|
1 /* |
|
2 * ============================================================================ |
|
3 * Name : ./accesssec/eapol/eapol_framework/wapi_common/src/ec_algorithms.cpp |
|
4 * Part of : WAPI / WAPI *** Info from the SWAD |
|
5 * Description : WAPI authentication |
|
6 * Version : %version: 28.1.2 % << Don't touch! Updated by Synergy at check-out. |
|
7 * |
|
8 * Copyright © 2001-2009 Nokia. All rights reserved. |
|
9 * This material, including documentation and any related computer |
|
10 * programs, is protected by copyright controlled by Nokia. All |
|
11 * rights are reserved. Copying, including reproducing, storing, |
|
12 * adapting or translating, any or all of this material requires the |
|
13 * prior written consent of Nokia. This material also contains |
|
14 * confidential information which may not be disclosed to others |
|
15 * without the prior written consent of Nokia. |
|
16 * ============================================================================ |
|
17 * Template version: 4.1.1 |
|
18 */ |
|
19 |
|
20 // This is enumeration of WAPI source code. |
|
21 #if defined(USE_EAP_MINIMUM_RELEASE_TRACES) |
|
22 #undef EAP_FILE_NUMBER_ENUM |
|
23 #define EAP_FILE_NUMBER_ENUM 701 |
|
24 #undef EAP_FILE_NUMBER_DATE |
|
25 #define EAP_FILE_NUMBER_DATE 1127594498 |
|
26 #endif //#if defined(USE_EAP_MINIMUM_RELEASE_TRACES) |
|
27 |
|
28 |
|
29 #if defined(USE_WAPI_CORE) |
|
30 |
|
31 #include "eap_automatic_variable.h" |
|
32 #include "ec_am_algorithms_direct_nrc.h" |
|
33 #include "ec_cs_types.h" |
|
34 #include "ec_cs_strings.h" |
|
35 #include "abs_ec_am_algorithms.h" |
|
36 #include "abs_eap_am_file_input.h" |
|
37 #include "asn1_der_type.h" |
|
38 #include "abs_ec_am_algorithms.h" |
|
39 #include "eap_crypto_api.h" |
|
40 |
|
41 #if defined(USE_NRC_ECC_ALGORITHMS) |
|
42 #include "nc_drmeccp256.h" |
|
43 #include "nc_pkcs1_5.h" |
|
44 #include "nc_hash.h" |
|
45 #include "nc_rand.h" |
|
46 #endif //#if defined(USE_NRC_ECC_ALGORITHMS) |
|
47 |
|
48 //---------------------------------------------------------------------------- |
|
49 |
|
50 EAP_FUNC_EXPORT ec_am_algorithms_direct_nrc_c::~ec_am_algorithms_direct_nrc_c() |
|
51 { |
|
52 EAP_TRACE_DEBUG( |
|
53 m_am_tools, |
|
54 TRACE_FLAGS_DEFAULT, |
|
55 (EAPL("WAPI_Core: this = 0x%08x, %s: ec_am_algorithms_direct_nrc_c::~ec_am_algorithms_direct_nrc_c():\n"), |
|
56 this, |
|
57 (m_is_client == true ? "client": "server"))); |
|
58 |
|
59 EAP_TRACE_RETURN_STRING(m_am_tools, "returns: ec_am_algorithms_direct_nrc_c::~ec_am_algorithms_direct_nrc_c()"); |
|
60 |
|
61 } |
|
62 |
|
63 //---------------------------------------------------------------------------- |
|
64 |
|
65 EAP_FUNC_EXPORT ec_am_algorithms_direct_nrc_c::ec_am_algorithms_direct_nrc_c( |
|
66 abs_eap_am_tools_c * const tools, |
|
67 abs_ec_am_algorithms_c * const partner, |
|
68 const bool is_client_when_true) |
|
69 : m_am_tools(tools) |
|
70 , m_partner(partner) |
|
71 , m_e_curve(tools) |
|
72 , m_nc_rand_state(tools) |
|
73 , m_is_client(is_client_when_true) |
|
74 , m_is_valid(false) |
|
75 { |
|
76 EAP_TRACE_DEBUG( |
|
77 m_am_tools, |
|
78 TRACE_FLAGS_DEFAULT, |
|
79 (EAPL("WAPI_Core: this = 0x%08x, %s: ec_am_algorithms_direct_nrc_c::ec_am_algorithms_direct_nrc_c():\n"), |
|
80 this, |
|
81 (m_is_client == true ? "client": "server"))); |
|
82 |
|
83 EAP_TRACE_RETURN_STRING(m_am_tools, "returns: ec_am_algorithms_direct_nrc_c::ec_am_algorithms_direct_nrc_c()"); |
|
84 |
|
85 m_is_valid = true; |
|
86 } |
|
87 |
|
88 //---------------------------------------------------------------------------- |
|
89 |
|
90 EAP_FUNC_EXPORT bool ec_am_algorithms_direct_nrc_c::get_is_valid() const |
|
91 { |
|
92 return m_is_valid; |
|
93 } |
|
94 |
|
95 //---------------------------------------------------------------------------- |
|
96 |
|
97 EAP_FUNC_EXPORT eap_status_e ec_am_algorithms_direct_nrc_c::configure() |
|
98 { |
|
99 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
100 |
|
101 EAP_TRACE_DEBUG( |
|
102 m_am_tools, |
|
103 TRACE_FLAGS_DEFAULT, |
|
104 (EAPL("WAPI_Core: this = 0x%08x, %s: ec_am_algorithms_direct_nrc_c::configure():\n"), |
|
105 this, |
|
106 (m_is_client == true ? "client": "server"))); |
|
107 |
|
108 EAP_TRACE_RETURN_STRING(m_am_tools, "returns: ec_am_algorithms_direct_nrc_c::configure()"); |
|
109 |
|
110 eap_status_e status(eap_status_ok); |
|
111 |
|
112 status = initialize_curve(); |
|
113 |
|
114 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
115 return EAP_STATUS_RETURN(m_am_tools, status); |
|
116 } |
|
117 |
|
118 //---------------------------------------------------------------------------- |
|
119 |
|
120 EAP_FUNC_EXPORT eap_status_e ec_am_algorithms_direct_nrc_c::create_signature_with_private_key( |
|
121 const eap_variable_data_c * const hash_of_message, |
|
122 const eap_variable_data_c * const private_key) |
|
123 { |
|
124 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
125 |
|
126 EAP_TRACE_DEBUG( |
|
127 m_am_tools, |
|
128 TRACE_FLAGS_DEFAULT, |
|
129 (EAPL("WAPI_Core: this = 0x%08x, %s: ec_am_algorithms_direct_nrc_c::create_signature_with_private_key():\n"), |
|
130 this, |
|
131 (m_is_client == true ? "client": "server"))); |
|
132 |
|
133 EAP_TRACE_RETURN_STRING(m_am_tools, "returns: ec_am_algorithms_direct_nrc_c::create_signature_with_private_key()"); |
|
134 |
|
135 eap_status_e status(eap_status_not_supported); |
|
136 |
|
137 asn1_der_type_c asn1(m_am_tools); |
|
138 if (asn1.get_is_valid() == false) |
|
139 { |
|
140 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
141 return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error); |
|
142 } |
|
143 |
|
144 status = asn1.decode(private_key); |
|
145 if (status != eap_status_ok) |
|
146 { |
|
147 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
148 return EAP_STATUS_RETURN(m_am_tools, status); |
|
149 } |
|
150 |
|
151 static const asn1_type_const_c private_key_query[] = |
|
152 { |
|
153 ASN1_TYPE_OBJECT( |
|
154 asn1_der_type_c::asn1_class_universal, |
|
155 asn1_der_type_c::asn1_tag_sequence, |
|
156 0), // ECPrivateKey{CURVES:IOSet} ::= SEQUENCE |
|
157 ASN1_TYPE_OBJECT( |
|
158 asn1_der_type_c::asn1_class_universal, |
|
159 asn1_der_type_c::asn1_tag_octet_string, |
|
160 1), // privateKey OCTET STRING |
|
161 ASN1_TYPE_OBJECT_TERMINATOR |
|
162 }; |
|
163 |
|
164 const asn1_der_type_c * const der_private_key = asn1.get_sub_type(private_key_query); |
|
165 |
|
166 if (der_private_key != 0) |
|
167 { |
|
168 |
|
169 #if defined(USE_NRC_ECC_ALGORITHMS) |
|
170 |
|
171 gfp_coord private_key; |
|
172 |
|
173 OS2IP( |
|
174 private_key.a.d, |
|
175 der_private_key->get_content(), |
|
176 der_private_key->get_content_length()); |
|
177 |
|
178 EAP_TRACE_DATA_DEBUG( |
|
179 m_am_tools, |
|
180 TRACE_FLAGS_DEFAULT, |
|
181 (EAPL("ECC Private key"), |
|
182 der_private_key->get_content(), |
|
183 der_private_key->get_content_length())); |
|
184 |
|
185 gfp_point sign_point1; |
|
186 gfp_point sign_point2; |
|
187 |
|
188 gfp_curve * const e_curve = reinterpret_cast<gfp_curve *>(m_e_curve.get_data()); |
|
189 if (e_curve == 0) |
|
190 { |
|
191 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
192 return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error); |
|
193 } |
|
194 |
|
195 struct nc_rand_state * const nc_rand_state = reinterpret_cast<struct nc_rand_state *>(m_nc_rand_state.get_data(sizeof(struct nc_rand_state))); |
|
196 if (e_curve == 0) |
|
197 { |
|
198 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
199 return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error); |
|
200 } |
|
201 |
|
202 EAP_TRACE_DATA_DEBUG( |
|
203 m_am_tools, |
|
204 TRACE_FLAGS_DEFAULT, |
|
205 (EAPL("hash_of_message"), |
|
206 hash_of_message->get_data(), |
|
207 hash_of_message->get_data_length())); |
|
208 |
|
209 |
|
210 DRM_ECDSA_Sign_P256( |
|
211 nc_rand_state, |
|
212 sign_point1.x.a.d, |
|
213 sign_point2.x.a.d, |
|
214 hash_of_message->get_data(), |
|
215 hash_of_message->get_data_length(), |
|
216 private_key.a.d, |
|
217 e_curve, |
|
218 0); |
|
219 |
|
220 u32_t sign_len(0ul); |
|
221 u32_t sign_point_len((2ul * sign_point1.x.a.d[0]) + (2ul * sign_point2.x.a.d[0])); |
|
222 |
|
223 eap_variable_data_c signature(m_am_tools); |
|
224 |
|
225 if (signature.get_is_valid() == false) |
|
226 { |
|
227 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
228 return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error); |
|
229 } |
|
230 |
|
231 status = signature.set_buffer_length(sign_point_len); |
|
232 if (status != eap_status_ok) |
|
233 { |
|
234 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
235 return EAP_STATUS_RETURN(m_am_tools, status); |
|
236 } |
|
237 |
|
238 status = signature.set_data_length(sign_point_len); |
|
239 if (status != eap_status_ok) |
|
240 { |
|
241 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
242 return EAP_STATUS_RETURN(m_am_tools, status); |
|
243 } |
|
244 |
|
245 |
|
246 /* Check the length of sign_point1.x.a.d and convert it to octet string. */ |
|
247 if (sign_point1.x.a.d[0] != 0) |
|
248 { |
|
249 sign_point_len = 2ul * sign_point1.x.a.d[0]; |
|
250 |
|
251 I2OSP( |
|
252 signature.get_data_offset(sign_len, sign_point_len), |
|
253 sign_point1.x.a.d, |
|
254 sign_point_len); |
|
255 |
|
256 EAP_TRACE_DATA_DEBUG( |
|
257 m_am_tools, |
|
258 TRACE_FLAGS_DEFAULT, |
|
259 (EAPL("sign_point1"), |
|
260 signature.get_data_offset(sign_len, sign_point_len), |
|
261 sign_point_len)); |
|
262 |
|
263 sign_len += sign_point_len; |
|
264 } |
|
265 else |
|
266 { |
|
267 EAP_TRACE_DEBUG( |
|
268 m_am_tools, |
|
269 TRACE_FLAGS_DEFAULT, |
|
270 (EAPL("ERROR: WAPI_Core: this = 0x%08x, %s: ec_am_algorithms_direct_nrc_c::create_signature_with_private_key(): ECDSA sign point 1 generation failed\n"), |
|
271 this, |
|
272 (m_is_client == true ? "client": "server"))); |
|
273 |
|
274 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
275 return EAP_STATUS_RETURN(m_am_tools, eap_status_process_general_error); |
|
276 } |
|
277 |
|
278 /* Check the length of sign_point2.x.a.d and convert it to octet string. */ |
|
279 if (sign_point2.x.a.d[0] != 0) |
|
280 { |
|
281 sign_point_len = 2ul * sign_point2.x.a.d[0]; |
|
282 |
|
283 I2OSP( |
|
284 signature.get_data_offset(sign_len, sign_point_len), |
|
285 sign_point2.x.a.d, |
|
286 sign_point_len); |
|
287 |
|
288 EAP_TRACE_DATA_DEBUG( |
|
289 m_am_tools, |
|
290 TRACE_FLAGS_DEFAULT, |
|
291 (EAPL("sign_point2"), |
|
292 signature.get_data_offset(sign_len, sign_point_len), |
|
293 sign_point_len)); |
|
294 |
|
295 sign_len += sign_point_len; |
|
296 } |
|
297 else |
|
298 { |
|
299 EAP_TRACE_DEBUG( |
|
300 m_am_tools, |
|
301 TRACE_FLAGS_DEFAULT, |
|
302 (EAPL("ERROR: WAPI_Core: this = 0x%08x, %s: ec_am_algorithms_direct_nrc_c::create_signature_with_private_key(): ECDSA sign point 2 generation failed\n"), |
|
303 this, |
|
304 (m_is_client == true ? "client": "server"))); |
|
305 |
|
306 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
307 return EAP_STATUS_RETURN(m_am_tools, eap_status_process_general_error); |
|
308 } |
|
309 |
|
310 status = signature.set_data_length(sign_len); |
|
311 if (status != eap_status_ok) |
|
312 { |
|
313 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
314 return EAP_STATUS_RETURN(m_am_tools, status); |
|
315 } |
|
316 |
|
317 |
|
318 EAP_TRACE_DATA_DEBUG( |
|
319 m_am_tools, |
|
320 TRACE_FLAGS_DEFAULT, |
|
321 (EAPL("signature"), |
|
322 signature.get_data(), |
|
323 signature.get_data_length())); |
|
324 |
|
325 |
|
326 status = m_partner->complete_create_signature_with_private_key(&signature, eap_status_ok); |
|
327 if (status != eap_status_ok) |
|
328 { |
|
329 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
330 return EAP_STATUS_RETURN(m_am_tools, status); |
|
331 } |
|
332 #endif //#if defined(USE_NRC_ECC_ALGORITHMS) |
|
333 } |
|
334 else |
|
335 { |
|
336 EAP_TRACE_DEBUG( |
|
337 m_am_tools, |
|
338 TRACE_FLAGS_DEFAULT, |
|
339 (EAPL("# Private key not found.\n"))); |
|
340 |
|
341 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
342 return EAP_STATUS_RETURN(m_am_tools, eap_status_illegal_parameter); |
|
343 } |
|
344 |
|
345 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
346 return EAP_STATUS_RETURN(m_am_tools, status); |
|
347 } |
|
348 |
|
349 //---------------------------------------------------------------------------- |
|
350 |
|
351 EAP_FUNC_EXPORT eap_status_e ec_am_algorithms_direct_nrc_c::verify_signature_with_public_key( |
|
352 const eap_variable_data_c * const public_key, |
|
353 const eap_variable_data_c * const hash_of_message, |
|
354 const eap_variable_data_c * const signature) |
|
355 { |
|
356 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
357 |
|
358 EAP_TRACE_DEBUG( |
|
359 m_am_tools, |
|
360 TRACE_FLAGS_DEFAULT, |
|
361 (EAPL("WAPI_Core: this = 0x%08x, %s: ec_am_algorithms_direct_nrc_c::verify_signature_with_public_key():\n"), |
|
362 this, |
|
363 (m_is_client == true ? "client": "server"))); |
|
364 |
|
365 EAP_TRACE_RETURN_STRING(m_am_tools, "returns: ec_am_algorithms_direct_nrc_c::verify_signature_with_public_key()"); |
|
366 |
|
367 eap_status_e status(eap_status_not_supported); |
|
368 |
|
369 asn1_der_type_c asn1(m_am_tools); |
|
370 if (asn1.get_is_valid() == false) |
|
371 { |
|
372 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
373 return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error); |
|
374 } |
|
375 |
|
376 status = asn1.decode(public_key); |
|
377 if (status != eap_status_ok) |
|
378 { |
|
379 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
380 return EAP_STATUS_RETURN(m_am_tools, status); |
|
381 } |
|
382 |
|
383 static const asn1_type_const_c public_key_query[] = |
|
384 { |
|
385 ASN1_TYPE_OBJECT( |
|
386 asn1_der_type_c::asn1_class_universal, |
|
387 asn1_der_type_c::asn1_tag_sequence, |
|
388 0), // Certificate ::= SEQUENCE |
|
389 ASN1_TYPE_OBJECT( |
|
390 asn1_der_type_c::asn1_class_universal, |
|
391 asn1_der_type_c::asn1_tag_sequence, |
|
392 0), // TBSCertificate ::= SEQUENCE |
|
393 ASN1_TYPE_OBJECT( |
|
394 asn1_der_type_c::asn1_class_universal, |
|
395 asn1_der_type_c::asn1_tag_sequence, |
|
396 6), // subjectPublicKeyInfo SubjectPublicKeyInfo, SubjectPublicKeyInfo ::= SEQUENCE |
|
397 ASN1_TYPE_OBJECT( |
|
398 asn1_der_type_c::asn1_class_universal, |
|
399 asn1_der_type_c::asn1_tag_bit_string, |
|
400 1), // subjectPublicKey BIT STRING |
|
401 ASN1_TYPE_OBJECT_TERMINATOR |
|
402 }; |
|
403 |
|
404 const asn1_der_type_c * const der_public_key = asn1.get_sub_type(public_key_query); |
|
405 |
|
406 if (der_public_key != 0) |
|
407 { |
|
408 |
|
409 #if defined(USE_NRC_ECC_ALGORITHMS) |
|
410 |
|
411 gfp_point public_key; |
|
412 |
|
413 { |
|
414 const u8_t * const bit_string_public_key = der_public_key->get_content(); |
|
415 const u32_t bit_string_public_key_length(der_public_key->get_content_length()); |
|
416 |
|
417 if (bit_string_public_key != 0 |
|
418 && bit_string_public_key_length > 0ul) |
|
419 { |
|
420 // bit_string_public_key[0]: number of unused bits |
|
421 // bit_string_public_key[1]: format of bit string |
|
422 // bit_string_public_key[2]: the public key starts |
|
423 const u8_t * key = &(bit_string_public_key[2]); |
|
424 const u32_t key_length(bit_string_public_key_length - 2ul); |
|
425 |
|
426 const u32_t length = key_length / 2ul; |
|
427 |
|
428 EAP_TRACE_DATA_DEBUG( |
|
429 m_am_tools, |
|
430 TRACE_FLAGS_DEFAULT, |
|
431 (EAPL("ECC Public key"), |
|
432 key, |
|
433 key_length)); |
|
434 |
|
435 OS2IP( |
|
436 public_key.x.a.d, |
|
437 key, |
|
438 length); |
|
439 |
|
440 key += length; |
|
441 |
|
442 OS2IP( |
|
443 public_key.y.a.d, |
|
444 key, |
|
445 key_length - length); |
|
446 } |
|
447 } |
|
448 |
|
449 gfp_point sign_point1; |
|
450 gfp_point sign_point2; |
|
451 |
|
452 const u32_t length(signature->get_data_length() / 2ul); |
|
453 |
|
454 OS2IP( |
|
455 sign_point1.x.a.d, |
|
456 signature->get_data(length), |
|
457 length); |
|
458 |
|
459 const u32_t remaining_length(signature->get_data_length() - length); |
|
460 |
|
461 OS2IP( |
|
462 sign_point2.x.a.d, |
|
463 signature->get_data_offset(length, remaining_length), |
|
464 remaining_length); |
|
465 |
|
466 gfp_curve * const e_curve = reinterpret_cast<gfp_curve *>(m_e_curve.get_data()); |
|
467 if (e_curve == 0) |
|
468 { |
|
469 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
470 return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error); |
|
471 } |
|
472 |
|
473 EAP_TRACE_DATA_DEBUG( |
|
474 m_am_tools, |
|
475 TRACE_FLAGS_DEFAULT, |
|
476 (EAPL("hash_of_message"), |
|
477 hash_of_message->get_data(), |
|
478 hash_of_message->get_data_length())); |
|
479 |
|
480 u32_t verification_status = DRM_ECDSA_Verify_P256( |
|
481 hash_of_message->get_data(), |
|
482 hash_of_message->get_data_length(), |
|
483 sign_point1.x.a.d, |
|
484 sign_point2.x.a.d, |
|
485 &public_key, |
|
486 e_curve); |
|
487 |
|
488 if (verification_status) |
|
489 { |
|
490 // OK signature. |
|
491 |
|
492 EAP_TRACE_DEBUG( |
|
493 m_am_tools, |
|
494 TRACE_FLAGS_DEFAULT, |
|
495 (EAPL("WAPI_Core: this = 0x%08x, %s: ec_am_algorithms_direct_nrc_c::verify_signature_with_public_key(): Signature OK, verification_status = %d .\n"), |
|
496 this, |
|
497 (m_is_client == true ? "client": "server"), |
|
498 verification_status)); |
|
499 |
|
500 status = m_partner->complete_verify_signature_with_public_key(eap_status_ok); |
|
501 if (status != eap_status_ok) |
|
502 { |
|
503 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
504 return EAP_STATUS_RETURN(m_am_tools, status); |
|
505 } |
|
506 } |
|
507 else |
|
508 { |
|
509 EAP_TRACE_DEBUG( |
|
510 m_am_tools, |
|
511 TRACE_FLAGS_DEFAULT, |
|
512 (EAPL("ERROR: WAPI_Core: this = 0x%08x, %s: ec_am_algorithms_direct_nrc_c::verify_signature_with_public_key(): Wrong signature.\n"), |
|
513 this, |
|
514 (m_is_client == true ? "client": "server"))); |
|
515 |
|
516 status = m_partner->complete_verify_signature_with_public_key(eap_status_authentication_failure); |
|
517 if (status != eap_status_ok) |
|
518 { |
|
519 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
520 return EAP_STATUS_RETURN(m_am_tools, status); |
|
521 } |
|
522 } |
|
523 |
|
524 #else |
|
525 |
|
526 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
527 return EAP_STATUS_RETURN(m_am_tools, eap_status_not_supported); |
|
528 |
|
529 #endif //#if defined(USE_NRC_ECC_ALGORITHMS) |
|
530 |
|
531 } |
|
532 else |
|
533 { |
|
534 EAP_TRACE_DEBUG( |
|
535 m_am_tools, |
|
536 TRACE_FLAGS_DEFAULT, |
|
537 (EAPL("# Public key not found.\n"))); |
|
538 |
|
539 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
540 return EAP_STATUS_RETURN(m_am_tools, eap_status_illegal_parameter); |
|
541 } |
|
542 |
|
543 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
544 return EAP_STATUS_RETURN(m_am_tools, status); |
|
545 } |
|
546 |
|
547 //---------------------------------------------------------------------------- |
|
548 |
|
549 eap_status_e ec_am_algorithms_direct_nrc_c::initialize_curve() |
|
550 { |
|
551 |
|
552 #if defined(USE_NRC_ECC_ALGORITHMS) |
|
553 |
|
554 const byte param_a192[24]= |
|
555 { |
|
556 0xBB, 0x8E, 0x5E, 0x8F, 0xBC, 0x11, 0x5E, 0x13, |
|
557 0x9F, 0xE6, 0xA8, 0x14, 0xFE, 0x48, 0xAA, 0xA6, |
|
558 0xF0, 0xAD, 0xA1, 0xAA, 0x5D, 0xF9, 0x19, 0x85 |
|
559 }; |
|
560 |
|
561 const byte param_b192[24]= |
|
562 { |
|
563 0x18, 0x54, 0xBE, 0xBD, 0xC3, 0x1B, 0x21, 0xB7, |
|
564 0xAE, 0xFC, 0x80, 0xAB, 0x0E, 0xCD, 0x10, 0xD5, |
|
565 0xB1, 0xB3, 0x30, 0x8E, 0x6D, 0xBF, 0x11, 0xC1 |
|
566 }; |
|
567 |
|
568 const byte param_p192[24]= |
|
569 { |
|
570 0xBD, 0xB6, 0xF4, 0xFE, 0x3E, 0x8B, 0x1D, 0x9E, |
|
571 0x0D, 0xA8, 0xC0, 0xD4, 0x6F, 0x4C, 0x31, 0x8C, |
|
572 0xEF, 0xE4, 0xAF, 0xE3, 0xB6, 0xB8, 0x55, 0x1F |
|
573 }; |
|
574 |
|
575 const byte param_order192[24]= |
|
576 { |
|
577 0xBD, 0xB6, 0xF4, 0xFE, 0x3E, 0x8B, 0x1D, 0x9E, |
|
578 0x0D, 0xA8, 0xC0, 0xD4, 0x0F, 0xC9, 0x62, 0x19, |
|
579 0x5D, 0xFA, 0xE7, 0x6F, 0x56, 0x56, 0x46, 0x77 |
|
580 }; |
|
581 |
|
582 const byte param_gx192[24]= |
|
583 { |
|
584 0x4A, 0xD5, 0xF7, 0x04, 0x8D, 0xE7, 0x09, 0xAD, |
|
585 0x51, 0x23, 0x6D, 0xE6, 0x5E, 0x4D, 0x4B, 0x48, |
|
586 0x2C, 0x83, 0x6D, 0xC6, 0xE4, 0x10, 0x66, 0x40 |
|
587 }; |
|
588 |
|
589 const byte param_gy192[24]= |
|
590 { |
|
591 0x02, 0xBB, 0x3A, 0x02, 0xD4, 0xAA, 0xAD, 0xAC, |
|
592 0xAE, 0x24, 0x81, 0x7A, 0x4C, 0xA3, 0xA1, 0xB0, |
|
593 0x14, 0xB5, 0x27, 0x04, 0x32, 0xDB, 0x27, 0xD2 |
|
594 }; |
|
595 |
|
596 EAP_TRACE_DEBUG( |
|
597 m_am_tools, |
|
598 TRACE_FLAGS_DEFAULT, |
|
599 (EAPL("Initialize 192 bits elliptic curve\n"))); |
|
600 |
|
601 |
|
602 gfp_curve local_e_curve; |
|
603 |
|
604 OS2IP(local_e_curve.e.p.a.d,param_p192,24); |
|
605 OS2IP(local_e_curve.order.a.d,param_order192,24); |
|
606 |
|
607 OS2IP(local_e_curve.e.a.a.d,param_a192,24); |
|
608 OS2IP(local_e_curve.e.b.a.d,param_b192,24); |
|
609 |
|
610 OS2IP(local_e_curve.g.x.a.d,param_gx192,24); |
|
611 OS2IP(local_e_curve.g.y.a.d,param_gy192,24); |
|
612 |
|
613 eap_status_e status = m_e_curve.set_copy_of_buffer(&local_e_curve, sizeof(local_e_curve)); |
|
614 if (status != eap_status_ok) |
|
615 { |
|
616 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
617 return EAP_STATUS_RETURN(m_am_tools, status); |
|
618 } |
|
619 |
|
620 |
|
621 { |
|
622 struct nc_rand_state local_state; |
|
623 |
|
624 m_am_tools->memset(&local_state, 0, sizeof(local_state)); |
|
625 |
|
626 int i; |
|
627 byte ZIPSeed[16]; |
|
628 byte random[20]; |
|
629 |
|
630 status = m_am_tools->get_crypto()->get_rand_bytes( |
|
631 random, |
|
632 sizeof(random)); |
|
633 if (status != eap_status_ok) |
|
634 { |
|
635 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
636 return EAP_STATUS_RETURN(m_am_tools, status); |
|
637 } |
|
638 |
|
639 EAP_TRACE_DATA_DEBUG( |
|
640 m_am_tools, |
|
641 TRACE_FLAGS_DEFAULT, |
|
642 (EAPL("random"), |
|
643 random, |
|
644 sizeof(random))); |
|
645 |
|
646 for(i=0;i<16;i++) |
|
647 { |
|
648 ZIPSeed[i]=i; |
|
649 } |
|
650 |
|
651 EAP_TRACE_DATA_DEBUG( |
|
652 m_am_tools, |
|
653 TRACE_FLAGS_DEFAULT, |
|
654 (EAPL("ZIPSeed"), |
|
655 ZIPSeed, |
|
656 sizeof(ZIPSeed))); |
|
657 |
|
658 random_init(&local_state, ZIPSeed, random); |
|
659 |
|
660 EAP_TRACE_DATA_DEBUG( |
|
661 m_am_tools, |
|
662 TRACE_FLAGS_DEFAULT, |
|
663 (EAPL("local_state"), |
|
664 &local_state, |
|
665 sizeof(local_state))); |
|
666 |
|
667 status = m_nc_rand_state.set_copy_of_buffer(&local_state, sizeof(local_state)); |
|
668 if (status != eap_status_ok) |
|
669 { |
|
670 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
671 return EAP_STATUS_RETURN(m_am_tools, status); |
|
672 } |
|
673 } |
|
674 |
|
675 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
676 return EAP_STATUS_RETURN(m_am_tools, status); |
|
677 |
|
678 #else |
|
679 |
|
680 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
681 return EAP_STATUS_RETURN(m_am_tools, eap_status_ok); |
|
682 |
|
683 #endif //#if defined(USE_NRC_ECC_ALGORITHMS) |
|
684 |
|
685 } |
|
686 |
|
687 //---------------------------------------------------------------------------- |
|
688 |
|
689 EAP_FUNC_EXPORT eap_status_e ec_am_algorithms_direct_nrc_c::create_ecdh_temporary_keys() |
|
690 { |
|
691 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
692 |
|
693 EAP_TRACE_DEBUG( |
|
694 m_am_tools, |
|
695 TRACE_FLAGS_DEFAULT, |
|
696 (EAPL("WAPI_Core: this = 0x%08x, %s: ec_am_algorithms_direct_nrc_c::create_ecdh_temporary_keys():\n"), |
|
697 this, |
|
698 (m_is_client == true ? "client": "server"))); |
|
699 |
|
700 EAP_TRACE_RETURN_STRING(m_am_tools, "returns: ec_am_algorithms_direct_nrc_c::create_ecdh_temporary_keys()"); |
|
701 |
|
702 eap_status_e status(eap_status_not_supported); |
|
703 |
|
704 eap_variable_data_c private_key_d(m_am_tools); |
|
705 eap_variable_data_c public_key_x(m_am_tools); |
|
706 eap_variable_data_c public_key_y(m_am_tools); |
|
707 |
|
708 if (private_key_d.get_is_valid() == false |
|
709 || public_key_x.get_is_valid() == false |
|
710 || public_key_y.get_is_valid() == false) |
|
711 { |
|
712 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
713 return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error); |
|
714 } |
|
715 |
|
716 #if defined(USE_NRC_ECC_ALGORITHMS) |
|
717 { |
|
718 gfp_coord tmp_user_priv_key; |
|
719 gfp_point tmp_user_public_key; |
|
720 |
|
721 gfp_curve * const e_curve = reinterpret_cast<gfp_curve *>(m_e_curve.get_data(sizeof(gfp_curve))); |
|
722 if (e_curve == 0) |
|
723 { |
|
724 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
725 return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error); |
|
726 } |
|
727 |
|
728 struct nc_rand_state * const nc_rand_state = reinterpret_cast<struct nc_rand_state *>(m_nc_rand_state.get_data(sizeof(struct nc_rand_state))); |
|
729 if (nc_rand_state == 0) |
|
730 { |
|
731 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
732 return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error); |
|
733 } |
|
734 |
|
735 DRM_ECC_GenKeyPair_P256(nc_rand_state, tmp_user_priv_key.a.d, &tmp_user_public_key, e_curve); |
|
736 |
|
737 if (tmp_user_priv_key.a.d[0] != 0u) |
|
738 { |
|
739 u32_t key_len = 2 * tmp_user_priv_key.a.d[0]; |
|
740 |
|
741 status = private_key_d.set_buffer_length(key_len); |
|
742 if (status != eap_status_ok) |
|
743 { |
|
744 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
745 return EAP_STATUS_RETURN(m_am_tools, status); |
|
746 } |
|
747 |
|
748 status = private_key_d.set_data_length(key_len); |
|
749 if (status != eap_status_ok) |
|
750 { |
|
751 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
752 return EAP_STATUS_RETURN(m_am_tools, status); |
|
753 } |
|
754 |
|
755 I2OSP( |
|
756 private_key_d.get_data(key_len), |
|
757 tmp_user_priv_key.a.d, |
|
758 key_len); |
|
759 |
|
760 EAP_TRACE_DATA_DEBUG( |
|
761 m_am_tools, |
|
762 TRACE_FLAGS_DEFAULT, |
|
763 (EAPL("ECDH: private_key_d"), |
|
764 private_key_d.get_data(), |
|
765 private_key_d.get_data_length())); |
|
766 } |
|
767 else |
|
768 { |
|
769 EAP_TRACE_DEBUG( |
|
770 m_am_tools, |
|
771 TRACE_FLAGS_DEFAULT, |
|
772 (EAPL("ERROR: WAPI_Core: this = 0x%08x, %s: ec_am_algorithms_direct_nrc_c::create_ecdh_temporary_keys(): ECDH private key generation failed\n"), |
|
773 this, |
|
774 (m_is_client == true ? "client": "server"))); |
|
775 |
|
776 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
777 return EAP_STATUS_RETURN(m_am_tools, eap_status_process_general_error); |
|
778 } |
|
779 |
|
780 if (tmp_user_public_key.x.a.d[0] != 0u) |
|
781 { |
|
782 u32_t key_len = 2 * tmp_user_public_key.x.a.d[0]; |
|
783 |
|
784 status = public_key_x.set_buffer_length(key_len); |
|
785 if (status != eap_status_ok) |
|
786 { |
|
787 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
788 return EAP_STATUS_RETURN(m_am_tools, status); |
|
789 } |
|
790 |
|
791 status = public_key_x.set_data_length(key_len); |
|
792 if (status != eap_status_ok) |
|
793 { |
|
794 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
795 return EAP_STATUS_RETURN(m_am_tools, status); |
|
796 } |
|
797 |
|
798 I2OSP( |
|
799 public_key_x.get_data(key_len), |
|
800 tmp_user_public_key.x.a.d, |
|
801 key_len); |
|
802 |
|
803 EAP_TRACE_DATA_DEBUG( |
|
804 m_am_tools, |
|
805 TRACE_FLAGS_DEFAULT, |
|
806 (EAPL("ECDH: public_key_x"), |
|
807 public_key_x.get_data(), |
|
808 public_key_x.get_data_length())); |
|
809 } |
|
810 else |
|
811 { |
|
812 EAP_TRACE_DEBUG( |
|
813 m_am_tools, |
|
814 TRACE_FLAGS_DEFAULT, |
|
815 (EAPL("ERROR: WAPI_Core: this = 0x%08x, %s: ec_am_algorithms_direct_nrc_c::create_ecdh_temporary_keys(): ECDH public key x generation failed\n"), |
|
816 this, |
|
817 (m_is_client == true ? "client": "server"))); |
|
818 |
|
819 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
820 return EAP_STATUS_RETURN(m_am_tools, eap_status_process_general_error); |
|
821 } |
|
822 |
|
823 if (tmp_user_public_key.y.a.d[0] != 0u) |
|
824 { |
|
825 u32_t key_len = 2 * tmp_user_public_key.y.a.d[0]; |
|
826 |
|
827 status = public_key_y.set_buffer_length(key_len); |
|
828 if (status != eap_status_ok) |
|
829 { |
|
830 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
831 return EAP_STATUS_RETURN(m_am_tools, status); |
|
832 } |
|
833 |
|
834 status = public_key_y.set_data_length(key_len); |
|
835 if (status != eap_status_ok) |
|
836 { |
|
837 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
838 return EAP_STATUS_RETURN(m_am_tools, status); |
|
839 } |
|
840 |
|
841 I2OSP( |
|
842 public_key_y.get_data(key_len), |
|
843 tmp_user_public_key.y.a.d, |
|
844 key_len); |
|
845 |
|
846 EAP_TRACE_DATA_DEBUG( |
|
847 m_am_tools, |
|
848 TRACE_FLAGS_DEFAULT, |
|
849 (EAPL("ECDH: public_key_y"), |
|
850 public_key_y.get_data(), |
|
851 public_key_y.get_data_length())); |
|
852 } |
|
853 else |
|
854 { |
|
855 EAP_TRACE_DEBUG( |
|
856 m_am_tools, |
|
857 TRACE_FLAGS_DEFAULT, |
|
858 (EAPL("ERROR: WAPI_Core: this = 0x%08x, %s: ec_am_algorithms_direct_nrc_c::create_ecdh_temporary_keys(): ECDH public key y generation failed\n"), |
|
859 this, |
|
860 (m_is_client == true ? "client": "server"))); |
|
861 |
|
862 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
863 return EAP_STATUS_RETURN(m_am_tools, eap_status_process_general_error); |
|
864 } |
|
865 } |
|
866 |
|
867 #else |
|
868 |
|
869 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
870 return EAP_STATUS_RETURN(m_am_tools, eap_status_not_supported); |
|
871 |
|
872 #endif //#if defined(USE_NRC_ECC_ALGORITHMS) |
|
873 |
|
874 status = m_partner->complete_create_ecdh_temporary_keys( |
|
875 &private_key_d, |
|
876 &public_key_x, |
|
877 &public_key_y); |
|
878 |
|
879 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
880 return EAP_STATUS_RETURN(m_am_tools, status); |
|
881 } |
|
882 |
|
883 //---------------------------------------------------------------------------- |
|
884 |
|
885 EAP_FUNC_EXPORT eap_status_e ec_am_algorithms_direct_nrc_c::create_ecdh( |
|
886 const eap_variable_data_c * const own_private_key_d, |
|
887 const eap_variable_data_c * const peer_public_key_x, |
|
888 const eap_variable_data_c * const peer_public_key_y) |
|
889 { |
|
890 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
891 |
|
892 EAP_TRACE_DEBUG( |
|
893 m_am_tools, |
|
894 TRACE_FLAGS_DEFAULT, |
|
895 (EAPL("WAPI_Core: this = 0x%08x, %s: ec_am_algorithms_direct_nrc_c::create_ecdh():\n"), |
|
896 this, |
|
897 (m_is_client == true ? "client": "server"))); |
|
898 |
|
899 EAP_TRACE_RETURN_STRING(m_am_tools, "returns: ec_am_algorithms_direct_nrc_c::create_ecdh()"); |
|
900 |
|
901 eap_status_e status(eap_status_not_supported); |
|
902 |
|
903 eap_variable_data_c K_AB_x4(m_am_tools); |
|
904 eap_variable_data_c K_AB_y4(m_am_tools); |
|
905 |
|
906 if (K_AB_x4.get_is_valid() == false |
|
907 || K_AB_y4.get_is_valid() == false) |
|
908 { |
|
909 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
910 return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error); |
|
911 } |
|
912 |
|
913 #if defined(USE_NRC_ECC_ALGORITHMS) |
|
914 { |
|
915 gfp_point K_AB; |
|
916 gfp_point user_b_public; |
|
917 gfp_coord private_key; |
|
918 |
|
919 gfp_curve * const e_curve = reinterpret_cast<gfp_curve *>(m_e_curve.get_data()); |
|
920 if (e_curve == 0) |
|
921 { |
|
922 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
923 return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error); |
|
924 } |
|
925 |
|
926 EAP_TRACE_DATA_DEBUG( |
|
927 m_am_tools, |
|
928 TRACE_FLAGS_DEFAULT, |
|
929 (EAPL("ECDH: own_private_key_d"), |
|
930 own_private_key_d->get_data(), |
|
931 own_private_key_d->get_data_length())); |
|
932 |
|
933 EAP_TRACE_DATA_DEBUG( |
|
934 m_am_tools, |
|
935 TRACE_FLAGS_DEFAULT, |
|
936 (EAPL("ECDH: peer_public_key_x"), |
|
937 peer_public_key_x->get_data(), |
|
938 peer_public_key_x->get_data_length())); |
|
939 |
|
940 EAP_TRACE_DATA_DEBUG( |
|
941 m_am_tools, |
|
942 TRACE_FLAGS_DEFAULT, |
|
943 (EAPL("ECDH: peer_public_key_y"), |
|
944 peer_public_key_y->get_data(), |
|
945 peer_public_key_y->get_data_length())); |
|
946 |
|
947 OS2IP( |
|
948 private_key.a.d, |
|
949 own_private_key_d->get_data(), |
|
950 own_private_key_d->get_data_length()); |
|
951 |
|
952 OS2IP( |
|
953 user_b_public.x.a.d, |
|
954 peer_public_key_x->get_data(), |
|
955 peer_public_key_x->get_data_length()); |
|
956 |
|
957 OS2IP( |
|
958 user_b_public.y.a.d, |
|
959 peer_public_key_y->get_data(), |
|
960 peer_public_key_y->get_data_length()); |
|
961 |
|
962 |
|
963 gfp_ecc_dh( |
|
964 &K_AB, |
|
965 &user_b_public, |
|
966 private_key.a.d, |
|
967 e_curve); |
|
968 |
|
969 if (K_AB.x.a.d[0] != 0u) |
|
970 { |
|
971 u32_t key_len = 2 * K_AB.x.a.d[0]; |
|
972 |
|
973 status = K_AB_x4.set_buffer_length(key_len); |
|
974 if (status != eap_status_ok) |
|
975 { |
|
976 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
977 return EAP_STATUS_RETURN(m_am_tools, status); |
|
978 } |
|
979 |
|
980 status = K_AB_x4.set_data_length(key_len); |
|
981 if (status != eap_status_ok) |
|
982 { |
|
983 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
984 return EAP_STATUS_RETURN(m_am_tools, status); |
|
985 } |
|
986 |
|
987 I2OSP( |
|
988 K_AB_x4.get_data(key_len), |
|
989 K_AB.x.a.d, |
|
990 key_len); |
|
991 |
|
992 EAP_TRACE_DATA_DEBUG( |
|
993 m_am_tools, |
|
994 TRACE_FLAGS_DEFAULT, |
|
995 (EAPL("ECDH: K_AB_x4"), |
|
996 K_AB_x4.get_data(), |
|
997 K_AB_x4.get_data_length())); |
|
998 } |
|
999 else |
|
1000 { |
|
1001 EAP_TRACE_DEBUG( |
|
1002 m_am_tools, |
|
1003 TRACE_FLAGS_DEFAULT, |
|
1004 (EAPL("ERROR: WAPI_Core: this = 0x%08x, %s: ec_am_algorithms_direct_nrc_c::create_ecdh(): ECDH shared key x generation failed\n"), |
|
1005 this, |
|
1006 (m_is_client == true ? "client": "server"))); |
|
1007 |
|
1008 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
1009 return EAP_STATUS_RETURN(m_am_tools, eap_status_process_general_error); |
|
1010 } |
|
1011 |
|
1012 if (K_AB.y.a.d[0] != 0u) |
|
1013 { |
|
1014 u32_t key_len = 2 * K_AB.y.a.d[0]; |
|
1015 |
|
1016 status = K_AB_y4.set_buffer_length(key_len); |
|
1017 if (status != eap_status_ok) |
|
1018 { |
|
1019 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
1020 return EAP_STATUS_RETURN(m_am_tools, status); |
|
1021 } |
|
1022 |
|
1023 status = K_AB_y4.set_data_length(key_len); |
|
1024 if (status != eap_status_ok) |
|
1025 { |
|
1026 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
1027 return EAP_STATUS_RETURN(m_am_tools, status); |
|
1028 } |
|
1029 |
|
1030 I2OSP( |
|
1031 K_AB_y4.get_data(key_len), |
|
1032 K_AB.y.a.d, |
|
1033 key_len); |
|
1034 |
|
1035 EAP_TRACE_DATA_DEBUG( |
|
1036 m_am_tools, |
|
1037 TRACE_FLAGS_DEFAULT, |
|
1038 (EAPL("ECDH: K_AB_y4"), |
|
1039 K_AB_y4.get_data(), |
|
1040 K_AB_y4.get_data_length())); |
|
1041 } |
|
1042 else |
|
1043 { |
|
1044 EAP_TRACE_DEBUG( |
|
1045 m_am_tools, |
|
1046 TRACE_FLAGS_DEFAULT, |
|
1047 (EAPL("ERROR: WAPI_Core: this = 0x%08x, %s: ec_am_algorithms_direct_nrc_c::create_ecdh(): ECDH shared key y generation failed\n"), |
|
1048 this, |
|
1049 (m_is_client == true ? "client": "server"))); |
|
1050 |
|
1051 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
1052 return EAP_STATUS_RETURN(m_am_tools, eap_status_process_general_error); |
|
1053 } |
|
1054 } |
|
1055 #endif //#if defined(USE_NRC_ECC_ALGORITHMS) |
|
1056 |
|
1057 status = m_partner->complete_create_ecdh( |
|
1058 &K_AB_x4, |
|
1059 &K_AB_y4); |
|
1060 if (status != eap_status_ok) |
|
1061 { |
|
1062 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
1063 return EAP_STATUS_RETURN(m_am_tools, status); |
|
1064 } |
|
1065 |
|
1066 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
1067 return EAP_STATUS_RETURN(m_am_tools, status); |
|
1068 } |
|
1069 |
|
1070 //---------------------------------------------------------------------------- |
|
1071 |
|
1072 EAP_FUNC_EXPORT ec_am_base_algorithms_c * ec_am_base_algorithms_c::new_ec_base_algorithms_c( |
|
1073 abs_eap_am_tools_c * const tools, |
|
1074 abs_ec_am_algorithms_c * const partner, |
|
1075 const bool is_client_when_true) |
|
1076 { |
|
1077 ec_am_base_algorithms_c * store = new ec_am_algorithms_direct_nrc_c( |
|
1078 tools, |
|
1079 partner, |
|
1080 is_client_when_true); |
|
1081 |
|
1082 if (store == 0) |
|
1083 { |
|
1084 return 0; |
|
1085 } |
|
1086 |
|
1087 eap_status_e status(store->configure()); |
|
1088 |
|
1089 if (status != eap_status_ok) |
|
1090 { |
|
1091 delete store; |
|
1092 return 0; |
|
1093 } |
|
1094 |
|
1095 return store; |
|
1096 } |
|
1097 |
|
1098 //---------------------------------------------------------------------------- |
|
1099 |
|
1100 #endif //#if defined(USE_WAPI_CORE) |
|
1101 |
|
1102 // End. |