/* Load and verify one sector's worth of vTPMs. This loads all the vTPM entries
* and decrypts their state data into memory.
*/
static int load_verify_vtpm_page(struct mem_vtpm_page *dst, int base,
const struct mem_tpm_mgr *mgr, const aes_context *group_key)
{
struct disk_vtpm_sector pt;
int i, rc;
disk_set_used(dst->disk_loc, mgr);
rc = disk_read_crypt_sector(&pt, sizeof(pt), dst->disk_loc, mgr);
if (rc) {
printk("Malformed sector %d\n", be32_native(dst->disk_loc));
return rc;
}
rc = sha256_verify(&dst->disk_hash, &pt, sizeof(pt));
if (rc) {
printk("Hash mismatch in sector %d\n", be32_native(dst->disk_loc));
return rc;
}
if (!group_key)
return 0;
aes_decrypt_ctr(pt.data, sizeof(pt.data), &pt.iv, sizeof(pt.data) + 16, group_key);
for (i = 0; i < dst->size; i++) {
struct mem_vtpm *vtpm = calloc(1, sizeof(*vtpm));
dst->vtpms[i] = vtpm;
memcpy(vtpm->uuid, pt.header[i].uuid, 16);
memcpy(vtpm->data, pt.data[i].data, 64);
vtpm->flags = be32_native(pt.header[i].flags);
vtpm->index_in_parent = i + base;
}
return 0;
}
int main(int argc, char* argv[])
{
aes_context_t aes_ctx;
aes_init(&aes_ctx);
aes_set_key(&aes_ctx, s_key);
//aes_encrypt(&aes_ctx, s_in, s_enc);
//aes_decrypt(&aes_ctx, s_enc, s_dec);
aes_encrypt_ctr(&aes_ctx, s_in, s_enc, sizeof(s_in), s_iv);
aes_decrypt_ctr(&aes_ctx, s_enc, s_dec, sizeof(s_in), s_iv);
return 0;
}
static int disk_read_crypt_sector(void *data, size_t size, sector_t block, const struct mem_tpm_mgr *mgr)
{
struct disk_crypt_sector_plain *sector = disk_read_sector(block);
if (!sector)
return 2;
if (aes_cmac_verify(§or->mac, sector->data, sizeof(sector->data), &mgr->tm_key_e))
return 2;
aes_decrypt_ctr(data, size, sector->iv_data, sizeof(sector->iv_data), &mgr->tm_key_e);
return 0;
}
