/* Load and verify one sector's worth of vTPMs. This loads all the vTPM entries * and decrypts their state data into memory. */ static int load_verify_vtpm_page(struct mem_vtpm_page *dst, int base, const struct mem_tpm_mgr *mgr, const aes_context *group_key) { struct disk_vtpm_sector pt; int i, rc; disk_set_used(dst->disk_loc, mgr); rc = disk_read_crypt_sector(&pt, sizeof(pt), dst->disk_loc, mgr); if (rc) { printk("Malformed sector %d\n", be32_native(dst->disk_loc)); return rc; } rc = sha256_verify(&dst->disk_hash, &pt, sizeof(pt)); if (rc) { printk("Hash mismatch in sector %d\n", be32_native(dst->disk_loc)); return rc; } if (!group_key) return 0; aes_decrypt_ctr(pt.data, sizeof(pt.data), &pt.iv, sizeof(pt.data) + 16, group_key); for (i = 0; i < dst->size; i++) { struct mem_vtpm *vtpm = calloc(1, sizeof(*vtpm)); dst->vtpms[i] = vtpm; memcpy(vtpm->uuid, pt.header[i].uuid, 16); memcpy(vtpm->data, pt.data[i].data, 64); vtpm->flags = be32_native(pt.header[i].flags); vtpm->index_in_parent = i + base; } return 0; }
int main(int argc, char* argv[]) { aes_context_t aes_ctx; aes_init(&aes_ctx); aes_set_key(&aes_ctx, s_key); //aes_encrypt(&aes_ctx, s_in, s_enc); //aes_decrypt(&aes_ctx, s_enc, s_dec); aes_encrypt_ctr(&aes_ctx, s_in, s_enc, sizeof(s_in), s_iv); aes_decrypt_ctr(&aes_ctx, s_enc, s_dec, sizeof(s_in), s_iv); return 0; }
static int disk_read_crypt_sector(void *data, size_t size, sector_t block, const struct mem_tpm_mgr *mgr) { struct disk_crypt_sector_plain *sector = disk_read_sector(block); if (!sector) return 2; if (aes_cmac_verify(§or->mac, sector->data, sizeof(sector->data), &mgr->tm_key_e)) return 2; aes_decrypt_ctr(data, size, sector->iv_data, sizeof(sector->iv_data), &mgr->tm_key_e); return 0; }