fix: the potential bug of finding the wrong key due to nspace not being unique

Signed-off-by: qwq233 <[email protected]>

Author: qwq233

service/src/main/java/io/github/a13e300/tricky_store/Cache.kt

@@ -43,7 +43,7 @@ object Cache {
         keys[key] = info
     }
 
-    fun getInfoByNspace(nspace: Long): Info? = keys.values.firstOrNull { it.response.metadata?.key?.nspace == nspace }
+    fun getInfoByNspace(callingUid: Int, nspace: Long): List<Info> = keys.values.filter { it.key.uid == callingUid && it.response.metadata?.key?.nspace == nspace }
 
     fun getKeyResponse(uid: Int, alias: String): KeyEntryResponse? = keys[Key(uid, alias)]?.response
 

service/src/main/java/io/github/a13e300/tricky_store/KeystoreInterceptor.kt

@@ -17,12 +17,14 @@ import kotlin.system.exitProcess
 
 @SuppressLint("BlockedPrivateApi")
 object KeystoreInterceptor : BinderInterceptor() {
+    private val getSecurityLevelTransaction =
+        getTransactCode(IKeystoreService.Stub::class.java, "getSecurityLevel") // 1
     private val getKeyEntryTransaction =
         getTransactCode(IKeystoreService.Stub::class.java, "getKeyEntry") // 2
-    private val deleteKeyTransaction =
-        getTransactCode(IKeystoreService.Stub::class.java, "deleteKey")
     private val updateSubcomponentTransaction =
-        getTransactCode(IKeystoreService.Stub::class.java, "updateSubcomponent")
+        getTransactCode(IKeystoreService.Stub::class.java, "updateSubcomponent") // 3
+    private val deleteKeyTransaction =
+        getTransactCode(IKeystoreService.Stub::class.java, "deleteKey") // 5
 
     private lateinit var keystore: IBinder
 
@@ -94,6 +96,16 @@ object KeystoreInterceptor : BinderInterceptor() {
 
             deleteKeyTransaction -> {
                 Logger.d("KeystoreInceptor onPreTransact deleteKeyTransaction uid=$callingUid pid=$callingPid")
+                data.enforceInterface("android.system.keystore2.IKeystoreService")
+                val keyDescriptor = data.readTypedObject(KeyDescriptor.CREATOR)
+                if (keyDescriptor == null) return Skip
+
+                Logger.d("KeystoreInterceptor deleteKey uid=$callingUid alias=${keyDescriptor.alias}")
+
+                Cache.deleteKey(Key(callingUid, keyDescriptor.alias))
+                Cache.deleteImportedKey(callingUid, callingPid)
+
+                return Skip
             }
         }
         return Skip

service/src/main/java/io/github/a13e300/tricky_store/Logger.java

@@ -8,6 +8,10 @@ public static void d(String msg) {
         Log.d(TAG, msg);
     }
 
+    public static void d(String tag, String msg) {
+        Log.d(TAG, tag + ": " + msg);
+    }
+
     public static void dd(String msg) {
         d("wtf: " + msg);
     }

service/src/main/java/io/github/a13e300/tricky_store/SecurityLevelInterceptor.kt

@@ -25,11 +25,16 @@ class SecurityLevelInterceptor(
     private val original: IKeystoreSecurityLevel, private val level: Int
 ) : BinderInterceptor() {
     companion object {
-        private val generateKeyTransaction = getTransactCode(IKeystoreSecurityLevel.Stub::class.java, "generateKey")
-        private val deleteKeyTransaction = getTransactCode(IKeystoreSecurityLevel.Stub::class.java, "deleteKey")
-        private val createOperationTransaction = getTransactCode(IKeystoreSecurityLevel.Stub::class.java, "createOperation")
-        private val importWrappedKeyTransaction = getTransactCode(IKeystoreSecurityLevel.Stub::class.java, "importWrappedKey")
-        private val importKeyTransaction = getTransactCode(IKeystoreSecurityLevel.Stub::class.java, "importKey")
+        private val createOperationTransaction =
+            getTransactCode(IKeystoreSecurityLevel.Stub::class.java, "createOperation") //1
+        private val generateKeyTransaction =
+            getTransactCode(IKeystoreSecurityLevel.Stub::class.java, "generateKey") // 2
+        private val importKeyTransaction =
+            getTransactCode(IKeystoreSecurityLevel.Stub::class.java, "importKey") // 3
+        private val importWrappedKeyTransaction =
+            getTransactCode(IKeystoreSecurityLevel.Stub::class.java, "importWrappedKey") // 4
+        private val deleteKeyTransaction =
+            getTransactCode(IKeystoreSecurityLevel.Stub::class.java, "deleteKey") // 6
 
     }
     override fun onPreTransact(
@@ -114,23 +119,30 @@ class SecurityLevelInterceptor(
                 val params = data.createTypedArray(KeyParameter.CREATOR) ?: return Skip
                 val kgp = CertHack.KeyGenParameters(params)
 
-                val info = Cache.getInfoByNspace(keyDescriptor.nspace)
-                if (info == null || (info.key.uid != callingUid)) {
-                    Logger.e("key not found or uid mismatch")
-                    return Skip
-                }
                 if (keyDescriptor.domain != 4) throw IllegalArgumentException("unsupported domain ${keyDescriptor.domain}")
                 kgp.purpose.any { it != 2 /* sign */ && it != 7 /* attest */ } ||
                         throw IllegalArgumentException("unsupported purpose ${kgp.purpose}")
-                kgp.digest.any { it != 4 } ||
-                        throw IllegalArgumentException("unsupported digest ${kgp.digest}")
                 val algorithm = when (kgp.algorithm) {
-                    Algorithm.EC -> "SHA256withECDSA"
-                    Algorithm.RSA -> "SHA256withRSA"
+                    Algorithm.EC -> "ECDSA"
+                    Algorithm.RSA -> "RSA"
                     else -> throw IllegalArgumentException("unsupported algorithm ${kgp.algorithm}")
                 }
 
-                val op = KeyStoreOperation(info.keyPair.private, algorithm)
+                val infos = Cache.getInfoByNspace(callingUid, keyDescriptor.nspace)
+                if (infos.isEmpty()) {
+                    Logger.e("key not found")
+                    return Skip
+                }
+                infos.filter { it.response.metadata.key.alias == keyDescriptor.alias }.let {
+                    it.forEach {
+                        Logger.d("found key alias=${it.key.alias} uid=${it.key.uid} actual=${it.response.metadata.key.alias}")
+                        Logger.d("createOperation", it.chain.first().toString())
+                    }
+                }
+                Logger.d("found keys number: ${infos.size}")
+                val info = infos.first { it.response.metadata.key.alias == keyDescriptor.alias && it.keyPair.private.algorithm == algorithm }
+                Logger.d("createOperation", info.chain.first().toString())
+                val op = KeyStoreOperation(info.keyPair.private, "SHA256with$algorithm")
                 val parcel = Parcel.obtain()
                 parcel.writeNoException()
                 val createOperationResponse = CreateOperationResponse().apply {
@@ -151,27 +163,32 @@ class SecurityLevelInterceptor(
         var isAborted = false
 
         constructor(privateKey: PrivateKey, algorithm: String) {
+            Logger.d("KeyStoreOperation using algorithm $algorithm, privateKey=${privateKey.algorithm}")
             signature = Signature.getInstance(algorithm)
             signature.initSign(privateKey)
         }
 
         override fun updateAad(aadInput: ByteArray?) {
             // do nothing for now
+            Logger.d("updateAad called, ignored")
         }
 
         override fun update(input: ByteArray): ByteArray? {
             if (isAborted) throw IllegalStateException("operation aborted")
+            Logger.d("update called with ${input.size} bytes")
             signature.update(input)
             return null
         }
 
         override fun finish(input: ByteArray?, signature: ByteArray?): ByteArray? {
             if (isAborted) throw IllegalStateException("operation aborted")
+            Logger.d("finish called with ${input?.size ?: 0} bytes")
             this.signature.update(input)
             return this.signature.sign()
         }
 
         override fun abort() {
+            Logger.d("abort called")
             isAborted = true
         }
     }

service/src/main/java/io/github/a13e300/tricky_store/keystore/CertHack.java

@@ -813,7 +813,8 @@ public KeyGenParameters(KeyParameter[] params) {
                             certificateNotAfter = new Date(p.getDateTime());
                     case Tag.CERTIFICATE_SUBJECT ->
                             certificateSubject = new X500Name(new X500Principal(p.getBlob()).getName());
-                    case Tag.RSA_PUBLIC_EXPONENT -> rsaPublicExponent = new BigInteger(p.getBlob());
+                    case Tag.RSA_PUBLIC_EXPONENT ->
+                            rsaPublicExponent = new BigInteger(String.valueOf(p.getLongInteger()));
                     case Tag.EC_CURVE -> {
                         ecCurve = p.getEcCurve();
                         ecCurveName = getEcCurveName(ecCurve);