AttestationResult AttestationClientImpl::Decrypt()

in client-library/src/Attestation/AttestationClient/lib/AttestationClientImpl.cpp [269:333]

• 56 lines of code
• 9 McCabe index (conditional complexity)

AttestationResult AttestationClientImpl::Decrypt(const attest::EncryptionType encryption_type,
                                                 const unsigned char* encrypted_data,
                                                 uint32_t encrypted_data_size,
                                                 const unsigned char* ,
                                                 uint32_t ,
                                                 unsigned char** decrypted_data,
                                                 uint32_t* decrypted_data_size,
                                                 const attest::RsaScheme rsaWrapAlgId,
                                                 const attest::RsaHashAlg rsaHashAlgId) noexcept {
    AttestationResult result(AttestationResult::ErrorCode::SUCCESS);
    if (encrypted_data == nullptr ||
        encrypted_data_size <= 0  ||
        decrypted_data == nullptr ||
        decrypted_data_size == nullptr ||
        encryption_type != attest::EncryptionType::NONE) {
        CLIENT_LOG_ERROR("Invalid input parameter");
        result.code_ = AttestationResult::ErrorCode::ERROR_INVALID_INPUT_PARAMETER;
        result.description_ = std::string("Invalid input parameter");
        return result;
    }
    try {
        Tpm tpm;
        PcrList list = GetAttestationPcrList();
        PcrSet pcrValues = tpm.GetPCRValues(list, attestation_hash_alg);

        // For encryption type 'NONE', the encrypted data is expected to be the encrypted symmetric key
        std::vector<unsigned char> in_data(encrypted_data, encrypted_data + encrypted_data_size);
        std::vector<unsigned char> out_data;
        out_data = tpm.DecryptWithEphemeralKey(pcrValues, in_data, rsaWrapAlgId, rsaHashAlgId);

        *decrypted_data = (unsigned char*)malloc(sizeof(unsigned char) * out_data.size());
        std::memcpy((void*)*decrypted_data, (void*)out_data.data(), out_data.size());
        *decrypted_data_size = out_data.size();
    }
    catch (const Tss2Exception& e) {
        // Since tss2 errors are throw Tss2Exception exception. Catch it here.
        result.code_ = AttestationResult::ErrorCode::ERROR_DATA_DECRYPTION_TPM_ERROR;
        result.tpm_error_code_ = e.get_rc();
        result.description_ = std::string(e.what());

        CLIENT_LOG_ERROR("Failed Tpm operation:%d Error:%s",
            result.tpm_error_code_,
            result.description_.c_str());
        return result;
    }
    catch (const std::exception& e) {
        // Since tss2 errors are throw runtime error exception. Catch it here.
        result.code_ = AttestationResult::ErrorCode::ERROR_TPM_INTERNAL_FAILURE;
        result.description_ = std::string(e.what());

        CLIENT_LOG_ERROR("Tpm internal error:%s",
            result.description_.c_str());
        return result;
    }
    catch (...) {
        // Unknown exception.
        result.code_ = AttestationResult::ErrorCode::ERROR_TPM_INTERNAL_FAILURE;
        result.description_ = std::string("Error: Unknown internal error");

        CLIENT_LOG_ERROR("Tpm internal error:%s",
            result.description_.c_str());
        return result;
    }
    return result;
}