Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / tpm2-tss / ff821bd3ed112c3ddfb27aadd6898789a2545d2d / . / esapi / esapi_util / esys_crypto.c
blob: 6b8d78963bc27650fe031e9a1b81a7fa9d656870 [file] [log] [blame]
Juergen Reppff821bd2017-12-11 15:21:42 +0100[diff] [blame^]1/*******************************************************************************
2 * Copyright 2017, Fraunhofer SIT sponsored by Infineon Technologies AG
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright notice,
9 * this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright notice,
12 * this list of conditions and the following disclaimer in the documentation
13 * and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
16 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
19 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
20 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
21 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
22 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
23 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
24 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
25 * THE POSSIBILITY OF SUCH DAMAGE.
26 *******************************************************************************/
27#include <sapi/tpm20.h>
28#ifndef TSS2_API_VERSION_1_1_1_1
29#error Version missmatch among TSS2 header files !
30#endif /* TSS2_API_VERSION_1_1_1_1 */
31
32#include <sapi/tss2_sys.h>
33#include <sysapi_util.h>
34#define LOGMODULE sys
35#include "log/log.h"
36
37#include "esys_crypto.h"
38#include "esys_iutil.h"
39
40#include <gcrypt.h>
41
42#include <stdarg.h>
43
44/** Context to hold temporary values for iesys_crypto */
45typedef struct _IESYS_CRYPTO_CONTEXT {
46 enum {
47 IESYS_CRYPTOGCRY_TYPE_HASH = 1,
48 IESYS_CRYPTOGCRY_TYPE_HMAC,
49 } type; /**< The type of hontext to hold; hash or hmac */
50 union {
51 struct {
52 gcry_md_hd_t gcry_context;
53 int gcry_hash_alg;
54 size_t hash_len;
55 } hash; /**< the state variables for a hash context */
56 struct {
57 gcry_mac_hd_t gcry_context;
58 int gcry_hmac_alg;
59 size_t hmac_len;
60 } hmac; /**< the state variables for an hmac context */
61 };
62} IESYS_CRYPTOGCRY_CONTEXT;
63
64/** Provide the digest size for a given hash algorithm
65 *
66 * This function provides the size of the digest for a given hash algorithm
67 *
68 * @param hashAlg [in] The hash algorithm to get the size for
69 * @param size [out] The side of a digest of the hash algorithm
70 * @returnval TSS2_RC_SUCCESS on success
71 * @returnval TSS2_SYS_RC_BAD_VALUE if hashAlg is unknown or unsupported
72 */
73TSS2_RC
74iesys_crypto_hash_get_digest_size(TPM2_ALG_ID hashAlg, size_t * size)
75{
76 LOG_TRACE("call: hashAlg=%"PRIu16" size=%p", hashAlg, size);
77 switch (hashAlg) {
78 case TPM2_ALG_SHA1:
79 *size = TPM2_SHA1_DIGEST_SIZE;
80 break;
81 case TPM2_ALG_SHA256:
82 *size = TPM2_SHA256_DIGEST_SIZE;
83 break;
84 case TPM2_ALG_SHA384:
85 *size = TPM2_SHA384_DIGEST_SIZE;
86 break;
87 case TPM2_ALG_SHA512:
88 *size = TPM2_SHA512_DIGEST_SIZE;
89 break;
90 case TPM2_ALG_SM3_256:
91 *size = TPM2_SM3_256_DIGEST_SIZE;
92 break;
93 default:
94 LOG_ERROR("Unsupported hash algorithm (%"PRIu16")", hashAlg);
95 return TSS2_SYS_RC_BAD_VALUE;
96 }
97 LOG_TRACE("return: *size=%zu", *size);
98 return TSS2_RC_SUCCESS;
99}
100
101
102TSS2_RC
103iesys_cryptogcry_hash_start(IESYS_CRYPTO_CONTEXT_BLOB ** context,
104 TPM2_ALG_ID hashAlg)
105{
106 LOG_TRACE("call: context=%p hashAlg=%"PRIu16, context, hashAlg);
107 return_if_null(context, "Context is NULL", TSS2_SYS_RC_BAD_REFERENCE);
108 IESYS_CRYPTOGCRY_CONTEXT *mycontext;
109 mycontext = calloc(1, sizeof(IESYS_CRYPTOGCRY_CONTEXT));
110 return_if_null(mycontext, "Out of Memory", TSS2_SYS_RC_GENERAL_FAILURE);
111 mycontext->type = IESYS_CRYPTOGCRY_TYPE_HASH;
112
113 switch (hashAlg) {
114 case TPM2_ALG_SHA1:
115 mycontext->hash.gcry_hash_alg = GCRY_MD_SHA1;
116 break;
117 case TPM2_ALG_SHA256:
118 mycontext->hash.gcry_hash_alg = GCRY_MD_SHA256;
119 break;
120 case TPM2_ALG_SHA384:
121 mycontext->hash.gcry_hash_alg = GCRY_MD_SHA384;
122 break;
123 default:
124 LOG_ERROR("Unsupported hash algorithm (%"PRIu16")", hashAlg);
125 free(mycontext);
126 return TSS2_SYS_RC_GENERAL_FAILURE;
127 }
128 int hash_len = gcry_md_get_algo_dlen(mycontext->hash.gcry_hash_alg);
129 if (hash_len <= 0) {
130 LOG_ERROR("Unsupported hash algorithm (%"PRIu16")", hashAlg);
131 free(mycontext);
132 return TSS2_SYS_RC_GENERAL_FAILURE;
133 }
134 mycontext->hash.hash_len = hash_len;
135
136 gcry_error_t r = gcry_md_open(&mycontext->hash.gcry_context,
137 mycontext->hash.gcry_hash_alg, 0);
138 if (r != 0) {
139 LOG_ERROR("GCry error.");
140 free(mycontext);
141 return TSS2_SYS_RC_GENERAL_FAILURE;
142 }
143
144 *context = (IESYS_CRYPTO_CONTEXT_BLOB *) mycontext;
145
146 return TSS2_RC_SUCCESS;
147}
148
149TSS2_RC
150iesys_cryptogcry_hash_update(IESYS_CRYPTO_CONTEXT_BLOB * context,
151 const uint8_t * buffer, size_t size)
152{
153 LOG_TRACE("called for context %p, buffer %p and size %zd", context, buffer,
154 size);
155 if (context == NULL || buffer == NULL) {
156 LOG_ERROR("Null-Pointer passed");
157 return TSS2_SYS_RC_BAD_REFERENCE;
158 }
159 IESYS_CRYPTOGCRY_CONTEXT *mycontext = (IESYS_CRYPTOGCRY_CONTEXT *) context;
160 if (mycontext->type != IESYS_CRYPTOGCRY_TYPE_HASH) {
161 LOG_ERROR("bad context");
162 return TSS2_SYS_RC_BAD_REFERENCE;
163 }
164
165 LOGBLOB_TRACE(buffer, size, "Updating hash with");
166
167 gcry_md_write(mycontext->hash.gcry_context, buffer, size);
168
169 return TSS2_RC_SUCCESS;
170}
171
172TSS2_RC
173iesys_cryptogcry_hash_update2b(IESYS_CRYPTO_CONTEXT_BLOB * context, TPM2B * b)
174{
175 LOG_TRACE("called for context-pointer %p and 2b-pointer %p", context, b);
176 if (context == NULL || b == NULL) {
177 LOG_ERROR("Null-Pointer passed");
178 return TSS2_SYS_RC_BAD_REFERENCE;
179 }
180 TSS2_RC ret = iesys_cryptogcry_hash_update(context, &b->buffer[0], b->size);
181 return ret;
182}
183
184TSS2_RC
185iesys_cryptogcry_hash_finish(IESYS_CRYPTO_CONTEXT_BLOB ** context,
186 uint8_t * buffer, size_t * size)
187{
188 LOG_TRACE("called for context-pointer %p, buffer %p and size-pointer %p",
189 context, buffer, size);
190 if (context == NULL || *context == NULL || buffer == NULL || size == NULL) {
191 LOG_ERROR("Null-Pointer passed");
192 return TSS2_SYS_RC_BAD_REFERENCE;
193 }
194 IESYS_CRYPTOGCRY_CONTEXT *mycontext = * context;
195 if (mycontext->type != IESYS_CRYPTOGCRY_TYPE_HASH) {
196 LOG_ERROR("bad context");
197 return TSS2_SYS_RC_BAD_REFERENCE;
198 }
199
200 if (*size < mycontext->hash.hash_len) {
201 LOG_ERROR("Buffer too small");
202 return TSS2_SYS_RC_BAD_REFERENCE;
203 }
204
205 uint8_t *cpHash = gcry_md_read(mycontext->hash.gcry_context,
206 mycontext->hash.gcry_hash_alg);
207 if (cpHash == NULL) {
208 LOG_ERROR("GCry error.");
209 return TSS2_SYS_RC_GENERAL_FAILURE;
210 }
211
212 LOGBLOB_TRACE(cpHash, mycontext->hash.hash_len, "read hash result");
213
214 *size = mycontext->hash.hash_len;
215 memmove(buffer, cpHash, *size);
216
217 gcry_md_close(mycontext->hash.gcry_context);
218
219 free(mycontext);
220 *context = NULL;
221
222 return TSS2_RC_SUCCESS;
223}
224
225TSS2_RC
226iesys_cryptogcry_hash_finish2b(IESYS_CRYPTO_CONTEXT_BLOB ** context, TPM2B * b)
227{
228 LOG_TRACE("called for context-pointer %p and 2b-pointer %p", context, b);
229 if (context == NULL || *context == NULL || b == NULL) {
230 LOG_ERROR("Null-Pointer passed");
231 return TSS2_SYS_RC_BAD_REFERENCE;
232 }
233 size_t s = b->size;
234 TSS2_RC ret = iesys_cryptogcry_hash_finish(context, &b->buffer[0], &s);
235 b->size = s;
236 return ret;
237}
238
239void
240iesys_cryptogcry_hash_abort(IESYS_CRYPTO_CONTEXT_BLOB ** context)
241{
242 LOG_TRACE("called for context-pointer %p", context);
243 if (context == NULL || *context == NULL) {
244 LOG_DEBUG("Null-Pointer passed");
245 return;
246 }
247 IESYS_CRYPTOGCRY_CONTEXT *mycontext =
248 (IESYS_CRYPTOGCRY_CONTEXT *) * context;
249 if (mycontext->type != IESYS_CRYPTOGCRY_TYPE_HASH) {
250 LOG_DEBUG("bad context");
251 return;
252 }
253
254 gcry_md_close(mycontext->hash.gcry_context);
255 free(mycontext);
256 *context = NULL;
257}
258
259/* HMAC */
260
261TSS2_RC
262iesys_cryptogcry_hmac_start(IESYS_CRYPTO_CONTEXT_BLOB ** context,
263 TPM2_ALG_ID hmacAlg,
264 const uint8_t * key, size_t size)
265{
266 TSS2_RC r;
267
268 LOG_TRACE("called for context-pointer %p and hmacAlg %d", context, hmacAlg);
269 LOGBLOB_TRACE(key, size, "Starting hmac with");
270 if (context == NULL || key == NULL) {
271 LOG_ERROR("Null-Pointer passed in for context");
272 return TSS2_SYS_RC_BAD_REFERENCE;
273 }
274 IESYS_CRYPTOGCRY_CONTEXT *mycontext =
275 calloc(1, sizeof(IESYS_CRYPTOGCRY_CONTEXT));
276 if (mycontext == NULL) {
277 LOG_ERROR("Out of Memory");
278 return TSS2_SYS_RC_GENERAL_FAILURE;
279 }
280
281 switch (hmacAlg) {
282 case TPM2_ALG_SHA1:
283 mycontext->hmac.gcry_hmac_alg = GCRY_MAC_HMAC_SHA1;
284 break;
285 case TPM2_ALG_SHA256:
286 mycontext->hmac.gcry_hmac_alg = GCRY_MAC_HMAC_SHA256;
287 break;
288 default:
289 LOG_ERROR("Unsupported hmac algo.");
290 free(mycontext);
291 return TSS2_SYS_RC_GENERAL_FAILURE;
292 }
293
294 int hmac_len = gcry_mac_get_algo_maclen(mycontext->hmac.gcry_hmac_alg);
295 if (hmac_len <= 0) {
296 LOG_ERROR("GCry error.");
297 free(mycontext);
298 return TSS2_SYS_RC_GENERAL_FAILURE;
299 }
300
301 mycontext->type = IESYS_CRYPTOGCRY_TYPE_HMAC;
302 mycontext->hmac.hmac_len = hmac_len;
303
304 r = gcry_mac_open(&mycontext->hmac.gcry_context,
305 mycontext->hmac.gcry_hmac_alg, 0, NULL);
306 if (r != 0) {
307 LOG_ERROR("GCry error.");
308 free(mycontext);
309 return TSS2_SYS_RC_GENERAL_FAILURE;
310 }
311
312 r = gcry_mac_setkey(mycontext->hmac.gcry_context, key, size);
313 if (r != 0) {
314 LOG_ERROR("GCry error.");
315 gcry_mac_close(mycontext->hmac.gcry_context);
316 free(mycontext);
317 return TSS2_SYS_RC_GENERAL_FAILURE;
318 }
319
320 *context = (IESYS_CRYPTO_CONTEXT_BLOB *) mycontext;
321
322 return TSS2_RC_SUCCESS;
323}
324
325TSS2_RC
326iesys_cryptogcry_hmac_start2b(IESYS_CRYPTO_CONTEXT_BLOB ** context,
327 TPM2_ALG_ID hmacAlg, TPM2B * b)
328{
329 LOG_TRACE("called for context-pointer %p and 2b-pointer %p", context, b);
330 if (context == NULL || b == NULL) {
331 LOG_ERROR("Null-Pointer passed");
332 return TSS2_SYS_RC_BAD_REFERENCE;
333 }
334 TSS2_RC ret = iesys_cryptogcry_hmac_start(context, hmacAlg, &b->buffer[0],
335 b->size);
336 return ret;
337}
338
339TSS2_RC
340iesys_cryptogcry_hmac_update(IESYS_CRYPTO_CONTEXT_BLOB * context,
341 const uint8_t * buffer, size_t size)
342{
343 LOG_TRACE("called for context %p, buffer %p and size %zd",
344 context, buffer, size);
345 if (context == NULL || buffer == NULL) {
346 LOG_ERROR("Null-Pointer passed");
347 return TSS2_SYS_RC_BAD_REFERENCE;
348 }
349 IESYS_CRYPTOGCRY_CONTEXT *mycontext = (IESYS_CRYPTOGCRY_CONTEXT *) context;
350 if (mycontext->type != IESYS_CRYPTOGCRY_TYPE_HMAC) {
351 LOG_ERROR("bad context");
352 return TSS2_SYS_RC_BAD_REFERENCE;
353 }
354
355 LOGBLOB_TRACE(buffer, size, "Updating hmac with");
356
357 gcry_mac_write(mycontext->hmac.gcry_context, buffer, size);
358
359 return TSS2_RC_SUCCESS;
360}
361
362TSS2_RC
363iesys_cryptogcry_hmac_update2b(IESYS_CRYPTO_CONTEXT_BLOB * context, TPM2B * b)
364{
365 LOG_TRACE("called for context-pointer %p and 2b-pointer %p", context, b);
366 if (context == NULL || b == NULL) {
367 LOG_ERROR("Null-Pointer passed");
368 return TSS2_SYS_RC_BAD_REFERENCE;
369 }
370 TSS2_RC ret = iesys_cryptogcry_hmac_update(context, &b->buffer[0], b->size);
371 return ret;
372}
373
374TSS2_RC
375iesys_cryptogcry_hmac_finish(IESYS_CRYPTO_CONTEXT_BLOB ** context,
376 uint8_t * buffer, size_t * size)
377{
378 LOG_TRACE("called for context-pointer %p, buffer %p and size-pointer %p",
379 context, buffer, size);
380 if (context == NULL || *context == NULL || buffer == NULL || size == NULL) {
381 LOG_ERROR("Null-Pointer passed");
382 return TSS2_SYS_RC_BAD_REFERENCE;
383 }
384 IESYS_CRYPTOGCRY_CONTEXT *mycontext =
385 (IESYS_CRYPTOGCRY_CONTEXT *) * context;
386 if (mycontext->type != IESYS_CRYPTOGCRY_TYPE_HMAC) {
387 LOG_ERROR("bad context");
388 return TSS2_SYS_RC_BAD_REFERENCE;
389 }
390
391 if (*size < mycontext->hmac.hmac_len) {
392 LOG_ERROR("Buffer too small");
393 return TSS2_SYS_RC_BAD_SIZE;
394 }
395
396 TSS2_RC r = gcry_mac_read(mycontext->hmac.gcry_context, buffer, size);
397 if (r != 0) {
398 LOG_ERROR("GCry error.");
399 return TSS2_SYS_RC_GENERAL_FAILURE;
400 }
401
402 LOGBLOB_TRACE(buffer, *size, "read hmac result");
403
404 gcry_mac_close(mycontext->hmac.gcry_context);
405
406 free(mycontext);
407 *context = NULL;
408
409 return TSS2_RC_SUCCESS;
410}
411
412TSS2_RC
413iesys_cryptogcry_hmac_finish2b(IESYS_CRYPTO_CONTEXT_BLOB ** context, TPM2B * b)
414{
415 LOG_TRACE("called for context-pointer %p and 2b-pointer %p", context, b);
416 if (context == NULL || *context == NULL || b == NULL) {
417 LOG_ERROR("Null-Pointer passed");
418 return TSS2_SYS_RC_BAD_REFERENCE;
419 }
420 size_t s = b->size;
421 TSS2_RC ret = iesys_cryptogcry_hmac_finish(context, &b->buffer[0], &s);
422 b->size = s;
423 return ret;
424}
425
426void
427iesys_cryptogcry_hmac_abort(IESYS_CRYPTO_CONTEXT_BLOB ** context)
428{
429 LOG_TRACE("called for context-pointer %p", context);
430 if (context == NULL || *context == NULL) {
431 LOG_DEBUG("Null-Pointer passed");
432 return;
433 }
434 if (*context != NULL) {
435 IESYS_CRYPTOGCRY_CONTEXT *mycontext =
436 (IESYS_CRYPTOGCRY_CONTEXT *) * context;
437 if (mycontext->type != IESYS_CRYPTOGCRY_TYPE_HMAC) {
438 LOG_DEBUG("bad context");
439 return;
440 }
441
442 gcry_mac_close(mycontext->hmac.gcry_context);
443
444 free(mycontext);
445 *context = NULL;
446 }
447}
448
449TSS2_RC
450iesys_crypto_pHash(TPM2_ALG_ID alg,
451 const uint8_t rcBuffer[4],
452 const uint8_t ccBuffer[4],
453 const TPM2B_NAME * name1,
454 const TPM2B_NAME * name2,
455 const TPM2B_NAME * name3,
456 const uint8_t * pBuffer,
457 size_t pBuffer_size, uint8_t * pHash, size_t * pHash_size)
458{
459 LOG_TRACE("called");
460 if (ccBuffer == NULL || pBuffer == NULL || pHash == NULL
461 || pHash_size == NULL) {
462 LOG_ERROR("Null-Pointer passed");
463 return TSS2_SYS_RC_BAD_REFERENCE;
464 }
465
466 IESYS_CRYPTO_CONTEXT_BLOB *cryptoContext;
467
468 TSS2_RC r = iesys_crypto_hash_start(&cryptoContext, alg);
469 return_if_error(r, "Error");
470
471 if (rcBuffer != NULL) {
472 r = iesys_crypto_hash_update(cryptoContext, &rcBuffer[0], 4);
473 goto_if_error(r, "Error", error);
474 }
475
476 r = iesys_crypto_hash_update(cryptoContext, &ccBuffer[0], 4);
477 goto_if_error(r, "Error", error);
478
479 if (name1 != NULL) {
480 r = iesys_crypto_hash_update2b(cryptoContext, (TPM2B *) name1);
481 goto_if_error(r, "Error", error);
482 }
483
484 if (name2 != NULL) {
485 r = iesys_crypto_hash_update2b(cryptoContext, (TPM2B *) name2);
486 goto_if_error(r, "Error", error);
487 }
488
489 if (name3 != NULL) {
490 r = iesys_crypto_hash_update2b(cryptoContext, (TPM2B *) name3);
491 goto_if_error(r, "Error", error);
492 }
493
494 r = iesys_crypto_hash_update(cryptoContext, pBuffer, pBuffer_size);
495 goto_if_error(r, "Error", error);
496
497 r = iesys_crypto_hash_finish(&cryptoContext, pHash, pHash_size);
498 goto_if_error(r, "Error", error);
499
500 return r;
501
502 error:
503 iesys_crypto_hash_abort(&cryptoContext);
504 return r;
505}
506
507TSS2_RC
508iesys_crypto_authHmac(TPM2_ALG_ID alg,
509 uint8_t * hmacKey, size_t hmacKeySize,
510 const uint8_t * pHash,
511 size_t pHash_size,
512 const TPM2B_NONCE * nonceNewer,
513 const TPM2B_NONCE * nonceOlder,
514 const TPM2B_NONCE * nonceDecrypt,
515 const TPM2B_NONCE * nonceEncrypt,
516 TPMA_SESSION sessionAttributes, TPM2B_AUTH * hmac)
517{
518 LOG_TRACE("called");
519 if (hmacKey == NULL || pHash == NULL || nonceNewer == NULL ||
520 nonceOlder == NULL || hmac == NULL) {
521 LOG_ERROR("Null-Pointer passed");
522 return TSS2_SYS_RC_BAD_REFERENCE;
523 }
524
525 uint8_t sessionAttribs[sizeof(sessionAttributes)];
526 size_t sessionAttribs_size = 0;
527
528 IESYS_CRYPTO_CONTEXT_BLOB *cryptoContext;
529
530 TSS2_RC r =
531 iesys_crypto_hmac_start(&cryptoContext, alg, hmacKey, hmacKeySize);
532 return_if_error(r, "Error");
533
534 r = iesys_crypto_hmac_update(cryptoContext, pHash, pHash_size);
535 goto_if_error(r, "Error", error);
536
537 r = iesys_crypto_hmac_update2b(cryptoContext, (TPM2B *) nonceNewer);
538 goto_if_error(r, "Error", error);
539
540 r = iesys_crypto_hmac_update2b(cryptoContext, (TPM2B *) nonceOlder);
541 goto_if_error(r, "Error", error);
542
543 if (nonceDecrypt != NULL) {
544 r = iesys_crypto_hmac_update2b(cryptoContext, (TPM2B *) nonceDecrypt);
545 goto_if_error(r, "Error", error);
546 }
547
548 if (nonceEncrypt != NULL) {
549 r = iesys_crypto_hmac_update2b(cryptoContext, (TPM2B *) nonceEncrypt);
550 goto_if_error(r, "Error", error);
551 }
552
553 r = Tss2_MU_TPMA_SESSION_Marshal(sessionAttributes,
554 &sessionAttribs[0],
555 sizeof(sessionAttribs),
556 &sessionAttribs_size);
557 goto_if_error(r, "Error", error);
558
559 r = iesys_crypto_hmac_update(cryptoContext, &sessionAttribs[0],
560 sessionAttribs_size);
561 goto_if_error(r, "Error", error);
562
563 r = iesys_crypto_hmac_finish2b(&cryptoContext, (TPM2B *) hmac);
564 goto_if_error(r, "Error", error);
565
566 return r;
567
568 error:
569 iesys_crypto_hmac_abort(&cryptoContext);
570 return r;
571
572}
573
574TSS2_RC
575iesys_crypto_KDFaHmac(TPM2_ALG_ID alg,
576 uint8_t * hmacKey,
577 size_t hmacKeySize,
578 uint32_t counter,
579 const char *label,
580 TPM2B_NONCE * contextU,
581 TPM2B_NONCE * contextV,
582 uint32_t bitlength, uint8_t * hmac, size_t * hmacSize)
583{
584 LOG_TRACE("called");
585 if (hmacKey == NULL || contextU == NULL || contextV == NULL) {
586 LOG_ERROR("Null-Pointer passed");
587 return TSS2_SYS_RC_BAD_REFERENCE;
588 }
589
590 uint8_t buffer32[sizeof(uint32_t)];
591 size_t buffer32_size = 0;
592
593 IESYS_CRYPTO_CONTEXT_BLOB *cryptoContext;
594
595 TSS2_RC r =
596 iesys_crypto_hmac_start(&cryptoContext, alg, hmacKey, hmacKeySize);
597 return_if_error(r, "Error");
598
599 r = Tss2_MU_UINT32_Marshal(counter, &buffer32[0], sizeof(UINT32),
600 &buffer32_size);
601 goto_if_error(r, "Marshalling", error);
602 r = iesys_crypto_hmac_update(cryptoContext, &buffer32[0], buffer32_size);
603 goto_if_error(r, "HMAC-Update", error);
604
605 if (label != NULL) {
606 size_t lsize = strlen(label) + 1;
607 r = iesys_crypto_hmac_update(cryptoContext, (uint8_t *) label, lsize);
608 goto_if_error(r, "Error", error);
609 }
610
611 r = iesys_crypto_hmac_update2b(cryptoContext, (TPM2B *) contextU);
612 goto_if_error(r, "Error", error);
613
614 r = iesys_crypto_hmac_update2b(cryptoContext, (TPM2B *) contextV);
615 goto_if_error(r, "Error", error);
616
617 buffer32_size = 0;
618 r = Tss2_MU_UINT32_Marshal(bitlength, &buffer32[0], sizeof(UINT32),
619 &buffer32_size);
620 goto_if_error(r, "Marshalling", error);
621 r = iesys_crypto_hmac_update(cryptoContext, &buffer32[0], buffer32_size);
622 goto_if_error(r, "Error", error);
623
624 r = iesys_crypto_hmac_finish(&cryptoContext, hmac, hmacSize);
625 goto_if_error(r, "Error", error);
626
627 return r;
628
629 error:
630 iesys_crypto_hmac_abort(&cryptoContext);
631 return r;
632}
633
634TSS2_RC
635iesys_crypto_KDFa(TPM2_ALG_ID hashAlg,
636 uint8_t * hmacKey,
637 size_t hmacKeySize,
638 const char *label,
639 TPM2B_NONCE * contextU,
640 TPM2B_NONCE * contextV,
641 uint32_t bitLength, uint32_t * counterInOut, BYTE * outKey)
642{
643 LOG_DEBUG("IESYS KDFa hmac key hashAlg: %i label: %s bitLength: %i",
644 hashAlg, label, bitLength);
645 if (counterInOut != NULL)
646 LOG_TRACE("IESYS KDFa hmac key counterInOut: %i", *counterInOut);
647 LOGBLOB_DEBUG(hmacKey, hmacKeySize, "IESYS KDFa hmac key");
648
649 LOGBLOB_DEBUG(&contextU->buffer[0], contextU->size,
650 "IESYS KDFa contextU key");
651 LOGBLOB_DEBUG(&contextV->buffer[0], contextV->size,
652 "IESYS KDFa contextV key");
653 BYTE *subKey = outKey;
654 UINT32 counter = 0;
655 INT32 bytes = 0;
656 size_t hlen = 0;
657 TSS2_RC r = iesys_crypto_hash_get_digest_size(hashAlg, &hlen);
658 return_if_error(r, "Error");
659 if (counterInOut != NULL)
660 counter = *counterInOut;
661 bytes = (bitLength + 7) / 8;
662 LOG_DEBUG("IESYS KDFa hmac key bytes: %i", bytes);
663 for (; bytes > 0; subKey = &subKey[hlen], bytes = bytes - hlen) {
664 LOG_TRACE("IESYS KDFa hmac key bytes: %i", bytes);
665 //if(bytes < (INT32)hlen)
666 // hlen = bytes;
667 counter++;
668 r = iesys_crypto_KDFaHmac(hashAlg, hmacKey,
669 hmacKeySize, counter, label, contextU,
670 contextV, bitLength, &subKey[0], &hlen);
671 return_if_error(r, "Error");
672 }
673 if ((bitLength % 8) != 0)
674 outKey[0] &= ((1 << (bitLength % 8)) - 1);
675 if (counterInOut != NULL)
676 *counterInOut = counter;
677 LOGBLOB_DEBUG(outKey, (bitLength + 7) / 8, "IESYS KDFa key");
678 return TPM2_RC_SUCCESS;
679}
680
681TSS2_RC
682iesys_cryptogcry_random2b(TPM2B_NONCE * nonce, size_t num_bytes)
683{
684 if (num_bytes == 0) {
685 nonce->size = sizeof(TPMU_HA);
686 } else {
687 nonce->size = num_bytes;
688 }
689 /*
690 * possible values for random level:
691 * GCRY_WEAK_RANDOM GCRY_STRONG_RANDOM GCRY_VERY_STRONG_RANDOM
692 */
693 gcry_randomize(&nonce->buffer[0], nonce->size, GCRY_STRONG_RANDOM);
694 return TSS2_RC_SUCCESS;
695}
696
697TSS2_RC
698iesys_cryptogcry_pk_encrypt(TPM2B_PUBLIC * key,
699 size_t in_size,
700 BYTE * in_buffer,
701 size_t max_out_size,
702 BYTE * out_buffer,
703 size_t * out_size, const char *label)
704{
705 TSS2_RC r;
706 gcry_mpi_t mpi_data;
707 gcry_error_t err;
708 char *hash_alg;
709 size_t lsize = 0;
710 BYTE exponent[4] = { 0x00, 0x01, 0x00, 0x01 };
711 //gcry_mpi_t mpi_exp;
712 char *padding;
713 char *curveId;
714 gcry_sexp_t sexp_data, sexp_key, sexp_cipher, sexp_cipher_a;
715 if (label != NULL)
716 lsize = strlen(label) + 1;
717 switch (key->publicArea.nameAlg) {
718 case TPM2_ALG_SHA1:
719 hash_alg = "sha1";
720 break;
721 case TPM2_ALG_SHA256:
722 hash_alg = "sha256";
723 break;
724 default:
725 LOG_ERROR("Hash alg not implemented");
726 return TSS2_SYS_RC_BAD_VALUE;
727 }
728 switch (key->publicArea.type) {
729 case TPM2_ALG_RSA:
730 switch (key->publicArea.parameters.rsaDetail.scheme.scheme) {
731 case TPM2_ALG_NULL:
732 padding = "raw";
733 break;
734 case TPM2_ALG_RSAES:
735 padding = "pkcs1";
736 break;
737 case TPM2_ALG_OAEP:
738 padding = "oaep";
739 break;
740 default:
741 LOG_ERROR("Illegal RSA scheme");
742 return TSS2_SYS_RC_BAD_VALUE;
743 }
744 size_t offset = 0;
745 r = Tss2_MU_UINT32_Marshal(key->publicArea.parameters.rsaDetail.exponent,
746 &exponent[0], sizeof(UINT32), &offset);
747 if (r != TSS2_RC_SUCCESS) {
748 LOG_ERROR("Marshalling");
749 return r;
750 }
751 err = gcry_sexp_build(&sexp_data, NULL,
752 "(data (flags %s) (hash-algo %s) (label %b) (value %b) )",
753 padding, hash_alg, lsize, label, (int)in_size,
754 in_buffer);
755 if (err != GPG_ERR_NO_ERROR) {
756 LOG_ERROR("Function gcry_sexp_build");
757 return TSS2_SYS_RC_GENERAL_FAILURE;
758 }
759 err =
760 gcry_sexp_build(&sexp_key, NULL, "(public-key (rsa (n %b) (e %b)))",
761 (int)key->publicArea.unique.rsa.size,
762 &key->publicArea.unique.rsa.buffer[0], 4, exponent);
763 if (err != GPG_ERR_NO_ERROR) {
764 LOG_ERROR("Function gcry_sexp_build");
765 return TSS2_SYS_RC_GENERAL_FAILURE;
766 }
767 break;
768 case TPM2_ALG_ECC:
769 switch (key->publicArea.parameters.eccDetail.curveID) {
770 case TPM2_ECC_NIST_P192:
771 curveId = "nistp192";
772 break;
773 case TPM2_ECC_NIST_P224:
774 curveId = "nistp224";
775 break;
776 case TPM2_ECC_NIST_P256:
777 curveId = "nistp265";
778 break;
779 case TPM2_ECC_NIST_P384:
780 curveId = "nistp384";
781 break;
782 case TPM2_ECC_NIST_P521:
783 curveId = "nistp521";
784 break;
785 default:
786 LOG_ERROR("Illegal ECC curve ID");
787 return TSS2_SYS_RC_BAD_VALUE;
788 }
789 gcry_mpi_point_t mpi_q = gcry_mpi_point_new(0);
790 gcry_mpi_t mpi_x, mpi_y;
791 err = gcry_mpi_scan(&mpi_x, GCRYMPI_FMT_USG,
792 &key->publicArea.unique.ecc.x.buffer[0],
793 key->publicArea.unique.ecc.x.size, NULL);
794 if (err != GPG_ERR_NO_ERROR) {
795 LOG_ERROR("Function gcry_mpi_scan");
796 return TSS2_SYS_RC_GENERAL_FAILURE;
797 }
798 err = gcry_mpi_scan(&mpi_y, GCRYMPI_FMT_USG,
799 &key->publicArea.unique.ecc.y.buffer[0],
800 key->publicArea.unique.ecc.y.size, NULL);
801 if (err != GPG_ERR_NO_ERROR) {
802 LOG_ERROR("Function gcry_mpi_scan");
803 return TSS2_SYS_RC_GENERAL_FAILURE;
804 }
805 gcry_mpi_point_get(mpi_x, mpi_y, NULL, mpi_q);
806 err =
807 gcry_mpi_scan(&mpi_data, GCRYMPI_FMT_USG, in_buffer, in_size, NULL);
808 if (err != GPG_ERR_NO_ERROR) {
809 LOG_ERROR("Function gcry_mpi_scan");
810 return TSS2_SYS_RC_GENERAL_FAILURE;
811 }
812 err = gcry_sexp_build(&sexp_data, NULL, "(data (value %m))", mpi_data);
813 if (err != GPG_ERR_NO_ERROR) {
814 LOG_ERROR("Function gcry_sexp_build");
815 return TSS2_SYS_RC_GENERAL_FAILURE;
816 }
817 err = gcry_sexp_build(&sexp_key, NULL,
818 "(public-key (ecc (curve %s) (e %m)))", curveId,
819 mpi_q);
820 if (err != GPG_ERR_NO_ERROR) {
821 LOG_ERROR("Function gcry_sexp_build");
822 return TSS2_SYS_RC_GENERAL_FAILURE;
823 }
824 break;
825 default:
826 LOG_ERROR("Not implemented");
827 return TSS2_SYS_RC_GENERAL_FAILURE;
828 }
829 err = gcry_pk_encrypt(&sexp_cipher, sexp_data, sexp_key);
830 if (err != GPG_ERR_NO_ERROR) {
831 LOG_ERROR("Function gcry_pk_encrypt");
832 return TSS2_SYS_RC_GENERAL_FAILURE;
833 }
834 sexp_cipher_a = gcry_sexp_find_token(sexp_cipher, "a", 0);
835 gcry_mpi_t mpi_cipher =
836 gcry_sexp_nth_mpi(sexp_cipher_a, 1, GCRYMPI_FMT_USG);
837 size_t alen;
838 const void *a;
839 a = gcry_sexp_nth_data(sexp_cipher_a, 1, &alen);
840 (void)a;
841 (void)alen;
842 err = gcry_mpi_print(GCRYMPI_FMT_USG, &out_buffer[0], max_out_size,
843 out_size, mpi_cipher);
844 if (err != GPG_ERR_NO_ERROR) {
845 LOG_ERROR("Function gcry_mpi_print");
846 return TSS2_SYS_RC_GENERAL_FAILURE;
847 }
848 free(sexp_data);
849 free(sexp_key);
850 free(sexp_cipher);
851 free(sexp_cipher_a);
852 return TSS2_RC_SUCCESS;
853}
854
855TSS2_RC
856iesys_cryptogcry_pk_decrypt(TPM2B_PUBLIC * key,
857 size_t in_size, BYTE * in_buffer,
858 size_t max_out_size,
859 BYTE * out_buffer,
860 size_t * out_size, const char *label)
861{
862 gcry_mpi_t mpi_data;
863 gcry_error_t err;
864 // char *hash_alg;
865 // size_t lsize = 0;
866 BYTE exponent[4] = { 0x00, 0x01, 0x00, 0x01 };
867 //gcry_mpi_t mpi_exp;
868 char *padding;
869 char *curveId;
870 gcry_sexp_t sexp_data, sexp_key, sexp_cipher, sexp_data_value;
871 //if (label != NULL)
872 // lsize = strlen(label) + 1;
873 switch (key->publicArea.nameAlg) {
874 case TPM2_ALG_SHA1:
875 // hash_alg = "sha1";
876 break;
877 case TPM2_ALG_SHA256:
878 // hash_alg = "sha256";
879 break;
880 default:
881 LOG_ERROR("Hash alg not implemented");
882 return TSS2_SYS_RC_BAD_VALUE;
883 }
884 switch (key->publicArea.type) {
885 case TPM2_ALG_RSA:
886 switch (key->publicArea.parameters.rsaDetail.scheme.scheme) {
887 case TPM2_ALG_NULL:
888 padding = "raw";
889 break;
890 case TPM2_ALG_RSAES:
891 padding = "pkcs1";
892 break;
893 case TPM2_ALG_OAEP:
894 padding = "oaep";
895 break;
896 default:
897 LOG_ERROR("Illegal RSA scheme");
898 return TSS2_SYS_RC_BAD_VALUE;
899 }
900 size_t offset = 0;
901 err =
902 gcry_sexp_build(&sexp_cipher, NULL,
903 "(enc-val (flags %s) (rsa (a %b))", padding,
904 (int)in_size, in_buffer);
905 if (err != GPG_ERR_NO_ERROR) {
906 LOG_ERROR("Function gcry_sexp_build");
907 return TSS2_SYS_RC_GENERAL_FAILURE;
908 }
909 err =
910 gcry_sexp_build(&sexp_key, NULL, "(public-key (rsa (n %b) (e %b)))",
911 (int)key->publicArea.unique.rsa.size,
912 &key->publicArea.unique.rsa.buffer[0], 4, exponent);
913 if (err != GPG_ERR_NO_ERROR) {
914 LOG_ERROR("Function gcry_sexp_build");
915 return TSS2_SYS_RC_GENERAL_FAILURE;
916 }
917 break;
918 case TPM2_ALG_ECC:
919 switch (key->publicArea.parameters.eccDetail.curveID) {
920 case TPM2_ECC_NIST_P192:
921 curveId = "nistp192";
922 break;
923 case TPM2_ECC_NIST_P224:
924 curveId = "nistp224";
925 break;
926 case TPM2_ECC_NIST_P256:
927 curveId = "nistp265";
928 break;
929 case TPM2_ECC_NIST_P384:
930 curveId = "nistp384";
931 break;
932 case TPM2_ECC_NIST_P521:
933 curveId = "nistp521";
934 break;
935 default:
936 LOG_ERROR("Illegal ECC curve ID");
937 return TSS2_SYS_RC_BAD_VALUE;
938 }
939 gcry_mpi_point_t mpi_q = gcry_mpi_point_new(0);
940 gcry_mpi_t mpi_x, mpi_y;
941 err = gcry_mpi_scan(&mpi_x, GCRYMPI_FMT_USG,
942 &key->publicArea.unique.ecc.x.buffer[0],
943 key->publicArea.unique.ecc.x.size, NULL);
944 if (err != GPG_ERR_NO_ERROR) {
945 LOG_ERROR("Function gcry_mpi_scan");
946 return TSS2_SYS_RC_GENERAL_FAILURE;
947 }
948 err = gcry_mpi_scan(&mpi_y, GCRYMPI_FMT_USG,
949 &key->publicArea.unique.ecc.y.buffer[0],
950 key->publicArea.unique.ecc.y.size, NULL);
951 if (err != GPG_ERR_NO_ERROR) {
952 LOG_ERROR("Function gcry_mpi_scan");
953 return TSS2_SYS_RC_GENERAL_FAILURE;
954 }
955 gcry_mpi_point_get(mpi_x, mpi_y, NULL, mpi_q);
956 err =
957 gcry_mpi_scan(&mpi_data, GCRYMPI_FMT_USG, in_buffer, in_size, NULL);
958 if (err != GPG_ERR_NO_ERROR) {
959 LOG_ERROR("Function gcry_mpi_scan");
960 return TSS2_SYS_RC_GENERAL_FAILURE;
961 }
962 err =
963 gcry_sexp_build(&sexp_cipher, NULL, "(enc-val (ecc (a %m)))",
964 mpi_data);
965 if (err != GPG_ERR_NO_ERROR) {
966 LOG_ERROR("Function gcry_sexp_build");
967 return TSS2_SYS_RC_GENERAL_FAILURE;
968 }
969 err = gcry_sexp_build(&sexp_key, NULL,
970 "(public-key (ecc (curve %s) (e %m)))", curveId,
971 mpi_q);
972 if (err != GPG_ERR_NO_ERROR) {
973 LOG_ERROR("Function gcry_sexp_build");
974 return TSS2_SYS_RC_GENERAL_FAILURE;
975 }
976 break;
977 default:
978 LOG_ERROR("Not implemented");
979 return TSS2_SYS_RC_GENERAL_FAILURE;
980 }
981 err = gcry_pk_decrypt(&sexp_data, sexp_cipher, sexp_key);
982 if (err != GPG_ERR_NO_ERROR) {
983 LOG_ERROR("Function gcry_pk_decrypt");
984 return TSS2_SYS_RC_GENERAL_FAILURE;
985 }
986 sexp_data_value = gcry_sexp_find_token(sexp_data, "value", 0);
987 if (err != GPG_ERR_NO_ERROR) {
988 LOG_ERROR("Function gcry_sexp_find_token");
989 return TSS2_SYS_RC_GENERAL_FAILURE;
990 }
991 mpi_data = gcry_sexp_nth_mpi(sexp_data_value, 1, GCRYMPI_FMT_USG);
992 size_t vlen;
993 const void *v;
994 v = gcry_sexp_nth_data(sexp_data_value, 1, &vlen);
995 (void)v;
996 (void)vlen;
997 err =
998 gcry_mpi_print(GCRYMPI_FMT_USG, &out_buffer[0], max_out_size, out_size,
999 mpi_data);
1000 if (err != GPG_ERR_NO_ERROR) {
1001 LOG_ERROR("Function gcry_mpi_print");
1002 return TSS2_SYS_RC_GENERAL_FAILURE;
1003 }
1004 free(sexp_data);
1005 free(sexp_key);
1006 free(sexp_cipher);
1007 free(sexp_data_value);
1008 return TSS2_RC_SUCCESS;
1009}
1010
1011TSS2_RC
1012iesys_cryptogcry_sym_aes_init(gcry_cipher_hd_t * cipher_hd,
1013 uint8_t * key,
1014 TPM2_ALG_ID tpm_sym_alg,
1015 TPMI_AES_KEY_BITS key_bits,
1016 TPM2_ALG_ID tpm_mode,
1017 size_t blk_len, size_t iv_len, uint8_t * iv)
1018{
1019
1020 LOGBLOB_TRACE(key, (key_bits + 7) / 8, "IESYS AES key");
1021 LOGBLOB_TRACE(iv, iv_len, "IESYS AES iv");
1022 int algo, mode, len;
1023 //int blk_len = 16;
1024 size_t key_len = 0;
1025 gcry_error_t err;
1026 switch (tpm_sym_alg) {
1027 case TPM2_ALG_AES:
1028 switch (key_bits) {
1029 case 128:
1030 algo = GCRY_CIPHER_AES128;
1031 len = 128;
1032 break;
1033 case 192:
1034 algo = GCRY_CIPHER_AES192;
1035 len = 192;
1036 break;
1037 case 256:
1038 algo = GCRY_CIPHER_AES256;
1039 len = 256;
1040 break;
1041 default:
1042 LOG_ERROR("Illegal key length.");
1043 return TSS2_SYS_RC_BAD_VALUE;
1044 }
1045 switch (tpm_mode) {
1046 case TPM2_ALG_CBC:
1047 mode = GCRY_CIPHER_MODE_CBC;
1048 break;
1049 case TPM2_ALG_CFB:
1050 mode = GCRY_CIPHER_MODE_CFB;
1051 break;
1052 default:
1053 LOG_ERROR("Illegal symmetric algorithm.");
1054 return TSS2_SYS_RC_BAD_VALUE;
1055 }
1056 break;
1057 default:
1058 LOG_ERROR("Illegal symmetric algorithm.");
1059 return TSS2_SYS_RC_BAD_VALUE;
1060 }
1061 key_len = (len + 7) / 8;
1062 err = gcry_cipher_open(cipher_hd, algo, mode, 0);
1063 if (err != GPG_ERR_NO_ERROR) {
1064 LOG_ERROR("Opening gcrypt context");
1065 return TSS2_SYS_RC_GENERAL_FAILURE;
1066 }
1067 if (iv_len != 0) {
1068 err = gcry_cipher_setiv(*cipher_hd, &iv[0], blk_len);
1069 if (err != GPG_ERR_NO_ERROR) {
1070 LOG_ERROR("Function gcry_cipher_setiv");
1071 return TSS2_SYS_RC_GENERAL_FAILURE;
1072 }
1073 }
1074 err = gcry_cipher_setkey(*cipher_hd, key, key_len);
1075 if (err != GPG_ERR_NO_ERROR) {
1076 LOG_ERROR("Function gcry_cipher_setkey");
1077 return TSS2_SYS_RC_GENERAL_FAILURE;
1078 }
1079 return TSS2_RC_SUCCESS;
1080}
1081
1082TSS2_RC
1083iesys_cryptogcry_sym_aes_encrypt(uint8_t * key,
1084 TPM2_ALG_ID tpm_sym_alg,
1085 TPMI_AES_KEY_BITS key_bits,
1086 TPM2_ALG_ID tpm_mode,
1087 size_t blk_len,
1088 uint8_t * buffer,
1089 size_t buffer_size,
1090 uint8_t * iv, size_t iv_len)
1091{
1092 gcry_cipher_hd_t cipher_hd;
1093 //int blk_len = 16;
1094 gcry_error_t err;
1095 TSS2_RC r;
1096 r = iesys_cryptogcry_sym_aes_init(&cipher_hd, key, tpm_sym_alg,
1097 key_bits, tpm_mode, blk_len, iv_len, iv);
1098 if (r != TSS2_RC_SUCCESS)
1099 return r;
1100 LOGBLOB_TRACE(buffer, buffer_size, "IESYS AES input");
1101 err = gcry_cipher_encrypt(cipher_hd, buffer, buffer_size, NULL, 0);
1102 LOGBLOB_TRACE(buffer, buffer_size, "IESYS AES output");
1103 if (err != GPG_ERR_NO_ERROR) {
1104 LOG_ERROR("Function gcry_cipher_encrypt");
1105 return TSS2_SYS_RC_GENERAL_FAILURE;
1106 }
1107 gcry_cipher_close(cipher_hd);
1108 return TSS2_RC_SUCCESS;
1109}
1110
1111TSS2_RC
1112iesys_cryptogcry_sym_aes_decrypt(uint8_t * key,
1113 TPM2_ALG_ID tpm_sym_alg,
1114 TPMI_AES_KEY_BITS key_bits,
1115 TPM2_ALG_ID tpm_mode,
1116 size_t blk_len,
1117 uint8_t * buffer, size_t buffer_size,
1118 uint8_t * iv, size_t iv_len)
1119{
1120 gcry_cipher_hd_t cipher_hd;
1121 //int blk_len = 16;
1122 gcry_error_t err;
1123 TSS2_RC r;
1124 r = iesys_cryptogcry_sym_aes_init(&cipher_hd, key, tpm_sym_alg,
1125 key_bits, tpm_mode, blk_len, iv_len, iv);
1126 if (r != TSS2_RC_SUCCESS)
1127 return r;
1128 err = gcry_cipher_decrypt(cipher_hd, buffer, buffer_size, NULL, 0);
1129 if (err != GPG_ERR_NO_ERROR) {
1130 LOG_ERROR("Function gcry_cipher_decrypt");
1131 return TSS2_SYS_RC_GENERAL_FAILURE;
1132 }
1133 gcry_cipher_close(cipher_hd);
1134 return TSS2_RC_SUCCESS;
1135}