Loading ccsrc/Externals/LibItsSecurity_externals.cc +99 −0 Original line number Original line Diff line number Diff line Loading @@ -54,19 +54,30 @@ namespace LibItsSecurity__Functions * \fn OCTETSTRING fx__signWithEcdsaNistp256WithSha256(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey); * \fn OCTETSTRING fx__signWithEcdsaNistp256WithSha256(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey); * \brief Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature * \brief Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature * \param[in] p__toBeSignedSecuredMessage The data to be signed * \param[in] p__toBeSignedSecuredMessage The data to be signed * \param[in] p__certificateIssuer Certificate issuer * \param[in] p__privateKey The private key * \param[in] p__privateKey The private key * \return The signature value * \return The signature value */ */ OCTETSTRING fx__signWithEcdsaNistp256WithSha256( OCTETSTRING fx__signWithEcdsaNistp256WithSha256( const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__certificateIssuer, const OCTETSTRING& p__privateKey const OCTETSTRING& p__privateKey ) { ) { // Sanity checks if (p__certificateIssuer.lenthof() != 8) { log("fx__signWithEcdsaNistp256WithSha256: Wrong parameters"); return OCTETSTRING(); } // Calculate the SHA256 of the data // Calculate the SHA256 of the data sha256 hash; sha256 hash; std::vector<unsigned char> hashData; std::vector<unsigned char> hashData; // TODO Create SHX interface and add generate method with std::vector // TODO Create SHX interface and add generate method with std::vector std::vector<unsigned char> tbs(static_cast<const unsigned char *>(p__toBeSignedSecuredMessage), p__toBeSignedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeSignedSecuredMessage)); std::vector<unsigned char> tbs(static_cast<const unsigned char *>(p__toBeSignedSecuredMessage), p__toBeSignedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeSignedSecuredMessage)); hash.generate(tbs, hashData); hash.generate(tbs, hashData); if (p__certificateIssuer == '0000000000000000'O) { hashData += p__certificateIssuer; } // Calculate the signature // Calculate the signature std::vector<unsigned char> p_key(static_cast<const unsigned char *>(p__privateKey), static_cast<const unsigned char *>(p__privateKey) + p__privateKey.lengthof()); std::vector<unsigned char> p_key(static_cast<const unsigned char *>(p__privateKey), static_cast<const unsigned char *>(p__privateKey) + p__privateKey.lengthof()); security_ecc k(ec_elliptic_curves::nist_p_256, p_key); security_ecc k(ec_elliptic_curves::nist_p_256, p_key); Loading @@ -88,19 +99,30 @@ namespace LibItsSecurity__Functions * \fn OCTETSTRING fx__signWithEcdsaBrainpoolp256WithSha256(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey); * \fn OCTETSTRING fx__signWithEcdsaBrainpoolp256WithSha256(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey); * \brief Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature * \brief Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature * \param[in] p__toBeSignedSecuredMessage The data to be signed * \param[in] p__toBeSignedSecuredMessage The data to be signed * \param[in] p__certificateIssuer Certificate issuer * \param[in] p__privateKey The private key * \param[in] p__privateKey The private key * \return The signature value * \return The signature value */ */ OCTETSTRING fx__signWithEcdsaBrainpoolp256WithSha256( OCTETSTRING fx__signWithEcdsaBrainpoolp256WithSha256( const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__certificateIssuer, const OCTETSTRING& p__privateKey const OCTETSTRING& p__privateKey ) { ) { // Sanity checks if (p__certificateIssuer.lenthof() != 8) { log("fx__signWithEcdsaBrainpoolp256WithSha256: Wrong parameters"); return OCTETSTRING(); } // Calculate the SHA256 of the data // Calculate the SHA256 of the data sha256 hash; sha256 hash; std::vector<unsigned char> hashData; std::vector<unsigned char> hashData; // TODO Create SHX interface and add generate method with std::vector // TODO Create SHX interface and add generate method with std::vector std::vector<unsigned char> tbs(static_cast<const unsigned char *>(p__toBeSignedSecuredMessage), p__toBeSignedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeSignedSecuredMessage)); std::vector<unsigned char> tbs(static_cast<const unsigned char *>(p__toBeSignedSecuredMessage), p__toBeSignedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeSignedSecuredMessage)); hash.generate(tbs, hashData); hash.generate(tbs, hashData); if (p__certificateIssuer == '0000000000000000'O) { hashData += p__certificateIssuer; } // Calculate the signature // Calculate the signature std::vector<unsigned char> p_key(static_cast<const unsigned char *>(p__privateKey), static_cast<const unsigned char *>(p__privateKey) + p__privateKey.lengthof()); std::vector<unsigned char> p_key(static_cast<const unsigned char *>(p__privateKey), static_cast<const unsigned char *>(p__privateKey) + p__privateKey.lengthof()); security_ecc k(ec_elliptic_curves::brainpool_p_256_r1, p_key); security_ecc k(ec_elliptic_curves::brainpool_p_256_r1, p_key); Loading @@ -122,19 +144,30 @@ namespace LibItsSecurity__Functions * \fn OCTETSTRING fx__signWithEcdsaBrainpoolp384WithSha384(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey); * \fn OCTETSTRING fx__signWithEcdsaBrainpoolp384WithSha384(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey); * \brief Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature * \brief Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature * \param[in] p__toBeSignedSecuredMessage The data to be signed * \param[in] p__toBeSignedSecuredMessage The data to be signed * \param[in] p__certificateIssuer Certificate issuer * \param[in] p__privateKey The private key * \param[in] p__privateKey The private key * \return The signature value * \return The signature value */ */ OCTETSTRING fx__signWithEcdsaBrainpoolp384WithSha384( OCTETSTRING fx__signWithEcdsaBrainpoolp384WithSha384( const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__certificateIssuer, const OCTETSTRING& p__privateKey const OCTETSTRING& p__privateKey ) { ) { // Sanity checks if (p__certificateIssuer.lenthof() != 8) { log("fx__signWithEcdsaBrainpoolp384WithSha384: Wrong parameters"); return OCTETSTRING(); } // Calculate the SHA384 of the data // Calculate the SHA384 of the data sha384 hash; sha384 hash; std::vector<unsigned char> hashData; std::vector<unsigned char> hashData; // TODO Create SHX interface and add generate method with std::vector // TODO Create SHX interface and add generate method with std::vector std::vector<unsigned char> tbs(static_cast<const unsigned char *>(p__toBeSignedSecuredMessage), p__toBeSignedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeSignedSecuredMessage)); std::vector<unsigned char> tbs(static_cast<const unsigned char *>(p__toBeSignedSecuredMessage), p__toBeSignedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeSignedSecuredMessage)); hash.generate(tbs, hashData); hash.generate(tbs, hashData); if (p__certificateIssuer == '0000000000000000'O) { hashData += p__certificateIssuer; } // Calculate the signature // Calculate the signature std::vector<unsigned char> p_key(static_cast<const unsigned char *>(p__privateKey), static_cast<const unsigned char *>(p__privateKey) + p__privateKey.lengthof()); std::vector<unsigned char> p_key(static_cast<const unsigned char *>(p__privateKey), static_cast<const unsigned char *>(p__privateKey) + p__privateKey.lengthof()); security_ecc k(ec_elliptic_curves::brainpool_p_384_r1, p_key); security_ecc k(ec_elliptic_curves::brainpool_p_384_r1, p_key); Loading @@ -156,22 +189,33 @@ namespace LibItsSecurity__Functions * \fn BOOLEAN fx__verifyWithEcdsaNistp256WithSha256(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaNistp256PublicKeyCompressed); * \fn BOOLEAN fx__verifyWithEcdsaNistp256WithSha256(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaNistp256PublicKeyCompressed); * \brief Verify the signature of the specified data * \brief Verify the signature of the specified data * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__certificateIssuer Certificate issuer * \param[in] p__signature The signature * \param[in] p__signature The signature * \param[in] p__ecdsaNistp256PublicKeyCompressed The compressed public key (x coordinate only) * \param[in] p__ecdsaNistp256PublicKeyCompressed The compressed public key (x coordinate only) * \return true on success, false otherwise * \return true on success, false otherwise */ */ BOOLEAN fx__verifyWithEcdsaNistp256WithSha256( BOOLEAN fx__verifyWithEcdsaNistp256WithSha256( const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__certificateIssuer, const OCTETSTRING& p__signature, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaNistp256PublicKeyCompressed, const OCTETSTRING& p__ecdsaNistp256PublicKeyCompressed, const INTEGER& p__compressedMode const INTEGER& p__compressedMode ) { ) { // Sanity checks if (p__certificateIssuer.lenthof() != 8) { log("fx__verifyWithEcdsaNistp256WithSha256: Wrong parameters"); return OCTETSTRING(); } // Calculate the hash // Calculate the hash sha256 hash; sha256 hash; std::vector<unsigned char> hashData; std::vector<unsigned char> hashData; // TODO Create SHX interface and add generate method with std::vector // TODO Create SHX interface and add generate method with std::vector std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), static_cast<const unsigned char *>(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof()); std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), static_cast<const unsigned char *>(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof()); hash.generate(tbh, hashData); hash.generate(tbh, hashData); if (p__certificateIssuer == '0000000000000000'O) { hashData += p__certificateIssuer; } // Check the signature // Check the signature std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> pub_key_compressed(static_cast<const unsigned char *>(p__ecdsaNistp256PublicKeyCompressed), static_cast<const unsigned char *>(p__ecdsaNistp256PublicKeyCompressed) + p__ecdsaNistp256PublicKeyCompressed.lengthof()); std::vector<unsigned char> pub_key_compressed(static_cast<const unsigned char *>(p__ecdsaNistp256PublicKeyCompressed), static_cast<const unsigned char *>(p__ecdsaNistp256PublicKeyCompressed) + p__ecdsaNistp256PublicKeyCompressed.lengthof()); Loading @@ -187,6 +231,7 @@ namespace LibItsSecurity__Functions * \fn BOOLEAN fx__verifyWithEcdsaNistp256WithSha256_1(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaNistp256PublicKeyX, const OCTETSTRING& p__ecdsaNistp256PublicKeyY); * \fn BOOLEAN fx__verifyWithEcdsaNistp256WithSha256_1(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaNistp256PublicKeyX, const OCTETSTRING& p__ecdsaNistp256PublicKeyY); * \brief Verify the signature of the specified data * \brief Verify the signature of the specified data * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__certificateIssuer Certificate issuer * \param[in] p__signature The signature * \param[in] p__signature The signature * \param[in] p__ecdsaNistp256PublicKeyX The public key (x coordinate) * \param[in] p__ecdsaNistp256PublicKeyX The public key (x coordinate) * \param[in] p__ecdsaNistp256PublicKeyY The public key (y coordinate) * \param[in] p__ecdsaNistp256PublicKeyY The public key (y coordinate) Loading @@ -194,16 +239,26 @@ namespace LibItsSecurity__Functions */ */ BOOLEAN fx__verifyWithEcdsaNistp256WithSha256__1( BOOLEAN fx__verifyWithEcdsaNistp256WithSha256__1( const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__certificateIssuer, const OCTETSTRING& p__signature, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaNistp256PublicKeyX, const OCTETSTRING& p__ecdsaNistp256PublicKeyX, const OCTETSTRING& p__ecdsaNistp256PublicKeyY const OCTETSTRING& p__ecdsaNistp256PublicKeyY ) { ) { // Sanity checks if (p__certificateIssuer.lenthof() != 8) { log("fx__verifyWithEcdsaNistp256WithSha256__1: Wrong parameters"); return OCTETSTRING(); } // Calculate the hash // Calculate the hash sha256 hash; sha256 hash; std::vector<unsigned char> hashData; std::vector<unsigned char> hashData; // TODO Create SHX interface and add generate method with std::vector // TODO Create SHX interface and add generate method with std::vector std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), static_cast<const unsigned char *>(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof()); std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), static_cast<const unsigned char *>(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof()); hash.generate(tbh, hashData); hash.generate(tbh, hashData); if (p__certificateIssuer == '0000000000000000'O) { hashData += p__certificateIssuer; } // Check the signature // Check the signature std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> pub_key_x(static_cast<const unsigned char *>(p__ecdsaNistp256PublicKeyX), static_cast<const unsigned char *>(p__ecdsaNistp256PublicKeyX) + p__ecdsaNistp256PublicKeyX.lengthof()); std::vector<unsigned char> pub_key_x(static_cast<const unsigned char *>(p__ecdsaNistp256PublicKeyX), static_cast<const unsigned char *>(p__ecdsaNistp256PublicKeyX) + p__ecdsaNistp256PublicKeyX.lengthof()); Loading @@ -221,22 +276,33 @@ namespace LibItsSecurity__Functions * \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyCompressed); * \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyCompressed); * \brief Verify the signature of the specified data * \brief Verify the signature of the specified data * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__certificateIssuer Certificate issuer * \param[in] p__signature The signature * \param[in] p__signature The signature * \param[in] p__ecdsaBrainpoolp256PublicKeyCompressed The compressed public key (x coordinate only) * \param[in] p__ecdsaBrainpoolp256PublicKeyCompressed The compressed public key (x coordinate only) * \return true on success, false otherwise * \return true on success, false otherwise */ */ BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256( BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256( const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__certificateIssuer, const OCTETSTRING& p__signature, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyCompressed, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyCompressed, const INTEGER& p__compressedMode const INTEGER& p__compressedMode ) { ) { // Sanity checks if (p__certificateIssuer.lenthof() != 8) { log("fx__verifyWithEcdsaBrainpoolp256WithSha256: Wrong parameters"); return OCTETSTRING(); } // Calculate the hash // Calculate the hash sha256 hash; sha256 hash; std::vector<unsigned char> hashData; std::vector<unsigned char> hashData; // TODO Create SHX interface and add generate method with std::vector // TODO Create SHX interface and add generate method with std::vector std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), static_cast<const unsigned char *>(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof()); std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), static_cast<const unsigned char *>(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof()); hash.generate(tbh, hashData); hash.generate(tbh, hashData); if (p__certificateIssuer == '0000000000000000'O) { hashData += p__certificateIssuer; } // Check the signature // Check the signature std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> pub_key_compressed(static_cast<const unsigned char *>(p__ecdsaBrainpoolp256PublicKeyCompressed), static_cast<const unsigned char *>(p__ecdsaBrainpoolp256PublicKeyCompressed) + p__ecdsaBrainpoolp256PublicKeyCompressed.lengthof()); std::vector<unsigned char> pub_key_compressed(static_cast<const unsigned char *>(p__ecdsaBrainpoolp256PublicKeyCompressed), static_cast<const unsigned char *>(p__ecdsaBrainpoolp256PublicKeyCompressed) + p__ecdsaBrainpoolp256PublicKeyCompressed.lengthof()); Loading @@ -252,6 +318,7 @@ namespace LibItsSecurity__Functions * \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256_1(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyY); * \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256_1(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyY); * \brief Verify the signature of the specified data * \brief Verify the signature of the specified data * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__certificateIssuer Certificate issuer * \param[in] p__signature The signature * \param[in] p__signature The signature * \param[in] p__ecdsaBrainpoolp256PublicKeyX The public key (x coordinate) * \param[in] p__ecdsaBrainpoolp256PublicKeyX The public key (x coordinate) * \param[in] p__ecdsaBrainpoolp256PublicKeyY The public key (y coordinate) * \param[in] p__ecdsaBrainpoolp256PublicKeyY The public key (y coordinate) Loading @@ -259,16 +326,26 @@ namespace LibItsSecurity__Functions */ */ BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256__1( BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256__1( const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__certificateIssuer, const OCTETSTRING& p__signature, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyY const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyY ) { ) { // Sanity checks if (p__certificateIssuer.lenthof() != 8) { log("fx__verifyWithEcdsaBrainpoolp256WithSha256__1: Wrong parameters"); return OCTETSTRING(); } // Calculate the hash // Calculate the hash sha256 hash; sha256 hash; std::vector<unsigned char> hashData; std::vector<unsigned char> hashData; // TODO Create SHX interface and add generate method with std::vector // TODO Create SHX interface and add generate method with std::vector std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), static_cast<const unsigned char *>(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof()); std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), static_cast<const unsigned char *>(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof()); hash.generate(tbh, hashData); hash.generate(tbh, hashData); if (p__certificateIssuer == '0000000000000000'O) { hashData += p__certificateIssuer; } // Check the signature // Check the signature std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> pub_key_x(static_cast<const unsigned char *>(p__ecdsaBrainpoolp256PublicKeyX), static_cast<const unsigned char *>(p__ecdsaBrainpoolp256PublicKeyX) + p__ecdsaBrainpoolp256PublicKeyX.lengthof()); std::vector<unsigned char> pub_key_x(static_cast<const unsigned char *>(p__ecdsaBrainpoolp256PublicKeyX), static_cast<const unsigned char *>(p__ecdsaBrainpoolp256PublicKeyX) + p__ecdsaBrainpoolp256PublicKeyX.lengthof()); Loading @@ -285,22 +362,33 @@ namespace LibItsSecurity__Functions * \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyCompressed); * \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyCompressed); * \brief Verify the signature of the specified data * \brief Verify the signature of the specified data * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__certificateIssuer Certificate issuer * \param[in] p__signature The signature * \param[in] p__signature The signature * \param[in] p__ecdsaBrainpoolp384PublicKeyCompressed The compressed public key (x coordinate only) * \param[in] p__ecdsaBrainpoolp384PublicKeyCompressed The compressed public key (x coordinate only) * \return true on success, false otherwise * \return true on success, false otherwise */ */ BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384( BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384( const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__certificateIssuer, const OCTETSTRING& p__signature, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyCompressed, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyCompressed, const INTEGER& p__compressedMode const INTEGER& p__compressedMode ) { ) { // Sanity checks if (p__certificateIssuer.lenthof() != 8) { log("fx__verifyWithEcdsaBrainpoolp384WithSha384: Wrong parameters"); return OCTETSTRING(); } // Calculate the hash // Calculate the hash sha384 hash; sha384 hash; std::vector<unsigned char> hashData; std::vector<unsigned char> hashData; // TODO Create SHX interface and add generate method with std::vector // TODO Create SHX interface and add generate method with std::vector std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), static_cast<const unsigned char *>(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof()); std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), static_cast<const unsigned char *>(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof()); hash.generate(tbh, hashData); hash.generate(tbh, hashData); if (p__certificateIssuer == '0000000000000000'O) { hashData += p__certificateIssuer; } // Check the signature // Check the signature std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> pub_key_compressed(static_cast<const unsigned char *>(p__ecdsaBrainpoolp384PublicKeyCompressed), static_cast<const unsigned char *>(p__ecdsaBrainpoolp384PublicKeyCompressed) + p__ecdsaBrainpoolp384PublicKeyCompressed.lengthof()); std::vector<unsigned char> pub_key_compressed(static_cast<const unsigned char *>(p__ecdsaBrainpoolp384PublicKeyCompressed), static_cast<const unsigned char *>(p__ecdsaBrainpoolp384PublicKeyCompressed) + p__ecdsaBrainpoolp384PublicKeyCompressed.lengthof()); Loading @@ -316,6 +404,7 @@ namespace LibItsSecurity__Functions * \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384_1(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyY); * \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384_1(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyY); * \brief Verify the signature of the specified data * \brief Verify the signature of the specified data * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__certificateIssuer Certificate issuer * \param[in] p__signature The signature * \param[in] p__signature The signature * \param[in] p__ecdsaBrainpoolp384PublicKeyX The public key (x coordinate) * \param[in] p__ecdsaBrainpoolp384PublicKeyX The public key (x coordinate) * \param[in] p__ecdsaBrainpoolp384PublicKeyY The public key (y coordinate) * \param[in] p__ecdsaBrainpoolp384PublicKeyY The public key (y coordinate) Loading @@ -323,16 +412,26 @@ namespace LibItsSecurity__Functions */ */ BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384__1( BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384__1( const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__certificateIssuer, const OCTETSTRING& p__signature, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyY const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyY ) { ) { // Sanity checks if (p__certificateIssuer.lenthof() != 8) { log("fx__verifyWithEcdsaBrainpoolp384WithSha384__1: Wrong parameters"); return OCTETSTRING(); } // Calculate the hash // Calculate the hash sha384 hash; sha384 hash; std::vector<unsigned char> hashData; std::vector<unsigned char> hashData; // TODO Create SHX interface and add generate method with std::vector // TODO Create SHX interface and add generate method with std::vector std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), static_cast<const unsigned char *>(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof()); std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), static_cast<const unsigned char *>(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof()); hash.generate(tbh, hashData); hash.generate(tbh, hashData); if (p__certificateIssuer == '0000000000000000'O) { hashData += p__certificateIssuer; } // Check the signature // Check the signature std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> pub_key_x(static_cast<const unsigned char *>(p__ecdsaBrainpoolp384PublicKeyX), static_cast<const unsigned char *>(p__ecdsaBrainpoolp384PublicKeyX) + p__ecdsaBrainpoolp384PublicKeyX.lengthof()); std::vector<unsigned char> pub_key_x(static_cast<const unsigned char *>(p__ecdsaBrainpoolp384PublicKeyX), static_cast<const unsigned char *>(p__ecdsaBrainpoolp384PublicKeyX) + p__ecdsaBrainpoolp384PublicKeyX.lengthof()); Loading ccsrc/Protocols/Security/certificates_loader.cc +16 −1 Original line number Original line Diff line number Diff line Loading @@ -27,6 +27,8 @@ int certificates_loader::build_path(const std::string& p_root_directory) { // Create directory // Create directory if (!std::experimental::filesystem::create_directory(_full_path)) { if (!std::experimental::filesystem::create_directory(_full_path)) { _full_path = "./"; _full_path = "./"; } else { // Set rights for all users std::experimental::filesystem::permissions(_full_path, std::experimental::filesystem::perms::add_perms | std::experimental::filesystem::perms::owner_all | std::experimental::filesystem::perms::group_all | std::experimental::filesystem::perms::others_all); } } } } } else { } else { Loading Loading @@ -355,6 +357,19 @@ int certificates_loader::save_certificate(const security_db_record& p_certificat os.close(); os.close(); std::experimental::filesystem::permissions(p, std::experimental::filesystem::perms::add_perms | std::experimental::filesystem::perms::owner_all | std::experimental::filesystem::perms::group_all | std::experimental::filesystem::perms::others_all); std::experimental::filesystem::permissions(p, std::experimental::filesystem::perms::add_perms | std::experimental::filesystem::perms::owner_all | std::experimental::filesystem::perms::group_all | std::experimental::filesystem::perms::others_all); // Public compressed key p = _full_path; p /= p_certificate.certificate_id(); p += _publicCompKeysExt; if (std::experimental::filesystem::exists(p)) { std::experimental::filesystem::remove(p); } loggers::get_instance().log("certificates_loader::save_certificate: Public compressed keys file: '%s'", p.string().c_str()); os.open(p.string(), ios::out | ios::binary); os.write(reinterpret_cast<const char *>(p_certificate.public_comp_key().data()), p_certificate.public_comp_key().size()); os.close(); std::experimental::filesystem::permissions(p, std::experimental::filesystem::perms::add_perms | std::experimental::filesystem::perms::owner_all | std::experimental::filesystem::perms::group_all | std::experimental::filesystem::perms::others_all); // Private encryption key // Private encryption key if (p_certificate.private_enc_key().size() != 0) { if (p_certificate.private_enc_key().size() != 0) { p = _full_path; p = _full_path; Loading ccsrc/Protocols/Security/security_ecc.cc +21 −20 Original line number Original line Diff line number Diff line Loading @@ -258,6 +258,8 @@ int security_ecc::generate() { ::BN_init(&y); ::BN_init(&y); ::BN_init(&compressed_y); ::BN_init(&compressed_y); const EC_POINT* ec_point = EC_KEY_get0_public_key(_ec_key); const EC_POINT* ec_point = EC_KEY_get0_public_key(_ec_key); const BIGNUM* p; //do { int result = 0; int result = 0; switch (_elliptic_curve) { switch (_elliptic_curve) { case ec_elliptic_curves::nist_p_256: // Use primary case ec_elliptic_curves::nist_p_256: // Use primary Loading @@ -274,11 +276,9 @@ int security_ecc::generate() { loggers::get_instance().error("security_ecc::generate: Failed to get coordinates"); loggers::get_instance().error("security_ecc::generate: Failed to get coordinates"); return -1; return -1; } } const BIGNUM* p; do { p = ::EC_KEY_get0_private_key(_ec_key); p = ::EC_KEY_get0_private_key(_ec_key); } while (BN_num_bytes(p) == 0); // } while ((BN_num_bytes(p) == 0) || ((BN_num_bytes(p) % 2) == 1)); _pri_key.resize(BN_num_bytes(p)); _pri_key.resize(BN_num_bytes(p)); ::BN_bn2bin(p, _pri_key.data()); ::BN_bn2bin(p, _pri_key.data()); _pub_key_x.resize(BN_num_bytes(&x)); _pub_key_x.resize(BN_num_bytes(&x)); Loading @@ -300,6 +300,7 @@ int security_ecc::generate() { _pub_key_compressed_mode = ((_pub_key_compressed[0] & 0x01) == 0x00) ? ecc_compressed_mode::compressed_y_0 : ecc_compressed_mode::compressed_y_1; _pub_key_compressed_mode = ((_pub_key_compressed[0] & 0x01) == 0x00) ? ecc_compressed_mode::compressed_y_0 : ecc_compressed_mode::compressed_y_1; _pub_key_compressed.erase(_pub_key_compressed.begin()); _pub_key_compressed.erase(_pub_key_compressed.begin()); } } loggers::get_instance().log("security_ecc::generate: _pri_key size=%d", _pri_key.size()); loggers::get_instance().log_to_hexa("security_ecc::generate: _pri_key=", _pri_key.data(), _pri_key.size()); loggers::get_instance().log_to_hexa("security_ecc::generate: _pri_key=", _pri_key.data(), _pri_key.size()); loggers::get_instance().log_to_hexa("security_ecc::generate: _pub_key_x=", _pub_key_x.data(), _pub_key_x.size()); loggers::get_instance().log_to_hexa("security_ecc::generate: _pub_key_x=", _pub_key_x.data(), _pub_key_x.size()); loggers::get_instance().log_to_hexa("security_ecc::generate: _pub_key_y=", _pub_key_y.data(), _pub_key_y.size()); loggers::get_instance().log_to_hexa("security_ecc::generate: _pub_key_y=", _pub_key_y.data(), _pub_key_y.size()); Loading Loading @@ -751,7 +752,7 @@ int security_ecc::sign_verif(const std::vector<unsigned char>& p_data, const std ::BN_bin2bn(p_signature.data(), p_signature.size() / 2, &r); ::BN_bin2bn(p_signature.data(), p_signature.size() / 2, &r); loggers::get_instance().log_to_hexa("security_ecc::sign_verify: r=", p_signature.data(), p_signature.size() / 2); loggers::get_instance().log_to_hexa("security_ecc::sign_verify: r=", p_signature.data(), p_signature.size() / 2); ::BN_bin2bn(p_signature.data() + p_signature.size() / 2, p_signature.size() / 2, &s); ::BN_bin2bn(p_signature.data() + p_signature.size() / 2, p_signature.size() / 2, &s); loggers::get_instance().log_to_hexa("security_ecc::sign_verify: r=", p_signature.data() + p_signature.size() / 2, p_signature.size() / 2); loggers::get_instance().log_to_hexa("security_ecc::sign_verify: s=", p_signature.data() + p_signature.size() / 2, p_signature.size() / 2); ECDSA_SIG *signature = ECDSA_SIG_new(); ECDSA_SIG *signature = ECDSA_SIG_new(); signature->r = &r; signature->r = &r; signature->s = &s; signature->s = &s; Loading Loading
ccsrc/Externals/LibItsSecurity_externals.cc +99 −0 Original line number Original line Diff line number Diff line Loading @@ -54,19 +54,30 @@ namespace LibItsSecurity__Functions * \fn OCTETSTRING fx__signWithEcdsaNistp256WithSha256(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey); * \fn OCTETSTRING fx__signWithEcdsaNistp256WithSha256(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey); * \brief Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature * \brief Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature * \param[in] p__toBeSignedSecuredMessage The data to be signed * \param[in] p__toBeSignedSecuredMessage The data to be signed * \param[in] p__certificateIssuer Certificate issuer * \param[in] p__privateKey The private key * \param[in] p__privateKey The private key * \return The signature value * \return The signature value */ */ OCTETSTRING fx__signWithEcdsaNistp256WithSha256( OCTETSTRING fx__signWithEcdsaNistp256WithSha256( const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__certificateIssuer, const OCTETSTRING& p__privateKey const OCTETSTRING& p__privateKey ) { ) { // Sanity checks if (p__certificateIssuer.lenthof() != 8) { log("fx__signWithEcdsaNistp256WithSha256: Wrong parameters"); return OCTETSTRING(); } // Calculate the SHA256 of the data // Calculate the SHA256 of the data sha256 hash; sha256 hash; std::vector<unsigned char> hashData; std::vector<unsigned char> hashData; // TODO Create SHX interface and add generate method with std::vector // TODO Create SHX interface and add generate method with std::vector std::vector<unsigned char> tbs(static_cast<const unsigned char *>(p__toBeSignedSecuredMessage), p__toBeSignedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeSignedSecuredMessage)); std::vector<unsigned char> tbs(static_cast<const unsigned char *>(p__toBeSignedSecuredMessage), p__toBeSignedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeSignedSecuredMessage)); hash.generate(tbs, hashData); hash.generate(tbs, hashData); if (p__certificateIssuer == '0000000000000000'O) { hashData += p__certificateIssuer; } // Calculate the signature // Calculate the signature std::vector<unsigned char> p_key(static_cast<const unsigned char *>(p__privateKey), static_cast<const unsigned char *>(p__privateKey) + p__privateKey.lengthof()); std::vector<unsigned char> p_key(static_cast<const unsigned char *>(p__privateKey), static_cast<const unsigned char *>(p__privateKey) + p__privateKey.lengthof()); security_ecc k(ec_elliptic_curves::nist_p_256, p_key); security_ecc k(ec_elliptic_curves::nist_p_256, p_key); Loading @@ -88,19 +99,30 @@ namespace LibItsSecurity__Functions * \fn OCTETSTRING fx__signWithEcdsaBrainpoolp256WithSha256(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey); * \fn OCTETSTRING fx__signWithEcdsaBrainpoolp256WithSha256(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey); * \brief Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature * \brief Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature * \param[in] p__toBeSignedSecuredMessage The data to be signed * \param[in] p__toBeSignedSecuredMessage The data to be signed * \param[in] p__certificateIssuer Certificate issuer * \param[in] p__privateKey The private key * \param[in] p__privateKey The private key * \return The signature value * \return The signature value */ */ OCTETSTRING fx__signWithEcdsaBrainpoolp256WithSha256( OCTETSTRING fx__signWithEcdsaBrainpoolp256WithSha256( const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__certificateIssuer, const OCTETSTRING& p__privateKey const OCTETSTRING& p__privateKey ) { ) { // Sanity checks if (p__certificateIssuer.lenthof() != 8) { log("fx__signWithEcdsaBrainpoolp256WithSha256: Wrong parameters"); return OCTETSTRING(); } // Calculate the SHA256 of the data // Calculate the SHA256 of the data sha256 hash; sha256 hash; std::vector<unsigned char> hashData; std::vector<unsigned char> hashData; // TODO Create SHX interface and add generate method with std::vector // TODO Create SHX interface and add generate method with std::vector std::vector<unsigned char> tbs(static_cast<const unsigned char *>(p__toBeSignedSecuredMessage), p__toBeSignedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeSignedSecuredMessage)); std::vector<unsigned char> tbs(static_cast<const unsigned char *>(p__toBeSignedSecuredMessage), p__toBeSignedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeSignedSecuredMessage)); hash.generate(tbs, hashData); hash.generate(tbs, hashData); if (p__certificateIssuer == '0000000000000000'O) { hashData += p__certificateIssuer; } // Calculate the signature // Calculate the signature std::vector<unsigned char> p_key(static_cast<const unsigned char *>(p__privateKey), static_cast<const unsigned char *>(p__privateKey) + p__privateKey.lengthof()); std::vector<unsigned char> p_key(static_cast<const unsigned char *>(p__privateKey), static_cast<const unsigned char *>(p__privateKey) + p__privateKey.lengthof()); security_ecc k(ec_elliptic_curves::brainpool_p_256_r1, p_key); security_ecc k(ec_elliptic_curves::brainpool_p_256_r1, p_key); Loading @@ -122,19 +144,30 @@ namespace LibItsSecurity__Functions * \fn OCTETSTRING fx__signWithEcdsaBrainpoolp384WithSha384(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey); * \fn OCTETSTRING fx__signWithEcdsaBrainpoolp384WithSha384(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey); * \brief Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature * \brief Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature * \param[in] p__toBeSignedSecuredMessage The data to be signed * \param[in] p__toBeSignedSecuredMessage The data to be signed * \param[in] p__certificateIssuer Certificate issuer * \param[in] p__privateKey The private key * \param[in] p__privateKey The private key * \return The signature value * \return The signature value */ */ OCTETSTRING fx__signWithEcdsaBrainpoolp384WithSha384( OCTETSTRING fx__signWithEcdsaBrainpoolp384WithSha384( const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__certificateIssuer, const OCTETSTRING& p__privateKey const OCTETSTRING& p__privateKey ) { ) { // Sanity checks if (p__certificateIssuer.lenthof() != 8) { log("fx__signWithEcdsaBrainpoolp384WithSha384: Wrong parameters"); return OCTETSTRING(); } // Calculate the SHA384 of the data // Calculate the SHA384 of the data sha384 hash; sha384 hash; std::vector<unsigned char> hashData; std::vector<unsigned char> hashData; // TODO Create SHX interface and add generate method with std::vector // TODO Create SHX interface and add generate method with std::vector std::vector<unsigned char> tbs(static_cast<const unsigned char *>(p__toBeSignedSecuredMessage), p__toBeSignedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeSignedSecuredMessage)); std::vector<unsigned char> tbs(static_cast<const unsigned char *>(p__toBeSignedSecuredMessage), p__toBeSignedSecuredMessage.lengthof() + static_cast<const unsigned char *>(p__toBeSignedSecuredMessage)); hash.generate(tbs, hashData); hash.generate(tbs, hashData); if (p__certificateIssuer == '0000000000000000'O) { hashData += p__certificateIssuer; } // Calculate the signature // Calculate the signature std::vector<unsigned char> p_key(static_cast<const unsigned char *>(p__privateKey), static_cast<const unsigned char *>(p__privateKey) + p__privateKey.lengthof()); std::vector<unsigned char> p_key(static_cast<const unsigned char *>(p__privateKey), static_cast<const unsigned char *>(p__privateKey) + p__privateKey.lengthof()); security_ecc k(ec_elliptic_curves::brainpool_p_384_r1, p_key); security_ecc k(ec_elliptic_curves::brainpool_p_384_r1, p_key); Loading @@ -156,22 +189,33 @@ namespace LibItsSecurity__Functions * \fn BOOLEAN fx__verifyWithEcdsaNistp256WithSha256(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaNistp256PublicKeyCompressed); * \fn BOOLEAN fx__verifyWithEcdsaNistp256WithSha256(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaNistp256PublicKeyCompressed); * \brief Verify the signature of the specified data * \brief Verify the signature of the specified data * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__certificateIssuer Certificate issuer * \param[in] p__signature The signature * \param[in] p__signature The signature * \param[in] p__ecdsaNistp256PublicKeyCompressed The compressed public key (x coordinate only) * \param[in] p__ecdsaNistp256PublicKeyCompressed The compressed public key (x coordinate only) * \return true on success, false otherwise * \return true on success, false otherwise */ */ BOOLEAN fx__verifyWithEcdsaNistp256WithSha256( BOOLEAN fx__verifyWithEcdsaNistp256WithSha256( const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__certificateIssuer, const OCTETSTRING& p__signature, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaNistp256PublicKeyCompressed, const OCTETSTRING& p__ecdsaNistp256PublicKeyCompressed, const INTEGER& p__compressedMode const INTEGER& p__compressedMode ) { ) { // Sanity checks if (p__certificateIssuer.lenthof() != 8) { log("fx__verifyWithEcdsaNistp256WithSha256: Wrong parameters"); return OCTETSTRING(); } // Calculate the hash // Calculate the hash sha256 hash; sha256 hash; std::vector<unsigned char> hashData; std::vector<unsigned char> hashData; // TODO Create SHX interface and add generate method with std::vector // TODO Create SHX interface and add generate method with std::vector std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), static_cast<const unsigned char *>(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof()); std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), static_cast<const unsigned char *>(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof()); hash.generate(tbh, hashData); hash.generate(tbh, hashData); if (p__certificateIssuer == '0000000000000000'O) { hashData += p__certificateIssuer; } // Check the signature // Check the signature std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> pub_key_compressed(static_cast<const unsigned char *>(p__ecdsaNistp256PublicKeyCompressed), static_cast<const unsigned char *>(p__ecdsaNistp256PublicKeyCompressed) + p__ecdsaNistp256PublicKeyCompressed.lengthof()); std::vector<unsigned char> pub_key_compressed(static_cast<const unsigned char *>(p__ecdsaNistp256PublicKeyCompressed), static_cast<const unsigned char *>(p__ecdsaNistp256PublicKeyCompressed) + p__ecdsaNistp256PublicKeyCompressed.lengthof()); Loading @@ -187,6 +231,7 @@ namespace LibItsSecurity__Functions * \fn BOOLEAN fx__verifyWithEcdsaNistp256WithSha256_1(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaNistp256PublicKeyX, const OCTETSTRING& p__ecdsaNistp256PublicKeyY); * \fn BOOLEAN fx__verifyWithEcdsaNistp256WithSha256_1(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaNistp256PublicKeyX, const OCTETSTRING& p__ecdsaNistp256PublicKeyY); * \brief Verify the signature of the specified data * \brief Verify the signature of the specified data * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__certificateIssuer Certificate issuer * \param[in] p__signature The signature * \param[in] p__signature The signature * \param[in] p__ecdsaNistp256PublicKeyX The public key (x coordinate) * \param[in] p__ecdsaNistp256PublicKeyX The public key (x coordinate) * \param[in] p__ecdsaNistp256PublicKeyY The public key (y coordinate) * \param[in] p__ecdsaNistp256PublicKeyY The public key (y coordinate) Loading @@ -194,16 +239,26 @@ namespace LibItsSecurity__Functions */ */ BOOLEAN fx__verifyWithEcdsaNistp256WithSha256__1( BOOLEAN fx__verifyWithEcdsaNistp256WithSha256__1( const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__certificateIssuer, const OCTETSTRING& p__signature, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaNistp256PublicKeyX, const OCTETSTRING& p__ecdsaNistp256PublicKeyX, const OCTETSTRING& p__ecdsaNistp256PublicKeyY const OCTETSTRING& p__ecdsaNistp256PublicKeyY ) { ) { // Sanity checks if (p__certificateIssuer.lenthof() != 8) { log("fx__verifyWithEcdsaNistp256WithSha256__1: Wrong parameters"); return OCTETSTRING(); } // Calculate the hash // Calculate the hash sha256 hash; sha256 hash; std::vector<unsigned char> hashData; std::vector<unsigned char> hashData; // TODO Create SHX interface and add generate method with std::vector // TODO Create SHX interface and add generate method with std::vector std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), static_cast<const unsigned char *>(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof()); std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), static_cast<const unsigned char *>(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof()); hash.generate(tbh, hashData); hash.generate(tbh, hashData); if (p__certificateIssuer == '0000000000000000'O) { hashData += p__certificateIssuer; } // Check the signature // Check the signature std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> pub_key_x(static_cast<const unsigned char *>(p__ecdsaNistp256PublicKeyX), static_cast<const unsigned char *>(p__ecdsaNistp256PublicKeyX) + p__ecdsaNistp256PublicKeyX.lengthof()); std::vector<unsigned char> pub_key_x(static_cast<const unsigned char *>(p__ecdsaNistp256PublicKeyX), static_cast<const unsigned char *>(p__ecdsaNistp256PublicKeyX) + p__ecdsaNistp256PublicKeyX.lengthof()); Loading @@ -221,22 +276,33 @@ namespace LibItsSecurity__Functions * \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyCompressed); * \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyCompressed); * \brief Verify the signature of the specified data * \brief Verify the signature of the specified data * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__certificateIssuer Certificate issuer * \param[in] p__signature The signature * \param[in] p__signature The signature * \param[in] p__ecdsaBrainpoolp256PublicKeyCompressed The compressed public key (x coordinate only) * \param[in] p__ecdsaBrainpoolp256PublicKeyCompressed The compressed public key (x coordinate only) * \return true on success, false otherwise * \return true on success, false otherwise */ */ BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256( BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256( const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__certificateIssuer, const OCTETSTRING& p__signature, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyCompressed, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyCompressed, const INTEGER& p__compressedMode const INTEGER& p__compressedMode ) { ) { // Sanity checks if (p__certificateIssuer.lenthof() != 8) { log("fx__verifyWithEcdsaBrainpoolp256WithSha256: Wrong parameters"); return OCTETSTRING(); } // Calculate the hash // Calculate the hash sha256 hash; sha256 hash; std::vector<unsigned char> hashData; std::vector<unsigned char> hashData; // TODO Create SHX interface and add generate method with std::vector // TODO Create SHX interface and add generate method with std::vector std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), static_cast<const unsigned char *>(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof()); std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), static_cast<const unsigned char *>(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof()); hash.generate(tbh, hashData); hash.generate(tbh, hashData); if (p__certificateIssuer == '0000000000000000'O) { hashData += p__certificateIssuer; } // Check the signature // Check the signature std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> pub_key_compressed(static_cast<const unsigned char *>(p__ecdsaBrainpoolp256PublicKeyCompressed), static_cast<const unsigned char *>(p__ecdsaBrainpoolp256PublicKeyCompressed) + p__ecdsaBrainpoolp256PublicKeyCompressed.lengthof()); std::vector<unsigned char> pub_key_compressed(static_cast<const unsigned char *>(p__ecdsaBrainpoolp256PublicKeyCompressed), static_cast<const unsigned char *>(p__ecdsaBrainpoolp256PublicKeyCompressed) + p__ecdsaBrainpoolp256PublicKeyCompressed.lengthof()); Loading @@ -252,6 +318,7 @@ namespace LibItsSecurity__Functions * \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256_1(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyY); * \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256_1(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyY); * \brief Verify the signature of the specified data * \brief Verify the signature of the specified data * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__certificateIssuer Certificate issuer * \param[in] p__signature The signature * \param[in] p__signature The signature * \param[in] p__ecdsaBrainpoolp256PublicKeyX The public key (x coordinate) * \param[in] p__ecdsaBrainpoolp256PublicKeyX The public key (x coordinate) * \param[in] p__ecdsaBrainpoolp256PublicKeyY The public key (y coordinate) * \param[in] p__ecdsaBrainpoolp256PublicKeyY The public key (y coordinate) Loading @@ -259,16 +326,26 @@ namespace LibItsSecurity__Functions */ */ BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256__1( BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256__1( const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__certificateIssuer, const OCTETSTRING& p__signature, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyY const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyY ) { ) { // Sanity checks if (p__certificateIssuer.lenthof() != 8) { log("fx__verifyWithEcdsaBrainpoolp256WithSha256__1: Wrong parameters"); return OCTETSTRING(); } // Calculate the hash // Calculate the hash sha256 hash; sha256 hash; std::vector<unsigned char> hashData; std::vector<unsigned char> hashData; // TODO Create SHX interface and add generate method with std::vector // TODO Create SHX interface and add generate method with std::vector std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), static_cast<const unsigned char *>(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof()); std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), static_cast<const unsigned char *>(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof()); hash.generate(tbh, hashData); hash.generate(tbh, hashData); if (p__certificateIssuer == '0000000000000000'O) { hashData += p__certificateIssuer; } // Check the signature // Check the signature std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> pub_key_x(static_cast<const unsigned char *>(p__ecdsaBrainpoolp256PublicKeyX), static_cast<const unsigned char *>(p__ecdsaBrainpoolp256PublicKeyX) + p__ecdsaBrainpoolp256PublicKeyX.lengthof()); std::vector<unsigned char> pub_key_x(static_cast<const unsigned char *>(p__ecdsaBrainpoolp256PublicKeyX), static_cast<const unsigned char *>(p__ecdsaBrainpoolp256PublicKeyX) + p__ecdsaBrainpoolp256PublicKeyX.lengthof()); Loading @@ -285,22 +362,33 @@ namespace LibItsSecurity__Functions * \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyCompressed); * \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyCompressed); * \brief Verify the signature of the specified data * \brief Verify the signature of the specified data * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__certificateIssuer Certificate issuer * \param[in] p__signature The signature * \param[in] p__signature The signature * \param[in] p__ecdsaBrainpoolp384PublicKeyCompressed The compressed public key (x coordinate only) * \param[in] p__ecdsaBrainpoolp384PublicKeyCompressed The compressed public key (x coordinate only) * \return true on success, false otherwise * \return true on success, false otherwise */ */ BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384( BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384( const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__certificateIssuer, const OCTETSTRING& p__signature, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyCompressed, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyCompressed, const INTEGER& p__compressedMode const INTEGER& p__compressedMode ) { ) { // Sanity checks if (p__certificateIssuer.lenthof() != 8) { log("fx__verifyWithEcdsaBrainpoolp384WithSha384: Wrong parameters"); return OCTETSTRING(); } // Calculate the hash // Calculate the hash sha384 hash; sha384 hash; std::vector<unsigned char> hashData; std::vector<unsigned char> hashData; // TODO Create SHX interface and add generate method with std::vector // TODO Create SHX interface and add generate method with std::vector std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), static_cast<const unsigned char *>(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof()); std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), static_cast<const unsigned char *>(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof()); hash.generate(tbh, hashData); hash.generate(tbh, hashData); if (p__certificateIssuer == '0000000000000000'O) { hashData += p__certificateIssuer; } // Check the signature // Check the signature std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> pub_key_compressed(static_cast<const unsigned char *>(p__ecdsaBrainpoolp384PublicKeyCompressed), static_cast<const unsigned char *>(p__ecdsaBrainpoolp384PublicKeyCompressed) + p__ecdsaBrainpoolp384PublicKeyCompressed.lengthof()); std::vector<unsigned char> pub_key_compressed(static_cast<const unsigned char *>(p__ecdsaBrainpoolp384PublicKeyCompressed), static_cast<const unsigned char *>(p__ecdsaBrainpoolp384PublicKeyCompressed) + p__ecdsaBrainpoolp384PublicKeyCompressed.lengthof()); Loading @@ -316,6 +404,7 @@ namespace LibItsSecurity__Functions * \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384_1(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyY); * \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384_1(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyY); * \brief Verify the signature of the specified data * \brief Verify the signature of the specified data * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__certificateIssuer Certificate issuer * \param[in] p__signature The signature * \param[in] p__signature The signature * \param[in] p__ecdsaBrainpoolp384PublicKeyX The public key (x coordinate) * \param[in] p__ecdsaBrainpoolp384PublicKeyX The public key (x coordinate) * \param[in] p__ecdsaBrainpoolp384PublicKeyY The public key (y coordinate) * \param[in] p__ecdsaBrainpoolp384PublicKeyY The public key (y coordinate) Loading @@ -323,16 +412,26 @@ namespace LibItsSecurity__Functions */ */ BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384__1( BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384__1( const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__certificateIssuer, const OCTETSTRING& p__signature, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyY const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyY ) { ) { // Sanity checks if (p__certificateIssuer.lenthof() != 8) { log("fx__verifyWithEcdsaBrainpoolp384WithSha384__1: Wrong parameters"); return OCTETSTRING(); } // Calculate the hash // Calculate the hash sha384 hash; sha384 hash; std::vector<unsigned char> hashData; std::vector<unsigned char> hashData; // TODO Create SHX interface and add generate method with std::vector // TODO Create SHX interface and add generate method with std::vector std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), static_cast<const unsigned char *>(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof()); std::vector<unsigned char> tbh(static_cast<const unsigned char *>(p__toBeVerifiedData), static_cast<const unsigned char *>(p__toBeVerifiedData) + p__toBeVerifiedData.lengthof()); hash.generate(tbh, hashData); hash.generate(tbh, hashData); if (p__certificateIssuer == '0000000000000000'O) { hashData += p__certificateIssuer; } // Check the signature // Check the signature std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> signature(static_cast<const unsigned char *>(p__signature), static_cast<const unsigned char *>(p__signature) + p__signature.lengthof()); std::vector<unsigned char> pub_key_x(static_cast<const unsigned char *>(p__ecdsaBrainpoolp384PublicKeyX), static_cast<const unsigned char *>(p__ecdsaBrainpoolp384PublicKeyX) + p__ecdsaBrainpoolp384PublicKeyX.lengthof()); std::vector<unsigned char> pub_key_x(static_cast<const unsigned char *>(p__ecdsaBrainpoolp384PublicKeyX), static_cast<const unsigned char *>(p__ecdsaBrainpoolp384PublicKeyX) + p__ecdsaBrainpoolp384PublicKeyX.lengthof()); Loading
ccsrc/Protocols/Security/certificates_loader.cc +16 −1 Original line number Original line Diff line number Diff line Loading @@ -27,6 +27,8 @@ int certificates_loader::build_path(const std::string& p_root_directory) { // Create directory // Create directory if (!std::experimental::filesystem::create_directory(_full_path)) { if (!std::experimental::filesystem::create_directory(_full_path)) { _full_path = "./"; _full_path = "./"; } else { // Set rights for all users std::experimental::filesystem::permissions(_full_path, std::experimental::filesystem::perms::add_perms | std::experimental::filesystem::perms::owner_all | std::experimental::filesystem::perms::group_all | std::experimental::filesystem::perms::others_all); } } } } } else { } else { Loading Loading @@ -355,6 +357,19 @@ int certificates_loader::save_certificate(const security_db_record& p_certificat os.close(); os.close(); std::experimental::filesystem::permissions(p, std::experimental::filesystem::perms::add_perms | std::experimental::filesystem::perms::owner_all | std::experimental::filesystem::perms::group_all | std::experimental::filesystem::perms::others_all); std::experimental::filesystem::permissions(p, std::experimental::filesystem::perms::add_perms | std::experimental::filesystem::perms::owner_all | std::experimental::filesystem::perms::group_all | std::experimental::filesystem::perms::others_all); // Public compressed key p = _full_path; p /= p_certificate.certificate_id(); p += _publicCompKeysExt; if (std::experimental::filesystem::exists(p)) { std::experimental::filesystem::remove(p); } loggers::get_instance().log("certificates_loader::save_certificate: Public compressed keys file: '%s'", p.string().c_str()); os.open(p.string(), ios::out | ios::binary); os.write(reinterpret_cast<const char *>(p_certificate.public_comp_key().data()), p_certificate.public_comp_key().size()); os.close(); std::experimental::filesystem::permissions(p, std::experimental::filesystem::perms::add_perms | std::experimental::filesystem::perms::owner_all | std::experimental::filesystem::perms::group_all | std::experimental::filesystem::perms::others_all); // Private encryption key // Private encryption key if (p_certificate.private_enc_key().size() != 0) { if (p_certificate.private_enc_key().size() != 0) { p = _full_path; p = _full_path; Loading
ccsrc/Protocols/Security/security_ecc.cc +21 −20 Original line number Original line Diff line number Diff line Loading @@ -258,6 +258,8 @@ int security_ecc::generate() { ::BN_init(&y); ::BN_init(&y); ::BN_init(&compressed_y); ::BN_init(&compressed_y); const EC_POINT* ec_point = EC_KEY_get0_public_key(_ec_key); const EC_POINT* ec_point = EC_KEY_get0_public_key(_ec_key); const BIGNUM* p; //do { int result = 0; int result = 0; switch (_elliptic_curve) { switch (_elliptic_curve) { case ec_elliptic_curves::nist_p_256: // Use primary case ec_elliptic_curves::nist_p_256: // Use primary Loading @@ -274,11 +276,9 @@ int security_ecc::generate() { loggers::get_instance().error("security_ecc::generate: Failed to get coordinates"); loggers::get_instance().error("security_ecc::generate: Failed to get coordinates"); return -1; return -1; } } const BIGNUM* p; do { p = ::EC_KEY_get0_private_key(_ec_key); p = ::EC_KEY_get0_private_key(_ec_key); } while (BN_num_bytes(p) == 0); // } while ((BN_num_bytes(p) == 0) || ((BN_num_bytes(p) % 2) == 1)); _pri_key.resize(BN_num_bytes(p)); _pri_key.resize(BN_num_bytes(p)); ::BN_bn2bin(p, _pri_key.data()); ::BN_bn2bin(p, _pri_key.data()); _pub_key_x.resize(BN_num_bytes(&x)); _pub_key_x.resize(BN_num_bytes(&x)); Loading @@ -300,6 +300,7 @@ int security_ecc::generate() { _pub_key_compressed_mode = ((_pub_key_compressed[0] & 0x01) == 0x00) ? ecc_compressed_mode::compressed_y_0 : ecc_compressed_mode::compressed_y_1; _pub_key_compressed_mode = ((_pub_key_compressed[0] & 0x01) == 0x00) ? ecc_compressed_mode::compressed_y_0 : ecc_compressed_mode::compressed_y_1; _pub_key_compressed.erase(_pub_key_compressed.begin()); _pub_key_compressed.erase(_pub_key_compressed.begin()); } } loggers::get_instance().log("security_ecc::generate: _pri_key size=%d", _pri_key.size()); loggers::get_instance().log_to_hexa("security_ecc::generate: _pri_key=", _pri_key.data(), _pri_key.size()); loggers::get_instance().log_to_hexa("security_ecc::generate: _pri_key=", _pri_key.data(), _pri_key.size()); loggers::get_instance().log_to_hexa("security_ecc::generate: _pub_key_x=", _pub_key_x.data(), _pub_key_x.size()); loggers::get_instance().log_to_hexa("security_ecc::generate: _pub_key_x=", _pub_key_x.data(), _pub_key_x.size()); loggers::get_instance().log_to_hexa("security_ecc::generate: _pub_key_y=", _pub_key_y.data(), _pub_key_y.size()); loggers::get_instance().log_to_hexa("security_ecc::generate: _pub_key_y=", _pub_key_y.data(), _pub_key_y.size()); Loading Loading @@ -751,7 +752,7 @@ int security_ecc::sign_verif(const std::vector<unsigned char>& p_data, const std ::BN_bin2bn(p_signature.data(), p_signature.size() / 2, &r); ::BN_bin2bn(p_signature.data(), p_signature.size() / 2, &r); loggers::get_instance().log_to_hexa("security_ecc::sign_verify: r=", p_signature.data(), p_signature.size() / 2); loggers::get_instance().log_to_hexa("security_ecc::sign_verify: r=", p_signature.data(), p_signature.size() / 2); ::BN_bin2bn(p_signature.data() + p_signature.size() / 2, p_signature.size() / 2, &s); ::BN_bin2bn(p_signature.data() + p_signature.size() / 2, p_signature.size() / 2, &s); loggers::get_instance().log_to_hexa("security_ecc::sign_verify: r=", p_signature.data() + p_signature.size() / 2, p_signature.size() / 2); loggers::get_instance().log_to_hexa("security_ecc::sign_verify: s=", p_signature.data() + p_signature.size() / 2, p_signature.size() / 2); ECDSA_SIG *signature = ECDSA_SIG_new(); ECDSA_SIG *signature = ECDSA_SIG_new(); signature->r = &r; signature->r = &r; signature->s = &s; signature->s = &s; Loading
