diff options
| author | Chanho Park <chanho61.park@samsung.com> | 2014-03-25 14:47:55 +0900 |
|---|---|---|
| committer | Chanho Park <chanho61.park@samsung.com> | 2014-03-25 14:52:27 +0900 |
| commit | b66925867fe92e85678371eda93a4909de5f6ce0 (patch) | |
| tree | df31d8fd4e1a0727a82b78502956175f28fd5751 | |
| parent | 1266a27e7741b4325b9b16c33508073fedd6a052 (diff) | |
| download | libcryptsvc-b66925867fe92e85678371eda93a4909de5f6ce0.tar.gz libcryptsvc-b66925867fe92e85678371eda93a4909de5f6ce0.tar.bz2 libcryptsvc-b66925867fe92e85678371eda93a4909de5f6ce0.zip | |
convert static library to shared library
This patch removes static library and convert it into source
files. Static library can't build if compiler is changed.
And we also removed tzcrypto API and library because we don't
use it anymore.
Change-Id: I06043c5867c63f5f833d7d538f882cbe85ab0cba
Signed-off-by: Chanho Park <chanho61.park@samsung.com>
| -rw-r--r-- | CMakeLists.txt | 52 | ||||
| -rw-r--r-- | NOTICE | 6 | ||||
| -rw-r--r-- | cryptsvc.pc.in | 2 | ||||
| -rwxr-xr-x | include/SecCryptoSvc.h | 17 | ||||
| -rwxr-xr-x | include/SecTzSvc.h | 9 | ||||
| -rwxr-xr-x | include/tci.h | 54 | ||||
| -rwxr-xr-x | include/tlc_tzcrypt.h | 112 | ||||
| -rwxr-xr-x | include/tltzcrypt_api.h | 84 | ||||
| -rwxr-xr-x | libs/libDeviceInfo.a | bin | 115528 -> 0 bytes | |||
| -rwxr-xr-x | libs/libtzcrypt.a | bin | 14410 -> 0 bytes | |||
| -rwxr-xr-x | srcs/SecCryptoSvc.c | 129 | ||||
| -rwxr-xr-x | srcs/SecTzSvc.c | 204 |
12 files changed, 182 insertions, 487 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt index 5b53be4..456b5b6 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -3,6 +3,7 @@ PROJECT(cryptsvc C) SET(PREFIX ${CMAKE_INSTALL_PREFIX}) SET(EXEC_PREFIX "\${prefix}") +SET(LIBDIR "\${prefix}/lib") SET(INCLUDEDIR "\${prefix}/include") INCLUDE_DIRECTORIES(${CMAKE_CURRENT_SOURCE_DIR}/include) @@ -31,9 +32,7 @@ SET(EXTRA_CXXFLAGS "${EXTRA_CXXFLAGS} ${EXTRA_CFLAGS}") ################################################################################################################## # for libcryptsvc.so SET(SRCS - #${source_dir}/CryptoSvc-debug.c ${source_dir}/SecCryptoSvc.c - #${source_dir}/SecKmBase64.c ) SET(libcryptsvc_LDFLAGS "${pkgs_LDFLAGS}") @@ -45,7 +44,7 @@ ADD_LIBRARY(${PROJECT_NAME} SHARED ${SRCS}) TARGET_LINK_LIBRARIES(${PROJECT_NAME} ${libcryptsvc_LDFLAGS}) IF("${ARCH}" MATCHES "arm") -TARGET_LINK_LIBRARIES(${PROJECT_NAME} -L./libs -lDeviceInfo) +TARGET_LINK_LIBRARIES(${PROJECT_NAME}) ENDIF("${ARCH}" MATCHES "arm") SET_TARGET_PROPERTIES( @@ -58,30 +57,30 @@ SET_TARGET_PROPERTIES( ################################################################################################################## # for libtzsvc.so -SET(SRCS_TZ - ${source_dir}/SecCryptoSvc.c - ${source_dir}/SecTzSvc.c -) +#SET(SRCS_TZ +# ${source_dir}/SecTzSvc.c +#) -SET(libtzsvc_LDFLAGS "${pkgs_LDFLAGS}") -SET(libtzsvc_CFLAGS " ${CFLAGS} -fvisibility=hidden -g -fPIC -I${CMAKE_CURRENT_SOURCE_DIR}/include ") -SET(libtzsvc_CPPFLAGS " -DPIC ") +#SET(libtzsvc_LDFLAGS "${pkgs_LDFLAGS}") +#SET(libtzsvc_CFLAGS " ${CFLAGS} -fvisibility=hidden -g -fPIC -I${CMAKE_CURRENT_SOURCE_DIR}/include ") +#SET(libtzsvc_CPPFLAGS " -DPIC ") -SET(LIBTZ_SO "tzsvc") -ADD_LIBRARY(${LIBTZ_SO} SHARED ${SRCS_TZ}) +#SET(LIBTZ_SO "tzsvc") +#ADD_LIBRARY(${LIBTZ_SO} SHARED ${SRCS_TZ}) -TARGET_LINK_LIBRARIES(${LIBTZ_SO} ${libtzsvc_LDFLAGS}) +#TARGET_LINK_LIBRARIES(${LIBTZ_SO} ${libtzsvc_LDFLAGS}) -IF("${ARCH}" MATCHES "arm") -TARGET_LINK_LIBRARIES(${LIBTZ_SO} -L./libs -lDeviceInfo) -ENDIF("${ARCH}" MATCHES "arm") +#IF("${ARCH}" MATCHES "arm") +#TARGET_LINK_LIBRARIES(${LIBTZ_SO}) +#ENDIF("${ARCH}" MATCHES "arm") -SET_TARGET_PROPERTIES( - ${LIBTZ_SO} - PROPERTIES - VERSION ${FULLVER} - SOVERSION ${MAJORVER} -) + +#SET_TARGET_PROPERTIES( +# ${LIBTZ_SO} +# PROPERTIES +# VERSION ${FULLVER} +# SOVERSION ${MAJORVER} +#) ################################################################################################################## @@ -105,18 +104,19 @@ SET_TARGET_PROPERTIES( IF("${ARCH}" MATCHES "arm") #ADD_DEFINITIONS("-DTARGET") ADD_DEFINITIONS("-DCRYPTOSVC_TARGET") + ADD_DEFINITIONS("-DCRYPTOSVC_TZ") #MESSAGE("add -DTARGET") ENDIF("${ARCH}" MATCHES "arm") SET(PC_NAME ${PROJECT_NAME}) SET(PC_DESCRIPTION ${DESCRIPTION}) -SET(PC_LDFLAGS " -l${PROJECT_NAME} -l${LIBTZ_SO} ") +SET(PC_LDFLAGS " -l${PROJECT_NAME} ") SET(PC_REQUIRED ${pc_requires}) CONFIGURE_FILE(${PROJECT_NAME}.pc.in ${PROJECT_NAME}.pc @ONLY) -INSTALL(FILES ${PROJECT_NAME}.pc DESTINATION ${LIB_INSTALL_DIR}/pkgconfig) -INSTALL(TARGETS ${PROJECT_NAME} DESTINATION ${LIB_INSTALL_DIR}) -INSTALL(TARGETS ${LIBTZ_SO} DESTINATION ${LIB_INSTALL_DIR}) +INSTALL(FILES ${PROJECT_NAME}.pc DESTINATION lib/pkgconfig) +INSTALL(TARGETS ${PROJECT_NAME} DESTINATION lib) +INSTALL(TARGETS ${LIBTZ_SO} DESTINATION lib) INSTALL(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/include/ DESTINATION ${INCLUDEDIR}) ADD_DEFINITIONS(-D_bool_cryptsvc) @@ -2,9 +2,3 @@ Copyright (c) Samsung Electronics Co., Ltd. All rights reserved. Except as noted, this software is licensed under Apache License, Version 2. Please, see the LICENSE.APLv2 file for Apache License terms and conditions. -libDeviceInfo.a file is licensed under Flora License, Version 1.1. -Please, see the LICENSE.Flora file for Flora License, Version 1.1 terms and conditions. - -libtzcrypt.a file is licensed under Flora License, Version 1.1. -Please, see the LICENSE.Flora file for Flora License, Version 1.1 terms and conditions. - diff --git a/cryptsvc.pc.in b/cryptsvc.pc.in index 81356ed..2cd5754 100644 --- a/cryptsvc.pc.in +++ b/cryptsvc.pc.in @@ -1,7 +1,7 @@ # Package Information for pkg-config prefix=@PREFIX@ -libdir=@LIB_INSTALL_DIR@ +libdir=@PREFIX@/lib includedir=@PREFIX@/include Name: @PC_NAME@ diff --git a/include/SecCryptoSvc.h b/include/SecCryptoSvc.h index d6d4a2b..94182f5 100755 --- a/include/SecCryptoSvc.h +++ b/include/SecCryptoSvc.h @@ -97,6 +97,17 @@ typedef enum {false, true} bool; #define HASH_LEN 20 //#define SEC_KEYMGR_FEK_SIZE 16 +/*------ Base64 Encoding Table ------*/ +static const char Base64EncodingTable[] = { + 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', + 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', + 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', + 'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f', + 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', + 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', + 'w', 'x', 'y', 'z', '0', '1', '2', '3', + '4', '5', '6', '7', '8', '9', '+', '/' +}; /** * This function provides Device UniqueKey for crypto with Hash @@ -107,6 +118,12 @@ typedef enum {false, true} bool; __attribute__((visibility("default"))) bool SecFrameGeneratePlatformUniqueKey(IN UINT32 uLen,IN OUT UINT8 *pCek); +__attribute__((visibility("default"))) +char* Base64Encoding(char* pData, int size); + +__attribute__((visibility("default"))) +char* GetDuid(int size); + #ifdef __cplusplus } #endif diff --git a/include/SecTzSvc.h b/include/SecTzSvc.h index 2b1d27a..5ac5886 100755 --- a/include/SecTzSvc.h +++ b/include/SecTzSvc.h @@ -34,6 +34,15 @@ typedef unsigned long TZCRYPT_UINT64; #define SHA256_DIGEST_VALUE_LEN 32 +/* Sec Crypto error code */ +#define SEC_CRYPTO_SUCCESS 0x00000000 +#define SEC_CRYPTO_ENCRYPT_ERROR 0x30000001 +#define SEC_CRYPTO_DECRYPT_ERROR 0x30000002 +#define SEC_CRYPTO_WRAPIDENTITY_ERROR 0x30000003 +#define SEC_CRYPTO_UNWRAPIDENTITY_ERROR 0x30000004 +#define SEC_CRYPTO_HASH_ERROR 0x30000005 +#define SEC_CRYPTO_GENERATE_KEY_ERROR 0x30000006 +#define SEC_CRYPTO_RETRIEVE_KEY_ERROR 0x30000007 /* * This function provides an encryption of user data. * diff --git a/include/tci.h b/include/tci.h deleted file mode 100755 index e27984c..0000000 --- a/include/tci.h +++ /dev/null @@ -1,54 +0,0 @@ -/* - * tci.h - * - * Created on: 05.05.2010 - * Author: galkag - * modified ckyu.han@samsung.com - */ - -#ifndef TCI_H_ -#define TCI_H_ - -#ifdef __cplusplus -extern "C" -{ -#endif - -/* -typedef unsigned int uint32_t; -typedef unsigned char uint8_t; -*/ - -typedef uint32_t tciCommandId_t; -typedef uint32_t tciResponseId_t; -typedef uint32_t tciReturnCode_t; - -/* Responses have bit 31 set */ -#define RSP_ID_MASK (1U << 31) -#define RSP_ID(cmdId) (((uint32_t)(cmdId)) | RSP_ID_MASK) -#define IS_CMD(cmdId) ((((uint32_t)(cmdId)) & RSP_ID_MASK) == 0) -#define IS_RSP(cmdId) ((((uint32_t)(cmdId)) & RSP_ID_MASK) == RSP_ID_MASK) - -/* Return codes of Trustlet commands. */ -#define RET_OK 0 /* Set, if processing is error free */ -#define RET_ERR_UNKNOWN_CMD 1 /* Unknown command */ -#define RET_CUSTOM_START 2 -#define RET_ERR_MAP 3 -#define RET_ERR_UNMAP 4 - -/* TCI command header. */ -typedef struct { - tciCommandId_t commandId; /* Command ID */ -} tciCommandHeader_t; - -/* TCI response header. */ -typedef struct { - tciResponseId_t responseId; /* Response ID (must be command ID | RSP_ID_MASK )*/ - tciReturnCode_t returnCode; /* Return code of command */ -} tciResponseHeader_t; - -#ifdef __cplusplus -} -#endif - -#endif /* TCI_H_ */ diff --git a/include/tlc_tzcrypt.h b/include/tlc_tzcrypt.h deleted file mode 100755 index a2c7892..0000000 --- a/include/tlc_tzcrypt.h +++ /dev/null @@ -1,112 +0,0 @@ -/* - * tlc_tzcrypto.h - * - */ - -#ifndef TLC_TZCRYPT_H_ -#define TLC_TZCRYPT_H_ - -#ifdef __cplusplus -extern "C" -{ -#endif -/* -typedef unsigned int TZCRYPT_Result; -typedef unsigned char TZCRYPT_UINT8; -typedef unsigned int TZCRYPT_UINT32; -typedef unsigned long TZCRYPT_UINT64; -*/ - -/* TLC error code */ -#define TZCRYPT_SUCCESS 0x00000000 -#define TZCRYPT_ERROR_INIT_FAILED 0x20000001 -#define TZCRYPT_ERROR_TERMINATE_FAILED 0x20000002 -#define TZCRYPT_ERROR_ENCRYPT_FAILED 0x20000003 -#define TZCRYPT_ERROR_DECRYPT_FAILED 0x20000004 -#define TZCRYPT_ERROR_WRAPIDENTITY_FAILED 0x20000005 -#define TZCRYPT_ERROR_UNWRAPIDENTITY_FAILED 0x20000006 -#define TZCRYPT_ERROR_HASH_FAILED 0x20000007 -#define TZCRYPT_ERROR_INVALID_PARAMETER 0x20000008 - -/* Sec Crypto error code */ -#define SEC_CRYPTO_SUCCESS 0x00000000 -#define SEC_CRYPTO_ENCRYPT_ERROR 0x30000001 -#define SEC_CRYPTO_DECRYPT_ERROR 0x30000002 -#define SEC_CRYPTO_WRAPIDENTITY_ERROR 0x30000003 -#define SEC_CRYPTO_UNWRAPIDENTITY_ERROR 0x30000004 -#define SEC_CRYPTO_HASH_ERROR 0x30000005 - -/* - * This function provides an encryption of user data. - * - * @param [in] Src : User data to be encrypted - * @param [in] SrcLen : Length of user data to be encrypted (multiple by chunk size, SIZE_CHUNK) - * @param [out] Dst : Encrypted data - * @param [out] *DstLen : a pointer to length of encrypted data (multiple by secure object size, SIZE_SECUREOBJECT) - * - * return TZCRYPT_SUCCESS if operation has been succesfully completed. (Refer to the previous TLC error code) - */ -TZCRYPT_Result TzCrypt_Encrypt(TZCRYPT_UINT8 *Src, TZCRYPT_UINT32 SrcLen, TZCRYPT_UINT8 *Dst, TZCRYPT_UINT32 *DstLen); - -/* - * This function provides an decryption of user data. - * - * @param [in] Src : Cipher data to be decrypted - * @param [in] SrcLen : Length of Cipher data to be decrypted (multiple by chunk size, SIZE_SECUREOBJECT) - * @param [out] Dst : Encrypted data - * @param [out] *DstLen : a pointer to length of encrypted data (multiple by secure object size, SIZE_CHUNK) - * - * return TZCRYPT_SUCCESS if operation has been succesfully completed. (Refer to the tlc error code) - */ -TZCRYPT_Result TzCrypt_Decrypt(TZCRYPT_UINT8 *Src, TZCRYPT_UINT32 SrcLen, TZCRYPT_UINT8 *Dst, TZCRYPT_UINT32 *DstLen); - -/* - * This function provides an hash of user data. - * - * @param [in] Src : Plain information - * @param [in] SrcLen : Length of Plain information - * @param [out] Dst : Hashed information - * @param [out] *DstLen : a pointer to length of hashed information - - * return TZCRYPT_SUCCESS if operation has been succesfully completed. (Refer to the tlc error code) - */ -TZCRYPT_Result TzCrypt_Hash(TZCRYPT_UINT8 *Src, TZCRYPT_UINT32 SrcLen, TZCRYPT_UINT8 *Dst, TZCRYPT_UINT32 *DstLen); - -/* - * This function provides an wrapping of App data. (+ include hash operation) - * - * @param [in] Src : Plain information - * @param [in] SrcLen : Length of Plain information - * @param [out] Dst : Wrapped information - * @param [out] *DstLen : a pointer to length of wrapped information - - * return TZCRYPT_SUCCESS if operation has been succesfully completed. (Refer to the tlc error code) - */ -TZCRYPT_Result TzCrypt_WrapIdentity(TZCRYPT_UINT8 *Src, TZCRYPT_UINT32 SrcLen, TZCRYPT_UINT8 *Dst, TZCRYPT_UINT32 *DstLen); - -/* - * This function provides an unwrapping of App data. (- exclude hash operation) - * - * @param [in] Src : Plain information - * @param [in] SrcLen : Length of Plain information - * @param [out] Dst : Wrapped information - * @param [out] *DstLen : a pointer to length of wrapped information - - * return TZCRYPT_SUCCESS if operation has been succesfully completed. (Refer to the tlc error code) - */ -TZCRYPT_Result TzCrypt_UnwrapIdentity(TZCRYPT_UINT8 *Src, TZCRYPT_UINT32 SrcLen, TZCRYPT_UINT8 *Dst, TZCRYPT_UINT32 *DstLen); - -/* - * This function provides the length of secure object from a given length of source data - * - * @param [in] SrcLen : Length of Plain information - * - * return TZCRYPT_UINT32 (size) if operation has been succesfully completed. - */ -TZCRYPT_UINT32 TzCrypt_GetSOLen(TZCRYPT_UINT32 SrcLen); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/include/tltzcrypt_api.h b/include/tltzcrypt_api.h deleted file mode 100755 index 6a56d97..0000000 --- a/include/tltzcrypt_api.h +++ /dev/null @@ -1,84 +0,0 @@ -/* - * - */ -#ifndef TLTZCRYPT_API_H_ -#define TLTZCRYPT_API_H_ - -#ifdef __cplusplus -extern "C" -{ -#endif - -#include "tci.h" - -/* Command ID's for communication Trustlet Connector -> Trustlet. */ -#define CMD_ENCRYPT_TZ_CRYPT 0x00000001 -#define CMD_DECRYPT_TZ_CRYPT 0x00000002 -#define CMD_WRAPIDENTITY_TZ_CRYPT 0x00000003 -#define CMD_UNWRAPIDENTITY_TZ_CRYPT 0x00000004 -#define CMD_HASH_TZ_CRYPT 0x00000005 - -/* Return codes */ -#define RET_TL_OK 0x00000000 - -/* Error codes */ -#define RET_ERR_ENCRYPT_TZ_CRYPT 0x10000001 -#define RET_ERR_DECRYPT_TZ_CRYPT 0x10000002 -#define RET_ERR_WRAPIDENTITY_TZ_CRYPT 0x10000003 -#define RET_ERR_UNWRAPIDENTITY_TZ_CRYPT 0x10000004 -#define RET_ERR_HASH_TZ_CRYPT 0x10000005 - -/* Termination codes */ -#define EXIT_ERROR ((uint32_t)(-1)) - -#define SIZE_CHUNK 1024 -#define SIZE_SECUREOBJECT 1116 // SO SIZE for 1024 byte (predefined) -#define SIZE_HASHAPPIDENTITY 32 -#define SIZE_WRAPAPPIDENTITY 124 - -/* TCI message data. */ -typedef struct { - uint32_t id; - //uint32_t data_len; - //uint8_t *data_ptr; - //uint8_t data[MAX_DATA_LEN]; -} tci_cmd_t; - -typedef struct { - uint32_t id; - uint32_t return_code; - //uint32_t data_len; - //uint8_t *data_ptr; - //uint8_t data[MAX_DATA_LEN]; -} tci_resp_t; - - -typedef union { - uint8_t input_data[SIZE_CHUNK]; - uint8_t output_data[SIZE_SECUREOBJECT]; -} buffer_t; - -typedef union { - uint8_t hash_identity[SIZE_HASHAPPIDENTITY]; - uint8_t wrap_identity[SIZE_WRAPAPPIDENTITY]; -} identity_t; - -typedef struct { - union { - tci_cmd_t cmd; /* Command message structure */ - tci_resp_t resp; /* Response message structure */ - }; - uint32_t pData; - uint32_t pLen; - uint32_t cData; - uint32_t cLen; -} tciMessage_t; - -/* Trustlet UUID. */ -#define TL_TZ_CRYPT_UUID { { 0xff, 0xff, 0xff, 0xff, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 7 } } - -#ifdef __cplusplus -} -#endif - -#endif /* TLTZCRYPT_API_H_ */ diff --git a/libs/libDeviceInfo.a b/libs/libDeviceInfo.a Binary files differdeleted file mode 100755 index 431359f..0000000 --- a/libs/libDeviceInfo.a +++ /dev/null diff --git a/libs/libtzcrypt.a b/libs/libtzcrypt.a Binary files differdeleted file mode 100755 index d052e49..0000000 --- a/libs/libtzcrypt.a +++ /dev/null diff --git a/srcs/SecCryptoSvc.c b/srcs/SecCryptoSvc.c index 9ce42a3..8d03381 100755 --- a/srcs/SecCryptoSvc.c +++ b/srcs/SecCryptoSvc.c @@ -27,6 +27,97 @@ #include <openssl/rand.h> #include <openssl/sha.h> #include <dlog.h> +#include <fcntl.h> +#include <unistd.h> + +#define SYS_SECBOOT_DEV_ID_LEN 16 +#define NAND_CID_NAME "/sys/block/mmcblk0/device/cid" +#define NAND_CID_SIZE 32 + + +static int __AsciiToHex(const char AsciiHexUpper,const char AsciiHexLower) +{ + char hexReturn=0; + + //First convert upper hex ascii value + if(AsciiHexUpper >= '0' && AsciiHexUpper <= '9') + hexReturn= (AsciiHexUpper - '0')*16; + else if(AsciiHexUpper >= 'A' && AsciiHexUpper <= 'F') + hexReturn= ((AsciiHexUpper - 'A')+10)*16; + else if(AsciiHexUpper >= 'a' && AsciiHexUpper <= 'f') + hexReturn= ((AsciiHexUpper - 'a')+10)*16; + + //Convert lower hex ascii value + if(AsciiHexLower >= '0' && AsciiHexLower <= '9') + hexReturn= hexReturn + (AsciiHexLower - '0'); + else if(AsciiHexLower >= 'A' && AsciiHexLower <= 'F') + hexReturn= hexReturn + (AsciiHexLower - 'A')+10; + else if(AsciiHexLower >= 'a' && AsciiHexLower <= 'f') + hexReturn= hexReturn + (AsciiHexLower - 'a')+10; + + return hexReturn; +} + +bool +OemNandInfoUID(unsigned char* pUID, int nBufferSize) +{ + int fd = 0; + char szCID[NAND_CID_SIZE+1] = {0,}; + + memset(pUID, 0x0, nBufferSize); + + fd = open(NAND_CID_NAME, O_RDONLY); + if (fd < 0) + { + printf("cid open error!\n"); + return false; + } + + if(read(fd, szCID, NAND_CID_SIZE) == -1) + { + printf("cid read fail!!\n"); + close(fd); + return false; + } + + //manufacturer_id + pUID[0] = __AsciiToHex((const char)szCID[0],(const char)szCID[1]); + //oem_id + pUID[4] = __AsciiToHex((const char)szCID[4],(const char)szCID[5]); + //prod_rev + pUID[8] = __AsciiToHex((const char)szCID[18],(const char)szCID[19]); + //serial + pUID[15] = __AsciiToHex((const char)szCID[20],(const char)szCID[21]); + pUID[14] = __AsciiToHex((const char)szCID[22],(const char)szCID[23]); + pUID[13] = __AsciiToHex((const char)szCID[24],(const char)szCID[25]); + pUID[12] = __AsciiToHex((const char)szCID[26],(const char)szCID[27]); + + // random permutation + pUID[1] = __AsciiToHex((const char)szCID[2],(const char)szCID[3]); + pUID[2] = __AsciiToHex((const char)szCID[6],(const char)szCID[7]); + pUID[3] = __AsciiToHex((const char)szCID[8],(const char)szCID[9]); + + pUID[5] = __AsciiToHex((const char)szCID[10],(const char)szCID[11]); + pUID[6] = __AsciiToHex((const char)szCID[12],(const char)szCID[13]); + pUID[7] = __AsciiToHex((const char)szCID[14],(const char)szCID[15]); + + pUID[9] = __AsciiToHex((const char)szCID[16],(const char)szCID[17]); + pUID[10] = __AsciiToHex((const char)szCID[28],(const char)szCID[29]); + pUID[11] = __AsciiToHex((const char)szCID[30],(const char)szCID[31]); + //printf(" UID : %8X %8X %8X %8X\n", *(int*)pUID, *(int*)(pUID+4), *(int*)(pUID+8), *(int*)(pUID+12)); + + close(fd); + return true; +} + +void SysSecBootGetDeviceUniqueKey(unsigned char* pUniquekey) +{ + bool result = OemNandInfoUID(pUniquekey, SYS_SECBOOT_DEV_ID_LEN); + if(result != true){ + printf("SysSecBootGetDeviceUniqueKey is failed"); + memcpy(pUniquekey, 0x00, SYS_SECBOOT_DEV_ID_LEN); + } +} bool SecFrameGeneratePlatformUniqueKey(IN UINT32 uLen, IN OUT UINT8 *pCek) { @@ -87,4 +178,42 @@ ERR: return bResult; } +char* Base64Encoding(char* pData, int size) +{ + char* pEncodedBuf = NULL; + char* pPointer = NULL; + char* pLength = NULL; + unsigned char pInput[3] = {0,0,0}; + unsigned char poutput[4] = {0,0,0,0}; + int index = 0; + int loopCnt = 0; + int stringCnt = 0; + int sizeEncodedString = 0; + + pLength = pData + size - 1; + sizeEncodedString = (4 * (size / 3)) + (size % 3? 4 : 0) + 1; + pEncodedBuf = (char*)calloc(sizeEncodedString, sizeof(char)); + + for (loopCnt = 0, pPointer = pData; pPointer <= pLength; loopCnt++, pPointer++) { + index = loopCnt % 3; + pInput[index] = *pPointer; + + if (index == 2 || pPointer == pLength) { + poutput[0] = ((pInput[0] & 0xFC) >> 2); + poutput[1] = ((pInput[0] & 0x3) << 4) | ((pInput[1] & 0xF0) >> 4); + poutput[2] = ((pInput[1] & 0xF) << 2) | ((pInput[2] & 0xC0) >> 6); + poutput[3] = (pInput[2] & 0x3F); + pEncodedBuf[stringCnt++] = Base64EncodingTable[poutput[0]]; + pEncodedBuf[stringCnt++] = Base64EncodingTable[poutput[1]]; + pEncodedBuf[stringCnt++] = index == 0? '=' : Base64EncodingTable[poutput[2]]; + pEncodedBuf[stringCnt++] = index < 2? '=' : Base64EncodingTable[poutput[3]]; + + pInput[0] = pInput[1] = pInput[2] = 0; + } + } + + pEncodedBuf[stringCnt] = '\0'; + + return pEncodedBuf; +} diff --git a/srcs/SecTzSvc.c b/srcs/SecTzSvc.c deleted file mode 100755 index b12fb9f..0000000 --- a/srcs/SecTzSvc.c +++ /dev/null @@ -1,204 +0,0 @@ -/* - * libTzSvc - encryption and decryption with the TZ-based HW key - * - * Copyright (c) 2000 - 2013 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -#include <string.h> -#include <unistd.h> -#include <fcntl.h> -#include <dlog.h> - -#include <sys/ioctl.h> -#include <sys/time.h> -#include <sys/mman.h> -#include <sys/stat.h> -#include <openssl/sha.h> -#include <openssl/evp.h> -#include <openssl/aes.h> -#include <openssl/crypto.h> - -#include "SecTzSvc.h" -#include "SecCryptoSvc.h" -#include "tlc_tzcrypt.h" -#include "tltzcrypt_api.h" - -#define LOG_TAG "tlcTzCrypt" -#ifndef CRYPTOSVC_TZ -#define SIZE_CHUNK 1024 -#define SIZE_SECUREOBJECT 1116 -#define KEY_SIZE 16 -#endif - -unsigned char* AES_Crypto(unsigned char* p_text, unsigned char* c_text, unsigned char* aes_key, unsigned char* iv, int mode, unsigned long size) -{ - AES_KEY e_key, d_key; - - AES_set_encrypt_key(aes_key, 128, &e_key); - AES_set_decrypt_key(aes_key, 128, &d_key); - - if(mode == 1) - { - AES_cbc_encrypt(p_text, c_text, size, &e_key, iv, AES_ENCRYPT); - return c_text; - } - else - { - AES_cbc_encrypt(c_text, p_text, size, &d_key, iv, AES_DECRYPT); - return p_text; - } -} -TZCRYPT_Result SecEncryptTZCrypt(TZCRYPT_UINT8 *Src, TZCRYPT_UINT32 SrcLen, TZCRYPT_UINT8 *Dst, TZCRYPT_UINT32 *DstLen, TZCRYPT_UINT8 *AppInfo, TZCRYPT_UINT32 AppInfoLen, TZCRYPT_UINT8 *WrapAppInfo, TZCRYPT_UINT32 *WrapAppInfoLen) -{ - - TZCRYPT_Result ret = SEC_CRYPTO_ENCRYPT_ERROR; -#ifndef CRYPTOSVC_TZ - int outLen = 0; - unsigned char key[KEY_SIZE] = {0,}; - unsigned char hashOut[SHA_DIGEST_LENGTH] = {0,}; - unsigned char iv[] = {0x3E, 0xB5, 0x01, 0x45, 0xE4, 0xF8, 0x75, 0x3F, 0x08, 0x9D, 0x9F, 0x57, 0x3B, 0x63, 0xEF, 0x4B }; -#endif - -#ifdef CRYPTOSVC_TZ - if(SrcLen % SIZE_CHUNK != 0 || *DstLen % SIZE_SECUREOBJECT != 0){ - LOGE("Plain chunk size :: Test for Encryption of TZ Crypt failed!!! [Return Value] = %.8x\n", ret); - LOGE("source length = %d, destination length = %d\n", SrcLen, *DstLen); - return ret; - } -#endif - - LOGI("Start Encryption of TZ Crypt!\n"); - -#ifdef CRYPTOSVC_TZ - ret = TzCrypt_WrapIdentity(AppInfo, AppInfoLen, WrapAppInfo, WrapAppInfoLen); - if (ret) { - LOGE("Failed to wrap AppInfo of TZ [Return Value] = %.8x\n", ret); - return SEC_CRYPTO_WRAPIDENTITY_ERROR; - } - ret = TzCrypt_Encrypt(Src, SrcLen, Dst, DstLen); - if (ret) { - LOGE("Test for Encryption of TZ Crypt failed!!! [Return Value] = %.8x\n", ret); - return SEC_CRYPTO_ENCRYPT_ERROR; - } -#else - if(!SecFrameGeneratePlatformUniqueKey(KEY_SIZE, key)) - { - LOGE("Failed to generate device unique key\n"); - return SEC_CRYPTO_ENCRYPT_ERROR; - } - if(AES_Crypto(Src, Dst, key, iv, 1, SrcLen) == NULL) - { - LOGE("Failed to encrypt data \n"); - return SEC_CRYPTO_ENCRYPT_ERROR; - } - *DstLen = SrcLen; - EVP_Digest(AppInfo, AppInfoLen, hashOut, (unsigned int*)&outLen, EVP_sha1(), NULL); - *WrapAppInfoLen = outLen; - memcpy(WrapAppInfo, hashOut, *WrapAppInfoLen); -#endif - LOGI("Encryption of TZ Crypt is Success! [Return Value] = %.8x\n", ret); - - return SEC_CRYPTO_SUCCESS; -} - -TZCRYPT_Result SecDecryptTZCrypt(TZCRYPT_UINT8 *Src, TZCRYPT_UINT32 SrcLen, TZCRYPT_UINT8 *Dst, TZCRYPT_UINT32 *DstLen, TZCRYPT_UINT8 *AppInfo, TZCRYPT_UINT32 AppInfoLen, TZCRYPT_UINT8 *WrapAppInfo, TZCRYPT_UINT32 WrapAppInfoLen) -{ - TZCRYPT_Result ret = SEC_CRYPTO_DECRYPT_ERROR; -#ifndef CRYPTOSVC_TZ - int outLen = 0; - unsigned char key[KEY_SIZE] = {0,}; - unsigned char hashOut[SHA_DIGEST_LENGTH] = {0,}; - unsigned char iv[] = {0x3E, 0xB5, 0x01, 0x45, 0xE4, 0xF8, 0x75, 0x3F, 0x08, 0x9D, 0x9F, 0x57, 0x3B, 0x63, 0xEF, 0x4B }; -#endif -#ifdef CRYPTOSVC_TZ - if(SrcLen % SIZE_SECUREOBJECT != 0 ){ - LOGE("Ciphertext chunk size :: Test for Encryption of TZ Crypt failed!!! [Return Value] = %.8x\n", ret); - return ret; - } - - if(WrapAppInfoLen != SIZE_WRAPAPPIDENTITY){ - LOGE("Wrapped App Identity Size :: failed!!! [Return Value] = %.8x\n", ret); - return ret; - } - - TZCRYPT_UINT8 *unwrapData = NULL; - TZCRYPT_UINT32 unwrapDatalen = SIZE_HASHAPPIDENTITY; - unwrapData = (TZCRYPT_UINT8 *)malloc(unwrapDatalen); - - ret = TzCrypt_UnwrapIdentity(WrapAppInfo, WrapAppInfoLen, unwrapData, &unwrapDatalen); - if (ret) { - LOGE("Test for Unwrap AppInfo of TZ Crypt failed!!! [Return Value] = %.8x\n", ret); - return SEC_CRYPTO_UNWRAPIDENTITY_ERROR; - } - LOGI("Unwrap AppInfo of TZ Crypt is Success! [Return Value] = %.8x\n", ret); - - TZCRYPT_UINT8 *hashData = NULL; - TZCRYPT_UINT32 hashDatalen = SIZE_HASHAPPIDENTITY; - hashData = (TZCRYPT_UINT8 *)malloc(hashDatalen); - - ret = TzCrypt_Hash(AppInfo, AppInfoLen, hashData, &hashDatalen); - if (ret) { - LOGE("Test for Hash AppInfo of TZ Crypt failed!!! [Return Value] = %.8x\n", ret); - return SEC_CRYPTO_HASH_ERROR; - } - - if( 0 != memcmp(unwrapData, hashData, hashDatalen) || hashDatalen != unwrapDatalen){ - LOGE("App Info Identity is NOT same as hash Info of a given Identity\n"); - return SEC_CRYPTO_HASH_ERROR; - } - - LOGI("Start Decryption of TZ Crypt!\n"); - ret = TzCrypt_Decrypt(Src, SrcLen, Dst, DstLen); - if (ret) { - LOGE("Test for Decryption of TZ Crypt failed!!! [Return Value] = %.8x\n", ret); - return SEC_CRYPTO_DECRYPT_ERROR; - } -#else - if(!SecFrameGeneratePlatformUniqueKey(KEY_SIZE, key)) - { - LOGE("Failed to generate device unique key\n"); - return SEC_CRYPTO_DECRYPT_ERROR; - } - - EVP_Digest(AppInfo, AppInfoLen, hashOut, (unsigned int*)&outLen, EVP_sha1(), NULL); - - if( 0 != memcmp(WrapAppInfo, hashOut, outLen) || outLen != WrapAppInfoLen){ - LOGE("AppInfo Identifier Information is wrong\n"); - return SEC_CRYPTO_HASH_ERROR; - } - - if(AES_Crypto(Dst, Src, key, iv, 0, SrcLen) == NULL) - { - LOGE("Failed to decrypt data \n"); - return SEC_CRYPTO_DECRYPT_ERROR; - } - *DstLen = SrcLen; - -#endif - LOGI("Test for Decryption of TZ Crypt is Success! [Return Value] = %.8x\n", ret); - - return SEC_CRYPTO_SUCCESS; -} - -TZCRYPT_UINT32 SecGetCipherLen(TZCRYPT_UINT32 srclen) -{ -#ifdef CRYPTOSVC_TZ - TZCRYPT_UINT32 cipherLength = TzCrypt_GetSOLen(srclen); -#else - int cipherLength = (srclen / EVP_aes_128_cbc()->block_size + 1) * EVP_aes_128_cbc()->block_size; -#endif - return cipherLength; -} |