sgx decryption
The snippet can be accessed without any authentication.
Authored by
Adrien Baud
crypto.cpp 1.75 KiB
int envelope_open(EVP_PKEY *evp_pkey, unsigned char *ciphertext,
int ciphertext_len, unsigned char *encrypted_key,
int encrypted_key_len, unsigned char *iv,
unsigned char **plaintext, int *plaintext_len, unsigned char *tag) {
EVP_CIPHER_CTX *ctx;
const EVP_CIPHER *type = EVP_aes_256_gcm();
int len, ret = 0;
unsigned char *tmpptxt = nullptr;
if ((ctx = EVP_CIPHER_CTX_new()) == nullptr){
printf("%s\n", ERR_error_string(ERR_get_error(), nullptr));
return 0;
}
if ((tmpptxt = (unsigned char *)malloc(ciphertext_len)) == nullptr){
printf("%s\n", ERR_error_string(ERR_get_error(), nullptr));
ret = 0;
goto err;
}
if (EVP_OpenInit(ctx, type, encrypted_key, EVP_PKEY_size(evp_pkey),
iv, evp_pkey) != 1){
printf("%s\n", ERR_error_string(ERR_get_error(), nullptr));
ret = 0;
goto err;
}
if (EVP_OpenUpdate(ctx, tmpptxt, &len, ciphertext, ciphertext_len) != 1){
printf("%s\n", ERR_error_string(ERR_get_error(), nullptr));
ret = 0;
goto err;
}
*plaintext_len = len;
/* Set expected tag value. Works in OpenSSL 1.0.1d and later */
if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16, tag)){
printf("%s\n", ERR_error_string(ERR_get_error(), nullptr));
ret = 0;
goto err;
}
if (EVP_OpenFinal(ctx, tmpptxt + len, &len) != 1){
printf("%s\n", ERR_error_string(ERR_get_error(), nullptr));
ret = 0;
goto err;
}
*plaintext_len += len;
*plaintext = tmpptxt;
tmpptxt = nullptr;
ret = 1;
err:
EVP_CIPHER_CTX_free(ctx);
if(ret == 0){
free(tmpptxt);
}
return ret;
}
Please register or sign in to comment