summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKyungwook Tak <k.tak@samsung.com>2016-07-19 16:16:10 +0900
committerKyungwook Tak <k.tak@samsung.com>2016-07-19 18:19:04 +0900
commitf0718c7aa95e51b41e1ee71747a01d75b3aaa9e6 (patch)
tree5b5d7906a3da848ff8b2179e979a68f38dda86fa
parent99ad3b114bce6ba5743f74c39079d524781134cd (diff)
downloadlibwebappenc-f0718c7aa95e51b41e1ee71747a01d75b3aaa9e6.tar.gz
libwebappenc-f0718c7aa95e51b41e1ee71747a01d75b3aaa9e6.tar.bz2
libwebappenc-f0718c7aa95e51b41e1ee71747a01d75b3aaa9e6.zip
Logging openssl log on crypto error cases
Change-Id: I60d574d8813637077fa1e278a3d72dbfed07333c Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
-rw-r--r--srcs/decrypt_migrated_wgt.c73
1 files changed, 44 insertions, 29 deletions
diff --git a/srcs/decrypt_migrated_wgt.c b/srcs/decrypt_migrated_wgt.c
index d240fa4..dfaf28a 100644
--- a/srcs/decrypt_migrated_wgt.c
+++ b/srcs/decrypt_migrated_wgt.c
@@ -28,12 +28,23 @@
#include <openssl/sha.h>
#include <openssl/evp.h>
#include <openssl/crypto.h>
+#include <openssl/err.h>
#include "wae_log.h"
#include "web_app_enc.h"
#define DUK_LEN 16
+static void _logging_openssl_err()
+{
+ unsigned long e = ERR_get_error();
+ char buf[512] = {0, };
+
+ ERR_error_string_n(e, buf, 511);
+
+ WAE_SLOGE("Openssl err: %s", buf);
+}
+
static int _get_old_duk(const char *pkg_id, unsigned char **pduk, size_t *pduk_len)
{
unsigned char salt[32];
@@ -46,7 +57,12 @@ static int _get_old_duk(const char *pkg_id, unsigned char **pduk, size_t *pduk_l
return WAE_ERROR_MEMORY;
}
- PKCS5_PBKDF2_HMAC_SHA1(pkg_id, strlen(pkg_id), salt, sizeof(salt), 1, (DUK_LEN * 2), duk);
+ if (PKCS5_PBKDF2_HMAC_SHA1(pkg_id, strlen(pkg_id), salt, sizeof(salt), 1,
+ (DUK_LEN * 2), duk) != 1) {
+ free(duk);
+ return WAE_ERROR_CRYPTO;
+ }
+
duk[DUK_LEN * 2] = '\0';
*pduk = duk;
@@ -59,19 +75,15 @@ static int _get_old_duk(const char *pkg_id, unsigned char **pduk, size_t *pduk_l
static int _get_old_iv(const unsigned char *src, size_t src_len, unsigned char **piv, size_t *piv_len)
{
- unsigned char iv_buf[SHA_DIGEST_LENGTH] = {0, };
- unsigned int iv_len = 0;
-
- if (EVP_Digest(src, src_len, iv_buf, &iv_len, EVP_sha1(), NULL) != 1) {
- WAE_SLOGE("Failed to EVP_Digest for getting old iv");
- return WAE_ERROR_CRYPTO;
- }
-
- unsigned char *iv = (unsigned char *)malloc(sizeof(unsigned char) * sizeof(iv_buf));
+ unsigned int iv_len = SHA_DIGEST_LENGTH;
+ unsigned char *iv = (unsigned char *)malloc(sizeof(unsigned char) * iv_len);
if (iv == NULL)
return WAE_ERROR_MEMORY;
- memcpy(iv, iv_buf, sizeof(iv_buf));
+ if (EVP_Digest(src, src_len, iv, &iv_len, EVP_sha1(), NULL) != 1) {
+ free(iv);
+ return WAE_ERROR_CRYPTO;
+ }
*piv = iv;
*piv_len = iv_len;
@@ -111,48 +123,47 @@ static int _decrypt(const unsigned char *key, size_t key_len,
EVP_CIPHER_CTX_init(&ctx);
- int ret = EVP_CipherInit(&ctx, algo, key, iv, 0);
+ int ret = WAE_ERROR_NONE;
- if (ret != 1) {
+ if (EVP_CipherInit(&ctx, algo, key, iv, 0) != 1) {
ret = WAE_ERROR_CRYPTO;
goto error;
}
- ret = EVP_CIPHER_CTX_set_padding(&ctx, 1);
-
- if (ret != 1) {
+ if (EVP_CIPHER_CTX_set_padding(&ctx, 1) != 1) {
ret = WAE_ERROR_CRYPTO;
goto error;
}
- ret = EVP_CipherUpdate(&ctx, decrypted, &decrypted_len, data, data_len);
-
- if (ret != 1) {
+ if (EVP_CipherUpdate(&ctx, decrypted, &decrypted_len, data, data_len) != 1) {
ret = WAE_ERROR_CRYPTO;
goto error;
} else if (decrypted_len <= 0) {
- ret = WAE_ERROR_CRYPTO;
+ WAE_SLOGE("EVP_CipherUpdate success but returned decrypted_len(%d) <= 0",
+ decrypted_len);
+ ret = WAE_ERROR_UNKNOWN;
goto error;
}
- ret = EVP_CipherFinal(&ctx, decrypted + decrypted_len, &final_len);
-
- if (ret != 1) {
+ if (EVP_CipherFinal(&ctx, decrypted + decrypted_len, &final_len) != 1) {
ret = WAE_ERROR_CRYPTO;
goto error;
} else if (final_len <= 0) {
- ret = WAE_ERROR_CRYPTO;
+ WAE_SLOGE("EVP_CipherFinal success but returned final_len(%d) <= 0",
+ final_len);
+ ret = WAE_ERROR_UNKNOWN;
goto error;
}
*pdecrypted = decrypted;
*pdecrypted_len = decrypted_len + final_len;
- ret = WAE_ERROR_NONE;
-
error:
EVP_CIPHER_CTX_cleanup(&ctx);
+ if (ret != WAE_ERROR_NONE)
+ free(decrypted);
+
return ret;
}
@@ -161,13 +172,14 @@ int decrypt_by_old_ss_algo(const char *pkg_id, const unsigned char *encrypted, s
{
unsigned char *duk = NULL;
size_t duk_len = 0;
+ unsigned char *iv = NULL;
+ size_t iv_len = 0;
+
int ret = _get_old_duk(pkg_id, &duk, &duk_len);
if (ret != WAE_ERROR_NONE)
- return ret;
+ goto error;
- unsigned char *iv = NULL;
- size_t iv_len = 0;
ret = _get_old_iv(duk, duk_len, &iv, &iv_len);
if (ret != WAE_ERROR_NONE)
@@ -178,6 +190,9 @@ int decrypt_by_old_ss_algo(const char *pkg_id, const unsigned char *encrypted, s
WAE_SLOGI("decrypt with old ss algo success of pkg: %s", pkg_id);
error:
+ if (ret == WAE_ERROR_CRYPTO)
+ _logging_openssl_err();
+
free(duk);
free(iv);