From 145490e1f559f930924b4fc03990812e2ef6f236 Mon Sep 17 00:00:00 2001 From: Daniel Micay Date: Sun, 18 Mar 2018 05:57:22 -0400 Subject: [PATCH] add sample intermediate to new deflate dictionary --- .../attestation/AttestationProtocol.java | 8 +++++--- app/src/main/res/raw/deflate_dictionary_1.bin | Bin 0 -> 2142 bytes samples/taimen_intermediate.der.x509 | Bin 0 -> 967 bytes 3 files changed, 5 insertions(+), 3 deletions(-) create mode 100644 app/src/main/res/raw/deflate_dictionary_1.bin create mode 100644 samples/taimen_intermediate.der.x509 diff --git a/app/src/main/java/co/copperhead/attestation/AttestationProtocol.java b/app/src/main/java/co/copperhead/attestation/AttestationProtocol.java index af81519c..33cbd137 100644 --- a/app/src/main/java/co/copperhead/attestation/AttestationProtocol.java +++ b/app/src/main/java/co/copperhead/attestation/AttestationProtocol.java @@ -172,7 +172,7 @@ class AttestationProtocol { // the outer signature and the rest of the chain for pinning the expected chain. It enforces // downgrade protection for the OS version/patch (bootloader/TEE enforced) and app version (OS // enforced) by keeping them updated. - private static final byte PROTOCOL_VERSION = 0; + private static final byte PROTOCOL_VERSION = 1; // can become longer in the future, but this is the minimum length private static final byte CHALLENGE_MESSAGE_LENGTH = 1 + CHALLENGE_LENGTH * 2; private static final int MAX_ENCODED_CHAIN_LENGTH = 3000; @@ -670,7 +670,8 @@ static VerificationResult verifySerialized(final Context context, final byte[] a final byte[] chain = new byte[MAX_ENCODED_CHAIN_LENGTH]; final Inflater inflater = new Inflater(true); inflater.setInput(compressedChain); - try (final InputStream stream = context.getResources().openRawResource(R.raw.deflate_dictionary)) { + final int deflateDictionary = version > 0 ? R.raw.deflate_dictionary_1 : R.raw.deflate_dictionary; + try (final InputStream stream = context.getResources().openRawResource(deflateDictionary)) { inflater.setDictionary(ByteStreams.toByteArray(stream)); } final int chainLength = inflater.inflate(chain); @@ -871,7 +872,8 @@ static AttestationResult generateSerialized(final Context context, final byte[] final ByteArrayOutputStream byteStream = new ByteArrayOutputStream(); final Deflater deflater = new Deflater(Deflater.DEFAULT_COMPRESSION, true); - try (final InputStream stream = context.getResources().openRawResource(R.raw.deflate_dictionary)) { + final int deflateDictionary = maxVersion > 0 ? R.raw.deflate_dictionary_1 : R.raw.deflate_dictionary; + try (final InputStream stream = context.getResources().openRawResource(deflateDictionary)) { deflater.setDictionary(ByteStreams.toByteArray(stream)); } final DeflaterOutputStream deflaterStream = new DeflaterOutputStream(byteStream, deflater); diff --git a/app/src/main/res/raw/deflate_dictionary_1.bin b/app/src/main/res/raw/deflate_dictionary_1.bin new file mode 100644 index 0000000000000000000000000000000000000000..0edbf0ed28fe9b08dd34779ea7b4dbb59cac95a4 GIT binary patch literal 2142 zcmb7^c~sL^7RU2j5*FE^L1aqszqQJ-^ zmJTGqxUgD;QWcaoFi<=e)K&%r6T{rcTd1O}#<2{0xhp(xQ%FPhC}(&!8hizTA7MNB%N7;9r3 zKm$yGG3ZQg#9Cb%23WX*4Olb|#*6@#m^m<2g(F%DX7?YD8M*B2 zK-}BmX_Np&o!NToFbU!ds>2;SbKI8g8jJSM9G?Kx5BOpfV1b$l#Et@Sa+Tb z+!N^s$x8eFamL&bmn;B24dvD5(0!r0NyagN8^fp z2w{_8bYh3bSLy1S6BmUGvio{T`lou&#V}vx!4%C&!=oo+7xzeV!n8y%uWWm!FFWWt zLE~o!FXgcMqjH=wTfEd4mr2uzYOpL)`Go$!`Pm2N;IB_h% zq_HqIVAJUl#@aNMWPFgTf(8N_vkvkkU(ImI<`XB0&=Di@V0tdy+9fdsox(-CbyruDd-6YTB-|% zDpFxU_=sC;)u{!F50o6AN$DqXNoo9qxM&w)B0ny{`GW$Vscu=KfxsW|KRGTH2Q$%W1(8mIlmsUhht9=l3>KR~<1pBCE(=@P9we3k zgfMVx(1CVlCt74GD>51^Ie8^l2}kT}XZM)1giTYXe&6Q*Fp7x6k`zC_*ir{sF=k+l zkad}s_g%|TR5#+??GdFD;V+^?P;k*VqrAoD0lt3xT;ZGFKQGzQKJdq#r{rA^e)b!?no>jMj$dj$*bus= zzGK(<&_{KCQF()|X-hGqDK%MbAgg5sP5%{^l{B&Vw@~Gwi*E4 z-)JHN1cz!hP*5%iSw;m11>m5_J#*dvPgHz3zMdGDMaLN4G~D9+M`sWz{vCO6^G>ij zioa|*TY32zb!IZs?4H9Uyyw-mvP-oI+wSfAY&Ppet}hk!Y8WP+T^sOlYqn+KQ2nIE z=(~mQO)e&EPxqLawC)YkXb%6Jn07_1*VkrhE$b+W1h<+ZBh&-uxNh^_0+ER&b!xHi z?_ZZI$*ddLT`f|9$G+M>>+bufA~JZXPL^}{$}cu^@}^64+BVZUo1&zQ#qXos~|4UPUP6a2Nab=vFJlRIi{q91V$(jyry}gfP6Q03|gl&c2aoh(55wk%@ z7q;xAwZ`AKdoU2%bL*>iKf&S4ci*J(z_pq6aU&vn%k#IpOU=ppyhg@JHLa0fM#_5S zwR7%B`>$GU@vbK~E4=#DLt5%Bi y2lnU3>{?_)im?k*t((kZuW*Y!n~6izXNppaApLP|KItE3XQ)TYQftINsQnB1g9Q%& literal 0 HcmV?d00001 diff --git a/samples/taimen_intermediate.der.x509 b/samples/taimen_intermediate.der.x509 new file mode 100644 index 0000000000000000000000000000000000000000..78c87378024c1493bb7c41f1f8c5925ec5c7d568 GIT binary patch literal 967 zcmXqLVm@rp#JG9^GZP~d6Bl!bT6#ii=d{*R170>xtu~Lg@4SqR+^h@+(uR@-;%v;J zEUdx;X_iI?29~K7rp8HTNd_jS26E!OhGqt)MrMZQ28O1FQR2KtAg&3Ni=x@WJk7+^ z(8R>tG%3*_(J0BF%s_yR9ca}#TP8*}R_#U>1|{Ys29^}-unbxCUq_nG=P3BTKKDU0 z#*~L~RgY1<-PJFi>%M5FImKJrwv<`Nt_|DB%My7^C(D1bYS@ZNlMi3?TlDe%dp?_8 zN=1v6EFW&#QoAOUd-a}}<)M#Oc_ejRvnl(Zey3=0<2HlF%?7eSKgsg3h_Q$mxF|ne z^o{Ld!0PgNF|pkf&m`{LE3-%#h&70qB|c=R>0spy>~_g<|1afp@|C}k0Y6BA zFeBrC7FGjhAZ5S@65t03umHof%^(28muK-ba5r#W;Jm=G%|4@~q@dVJUq3M~r6@l$ zMK3)+KRqWku^_WpFF8L~Ke41FwYVg)Br`uxKe;GJ-_^p+(a_S&*wDnq2*|QPiy7u7 zCPoGa%dT#-J(Fi{UOI2bbEOY2;$?2>ykLrZyLbAgl{ta83WGj2cDK1Hu{f={$+lF& z>%M=peE*HrFXZn0{dQ1teNJ$-!-p3t$9*_AMwYUc?aUWAxlLMS{+=oE1{c=FM{#(6 zwzU1?lAIgNUPHW?cQ zN`F?JlvnfbV9KQ#w@y05w54+DI|jVy@Jiy@vC_=1(6?U{Ff;@OsE)8l-|>3V;9@AsQ0Q>I2qeyA;} zX|-CA#d2;^xoVZ6lJ*_O7mHW#V@(qO{%X(ss0B~@IwK#-{a9Dyxy3oGIiTrK|MwsL z>zHIN+_f_(rLxFs{g;f9afh* za!;K%^i8jV`}3J5?jNgP-{f!V|9oiUF6Bej_q3Nk(Aqrz#-Rr*UTv|H$=GQ**>NN5 c4W;LYrYa;?KVI3(_FHC#Qp@z>#rY@L0ZPJ*u>b%7 literal 0 HcmV?d00001