CFDictionaryRef device_info(int socket, CFDictionaryRef request) { uint8_t dkey[40]={0}; uint8_t emf[36]={0}; struct HFSInfos hfsinfos={0}; CFMutableDictionaryRef out = CFDictionaryCreateMutable(kCFAllocatorDefault, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks); get_device_infos(out); getHFSInfos(&hfsinfos); /* printf("NAND block size : %x\n", hfsinfos.blockSize); printf("Data volume UUID : %llx\n", CFSwapInt64BigToHost(hfsinfos.volumeUUID)); printf("Data volume offset : %x\n", hfsinfos.dataVolumeOffset); */ uint8_t* key835 = IOAES_key835(); uint8_t* key89B = IOAES_key89B(); if (!AppleEffaceableStorage__getBytes(lockers, 960)) { CFDataRef lockersData = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, lockers, 960, kCFAllocatorNull); CFDictionaryAddValue(out, CFSTR("lockers"), lockersData); CFRelease(lockersData); if (!AppleEffaceableStorage__getLockerFromBytes(LOCKER_DKEY, lockers, 960, dkey, 40)) { aes_key_wrap_ctx ctx; aes_key_wrap_set_key(&ctx, key835, 16); if(aes_key_unwrap(&ctx, dkey, dkey, 32/8)) printf("FAIL unwrapping DKey with key 0x835\n"); } if (!AppleEffaceableStorage__getLockerFromBytes(LOCKER_EMF, lockers, 960, emf, 36)) { doAES(&emf[4], &emf[4], 32, kIOAESAcceleratorCustomMask, key89B, NULL, kIOAESAcceleratorDecrypt, 128); } else if (!AppleEffaceableStorage__getLockerFromBytes(LOCKER_LWVM, lockers, 960, lwvm, 0x50)) { doAES(lwvm, lwvm, 0x50, kIOAESAcceleratorCustomMask, key89B, NULL, kIOAESAcceleratorDecrypt, 128); memcpy(&emf[4], &lwvm[32+16], 32); } } CFNumberRef n = CFNumberCreate(kCFAllocatorDefault, kCFNumberSInt32Type, &hfsinfos.dataVolumeOffset); CFDictionaryAddValue(out, CFSTR("dataVolumeOffset"), n); CFRelease(n); addHexaString(out, CFSTR("dataVolumeUUID"), (uint8_t*) &hfsinfos.volumeUUID, 8); addHexaString(out, CFSTR("key835"), key835, 16); addHexaString(out, CFSTR("key89B"), key89B, 16); addHexaString(out, CFSTR("EMF"), &emf[4], 32); addHexaString(out, CFSTR("DKey"), dkey, 32); return out; }
bool CAgentLoadBalancer::AESKeyUnwrap ( int * const io_pIndex, const WRAPPED_KEY i_pAESWrappedKey, KEY o_pPlainTextKey) { FATAL_ASSERT(io_pIndex); FATAL_ASSERT(*io_pIndex >= 0); FATAL_ASSERT(o_pPlainTextKey); FATAL_ASSERT(i_pAESWrappedKey); struct KWKEntry * pKWKEntry = GetKWK(GetKMAID(*io_pIndex)); if (pKWKEntry == NULL) { Log(AGENT_LOADBALANCER_AESKEYUNWRAP_GETKWK_RETURNED_NULL, NULL, m_aCluster[*io_pIndex].m_wsApplianceNetworkAddress, NULL); *io_pIndex = CAgentLoadBalancer::AES_KEY_UNWRAP_ERROR; return false; } #if defined(DEBUG) && defined(METAWARE) char sHexKWK[2*KMS_MAX_KEY_SIZE+1]; ConvertBinaryToUTF8HexString( sHexKWK, pKWKEntry->m_acKWK, sizeof (pKWKEntry->m_acKWK)); log_printf("CAgentLoadBalancer::AESKeyUnwrap(): KWK hex=%s\n", sHexKWK); #endif if (aes_key_unwrap(pKWKEntry->m_acKWK, sizeof (pKWKEntry->m_acKWK), i_pAESWrappedKey, o_pPlainTextKey, 4) != 0) { Log(AGENT_LOADBALANCER_AESKEYUNWRAP_KEY_UNWRAP_FAILED, NULL, m_aCluster[*io_pIndex].m_wsApplianceNetworkAddress, NULL); *io_pIndex = CAgentLoadBalancer::AES_KEY_UNWRAP_ERROR; return false; } return true; }