• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2020 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "tcu_authentication.h"
17 #include <errno.h> /* for errno */
18 #include <fcntl.h>
19 #include <sys/ioctl.h> /* for ioctl */
20 #include <sys/types.h> /* for open close */
21 #include <unistd.h>
22 #include "securec.h"
23 #include "tc_ns_client.h"
24 #include "tee_client_type.h"
25 #include "tee_log.h"
26 #include "teec_compat.h"
27 
28 #ifdef LOG_TAG
29 #undef LOG_TAG
30 #endif
31 #define LOG_TAG            "teec_auth_native"
32 #define HASH_FILE_MAX_SIZE (16 * 1024)
33 #define VENDOR_HASH_FILE "/vendor/bin/native_packages.xml"
34 
IsNotValidFname(const char * path)35 static int IsNotValidFname(const char *path)
36 {
37     if (path == NULL) {
38         tloge("filename is invalid ...\n");
39         return 1;
40     }
41 
42     /* filter the .. dir in the pname: */
43     if (strstr(path, "..") != NULL) {
44         tloge("filename should not include .. dir\n");
45         return 1;
46     }
47 
48     return 0;
49 }
50 
GetFileSize(const char * path)51 static int GetFileSize(const char *path)
52 {
53     FILE *fp = NULL;
54     int ret;
55     int fileSize                = -1;
56     char realPath[PATH_MAX + 1] = { 0 };
57 
58     bool paramInvlid = ((path == NULL) || (IsNotValidFname(path) != 0) || (strlen(path) > PATH_MAX) ||
59                         (realpath(path, realPath) == NULL));
60     if (paramInvlid) {
61         return fileSize;
62     }
63 
64     fp = fopen(realPath, "r");
65     if (fp == NULL) {
66         return fileSize;
67     }
68 
69     ret = fseek(fp, 0L, SEEK_END);
70     if (ret < 0) {
71         fclose(fp);
72         fp = NULL;
73         return fileSize;
74     }
75 
76     fileSize = (int)ftell(fp);
77     fclose(fp);
78     fp = NULL;
79     return fileSize;
80 }
81 
GetFileInfo(int bufLen,uint8_t * buffer,const char * path)82 static int GetFileInfo(int bufLen, uint8_t *buffer, const char *path)
83 {
84     FILE *fp = NULL;
85     int fileSize;
86     char realPath[PATH_MAX + 1] = { 0 };
87 
88     bool paramInvlid = ((buffer == NULL) || (path == NULL) || (IsNotValidFname(path) != 0) || bufLen < sizeof(int) ||
89                         (strlen(path) > PATH_MAX) || (realpath(path, realPath) == NULL));
90     if (paramInvlid) {
91         return -1;
92     }
93 
94     fp = fopen(realPath, "rb");
95     if (fp == NULL) {
96         tloge("open file failed\n");
97         return -1;
98     }
99 
100     fileSize = (int)fread(buffer, sizeof(char), (unsigned int)bufLen, fp);
101     if (fileSize != bufLen || (*(unsigned int *)buffer) != fileSize) {
102         tloge("read file read number:%d\n", fileSize);
103         fclose(fp);
104         fp = NULL;
105         return -1;
106     }
107 
108     fclose(fp);
109     fp = NULL;
110     return 0;
111 }
112 
InitTempBuf(int bufLen)113 static uint8_t *InitTempBuf(int bufLen)
114 {
115     errno_t ret;
116     uint8_t *buffer = NULL;
117 
118     bool variablesCheck = ((bufLen <= 0) || (bufLen > HASH_FILE_MAX_SIZE));
119     if (variablesCheck) {
120         tloge("wrong buflen\n");
121         return buffer;
122     }
123 
124     buffer = (uint8_t *)malloc((unsigned int)bufLen);
125     if (buffer == NULL) {
126         tloge("malloc failed!\n");
127         return buffer;
128     }
129 
130     ret = memset_s(buffer, (unsigned int)bufLen, 0, (unsigned int)bufLen);
131     if (ret != EOK) {
132         tloge("memset failed!\n");
133         free(buffer);
134         buffer = NULL;
135         return buffer;
136     }
137 
138     return buffer;
139 }
140 
ReadXmlFile(const char * xmlFile)141 static uint8_t *ReadXmlFile(const char *xmlFile)
142 {
143     int ret;
144     int bufLen;
145     uint8_t *buffer = NULL;
146 
147     bufLen = GetFileSize(xmlFile);
148     buffer = InitTempBuf(bufLen);
149     if (buffer == NULL) {
150         tloge("init temp buffer failed\n");
151         return buffer;
152     }
153 
154     ret = GetFileInfo(bufLen, buffer, xmlFile);
155     if (ret != 0) {
156         tloge("get xml file info failed\n");
157         free(buffer);
158         buffer = NULL;
159         return buffer;
160     }
161 
162     return buffer;
163 }
164 
TeeSetNativeCaHash(const char * xmlFlie)165 static int TeeSetNativeCaHash(const char *xmlFlie)
166 {
167     int ret;
168     int fd          = -1;
169     uint8_t *buffer = NULL;
170 
171     buffer = ReadXmlFile(xmlFlie);
172     if (buffer == NULL) {
173         tloge("read xml file failed\n");
174         return fd;
175     }
176 
177     fd = open(TC_NS_CLIENT_DEV_NAME, O_RDWR);
178     if (fd < 0) {
179         tloge("Failed to open dev node: %s\n", strerror(errno));
180         free(buffer);
181         buffer = NULL;
182         return -1;
183     }
184 
185     ret = ioctl(fd, (int)(TC_NS_CLIENT_IOCTL_SET_NATIVE_IDENTITY), buffer);
186     if (ret != 0) {
187         tloge("ioctl fail %d\n", ret);
188     }
189 
190     free(buffer);
191     buffer = NULL;
192     close(fd);
193     fd = -1;
194     return ret;
195 }
196 
TcuAuthentication(void)197 void TcuAuthentication(void)
198 {
199     TeeSetNativeCaHash(VENDOR_HASH_FILE);
200 }
201