From 3ba8e0e23a28421d43a23bb0421076711df93671 Mon Sep 17 00:00:00 2001 From: garciay Date: Sun, 29 Mar 2020 09:23:03 +0200 Subject: [PATCH] Unify security external function names --- ccsrc/Externals/LibItsSecurity_externals.cc | 245 ++++++++---------- ccsrc/Protocols/Http/http_codec.cc | 18 +- ccsrc/Protocols/Http/http_codec.hh | 8 +- ccsrc/Protocols/Security/security_services.cc | 4 +- scripts/update_its_project.bash | 4 +- ttcn/LibIts | 2 +- 6 files changed, 132 insertions(+), 149 deletions(-) diff --git a/ccsrc/Externals/LibItsSecurity_externals.cc b/ccsrc/Externals/LibItsSecurity_externals.cc index a3810b395..0600f3742 100644 --- a/ccsrc/Externals/LibItsSecurity_externals.cc +++ b/ccsrc/Externals/LibItsSecurity_externals.cc @@ -160,21 +160,21 @@ namespace LibItsSecurity__Functions } /** - * \fn OCTETSTRING fx__signWithEcdsaBrainpoolp256WithSha256(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey); + * \fn OCTETSTRING fx__signWithEcdsaBrainpoolp256r1WithSha256(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey); * \brief Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature based on standard IEEE 1609.2 * \param[in] p__toBeSignedSecuredMessage The data to be signed * \param[in] p__certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate * \param[in] p__privateKey The private key * \return The signature value */ - OCTETSTRING fx__signWithEcdsaBrainpoolp256WithSha256( + OCTETSTRING fx__signWithEcdsaBrainpoolp256r1WithSha256( const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__certificateIssuer, const OCTETSTRING& p__privateKey ) { // Sanity checks if ((p__certificateIssuer.lengthof() != 32) || (p__privateKey.lengthof() != 32)) { - loggers::get_instance().log("fx__signWithEcdsaBrainpoolp256WithSha256: Wrong parameters"); + loggers::get_instance().log("fx__signWithEcdsaBrainpoolp256r1WithSha256: Wrong parameters"); return OCTETSTRING(0, nullptr); } @@ -188,12 +188,12 @@ namespace LibItsSecurity__Functions } else { hashData2 = hash.get_sha256_empty_string(); // Hash of empty string } - loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp256WithSha256: Hash (Data input)=", hashData1); - loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp256WithSha256: Hash (Signer identifier input)=", hashData2); + loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp256r1WithSha256: Hash (Data input)=", hashData1); + loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp256r1WithSha256: Hash (Signer identifier input)=", hashData2); hashData1 += hashData2; // Hash (Data input) || Hash (Signer identifier input) OCTETSTRING hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) ) hash.generate(hashData1, hashData); - loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp256WithSha256: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData); + loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp256r1WithSha256: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData); // Calculate the signature security_ecc k(ec_elliptic_curves::brainpool_p_256_r1, p__privateKey); OCTETSTRING r_sig; @@ -210,21 +210,21 @@ namespace LibItsSecurity__Functions } /** - * \fn OCTETSTRING fx__signWithEcdsaBrainpoolp384WithSha384(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey); + * \fn OCTETSTRING fx__signWithEcdsaBrainpoolp384r1WithSha384(const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__privateKey); * \brief Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature based on standard IEEE 1609.2 * \param[in] p__toBeSignedSecuredMessage The data to be signed * \param[in] p__certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate * \param[in] p__privateKey The private key * \return The signature value */ - OCTETSTRING fx__signWithEcdsaBrainpoolp384WithSha384( + OCTETSTRING fx__signWithEcdsaBrainpoolp384r1WithSha384( const OCTETSTRING& p__toBeSignedSecuredMessage, const OCTETSTRING& p__certificateIssuer, const OCTETSTRING& p__privateKey ) { // Sanity checks if ((p__certificateIssuer.lengthof() != 48) || (p__privateKey.lengthof() != 48)) { - loggers::get_instance().log("fx__signWithEcdsaBrainpoolp384WithSha384: Wrong parameters"); + loggers::get_instance().log("fx__signWithEcdsaBrainpoolp384r1WithSha384: Wrong parameters"); return OCTETSTRING(0, nullptr); } @@ -238,21 +238,21 @@ namespace LibItsSecurity__Functions } else { hashData2 = hash.get_sha384_empty_string(); // Hash of empty string } - loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp384WithSha384: Hash (Data input)=", hashData1); - loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp384WithSha384: Hash (Signer identifier input)=", hashData2); + loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp384r1WithSha384: Hash (Data input)=", hashData1); + loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp384r1WithSha384: Hash (Signer identifier input)=", hashData2); hashData1 += hashData2; // Hash (Data input) || Hash (Signer identifier input) OCTETSTRING hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) ) hash.generate(hashData1, hashData); - loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp384WithSha384: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData); + loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp384r1WithSha384: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData); // Calculate the signature security_ecc k(ec_elliptic_curves::brainpool_p_384_r1, p__privateKey); OCTETSTRING r_sig; OCTETSTRING s_sig; if (k.sign(hashData, r_sig, s_sig) == 0) { OCTETSTRING os = r_sig + s_sig; - loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp384WithSha384: r_sig= ", r_sig); - loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp384WithSha384: s_sig= ", s_sig); - loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp384WithSha384: sig= ", os); + loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp384r1WithSha384: r_sig= ", r_sig); + loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp384r1WithSha384: s_sig= ", s_sig); + loggers::get_instance().log_msg("fx__signWithEcdsaBrainpoolp384r1WithSha384: sig= ", os); return os; } @@ -390,7 +390,7 @@ namespace LibItsSecurity__Functions } /** - * \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyCompressed); + * \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp256r1WithSha256(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyCompressed); * \brief Verify the signature of the specified data based on standard IEEE 1609.2 * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate @@ -398,7 +398,7 @@ namespace LibItsSecurity__Functions * \param[in] p__ecdsaBrainpoolp256PublicKeyCompressed The compressed public key (x coordinate only) * \return true on success, false otherwise */ - BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256( + BOOLEAN fx__verifyWithEcdsaBrainpoolp256r1WithSha256( const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__certificateIssuer, const OCTETSTRING& p__signature, @@ -407,7 +407,7 @@ namespace LibItsSecurity__Functions ) { // Sanity checks if ((p__certificateIssuer.lengthof() != 32) || (p__signature.lengthof() != 64) || (p__ecdsaBrainpoolp256PublicKeyCompressed.lengthof() != 32)) { - loggers::get_instance().log("fx__verifyWithEcdsaBrainpoolp256WithSha256: Wrong parameters"); + loggers::get_instance().log("fx__verifyWithEcdsaBrainpoolp256r1WithSha256: Wrong parameters"); return FALSE; } @@ -421,12 +421,12 @@ namespace LibItsSecurity__Functions } else { hashData2 = hash.get_sha256_empty_string(); // Hash of empty string } - loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp256WithSha256: Hash (Data input)=", hashData1); - loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp256WithSha256: Hash (Signer identifier input)=", hashData2); + loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp256r1WithSha256: Hash (Data input)=", hashData1); + loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp256r1WithSha256: Hash (Signer identifier input)=", hashData2); hashData1 += hashData2; // Hash (Data input) || Hash (Signer identifier input) OCTETSTRING hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) ) hash.generate(hashData1, hashData); - loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp256WithSha256: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData); + loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp256r1WithSha256: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData); // Check the signature security_ecc k(ec_elliptic_curves::brainpool_p_256_r1, p__ecdsaBrainpoolp256PublicKeyCompressed, (p__compressedMode == 0) ? ecc_compressed_mode::compressed_y_0 : ecc_compressed_mode::compressed_y_1); if (k.sign_verif(hashData, p__signature) == 0) { @@ -437,7 +437,7 @@ namespace LibItsSecurity__Functions } /** - * \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256_1(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyY); + * \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp256r1WithSha256_1(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp256PublicKeyY); * \brief Verify the signature of the specified data based on standard IEEE 1609.2 * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate @@ -446,7 +446,7 @@ namespace LibItsSecurity__Functions * \param[in] p__ecdsaBrainpoolp256PublicKeyY The public key (y coordinate) * \return true on success, false otherwise */ - BOOLEAN fx__verifyWithEcdsaBrainpoolp256WithSha256__1( + BOOLEAN fx__verifyWithEcdsaBrainpoolp256r1WithSha256__1( const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__certificateIssuer, const OCTETSTRING& p__signature, @@ -455,7 +455,7 @@ namespace LibItsSecurity__Functions ) { // Sanity checks if ((p__certificateIssuer.lengthof() != 32) || (p__signature.lengthof() != 64) || (p__ecdsaBrainpoolp256PublicKeyX.lengthof() != 32) || (p__ecdsaBrainpoolp256PublicKeyY.lengthof() != 32)) { - loggers::get_instance().log("fx__verifyWithEcdsaBrainpoolp256WithSha256__1: Wrong parameters"); + loggers::get_instance().log("fx__verifyWithEcdsaBrainpoolp256r1WithSha256__1: Wrong parameters"); return FALSE; } @@ -469,12 +469,12 @@ namespace LibItsSecurity__Functions } else { hashData2 = hash.get_sha256_empty_string(); // Hash of empty string } - loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp256WithSha256__1: Hash (Data input)=", hashData1); - loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp256WithSha256__1: Hash (Signer identifier input)=", hashData2); + loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp256r1WithSha256__1: Hash (Data input)=", hashData1); + loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp256r1WithSha256__1: Hash (Signer identifier input)=", hashData2); hashData1 += hashData2; // Hash (Data input) || Hash (Signer identifier input) OCTETSTRING hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) ) hash.generate(hashData1, hashData); - loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp256WithSha256__1: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData); + loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp256r1WithSha256__1: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData); // Check the signature security_ecc k(ec_elliptic_curves::brainpool_p_256_r1, p__ecdsaBrainpoolp256PublicKeyX, p__ecdsaBrainpoolp256PublicKeyY); if (k.sign_verif(hashData, p__signature) == 0) { @@ -485,7 +485,7 @@ namespace LibItsSecurity__Functions } /** - * \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyCompressed); + * \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp384r1WithSha384(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyCompressed); * \brief Verify the signature of the specified data based on standard IEEE 1609.2 * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate @@ -493,7 +493,7 @@ namespace LibItsSecurity__Functions * \param[in] p__ecdsaBrainpoolp384PublicKeyCompressed The compressed public key (x coordinate only) * \return true on success, false otherwise */ - BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384( + BOOLEAN fx__verifyWithEcdsaBrainpoolp384r1WithSha384( const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__certificateIssuer, const OCTETSTRING& p__signature, @@ -502,7 +502,7 @@ namespace LibItsSecurity__Functions ) { // Sanity checks if ((p__certificateIssuer.lengthof() != 48) || (p__signature.lengthof() != 96) || (p__ecdsaBrainpoolp384PublicKeyCompressed.lengthof() != 48)) { - loggers::get_instance().log("fx__verifyWithEcdsaBrainpoolp384WithSha384: Wrong parameters"); + loggers::get_instance().log("fx__verifyWithEcdsaBrainpoolp384r1WithSha384: Wrong parameters"); return FALSE; } @@ -516,12 +516,12 @@ namespace LibItsSecurity__Functions } else { hashData2 = hash.get_sha384_empty_string(); // Hash of empty string } - loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp384WithSha384: Hash (Data input)=", hashData1); - loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp384WithSha384: Hash (Signer identifier input)=", hashData2); + loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp384r1WithSha384: Hash (Data input)=", hashData1); + loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp384r1WithSha384: Hash (Signer identifier input)=", hashData2); hashData1 += hashData2; // Hash (Data input) || Hash (Signer identifier input) OCTETSTRING hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) ) hash.generate(hashData1, hashData); - loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp384WithSha384: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData); + loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp384r1WithSha384: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData); // Check the signature security_ecc k(ec_elliptic_curves::brainpool_p_384_r1, p__ecdsaBrainpoolp384PublicKeyCompressed, (p__compressedMode == 0) ? ecc_compressed_mode::compressed_y_0 : ecc_compressed_mode::compressed_y_1); if (k.sign_verif(hashData, p__signature) == 0) { @@ -532,7 +532,7 @@ namespace LibItsSecurity__Functions } /** - * \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384_1(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyY); + * \fn BOOLEAN fx__verifyWithEcdsaBrainpoolp384r1WithSha384_1(const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__signature, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyX, const OCTETSTRING& p__ecdsaBrainpoolp384PublicKeyY); * \brief Verify the signature of the specified data based on standard IEEE 1609.2 * \param[in] p__toBeVerifiedData The data to be verified * \param[in] p__certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate @@ -541,7 +541,7 @@ namespace LibItsSecurity__Functions * \param[in] p__ecdsaBrainpoolp384PublicKeyY The public key (y coordinate) * \return true on success, false otherwise */ - BOOLEAN fx__verifyWithEcdsaBrainpoolp384WithSha384__1( + BOOLEAN fx__verifyWithEcdsaBrainpoolp384r1WithSha384__1( const OCTETSTRING& p__toBeVerifiedData, const OCTETSTRING& p__certificateIssuer, const OCTETSTRING& p__signature, @@ -550,7 +550,7 @@ namespace LibItsSecurity__Functions ) { // Sanity checks if ((p__certificateIssuer.lengthof() != 48) || (p__signature.lengthof() != 96) || (p__ecdsaBrainpoolp384PublicKeyX.lengthof() != 48) || (p__ecdsaBrainpoolp384PublicKeyY.lengthof() != 48)) { - loggers::get_instance().log("fx__verifyWithEcdsaBrainpoolp384WithSha384__1: Wrong parameters"); + loggers::get_instance().log("fx__verifyWithEcdsaBrainpoolp384r1WithSha384__1: Wrong parameters"); return FALSE; } @@ -564,12 +564,12 @@ namespace LibItsSecurity__Functions } else { hashData2 = hash.get_sha384_empty_string(); // Hash of empty string } - loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp384WithSha384: Hash (Data input)=", hashData1); - loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp384WithSha384: Hash (Signer identifier input)=", hashData2); + loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp384r1WithSha384: Hash (Data input)=", hashData1); + loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp384r1WithSha384: Hash (Signer identifier input)=", hashData2); hashData1 += hashData2; // Hash (Data input) || Hash (Signer identifier input) OCTETSTRING hashData; // Hash ( Hash (Data input) || Hash (Signer identifier input) ) hash.generate(hashData1, hashData); - loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp384WithSha384: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData); + loggers::get_instance().log_msg("fx__verifyWithEcdsaBrainpoolp384r1WithSha384: Hash ( Hash (Data input) || Hash (Signer identifier input) )=", hashData); // Check the signature security_ecc k(ec_elliptic_curves::brainpool_p_384_r1, p__ecdsaBrainpoolp384PublicKeyX, p__ecdsaBrainpoolp384PublicKeyY); if (k.sign_verif(hashData, p__signature) == 0) { @@ -689,36 +689,27 @@ namespace LibItsSecurity__Functions * \param[out] p__encrypted__sym__key The encrypted AES 128 symmetric key * \param[out] p__authentication__vector The tag of the encrypted AES 128 symmetric key * \param[out] p__nonce The nonce vector - * \param[in] p__use__hardcoded__values In debug mode, set to true to use hardcoded values * \return The original message * \see IEEE Std 1609.2-2017 Clause 5.3.5 Public key encryption algorithms: ECIES * \see https://www.nominet.uk/researchblog/how-elliptic-curve-cryptography-encryption-works/ * \see http://digital.csic.es/bitstream/10261/32671/1/V2-I2-P7-13.pdf */ // TODO Use common function for both fx__encryptWithEciesxxx and fx__decryptWithEciesxxx function - OCTETSTRING fx__encryptWithEciesNistp256WithSha256(const OCTETSTRING& p__toBeEncryptedSecuredMessage, const OCTETSTRING& p__recipientsPublicKeyCompressed, const INTEGER& p__compressedMode, const OCTETSTRING& p__salt, OCTETSTRING& p__publicEphemeralKeyCompressed, INTEGER& p__ephemeralCompressedMode,OCTETSTRING& p__aes__sym__key, OCTETSTRING& p__encrypted__sym__key, OCTETSTRING& p__authentication__vector, OCTETSTRING& p__nonce, const BOOLEAN& p__use__hardcoded__values) { + OCTETSTRING fx__encryptWithEciesNistp256WithSha256(const OCTETSTRING& p__toBeEncryptedSecuredMessage, const OCTETSTRING& p__recipientsPublicKeyCompressed, const INTEGER& p__compressedMode, const OCTETSTRING& p__salt, OCTETSTRING& p__publicEphemeralKeyCompressed, INTEGER& p__ephemeralCompressedMode,OCTETSTRING& p__aes__sym__key, OCTETSTRING& p__encrypted__sym__key, OCTETSTRING& p__authentication__vector, OCTETSTRING& p__nonce) { loggers::get_instance().log_msg(">>> fx__encryptWithEciesNistp256WithSha256: p__toBeEncryptedSecuredMessage: ", p__toBeEncryptedSecuredMessage); loggers::get_instance().log_msg(">>> fx__encryptWithEciesNistp256WithSha256: p__recipientsPublicKeyCompressed: ", p__recipientsPublicKeyCompressed); loggers::get_instance().log(">>> fx__encryptWithEciesNistp256WithSha256: p__compressedMode: %d", static_cast(p__compressedMode)); loggers::get_instance().log_msg(">>> fx__encryptWithEciesNistp256WithSha256: p__salt: ", p__salt); - loggers::get_instance().log(">>> fx__encryptWithEciesNistp256WithSha256: p__use__hardcoded__values: %x", static_cast(p__use__hardcoded__values)); // 1. Generate new Private/Public Ephemeral key std::unique_ptr ec; - if (!static_cast(p__use__hardcoded__values)) { - ec.reset(new security_ecc(ec_elliptic_curves::nist_p_256)); - if (ec->generate() == -1) { - loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to generate ephemeral keys"); - return OCTETSTRING(0, nullptr); - } - } else { - ec.reset(new security_ecc(ec_elliptic_curves::nist_p_256, str2oct("0722B39ABC7B6C5301CA0408F454F81553D7FE59F492DBF385B6B6D1F81E0F68"))); // Hardcoded private key + ec.reset(new security_ecc(ec_elliptic_curves::nist_p_256)); + if (ec->generate() == -1) { + loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to generate ephemeral keys"); + return OCTETSTRING(0, nullptr); } // 2. Generate and derive shared secret based on recipient's private keys security_ecc ec_comp(ec_elliptic_curves::nist_p_256, p__recipientsPublicKeyCompressed, (static_cast(p__compressedMode) == 0) ? ecc_compressed_mode::compressed_y_0 : ecc_compressed_mode::compressed_y_1); - if (static_cast(p__use__hardcoded__values)) { // Set AES encryption key to an harcoded value - ec->symmetric_encryption_key(str2oct("5A4E63B247C714644E85CAC49BD26C81")); - } if (ec->generate_and_derive_ephemeral_key(encryption_algotithm::aes_128_ccm, ec_comp.public_key_x(), ec_comp.public_key_y(), p__salt) == -1) { loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to generate and derive secret key"); return OCTETSTRING(0, nullptr); @@ -856,61 +847,53 @@ namespace LibItsSecurity__Functions return message; } - OCTETSTRING fx__encryptWithEciesBrainpoolp256WithSha256(const OCTETSTRING& p__toBeEncryptedSecuredMessage, const OCTETSTRING& p__recipientsPublicKeyCompressed, const INTEGER& p__compressedMode, const OCTETSTRING& p__salt, OCTETSTRING& p__publicEphemeralKeyCompressed, INTEGER& p__ephemeralCompressedMode,OCTETSTRING& p__aes__sym__key, OCTETSTRING& p__encrypted__sym__key, OCTETSTRING& p__authentication__vector, OCTETSTRING& p__nonce, const BOOLEAN& p__use__hardcoded__values) { - loggers::get_instance().log_msg(">>> fx__encryptWithEciesBrainpoolp256WithSha256: p__toBeEncryptedSecuredMessage: ", p__toBeEncryptedSecuredMessage); - loggers::get_instance().log_msg(">>> fx__encryptWithEciesBrainpoolp256WithSha256: p__recipientsPublicKeyCompressed: ", p__recipientsPublicKeyCompressed); - loggers::get_instance().log(">>> fx__encryptWithEciesBrainpoolp256WithSha256: p__compressedMode: %d", static_cast(p__compressedMode)); - loggers::get_instance().log_msg(">>> fx__encryptWithEciesBrainpoolp256WithSha256: p__salt: ", p__salt); - loggers::get_instance().log(">>> fx__encryptWithEciesBrainpoolp256WithSha256: p__use__hardcoded__values: %x", static_cast(p__use__hardcoded__values)); + OCTETSTRING fx__encryptWithEciesBrainpoolp256r1WithSha256(const OCTETSTRING& p__toBeEncryptedSecuredMessage, const OCTETSTRING& p__recipientsPublicKeyCompressed, const INTEGER& p__compressedMode, const OCTETSTRING& p__salt, OCTETSTRING& p__publicEphemeralKeyCompressed, INTEGER& p__ephemeralCompressedMode,OCTETSTRING& p__aes__sym__key, OCTETSTRING& p__encrypted__sym__key, OCTETSTRING& p__authentication__vector, OCTETSTRING& p__nonce) { + loggers::get_instance().log_msg(">>> fx__encryptWithEciesBrainpoolp256r1WithSha256: p__toBeEncryptedSecuredMessage: ", p__toBeEncryptedSecuredMessage); + loggers::get_instance().log_msg(">>> fx__encryptWithEciesBrainpoolp256r1WithSha256: p__recipientsPublicKeyCompressed: ", p__recipientsPublicKeyCompressed); + loggers::get_instance().log(">>> fx__encryptWithEciesBrainpoolp256r1WithSha256: p__compressedMode: %d", static_cast(p__compressedMode)); + loggers::get_instance().log_msg(">>> fx__encryptWithEciesBrainpoolp256r1WithSha256: p__salt: ", p__salt); // 1. Generate new Private/Public Ephemeral key std::unique_ptr ec; - if (!static_cast(p__use__hardcoded__values)) { - ec.reset(new security_ecc(ec_elliptic_curves::brainpool_p_256_r1)); - if (ec->generate() == -1) { - loggers::get_instance().warning("fx__encryptWithEciesBrainpoolp256WithSha256: Failed to generate ephemeral keys"); - return OCTETSTRING(0, nullptr); - } - } else { - ec.reset(new security_ecc(ec_elliptic_curves::brainpool_p_256_r1, str2oct("0722B39ABC7B6C5301CA0408F454F81553D7FE59F492DBF385B6B6D1F81E0F68"))); // Hardcoded private key + ec.reset(new security_ecc(ec_elliptic_curves::brainpool_p_256_r1)); + if (ec->generate() == -1) { + loggers::get_instance().warning("fx__encryptWithEciesBrainpoolp256r1WithSha256: Failed to generate ephemeral keys"); + return OCTETSTRING(0, nullptr); } // 2. Generate and derive shared secret based on recipient's private keys security_ecc ec_comp(ec_elliptic_curves::brainpool_p_256_r1, p__recipientsPublicKeyCompressed, (static_cast(p__compressedMode) == 0) ? ecc_compressed_mode::compressed_y_0 : ecc_compressed_mode::compressed_y_1); - if (static_cast(p__use__hardcoded__values)) { // Set AES encryption key to an harcoded value - ec->symmetric_encryption_key(str2oct("5A4E63B247C714644E85CAC49BD26C81")); - } if (ec->generate_and_derive_ephemeral_key(encryption_algotithm::aes_128_ccm, ec_comp.public_key_x(), ec_comp.public_key_y(), p__salt) == -1) { - loggers::get_instance().warning("fx__encryptWithEciesBrainpoolp256WithSha256: Failed to generate and derive secret key"); + loggers::get_instance().warning("fx__encryptWithEciesBrainpoolp256r1WithSha256: Failed to generate and derive secret key"); return OCTETSTRING(0, nullptr); } // Set the AES symmetric key - loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256WithSha256: AES symmetric key: ", ec->symmetric_encryption_key()); + loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256r1WithSha256: AES symmetric key: ", ec->symmetric_encryption_key()); p__aes__sym__key = ec->symmetric_encryption_key(); - loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256WithSha256: p__aes__sym__key: ", p__aes__sym__key); + loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256r1WithSha256: p__aes__sym__key: ", p__aes__sym__key); // Set the encrypted symmetric key - loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256WithSha256: Encrypted symmetric key: ", ec->encrypted_symmetric_key()); + loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256r1WithSha256: Encrypted symmetric key: ", ec->encrypted_symmetric_key()); p__encrypted__sym__key = ec->encrypted_symmetric_key(); - loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256WithSha256: p__encrypted__sym__key: ", p__encrypted__sym__key); + loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256r1WithSha256: p__encrypted__sym__key: ", p__encrypted__sym__key); // Set the tag of the symmetric key encryption p__authentication__vector = ec->tag(); - loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256WithSha256: p__authentication__vector: ", p__authentication__vector); + loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256r1WithSha256: p__authentication__vector: ", p__authentication__vector); // Set ephemeral public keys p__publicEphemeralKeyCompressed = ec->public_key_compressed(); - loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256WithSha256: Ephemeral public compressed key: ", p__publicEphemeralKeyCompressed); + loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256r1WithSha256: Ephemeral public compressed key: ", p__publicEphemeralKeyCompressed); p__ephemeralCompressedMode = (ec->public_key_compressed_mode() == ecc_compressed_mode::compressed_y_0) ? 0 : 1; - loggers::get_instance().log("fx__encryptWithEciesBrainpoolp256WithSha256: Ephemeral public compressed mode: %d: ", p__ephemeralCompressedMode); + loggers::get_instance().log("fx__encryptWithEciesBrainpoolp256r1WithSha256: Ephemeral public compressed mode: %d: ", p__ephemeralCompressedMode); // 3. Retrieve AES 128 parameters p__nonce = ec->nonce(); - loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256WithSha256: p__nonce: ", p__nonce); + loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256r1WithSha256: p__nonce: ", p__nonce); // 4. Encrypt the data using AES-128 CCM OCTETSTRING enc_message; if (ec->encrypt(encryption_algotithm::aes_128_ccm, ec->symmetric_encryption_key(), ec->nonce(), p__toBeEncryptedSecuredMessage, enc_message) == -1) { - loggers::get_instance().warning("fx__encryptWithEciesBrainpoolp256WithSha256: Failed to encrypt message"); + loggers::get_instance().warning("fx__encryptWithEciesBrainpoolp256r1WithSha256: Failed to encrypt message"); return OCTETSTRING(0, nullptr); } enc_message += ec->tag(); - loggers::get_instance().log_to_hexa("fx__encryptWithEciesBrainpoolp256WithSha256: enc message||Tag: ", enc_message); + loggers::get_instance().log_to_hexa("fx__encryptWithEciesBrainpoolp256r1WithSha256: enc message||Tag: ", enc_message); return enc_message; } @@ -919,59 +902,59 @@ namespace LibItsSecurity__Functions * @desc Test function for ECIES BRAINPOOL P-256r1 Encryption with SHA-256 * @remark For the purpose of testing, the content of p__toBeEncryptedSecuredMessage is the AES 128 symmetric key to be encrypted */ - OCTETSTRING fx__test__encryptWithEciesBrainpoolp256WithSha256(const OCTETSTRING& p__toBeEncryptedSecuredMessage, const OCTETSTRING& p__privateEphemeralKey, const OCTETSTRING& p__recipientPublicKeyX, const OCTETSTRING& p__recipientPublicKeyY, const OCTETSTRING& p__salt, OCTETSTRING& p__publicEphemeralKeyX, OCTETSTRING& p__publicEphemeralKeyY, OCTETSTRING& p__aes__sym__key, OCTETSTRING& p__encrypted__sym__key, OCTETSTRING& p__authentication__vector, OCTETSTRING& p__nonce) { + OCTETSTRING fx__test__encryptWithEciesBrainpoolp256r1WithSha256(const OCTETSTRING& p__toBeEncryptedSecuredMessage, const OCTETSTRING& p__privateEphemeralKey, const OCTETSTRING& p__recipientPublicKeyX, const OCTETSTRING& p__recipientPublicKeyY, const OCTETSTRING& p__salt, OCTETSTRING& p__publicEphemeralKeyX, OCTETSTRING& p__publicEphemeralKeyY, OCTETSTRING& p__aes__sym__key, OCTETSTRING& p__encrypted__sym__key, OCTETSTRING& p__authentication__vector, OCTETSTRING& p__nonce) { // 1. Generate new ephemeral Private/Public keys security_ecc ec(ec_elliptic_curves::brainpool_p_256_r1, p__privateEphemeralKey); p__publicEphemeralKeyX = ec.public_key_x(); p__publicEphemeralKeyY = ec.public_key_y(); - loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256WithSha256: Vx=", p__publicEphemeralKeyX); - loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256WithSha256: Vy=", p__publicEphemeralKeyY); + loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256r1WithSha256: Vx=", p__publicEphemeralKeyX); + loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256r1WithSha256: Vy=", p__publicEphemeralKeyY); // 2. Generate and derive shared secret security_ecc ec_comp(ec_elliptic_curves::brainpool_p_256_r1, p__recipientPublicKeyX, p__recipientPublicKeyY); ec.symmetric_encryption_key(p__toBeEncryptedSecuredMessage); - loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256WithSha256: ", ec.encrypted_symmetric_key()); + loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256r1WithSha256: ", ec.encrypted_symmetric_key()); if (ec.generate_and_derive_ephemeral_key(encryption_algotithm::aes_128_ccm, ec_comp.public_key_x(), ec_comp.public_key_y(), p__salt) == -1) { - loggers::get_instance().warning("fx__test__encryptWithEciesBrainpoolp256WithSha256: Failed to generate and derive secret key"); + loggers::get_instance().warning("fx__test__encryptWithEciesBrainpoolp256r1WithSha256: Failed to generate and derive secret key"); return OCTETSTRING(0, nullptr); } // Set the AES symmetric key - loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256WithSha256: AES symmetric key: ", ec.symmetric_encryption_key()); + loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256r1WithSha256: AES symmetric key: ", ec.symmetric_encryption_key()); p__aes__sym__key = ec.symmetric_encryption_key(); - loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256WithSha256: p__aes__sym__key: ", p__aes__sym__key); + loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256r1WithSha256: p__aes__sym__key: ", p__aes__sym__key); // Set the encrypted symmetric key - loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256WithSha256: Encrypted symmetric key: ", ec.encrypted_symmetric_key()); + loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256r1WithSha256: Encrypted symmetric key: ", ec.encrypted_symmetric_key()); p__encrypted__sym__key = ec.encrypted_symmetric_key(); - loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256WithSha256: p__encrypted__sym__key: ", p__encrypted__sym__key); + loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256r1WithSha256: p__encrypted__sym__key: ", p__encrypted__sym__key); // Set the tag of the symmetric key encryption p__authentication__vector = ec.tag(); - loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256WithSha256: p__authentication__vector: ", p__authentication__vector); + loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256r1WithSha256: p__authentication__vector: ", p__authentication__vector); // 3. Retrieve AES 128 parameters p__nonce = ec.nonce(); - loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256WithSha256: p__nonce: ", p__nonce); + loggers::get_instance().log_msg("fx__test__encryptWithEciesBrainpoolp256r1WithSha256: p__nonce: ", p__nonce); // 4. Encrypt the data using AES-128 CCM OCTETSTRING enc_message; if (ec.encrypt(encryption_algotithm::aes_128_ccm, ec.symmetric_encryption_key(), ec.nonce(), p__toBeEncryptedSecuredMessage, enc_message) == -1) { - loggers::get_instance().warning("fx__test__encryptWithEciesBrainpoolp256WithSha256: Failed to encrypt message"); + loggers::get_instance().warning("fx__test__encryptWithEciesBrainpoolp256r1WithSha256: Failed to encrypt message"); return OCTETSTRING(0, nullptr); } enc_message += ec.tag(); - loggers::get_instance().log_to_hexa("fx__test__encryptWithEciesBrainpoolp256WithSha256: enc message||Tag: ", enc_message); + loggers::get_instance().log_to_hexa("fx__test__encryptWithEciesBrainpoolp256r1WithSha256: enc message||Tag: ", enc_message); return enc_message; } - OCTETSTRING fx__decryptWithEciesBrainpoolp256WithSha256(const OCTETSTRING& p__encryptedSecuredMessage, const OCTETSTRING& p__privateEncKey, const OCTETSTRING& p__publicEphemeralKeyCompressed, const INTEGER& p__ephemeralCompressedMode, const OCTETSTRING& p__encrypted__sym__key, const OCTETSTRING& p__authentication__vector, const OCTETSTRING& p__nonce, const OCTETSTRING& p__salt, OCTETSTRING& p__aes__sym__enc__key) { - loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__toBeEncryptedSecuredMessage: ", p__encryptedSecuredMessage); - loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__privateEncKey: ", p__privateEncKey); - loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__publicEphemeralKeyCompressed: ", p__publicEphemeralKeyCompressed); - loggers::get_instance().log(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__ephemeralCompressedMode: %d", static_cast(p__ephemeralCompressedMode)); - loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__nonce: ", p__nonce); - loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__authentication__vector: ", p__authentication__vector); - loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__encrypted__sym__key: ", p__encrypted__sym__key); - loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__salt", p__salt); + OCTETSTRING fx__decryptWithEciesBrainpoolp256r1WithSha256(const OCTETSTRING& p__encryptedSecuredMessage, const OCTETSTRING& p__privateEncKey, const OCTETSTRING& p__publicEphemeralKeyCompressed, const INTEGER& p__ephemeralCompressedMode, const OCTETSTRING& p__encrypted__sym__key, const OCTETSTRING& p__authentication__vector, const OCTETSTRING& p__nonce, const OCTETSTRING& p__salt, OCTETSTRING& p__aes__sym__enc__key) { + loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256r1WithSha256: p__toBeEncryptedSecuredMessage: ", p__encryptedSecuredMessage); + loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256r1WithSha256: p__privateEncKey: ", p__privateEncKey); + loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256r1WithSha256: p__publicEphemeralKeyCompressed: ", p__publicEphemeralKeyCompressed); + loggers::get_instance().log(">>> fx__decryptWithEciesBrainpoolp256r1WithSha256: p__ephemeralCompressedMode: %d", static_cast(p__ephemeralCompressedMode)); + loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256r1WithSha256: p__nonce: ", p__nonce); + loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256r1WithSha256: p__authentication__vector: ", p__authentication__vector); + loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256r1WithSha256: p__encrypted__sym__key: ", p__encrypted__sym__key); + loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256r1WithSha256: p__salt", p__salt); // 1. Create security_ecc instance based on public ephemeral keys security_ecc ec(ec_elliptic_curves::brainpool_p_256_r1, p__privateEncKey); @@ -979,23 +962,23 @@ namespace LibItsSecurity__Functions // 2. Generate the shared secret value based on public ephemeral keys will be required if (ec.generate_and_derive_ephemeral_key(encryption_algotithm::aes_128_ccm, ec_comp.public_key_x(), ec_comp.public_key_y(), p__encrypted__sym__key, p__nonce, p__authentication__vector, OCTETSTRING(0, nullptr)) == -1) { - loggers::get_instance().warning("fx__decryptWithEciesBrainpoolp256WithSha256: Failed to generate shared secret"); + loggers::get_instance().warning("fx__decryptWithEciesBrainpoolp256r1WithSha256: Failed to generate shared secret"); return OCTETSTRING(0, nullptr); } // Decrypt the message OCTETSTRING enc_message(p__encryptedSecuredMessage.lengthof() - ec.tag().lengthof(), static_cast(p__encryptedSecuredMessage)); // Extract the encrypted message - loggers::get_instance().log_msg("fx__decryptWithEciesBrainpoolp256WithSha256: enc_message: ", enc_message); // Extract the ctag value + loggers::get_instance().log_msg("fx__decryptWithEciesBrainpoolp256r1WithSha256: enc_message: ", enc_message); // Extract the ctag value OCTETSTRING tag(ec.tag().lengthof(), static_cast(p__encryptedSecuredMessage) + p__encryptedSecuredMessage.lengthof() - ec.tag().lengthof()); - loggers::get_instance().log_msg("fx__decryptWithEciesBrainpoolp256WithSha256: tag: ", tag); + loggers::get_instance().log_msg("fx__decryptWithEciesBrainpoolp256r1WithSha256: tag: ", tag); OCTETSTRING message; if (ec.decrypt(tag, enc_message, message) == -1) { - loggers::get_instance().warning("fx__decryptWithEciesBrainpoolp256WithSha256: Failed to generate shared secret"); + loggers::get_instance().warning("fx__decryptWithEciesBrainpoolp256r1WithSha256: Failed to generate shared secret"); return OCTETSTRING(0, nullptr); } - loggers::get_instance().log_msg("fx__decryptWithEciesBrainpoolp256WithSha256: dec message: ", message); + loggers::get_instance().log_msg("fx__decryptWithEciesBrainpoolp256r1WithSha256: dec message: ", message); p__aes__sym__enc__key = ec.symmetric_encryption_key(); - loggers::get_instance().log_msg("fx__decryptWithEciesBrainpoolp256WithSha256: AES 128 encryption key: ", p__aes__sym__enc__key); + loggers::get_instance().log_msg("fx__decryptWithEciesBrainpoolp256r1WithSha256: AES 128 encryption key: ", p__aes__sym__enc__key); return message; } @@ -1059,13 +1042,13 @@ namespace LibItsSecurity__Functions * \return true on success, false otherwise fx_generateKeyPair_nistp256(out octetstring p_privateKey, out octetstring p_publicKeyX, out octetstring p_publicKeyY) return boolean; */ - BOOLEAN fx__generateKeyPair__brainpoolp256( - OCTETSTRING& p__privateKey, - OCTETSTRING& p__publicKeyX, - OCTETSTRING& p__publicKeyY, - OCTETSTRING& p__publicKeyCompressed, - INTEGER& p__compressedMode - ) { + BOOLEAN fx__generateKeyPair__brainpoolp256r1( + OCTETSTRING& p__privateKey, + OCTETSTRING& p__publicKeyX, + OCTETSTRING& p__publicKeyY, + OCTETSTRING& p__publicKeyCompressed, + INTEGER& p__compressedMode + ) { security_ecc k(ec_elliptic_curves::brainpool_p_256_r1); if (k.generate() != 0) { p__privateKey = OCTETSTRING(0, nullptr); @@ -1077,19 +1060,19 @@ namespace LibItsSecurity__Functions // Sanity checks if (k.private_key().lengthof() != 32) { - loggers::get_instance().error("fx__generateKeyPair__brainpoolp256: Invalid private key size"); + loggers::get_instance().error("fx__generateKeyPair__brainpoolp256r1: Invalid private key size"); return FALSE; } if (k.public_key_x().lengthof() != 32) { - loggers::get_instance().error("fx__generateKeyPair__brainpoolp256: Invalid public key X-coordonate size"); + loggers::get_instance().error("fx__generateKeyPair__brainpoolp256r1: Invalid public key X-coordonate size"); return FALSE; } if (k.public_key_y().lengthof() != 32) { - loggers::get_instance().error("fx__generateKeyPair__brainpoolp256: Invalid public key Y-coordonate size"); + loggers::get_instance().error("fx__generateKeyPair__brainpoolp256r1: Invalid public key Y-coordonate size"); return FALSE; } if (k.public_key_compressed().lengthof() != 32) { - loggers::get_instance().error("fx__generateKeyPair__brainpoolp256: Invalid public compressed key size"); + loggers::get_instance().error("fx__generateKeyPair__brainpoolp256r1: Invalid public compressed key size"); return FALSE; } p__privateKey = k.private_key(); @@ -1110,13 +1093,13 @@ namespace LibItsSecurity__Functions * \return true on success, false otherwise fx_generateKeyPair_nistp256(out octetstring p_privateKey, out octetstring p_publicKeyX, out octetstring p_publicKeyY) return boolean; */ - BOOLEAN fx__generateKeyPair__brainpoolp384( - OCTETSTRING& p__privateKey, - OCTETSTRING& p__publicKeyX, - OCTETSTRING& p__publicKeyY, - OCTETSTRING& p__publicKeyCompressed, - INTEGER& p__compressedMode - ) { + BOOLEAN fx__generateKeyPair__brainpoolp384r1( + OCTETSTRING& p__privateKey, + OCTETSTRING& p__publicKeyX, + OCTETSTRING& p__publicKeyY, + OCTETSTRING& p__publicKeyCompressed, + INTEGER& p__compressedMode + ) { security_ecc k(ec_elliptic_curves::brainpool_p_384_r1); if (k.generate() != 0) { p__privateKey = OCTETSTRING(0, nullptr); @@ -1128,19 +1111,19 @@ namespace LibItsSecurity__Functions // Sanity checks if (k.private_key().lengthof() != 48) { - loggers::get_instance().error("fx__generateKeyPair__brainpoolp384: Invalid private key size"); + loggers::get_instance().error("fx__generateKeyPair__brainpoolp384r1: Invalid private key size"); return FALSE; } if (k.public_key_x().lengthof() != 48) { - loggers::get_instance().error("fx__generateKeyPair__brainpoolp384: Invalid public key X-coordonate size"); + loggers::get_instance().error("fx__generateKeyPair__brainpoolp384r1: Invalid public key X-coordonate size"); return FALSE; } if (k.public_key_y().lengthof() != 48) { - loggers::get_instance().error("fx__generateKeyPair__brainpoolp384: Invalid public key Y-coordonate size"); + loggers::get_instance().error("fx__generateKeyPair__brainpoolp384r1: Invalid public key Y-coordonate size"); return FALSE; } if (k.public_key_compressed().lengthof() != 48) { - loggers::get_instance().error("fx__generateKeyPair__brainpoolp384: Invalid public compressed key size"); + loggers::get_instance().error("fx__generateKeyPair__brainpoolp384r1: Invalid public compressed key size"); return FALSE; } p__privateKey = k.private_key(); diff --git a/ccsrc/Protocols/Http/http_codec.cc b/ccsrc/Protocols/Http/http_codec.cc index 34a588a5e..9ca728e4d 100644 --- a/ccsrc/Protocols/Http/http_codec.cc +++ b/ccsrc/Protocols/Http/http_codec.cc @@ -79,7 +79,7 @@ int http_codec::decode (const OCTETSTRING& data, LibItsHttp__TypesAndValues::Htt response.version__minor() = std::stoi(m[2].str().c_str()); response.statuscode() = std::stoi(m[3].str().c_str()); response.statustext() = CHARSTRING(m[4].str().c_str()); - LibItsHttp__TypesAndValues::HeaderLines headers; + LibItsHttp__TypesAndValues::Headers headers; std::string content_type; decode_headers(decoding_buffer, headers, content_type); response.header() = headers; @@ -104,7 +104,7 @@ int http_codec::decode (const OCTETSTRING& data, LibItsHttp__TypesAndValues::Htt request.uri() = CHARSTRING(m[2].str().c_str()); request.version__major() = std::stoi(m[3].str().c_str()); request.version__minor() = std::stoi(m[4].str().c_str()); - LibItsHttp__TypesAndValues::HeaderLines headers; + LibItsHttp__TypesAndValues::Headers headers; std::string content_type; decode_headers(decoding_buffer, headers, content_type); request.header() = headers; @@ -141,10 +141,10 @@ int http_codec::encode_request(const LibItsHttp__TypesAndValues::Request& p_requ p_encoding_buffer.put_cs("\r\n"); // Encode headers excepeted the Content-Length - const LibItsHttp__TypesAndValues::HeaderLines& headers = p_request.header(); + const LibItsHttp__TypesAndValues::Headers& headers = p_request.header(); std::string content_type; for (int i = 0; i < headers.size_of(); i++) { - const LibItsHttp__TypesAndValues::HeaderLine& header = headers[i]; + const LibItsHttp__TypesAndValues::Header& header = headers[i]; loggers::get_instance().log_msg("http_codec::encode_request: Processing header ", header.header__name()); if (std::string(static_cast(header.header__name())).compare("Content-Length") == 0) { // Skip it, processed later loggers::get_instance().log("http_codec::encode_request: Skip it"); @@ -240,10 +240,10 @@ int http_codec::encode_response (const LibItsHttp__TypesAndValues::Response& p_r p_encoding_buffer.put_cs("\r\n"); // Encode headers excepeted the Content-Length - const LibItsHttp__TypesAndValues::HeaderLines& headers = p_response.header(); + const LibItsHttp__TypesAndValues::Headers& headers = p_response.header(); std::string content_type; for (int i = 0; i < headers.size_of(); i++) { - const LibItsHttp__TypesAndValues::HeaderLine& header = headers[i]; + const LibItsHttp__TypesAndValues::Header& header = headers[i]; loggers::get_instance().log_msg("http_codec::encode_response: Processing header ", header.header__name()); p_encoding_buffer.put_cs(header.header__name()); p_encoding_buffer.put_cs(": "); @@ -321,7 +321,7 @@ int http_codec::encode_response (const LibItsHttp__TypesAndValues::Response& p_r return 0; } -int http_codec::decode_headers(TTCN_Buffer& decoding_buffer, LibItsHttp__TypesAndValues::HeaderLines& headers, std::string& p_content_type) { +int http_codec::decode_headers(TTCN_Buffer& decoding_buffer, LibItsHttp__TypesAndValues::Headers& headers, std::string& p_content_type) { loggers::get_instance().log(">>> http_codec::decode_headers"); loggers::get_instance().log_to_hexa("http_codec::decode_headers", decoding_buffer); @@ -331,7 +331,7 @@ int http_codec::decode_headers(TTCN_Buffer& decoding_buffer, LibItsHttp__TypesAn switch(get_line(decoding_buffer, cstr, true)) { case 0: { loggers::get_instance().log_msg("http_codec::decode_headers: ", cstr); - LibItsHttp__TypesAndValues::HeaderLine header; + LibItsHttp__TypesAndValues::Header header; if (decode_header(cstr, header) == -1) { loggers::get_instance().warning("http_codec::decode_headers: Failed to decode header %s", static_cast(cstr)); return -1; @@ -357,7 +357,7 @@ int http_codec::decode_headers(TTCN_Buffer& decoding_buffer, LibItsHttp__TypesAn } // End of 'while' statement } -int http_codec::decode_header(CHARSTRING& header_line, LibItsHttp__TypesAndValues::HeaderLine& header) { +int http_codec::decode_header(CHARSTRING& header_line, LibItsHttp__TypesAndValues::Header& header) { loggers::get_instance().log_msg(">>> http_codec::decode_header", header_line); try { diff --git a/ccsrc/Protocols/Http/http_codec.hh b/ccsrc/Protocols/Http/http_codec.hh index 9b3f43c01..5115c5306 100644 --- a/ccsrc/Protocols/Http/http_codec.hh +++ b/ccsrc/Protocols/Http/http_codec.hh @@ -14,8 +14,8 @@ namespace LibItsHttp__TypesAndValues { class HttpMessage; class Request; class Response; - class HeaderLines; - class HeaderLine; + class Headers; + class Header; } namespace LibItsHttp__MessageBodyTypes { class HttpMessageBody; @@ -59,8 +59,8 @@ private: int encode_response (const LibItsHttp__TypesAndValues::Response& p_response, TTCN_Buffer& p_encoding_buffer); int encode_body(const LibItsHttp__MessageBodyTypes::HttpMessageBody& p_message_body, OCTETSTRING& p_encoding_buffer, const std::string& p_content_type); - int decode_headers(TTCN_Buffer& decoding_buffer, LibItsHttp__TypesAndValues::HeaderLines& headers, std::string& p_content_type); - int decode_header(CHARSTRING& header_line, LibItsHttp__TypesAndValues::HeaderLine& header); + int decode_headers(TTCN_Buffer& decoding_buffer, LibItsHttp__TypesAndValues::Headers& headers, std::string& p_content_type); + int decode_header(CHARSTRING& header_line, LibItsHttp__TypesAndValues::Header& header); int decode_body(TTCN_Buffer& decoding_buffer, LibItsHttp__MessageBodyTypes::HttpMessageBody& message_body, const std::string& p_content_type); int get_line(TTCN_Buffer& buffer, CHARSTRING& to, const bool concatenate_header_lines = false); diff --git a/ccsrc/Protocols/Security/security_services.cc b/ccsrc/Protocols/Security/security_services.cc index a227e089f..b01438549 100644 --- a/ccsrc/Protocols/Security/security_services.cc +++ b/ccsrc/Protocols/Security/security_services.cc @@ -830,11 +830,11 @@ int security_services::sign_tbs_data(const IEEE1609dot2::ToBeSignedData& p_tbs_d if (p_params[params::signature].compare("NISTP-256") == 0) { result = sign_ecdsa_nistp256(hashed_data, p_signature, p_params); } else if (p_params[params::signature].compare("BP-256") == 0) { - //result = sign_ecdsa_brainpoolp256(hashed_data, p_signature, p_params); + //result = sign_ecdsa_brainpoolp256r1(hashed_data, p_signature, p_params); loggers::get_instance().error("security_services::sign_tbs_data: TODO"); result = -1; } else if (p_params[params::signature].compare("BP-384") == 0) { - //result = sign_ecdsa_brainpoolp256(hashed_data, p_signature, p_params); + //result = sign_ecdsa_brainpoolp384r1(hashed_data, p_signature, p_params); loggers::get_instance().error("security_services::sign_tbs_data: TODO"); result = -1; } else { diff --git a/scripts/update_its_project.bash b/scripts/update_its_project.bash index b23258d9b..48a04a3e1 100755 --- a/scripts/update_its_project.bash +++ b/scripts/update_its_project.bash @@ -240,8 +240,8 @@ do elif [ "$i" == "Pki" ] then cp ${CC_SRC_PATH}/EncDec/LibItsPki_Encdec.cc ${TTCN_3_DST_PATH}/LibIts/$i/src - cp ${CC_SRC_PATH}/EncDec/LibItsSecurity_Encdec.cc ${TTCN_3_DST_PATH}/LibIts/$i/src - cp ${CC_SRC_PATH}/Externals/LibItsSecurity_externals.cc ${TTCN_3_DST_PATH}/LibIts/$i/src +# cp ${CC_SRC_PATH}/EncDec/LibItsSecurity_Encdec.cc ${TTCN_3_DST_PATH}/LibIts/$i/src +# cp ${CC_SRC_PATH}/Externals/LibItsSecurity_externals.cc ${TTCN_3_DST_PATH}/LibIts/$i/src cp ${CC_SRC_PATH}/Ports/LibIts_ports/Pki_ports/*.cc ${TTCN_3_DST_PATH}/LibIts/$i/src cp ${CC_SRC_PATH}/Ports/LibIts_ports/Pki_ports/*.hh ${TTCN_3_DST_PATH}/LibIts/$i/include cp ${CC_SRC_PATH}/Ports/LibIts_ports/Pki_ports/*.partC ${TTCN_3_DST_PATH}/LibIts/$i/src diff --git a/ttcn/LibIts b/ttcn/LibIts index 87d844cc4..4b09f4e41 160000 --- a/ttcn/LibIts +++ b/ttcn/LibIts @@ -1 +1 @@ -Subproject commit 87d844cc4272334377ad31bb5befa9d0ed23792f +Subproject commit 4b09f4e418e6e62ce9be0a9a44a5c1c9805585d9 -- GitLab