Newer
Older
#include "LibItsSecurity_Functions.hh"
#include <openssl/ec.h>
#include <openssl/ecdsa.h>
namespace LibItsSecurity__Functions
{
// FIXME Unify code with security_services
* \fn OCTETSTRING fx_hashWithSha256(const OCTETSTRING& p__toBeHashedData);
* \brief Produces a 256-bit (32-byte) hash value
* \param[in] p__toBeHashedData The data to be used to calculate the hash value
* \return The hash value
*/
OCTETSTRING fx__hashWithSha256(
const OCTETSTRING& p__toBeHashedData
) {
loggers::get_instance().log_msg(">>> fx__hashWithSha256: p__toBeHashedData= ", p__toBeHashedData);
std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeHashedData), p__toBeHashedData.lengthof() + static_cast<const unsigned char *>(p__toBeHashedData));
loggers::get_instance().log_to_hexa("fx__hashWithSha256: hashData= ", hashData.data(), hashData.size());
return OCTETSTRING(hashData.size(), hashData.data());
} // End of function fx__hashWithSha256
/**
* \fn OCTETSTRING fx_hashWithSha384(const OCTETSTRING& p__toBeHashedData);
* \brief Produces a 384-bit (48-byte) hash value
* \param[in] p__toBeHashedData Data to be used to calculate the hash value
* \return The hash value
*/
OCTETSTRING fx__hashWithSha384(
const OCTETSTRING& p__toBeHashedData
) {
sha384 hash;
std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeHashedData), p__toBeHashedData.lengthof() + static_cast<const unsigned char *>(p__toBeHashedData));
return OCTETSTRING(hashData.size(), hashData.data());
} // End of function fx__hashWithSha384
* \fn OCTETSTRING fx__signWithEcdsaNistp256WithSha256(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey);
* \brief Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature
* \param[in] p__toBeSignedSecuredMessage The data to be signed
* \param[in] p__certificateIssuer Certificate issuer
* \param[in] p__privateKey The private key
* \return The signature value
*/
OCTETSTRING fx__signWithEcdsaNistp256WithSha256(
const OCTETSTRING& p__toBeSignedSecuredMessage,
const OCTETSTRING& p__certificateIssuer,
if (p__certificateIssuer.lengthof() != 32) {
loggers::get_instance().log("fx__signWithEcdsaNistp256WithSha256: Wrong parameters");
return OCTETSTRING();
}
// Calculate the SHA256 of the hashed data for signing: Hash ( Hash (Data input) || Hash (Signer identifier input) )
std::vector<unsigned char> hashData1; // Hash (Data input)
std::vector<unsigned char> tbs(static_cast<const unsigned char *>(p__toBeSignedSecuredMessage), p__toBeSignedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeSignedSecuredMessage));
hash.generate(tbs, hashData1);
if (p__certificateIssuer != int2oct(0, 32)) { // || Hash (Signer identifier input)
std::vector<unsigned char> issuer = std::vector<unsigned char>(static_cast<const unsigned char*>(p__certificateIssuer), p__certificateIssuer.lengthof() + static_cast<const unsigned char*>(p__certificateIssuer));
hashData1.insert(hashData1.end(), issuer.cbegin(), issuer.cend());
std::vector<unsigned char> hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) )
hash.generate(hashData1, hashData);
std::vector<unsigned char> p_key(static_cast<const unsigned char *>(p__privateKey), static_cast<const unsigned char *>(p__privateKey) + p__privateKey.lengthof());
std::vector<unsigned char> r_sig;
std::vector<unsigned char> s_sig;
if (k.sign(hashData, r_sig, s_sig) == 0) {
OCTETSTRING os(r_sig.size(), r_sig.data());
// loggers::get_instance().log_to_hexa("r_sig= ", os);
// loggers::get_instance().log_to_hexa("s_sig= ", OCTETSTRING(s_sig.size(), s_sig.data());
os += OCTETSTRING(s_sig.size(), s_sig.data());
// loggers::get_instance().log_to_hexa("sig= ", os);
* \fn OCTETSTRING fx__signWithEcdsaBrainpoolp256WithSha256(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey);
* \brief Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature
* \param[in] p__toBeSignedSecuredMessage The data to be signed
* \param[in] p__certificateIssuer Certificate issuer
* \param[in] p__privateKey The private key
* \return The signature value
*/
OCTETSTRING fx__signWithEcdsaBrainpoolp256WithSha256(
const OCTETSTRING& p__toBeSignedSecuredMessage,
const OCTETSTRING& p__certificateIssuer,
if (p__certificateIssuer.lengthof() != 32) {
loggers::get_instance().log("fx__signWithEcdsaBrainpoolp256WithSha256: Wrong parameters");
return OCTETSTRING();
}
// Calculate the SHA256 of the hashed data for signing: Hash ( Hash (Data input) || Hash (Signer identifier input) )
std::vector<unsigned char> hashData1; // Hash (Data input)
std::vector<unsigned char> tbs(static_cast<const unsigned char *>(p__toBeSignedSecuredMessage), p__toBeSignedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeSignedSecuredMessage));
hash.generate(tbs, hashData1);
if (p__certificateIssuer != int2oct(0, 32)) { // || Hash (Signer identifier input)
std::vector<unsigned char> issuer = std::vector<unsigned char>(static_cast<const unsigned char*>(p__certificateIssuer), p__certificateIssuer.lengthof() + static_cast<const unsigned char*>(p__certificateIssuer));
hashData1.insert(hashData1.end(), issuer.cbegin(), issuer.cend());
std::vector<unsigned char> hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) )
hash.generate(hashData1, hashData);
std::vector<unsigned char> p_key(static_cast<const unsigned char *>(p__privateKey), static_cast<const unsigned char *>(p__privateKey) + p__privateKey.lengthof());
security_ecc k(ec_elliptic_curves::brainpool_p_256_r1, p_key);
std::vector<unsigned char> r_sig;
std::vector<unsigned char> s_sig;
if (k.sign(hashData, r_sig, s_sig) == 0) {
OCTETSTRING os(r_sig.size(), r_sig.data());
// loggers::get_instance().log_to_hexa("r_sig= ", os);
// loggers::get_instance().log_to_hexa("s_sig= ", OCTETSTRING(s_sig.size(), s_sig.data());
os += OCTETSTRING(s_sig.size(), s_sig.data());
// loggers::get_instance().log_to_hexa("sig= ", os);
return os;
}
return OCTETSTRING();
}
/**
* \fn OCTETSTRING fx__signWithEcdsaBrainpoolp384WithSha384(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey);
* \brief Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature
* \param[in] p__toBeSignedSecuredMessage The data to be signed
* \param[in] p__certificateIssuer Certificate issuer
* \param[in] p__privateKey The private key
* \return The signature value
*/
OCTETSTRING fx__signWithEcdsaBrainpoolp384WithSha384(
const OCTETSTRING& p__toBeSignedSecuredMessage,
const OCTETSTRING& p__certificateIssuer,
if (p__certificateIssuer.lengthof() != 48) {
loggers::get_instance().log("fx__signWithEcdsaBrainpoolp384WithSha384: Wrong parameters");
return OCTETSTRING();
}
// Calculate the SHA384 of the hashed data for signing: Hash ( Hash (Data input) || Hash (Signer identifier input) )
std::vector<unsigned char> hashData1; // Hash (Data input)
std::vector<unsigned char> tbs(static_cast<const unsigned char *>(p__toBeSignedSecuredMessage), p__toBeSignedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeSignedSecuredMessage));
hash.generate(tbs, hashData1);
if (p__certificateIssuer != int2oct(0, 48)) { // || Hash (Signer identifier input)
std::vector<unsigned char> issuer = std::vector<unsigned char>(static_cast<const unsigned char*>(p__certificateIssuer), p__certificateIssuer.lengthof() + static_cast<const unsigned char*>(p__certificateIssuer));
hashData1.insert(hashData1.end(), issuer.cbegin(), issuer.cend());
std::vector<unsigned char> hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) )
hash.generate(hashData1, hashData);
std::vector<unsigned char> p_key(static_cast<const unsigned char *>(p__privateKey), static_cast<const unsigned char *>(p__privateKey) + p__privateKey.lengthof());
security_ecc k(ec_elliptic_curves::brainpool_p_384_r1, p_key);
std::vector<unsigned char> r_sig;
std::vector<unsigned char> s_sig;
if (k.sign(hashData, r_sig, s_sig) == 0) {
OCTETSTRING os(r_sig.size(), r_sig.data());
//loggers::get_instance().log_to_hexa("fx__signWithEcdsaBrainpoolp384WithSha384: r_sig= ", os);
//loggers::get_instance().log_to_hexa("fx__signWithEcdsaBrainpoolp384WithSha384: s_sig= ", OCTETSTRING(s_sig.size(), s_sig.data()));
//loggers::get_instance().log_to_hexa("fx__signWithEcdsaBrainpoolp384WithSha384: sig= ", os);
return os;
}
return OCTETSTRING();
}
* \fn BOOLEAN fx__verifyWithEcdsaNistp256WithSha256(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaNistp256PublicKeyCompressed);
* \brief Verify the signature of the specified data
* \param[in] p__toBeVerifiedData The data to be verified
* \param[in] p__certificateIssuer Certificate issuer
Loading
Loading full blame…