fix

qursa-uc3m · Dec 10, 2024 · 551a2f0 · 551a2f0
1 parent d8f50e4
commit 551a2f0
Showing 1 changed file with 34 additions and 8 deletions.
diff --git a/src/libstrongswan/plugins/qkd-kem/qkd_kem.c b/src/libstrongswan/plugins/qkd-kem/qkd_kem.c
@@ -167,24 +167,40 @@ METHOD(key_exchange_t, get_public_key, bool,
 METHOD(key_exchange_t, set_public_key, bool,
     private_qkd_kem_t *this, chunk_t value) 
 {
-    DBG1(DBG_LIB, "QKD-KEM plugin: setting public key");
+    DBG1(DBG_LIB, "QKD-KEM plugin: setting public key (size: %d bytes)", value.len);
+
+    // Initiator (Alice) - has her own key pair, receives ciphertext from Bob
     if (this->key) {
+        DBG1(DBG_LIB, "QKD-KEM plugin: Initiator (Alice) processing ciphertext");
+
         if (!this->shared_secret) {
             this->shared_secret = OPENSSL_malloc(this->shared_secret_len);
         }
-        if (!EVP_PKEY_decapsulate_init(this->ctx, NULL) ||
-            !EVP_PKEY_decapsulate(this->ctx, this->shared_secret, 
-                &this->shared_secret_len, value.ptr, value.len)) {
+
+        if (!EVP_PKEY_decapsulate_init(this->ctx, NULL)) {
+            DBG1(DBG_LIB, "QKD-KEM plugin: Initiator decapsulate init failed");
+            return FALSE;
+        }
+
+        if (!EVP_PKEY_decapsulate(this->ctx, this->shared_secret, 
+            &this->shared_secret_len, value.ptr, value.len)) {
+            DBG1(DBG_LIB, "QKD-KEM plugin: Initiator decapsulation failed");
             return FALSE;
         }
+
+        DBG1(DBG_LIB, "QKD-KEM plugin: Initiator decapsulation successful");
         return TRUE;
     }
 
-    EVP_PKEY_CTX *tmp_ctx = EVP_PKEY_CTX_new_from_name(this->libctx, 
-        get_kem_name(this->method), NULL);
+    // Responder (Bob) - receives Alice's public key and generates ciphertext
+    DBG1(DBG_LIB, "QKD-KEM plugin: Responder (Bob) processing public key");
+
+    const char* kem_name = get_kem_name(this->method);
+    EVP_PKEY_CTX *tmp_ctx = EVP_PKEY_CTX_new_from_name(this->libctx, kem_name, NULL);
     EVP_PKEY *peer_key = NULL;
 
     if (!tmp_ctx || !EVP_PKEY_fromdata_init(tmp_ctx)) {
+        DBG1(DBG_LIB, "QKD-KEM plugin: Responder context initialization failed");
         EVP_PKEY_CTX_free(tmp_ctx);
         return FALSE;
     }
@@ -195,6 +211,7 @@ METHOD(key_exchange_t, set_public_key, bool,
     };
 
     if (!EVP_PKEY_fromdata(tmp_ctx, &peer_key, EVP_PKEY_PUBLIC_KEY, params)) {
+        DBG1(DBG_LIB, "QKD-KEM plugin: Responder public key import failed");
         EVP_PKEY_CTX_free(tmp_ctx);
         return FALSE;
     }
@@ -208,8 +225,15 @@ METHOD(key_exchange_t, set_public_key, bool,
         return FALSE;
     }
 
-    if (!EVP_PKEY_encapsulate_init(this->ctx, NULL) ||
-        !EVP_PKEY_encapsulate(this->ctx, NULL, &this->ciphertext_len,
+    // Encapsulate the shared secret
+    if (!EVP_PKEY_encapsulate_init(this->ctx, NULL)) {
+        DBG1(DBG_LIB, "QKD-KEM plugin: Responder encapsulate init failed");
+        EVP_PKEY_free(peer_key);
+        return FALSE;
+    }
+
+    // Get buffer sizes first
+    if (!EVP_PKEY_encapsulate(this->ctx, NULL, &this->ciphertext_len,
             NULL, &this->shared_secret_len)) {
         EVP_PKEY_free(peer_key);
         return FALSE;
@@ -224,10 +248,12 @@ METHOD(key_exchange_t, set_public_key, bool,
 
     if (!EVP_PKEY_encapsulate(this->ctx, this->ciphertext, &this->ciphertext_len,
             this->shared_secret, &this->shared_secret_len)) {
+        DBG1(DBG_LIB, "QKD-KEM plugin: Responder encapsulation failed");
         EVP_PKEY_free(peer_key);
         return FALSE;
     }
 
+    DBG1(DBG_LIB, "QKD-KEM plugin: Responder encapsulation successful");
     EVP_PKEY_free(peer_key);
     return TRUE;
 }