/** * @brief AES-ECB Demo * @param * @return * @note */ void AesEcbDemo(void) { printf("\r\n-------AesEcb128 Test-------\r\n"); #ifdef ALG_DEMO_PRINT_EN print_buf(AES_PLAIN,AES_BYTELEN,"AES-128-ECB Plaintext"); print_buf(AES_Key,16,"AES-128-ECB Key"); #endif AES_Init(AES_Key, 16); AES_Crypto(AES_PLAIN, AES_BYTELEN, 0, 0, AES_IV, AES_OUT); #ifdef ALG_DEMO_PRINT_EN print_buf(AES_OUT,AES_BYTELEN,"AES-128-ECB Cipher"); #endif AES_Close(); if(memcmp(AES_OUT, AES_128_ECB_CIPHER, AES_BYTELEN)) { printf("\r\n-------AesEcb128 Encrypto Test Failed-------\r\n"); print_buf(AES_PLAIN, AES_BYTELEN, "AesEcb128 plain\r\n"); print_buf(AES_Key, 16, "AesEcb128 key\r\n"); print_buf(AES_OUT, AES_BYTELEN, "----AesEcb128 cipher----\r\n"); print_buf(AES_128_ECB_CIPHER, AES_BYTELEN, "----AesEcb128 correct cipher----\r\n"); } else { printf("\r\n-------AesEcb128 Encrypto Test Success-------\r\n"); } AES_Init(AES_Key, 16); AES_Crypto(AES_OUT, AES_BYTELEN, 1, 0, AES_IV, AES_OUT); #ifdef ALG_DEMO_PRINT_EN print_buf(AES_OUT,AES_BYTELEN,"AES-128-CBC Cipher Decrypt(plaintext)"); #endif AES_Close(); if(memcmp(AES_OUT, AES_PLAIN, AES_BYTELEN)) { printf("\r\n-------AesEcb128 Decrypto Test Failed-------\r\n"); } else { printf("\r\n-------AesEcb128 Decrypto Test Success-------\r\n"); } printf("\r\n-------AesEcb192 Test-------\r\n"); AES_Init(AES_Key, 24); AES_Crypto(AES_PLAIN, AES_BYTELEN, 0, 0, AES_IV, AES_OUT); AES_Close(); if(memcmp(AES_OUT, AES_192_ECB_CIPHER, AES_BYTELEN)) { printf("\r\n-------AesEcb192 Encrypto Test Failed-------\r\n"); print_buf(AES_PLAIN, AES_BYTELEN, "AesEcb192 plain\r\n"); print_buf(AES_Key, AES_BYTELEN, "AesEcb192 key\r\n"); print_buf(AES_OUT, AES_BYTELEN, "----AesEcb192 cipher----\r\n"); print_buf(AES_192_ECB_CIPHER, AES_BYTELEN, "----AesEcb192 correct cipher----\r\n"); } else { printf("\r\n-------AesEcb192 Encrypto Test Success-------\r\n"); } AES_Init(AES_Key, 24); AES_Crypto(AES_OUT, AES_BYTELEN, 1, 0, AES_IV, AES_OUT); AES_Close(); if(memcmp(AES_OUT, AES_PLAIN, AES_BYTELEN)) { printf("\r\n-------AesEcb192 Decrypto Test Failed-------\r\n"); } else { printf("\r\n-------AesEcb192 Decrypto Test Success-------\r\n"); } printf("\r\n-------AesEcb256 Test-------\r\n"); AES_Init(AES_Key, 32); AES_Crypto(AES_PLAIN, AES_BYTELEN, 0, 0, AES_IV, AES_OUT); AES_Close(); if(memcmp(AES_OUT, AES_256_ECB_CIPHER, AES_BYTELEN)) { printf("\r\n-------AesEcb256 Encrypto Test Failed-------\r\n"); print_buf(AES_PLAIN, AES_BYTELEN, "AesEcb256 plain\r\n"); print_buf(AES_Key, AES_BYTELEN, "AesEcb256 key\r\n"); print_buf(AES_OUT, AES_BYTELEN, "----AesEcb256 cipher----\r\n"); print_buf(AES_128_ECB_CIPHER, AES_BYTELEN, "----AesEcb256 correct cipher----\r\n"); } else { printf("\r\n-------AesEcb256 Encrypto Test Success-------\r\n"); } AES_Init(AES_Key, 32); AES_Crypto(AES_OUT, AES_BYTELEN, 1, 0, AES_IV, AES_OUT); AES_Close(); if(memcmp(AES_OUT, AES_PLAIN, AES_BYTELEN)) { printf("\r\n-------AesEcb256 Decrypto Test Failed-------\r\n"); } else { printf("\r\n-------AesEcb256 Decrypto Test Success-------\r\n"); } }
int SsServerDataStoreFromBuffer(int sender_pid, char* writebuffer, size_t bufLen, const char* filename, ssm_flag flag, const char* cookie, const char* group_id) { char key[16] = {0, }; unsigned char iv[16] = {0, }; char out_filepath[MAX_FILENAME_LEN+1]; char *buffer = NULL; unsigned int writeLen = 0, loop, rest, count; FILE *fd_out = NULL; ssm_file_info_convert_t sfic; unsigned char p_text[ENCRYPT_SIZE]= {0, }; unsigned char e_text[ENCRYPT_SIZE]= {0, }; int res = -1; writeLen = (unsigned int)(bufLen / AES_BLOCK_SIZE + 1) * AES_BLOCK_SIZE; buffer = (char*)malloc(writeLen + 1); if(!buffer) { SLOGE("[%s] Memory Allocation Fail in SsServerDataStoreFromBuffer()..\n", __func__); return SS_MEMORY_ERROR; } memset(buffer, 0x00, writeLen); memcpy(buffer, writebuffer, bufLen); //0. privilege check and get directory name if(check_privilege(cookie, group_id) != 0) { SLOGE("[%s] permission denied\n", __func__); free(buffer); return SS_PERMISSION_DENIED; } // create file path from filename ConvertFileName(sender_pid, out_filepath, filename, flag, group_id); // open a file with write mode if(!(fd_out = fopen(out_filepath, "wb"))) { SLOGE("[%s] File open error:(out_filepath) %s\n", __func__, out_filepath); free(buffer); return SS_FILE_OPEN_ERROR; // file related error } chmod(out_filepath, 0600); // write metadata sfic.fInfoStruct.originSize = (unsigned int)bufLen; sfic.fInfoStruct.storedSize = writeLen; sfic.fInfoStruct.reserved[0] = flag & 0x000000ff; fwrite(sfic.fInfoArray, 1, sizeof(ssm_file_info_t), fd_out); // encrypt buffer loop = writeLen / ENCRYPT_SIZE; rest = writeLen % ENCRYPT_SIZE; GetKey(key, iv); for(count = 0; count < loop; count++) { memcpy(p_text, buffer+count*ENCRYPT_SIZE, ENCRYPT_SIZE); AES_Crypto( p_text, e_text, key, iv, 1, ENCRYPT_SIZE); fwrite(e_text, 1, ENCRYPT_SIZE, fd_out); memset(e_text, 0x00, ENCRYPT_SIZE); memset(p_text, 0x00, ENCRYPT_SIZE); } memcpy(p_text, buffer + loop*ENCRYPT_SIZE, rest); AES_Crypto(p_text, e_text, key, iv, 1, rest); fwrite(e_text, 1, rest, fd_out); if((res = fflush(fd_out)) != 0) { SLOGE("[%s] fail to execute fflush().\n", __func__); return SS_FILE_WRITE_ERROR; } else { SLOGI("[%s] success to execute fflush().\n", __func__); if((res = fsync(fd_out->_fileno)) == -1) { SLOGE("[%s] fail to execute fsync().\n", __func__); return SS_FILE_WRITE_ERROR; } else SLOGI("[%s] success to execute fsync(). loop=[%d], rest=[%d]\n", __func__, loop, rest); } fclose(fd_out); free(buffer); return 1; }
int SsServerDataRead(int sender_pid, const char* data_filepath, char* pRetBuf, unsigned int count, unsigned int* readLen, ssm_flag flag, const char* cookie, const char* group_id) { unsigned int offset = count * MAX_RECV_DATA_LEN; char key[16] = {0, }; unsigned char iv[16] = {0, }; char in_filepath[MAX_FILENAME_LEN] = {0, }; FILE* fd_in = NULL; char *out_data = pRetBuf; unsigned char p_text[ENCRYPT_SIZE]= {0, }; unsigned char e_text[ENCRYPT_SIZE]= {0, }; size_t read = 0; *readLen = 0; //0. privilege check and get directory name if(check_privilege(cookie, group_id) != 0) { SLOGE("[%s] permission denied\n", __func__); return SS_PERMISSION_DENIED; } // 1. create in file name : convert file name in order to access secure storage if(flag == SSM_FLAG_WIDGET) strncpy(in_filepath, data_filepath, MAX_FILENAME_LEN - 1); else ConvertFileName(sender_pid, in_filepath, data_filepath, flag, group_id); // 2. open file if(!(fd_in = fopen(in_filepath, "rb"))) { SLOGE("[%s] File open error:(in_filepath) %s\n", __func__, in_filepath); return SS_FILE_OPEN_ERROR; // file related error } // 3. skip to offset fseek(fd_in, (long)offset + sizeof(ssm_file_info_t), SEEK_SET); // 4. decrypt data GetKey(key, iv); read = fread(e_text, 1, ENCRYPT_SIZE, fd_in); while((read == ENCRYPT_SIZE)) { AES_Crypto(p_text, e_text, key, iv, 0, ENCRYPT_SIZE) ; memcpy(out_data, p_text, ENCRYPT_SIZE); out_data += ENCRYPT_SIZE; *readLen += ENCRYPT_SIZE; if(*readLen == MAX_RECV_DATA_LEN) goto Last; memset(p_text, 0x00, ENCRYPT_SIZE); memset(e_text, 0x00, ENCRYPT_SIZE); read = fread(e_text, 1, ENCRYPT_SIZE, fd_in); } AES_Crypto(p_text, e_text, key, iv, 0, read) ; memcpy(out_data, p_text, read); out_data += read; *readLen += read; Last: *out_data = '\0'; fclose(fd_in); return 1; }
int SsServerDataStoreFromFile(int sender_pid, const char* data_filepath, ssm_flag flag, const char* cookie, const char* group_id) { char key[16] = {0, }; unsigned char iv[16] = {0, }; const char* in_filepath = data_filepath; char out_filepath[MAX_FILENAME_LEN] = {0, }; FILE* fd_in = NULL; FILE* fd_out = NULL; struct stat file_info; ssm_file_info_convert_t sfic; int res = -1; unsigned char p_text[ENCRYPT_SIZE]= {0, }; unsigned char e_text[ENCRYPT_SIZE]= {0, }; size_t read = 0, rest = 0; //0. privilege check and get directory name if(check_privilege(cookie, group_id) != 0) { SLOGE("[%s][%s] permission denied\n", __func__, group_id); return SS_PERMISSION_DENIED; } // 1. create out file name ConvertFileName(sender_pid, out_filepath, in_filepath, flag, group_id); // 2. file open if(!(fd_in = fopen(in_filepath, "rb"))) { SLOGE("[%s]File open error:(in_filepath) %s\n", __func__, in_filepath); return SS_FILE_OPEN_ERROR; // file related error } if(!(fd_out = fopen(out_filepath, "wb"))) { SLOGE("[%s]File open error:(out_filepath) %s\n", __func__, out_filepath); fclose(fd_in); return SS_FILE_OPEN_ERROR; // file related error } chmod(out_filepath, 0600); // 3. write metadata if(!stat(in_filepath, &file_info)) { sfic.fInfoStruct.originSize = (unsigned int)file_info.st_size; sfic.fInfoStruct.storedSize = (unsigned int)(sfic.fInfoStruct.originSize/AES_BLOCK_SIZE + 1) * AES_BLOCK_SIZE; sfic.fInfoStruct.reserved[0] = flag & 0x000000ff; } else { SLOGE("[%s] the function stat() fail.\n", __func__); fclose(fd_in); fclose(fd_out); return SS_FILE_READ_ERROR; } fwrite(sfic.fInfoArray, 1, sizeof(ssm_file_info_t), fd_out); // 4. encrypt real data read = fread(p_text, 1, ENCRYPT_SIZE, fd_in); GetKey(key, iv); while(read == ENCRYPT_SIZE) { AES_Crypto(p_text, e_text, key, iv, 1, ENCRYPT_SIZE); fwrite(e_text, 1, ENCRYPT_SIZE, fd_out); memset(e_text, 0x00, ENCRYPT_SIZE); memset(p_text, 0x00, ENCRYPT_SIZE); read = fread( p_text, 1, ENCRYPT_SIZE, fd_in ); } rest = AES_BLOCK_SIZE - (read % AES_BLOCK_SIZE); AES_Crypto(p_text, e_text, key, iv, 1, read+rest); fwrite(e_text, 1, read + rest, fd_out); if((res = fflush(fd_out)) != 0) { SLOGE("[%s] fail to execute fflush().\n", __func__); return SS_FILE_WRITE_ERROR; } else { SLOGI("[%s] success to execute fflush().\n", __func__); if((res = fsync(fd_out->_fileno)) == -1) { SLOGE("[%s] fail to execute fsync().\n", __func__); return SS_FILE_WRITE_ERROR; } else SLOGI("[%s] success to execute fsync(). read=[%d], rest=[%d]\n", __func__, read, rest); } fclose(fd_in); fclose(fd_out); return 1; }