1 /*

     2 * ============================================================================

     3 *  Name        : ./accesssec/eapol/eapol_framework/wapi_common/src/ec_cs_compare_certificate_id.cpp

     4 *  Part of     : WAPI / WAPI       *** Info from the SWAD

     5 *  Description : WAPI authentication

     6 *  Version     : %version: 7 % << Don't touch! Updated by Synergy at check-out.

     7 *

     8 *  Copyright © 2001-2009 Nokia.  All rights reserved.

     9 *  This material, including documentation and any related computer

    10 *  programs, is protected by copyright controlled by Nokia.  All

    11 *  rights are reserved.  Copying, including reproducing, storing,

    12 *  adapting or translating, any or all of this material requires the

    13 *  prior written consent of Nokia.  This material also contains

    14 *  confidential information which may not be disclosed to others

    15 *  without the prior written consent of Nokia.

    16 * ============================================================================

    17 * Template version: 4.1.1

    18 */

    19 

    20 

    21 

    22 // This is enumeration of WAPI source code.

    23 #if defined(USE_EAP_MINIMUM_RELEASE_TRACES)

    24 	#undef EAP_FILE_NUMBER_ENUM

    25 	#define EAP_FILE_NUMBER_ENUM 700 

    26 	#undef EAP_FILE_NUMBER_DATE 

    27 	#define EAP_FILE_NUMBER_DATE 1127594498 

    28 #endif //#if defined(USE_EAP_MINIMUM_RELEASE_TRACES)

    29 

    30 

    31 #if defined(USE_WAPI_CORE)

    32 

    33 #include "eap_automatic_variable.h"

    34 #include "ec_cs_types.h"

    35 #include "ec_cs_data.h"

    36 #include "ec_cs_compare_certificate_id.h"

    37 #include "wapi_certificate_asn1_der_parser.h"

    38 #include "wapi_asn1_der_parser.h"

    39 #include "ec_cs_tlv_header.h"

    40 #include "ec_cs_tlv_payloads.h"

    41 #include "ec_cs_tlv.h"

    42 

    43 //----------------------------------------------------------------------------

    44 

    45 EAP_FUNC_EXPORT ec_cs_compare_certificate_id_c::~ec_cs_compare_certificate_id_c()

    46 {

    47 }

    48 

    49 //----------------------------------------------------------------------------

    50 

    51 EAP_FUNC_EXPORT ec_cs_compare_certificate_id_c::ec_cs_compare_certificate_id_c(

    52 	abs_eap_am_tools_c * const tools,

    53 	const eap_variable_data_c * const PAC_store_master_key,

    54 	const eap_variable_data_c * const PAC_store_device_seed)

    55 	: m_am_tools(tools)

    56 	, m_PAC_store_master_key(PAC_store_master_key)

    57 	, m_PAC_store_device_seed(PAC_store_device_seed)

    58 {

    59 }

    60 

    61 //----------------------------------------------------------------------------

    62 

    63 EAP_FUNC_EXPORT i32_t ec_cs_compare_certificate_id_c::compare(

    64 	const ec_cs_data_c * const certificate_from_array,

    65 	const ec_cs_data_c * const certificate_identity) const

    66 {

    67 	// certificate_from_array includes data of Certificate Data which include full certificate in ASN.1/DER encoded and certificate reference.

    68 	// certificate_identity includes identity of certificate. Data is concatenation of subject name, issuer name and serial number, each ASN.1/DER encoded.

    69 

    70 	EAP_TRACE_DATA_DEBUG(

    71 		m_am_tools, 

    72 		TRACE_FLAGS_DEFAULT, 

    73 		(EAPL("ec_cs_compare_certificate_id_c::compare(): certificate_from_array"),

    74 		 certificate_from_array->get_data()->get_data(),

    75 		 certificate_from_array->get_data()->get_data_length()));

    76 

    77 	EAP_TRACE_DATA_DEBUG(

    78 		m_am_tools, 

    79 		TRACE_FLAGS_DEFAULT, 

    80 		(EAPL("ec_cs_compare_certificate_id_c::compare(): certificate_identity"),

    81 		 certificate_identity->get_data()->get_data(),

    82 		 certificate_identity->get_data()->get_data_length()));

    83 

    84 	// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

    85 

    86 	eap_variable_data_c certificate_id(m_am_tools);

    87 	if (certificate_id.get_is_valid() == false)

    88 	{

    89 		EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);

    90 		return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error);

    91 	}

    92 

    93 	{

    94 		ec_cs_tlv_c handler(m_am_tools, true);

    95 		if (handler.get_is_valid() == false)

    96 		{

    97 			EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);

    98 			return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error);

    99 		}

   100 

   101 		eap_variable_data_c certificate_reference(m_am_tools);

   102 		if (certificate_reference.get_is_valid() == false)

   103 		{

   104 			EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);

   105 			return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error);

   106 		}

   107 

   108 		eap_status_e status = handler.parse_encrypted_certificate(

   109 			certificate_from_array->get_type(),

   110 			m_PAC_store_master_key,

   111 			certificate_from_array->get_reference(),

   112 			m_PAC_store_device_seed,

   113 			certificate_from_array->get_data(),

   114 			&certificate_reference);

   115 		if (status != eap_status_ok)

   116 		{

   117 			EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);

   118 			return EAP_STATUS_RETURN(m_am_tools, status);

   119 		}

   120 

   121 		const ec_cs_variable_data_c * const certificate_data_tlv = handler.get_payloads()->get_tlv_pointer(ec_cs_tlv_type_CS_certificate_data);

   122 		if (certificate_data_tlv == 0)

   123 		{

   124 			EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);

   125 			return EAP_STATUS_RETURN(m_am_tools, eap_status_illegal_parameter);

   126 		}

   127 

   128 		{

   129 			wapi_certificate_asn1_der_parser_c parser(m_am_tools);

   130 			if (parser.get_is_valid() == false)

   131 			{

   132 				EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);

   133 				return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error);

   134 			}

   135 

   136 			eap_variable_data_c id_data(

   137 				m_am_tools,

   138 				certificate_data_tlv->get_data(certificate_data_tlv->get_data_length()),

   139 				certificate_data_tlv->get_data_length(),

   140 				false,

   141 				false);

   142 			if (id_data.get_is_valid() == false)

   143 			{

   144 				EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);

   145 				return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error);

   146 			}

   147 

   148 			eap_status_e status = parser.decode(&id_data);

   149 			if (status != eap_status_ok)

   150 			{

   151 				EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);

   152 				return EAP_STATUS_RETURN(m_am_tools, status);

   153 			}

   154 

   155 			status = parser.read_certificate_id(

   156 				&certificate_id);

   157 			if (status != eap_status_ok)

   158 			{

   159 				EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);

   160 				return EAP_STATUS_RETURN(m_am_tools, status);

   161 			}

   162 		}

   163 	}

   164 

   165 	// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

   166 

   167 	return certificate_id.compare(certificate_identity->get_data());

   168 }

   169 

   170 //----------------------------------------------------------------------------------

   171 

   172 #endif //#if defined(USE_WAPI_CORE)

   173 

   174 // End.