1*9860b763SAndroid Build Coastguard Worker // Copyright 2022, The Android Open Source Project
2*9860b763SAndroid Build Coastguard Worker //
3*9860b763SAndroid Build Coastguard Worker // Licensed under the Apache License, Version 2.0 (the "License");
4*9860b763SAndroid Build Coastguard Worker // you may not use this file except in compliance with the License.
5*9860b763SAndroid Build Coastguard Worker // You may obtain a copy of the License at
6*9860b763SAndroid Build Coastguard Worker //
7*9860b763SAndroid Build Coastguard Worker // http://www.apache.org/licenses/LICENSE-2.0
8*9860b763SAndroid Build Coastguard Worker //
9*9860b763SAndroid Build Coastguard Worker // Unless required by applicable law or agreed to in writing, software
10*9860b763SAndroid Build Coastguard Worker // distributed under the License is distributed on an "AS IS" BASIS,
11*9860b763SAndroid Build Coastguard Worker // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12*9860b763SAndroid Build Coastguard Worker // See the License for the specific language governing permissions and
13*9860b763SAndroid Build Coastguard Worker // limitations under the License.
14*9860b763SAndroid Build Coastguard Worker
15*9860b763SAndroid Build Coastguard Worker //! Utility program to parse a legacy encrypted keyblob (but not decrypt it).
16*9860b763SAndroid Build Coastguard Worker
17*9860b763SAndroid Build Coastguard Worker use kmr_common::keyblob::legacy::EncryptedKeyBlob;
18*9860b763SAndroid Build Coastguard Worker
main()19*9860b763SAndroid Build Coastguard Worker fn main() {
20*9860b763SAndroid Build Coastguard Worker let mut hex = false;
21*9860b763SAndroid Build Coastguard Worker let args: Vec<String> = std::env::args().collect();
22*9860b763SAndroid Build Coastguard Worker for arg in &args[1..] {
23*9860b763SAndroid Build Coastguard Worker if arg == "--hex" {
24*9860b763SAndroid Build Coastguard Worker hex = !hex;
25*9860b763SAndroid Build Coastguard Worker } else {
26*9860b763SAndroid Build Coastguard Worker process(arg, hex);
27*9860b763SAndroid Build Coastguard Worker }
28*9860b763SAndroid Build Coastguard Worker }
29*9860b763SAndroid Build Coastguard Worker }
30*9860b763SAndroid Build Coastguard Worker
process(filename: &str, hex: bool)31*9860b763SAndroid Build Coastguard Worker fn process(filename: &str, hex: bool) {
32*9860b763SAndroid Build Coastguard Worker let _ = env_logger::builder().is_test(true).try_init();
33*9860b763SAndroid Build Coastguard Worker
34*9860b763SAndroid Build Coastguard Worker println!("File: {}", filename);
35*9860b763SAndroid Build Coastguard Worker let mut data: Vec<u8> = std::fs::read(filename).unwrap();
36*9860b763SAndroid Build Coastguard Worker if hex {
37*9860b763SAndroid Build Coastguard Worker let hexdata = std::str::from_utf8(&data).unwrap().trim();
38*9860b763SAndroid Build Coastguard Worker data = match hex::decode(hexdata) {
39*9860b763SAndroid Build Coastguard Worker Ok(v) => v,
40*9860b763SAndroid Build Coastguard Worker Err(e) => {
41*9860b763SAndroid Build Coastguard Worker eprintln!(
42*9860b763SAndroid Build Coastguard Worker "{}: Failed to parse hex ({:?}): len={} {}",
43*9860b763SAndroid Build Coastguard Worker filename,
44*9860b763SAndroid Build Coastguard Worker e,
45*9860b763SAndroid Build Coastguard Worker hexdata.len(),
46*9860b763SAndroid Build Coastguard Worker hexdata
47*9860b763SAndroid Build Coastguard Worker );
48*9860b763SAndroid Build Coastguard Worker return;
49*9860b763SAndroid Build Coastguard Worker }
50*9860b763SAndroid Build Coastguard Worker };
51*9860b763SAndroid Build Coastguard Worker }
52*9860b763SAndroid Build Coastguard Worker let keyblob = match EncryptedKeyBlob::deserialize(&data) {
53*9860b763SAndroid Build Coastguard Worker Ok(k) => k,
54*9860b763SAndroid Build Coastguard Worker Err(e) => {
55*9860b763SAndroid Build Coastguard Worker eprintln!("{}: Failed to parse: {:?}", filename, e);
56*9860b763SAndroid Build Coastguard Worker return;
57*9860b763SAndroid Build Coastguard Worker }
58*9860b763SAndroid Build Coastguard Worker };
59*9860b763SAndroid Build Coastguard Worker println!(
60*9860b763SAndroid Build Coastguard Worker "{}, KeyBlob {{\n format={:?}\n nonce={},\n ciphertext=...(len {}),\n tag={},",
61*9860b763SAndroid Build Coastguard Worker filename,
62*9860b763SAndroid Build Coastguard Worker keyblob.format,
63*9860b763SAndroid Build Coastguard Worker hex::encode(&keyblob.nonce),
64*9860b763SAndroid Build Coastguard Worker keyblob.ciphertext.len(),
65*9860b763SAndroid Build Coastguard Worker hex::encode(&keyblob.tag)
66*9860b763SAndroid Build Coastguard Worker );
67*9860b763SAndroid Build Coastguard Worker if let Some(kdf_version) = keyblob.kdf_version {
68*9860b763SAndroid Build Coastguard Worker println!(" kdf_version={}", kdf_version);
69*9860b763SAndroid Build Coastguard Worker }
70*9860b763SAndroid Build Coastguard Worker if let Some(addl_info) = keyblob.addl_info {
71*9860b763SAndroid Build Coastguard Worker println!(" addl_info={}", addl_info);
72*9860b763SAndroid Build Coastguard Worker }
73*9860b763SAndroid Build Coastguard Worker println!(" hw_enforced={:?},\n sw_enforced={:?},", keyblob.hw_enforced, keyblob.sw_enforced);
74*9860b763SAndroid Build Coastguard Worker if let Some(key_slot) = keyblob.key_slot {
75*9860b763SAndroid Build Coastguard Worker println!(" key_slot={}", key_slot);
76*9860b763SAndroid Build Coastguard Worker }
77*9860b763SAndroid Build Coastguard Worker println!("}}");
78*9860b763SAndroid Build Coastguard Worker
79*9860b763SAndroid Build Coastguard Worker // Also round-trip the keyblob to binary.
80*9860b763SAndroid Build Coastguard Worker let regenerated_data = keyblob.serialize().unwrap();
81*9860b763SAndroid Build Coastguard Worker assert_eq!(regenerated_data, data);
82*9860b763SAndroid Build Coastguard Worker }
83