Ejemplo n.º 1
0
static int dek_encrypt_dek(int userid, dek_t *plainDek, dek_t *encDek) {
	int ret = 0;
	int key_arr_idx = PERSONA_KEY_ARR_IDX(userid);

	if (!dek_is_persona(userid)) {
		DEK_LOGE("%s invalid userid %d\n", __func__, userid);
		return -EFAULT;
	}
#if DEK_DEBUG
	DEK_LOGD("plainDek from user: "******"aes encrypt failed\n");
			dek_add_to_log(userid, "aes encrypt failed");
			encDek->len = 0;
		} else {
			encDek->len = plainDek->len;
			encDek->type = DEK_TYPE_AES_ENC;
		}
	} else {
#ifdef CONFIG_PUB_CRYPTO
		/*
		 * Do an asymmetric crypto
		 */
		if(SDPK_Dpub[key_arr_idx].len > 0) {
			ret = dh_encryptDEK(plainDek, encDek, &SDPK_Dpub[key_arr_idx]);
		}else{
			DEK_LOGE("SDPK_Dpub for id: %d\n", userid);
			dek_add_to_log(userid, "encrypt failed, no SDPK_Dpub");
			return -EIO;
		}
#else
		DEK_LOGE("pub crypto not supported : %d\n", userid);
		dek_add_to_log(userid, "encrypt failed, no key");
		return -EOPNOTSUPP;
#endif
	}

	if (encDek->len <= 0 || encDek->len > DEK_MAXLEN) {
		DEK_LOGE("dek_encrypt_dek, incorrect len=%d\n", encDek->len);
		zero_out((char *)encDek, sizeof(dek_t));
		return -EFAULT;
	}
#if DEK_DEBUG
	else {
		DEK_LOGD("encDek to user: ");
		dump(encDek->buf, encDek->len);
	}
#endif

	return ret;
}