Skip to content
GitLab
Commit 3ba8e0e2 authored by Yann Garcia's avatar Yann Garcia
Browse files

Unify security external function names

parent 44d1384d
Hide whitespace changes
Inline Side-by-side
ccsrc/Externals/LibItsSecurity_externals.cc
View file @ 3ba8e0e2
......@@ -160,21 +160,21 @@ namespace LibItsSecurity__Functions
}
/**
* \fn OCTETSTRING fx__signWithEcdsaBrainpoolp256WithSha256(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey);
* \fn OCTETSTRING fx__signWithEcdsaBrainpoolp256r1WithSha256(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey);
* \brief Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature based on standard IEEE 1609.2
* \param[in] p__toBeSignedSecuredMessage The data to be signed
* \param[in] p__certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate
* \param[in] p__privateKey The private key
* \return The signature value
*/
OCTETSTRING fx__signWithEcdsaBrainpoolp256WithSha256(
OCTETSTRING fx__signWithEcdsaBrainpoolp256r1WithSha256(
const OCTETSTRING& p__toBeSignedSecuredMessage,
const OCTETSTRING& p__certificateIssuer,
const OCTETSTRING& p__privateKey
) {
// Sanity checks
if ((p__certificateIssuer.lengthof() != 32) || (p__privateKey.lengthof() != 32)) {
loggers::get_instance().log("fx__signWithEcdsaBrainpoolp256WithSha256: Wrong parameters");
loggers::get_instance().log("fx__signWithEcdsaBrainpoolp256r1WithSha256: Wrong parameters");
return OCTETSTRING(0, nullptr);
}
......@@ -188,12 +188,12 @@ namespace LibItsSecurity__Functions
} else {
hashData2 = hash.get_sha256_empty_string(); // Hash of empty string
}
loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp256WithSha256: Hash (Data input)=", hashData1);
loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp256WithSha256: Hash (Signer identifier input)=", hashData2);
loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp256r1WithSha256: Hash (Data input)=", hashData1);
loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp256r1WithSha256: Hash (Signer identifier input)=", hashData2);
hashData1 += hashData2; // Hash (Data input) || Hash (Signer identifier input)
OCTETSTRING hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) )
hash.generate(hashData1, hashData);
loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp256WithSha256: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData);
loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp256r1WithSha256: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData);
// Calculate the signature
security_ecc k(ec_elliptic_curves::brainpool_p_256_r1, p__privateKey);
OCTETSTRING r_sig;
......@@ -210,21 +210,21 @@ namespace LibItsSecurity__Functions
}
/**
* \fn OCTETSTRING fx__signWithEcdsaBrainpoolp384WithSha384(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey);
* \fn OCTETSTRING fx__signWithEcdsaBrainpoolp384r1WithSha384(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey);
* \brief Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature based on standard IEEE 1609.2
* \param[in] p__toBeSignedSecuredMessage The data to be signed
* \param[in] p__certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate
* \param[in] p__privateKey The private key
* \return The signature value
*/
OCTETSTRING fx__signWithEcdsaBrainpoolp384WithSha384(
OCTETSTRING fx__signWithEcdsaBrainpoolp384r1WithSha384(
const OCTETSTRING& p__toBeSignedSecuredMessage,
const OCTETSTRING& p__certificateIssuer,
const OCTETSTRING& p__privateKey
) {
// Sanity checks
if ((p__certificateIssuer.lengthof() != 48) || (p__privateKey.lengthof() != 48)) {
loggers::get_instance().log("fx__signWithEcdsaBrainpoolp384WithSha384: Wrong parameters");
loggers::get_instance().log("fx__signWithEcdsaBrainpoolp384r1WithSha384: Wrong parameters");
return OCTETSTRING(0, nullptr);
}
......@@ -238,21 +238,21 @@ namespace LibItsSecurity__Functions
} else {
hashData2 = hash.get_sha384_empty_string(); // Hash of empty string
}
loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp384WithSha384: Hash (Data input)=", hashData1);
loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp384WithSha384: Hash (Signer identifier input)=", hashData2);
loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp384r1WithSha384: Hash (Data input)=", hashData1);
loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp384r1WithSha384: Hash (Signer identifier input)=", hashData2);
hashData1 += hashData2; // Hash (Data input) || Hash (Signer identifier input)
OCTETSTRING hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) )
hash.generate(hashData1, hashData);
loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp384WithSha384: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData);
loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp384r1WithSha384: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData);
// Calculate the signature
security_ecc k(ec_elliptic_curves::brainpool_p_384_r1, p__privateKey);
OCTETSTRING r_sig;
OCTETSTRING s_sig;
if (k.sign(hashData, r_sig, s_sig) == 0) {
OCTETSTRING os = r_sig + s_sig;
loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp384WithSha384: r_sig= ", r_sig);
loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp384WithSha384: s_sig= ", s_sig);
loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp384WithSha384: sig= ", os);
loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp384r1WithSha384: r_sig= ", r_sig);
loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp384r1WithSha384: s_sig= ", s_sig);
loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp384r1WithSha384: sig= ", os);
return os;
}
......@@ -390,7 +390,7 @@ namespace LibItsSecurity__Functions
}
/**
* \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyCompressed);
* \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp256r1WithSha256(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyCompressed);
* \brief Verify the signature of the specified data based on standard IEEE 1609.2
* \param[in] p__toBeVerifiedData The data to be verified
* \param[in] p__certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate
......@@ -398,7 +398,7 @@ namespace LibItsSecurity__Functions
* \param[in] p__ecdsaBrainpoolp256PublicKeyCompressed The compressed public key (x coordinate only)
* \return true on success, false otherwise
*/
BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256(
BOOLEAN fx__verifyWithEcdsaBrainpoolp256r1WithSha256(
const OCTETSTRING& p__toBeVerifiedData,
const OCTETSTRING& p__certificateIssuer,
const OCTETSTRING& p__signature,
......@@ -407,7 +407,7 @@ namespace LibItsSecurity__Functions
) {
// Sanity checks
if ((p__certificateIssuer.lengthof() != 32) || (p__signature.lengthof() != 64) || (p__ecdsaBrainpoolp256PublicKeyCompressed.lengthof() != 32)) {
loggers::get_instance().log("fx__verifyWithEcdsaBrainpoolp256WithSha256: Wrong parameters");
loggers::get_instance().log("fx__verifyWithEcdsaBrainpoolp256r1WithSha256: Wrong parameters");
return FALSE;
}
......@@ -421,12 +421,12 @@ namespace LibItsSecurity__Functions
} else {
hashData2 = hash.get_sha256_empty_string(); // Hash of empty string
}
loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp256WithSha256: Hash (Data input)=", hashData1);
loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp256WithSha256: Hash (Signer identifier input)=", hashData2);
loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp256r1WithSha256: Hash (Data input)=", hashData1);
loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp256r1WithSha256: Hash (Signer identifier input)=", hashData2);
hashData1 += hashData2; // Hash (Data input) || Hash (Signer identifier input)
OCTETSTRING hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) )
hash.generate(hashData1, hashData);
loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp256WithSha256: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData);
loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp256r1WithSha256: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData);
// Check the signature
security_ecc k(ec_elliptic_curves::brainpool_p_256_r1, p__ecdsaBrainpoolp256PublicKeyCompressed, (p__compressedMode == 0) ? ecc_compressed_mode::compressed_y_0 : ecc_compressed_mode::compressed_y_1);
if (k.sign_verif(hashData, p__signature) == 0) {
......@@ -437,7 +437,7 @@ namespace LibItsSecurity__Functions
}
/**
* \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256_1(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyY);
* \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp256r1WithSha256_1(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyY);
* \brief Verify the signature of the specified data based on standard IEEE 1609.2
* \param[in] p__toBeVerifiedData The data to be verified
* \param[in] p__certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate
......@@ -446,7 +446,7 @@ namespace LibItsSecurity__Functions
* \param[in] p__ecdsaBrainpoolp256PublicKeyY The public key (y coordinate)
* \return true on success, false otherwise
*/
BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256__1(
BOOLEAN fx__verifyWithEcdsaBrainpoolp256r1WithSha256__1(
const OCTETSTRING& p__toBeVerifiedData,
const OCTETSTRING& p__certificateIssuer,
const OCTETSTRING& p__signature,
......@@ -455,7 +455,7 @@ namespace LibItsSecurity__Functions
) {
// Sanity checks
if ((p__certificateIssuer.lengthof() != 32) || (p__signature.lengthof() != 64) || (p__ecdsaBrainpoolp256PublicKeyX.lengthof() != 32) || (p__ecdsaBrainpoolp256PublicKeyY.lengthof() != 32)) {
loggers::get_instance().log("fx__verifyWithEcdsaBrainpoolp256WithSha256__1: Wrong parameters");
loggers::get_instance().log("fx__verifyWithEcdsaBrainpoolp256r1WithSha256__1: Wrong parameters");
return FALSE;
}
......@@ -469,12 +469,12 @@ namespace LibItsSecurity__Functions
} else {
hashData2 = hash.get_sha256_empty_string(); // Hash of empty string
}
loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp256WithSha256__1: Hash (Data input)=", hashData1);
loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp256WithSha256__1: Hash (Signer identifier input)=", hashData2);
loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp256r1WithSha256__1: Hash (Data input)=", hashData1);
loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp256r1WithSha256__1: Hash (Signer identifier input)=", hashData2);
hashData1 += hashData2; // Hash (Data input) || Hash (Signer identifier input)
OCTETSTRING hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) )
hash.generate(hashData1, hashData);
loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp256WithSha256__1: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData);
loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp256r1WithSha256__1: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData);
// Check the signature
security_ecc k(ec_elliptic_curves::brainpool_p_256_r1, p__ecdsaBrainpoolp256PublicKeyX, p__ecdsaBrainpoolp256PublicKeyY);
if (k.sign_verif(hashData, p__signature) == 0) {
......@@ -485,7 +485,7 @@ namespace LibItsSecurity__Functions
}
/**
* \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyCompressed);
* \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp384r1WithSha384(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyCompressed);
* \brief Verify the signature of the specified data based on standard IEEE 1609.2
* \param[in] p__toBeVerifiedData The data to be verified
* \param[in] p__certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate
......@@ -493,7 +493,7 @@ namespace LibItsSecurity__Functions
* \param[in] p__ecdsaBrainpoolp384PublicKeyCompressed The compressed public key (x coordinate only)
* \return true on success, false otherwise
*/
BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384(
BOOLEAN fx__verifyWithEcdsaBrainpoolp384r1WithSha384(
const OCTETSTRING& p__toBeVerifiedData,
const OCTETSTRING& p__certificateIssuer,
const OCTETSTRING& p__signature,
......@@ -502,7 +502,7 @@ namespace LibItsSecurity__Functions
) {
// Sanity checks
if ((p__certificateIssuer.lengthof() != 48) || (p__signature.lengthof() != 96) || (p__ecdsaBrainpoolp384PublicKeyCompressed.lengthof() != 48)) {
loggers::get_instance().log("fx__verifyWithEcdsaBrainpoolp384WithSha384: Wrong parameters");
loggers::get_instance().log("fx__verifyWithEcdsaBrainpoolp384r1WithSha384: Wrong parameters");
return FALSE;
}
......@@ -516,12 +516,12 @@ namespace LibItsSecurity__Functions
} else {
hashData2 = hash.get_sha384_empty_string(); // Hash of empty string
}
loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp384WithSha384: Hash (Data input)=", hashData1);
loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp384WithSha384: Hash (Signer identifier input)=", hashData2);
loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp384r1WithSha384: Hash (Data input)=", hashData1);
loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp384r1WithSha384: Hash (Signer identifier input)=", hashData2);
hashData1 += hashData2; // Hash (Data input) || Hash (Signer identifier input)
OCTETSTRING hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) )
hash.generate(hashData1, hashData);
loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp384WithSha384: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData);
loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp384r1WithSha384: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData);
// Check the signature
security_ecc k(ec_elliptic_curves::brainpool_p_384_r1, p__ecdsaBrainpoolp384PublicKeyCompressed, (p__compressedMode == 0) ? ecc_compressed_mode::compressed_y_0 : ecc_compressed_mode::compressed_y_1);
if (k.sign_verif(hashData, p__signature) == 0) {
......@@ -532,7 +532,7 @@ namespace LibItsSecurity__Functions
}
/**
* \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384_1(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyY);
* \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp384r1WithSha384_1(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyY);
* \brief Verify the signature of the specified data based on standard IEEE 1609.2
* \param[in] p__toBeVerifiedData The data to be verified
* \param[in] p__certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate
......@@ -541,7 +541,7 @@ namespace LibItsSecurity__Functions
* \param[in] p__ecdsaBrainpoolp384PublicKeyY The public key (y coordinate)
* \return true on success, false otherwise
*/
BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384__1(
BOOLEAN fx__verifyWithEcdsaBrainpoolp384r1WithSha384__1(
const OCTETSTRING& p__toBeVerifiedData,
const OCTETSTRING& p__certificateIssuer,
const OCTETSTRING& p__signature,
......@@ -550,7 +550,7 @@ namespace LibItsSecurity__Functions
) {
// Sanity checks
if ((p__certificateIssuer.lengthof() != 48) || (p__signature.lengthof() != 96) || (p__ecdsaBrainpoolp384PublicKeyX.lengthof() != 48) || (p__ecdsaBrainpoolp384PublicKeyY.lengthof() != 48)) {
loggers::get_instance().log("fx__verifyWithEcdsaBrainpoolp384WithSha384__1: Wrong parameters");
loggers::get_instance().log("fx__verifyWithEcdsaBrainpoolp384r1WithSha384__1: Wrong parameters");
return FALSE;
}
......@@ -564,12 +564,12 @@ namespace LibItsSecurity__Functions
} else {
hashData2 = hash.get_sha384_empty_string(); // Hash of empty string
}
loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp384WithSha384: Hash (Data input)=", hashData1);
loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp384WithSha384: Hash (Signer identifier input)=", hashData2);
loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp384r1WithSha384: Hash (Data input)=", hashData1);
loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp384r1WithSha384: Hash (Signer identifier input)=", hashData2);
hashData1 += hashData2; // Hash (Data input) || Hash (Signer identifier input)
OCTETSTRING hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) )
hash.generate(hashData1, hashData);
loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp384WithSha384: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData);
loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp384r1WithSha384: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData);
// Check the signature
security_ecc k(ec_elliptic_curves::brainpool_p_384_r1, p__ecdsaBrainpoolp384PublicKeyX, p__ecdsaBrainpoolp384PublicKeyY);
if (k.sign_verif(hashData, p__signature) == 0) {
......@@ -689,36 +689,27 @@ namespace LibItsSecurity__Functions
* \param[out] p__encrypted__sym__key The encrypted AES 128 symmetric key
* \param[out] p__authentication__vector The tag of the encrypted AES 128 symmetric key
* \param[out] p__nonce The nonce vector
* \param[in] p__use__hardcoded__values In debug mode, set to true to use hardcoded values
* \return The original message
* \see IEEE Std 1609.2-2017 Clause 5.3.5 Public key encryption algorithms: ECIES
* \see https://www.nominet.uk/researchblog/how-elliptic-curve-cryptography-encryption-works/
* \see http://digital.csic.es/bitstream/10261/32671/1/V2-I2-P7-13.pdf
*/
// TODO Use common function for both fx__encryptWithEciesxxx and fx__decryptWithEciesxxx function
OCTETSTRING fx__encryptWithEciesNistp256WithSha256(const OCTETSTRING& p__toBeEncryptedSecuredMessage, const OCTETSTRING& p__recipientsPublicKeyCompressed, const INTEGER& p__compressedMode, const OCTETSTRING& p__salt, OCTETSTRING& p__publicEphemeralKeyCompressed, INTEGER& p__ephemeralCompressedMode,OCTETSTRING& p__aes__sym__key, OCTETSTRING& p__encrypted__sym__key, OCTETSTRING& p__authentication__vector, OCTETSTRING& p__nonce, const BOOLEAN& p__use__hardcoded__values) {
OCTETSTRING fx__encryptWithEciesNistp256WithSha256(const OCTETSTRING& p__toBeEncryptedSecuredMessage, const OCTETSTRING& p__recipientsPublicKeyCompressed, const INTEGER& p__compressedMode, const OCTETSTRING& p__salt, OCTETSTRING& p__publicEphemeralKeyCompressed, INTEGER& p__ephemeralCompressedMode,OCTETSTRING& p__aes__sym__key, OCTETSTRING& p__encrypted__sym__key, OCTETSTRING& p__authentication__vector, OCTETSTRING& p__nonce) {
loggers::get_instance().log_msg(">>> fx__encryptWithEciesNistp256WithSha256: p__toBeEncryptedSecuredMessage: ", p__toBeEncryptedSecuredMessage);
loggers::get_instance().log_msg(">>> fx__encryptWithEciesNistp256WithSha256: p__recipientsPublicKeyCompressed: ", p__recipientsPublicKeyCompressed);
loggers::get_instance().log(">>> fx__encryptWithEciesNistp256WithSha256: p__compressedMode: %d", static_cast<int>(p__compressedMode));
loggers::get_instance().log_msg(">>> fx__encryptWithEciesNistp256WithSha256: p__salt: ", p__salt);
loggers::get_instance().log(">>> fx__encryptWithEciesNistp256WithSha256: p__use__hardcoded__values: %x", static_cast<const boolean>(p__use__hardcoded__values));
// 1. Generate new Private/Public Ephemeral key
std::unique_ptr<security_ecc> ec;
if (!static_cast<const boolean>(p__use__hardcoded__values)) {
ec.reset(new security_ecc(ec_elliptic_curves::nist_p_256));
if (ec->generate() == -1) {
loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to generate ephemeral keys");
return OCTETSTRING(0, nullptr);
}
} else {
ec.reset(new security_ecc(ec_elliptic_curves::nist_p_256, str2oct("0722B39ABC7B6C5301CA0408F454F81553D7FE59F492DBF385B6B6D1F81E0F68"))); // Hardcoded private key
ec.reset(new security_ecc(ec_elliptic_curves::nist_p_256));
if (ec->generate() == -1) {
loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to generate ephemeral keys");
return OCTETSTRING(0, nullptr);
}
// 2. Generate and derive shared secret based on recipient's private keys
security_ecc ec_comp(ec_elliptic_curves::nist_p_256, p__recipientsPublicKeyCompressed, (static_cast<int>(p__compressedMode) == 0) ? ecc_compressed_mode::compressed_y_0 : ecc_compressed_mode::compressed_y_1);
if (static_cast<const boolean>(p__use__hardcoded__values)) { // Set AES encryption key to an harcoded value
ec->symmetric_encryption_key(str2oct("5A4E63B247C714644E85CAC49BD26C81"));
}
if (ec->generate_and_derive_ephemeral_key(encryption_algotithm::aes_128_ccm, ec_comp.public_key_x(), ec_comp.public_key_y(), p__salt) == -1) {
loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to generate and derive secret key");
return OCTETSTRING(0, nullptr);
......@@ -856,61 +847,53 @@ namespace LibItsSecurity__Functions
return message;
}
OCTETSTRING fx__encryptWithEciesBrainpoolp256WithSha256(const OCTETSTRING& p__toBeEncryptedSecuredMessage, const OCTETSTRING& p__recipientsPublicKeyCompressed, const INTEGER& p__compressedMode, const OCTETSTRING& p__salt, OCTETSTRING& p__publicEphemeralKeyCompressed, INTEGER& p__ephemeralCompressedMode,OCTETSTRING& p__aes__sym__key, OCTETSTRING& p__encrypted__sym__key, OCTETSTRING& p__authentication__vector, OCTETSTRING& p__nonce, const BOOLEAN& p__use__hardcoded__values) {
loggers::get_instance().log_msg(">>> fx__encryptWithEciesBrainpoolp256WithSha256: p__toBeEncryptedSecuredMessage: ", p__toBeEncryptedSecuredMessage);
loggers::get_instance().log_msg(">>> fx__encryptWithEciesBrainpoolp256WithSha256: p__recipientsPublicKeyCompressed: ", p__recipientsPublicKeyCompressed);
loggers::get_instance().log(">>> fx__encryptWithEciesBrainpoolp256WithSha256: p__compressedMode: %d", static_cast<int>(p__compressedMode));
loggers::get_instance().log_msg(">>> fx__encryptWithEciesBrainpoolp256WithSha256: p__salt: ", p__salt);
loggers::get_instance().log(">>> fx__encryptWithEciesBrainpoolp256WithSha256: p__use__hardcoded__values: %x", static_cast<const boolean>(p__use__hardcoded__values));
OCTETSTRING fx__encryptWithEciesBrainpoolp256r1WithSha256(const OCTETSTRING& p__toBeEncryptedSecuredMessage, const OCTETSTRING& p__recipientsPublicKeyCompressed, const INTEGER& p__compressedMode, const OCTETSTRING& p__salt, OCTETSTRING& p__publicEphemeralKeyCompressed, INTEGER& p__ephemeralCompressedMode,OCTETSTRING& p__aes__sym__key, OCTETSTRING& p__encrypted__sym__key, OCTETSTRING& p__authentication__vector, OCTETSTRING& p__nonce) {
loggers::get_instance().log_msg(">>> fx__encryptWithEciesBrainpoolp256r1WithSha256: p__toBeEncryptedSecuredMessage: ", p__toBeEncryptedSecuredMessage);
loggers::get_instance().log_msg(">>> fx__encryptWithEciesBrainpoolp256r1WithSha256: p__recipientsPublicKeyCompressed: ", p__recipientsPublicKeyCompressed);
loggers::get_instance().log(">>> fx__encryptWithEciesBrainpoolp256r1WithSha256: p__compressedMode: %d", static_cast<int>(p__compressedMode));
loggers::get_instance().log_msg(">>> fx__encryptWithEciesBrainpoolp256r1WithSha256: p__salt: ", p__salt);
// 1. Generate new Private/Public Ephemeral key
std::unique_ptr<security_ecc> ec;
if (!static_cast<const boolean>(p__use__hardcoded__values)) {
ec.reset(new security_ecc(ec_elliptic_curves::brainpool_p_256_r1));
if (ec->generate() == -1) {
loggers::get_instance().warning("fx__encryptWithEciesBrainpoolp256WithSha256: Failed to generate ephemeral keys");
return OCTETSTRING(0, nullptr);
}
} else {
ec.reset(new security_ecc(ec_elliptic_curves::brainpool_p_256_r1, str2oct("0722B39ABC7B6C5301CA0408F454F81553D7FE59F492DBF385B6B6D1F81E0F68"))); // Hardcoded private key
ec.reset(new security_ecc(ec_elliptic_curves::brainpool_p_256_r1));
if (ec->generate() == -1) {
loggers::get_instance().warning("fx__encryptWithEciesBrainpoolp256r1WithSha256: Failed to generate ephemeral keys");
return OCTETSTRING(0, nullptr);
}
// 2. Generate and derive shared secret based on recipient's private keys
security_ecc ec_comp(ec_elliptic_curves::brainpool_p_256_r1, p__recipientsPublicKeyCompressed, (static_cast<int>(p__compressedMode) == 0) ? ecc_compressed_mode::compressed_y_0 : ecc_compressed_mode::compressed_y_1);
if (static_cast<const boolean>(p__use__hardcoded__values)) { // Set AES encryption key to an harcoded value
ec->symmetric_encryption_key(str2oct("5A4E63B247C714644E85CAC49BD26C81"));
}
if (ec->generate_and_derive_ephemeral_key(encryption_algotithm::aes_128_ccm, ec_comp.public_key_x(), ec_comp.public_key_y(), p__salt) == -1) {
loggers::get_instance().warning("fx__encryptWithEciesBrainpoolp256WithSha256: Failed to generate and derive secret key");
loggers::get_instance().warning("fx__encryptWithEciesBrainpoolp256r1WithSha256: Failed to generate and derive secret key");
return OCTETSTRING(0, nullptr);
}
// Set the AES symmetric key
loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256WithSha256: AES symmetric key: ", ec->symmetric_encryption_key());
loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256r1WithSha256: AES symmetric key: ", ec->symmetric_encryption_key());
p__aes__sym__key = ec->symmetric_encryption_key();
loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256WithSha256: p__aes__sym__key: ", p__aes__sym__key);
loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256r1WithSha256: p__aes__sym__key: ", p__aes__sym__key);
// Set the encrypted symmetric key
loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256WithSha256: Encrypted symmetric key: ", ec->encrypted_symmetric_key());
loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256r1WithSha256: Encrypted symmetric key: ", ec->encrypted_symmetric_key());
p__encrypted__sym__key = ec->encrypted_symmetric_key();
loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256WithSha256: p__encrypted__sym__key: ", p__encrypted__sym__key);
loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256r1WithSha256: p__encrypted__sym__key: ", p__encrypted__sym__key);
// Set the tag of the symmetric key encryption
p__authentication__vector = ec->tag();
loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256WithSha256: p__authentication__vector: ", p__authentication__vector);
loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256r1WithSha256: p__authentication__vector: ", p__authentication__vector);
// Set ephemeral public keys
p__publicEphemeralKeyCompressed = ec->public_key_compressed();
loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256WithSha256: Ephemeral public compressed key: ", p__publicEphemeralKeyCompressed);
loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256r1WithSha256: Ephemeral public compressed key: ", p__publicEphemeralKeyCompressed);
p__ephemeralCompressedMode = (ec->public_key_compressed_mode() == ecc_compressed_mode::compressed_y_0) ? 0 : 1;
loggers::get_instance().log("fx__encryptWithEciesBrainpoolp256WithSha256: Ephemeral public compressed mode: %d: ", p__ephemeralCompressedMode);
loggers::get_instance().log("fx__encryptWithEciesBrainpoolp256r1WithSha256: Ephemeral public compressed mode: %d: ", p__ephemeralCompressedMode);
// 3. Retrieve AES 128 parameters
p__nonce = ec->nonce();
loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256WithSha256: p__nonce: ", p__nonce);
loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256r1WithSha256: p__nonce: ", p__nonce);
// 4. Encrypt the data using AES-128 CCM
OCTETSTRING enc_message;
if (ec->encrypt(encryption_algotithm::aes_128_ccm, ec->symmetric_encryption_key(), ec->nonce(), p__toBeEncryptedSecuredMessage, enc_message) == -1) {
loggers::get_instance().warning("fx__encryptWithEciesBrainpoolp256WithSha256: Failed to encrypt message");
loggers::get_instance().warning("fx__encryptWithEciesBrainpoolp256r1WithSha256: Failed to encrypt message");
return OCTETSTRING(0, nullptr);
}
enc_message += ec->tag();
loggers::get_instance().log_to_hexa("fx__encryptWithEciesBrainpoolp256WithSha256: enc message||Tag: ", enc_message);
loggers::get_instance().log_to_hexa("fx__encryptWithEciesBrainpoolp256r1WithSha256: enc message||Tag: ", enc_message);
return enc_message;
}
......@@ -919,59 +902,59 @@ namespace LibItsSecurity__Functions
* @desc Test function for ECIES BRAINPOOL P-256r1 Encryption with SHA-256
* @remark For the purpose of testing, the content of p__toBeEncryptedSecuredMessage is the AES 128 symmetric key to be encrypted
*/
OCTETSTRING fx__test__encryptWithEciesBrainpoolp256WithSha256(const OCTETSTRING& p__toBeEncryptedSecuredMessage, const OCTETSTRING& p__privateEphemeralKey, const OCTETSTRING& p__recipientPublicKeyX, const OCTETSTRING& p__recipientPublicKeyY, const OCTETSTRING& p__salt, OCTETSTRING& p__publicEphemeralKeyX, OCTETSTRING& p__publicEphemeralKeyY, OCTETSTRING& p__aes__sym__key, OCTETSTRING& p__encrypted__sym__key, OCTETSTRING& p__authentication__vector, OCTETSTRING& p__nonce) {
OCTETSTRING fx__test__encryptWithEciesBrainpoolp256r1WithSha256(const OCTETSTRING& p__toBeEncryptedSecuredMessage, const OCTETSTRING& p__privateEphemeralKey, const OCTETSTRING& p__recipientPublicKeyX, const OCTETSTRING& p__recipientPublicKeyY, const OCTETSTRING& p__salt, OCTETSTRING& p__publicEphemeralKeyX, OCTETSTRING& p__publicEphemeralKeyY, OCTETSTRING& p__aes__sym__key, OCTETSTRING& p__encrypted__sym__key, OCTETSTRING& p__authentication__vector, OCTETSTRING& p__nonce) {
// 1. Generate new ephemeral Private/Public keys
security_ecc ec(ec_elliptic_curves::brainpool_p_256_r1, p__privateEphemeralKey);
p__publicEphemeralKeyX = ec.public_key_x();
p__publicEphemeralKeyY = ec.public_key_y();
loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256WithSha256: Vx=", p__publicEphemeralKeyX);
loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256WithSha256: Vy=", p__publicEphemeralKeyY);
loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256r1WithSha256: Vx=", p__publicEphemeralKeyX);
loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256r1WithSha256: Vy=", p__publicEphemeralKeyY);
// 2. Generate and derive shared secret
security_ecc ec_comp(ec_elliptic_curves::brainpool_p_256_r1, p__recipientPublicKeyX, p__recipientPublicKeyY);
ec.symmetric_encryption_key(p__toBeEncryptedSecuredMessage);
loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256WithSha256: ", ec.encrypted_symmetric_key());
loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256r1WithSha256: ", ec.encrypted_symmetric_key());
if (ec.generate_and_derive_ephemeral_key(encryption_algotithm::aes_128_ccm, ec_comp.public_key_x(), ec_comp.public_key_y(), p__salt) == -1) {
loggers::get_instance().warning("fx__test__encryptWithEciesBrainpoolp256WithSha256: Failed to generate and derive secret key");
loggers::get_instance().warning("fx__test__encryptWithEciesBrainpoolp256r1WithSha256: Failed to generate and derive secret key");
return OCTETSTRING(0, nullptr);
}
// Set the AES symmetric key
loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256WithSha256: AES symmetric key: ", ec.symmetric_encryption_key());
loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256r1WithSha256: AES symmetric key: ", ec.symmetric_encryption_key());
p__aes__sym__key = ec.symmetric_encryption_key();
loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256WithSha256: p__aes__sym__key: ", p__aes__sym__key);
loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256r1WithSha256: p__aes__sym__key: ", p__aes__sym__key);
// Set the encrypted symmetric key
loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256WithSha256: Encrypted symmetric key: ", ec.encrypted_symmetric_key());
loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256r1WithSha256: Encrypted symmetric key: ", ec.encrypted_symmetric_key());
p__encrypted__sym__key = ec.encrypted_symmetric_key();
loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256WithSha256: p__encrypted__sym__key: ", p__encrypted__sym__key);
loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256r1WithSha256: p__encrypted__sym__key: ", p__encrypted__sym__key);
// Set the tag of the symmetric key encryption
p__authentication__vector = ec.tag();
loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256WithSha256: p__authentication__vector: ", p__authentication__vector);
loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256r1WithSha256: p__authentication__vector: ", p__authentication__vector);
// 3. Retrieve AES 128 parameters
p__nonce = ec.nonce();
loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256WithSha256: p__nonce: ", p__nonce);
loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256r1WithSha256: p__nonce: ", p__nonce);
// 4. Encrypt the data using AES-128 CCM
OCTETSTRING enc_message;
if (ec.encrypt(encryption_algotithm::aes_128_ccm, ec.symmetric_encryption_key(), ec.nonce(), p__toBeEncryptedSecuredMessage, enc_message) == -1) {
loggers::get_instance().warning("fx__test__encryptWithEciesBrainpoolp256WithSha256: Failed to encrypt message");
loggers::get_instance().warning("fx__test__encryptWithEciesBrainpoolp256r1WithSha256: Failed to encrypt message");
return OCTETSTRING(0, nullptr);
}
enc_message += ec.tag();
loggers::get_instance().log_to_hexa("fx__test__encryptWithEciesBrainpoolp256WithSha256: enc message||Tag: ", enc_message);
loggers::get_instance().log_to_hexa("fx__test__encryptWithEciesBrainpoolp256r1WithSha256: enc message||Tag: ", enc_message);
return enc_message;
}
OCTETSTRING fx__decryptWithEciesBrainpoolp256WithSha256(const OCTETSTRING& p__encryptedSecuredMessage, const OCTETSTRING& p__privateEncKey, const OCTETSTRING& p__publicEphemeralKeyCompressed, const INTEGER& p__ephemeralCompressedMode, const OCTETSTRING& p__encrypted__sym__key, const OCTETSTRING& p__authentication__vector, const OCTETSTRING& p__nonce, const OCTETSTRING& p__salt, OCTETSTRING& p__aes__sym__enc__key) {
loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__toBeEncryptedSecuredMessage: ", p__encryptedSecuredMessage);
loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__privateEncKey: ", p__privateEncKey);
loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__publicEphemeralKeyCompressed: ", p__publicEphemeralKeyCompressed);
loggers::get_instance().log(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__ephemeralCompressedMode: %d", static_cast<int>(p__ephemeralCompressedMode));
loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__nonce: ", p__nonce);
loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__authentication__vector: ", p__authentication__vector);
loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__encrypted__sym__key: ", p__encrypted__sym__key);
loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__salt", p__salt);
OCTETSTRING fx__decryptWithEciesBrainpoolp256r1WithSha256(const OCTETSTRING& p__encryptedSecuredMessage, const OCTETSTRING& p__privateEncKey, const OCTETSTRING& p__publicEphemeralKeyCompressed, const INTEGER& p__ephemeralCompressedMode, const OCTETSTRING& p__encrypted__sym__key, const OCTETSTRING& p__authentication__vector, const OCTETSTRING& p__nonce, const OCTETSTRING& p__salt, OCTETSTRING& p__aes__sym__enc__key) {
loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256r1WithSha256: p__toBeEncryptedSecuredMessage: ", p__encryptedSecuredMessage);
loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256r1WithSha256: p__privateEncKey: ", p__privateEncKey);
loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256r1WithSha256: p__publicEphemeralKeyCompressed: ", p__publicEphemeralKeyCompressed);
loggers::get_instance().log(">>> fx__decryptWithEciesBrainpoolp256r1WithSha256: p__ephemeralCompressedMode: %d", static_cast<int>(p__ephemeralCompressedMode));
loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256r1WithSha256: p__nonce: ", p__nonce);
loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256r1WithSha256: p__authentication__vector: ", p__authentication__vector);
loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256r1WithSha256: p__encrypted__sym__key: ", p__encrypted__sym__key);
loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256r1WithSha256: p__salt", p__salt);
// 1. Create security_ecc instance based on public ephemeral keys
security_ecc ec(ec_elliptic_curves::brainpool_p_256_r1, p__privateEncKey);
......@@ -979,23 +962,23 @@ namespace LibItsSecurity__Functions
// 2. Generate the shared secret value based on public ephemeral keys will be required
if (ec.generate_and_derive_ephemeral_key(encryption_algotithm::aes_128_ccm, ec_comp.public_key_x(), ec_comp.public_key_y(), p__encrypted__sym__key, p__nonce, p__authentication__vector, OCTETSTRING(0, nullptr)) == -1) {
loggers::get_instance().warning("fx__decryptWithEciesBrainpoolp256WithSha256: Failed to generate shared secret");
loggers::get_instance().warning("fx__decryptWithEciesBrainpoolp256r1WithSha256: Failed to generate shared secret");
return OCTETSTRING(0, nullptr);
}
// Decrypt the message
OCTETSTRING enc_message(p__encryptedSecuredMessage.lengthof() - ec.tag().lengthof(), static_cast<const unsigned char*>(p__encryptedSecuredMessage)); // Extract the encrypted message
loggers::get_instance().log_msg("fx__decryptWithEciesBrainpoolp256WithSha256: enc_message: ", enc_message); // Extract the ctag value
loggers::get_instance().log_msg("fx__decryptWithEciesBrainpoolp256r1WithSha256: enc_message: ", enc_message); // Extract the ctag value
OCTETSTRING tag(ec.tag().lengthof(), static_cast<const unsigned char*>(p__encryptedSecuredMessage) + p__encryptedSecuredMessage.lengthof() - ec.tag().lengthof());
loggers::get_instance().log_msg("fx__decryptWithEciesBrainpoolp256WithSha256: tag: ", tag);
loggers::get_instance().log_msg("fx__decryptWithEciesBrainpoolp256r1WithSha256: tag: ", tag);
OCTETSTRING message;
if (ec.decrypt(tag, enc_message, message) == -1) {
loggers::get_instance().warning("fx__decryptWithEciesBrainpoolp256WithSha256: Failed to generate shared secret");
loggers::get_instance().warning("fx__decryptWithEciesBrainpoolp256r1WithSha256: Failed to generate shared secret");
return OCTETSTRING(0, nullptr);
}
loggers::get_instance().log_msg("fx__decryptWithEciesBrainpoolp256WithSha256: dec message: ", message);
loggers::get_instance().log_msg("fx__decryptWithEciesBrainpoolp256r1WithSha256: dec message: ", message);
p__aes__sym__enc__key = ec.symmetric_encryption_key();
loggers::get_instance().log_msg("fx__decryptWithEciesBrainpoolp256WithSha256: AES 128 encryption key: ", p__aes__sym__enc__key);
loggers::get_instance().log_msg("fx__decryptWithEciesBrainpoolp256r1WithSha256: AES 128 encryption key: ", p__aes__sym__enc__key);
return message;
}
......@@ -1059,13 +1042,13 @@ namespace LibItsSecurity__Functions
* \return true on success, false otherwise
fx_generateKeyPair_nistp256(out octetstring<UInt64> p_privateKey, out octetstring p_publicKeyX, out octetstring p_publicKeyY) return boolean;
*/
BOOLEAN fx__generateKeyPair__brainpoolp256(
OCTETSTRING& p__privateKey,
OCTETSTRING& p__publicKeyX,
OCTETSTRING& p__publicKeyY,
OCTETSTRING& p__publicKeyCompressed,
INTEGER& p__compressedMode
) {
BOOLEAN fx__generateKeyPair__brainpoolp256r1(
OCTETSTRING& p__privateKey,
OCTETSTRING& p__publicKeyX,
OCTETSTRING& p__publicKeyY,
OCTETSTRING& p__publicKeyCompressed,
INTEGER& p__compressedMode
) {
security_ecc k(ec_elliptic_curves::brainpool_p_256_r1);
if (k.generate() != 0) {
p__privateKey = OCTETSTRING(0, nullptr);
......@@ -1077,19 +1060,19 @@ namespace LibItsSecurity__Functions
// Sanity checks
if (k.private_key().lengthof() != 32) {
loggers::get_instance().error("fx__generateKeyPair__brainpoolp256: Invalid private key size");
loggers::get_instance().error("fx__generateKeyPair__brainpoolp256r1: Invalid private key size");
return FALSE;
}
if (k.public_key_x().lengthof() != 32) {
loggers::get_instance().error("fx__generateKeyPair__brainpoolp256: Invalid public key X-coordonate size");
loggers::get_instance().error("fx__generateKeyPair__brainpoolp256r1: Invalid public key X-coordonate size");
return FALSE;
}
if (k.public_key_y().lengthof() != 32) {
loggers::get_instance().error("fx__generateKeyPair__brainpoolp256: Invalid public key Y-coordonate size");
loggers::get_instance().error("fx__generateKeyPair__brainpoolp256r1: Invalid public key Y-coordonate size");
return FALSE;
}
if (k.public_key_compressed().lengthof() != 32) {
loggers::get_instance().error("fx__generateKeyPair__brainpoolp256: Invalid public compressed key size");
loggers::get_instance().error("fx__generateKeyPair__brainpoolp256r1: Invalid public compressed key size");
return FALSE;
}
p__privateKey = k.private_key();
......@@ -1110,13 +1093,13 @@ namespace LibItsSecurity__Functions
* \return true on success, false otherwise
fx_generateKeyPair_nistp256(out octetstring<UInt64> p_privateKey, out octetstring p_publicKeyX, out octetstring p_publicKeyY) return boolean;
*/
BOOLEAN fx__generateKeyPair__brainpoolp384(
OCTETSTRING& p__privateKey,
OCTETSTRING& p__publicKeyX,
OCTETSTRING& p__publicKeyY,
OCTETSTRING& p__publicKeyCompressed,
INTEGER& p__compressedMode
) {
BOOLEAN fx__generateKeyPair__brainpoolp384r1(
OCTETSTRING& p__privateKey,
OCTETSTRING& p__publicKeyX,
OCTETSTRING& p__publicKeyY,
OCTETSTRING& p__publicKeyCompressed,
INTEGER& p__compressedMode
) {
security_ecc k(ec_elliptic_curves::brainpool_p_384_r1);
if (k.generate() != 0) {
p__privateKey = OCTETSTRING(0, nullptr);
......@@ -1128,19 +1111,19 @@ namespace LibItsSecurity__Functions
// Sanity checks
if (k.private_key().lengthof() != 48) {
loggers::get_instance().error("fx__generateKeyPair__brainpoolp384: Invalid private key size");
loggers::get_instance().error("fx__generateKeyPair__brainpoolp384r1: Invalid private key size");
return FALSE;
}
if (k.public_key_x().lengthof() != 48) {
loggers::get_instance().error("fx__generateKeyPair__brainpoolp384: Invalid public key X-coordonate size");
loggers::get_instance().error("fx__generateKeyPair__brainpoolp384r1: Invalid public key X-coordonate size");
return FALSE;
}
if (k.public_key_y().lengthof() != 48) {
loggers::get_instance().error("fx__generateKeyPair__brainpoolp384: Invalid public key Y-coordonate size");
loggers::get_instance().error("fx__generateKeyPair__brainpoolp384r1: Invalid public key Y-coordonate size");