Loading ccsrc/Externals/LibItsSecurity_externals.cc +40 −24 Original line number Diff line number Diff line Loading @@ -255,43 +255,59 @@ namespace LibItsSecurity__Functions loggers::get_instance().log_msg(">>> fx__encryptWithEciesNistp256WithSha256: ", p__peerPublicKeyX); loggers::get_instance().log_msg(">>> fx__encryptWithEciesNistp256WithSha256: ", p__publicEncKeyY); // Encrypt message using AES-128 CCM security_ecc ec(ec_elliptic_curves::nist_p_256); std::vector<unsigned char> message(static_cast<const unsigned char *>(p__toBeEncryptedSecuredMessage), p__toBeEncryptedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeEncryptedSecuredMessage)); std::vector<unsigned char> enc_message; if (ec.encrypt(encryption_algotithm::aes_128_ccm, message, enc_message) == -1) { loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to encrypt message"); return OCTETSTRING(); } OCTETSTRING os(enc_message.size(), enc_message.data()); loggers::get_instance().log_to_hexa("fx__encryptWithEciesNistp256WithSha256: enc message: ", os); p__nonce = OCTETSTRING(ec.nonce().size(), ec.nonce().data()); loggers::get_instance().log_to_hexa("fx__encryptWithEciesNistp256WithSha256: p__nonce: ", p__nonce); p__tag = OCTETSTRING(ec.tag().size(), ec.tag().data()); loggers::get_instance().log_to_hexa("fx__encryptWithEciesNistp256WithSha256: p__tag: ", p__tag); // Encrypt symmetric key OCTETSTRING encSymKey = OCTETSTRING(ec.nonce().size(), ec.symmetric_encryption_key().data()); loggers::get_instance().log_to_hexa("fx__encryptWithEciesNistp256WithSha256: p__encSymKey: ", encSymKey); // Create new instance of ECC security_ecc ec_ecies(ec_elliptic_curves::nist_p_256); // Generate (Private,Public) keys ec_ecies.generate(); // Generate ephemeral key and derive it std::vector<unsigned char> peer_public_key_x(static_cast<const unsigned char *>(p__peerPublicKeyX), p__peerPublicKeyX.lengthof() + static_cast<const unsigned char *>(p__peerPublicKeyX)); std::vector<unsigned char> peer_public_key_y(static_cast<const unsigned char *>(p__publicEncKeyY), p__publicEncKeyY.lengthof() + static_cast<const unsigned char *>(p__publicEncKeyY)); int unused = 0; if (ec.generate_ephemeral_key( encryption_algotithm::aes_128_ccm, if (ec_ecies.generate_and_derive_ephemeral_key( peer_public_key_x, peer_public_key_y, unused) != 0) { loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to generate sender's ephemeral key"); peer_public_key_y ) != 0) { loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to generate and derive sender's ephemeral key"); return OCTETSTRING(); } // Encrypt the symmetric encryption key using existing nonce and symmetric encryption key std::vector<unsigned char> enc_eph_key; if (ec.encrypt_ephemeral_key(ec.ephemeral_key(), enc_eph_key) != 0) { loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to encrypt generated sender's ephemeral key"); /* TODO if (ec.encrypt(encryption_algotithm::aes_128_ccm, ec_ecies.ephemeral_key(), ec.symmetric_encryption_key(), enc_eph_key) == -1) { loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to encrypt message"); return OCTETSTRING(); } }*/ p__ephKey = OCTETSTRING(enc_eph_key.size(), enc_eph_key.data()); loggers::get_instance().log_to_hexa("fx__encryptWithEciesNistp256WithSha256: p__ephKey: ", ec.ephemeral_key().data(), ec.ephemeral_key().size()); loggers::get_instance().log_to_hexa("fx__encryptWithEciesNistp256WithSha256: Encrypted p__ephKey: ", p__ephKey); p__publicEncKeyX = OCTETSTRING(ec.encryption_key_x().size(), ec.encryption_key_x().data()); p__publicEncKeyX = OCTETSTRING(ec.encryption_key_x().size(), ec_ecies.encryption_key_x().data()); loggers::get_instance().log_to_hexa("fx__encryptWithEciesNistp256WithSha256: p__publicEncKeyX: ", p__publicEncKeyX); p__publicEncKeyY = OCTETSTRING(ec.encryption_key_y().size(), ec.encryption_key_y().data()); p__publicEncKeyY = OCTETSTRING(ec.encryption_key_y().size(), ec_ecies.encryption_key_y().data()); loggers::get_instance().log_to_hexa("fx__encryptWithEciesNistp256WithSha256: p__publicEncKeyY: ", p__publicEncKeyY); std::vector<unsigned char> message(static_cast<const unsigned char *>(p__toBeEncryptedSecuredMessage), p__toBeEncryptedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeEncryptedSecuredMessage)); std::vector<unsigned char> enc_message; if (ec.encrypt(message, enc_message) == -1) { loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to encrypt message"); return OCTETSTRING(); } OCTETSTRING os(enc_message.size(), enc_message.data()); loggers::get_instance().log_to_hexa("fx__encryptWithEciesNistp256WithSha256: enc message: ", os); p__nonce = OCTETSTRING(ec.nonce().size(), ec.nonce().data()); loggers::get_instance().log_to_hexa("fx__encryptWithEciesNistp256WithSha256: p__nonce: ", p__nonce); p__tag = OCTETSTRING(ec.tag().size(), ec.tag().data()); loggers::get_instance().log_to_hexa("fx__encryptWithEciesNistp256WithSha256: p__tag: ", p__tag); return os; } Loading ccsrc/Protocols/GeoNetworking/geonetworking_layer.hh +17 −0 Original line number Diff line number Diff line Loading @@ -126,6 +126,23 @@ public: */ void sendMsg(const LibItsGeoNetworking__TestSystem::GeoNetworkingReq& p_gn_req, Params& p_param); /*! * \virtual * \fn void sendData(OCTETSTRING& data, Params& params); * \brief Send bytes formated data to the lower layers * \param[in] p_data The data to be sent * \param[in] p_params Some parameters to overwrite default value of the lower layers parameters */ virtual void sendData(OCTETSTRING& data, Params& params); /*! * \virtual * \fn void receiveData(OCTETSTRING& data, Params& params); * \brief Receive bytes formated data from the lower layers * \param[in] p_data The bytes formated data received * \param[in] p_params Some lower layers parameters values when data was received */ virtual void receiveData(OCTETSTRING& data, Params& info); /*! * \virtual * \fn void sendData(OCTETSTRING& data, Params& params); Loading ccsrc/Protocols/Security/hmac.hh 0 → 100644 +100 −0 Original line number Diff line number Diff line /*! * \file hmac.hh * \brief Header file for HMAC helper methods. * \author ETSI STF525 * \copyright ETSI Copyright Notification * No part may be reproduced except as authorized by written permission. * The copyright and the foregoing restriction extend to reproduction in all media. * All rights reserved. * \version 0.1 */ #pragma once #include <vector> #include <openssl/hmac.h> #include <openssl/objects.h> /*! * \enum Supported hash algorithms */ enum class hash_algorithms: unsigned char { sha_256, /*!< HMAC with SHA-256 */ sha_384 /*!< HMAC with SHA-384 */ }; // End of class hash_algorithms /*! * \class hmac * \brief This class provides description of HMAC helper methods */ class hmac { HMAC_CTX _ctx; //! HMAC context hash_algorithms _hash_algorithms; public: /*! * \brief Default constructor * Create a new instance of the hmac class * \param[in] p_hash_algorithms The hash algorithm to be used to compute the HMAC */ hmac(const hash_algorithms p_hash_algorithms): _ctx{}, _hash_mod(p_hash_algorithms) { ::HMAC_CTX_init(&_ctx); }; /*! * \brief Default destructor */ virtual ~hmac() { ::HMAC_CTX_cleanup(&_ctx); }; /*! * \inline * \fn int generate(const std::vector<unsigned char> p_buffer, const std::vector<unsigned char> p_secret_key, std::vector<unsigned char>& p_hmac); * \brief Receive bytes formated data from the lower layers * \param[in] p_buffer The data used to generate the HMAC * \param[in] p_secret_key The secret key to used to generate the HMAC * \param[out] p_hmac The HMAC value based of the provided data * \return 0 on success, -1 otherwise */ inline int generate(const std::vector<unsigned char> p_buffer, const std::vector<unsigned char> p_secret_key, std::vector<unsigned char>& p_hmac) { // Sanity check if (p_buffer.size() == 0) { return -1; } return generate(p_buffer.data(), p_buffer.size(), p_secret_key.data(), p_secret_key.size(), p_hmac); }; /*! * \inline * \fn int generate(const unsigned char *p_buffer, const size_t p_buffer_length, const unsigned char *p_secret_key, const size_t p_secret_key_length, std::vector<unsigned char>& p_hmac); * \brief Receive bytes formated data from the lower layers * \param[in] p_buffer The data used to generate the HMAC * \param[in] p_buffer_length The size of the data * \param[in] p_secret_key The secret key to used to generate the HMAC * \param[in] p_secret_key_length The size of the secret key * \param[out] p_hmac The HMAC value based of the provided data * \return 0 on success, -1 otherwise */ inline int generate(const unsigned char *p_buffer, const size_t p_buffer_length, const unsigned char *p_secret_key, const size_t p_secret_key_length, std::vector<unsigned char>& p_hmac) { // Sanity check if ((p_buffer == nullptr) || (p_secret_key == nullptr)) { return -1; } if (_hash_mod == hash_algorithms::sha_256) { // Resize data buffer p_hmac.resize(64); // Compute the hash value ::HMAC_Init_ex(&_ctx, p_secret_key_length, EVP_sha256(), NULL); ::HMAC_Update(&_ctx, p_buffer, p_length); ::HMAC_Final(&_ctx, static_cast<unsigned char*>(p_hmac.data())); } else if (_hash_mod == hash_algorithms::sha_512) { // Resize data buffer p_hmac.resize(128); // Compute the hash value ::HMAC_Init_ex(&_ctx, p_secret_key_length, EVP_sha512(), NULL); ::HMAC_Update(&_ctx, p_buffer, p_length); ::HMAC_Final(&_ctx, static_cast<unsigned char*>(p_hmac.data())); } else { // TODO To be continued return -1; } return 0; }; }; // End of class hmac ccsrc/Protocols/Security/security_ecc.cc +45 −47 Original line number Diff line number Diff line Loading @@ -5,7 +5,7 @@ #include "loggers.hh" security_ecc::security_ecc(const ec_elliptic_curves p_elliptic_curve): _elliptic_curve(p_elliptic_curve), _encryption_algotithm(encryption_algotithm::aes_128_ccm), _ec_key(nullptr), _ec_group(nullptr), _bn_ctx(nullptr), _pri_key(), _pub_key_x(), _pub_key_y(), _eph_key(), _enc_key_x(), _enc_key_y(), _nonce(), _tag() { security_ecc::security_ecc(const ec_elliptic_curves p_elliptic_curve): _elliptic_curve(p_elliptic_curve), _encryption_algotithm(encryption_algotithm::aes_128_ccm), _ec_key(nullptr), _ec_group(nullptr), _bn_ctx(nullptr), _pri_key(), _pub_key_x(), _pub_key_y(), _eph_key(), _enc_key_x(), _enc_key_y(), _sym_key(), _nonce(), _tag() { loggers::get_instance().log(">>> security_ecc::security_ecc: %d", static_cast<int>(p_elliptic_curve)); const int result = init(); Loading @@ -14,7 +14,7 @@ security_ecc::security_ecc(const ec_elliptic_curves p_elliptic_curve): _elliptic } } // End of constructor security_ecc::security_ecc(const ec_elliptic_curves p_elliptic_curve, const std::vector<unsigned char>& p_private_key): _elliptic_curve(p_elliptic_curve), _encryption_algotithm(encryption_algotithm::aes_128_ccm), _ec_key(nullptr), _ec_group(nullptr), _bn_ctx(nullptr), _pri_key(p_private_key), _pub_key_x(), _pub_key_y(), _eph_key(), _enc_key_x(), _enc_key_y(), _nonce(), _tag() { security_ecc::security_ecc(const ec_elliptic_curves p_elliptic_curve, const std::vector<unsigned char>& p_private_key): _elliptic_curve(p_elliptic_curve), _encryption_algotithm(encryption_algotithm::aes_128_ccm), _ec_key(nullptr), _ec_group(nullptr), _bn_ctx(nullptr), _pri_key(p_private_key), _pub_key_x(), _pub_key_y(), _eph_key(), _enc_key_x(), _enc_key_y(), _sym_key(), _nonce(), _tag() { loggers::get_instance().log(">>> security_ecc::security_ecc (1): %d", static_cast<int>(p_elliptic_curve)); // Sanity checks Loading Loading @@ -63,7 +63,7 @@ security_ecc::security_ecc(const ec_elliptic_curves p_elliptic_curve, const std: } // End of constructor security_ecc::security_ecc(const ec_elliptic_curves p_elliptic_curve, const std::vector<unsigned char>& p_public_key_x, const std::vector<unsigned char>& p_public_key_y): _elliptic_curve(p_elliptic_curve), _encryption_algotithm(encryption_algotithm::aes_128_ccm), _ec_key(nullptr), _ec_group(nullptr), _bn_ctx(nullptr), _pri_key(), _pub_key_x(p_public_key_x), _pub_key_y(p_public_key_y), _eph_key(), _enc_key_x(), _enc_key_y(), _nonce(), _tag() { security_ecc::security_ecc(const ec_elliptic_curves p_elliptic_curve, const std::vector<unsigned char>& p_public_key_x, const std::vector<unsigned char>& p_public_key_y): _elliptic_curve(p_elliptic_curve), _encryption_algotithm(encryption_algotithm::aes_128_ccm), _ec_key(nullptr), _ec_group(nullptr), _bn_ctx(nullptr), _pri_key(), _pub_key_x(p_public_key_x), _pub_key_y(p_public_key_y), _eph_key(), _enc_key_x(), _enc_key_y(), _sym_key(), _nonce(), _tag() { loggers::get_instance().log(">>> security_ecc::security_ecc (2): %d", static_cast<int>(p_elliptic_curve)); // Sanity checks Loading Loading @@ -174,59 +174,56 @@ int security_ecc::generate() { return 0; } int security_ecc::generate_ephemeral_key(const encryption_algotithm p_enc_algorithm, const std::vector<unsigned char>& p_public_key_x, const std::vector<unsigned char>& p_public_key_y, int p_unused) { loggers::get_instance().log(">>> security_ecc::generate_ephemeral_key (1)"); // Sanity checks if ((_pub_key_x.size() != 0) || (_pub_key_y.size() != 0)) { loggers::get_instance().warning("security_ecc::generate_ephemeral_key: Constrictor format #1 shall be used"); return -1; } p_unused = 0; _encryption_algotithm = p_enc_algorithm; ::EC_KEY_generate_key(_ec_key); // Set buffers size int len = (EC_GROUP_get_degree(_ec_group) + 7) / 8; _eph_key.resize(len); // Convert the public keys (X,Y) into EC_POINT data structure EC_POINT *ec_point = nullptr; bin_to_ec_point(p_public_key_x, p_public_key_y, &ec_point); // Generate the shared symmetric key int result = ::ECDH_compute_key(_eph_key.data(), _eph_key.size(), ec_point, _ec_key, NULL); if (result == -1) { ::EC_POINT_free(ec_point); return -1; } ::EC_POINT_free(ec_point); // Write the ephemeral key's public key to the output buffer std::vector<unsigned char> enc_key; public_key_to_bin(enc_key); // Extract X-coordinate and Y-coordinate _enc_key_x.assign(1 + enc_key.cbegin(), 1 + len + enc_key.cbegin()); _enc_key_y.assign(1 + len + enc_key.cbegin(), enc_key.cend()); return 0; } int security_ecc::generate_ephemeral_key(const encryption_algotithm p_enc_algorithm, const std::vector<unsigned char>& p_public_enc_key_x, const std::vector<unsigned char>& p_public_enc_key_y) { loggers::get_instance().log(">>> security_ecc::generate_ephemeral_key (2)"); //int security_ecc::generate_and_derive_ephemeral_key(const std::vector<unsigned char>& p_public_key_x, const std::vector<unsigned char>& p_public_key_y) { // loggers::get_instance().log(">>> security_ecc::generate_and_derive_ephemeral_key (1)"); // // // Sanity checks // if ((_pub_key_x.size() != 0) || (_pub_key_y.size() != 0)) { // loggers::get_instance().warning("security_ecc::generate_and_derive_ephemeral_key: Constrictor format #1 shall be used"); // return -1; // } // ::EC_KEY_generate_key(_ec_key); // // // Set buffers size // int len = (EC_GROUP_get_degree(_ec_group) + 7) / 8; // _eph_key.resize(len); // // // Convert the public keys (X,Y) into EC_POINT data structure // EC_POINT *ec_point = nullptr; // bin_to_ec_point(p_public_key_x, p_public_key_y, &ec_point); // // Generate the shared secret key // int result = ::ECDH_compute_key(_eph_key.data(), _eph_key.size(), ec_point, _ec_key, NULL); // if (result == -1) { // ::EC_POINT_free(ec_point); // return -1; // } // ::EC_POINT_free(ec_point); // // Write the ephemeral key's public key to the output buffer // std::vector<unsigned char> enc_key; // public_key_to_bin(enc_key); // // Extract X-coordinate and Y-coordinate // _enc_key_x.assign(1 + enc_key.cbegin(), 1 + len + enc_key.cbegin()); // _enc_key_y.assign(1 + len + enc_key.cbegin(), enc_key.cend()); // // return 0; //} // int security_ecc::generate_and_derive_ephemeral_key(const std::vector<unsigned char>& p_peer_public_enc_key_x, const std::vector<unsigned char>& p_peer_public_enc_key_y) { loggers::get_instance().log(">>> security_ecc::generate_and_derive_ephemeral_key (2)"); // Sanity checks if (_pri_key.size() == 0) { loggers::get_instance().warning("security_ecc::generate_ephemeral_key: Constrictor format #2 shall be used"); loggers::get_instance().warning("security_ecc::generate_and_derive_ephemeral_key: Constructor format #2 shall be used"); return -1; } _encryption_algotithm = p_enc_algorithm; // Set buffers size int len = (EC_GROUP_get_degree(_ec_group) + 7) / 8; _eph_key.resize(len); // Convert the peer public encryption key to an EC point EC_POINT *ec_point = nullptr; bin_to_ec_point(p_public_enc_key_x, p_public_enc_key_y, &ec_point); // Generate the shared symmetric key bin_to_ec_point(p_peer_public_enc_key_x, p_peer_public_enc_key_y, &ec_point); // Generate the shared secret key int result = ::ECDH_compute_key(_eph_key.data(), _eph_key.size(), ec_point, _ec_key, NULL); if (result == -1) { ::EC_POINT_free(ec_point); Loading Loading @@ -338,7 +335,8 @@ int security_ecc::decrypt(const encryption_algotithm p_enc_algorithm, const std: return (result > 0) ? 0 : -1; } int security_ecc::encrypt(const std::vector<unsigned char>& p_message, std::vector<unsigned char>& p_enc_message) { /*int security_ecc::encrypt(const std::vector<unsigned char>& p_message, std::vector<unsigned char>& p_enc_message) { loggers::get_instance().log(">>> security_ecc::encrypt"); // Sanity checks Loading Loading @@ -387,7 +385,7 @@ int security_ecc::encrypt(const std::vector<unsigned char>& p_message, std::vect ::EVP_CIPHER_CTX_free(ctx); return 0; } }*/ int security_ecc::decrypt(const std::vector<unsigned char>& p_nonce, const std::vector<unsigned char>& p_tag, const std::vector<unsigned char>& p_enc_message, std::vector<unsigned char>& p_message) { loggers::get_instance().log(">>> security_ecc::decrypt"); Loading ccsrc/Protocols/Security/security_ecc.hh +21 −9 Original line number Diff line number Diff line Loading @@ -49,9 +49,10 @@ class security_ecc { std::vector<unsigned char> _pri_key; /*!< Private key storage */ std::vector<unsigned char> _pub_key_x; /*!< Public key X-coordinate storage */ std::vector<unsigned char> _pub_key_y; /*!< Public key Y-coordinate storage */ std::vector<unsigned char> _eph_key; /*!< Ephemeral key generated by encryption method */ std::vector<unsigned char> _eph_key; /*!< Ephemeral key generated by ECIES encryption method */ std::vector<unsigned char> _enc_key_x; /*!< Public encryption key X-coordinate storage */ std::vector<unsigned char> _enc_key_y; /*!< Public encryption key Y-coordinate storage */ std::vector<unsigned char> _sym_key; /*!< Symmetric encryption key generated by encryption method */ std::vector<unsigned char> _nonce; /*!< Initial Vector generated by encryption method */ std::vector<unsigned char> _tag; /*!< Tag vector generated by encryption method */ Loading Loading @@ -106,18 +107,13 @@ public: //! \publicsection */ int sign_verif(const std::vector<unsigned char>& p_data, const std::vector<unsigned char>& p_signature); int generate_ephemeral_key(const encryption_algotithm p_enc_algorithm, const std::vector<unsigned char>& p_public_key_x, const std::vector<unsigned char>& p_public_key_y, int p_unused); int generate_ephemeral_key(const encryption_algotithm p_enc_algorithm, const std::vector<unsigned char>& p_public_enc_key_x, const std::vector<unsigned char>& p_public_enc_key_y); int encrypt_ephemeral_key(const std::vector<unsigned char>& p_eph_key, std::vector<unsigned char>& p_enc_eph_key) { p_enc_eph_key = p_eph_key; return 0; }; // FIXME int decrypt_ephemeral_key(const std::vector<unsigned char>& p_enc_eph_key, std::vector<unsigned char>& p_eph_key) { p_eph_key = p_enc_eph_key; return 0; }; // FIXME /*! * \fn int encrypt(const encryption_algotithm p_enc_algorithm, const std::vector<unsigned char>& p_message, std::vector<unsigned char>& p_enc_message); * \brief Encryption using the specified algorithm. * \param[in] p_enc_algorithm The algorithm to use for the encryption * \param[in] p_message The message to be encrypted * \param[out] p_enc_message The encrypted message * \remark To get the generated ephemeral key, uses \see ephemeral_key method * \remark To get the generated symmetric encryption key, uses \see symmetric_encryption_key method * \remark To get the generated nonce vector, uses \see nonce method * \remark To get the generated tag, uses \see tag method * \return 0 on success, -1 otherwise Loading @@ -131,14 +127,29 @@ public: //! \publicsection * \param[in] p_tag The algorithm to use for the encryption * \param[in] p_enc_message The message to be decrypted * \param[out] p_message The decrypted message * \remark To get the generated ephemeral key, uses \see ephemeral_key method * \remark To get the generated symmetric encryption key, uses \see symmetric_encryption_key method * \remark To get the generated nonce vector, uses \see nonce method * \remark To get the generated tag, uses \see tag method * \return 0 on success, -1 otherwise */ int decrypt(const encryption_algotithm p_enc_algorithm, const std::vector<unsigned char>& p_key, const std::vector<unsigned char>& p_nonce, const std::vector<unsigned char>& p_tag, const std::vector<unsigned char>& p_enc_message, std::vector<unsigned char>& p_message); int encrypt(const std::vector<unsigned char>& p_message, std::vector<unsigned char>& p_enc_message); // TODO To be reorganised /*! * \fn int generate_and_derive_ephemeral_key(const std::vector<unsigned char>& p_public_key_x, const std::vector<unsigned char>& p_public_key_y); * \brief Generate a shared secret key and derive it using KDF2 algorithm. * \param[in] p_peer_public_key_x The recipient public key X-coordinate * \param[in] p_peer_public_key_x The recipient public key Y-coordinate * \remark To get the generated ephemeral key, uses \see ephemeral_key method * \remark To get the generated nonce vector, uses \see nonce method * \remark To get the generated tag, uses \see tag method * \return 0 on success, -1 otherwise */ int generate_and_derive_ephemeral_key(const std::vector<unsigned char>& p_peer_public_enc_key_x, const std::vector<unsigned char>& p_peer_public_enc_key_y); // int generate_ephemeral_key(const encryption_algotithm p_enc_algorithm, const std::vector<unsigned char>& p_public_enc_key_x, const std::vector<unsigned char>& p_public_enc_key_y); int decrypt(const std::vector<unsigned char>& p_nonce, const std::vector<unsigned char>& p_tag, const std::vector<unsigned char>& p_enc_message, std::vector<unsigned char>& p_message); inline const std::vector<unsigned char>& private_key() const { return _pri_key; }; Loading @@ -147,6 +158,7 @@ public: //! \publicsection inline const std::vector<unsigned char>& ephemeral_key() const { return _eph_key; }; inline const std::vector<unsigned char>& encryption_key_x() const { return _enc_key_x; }; inline const std::vector<unsigned char>& encryption_key_y() const { return _enc_key_y; }; inline const std::vector<unsigned char>& symmetric_encryption_key() const { return _sym_key; }; inline const std::vector<unsigned char>& nonce() const { return _nonce; }; inline const std::vector<unsigned char>& tag() const { return _tag; }; Loading Loading
ccsrc/Externals/LibItsSecurity_externals.cc +40 −24 Original line number Diff line number Diff line Loading @@ -255,43 +255,59 @@ namespace LibItsSecurity__Functions loggers::get_instance().log_msg(">>> fx__encryptWithEciesNistp256WithSha256: ", p__peerPublicKeyX); loggers::get_instance().log_msg(">>> fx__encryptWithEciesNistp256WithSha256: ", p__publicEncKeyY); // Encrypt message using AES-128 CCM security_ecc ec(ec_elliptic_curves::nist_p_256); std::vector<unsigned char> message(static_cast<const unsigned char *>(p__toBeEncryptedSecuredMessage), p__toBeEncryptedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeEncryptedSecuredMessage)); std::vector<unsigned char> enc_message; if (ec.encrypt(encryption_algotithm::aes_128_ccm, message, enc_message) == -1) { loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to encrypt message"); return OCTETSTRING(); } OCTETSTRING os(enc_message.size(), enc_message.data()); loggers::get_instance().log_to_hexa("fx__encryptWithEciesNistp256WithSha256: enc message: ", os); p__nonce = OCTETSTRING(ec.nonce().size(), ec.nonce().data()); loggers::get_instance().log_to_hexa("fx__encryptWithEciesNistp256WithSha256: p__nonce: ", p__nonce); p__tag = OCTETSTRING(ec.tag().size(), ec.tag().data()); loggers::get_instance().log_to_hexa("fx__encryptWithEciesNistp256WithSha256: p__tag: ", p__tag); // Encrypt symmetric key OCTETSTRING encSymKey = OCTETSTRING(ec.nonce().size(), ec.symmetric_encryption_key().data()); loggers::get_instance().log_to_hexa("fx__encryptWithEciesNistp256WithSha256: p__encSymKey: ", encSymKey); // Create new instance of ECC security_ecc ec_ecies(ec_elliptic_curves::nist_p_256); // Generate (Private,Public) keys ec_ecies.generate(); // Generate ephemeral key and derive it std::vector<unsigned char> peer_public_key_x(static_cast<const unsigned char *>(p__peerPublicKeyX), p__peerPublicKeyX.lengthof() + static_cast<const unsigned char *>(p__peerPublicKeyX)); std::vector<unsigned char> peer_public_key_y(static_cast<const unsigned char *>(p__publicEncKeyY), p__publicEncKeyY.lengthof() + static_cast<const unsigned char *>(p__publicEncKeyY)); int unused = 0; if (ec.generate_ephemeral_key( encryption_algotithm::aes_128_ccm, if (ec_ecies.generate_and_derive_ephemeral_key( peer_public_key_x, peer_public_key_y, unused) != 0) { loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to generate sender's ephemeral key"); peer_public_key_y ) != 0) { loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to generate and derive sender's ephemeral key"); return OCTETSTRING(); } // Encrypt the symmetric encryption key using existing nonce and symmetric encryption key std::vector<unsigned char> enc_eph_key; if (ec.encrypt_ephemeral_key(ec.ephemeral_key(), enc_eph_key) != 0) { loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to encrypt generated sender's ephemeral key"); /* TODO if (ec.encrypt(encryption_algotithm::aes_128_ccm, ec_ecies.ephemeral_key(), ec.symmetric_encryption_key(), enc_eph_key) == -1) { loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to encrypt message"); return OCTETSTRING(); } }*/ p__ephKey = OCTETSTRING(enc_eph_key.size(), enc_eph_key.data()); loggers::get_instance().log_to_hexa("fx__encryptWithEciesNistp256WithSha256: p__ephKey: ", ec.ephemeral_key().data(), ec.ephemeral_key().size()); loggers::get_instance().log_to_hexa("fx__encryptWithEciesNistp256WithSha256: Encrypted p__ephKey: ", p__ephKey); p__publicEncKeyX = OCTETSTRING(ec.encryption_key_x().size(), ec.encryption_key_x().data()); p__publicEncKeyX = OCTETSTRING(ec.encryption_key_x().size(), ec_ecies.encryption_key_x().data()); loggers::get_instance().log_to_hexa("fx__encryptWithEciesNistp256WithSha256: p__publicEncKeyX: ", p__publicEncKeyX); p__publicEncKeyY = OCTETSTRING(ec.encryption_key_y().size(), ec.encryption_key_y().data()); p__publicEncKeyY = OCTETSTRING(ec.encryption_key_y().size(), ec_ecies.encryption_key_y().data()); loggers::get_instance().log_to_hexa("fx__encryptWithEciesNistp256WithSha256: p__publicEncKeyY: ", p__publicEncKeyY); std::vector<unsigned char> message(static_cast<const unsigned char *>(p__toBeEncryptedSecuredMessage), p__toBeEncryptedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeEncryptedSecuredMessage)); std::vector<unsigned char> enc_message; if (ec.encrypt(message, enc_message) == -1) { loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to encrypt message"); return OCTETSTRING(); } OCTETSTRING os(enc_message.size(), enc_message.data()); loggers::get_instance().log_to_hexa("fx__encryptWithEciesNistp256WithSha256: enc message: ", os); p__nonce = OCTETSTRING(ec.nonce().size(), ec.nonce().data()); loggers::get_instance().log_to_hexa("fx__encryptWithEciesNistp256WithSha256: p__nonce: ", p__nonce); p__tag = OCTETSTRING(ec.tag().size(), ec.tag().data()); loggers::get_instance().log_to_hexa("fx__encryptWithEciesNistp256WithSha256: p__tag: ", p__tag); return os; } Loading
ccsrc/Protocols/GeoNetworking/geonetworking_layer.hh +17 −0 Original line number Diff line number Diff line Loading @@ -126,6 +126,23 @@ public: */ void sendMsg(const LibItsGeoNetworking__TestSystem::GeoNetworkingReq& p_gn_req, Params& p_param); /*! * \virtual * \fn void sendData(OCTETSTRING& data, Params& params); * \brief Send bytes formated data to the lower layers * \param[in] p_data The data to be sent * \param[in] p_params Some parameters to overwrite default value of the lower layers parameters */ virtual void sendData(OCTETSTRING& data, Params& params); /*! * \virtual * \fn void receiveData(OCTETSTRING& data, Params& params); * \brief Receive bytes formated data from the lower layers * \param[in] p_data The bytes formated data received * \param[in] p_params Some lower layers parameters values when data was received */ virtual void receiveData(OCTETSTRING& data, Params& info); /*! * \virtual * \fn void sendData(OCTETSTRING& data, Params& params); Loading
ccsrc/Protocols/Security/hmac.hh 0 → 100644 +100 −0 Original line number Diff line number Diff line /*! * \file hmac.hh * \brief Header file for HMAC helper methods. * \author ETSI STF525 * \copyright ETSI Copyright Notification * No part may be reproduced except as authorized by written permission. * The copyright and the foregoing restriction extend to reproduction in all media. * All rights reserved. * \version 0.1 */ #pragma once #include <vector> #include <openssl/hmac.h> #include <openssl/objects.h> /*! * \enum Supported hash algorithms */ enum class hash_algorithms: unsigned char { sha_256, /*!< HMAC with SHA-256 */ sha_384 /*!< HMAC with SHA-384 */ }; // End of class hash_algorithms /*! * \class hmac * \brief This class provides description of HMAC helper methods */ class hmac { HMAC_CTX _ctx; //! HMAC context hash_algorithms _hash_algorithms; public: /*! * \brief Default constructor * Create a new instance of the hmac class * \param[in] p_hash_algorithms The hash algorithm to be used to compute the HMAC */ hmac(const hash_algorithms p_hash_algorithms): _ctx{}, _hash_mod(p_hash_algorithms) { ::HMAC_CTX_init(&_ctx); }; /*! * \brief Default destructor */ virtual ~hmac() { ::HMAC_CTX_cleanup(&_ctx); }; /*! * \inline * \fn int generate(const std::vector<unsigned char> p_buffer, const std::vector<unsigned char> p_secret_key, std::vector<unsigned char>& p_hmac); * \brief Receive bytes formated data from the lower layers * \param[in] p_buffer The data used to generate the HMAC * \param[in] p_secret_key The secret key to used to generate the HMAC * \param[out] p_hmac The HMAC value based of the provided data * \return 0 on success, -1 otherwise */ inline int generate(const std::vector<unsigned char> p_buffer, const std::vector<unsigned char> p_secret_key, std::vector<unsigned char>& p_hmac) { // Sanity check if (p_buffer.size() == 0) { return -1; } return generate(p_buffer.data(), p_buffer.size(), p_secret_key.data(), p_secret_key.size(), p_hmac); }; /*! * \inline * \fn int generate(const unsigned char *p_buffer, const size_t p_buffer_length, const unsigned char *p_secret_key, const size_t p_secret_key_length, std::vector<unsigned char>& p_hmac); * \brief Receive bytes formated data from the lower layers * \param[in] p_buffer The data used to generate the HMAC * \param[in] p_buffer_length The size of the data * \param[in] p_secret_key The secret key to used to generate the HMAC * \param[in] p_secret_key_length The size of the secret key * \param[out] p_hmac The HMAC value based of the provided data * \return 0 on success, -1 otherwise */ inline int generate(const unsigned char *p_buffer, const size_t p_buffer_length, const unsigned char *p_secret_key, const size_t p_secret_key_length, std::vector<unsigned char>& p_hmac) { // Sanity check if ((p_buffer == nullptr) || (p_secret_key == nullptr)) { return -1; } if (_hash_mod == hash_algorithms::sha_256) { // Resize data buffer p_hmac.resize(64); // Compute the hash value ::HMAC_Init_ex(&_ctx, p_secret_key_length, EVP_sha256(), NULL); ::HMAC_Update(&_ctx, p_buffer, p_length); ::HMAC_Final(&_ctx, static_cast<unsigned char*>(p_hmac.data())); } else if (_hash_mod == hash_algorithms::sha_512) { // Resize data buffer p_hmac.resize(128); // Compute the hash value ::HMAC_Init_ex(&_ctx, p_secret_key_length, EVP_sha512(), NULL); ::HMAC_Update(&_ctx, p_buffer, p_length); ::HMAC_Final(&_ctx, static_cast<unsigned char*>(p_hmac.data())); } else { // TODO To be continued return -1; } return 0; }; }; // End of class hmac
ccsrc/Protocols/Security/security_ecc.cc +45 −47 Original line number Diff line number Diff line Loading @@ -5,7 +5,7 @@ #include "loggers.hh" security_ecc::security_ecc(const ec_elliptic_curves p_elliptic_curve): _elliptic_curve(p_elliptic_curve), _encryption_algotithm(encryption_algotithm::aes_128_ccm), _ec_key(nullptr), _ec_group(nullptr), _bn_ctx(nullptr), _pri_key(), _pub_key_x(), _pub_key_y(), _eph_key(), _enc_key_x(), _enc_key_y(), _nonce(), _tag() { security_ecc::security_ecc(const ec_elliptic_curves p_elliptic_curve): _elliptic_curve(p_elliptic_curve), _encryption_algotithm(encryption_algotithm::aes_128_ccm), _ec_key(nullptr), _ec_group(nullptr), _bn_ctx(nullptr), _pri_key(), _pub_key_x(), _pub_key_y(), _eph_key(), _enc_key_x(), _enc_key_y(), _sym_key(), _nonce(), _tag() { loggers::get_instance().log(">>> security_ecc::security_ecc: %d", static_cast<int>(p_elliptic_curve)); const int result = init(); Loading @@ -14,7 +14,7 @@ security_ecc::security_ecc(const ec_elliptic_curves p_elliptic_curve): _elliptic } } // End of constructor security_ecc::security_ecc(const ec_elliptic_curves p_elliptic_curve, const std::vector<unsigned char>& p_private_key): _elliptic_curve(p_elliptic_curve), _encryption_algotithm(encryption_algotithm::aes_128_ccm), _ec_key(nullptr), _ec_group(nullptr), _bn_ctx(nullptr), _pri_key(p_private_key), _pub_key_x(), _pub_key_y(), _eph_key(), _enc_key_x(), _enc_key_y(), _nonce(), _tag() { security_ecc::security_ecc(const ec_elliptic_curves p_elliptic_curve, const std::vector<unsigned char>& p_private_key): _elliptic_curve(p_elliptic_curve), _encryption_algotithm(encryption_algotithm::aes_128_ccm), _ec_key(nullptr), _ec_group(nullptr), _bn_ctx(nullptr), _pri_key(p_private_key), _pub_key_x(), _pub_key_y(), _eph_key(), _enc_key_x(), _enc_key_y(), _sym_key(), _nonce(), _tag() { loggers::get_instance().log(">>> security_ecc::security_ecc (1): %d", static_cast<int>(p_elliptic_curve)); // Sanity checks Loading Loading @@ -63,7 +63,7 @@ security_ecc::security_ecc(const ec_elliptic_curves p_elliptic_curve, const std: } // End of constructor security_ecc::security_ecc(const ec_elliptic_curves p_elliptic_curve, const std::vector<unsigned char>& p_public_key_x, const std::vector<unsigned char>& p_public_key_y): _elliptic_curve(p_elliptic_curve), _encryption_algotithm(encryption_algotithm::aes_128_ccm), _ec_key(nullptr), _ec_group(nullptr), _bn_ctx(nullptr), _pri_key(), _pub_key_x(p_public_key_x), _pub_key_y(p_public_key_y), _eph_key(), _enc_key_x(), _enc_key_y(), _nonce(), _tag() { security_ecc::security_ecc(const ec_elliptic_curves p_elliptic_curve, const std::vector<unsigned char>& p_public_key_x, const std::vector<unsigned char>& p_public_key_y): _elliptic_curve(p_elliptic_curve), _encryption_algotithm(encryption_algotithm::aes_128_ccm), _ec_key(nullptr), _ec_group(nullptr), _bn_ctx(nullptr), _pri_key(), _pub_key_x(p_public_key_x), _pub_key_y(p_public_key_y), _eph_key(), _enc_key_x(), _enc_key_y(), _sym_key(), _nonce(), _tag() { loggers::get_instance().log(">>> security_ecc::security_ecc (2): %d", static_cast<int>(p_elliptic_curve)); // Sanity checks Loading Loading @@ -174,59 +174,56 @@ int security_ecc::generate() { return 0; } int security_ecc::generate_ephemeral_key(const encryption_algotithm p_enc_algorithm, const std::vector<unsigned char>& p_public_key_x, const std::vector<unsigned char>& p_public_key_y, int p_unused) { loggers::get_instance().log(">>> security_ecc::generate_ephemeral_key (1)"); // Sanity checks if ((_pub_key_x.size() != 0) || (_pub_key_y.size() != 0)) { loggers::get_instance().warning("security_ecc::generate_ephemeral_key: Constrictor format #1 shall be used"); return -1; } p_unused = 0; _encryption_algotithm = p_enc_algorithm; ::EC_KEY_generate_key(_ec_key); // Set buffers size int len = (EC_GROUP_get_degree(_ec_group) + 7) / 8; _eph_key.resize(len); // Convert the public keys (X,Y) into EC_POINT data structure EC_POINT *ec_point = nullptr; bin_to_ec_point(p_public_key_x, p_public_key_y, &ec_point); // Generate the shared symmetric key int result = ::ECDH_compute_key(_eph_key.data(), _eph_key.size(), ec_point, _ec_key, NULL); if (result == -1) { ::EC_POINT_free(ec_point); return -1; } ::EC_POINT_free(ec_point); // Write the ephemeral key's public key to the output buffer std::vector<unsigned char> enc_key; public_key_to_bin(enc_key); // Extract X-coordinate and Y-coordinate _enc_key_x.assign(1 + enc_key.cbegin(), 1 + len + enc_key.cbegin()); _enc_key_y.assign(1 + len + enc_key.cbegin(), enc_key.cend()); return 0; } int security_ecc::generate_ephemeral_key(const encryption_algotithm p_enc_algorithm, const std::vector<unsigned char>& p_public_enc_key_x, const std::vector<unsigned char>& p_public_enc_key_y) { loggers::get_instance().log(">>> security_ecc::generate_ephemeral_key (2)"); //int security_ecc::generate_and_derive_ephemeral_key(const std::vector<unsigned char>& p_public_key_x, const std::vector<unsigned char>& p_public_key_y) { // loggers::get_instance().log(">>> security_ecc::generate_and_derive_ephemeral_key (1)"); // // // Sanity checks // if ((_pub_key_x.size() != 0) || (_pub_key_y.size() != 0)) { // loggers::get_instance().warning("security_ecc::generate_and_derive_ephemeral_key: Constrictor format #1 shall be used"); // return -1; // } // ::EC_KEY_generate_key(_ec_key); // // // Set buffers size // int len = (EC_GROUP_get_degree(_ec_group) + 7) / 8; // _eph_key.resize(len); // // // Convert the public keys (X,Y) into EC_POINT data structure // EC_POINT *ec_point = nullptr; // bin_to_ec_point(p_public_key_x, p_public_key_y, &ec_point); // // Generate the shared secret key // int result = ::ECDH_compute_key(_eph_key.data(), _eph_key.size(), ec_point, _ec_key, NULL); // if (result == -1) { // ::EC_POINT_free(ec_point); // return -1; // } // ::EC_POINT_free(ec_point); // // Write the ephemeral key's public key to the output buffer // std::vector<unsigned char> enc_key; // public_key_to_bin(enc_key); // // Extract X-coordinate and Y-coordinate // _enc_key_x.assign(1 + enc_key.cbegin(), 1 + len + enc_key.cbegin()); // _enc_key_y.assign(1 + len + enc_key.cbegin(), enc_key.cend()); // // return 0; //} // int security_ecc::generate_and_derive_ephemeral_key(const std::vector<unsigned char>& p_peer_public_enc_key_x, const std::vector<unsigned char>& p_peer_public_enc_key_y) { loggers::get_instance().log(">>> security_ecc::generate_and_derive_ephemeral_key (2)"); // Sanity checks if (_pri_key.size() == 0) { loggers::get_instance().warning("security_ecc::generate_ephemeral_key: Constrictor format #2 shall be used"); loggers::get_instance().warning("security_ecc::generate_and_derive_ephemeral_key: Constructor format #2 shall be used"); return -1; } _encryption_algotithm = p_enc_algorithm; // Set buffers size int len = (EC_GROUP_get_degree(_ec_group) + 7) / 8; _eph_key.resize(len); // Convert the peer public encryption key to an EC point EC_POINT *ec_point = nullptr; bin_to_ec_point(p_public_enc_key_x, p_public_enc_key_y, &ec_point); // Generate the shared symmetric key bin_to_ec_point(p_peer_public_enc_key_x, p_peer_public_enc_key_y, &ec_point); // Generate the shared secret key int result = ::ECDH_compute_key(_eph_key.data(), _eph_key.size(), ec_point, _ec_key, NULL); if (result == -1) { ::EC_POINT_free(ec_point); Loading Loading @@ -338,7 +335,8 @@ int security_ecc::decrypt(const encryption_algotithm p_enc_algorithm, const std: return (result > 0) ? 0 : -1; } int security_ecc::encrypt(const std::vector<unsigned char>& p_message, std::vector<unsigned char>& p_enc_message) { /*int security_ecc::encrypt(const std::vector<unsigned char>& p_message, std::vector<unsigned char>& p_enc_message) { loggers::get_instance().log(">>> security_ecc::encrypt"); // Sanity checks Loading Loading @@ -387,7 +385,7 @@ int security_ecc::encrypt(const std::vector<unsigned char>& p_message, std::vect ::EVP_CIPHER_CTX_free(ctx); return 0; } }*/ int security_ecc::decrypt(const std::vector<unsigned char>& p_nonce, const std::vector<unsigned char>& p_tag, const std::vector<unsigned char>& p_enc_message, std::vector<unsigned char>& p_message) { loggers::get_instance().log(">>> security_ecc::decrypt"); Loading
ccsrc/Protocols/Security/security_ecc.hh +21 −9 Original line number Diff line number Diff line Loading @@ -49,9 +49,10 @@ class security_ecc { std::vector<unsigned char> _pri_key; /*!< Private key storage */ std::vector<unsigned char> _pub_key_x; /*!< Public key X-coordinate storage */ std::vector<unsigned char> _pub_key_y; /*!< Public key Y-coordinate storage */ std::vector<unsigned char> _eph_key; /*!< Ephemeral key generated by encryption method */ std::vector<unsigned char> _eph_key; /*!< Ephemeral key generated by ECIES encryption method */ std::vector<unsigned char> _enc_key_x; /*!< Public encryption key X-coordinate storage */ std::vector<unsigned char> _enc_key_y; /*!< Public encryption key Y-coordinate storage */ std::vector<unsigned char> _sym_key; /*!< Symmetric encryption key generated by encryption method */ std::vector<unsigned char> _nonce; /*!< Initial Vector generated by encryption method */ std::vector<unsigned char> _tag; /*!< Tag vector generated by encryption method */ Loading Loading @@ -106,18 +107,13 @@ public: //! \publicsection */ int sign_verif(const std::vector<unsigned char>& p_data, const std::vector<unsigned char>& p_signature); int generate_ephemeral_key(const encryption_algotithm p_enc_algorithm, const std::vector<unsigned char>& p_public_key_x, const std::vector<unsigned char>& p_public_key_y, int p_unused); int generate_ephemeral_key(const encryption_algotithm p_enc_algorithm, const std::vector<unsigned char>& p_public_enc_key_x, const std::vector<unsigned char>& p_public_enc_key_y); int encrypt_ephemeral_key(const std::vector<unsigned char>& p_eph_key, std::vector<unsigned char>& p_enc_eph_key) { p_enc_eph_key = p_eph_key; return 0; }; // FIXME int decrypt_ephemeral_key(const std::vector<unsigned char>& p_enc_eph_key, std::vector<unsigned char>& p_eph_key) { p_eph_key = p_enc_eph_key; return 0; }; // FIXME /*! * \fn int encrypt(const encryption_algotithm p_enc_algorithm, const std::vector<unsigned char>& p_message, std::vector<unsigned char>& p_enc_message); * \brief Encryption using the specified algorithm. * \param[in] p_enc_algorithm The algorithm to use for the encryption * \param[in] p_message The message to be encrypted * \param[out] p_enc_message The encrypted message * \remark To get the generated ephemeral key, uses \see ephemeral_key method * \remark To get the generated symmetric encryption key, uses \see symmetric_encryption_key method * \remark To get the generated nonce vector, uses \see nonce method * \remark To get the generated tag, uses \see tag method * \return 0 on success, -1 otherwise Loading @@ -131,14 +127,29 @@ public: //! \publicsection * \param[in] p_tag The algorithm to use for the encryption * \param[in] p_enc_message The message to be decrypted * \param[out] p_message The decrypted message * \remark To get the generated ephemeral key, uses \see ephemeral_key method * \remark To get the generated symmetric encryption key, uses \see symmetric_encryption_key method * \remark To get the generated nonce vector, uses \see nonce method * \remark To get the generated tag, uses \see tag method * \return 0 on success, -1 otherwise */ int decrypt(const encryption_algotithm p_enc_algorithm, const std::vector<unsigned char>& p_key, const std::vector<unsigned char>& p_nonce, const std::vector<unsigned char>& p_tag, const std::vector<unsigned char>& p_enc_message, std::vector<unsigned char>& p_message); int encrypt(const std::vector<unsigned char>& p_message, std::vector<unsigned char>& p_enc_message); // TODO To be reorganised /*! * \fn int generate_and_derive_ephemeral_key(const std::vector<unsigned char>& p_public_key_x, const std::vector<unsigned char>& p_public_key_y); * \brief Generate a shared secret key and derive it using KDF2 algorithm. * \param[in] p_peer_public_key_x The recipient public key X-coordinate * \param[in] p_peer_public_key_x The recipient public key Y-coordinate * \remark To get the generated ephemeral key, uses \see ephemeral_key method * \remark To get the generated nonce vector, uses \see nonce method * \remark To get the generated tag, uses \see tag method * \return 0 on success, -1 otherwise */ int generate_and_derive_ephemeral_key(const std::vector<unsigned char>& p_peer_public_enc_key_x, const std::vector<unsigned char>& p_peer_public_enc_key_y); // int generate_ephemeral_key(const encryption_algotithm p_enc_algorithm, const std::vector<unsigned char>& p_public_enc_key_x, const std::vector<unsigned char>& p_public_enc_key_y); int decrypt(const std::vector<unsigned char>& p_nonce, const std::vector<unsigned char>& p_tag, const std::vector<unsigned char>& p_enc_message, std::vector<unsigned char>& p_message); inline const std::vector<unsigned char>& private_key() const { return _pri_key; }; Loading @@ -147,6 +158,7 @@ public: //! \publicsection inline const std::vector<unsigned char>& ephemeral_key() const { return _eph_key; }; inline const std::vector<unsigned char>& encryption_key_x() const { return _enc_key_x; }; inline const std::vector<unsigned char>& encryption_key_y() const { return _enc_key_y; }; inline const std::vector<unsigned char>& symmetric_encryption_key() const { return _sym_key; }; inline const std::vector<unsigned char>& nonce() const { return _nonce; }; inline const std::vector<unsigned char>& tag() const { return _tag; }; Loading
