFTL_HASH_SIZE]) {
38 AvbSHA256Ctx context;
39 uint8_t* tmp;
40
41 if ((data == NULL) && (length != 0)) return false;
42
43 avb_sha256_init(&context);
44 avb_sha256_update(&context, data, length);
45 tmp = avb_sha256_final(&context);
46 avb_memcpy(hash, tmp, AVB_AFTL_HASH_SIZE);
47 return true;
48 }
49
50 /* Computes a leaf hash as detailed by https://tools.ietf.org/html/rfc6962. */
avb_aftl_rfc6962_hash_leaf(uint8_t * leaf,uint64_t leaf_size,uint8_t * hash)51 bool avb_aftl_rfc6962_hash_leaf(uint8_t* leaf,
52 uint64_t leaf_size,
53 uint8_t* hash) {
54 uint8_t* buffer;
55 bool retval;
56
57 avb_assert(leaf != NULL && hash != NULL);
58 avb_assert(leaf_size != AVB_AFTL_UINT64_MAX);
59
60 buffer = (uint8_t*)avb_malloc(leaf_size + 1);
61
62 if (buffer == NULL) {
63 avb_error("Allocation failure in avb_aftl_rfc6962_hash_leaf.\n");
64 return false;
65 }
66 /* Prefix the data with a '0' for 2nd preimage attack resistance. */
67 buffer[0] = 0;
68
69 if (leaf_size > 0) avb_memcpy(buffer + 1, leaf, leaf_size);
70
71 retval = avb_aftl_sha256(buffer, leaf_size + 1, hash);
72 avb_free(buffer);
73 return retval;
74 }
75
76 /* Computes an inner hash as detailed by https://tools.ietf.org/html/rfc6962. */
avb_aftl_rfc6962_hash_children(uint8_t * left_child,uint64_t left_child_size,uint8_t * right_child,uint64_t right_child_size,uint8_t * hash)77 bool avb_aftl_rfc6962_hash_children(uint8_t* left_child,
78 uint64_t left_child_size,
79 uint8_t* right_child,
80 uint64_t right_child_size,
81 uint8_t* hash) {
82 uint8_t* buffer;
83 uint64_t data_size;
84 bool retval;
85
86 avb_assert(left_child != NULL && right_child != NULL && hash != NULL);
87
88 /* Check for integer overflow. */
89 avb_assert(left_child_size < AVB_AFTL_UINT64_MAX - right_child_size);
90
91 data_size = left_child_size + right_child_size + 1;
92 buffer = (uint8_t*)avb_malloc(data_size);
93 if (buffer == NULL) {
94 avb_error("Allocation failure in avb_aftl_rfc6962_hash_children.\n");
95 return false;
96 }
97
98 /* Prefix the data with '1' for 2nd preimage attack resistance. */
99 buffer[0] = 1;
100
101 /* Copy the left child data, if it exists. */
102 if (left_child_size > 0) avb_memcpy(buffer + 1, left_child, left_child_size);
103 /* Copy the right child data, if it exists. */
104 if (right_child_size > 0)
105 avb_memcpy(buffer + 1 + left_child_size, right_child, right_child_size);
106
107 /* Hash the concatenated data and clean up. */
108 retval = avb_aftl_sha256(buffer, data_size, hash);
109 avb_free(buffer);
110 return retval;
111 }
112
113 /* Computes a subtree hash along tree's right border. */
avb_aftl_chain_border_right(uint8_t * seed,uint64_t seed_size,uint8_t * proof,uint32_t proof_entry_count,uint8_t * hash)114 bool avb_aftl_chain_border_right(uint8_t* seed,
115 uint64_t seed_size,
116 uint8_t* proof,
117 uint32_t proof_entry_count,
118 uint8_t* hash) {
119 size_t i;
120 uint8_t* tmp_hash;
121 uint8_t* tmp = seed;
122 bool retval = true;
123
124 avb_assert(seed_size == AVB_AFTL_HASH_SIZE);
125 avb_assert(seed != NULL && proof != NULL && hash != NULL);
126
127 tmp_hash = (uint8_t*)avb_malloc(AVB_AFTL_HASH_SIZE);
128 if (tmp_hash == NULL) {
129 avb_error("Allocation failure in avb_aftl_chain_border_right.\n");
130 return false;
131 }
132 for (i = 0; i < proof_entry_count; i++) {
133 retval = avb_aftl_rfc6962_hash_children(proof + (i * AVB_AFTL_HASH_SIZE),
134 AVB_AFTL_HASH_SIZE,
135 tmp,
136 AVB_AFTL_HASH_SIZE,
137 tmp_hash);
138 if (!retval) {
139 avb_error("Failed to hash Merkle tree children.\n");
140 break;
141 }
142 tmp = tmp_hash;
143 }
144
145 if (retval) avb_memcpy(hash, tmp, AVB_AFTL_HASH_SIZE);
146
147 avb_free(tmp_hash);
148 return retval;
149 }
150
151 /* Computes a subtree hash on or below the tree's right border. */
avb_aftl_chain_inner(uint8_t * seed,uint64_t seed_size,uint8_t * proof,uint32_t proof_entry_count,uint64_t leaf_index,uint8_t * hash)152 bool avb_aftl_chain_inner(uint8_t* seed,
153 uint64_t seed_size,
154 uint8_t* proof,
155 uint32_t proof_entry_count,
156 uint64_t leaf_index,
157 uint8_t* hash) {
158 size_t i;
159 uint8_t* tmp_hash;
160 uint8_t* tmp = seed;
161 bool retval = true;
162
163 avb_assert(seed_size == AVB_AFTL_HASH_SIZE);
164 avb_assert(seed != NULL && proof != NULL && hash != NULL);
165
166 tmp_hash = (uint8_t*)avb_malloc(AVB_AFTL_HASH_SIZE);
167 if (tmp_hash == NULL) {
168 avb_error("Allocation failure in avb_aftl_chain_inner.\n");
169 return false;
170 }
171 for (i = 0; i < proof_entry_count; i++) {
172 if ((leaf_index >> i & 1) == 0) {
173 retval = avb_aftl_rfc6962_hash_children(tmp,
174 seed_size,
175 proof + (i * AVB_AFTL_HASH_SIZE),
176 AVB_AFTL_HASH_SIZE,
177 tmp_hash);
178 } else {
179 retval = avb_aftl_rfc6962_hash_children(proof + (i * AVB_AFTL_HASH_SIZE),
180 AVB_AFTL_HASH_SIZE,
181 tmp,
182 seed_size,
183 tmp_hash);
184 }
185 if (!retval) {
186 avb_error("Failed to hash Merkle tree children.\n");
187 break;
188 }
189 tmp = tmp_hash;
190 }
191 if (retval) avb_memcpy(hash, tmp, AVB_AFTL_HASH_SIZE);
192 avb_free(tmp_hash);
193 return retval;
194 }
195
196 /* Counts leading zeros. Used in Merkle tree hash validation .*/
avb_aftl_count_leading_zeros(uint64_t val)197 unsigned int avb_aftl_count_leading_zeros(uint64_t val) {
198 int r = 0;
199 if (val == 0) return 64;
200 if (!(val & 0xffffffff00000000u)) {
201 val <<= 32;
202 r += 32;
203 }
204 if (!(val & 0xffff000000000000u)) {
205 val <<= 16;
206 r += 16;
207 }
208 if (!(val & 0xff00000000000000u)) {
209 val <<= 8;
210 r += 8;
211 }
212 if (!(val & 0xf000000000000000u)) {
213 val <<= 4;
214 r += 4;
215 }
216 if (!(val & 0xc000000000000000u)) {
217 val <<= 2;
218 r += 2;
219 }
220 if (!(val & 0x8000000000000000u)) {
221 val <<= 1;
222 r += 1;
223 }
224
225 return r;
226 }
227
228 /* Calculates the expected Merkle tree hash. */
avb_aftl_root_from_icp(uint64_t leaf_index,uint64_t tree_size,uint8_t proof[][AVB_AFTL_HASH_SIZE],uint32_t proof_entry_count,uint8_t * leaf_hash,uint64_t leaf_hash_size,uint8_t * root_hash)229 bool avb_aftl_root_from_icp(uint64_t leaf_index,
230 uint64_t tree_size,
231 uint8_t proof[][AVB_AFTL_HASH_SIZE],
232 uint32_t proof_entry_count,
233 uint8_t* leaf_hash,
234 uint64_t leaf_hash_size,
235 uint8_t* root_hash) {
236 uint64_t inner_proof_size;
237 uint64_t border_proof_size;
238 size_t i;
239 uint8_t hash[AVB_AFTL_HASH_SIZE];
240 uint8_t* inner_proof;
241 uint8_t* border_proof;
242 bool retval;
243
244 avb_assert(proof_entry_count != 0);
245 avb_assert(leaf_hash_size != 0);
246 avb_assert(proof != NULL && leaf_hash != NULL && root_hash != NULL);
247
248 /* This cannot overflow. */
249 inner_proof_size =
250 64 - avb_aftl_count_leading_zeros(leaf_index ^ (tree_size - 1));
251
252 /* Check for integer underflow.*/
253 if ((proof_entry_count - inner_proof_size) > proof_entry_count) {
254 avb_error("Invalid proof entry count value.\n");
255 return false;
256 }
257 border_proof_size = proof_entry_count - inner_proof_size;
258 /* Split the proof into two parts based on the calculated pivot point. */
259 inner_proof = (uint8_t*)avb_malloc(inner_proof_size * AVB_AFTL_HASH_SIZE);
260 if (inner_proof == NULL) {
261 avb_error("Allocation failure in avb_aftl_root_from_icp.\n");
262 return false;
263 }
264 border_proof = (uint8_t*)avb_malloc(border_proof_size * AVB_AFTL_HASH_SIZE);
265 if (border_proof == NULL) {
266 avb_free(inner_proof);
267 avb_error("Allocation failure in avb_aftl_root_from_icp.\n");
268 return false;
269 }
270
271 for (i = 0; i < inner_proof_size; i++) {
272 avb_memcpy(
273 inner_proof + (AVB_AFTL_HASH_SIZE * i), proof[i], AVB_AFTL_HASH_SIZE);
274 }
275 for (i = 0; i < border_proof_size; i++) {
276 avb_memcpy(border_proof + (AVB_AFTL_HASH_SIZE * i),
277 proof[inner_proof_size + i],
278 AVB_AFTL_HASH_SIZE);
279 }
280
281 /* Calculate the root hash and store it in root_hash. */
282 retval = avb_aftl_chain_inner(leaf_hash,
283 leaf_hash_size,
284 inner_proof,
285 inner_proof_size,
286 leaf_index,
287 hash);
288 if (retval)
289 retval = avb_aftl_chain_border_right(
290 hash, AVB_AFTL_HASH_SIZE, border_proof, border_proof_size, root_hash);
291
292 if (inner_proof != NULL) avb_free(inner_proof);
293 if (border_proof != NULL) avb_free(border_proof);
294 return retval;
295 }
296
297 /* Defines helper functions read_u8, read_u16, read_u32 and read_u64. These
298 * functions can be used to read from a |data| stream a |value| of a specific
299 * size. The value endianness is converted from big-endian to host. We ensure
300 * that the read do not overflow beyond |data_end|. If successful, |data| is
301 * brought forward by the size of the value read.
302 */
303 #define _read_u(fct) \
304 { \
305 size_t value_size = sizeof(*value); \
306 if ((*data + value_size) < *data) return false; \
307 if ((*data + value_size) > data_end) return false; \
308 avb_memcpy(value, *data, value_size); \
309 *value = fct(*value); \
310 *data += value_size; \
311 return true; \
312 }
read_u8(uint8_t * value,uint8_t ** data,uint8_t * data_end)313 static bool read_u8(uint8_t* value, uint8_t** data, uint8_t* data_end) {
314 _read_u();
315 }
316 AVB_ATTR_WARN_UNUSED_RESULT
read_u16(uint16_t * value,uint8_t ** data,uint8_t * data_end)317 static bool read_u16(uint16_t* value, uint8_t** data, uint8_t* data_end) {
318 _read_u(avb_be16toh);
319 }
320 AVB_ATTR_WARN_UNUSED_RESULT
read_u32(uint32_t * value,uint8_t ** data,uint8_t * data_end)321 static bool read_u32(uint32_t* value, uint8_t** data, uint8_t* data_end) {
322 _read_u(avb_be32toh);
323 }
324 AVB_ATTR_WARN_UNUSED_RESULT
read_u64(uint64_t * value,uint8_t ** data,uint8_t * data_end)325 static bool read_u64(uint64_t* value, uint8_t** data, uint8_t* data_end) {
326 _read_u(avb_be64toh);
327 }
328 AVB_ATTR_WARN_UNUSED_RESULT
329
330 /* Allocates |value_size| bytes into |value| and copy |value_size| bytes from
331 * |data|. Ensure that we don't overflow beyond |data_end|. It is the caller
332 * responsibility to avb_free |value|. Advances the |data| pointer pass the
333 * value that has been read. Returns false if an overflow would have occurred or
334 * if the allocation failed.
335 */
read_mem(uint8_t ** value,size_t value_size,uint8_t ** data,uint8_t * data_end)336 static bool read_mem(uint8_t** value,
337 size_t value_size,
338 uint8_t** data,
339 uint8_t* data_end) {
340 if (*data + value_size < *data || *data + value_size > data_end) {
341 return false;
342 }
343 *value = (uint8_t*)avb_calloc(value_size);
344 if (!value) {
345 return false;
346 }
347 avb_memcpy(*value, *data, value_size);
348 *data += value_size;
349 return true;
350 }
351
352 /* Allocates and populates a TrillianLogRootDescriptor element in an
353 AftlIcpEntry from a binary blob.
354 The blob is expected to be pointing to the beginning of a
355 serialized TrillianLogRootDescriptor element of an AftlIcpEntry.
356 The aftl_blob argument is updated to point to the area after the
357 TrillianLogRootDescriptor. aftl_blob_remaining gives the amount of the
358 aftl_blob that is left to parse. */
parse_trillian_log_root_descriptor(AftlIcpEntry * icp_entry,uint8_t ** aftl_blob,size_t aftl_blob_remaining)359 static bool parse_trillian_log_root_descriptor(AftlIcpEntry* icp_entry,
360 uint8_t** aftl_blob,
361 size_t aftl_blob_remaining) {
362 avb_assert(icp_entry);
363 avb_assert(aftl_blob);
364 uint8_t* blob_end = *aftl_blob + aftl_blob_remaining;
365 if (*aftl_blob > blob_end) {
366 return false;
367 }
368
369 /* Copy in the version field from the blob. */
370 if (!read_u16(
371 &(icp_entry->log_root_descriptor.version), aftl_blob, blob_end)) {
372 avb_error("Unable to parse version.\n");
373 return false;
374 }
375
376 /* Copy in the tree size field from the blob. */
377 if (!read_u64(
378 &(icp_entry->log_root_descriptor.tree_size), aftl_blob, blob_end)) {
379 avb_error("Unable to parse tree size.\n");
380 return false;
381 }
382
383 /* Copy in the root hash size field from the blob. */
384 if (!read_u8(&(icp_entry->log_root_descriptor.root_hash_size),
385 aftl_blob,
386 blob_end)) {
387 avb_error("Unable to parse root hash size.\n");
388 return false;
389 }
390 if (icp_entry->log_root_descriptor.root_hash_size != AVB_AFTL_HASH_SIZE) {
391 avb_error("Invalid root hash size.\n");
392 return false;
393 }
394
395 /* Copy in the root hash from the blob. */
396 if (!read_mem(&(icp_entry->log_root_descriptor.root_hash),
397 icp_entry->log_root_descriptor.root_hash_size,
398 aftl_blob,
399 blob_end)) {
400 avb_error("Unable to parse root hash.\n");
401 return false;
402 }
403
404 /* Copy in the timestamp field from the blob. */
405 if (!read_u64(
406 &(icp_entry->log_root_descriptor.timestamp), aftl_blob, blob_end)) {
407 avb_error("Unable to parse timestamp.\n");
408 return false;
409 }
410
411 /* Copy in the revision field from the blob. */
412 if (!read_u64(
413 &(icp_entry->log_root_descriptor.revision), aftl_blob, blob_end)) {
414 avb_error("Unable to parse revision.\n");
415 return false;
416 }
417
418 /* Copy in the metadata size field from the blob. */
419 if (!read_u16(&(icp_entry->log_root_descriptor.metadata_size),
420 aftl_blob,
421 blob_end)) {
422 avb_error("Unable to parse metadata size.\n");
423 return false;
424 }
425
426 if (icp_entry->log_root_descriptor.metadata_size >
427 AVB_AFTL_MAX_METADATA_SIZE) {
428 avb_error("Invalid metadata size.\n");
429 return false;
430 }
431
432 /* If it exists, copy in the metadata field from the blob. */
433 if (icp_entry->log_root_descriptor.metadata_size > 0) {
434 if (!read_mem(&(icp_entry->log_root_descriptor.metadata),
435 icp_entry->log_root_descriptor.metadata_size,
436 aftl_blob,
437 blob_end)) {
438 avb_error("Unable to parse metadata.\n");
439 return false;
440 }
441 } else {
442 icp_entry->log_root_descriptor.metadata = NULL;
443 }
444 return true;
445 }
446
447 /* Parses a Signature from |aftl_blob| into leaf->signature.
448 * Returns false if an error occurred during the parsing */
parse_signature(SignedVBMetaPrimaryAnnotationLeaf * leaf,uint8_t ** aftl_blob,uint8_t * blob_end)449 static bool parse_signature(SignedVBMetaPrimaryAnnotationLeaf* leaf,
450 uint8_t** aftl_blob,
451 uint8_t* blob_end) {
452 Signature* signature = (Signature*)avb_calloc(sizeof(Signature));
453 if (!signature) {
454 avb_error("Failed to allocate signature.\n");
455 return false;
456 }
457 leaf->signature = signature;
458
459 if (!read_u8(&(signature->hash_algorithm), aftl_blob, blob_end)) {
460 avb_error("Unable to parse the hash algorithm.\n");
461 return false;
462 }
463 if (signature->hash_algorithm >= _AVB_AFTL_HASH_ALGORITHM_NUM) {
464 avb_error("Unexpect hash algorithm in leaf signature.\n");
465 return false;
466 }
467
468 if (!read_u8(&(signature->signature_algorithm), aftl_blob, blob_end)) {
469 avb_error("Unable to parse the signature algorithm.\n");
470 return false;
471 }
472 if (signature->signature_algorithm >= _AVB_AFTL_SIGNATURE_ALGORITHM_NUM) {
473 avb_error("Unexpect signature algorithm in leaf signature.\n");
474 return false;
475 }
476
477 if (!read_u16(&(signature->signature_size), aftl_blob, blob_end)) {
478 avb_error("Unable to parse the signature size.\n");
479 return false;
480 }
481 if (!read_mem(&(signature->signature),
482 signature->signature_size,
483 aftl_blob,
484 blob_end)) {
485 avb_error("Unable to parse signature.\n");
486 return false;
487 }
488 return true;
489 }
490
491 /* Parses an VBMetaPrimaryAnnotation from |aftl_blob| into leaf->annotation.
492 * Returns false if an error occurred during the parsing */
parse_annotation(SignedVBMetaPrimaryAnnotationLeaf * leaf,uint8_t ** aftl_blob,uint8_t * blob_end)493 static bool parse_annotation(SignedVBMetaPrimaryAnnotationLeaf* leaf,
494 uint8_t** aftl_blob,
495 uint8_t* blob_end) {
496 VBMetaPrimaryAnnotation* annotation =
497 (VBMetaPrimaryAnnotation*)avb_calloc(sizeof(VBMetaPrimaryAnnotation));
498 if (!annotation) {
499 avb_error("Failed to allocate annotation.\n");
500 return false;
501 }
502 leaf->annotation = annotation;
503
504 if (!read_u8(&(annotation->vbmeta_hash_size), aftl_blob, blob_end)) {
505 avb_error("Unable to parse VBMeta hash size.\n");
506 return false;
507 }
508 if (annotation->vbmeta_hash_size != AVB_AFTL_HASH_SIZE) {
509 avb_error("Unexpected VBMeta hash size.\n");
510 return false;
511 }
512 if (!read_mem(&(annotation->vbmeta_hash),
513 annotation->vbmeta_hash_size,
514 aftl_blob,
515 blob_end)) {
516 avb_error("Unable to parse VBMeta hash.\n");
517 return false;
518 }
519
520 if (!read_u8(&(annotation->version_incremental_size), aftl_blob, blob_end)) {
521 avb_error("Unable to parse version incremental size.\n");
522 return false;
523 }
524 if (!read_mem(&(annotation->version_incremental),
525 annotation->version_incremental_size,
526 aftl_blob,
527 blob_end)) {
528 avb_error("Unable to parse version incremental.\n");
529 return false;
530 }
531
532 if (!read_u8(
533 &(annotation->manufacturer_key_hash_size), aftl_blob, blob_end)) {
534 avb_error("Unable to parse manufacturer key hash size.\n");
535 return false;
536 }
537 if (!read_mem(&(annotation->manufacturer_key_hash),
538 annotation->manufacturer_key_hash_size,
539 aftl_blob,
540 blob_end)) {
541 avb_error("Unable to parse manufacturer key hash.\n");
542 return false;
543 }
544
545 if (!read_u16(&(annotation->description_size), aftl_blob, blob_end)) {
546 avb_error("Unable to parse description size.\n");
547 return false;
548 }
549 if (!read_mem(&(annotation->description),
550 annotation->description_size,
551 aftl_blob,
552 blob_end)) {
553 avb_error("Unable to parse description.\n");
554 return false;
555 }
556 return true;
557 }
558
559 /* Allocates and populates a SignedVBMetaPrimaryAnnotationLeaf element in an
560 AftlIcpEntry from a binary blob.
561 The blob is expected to be pointing to the beginning of a
562 serialized SignedVBMetaPrimaryAnnotationLeaf element of an AftlIcpEntry.
563 The aftl_blob argument is updated to point to the area after the leaf. */
parse_annotation_leaf(AftlIcpEntry * icp_entry,uint8_t ** aftl_blob)564 static bool parse_annotation_leaf(AftlIcpEntry* icp_entry,
565 uint8_t** aftl_blob) {
566 SignedVBMetaPrimaryAnnotationLeaf* leaf;
567 uint8_t* blob_end = *aftl_blob + icp_entry->annotation_leaf_size;
568 if (*aftl_blob > blob_end) {
569 return false;
570 }
571
572 leaf = (SignedVBMetaPrimaryAnnotationLeaf*)avb_calloc(
573 sizeof(SignedVBMetaPrimaryAnnotationLeaf));
574 if (!leaf) {
575 avb_error("Failed to allocate for annotation leaf.\n");
576 return false;
577 }
578 /* The leaf will be free'd within the free_aftl_icp_entry() */
579 icp_entry->annotation_leaf = leaf;
580 if (!read_u8(&(leaf->version), aftl_blob, blob_end)) {
581 avb_error("Unable to parse version.\n");
582 return false;
583 }
584 if (leaf->version != 1) {
585 avb_error("Unexpected leaf version.\n");
586 return false;
587 }
588 if (!read_u64(&(leaf->timestamp), aftl_blob, blob_end)) {
589 avb_error("Unable to parse timestamp.\n");
590 return false;
591 }
592 if (!read_u8(&(leaf->leaf_type), aftl_blob, blob_end)) {
593 avb_error("Unable to parse version.\n");
594 return false;
595 }
596 if (leaf->leaf_type != AVB_AFTL_SIGNED_VBMETA_PRIMARY_ANNOTATION_LEAF) {
597 avb_error("Unexpected leaf type.\n");
598 return false;
599 }
600 if (!parse_signature(leaf, aftl_blob, blob_end)) {
601 avb_error("Unable to parse signature.\n");
602 return false;
603 }
604 if (!parse_annotation(leaf, aftl_blob, blob_end)) {
605 avb_error("Unable to parse annotation.\n");
606 return false;
607 }
608 return true;
609 }
610
611 /* Allocates and populates an AftlIcpEntry from a binary blob.
612 The blob is expected to be pointing to the beginning of a
613 serialized AftlIcpEntry structure. */
parse_icp_entry(uint8_t ** aftl_blob,size_t * remaining_size)614 AftlIcpEntry* parse_icp_entry(uint8_t** aftl_blob, size_t* remaining_size) {
615 AftlIcpEntry* icp_entry;
616 uint8_t* blob_start = *aftl_blob;
617 uint8_t* blob_end = *aftl_blob + *remaining_size;
618 if (*aftl_blob > blob_end) {
619 return NULL;
620 }
621
622 if (*remaining_size < AVB_AFTL_MIN_AFTL_ICP_ENTRY_SIZE) {
623 avb_error("Invalid AftlImage\n");
624 return NULL;
625 }
626
627 icp_entry = (AftlIcpEntry*)avb_calloc(sizeof(AftlIcpEntry));
628 if (!icp_entry) {
629 avb_error("Failure allocating AftlIcpEntry\n");
630 return NULL;
631 }
632
633 /* Copy in the log server URL size field. */
634 if (!read_u32(&(icp_entry->log_url_size), aftl_blob, blob_end)) {
635 avb_error("Unable to parse log url size.\n");
636 avb_free(icp_entry);
637 return NULL;
638 }
639 if (icp_entry->log_url_size > AVB_AFTL_MAX_URL_SIZE) {
640 avb_error("Invalid log URL size.\n");
641 avb_free(icp_entry);
642 return NULL;
643 }
644 /* Copy in the leaf index field. */
645 if (!read_u64(&(icp_entry->leaf_index), aftl_blob, blob_end)) {
646 avb_error("Unable to parse leaf_index.\n");
647 avb_free(icp_entry);
648 return NULL;
649 }
650 /* Copy in the TrillianLogRootDescriptor size field. */
651 if (!read_u32(&(icp_entry->log_root_descriptor_size), aftl_blob, blob_end)) {
652 avb_error("Unable to parse log root descriptor size.\n");
653 avb_free(icp_entry);
654 return NULL;
655 }
656 if (icp_entry->log_root_descriptor_size < AVB_AFTL_MIN_TLRD_SIZE ||
657 icp_entry->log_root_descriptor_size > AVB_AFTL_MAX_TLRD_SIZE) {
658 avb_error("Invalid TrillianLogRootDescriptor size.\n");
659 avb_free(icp_entry);
660 return NULL;
661 }
662
663 /* Copy in the annotation leaf size field. */
664 if (!read_u32(&(icp_entry->annotation_leaf_size), aftl_blob, blob_end)) {
665 avb_error("Unable to parse annotation leaf size.\n");
666 avb_free(icp_entry);
667 return NULL;
668 }
669 if (icp_entry->annotation_leaf_size == 0 ||
670 icp_entry->annotation_leaf_size > AVB_AFTL_MAX_ANNOTATION_SIZE) {
671 avb_error("Invalid annotation leaf size.\n");
672 avb_free(icp_entry);
673 return NULL;
674 }
675
676 /* Copy the log root signature size field. */
677 if (!read_u16(&(icp_entry->log_root_sig_size), aftl_blob, blob_end)) {
678 avb_error("Unable to parse log root signature size.\n");
679 avb_free(icp_entry);
680 return NULL;
681 }
682 if (icp_entry->log_root_sig_size != AVB_AFTL_SIGNATURE_SIZE) {
683 avb_error("Invalid log root signature size.\n");
684 avb_free(icp_entry);
685 return NULL;
686 }
687 /* Copy the inclusion proof hash count field. */
688 if (!read_u8(&(icp_entry->proof_hash_count), aftl_blob, blob_end)) {
689 avb_error("Unable to parse proof hash count.\n");
690 avb_free(icp_entry);
691 return NULL;
692 }
693 /* Copy the inclusion proof size field. */
694 if (!read_u32(&(icp_entry->inc_proof_size), aftl_blob, blob_end)) {
695 avb_error("Unable to parse inclusion proof size.\n");
696 avb_free(icp_entry);
697 return NULL;
698 }
699 if ((icp_entry->inc_proof_size !=
700 icp_entry->proof_hash_count * AVB_AFTL_HASH_SIZE) ||
701 (icp_entry->inc_proof_size > AVB_AFTL_MAX_PROOF_SIZE)) {
702 avb_error("Invalid inclusion proof size.\n");
703 avb_free(icp_entry);
704 return NULL;
705 }
706 /* Copy in the log server URL from the blob. */
707 if (*aftl_blob + icp_entry->log_url_size < *aftl_blob ||
708 *aftl_blob + icp_entry->log_url_size > blob_end) {
709 avb_error("Invalid AftlImage.\n");
710 avb_free(icp_entry);
711 return NULL;
712 }
713 icp_entry->log_url = (uint8_t*)avb_calloc(icp_entry->log_url_size);
714 if (!icp_entry->log_url) {
715 avb_error("Failure to allocate URL.\n");
716 free_aftl_icp_entry(icp_entry);
717 return NULL;
718 }
719 avb_memcpy(icp_entry->log_url, *aftl_blob, icp_entry->log_url_size);
720 *aftl_blob += icp_entry->log_url_size;
721
722 /* Populate the TrillianLogRootDescriptor elements. */
723 if (*aftl_blob + icp_entry->log_root_descriptor_size < *aftl_blob ||
724 *aftl_blob + icp_entry->log_root_descriptor_size > blob_end) {
725 avb_error("Invalid AftlImage.\n");
726 free_aftl_icp_entry(icp_entry);
727 return NULL;
728 }
729 icp_entry->log_root_descriptor_raw =
730 (uint8_t*)avb_calloc(icp_entry->log_root_descriptor_size);
731 if (!icp_entry->log_root_descriptor_raw) {
732 avb_error("Failure to allocate log root descriptor.\n");
733 free_aftl_icp_entry(icp_entry);
734 return NULL;
735 }
736 avb_memcpy(icp_entry->log_root_descriptor_raw,
737 *aftl_blob,
738 icp_entry->log_root_descriptor_size);
739 if (!parse_trillian_log_root_descriptor(
740 icp_entry, aftl_blob, icp_entry->log_root_descriptor_size)) {
741 free_aftl_icp_entry(icp_entry);
742 return NULL;
743 }
744
745 /* Populate the annotation leaf. */
746 if (*aftl_blob + icp_entry->annotation_leaf_size < *aftl_blob ||
747 *aftl_blob + icp_entry->annotation_leaf_size > blob_end) {
748 avb_error("Invalid AftlImage.\n");
749 free_aftl_icp_entry(icp_entry);
750 return NULL;
751 }
752 icp_entry->annotation_leaf_raw =
753 (uint8_t*)avb_calloc(icp_entry->annotation_leaf_size);
754 if (!icp_entry->annotation_leaf_raw) {
755 avb_error("Failure to allocate annotation leaf.\n");
756 free_aftl_icp_entry(icp_entry);
757 return NULL;
758 }
759 avb_memcpy(icp_entry->annotation_leaf_raw,
760 *aftl_blob,
761 icp_entry->annotation_leaf_size);
762 if (!parse_annotation_leaf(icp_entry, aftl_blob)) {
763 free_aftl_icp_entry(icp_entry);
764 return NULL;
765 }
766
767 /* Allocate and copy the log root signature from the blob. */
768 if (*aftl_blob + icp_entry->log_root_sig_size < *aftl_blob ||
769 *aftl_blob + icp_entry->log_root_sig_size > blob_end) {
770 avb_error("Invalid AftlImage.\n");
771 free_aftl_icp_entry(icp_entry);
772 return NULL;
773 }
774 icp_entry->log_root_signature =
775 (uint8_t*)avb_calloc(icp_entry->log_root_sig_size);
776 if (!icp_entry->log_root_signature) {
777 avb_error("Failure to allocate log root signature.\n");
778 free_aftl_icp_entry(icp_entry);
779 return NULL;
780 }
781 avb_memcpy(
782 icp_entry->log_root_signature, *aftl_blob, icp_entry->log_root_sig_size);
783 *aftl_blob += icp_entry->log_root_sig_size;
784
785 /* Finally, copy the proof hash data from the blob to the AftlImage. */
786 if (*aftl_blob + icp_entry->inc_proof_size < *aftl_blob ||
787 *aftl_blob + icp_entry->inc_proof_size > blob_end) {
788 avb_error("Invalid AftlImage.\n");
789 free_aftl_icp_entry(icp_entry);
790 return NULL;
791 }
792 icp_entry->proofs = avb_calloc(icp_entry->inc_proof_size);
793 if (!icp_entry->proofs) {
794 free_aftl_icp_entry(icp_entry);
795 return NULL;
796 }
797 avb_memcpy(icp_entry->proofs, *aftl_blob, icp_entry->inc_proof_size);
798 *aftl_blob += icp_entry->inc_proof_size;
799
800 *remaining_size -= *aftl_blob - blob_start;
801 return icp_entry;
802 }
803
804 /* Allocate and parse an AftlImage object out of binary data. */
parse_aftl_image(uint8_t * aftl_blob,size_t aftl_blob_size)805 AftlImage* parse_aftl_image(uint8_t* aftl_blob, size_t aftl_blob_size) {
806 AftlImage* image;
807 AftlImageHeader* image_header;
808 AftlIcpEntry* entry;
809 size_t image_size;
810 size_t i;
811 size_t remaining_size;
812
813 /* Ensure the blob is at least large enough for an AftlImageHeader */
814 if (aftl_blob_size < sizeof(AftlImageHeader)) {
815 avb_error("Invalid image header.\n");
816 return NULL;
817 }
818 image_header = (AftlImageHeader*)aftl_blob;
819 /* Check for the magic value for an AftlImageHeader. */
820 if (image_header->magic != AVB_AFTL_MAGIC) {
821 avb_error("Invalid magic number\n");
822 return NULL;
823 }
824 /* Extract the size out of the header. */
825 image_size = avb_be32toh(image_header->image_size);
826 if (image_size < sizeof(AftlImageHeader) ||
827 image_size > AVB_AFTL_MAX_AFTL_IMAGE_SIZE) {
828 avb_error("Invalid image size.\n");
829 return NULL;
830 }
831 image = (AftlImage*)avb_calloc(sizeof(AftlImage));
832 if (!image) {
833 avb_error("Failed allocation for AftlImage.\n");
834 return NULL;
835 }
836 /* Copy the header bytes directly from the aftl_blob. */
837 avb_memcpy(&(image->header), aftl_blob, sizeof(AftlImageHeader));
838 /* Fix endianness. */
839 image->header.required_icp_version_major =
840 avb_be32toh(image->header.required_icp_version_major);
841 image->header.required_icp_version_minor =
842 avb_be32toh(image->header.required_icp_version_minor);
843 image->header.image_size = avb_be32toh(image->header.image_size);
844 image->header.icp_count = avb_be16toh(image->header.icp_count);
845 /* Allocate memory for the entry array */
846 image->entries = (AftlIcpEntry**)avb_calloc(sizeof(AftlIcpEntry*) *
847 image->header.icp_count);
848 if (!image->entries) {
849 avb_error("Failed allocation for AftlIcpEntry array.\n");
850 avb_free(image);
851 return NULL;
852 }
853
854 /* Jump past the header and parse out each AftlIcpEntry. */
855 aftl_blob += sizeof(AftlImageHeader);
856 remaining_size = aftl_blob_size - sizeof(AftlImageHeader);
857 for (i = 0; i < image->header.icp_count && remaining_size > 0; i++) {
858 entry = parse_icp_entry(&aftl_blob, &remaining_size);
859 if (!entry) {
860 free_aftl_image(image);
861 return NULL;
862 }
863 image->entries[i] = entry;
864 }
865
866 return image;
867 }
868
869 /* Free an AftlIcpEntry and each allocated sub-element. */
free_aftl_icp_entry(AftlIcpEntry * icp_entry)870 void free_aftl_icp_entry(AftlIcpEntry* icp_entry) {
871 /* Ensure the AftlIcpEntry exists before attempting to free it. */
872 if (icp_entry) {
873 /* Free the log_url and log_root_signature elements if they exist. */
874 if (icp_entry->log_url) avb_free(icp_entry->log_url);
875 if (icp_entry->log_root_signature) avb_free(icp_entry->log_root_signature);
876 /* Free the annotation elements if they exist. */
877 if (icp_entry->annotation_leaf) {
878 if (icp_entry->annotation_leaf->signature) {
879 if (icp_entry->annotation_leaf->signature->signature) {
880 avb_free(icp_entry->annotation_leaf->signature->signature);
881 }
882 avb_free(icp_entry->annotation_leaf->signature);
883 }
884 if (icp_entry->annotation_leaf->annotation) {
885 if (icp_entry->annotation_leaf->annotation->vbmeta_hash)
886 avb_free(icp_entry->annotation_leaf->annotation->vbmeta_hash);
887 if (icp_entry->annotation_leaf->annotation->version_incremental)
888 avb_free(icp_entry->annotation_leaf->annotation->version_incremental);
889 if (icp_entry->annotation_leaf->annotation->manufacturer_key_hash)
890 avb_free(
891 icp_entry->annotation_leaf->annotation->manufacturer_key_hash);
892 if (icp_entry->annotation_leaf->annotation->description)
893 avb_free(icp_entry->annotation_leaf->annotation->description);
894 avb_free(icp_entry->annotation_leaf->annotation);
895 }
896 avb_free(icp_entry->annotation_leaf);
897 }
898 if (icp_entry->annotation_leaf_raw)
899 avb_free(icp_entry->annotation_leaf_raw);
900 /* Free the TrillianLogRoot elements if they exist. */
901 if (icp_entry->log_root_descriptor.metadata)
902 avb_free(icp_entry->log_root_descriptor.metadata);
903 if (icp_entry->log_root_descriptor.root_hash)
904 avb_free(icp_entry->log_root_descriptor.root_hash);
905 if (icp_entry->log_root_descriptor_raw)
906 avb_free(icp_entry->log_root_descriptor_raw);
907 if (icp_entry->proofs) avb_free(icp_entry->proofs);
908 /* Finally, free the AftlIcpEntry. */
909 avb_free(icp_entry);
910 }
911 }
912
913 /* Free the AftlImage and each allocated sub-element. */
free_aftl_image(AftlImage * image)914 void free_aftl_image(AftlImage* image) {
915 size_t i;
916
917 /* Ensure the descriptor exists before attempting to free it. */
918 if (!image) {
919 return;
920 }
921 /* Free the entry array. */
922 if (image->entries) {
923 /* Walk through each entry, freeing each one. */
924 for (i = 0; i < image->header.icp_count; i++) {
925 if (image->entries[i]) {
926 free_aftl_icp_entry(image->entries[i]);
927 }
928 }
929 avb_free(image->entries);
930 }
931 avb_free(image);
932 }
933