int CA_STEP6_derive_keys(EAC_CTX *ctx, const BUF_MEM *nonce, const BUF_MEM *token) { int rv = -1; check((ctx && ctx->ca_ctx), "Invalid arguments"); if (!KA_CTX_derive_keys(ctx->ca_ctx->ka_ctx, nonce, ctx->md_ctx)) goto err; rv = verify_authentication_token(ctx->ca_ctx->protocol, ctx->ca_ctx->ka_ctx, ctx->bn_ctx, ctx->tr_version, token); check(rv >= 0, "Failed to verify authentication token"); /* PACE, TA and CA were successful. Update the trust anchor! */ if (rv) { if (ctx->ta_ctx->new_trust_anchor) { CVC_CERT_free(ctx->ta_ctx->trust_anchor); ctx->ta_ctx->trust_anchor = ctx->ta_ctx->new_trust_anchor; ctx->ta_ctx->new_trust_anchor = NULL; } } err: return rv; }
int PACE_STEP3D_verify_authentication_token(const EAC_CTX *ctx, const BUF_MEM *token) { if (!ctx || !token|| !ctx->pace_ctx) { log_err("Invalid arguments"); return -1; } return verify_authentication_token(ctx->pace_ctx->protocol, ctx->pace_ctx->ka_ctx, ctx->bn_ctx, ctx->tr_version, token); }