Major security bugs fixed for signature. Encryption to do. (818c5dc7) · Commits · ITS - Intelligent Transport Systems / ITS

ccsrc/Externals/LibItsSecurity_externals.cc

+151 −27

Original line number	Diff line number	Diff line
		@@ -153,7 +153,38 @@ namespace LibItsSecurity__Functions
		}

		/**
		* \fn BOOLEAN fx__verifyWithEcdsaNistp256WithSha256(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaNistp256PublicKeyX, const OCTETSTRING& p__ecdsaNistp256PublicKeyY);
		* \fn BOOLEAN fx__verifyWithEcdsaNistp256WithSha256(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaNistp256PublicKeyCompressed);
		* \brief Verify the signature of the specified data
		* \param[in] p__toBeVerifiedData The data to be verified
		* \param[in] p__signature The signature
		* \param[in] p__ecdsaNistp256PublicKeyCompressed The compressed public key (x coordinate only)
		* \return true on success, false otherwise
		*/
		BOOLEAN fx__verifyWithEcdsaNistp256WithSha256(
		const OCTETSTRING& p__toBeVerifiedData,
		const OCTETSTRING& p__signature,
		const OCTETSTRING& p__ecdsaNistp256PublicKeyCompressed,
		const INTEGER& p__compressedMode
		) {
		// Calculate the hash
		sha256 hash;
		std::vector<unsigned char> hashData;
		// TODO Create SHX interface and add generate method with std::vector
		std::vector<unsigned char> tbh(static_cast<const unsigned char >(p__toBeVerifiedData), static_cast<const unsigned char >(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof());
		hash.generate(tbh, hashData);
		// Check the signature
		std::vector<unsigned char> signature(static_cast<const unsigned char >(p__signature), static_cast<const unsigned char >(p__signature) + p__signature.lengthof());
		std::vector<unsigned char> pub_key_compressed(static_cast<const unsigned char >(p__ecdsaNistp256PublicKeyCompressed), static_cast<const unsigned char >(p__ecdsaNistp256PublicKeyCompressed) + p__ecdsaNistp256PublicKeyCompressed.lengthof());
		security_ecc k(ec_elliptic_curves::nist_p_256, pub_key_compressed, (p__compressedMode == 0) ? ecc_compressed_mode::compressed_y_0 : ecc_compressed_mode::compressed_y_1);
		if (k.sign_verif(hashData, signature) == 0) {
		return TRUE;
		}

		return FALSE;
		}

		/**
		* \fn BOOLEAN fx__verifyWithEcdsaNistp256WithSha256_1(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaNistp256PublicKeyX, const OCTETSTRING& p__ecdsaNistp256PublicKeyY);
		* \brief Verify the signature of the specified data
		* \param[in] p__toBeVerifiedData The data to be verified
		* \param[in] p__signature The signature
		@@ -161,7 +192,7 @@ namespace LibItsSecurity__Functions
		* \param[in] p__ecdsaNistp256PublicKeyY The public key (y coordinate)
		* \return true on success, false otherwise
		*/
		BOOLEAN fx__verifyWithEcdsaNistp256WithSha256(
		BOOLEAN fx__verifyWithEcdsaNistp256WithSha256__1(
		const OCTETSTRING& p__toBeVerifiedData,
		const OCTETSTRING& p__signature,
		const OCTETSTRING& p__ecdsaNistp256PublicKeyX,
		@@ -178,6 +209,7 @@ namespace LibItsSecurity__Functions
		std::vector<unsigned char> pub_key_x(static_cast<const unsigned char >(p__ecdsaNistp256PublicKeyX), static_cast<const unsigned char >(p__ecdsaNistp256PublicKeyX) + p__ecdsaNistp256PublicKeyX.lengthof());
		std::vector<unsigned char> pub_key_y(static_cast<const unsigned char >(p__ecdsaNistp256PublicKeyY), static_cast<const unsigned char >(p__ecdsaNistp256PublicKeyY) + p__ecdsaNistp256PublicKeyY.lengthof());
		security_ecc k(ec_elliptic_curves::nist_p_256, pub_key_x, pub_key_y);
		//security_ecc k(ec_elliptic_curves::nist_p_256);
		if (k.sign_verif(hashData, signature) == 0) {
		return TRUE;
		}
		@@ -186,7 +218,38 @@ namespace LibItsSecurity__Functions
		}

		/**
		* \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyY);
		* \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyCompressed);
		* \brief Verify the signature of the specified data
		* \param[in] p__toBeVerifiedData The data to be verified
		* \param[in] p__signature The signature
		* \param[in] p__ecdsaBrainpoolp256PublicKeyCompressed The compressed public key (x coordinate only)
		* \return true on success, false otherwise
		*/
		BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256(
		const OCTETSTRING& p__toBeVerifiedData,
		const OCTETSTRING& p__signature,
		const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyCompressed,
		const INTEGER& p__compressedMode
		) {
		// Calculate the hash
		sha256 hash;
		std::vector<unsigned char> hashData;
		// TODO Create SHX interface and add generate method with std::vector
		std::vector<unsigned char> tbh(static_cast<const unsigned char >(p__toBeVerifiedData), static_cast<const unsigned char >(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof());
		hash.generate(tbh, hashData);
		// Check the signature
		std::vector<unsigned char> signature(static_cast<const unsigned char >(p__signature), static_cast<const unsigned char >(p__signature) + p__signature.lengthof());
		std::vector<unsigned char> pub_key_compressed(static_cast<const unsigned char >(p__ecdsaBrainpoolp256PublicKeyCompressed), static_cast<const unsigned char >(p__ecdsaBrainpoolp256PublicKeyCompressed) + p__ecdsaBrainpoolp256PublicKeyCompressed.lengthof());
		security_ecc k(ec_elliptic_curves::brainpool_p_256_r1, pub_key_compressed, (p__compressedMode == 0) ? ecc_compressed_mode::compressed_y_0 : ecc_compressed_mode::compressed_y_1);
		if (k.sign_verif(hashData, signature) == 0) {
		return TRUE;
		}

		return FALSE;
		}

		/**
		* \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256_1(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyY);
		* \brief Verify the signature of the specified data
		* \param[in] p__toBeVerifiedData The data to be verified
		* \param[in] p__signature The signature
		@@ -194,7 +257,7 @@ namespace LibItsSecurity__Functions
		* \param[in] p__ecdsaBrainpoolp256PublicKeyY The public key (y coordinate)
		* \return true on success, false otherwise
		*/
		BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256(
		BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256__1(
		const OCTETSTRING& p__toBeVerifiedData,
		const OCTETSTRING& p__signature,
		const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyX,
		@@ -219,7 +282,38 @@ namespace LibItsSecurity__Functions
		}

		/**
		* \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyY);
		* \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyCompressed);
		* \brief Verify the signature of the specified data
		* \param[in] p__toBeVerifiedData The data to be verified
		* \param[in] p__signature The signature
		* \param[in] p__ecdsaBrainpoolp384PublicKeyCompressed The compressed public key (x coordinate only)
		* \return true on success, false otherwise
		*/
		BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384(
		const OCTETSTRING& p__toBeVerifiedData,
		const OCTETSTRING& p__signature,
		const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyCompressed,
		const INTEGER& p__compressedMode
		) {
		// Calculate the hash
		sha384 hash;
		std::vector<unsigned char> hashData;
		// TODO Create SHX interface and add generate method with std::vector
		std::vector<unsigned char> tbh(static_cast<const unsigned char >(p__toBeVerifiedData), static_cast<const unsigned char >(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof());
		hash.generate(tbh, hashData);
		// Check the signature
		std::vector<unsigned char> signature(static_cast<const unsigned char >(p__signature), static_cast<const unsigned char >(p__signature) + p__signature.lengthof());
		std::vector<unsigned char> pub_key_compressed(static_cast<const unsigned char >(p__ecdsaBrainpoolp384PublicKeyCompressed), static_cast<const unsigned char >(p__ecdsaBrainpoolp384PublicKeyCompressed) + p__ecdsaBrainpoolp384PublicKeyCompressed.lengthof());
		security_ecc k(ec_elliptic_curves::brainpool_p_384_r1, pub_key_compressed, (p__compressedMode == 0) ? ecc_compressed_mode::compressed_y_0 : ecc_compressed_mode::compressed_y_1);
		if (k.sign_verif(hashData, signature) == 0) {
		return TRUE;
		}

		return FALSE;
		}

		/**
		* \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384_1(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyY);
		* \brief Verify the signature of the specified data
		* \param[in] p__toBeVerifiedData The data to be verified
		* \param[in] p__signature The signature
		@@ -227,7 +321,7 @@ namespace LibItsSecurity__Functions
		* \param[in] p__ecdsaBrainpoolp384PublicKeyY The public key (y coordinate)
		* \return true on success, false otherwise
		*/
		BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384(
		BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384__1(
		const OCTETSTRING& p__toBeVerifiedData,
		const OCTETSTRING& p__signature,
		const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyX,
		@@ -560,13 +654,16 @@ namespace LibItsSecurity__Functions
		BOOLEAN fx__generateKeyPair__nistp256(
		OCTETSTRING& p__privateKey,
		OCTETSTRING& p__publicKeyX,
		OCTETSTRING& p__publicKeyY
		OCTETSTRING& p__publicKeyY,
		OCTETSTRING& p__publicKeyCompressed,
		INTEGER& p__compressedMode
		) {
		security_ecc k(ec_elliptic_curves::nist_p_256);
		if (k.generate() != 0) {
		p__privateKey = OCTETSTRING();
		p__publicKeyX = OCTETSTRING();
		p__publicKeyY = OCTETSTRING();
		p__publicKeyCompressed = OCTETSTRING();
		return FALSE;
		}
		// Sanity checks
		@@ -582,9 +679,16 @@ namespace LibItsSecurity__Functions
		loggers::get_instance().error("fx__generateKeyPair__nistp256: Invalid public key Y-coordonate size");
		return FALSE;
		}
		if (k.public_key_compressed().size() != 32) {
		loggers::get_instance().error("fx__generateKeyPair__nistp256: Invalid public compressed key size");
		return FALSE;
		}
		p__privateKey = OCTETSTRING(k.private_key().size(), k.private_key().data());
		p__publicKeyX = OCTETSTRING(k.public_key_x().size(), k.public_key_x().data());
		p__publicKeyY = OCTETSTRING(k.public_key_y().size(), k.public_key_y().data());
		p__publicKeyCompressed = OCTETSTRING(k.public_key_compressed().size(), k.public_key_compressed().data());
		p__compressedMode = INTEGER((int)k.public_key_compressed_mode());

		return TRUE;
		}

		@@ -600,32 +704,42 @@ namespace LibItsSecurity__Functions
		BOOLEAN fx__generateKeyPair__brainpoolp256(
		OCTETSTRING& p__privateKey,
		OCTETSTRING& p__publicKeyX,
		OCTETSTRING& p__publicKeyY
		OCTETSTRING& p__publicKeyY,
		OCTETSTRING& p__publicKeyCompressed,
		INTEGER& p__compressedMode
		) {
		security_ecc k(ec_elliptic_curves::brainpool_p_256_r1);
		if (k.generate() != 0) {
		p__privateKey = OCTETSTRING();
		p__publicKeyX = OCTETSTRING();
		p__publicKeyY = OCTETSTRING();
		p__publicKeyCompressed = OCTETSTRING();
		return FALSE;
		}

		// Sanity checks
		if (k.private_key().size() != 32) {
		loggers::get_instance().error("fx__generateKeyPair__nistp256: Invalid private key size");
		loggers::get_instance().error("fx__generateKeyPair__brainpoolp256: Invalid private key size");
		return FALSE;
		}
		if (k.public_key_x().size() != 32) {
		loggers::get_instance().error("fx__generateKeyPair__nistp256: Invalid public key X-coordonate size");
		loggers::get_instance().error("fx__generateKeyPair__brainpoolp256: Invalid public key X-coordonate size");
		return FALSE;
		}
		if (k.public_key_y().size() != 32) {
		loggers::get_instance().error("fx__generateKeyPair__nistp256: Invalid public key Y-coordonate size");
		loggers::get_instance().error("fx__generateKeyPair__brainpoolp256: Invalid public key Y-coordonate size");
		return FALSE;
		}
		if (k.public_key_compressed().size() != 32) {
		loggers::get_instance().error("fx__generateKeyPair__brainpoolp256: Invalid public compressed key size");
		return FALSE;
		}
		p__privateKey = OCTETSTRING(k.private_key().size(), k.private_key().data());
		p__publicKeyX = OCTETSTRING(k.public_key_x().size(), k.public_key_x().data());
		p__publicKeyY = OCTETSTRING(k.public_key_y().size(), k.public_key_y().data());
		p__publicKeyCompressed = OCTETSTRING(k.public_key_compressed().size(), k.public_key_compressed().data());
		p__compressedMode = INTEGER((int)k.public_key_compressed_mode());

		return TRUE;
		}

		@@ -641,32 +755,42 @@ namespace LibItsSecurity__Functions
		BOOLEAN fx__generateKeyPair__brainpoolp384(
		OCTETSTRING& p__privateKey,
		OCTETSTRING& p__publicKeyX,
		OCTETSTRING& p__publicKeyY
		OCTETSTRING& p__publicKeyY,
		OCTETSTRING& p__publicKeyCompressed,
		INTEGER& p__compressedMode
		) {
		security_ecc k(ec_elliptic_curves::brainpool_p_384_r1);
		if (k.generate() != 0) {
		p__privateKey = OCTETSTRING();
		p__publicKeyX = OCTETSTRING();
		p__publicKeyY = OCTETSTRING();
		p__publicKeyCompressed = OCTETSTRING();
		return FALSE;
		}

		// Sanity checks
		if (k.private_key().size() != 48) {
		loggers::get_instance().error("fx__generateKeyPair__nistp256: Invalid private key size");
		loggers::get_instance().error("fx__generateKeyPair__brainpoolp384: Invalid private key size");
		return FALSE;
		}
		if (k.public_key_x().size() != 48) {
		loggers::get_instance().error("fx__generateKeyPair__nistp256: Invalid public key X-coordonate size");
		loggers::get_instance().error("fx__generateKeyPair__brainpoolp384: Invalid public key X-coordonate size");
		return FALSE;
		}
		if (k.public_key_y().size() != 48) {
		loggers::get_instance().error("fx__generateKeyPair__nistp256: Invalid public key Y-coordonate size");
		loggers::get_instance().error("fx__generateKeyPair__brainpoolp384: Invalid public key Y-coordonate size");
		return FALSE;
		}
		if (k.public_key_compressed().size() != 48) {
		loggers::get_instance().error("fx__generateKeyPair__brainpoolp384: Invalid public compressed key size");
		return FALSE;
		}
		p__privateKey = OCTETSTRING(k.private_key().size(), k.private_key().data());
		p__publicKeyX = OCTETSTRING(k.public_key_x().size(), k.public_key_x().data());
		p__publicKeyY = OCTETSTRING(k.public_key_y().size(), k.public_key_y().data());
		p__publicKeyCompressed = OCTETSTRING(k.public_key_compressed().size(), k.public_key_compressed().data());
		p__compressedMode = INTEGER((int)k.public_key_compressed_mode());

		return TRUE;
		}

		@@ -702,7 +826,7 @@ namespace LibItsSecurity__Functions
		return TRUE;
		}

		BOOLEAN fx__store__certificate(const CHARSTRING& p__cert__id, const OCTETSTRING& p__cert, const OCTETSTRING& p__private__key, const OCTETSTRING& p__public__key__x, const OCTETSTRING& p__public__key__y, const OCTETSTRING& p__hashid8, const OCTETSTRING& p__issuer, const OCTETSTRING_template& p__private__enc__key, const OCTETSTRING_template& p__public__enc__key__x, const OCTETSTRING_template& p__public__enc__key__y) {
		BOOLEAN fx__store__certificate(const CHARSTRING& p__cert__id, const OCTETSTRING& p__cert, const OCTETSTRING& p__private__key, const OCTETSTRING& p__public__key__x, const OCTETSTRING& p__public__key__y, const OCTETSTRING& p__public__key__compressed, const INTEGER& p__public__key__compressed__mode, const OCTETSTRING& p__hashid8, const OCTETSTRING& p__issuer, const OCTETSTRING_template& p__private__enc__key, const OCTETSTRING_template& p__public__enc__key__x, const OCTETSTRING_template& p__public__enc__key__y) {
		loggers::get_instance().log(">>> fx__store__certificate: '%s'", static_cast<const char*>(p__cert__id));

		int result;
		@@ -710,9 +834,9 @@ namespace LibItsSecurity__Functions
		const OCTETSTRING private_enc_key = p__private__enc__key.valueof();
		const OCTETSTRING public_enc_key_x = p__public__enc__key__x.valueof();
		const OCTETSTRING public_enc_key_y = p__public__enc__key__y.valueof();
		result = security_services::get_instance().store_certificate(p__cert__id, p__cert, p__private__key, p__public__key__x, p__public__key__y, p__hashid8, p__issuer, private_enc_key, public_enc_key_x, public_enc_key_y);
		result = security_services::get_instance().store_certificate(p__cert__id, p__cert, p__private__key, p__public__key__x, p__public__key__y, p__public__key__compressed, p__public__key__compressed__mode, p__hashid8, p__issuer, private_enc_key, public_enc_key_x, public_enc_key_y);
		} else {
		result = security_services::get_instance().store_certificate(p__cert__id, p__cert, p__private__key, p__public__key__x, p__public__key__y, p__hashid8, p__issuer, OCTETSTRING(), OCTETSTRING(), OCTETSTRING());
		result = security_services::get_instance().store_certificate(p__cert__id, p__cert, p__private__key, p__public__key__x, p__public__key__y, p__public__key__compressed, p__public__key__compressed__mode, p__hashid8, p__issuer, OCTETSTRING(), OCTETSTRING(), OCTETSTRING());
		}

		return (result == 0);

ccsrc/Protocols/Security/certificates_loader.cc

+27 −7

Original line number	Diff line number	Diff line
		@@ -13,7 +13,7 @@

		certificates_loader * certificates_loader::instance = nullptr;

		certificates_loader::certificates_loader(): _certificateExt{".crt"}, _privateKeyExt{".pkey"}, _publicKeysExt{".vkey"}, _privateEncKeyExt{".pekey"}, _publicEncKeysExt{".vekey"}, _hashedidDigestExt{".hashedid"}, _issuerDigestExt{".issuer"}, _full_path(), _is_cache_initialized{false}, _directory_filter{".svn", "._.DS_Store", ".DS_Store"} {
		certificates_loader::certificates_loader(): _certificateExt{".crt"}, _privateKeyExt{".pkey"}, _publicKeysExt{".vkey"}, _publicCompKeysExt(".cvkey"), _privateEncKeyExt{".pekey"}, _publicEncKeysExt{".vekey"}, _hashedidDigestExt{".hashedid"}, _issuerDigestExt{".issuer"}, _full_path(), _is_cache_initialized{false}, _directory_filter{".svn", "._.DS_Store", ".DS_Store"} {
		loggers::get_instance().log(">>> certificates_loader::certificates_loader");
		} // End of ctor

		@@ -92,7 +92,7 @@ int certificates_loader::retrieve_certificates_list(std::set<std::experimental::
		}
		// Process files
		p_files.clear();
		std::set<std::string> extensions_filter{ _certificateExt, _privateKeyExt, _publicKeysExt, _privateEncKeyExt, _publicEncKeysExt, _hashedidDigestExt, _issuerDigestExt };
		std::set<std::string> extensions_filter{ _certificateExt, _privateKeyExt, _publicKeysExt, _publicCompKeysExt, _privateEncKeyExt, _publicEncKeysExt, _hashedidDigestExt, _issuerDigestExt };
		for (std::set<std::experimental::filesystem::path>::const_reverse_iterator f = folders.crbegin(); f != folders.crend(); ++f) {
		loggers::get_instance().log("certificates_loader::retrieve_certificates_list: Processing directory '%s'", f->string().c_str());
		for(const std::experimental::filesystem::directory_entry it : std::experimental::filesystem::recursive_directory_iterator(*f)) {
		@@ -159,7 +159,7 @@ int certificates_loader::build_certificates_cache(std::set<std::experimental::fi
		// Remove items from the list
		p_files.erase(it);

		// Load public key file
		// Load public keys file
		it = p_files.find(p.replace_extension(_publicKeysExt));
		if (it == p_files.cend()) {
		loggers::get_instance().warning("certificates_loader::build_certificates_cache: Public keys file not found for '%s'", key.c_str());
		@@ -180,6 +180,25 @@ int certificates_loader::build_certificates_cache(std::set<std::experimental::fi
		// Remove items from the list
		p_files.erase(it);

		// Load public compressed key file
		it = p_files.find(p.replace_extension(_publicCompKeysExt));
		if (it == p_files.cend()) {
		loggers::get_instance().warning("certificates_loader::build_certificates_cache: Public compress key file not found for '%s'", key.c_str());
		return -1;
		}
		loggers::get_instance().log("certificates_loader::build_certificates_cache: Caching public compressed ke '%s'", it->string().c_str());
		is.open(it->string(), ios::in \| ios::binary);
		size = std::experimental::filesystem::file_size(*it);
		if ((size != 33) && (size != 49)) {
		loggers::get_instance().warning("certificates_loader::build_certificates_cache: Public compressed key size is incorrect for '%s'", key.c_str());
		return -1;
		}
		std::vector<unsigned char> public_comp_key(size, 0x00);
		is.read(reinterpret_cast<char *>(public_comp_key.data()), public_comp_key.size());
		is.close();
		// Remove items from the list
		p_files.erase(it);

		// Load private encryption key file if present
		std::vector<unsigned char> private_enc_key;
		it = p_files.find(p.replace_extension(_privateEncKeyExt));
		@@ -271,8 +290,9 @@ int certificates_loader::build_certificates_cache(std::set<std::experimental::fi
		issuer, // Hashed ID fo the issuer
		hashed_id, // Hashed ID
		private_key, // Private key
		public_key_x, // Public key X-coordinate
		public_key_y, // Public key Y-coordinate
		public_key_x, // public keys X-coordinate
		public_key_y, // public keys Y-coordinate
		public_comp_key, // public compressed key, 33 or 49 bytes length, byte #0 indicating compressed-y-0 (0x02) or compressed-y-1 (0x03)
		private_enc_key, // Private enciption key
		public_enc_key_x, // Public enciption key X-coordinate
		public_enc_key_y // Public enciption key Y-coordinate

ccsrc/Protocols/Security/certificates_loader.hh

+13 −0

File changed.

Preview size limit exceeded, changes collapsed.

ccsrc/Protocols/Security/security_cache.cc

+22 −3

File changed.

Preview size limit exceeded, changes collapsed.

ccsrc/Protocols/Security/security_cache.hh

+3 −1

File changed.

Preview size limit exceeded, changes collapsed.

Admin message