int CA_STEP5_derive_keys(const EAC_CTX *ctx, const BUF_MEM *pub, BUF_MEM **nonce, BUF_MEM **token) { BUF_MEM *r = NULL; BUF_MEM *authentication_token = NULL; check((ctx && ctx->ca_ctx && ctx->ca_ctx->ka_ctx && nonce && token), "Invalid arguments"); /* Generate nonce and derive k_mac and k_enc*/ r = randb(CA_NONCE_SIZE); if (!r || !KA_CTX_derive_keys(ctx->ca_ctx->ka_ctx, r, ctx->md_ctx)) goto err; /* Compute authentication token */ authentication_token = get_authentication_token(ctx->ca_ctx->protocol, ctx->ca_ctx->ka_ctx, ctx->bn_ctx, ctx->tr_version, pub); check(authentication_token, "Failed to compute authentication token"); *nonce = r; *token = authentication_token; return 1; err: BUF_MEM_clear_free(r); return 0; }
BUF_MEM * PACE_STEP3D_compute_authentication_token(const EAC_CTX *ctx, const BUF_MEM *pub) { if (!ctx || !ctx->pace_ctx) { log_err("Invalid arguments"); return NULL; } return get_authentication_token(ctx->pace_ctx->protocol, ctx->pace_ctx->ka_ctx, ctx->bn_ctx, ctx->tr_version, pub); }