static int dek_encrypt_dek(int userid, dek_t *plainDek, dek_t *encDek) { int ret = 0; int key_arr_idx = PERSONA_KEY_ARR_IDX(userid); if (!dek_is_persona(userid)) { DEK_LOGE("%s invalid userid %d\n", __func__, userid); return -EFAULT; } #if DEK_DEBUG DEK_LOGD("plainDek from user: "******"aes encrypt failed\n"); dek_add_to_log(userid, "aes encrypt failed"); encDek->len = 0; } else { encDek->len = plainDek->len; encDek->type = DEK_TYPE_AES_ENC; } } else { #ifdef CONFIG_PUB_CRYPTO /* * Do an asymmetric crypto */ if(SDPK_Dpub[key_arr_idx].len > 0) { ret = dh_encryptDEK(plainDek, encDek, &SDPK_Dpub[key_arr_idx]); }else{ DEK_LOGE("SDPK_Dpub for id: %d\n", userid); dek_add_to_log(userid, "encrypt failed, no SDPK_Dpub"); return -EIO; } #else DEK_LOGE("pub crypto not supported : %d\n", userid); dek_add_to_log(userid, "encrypt failed, no key"); return -EOPNOTSUPP; #endif } if (encDek->len <= 0 || encDek->len > DEK_MAXLEN) { DEK_LOGE("dek_encrypt_dek, incorrect len=%d\n", encDek->len); zero_out((char *)encDek, sizeof(dek_t)); return -EFAULT; } #if DEK_DEBUG else { DEK_LOGD("encDek to user: "); dump(encDek->buf, encDek->len); } #endif return ret; }