int TMsg::setAuthInfoKey() { #ifndef MOD_DISABLE_AUTH // key = HMAC-SHA1 (AAA-key, {Key Generation Nonce || client identifier}) char *KeyGenNonce_ClientID; char * AAAkey; uint32_t AAAkeyLen; if (!KeyGenNonce) KeyGenNonceLen = 16; /// @todo set proper size of Client ID (DUID?) (here and in hmac_sha()) KeyGenNonce_ClientID = new char[KeyGenNonceLen+128]; AAAkey = getAAAKey(AAASPI, &AAAkeyLen); std::string fname = getAAAKeyFilename(AAASPI); // error, no file? if (!AAAkey) { Log(Error) << "Auth: Unable to load key file for SPI " << std::hex << AAASPI <<": " << fname << " not found." << std::dec << LogEnd; AuthInfoKey = NULL; delete [] KeyGenNonce_ClientID; return -1; } Log(Debug) << "Auth: AAA-key loaded from file " << fname << "." << LogEnd; PrintHex("Auth: AAA-key: ", AAAkey, AAAkeyLen); memset(KeyGenNonce_ClientID, 0, KeyGenNonceLen+128); if (KeyGenNonce) memcpy(KeyGenNonce_ClientID, KeyGenNonce, KeyGenNonceLen); /// @todo fill also with ClientID (DUID?) PrintHex("Auth: Infokey: using KeyGenNonce+CliendID: ", KeyGenNonce_ClientID, KeyGenNonceLen+128); Log(Debug) << "Auth: AAAKeyLen: " << AAAkeyLen << ", KeyGenNonceLen: " << KeyGenNonceLen << LogEnd; AuthInfoKey = new char[AUTHKEYLEN]; hmac_sha(KeyGenNonce_ClientID, KeyGenNonceLen+128, AAAkey, AAAkeyLen, (char *)AuthInfoKey, 1); PrintHex("Auth: AuthInfoKey (calculated): ", AuthInfoKey, AUTHKEYLEN); delete [] KeyGenNonce_ClientID; #endif return 0; }
char * getAAAKey(uint32_t SPI, unsigned *len) { char * filename = 0; struct stat st; char * retval; int offset = 0; int fd; int ret; filename = getAAAKeyFilename(SPI); if (stat(filename, &st)) return NULL; fd = open(filename, O_RDONLY); if (0 > fd) return NULL; retval = malloc(st.st_size); if (!retval) { close(fd); return NULL; } while (offset < st.st_size) { ret = read(fd, retval + offset, st.st_size - offset); if (!ret) break; if (ret < 0) { free(retval); close(fd); return NULL; } offset += ret; } close(fd); if (offset != st.st_size) { free(retval); return NULL; } *len = st.st_size; return retval; }