int ikev2_encr_decrypt(int alg, const u8 *key, size_t key_len, const u8 *iv,
const u8 *crypt, u8 *plain, size_t len)
{
struct crypto_cipher *cipher;
int encr_alg;
switch (alg) {
case ENCR_3DES:
encr_alg = CRYPTO_CIPHER_ALG_3DES;
break;
case ENCR_AES_CBC:
encr_alg = CRYPTO_CIPHER_ALG_AES;
break;
default:
wpa_printf(MSG_DEBUG, "IKEV2: Unsupported encr alg %d", alg);
return -1;
}
cipher = crypto_cipher_init(encr_alg, iv, key, key_len);
if (cipher == NULL) {
wpa_printf(MSG_INFO, "IKEV2: Failed to initialize cipher");
return -1;
}
if (crypto_cipher_decrypt(cipher, crypt, plain, len) < 0) {
wpa_printf(MSG_INFO, "IKEV2: Decryption failed");
crypto_cipher_deinit(cipher);
return -1;
}
crypto_cipher_deinit(cipher);
return 0;
}
//
//This method should be called ONLY by tsiPending TLS_SESSION_INFO
extern "C" JNIEXPORT jint JNICALL Java_com_att_aro_pcap_AROCryptoAdapter_cryptocipherinit
(JNIEnv *env, jobject obj, jint alg, jbyteArray temp1, jbyteArray temp2, jint key_material, jint bClient)
{
int ret = ARO_CRYPTO_ERROR;
int i_alg = (int)alg;
enum crypto_cipher_alg e_alg = (enum crypto_cipher_alg)i_alg;
jbyte* temp1buff = NULL;
temp1buff = env->GetByteArrayElements(temp1, NULL);
jbyte* temp2buff = NULL;
temp2buff = env->GetByteArrayElements(temp2, NULL);
if(!temp1buff || !temp2buff)
return ret;
int i_key_material = (int)key_material;
int i_bClient = (int)bClient;
struct crypto_cipher* ctx = NULL;
ctx = crypto_cipher_init(e_alg, (const BYTE*)temp1buff, (const BYTE*)temp2buff, i_key_material);
env->ReleaseByteArrayElements(temp1, temp1buff, 0);
env->ReleaseByteArrayElements(temp2, temp2buff, 0);
if(ctx == NULL)
return ret;
if(i_bClient == 1)
tsipending_ctx_client = ctx;
else
tsipending_ctx_server = ctx;
ret = 0;
return ret;
}
static TEE_Result aes_ecb(uint8_t out[TEE_AES_BLOCK_SIZE],
const uint8_t in[TEE_AES_BLOCK_SIZE],
const uint8_t *key, size_t key_size)
{
TEE_Result res;
void *ctx = NULL;
const uint32_t algo = TEE_ALG_AES_ECB_NOPAD;
res = crypto_cipher_alloc_ctx(&ctx, algo);
if (res != TEE_SUCCESS)
return res;
res = crypto_cipher_init(ctx, algo, TEE_MODE_ENCRYPT, key,
key_size, NULL, 0, NULL, 0);
if (res != TEE_SUCCESS)
goto out;
res = crypto_cipher_update(ctx, algo, TEE_MODE_ENCRYPT, true, in,
TEE_AES_BLOCK_SIZE, out);
if (res != TEE_SUCCESS)
goto out;
crypto_cipher_final(ctx, algo);
res = TEE_SUCCESS;
out:
crypto_cipher_free_ctx(ctx, algo);
return res;
}
TEE_Result tee_fs_fek_crypt(const TEE_UUID *uuid, TEE_OperationMode mode,
const uint8_t *in_key, size_t size,
uint8_t *out_key)
{
TEE_Result res;
void *ctx = NULL;
uint8_t tsk[TEE_FS_KM_TSK_SIZE];
uint8_t dst_key[size];
if (!in_key || !out_key)
return TEE_ERROR_BAD_PARAMETERS;
if (size != TEE_FS_KM_FEK_SIZE)
return TEE_ERROR_BAD_PARAMETERS;
if (tee_fs_ssk.is_init == 0)
return TEE_ERROR_GENERIC;
if (uuid) {
res = do_hmac(tsk, sizeof(tsk), tee_fs_ssk.key,
TEE_FS_KM_SSK_SIZE, uuid, sizeof(*uuid));
if (res != TEE_SUCCESS)
return res;
} else {
/*
* Pick something of a different size than TEE_UUID to
* guarantee that there's never a conflict.
*/
uint8_t dummy[1] = { 0 };
res = do_hmac(tsk, sizeof(tsk), tee_fs_ssk.key,
TEE_FS_KM_SSK_SIZE, dummy, sizeof(dummy));
if (res != TEE_SUCCESS)
return res;
}
res = crypto_cipher_alloc_ctx(&ctx, TEE_FS_KM_ENC_FEK_ALG);
if (res != TEE_SUCCESS)
return res;
res = crypto_cipher_init(ctx, TEE_FS_KM_ENC_FEK_ALG, mode, tsk,
sizeof(tsk), NULL, 0, NULL, 0);
if (res != TEE_SUCCESS)
goto exit;
res = crypto_cipher_update(ctx, TEE_FS_KM_ENC_FEK_ALG,
mode, true, in_key, size, dst_key);
if (res != TEE_SUCCESS)
goto exit;
crypto_cipher_final(ctx, TEE_FS_KM_ENC_FEK_ALG);
memcpy(out_key, dst_key, sizeof(dst_key));
exit:
crypto_cipher_free_ctx(ctx, TEE_FS_KM_ENC_FEK_ALG);
return res;
}
int ikev2_encr_encrypt(int alg, const u8 *key, size_t key_len, const u8 *iv,
const u8 *plain, u8 *crypt, size_t len)
{
struct crypto_cipher *cipher;
int encr_alg;
#ifdef CCNS_PL
if (alg == ENCR_3DES) {
struct des3_key_s des3key;
size_t i, blocks;
u8 *pos;
/* ECB mode is used incorrectly for 3DES!? */
if (key_len != 24) {
wpa_printf(MSG_INFO, "IKEV2: Invalid encr key length");
return -1;
}
des3_key_setup(key, &des3key);
blocks = len / 8;
pos = crypt;
for (i = 0; i < blocks; i++) {
des3_encrypt(pos, &des3key, pos);
pos += 8;
}
} else {
#endif /* CCNS_PL */
switch (alg) {
case ENCR_3DES:
encr_alg = CRYPTO_CIPHER_ALG_3DES;
break;
case ENCR_AES_CBC:
encr_alg = CRYPTO_CIPHER_ALG_AES;
break;
default:
wpa_printf(MSG_DEBUG, "IKEV2: Unsupported encr alg %d", alg);
return -1;
}
cipher = crypto_cipher_init(encr_alg, iv, key, key_len);
if (cipher == NULL) {
wpa_printf(MSG_INFO, "IKEV2: Failed to initialize cipher");
return -1;
}
if (crypto_cipher_encrypt(cipher, plain, crypt, len) < 0) {
wpa_printf(MSG_INFO, "IKEV2: Encryption failed");
crypto_cipher_deinit(cipher);
return -1;
}
crypto_cipher_deinit(cipher);
#ifdef CCNS_PL
}
#endif /* CCNS_PL */
return 0;
}
/*
* Encryption/decryption of RPMB FS file data. This is AES CBC with ESSIV.
*/
TEE_Result tee_fs_crypt_block(const TEE_UUID *uuid, uint8_t *out,
const uint8_t *in, size_t size,
uint16_t blk_idx, const uint8_t *encrypted_fek,
TEE_OperationMode mode)
{
TEE_Result res;
uint8_t fek[TEE_FS_KM_FEK_SIZE];
uint8_t iv[TEE_AES_BLOCK_SIZE];
void *ctx;
const uint32_t algo = TEE_ALG_AES_CBC_NOPAD;
DMSG("%scrypt block #%u", (mode == TEE_MODE_ENCRYPT) ? "En" : "De",
blk_idx);
/* Decrypt FEK */
res = tee_fs_fek_crypt(uuid, TEE_MODE_DECRYPT, encrypted_fek,
TEE_FS_KM_FEK_SIZE, fek);
if (res != TEE_SUCCESS)
return res;
/* Compute initialization vector for this block */
res = essiv(iv, fek, blk_idx);
if (res != TEE_SUCCESS)
return res;
/* Run AES CBC */
res = crypto_cipher_alloc_ctx(&ctx, algo);
if (res != TEE_SUCCESS)
return res;
res = crypto_cipher_init(ctx, algo, mode, fek, sizeof(fek), NULL,
0, iv, TEE_AES_BLOCK_SIZE);
if (res != TEE_SUCCESS)
goto exit;
res = crypto_cipher_update(ctx, algo, mode, true, in, size, out);
if (res != TEE_SUCCESS)
goto exit;
crypto_cipher_final(ctx, algo);
exit:
crypto_cipher_free_ctx(ctx, algo);
return res;
}
/**
* tlsv1_record_change_read_cipher - TLS record layer: Change read cipher
* @rl: Pointer to TLS record layer data
* Returns: 0 on success (cipher changed), -1 on failure
*
* This function changes TLS record layer to use the new cipher suite
* configured with tlsv1_record_set_cipher_suite() for reading.
*/
int tlsv1_record_change_read_cipher(struct tlsv1_record_layer *rl)
{
wpa_printf(MSG_DEBUG, "TLSv1: Record Layer - New read cipher suite "
"0x%04x", rl->cipher_suite);
rl->read_cipher_suite = rl->cipher_suite;
os_memset(rl->read_seq_num, 0, TLS_SEQ_NUM_LEN);
if (rl->read_cbc) {
crypto_cipher_deinit(rl->read_cbc);
rl->read_cbc = NULL;
}
if (rl->cipher_alg != CRYPTO_CIPHER_NULL) {
rl->read_cbc = crypto_cipher_init(rl->cipher_alg,
rl->read_iv, rl->read_key,
rl->key_material_len);
if (rl->read_cbc == NULL) {
wpa_printf(MSG_DEBUG, "TLSv1: Failed to initialize "
"cipher");
return -1;
}
}
return 0;
}
