int
PACE_STEP3B_compute_shared_secret(const EAC_CTX * ctx, const BUF_MEM * in)
{
BUF_MEM *my_pub = NULL;
int r = 0;
check((ctx && ctx->pace_ctx && ctx->pace_ctx->ka_ctx
&& ctx->pace_ctx->ka_ctx->compute_key && in), "Invalid arguments");
/* Check if the new public key is different from the other party's public
* key. Note that this check is only required since TR-03110 v2.02, but it
* makes sense to always check this... */
if (!ctx->pace_ctx->my_eph_pubkey
|| (in->length == ctx->pace_ctx->my_eph_pubkey->length
&& memcmp(in->data, ctx->pace_ctx->my_eph_pubkey, in->length) == 0)) {
log_err("Bad DH or ECKEY object");
goto err;
}
check(KA_CTX_compute_key(ctx->pace_ctx->ka_ctx, in, ctx->bn_ctx),
"Failed to compute shared secret");
r = 1;
err:
if (my_pub)
BUF_MEM_free(my_pub);
return r;
}
int
CA_STEP4_compute_shared_secret(const EAC_CTX *ctx, const BUF_MEM *pubkey)
{
if (!ctx || !ctx->ca_ctx
|| !KA_CTX_compute_key(ctx->ca_ctx->ka_ctx, pubkey, ctx->bn_ctx)) {
log_err("Invalid arguments");
return 0;
}
return 1;
}
