Gitiles
Code Review Sign In
gerrit.nordix.org / onap / aaf / sshsm / 67e6b6dd230ccb83204d2d103a033f735c83a14f / . / tpm-util / duplicate / crypto_aux.c
blob: 2737ded0f9a6c0765b6847b5045890eb35180ab1 [file] [log] [blame]
/*
* Copyright 2018 Intel Corporation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
// Author: Arun Kumar Sekar
#include "crypto_aux.h"
#include "util.h"
UINT32 (*HmacFunctionPtr)( TPMI_ALG_HASH hashAlg, TPM2B *key,TPM2B **bufferList, TPM2B_DIGEST *result ) = OpenSslHmac;
int RSA_OAEP_Enc(TPM2B_PUBLIC_KEY_RSA *plain, // plain text to encrypt
//Size of plain (0 <= pl <= kl - (2 * hashLen + 2)
TPM2B_PUBLIC_KEY_RSA *cipher, // must be same size as key in bytes
TPM2B_PUBLIC_KEY_RSA *key, // Key in big endian byte array
TPM2B_DATA *encoding_params // Null terminated string like
// ((unsigned char*)"DUPLICATE")
// length of encoding parameter includes \0
// (10 in DUPLICATE case..)
)
{
RSA *rsa = NULL;
unsigned char encoded[256];
int RC;
BIGNUM* bne;
BIGNUM* n;
//Encoding
RC = RSA_padding_add_PKCS1_OAEP_mgf1(encoded, key->b.size, plain->b.buffer, plain->b.size,
encoding_params->b.buffer, encoding_params->b.size, EVP_sha256(), NULL);
if(RC!=1)goto cleanup;
// Creating OpenSSL structure with the supplied TPM public:
bne = BN_new();
RC = BN_set_word(bne,RSA_F4); // the TPM's public exponent (2^16 + 1)
if(RC!=1)goto cleanup;
rsa = RSA_new();
RC = RSA_generate_key_ex(rsa, 2048, bne, NULL); // could be done in better way i guess... just for filling up fields..
if(RC!=1)goto cleanup;
// Over-writing the public N:
//rsa->n = BN_bin2bn(key->b.buffer, key->b.size, rsa->n);
n = BN_bin2bn(key->b.buffer, key->b.size, NULL);
RSA_set0_key(rsa,n,NULL, NULL);
//if(rsa->n == NULL) goto cleanup;
if(n == NULL) goto cleanup;
// Encrypting
RC = RSA_public_encrypt(key->b.size, encoded, cipher->b.buffer, rsa, RSA_NO_PADDING);
//if(RC<0)goto cleanup;
cipher->b.size = key->b.size;
cleanup:
RSA_free(rsa);
BN_free(bne);
return RC;
}
void AES_128_CFB_enc_dec(
TPM2B *in,
TPM2B *out,
const TPM2B *const key,
const TPM2B *const ivIn,
TPM2B *ivOut,
const TPMI_YES_NO enc)
{
TPM2B_SYM_KEY ivTemp = {{0}};
ivTemp.b.size = 16;
if(ivOut == NULL)
ivOut = &(ivTemp.b);
memccpy(ivOut->buffer, ivIn->buffer, 0, ivIn->size);
AES_KEY aes;
AES_set_encrypt_key(key->buffer, 128, &aes);
int block, j;
for(block=0; block < (in->size) ;block+=16)
{
unsigned char encIV[16];
AES_encrypt(ivOut->buffer, encIV, &aes);
for(j=0;j<16;j++)
{
if(j+block >= (in->size))
ivOut->buffer[j]=0;
else if(enc)
ivOut->buffer[j] = out->buffer[block+j] = encIV[j]^(in->buffer[block+j]);
else
{
ivOut->buffer[j] = in->buffer[block+j];
out->buffer[block+j] = encIV[j]^(in->buffer[block+j]);
}
}
}
out->size = in->size;
}
UINT32 ChangeEndianDword( UINT32 p )
{
return( ((const UINT32)(((p)& 0xFF) << 24)) | \
((const UINT32)(((p)& 0xFF00) << 8)) | \
((const UINT32)(((p)& 0xFF0000) >> 8)) | \
((const UINT32)(((p)& 0xFF000000) >> 24)));
}
TPM_RC KDFa( TPMI_ALG_HASH hashAlg, TPM2B *key, char *label,
TPM2B *contextU, TPM2B *contextV, UINT16 bits, TPM2B_MAX_BUFFER *resultKey )
{
TPM2B_DIGEST tmpResult;
TPM2B_DIGEST tpm2bLabel, tpm2bBits, tpm2b_i_2;
UINT8 *tpm2bBitsPtr = &tpm2bBits.t.buffer[0];
UINT8 *tpm2b_i_2Ptr = &tpm2b_i_2.t.buffer[0];
TPM2B_DIGEST *bufferList[8];
UINT32 bitsSwizzled, i_Swizzled;
TPM_RC rval;
int i, j;
UINT16 bytes = bits / 8;
#ifdef DEBUG
DebugPrintf( 0, "KDFA, hashAlg = %4.4x\n", hashAlg );
DebugPrintf( 0, "\n\nKDFA, key = \n" );
PrintSizedBuffer( key );
#endif
resultKey->t .size = 0;
tpm2b_i_2.t.size = 4;
tpm2bBits.t.size = 4;
bitsSwizzled = ChangeEndianDword( bits );
*(UINT32 *)tpm2bBitsPtr = bitsSwizzled;
for(i = 0; label[i] != 0 ;i++ );
tpm2bLabel.t.size = i+1;
for( i = 0; i < tpm2bLabel.t.size; i++ )
{
tpm2bLabel.t.buffer[i] = label[i];
}
#ifdef DEBUG
DebugPrintf( 0, "\n\nKDFA, tpm2bLabel = \n" );
PrintSizedBuffer( (TPM2B *)&tpm2bLabel );
DebugPrintf( 0, "\n\nKDFA, contextU = \n" );
PrintSizedBuffer( contextU );
DebugPrintf( 0, "\n\nKDFA, contextV = \n" );
PrintSizedBuffer( contextV );
#endif
resultKey->t.size = 0;
i = 1;
while( resultKey->t.size < bytes )
{
// Inner loop
i_Swizzled = ChangeEndianDword( i );
*(UINT32 *)tpm2b_i_2Ptr = i_Swizzled;
j = 0;
bufferList[j++] = (TPM2B_DIGEST *)&(tpm2b_i_2.b);
bufferList[j++] = (TPM2B_DIGEST *)&(tpm2bLabel.b);
bufferList[j++] = (TPM2B_DIGEST *)contextU;
bufferList[j++] = (TPM2B_DIGEST *)contextV;
bufferList[j++] = (TPM2B_DIGEST *)&(tpm2bBits.b);
bufferList[j++] = (TPM2B_DIGEST *)0;
#ifdef DEBUG
for( j = 0; bufferList[j] != 0; j++ )
{
DebugPrintf( 0, "\n\nbufferlist[%d]:\n", j );
PrintSizedBuffer( &( bufferList[j]->b ) );
}
#endif
rval = (*HmacFunctionPtr )( hashAlg, key, (TPM2B **)&( bufferList[0] ), &tmpResult );
if( rval != TPM_RC_SUCCESS )
{
return( rval );
}
ConcatSizedByteBuffer( resultKey, &(tmpResult.b) );
}
// Truncate the result to the desired size.
resultKey->t.size = bytes;
#ifdef DEBUG
DebugPrintf( 0, "\n\nKDFA, resultKey = \n" );
PrintSizedBuffer( &( resultKey->b ) );
#endif
return TPM_RC_SUCCESS;
}
UINT32 OpenSslHmac( TPMI_ALG_HASH hashAlg, TPM2B *key,TPM2B **bufferList, TPM2B_DIGEST *result )
{
if(hashAlg != TPM_ALG_SHA256)return -1;
UINT32 RC = 0;
HMAC_CTX *hmac = HMAC_CTX_new();
UINT32 resLen=0;
int i=0;
HMAC_Init_ex(hmac, key->buffer, key->size, EVP_sha256(), NULL);
for(i=0;bufferList[i];i++)
{
HMAC_Update(hmac, bufferList[i]->buffer, bufferList[i]->size);
}
HMAC_Final(hmac, result->b.buffer, &resLen);
result->b.size = resLen;
HMAC_CTX_free(hmac);
return RC;
}
void print_buff(char * data, int len, const PBYTE buff)
{
printf("%s \n",data);
int i = 0;
for(;i<len;i++)
printf("0x%02X, ", buff[i]);
printf("\n");
}