int main(void) { HCRYPTPROV hCryptProv = 0; HCRYPTKEY key = 0; unsigned long cLen = 0; char *cipherText = 0; char *plainText = "PLAIN_TEXT_PLAIN_TEXT\0"; char *password = "******"; unsigned char *decrypted = 0; if (!CryptoInit(&key, &hCryptProv, password, strlen(password))) { printf("Crypto initializing failed\n"); return EXIT_FAILURE; } if (!Encrypt(key, &cipherText, &cLen, (unsigned char *)plainText, strlen(plainText))) { printf("Encryption failed\n"); if (hCryptProv) CryptReleaseContext(hCryptProv, 0); return EXIT_FAILURE; } printf("Encrypted string: %s\n", cipherText); if (!Decrypt(key, &decrypted, cipherText, cLen)) { printf("Decryption failed\n"); SAFE_FREE(cipherText); if (hCryptProv) CryptReleaseContext(hCryptProv, 0); return EXIT_FAILURE; } SAFE_FREE(cipherText); printf("Decrypted string: %s\n", decrypted); SAFE_FREE(decrypted); CryptoUninit(key, hCryptProv); return EXIT_SUCCESS; }
ClientConf *DoAuthenticateServer(int net_fd, struct sockaddr_in *from) { ClientConf *Client = NULL; int dcr_size = 0, cr_size = 0, i = 0; char ConnectionID[MED_BUF]; unsigned char cr_buffer[BUFSIZ], dcr_buffer[BUFSIZ], orig_buffer[BUFSIZ], signature[MED_BUF]; unsigned int siglen = 0; memset(dcr_buffer, 0, sizeof(dcr_buffer)); memset(orig_buffer, 0, sizeof(orig_buffer)); /* Get the connection ID */ if ((i = ReadN(net_fd, (struct sockaddr *)from, (unsigned char *)ConnectionID, MED_BUF)) <= 0) { fprintf(stderr, "DoAuthenticateServer : ReadN\n"); return NULL; } ConnectionID[i] = '\0'; /* Load the client setup */ if ((Client = ReadClientConf(SrvSetup.cfgfile, ConnectionID)) == NULL) { fprintf(stderr, "DoAuthenticateServer : ReadClientConf\n"); return NULL; } if (LoadPublicKeyFromFile(Client->fpubkey, &(Client->pub), CLIENT_LOAD_SERVER_PUBLIC_KEYFILE_ERR)) { fprintf(stderr, "DoAuthenticateServer : LoadPublicKeyFromFile\n"); return NULL; } /* Create a random message, sign it, encrypt it and send it with its signature */ if (CreateRandomMessage(orig_buffer, MIN_BUF) < 0) { fprintf(stderr, "DoAuthenticateServer : CreateRandomMessage\n"); return NULL; } if (SignMessage(SrvSetup.priv, orig_buffer, MIN_BUF, signature, &siglen) < 0) { fprintf(stderr, "DoAuthenticateServer : SignMesage\n"); return NULL; } if (EncryptMessageWithPublicKey(Client->pub, orig_buffer, MIN_BUF, cr_buffer, &cr_size) < 0) { fprintf(stderr, "DoAuthenticateServer : EncryptMessageWithPublicKey\n"); return NULL; } if (WriteH(net_fd, (struct sockaddr *)from, cr_buffer, cr_size) < 0) { fprintf(stderr, "DoAuthenticateServer : WriteH\n"); return NULL; } if (WriteH(net_fd, (struct sockaddr *)from, signature, siglen) <= 0) { fprintf(stderr, "DoAuthenticateServer : WriteH\n"); return NULL; } /* Read the answer and decrypt it */ if ((cr_size = ReadN(net_fd, (struct sockaddr *)from, cr_buffer, BUFSIZ)) < 0) { fprintf(stderr, "DoAuthenticateServer : ReadN\n"); return NULL; } else if (cr_size == 0) { fprintf(stderr, "Authentication failed. Access denied!\n"); fprintf(stderr, "Disconnecting client\n"); return NULL; } if (DecryptMessageWithPrivateKey(SrvSetup.priv, cr_buffer, cr_size, dcr_buffer, &dcr_size)) { fprintf(stderr, "DoAuthenticateServer : DecryptMessageWithPrivateKey\n"); return NULL; } /* Check if the message is ok */ if (memcmp(orig_buffer, dcr_buffer, MIN_BUF)) { fprintf(stderr, "Access denied!\n"); return NULL; } /* Save the origin information in the client's structure */ memcpy(&(Client->ns.data), from, sizeof(struct sockaddr_in)); inet_aton(Client->ns.ip, &Client->ns.data.sin_addr); /* Create a key, arrange a network setup for the client and send it over */ if (CreateRandomKey(Client->PrivKey, KEYSIZE)) { fprintf(stderr, "DoAuthenticateServer : CreateRandomKey\n"); return NULL; } /*sprintf((char *)dcr_buffer, "key=%s,ip=%s,netmask=%s,broadcast=%s,mtu=%s", Client->PrivKey, Client->ns.ip, Client->ns.msk, Client->ns.brd, Client->ns.mtu);*/ memset(dcr_buffer, '\0', sizeof(dcr_buffer)); memcpy(dcr_buffer, "key=", 4); memcpy(dcr_buffer + 4, Client->PrivKey, KEYSIZE); sprintf((char *)dcr_buffer + 4 + KEYSIZE, ",ip=%s,netmask=%s,broadcast=%s", Client->ns.ip, Client->ns.msk, Client->ns.brd); dcr_size = 4 + KEYSIZE + strlen(((char *)dcr_buffer) + 4 + KEYSIZE); if (EncryptMessageWithPublicKey(Client->pub, dcr_buffer, dcr_size, cr_buffer, &cr_size) < 0) { fprintf(stderr, "DoAuthenticateServer : EncryptMessageWithPublicKey\n"); return NULL; } if (WriteH(net_fd, (struct sockaddr *)from, cr_buffer, cr_size) < 0) { fprintf(stderr, "DoAuthenticateServer : WriteH\n"); return NULL; } CryptoInit(&(Client->ctx), Client->PrivKey, &(Client->IV)); return Client; }
static uint32 SecureRKModeInit(void) { #if !defined(CONFIG_SECURE_RSA_KEY_IN_RAM) BOOT_HEADER *pHead = (BOOT_HEADER *)g_rsa_key_buf; uint32 i = 0; int32 ret; #endif /* CONFIG_SECURE_RSA_KEY_IN_RAM */ uint32 secure = 0; /* check efuse secure flag */ secure = 0; #if !defined(CONFIG_SECURE_RSA_KEY_IN_RAM) #if defined(CONFIG_RKCHIP_RK3128) /* rk3128 efuse read char unit */ uint8 flag = 0; EfuseRead(&flag, 0X1F, 1); if (0xFF == flag) { secure = 1; } CryptoInit(); #elif defined(CONFIG_RKCHIP_RK3288) || defined(CONFIG_RKCHIP_RK3368) /* rk3288/rk3368 efuse read word unit */ uint32 flag = 0; EfuseRead(&flag, 0X00, 4); if (flag & 0x01) { secure = 1; } CryptoInit(); #endif #else if (SecureRKModeGetRSAKey() == 0) { secure = 1; } CryptoInit(); #endif /* CONFIG_SECURE_RSA_KEY_IN_RAM */ if (secure != 0) { SecureMode = SBOOT_MODE_RK; printf("Secure Boot Mode: 0x%x\n", SecureMode); #if !defined(CONFIG_SECURE_RSA_KEY_IN_RAM) StorageReadFlashInfo((uint8 *)&g_FlashInfo); i = 0; if (StorageGetBootMedia() == BOOT_FROM_FLASH) { i = 2; } for (; i<16; i++) { PRINT_E("SecureInit %x\n", i * g_FlashInfo.BlockSize + 4); ret = StorageReadPba(i * g_FlashInfo.BlockSize + 4, g_rsa_key_buf, 4); if (ret == FTL_OK) { if (SecureRKModeGetRSAKey() == 0) { if ((pHead->tag == 0x4B415352) && (SecureRKModeChkPubkey(pHead->RSA_N) == 0)) { break; } } } } /* check key error */ if (i >= 16) { return ERROR; } #endif /* CONFIG_SECURE_RSA_KEY_IN_RAM */ /* config drm information */ SecureBootEn = 1; SecureBootLock = 1; if (StorageSysDataLoad(1, &gDrmKeyInfo) == FTL_OK) { if ((gDrmKeyInfo.drmtag != 0x4B4D5244) || (gDrmKeyInfo.publicKeyLen == 0)) { gDrmKeyInfo.drmtag = 0x4B4D5244; gDrmKeyInfo.drmLen = 504; gDrmKeyInfo.publicKeyLen = 0x200; gDrmKeyInfo.keyBoxEnable = 1; gDrmKeyInfo.drmKeyLen = 0; gDrmKeyInfo.secureBootLock = 1; gDrmKeyInfo.secureBootLockKey = 0; StorageSysDataStore(1, &gDrmKeyInfo); } } } return OK; }