merge with master

13 files changed, 669 insertions, 93 deletions

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 9a76bdd..e688dcf 100644..100755
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -42,7 +42,7 @@ SET(libcryptsvc_CPPFLAGS " -DPIC ")
 ADD_LIBRARY(${PROJECT_NAME} SHARED ${SRCS})
 
 IF("${ARCH}" MATCHES "arm")
-TARGET_LINK_LIBRARIES(${PROJECT_NAME} ${pkgs_LDFLAGS} -ldl -lssl -lcrypto -L./libs -lShpSec)
+TARGET_LINK_LIBRARIES(${PROJECT_NAME} ${pkgs_LDFLAGS} -ldl -lssl -lcrypto -L./libs -lDeviceInfo)
 ELSEIF("${ARCH}" MATCHES "x86")
 TARGET_LINK_LIBRARIES(${PROJECT_NAME} ${pkgs_LDFLAGS} -ldl -lssl -lcrypto)
 ENDIF("${ARCH}" MATCHES "arm")
@@ -57,6 +57,35 @@ SET_TARGET_PROPERTIES(
 ##################################################################################################################
 
 ##################################################################################################################
+# for libtzsvc.so
+SET(SRCS_TZ
+	${source_dir}/SecCryptoSvc.c
+	${source_dir}/SecTzSvc.c
+)
+
+SET(libtzsvc_LDFLAGS " -module -avoid-version ${pkgs_LDFLAGS} ")
+SET(libtzsvc_CFLAGS " ${CFLAGS} -fvisibility=hidden -g -fPIC -I${CMAKE_CURRENT_SOURCE_DIR}/include ")
+SET(libtzsvc_CPPFLAGS " -DPIC ")
+
+SET(LIBTZ_SO "tzsvc")
+ADD_LIBRARY(${LIBTZ_SO} SHARED ${SRCS_TZ})
+
+IF("${ARCH}" MATCHES "arm")
+TARGET_LINK_LIBRARIES(${LIBTZ_SO} ${pkgs_LDFLAGS} -ldl -lssl -lcrypto -L./libs -lDeviceInfo)
+ELSEIF("${ARCH}" MATCHES "x86")
+TARGET_LINK_LIBRARIES(${LIBTZ_SO} ${pkgs_LDFLAGS} -ldl -lssl -lcrypto)
+ENDIF("${ARCH}" MATCHES "arm")
+
+SET_TARGET_PROPERTIES(
+	${LIBTZ_SO}
+	PROPERTIES
+	SOVERSION 0
+	VERSION 0.0.0
+)
+##################################################################################################################
+
+
+##################################################################################################################
 # for module_test
 #SET(module_test_SOURCES
 	#${test_dir}/module_test.c
@@ -83,6 +112,7 @@ ENDIF("${ARCH}" MATCHES "arm")
 CONFIGURE_FILE(${PROJECT_NAME}.pc.in ${PROJECT_NAME}.pc)
 INSTALL(FILES ${PROJECT_NAME}.pc DESTINATION lib/pkgconfig)
 INSTALL(TARGETS ${PROJECT_NAME} DESTINATION lib)
+INSTALL(TARGETS ${LIBTZ_SO} DESTINATION lib)
 INSTALL(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/include/ DESTINATION /usr/include)
 
 ADD_DEFINITIONS(-D_bool_cryptsvc)
diff --git a/NOTICE b/NOTICE
index e96466a..326d67b 100755
--- a/NOTICE
+++ b/NOTICE
@@ -2,5 +2,9 @@ Copyright (c) Samsung Electronics Co., Ltd. All rights reserved.
 Except as noted, this software is licensed under Apache License, Version 2.
 Please, see the LICENSE.APLv2 file for Apache License terms and conditions.
 
-libShpSec.a file is licensed under Flora License, Version 1.
+libDeviceInfo.a file is licensed under Flora License, Version 1.
 Please, see the LICENSE.Flora file for Flora License, Version 1 terms and conditions.
+
+libtzcrypt.a file is licensed under Flora License, Version 1.
+Please, see the LICENSE.Flora file for Flora License, Version 1 terms and conditions.
+
diff --git a/cryptsvc.pc.in b/cryptsvc.pc.in
index f5cf256..eb94648 100755
--- a/cryptsvc.pc.in
+++ b/cryptsvc.pc.in
@@ -6,6 +6,6 @@ Name: libcryptsvc
 Description:nothing 
 Version: 0.0.1
 Requires: openssl  
-Libs: -L${libdir} -lcryptsvc
+Libs: -L${libdir} -lcryptsvc -ltzsvc
 Cflags: -I${includedir}
  
diff --git a/include/SecCryptoSvc.h b/include/SecCryptoSvc.h
index 13ef3c3..d6d4a2b 100755
--- a/include/SecCryptoSvc.h
+++ b/include/SecCryptoSvc.h
@@ -92,6 +92,7 @@ typedef enum {false, true} bool;
 //#define SEC_CRYPTP_ARR_LENGTH		1024
 #define SEC_FRAME_OSP_KEY		"uniqueKey"
 //#define SHA1_DIGEST_VALUE_LEN		20
+#define SHA256_DIGEST_VALUE_LEN		32
 //#define KDF_KEYLEN			16
 #define HASH_LEN			20
 //#define SEC_KEYMGR_FEK_SIZE		16
diff --git a/include/SecTzSvc.h b/include/SecTzSvc.h
new file mode 100755
index 0000000..ee107ea
--- /dev/null
+++ b/include/SecTzSvc.h
@@ -0,0 +1,86 @@
+/*
+ * libcryptsvc - device unique key
+ *
+ * Copyright (c) 2000 - 2013 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef _SEC_TZ_SVC_H
+#define _SEC_TZ_SVC_H
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+typedef unsigned int uint32_t;
+typedef unsigned char uint8_t;
+typedef unsigned int    TZCRYPT_Result;
+typedef unsigned char   TZCRYPT_UINT8;
+typedef unsigned int    TZCRYPT_UINT32;
+typedef unsigned long   TZCRYPT_UINT64;
+
+#define SHA256_DIGEST_VALUE_LEN         32
+
+/*
+ * This function provides an encryption of user data. 
+ *
+ * @param [in] Src  : User data to be encrypted 
+ * @param [in] SrcLen : Length of user data to be encrypted (multiple by chunk size, SIZE_CHUNK)
+ * @param [out] Dst : Encrypted data
+ * @param [out] *DstLen : a pointer to length of encrypted data (multiple by secure object size, SIZE_SECUREOBJECT)
+ * @param [in] AppInfo : Application information
+ * @param [in] AppInfoLen : Length of Application information
+ * @param [out] WrapAppInfo : Hashed and wrapped Application Information  as an identifier
+ * @param [out] *WrapAppInfo : a pointer to length of hashed and wraped Application Information  as an identifier
+ *
+ * return SEC_CRYPTO_SUCCESS if operation has been succesfully completed. (Refer to the tlc error code)
+ */
+__attribute__((visibility("default")))
+TZCRYPT_Result SecEncryptTZCrypt(TZCRYPT_UINT8 *Src, TZCRYPT_UINT32 SrcLen, TZCRYPT_UINT8 *Dst, TZCRYPT_UINT32 *DstLen, TZCRYPT_UINT8 *AppInfo, TZCRYPT_UINT32 AppInfoLen, TZCRYPT_UINT8 *WrapAppInfo, TZCRYPT_UINT32 *WrapAppInfoLen);
+
+/*
+ * This function provides an decryption of user data.
+ *
+ * @param [in] Src  : Cipher data to be decrypted
+ * @param [in] SrcLen : Length of Cipher data to be decrypted (multiple by chunk size, SIZE_SECUREOBJECT)
+ * @param [out] Dst : Encrypted data
+ * @param [out] *DstLen : a pointer to length of encrypted data (multiple by secure object size, SIZE_CHUNK)
+ * @param [in] AppInfo : Application information
+ * @param [in] AppInfoLen : Length of Application information
+ * @param [in] WrapAppInfo : Hashed and wrapped Application Information  as an identifier
+ * @param [in] WrapAppInfo : Length of hashed and wraped Application Information  as an identifier
+ *
+ * return SEC_CRYPTO_SUCCESS if operation has been succesfully completed. (Refer to the tlc error code)
+ * If a given application information (identifier) is wrong, then return UNIT_TEXT_HASH_ERROR
+ */
+__attribute__((visibility("default")))
+TZCRYPT_Result SecDecryptTZCrypt(TZCRYPT_UINT8 *Src, TZCRYPT_UINT32 SrcLen, TZCRYPT_UINT8 *Dst, TZCRYPT_UINT32 *DstLen, TZCRYPT_UINT8 *AppInfo, TZCRYPT_UINT32 AppInfoLen, TZCRYPT_UINT8 *WrapAppInfo, TZCRYPT_UINT32 WrapAppInfoLen);
+
+/*
+ * This function provides the length of a given src len
+ *
+ * @param [in] source length
+ *
+ * return length of cipher text
+ */
+__attribute__((visibility("default")))
+TZCRYPT_UINT32 SecGetCipherLen(TZCRYPT_UINT32 srclen);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/include/tci.h b/include/tci.h
new file mode 100755
index 0000000..e27984c
--- /dev/null
+++ b/include/tci.h
@@ -0,0 +1,54 @@
+/*
+ * tci.h
+ *
+ *  Created on: 05.05.2010
+ *      Author: galkag
+ *	modified ckyu.han@samsung.com
+ */
+
+#ifndef TCI_H_
+#define TCI_H_
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+/*
+typedef unsigned int uint32_t;
+typedef unsigned char uint8_t;
+*/
+
+typedef uint32_t tciCommandId_t;
+typedef uint32_t tciResponseId_t;
+typedef uint32_t tciReturnCode_t;
+
+/* Responses have bit 31 set */
+#define RSP_ID_MASK (1U << 31)
+#define RSP_ID(cmdId) (((uint32_t)(cmdId)) | RSP_ID_MASK)
+#define IS_CMD(cmdId) ((((uint32_t)(cmdId)) & RSP_ID_MASK) == 0)
+#define IS_RSP(cmdId) ((((uint32_t)(cmdId)) & RSP_ID_MASK) == RSP_ID_MASK)
+
+/* Return codes of Trustlet commands. */
+#define RET_OK              0            /* Set, if processing is error free */
+#define RET_ERR_UNKNOWN_CMD 1            /* Unknown command */
+#define RET_CUSTOM_START    2
+#define RET_ERR_MAP         3
+#define RET_ERR_UNMAP       4
+
+/* TCI command header. */
+typedef struct {
+	tciCommandId_t commandId;	/* Command ID */
+} tciCommandHeader_t;
+
+/* TCI response header. */
+typedef struct {
+	tciResponseId_t     responseId;		/* Response ID (must be command ID | RSP_ID_MASK )*/
+	tciReturnCode_t     returnCode;		/* Return code of command */
+} tciResponseHeader_t;
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* TCI_H_ */
diff --git a/include/tlc_tzcrypt.h b/include/tlc_tzcrypt.h
new file mode 100755
index 0000000..7234cb1
--- /dev/null
+++ b/include/tlc_tzcrypt.h
@@ -0,0 +1,112 @@
+/*
+ * tlc_tzcrypto.h
+ *
+ */
+
+#ifndef TLC_TZCRYPT_H_
+#define TLC_TZCRYPT_H_
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+/*
+typedef unsigned int	TZCRYPT_Result;
+typedef unsigned char	TZCRYPT_UINT8;
+typedef unsigned int	TZCRYPT_UINT32;
+typedef unsigned long	TZCRYPT_UINT64;
+*/
+
+/* TLC error code */
+#define TZCRYPT_SUCCESS					0x00000000
+#define TZCRYPT_ERROR_INIT_FAILED			0x20000001
+#define TZCRYPT_ERROR_TERMINATE_FAILED			0x20000002
+#define TZCRYPT_ERROR_ENCRYPT_FAILED			0x20000003
+#define TZCRYPT_ERROR_DECRYPT_FAILED			0x20000004
+#define TZCRYPT_ERROR_WRAPIDENTITY_FAILED			0x20000005
+#define TZCRYPT_ERROR_UNWRAPIDENTITY_FAILED			0x20000006
+#define TZCRYPT_ERROR_HASH_FAILED			0x20000007
+#define TZCRYPT_ERROR_INVALID_PARAMETER			0x20000008
+
+/* Sec Crypto error code */
+#define SEC_CRYPTO_SUCCESS				0x00000000
+#define SEC_CRYPTO_ENCRYPT_ERROR				0x30000001
+#define SEC_CRYPTO_DECRYPT_ERROR				0x30000002
+#define SEC_CRYPTO_WRAPIDENTITY_ERROR				0x30000003
+#define SEC_CRYPTO_UNWRAPIDENTITY_ERROR				0x30000004
+#define SEC_CRYPTO_HASH_ERROR				0x30000005
+
+/*
+ * This function provides an encryption of user data. 
+ *
+ * @param [in] Src  : User data to be encrypted 
+ * @param [in] SrcLen : Length of user data to be encrypted (multiple by chunk size, SIZE_CHUNK)
+ * @param [out] Dst : Encrypted data
+ * @param [out] *DstLen : a pointer to length of encrypted data (multiple by secure object size, SIZE_SECUREOBJECT)
+ *
+ * return TZCRYPT_SUCCESS if operation has been succesfully completed. (Refer to the previous TLC error code)
+ */
+TZCRYPT_Result TzCrypt_Encrypt(TZCRYPT_UINT8 *Src, TZCRYPT_UINT32 SrcLen, TZCRYPT_UINT8 *Dst, TZCRYPT_UINT32 *DstLen);
+
+/*
+ * This function provides an decryption of user data.
+ *
+ * @param [in] Src  : Cipher data to be decrypted
+ * @param [in] SrcLen : Length of Cipher data to be decrypted (multiple by chunk size, SIZE_SECUREOBJECT)
+ * @param [out] Dst : Encrypted data
+ * @param [out] *DstLen : a pointer to length of encrypted data (multiple by secure object size, SIZE_CHUNK)
+ *
+ * return TZCRYPT_SUCCESS if operation has been succesfully completed. (Refer to the tlc error code)
+ */
+TZCRYPT_Result TzCrypt_Decrypt(TZCRYPT_UINT8 *Src, TZCRYPT_UINT32 SrcLen, TZCRYPT_UINT8 *Dst, TZCRYPT_UINT32 *DstLen);
+
+/*
+ * This function provides an hash of user data.
+ *
+ * @param [in] Src : Plain information
+ * @param [in] SrcLen : Length of Plain information
+ * @param [out] Dst : Hashed information
+ * @param [out] *DstLen : a pointer to length of hashed information
+
+ * return TZCRYPT_SUCCESS if operation has been succesfully completed. (Refer to the tlc error code)
+ */
+TZCRYPT_Result TzCrypt_Hash(TZCRYPT_UINT8 *Src, TZCRYPT_UINT32 SrcLen, TZCRYPT_UINT8 *Dst, TZCRYPT_UINT32 *DstLen);
+
+/*
+ * This function provides an wrapping of App data. (+ include hash operation)
+ *
+ * @param [in] Src : Plain information
+ * @param [in] SrcLen : Length of Plain information
+ * @param [out] Dst : Wrapped information
+ * @param [out] *DstLen : a pointer to length of wrapped information
+
+ * return TZCRYPT_SUCCESS if operation has been succesfully completed. (Refer to the tlc error code)
+ */
+TZCRYPT_Result TzCrypt_WrapIdentity(TZCRYPT_UINT8 *Src, TZCRYPT_UINT32 SrcLen, TZCRYPT_UINT8 *Dst, TZCRYPT_UINT32 *DstLen);
+
+/*
+ * This function provides an unwrapping of App data. (- exclude hash operation)
+ *
+ * @param [in] Src : Plain information
+ * @param [in] SrcLen : Length of Plain information
+ * @param [out] Dst : Wrapped information
+ * @param [out] *DstLen : a pointer to length of wrapped information
+
+ * return TZCRYPT_SUCCESS if operation has been succesfully completed. (Refer to the tlc error code)
+ */
+TZCRYPT_Result TzCrypt_UnwrapIdentity(TZCRYPT_UINT8 *Src, TZCRYPT_UINT32 SrcLen, TZCRYPT_UINT8 *Dst, TZCRYPT_UINT32 *DstLen);
+
+/*
+ * This function provides the length of secure object from a given length of source data
+ *
+ * @param [in] SrcLen : Length of Plain information
+ *
+ * return TZCRYPT_UINT32 (size) if operation has been succesfully completed.
+ */
+TZCRYPT_UINT32 TzCrypt_GetSOLen(TZCRYPT_UINT32 SrcLen);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/include/tltzcrypt_api.h b/include/tltzcrypt_api.h
new file mode 100755
index 0000000..6a56d97
--- /dev/null
+++ b/include/tltzcrypt_api.h
@@ -0,0 +1,84 @@
+/*
+ *
+ */
+#ifndef TLTZCRYPT_API_H_
+#define TLTZCRYPT_API_H_
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+#include "tci.h"
+
+/* Command ID's for communication Trustlet Connector -> Trustlet. */
+#define CMD_ENCRYPT_TZ_CRYPT		0x00000001
+#define CMD_DECRYPT_TZ_CRYPT		0x00000002
+#define CMD_WRAPIDENTITY_TZ_CRYPT			0x00000003
+#define CMD_UNWRAPIDENTITY_TZ_CRYPT			0x00000004
+#define CMD_HASH_TZ_CRYPT				0x00000005
+
+/* Return codes */
+#define	RET_TL_OK			0x00000000
+
+/* Error codes */
+#define RET_ERR_ENCRYPT_TZ_CRYPT	0x10000001
+#define RET_ERR_DECRYPT_TZ_CRYPT	0x10000002
+#define RET_ERR_WRAPIDENTITY_TZ_CRYPT		0x10000003
+#define RET_ERR_UNWRAPIDENTITY_TZ_CRYPT		0x10000004
+#define RET_ERR_HASH_TZ_CRYPT		0x10000005
+
+/* Termination codes */
+#define EXIT_ERROR                      ((uint32_t)(-1))
+
+#define SIZE_CHUNK		1024
+#define SIZE_SECUREOBJECT	1116	// SO SIZE for 1024 byte (predefined)
+#define SIZE_HASHAPPIDENTITY		32
+#define SIZE_WRAPAPPIDENTITY		124
+
+/* TCI message data. */
+typedef struct {
+	uint32_t	id;
+	//uint32_t	data_len;
+	//uint8_t	*data_ptr;
+	//uint8_t	data[MAX_DATA_LEN];
+} tci_cmd_t;
+
+typedef struct {
+	uint32_t	id;
+	uint32_t	return_code;
+	//uint32_t	data_len;
+	//uint8_t	*data_ptr;
+	//uint8_t	data[MAX_DATA_LEN];
+} tci_resp_t;
+
+
+typedef union {
+	uint8_t input_data[SIZE_CHUNK];
+        uint8_t output_data[SIZE_SECUREOBJECT];
+} buffer_t;
+
+typedef union {
+	uint8_t hash_identity[SIZE_HASHAPPIDENTITY];
+	uint8_t wrap_identity[SIZE_WRAPAPPIDENTITY];
+} identity_t;
+
+typedef struct {
+	union {
+		tci_cmd_t			cmd;			/* Command message structure */
+		tci_resp_t			resp;			/* Response message structure */
+	};
+	uint32_t pData;
+	uint32_t pLen;
+	uint32_t cData;
+	uint32_t cLen;
+} tciMessage_t;
+
+/* Trustlet UUID. */
+#define TL_TZ_CRYPT_UUID { { 0xff, 0xff, 0xff, 0xff, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 7 } }
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* TLTZCRYPT_API_H_ */
diff --git a/libs/libShpSec.a b/libs/libDeviceInfo.a
index 6b34c6f..431359f 100644..100755
--- a/libs/libShpSec.a
+++ b/libs/libDeviceInfo.a
diff --git a/libs/libtzcrypt.a b/libs/libtzcrypt.a
new file mode 100755
index 0000000..d052e49
--- /dev/null
+++ b/libs/libtzcrypt.a
diff --git a/packaging/libcryptsvc.spec b/packaging/libcryptsvc.spec
index 17c51a6..fbe1a55 100644..100755
--- a/packaging/libcryptsvc.spec
+++ b/packaging/libcryptsvc.spec
@@ -1,7 +1,7 @@
 Name:      libcryptsvc 
 Summary:   nothing
 Version:    0.0.1
-Release:    3
+Release:    4
 Group:      Osp/Security
 License:    APLv2
 Source0:    %{name}-%{version}.tar.gz
diff --git a/srcs/SecCryptoSvc.c b/srcs/SecCryptoSvc.c
index 418208e..9ce42a3 100644..100755
--- a/srcs/SecCryptoSvc.c
+++ b/srcs/SecCryptoSvc.c
@@ -1,89 +1,90 @@
-/*

- * libcryptsvc - device unique key

- *

- * Copyright (c) 2000 - 2013 Samsung Electronics Co., Ltd All Rights Reserved

- *

- * Licensed under the Apache License, Version 2.0 (the "License");

- * you may not use this file except in compliance with the License.

- * You may obtain a copy of the License at

- *

- * http://www.apache.org/licenses/LICENSE-2.0

- *

- * Unless required by applicable law or agreed to in writing, software

- * distributed under the License is distributed on an "AS IS" BASIS,

- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

- * See the License for the specific language governing permissions and

- * limitations under the License.

- *

- */

-

-#include "SecCryptoSvc.h"

-//#include "SecKmBase64.h"

-//#include "CryptoSvc-debug.h"

-#include <string.h>

-#include <stdio.h>

-#include <openssl/evp.h>

-#include <openssl/err.h>

-#include <openssl/rand.h>

-#include <openssl/sha.h>

-#include <dlog.h>

-

-bool SecFrameGeneratePlatformUniqueKey(IN UINT32  uLen, IN OUT UINT8  *pCek)

-{

-	bool 		bResult = true;

-	unsigned int 	i = 0;

-	unsigned char 	Key[73] = {0};

-	unsigned char 	hashedValue[HASH_LEN] = {0};

-	int 		nTempLen = SEC_DUK_SIZE;

-	int 		nHashLen = 0;

-	int 		remain = 0;

-	unsigned char	*result = NULL;

-

-	SLOGD("[LOG][%s:L%d] Enter \n", __func__,__LINE__);

-#ifdef CRYPTOSVC_TARGET

-	SysSecBootGetDeviceUniqueKey(Key);

-#else

-	memset(Key, 0xFF, nTempLen);

-#endif

-

-	/* for debugging */

-	SLOGD("Device Unique Key Information \n");

-

-	memcpy(Key+nTempLen, SEC_FRAME_OSP_KEY, 9);

-	nTempLen += 9;

-

-	remain = uLen;

-

-	for( i = 0 ; i < uLen ; i += HASH_LEN )

-	{

-		result = SHA1(Key, nTempLen, hashedValue);

-		nHashLen = HASH_LEN;

-

-		if( result == NULL)

-		{

-			SLOGE("SecCryptoHash fail \n");

-			bResult = false;

-			goto ERR;

-		}

-

-		nTempLen = nHashLen;

-

-		if( remain < HASH_LEN )

-		{

-			memcpy(pCek+i, hashedValue, remain);

-		}

-		else

-		{

-			memcpy(pCek+i, hashedValue, nHashLen);

-		}

-

-		remain -= HASH_LEN;

-		memset(Key, 0, sizeof(Key));

-		memcpy(Key, hashedValue, nHashLen);

-	}

-	SLOGD("[LOG][%s:L%d] End \n", __func__,__LINE__);

-ERR:

-	SLOGD("[LOG][%s:L%d] End with ERROR \n", __func__,__LINE__);

-	return bResult;

-}

-

+/*
+ * libcryptsvc - device unique key
+ *
+ * Copyright (c) 2000 - 2013 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include "SecCryptoSvc.h"
+//#include "SecKmBase64.h"
+//#include "CryptoSvc-debug.h"
+#include <string.h>
+#include <stdio.h>
+#include <openssl/evp.h>
+#include <openssl/err.h>
+#include <openssl/rand.h>
+#include <openssl/sha.h>
+#include <dlog.h>
+
+bool SecFrameGeneratePlatformUniqueKey(IN UINT32  uLen, IN OUT UINT8  *pCek)
+{
+	bool 		bResult = true;
+	unsigned int 	i = 0;
+	unsigned char 	Key[73] = {0};
+	unsigned char 	hashedValue[HASH_LEN] = {0};
+	int 		nTempLen = SEC_DUK_SIZE;
+	int 		nHashLen = 0;
+	int 		remain = 0;
+	unsigned char	*result = NULL;
+
+	SLOGD("[LOG][%s:L%d] Enter \n", __func__,__LINE__);
+#ifdef CRYPTOSVC_TARGET
+	SysSecBootGetDeviceUniqueKey(Key);
+#else
+	memset(Key, 0xFF, nTempLen);
+#endif
+
+	/* for debugging */
+	SLOGD("Device Unique Key Information \n");
+
+	memcpy(Key+nTempLen, SEC_FRAME_OSP_KEY, 9);
+	nTempLen += 9;
+
+	remain = uLen;
+
+	for( i = 0 ; i < uLen ; i += HASH_LEN )
+	{
+		result = SHA1(Key, nTempLen, hashedValue);
+		nHashLen = HASH_LEN;
+
+		if( result == NULL)
+		{
+			SLOGE("SecCryptoHash fail \n");
+			bResult = false;
+			goto ERR;
+		}
+
+		nTempLen = nHashLen;
+
+		if( remain < HASH_LEN )
+		{
+			memcpy(pCek+i, hashedValue, remain);
+		}
+		else
+		{
+			memcpy(pCek+i, hashedValue, nHashLen);
+		}
+
+		remain -= HASH_LEN;
+		memset(Key, 0, sizeof(Key));
+		memcpy(Key, hashedValue, nHashLen);
+	}
+	SLOGD("[LOG][%s:L%d] End \n", __func__,__LINE__);
+ERR:
+	SLOGD("[LOG][%s:L%d] End with ERROR \n", __func__,__LINE__);
+	return bResult;
+}
+
+
diff --git a/srcs/SecTzSvc.c b/srcs/SecTzSvc.c
new file mode 100755
index 0000000..86f553e
--- /dev/null
+++ b/srcs/SecTzSvc.c
@@ -0,0 +1,204 @@
+/*
+ * libTzSvc - encryption and decryption with the TZ-based HW key
+ *
+ * Copyright (c) 2000 - 2013 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <string.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <dlog.h>
+
+#include <sys/ioctl.h>
+#include <sys/time.h>
+#include <sys/mman.h>
+#include <sys/stat.h>
+#include <openssl/sha.h>
+#include <openssl/evp.h> 
+#include <openssl/aes.h>
+#include <openssl/crypto.h> 
+
+#include "SecTzSvc.h"
+#include "SecCryptoSvc.h"
+#include "tlc_tzcrypt.h"
+#include "tltzcrypt_api.h"
+
+#define LOG_TAG "tlcTzCrypt"
+#ifndef CRYPTOSVC_TZ
+#define	SIZE_CHUNK	1024
+#define	SIZE_SECUREOBJECT	1116
+#define KEY_SIZE 16
+#endif
+
+unsigned char* AES_Crypto(unsigned char* p_text, unsigned char* c_text, unsigned char* aes_key, unsigned char* iv, int mode,  unsigned long size)
+{
+    AES_KEY e_key, d_key;               
+		    
+    AES_set_encrypt_key(aes_key, 128, &e_key);
+    AES_set_decrypt_key(aes_key, 128, &d_key);
+					    
+    if(mode == 1)
+    {
+		AES_cbc_encrypt(p_text, c_text, size, &e_key, iv, AES_ENCRYPT);
+		return c_text;
+	}
+	else
+	{
+	    AES_cbc_encrypt(c_text, p_text, size, &d_key, iv, AES_DECRYPT);
+	    return p_text;
+	}
+}
+TZCRYPT_Result SecEncryptTZCrypt(TZCRYPT_UINT8 *Src, TZCRYPT_UINT32 SrcLen, TZCRYPT_UINT8 *Dst, TZCRYPT_UINT32 *DstLen, TZCRYPT_UINT8 *AppInfo, TZCRYPT_UINT32 AppInfoLen, TZCRYPT_UINT8 *WrapAppInfo, TZCRYPT_UINT32 *WrapAppInfoLen)
+{
+
+	TZCRYPT_Result   ret = SEC_CRYPTO_ENCRYPT_ERROR;
+#ifndef CRYPTOSVC_TZ
+	int outLen = 0;
+	unsigned char key[KEY_SIZE] = {0,};
+	unsigned char hashOut[SHA_DIGEST_LENGTH] = {0,};
+	unsigned char iv[] = {0x3E, 0xB5, 0x01, 0x45, 0xE4, 0xF8, 0x75, 0x3F, 0x08, 0x9D, 0x9F, 0x57, 0x3B, 0x63, 0xEF, 0x4B };
+#endif
+
+#ifdef CRYPTOSVC_TZ
+	if(SrcLen % SIZE_CHUNK != 0 || *DstLen % SIZE_SECUREOBJECT != 0){
+                LOGE("Plain chunk size :: Test for Encryption of TZ Crypt failed!!! [Return Value] = %.8x\n", ret);
+				LOGE("source length = %d, destination length = %d\n", SrcLen, *DstLen);
+                return ret;
+	}
+#endif
+
+	LOGI("Start Encryption of TZ Crypt!\n");
+
+#ifdef CRYPTOSVC_TZ
+	ret = TzCrypt_WrapIdentity(AppInfo, AppInfoLen, WrapAppInfo, WrapAppInfoLen);
+	if (ret) {
+       	LOGE("Failed to wrap  AppInfo of TZ [Return Value] = %.8x\n", ret);
+		return SEC_CRYPTO_WRAPIDENTITY_ERROR;
+	}
+	ret = TzCrypt_Encrypt(Src, SrcLen, Dst, DstLen);
+	if (ret) {
+		LOGE("Test for Encryption of TZ Crypt failed!!! [Return Value] = %.8x\n", ret);
+		return SEC_CRYPTO_ENCRYPT_ERROR;
+    }
+#else
+	if(!SecFrameGeneratePlatformUniqueKey(KEY_SIZE, key))
+	{
+		LOGE("Failed to generate device unique key\n");
+		return SEC_CRYPTO_ENCRYPT_ERROR;
+	}
+	if(AES_Crypto(Src, Dst, key, iv, 1, SrcLen) == NULL)
+	{
+		LOGE("Failed to encrypt data \n");
+		return SEC_CRYPTO_ENCRYPT_ERROR;
+	}
+	*DstLen = SrcLen;
+	EVP_Digest(AppInfo, AppInfoLen, hashOut, (unsigned int*)&outLen, EVP_sha1(), NULL);
+    *WrapAppInfoLen = outLen;
+	memcpy(WrapAppInfo, hashOut, *WrapAppInfoLen);
+#endif
+	LOGI("Encryption of TZ Crypt is Success! [Return Value] = %.8x\n", ret);
+
+	return SEC_CRYPTO_SUCCESS;
+}
+
+TZCRYPT_Result SecDecryptTZCrypt(TZCRYPT_UINT8 *Src, TZCRYPT_UINT32 SrcLen, TZCRYPT_UINT8 *Dst, TZCRYPT_UINT32 *DstLen, TZCRYPT_UINT8 *AppInfo, TZCRYPT_UINT32 AppInfoLen, TZCRYPT_UINT8 *WrapAppInfo, TZCRYPT_UINT32 WrapAppInfoLen)
+{
+	TZCRYPT_Result   ret = SEC_CRYPTO_DECRYPT_ERROR;
+#ifndef CRYPTOSVC_TZ
+    int outLen = 0;
+    unsigned char key[KEY_SIZE] = {0,};
+    unsigned char hashOut[SHA_DIGEST_LENGTH] = {0,};
+    unsigned char iv[] = {0x3E, 0xB5, 0x01, 0x45, 0xE4, 0xF8, 0x75, 0x3F, 0x08, 0x9D, 0x9F, 0x57, 0x3B, 0x63, 0xEF, 0x4B };
+#endif
+#ifdef CRYPTOSVC_TZ
+	if(SrcLen % SIZE_SECUREOBJECT != 0 ){
+                LOGE("Ciphertext chunk size :: Test for Encryption of TZ Crypt failed!!! [Return Value] = %.8x\n", ret);
+                return ret;		
+	}
+
+	if(WrapAppInfoLen != SIZE_WRAPAPPIDENTITY){
+		LOGE("Wrapped App Identity Size :: failed!!! [Return Value] = %.8x\n", ret);
+		return ret;
+	}
+	
+	TZCRYPT_UINT8 *unwrapData = NULL;
+	TZCRYPT_UINT32 unwrapDatalen = SIZE_HASHAPPIDENTITY;
+	unwrapData = (TZCRYPT_UINT8 *)malloc(unwrapDatalen);
+
+	ret = TzCrypt_UnwrapIdentity(WrapAppInfo, WrapAppInfoLen, unwrapData, &unwrapDatalen);
+        if (ret) {
+                LOGE("Test for Unwrap AppInfo of TZ Crypt failed!!! [Return Value] = %.8x\n", ret);
+                return SEC_CRYPTO_UNWRAPIDENTITY_ERROR;
+        }
+	LOGI("Unwrap AppInfo of TZ Crypt is Success! [Return Value] = %.8x\n", ret);
+
+	TZCRYPT_UINT8 *hashData = NULL;
+	TZCRYPT_UINT32 hashDatalen =  SIZE_HASHAPPIDENTITY;
+	hashData = (TZCRYPT_UINT8 *)malloc(hashDatalen);
+
+	ret = TzCrypt_Hash(AppInfo, AppInfoLen, hashData, &hashDatalen);
+	if (ret) {
+		LOGE("Test for Hash AppInfo of TZ Crypt failed!!! [Return Value] = %.8x\n", ret);
+		return SEC_CRYPTO_HASH_ERROR;
+    }
+	
+	if( 0 != memcmp(unwrapData, hashData, hashDatalen) || hashDatalen != unwrapDatalen){
+		LOGE("App Info Identity is NOT same as hash Info of a given Identity\n");
+		return SEC_CRYPTO_HASH_ERROR;
+	}
+
+	LOGI("Start Decryption of TZ Crypt!\n");
+    ret = TzCrypt_Decrypt(Src, SrcLen, Dst, DstLen);
+	if (ret) {
+		LOGE("Test for Decryption of TZ Crypt failed!!! [Return Value] = %.8x\n", ret);
+		return SEC_CRYPTO_DECRYPT_ERROR;
+    }
+#else
+	if(!SecFrameGeneratePlatformUniqueKey(KEY_SIZE, key))
+	{
+		LOGE("Failed to generate device unique key\n");
+		return SEC_CRYPTO_DECRYPT_ERROR;
+	}
+
+	EVP_Digest(AppInfo, AppInfoLen, hashOut, (unsigned int*)&outLen, EVP_sha1(), NULL);
+
+	if( 0 != memcmp(WrapAppInfo, hashOut, outLen) || outLen != WrapAppInfoLen){
+		LOGE("AppInfo Identifier Information is wrong\n");
+		return SEC_CRYPTO_HASH_ERROR;
+	}
+
+	if(AES_Crypto(Dst, Src, key, iv, 0, SrcLen) == NULL)
+	{
+		LOGE("Failed to decrypt data \n");
+		return SEC_CRYPTO_DECRYPT_ERROR;
+	}
+	*DstLen = SrcLen;
+
+#endif
+    LOGI("Test for Decryption of TZ Crypt is Success! [Return Value] = %.8x\n", ret);
+
+	return SEC_CRYPTO_SUCCESS;
+}
+
+TZCRYPT_UINT32 SecGetCipherLen(TZCRYPT_UINT32 srclen)
+{
+#ifdef CRYPTOSVC_TZ
+	TZCRYPT_UINT32 cipherLength = TzCrypt_GetSOLen(srclen);
+#else
+	int  cipherLength = (srclen / EVP_aes_128_cbc()->block_size + 1) * EVP_aes_128_cbc()->block_size;
+#endif
+	return cipherLength;
+}