static int dek_on_device_unlocked(dek_arg_on_device_unlocked *evt) {
	int key_arr_idx = PERSONA_KEY_ARR_IDX(evt->persona_id);

	/*
	 * TODO : lock needed
	 */

	memcpy(mas_key[key_arr_idx].buf, evt->mas_key.buf, evt->mas_key.len);
	mas_key[key_arr_idx].len = evt->mas_key.len;
	memcpy(priv_key[key_arr_idx].buf, evt->priv_key.buf, evt->priv_key.len);
	priv_key[key_arr_idx].len = evt->priv_key.len;

	tfm[key_arr_idx] = dek_aes_key_setup(evt->mas_key.buf, evt->mas_key.len);
	if (IS_ERR(tfm[key_arr_idx])) {
		printk("dek: error setting up key\n");
		dek_add_to_log(evt->persona_id, "error setting up key");
		tfm[key_arr_idx] = NULL;
	}

#if DEK_DEBUG
	dump_all_keys(key_arr_idx);
#endif

	return 0;
}
int dek_aes_decrypt(kek_t *kek, char *src, char *dst, int len) {
	int rc;
	struct crypto_blkcipher *tfm;

	if(kek == NULL) return -EINVAL;

	tfm = dek_aes_key_setup(kek);

	if(tfm) {
		rc = __dek_aes_decrypt(tfm, src, dst, len);
		dek_aes_key_free(tfm);
		return rc;
	} else
		return -ENOMEM;
}
Example #3
0
static int dek_on_device_unlocked(dek_arg_on_device_unlocked *evt) {
	int userid = evt->userid;
	int key_arr_idx;

	/*
	 * TODO : lock needed
	 */

	if (!dek_is_persona(userid)) {
		DEK_LOGE("%s invalid userid %d\n", __func__, userid);
		return -EFAULT;
	}
	key_arr_idx = PERSONA_KEY_ARR_IDX(userid);

	if((evt->SDPK_sym.len > KEK_MAX_LEN) ||
            (evt->SDPK_Rpri.len > KEK_MAX_LEN) ||
            (evt->SDPK_Dpri.len > KEK_MAX_LEN) ||
			(evt->SDPK_EDpri.len > KEK_MAX_LEN)) {
		DEK_LOGE("%s Invalid args\n", __func__);
		DEK_LOGE("SDPK_sym.len : %d\n", evt->SDPK_sym.len);
		DEK_LOGE("SDPK_Rpri.len : %d\n", evt->SDPK_Rpri.len);
        DEK_LOGE("SDPK_Dpri.len : %d\n", evt->SDPK_Dpri.len);
        DEK_LOGE("SDPK_EDpri.len : %d\n", evt->SDPK_EDpri.len);
		return -EINVAL;
	}

    copy_kek(&SDPK_Rpri[key_arr_idx], &evt->SDPK_Rpri, KEK_TYPE_RSA_PRIV);
    copy_kek(&SDPK_Dpri[key_arr_idx], &evt->SDPK_Dpri, KEK_TYPE_DH_PRIV);
    copy_kek(&SDPK_EDpri[key_arr_idx], &evt->SDPK_EDpri, KEK_TYPE_ECDH256_PRIV);
    copy_kek(&SDPK_sym[key_arr_idx], &evt->SDPK_sym, KEK_TYPE_SYM);

	sdp_tfm[key_arr_idx] = dek_aes_key_setup(evt->SDPK_sym.buf, evt->SDPK_sym.len);
	if (IS_ERR(sdp_tfm[key_arr_idx])) {
		DEK_LOGE("error setting up key\n");
		dek_add_to_log(evt->userid, "error setting up key");
		sdp_tfm[key_arr_idx] = NULL;
	}

#ifdef CONFIG_SDP_KEY_DUMP
	if(get_sdp_sysfs_key_dump()) {
	    dump_all_keys(key_arr_idx);
	}
#endif

	return 0;
}
Example #4
0
static int dek_on_device_unlocked(dek_arg_on_device_unlocked *evt) {
	int userid = evt->userid;
	int key_arr_idx = PERSONA_KEY_ARR_IDX(userid);

	/*
	 * TODO : lock needed
	 */

	if (!dek_is_persona(userid)) {
		DEK_LOGE("%s invalid userid %d\n", __func__, userid);
		return -EFAULT;
	}

	if((evt->SDPK_sym.len > KEK_MAX_LEN) ||
			(evt->SDPK_Rpri.len > KEK_MAX_LEN) ||
			(evt->SDPK_Dpri.len > KEK_MAX_LEN)) {
		DEK_LOGE("%s Invalid args\n", __func__);
		DEK_LOGE("SDPK_Rpub.len : %d\n", evt->SDPK_sym.len);
		DEK_LOGE("SDPK_Dpub.len : %d\n", evt->SDPK_Rpri.len);
		DEK_LOGE("SDPK_Dpub.len : %d\n", evt->SDPK_Dpri.len);
		return -EINVAL;
	}

	memcpy(SDPK_sym[key_arr_idx].buf, evt->SDPK_sym.buf, evt->SDPK_sym.len);
	SDPK_sym[key_arr_idx].len = evt->SDPK_sym.len;
	memcpy(SDPK_Rpri[key_arr_idx].buf, evt->SDPK_Rpri.buf, evt->SDPK_Rpri.len);
	SDPK_Rpri[key_arr_idx].len = evt->SDPK_Rpri.len;
	memcpy(SDPK_Dpri[key_arr_idx].buf, evt->SDPK_Dpri.buf, evt->SDPK_Dpri.len);
	SDPK_Dpri[key_arr_idx].len = evt->SDPK_Dpri.len;

	sdp_tfm[key_arr_idx] = dek_aes_key_setup(evt->SDPK_sym.buf, evt->SDPK_sym.len);
	if (IS_ERR(sdp_tfm[key_arr_idx])) {
		DEK_LOGE("error setting up key\n");
		dek_add_to_log(evt->userid, "error setting up key");
		sdp_tfm[key_arr_idx] = NULL;
	}

#if DEK_DEBUG
	dump_all_keys(key_arr_idx);
#endif

	return 0;
}