43 |
43 |
44 /** This is the block size in bytes. */ |
44 /** This is the block size in bytes. */ |
45 static const u32_t BLOCK_SIZE = 160/8; |
45 static const u32_t BLOCK_SIZE = 160/8; |
46 |
46 |
47 static const u32_t DEBUG_BUFFER_SIZE = 80; |
47 static const u32_t DEBUG_BUFFER_SIZE = 80; |
48 |
|
49 |
48 |
50 /** |
49 /** |
51 * dss_random_G() implements the G() function using modified SHA-1. |
50 * dss_random_G() implements the G() function using modified SHA-1. |
52 * @code |
51 * @code |
53 * Copied from "Multiple Examples of DSA" http://csrc.nist.gov/encryption/dss/Examples-1024bit.pdf. |
52 * Copied from "Multiple Examples of DSA" http://csrc.nist.gov/encryption/dss/Examples-1024bit.pdf. |
72 * w[0] || w[1]= 2070b322 3dba372f de1c0ffc 7b2e3b49 8b260614 |
71 * w[0] || w[1]= 2070b322 3dba372f de1c0ffc 7b2e3b49 8b260614 |
73 * 3c6c18ba cb0f6c55 babb1378 8e20d737 a3275116 |
72 * 3c6c18ba cb0f6c55 babb1378 8e20d737 a3275116 |
74 * X= 47c27eb6 16dba413 91e5165b e9c5e397 7e39a15d |
73 * X= 47c27eb6 16dba413 91e5165b e9c5e397 7e39a15d |
75 * @endcode |
74 * @endcode |
76 */ |
75 */ |
77 eap_status_e dss_random_G(abs_eap_am_tools_c * const m_am_tools, u8_t *out, u32_t out_length, u8_t *c, u32_t c_length) |
76 void dss_random_G(abs_eap_am_tools_c * const m_am_tools, u8_t *out, u32_t out_length, u8_t *c, u32_t c_length) |
78 { |
77 { |
79 u32_t *out_array = reinterpret_cast<u32_t *>(out); |
78 u32_t *out_array = reinterpret_cast<u32_t *>(out); |
80 |
79 |
81 EAP_ASSERT(out_length == BLOCK_SIZE); |
80 EAP_ASSERT(out_length == BLOCK_SIZE); |
82 EAP_ASSERT(c_length == BLOCK_SIZE); |
81 EAP_ASSERT(c_length == BLOCK_SIZE); |
91 out_array, |
90 out_array, |
92 &output_length |
91 &output_length |
93 ); |
92 ); |
94 if (status != eap_status_ok) |
93 if (status != eap_status_ok) |
95 { |
94 { |
96 EAP_TRACE_DEBUG(m_am_tools, TRACE_FLAGS_EAP_AM_CRYPTO, (EAPL("ERROR: eap_sha1_dss_G_function(): status = %d"), |
95 EAP_TRACE_DEBUG(m_am_tools, TRACE_FLAGS_EAP_AM_CRYPTO, (EAPL("eap_sha1_dss_G_function(): status = %d"), |
97 status)); |
96 status)); |
98 } |
97 } |
99 |
|
100 return status; |
|
101 } |
98 } |
102 } |
99 } |
103 |
|
104 #define CLEAN_OPENSSL_BN(ctx) \ |
|
105 { \ |
|
106 BN_free(&bn_mod); \ |
|
107 BN_free(&bn_tmp); \ |
|
108 BN_free(&bn_xkey); \ |
|
109 BN_free(&bn_xj); \ |
|
110 BN_free(&bn_one); \ |
|
111 BN_free(&bn_160); \ |
|
112 BN_CTX_free(ctx); \ |
|
113 } |
|
114 |
100 |
115 /** |
101 /** |
116 * dss_pseudo_random() implements pseudo random function for key genearation of EAP/SIM. |
102 * dss_pseudo_random() implements pseudo random function for key genearation of EAP/SIM. |
117 * @code |
103 * @code |
118 * Random generator becomes as follows: |
104 * Random generator becomes as follows: |
175 for (u32_t ind = 0; ind < block_count; ind++) |
161 for (u32_t ind = 0; ind < block_count; ind++) |
176 { |
162 { |
177 u8_t debug_buffer[DEBUG_BUFFER_SIZE]; |
163 u8_t debug_buffer[DEBUG_BUFFER_SIZE]; |
178 EAP_UNREFERENCED_PARAMETER(debug_buffer); |
164 EAP_UNREFERENCED_PARAMETER(debug_buffer); |
179 |
165 |
180 eap_status_e status = dss_random_G(m_am_tools, &(out[ind*BLOCK_SIZE]), BLOCK_SIZE, tmp_xkey, BLOCK_SIZE); |
166 dss_random_G(m_am_tools, &(out[ind*BLOCK_SIZE]), BLOCK_SIZE, tmp_xkey, BLOCK_SIZE); |
181 if (status != eap_status_ok) |
|
182 { |
|
183 EAP_TRACE_DEBUG(m_am_tools, TRACE_FLAGS_EAP_AM_CRYPTO, (EAPL("ERROR: dss_random_G(): status = %d"), |
|
184 status)); |
|
185 |
|
186 CLEAN_OPENSSL_BN(ctx); |
|
187 |
|
188 return status; |
|
189 } |
|
190 |
167 |
191 EAP_TRACE_FORMAT(m_am_tools, (debug_buffer, DEBUG_BUFFER_SIZE, EAPL("w[%d] "), ind)); |
168 EAP_TRACE_FORMAT(m_am_tools, (debug_buffer, DEBUG_BUFFER_SIZE, EAPL("w[%d] "), ind)); |
192 EAP_TRACE_DEBUG(m_am_tools, TRACE_FLAGS_EAP_AM_CRYPTO, (EAPL("dss_pseudo_random(): %s = G(xkey[%d])\n"), |
169 EAP_TRACE_DEBUG(m_am_tools, TRACE_FLAGS_EAP_AM_CRYPTO, (EAPL("dss_pseudo_random(): %s = G(xkey[%d])\n"), |
193 debug_buffer, |
170 debug_buffer, |
194 ind)); |
171 ind)); |
225 EAP_TRACE_FORMAT(m_am_tools, (debug_buffer, DEBUG_BUFFER_SIZE, EAPL("xkey[%d]"), ind+1u)); |
202 EAP_TRACE_FORMAT(m_am_tools, (debug_buffer, DEBUG_BUFFER_SIZE, EAPL("xkey[%d]"), ind+1u)); |
226 EAP_TRACE_DATA_DEBUG(m_am_tools, TRACE_FLAGS_EAP_AM_CRYPTO, (reinterpret_cast<eap_format_string>(debug_buffer), |
203 EAP_TRACE_DATA_DEBUG(m_am_tools, TRACE_FLAGS_EAP_AM_CRYPTO, (reinterpret_cast<eap_format_string>(debug_buffer), |
227 tmp_xkey, sizeof(tmp_xkey))); |
204 tmp_xkey, sizeof(tmp_xkey))); |
228 } |
205 } |
229 |
206 |
230 CLEAN_OPENSSL_BN(ctx); |
207 BN_free(&bn_mod); |
|
208 BN_free(&bn_tmp); |
|
209 BN_free(&bn_xkey); |
|
210 BN_free(&bn_xj); |
|
211 BN_free(&bn_one); |
|
212 BN_free(&bn_160); |
|
213 |
|
214 BN_CTX_free(ctx); |
231 |
215 |
232 return eap_status_ok; |
216 return eap_status_ok; |
233 } |
217 } |
234 |
218 |
235 // End. |
219 // End. |