diff --git a/libraries/adb-credential-web/src/index.ts b/libraries/adb-credential-web/src/index.ts index 9210656b..c84a3d5d 100644 --- a/libraries/adb-credential-web/src/index.ts +++ b/libraries/adb-credential-web/src/index.ts @@ -1,6 +1,6 @@ // cspell: ignore RSASSA -import type { AdbCredentialStore } from "@yume-chan/adb"; +import type { AdbCredentialStore, AdbPrivateKey } from "@yume-chan/adb"; function openDatabase() { return new Promise((resolve, reject) => { @@ -64,14 +64,20 @@ async function getAllKeys() { } export default class AdbWebCredentialStore implements AdbCredentialStore { + #appName: string; + + constructor(appName = "Tango") { + this.#appName = appName; + } + /** - * Generate a RSA private key and store it into LocalStorage. + * Generates a RSA private key and store it into LocalStorage. * * Calling this method multiple times will overwrite the previous key. * * @returns The private key in PKCS #8 format. */ - async generateKey(): Promise { + async generateKey(): Promise { const { privateKey: cryptoKey } = await crypto.subtle.generateKey( { name: "RSASSA-PKCS1-v1_5", @@ -89,17 +95,23 @@ export default class AdbWebCredentialStore implements AdbCredentialStore { ); await saveKey(privateKey); - return privateKey; + return { + buffer: privateKey, + name: `${this.#appName}@${window.location.hostname}`, + }; } /** - * Yield the stored RSA private key. `AdbWebCredentialStore` only stores one key, so only one value will be yielded. + * Yields the stored RSA private key. * * This method returns a generator, so `for await...of...` loop should be used to read the key. */ - async *iterateKeys(): AsyncGenerator { + async *iterateKeys(): AsyncGenerator { for (const key of await getAllKeys()) { - yield key; + yield { + buffer: key, + name: `${this.#appName}@${window.location.hostname}`, + }; } } } diff --git a/libraries/adb/src/daemon/auth.spec.ts b/libraries/adb/src/daemon/auth.spec.ts new file mode 100644 index 00000000..84807be6 --- /dev/null +++ b/libraries/adb/src/daemon/auth.spec.ts @@ -0,0 +1,176 @@ +import { describe, expect, it } from "@jest/globals"; +import { EMPTY_UINT8_ARRAY, encodeUtf8 } from "@yume-chan/struct"; + +import type { AdbCredentialStore } from "./auth.js"; +import { AdbAuthType, AdbPublicKeyAuthenticator } from "./auth.js"; +import type { AdbPacketData } from "./packet.js"; +import { AdbCommand } from "./packet.js"; + +class MockCredentialStore implements AdbCredentialStore { + key: Uint8Array; + name: string | undefined; + + constructor(key: Uint8Array, name: string | undefined) { + this.key = key; + this.name = name; + } + + *iterateKeys() { + yield { + buffer: this.key, + name: this.name, + }; + } + + generateKey() { + return { + buffer: this.key, + name: this.name, + }; + } +} + +const PRIVATE_KEY = [ + 48, 130, 4, 189, 2, 1, 0, 48, 13, 6, 9, 42, 134, 72, 134, 247, 13, 1, 1, 1, + 5, 0, 4, 130, 4, 167, 48, 130, 4, 163, 2, 1, 0, 2, 130, 1, 1, 0, 217, 179, + 48, 37, 252, 254, 42, 107, 119, 116, 188, 159, 90, 212, 219, 207, 43, 31, + 205, 216, 235, 91, 195, 185, 129, 2, 135, 239, 24, 99, 228, 231, 26, 86, + 204, 63, 23, 228, 185, 227, 61, 156, 146, 229, 174, 162, 128, 247, 186, 142, + 34, 234, 132, 123, 233, 239, 185, 68, 174, 155, 157, 184, 234, 95, 198, 134, + 159, 28, 82, 43, 62, 4, 252, 78, 8, 158, 94, 246, 140, 207, 163, 87, 192, + 250, 89, 19, 231, 241, 148, 93, 114, 9, 141, 127, 160, 89, 140, 96, 47, 38, + 107, 81, 18, 96, 210, 123, 83, 88, 81, 10, 118, 156, 10, 153, 188, 37, 70, + 37, 163, 237, 66, 161, 121, 252, 247, 47, 193, 36, 107, 193, 46, 130, 127, + 191, 34, 129, 69, 172, 73, 196, 216, 157, 141, 78, 71, 85, 15, 101, 175, + 196, 223, 64, 246, 119, 81, 63, 141, 107, 236, 193, 208, 72, 47, 213, 105, + 42, 231, 22, 158, 150, 253, 43, 112, 149, 11, 121, 218, 90, 203, 89, 126, + 145, 134, 68, 161, 19, 82, 119, 46, 253, 171, 5, 232, 127, 118, 27, 165, + 209, 159, 145, 28, 99, 12, 200, 170, 251, 78, 94, 93, 113, 73, 129, 74, 171, + 192, 102, 120, 18, 223, 135, 193, 16, 225, 184, 148, 153, 77, 167, 203, 159, + 94, 193, 180, 153, 239, 31, 137, 103, 222, 20, 245, 253, 64, 138, 103, 132, + 109, 39, 66, 138, 224, 3, 44, 247, 184, 25, 2, 3, 1, 0, 1, 2, 130, 1, 0, 18, + 96, 73, 196, 43, 34, 217, 57, 209, 15, 141, 140, 118, 2, 89, 187, 151, 12, + 76, 55, 239, 70, 3, 179, 120, 236, 89, 197, 24, 237, 245, 184, 124, 68, 175, + 96, 244, 7, 94, 153, 139, 237, 215, 136, 131, 193, 59, 217, 173, 105, 170, + 16, 217, 182, 11, 253, 44, 74, 91, 226, 206, 225, 121, 7, 52, 158, 208, 119, + 119, 136, 38, 232, 12, 212, 25, 110, 36, 221, 242, 236, 228, 0, 216, 77, 73, + 143, 160, 152, 135, 201, 139, 130, 186, 234, 247, 2, 24, 19, 86, 103, 139, + 207, 128, 25, 164, 42, 188, 210, 75, 164, 242, 118, 33, 126, 240, 158, 196, + 217, 16, 137, 74, 130, 142, 229, 135, 136, 4, 105, 130, 180, 130, 72, 128, + 50, 23, 70, 161, 214, 94, 67, 43, 185, 30, 111, 254, 156, 213, 4, 17, 51, + 121, 92, 84, 52, 166, 16, 184, 56, 133, 217, 227, 163, 27, 190, 31, 71, 79, + 61, 126, 250, 58, 81, 64, 174, 129, 21, 239, 160, 153, 88, 206, 89, 147, + 219, 106, 130, 36, 240, 177, 202, 190, 56, 209, 89, 49, 242, 103, 250, 237, + 167, 12, 240, 140, 121, 38, 20, 212, 36, 244, 68, 151, 25, 28, 255, 101, 79, + 217, 12, 82, 121, 254, 154, 174, 7, 88, 56, 49, 0, 217, 223, 32, 193, 203, + 12, 236, 33, 203, 216, 40, 240, 230, 36, 112, 162, 129, 216, 166, 177, 107, + 252, 39, 216, 24, 166, 181, 241, 2, 129, 129, 0, 249, 131, 185, 184, 67, 21, + 70, 238, 177, 150, 21, 62, 29, 192, 126, 78, 115, 79, 140, 4, 242, 156, 90, + 104, 211, 143, 183, 63, 12, 111, 143, 143, 16, 84, 209, 3, 214, 123, 103, + 142, 255, 7, 148, 198, 43, 49, 65, 223, 247, 61, 91, 243, 59, 23, 190, 234, + 181, 222, 30, 213, 188, 52, 116, 113, 152, 248, 193, 20, 115, 11, 116, 113, + 103, 154, 79, 214, 95, 201, 78, 44, 41, 194, 32, 36, 120, 254, 25, 65, 10, + 65, 200, 137, 213, 103, 88, 59, 224, 168, 141, 111, 78, 93, 215, 35, 21, 94, + 4, 235, 5, 150, 206, 9, 85, 25, 207, 248, 169, 174, 237, 239, 177, 186, 67, + 67, 193, 151, 61, 107, 2, 129, 129, 0, 223, 91, 196, 134, 0, 240, 151, 155, + 10, 177, 81, 132, 59, 80, 24, 4, 151, 163, 156, 35, 236, 2, 210, 247, 183, + 127, 167, 20, 194, 116, 150, 25, 82, 82, 139, 0, 115, 38, 198, 51, 218, 111, + 177, 232, 0, 91, 96, 65, 143, 37, 42, 26, 240, 159, 159, 129, 250, 33, 12, + 255, 90, 238, 249, 84, 120, 39, 247, 80, 105, 34, 23, 10, 123, 249, 185, + 184, 155, 159, 217, 156, 158, 59, 175, 124, 24, 235, 142, 96, 141, 165, 156, + 183, 41, 21, 250, 173, 119, 110, 192, 44, 35, 170, 140, 52, 97, 119, 237, + 57, 226, 80, 144, 70, 41, 253, 57, 211, 181, 139, 15, 81, 91, 63, 32, 183, + 64, 124, 221, 139, 2, 129, 128, 123, 118, 247, 246, 58, 147, 147, 182, 214, + 255, 9, 225, 227, 188, 245, 131, 2, 66, 17, 105, 253, 86, 234, 209, 198, 37, + 238, 41, 239, 144, 96, 124, 13, 59, 186, 245, 104, 51, 70, 42, 22, 253, 252, + 91, 22, 210, 87, 227, 104, 38, 223, 145, 250, 226, 164, 32, 229, 255, 84, + 72, 180, 201, 75, 249, 78, 21, 129, 13, 10, 100, 87, 169, 41, 247, 204, 155, + 170, 104, 37, 27, 107, 74, 88, 183, 83, 123, 128, 169, 147, 86, 187, 209, + 160, 92, 115, 231, 165, 34, 34, 98, 58, 103, 234, 229, 188, 83, 250, 161, 4, + 241, 251, 95, 216, 209, 93, 252, 144, 146, 51, 192, 144, 180, 55, 70, 150, + 203, 172, 163, 2, 129, 129, 0, 152, 92, 63, 237, 108, 252, 177, 94, 8, 104, + 54, 131, 237, 245, 207, 188, 106, 56, 39, 205, 117, 51, 227, 247, 40, 140, + 2, 76, 45, 237, 91, 106, 64, 118, 159, 237, 25, 159, 172, 122, 56, 154, 18, + 144, 128, 149, 212, 78, 68, 56, 4, 197, 197, 184, 13, 21, 155, 171, 41, 243, + 146, 115, 11, 79, 44, 123, 142, 191, 162, 71, 167, 209, 246, 9, 190, 63, + 136, 160, 252, 207, 82, 60, 194, 146, 243, 104, 211, 129, 87, 126, 78, 45, + 190, 240, 8, 68, 134, 0, 221, 67, 254, 188, 90, 209, 108, 95, 99, 74, 37, + 239, 240, 202, 123, 224, 9, 175, 57, 218, 119, 3, 119, 43, 211, 196, 77, 80, + 31, 203, 2, 129, 128, 44, 54, 34, 176, 67, 152, 179, 82, 5, 122, 133, 123, + 5, 194, 237, 113, 52, 54, 94, 154, 121, 79, 197, 194, 67, 209, 188, 218, + 239, 74, 128, 137, 21, 86, 240, 0, 111, 163, 37, 19, 208, 79, 27, 185, 110, + 132, 219, 176, 97, 208, 113, 252, 13, 154, 168, 87, 33, 213, 244, 242, 163, + 59, 114, 172, 217, 88, 122, 142, 7, 12, 198, 88, 163, 210, 192, 232, 139, 5, + 98, 13, 228, 111, 249, 73, 95, 220, 30, 166, 59, 141, 27, 36, 0, 82, 99, + 135, 150, 5, 217, 13, 87, 120, 14, 67, 187, 124, 57, 196, 224, 94, 201, 125, + 227, 168, 224, 26, 195, 181, 73, 173, 52, 72, 232, 1, 67, 233, 249, 133, +]; + +const PUBLIC_KEY = + "QAAAANfbD8gZuPcsA+CKQidthGeKQP31FN5niR/vmbTBXp/Lp02ZlLjhEMGH3xJ4ZsCrSoFJcV1eTvuqyAxjHJGf0aUbdn/oBav9LndSE6FEhpF+Wcta2nkLlXAr/ZaeFucqadUvSNDB7GuNP1F39kDfxK9lD1VHTo2d2MRJrEWBIr9/gi7BayTBL/f8eaFC7aMlRiW8mQqcdgpRWFN70mASUWsmL2CMWaB/jQlyXZTx5xNZ+sBXo8+M9l6eCE78BD4rUhyfhsZf6ridm65Eue/pe4TqIo6694CiruWSnD3jueQXP8xWGufkYxjvhwKBucNb69jNHyvP29Ran7x0d2sq/vwlMLPZX7azjy0vpJEONdrhwsbYPQZp7Uj34JBDxB22/oh8NMuN9PwRUj+M9S+A3yRIS6zuvjk9nGUrgCH26js3LfkBywhYSERFHPc7h/yRWzMYL8udOGa5NByfVzSE4DtOj3cF/huVGV0Stedt7UnXSDrsAiasSo990IID7wHjpPX4tUM4AJZO8lYsP6kdCYOATZeR1geNwAJtR9UAnJythYEQMbEQzO15tuPpdq5h50DpZKwynW+ATMSdVOreAoWxy9Qs3zPLstBifMwT3/tuEgB/Q86wprfDhcIkAH9ahsQfZ+WCcqTqd4imP7+RrTKVsUvEIjyw+LlUIcFw1foRztbnpAEAAQA="; + +describe("auth", () => { + describe("PublicKeyAuthenticator", () => { + it("should generate correct public key without name", async () => { + const store = new MockCredentialStore( + new Uint8Array(PRIVATE_KEY), + undefined, + ); + + const authenticator = AdbPublicKeyAuthenticator(store, () => + Promise.resolve({ + command: AdbCommand.Auth, + arg0: AdbAuthType.Token, + arg1: 0, + payload: EMPTY_UINT8_ARRAY, + }), + ); + + const results: AdbPacketData[] = []; + for await (const result of authenticator) { + results.push(result); + } + + expect(results).toStrictEqual([ + { + command: AdbCommand.Auth, + arg0: AdbAuthType.PublicKey, + arg1: 0, + payload: encodeUtf8(`${PUBLIC_KEY}\0`), + }, + ]); + }); + + it("should generate correct public key name", async () => { + const name = "test@jest"; + + const store = new MockCredentialStore( + new Uint8Array(PRIVATE_KEY), + name, + ); + + const authenticator = AdbPublicKeyAuthenticator(store, () => + Promise.resolve({ + command: AdbCommand.Auth, + arg0: AdbAuthType.Token, + arg1: 0, + payload: EMPTY_UINT8_ARRAY, + }), + ); + + const results: AdbPacketData[] = []; + for await (const result of authenticator) { + results.push(result); + } + + expect(results).toStrictEqual([ + { + command: AdbCommand.Auth, + arg0: AdbAuthType.PublicKey, + arg1: 0, + payload: encodeUtf8(`${PUBLIC_KEY} ${name}\0`), + }, + ]); + }); + }); +}); diff --git a/libraries/adb/src/daemon/auth.ts b/libraries/adb/src/daemon/auth.ts index d5c993f9..48ad35c5 100644 --- a/libraries/adb/src/daemon/auth.ts +++ b/libraries/adb/src/daemon/auth.ts @@ -1,8 +1,13 @@ import { PromiseResolver } from "@yume-chan/async"; import type { Disposable } from "@yume-chan/event"; import type { ValueOrPromise } from "@yume-chan/struct"; +import { EMPTY_UINT8_ARRAY } from "@yume-chan/struct"; -import { calculateBase64EncodedLength, encodeBase64 } from "../utils/index.js"; +import { + calculateBase64EncodedLength, + encodeBase64, + encodeUtf8, +} from "../utils/index.js"; import { adbGeneratePublicKey, @@ -12,18 +17,26 @@ import { import type { AdbPacketData } from "./packet.js"; import { AdbCommand } from "./packet.js"; -export type AdbKeyIterable = Iterable | AsyncIterable; +export interface AdbPrivateKey { + /** + * The private key in PKCS #8 format. + */ + buffer: Uint8Array; + name?: string | undefined; +} + +export type AdbKeyIterable = + | Iterable + | AsyncIterable; export interface AdbCredentialStore { /** - * Generate and store a RSA private key with modulus length `2048` and public exponent `65537`. - * - * The returned `Uint8Array` is the private key in PKCS #8 format. + * Generates and stores a RSA private key with modulus length `2048` and public exponent `65537`. */ - generateKey(): ValueOrPromise; + generateKey(): ValueOrPromise; /** - * Synchronously or asynchronously iterate through all stored RSA private keys. + * Synchronously or asynchronously iterates through all stored RSA private keys. * * Each call to `iterateKeys` must return a different iterator that iterate through all stored keys. */ @@ -65,7 +78,7 @@ export const AdbSignatureAuthenticator: AdbAuthenticator = async function* ( return; } - const signature = rsaSign(key, packet.payload); + const signature = rsaSign(key.buffer, packet.payload); yield { command: AdbCommand.Auth, arg0: AdbAuthType.Signature, @@ -85,7 +98,7 @@ export const AdbPublicKeyAuthenticator: AdbAuthenticator = async function* ( return; } - let privateKey: Uint8Array | undefined; + let privateKey: AdbPrivateKey | undefined; for await (const key of credentialStore.iterateKeys()) { privateKey = key; break; @@ -99,13 +112,23 @@ export const AdbPublicKeyAuthenticator: AdbAuthenticator = async function* ( const [publicKeyBase64Length] = calculateBase64EncodedLength(publicKeyLength); + const nameBuffer = privateKey.name?.length + ? encodeUtf8(privateKey.name) + : EMPTY_UINT8_ARRAY; const publicKeyBuffer = new Uint8Array( - publicKeyBase64Length + 1, // Null character + publicKeyBase64Length + + (nameBuffer.length ? nameBuffer.length + 1 : 0) + // Space character + name + 1, // Null character ); - adbGeneratePublicKey(privateKey, publicKeyBuffer); + adbGeneratePublicKey(privateKey.buffer, publicKeyBuffer); encodeBase64(publicKeyBuffer.subarray(0, publicKeyLength), publicKeyBuffer); + if (nameBuffer.length) { + publicKeyBuffer[publicKeyBase64Length] = 0x20; + publicKeyBuffer.set(nameBuffer, publicKeyBase64Length + 1); + } + yield { command: AdbCommand.Auth, arg0: AdbAuthType.PublicKey, diff --git a/libraries/adb/src/daemon/crypto.ts b/libraries/adb/src/daemon/crypto.ts index 7c377434..b6148b1d 100644 --- a/libraries/adb/src/daemon/crypto.ts +++ b/libraries/adb/src/daemon/crypto.ts @@ -158,9 +158,6 @@ export function adbGeneratePublicKey( // (All in little endian) // See https://android.googlesource.com/platform/system/core.git/+/91784040db2b9273687f88d8b95f729d4a61ecc2/libcrypto_utils/android_pubkey.cpp#38 - // extract `n` from private key - const [n] = rsaParsePrivateKey(privateKey); - let outputType: "Uint8Array" | "number"; const outputLength = adbGetPublicKeySize(); if (!output) { @@ -185,6 +182,9 @@ export function adbGeneratePublicKey( outputView.setUint32(outputOffset, 2048 / 8 / 4, true); outputOffset += 4; + // extract `n` from private key + const [n] = rsaParsePrivateKey(privateKey); + // Calculate `n0inv` // Don't know why need to multiply by -1 // Didn't exist in Android codebase