Newer
Older
#include "LibItsSecurity_Functions.hh"
#include <openssl/ec.h>
#include <openssl/ecdsa.h>
namespace LibItsSecurity__Functions
{
// FIXME Unify code with security_services
* \fn OCTETSTRING fx_hashWithSha256(const OCTETSTRING& p__toBeHashedData);
* \brief Produces a 256-bit (32-byte) hash value
* \param[in] p__toBeHashedData The data to be used to calculate the hash value
* \return The hash value
*/
OCTETSTRING fx__hashWithSha256(
const OCTETSTRING& p__toBeHashedData
) {
sha256 hash;
std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeHashedData), p__toBeHashedData.lengthof() + static_cast<const unsigned char *>(p__toBeHashedData));
return OCTETSTRING(hashData.size(), hashData.data());
} // End of function fx__hashWithSha256
/**
* \fn OCTETSTRING fx_hashWithSha384(const OCTETSTRING& p__toBeHashedData);
* \brief Produces a 384-bit (48-byte) hash value
* \param[in] p__toBeHashedData Data to be used to calculate the hash value
* \return The hash value
*/
OCTETSTRING fx__hashWithSha384(
const OCTETSTRING& p__toBeHashedData
) {
sha384 hash;
std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeHashedData), p__toBeHashedData.lengthof() + static_cast<const unsigned char *>(p__toBeHashedData));
return OCTETSTRING(hashData.size(), hashData.data());
} // End of function fx__hashWithSha384
* \fn OCTETSTRING fx__signWithEcdsaNistp256WithSha256(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey);
* \brief Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature
* \param[in] p__toBeSignedSecuredMessage The data to be signed
* \param[in] p__privateKey The private key
* \return The signature value
*/
OCTETSTRING fx__signWithEcdsaNistp256WithSha256(
const OCTETSTRING& p__toBeSignedSecuredMessage,
const OCTETSTRING& p__privateKey
sha256 hash;
std::vector<unsigned char> hashData;
// TODO Create SHX interface and add generate method with std::vector
std::vector<unsigned char> tbs(static_cast<const unsigned char *>(p__toBeSignedSecuredMessage), p__toBeSignedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeSignedSecuredMessage));
hash.generate(tbs, hashData);
// Calculate the signature
std::vector<unsigned char> p_key(static_cast<const unsigned char *>(p__privateKey), static_cast<const unsigned char *>(p__privateKey) + p__privateKey.lengthof());
std::vector<unsigned char> r_sig;
std::vector<unsigned char> s_sig;
if (k.sign(hashData, r_sig, s_sig) == 0) {
OCTETSTRING os(r_sig.size(), r_sig.data());
// loggers::get_instance().log_to_hexa("r_sig= ", os);
// loggers::get_instance().log_to_hexa("s_sig= ", OCTETSTRING(s_sig.size(), s_sig.data());
os += OCTETSTRING(s_sig.size(), s_sig.data());
// loggers::get_instance().log_to_hexa("sig= ", os);
* \fn OCTETSTRING fx__signWithEcdsaBrainpoolp256WithSha256(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey);
* \brief Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature
* \param[in] p__toBeSignedSecuredMessage The data to be signed
* \param[in] p__privateKey The private key
* \return The signature value
*/
OCTETSTRING fx__signWithEcdsaBrainpoolp256WithSha256(
const OCTETSTRING& p__toBeSignedSecuredMessage,
const OCTETSTRING& p__privateKey
// Calculate the SHA256 of the data
sha256 hash;
std::vector<unsigned char> hashData;
// TODO Create SHX interface and add generate method with std::vector
std::vector<unsigned char> tbs(static_cast<const unsigned char *>(p__toBeSignedSecuredMessage), p__toBeSignedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeSignedSecuredMessage));
hash.generate(tbs, hashData);
// Calculate the signature
std::vector<unsigned char> p_key(static_cast<const unsigned char *>(p__privateKey), static_cast<const unsigned char *>(p__privateKey) + p__privateKey.lengthof());
security_ecc k(ec_elliptic_curves::brainpool_p_256_r1, p_key);
std::vector<unsigned char> r_sig;
std::vector<unsigned char> s_sig;
if (k.sign(hashData, r_sig, s_sig) == 0) {
OCTETSTRING os(r_sig.size(), r_sig.data());
// loggers::get_instance().log_to_hexa("r_sig= ", os);
// loggers::get_instance().log_to_hexa("s_sig= ", OCTETSTRING(s_sig.size(), s_sig.data());
os += OCTETSTRING(s_sig.size(), s_sig.data());
// loggers::get_instance().log_to_hexa("sig= ", os);
return os;
}
return OCTETSTRING();
}
/**
* \fn OCTETSTRING fx__signWithEcdsaBrainpoolp384WithSha384(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey);
* \brief Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature
* \param[in] p__toBeSignedSecuredMessage The data to be signed
* \param[in] p__privateKey The private key
* \return The signature value
*/
OCTETSTRING fx__signWithEcdsaBrainpoolp384WithSha384(
const OCTETSTRING& p__toBeSignedSecuredMessage,
const OCTETSTRING& p__privateKey
// Calculate the SHA384 of the data
sha384 hash;
std::vector<unsigned char> hashData;
// TODO Create SHX interface and add generate method with std::vector
std::vector<unsigned char> tbs(static_cast<const unsigned char *>(p__toBeSignedSecuredMessage), p__toBeSignedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeSignedSecuredMessage));
hash.generate(tbs, hashData);
// Calculate the signature
std::vector<unsigned char> p_key(static_cast<const unsigned char *>(p__privateKey), static_cast<const unsigned char *>(p__privateKey) + p__privateKey.lengthof());
security_ecc k(ec_elliptic_curves::brainpool_p_384_r1, p_key);
std::vector<unsigned char> r_sig;
std::vector<unsigned char> s_sig;
if (k.sign(hashData, r_sig, s_sig) == 0) {
OCTETSTRING os(r_sig.size(), r_sig.data());
//loggers::get_instance().log_to_hexa("fx__signWithEcdsaBrainpoolp384WithSha384: r_sig= ", os);
//loggers::get_instance().log_to_hexa("fx__signWithEcdsaBrainpoolp384WithSha384: s_sig= ", OCTETSTRING(s_sig.size(), s_sig.data()));
//loggers::get_instance().log_to_hexa("fx__signWithEcdsaBrainpoolp384WithSha384: sig= ", os);
return os;
}
return OCTETSTRING();
}
* \fn BOOLEAN fx__verifyWithEcdsaNistp256WithSha256(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaNistp256PublicKeyCompressed);
* \brief Verify the signature of the specified data
* \param[in] p__toBeVerifiedData The data to be verified
* \param[in] p__signature The signature
* \param[in] p__ecdsaNistp256PublicKeyCompressed The compressed public key (x coordinate only)
* \return true on success, false otherwise
*/
BOOLEAN fx__verifyWithEcdsaNistp256WithSha256(
const OCTETSTRING& p__toBeVerifiedData,
const OCTETSTRING& p__signature,
const OCTETSTRING& p__ecdsaNistp256PublicKeyCompressed,
const INTEGER& p__compressedMode
sha256 hash;
std::vector<unsigned char> hashData;
// TODO Create SHX interface and add generate method with std::vector
std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), static_cast<const unsigned char *>(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof());
hash.generate(tbh, hashData);
// Check the signature
std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof());
std::vector<unsigned char> pub_key_compressed(static_cast<const unsigned char *>(p__ecdsaNistp256PublicKeyCompressed), static_cast<const unsigned char *>(p__ecdsaNistp256PublicKeyCompressed) + p__ecdsaNistp256PublicKeyCompressed.lengthof());
security_ecc k(ec_elliptic_curves::nist_p_256, pub_key_compressed, (p__compressedMode == 0) ? ecc_compressed_mode::compressed_y_0 : ecc_compressed_mode::compressed_y_1);
if (k.sign_verif(hashData, signature) == 0) {
return TRUE;
}
return FALSE;
}
/**
* \fn BOOLEAN fx__verifyWithEcdsaNistp256WithSha256_1(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaNistp256PublicKeyX, const OCTETSTRING& p__ecdsaNistp256PublicKeyY);
* \brief Verify the signature of the specified data
* \param[in] p__toBeVerifiedData The data to be verified
* \param[in] p__signature The signature
* \param[in] p__ecdsaNistp256PublicKeyX The public key (x coordinate)
* \param[in] p__ecdsaNistp256PublicKeyY The public key (y coordinate)
* \return true on success, false otherwise
*/
BOOLEAN fx__verifyWithEcdsaNistp256WithSha256__1(
const OCTETSTRING& p__toBeVerifiedData,
const OCTETSTRING& p__signature,
const OCTETSTRING& p__ecdsaNistp256PublicKeyX,
const OCTETSTRING& p__ecdsaNistp256PublicKeyY
) {
Loading
Loading full blame…