|
1 /* |
|
2 * ============================================================================ |
|
3 * Name : ./accesssec/eapol/eapol_framework/wapi_common/src/ec_cs_compare_certificate_id.cpp |
|
4 * Part of : WAPI / WAPI *** Info from the SWAD |
|
5 * Description : WAPI authentication |
|
6 * Version : %version: 7 % << Don't touch! Updated by Synergy at check-out. |
|
7 * |
|
8 * Copyright © 2001-2009 Nokia. All rights reserved. |
|
9 * This material, including documentation and any related computer |
|
10 * programs, is protected by copyright controlled by Nokia. All |
|
11 * rights are reserved. Copying, including reproducing, storing, |
|
12 * adapting or translating, any or all of this material requires the |
|
13 * prior written consent of Nokia. This material also contains |
|
14 * confidential information which may not be disclosed to others |
|
15 * without the prior written consent of Nokia. |
|
16 * ============================================================================ |
|
17 * Template version: 4.1.1 |
|
18 */ |
|
19 |
|
20 |
|
21 |
|
22 // This is enumeration of WAPI source code. |
|
23 #if defined(USE_EAP_MINIMUM_RELEASE_TRACES) |
|
24 #undef EAP_FILE_NUMBER_ENUM |
|
25 #define EAP_FILE_NUMBER_ENUM 700 |
|
26 #undef EAP_FILE_NUMBER_DATE |
|
27 #define EAP_FILE_NUMBER_DATE 1127594498 |
|
28 #endif //#if defined(USE_EAP_MINIMUM_RELEASE_TRACES) |
|
29 |
|
30 |
|
31 #if defined(USE_WAPI_CORE) |
|
32 |
|
33 #include "eap_automatic_variable.h" |
|
34 #include "ec_cs_types.h" |
|
35 #include "ec_cs_data.h" |
|
36 #include "ec_cs_compare_certificate_id.h" |
|
37 #include "wapi_certificate_asn1_der_parser.h" |
|
38 #include "wapi_asn1_der_parser.h" |
|
39 #include "ec_cs_tlv_header.h" |
|
40 #include "ec_cs_tlv_payloads.h" |
|
41 #include "ec_cs_tlv.h" |
|
42 |
|
43 //---------------------------------------------------------------------------- |
|
44 |
|
45 EAP_FUNC_EXPORT ec_cs_compare_certificate_id_c::~ec_cs_compare_certificate_id_c() |
|
46 { |
|
47 } |
|
48 |
|
49 //---------------------------------------------------------------------------- |
|
50 |
|
51 EAP_FUNC_EXPORT ec_cs_compare_certificate_id_c::ec_cs_compare_certificate_id_c( |
|
52 abs_eap_am_tools_c * const tools, |
|
53 const eap_variable_data_c * const PAC_store_master_key, |
|
54 const eap_variable_data_c * const PAC_store_device_seed) |
|
55 : m_am_tools(tools) |
|
56 , m_PAC_store_master_key(PAC_store_master_key) |
|
57 , m_PAC_store_device_seed(PAC_store_device_seed) |
|
58 { |
|
59 } |
|
60 |
|
61 //---------------------------------------------------------------------------- |
|
62 |
|
63 EAP_FUNC_EXPORT i32_t ec_cs_compare_certificate_id_c::compare( |
|
64 const ec_cs_data_c * const certificate_from_array, |
|
65 const ec_cs_data_c * const certificate_identity) const |
|
66 { |
|
67 // certificate_from_array includes data of Certificate Data which include full certificate in ASN.1/DER encoded and certificate reference. |
|
68 // certificate_identity includes identity of certificate. Data is concatenation of subject name, issuer name and serial number, each ASN.1/DER encoded. |
|
69 |
|
70 EAP_TRACE_DATA_DEBUG( |
|
71 m_am_tools, |
|
72 TRACE_FLAGS_DEFAULT, |
|
73 (EAPL("ec_cs_compare_certificate_id_c::compare(): certificate_from_array"), |
|
74 certificate_from_array->get_data()->get_data(), |
|
75 certificate_from_array->get_data()->get_data_length())); |
|
76 |
|
77 EAP_TRACE_DATA_DEBUG( |
|
78 m_am_tools, |
|
79 TRACE_FLAGS_DEFAULT, |
|
80 (EAPL("ec_cs_compare_certificate_id_c::compare(): certificate_identity"), |
|
81 certificate_identity->get_data()->get_data(), |
|
82 certificate_identity->get_data()->get_data_length())); |
|
83 |
|
84 // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
|
85 |
|
86 eap_variable_data_c certificate_id(m_am_tools); |
|
87 if (certificate_id.get_is_valid() == false) |
|
88 { |
|
89 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
90 return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error); |
|
91 } |
|
92 |
|
93 { |
|
94 ec_cs_tlv_c handler(m_am_tools, true); |
|
95 if (handler.get_is_valid() == false) |
|
96 { |
|
97 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
98 return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error); |
|
99 } |
|
100 |
|
101 eap_variable_data_c certificate_reference(m_am_tools); |
|
102 if (certificate_reference.get_is_valid() == false) |
|
103 { |
|
104 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
105 return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error); |
|
106 } |
|
107 |
|
108 eap_status_e status = handler.parse_encrypted_certificate( |
|
109 certificate_from_array->get_type(), |
|
110 m_PAC_store_master_key, |
|
111 certificate_from_array->get_reference(), |
|
112 m_PAC_store_device_seed, |
|
113 certificate_from_array->get_data(), |
|
114 &certificate_reference); |
|
115 if (status != eap_status_ok) |
|
116 { |
|
117 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
118 return EAP_STATUS_RETURN(m_am_tools, status); |
|
119 } |
|
120 |
|
121 const ec_cs_variable_data_c * const certificate_data_tlv = handler.get_payloads()->get_tlv_pointer(ec_cs_tlv_type_CS_certificate_data); |
|
122 if (certificate_data_tlv == 0) |
|
123 { |
|
124 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
125 return EAP_STATUS_RETURN(m_am_tools, eap_status_illegal_parameter); |
|
126 } |
|
127 |
|
128 { |
|
129 wapi_certificate_asn1_der_parser_c parser(m_am_tools); |
|
130 if (parser.get_is_valid() == false) |
|
131 { |
|
132 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
133 return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error); |
|
134 } |
|
135 |
|
136 eap_variable_data_c id_data( |
|
137 m_am_tools, |
|
138 certificate_data_tlv->get_data(certificate_data_tlv->get_data_length()), |
|
139 certificate_data_tlv->get_data_length(), |
|
140 false, |
|
141 false); |
|
142 if (id_data.get_is_valid() == false) |
|
143 { |
|
144 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
145 return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error); |
|
146 } |
|
147 |
|
148 eap_status_e status = parser.decode(&id_data); |
|
149 if (status != eap_status_ok) |
|
150 { |
|
151 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
152 return EAP_STATUS_RETURN(m_am_tools, status); |
|
153 } |
|
154 |
|
155 status = parser.read_certificate_id( |
|
156 &certificate_id); |
|
157 if (status != eap_status_ok) |
|
158 { |
|
159 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
160 return EAP_STATUS_RETURN(m_am_tools, status); |
|
161 } |
|
162 } |
|
163 } |
|
164 |
|
165 // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
|
166 |
|
167 return certificate_id.compare(certificate_identity->get_data()); |
|
168 } |
|
169 |
|
170 //---------------------------------------------------------------------------------- |
|
171 |
|
172 #endif //#if defined(USE_WAPI_CORE) |
|
173 |
|
174 // End. |