/*
*
* Copyright 2019-2020 NXP
* SPDX-License-Identifier: Apache-2.0
*/
/** @file
*
* ex_sss_scp03_auth.c: *The purpose and scope of this file*
*
* Project: sss-doc-upstream
*
* $Date: Dec 12, 2019 $
* $Author: nxf42670 $
* $Revision$
*/
/* *****************************************************************************************************************
* Includes
* ***************************************************************************************************************** */
#include <ctype.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "ex_sss_auth.h"
#include "ex_sss_boot_int.h"
#include "ex_sss_scp03_keys.h"
#include "nxLog_App.h"
#include "nxScp03_Types.h"
/* *****************************************************************************************************************
* Internal Definitions
* ***************************************************************************************************************** */
/* *****************************************************************************************************************
* Type Definitions
* ***************************************************************************************************************** */
/* *****************************************************************************************************************
* Global and Static Variables
* Total Size: NNNbytes
* ***************************************************************************************************************** */
/* *****************************************************************************************************************
* Private Functions Prototypes
* ***************************************************************************************************************** */
#ifdef EX_SSS_SCP03_FILE_PATH
static sss_status_t Scp03_KeyString_to_Keybuffer(bool hasAuthKey, char *inputKey, uint8_t *auth_key, size_t key_size);
static sss_status_t read_platfscp03_keys_from_file(const char *scp03_file_path,
uint8_t *enc,
size_t enc_len,
uint8_t *mac,
size_t mac_len,
uint8_t *dek,
size_t dek_len);
#define UNSECURE_LOGGING_OF_SCP_KEYS 0
/* *****************************************************************************************************************
* Public Functions
* ***************************************************************************************************************** */
sss_status_t scp03_keys_from_path(
uint8_t *penc, size_t enc_len, uint8_t *pmac, size_t mac_len, uint8_t *pdek, size_t dek_len)
{
sss_status_t status = kStatus_SSS_Fail;
const char *filename = EX_SSS_SCP03_FILE_PATH;
FILE *fp = NULL;
LOG_D("Using File: %s", filename);
fp = fopen(filename, "rb");
if (fp != NULL) {
// File exists. Get keys from file
LOG_W("Using SCP03 keys from:'%s' (FILE=%s)", filename, EX_SSS_SCP03_FILE_PATH);
fclose(fp);
status = read_platfscp03_keys_from_file(filename, penc, enc_len, pmac, mac_len, pdek, dek_len);
}
else {
// File does not exist. Check env variable
const char *scp03_path_env = getenv(EX_SSS_BOOT_SCP03_PATH_ENV);
if (scp03_path_env != NULL) {
LOG_W("Using SCP03 keys from:'%s' (ENV=%s)", scp03_path_env, EX_SSS_BOOT_SCP03_PATH_ENV);
status = read_platfscp03_keys_from_file(scp03_path_env, penc, enc_len, pmac, mac_len, pdek, dek_len);
}
else {
LOG_I(
"Using default PlatfSCP03 keys. "
"You can use keys from file using ENV=%s",
EX_SSS_BOOT_SCP03_PATH_ENV);
}
}
if (status != kStatus_SSS_Success) {
LOG_D("Using default keys");
}
return status;
}
static sss_status_t read_platfscp03_keys_from_file(const char *scp03_file_path,
uint8_t *enc,
size_t enc_len,
uint8_t *mac,
size_t mac_len,
uint8_t *dek,
size_t dek_len)
{
sss_status_t status = kStatus_SSS_Fail;
FILE *scp_file = fopen(scp03_file_path, "r");
if (scp_file == NULL) {
LOG_E("Cannot open SCP file");
status = kStatus_SSS_Fail;
return status;
}
char file_data[1024];
char *pdata = &file_data[0];
bool hasEnc = false;
bool hasMac = false;
bool hasDek = false;
while (fgets(pdata, sizeof(file_data), scp_file)) {
size_t i = 0, j = 0;
/*Don't need leading spaces*/
for (i = 0; i < strlen(pdata); i++) {
int charac = (int)pdata[i];
if (!isspace(charac)) {
break;
}
}
/*Lines beginning with '#' are comments*/
if (pdata[i] == '#') {
continue;
}
/*Remove trailing comments*/
for (j = 0; j < strlen(pdata); j++) {
if (pdata[j] == '#') {
pdata[j] = '\0';
break;
}
}
if (strncmp(&pdata[i], "ENC ", strlen("ENC ")) == 0) {
#if UNSECURE_LOGGING_OF_SCP_KEYS
LOG_I("%s", &pdata[i]);
#endif
status = Scp03_KeyString_to_Keybuffer(hasEnc, &pdata[i], enc, enc_len);
if (status != kStatus_SSS_Success) {
fclose(scp_file);
return status;
}
hasEnc = true;
}
else if (!strncmp(&pdata[i], "MAC ", strlen("MAC "))) {
#if UNSECURE_LOGGING_OF_SCP_KEYS
LOG_I("%s", &pdata[i]);
#endif
status = Scp03_KeyString_to_Keybuffer(hasMac, &pdata[i], mac, mac_len);
if (status != kStatus_SSS_Success) {
fclose(scp_file);
return status;
}
hasMac = true;
}
else if (!strncmp(&pdata[i], "DEK ", strlen("DEK "))) {
#if UNSECURE_LOGGING_OF_SCP_KEYS
LOG_I("%s", &pdata[i]);
#endif
status = Scp03_KeyString_to_Keybuffer(hasDek, &pdata[i], dek, dek_len);
if (status != kStatus_SSS_Success) {
fclose(scp_file);
return status;
}
hasDek = true;
}
else {
LOG_E("Unknown key type %s", &pdata[i]);
status = kStatus_SSS_Fail;
fclose(scp_file);
return status;
}
}
fclose(scp_file);
return kStatus_SSS_Success;
}
static sss_status_t Scp03_KeyString_to_Keybuffer(bool hasAuthKey, char *inputKey, uint8_t *auth_key, size_t key_size)
{
sss_status_t status = kStatus_SSS_Success;
size_t j = 0;
int charac = (int)inputKey[j];
if (hasAuthKey) {
LOG_E("Duplicate Auth key value");
status = kStatus_SSS_Fail;
return status;
}
while (!isspace(charac)) {
j++;
charac = (int)inputKey[j];
}
while (isspace(charac)) {
j++;
charac = (int)inputKey[j];
}
if (inputKey[j] == '\0') {
LOG_E("Invalid Key");
status = kStatus_SSS_Fail;
return status;
}
for (size_t count = 0; count < key_size; count++) {
if (sscanf(&inputKey[j], "%2hhx", &auth_key[count]) != 1) {
LOG_E("Cannot copy data");
status = kStatus_SSS_Fail;
return status;
}
j = j + 2;
}
return status;
}
#endif //EX_SSS_SCP03_FILE_PATH