Loading ccsrc/Externals/LibItsSecurity_externals.cc +93 −30 Original line number Diff line number Diff line Loading @@ -70,7 +70,7 @@ namespace LibItsSecurity__Functions loggers::get_instance().log_msg(">>> fx__signWithEcdsaNistp256WithSha256: private key=", p__privateKey); // Sanity checks if (p__certificateIssuer.lengthof() != 32) { if ((p__certificateIssuer.lengthof() != 8) || (p__privateKey.lengthof() != 32)) { loggers::get_instance().log("fx__signWithEcdsaNistp256WithSha256: Wrong parameters"); return OCTETSTRING(); } Loading @@ -80,12 +80,19 @@ namespace LibItsSecurity__Functions std::vector<unsigned char> hashData1; // Hash (Data input) std::vector<unsigned char> tbs(static_cast<const unsigned char *>(p__toBeSignedSecuredMessage), p__toBeSignedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeSignedSecuredMessage)); hash.generate(tbs, hashData1); if (p__certificateIssuer != int2oct(0, 32)) { // || Hash (Signer identifier input) std::vector<unsigned char> hashData2; // Hash (Signer identifier input) if (p__certificateIssuer != int2oct(0, 8)) { // || Hash (Signer identifier input) std::vector<unsigned char> issuer = std::vector<unsigned char>(static_cast<const unsigned char*>(p__certificateIssuer), p__certificateIssuer.lengthof() + static_cast<const unsigned char*>(p__certificateIssuer)); hashData1.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); hash.generate(issuer, hashData2); } else { hashData2 = hash.get_sha256_empty_string(); // Hash of empty string } loggers::get_instance().log_to_hexa("fx__signWithEcdsaNistp256WithSha256: Hash (Data input)=", hashData1.data(), hashData1.size()); loggers::get_instance().log_to_hexa("fx__signWithEcdsaNistp256WithSha256: Hash (Signer identifier input)=", hashData2.data(), hashData2.size()); hashData1.insert(hashData1.end(), hashData2.cbegin(), hashData2.cend()); // Hash (Data input) || Hash (Signer identifier input) std::vector<unsigned char> hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) ) hash.generate(hashData1, hashData); loggers::get_instance().log_to_hexa("fx__signWithEcdsaNistp256WithSha256: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData.data(), hashData.size()); // Calculate the signature std::vector<unsigned char> p_key(static_cast<const unsigned char *>(p__privateKey), static_cast<const unsigned char *>(p__privateKey) + p__privateKey.lengthof()); security_ecc k(ec_elliptic_curves::nist_p_256, p_key); Loading Loading @@ -117,7 +124,7 @@ namespace LibItsSecurity__Functions const OCTETSTRING& p__privateKey ) { // Sanity checks if (p__certificateIssuer.lengthof() != 32) { if ((p__certificateIssuer.lengthof() != 8) || (p__privateKey.lengthof() != 32)) { loggers::get_instance().log("fx__signWithEcdsaBrainpoolp256WithSha256: Wrong parameters"); return OCTETSTRING(); } Loading @@ -127,12 +134,19 @@ namespace LibItsSecurity__Functions std::vector<unsigned char> hashData1; // Hash (Data input) std::vector<unsigned char> tbs(static_cast<const unsigned char *>(p__toBeSignedSecuredMessage), p__toBeSignedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeSignedSecuredMessage)); hash.generate(tbs, hashData1); if (p__certificateIssuer != int2oct(0, 32)) { // || Hash (Signer identifier input) std::vector<unsigned char> hashData2; // Hash (Signer identifier input) if (p__certificateIssuer != int2oct(0, 8)) { // || Hash (Signer identifier input) std::vector<unsigned char> issuer = std::vector<unsigned char>(static_cast<const unsigned char*>(p__certificateIssuer), p__certificateIssuer.lengthof() + static_cast<const unsigned char*>(p__certificateIssuer)); hashData1.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); hash.generate(issuer, hashData2); } else { hashData2 = hash.get_sha256_empty_string(); // Hash of empty string } loggers::get_instance().log_to_hexa("fx__signWithEcdsaBrainpoolp256WithSha256: Hash (Data input)=", hashData1.data(), hashData1.size()); loggers::get_instance().log_to_hexa("fx__signWithEcdsaBrainpoolp256WithSha256: Hash (Signer identifier input)=", hashData2.data(), hashData2.size()); hashData1.insert(hashData1.end(), hashData2.cbegin(), hashData2.cend()); // Hash (Data input) || Hash (Signer identifier input) std::vector<unsigned char> hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) ) hash.generate(hashData1, hashData); loggers::get_instance().log_to_hexa("fx__signWithEcdsaBrainpoolp256WithSha256: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData.data(), hashData.size()); // Calculate the signature std::vector<unsigned char> p_key(static_cast<const unsigned char *>(p__privateKey), static_cast<const unsigned char *>(p__privateKey) + p__privateKey.lengthof()); security_ecc k(ec_elliptic_curves::brainpool_p_256_r1, p_key); Loading Loading @@ -164,7 +178,7 @@ namespace LibItsSecurity__Functions const OCTETSTRING& p__privateKey ) { // Sanity checks if (p__certificateIssuer.lengthof() != 48) { if ((p__certificateIssuer.lengthof() != 8) || (p__privateKey.lengthof() != 32)) { loggers::get_instance().log("fx__signWithEcdsaBrainpoolp384WithSha384: Wrong parameters"); return OCTETSTRING(); } Loading @@ -174,12 +188,19 @@ namespace LibItsSecurity__Functions std::vector<unsigned char> hashData1; // Hash (Data input) std::vector<unsigned char> tbs(static_cast<const unsigned char *>(p__toBeSignedSecuredMessage), p__toBeSignedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeSignedSecuredMessage)); hash.generate(tbs, hashData1); if (p__certificateIssuer != int2oct(0, 48)) { // || Hash (Signer identifier input) std::vector<unsigned char> hashData2; // Hash (Signer identifier input) if (p__certificateIssuer != int2oct(0, 8)) { // || Hash (Signer identifier input) std::vector<unsigned char> issuer = std::vector<unsigned char>(static_cast<const unsigned char*>(p__certificateIssuer), p__certificateIssuer.lengthof() + static_cast<const unsigned char*>(p__certificateIssuer)); hashData1.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); hash.generate(issuer, hashData2); } else { hashData2 = hash.get_sha384_empty_string(); // Hash of empty string } loggers::get_instance().log_to_hexa("fx__signWithEcdsaBrainpoolp384WithSha384: Hash (Data input)=", hashData1.data(), hashData1.size()); loggers::get_instance().log_to_hexa("fx__signWithEcdsaBrainpoolp384WithSha384: Hash (Signer identifier input)=", hashData2.data(), hashData2.size()); hashData1.insert(hashData1.end(), hashData2.cbegin(), hashData2.cend()); // Hash (Data input) || Hash (Signer identifier input) std::vector<unsigned char> hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) ) hash.generate(hashData1, hashData); loggers::get_instance().log_to_hexa("fx__signWithEcdsaBrainpoolp384WithSha384: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData.data(), hashData.size()); // Calculate the signature std::vector<unsigned char> p_key(static_cast<const unsigned char *>(p__privateKey), static_cast<const unsigned char *>(p__privateKey) + p__privateKey.lengthof()); security_ecc k(ec_elliptic_curves::brainpool_p_384_r1, p_key); Loading Loading @@ -210,11 +231,11 @@ namespace LibItsSecurity__Functions const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__certificateIssuer, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaNistp256PublicKeyCompressed, const OCTETSTRING& , const INTEGER& p__compressedMode ) { ) {p__ecdsaNistp256PublicKeyCompressed // Sanity checks if (p__certificateIssuer.lengthof() != 32) { if ((p__certificateIssuer.lengthof() != 8) || (p__signature.lengthof() != 64) || (p__ecdsaNistp256PublicKeyCompressed.lengthof() != 32)) { loggers::get_instance().log("fx__verifyWithEcdsaNistp256WithSha256: Wrong parameters"); return FALSE; } Loading @@ -224,12 +245,19 @@ namespace LibItsSecurity__Functions std::vector<unsigned char> hashData1; // Hash (Data input) std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), p__toBeVerifiedData.lengthof() + static_cast<const unsigned char *>(p__toBeVerifiedData)); hash.generate(tbh, hashData1); if (p__certificateIssuer != int2oct(0, 32)) { // || Hash (Signer identifier input) std::vector<unsigned char> hashData2; // Hash (Signer identifier input) if (p__certificateIssuer != int2oct(0, 8)) { // || Hash (Signer identifier input) std::vector<unsigned char> issuer = std::vector<unsigned char>(static_cast<const unsigned char*>(p__certificateIssuer), p__certificateIssuer.lengthof() + static_cast<const unsigned char*>(p__certificateIssuer)); hashData1.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); hashData2.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); } else { hashData2 = hash.get_sha256_empty_string(); // Hash of empty string } loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaNistp256WithSha256: Hash (Data input)=", hashData1.data(), hashData1.size()); loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaNistp256WithSha256: Hash (Signer identifier input)=", hashData2.data(), hashData2.size()); hashData1.insert(hashData1.end(), hashData2.cbegin(), hashData2.cend()); // Hash (Data input) || Hash (Signer identifier input) std::vector<unsigned char> hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) ) hash.generate(hashData1, hashData); loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaNistp256WithSha256: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData.data(), hashData.size()); // Check the signature std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> pub_key_compressed(static_cast<const unsigned char *>(p__ecdsaNistp256PublicKeyCompressed), static_cast<const unsigned char *>(p__ecdsaNistp256PublicKeyCompressed) + p__ecdsaNistp256PublicKeyCompressed.lengthof()); Loading Loading @@ -259,7 +287,7 @@ namespace LibItsSecurity__Functions const OCTETSTRING& p__ecdsaNistp256PublicKeyY ) { // Sanity checks if (p__certificateIssuer.lengthof() != 32) { if ((p__certificateIssuer.lengthof() != 8) || (p__signature.lengthof() != 64)) { loggers::get_instance().log("fx__verifyWithEcdsaNistp256WithSha256__1: Wrong parameters"); return FALSE; } Loading @@ -269,12 +297,19 @@ namespace LibItsSecurity__Functions std::vector<unsigned char> hashData1; // Hash (Data input) std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), p__toBeVerifiedData.lengthof() + static_cast<const unsigned char *>(p__toBeVerifiedData)); hash.generate(tbh, hashData1); if (p__certificateIssuer != int2oct(0, 32)) { // || Hash (Signer identifier input) std::vector<unsigned char> hashData2; // Hash (Signer identifier input) if (p__certificateIssuer != int2oct(0, 8)) { // || Hash (Signer identifier input) std::vector<unsigned char> issuer = std::vector<unsigned char>(static_cast<const unsigned char*>(p__certificateIssuer), p__certificateIssuer.lengthof() + static_cast<const unsigned char*>(p__certificateIssuer)); hashData1.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); hashData2.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); } else { hashData2 = hash.get_sha256_empty_string(); // Hash of empty string } loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaNistp256WithSha256__1: Hash (Data input)=", hashData1.data(), hashData1.size()); loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaNistp256WithSha256__1: Hash (Signer identifier input)=", hashData2.data(), hashData2.size()); hashData1.insert(hashData1.end(), hashData2.cbegin(), hashData2.cend()); // Hash (Data input) || Hash (Signer identifier input) std::vector<unsigned char> hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) ) hash.generate(hashData1, hashData); loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaNistp256WithSha256__1: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData.data(), hashData.size()); // Check the signature std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> pub_key_x(static_cast<const unsigned char *>(p__ecdsaNistp256PublicKeyX), static_cast<const unsigned char *>(p__ecdsaNistp256PublicKeyX) + p__ecdsaNistp256PublicKeyX.lengthof()); Loading Loading @@ -305,7 +340,7 @@ namespace LibItsSecurity__Functions const INTEGER& p__compressedMode ) { // Sanity checks if (p__certificateIssuer.lengthof() != 32) { if ((p__certificateIssuer.lengthof() != 8) || (p__signature.lengthof() != 64) || (p__ecdsaNistp256PublicKeyCompressed.lengthof() != 32)) { loggers::get_instance().log("fx__verifyWithEcdsaBrainpoolp256WithSha256: Wrong parameters"); return FALSE; } Loading @@ -315,12 +350,19 @@ namespace LibItsSecurity__Functions std::vector<unsigned char> hashData1; // Hash (Data input) std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), p__toBeVerifiedData.lengthof() + static_cast<const unsigned char *>(p__toBeVerifiedData)); hash.generate(tbh, hashData1); if (p__certificateIssuer != int2oct(0, 32)) { // || Hash (Signer identifier input) std::vector<unsigned char> hashData2; // Hash (Signer identifier input) if (p__certificateIssuer != int2oct(0, 8)) { // || Hash (Signer identifier input) std::vector<unsigned char> issuer = std::vector<unsigned char>(static_cast<const unsigned char*>(p__certificateIssuer), p__certificateIssuer.lengthof() + static_cast<const unsigned char*>(p__certificateIssuer)); hashData1.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); hashData2.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); } else { hashData2 = hash.get_sha256_empty_string(); // Hash of empty string } loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaBrainpoolp256WithSha256: Hash (Data input)=", hashData1.data(), hashData1.size()); loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaBrainpoolp256WithSha256: Hash (Signer identifier input)=", hashData2.data(), hashData2.size()); hashData1.insert(hashData1.end(), hashData2.cbegin(), hashData2.cend()); // Hash (Data input) || Hash (Signer identifier input) std::vector<unsigned char> hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) ) hash.generate(hashData1, hashData); loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaBrainpoolp256WithSha256: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData.data(), hashData.size()); // Check the signature std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> pub_key_compressed(static_cast<const unsigned char *>(p__ecdsaBrainpoolp256PublicKeyCompressed), static_cast<const unsigned char *>(p__ecdsaBrainpoolp256PublicKeyCompressed) + p__ecdsaBrainpoolp256PublicKeyCompressed.lengthof()); Loading Loading @@ -350,7 +392,7 @@ namespace LibItsSecurity__Functions const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyY ) { // Sanity checks if (p__certificateIssuer.lengthof() != 32) { if ((p__certificateIssuer.lengthof() != 8) || (p__signature.lengthof() != 64)) { loggers::get_instance().log("fx__verifyWithEcdsaBrainpoolp256WithSha256__1: Wrong parameters"); return FALSE; } Loading @@ -360,12 +402,19 @@ namespace LibItsSecurity__Functions std::vector<unsigned char> hashData1; // Hash (Data input) std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), p__toBeVerifiedData.lengthof() + static_cast<const unsigned char *>(p__toBeVerifiedData)); hash.generate(tbh, hashData1); if (p__certificateIssuer != int2oct(0, 32)) { // || Hash (Signer identifier input) std::vector<unsigned char> hashData2; // Hash (Signer identifier input) if (p__certificateIssuer != int2oct(0, 8)) { // || Hash (Signer identifier input) std::vector<unsigned char> issuer = std::vector<unsigned char>(static_cast<const unsigned char*>(p__certificateIssuer), p__certificateIssuer.lengthof() + static_cast<const unsigned char*>(p__certificateIssuer)); hashData1.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); hashData2.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); } else { hashData2 = hash.get_sha256_empty_string(); // Hash of empty string } loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaBrainpoolp256WithSha256__1: Hash (Data input)=", hashData1.data(), hashData1.size()); loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaBrainpoolp256WithSha256__1: Hash (Signer identifier input)=", hashData2.data(), hashData2.size()); hashData1.insert(hashData1.end(), hashData2.cbegin(), hashData2.cend()); // Hash (Data input) || Hash (Signer identifier input) std::vector<unsigned char> hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) ) hash.generate(hashData1, hashData); loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaBrainpoolp256WithSha256__1: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData.data(), hashData.size()); // Check the signature std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> pub_key_x(static_cast<const unsigned char *>(p__ecdsaBrainpoolp256PublicKeyX), static_cast<const unsigned char *>(p__ecdsaBrainpoolp256PublicKeyX) + p__ecdsaBrainpoolp256PublicKeyX.lengthof()); Loading Loading @@ -395,7 +444,7 @@ namespace LibItsSecurity__Functions const INTEGER& p__compressedMode ) { // Sanity checks if (p__certificateIssuer.lengthof() != 48) { if ((p__certificateIssuer.lengthof() != 8) || (p__signature.lengthof() != 96) || (p__ecdsaBrainpoolp384PublicKeyCompressed.lengthof() != 48)) { loggers::get_instance().log("fx__verifyWithEcdsaBrainpoolp384WithSha384: Wrong parameters"); return FALSE; } Loading @@ -405,12 +454,19 @@ namespace LibItsSecurity__Functions std::vector<unsigned char> hashData1; // Hash (Data input) std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), p__toBeVerifiedData.lengthof() + static_cast<const unsigned char *>(p__toBeVerifiedData)); hash.generate(tbh, hashData1); if (p__certificateIssuer != int2oct(0, 48)) { // || Hash (Signer identifier input) std::vector<unsigned char> hashData2; // Hash (Signer identifier input) if (p__certificateIssuer != int2oct(0, 8)) { // || Hash (Signer identifier input) std::vector<unsigned char> issuer = std::vector<unsigned char>(static_cast<const unsigned char*>(p__certificateIssuer), p__certificateIssuer.lengthof() + static_cast<const unsigned char*>(p__certificateIssuer)); hashData1.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); hashData2.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); } else { hashData2 = hash.get_sha384_empty_string(); // Hash of empty string } loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaBrainpoolp384WithSha384: Hash (Data input)=", hashData1.data(), hashData1.size()); loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaBrainpoolp384WithSha384: Hash (Signer identifier input)=", hashData2.data(), hashData2.size()); hashData1.insert(hashData1.end(), hashData2.cbegin(), hashData2.cend()); // Hash (Data input) || Hash (Signer identifier input) std::vector<unsigned char> hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) ) hash.generate(hashData1, hashData); loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaBrainpoolp384WithSha384: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData.data(), hashData.size()); // Check the signature std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> pub_key_compressed(static_cast<const unsigned char *>(p__ecdsaBrainpoolp384PublicKeyCompressed), static_cast<const unsigned char *>(p__ecdsaBrainpoolp384PublicKeyCompressed) + p__ecdsaBrainpoolp384PublicKeyCompressed.lengthof()); Loading Loading @@ -450,12 +506,19 @@ namespace LibItsSecurity__Functions std::vector<unsigned char> hashData1; // Hash (Data input) std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), p__toBeVerifiedData.lengthof() + static_cast<const unsigned char *>(p__toBeVerifiedData)); hash.generate(tbh, hashData1); if (p__certificateIssuer != int2oct(0, 48)) { // || Hash (Signer identifier input) std::vector<unsigned char> hashData2; // Hash (Signer identifier input) if (p__certificateIssuer != int2oct(0, 8)) { // || Hash (Signer identifier input) std::vector<unsigned char> issuer = std::vector<unsigned char>(static_cast<const unsigned char*>(p__certificateIssuer), p__certificateIssuer.lengthof() + static_cast<const unsigned char*>(p__certificateIssuer)); hashData1.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); hashData2.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); } else { hashData2 = hash.get_sha384_empty_string(); // Hash of empty string } loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaBrainpoolp384WithSha384: Hash (Data input)=", hashData1.data(), hashData1.size()); loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaBrainpoolp384WithSha384: Hash (Signer identifier input)=", hashData2.data(), hashData2.size()); hashData1.insert(hashData1.end(), hashData2.cbegin(), hashData2.cend()); // Hash (Data input) || Hash (Signer identifier input) std::vector<unsigned char> hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) ) hash.generate(hashData1, hashData); loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaBrainpoolp384WithSha384: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData.data(), hashData.size()); // Check the signature std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> pub_key_x(static_cast<const unsigned char *>(p__ecdsaBrainpoolp384PublicKeyX), static_cast<const unsigned char *>(p__ecdsaBrainpoolp384PublicKeyX) + p__ecdsaBrainpoolp384PublicKeyX.lengthof()); Loading ccsrc/Protocols/Security/security_ecc.cc +3 −2 Original line number Diff line number Diff line Loading @@ -766,6 +766,7 @@ const int security_ecc::init() { ::OpenSSL_add_all_algorithms(); ::ERR_load_crypto_strings(); ::ERR_clear_error(); int result = -1; switch (_elliptic_curve) { Loading ccsrc/Protocols/Security/sha256.hh +16 −2 Original line number Diff line number Diff line Loading @@ -43,7 +43,8 @@ public: inline int generate(const std::vector<unsigned char> p_buffer, std::vector<unsigned char>& p_hash) { // Sanity check if (p_buffer.size() == 0) { return -1; p_hash = get_sha256_empty_string(); return 0; } return generate(p_buffer.data(), p_buffer.size(), p_hash); Loading @@ -61,8 +62,10 @@ public: inline int generate(const unsigned char *p_buffer, const size_t p_length, std::vector<unsigned char>& p_hash) { // Sanity check if (p_buffer == nullptr) { return -1; p_hash = get_sha256_empty_string(); return 0; } // Resize data buffer p_hash.resize(SHA256_DIGEST_LENGTH); // Compute the hash value Loading @@ -71,4 +74,15 @@ public: ::SHA256_Final(static_cast<unsigned char*>(p_hash.data()), &_ctx); return 0; }; /*! * \inline * \fn const std::vector<unsigned char> get_sha256_empty_string() const; * \brief Return the SHA-256 of an empty string * \return The SHA-256 of an empty string */ inline const std::vector<unsigned char> get_sha256_empty_string() { static unsigned char sha256_empty_string[] = { 0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c, 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55 }; //! SHA-256 of an empty string return std::vector<unsigned char>(sha256_empty_string, sha256_empty_string + 32); }; }; // End of class sha256 ccsrc/Protocols/Security/sha384.hh +15 −4 File changed.Preview size limit exceeded, changes collapsed. Show changes Loading
ccsrc/Externals/LibItsSecurity_externals.cc +93 −30 Original line number Diff line number Diff line Loading @@ -70,7 +70,7 @@ namespace LibItsSecurity__Functions loggers::get_instance().log_msg(">>> fx__signWithEcdsaNistp256WithSha256: private key=", p__privateKey); // Sanity checks if (p__certificateIssuer.lengthof() != 32) { if ((p__certificateIssuer.lengthof() != 8) || (p__privateKey.lengthof() != 32)) { loggers::get_instance().log("fx__signWithEcdsaNistp256WithSha256: Wrong parameters"); return OCTETSTRING(); } Loading @@ -80,12 +80,19 @@ namespace LibItsSecurity__Functions std::vector<unsigned char> hashData1; // Hash (Data input) std::vector<unsigned char> tbs(static_cast<const unsigned char *>(p__toBeSignedSecuredMessage), p__toBeSignedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeSignedSecuredMessage)); hash.generate(tbs, hashData1); if (p__certificateIssuer != int2oct(0, 32)) { // || Hash (Signer identifier input) std::vector<unsigned char> hashData2; // Hash (Signer identifier input) if (p__certificateIssuer != int2oct(0, 8)) { // || Hash (Signer identifier input) std::vector<unsigned char> issuer = std::vector<unsigned char>(static_cast<const unsigned char*>(p__certificateIssuer), p__certificateIssuer.lengthof() + static_cast<const unsigned char*>(p__certificateIssuer)); hashData1.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); hash.generate(issuer, hashData2); } else { hashData2 = hash.get_sha256_empty_string(); // Hash of empty string } loggers::get_instance().log_to_hexa("fx__signWithEcdsaNistp256WithSha256: Hash (Data input)=", hashData1.data(), hashData1.size()); loggers::get_instance().log_to_hexa("fx__signWithEcdsaNistp256WithSha256: Hash (Signer identifier input)=", hashData2.data(), hashData2.size()); hashData1.insert(hashData1.end(), hashData2.cbegin(), hashData2.cend()); // Hash (Data input) || Hash (Signer identifier input) std::vector<unsigned char> hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) ) hash.generate(hashData1, hashData); loggers::get_instance().log_to_hexa("fx__signWithEcdsaNistp256WithSha256: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData.data(), hashData.size()); // Calculate the signature std::vector<unsigned char> p_key(static_cast<const unsigned char *>(p__privateKey), static_cast<const unsigned char *>(p__privateKey) + p__privateKey.lengthof()); security_ecc k(ec_elliptic_curves::nist_p_256, p_key); Loading Loading @@ -117,7 +124,7 @@ namespace LibItsSecurity__Functions const OCTETSTRING& p__privateKey ) { // Sanity checks if (p__certificateIssuer.lengthof() != 32) { if ((p__certificateIssuer.lengthof() != 8) || (p__privateKey.lengthof() != 32)) { loggers::get_instance().log("fx__signWithEcdsaBrainpoolp256WithSha256: Wrong parameters"); return OCTETSTRING(); } Loading @@ -127,12 +134,19 @@ namespace LibItsSecurity__Functions std::vector<unsigned char> hashData1; // Hash (Data input) std::vector<unsigned char> tbs(static_cast<const unsigned char *>(p__toBeSignedSecuredMessage), p__toBeSignedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeSignedSecuredMessage)); hash.generate(tbs, hashData1); if (p__certificateIssuer != int2oct(0, 32)) { // || Hash (Signer identifier input) std::vector<unsigned char> hashData2; // Hash (Signer identifier input) if (p__certificateIssuer != int2oct(0, 8)) { // || Hash (Signer identifier input) std::vector<unsigned char> issuer = std::vector<unsigned char>(static_cast<const unsigned char*>(p__certificateIssuer), p__certificateIssuer.lengthof() + static_cast<const unsigned char*>(p__certificateIssuer)); hashData1.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); hash.generate(issuer, hashData2); } else { hashData2 = hash.get_sha256_empty_string(); // Hash of empty string } loggers::get_instance().log_to_hexa("fx__signWithEcdsaBrainpoolp256WithSha256: Hash (Data input)=", hashData1.data(), hashData1.size()); loggers::get_instance().log_to_hexa("fx__signWithEcdsaBrainpoolp256WithSha256: Hash (Signer identifier input)=", hashData2.data(), hashData2.size()); hashData1.insert(hashData1.end(), hashData2.cbegin(), hashData2.cend()); // Hash (Data input) || Hash (Signer identifier input) std::vector<unsigned char> hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) ) hash.generate(hashData1, hashData); loggers::get_instance().log_to_hexa("fx__signWithEcdsaBrainpoolp256WithSha256: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData.data(), hashData.size()); // Calculate the signature std::vector<unsigned char> p_key(static_cast<const unsigned char *>(p__privateKey), static_cast<const unsigned char *>(p__privateKey) + p__privateKey.lengthof()); security_ecc k(ec_elliptic_curves::brainpool_p_256_r1, p_key); Loading Loading @@ -164,7 +178,7 @@ namespace LibItsSecurity__Functions const OCTETSTRING& p__privateKey ) { // Sanity checks if (p__certificateIssuer.lengthof() != 48) { if ((p__certificateIssuer.lengthof() != 8) || (p__privateKey.lengthof() != 32)) { loggers::get_instance().log("fx__signWithEcdsaBrainpoolp384WithSha384: Wrong parameters"); return OCTETSTRING(); } Loading @@ -174,12 +188,19 @@ namespace LibItsSecurity__Functions std::vector<unsigned char> hashData1; // Hash (Data input) std::vector<unsigned char> tbs(static_cast<const unsigned char *>(p__toBeSignedSecuredMessage), p__toBeSignedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeSignedSecuredMessage)); hash.generate(tbs, hashData1); if (p__certificateIssuer != int2oct(0, 48)) { // || Hash (Signer identifier input) std::vector<unsigned char> hashData2; // Hash (Signer identifier input) if (p__certificateIssuer != int2oct(0, 8)) { // || Hash (Signer identifier input) std::vector<unsigned char> issuer = std::vector<unsigned char>(static_cast<const unsigned char*>(p__certificateIssuer), p__certificateIssuer.lengthof() + static_cast<const unsigned char*>(p__certificateIssuer)); hashData1.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); hash.generate(issuer, hashData2); } else { hashData2 = hash.get_sha384_empty_string(); // Hash of empty string } loggers::get_instance().log_to_hexa("fx__signWithEcdsaBrainpoolp384WithSha384: Hash (Data input)=", hashData1.data(), hashData1.size()); loggers::get_instance().log_to_hexa("fx__signWithEcdsaBrainpoolp384WithSha384: Hash (Signer identifier input)=", hashData2.data(), hashData2.size()); hashData1.insert(hashData1.end(), hashData2.cbegin(), hashData2.cend()); // Hash (Data input) || Hash (Signer identifier input) std::vector<unsigned char> hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) ) hash.generate(hashData1, hashData); loggers::get_instance().log_to_hexa("fx__signWithEcdsaBrainpoolp384WithSha384: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData.data(), hashData.size()); // Calculate the signature std::vector<unsigned char> p_key(static_cast<const unsigned char *>(p__privateKey), static_cast<const unsigned char *>(p__privateKey) + p__privateKey.lengthof()); security_ecc k(ec_elliptic_curves::brainpool_p_384_r1, p_key); Loading Loading @@ -210,11 +231,11 @@ namespace LibItsSecurity__Functions const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__certificateIssuer, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaNistp256PublicKeyCompressed, const OCTETSTRING& , const INTEGER& p__compressedMode ) { ) {p__ecdsaNistp256PublicKeyCompressed // Sanity checks if (p__certificateIssuer.lengthof() != 32) { if ((p__certificateIssuer.lengthof() != 8) || (p__signature.lengthof() != 64) || (p__ecdsaNistp256PublicKeyCompressed.lengthof() != 32)) { loggers::get_instance().log("fx__verifyWithEcdsaNistp256WithSha256: Wrong parameters"); return FALSE; } Loading @@ -224,12 +245,19 @@ namespace LibItsSecurity__Functions std::vector<unsigned char> hashData1; // Hash (Data input) std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), p__toBeVerifiedData.lengthof() + static_cast<const unsigned char *>(p__toBeVerifiedData)); hash.generate(tbh, hashData1); if (p__certificateIssuer != int2oct(0, 32)) { // || Hash (Signer identifier input) std::vector<unsigned char> hashData2; // Hash (Signer identifier input) if (p__certificateIssuer != int2oct(0, 8)) { // || Hash (Signer identifier input) std::vector<unsigned char> issuer = std::vector<unsigned char>(static_cast<const unsigned char*>(p__certificateIssuer), p__certificateIssuer.lengthof() + static_cast<const unsigned char*>(p__certificateIssuer)); hashData1.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); hashData2.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); } else { hashData2 = hash.get_sha256_empty_string(); // Hash of empty string } loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaNistp256WithSha256: Hash (Data input)=", hashData1.data(), hashData1.size()); loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaNistp256WithSha256: Hash (Signer identifier input)=", hashData2.data(), hashData2.size()); hashData1.insert(hashData1.end(), hashData2.cbegin(), hashData2.cend()); // Hash (Data input) || Hash (Signer identifier input) std::vector<unsigned char> hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) ) hash.generate(hashData1, hashData); loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaNistp256WithSha256: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData.data(), hashData.size()); // Check the signature std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> pub_key_compressed(static_cast<const unsigned char *>(p__ecdsaNistp256PublicKeyCompressed), static_cast<const unsigned char *>(p__ecdsaNistp256PublicKeyCompressed) + p__ecdsaNistp256PublicKeyCompressed.lengthof()); Loading Loading @@ -259,7 +287,7 @@ namespace LibItsSecurity__Functions const OCTETSTRING& p__ecdsaNistp256PublicKeyY ) { // Sanity checks if (p__certificateIssuer.lengthof() != 32) { if ((p__certificateIssuer.lengthof() != 8) || (p__signature.lengthof() != 64)) { loggers::get_instance().log("fx__verifyWithEcdsaNistp256WithSha256__1: Wrong parameters"); return FALSE; } Loading @@ -269,12 +297,19 @@ namespace LibItsSecurity__Functions std::vector<unsigned char> hashData1; // Hash (Data input) std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), p__toBeVerifiedData.lengthof() + static_cast<const unsigned char *>(p__toBeVerifiedData)); hash.generate(tbh, hashData1); if (p__certificateIssuer != int2oct(0, 32)) { // || Hash (Signer identifier input) std::vector<unsigned char> hashData2; // Hash (Signer identifier input) if (p__certificateIssuer != int2oct(0, 8)) { // || Hash (Signer identifier input) std::vector<unsigned char> issuer = std::vector<unsigned char>(static_cast<const unsigned char*>(p__certificateIssuer), p__certificateIssuer.lengthof() + static_cast<const unsigned char*>(p__certificateIssuer)); hashData1.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); hashData2.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); } else { hashData2 = hash.get_sha256_empty_string(); // Hash of empty string } loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaNistp256WithSha256__1: Hash (Data input)=", hashData1.data(), hashData1.size()); loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaNistp256WithSha256__1: Hash (Signer identifier input)=", hashData2.data(), hashData2.size()); hashData1.insert(hashData1.end(), hashData2.cbegin(), hashData2.cend()); // Hash (Data input) || Hash (Signer identifier input) std::vector<unsigned char> hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) ) hash.generate(hashData1, hashData); loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaNistp256WithSha256__1: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData.data(), hashData.size()); // Check the signature std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> pub_key_x(static_cast<const unsigned char *>(p__ecdsaNistp256PublicKeyX), static_cast<const unsigned char *>(p__ecdsaNistp256PublicKeyX) + p__ecdsaNistp256PublicKeyX.lengthof()); Loading Loading @@ -305,7 +340,7 @@ namespace LibItsSecurity__Functions const INTEGER& p__compressedMode ) { // Sanity checks if (p__certificateIssuer.lengthof() != 32) { if ((p__certificateIssuer.lengthof() != 8) || (p__signature.lengthof() != 64) || (p__ecdsaNistp256PublicKeyCompressed.lengthof() != 32)) { loggers::get_instance().log("fx__verifyWithEcdsaBrainpoolp256WithSha256: Wrong parameters"); return FALSE; } Loading @@ -315,12 +350,19 @@ namespace LibItsSecurity__Functions std::vector<unsigned char> hashData1; // Hash (Data input) std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), p__toBeVerifiedData.lengthof() + static_cast<const unsigned char *>(p__toBeVerifiedData)); hash.generate(tbh, hashData1); if (p__certificateIssuer != int2oct(0, 32)) { // || Hash (Signer identifier input) std::vector<unsigned char> hashData2; // Hash (Signer identifier input) if (p__certificateIssuer != int2oct(0, 8)) { // || Hash (Signer identifier input) std::vector<unsigned char> issuer = std::vector<unsigned char>(static_cast<const unsigned char*>(p__certificateIssuer), p__certificateIssuer.lengthof() + static_cast<const unsigned char*>(p__certificateIssuer)); hashData1.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); hashData2.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); } else { hashData2 = hash.get_sha256_empty_string(); // Hash of empty string } loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaBrainpoolp256WithSha256: Hash (Data input)=", hashData1.data(), hashData1.size()); loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaBrainpoolp256WithSha256: Hash (Signer identifier input)=", hashData2.data(), hashData2.size()); hashData1.insert(hashData1.end(), hashData2.cbegin(), hashData2.cend()); // Hash (Data input) || Hash (Signer identifier input) std::vector<unsigned char> hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) ) hash.generate(hashData1, hashData); loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaBrainpoolp256WithSha256: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData.data(), hashData.size()); // Check the signature std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> pub_key_compressed(static_cast<const unsigned char *>(p__ecdsaBrainpoolp256PublicKeyCompressed), static_cast<const unsigned char *>(p__ecdsaBrainpoolp256PublicKeyCompressed) + p__ecdsaBrainpoolp256PublicKeyCompressed.lengthof()); Loading Loading @@ -350,7 +392,7 @@ namespace LibItsSecurity__Functions const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyY ) { // Sanity checks if (p__certificateIssuer.lengthof() != 32) { if ((p__certificateIssuer.lengthof() != 8) || (p__signature.lengthof() != 64)) { loggers::get_instance().log("fx__verifyWithEcdsaBrainpoolp256WithSha256__1: Wrong parameters"); return FALSE; } Loading @@ -360,12 +402,19 @@ namespace LibItsSecurity__Functions std::vector<unsigned char> hashData1; // Hash (Data input) std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), p__toBeVerifiedData.lengthof() + static_cast<const unsigned char *>(p__toBeVerifiedData)); hash.generate(tbh, hashData1); if (p__certificateIssuer != int2oct(0, 32)) { // || Hash (Signer identifier input) std::vector<unsigned char> hashData2; // Hash (Signer identifier input) if (p__certificateIssuer != int2oct(0, 8)) { // || Hash (Signer identifier input) std::vector<unsigned char> issuer = std::vector<unsigned char>(static_cast<const unsigned char*>(p__certificateIssuer), p__certificateIssuer.lengthof() + static_cast<const unsigned char*>(p__certificateIssuer)); hashData1.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); hashData2.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); } else { hashData2 = hash.get_sha256_empty_string(); // Hash of empty string } loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaBrainpoolp256WithSha256__1: Hash (Data input)=", hashData1.data(), hashData1.size()); loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaBrainpoolp256WithSha256__1: Hash (Signer identifier input)=", hashData2.data(), hashData2.size()); hashData1.insert(hashData1.end(), hashData2.cbegin(), hashData2.cend()); // Hash (Data input) || Hash (Signer identifier input) std::vector<unsigned char> hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) ) hash.generate(hashData1, hashData); loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaBrainpoolp256WithSha256__1: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData.data(), hashData.size()); // Check the signature std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> pub_key_x(static_cast<const unsigned char *>(p__ecdsaBrainpoolp256PublicKeyX), static_cast<const unsigned char *>(p__ecdsaBrainpoolp256PublicKeyX) + p__ecdsaBrainpoolp256PublicKeyX.lengthof()); Loading Loading @@ -395,7 +444,7 @@ namespace LibItsSecurity__Functions const INTEGER& p__compressedMode ) { // Sanity checks if (p__certificateIssuer.lengthof() != 48) { if ((p__certificateIssuer.lengthof() != 8) || (p__signature.lengthof() != 96) || (p__ecdsaBrainpoolp384PublicKeyCompressed.lengthof() != 48)) { loggers::get_instance().log("fx__verifyWithEcdsaBrainpoolp384WithSha384: Wrong parameters"); return FALSE; } Loading @@ -405,12 +454,19 @@ namespace LibItsSecurity__Functions std::vector<unsigned char> hashData1; // Hash (Data input) std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), p__toBeVerifiedData.lengthof() + static_cast<const unsigned char *>(p__toBeVerifiedData)); hash.generate(tbh, hashData1); if (p__certificateIssuer != int2oct(0, 48)) { // || Hash (Signer identifier input) std::vector<unsigned char> hashData2; // Hash (Signer identifier input) if (p__certificateIssuer != int2oct(0, 8)) { // || Hash (Signer identifier input) std::vector<unsigned char> issuer = std::vector<unsigned char>(static_cast<const unsigned char*>(p__certificateIssuer), p__certificateIssuer.lengthof() + static_cast<const unsigned char*>(p__certificateIssuer)); hashData1.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); hashData2.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); } else { hashData2 = hash.get_sha384_empty_string(); // Hash of empty string } loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaBrainpoolp384WithSha384: Hash (Data input)=", hashData1.data(), hashData1.size()); loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaBrainpoolp384WithSha384: Hash (Signer identifier input)=", hashData2.data(), hashData2.size()); hashData1.insert(hashData1.end(), hashData2.cbegin(), hashData2.cend()); // Hash (Data input) || Hash (Signer identifier input) std::vector<unsigned char> hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) ) hash.generate(hashData1, hashData); loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaBrainpoolp384WithSha384: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData.data(), hashData.size()); // Check the signature std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> pub_key_compressed(static_cast<const unsigned char *>(p__ecdsaBrainpoolp384PublicKeyCompressed), static_cast<const unsigned char *>(p__ecdsaBrainpoolp384PublicKeyCompressed) + p__ecdsaBrainpoolp384PublicKeyCompressed.lengthof()); Loading Loading @@ -450,12 +506,19 @@ namespace LibItsSecurity__Functions std::vector<unsigned char> hashData1; // Hash (Data input) std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), p__toBeVerifiedData.lengthof() + static_cast<const unsigned char *>(p__toBeVerifiedData)); hash.generate(tbh, hashData1); if (p__certificateIssuer != int2oct(0, 48)) { // || Hash (Signer identifier input) std::vector<unsigned char> hashData2; // Hash (Signer identifier input) if (p__certificateIssuer != int2oct(0, 8)) { // || Hash (Signer identifier input) std::vector<unsigned char> issuer = std::vector<unsigned char>(static_cast<const unsigned char*>(p__certificateIssuer), p__certificateIssuer.lengthof() + static_cast<const unsigned char*>(p__certificateIssuer)); hashData1.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); hashData2.insert(hashData1.end(), issuer.cbegin(), issuer.cend()); } else { hashData2 = hash.get_sha384_empty_string(); // Hash of empty string } loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaBrainpoolp384WithSha384: Hash (Data input)=", hashData1.data(), hashData1.size()); loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaBrainpoolp384WithSha384: Hash (Signer identifier input)=", hashData2.data(), hashData2.size()); hashData1.insert(hashData1.end(), hashData2.cbegin(), hashData2.cend()); // Hash (Data input) || Hash (Signer identifier input) std::vector<unsigned char> hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) ) hash.generate(hashData1, hashData); loggers::get_instance().log_to_hexa("fx__verifyWithEcdsaBrainpoolp384WithSha384: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData.data(), hashData.size()); // Check the signature std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> pub_key_x(static_cast<const unsigned char *>(p__ecdsaBrainpoolp384PublicKeyX), static_cast<const unsigned char *>(p__ecdsaBrainpoolp384PublicKeyX) + p__ecdsaBrainpoolp384PublicKeyX.lengthof()); Loading
ccsrc/Protocols/Security/security_ecc.cc +3 −2 Original line number Diff line number Diff line Loading @@ -766,6 +766,7 @@ const int security_ecc::init() { ::OpenSSL_add_all_algorithms(); ::ERR_load_crypto_strings(); ::ERR_clear_error(); int result = -1; switch (_elliptic_curve) { Loading
ccsrc/Protocols/Security/sha256.hh +16 −2 Original line number Diff line number Diff line Loading @@ -43,7 +43,8 @@ public: inline int generate(const std::vector<unsigned char> p_buffer, std::vector<unsigned char>& p_hash) { // Sanity check if (p_buffer.size() == 0) { return -1; p_hash = get_sha256_empty_string(); return 0; } return generate(p_buffer.data(), p_buffer.size(), p_hash); Loading @@ -61,8 +62,10 @@ public: inline int generate(const unsigned char *p_buffer, const size_t p_length, std::vector<unsigned char>& p_hash) { // Sanity check if (p_buffer == nullptr) { return -1; p_hash = get_sha256_empty_string(); return 0; } // Resize data buffer p_hash.resize(SHA256_DIGEST_LENGTH); // Compute the hash value Loading @@ -71,4 +74,15 @@ public: ::SHA256_Final(static_cast<unsigned char*>(p_hash.data()), &_ctx); return 0; }; /*! * \inline * \fn const std::vector<unsigned char> get_sha256_empty_string() const; * \brief Return the SHA-256 of an empty string * \return The SHA-256 of an empty string */ inline const std::vector<unsigned char> get_sha256_empty_string() { static unsigned char sha256_empty_string[] = { 0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c, 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55 }; //! SHA-256 of an empty string return std::vector<unsigned char>(sha256_empty_string, sha256_empty_string + 32); }; }; // End of class sha256
ccsrc/Protocols/Security/sha384.hh +15 −4 File changed.Preview size limit exceeded, changes collapsed. Show changes
