in client-library/src/Attestation/AttestationClient/lib/TpmUnseal.cpp [21:113]
bool attest::GetEncryptionParameters(const Json::Value& json_obj,
EncryptionParameters& encryption_params,
std::string& err) {
err.clear();
Json::Value encryption_params_obj = json_obj.get(JSON_RESPONSE_EXCRYPTION_PARAMETERS_KEY,
Json::Value());
if(encryption_params_obj.isNull()) {
CLIENT_LOG_ERROR("Encryption parameters not found in response");
err = std::string("Failed to get encryption parameters from response.");
return false;
}
std::string block_mode_str = encryption_params_obj.get(JSON_RESPONSE_BLOCK_MODE_KEY,
"").asString();
if(block_mode_str.empty()) {
CLIENT_LOG_ERROR("Block mode not found encryption parameters");
err = std::string("Failed to get block mode from encryption parameters");
return false;
}
BlockCipherMode block_mode;
if(!toNative(block_mode_str, block_mode)) {
CLIENT_LOG_ERROR("Unsupported block mode");
err = std::string("Unsupported block mode:") + block_mode_str;
return false;
}
std::string block_padding_str = encryption_params_obj.get(JSON_RESPONSE_BLOCK_PADDING_KEY,
"").asString();
if(block_padding_str.empty()) {
CLIENT_LOG_ERROR("Block padding not found encryption parameters");
err = std::string("Failed to get block padding from encryption parameters");
return false;
}
BlockCipherPadding block_padding;
if(!toNative(block_padding_str, block_padding)) {
CLIENT_LOG_ERROR("Unsupported block padding");
err = std::string("Unsupported block padding:") + block_padding_str;
return false;
}
std::string cipher_str = encryption_params_obj.get(JSON_RESPONSE_CIPHER_KEY,
"").asString();
if(cipher_str.empty()) {
CLIENT_LOG_ERROR("Cipher algorithm not found encryption parameters");
err = std::string("Failed to get cipher algorithm from encryption parameters");
return false;
}
CipherAlgorithm cipher;
if(!toNative(cipher_str, cipher)) {
CLIENT_LOG_ERROR("Unsupported cipher algorithm");
err = std::string("Unsupported cipher algorithm:") + cipher_str;
return false;
}
size_t key_bits = static_cast<size_t>(encryption_params_obj.get(JSON_RESPONSE_BLOCK_KEY_SIZE_KEY,
0).asInt());
if(key_bits == 0) {
CLIENT_LOG_ERROR("Failed to get key bits from encryption parameters");
err = std::string("Failed to get key bits from encryption parameters");
return false;
}
std::string iv_str = encryption_params_obj.get(JSON_RESPONSE_IV_KEY, "").asString();
if(iv_str.empty()) {
CLIENT_LOG_ERROR("Failed to get iv from encryption parameters");
err = std::string("Failed to get iv from encryption parameters");
return false;
}
std::string authentication_data_str = json_obj.get(JSON_RESPONSE_AUTHENTICATION_DATA_KEY,
"").asString();
if(authentication_data_str.empty()) {
CLIENT_LOG_ERROR("Failed to get authentication data response");
err = std::string("Failed to get authentication data response");
return false;
}
encryption_params.iv = attest::base64::
base64_to_binary(iv_str);
encryption_params.authentication_data = attest::base64::
base64_to_binary(authentication_data_str);
encryption_params.block_mode = block_mode;
encryption_params.block_padding = block_padding;
encryption_params.cipher_alg = cipher;
encryption_params.key_size = key_bits;
return true;
}