|
|
@@ -48,8 +48,6 @@ typedef struct session {
|
|
|
uint16_t salt_len;
|
|
|
char *verifier;
|
|
|
uint16_t verifier_len;
|
|
|
- char *client_pubkey;
|
|
|
- uint16_t client_pubkey_len;
|
|
|
char *session_key;
|
|
|
uint16_t session_key_len;
|
|
|
uint8_t iv[AES_GCM_IV_SIZE];
|
|
|
@@ -95,23 +93,11 @@ static esp_err_t handle_session_command0(session_t *cur_session,
|
|
|
return ESP_ERR_INVALID_ARG;
|
|
|
}
|
|
|
|
|
|
- cur_session->username_len = in->sc0->client_username.len;
|
|
|
- cur_session->username = calloc(cur_session->username_len, sizeof(char));
|
|
|
- if (!cur_session->username) {
|
|
|
- ESP_LOGE(TAG, "Failed to allocate memory!");
|
|
|
- return ESP_ERR_NO_MEM;
|
|
|
- }
|
|
|
- memcpy(cur_session->username, in->sc0->client_username.data, in->sc0->client_username.len);
|
|
|
- ESP_LOGD(TAG, "Username: %.*s", cur_session->username_len, cur_session->username);
|
|
|
|
|
|
- cur_session->client_pubkey = calloc(PUBLIC_KEY_LEN, sizeof(char));
|
|
|
- if (!cur_session->client_pubkey ) {
|
|
|
- ESP_LOGE(TAG, "Failed to allocate memory!");
|
|
|
- return ESP_ERR_NO_MEM;
|
|
|
- }
|
|
|
- memcpy(cur_session->client_pubkey, in->sc0->client_pubkey.data, PUBLIC_KEY_LEN);
|
|
|
- cur_session->client_pubkey_len = PUBLIC_KEY_LEN;
|
|
|
- hexdump("Client Public Key", cur_session->client_pubkey, PUBLIC_KEY_LEN);
|
|
|
+ ESP_LOGD(TAG, "Username: %.*s", in->sc0->client_username.len, in->sc0->client_username.data);
|
|
|
+
|
|
|
+
|
|
|
+ hexdump("Client Public Key", (char *) in->sc0->client_pubkey.data, PUBLIC_KEY_LEN);
|
|
|
|
|
|
/* Initialize mu srp context */
|
|
|
cur_session->srp_hd = calloc(1, sizeof(esp_srp_handle_t));
|
|
|
@@ -122,6 +108,7 @@ static esp_err_t handle_session_command0(session_t *cur_session,
|
|
|
|
|
|
if (esp_srp_init(cur_session->srp_hd, ESP_NG_3072) != ESP_OK) {
|
|
|
ESP_LOGE(TAG, "Failed to initialise security context!");
|
|
|
+ free(cur_session->srp_hd);
|
|
|
return ESP_FAIL;
|
|
|
}
|
|
|
|
|
|
@@ -137,27 +124,30 @@ static esp_err_t handle_session_command0(session_t *cur_session,
|
|
|
if (sv->salt != NULL && sv->salt_len != 0 && sv->verifier != NULL && sv->verifier_len != 0) {
|
|
|
if (esp_srp_set_salt_verifier(cur_session->srp_hd, cur_session->salt, cur_session->salt_len, cur_session->verifier, cur_session->verifier_len) != ESP_OK) {
|
|
|
ESP_LOGE(TAG, "Failed to set salt and verifier!");
|
|
|
+ free(cur_session->srp_hd);
|
|
|
return ESP_FAIL;
|
|
|
}
|
|
|
if (esp_srp_srv_pubkey_from_salt_verifier(cur_session->srp_hd, &device_pubkey, &device_pubkey_len) != ESP_OK) {
|
|
|
ESP_LOGE(TAG, "Failed to device public key!");
|
|
|
+ free(cur_session->srp_hd);
|
|
|
return ESP_FAIL;
|
|
|
}
|
|
|
}
|
|
|
|
|
|
hexdump("Device Public Key", device_pubkey, device_pubkey_len);
|
|
|
- if (esp_srp_get_session_key(cur_session->srp_hd, cur_session->client_pubkey, cur_session->client_pubkey_len,
|
|
|
+ if (esp_srp_get_session_key(cur_session->srp_hd, (char *) in->sc0->client_pubkey.data, PUBLIC_KEY_LEN,
|
|
|
&cur_session->session_key, &cur_session->session_key_len) != ESP_OK) {
|
|
|
ESP_LOGE(TAG, "Failed to generate device session key!");
|
|
|
+ free(cur_session->srp_hd);
|
|
|
return ESP_FAIL;
|
|
|
}
|
|
|
hexdump("Session Key", cur_session->session_key, cur_session->session_key_len);
|
|
|
|
|
|
-
|
|
|
Sec2Payload *out = (Sec2Payload *) malloc(sizeof(Sec2Payload));
|
|
|
S2SessionResp0 *out_resp = (S2SessionResp0 *) malloc(sizeof(S2SessionResp0));
|
|
|
if (!out || !out_resp) {
|
|
|
ESP_LOGE(TAG, "Error allocating memory for response0");
|
|
|
+ free(cur_session->srp_hd);
|
|
|
free(out);
|
|
|
free(out_resp);
|
|
|
return ESP_ERR_NO_MEM;
|
|
|
@@ -182,6 +172,15 @@ static esp_err_t handle_session_command0(session_t *cur_session,
|
|
|
resp->proto_case = SESSION_DATA__PROTO_SEC2;
|
|
|
resp->sec2 = out;
|
|
|
|
|
|
+ cur_session->username_len = in->sc0->client_username.len;
|
|
|
+ cur_session->username = malloc(cur_session->username_len);
|
|
|
+ if (!cur_session->username) {
|
|
|
+ ESP_LOGE(TAG, "Failed to allocate memory!");
|
|
|
+ free(cur_session->srp_hd);
|
|
|
+ return ESP_ERR_NO_MEM;
|
|
|
+ }
|
|
|
+ memcpy(cur_session->username, in->sc0->client_username.data, in->sc0->client_username.len);
|
|
|
+
|
|
|
cur_session->state = SESSION_STATE_CMD1;
|
|
|
|
|
|
ESP_LOGD(TAG, "Session setup phase1 done");
|
|
|
@@ -213,6 +212,7 @@ static esp_err_t handle_session_command1(session_t *cur_session,
|
|
|
|
|
|
if (esp_srp_exchange_proofs(cur_session->srp_hd, cur_session->username, cur_session->username_len, (char * ) in->sc1->client_proof.data, device_proof) != ESP_OK) {
|
|
|
ESP_LOGE(TAG, "Failed to authenticate client proof!");
|
|
|
+ free(device_proof);
|
|
|
return ESP_FAIL;
|
|
|
}
|
|
|
hexdump("Device proof", device_proof, CLIENT_PROOF_LEN);
|
|
|
@@ -347,7 +347,6 @@ static esp_err_t sec2_close_session(protocomm_security_handle_t handle, uint32_t
|
|
|
}
|
|
|
|
|
|
free(cur_session->username);
|
|
|
- free(cur_session->client_pubkey);
|
|
|
|
|
|
if (cur_session->srp_hd) {
|
|
|
esp_srp_free(cur_session->srp_hd);
|
Aditya Patwardhan