BUF_MEM *
compute_authentication_token(int protocol, const KA_CTX *ka_ctx, EVP_PKEY *opp_key,
BN_CTX *bn_ctx, enum eac_tr_version tr_version)
{
BUF_MEM *asn1 = NULL, *out = NULL, *pad =NULL;
check(ka_ctx, "Invalid arguments");
asn1 = asn1_pubkey(protocol, opp_key, bn_ctx, tr_version);
/* ISO 9797-1 algorithm 3 retail MAC now needs extra padding (padding method 2) */
if (EVP_CIPHER_nid(ka_ctx->cipher) == NID_des_ede_cbc) {
pad = add_iso_pad(asn1, EVP_CIPHER_block_size(ka_ctx->cipher));
if (!pad)
goto err;
out = authenticate(ka_ctx, pad);
} else {
out = authenticate(ka_ctx, asn1);
}
err:
if (asn1)
BUF_MEM_free(asn1);
if (pad)
BUF_MEM_free(pad);
return out;
}
BUF_MEM *
CA_STEP1_get_pubkey(const EAC_CTX *ctx)
{
check_return(ctx && ctx->ca_ctx && ctx->ca_ctx->ka_ctx,
"Invalid arguments");
return asn1_pubkey(ctx->ca_ctx->protocol, ctx->ca_ctx->ka_ctx->key,
ctx->bn_ctx, ctx->tr_version);
}
