diff --git a/.TITAN_properties b/.TITAN_properties index 76dec310556dd7633179cbf698019c32da19014b..c51fed672edc4614fd9a238f7e25e1b639f67de5 100644 --- a/.TITAN_properties +++ b/.TITAN_properties @@ -22,7 +22,6 @@ ./bin ./src/bin - ./src/bin/asn1 C:\ProgramFiles\OpenSSL-Win64\include C:\npcap-sdk-0.1\Include /Users/yann/Documents/wireshark/cygwin64/usr/lib/gcc/x86_64-pc-cygwin/7.3.0/include/c++ @@ -30,8 +29,8 @@ true true true - true true + true -std=c++11 ./src/bin/asn1/libItsAsn.so diff --git a/tools/itssecurity/.vs/itssecurity/v16/.suo b/tools/itssecurity/.vs/itssecurity/v16/.suo index 7f409fb25b385a6e1b04eafe48f26019710b25dd..a3057c330d559ebc2fc6e80ba567231e96d70b1b 100644 Binary files a/tools/itssecurity/.vs/itssecurity/v16/.suo and b/tools/itssecurity/.vs/itssecurity/v16/.suo differ diff --git a/tools/itssecurity/.vs/itssecurity/v16/Browse.VC.db b/tools/itssecurity/.vs/itssecurity/v16/Browse.VC.db index 6bf3c4b719f1e3b4bacf0844bf30e6921a585c65..fbc8fde843d19d8fa896430dfab668c1d9e78ca2 100644 Binary files a/tools/itssecurity/.vs/itssecurity/v16/Browse.VC.db and b/tools/itssecurity/.vs/itssecurity/v16/Browse.VC.db differ diff --git a/tools/itssecurity/.vs/itssecurity/v16/Solution.VC.db b/tools/itssecurity/.vs/itssecurity/v16/Solution.VC.db index 9901f264032c2f16723ac3e1534a879dc00e0e10..ecc6e29f7eb9831922b244193c0942063eeef543 100644 Binary files a/tools/itssecurity/.vs/itssecurity/v16/Solution.VC.db and b/tools/itssecurity/.vs/itssecurity/v16/Solution.VC.db differ diff --git a/tools/itssecurity/lib_its_security/lib_its_security.c b/tools/itssecurity/lib_its_security/lib_its_security.c index 696d932d0b50ad382d9c443f7843df1d83ab75c9..811f0a08b61398854e31c542239ff6e32400e11b 100644 --- a/tools/itssecurity/lib_its_security/lib_its_security.c +++ b/tools/itssecurity/lib_its_security/lib_its_security.c @@ -165,6 +165,10 @@ int32_t sign_verify( const uint8_t* p_sig_s, const size_t p_sig_length ) { + show_hex((const int8_t*)">>> sign_verify: p_data", p_data, p_data_length); + show_hex((const int8_t*)">>> sign_verify: p_sig_r", p_sig_r, p_sig_length); + show_hex((const int8_t*)">>> sign_verify: p_sig_s", p_sig_s, p_sig_length); + // Sanity checks if ((p_lib_its_security_context == NULL) || (p_data == NULL) || (p_sig_r == NULL) || (p_sig_s == NULL)) { return -1; @@ -177,6 +181,7 @@ int32_t sign_verify( ECDSA_SIG_set0(signature, r, s); // Check the signature int32_t result = ECDSA_do_verify(p_data, p_data_length, signature, p_lib_its_security_context->ec_key); + fprintf(stderr, "sign_verify: result=%d\n", result); ECDSA_SIG_free(signature); return (result == 1) ? 0 : -1; @@ -382,7 +387,7 @@ int32_t generate_and_derive_ephemeral_key_for_encryption( uint8_t* k2 = (uint8_t*)malloc(k2_length); memcpy((void*)k2, (const void*)(k_enc + digest), k2_length); show_hex((const int8_t*)"k2", k2, k2_length); - hmac_sha256(p_ecdh_private_key->enc_sym_key, p_ecdh_private_key->sym_key_length, k2, k2_length, &p_ecdh_private_key->tag); + hmac_sha256(k2, k2_length, p_ecdh_private_key->enc_sym_key, p_ecdh_private_key->sym_key_length, &p_ecdh_private_key->tag); show_hex((const int8_t*)"tag", p_ecdh_private_key->tag, p_ecdh_private_key->tag_length); /* Generate random IV (nonce) */ @@ -486,7 +491,7 @@ int32_t generate_and_derive_ephemeral_key_for_decryption( uint8_t* k2 = (uint8_t*)malloc(k2_length); memcpy((void*)k2, (const void*)(k_enc + digest), k2_length); show_hex((const int8_t*)"k2", k2, k2_length); - hmac_sha256(p_lib_its_security_context->enc_sym_key, p_lib_its_security_context->sym_key_length, k2, k2_length, &p_lib_its_security_context->tag); + hmac_sha256(k2, k2_length, p_lib_its_security_context->enc_sym_key, p_lib_its_security_context->sym_key_length, &p_lib_its_security_context->tag); show_hex((const int8_t*)"authentication vector", p_lib_its_security_context->tag, p_lib_its_security_context->tag_length); /* Extract K1 and generate encrypted symmetric key */ @@ -822,6 +827,9 @@ int32_t hmac_sha256( return -1; } + show_hex((const int8_t*)">>> hmac_sha256: p_secret_key", p_secret_key, p_secret_key_length); + show_hex((const int8_t*)">>> hmac_sha256: p_message", p_message, p_message_length); + uint32_t length = 64; uint8_t* hmac = (uint8_t*)malloc(length); HMAC_CTX *ctx = HMAC_CTX_new(); @@ -834,6 +842,7 @@ int32_t hmac_sha256( *p_hmac = (uint8_t*)malloc(16); memcpy((void*)*p_hmac, (const void*)hmac, 16); free(hmac); + show_hex((const int8_t*)"<<< hmac_sha256: p_message", *p_hmac, 16); return 0; } @@ -845,18 +854,20 @@ int32_t prepare_data_to_be_verify( const uint8_t* p_certificate_issuer, uint8_t** p_hashed_data ) { + show_hex((const int8_t*)">>> prepare_data_to_be_verify: p_data", p_data, p_data_length); + // Calculate the SHA of the hashed data for signing: Hash ( Hash (Data input) || Hash (Signer identifier input) ) uint8_t* hashed_data1; // Hash (Data input) int32_t result; if (p_lib_its_security_context->elliptic_curve == brainpool_p_384_r1) { result = hash_with_sha384(p_data, p_data_length, &hashed_data1); } else { - result = hash_with_sha256(p_data, p_data_length, &hashed_data1); + result = hash_with_sha256(p_data, p_data_length, &hashed_data1); // Hash (Data input) } if (result == -1) { return -1; } - uint8_t* hashed_data2; // Hash (Signer identifier input) + show_hex((const int8_t*)"prepare_data_to_be_verify: hashed_data1", hashed_data1, p_lib_its_security_context->key_length); // Check if issuer is '00...00'O vector bool foundNonZero = false; for (int i = 0; i < 32; i++) { @@ -865,7 +876,10 @@ int32_t prepare_data_to_be_verify( break; } } - if (foundNonZero) { + fprintf(stderr, "prepare_data_to_be_verify: foundNonZero=%d\n", foundNonZero); + uint8_t* hashed_data2; // Hash (Signer identifier input) + if (foundNonZero) { + // p_certificate_issuer is already the hashed id hashed_data2 = (uint8_t*)malloc(p_lib_its_security_context->key_length); memcpy((void*)hashed_data2, (const void*)p_certificate_issuer, p_lib_its_security_context->key_length); result = 0; @@ -881,14 +895,17 @@ int32_t prepare_data_to_be_verify( free(hashed_data2); return -1; } + show_hex((const int8_t*)"prepare_data_to_be_verify: hashed_data2", hashed_data2, p_lib_its_security_context->key_length); uint8_t* hash_data_buffer = (uint8_t*)malloc(2 * p_lib_its_security_context->key_length); // Hash (Data input) || Hash (Signer identifier input) memcpy((void*)hash_data_buffer, (const void*)hashed_data1, p_lib_its_security_context->key_length); memcpy((void*)(hash_data_buffer + p_lib_its_security_context->key_length), (const void*)hashed_data2, p_lib_its_security_context->key_length); + show_hex((const int8_t*)"prepare_data_to_be_verify: hash_data_buffer", hash_data_buffer, 2 * p_lib_its_security_context->key_length); if (p_lib_its_security_context->elliptic_curve == brainpool_p_384_r1) { result = hash_with_sha384(hash_data_buffer, 2 * p_lib_its_security_context->key_length, p_hashed_data); // Hash ( Hash (Data input) || Hash (Signer identifier input) ) } else { result = hash_with_sha256(hash_data_buffer, 2 * p_lib_its_security_context->key_length, p_hashed_data); // Hash ( Hash (Data input) || Hash (Signer identifier input) ) } + show_hex((const int8_t*)"prepare_data_to_be_verify: p_hashed_data", *p_hashed_data, p_lib_its_security_context->key_length); free(hashed_data1); free(hashed_data2); free(hash_data_buffer); @@ -904,7 +921,11 @@ int32_t generic_signature( const uint8_t* p_private_key, uint8_t** p_signature ) { - uint8_t* hashed_data; + show_hex((const int8_t*)">>> generic_signature: p_to_be_signed_secured_message", p_to_be_signed_secured_message, p_to_be_signed_secured_message_length); + show_hex((const int8_t*)">>> generic_signature: p_certificate_issuer", p_certificate_issuer, p_lib_its_security_context->key_length); + show_hex((const int8_t*)">>> generic_signature: p_private_key", p_private_key, p_lib_its_security_context->key_length); + + uint8_t* hashed_data; if (prepare_data_to_be_verify(p_lib_its_security_context, p_to_be_signed_secured_message, p_to_be_signed_secured_message_length, p_certificate_issuer, &hashed_data) == -1) { return -1; } @@ -919,6 +940,8 @@ int32_t generic_signature( } free(hashed_data); // Copy the signature + show_hex((const int8_t*)"generic_signature: r_sig", r_sig, p_lib_its_security_context->key_length); + show_hex((const int8_t*)"generic_signature: s_sig", s_sig, p_lib_its_security_context->key_length); *p_signature = (uint8_t*)malloc(2 * p_lib_its_security_context->key_length); // r_sig || s_sig memcpy((void*)*p_signature, (const void*)r_sig, p_lib_its_security_context->key_length); memcpy((void*)(*p_signature + p_lib_its_security_context->key_length), (const void*)s_sig, p_lib_its_security_context->key_length); @@ -942,11 +965,14 @@ int32_t generic_verify( if (prepare_data_to_be_verify(p_lib_its_security_context, p_to_be_verified_data, p_to_be_verified_data_length, p_certificate_issuer, &hashed_data) == -1) { return -1; } + show_hex((const int8_t*)"generic_verify: p_data", hashed_data, p_lib_its_security_context->key_length); uint8_t* sig_r = (uint8_t*)malloc(p_lib_its_security_context->key_length); memcpy((void*)sig_r, (const void*)p_signature, p_lib_its_security_context->key_length); + show_hex((const int8_t*)"generic_verify: sig_r", sig_r, p_lib_its_security_context->key_length); uint8_t* sig_s = (uint8_t*)malloc(p_lib_its_security_context->key_length); memcpy((void*)sig_s, (const void*)(p_signature + p_lib_its_security_context->key_length), p_lib_its_security_context->key_length); + show_hex((const int8_t*)"generic_verify: sig_s", sig_s, p_lib_its_security_context->key_length); if (sign_verify(p_lib_its_security_context, hashed_data, p_lib_its_security_context->key_length, sig_r, sig_s, p_lib_its_security_context->key_length) == -1) { free(sig_r); free(sig_s); @@ -961,7 +987,7 @@ int32_t generic_verify( } int32_t sign_with_ecdsa_nistp256_with_sha256( - lib_its_security_context_t* p_lib_its_security_context, + lib_its_security_context_t* p_lib_its_security_context, // FIXME To be removed or remove p_private_key const uint8_t* p_to_be_signed_secured_message, const size_t p_to_be_signed_secured_message_length, const uint8_t* p_certificate_issuer, @@ -973,6 +999,10 @@ int32_t sign_with_ecdsa_nistp256_with_sha256( return -1; } + show_hex((const int8_t*)">>> sign_with_ecdsa_nistp256_with_sha256: p_data", p_to_be_signed_secured_message, p_to_be_signed_secured_message_length); + show_hex((const int8_t*)">>> sign_with_ecdsa_nistp256_with_sha256: p_certificate_issuer", p_certificate_issuer, p_lib_its_security_context->key_length); + show_hex((const int8_t*)">>> sign_with_ecdsa_nistp256_with_sha256: p_private_key", p_private_key, p_lib_its_security_context->key_length); + lib_its_security_context_t* lib_its_security_context; if (initialize_with_private_key(nist_p_256, p_private_key, &lib_its_security_context) == -1){ return -1; @@ -985,7 +1015,7 @@ int32_t sign_with_ecdsa_nistp256_with_sha256( } int32_t sign_with_ecdsa_brainpoolp256r1_with_sha256( - lib_its_security_context_t* p_lib_its_security_context, + lib_its_security_context_t* p_lib_its_security_context, // FIXME To be removed or remove p_private_key const uint8_t* p_to_be_signed_secured_message, const size_t p_to_be_signed_secured_message_length, const uint8_t* p_certificate_issuer, @@ -1009,7 +1039,7 @@ int32_t sign_with_ecdsa_brainpoolp256r1_with_sha256( } int32_t sign_with_ecdsa_brainpoolp384r1_with_sha384( - lib_its_security_context_t* p_lib_its_security_context, + lib_its_security_context_t* p_lib_its_security_context, // FIXME To be removed or remove p_private_key const uint8_t* p_to_be_signed_secured_message, const size_t p_to_be_signed_secured_message_length, const uint8_t* p_certificate_issuer, @@ -1033,7 +1063,7 @@ int32_t sign_with_ecdsa_brainpoolp384r1_with_sha384( } int32_t verify_with_ecdsa_nistp256_with_sha256( - lib_its_security_context_t* p_lib_its_security_context, + lib_its_security_context_t* p_lib_its_security_context, // FIXME To be removed or remove p_ecdsa_nistp256_publicKey_compressed const uint8_t* p_to_be_verified_data, const size_t p_to_be_verified_data_length, const uint8_t* p_certificate_issuer, @@ -1041,6 +1071,9 @@ int32_t verify_with_ecdsa_nistp256_with_sha256( const uint8_t* p_ecdsa_nistp256_publicKey_compressed, const ecc_compressed_mode_t p_compressed_mode ) { + + show_hex((const int8_t*)">>> verify_with_ecdsa_nistp256_with_sha256: p_to_be_verified_data=", p_to_be_verified_data, p_to_be_verified_data_length); + // Sanity checks if ((p_lib_its_security_context == NULL) || (p_to_be_verified_data == NULL) || (p_signature == NULL) || (p_ecdsa_nistp256_publicKey_compressed == NULL)) { return -1; @@ -1058,7 +1091,7 @@ int32_t verify_with_ecdsa_nistp256_with_sha256( } int32_t verify_with_ecdsa_nistp256_with_sha256_raw( - lib_its_security_context_t* p_lib_its_security_context, + lib_its_security_context_t* p_lib_its_security_context, // FIXME To be removed or remove p_ecdsa_nistp256_publicKey_compressed const uint8_t* p_to_be_verified_data, const size_t p_to_be_verified_data_length, const uint8_t* p_signature, @@ -1067,7 +1100,7 @@ int32_t verify_with_ecdsa_nistp256_with_sha256_raw( ) { return -1; } int32_t verify_with_ecdsa_brainpoolp256r1_with_sha256( - lib_its_security_context_t* p_lib_its_security_context, + lib_its_security_context_t* p_lib_its_security_context, // FIXME To be removed or remove p_ecdsaBrainpoolp256PublicKeyCompressed const uint8_t* p_to_be_verified_data, const size_t p_to_be_verified_data_length, const uint8_t* p_certificate_issuer, @@ -1075,7 +1108,12 @@ int32_t verify_with_ecdsa_brainpoolp256r1_with_sha256( const uint8_t* p_ecdsaBrainpoolp256PublicKeyCompressed, const ecc_compressed_mode_t p_compressed_mode ) { - // Sanity checks + show_hex((const int8_t*)">>> verify_with_ecdsa_brainpoolp256r1_with_sha256: p_to_be_verified_data=", p_to_be_verified_data, p_to_be_verified_data_length); + show_hex((const int8_t*)">>> verify_with_ecdsa_brainpoolp256r1_with_sha256: p_certificate_issuer=", p_certificate_issuer, 32); + show_hex((const int8_t*)">>> verify_with_ecdsa_brainpoolp256r1_with_sha256: p_signature=", p_signature, 64); + show_hex((const int8_t*)">>> verify_with_ecdsa_brainpoolp256r1_with_sha256: p_ecdsaBrainpoolp256PublicKeyCompressed=", p_ecdsaBrainpoolp256PublicKeyCompressed, 32); + + // Sanity checks if ((p_lib_its_security_context == NULL) || (p_to_be_verified_data == NULL) || (p_signature == NULL) || (p_ecdsaBrainpoolp256PublicKeyCompressed == NULL)) { return -1; } @@ -1092,7 +1130,7 @@ int32_t verify_with_ecdsa_brainpoolp256r1_with_sha256( } int32_t verify_with_ecdsa_brainpoolp384r1_with_sha384( - lib_its_security_context_t* p_lib_its_security_context, + lib_its_security_context_t* p_lib_its_security_context, // FIXME To be removed or remove p_ecdsaBrainpoolp384PublicKeyCompressed const uint8_t* p_to_be_verified_data, const size_t p_to_be_verified_data_length, const uint8_t* p_certificate_issuer, @@ -1100,6 +1138,8 @@ int32_t verify_with_ecdsa_brainpoolp384r1_with_sha384( const uint8_t* p_ecdsaBrainpoolp384PublicKeyCompressed, const ecc_compressed_mode_t p_compressed_mode ) { + show_hex((const int8_t*)">>> verify_with_ecdsa_brainpoolp384r1_with_sha384: p_to_be_verified_data=", p_to_be_verified_data, p_to_be_verified_data_length); + // Sanity checks if ((p_lib_its_security_context == NULL) || (p_to_be_verified_data == NULL) || (p_signature == NULL) || (p_ecdsaBrainpoolp384PublicKeyCompressed == NULL)) { return -1; @@ -1133,7 +1173,10 @@ int32_t encrypt_with_ecies_nistp256_with_sha256( uint8_t** p_encrypted_secured_message, size_t* p_encrypted_secured_message_length ) { - /* Sanity checks */ + show_hex((const int8_t*)">>> encrypt_with_ecies_nistp256_with_sha256: p_to_be_encrypted_secured_message=", p_to_be_encrypted_secured_message, p_to_be_encrypted_secured_message_length); + show_hex((const int8_t*)">>> encrypt_with_ecies_nistp256_with_sha256: p_recipients_public_key_compressed=", p_recipients_public_key_compressed, 32); + show_hex((const int8_t*)">>> encrypt_with_ecies_nistp256_with_sha256: p_salt=", p_salt, p_salt_length); + /* Sanity checks */ lib_its_security_context_t* lib_its_security_context = NULL; lib_its_security_context_t* lib_its_security_context_comp = NULL; /* Convert compressed key into XY-coordinates key */ @@ -1147,6 +1190,7 @@ int32_t encrypt_with_ecies_nistp256_with_sha256( if (result == -1) { goto end; } + show_hex((const int8_t*)"encrypt_with_ecies_nistp256_with_sha256: Ephemeral key compressed=", lib_its_security_context->public_key_c, lib_its_security_context->key_length); /* 2. Generate and derive shared secret based on recipient's public keys */ result = initialize_with_public_key(nist_p_256, p_recipients_public_key_compressed, p_compressed_mode, &lib_its_security_context_comp); @@ -1192,6 +1236,8 @@ int32_t encrypt_with_ecies_nistp256_with_sha256( *p_encrypted_secured_message = (uint8_t*)realloc((void*)*p_encrypted_secured_message, *p_encrypted_secured_message_length + lib_its_security_context->tag_length); memcpy((void*)(*p_encrypted_secured_message + *p_encrypted_secured_message_length), (const void*)lib_its_security_context->tag, lib_its_security_context->tag_length); *p_encrypted_secured_message_length += lib_its_security_context->tag_length; + fprintf(stderr, "p_encrypted_secured_message_length = %ld\n", *p_encrypted_secured_message_length); + show_hex((const int8_t*)"p_encrypted_secured_message", *p_encrypted_secured_message, *p_encrypted_secured_message_length); result = 0; end: @@ -1416,12 +1462,12 @@ int32_t decrypt_with_ecies_brainpoolp256r1_with_sha256( } int32_t encrypt_( - lib_its_security_context_t* p_lib_its_security_context, - const uint8_t* p_plain_text_message, - const size_t p_plain_text_message_length, - uint8_t** p_cipher_message, - size_t* p_cipher_message_length - ) { + lib_its_security_context_t* p_lib_its_security_context, + const uint8_t* p_plain_text_message, + const size_t p_plain_text_message_length, + uint8_t** p_cipher_message, + size_t* p_cipher_message_length + ) { /* Sanity checks */ if ((p_lib_its_security_context == NULL) || (p_lib_its_security_context->sym_key == NULL) || (p_lib_its_security_context->nonce == NULL) || (p_plain_text_message == NULL) || (p_cipher_message == NULL)) { return -1; @@ -1483,6 +1529,11 @@ int32_t decrypt( uint8_t** p_plain_text_message, size_t* p_plain_text_message_length ) { + show_hex((const int8_t*)">>> decrypt: p_cipher_message", p_cipher_message, p_cipher_message_length); + show_hex((const int8_t*)">>> decrypt: sym_key", p_lib_its_security_context->sym_key, p_lib_its_security_context->sym_key_length); + show_hex((const int8_t*)">>> decrypt: nonce", p_lib_its_security_context->nonce, p_lib_its_security_context->nonce_length); + show_hex((const int8_t*)">>> decrypt: tag", p_lib_its_security_context->tag, p_lib_its_security_context->tag_length); + /* Sanity checks */ if ((p_lib_its_security_context == NULL) || (p_lib_its_security_context->sym_key == NULL) || (p_lib_its_security_context->nonce == NULL) || (p_cipher_message == NULL) || (p_plain_text_message == NULL)) { return -1; @@ -1516,11 +1567,14 @@ int32_t decrypt( int len = 0; int result = EVP_DecryptUpdate(ctx, *p_plain_text_message, &len, p_cipher_message, p_cipher_message_length); EVP_CIPHER_CTX_free(ctx); + show_hex((const int8_t*)"decrypt: *p_plain_text_message", *p_plain_text_message, *p_plain_text_message_length); + fprintf(stderr, "decrypt: result=%d\n", result); if (result != 1) { free(*p_plain_text_message); *p_plain_text_message = NULL; } + fprintf(stderr, "<<< decrypt: result=%d\n", (result > 0) ? 0 : -1); return (result > 0) ? 0 : -1; } diff --git a/tools/itssecurity/lib_its_security/lib_its_security.h b/tools/itssecurity/lib_its_security/lib_its_security.h index 13e1d545fd6600069da517bb28f2c9816d74f08d..44d7e3e2f3ad6c9923054b53f4409614469ca131 100644 --- a/tools/itssecurity/lib_its_security/lib_its_security.h +++ b/tools/itssecurity/lib_its_security/lib_its_security.h @@ -395,13 +395,13 @@ LIBITSSECURITY_API int32_t decrypt_with_ecies_brainpoolp256r1_with_sha256( * \param[out] p_cipher_message_length The ciphered message length * \return 0 on success, -1 otherwise */ - LIBITSSECURITY_API int32_t encrypt_( // Conflict with unistd.h - lib_its_security_context_t* p_lib_its_security_context, - const uint8_t* p_plain_text_message, - const size_t p_plain_text_message_length, - uint8_t** p_cipher_message, - size_t* p_cipher_message_length - ); +LIBITSSECURITY_API int32_t encrypt_( // Conflict with unistd.h + lib_its_security_context_t* p_lib_its_security_context, + const uint8_t* p_plain_text_message, + const size_t p_plain_text_message_length, + uint8_t** p_cipher_message, + size_t* p_cipher_message_length + ); /** * \fn int32_t decrypt(lib_its_security_context_t* p_lib_its_security_context, const uint8_t* p_cipher_message, const size_t p_cipher_message_length, uint8_t** p_plain_text_message, size_t* p_plain_text_message_length); diff --git a/tools/itssecurity/lib_its_security/lib_its_security.vcxproj b/tools/itssecurity/lib_its_security/lib_its_security.vcxproj index 5ea7b624b9e0c532f4d8d82e91db8424a9ddb3f5..8ca7805617aa1a7550a54db8c90c25f40cebad6c 100644 --- a/tools/itssecurity/lib_its_security/lib_its_security.vcxproj +++ b/tools/itssecurity/lib_its_security/lib_its_security.vcxproj @@ -88,10 +88,10 @@ - Use + NotUsing Level3 true - _DEBUG;LIBITSSECURITY_EXPORTS;_WINDOWS;_USRDLL;_Win64;%(PreprocessorDefinitions) + _Win64;_DEBUG;LIBITSSECURITY_EXPORTS;_WINDOWS;_USRDLL;_Win64;%(PreprocessorDefinitions) true pch.h C:\Program Files\OpenSSL-Win64\include @@ -159,6 +159,9 @@ C:\Program Files\OpenSSL-Win64\lib\VC libcrypto64MDd.lib;libssl64MDd.lib;Ws2_32.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + cp "$(TargetPath)" "$(MSBuildProjectDirectory)\..\..\..\tt3plugins\TT_TestSystem\itssecurity\win32\x86_64" + diff --git a/tools/itssecurity/test/lib_its_security_tests_unit.vcxproj b/tools/itssecurity/test/lib_its_security_tests_unit.vcxproj index cd0af22cc58f0c7d1d793452fb85f2cf48178524..f098986fed7a8331f6d25a60fe0a80fe5d5fa5e1 100644 --- a/tools/itssecurity/test/lib_its_security_tests_unit.vcxproj +++ b/tools/itssecurity/test/lib_its_security_tests_unit.vcxproj @@ -65,7 +65,7 @@ - Use + NotUsing pch.h Disabled _Win64;X64;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) @@ -77,7 +77,7 @@ true Console - C:\Users\yanng\source\repos\TestOpenSSL\x64\Debug;C:\Program Files\OpenSSL-Win64\lib\VC + $(ProjectDir)..\x64\Debug;C:\Program Files\OpenSSL-Win64\lib\VC lib_its_security.lib;libcrypto64MDd.lib;libssl64MDd.lib;Ws2_32.lib;%(AdditionalDependencies) $(OutDir)$(TargetName).pdb diff --git a/tools/itssecurity/test/test_lib_its_security.cc b/tools/itssecurity/test/test_lib_its_security.cc index be4eddc268d779d481a31b34ed17b621735128ab..af6ae8d4bfeebab44013d5e1c4ad39f13ec1fb0b 100755 --- a/tools/itssecurity/test/test_lib_its_security.cc +++ b/tools/itssecurity/test/test_lib_its_security.cc @@ -640,6 +640,34 @@ TEST(lib_its_security_test_suite, sign_with_ecdsa_brainpoolp256r1_with_sha256_4) EXPECT_TRUE(lib_its_security_context == NULL); } +TEST(lib_its_security_test_suite, sign_with_ecdsa_brainpoolp256r1_with_sha256_5) { + // Preamble + lib_its_security_context_t* lib_its_security_context = NULL; + size_t l; + uint8_t* public_key_compressed = hex_to_bin((const int8_t*)"45dc4fbf42910e1843bc33ed5752e3781fa84432af6d77c3f35bc105e8493842", &l); + ecc_compressed_mode_t public_key_compressed_mode = compressed_y_0; + EXPECT_TRUE(initialize_with_public_key(brainpool_p_256_r1, public_key_compressed, public_key_compressed_mode, &lib_its_security_context) == 0); + + // Test body + size_t data_length; + uint8_t* data = hex_to_bin((const int8_t*)"40038081CD018140B35BB1620425E515B0AE24C8183B64FF008003008062C042D452D16EBA70812431356433396237342D653232372D346431322D383039622D36313033373631623235393000000000001E80314F8400788301028000FA80017C0001018002026F81030201C080808369D872E470EC6CFB9483834DAF3BA42430ED455308382F8893C94195F31125528180256EF768A3101619D9D67071B20CE3339EFEA006FBD11CEDE0406BE63E0F947B54D4BDE21CB10580CB8D3119F6152FD0C48E07A95CB26A72746EE3B62600B27F4002026F0001D16790C0B1BD", &data_length); + uint8_t* issuer = hex_to_bin((const int8_t*)"89bab7dea15bdaf3ff0357d952760a25735dd9816941bf6562c042d452d16eba", &l); + uint8_t* sig = hex_to_bin((const int8_t*)"03F5D9B6C73AE57FE2372F0F9580349A474AF3CE30CE986E7DFDEF8E87BA309B45677D03B713594E0C731B3C680A87631A9E23993678B2268E1715B8EB5E07CF", &l); + EXPECT_TRUE(verify_with_ecdsa_brainpoolp256r1_with_sha256(lib_its_security_context, data, data_length, issuer, sig, public_key_compressed, public_key_compressed_mode) == 0); + free(data); + data = hex_to_bin((const int8_t*)"018140917e149bda9bb458c5ae3d48757c41b3008003008062c042d452d16eba70812436393761346436332d366666342d343234642d613664342d38333738653034306234316200000000001e8113df8400788301028000fa80017c0001018002026f81030201c08080839f4d40e1aa679757aad00885fdf365b4b9764d51e5f4cbba38765813fddc6f8d8180934615ee798ccc3786dc0a8b305ddc04cc7641acf1c52fce051ebf7a5266e9fb490f723920145aa9a014231948b01ba5227f8adda0e5c912376930330a09c1944002026f0001d17511c52f26", &data_length); + EXPECT_TRUE(verify_with_ecdsa_brainpoolp256r1_with_sha256(lib_its_security_context, data, data_length, issuer, sig, public_key_compressed, public_key_compressed_mode) == -1); + + // Postamble + free(data); + free(issuer); + free(sig); + free(public_key_compressed); + EXPECT_TRUE(lib_its_security_context->ec_key != NULL); + EXPECT_TRUE(uninitialize(&lib_its_security_context) == 0); + EXPECT_TRUE(lib_its_security_context == NULL); +} + TEST(lib_its_security_test_suite, sign_with_ecdsa_brainpoolp384r1_with_sha384_1) { // Preamble lib_its_security_context_t* lib_its_security_context = NULL; diff --git a/ttcn/AtsGenCert/ItsGenCert_Functions.ttcn b/ttcn/AtsGenCert/ItsGenCert_Functions.ttcn index 49ad129a824eb77cc7660c0773c030a7839538d0..1aeef7b562c1fa579a6d5eb93dfad5b11299b3a9 100644 --- a/ttcn/AtsGenCert/ItsGenCert_Functions.ttcn +++ b/ttcn/AtsGenCert/ItsGenCert_Functions.ttcn @@ -302,6 +302,7 @@ module ItsGenCert_Functions { p_certificate_details_list[v_counter].public_key_compressed, p_certificate_details_list[v_counter].public_key_compressed_mode, p_certificate_details_list[v_counter].hash, + p_certificate_details_list[v_counter].hash_256, p_certificate_details_list[v_counter].hashid8, p_certificate_details_list[v_counter].issuer, p_certificate_details_list[v_counter].private_enc_key, @@ -319,6 +320,7 @@ module ItsGenCert_Functions { p_certificate_details_list[v_counter].public_key_compressed, p_certificate_details_list[v_counter].public_key_compressed_mode, p_certificate_details_list[v_counter].hash, + p_certificate_details_list[v_counter].hash_256, p_certificate_details_list[v_counter].hashid8, p_certificate_details_list[v_counter].issuer, omit, diff --git a/ttcn/LibIts b/ttcn/LibIts index 956ea968e8a7b3701c6fbb1386c3aac2e98c4d46..3f7c134dc24afb3a4b8ae71dd04b75b116b8fda7 160000 --- a/ttcn/LibIts +++ b/ttcn/LibIts @@ -1 +1 @@ -Subproject commit 956ea968e8a7b3701c6fbb1386c3aac2e98c4d46 +Subproject commit 3f7c134dc24afb3a4b8ae71dd04b75b116b8fda7