static AJ_Status KeyGen(const char* peerName, uint8_t role, const char* nonce1, const char* nonce2, uint8_t* outBuf, uint32_t len) { AJ_Status status; const uint8_t* data[4]; uint8_t lens[4]; const AJ_GUID* peerGuid = AJ_GUID_Find(peerName); AJ_PeerCred cred; status = AJ_GetRemoteCredential(peerGuid, &cred); if (AJ_OK != status) { return AJ_ERR_NO_MATCH; } data[0] = cred.secret; lens[0] = (uint32_t)sizeof(cred.secret); data[1] = (uint8_t*)nonce1; lens[1] = (uint32_t)strlen(nonce1); data[2] = (uint8_t*)nonce2; lens[2] = (uint32_t)strlen(nonce2); data[3] = (uint8_t*)"session key"; lens[3] = 11; /* * We use the outBuf to store both the key and verifier string. * Check that there is enough space to do so. */ if (len < (AES_KEY_LEN + VERIFIER_LEN)) { return AJ_ERR_RESOURCES; } status = AJ_Crypto_PRF(data, lens, ArraySize(data), outBuf, AES_KEY_LEN + VERIFIER_LEN); /* * Store the session key and compose the verifier string. */ if (status == AJ_OK) { status = AJ_SetSessionKey(peerName, outBuf, role); } if (status == AJ_OK) { memmove(outBuf, outBuf + AES_KEY_LEN, VERIFIER_LEN); status = AJ_RawToHex(outBuf, VERIFIER_LEN, (char*)outBuf, len); } return status; }
AJ_Status TestCreds() { AJ_Status status = AJ_OK; AJ_GUID localGuid; AJ_GUID remoteGuid; char str[33]; AJ_PeerCred peerCred; AJ_PeerCred peerCredRead; int i = 0; status = AJ_GetLocalGUID(&localGuid); if (AJ_OK != status) { goto TEST_CREDS_EXIT; } AJ_GUID_FromString(&localGuid, str); AJ_NVRAM_Layout_Print(); memset(&peerCred.guid, 1, sizeof(AJ_GUID)); memcpy(&remoteGuid, &peerCred.guid, sizeof(AJ_GUID)); // backup the GUID for (i = 0; i < 24; i++) { peerCred.secret[i] = i; } status = AJ_StoreCredential(&peerCred); if (AJ_OK != status) { AJ_Printf("AJ_StoreCredential failed = %d\n", status); goto TEST_CREDS_EXIT; } status = AJ_GetRemoteCredential(&remoteGuid, &peerCredRead); if (AJ_OK != status) { AJ_Printf("AJ_StoreCredential failed = %d\n", status); goto TEST_CREDS_EXIT; } if (0 != memcmp(&peerCredRead, &peerCred, sizeof(AJ_PeerCred))) { AJ_Printf("The retrieved credential does not match\n"); status = AJ_ERR_FAILURE; goto TEST_CREDS_EXIT; } status = AJ_DeleteCredential(&remoteGuid); if (AJ_OK != status) { AJ_Printf("AJ_DeleteCredential failed = %d\n", status); goto TEST_CREDS_EXIT; } if (AJ_ERR_FAILURE == AJ_GetRemoteCredential(&remoteGuid, &peerCredRead)) { status = AJ_OK; } else { status = AJ_ERR_FAILURE; goto TEST_CREDS_EXIT; } AJ_NVRAM_Layout_Print(); status = AJ_StoreCredential(&peerCred); if (AJ_OK != status) { AJ_Printf("AJ_StoreCredential failed = %d\n", status); goto TEST_CREDS_EXIT; } AJ_ClearCredentials(); if (AJ_ERR_FAILURE == AJ_GetRemoteCredential(&remoteGuid, &peerCredRead)) { status = AJ_OK; } else { status = AJ_ERR_FAILURE; goto TEST_CREDS_EXIT; } AJ_NVRAM_Layout_Print(); TEST_CREDS_EXIT: return status; }