minor updates
Change-Id: I87717fbedbedbb4f2525db6dd9a3d3a2c88e5d15
diff --git a/src/protocol-detail/new-renew-revoke.cpp b/src/protocol-detail/new-renew-revoke.cpp
index 9d6f5f8..b368c8c 100644
--- a/src/protocol-detail/new-renew-revoke.cpp
+++ b/src/protocol-detail/new-renew-revoke.cpp
@@ -97,6 +97,7 @@
content.parse();
const auto& ecdhKey = readString(content.get(tlv_ecdh_pub));
const auto& salt = readString(content.get(tlv_salt));
+ uint64_t saltInt = std::stoull(salt);
const auto& requestStatus = static_cast<Status>(readNonNegativeInteger(content.get(tlv_status)));
const auto& requestId = readString(content.get(tlv_request_id));
std::list<std::string> challenges;
@@ -105,7 +106,7 @@
challenges.push_back(readString(element));
}
}
- return DecodedData{ecdhKey, salt, requestId, requestStatus, challenges};
+ return DecodedData{ecdhKey, saltInt, requestId, requestStatus, challenges};
}
} // namespace ndncert
diff --git a/src/protocol-detail/new-renew-revoke.hpp b/src/protocol-detail/new-renew-revoke.hpp
index 86c46d0..de5d558 100644
--- a/src/protocol-detail/new-renew-revoke.hpp
+++ b/src/protocol-detail/new-renew-revoke.hpp
@@ -40,7 +40,7 @@
const std::list<std::string>& challenges);
struct DecodedData {
std::string ecdhKey;
- std::string salt;
+ uint64_t salt;
std::string requestId;
Status requestStatus;
std::list<std::string> challenges;
diff --git a/src/requester.cpp b/src/requester.cpp
index 403736b..7530821 100644
--- a/src/requester.cpp
+++ b/src/requester.cpp
@@ -179,25 +179,20 @@
if (!security::verifySignature(reply, *state.m_caItem.m_cert)) {
_LOG_ERROR("Cannot verify replied Data packet signature.");
BOOST_THROW_EXCEPTION(std::runtime_error("Cannot verify replied Data packet signature."));
- return std::list<std::string>();
}
processIfError(reply);
auto contentTLV = reply.getContent();
- const auto content = NEW_RENEW_REVOKE::decodeDataContent(contentTLV);
+ const auto& content = NEW_RENEW_REVOKE::decodeDataContent(contentTLV);
- // ECDH
- uint64_t saltInt = std::stoull(content.salt);
+ // ECDH and HKDF
state.m_ecdh.deriveSecret(content.ecdhKey);
-
- // HKDF
hkdf(state.m_ecdh.context->sharedSecret, state.m_ecdh.context->sharedSecretLen,
- (uint8_t*)&saltInt, sizeof(saltInt), state.m_aesKey, sizeof(state.m_aesKey));
+ (uint8_t*)&content.salt, sizeof(content.salt), state.m_aesKey, sizeof(state.m_aesKey));
// update state
state.m_status = content.requestStatus;
state.m_requestId = content.requestId;
-
return content.challenges;
}
@@ -246,7 +241,6 @@
if (!security::verifySignature(reply, *state.m_caItem.m_cert)) {
_LOG_ERROR("Cannot verify replied Data packet signature.");
BOOST_THROW_EXCEPTION(std::runtime_error("Cannot verify replied Data packet signature."));
- return;
}
processIfError(reply);
auto result = decodeBlockWithAesGcm128(reply.getContent(), state.m_aesKey, (const uint8_t*)"test", strlen("test"));