Newer
Older
#include "LibItsSecurity_Functions.hh"
#include <openssl/ec.h>
#include <openssl/ecdsa.h>
namespace LibItsSecurity__Functions
{
// FIXME Unify code with security_services
* \fn OCTETSTRING fx_hashWithSha256(const OCTETSTRING& p__toBeHashedData);
* \brief Produces a 256-bit (32-byte) hash value
* \param[in] p__toBeHashedData The data to be used to calculate the hash value
* \return The hash value
*/
OCTETSTRING fx__hashWithSha256(
const OCTETSTRING& p__toBeHashedData
) {
sha256 hash;
std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeHashedData), p__toBeHashedData.lengthof() + static_cast<const unsigned char *>(p__toBeHashedData));
return OCTETSTRING(hashData.size(), hashData.data());
} // End of function fx__hashWithSha256
/**
* \fn OCTETSTRING fx_hashWithSha384(const OCTETSTRING& p__toBeHashedData);
* \brief Produces a 384-bit (48-byte) hash value
* \param[in] p__toBeHashedData Data to be used to calculate the hash value
* \return The hash value
*/
OCTETSTRING fx__hashWithSha384(
const OCTETSTRING& p__toBeHashedData
) {
sha384 hash;
std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeHashedData), p__toBeHashedData.lengthof() + static_cast<const unsigned char *>(p__toBeHashedData));
return OCTETSTRING(hashData.size(), hashData.data());
} // End of function fx__hashWithSha384
* \fn OCTETSTRING fx__signWithEcdsaNistp256WithSha256(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey);
* \brief Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature
* \param[in] p__toBeSignedSecuredMessage The data to be signed
* \param[in] p__certificateIssuer Certificate issuer
* \param[in] p__privateKey The private key
* \return The signature value
*/
OCTETSTRING fx__signWithEcdsaNistp256WithSha256(
const OCTETSTRING& p__toBeSignedSecuredMessage,
const OCTETSTRING& p__certificateIssuer,
if (p__certificateIssuer.lengthof() != 8) {
loggers::get_instance().log("fx__signWithEcdsaNistp256WithSha256: Wrong parameters");
return OCTETSTRING();
}
sha256 hash;
std::vector<unsigned char> hashData;
// TODO Create SHX interface and add generate method with std::vector
std::vector<unsigned char> tbs(static_cast<const unsigned char *>(p__toBeSignedSecuredMessage), p__toBeSignedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeSignedSecuredMessage));
hash.generate(tbs, hashData);
if (p__certificateIssuer == int2oct(0, 8)) {
std::vector<unsigned char> issuer = std::vector<unsigned char>(static_cast<const unsigned char*>(p__certificateIssuer), p__certificateIssuer.lengthof() + static_cast<const unsigned char*>(p__certificateIssuer));
hashData.insert(hashData.end(), issuer.cbegin(), issuer.cend());
std::vector<unsigned char> p_key(static_cast<const unsigned char *>(p__privateKey), static_cast<const unsigned char *>(p__privateKey) + p__privateKey.lengthof());
std::vector<unsigned char> r_sig;
std::vector<unsigned char> s_sig;
if (k.sign(hashData, r_sig, s_sig) == 0) {
OCTETSTRING os(r_sig.size(), r_sig.data());
// loggers::get_instance().log_to_hexa("r_sig= ", os);
// loggers::get_instance().log_to_hexa("s_sig= ", OCTETSTRING(s_sig.size(), s_sig.data());
os += OCTETSTRING(s_sig.size(), s_sig.data());
// loggers::get_instance().log_to_hexa("sig= ", os);
* \fn OCTETSTRING fx__signWithEcdsaBrainpoolp256WithSha256(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey);
* \brief Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature
* \param[in] p__toBeSignedSecuredMessage The data to be signed
* \param[in] p__certificateIssuer Certificate issuer
* \param[in] p__privateKey The private key
* \return The signature value
*/
OCTETSTRING fx__signWithEcdsaBrainpoolp256WithSha256(
const OCTETSTRING& p__toBeSignedSecuredMessage,
const OCTETSTRING& p__certificateIssuer,
if (p__certificateIssuer.lengthof() != 8) {
loggers::get_instance().log("fx__signWithEcdsaBrainpoolp256WithSha256: Wrong parameters");
return OCTETSTRING();
}
// Calculate the SHA256 of the data
sha256 hash;
std::vector<unsigned char> hashData;
// TODO Create SHX interface and add generate method with std::vector
std::vector<unsigned char> tbs(static_cast<const unsigned char *>(p__toBeSignedSecuredMessage), p__toBeSignedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeSignedSecuredMessage));
hash.generate(tbs, hashData);
if (p__certificateIssuer == int2oct(0, 8)) {
std::vector<unsigned char> issuer = std::vector<unsigned char>(static_cast<const unsigned char*>(p__certificateIssuer), p__certificateIssuer.lengthof() + static_cast<const unsigned char*>(p__certificateIssuer));
hashData.insert(hashData.end(), issuer.cbegin(), issuer.cend());
std::vector<unsigned char> p_key(static_cast<const unsigned char *>(p__privateKey), static_cast<const unsigned char *>(p__privateKey) + p__privateKey.lengthof());
security_ecc k(ec_elliptic_curves::brainpool_p_256_r1, p_key);
std::vector<unsigned char> r_sig;
std::vector<unsigned char> s_sig;
if (k.sign(hashData, r_sig, s_sig) == 0) {
OCTETSTRING os(r_sig.size(), r_sig.data());
// loggers::get_instance().log_to_hexa("r_sig= ", os);
// loggers::get_instance().log_to_hexa("s_sig= ", OCTETSTRING(s_sig.size(), s_sig.data());
os += OCTETSTRING(s_sig.size(), s_sig.data());
// loggers::get_instance().log_to_hexa("sig= ", os);
return os;
}
return OCTETSTRING();
}
/**
* \fn OCTETSTRING fx__signWithEcdsaBrainpoolp384WithSha384(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey);
* \brief Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature
* \param[in] p__toBeSignedSecuredMessage The data to be signed
* \param[in] p__certificateIssuer Certificate issuer
* \param[in] p__privateKey The private key
* \return The signature value
*/
OCTETSTRING fx__signWithEcdsaBrainpoolp384WithSha384(
const OCTETSTRING& p__toBeSignedSecuredMessage,
const OCTETSTRING& p__certificateIssuer,
if (p__certificateIssuer.lengthof() != 8) {
loggers::get_instance().log("fx__signWithEcdsaBrainpoolp384WithSha384: Wrong parameters");
return OCTETSTRING();
}
// Calculate the SHA384 of the data
sha384 hash;
std::vector<unsigned char> hashData;
// TODO Create SHX interface and add generate method with std::vector
std::vector<unsigned char> tbs(static_cast<const unsigned char *>(p__toBeSignedSecuredMessage), p__toBeSignedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeSignedSecuredMessage));
hash.generate(tbs, hashData);
if (p__certificateIssuer == int2oct(0, 8)) {
std::vector<unsigned char> issuer = std::vector<unsigned char>(static_cast<const unsigned char*>(p__certificateIssuer), p__certificateIssuer.lengthof() + static_cast<const unsigned char*>(p__certificateIssuer));
hashData.insert(hashData.end(), issuer.cbegin(), issuer.cend());
std::vector<unsigned char> p_key(static_cast<const unsigned char *>(p__privateKey), static_cast<const unsigned char *>(p__privateKey) + p__privateKey.lengthof());
security_ecc k(ec_elliptic_curves::brainpool_p_384_r1, p_key);
std::vector<unsigned char> r_sig;
std::vector<unsigned char> s_sig;
if (k.sign(hashData, r_sig, s_sig) == 0) {
OCTETSTRING os(r_sig.size(), r_sig.data());
//loggers::get_instance().log_to_hexa("fx__signWithEcdsaBrainpoolp384WithSha384: r_sig= ", os);
//loggers::get_instance().log_to_hexa("fx__signWithEcdsaBrainpoolp384WithSha384: s_sig= ", OCTETSTRING(s_sig.size(), s_sig.data()));
//loggers::get_instance().log_to_hexa("fx__signWithEcdsaBrainpoolp384WithSha384: sig= ", os);
return os;
}
return OCTETSTRING();
}
* \fn BOOLEAN fx__verifyWithEcdsaNistp256WithSha256(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaNistp256PublicKeyCompressed);
* \brief Verify the signature of the specified data
* \param[in] p__toBeVerifiedData The data to be verified
* \param[in] p__certificateIssuer Certificate issuer
* \param[in] p__signature The signature
* \param[in] p__ecdsaNistp256PublicKeyCompressed The compressed public key (x coordinate only)
* \return true on success, false otherwise
*/
Loading
Loading full blame…