WolfSSL
/
wolfssl-examples
mirror of https://github.com/wolfSSL/wolfssl-examples.git
1
0
Fork 0
Code Issues Releases Wiki Activity

macro for file name and formating

pull/154/head
Jacob Barthelmeh 2019-06-05 09:32:26 +07:00
parent 107c93c612
commit 538cd30774
1 changed files with 13 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
pkcs7/signedData-EncryptedFirmwareCB.c
View File

@ -43,6 +43,7 @@ static byte altKey[] = {
}; };
#define OUTPUT_FILE "signedData_EncryptedFPD_callback.der" #define OUTPUT_FILE "signedData_EncryptedFPD_callback.der"
#define OUTPUT_FILE_AES128 "signedData_EncryptedFPD_AES128_callback.der"
static int load_certs(byte* cert, word32* certSz, byte* key, word32* keySz) static int load_certs(byte* cert, word32* certSz, byte* key, word32* keySz)
{ {
@ -141,6 +142,7 @@ static int myCEKwrapFunc(PKCS7* pkcs7, byte* cek, word32 cekSz, byte* keyId,
} }
/* callback function for wc_PKCS7_DeocdeEncryptedData */
static int myDecryptionFunc(PKCS7* pkcs7, int encryptOID, byte* iv, int ivSz, static int myDecryptionFunc(PKCS7* pkcs7, int encryptOID, byte* iv, int ivSz,
byte* aad, word32 aadSz, byte* authTag, word32 authTagSz, byte* aad, word32 aadSz, byte* authTag, word32 authTagSz,
byte* in, int inSz, byte* out, void* usrCtx) byte* in, int inSz, byte* out, void* usrCtx)
@ -412,7 +414,7 @@ static int getFirmwareKey(PKCS7* pkcs7, byte* key, word32 keySz)
}; };
/* find keyID in fwWrappedFirmwareKey */ /* find keyID in fwWrappedFirmwareKey */
printf("\tChecking for KEKRI firmware attribute ... "); printf("\tChecking for fwWrappedFirmwareKey attribute ... ");
ret = wc_PKCS7_GetAttributeValue(pkcs7, fwWrappedFirmwareKey, ret = wc_PKCS7_GetAttributeValue(pkcs7, fwWrappedFirmwareKey,
sizeof(fwWrappedFirmwareKey), NULL, &atrSz); sizeof(fwWrappedFirmwareKey), NULL, &atrSz);
if (ret == LENGTH_ONLY_E) { if (ret == LENGTH_ONLY_E) {
@ -420,9 +422,6 @@ static int getFirmwareKey(PKCS7* pkcs7, byte* key, word32 keySz)
ret = wc_PKCS7_GetAttributeValue(pkcs7, fwWrappedFirmwareKey, ret = wc_PKCS7_GetAttributeValue(pkcs7, fwWrappedFirmwareKey,
sizeof(fwWrappedFirmwareKey), atr, &atrSz); sizeof(fwWrappedFirmwareKey), atr, &atrSz);
/* keyIdRaw[0] OCTET TAG */
/* keyIdRaw[1] Length */
if (ret > 0) { if (ret > 0) {
PKCS7* envPkcs7; PKCS7* envPkcs7;
@ -437,8 +436,11 @@ static int getFirmwareKey(PKCS7* pkcs7, byte* key, word32 keySz)
} }
wc_PKCS7_Init(envPkcs7, NULL, 0); wc_PKCS7_Init(envPkcs7, NULL, 0);
wc_PKCS7_SetWrapCEKCb(envPkcs7, myCEKwrapFunc); if (wc_PKCS7_SetWrapCEKCb(envPkcs7, myCEKwrapFunc) != 0) {
envPkcs7->contentOID = FIRMWARE_PKG_DATA; printf("\tIssue setting CEK wrap callback\n");
return ret;
}
envPkcs7->contentOID = FIRMWARE_PKG_DATA; /* expected content */
ret = wc_PKCS7_DecodeEnvelopedData(envPkcs7, atr, ret, ret = wc_PKCS7_DecodeEnvelopedData(envPkcs7, atr, ret,
key, keySz); key, keySz);
wc_PKCS7_Free(envPkcs7); wc_PKCS7_Free(envPkcs7);
@ -448,7 +450,7 @@ static int getFirmwareKey(PKCS7* pkcs7, byte* key, word32 keySz)
printf("not found\n"); printf("not found\n");
} }
if (ret != 0) { if (ret <= 0) {
printf("\tError %d (%s) parsing fwWrappedFirmwareKey enveloped data\n", printf("\tError %d (%s) parsing fwWrappedFirmwareKey enveloped data\n",
ret, wc_GetErrorString(ret)); ret, wc_GetErrorString(ret));
} }
@ -568,13 +570,13 @@ int main(int argc, char** argv)
if (argc < 2) { if (argc < 2) {
printf("Doing default generation and verify\n"); printf("Doing default generation and verify\n");
ret = generateBundle(derBuf, &derSz, defKey, sizeof(defKey), 0, ret = generateBundle(derBuf, &derSz, defKey, sizeof(defKey), 0,
"signedData_EncryptedFPD_callback.der"); OUTPUT_FILE);
if (ret <= 0) { if (ret <= 0) {
printf("unable to generate AES CBC bundle\n"); printf("unable to generate AES CBC bundle\n");
return ret; return ret;
} }
printf("\nTrying to verify signedData_EncryptedFPD_callback.der\n"); printf("\nTrying to verify %s\n", OUTPUT_FILE);
ret = verifyBundle(derBuf, derSz); ret = verifyBundle(derBuf, derSz);
if (ret != 0) { if (ret != 0) {
printf("\tUnable to verify bundle, error [%d]\n", ret); printf("\tUnable to verify bundle, error [%d]\n", ret);
@ -583,8 +585,8 @@ int main(int argc, char** argv)
derSz = 4096; derSz = 4096;
ret = generateBundle(derBuf, &derSz, altKey, sizeof(altKey), 1, ret = generateBundle(derBuf, &derSz, altKey, sizeof(altKey), 1,
"signedData_EncryptedFPD_AES128_callback.der"); OUTPUT_FILE_AES128);
printf("\nTrying to verify signedData_EncryptedFPD_AES128_callback.der\n"); printf("\nTrying to verify %s\n", OUTPUT_FILE_AES128);
if (ret <= 0) { if (ret <= 0) {
printf("\tunable to generate AES GCM bundle\n"); printf("\tunable to generate AES GCM bundle\n");
return ret; return ret;