search

linaro-swg / optee_examples

OP-TEE Sample Applications
Other
163 stars 140 forks source link

TA_ACIPHER_CMD_ENCRYPT output different within the same session(key) #89

Closed JohnChain closed 2 years ago

JohnChain commented 2 years ago

I change the achipher na code as bellow, and I find the two time "Encrypted buffer:" printed is different.

And in the original code, why will you call TEEC_InvokeCommand twice ? Is the first one for getting output buffer size ?

int main(int argc, char *argv[])
{
    TEEC_Result res;
    uint32_t eo;
    TEEC_Context ctx;
    TEEC_Session sess;
    TEEC_Operation op;
    size_t key_size;
    void *inbuf;
    size_t inbuf_len;
    size_t n;
    const TEEC_UUID uuid = TA_ACIPHER_UUID;

    get_args(argc, argv, &key_size, &inbuf, &inbuf_len);

    res = TEEC_InitializeContext(NULL, &ctx);
    if (res)
        errx(1, "TEEC_InitializeContext(NULL, x): %#" PRIx32, res);

    res = TEEC_OpenSession(&ctx, &sess, &uuid, TEEC_LOGIN_PUBLIC, NULL,
                   NULL, &eo);
    if (res)
        teec_err(res, eo, "TEEC_OpenSession(TEEC_LOGIN_PUBLIC)");

    memset(&op, 0, sizeof(op));
    op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE,
                     TEEC_NONE, TEEC_NONE);
    op.params[0].value.a = key_size;

    res = TEEC_InvokeCommand(&sess, TA_ACIPHER_CMD_GEN_KEY, &op, &eo);
    if (res)
        teec_err(res, eo, "TEEC_InvokeCommand(TA_ACIPHER_CMD_GEN_KEY)");

    memset(&op, 0, sizeof(op));
    op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT,
                     TEEC_MEMREF_TEMP_OUTPUT,
                     TEEC_NONE, TEEC_NONE);
    op.params[0].tmpref.buffer = inbuf;
    op.params[0].tmpref.size = inbuf_len;

    res = TEEC_InvokeCommand(&sess, TA_ACIPHER_CMD_ENCRYPT, &op, &eo);
    if (eo != TEEC_ORIGIN_TRUSTED_APP || res != TEEC_ERROR_SHORT_BUFFER)
        teec_err(res, eo, "TEEC_InvokeCommand(TA_ACIPHER_CMD_ENCRYPT)");

    op.params[1].tmpref.buffer = malloc(op.params[1].tmpref.size);
    if (!op.params[1].tmpref.buffer)
        err(1, "Cannot allocate out buffer of size %zu",
            op.params[1].tmpref.size);

    res = TEEC_InvokeCommand(&sess, TA_ACIPHER_CMD_ENCRYPT, &op, &eo);
    if (res)
        teec_err(res, eo, "TEEC_InvokeCommand(TA_ACIPHER_CMD_ENCRYPT)");

    printf("Encrypted buffer: ");
    for (n = 0; n < op.params[1].tmpref.size; n++)
        printf("%02x ", ((uint8_t *)op.params[1].tmpref.buffer)[n]);
    printf("\n");

    ////////////////////////////////////
    printf("================\n");
    memset(&op, 0, sizeof(op));
    op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT,
                     TEEC_MEMREF_TEMP_OUTPUT,
                     TEEC_NONE, TEEC_NONE);
    op.params[0].tmpref.buffer = inbuf;
    op.params[0].tmpref.size = inbuf_len;

    res = TEEC_InvokeCommand(&sess, TA_ACIPHER_CMD_ENCRYPT, &op, &eo);
    if (eo != TEEC_ORIGIN_TRUSTED_APP || res != TEEC_ERROR_SHORT_BUFFER)
        teec_err(res, eo, "TEEC_InvokeCommand(TA_ACIPHER_CMD_ENCRYPT)");

    op.params[1].tmpref.buffer = malloc(op.params[1].tmpref.size);
    if (!op.params[1].tmpref.buffer)
        err(1, "Cannot allocate out buffer of size %zu",
            op.params[1].tmpref.size);

    res = TEEC_InvokeCommand(&sess, TA_ACIPHER_CMD_ENCRYPT, &op, &eo);
    if (res)
        teec_err(res, eo, "TEEC_InvokeCommand(TA_ACIPHER_CMD_ENCRYPT)");

    printf("Encrypted buffer: ");
    for (n = 0; n < op.params[1].tmpref.size; n++)
        printf("%02x ", ((uint8_t *)op.params[1].tmpref.buffer)[n]);
    printf("\n");

print info:

# ./achipher_na 512 helloworld
Encrypted buffer: 9b 51 f9 cd 6a 54 8a 1c bb bb 82 61 b0 7b d8 a4 59 30 bc 10 72 f0 72 1f 8d 02 69 6a 5e d8 bc 7e de a4 4f 02 86 48 f3 44 d7 81 ba 3b 83 f5 31 59 59 ce 04 1d be 9e 2d ae 74 83 3f 97 6e 18 0a d7 
================
Encrypted buffer: 92 99 17 59 ee 1d 76 a9 d8 06 da 20 d1 e5 aa 88 27 90 9e a1 f0 27 c2 35 bc c0 83 09 96 05 7e 97 dd c4 84 8b 84 9d 62 ef 5b 49 a3 1d f1 53 6b 08 82 d7 65 75 39 73 fc c0 89 9c 6f 79 4d d6 bb dc
etienne-lms commented 2 years ago

I change the achipher na code as bellow, and I find the two time "Encrypted buffer:" printed is different.

Likely due to pkcs#1 v1.5 padding. See these post: why-does-adding-pkcs1-v1-5-padding-make-rsa-encryption-non-deterministic whats-so-special-about-pkcs-1-v1-5-and-the-attack-that-just-won-t-go-away.

And in the original code, why will you call TEEC_InvokeCommand twice ? Is the first one for getting output buffer size ?

Yes.

JohnChain commented 2 years ago

@etienne-lms thanks and you are right. After changing the algr from TEE_ALG_RSAES_PKCS1_V1_5 to TEE_ALG_RSA_NOPAD in TA side, I can get the same output now :)