From fd06565a2b3bde256d977f6ad28ef40941890a0f Mon Sep 17 00:00:00 2001 From: Soyoung Kim Date: Fri, 28 Dec 2012 18:15:24 +0900 Subject: [PATCH] changed to get encryption/decryption key from device unique key [Issue#] N/A [Problem] N/A [Cause] N/A [Solution] Modify get encryption key from cal library made from osp-security team The key is made from device unique key and hashed. [SCMRequest] N/A Change-Id: I3f1051339a6f56e5cb6a5083489f32b69d435550 --- build/encryption/CMakeLists.txt | 2 + build/encryption/libs/libcal.a | Bin 0 -> 4734 bytes build/encryption/libs/libcal.arm.a | Bin 0 -> 5566 bytes build/encryption/libs/libcal.i586.a | Bin 0 -> 5496 bytes .../include/dpl/encryption/resource_decryption.h | 5 ++- .../include/dpl/encryption/resource_encryption.h | 3 +- modules/encryption/src/resource_decryption.cpp | 41 ++++++++------------ modules/encryption/src/resource_encryption.cpp | 42 ++------------------- packaging/wrt-commons.spec | 7 ++++ 9 files changed, 32 insertions(+), 68 deletions(-) create mode 100755 build/encryption/libs/libcal.a create mode 100755 build/encryption/libs/libcal.arm.a create mode 100755 build/encryption/libs/libcal.i586.a diff --git a/build/encryption/CMakeLists.txt b/build/encryption/CMakeLists.txt index 710ada6..bf38cae 100644 --- a/build/encryption/CMakeLists.txt +++ b/build/encryption/CMakeLists.txt @@ -54,6 +54,8 @@ TARGET_LINK_LIBRARIES(${TARGET_DPL_ENCRYPTION} ${TARGET_DPL_EFL} ) +TARGET_LINK_LIBRARIES(${TARGET_DPL_ENCRYPTION} -L./libs -lcal) + # Target library properties SET_TARGET_PROPERTIES(${TARGET_DPL_ENCRYPTION} PROPERTIES SOVERSION ${API_VERSION} diff --git a/build/encryption/libs/libcal.a b/build/encryption/libs/libcal.a new file mode 100755 index 0000000000000000000000000000000000000000..8400c5f506fe1ad1915fb18189265b512ac85fe1 GIT binary patch literal 4734 zcmbtXU5r~t6`r}*-o3l_I{TB~=BEyuw4vFxo$O|_O`{~+v`HMcX((z{Dui=w-`zE_ zuZ^#rWLp9fQfVs@5D)!9Dgr@U9*Ts3NC+qrg1$vOK#Rl^DnESygrMS~Nc@!V8=vvs zO&&ln+IzqAopa{Q%$ak?v%8P_?aIor;e2*|J1}!-u248!n7cchEf`b$oy{Jcv;G%` zl~NkdM@x_0UGeLcZr$$$=PR|EQuSIHnp~yT$~8GcFY4Uk*~5?v1%&Ls=VoWK+1W$$ zyk@;)GJ}9+gTRgI%eFh#tahfL5si0=)(&w3|t#&?%`wy^&soWN~61;||$? zN)7iNQ*=y;BZAN|t#xsN`jOqLIFZK)nVdeJ?#7nB$72P2}>9Q9JWAk-YDShCI%Y>?Y%^B25rw+Kypchb65=&1J; zt=oid^v;mpCUmR!2TV4xUFZ&Pj(v9s&3ey~?h?AkyTHD;3*G1aj@GQuDeoVo@6+Fc zlQUWHo+jO+zia5M_Ztp$hpcGc8z#L==uvMs>6CsPeVoY?-YRK9A2akm@1LXx^rE4s zyc?XxLCs}5lc&8ETIcjn4L##AM&h{stZ_c?U8eIH{k)-%diT;=6#5bGL!@VgUhtl! z^9O`hy%$Lr^_g{uO^)9FO1B%$i z)HvB|uNsy}CCPr&+hI=)Btqy160aagTu!q@xU>CLp6nR zXJchMR}J0pdB}Q*<-<1mX}t6hht?k)J&Ha;9zu9Jjr|I*H$RJj`UAEZI`2xwHhC zb!+6gSuk#PsrX>2-mF{%WsQ(F{PxA5tynCir;3aBLyS*{yWeYTQamubwF8VEgjGAI zekcl;u`xlZ>_>qaqTF3FuBB4TuO5u8(kNz(kBQgnv{k9m#P)QdkOD+qW=aw9;&MZc<_Q5F3*> z(YP`a$(e-BG2A7>Gq0mc}X1&`8)&Cxs zpNQNOdKtMjEv2PeJqVj-Z0=ca1H<47w%}67FV_RRyjyM|wgOAtup0%~WE0)InDC3i zD!0z;%36V#@-bUsb{Xj|`<08`mJDpNjP#;t4)o$#w_bgjYN2(u=X40QXllj`bNbxF z*^~SCXU%7CmSjq-w|cb7Azc~y81O)KXUne>Pvx6OP*xoEY4460nzY4>o&N*(4m zSM@u-%9W!CVo>fbm;7?M9b8hmc2E~hEnI5GIgYo$dZSL`rdGEc`i%g=*1AJy4z9S) zZ~Ngg-FjnUN-9@rHW~r;EEhIAK@ORjjyl*Dm0Nh|ft=szv}@&VXMO0UHU_in{cmtP zoOmSS3T7H}9zScWyc>G@$~Axz@oIykR$cx)etDujVo9^0(#EEMs0-x%xlXS_i? zHlF$UwVi<ZQ4m=Q(yZ+ocs$yS|%t+?MIOJaV%jL9^gLA)#lY0L}T zn|R_wy%}5YM%ZlrpzhZ^M74rWZ&Q%QHLww5X;AY>+6gGPLeIKkJm!;Q#>!k>K|N1G zXPb>@xy86Xq277V>WQuyeNE%8n+fgl5y@>9dVO5;CB^#>t~+1XR}lNhGe^z}UTf}6 zyQ2GkL>v-#hVO`2%Z)Eups|cqyJ^W&j>y%_>$mv z1b-~}Gr_k6|19_~!4c$;ad!yr7d#?Z6ns>0MX)LOgy1uR&kMdS_(#FN67jq%=%Va7 l?g$YjJ1+co!5P65f`4M((AU%jUN8l1fyUyfheFse?VwLq7qROe;E9sM1S}TLQK$Ltcr?asLylmIWu>Q zi6)%v%=13)`=0ll^PcydduKP^=+z4gyJP9(@-{LyF`3D1-!Ya+Ch>{0m>m$&CZKHMvXw`0!Hf z=C1F@4jp;#Y~%iYJ9Ezu?R($u6JLpKiafR_C%;CIWUlLlSKhh!Me*YeI=EaRuT2cb zt;D*-3b|4abO{kzBdo-(_zm&tK_RToA|BrjyAZY(9U-Fq&xv=Z?+Iz=U@ z(-%aDP7m%t&U#EhA!2REI345K5kctKE9LYc^?e(~^k5nzBvSIG-e5Kl?nz7!a*lht z=+Yl;&oY8Z55(m$z>4vX76Dgw=z2sO?9iKfZ|p@19<{Jul?q#a4rupb8-Av9b5LVs zJA}v^8GKuI_c!2SN$0bKNOuaoq0ACw*J-7U4#U&7qoqnySWfiY?B{ep0Gk@h+Tk(Y zS$28koC+F!nHrCpN2?H{c9;DWEzn{ zoi}K@+4&Ob)tYW`lI)w*bepq4dX0P$PLWL+r$Oh<@?}NGokh~?^on*kPm*4*>5b0a z9Cw>Mix81bdmJ7VJ0o{1y3e^l=Mg!hXwG?w)=~M2ihRI%k>gIvUnqLeVJG`0`LJ@H zbtL;9lusyn+;K>!HNDH}Cq1O;31{UaR^pI8W1hi=K1Yd5v^dz5$4A zs)?R=$S=gci%z}v51s{!f4~4gq=;RNA1C|K_Y||^N6B6dcGwYJb_Mz_`#FpimU~$u zTv{JXlQ!0e(!Oo9pMaL7VLA2yAR%8zXxVcW?DSzXWnRNs=>H}ZvWGpk;nV-BqMXPf z(%+(s>>=fbGN4$&WXfLl=t2M?o?7u&diAM-Y~HuBhxP=6V`NK4nC-#G;Szn8%awBQ zEt2N~BBJn$h&SOBksl=bU{^OIXPsWCF8OIM-zt@h>3VG`5cVFMp4peKHfqCOtu}Yh z@JMPbl}TmNjd~&7@C&Vasd+}ETa9`ecXWEbP)K|ArBmC>!_CrJzcO4dRa&Qq=PNDW z%a_vQsfpBBx>PBYTSZ@_RX5Gj`BJm7Tou0dxw=NPSoG&o3q0q|Gc~^f5$nddr7A>Q zc^DCEh8t4SBM(`Lq*YJhJG0@MV&-(D2g?>BGcr0hJ~6p{$4>g8BJhcb`xQEYJVfLM zLLU?XWH#K_n9(eOW+{&2yWM&rN%1K{VEuI41Oc}zthW*Z>+Qz69)g;*cpU4x2(kSb zR4$9l>^vI{B-w2WUTUs;vgH*)c#>VWIyVQI)uZIeaWK}eJAK40R||`vEPK)=ufFKl z1?!(QH$Af-qQHaDOoyon8fR=8o&YKlEYwM(1h!{V_ZzKpQxvPMeA(~B<{%C4l<)eL zqG&8s>&+zZa=jMLyx}*M`#q>G->o(4!ksI7^9`lUx8~fu*FeBv;(@mAWAO}l;Fe>_ zsjXX+s@6p9SfzBb6G?E> zcm($*hO&>!hawMJ=k0UR2fDHeTu-USnI)_O*sKS*V5GWVPBpnTsiN2PL@M8CK=kvi zdDqM5>;5T`qD!DDRpzQ;jyv23ud*v+kEF&;XDmPLS!?Ah-ja{looLXh%Q~#{>Rx4@ zZoz=d8AcGPLUn1$N5Q5l)ux|9LWdhoY^X?OZ@oF?HJkNPzSUel&|DounG zYSE>Axl`fm&0KoxpyyN8wDL-!_Tx$@*q?q5KD>{~)ngiXA3otm8{1ZV=>Na`_`orJ zAgXwmDClNvd%=xN)4d>kewb!#d^-!T<6*4h1Reog2XkQ7aVuog2cqbUqF+d1#9Lqs z$9s2Gur9{q`b@mLA+ygYK5Ro6jP-3A{b*m(X!M)mcixbYjd?Y5p!s?DB`N4;Y^TA) z^LsBeKaOwa_ZVc;harBBczmFmW^8NHTtmq4j+_TO%Z(2Z^96u@%v{;ruhQ=c;-ywdfEPlPdG2DLV4jYHItVWkV9oI z-a))BGZ<_}B!(jg2aP-0X_mO0)A%cmZ)v=!kwwq(64)5xRT}v&LwbKg zFA?)tr+HHI>orenzEktvL=?r8)*m6_h#u3tps}Ixw8nE9|Hys7JXD?G>vH7zpq-~G Kf}-R7NB$o=EdVC~ literal 0 HcmV?d00001 diff --git a/build/encryption/libs/libcal.i586.a b/build/encryption/libs/libcal.i586.a new file mode 100755 index 0000000000000000000000000000000000000000..b02e413dd2ac51d23196f6cfd9d4d491726db729 GIT binary patch literal 5496 zcmbVQYit}>6~1?8Y>&NuB~J5b61r*JHYLgKI$5vXk|yypHZe(*CZ&Rg$v(#R;`Q!k zcPEbu6}6?L#tl-`B7|B|XrYB4g(52PDA1sY06%yL`j3}DLMoy{0`eoGLE-!E+`Bt& zRaN3jGvE2nIrrRq&zyT_cDL-wRCDutI})*#ZD99cI++|A8XSzplFAgm$6|xKjQ`0F zAw&e%Szhi(?#g9~Ilq{xdq;AGf^gkJdN>`Q^XhIT=ho-_(n36YRul_a_{DRTO1#Xm z^?2#jFyv$sgEj8yR0`wm9!Lixp6vMK#LT3W62k>e3QIJZ5Klw{eM-SLv02=#?48>G z_|ji5y*TlTLny?NrYkgMcv-F;E3dzD-*ds~sM zwZiJYJNkj>be|AbzlcWn!YYKVMMsF19%zMVCD5y_Pg>p4C_1%BP^T-1&@$aOjDg!t zKp{FBj!`;BwIhPiu~W+FKI*%+i0QrrM(B>qeVxH<&hPJ@?&BQyx6-Ajr7_D0y7orp zam;;HYK3-nlWsz^z9!w*xrYfqkMuC9Se<-`_unWYL|J2G2twqyJ8-w`wv%`wmUI$? zNZY>&c3Ud~ShDpVrEJ*=Pup%Oli%iSwIha zou-}6BXnM`X|FR$=M9>!an{rMW=+>SAEkAprkk8^vhOBMW6ni7zfaSC=K$#~nr?Gq z>>JZ`hci!lt9%Jgk*!H*n9lw3+lr=~Bh`dd~CCXp? zFM~xdF~F-7@f4$*$$s#nVs>;r*`?qKJEGP8IP|Uda~LZucd|sdv@Vt=ZLANa{gct& z0WC|za_n9}x4ekZvi&c((}&HJc>(*N=NTwuyDFxOqUVxgY91Huo@dcPwg=2%G_mRl zI&{*#6}^RccGY+3)D;9Mu5PEjn~^b~B_p2)@B1)ZTE5D)O4;`U$qNAy*Iafv+ZsY@uFT zp%J0C0#{V4=kwlde4ZP-ey-xxAY!c;t5Ak$D-R=Lop3`M+Hp|Ut?DDrYO8zCHzGr8 zad=6Y9N4uxHJBb6zDq1`>c31+jDW~>^$uWqAv?rHCHoGsr1eBTN%{j++l0FsQY@p} zn-CjsK4s@o)3k2^t06INUC`jVr~FJFgd5Lw%d@kPxpS19PJyx9-08z^v7B1~WtEaH zW~vKbRXj&u(8=kU35Y^8r_-2WqxfiV!_|XpD=rV0X^ojwy_#RFi+tJ77QJR{4pPgU z_FS)&7q$6vwI1WqtJlJr*SxxNKZAPk+)BMF+}UDguBMb(f7Z=rY6uuiJkVA>ES>=m z96BBw+rB-f>O@qImkOtR@1S>1WXt8EsEkx9(|J)Wm*!&X#*tM*0v%}~KjW2zi)wUp z<)Xh>690cOvySy=iEt}r%(aI33%6X%n}zzNT4Ao_{85y6?6p(mbyL8WHatnSXc-+{$w5meDgci%#{*Cnn1#!Bb zL8Y0*x_-&8d3pFEk}5dmwcwrO^F_F_AC#Hi50(2eMIVKHU~KH}*f!MBow|s`8eQ7* z!J|Tc!jT(0ZToTT_I~KOOW4%0JksrqJ{IX}Ir?eqQ9E*fmwn~($WOY}Q9d5H@sJ5x zymoF8^A+)0y&B-Wk*Z!XUgtxI=QH(;h-Ygxh+fv8b2Hg&)jKWXbO|(t(rh`*aZGyP zWp-ukf%t$>(cNydKkDl6m;s?4C^x0Olgj8!E9DC3@_rj^5UY0 zx{a60buW&*?yS}ET!SFqygOUPI3hk*E&COdocG3Fg;Jqjj6n9|>(8|Q)k16op`M2>V=?}1xEPNIJKM_vH16j4Zij~c@8y?- z5967}c>gs7Xl$b)ndX;Z;A_G(KD8 z5O_G=6W9zU&(xcEAA`(3yKu3kknm_Asyl7G_!1=Y6P#@y{7lZsX=D2gE+dnV!Ec;` zZpQWna3j-n9)2+jx)~ckal-3(Dzpy#QfjQ@CCH`^L%fK1;d(K)ufrCO_e>}rYs%#1 z$B<1Qh+-`sLX3iL#`Z(-aJ;V|9^>%2;So0C{Tj0A15u!ue*c1kvT3)#FWii+6#`{5R1AK{LXPHHN8l7*?<=A8ay=%0 z+~c7#7j?v2X9k1Kh~Y6g+!`eBOHlHBz6lrOL8ZnF$9n|>uqI72@eDT@*4yHrH;kTW zHC7vFEj3!x!xGqBp=LEsqd;k?o!NA-R%C|p!#jzbKZKjj5?xIK$r7ySX0sZnT%fa7 zJYo7H`Jra1j5QUO;4j){vrus>XYls<@dR!*{+nXXYVM`gk%+jpX$J2UcZE2g)8V&q z{*Ez?_VA~Dd}b{9&X1CJdEL1OW)6>z%(#aqC-0p&<{ldvotbd?rOg-Mk%MFR4!TE1 z4~|dna;H8tGUnbpH8Q~AxFY<`qUxyw>9_;jMxmyF?bt9p|LhIHdq(1MGe5E?ct;Ug zgA$tpE($jju_u`a+7lYn8t>6KuJNG8qZ&_YoYPp;ct+!=G%jiUqQ>VnzO3;zjlb0R z2aRuPd`n{oHUQ_jLE|=!LmDSF9@m)HSkuVAGT2}JpapVolJjp0;*T`)S3UXfHU3@W ze>AouhqUw058@pf(;6o<9@CiD$bVMoe@5eD8lTkohQ@zrysGg!5f?UzLYs&)sEder z8#UgkafpcRw@33SB3_t>G=D&2QR69%4{7`}^NsQF+7S}Bw #include -namespace WRTDecryptor{ +extern char** calculate(char*pappId, int idLen, int keyLen); +namespace WRTDecryptor{ class ResourceDecryptor { public: @@ -50,7 +51,7 @@ class ResourceDecryptor private: AES_KEY* GetDecryptionKey(); - AES_KEY *m_decKey; + AES_KEY m_decKey; }; } //namespace WRTDecryptor diff --git a/modules/encryption/include/dpl/encryption/resource_encryption.h b/modules/encryption/include/dpl/encryption/resource_encryption.h index ffc82c2..6f57a93 100644 --- a/modules/encryption/include/dpl/encryption/resource_encryption.h +++ b/modules/encryption/include/dpl/encryption/resource_encryption.h @@ -28,8 +28,9 @@ #include #include -namespace WRTEncryptor{ +extern char** calculate(char*pappId, int idLen, int keyLen); +namespace WRTEncryptor{ class ResourceEncryptor { public: diff --git a/modules/encryption/src/resource_decryption.cpp b/modules/encryption/src/resource_decryption.cpp index db45f81..9e8b39f 100644 --- a/modules/encryption/src/resource_decryption.cpp +++ b/modules/encryption/src/resource_decryption.cpp @@ -28,19 +28,16 @@ #include namespace { -inline std::string GetDefaultEncryptKeyPath() { - return "/opt/share/widget/data/"; -} +#define BITS_SIZE 128 +#define KEY_SIZE 16 } namespace WRTDecryptor{ -ResourceDecryptor::ResourceDecryptor() : - m_decKey(NULL) +ResourceDecryptor::ResourceDecryptor() { LogDebug("Started Decryption"); } -ResourceDecryptor::ResourceDecryptor(std::string userKey) : - m_decKey(NULL) +ResourceDecryptor::ResourceDecryptor(std::string userKey) { LogDebug("Finished Decryption"); SetDecryptionKey(userKey); @@ -48,47 +45,39 @@ ResourceDecryptor::ResourceDecryptor(std::string userKey) : ResourceDecryptor::~ResourceDecryptor() { - delete m_decKey; } void ResourceDecryptor::SetDecryptionKey(std::string userKey) { - /* TODO : get key from secure storage */ - std::string keyPath = GetDefaultEncryptKeyPath() + userKey + "_dec"; - LogDebug("Description Key path : " << keyPath); - - FILE* fp = fopen(keyPath.c_str(), "rb"); - if (fp == NULL) { - ThrowMsg(ResourceDecryptor::Exception::GetDecKeyFailed, - "Failed to get decryption key"); + if (userKey.empty()) { + return; } - m_decKey = new AES_KEY; - size_t resultSize =fread(m_decKey, 1, sizeof(AES_KEY),fp); - if (resultSize!= sizeof(AES_KEY)) - ThrowMsg(ResourceDecryptor::Exception::GetDecKeyFailed, - "Failed to get AES key"); + char **duk = calculate(const_cast(userKey.c_str()), userKey.size(), KEY_SIZE); + unsigned char *key = reinterpret_cast(*duk); - fclose(fp); + if ( 0 > AES_set_decrypt_key(key, BITS_SIZE, &m_decKey)) { + ThrowMsg(ResourceDecryptor::Exception::GetDecKeyFailed, + "Failed to create decryption key"); + } } AES_KEY* ResourceDecryptor::GetDecryptionKey() { - return m_decKey; + return &m_decKey; } void ResourceDecryptor::GetDecryptedChunk(unsigned char* inBuf, unsigned char* decBuf, size_t inBufSize) { Assert(decBuf); - Assert(m_decKey); - if (decBuf == NULL || m_decKey == NULL) { + if (decBuf == NULL) { ThrowMsg(ResourceDecryptor::Exception::EncryptionFailed, "Failed to Get Decryption Chunk"); } unsigned char ivec[16] = {0, }; - AES_cbc_encrypt(inBuf, decBuf, inBufSize, m_decKey, ivec, AES_DECRYPT); + AES_cbc_encrypt(inBuf, decBuf, inBufSize, &m_decKey, ivec, AES_DECRYPT); LogDebug("Success decryption"); } diff --git a/modules/encryption/src/resource_encryption.cpp b/modules/encryption/src/resource_encryption.cpp index e89940e..a238705 100644 --- a/modules/encryption/src/resource_encryption.cpp +++ b/modules/encryption/src/resource_encryption.cpp @@ -27,12 +27,7 @@ namespace { #define BITS_SIZE 128 -const char* ENCRYPTION_FILE = "_enc"; -const char* DECRYPTION_FILE = "_dec"; - -inline std::string GetDefaultEncryptKeyPath() { - return "/opt/share/widget/data"; -} +#define KEY_SIZE 16 } namespace WRTEncryptor{ ResourceEncryptor::ResourceEncryptor() @@ -59,44 +54,13 @@ void ResourceEncryptor::CreateEncryptionKey(std::string userKey) return; } - AES_KEY decKey; - const unsigned char* key = reinterpret_cast( - const_cast(userKey.c_str())); + char **duk = calculate(const_cast(userKey.c_str()), userKey.size(), KEY_SIZE); + unsigned char *key = reinterpret_cast(*duk); if ( 0 > AES_set_encrypt_key(key, BITS_SIZE, &m_encKey)) { ThrowMsg(ResourceEncryptor::Exception::CreateEncKeyFailed, "Failed to create encryption key"); } - if ( 0 > AES_set_decrypt_key(key, BITS_SIZE, &decKey)) { - ThrowMsg(ResourceEncryptor::Exception::CreateDecKeyFailed, - "Failed to create decryption key"); - } - - std::string encPath, decPath; - - encPath = GetDefaultEncryptKeyPath() + "/" + userKey + ENCRYPTION_FILE; - decPath = GetDefaultEncryptKeyPath() + "/" + userKey + DECRYPTION_FILE; - - /* TODO : save keys to secure storage */ - LogDebug("Encryption Key path " << encPath); - LogDebug("Decryption Key path " << decPath); - - FILE* encFp = fopen(encPath.c_str(), "wb"); - if (encFp == NULL) { - ThrowMsg(ResourceEncryptor::Exception::CreateEncKeyFileFailed, - "Failed to save encryption key"); - } - fwrite(&m_encKey, 1, sizeof(m_encKey), encFp); - fclose(encFp); - - FILE* decFp = fopen(decPath.c_str(), "wb"); - if (decFp == NULL) { - ThrowMsg(ResourceEncryptor::Exception::CreateDecKeyFileFailed, - "Failed to save decryption key"); - } - - fwrite(&decKey, 1, sizeof(decKey), decFp); - fclose(decFp); LogDebug("Success to create ecryption and decryption key"); } diff --git a/packaging/wrt-commons.spec b/packaging/wrt-commons.spec index 0751d22..a9d7772 100644 --- a/packaging/wrt-commons.spec +++ b/packaging/wrt-commons.spec @@ -44,6 +44,13 @@ Wrt common library development headers %endif %build + +%ifarch %{ix86} +cp build/encryption/libs/libcal.i586.a build/encryption/libs/libcal.a +%else +cp build/encryption/libs/libcal.arm.a build/encryption/libs/libcal.a +%endif + export LDFLAGS+="-Wl,--rpath=%{_libdir} -Wl,--hash-style=both -Wl,--as-needed" cmake . -DVERSION=%{version} \ -- 2.7.4