sss/ex/src/ex_sss_scp03_auth.c - a71ch-crypto-support - Git at Google

 /*
  *
  * Copyright 2019-2020 NXP
  * SPDX-License-Identifier: Apache-2.0
  */

 /** @file
 *
 * ex_sss_scp03_auth.c:  *The purpose and scope of this file*
 *
 * Project:  sss-doc-upstream
 *
 * $Date: Dec 12, 2019 $
 * $Author: nxf42670 $
 * $Revision$
 */

 /* *****************************************************************************************************************
 * Includes
 * ***************************************************************************************************************** */
 #include <ctype.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>

 #include "ex_sss_auth.h"
 #include "ex_sss_boot_int.h"
 #include "ex_sss_scp03_keys.h"
 #include "nxLog_App.h"
 #include "nxScp03_Types.h"

 /* *****************************************************************************************************************
 * Internal Definitions
 * ***************************************************************************************************************** */

 /* *****************************************************************************************************************
 * Type Definitions
 * ***************************************************************************************************************** */

 /* *****************************************************************************************************************
 * Global and Static Variables
 * Total Size: NNNbytes
 * ***************************************************************************************************************** */

 /* *****************************************************************************************************************
 * Private Functions Prototypes
 * ***************************************************************************************************************** */

 #ifdef EX_SSS_SCP03_FILE_PATH

 static sss_status_t Scp03_KeyString_to_Keybuffer(bool hasAuthKey, char *inputKey, uint8_t *auth_key, size_t key_size);

 static sss_status_t read_platfscp03_keys_from_file(const char *scp03_file_path,
     uint8_t *enc,
     size_t enc_len,
     uint8_t *mac,
     size_t mac_len,
     uint8_t *dek,
     size_t dek_len);

 #define UNSECURE_LOGGING_OF_SCP_KEYS 0

 /* *****************************************************************************************************************
 * Public Functions
 * ***************************************************************************************************************** */

 sss_status_t scp03_keys_from_path(
     uint8_t *penc, size_t enc_len, uint8_t *pmac, size_t mac_len, uint8_t *pdek, size_t dek_len)
 {
     sss_status_t status  = kStatus_SSS_Fail;
     const char *filename = EX_SSS_SCP03_FILE_PATH;
     FILE *fp             = NULL;
     LOG_D("Using File: %s", filename);
     fp = fopen(filename, "rb");
     if (fp != NULL) {
         // File exists. Get keys from file
         LOG_W("Using SCP03 keys from:'%s' (FILE=%s)", filename, EX_SSS_SCP03_FILE_PATH);
         fclose(fp);
         status = read_platfscp03_keys_from_file(filename, penc, enc_len, pmac, mac_len, pdek, dek_len);
     }
     else {
         // File does not exist. Check env variable
         const char *scp03_path_env = getenv(EX_SSS_BOOT_SCP03_PATH_ENV);
         if (scp03_path_env != NULL) {
             LOG_W("Using SCP03 keys from:'%s' (ENV=%s)", scp03_path_env, EX_SSS_BOOT_SCP03_PATH_ENV);
             status = read_platfscp03_keys_from_file(scp03_path_env, penc, enc_len, pmac, mac_len, pdek, dek_len);
         }
         else {
             LOG_I(
                 "Using default PlatfSCP03 keys. "
                 "You can use keys from file using ENV=%s",
                 EX_SSS_BOOT_SCP03_PATH_ENV);
         }
     }

     if (status != kStatus_SSS_Success) {
         LOG_D("Using default keys");
     }

     return status;
 }

 static sss_status_t read_platfscp03_keys_from_file(const char *scp03_file_path,
     uint8_t *enc,
     size_t enc_len,
     uint8_t *mac,
     size_t mac_len,
     uint8_t *dek,
     size_t dek_len)
 {
     sss_status_t status = kStatus_SSS_Fail;

     FILE *scp_file = fopen(scp03_file_path, "r");
     if (scp_file == NULL) {
         LOG_E("Cannot open SCP file");
         status = kStatus_SSS_Fail;
         return status;
     }
     char file_data[1024];
     char *pdata = &file_data[0];
     bool hasEnc = false;
     bool hasMac = false;
     bool hasDek = false;

     while (fgets(pdata, sizeof(file_data), scp_file)) {
         size_t i = 0, j = 0;

         /*Don't need leading spaces*/
         for (i = 0; i < strlen(pdata); i++) {
             int charac = (int)pdata[i];
             if (!isspace(charac)) {
                 break;
             }
         }

         /*Lines beginning with '#' are comments*/
         if (pdata[i] == '#') {
             continue;
         }

         /*Remove trailing comments*/
         for (j = 0; j < strlen(pdata); j++) {
             if (pdata[j] == '#') {
                 pdata[j] = '\0';
                 break;
             }
         }

         if (strncmp(&pdata[i], "ENC ", strlen("ENC ")) == 0) {
 #if UNSECURE_LOGGING_OF_SCP_KEYS
             LOG_I("%s", &pdata[i]);
 #endif
             status = Scp03_KeyString_to_Keybuffer(hasEnc, &pdata[i], enc, enc_len);
             if (status != kStatus_SSS_Success) {
                 fclose(scp_file);
                 return status;
             }
             hasEnc = true;
         }

         else if (!strncmp(&pdata[i], "MAC ", strlen("MAC "))) {
 #if UNSECURE_LOGGING_OF_SCP_KEYS
             LOG_I("%s", &pdata[i]);
 #endif
             status = Scp03_KeyString_to_Keybuffer(hasMac, &pdata[i], mac, mac_len);
             if (status != kStatus_SSS_Success) {
                 fclose(scp_file);
                 return status;
             }
             hasMac = true;
         }

         else if (!strncmp(&pdata[i], "DEK ", strlen("DEK "))) {
 #if UNSECURE_LOGGING_OF_SCP_KEYS
             LOG_I("%s", &pdata[i]);
 #endif
             status = Scp03_KeyString_to_Keybuffer(hasDek, &pdata[i], dek, dek_len);
             if (status != kStatus_SSS_Success) {
                 fclose(scp_file);
                 return status;
             }
             hasDek = true;
         }

         else {
             LOG_E("Unknown key type %s", &pdata[i]);
             status = kStatus_SSS_Fail;
             fclose(scp_file);
             return status;
         }
     }

     fclose(scp_file);

     return kStatus_SSS_Success;
 }

 static sss_status_t Scp03_KeyString_to_Keybuffer(bool hasAuthKey, char *inputKey, uint8_t *auth_key, size_t key_size)
 {
     sss_status_t status = kStatus_SSS_Success;
     size_t j            = 0;
     int charac          = (int)inputKey[j];
     if (hasAuthKey) {
         LOG_E("Duplicate Auth key value");
         status = kStatus_SSS_Fail;
         return status;
     }
     while (!isspace(charac)) {
         j++;
         charac = (int)inputKey[j];
     }
     while (isspace(charac)) {
         j++;
         charac = (int)inputKey[j];
     }
     if (inputKey[j] == '\0') {
         LOG_E("Invalid Key");
         status = kStatus_SSS_Fail;
         return status;
     }
     for (size_t count = 0; count < key_size; count++) {
         if (sscanf(&inputKey[j], "%2hhx", &auth_key[count]) != 1) {
             LOG_E("Cannot copy data");
             status = kStatus_SSS_Fail;
             return status;
         }
         j = j + 2;
     }

     return status;
 }

 #endif //EX_SSS_SCP03_FILE_PATH
	/*
	*
	* Copyright 2019-2020 NXP
	* SPDX-License-Identifier: Apache-2.0
	*/

	/** @file
	*
	* ex_sss_scp03_auth.c: The purpose and scope of this file
	*
	* Project: sss-doc-upstream
	*
	* $Date: Dec 12, 2019 $
	* $Author: nxf42670 $
	* $Revision$
	*/

	/* *****************************************************************************************************************
	* Includes
	* ***************************************************************************************************************** */
	#include <ctype.h>
	#include <stdio.h>
	#include <stdlib.h>
	#include <string.h>

	#include "ex_sss_auth.h"
	#include "ex_sss_boot_int.h"
	#include "ex_sss_scp03_keys.h"
	#include "nxLog_App.h"
	#include "nxScp03_Types.h"

	/* *****************************************************************************************************************
	* Internal Definitions
	* ***************************************************************************************************************** */

	/* *****************************************************************************************************************
	* Type Definitions
	* ***************************************************************************************************************** */

	/* *****************************************************************************************************************
	* Global and Static Variables
	* Total Size: NNNbytes
	* ***************************************************************************************************************** */

	/* *****************************************************************************************************************
	* Private Functions Prototypes
	* ***************************************************************************************************************** */

	#ifdef EX_SSS_SCP03_FILE_PATH

	static sss_status_t Scp03_KeyString_to_Keybuffer(bool hasAuthKey, char inputKey, uint8_t auth_key, size_t key_size);

	static sss_status_t read_platfscp03_keys_from_file(const char *scp03_file_path,
	uint8_t *enc,
	size_t enc_len,
	uint8_t *mac,
	size_t mac_len,
	uint8_t *dek,
	size_t dek_len);

	#define UNSECURE_LOGGING_OF_SCP_KEYS 0

	/* *****************************************************************************************************************
	* Public Functions
	* ***************************************************************************************************************** */

	sss_status_t scp03_keys_from_path(
	uint8_t penc, size_t enc_len, uint8_t pmac, size_t mac_len, uint8_t *pdek, size_t dek_len)
	{
	sss_status_t status = kStatus_SSS_Fail;
	const char *filename = EX_SSS_SCP03_FILE_PATH;
	FILE *fp = NULL;
	LOG_D("Using File: %s", filename);
	fp = fopen(filename, "rb");
	if (fp != NULL) {
	// File exists. Get keys from file
	LOG_W("Using SCP03 keys from:'%s' (FILE=%s)", filename, EX_SSS_SCP03_FILE_PATH);
	fclose(fp);
	status = read_platfscp03_keys_from_file(filename, penc, enc_len, pmac, mac_len, pdek, dek_len);
	}
	else {
	// File does not exist. Check env variable
	const char *scp03_path_env = getenv(EX_SSS_BOOT_SCP03_PATH_ENV);
	if (scp03_path_env != NULL) {
	LOG_W("Using SCP03 keys from:'%s' (ENV=%s)", scp03_path_env, EX_SSS_BOOT_SCP03_PATH_ENV);
	status = read_platfscp03_keys_from_file(scp03_path_env, penc, enc_len, pmac, mac_len, pdek, dek_len);
	}
	else {
	LOG_I(
	"Using default PlatfSCP03 keys. "
	"You can use keys from file using ENV=%s",
	EX_SSS_BOOT_SCP03_PATH_ENV);
	}
	}

	if (status != kStatus_SSS_Success) {
	LOG_D("Using default keys");
	}

	return status;
	}

	static sss_status_t read_platfscp03_keys_from_file(const char *scp03_file_path,
	uint8_t *enc,
	size_t enc_len,
	uint8_t *mac,
	size_t mac_len,
	uint8_t *dek,
	size_t dek_len)
	{
	sss_status_t status = kStatus_SSS_Fail;

	FILE *scp_file = fopen(scp03_file_path, "r");
	if (scp_file == NULL) {
	LOG_E("Cannot open SCP file");
	status = kStatus_SSS_Fail;
	return status;
	}
	char file_data[1024];
	char *pdata = &file_data[0];
	bool hasEnc = false;
	bool hasMac = false;
	bool hasDek = false;

	while (fgets(pdata, sizeof(file_data), scp_file)) {
	size_t i = 0, j = 0;

	/Don't need leading spaces/
	for (i = 0; i < strlen(pdata); i++) {
	int charac = (int)pdata[i];
	if (!isspace(charac)) {
	break;
	}
	}

	/Lines beginning with '#' are comments/
	if (pdata[i] == '#') {
	continue;
	}

	/Remove trailing comments/
	for (j = 0; j < strlen(pdata); j++) {
	if (pdata[j] == '#') {
	pdata[j] = '\0';
	break;
	}
	}

	if (strncmp(&pdata[i], "ENC ", strlen("ENC ")) == 0) {
	#if UNSECURE_LOGGING_OF_SCP_KEYS
	LOG_I("%s", &pdata[i]);
	#endif
	status = Scp03_KeyString_to_Keybuffer(hasEnc, &pdata[i], enc, enc_len);
	if (status != kStatus_SSS_Success) {
	fclose(scp_file);
	return status;
	}
	hasEnc = true;
	}

	else if (!strncmp(&pdata[i], "MAC ", strlen("MAC "))) {
	#if UNSECURE_LOGGING_OF_SCP_KEYS
	LOG_I("%s", &pdata[i]);
	#endif
	status = Scp03_KeyString_to_Keybuffer(hasMac, &pdata[i], mac, mac_len);
	if (status != kStatus_SSS_Success) {
	fclose(scp_file);
	return status;
	}
	hasMac = true;
	}

	else if (!strncmp(&pdata[i], "DEK ", strlen("DEK "))) {
	#if UNSECURE_LOGGING_OF_SCP_KEYS
	LOG_I("%s", &pdata[i]);
	#endif
	status = Scp03_KeyString_to_Keybuffer(hasDek, &pdata[i], dek, dek_len);
	if (status != kStatus_SSS_Success) {
	fclose(scp_file);
	return status;
	}
	hasDek = true;
	}

	else {
	LOG_E("Unknown key type %s", &pdata[i]);
	status = kStatus_SSS_Fail;
	fclose(scp_file);
	return status;
	}
	}

	fclose(scp_file);

	return kStatus_SSS_Success;
	}

	static sss_status_t Scp03_KeyString_to_Keybuffer(bool hasAuthKey, char inputKey, uint8_t auth_key, size_t key_size)
	{
	sss_status_t status = kStatus_SSS_Success;
	size_t j = 0;
	int charac = (int)inputKey[j];
	if (hasAuthKey) {
	LOG_E("Duplicate Auth key value");
	status = kStatus_SSS_Fail;
	return status;
	}
	while (!isspace(charac)) {
	j++;
	charac = (int)inputKey[j];
	}
	while (isspace(charac)) {
	j++;
	charac = (int)inputKey[j];
	}
	if (inputKey[j] == '\0') {
	LOG_E("Invalid Key");
	status = kStatus_SSS_Fail;
	return status;
	}
	for (size_t count = 0; count < key_size; count++) {
	if (sscanf(&inputKey[j], "%2hhx", &auth_key[count]) != 1) {
	LOG_E("Cannot copy data");
	status = kStatus_SSS_Fail;
	return status;
	}
	j = j + 2;
	}

	return status;
	}

	#endif //EX_SSS_SCP03_FILE_PATH