43 |
43 |
44 /** This is the block size in bytes. */ |
44 /** This is the block size in bytes. */ |
45 static const u32_t BLOCK_SIZE = 160/8; |
45 static const u32_t BLOCK_SIZE = 160/8; |
46 |
46 |
47 static const u32_t DEBUG_BUFFER_SIZE = 80; |
47 static const u32_t DEBUG_BUFFER_SIZE = 80; |
|
48 |
48 |
49 |
49 /** |
50 /** |
50 * dss_random_G() implements the G() function using modified SHA-1. |
51 * dss_random_G() implements the G() function using modified SHA-1. |
51 * @code |
52 * @code |
52 * Copied from "Multiple Examples of DSA" http://csrc.nist.gov/encryption/dss/Examples-1024bit.pdf. |
53 * Copied from "Multiple Examples of DSA" http://csrc.nist.gov/encryption/dss/Examples-1024bit.pdf. |
71 * w[0] || w[1]= 2070b322 3dba372f de1c0ffc 7b2e3b49 8b260614 |
72 * w[0] || w[1]= 2070b322 3dba372f de1c0ffc 7b2e3b49 8b260614 |
72 * 3c6c18ba cb0f6c55 babb1378 8e20d737 a3275116 |
73 * 3c6c18ba cb0f6c55 babb1378 8e20d737 a3275116 |
73 * X= 47c27eb6 16dba413 91e5165b e9c5e397 7e39a15d |
74 * X= 47c27eb6 16dba413 91e5165b e9c5e397 7e39a15d |
74 * @endcode |
75 * @endcode |
75 */ |
76 */ |
76 void dss_random_G(abs_eap_am_tools_c * const m_am_tools, u8_t *out, u32_t out_length, u8_t *c, u32_t c_length) |
77 eap_status_e dss_random_G(abs_eap_am_tools_c * const m_am_tools, u8_t *out, u32_t out_length, u8_t *c, u32_t c_length) |
77 { |
78 { |
78 u32_t *out_array = reinterpret_cast<u32_t *>(out); |
79 u32_t *out_array = reinterpret_cast<u32_t *>(out); |
79 |
80 |
80 EAP_ASSERT(out_length == BLOCK_SIZE); |
81 EAP_ASSERT(out_length == BLOCK_SIZE); |
81 EAP_ASSERT(c_length == BLOCK_SIZE); |
82 EAP_ASSERT(c_length == BLOCK_SIZE); |
90 out_array, |
91 out_array, |
91 &output_length |
92 &output_length |
92 ); |
93 ); |
93 if (status != eap_status_ok) |
94 if (status != eap_status_ok) |
94 { |
95 { |
95 EAP_TRACE_DEBUG(m_am_tools, TRACE_FLAGS_EAP_AM_CRYPTO, (EAPL("eap_sha1_dss_G_function(): status = %d"), |
96 EAP_TRACE_DEBUG(m_am_tools, TRACE_FLAGS_EAP_AM_CRYPTO, (EAPL("ERROR: eap_sha1_dss_G_function(): status = %d"), |
96 status)); |
97 status)); |
97 } |
98 } |
|
99 |
|
100 return status; |
98 } |
101 } |
99 } |
102 } |
|
103 |
|
104 #define CLEAN_OPENSSL_BN(ctx) \ |
|
105 { \ |
|
106 BN_free(&bn_mod); \ |
|
107 BN_free(&bn_tmp); \ |
|
108 BN_free(&bn_xkey); \ |
|
109 BN_free(&bn_xj); \ |
|
110 BN_free(&bn_one); \ |
|
111 BN_free(&bn_160); \ |
|
112 BN_CTX_free(ctx); \ |
|
113 } |
100 |
114 |
101 /** |
115 /** |
102 * dss_pseudo_random() implements pseudo random function for key genearation of EAP/SIM. |
116 * dss_pseudo_random() implements pseudo random function for key genearation of EAP/SIM. |
103 * @code |
117 * @code |
104 * Random generator becomes as follows: |
118 * Random generator becomes as follows: |
161 for (u32_t ind = 0; ind < block_count; ind++) |
175 for (u32_t ind = 0; ind < block_count; ind++) |
162 { |
176 { |
163 u8_t debug_buffer[DEBUG_BUFFER_SIZE]; |
177 u8_t debug_buffer[DEBUG_BUFFER_SIZE]; |
164 EAP_UNREFERENCED_PARAMETER(debug_buffer); |
178 EAP_UNREFERENCED_PARAMETER(debug_buffer); |
165 |
179 |
166 dss_random_G(m_am_tools, &(out[ind*BLOCK_SIZE]), BLOCK_SIZE, tmp_xkey, BLOCK_SIZE); |
180 eap_status_e status = dss_random_G(m_am_tools, &(out[ind*BLOCK_SIZE]), BLOCK_SIZE, tmp_xkey, BLOCK_SIZE); |
|
181 if (status != eap_status_ok) |
|
182 { |
|
183 EAP_TRACE_DEBUG(m_am_tools, TRACE_FLAGS_EAP_AM_CRYPTO, (EAPL("ERROR: dss_random_G(): status = %d"), |
|
184 status)); |
|
185 |
|
186 CLEAN_OPENSSL_BN(ctx); |
|
187 |
|
188 return status; |
|
189 } |
167 |
190 |
168 EAP_TRACE_FORMAT(m_am_tools, (debug_buffer, DEBUG_BUFFER_SIZE, EAPL("w[%d] "), ind)); |
191 EAP_TRACE_FORMAT(m_am_tools, (debug_buffer, DEBUG_BUFFER_SIZE, EAPL("w[%d] "), ind)); |
169 EAP_TRACE_DEBUG(m_am_tools, TRACE_FLAGS_EAP_AM_CRYPTO, (EAPL("dss_pseudo_random(): %s = G(xkey[%d])\n"), |
192 EAP_TRACE_DEBUG(m_am_tools, TRACE_FLAGS_EAP_AM_CRYPTO, (EAPL("dss_pseudo_random(): %s = G(xkey[%d])\n"), |
170 debug_buffer, |
193 debug_buffer, |
171 ind)); |
194 ind)); |
202 EAP_TRACE_FORMAT(m_am_tools, (debug_buffer, DEBUG_BUFFER_SIZE, EAPL("xkey[%d]"), ind+1u)); |
225 EAP_TRACE_FORMAT(m_am_tools, (debug_buffer, DEBUG_BUFFER_SIZE, EAPL("xkey[%d]"), ind+1u)); |
203 EAP_TRACE_DATA_DEBUG(m_am_tools, TRACE_FLAGS_EAP_AM_CRYPTO, (reinterpret_cast<eap_format_string>(debug_buffer), |
226 EAP_TRACE_DATA_DEBUG(m_am_tools, TRACE_FLAGS_EAP_AM_CRYPTO, (reinterpret_cast<eap_format_string>(debug_buffer), |
204 tmp_xkey, sizeof(tmp_xkey))); |
227 tmp_xkey, sizeof(tmp_xkey))); |
205 } |
228 } |
206 |
229 |
207 BN_free(&bn_mod); |
230 CLEAN_OPENSSL_BN(ctx); |
208 BN_free(&bn_tmp); |
|
209 BN_free(&bn_xkey); |
|
210 BN_free(&bn_xj); |
|
211 BN_free(&bn_one); |
|
212 BN_free(&bn_160); |
|
213 |
|
214 BN_CTX_free(ctx); |
|
215 |
231 |
216 return eap_status_ok; |
232 return eap_status_ok; |
217 } |
233 } |
218 |
234 |
219 // End. |
235 // End. |