diff --git a/.TITAN_properties b/.TITAN_properties index 76dec310556dd7633179cbf698019c32da19014b..c51fed672edc4614fd9a238f7e25e1b639f67de5 100644 --- a/.TITAN_properties +++ b/.TITAN_properties @@ -22,7 +22,6 @@ ./bin ./src/bin - ./src/bin/asn1 C:\ProgramFiles\OpenSSL-Win64\include C:\npcap-sdk-0.1\Include /Users/yann/Documents/wireshark/cygwin64/usr/lib/gcc/x86_64-pc-cygwin/7.3.0/include/c++ @@ -30,8 +29,8 @@ true true true - true true + true -std=c++11 ./src/bin/asn1/libItsAsn.so diff --git a/docker/v2/build.cmd b/docker/v2/build.cmd index 565c1ac162fbafb54125a886d38342c6033e0678..858659c927318cac7acf534fee478a211b62285f 100755 --- a/docker/v2/build.cmd +++ b/docker/v2/build.cmd @@ -4,7 +4,7 @@ for /f "delims=" %%i in ('docker images -q stfubuntu') do set STFUBUNTU=%%i if "x%STFUBUNTU%"=="x" ( echo Build the stfubuntu:18.04 base on ubuntu:18.04 docker build --tag stfubuntu:18.04 -f Dockerfile.stfubuntu --force-rm . - if %ERRORLEVEL% NEQ 0 exit 1 + if %ERRORLEVEL% NEQ 0 return 1 ) else ( echo The stfubuntu:18.04 is already built. Skip this stage ) @@ -13,14 +13,14 @@ docker build --tag stf525_its --force-rm . set RC=%ERRORLEVEL% if %RC% NEQ 0 ( echo Docker build failed: %RC% - exit 1 + return 1 ) docker images docker inspect stf525_its:latest set RC=%ERRORLEVEL% if %RC% NEQ 0 ( echo Docker inspect failed: %RC% - exit 1 + return 1 ) -exit 0 +return 0 diff --git a/tools/itssecurity/.vs/itssecurity/v16/.suo b/tools/itssecurity/.vs/itssecurity/v16/.suo index 7f409fb25b385a6e1b04eafe48f26019710b25dd..5c6dbe7350426a2bc4da9b8b0dc157b4b416c02d 100644 Binary files a/tools/itssecurity/.vs/itssecurity/v16/.suo and b/tools/itssecurity/.vs/itssecurity/v16/.suo differ diff --git a/tools/itssecurity/.vs/itssecurity/v16/Browse.VC.db b/tools/itssecurity/.vs/itssecurity/v16/Browse.VC.db index 6bf3c4b719f1e3b4bacf0844bf30e6921a585c65..74f43caea75b5740601309713ea7e9630adce857 100644 Binary files a/tools/itssecurity/.vs/itssecurity/v16/Browse.VC.db and b/tools/itssecurity/.vs/itssecurity/v16/Browse.VC.db differ diff --git a/tools/itssecurity/.vs/itssecurity/v16/Solution.VC.db b/tools/itssecurity/.vs/itssecurity/v16/Solution.VC.db index 9901f264032c2f16723ac3e1534a879dc00e0e10..ecc6e29f7eb9831922b244193c0942063eeef543 100644 Binary files a/tools/itssecurity/.vs/itssecurity/v16/Solution.VC.db and b/tools/itssecurity/.vs/itssecurity/v16/Solution.VC.db differ diff --git a/tools/itssecurity/.vs/itssecurity/v16/ipch/AutoPCH/1ee3db2fc2bf098/COM_SPIRENT_ITS_SECURITY.ipch b/tools/itssecurity/.vs/itssecurity/v16/ipch/AutoPCH/1ee3db2fc2bf098/COM_SPIRENT_ITS_SECURITY.ipch deleted file mode 100644 index 86ab7044261ead52564c1f44b325a4efcd21bb5b..0000000000000000000000000000000000000000 Binary files a/tools/itssecurity/.vs/itssecurity/v16/ipch/AutoPCH/1ee3db2fc2bf098/COM_SPIRENT_ITS_SECURITY.ipch and /dev/null differ diff --git a/tools/itssecurity/.vs/itssecurity/v16/ipch/AutoPCH/3946801aa34e60d3/COM_SPIRENT_ITS_SECURITY_NATIVESECURITY.ipch b/tools/itssecurity/.vs/itssecurity/v16/ipch/AutoPCH/3946801aa34e60d3/COM_SPIRENT_ITS_SECURITY_NATIVESECURITY.ipch deleted file mode 100644 index 2d5aafaa3872d9465bb22153d4b2174d5150e629..0000000000000000000000000000000000000000 Binary files a/tools/itssecurity/.vs/itssecurity/v16/ipch/AutoPCH/3946801aa34e60d3/COM_SPIRENT_ITS_SECURITY_NATIVESECURITY.ipch and /dev/null differ diff --git a/tools/itssecurity/.vs/itssecurity/v16/ipch/AutoPCH/403d4330dabcb9cb/COM_SPIRENT_ITS_SECURITY.ipch b/tools/itssecurity/.vs/itssecurity/v16/ipch/AutoPCH/403d4330dabcb9cb/COM_SPIRENT_ITS_SECURITY.ipch deleted file mode 100644 index 40645b8c3c294b3f9be72377ad2b8c6b48ab2cb7..0000000000000000000000000000000000000000 Binary files a/tools/itssecurity/.vs/itssecurity/v16/ipch/AutoPCH/403d4330dabcb9cb/COM_SPIRENT_ITS_SECURITY.ipch and /dev/null differ diff --git a/tools/itssecurity/.vs/itssecurity/v16/ipch/AutoPCH/5f9167d1ee025d78/COM_SPIRENT_ITS_SECURITY.ipch b/tools/itssecurity/.vs/itssecurity/v16/ipch/AutoPCH/5f9167d1ee025d78/COM_SPIRENT_ITS_SECURITY.ipch deleted file mode 100644 index f29fb7376c8d53bf49078f246b141b62c3bc5c3f..0000000000000000000000000000000000000000 Binary files a/tools/itssecurity/.vs/itssecurity/v16/ipch/AutoPCH/5f9167d1ee025d78/COM_SPIRENT_ITS_SECURITY.ipch and /dev/null differ diff --git a/tools/itssecurity/.vs/itssecurity/v16/ipch/AutoPCH/bbf5104d398540e0/COM_SPIRENT_ITS_SECURITY_NATIVESECURITY.ipch b/tools/itssecurity/.vs/itssecurity/v16/ipch/AutoPCH/bbf5104d398540e0/COM_SPIRENT_ITS_SECURITY_NATIVESECURITY.ipch deleted file mode 100644 index 3e930ef9c79ae9542f51e89da781ab5749b274aa..0000000000000000000000000000000000000000 Binary files a/tools/itssecurity/.vs/itssecurity/v16/ipch/AutoPCH/bbf5104d398540e0/COM_SPIRENT_ITS_SECURITY_NATIVESECURITY.ipch and /dev/null differ diff --git a/tools/itssecurity/.vs/itssecurity/v16/ipch/AutoPCH/fa071e5da418d69b/COM_SPIRENT_ITS_SECURITY.ipch b/tools/itssecurity/.vs/itssecurity/v16/ipch/AutoPCH/fa071e5da418d69b/COM_SPIRENT_ITS_SECURITY.ipch deleted file mode 100644 index 504e35c4d72bee58e5ac46dd26cebceecea9dc49..0000000000000000000000000000000000000000 Binary files a/tools/itssecurity/.vs/itssecurity/v16/ipch/AutoPCH/fa071e5da418d69b/COM_SPIRENT_ITS_SECURITY.ipch and /dev/null differ diff --git a/tools/itssecurity/itssecurity.sln b/tools/itssecurity/itssecurity.sln index 973e97725c3fa1e4ea0af5d96988e061b9a69a16..c01f3b545a1e17124e9727bfff0d2b340db0ab8d 100644 --- a/tools/itssecurity/itssecurity.sln +++ b/tools/itssecurity/itssecurity.sln @@ -7,6 +7,8 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "lib_its_security", "lib_its EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "lib_its_security_tests_unit", "test\lib_its_security_tests_unit.vcxproj", "{5151573E-B7B3-44B4-BA0B-5410831C3D9D}" EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "org_etsi_its_security", "org_etsi_its_security\org_etsi_its_security.vcxproj", "{B5C77DAC-BC05-426F-8E13-E60BD2732A02}" +EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution Debug|x64 = Debug|x64 @@ -31,14 +33,14 @@ Global {5151573E-B7B3-44B4-BA0B-5410831C3D9D}.Release|x64.Build.0 = Release|x64 {5151573E-B7B3-44B4-BA0B-5410831C3D9D}.Release|x86.ActiveCfg = Release|Win32 {5151573E-B7B3-44B4-BA0B-5410831C3D9D}.Release|x86.Build.0 = Release|Win32 - {A5E5C89A-7B89-443A-9972-E0145DBA3B7E}.Debug|x64.ActiveCfg = Debug|x64 - {A5E5C89A-7B89-443A-9972-E0145DBA3B7E}.Debug|x64.Build.0 = Debug|x64 - {A5E5C89A-7B89-443A-9972-E0145DBA3B7E}.Debug|x86.ActiveCfg = Debug|Win32 - {A5E5C89A-7B89-443A-9972-E0145DBA3B7E}.Debug|x86.Build.0 = Debug|Win32 - {A5E5C89A-7B89-443A-9972-E0145DBA3B7E}.Release|x64.ActiveCfg = Release|x64 - {A5E5C89A-7B89-443A-9972-E0145DBA3B7E}.Release|x64.Build.0 = Release|x64 - {A5E5C89A-7B89-443A-9972-E0145DBA3B7E}.Release|x86.ActiveCfg = Release|Win32 - {A5E5C89A-7B89-443A-9972-E0145DBA3B7E}.Release|x86.Build.0 = Release|Win32 + {B5C77DAC-BC05-426F-8E13-E60BD2732A02}.Debug|x64.ActiveCfg = Debug|x64 + {B5C77DAC-BC05-426F-8E13-E60BD2732A02}.Debug|x64.Build.0 = Debug|x64 + {B5C77DAC-BC05-426F-8E13-E60BD2732A02}.Debug|x86.ActiveCfg = Debug|Win32 + {B5C77DAC-BC05-426F-8E13-E60BD2732A02}.Debug|x86.Build.0 = Debug|Win32 + {B5C77DAC-BC05-426F-8E13-E60BD2732A02}.Release|x64.ActiveCfg = Release|x64 + {B5C77DAC-BC05-426F-8E13-E60BD2732A02}.Release|x64.Build.0 = Release|x64 + {B5C77DAC-BC05-426F-8E13-E60BD2732A02}.Release|x86.ActiveCfg = Release|Win32 + {B5C77DAC-BC05-426F-8E13-E60BD2732A02}.Release|x86.Build.0 = Release|Win32 EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE diff --git a/tools/itssecurity/lib_its_security/lib_its_security.c b/tools/itssecurity/lib_its_security/lib_its_security.c index 696d932d0b50ad382d9c443f7843df1d83ab75c9..811f0a08b61398854e31c542239ff6e32400e11b 100644 --- a/tools/itssecurity/lib_its_security/lib_its_security.c +++ b/tools/itssecurity/lib_its_security/lib_its_security.c @@ -165,6 +165,10 @@ int32_t sign_verify( const uint8_t* p_sig_s, const size_t p_sig_length ) { + show_hex((const int8_t*)">>> sign_verify: p_data", p_data, p_data_length); + show_hex((const int8_t*)">>> sign_verify: p_sig_r", p_sig_r, p_sig_length); + show_hex((const int8_t*)">>> sign_verify: p_sig_s", p_sig_s, p_sig_length); + // Sanity checks if ((p_lib_its_security_context == NULL) || (p_data == NULL) || (p_sig_r == NULL) || (p_sig_s == NULL)) { return -1; @@ -177,6 +181,7 @@ int32_t sign_verify( ECDSA_SIG_set0(signature, r, s); // Check the signature int32_t result = ECDSA_do_verify(p_data, p_data_length, signature, p_lib_its_security_context->ec_key); + fprintf(stderr, "sign_verify: result=%d\n", result); ECDSA_SIG_free(signature); return (result == 1) ? 0 : -1; @@ -382,7 +387,7 @@ int32_t generate_and_derive_ephemeral_key_for_encryption( uint8_t* k2 = (uint8_t*)malloc(k2_length); memcpy((void*)k2, (const void*)(k_enc + digest), k2_length); show_hex((const int8_t*)"k2", k2, k2_length); - hmac_sha256(p_ecdh_private_key->enc_sym_key, p_ecdh_private_key->sym_key_length, k2, k2_length, &p_ecdh_private_key->tag); + hmac_sha256(k2, k2_length, p_ecdh_private_key->enc_sym_key, p_ecdh_private_key->sym_key_length, &p_ecdh_private_key->tag); show_hex((const int8_t*)"tag", p_ecdh_private_key->tag, p_ecdh_private_key->tag_length); /* Generate random IV (nonce) */ @@ -486,7 +491,7 @@ int32_t generate_and_derive_ephemeral_key_for_decryption( uint8_t* k2 = (uint8_t*)malloc(k2_length); memcpy((void*)k2, (const void*)(k_enc + digest), k2_length); show_hex((const int8_t*)"k2", k2, k2_length); - hmac_sha256(p_lib_its_security_context->enc_sym_key, p_lib_its_security_context->sym_key_length, k2, k2_length, &p_lib_its_security_context->tag); + hmac_sha256(k2, k2_length, p_lib_its_security_context->enc_sym_key, p_lib_its_security_context->sym_key_length, &p_lib_its_security_context->tag); show_hex((const int8_t*)"authentication vector", p_lib_its_security_context->tag, p_lib_its_security_context->tag_length); /* Extract K1 and generate encrypted symmetric key */ @@ -822,6 +827,9 @@ int32_t hmac_sha256( return -1; } + show_hex((const int8_t*)">>> hmac_sha256: p_secret_key", p_secret_key, p_secret_key_length); + show_hex((const int8_t*)">>> hmac_sha256: p_message", p_message, p_message_length); + uint32_t length = 64; uint8_t* hmac = (uint8_t*)malloc(length); HMAC_CTX *ctx = HMAC_CTX_new(); @@ -834,6 +842,7 @@ int32_t hmac_sha256( *p_hmac = (uint8_t*)malloc(16); memcpy((void*)*p_hmac, (const void*)hmac, 16); free(hmac); + show_hex((const int8_t*)"<<< hmac_sha256: p_message", *p_hmac, 16); return 0; } @@ -845,18 +854,20 @@ int32_t prepare_data_to_be_verify( const uint8_t* p_certificate_issuer, uint8_t** p_hashed_data ) { + show_hex((const int8_t*)">>> prepare_data_to_be_verify: p_data", p_data, p_data_length); + // Calculate the SHA of the hashed data for signing: Hash ( Hash (Data input) || Hash (Signer identifier input) ) uint8_t* hashed_data1; // Hash (Data input) int32_t result; if (p_lib_its_security_context->elliptic_curve == brainpool_p_384_r1) { result = hash_with_sha384(p_data, p_data_length, &hashed_data1); } else { - result = hash_with_sha256(p_data, p_data_length, &hashed_data1); + result = hash_with_sha256(p_data, p_data_length, &hashed_data1); // Hash (Data input) } if (result == -1) { return -1; } - uint8_t* hashed_data2; // Hash (Signer identifier input) + show_hex((const int8_t*)"prepare_data_to_be_verify: hashed_data1", hashed_data1, p_lib_its_security_context->key_length); // Check if issuer is '00...00'O vector bool foundNonZero = false; for (int i = 0; i < 32; i++) { @@ -865,7 +876,10 @@ int32_t prepare_data_to_be_verify( break; } } - if (foundNonZero) { + fprintf(stderr, "prepare_data_to_be_verify: foundNonZero=%d\n", foundNonZero); + uint8_t* hashed_data2; // Hash (Signer identifier input) + if (foundNonZero) { + // p_certificate_issuer is already the hashed id hashed_data2 = (uint8_t*)malloc(p_lib_its_security_context->key_length); memcpy((void*)hashed_data2, (const void*)p_certificate_issuer, p_lib_its_security_context->key_length); result = 0; @@ -881,14 +895,17 @@ int32_t prepare_data_to_be_verify( free(hashed_data2); return -1; } + show_hex((const int8_t*)"prepare_data_to_be_verify: hashed_data2", hashed_data2, p_lib_its_security_context->key_length); uint8_t* hash_data_buffer = (uint8_t*)malloc(2 * p_lib_its_security_context->key_length); // Hash (Data input) || Hash (Signer identifier input) memcpy((void*)hash_data_buffer, (const void*)hashed_data1, p_lib_its_security_context->key_length); memcpy((void*)(hash_data_buffer + p_lib_its_security_context->key_length), (const void*)hashed_data2, p_lib_its_security_context->key_length); + show_hex((const int8_t*)"prepare_data_to_be_verify: hash_data_buffer", hash_data_buffer, 2 * p_lib_its_security_context->key_length); if (p_lib_its_security_context->elliptic_curve == brainpool_p_384_r1) { result = hash_with_sha384(hash_data_buffer, 2 * p_lib_its_security_context->key_length, p_hashed_data); // Hash ( Hash (Data input) || Hash (Signer identifier input) ) } else { result = hash_with_sha256(hash_data_buffer, 2 * p_lib_its_security_context->key_length, p_hashed_data); // Hash ( Hash (Data input) || Hash (Signer identifier input) ) } + show_hex((const int8_t*)"prepare_data_to_be_verify: p_hashed_data", *p_hashed_data, p_lib_its_security_context->key_length); free(hashed_data1); free(hashed_data2); free(hash_data_buffer); @@ -904,7 +921,11 @@ int32_t generic_signature( const uint8_t* p_private_key, uint8_t** p_signature ) { - uint8_t* hashed_data; + show_hex((const int8_t*)">>> generic_signature: p_to_be_signed_secured_message", p_to_be_signed_secured_message, p_to_be_signed_secured_message_length); + show_hex((const int8_t*)">>> generic_signature: p_certificate_issuer", p_certificate_issuer, p_lib_its_security_context->key_length); + show_hex((const int8_t*)">>> generic_signature: p_private_key", p_private_key, p_lib_its_security_context->key_length); + + uint8_t* hashed_data; if (prepare_data_to_be_verify(p_lib_its_security_context, p_to_be_signed_secured_message, p_to_be_signed_secured_message_length, p_certificate_issuer, &hashed_data) == -1) { return -1; } @@ -919,6 +940,8 @@ int32_t generic_signature( } free(hashed_data); // Copy the signature + show_hex((const int8_t*)"generic_signature: r_sig", r_sig, p_lib_its_security_context->key_length); + show_hex((const int8_t*)"generic_signature: s_sig", s_sig, p_lib_its_security_context->key_length); *p_signature = (uint8_t*)malloc(2 * p_lib_its_security_context->key_length); // r_sig || s_sig memcpy((void*)*p_signature, (const void*)r_sig, p_lib_its_security_context->key_length); memcpy((void*)(*p_signature + p_lib_its_security_context->key_length), (const void*)s_sig, p_lib_its_security_context->key_length); @@ -942,11 +965,14 @@ int32_t generic_verify( if (prepare_data_to_be_verify(p_lib_its_security_context, p_to_be_verified_data, p_to_be_verified_data_length, p_certificate_issuer, &hashed_data) == -1) { return -1; } + show_hex((const int8_t*)"generic_verify: p_data", hashed_data, p_lib_its_security_context->key_length); uint8_t* sig_r = (uint8_t*)malloc(p_lib_its_security_context->key_length); memcpy((void*)sig_r, (const void*)p_signature, p_lib_its_security_context->key_length); + show_hex((const int8_t*)"generic_verify: sig_r", sig_r, p_lib_its_security_context->key_length); uint8_t* sig_s = (uint8_t*)malloc(p_lib_its_security_context->key_length); memcpy((void*)sig_s, (const void*)(p_signature + p_lib_its_security_context->key_length), p_lib_its_security_context->key_length); + show_hex((const int8_t*)"generic_verify: sig_s", sig_s, p_lib_its_security_context->key_length); if (sign_verify(p_lib_its_security_context, hashed_data, p_lib_its_security_context->key_length, sig_r, sig_s, p_lib_its_security_context->key_length) == -1) { free(sig_r); free(sig_s); @@ -961,7 +987,7 @@ int32_t generic_verify( } int32_t sign_with_ecdsa_nistp256_with_sha256( - lib_its_security_context_t* p_lib_its_security_context, + lib_its_security_context_t* p_lib_its_security_context, // FIXME To be removed or remove p_private_key const uint8_t* p_to_be_signed_secured_message, const size_t p_to_be_signed_secured_message_length, const uint8_t* p_certificate_issuer, @@ -973,6 +999,10 @@ int32_t sign_with_ecdsa_nistp256_with_sha256( return -1; } + show_hex((const int8_t*)">>> sign_with_ecdsa_nistp256_with_sha256: p_data", p_to_be_signed_secured_message, p_to_be_signed_secured_message_length); + show_hex((const int8_t*)">>> sign_with_ecdsa_nistp256_with_sha256: p_certificate_issuer", p_certificate_issuer, p_lib_its_security_context->key_length); + show_hex((const int8_t*)">>> sign_with_ecdsa_nistp256_with_sha256: p_private_key", p_private_key, p_lib_its_security_context->key_length); + lib_its_security_context_t* lib_its_security_context; if (initialize_with_private_key(nist_p_256, p_private_key, &lib_its_security_context) == -1){ return -1; @@ -985,7 +1015,7 @@ int32_t sign_with_ecdsa_nistp256_with_sha256( } int32_t sign_with_ecdsa_brainpoolp256r1_with_sha256( - lib_its_security_context_t* p_lib_its_security_context, + lib_its_security_context_t* p_lib_its_security_context, // FIXME To be removed or remove p_private_key const uint8_t* p_to_be_signed_secured_message, const size_t p_to_be_signed_secured_message_length, const uint8_t* p_certificate_issuer, @@ -1009,7 +1039,7 @@ int32_t sign_with_ecdsa_brainpoolp256r1_with_sha256( } int32_t sign_with_ecdsa_brainpoolp384r1_with_sha384( - lib_its_security_context_t* p_lib_its_security_context, + lib_its_security_context_t* p_lib_its_security_context, // FIXME To be removed or remove p_private_key const uint8_t* p_to_be_signed_secured_message, const size_t p_to_be_signed_secured_message_length, const uint8_t* p_certificate_issuer, @@ -1033,7 +1063,7 @@ int32_t sign_with_ecdsa_brainpoolp384r1_with_sha384( } int32_t verify_with_ecdsa_nistp256_with_sha256( - lib_its_security_context_t* p_lib_its_security_context, + lib_its_security_context_t* p_lib_its_security_context, // FIXME To be removed or remove p_ecdsa_nistp256_publicKey_compressed const uint8_t* p_to_be_verified_data, const size_t p_to_be_verified_data_length, const uint8_t* p_certificate_issuer, @@ -1041,6 +1071,9 @@ int32_t verify_with_ecdsa_nistp256_with_sha256( const uint8_t* p_ecdsa_nistp256_publicKey_compressed, const ecc_compressed_mode_t p_compressed_mode ) { + + show_hex((const int8_t*)">>> verify_with_ecdsa_nistp256_with_sha256: p_to_be_verified_data=", p_to_be_verified_data, p_to_be_verified_data_length); + // Sanity checks if ((p_lib_its_security_context == NULL) || (p_to_be_verified_data == NULL) || (p_signature == NULL) || (p_ecdsa_nistp256_publicKey_compressed == NULL)) { return -1; @@ -1058,7 +1091,7 @@ int32_t verify_with_ecdsa_nistp256_with_sha256( } int32_t verify_with_ecdsa_nistp256_with_sha256_raw( - lib_its_security_context_t* p_lib_its_security_context, + lib_its_security_context_t* p_lib_its_security_context, // FIXME To be removed or remove p_ecdsa_nistp256_publicKey_compressed const uint8_t* p_to_be_verified_data, const size_t p_to_be_verified_data_length, const uint8_t* p_signature, @@ -1067,7 +1100,7 @@ int32_t verify_with_ecdsa_nistp256_with_sha256_raw( ) { return -1; } int32_t verify_with_ecdsa_brainpoolp256r1_with_sha256( - lib_its_security_context_t* p_lib_its_security_context, + lib_its_security_context_t* p_lib_its_security_context, // FIXME To be removed or remove p_ecdsaBrainpoolp256PublicKeyCompressed const uint8_t* p_to_be_verified_data, const size_t p_to_be_verified_data_length, const uint8_t* p_certificate_issuer, @@ -1075,7 +1108,12 @@ int32_t verify_with_ecdsa_brainpoolp256r1_with_sha256( const uint8_t* p_ecdsaBrainpoolp256PublicKeyCompressed, const ecc_compressed_mode_t p_compressed_mode ) { - // Sanity checks + show_hex((const int8_t*)">>> verify_with_ecdsa_brainpoolp256r1_with_sha256: p_to_be_verified_data=", p_to_be_verified_data, p_to_be_verified_data_length); + show_hex((const int8_t*)">>> verify_with_ecdsa_brainpoolp256r1_with_sha256: p_certificate_issuer=", p_certificate_issuer, 32); + show_hex((const int8_t*)">>> verify_with_ecdsa_brainpoolp256r1_with_sha256: p_signature=", p_signature, 64); + show_hex((const int8_t*)">>> verify_with_ecdsa_brainpoolp256r1_with_sha256: p_ecdsaBrainpoolp256PublicKeyCompressed=", p_ecdsaBrainpoolp256PublicKeyCompressed, 32); + + // Sanity checks if ((p_lib_its_security_context == NULL) || (p_to_be_verified_data == NULL) || (p_signature == NULL) || (p_ecdsaBrainpoolp256PublicKeyCompressed == NULL)) { return -1; } @@ -1092,7 +1130,7 @@ int32_t verify_with_ecdsa_brainpoolp256r1_with_sha256( } int32_t verify_with_ecdsa_brainpoolp384r1_with_sha384( - lib_its_security_context_t* p_lib_its_security_context, + lib_its_security_context_t* p_lib_its_security_context, // FIXME To be removed or remove p_ecdsaBrainpoolp384PublicKeyCompressed const uint8_t* p_to_be_verified_data, const size_t p_to_be_verified_data_length, const uint8_t* p_certificate_issuer, @@ -1100,6 +1138,8 @@ int32_t verify_with_ecdsa_brainpoolp384r1_with_sha384( const uint8_t* p_ecdsaBrainpoolp384PublicKeyCompressed, const ecc_compressed_mode_t p_compressed_mode ) { + show_hex((const int8_t*)">>> verify_with_ecdsa_brainpoolp384r1_with_sha384: p_to_be_verified_data=", p_to_be_verified_data, p_to_be_verified_data_length); + // Sanity checks if ((p_lib_its_security_context == NULL) || (p_to_be_verified_data == NULL) || (p_signature == NULL) || (p_ecdsaBrainpoolp384PublicKeyCompressed == NULL)) { return -1; @@ -1133,7 +1173,10 @@ int32_t encrypt_with_ecies_nistp256_with_sha256( uint8_t** p_encrypted_secured_message, size_t* p_encrypted_secured_message_length ) { - /* Sanity checks */ + show_hex((const int8_t*)">>> encrypt_with_ecies_nistp256_with_sha256: p_to_be_encrypted_secured_message=", p_to_be_encrypted_secured_message, p_to_be_encrypted_secured_message_length); + show_hex((const int8_t*)">>> encrypt_with_ecies_nistp256_with_sha256: p_recipients_public_key_compressed=", p_recipients_public_key_compressed, 32); + show_hex((const int8_t*)">>> encrypt_with_ecies_nistp256_with_sha256: p_salt=", p_salt, p_salt_length); + /* Sanity checks */ lib_its_security_context_t* lib_its_security_context = NULL; lib_its_security_context_t* lib_its_security_context_comp = NULL; /* Convert compressed key into XY-coordinates key */ @@ -1147,6 +1190,7 @@ int32_t encrypt_with_ecies_nistp256_with_sha256( if (result == -1) { goto end; } + show_hex((const int8_t*)"encrypt_with_ecies_nistp256_with_sha256: Ephemeral key compressed=", lib_its_security_context->public_key_c, lib_its_security_context->key_length); /* 2. Generate and derive shared secret based on recipient's public keys */ result = initialize_with_public_key(nist_p_256, p_recipients_public_key_compressed, p_compressed_mode, &lib_its_security_context_comp); @@ -1192,6 +1236,8 @@ int32_t encrypt_with_ecies_nistp256_with_sha256( *p_encrypted_secured_message = (uint8_t*)realloc((void*)*p_encrypted_secured_message, *p_encrypted_secured_message_length + lib_its_security_context->tag_length); memcpy((void*)(*p_encrypted_secured_message + *p_encrypted_secured_message_length), (const void*)lib_its_security_context->tag, lib_its_security_context->tag_length); *p_encrypted_secured_message_length += lib_its_security_context->tag_length; + fprintf(stderr, "p_encrypted_secured_message_length = %ld\n", *p_encrypted_secured_message_length); + show_hex((const int8_t*)"p_encrypted_secured_message", *p_encrypted_secured_message, *p_encrypted_secured_message_length); result = 0; end: @@ -1416,12 +1462,12 @@ int32_t decrypt_with_ecies_brainpoolp256r1_with_sha256( } int32_t encrypt_( - lib_its_security_context_t* p_lib_its_security_context, - const uint8_t* p_plain_text_message, - const size_t p_plain_text_message_length, - uint8_t** p_cipher_message, - size_t* p_cipher_message_length - ) { + lib_its_security_context_t* p_lib_its_security_context, + const uint8_t* p_plain_text_message, + const size_t p_plain_text_message_length, + uint8_t** p_cipher_message, + size_t* p_cipher_message_length + ) { /* Sanity checks */ if ((p_lib_its_security_context == NULL) || (p_lib_its_security_context->sym_key == NULL) || (p_lib_its_security_context->nonce == NULL) || (p_plain_text_message == NULL) || (p_cipher_message == NULL)) { return -1; @@ -1483,6 +1529,11 @@ int32_t decrypt( uint8_t** p_plain_text_message, size_t* p_plain_text_message_length ) { + show_hex((const int8_t*)">>> decrypt: p_cipher_message", p_cipher_message, p_cipher_message_length); + show_hex((const int8_t*)">>> decrypt: sym_key", p_lib_its_security_context->sym_key, p_lib_its_security_context->sym_key_length); + show_hex((const int8_t*)">>> decrypt: nonce", p_lib_its_security_context->nonce, p_lib_its_security_context->nonce_length); + show_hex((const int8_t*)">>> decrypt: tag", p_lib_its_security_context->tag, p_lib_its_security_context->tag_length); + /* Sanity checks */ if ((p_lib_its_security_context == NULL) || (p_lib_its_security_context->sym_key == NULL) || (p_lib_its_security_context->nonce == NULL) || (p_cipher_message == NULL) || (p_plain_text_message == NULL)) { return -1; @@ -1516,11 +1567,14 @@ int32_t decrypt( int len = 0; int result = EVP_DecryptUpdate(ctx, *p_plain_text_message, &len, p_cipher_message, p_cipher_message_length); EVP_CIPHER_CTX_free(ctx); + show_hex((const int8_t*)"decrypt: *p_plain_text_message", *p_plain_text_message, *p_plain_text_message_length); + fprintf(stderr, "decrypt: result=%d\n", result); if (result != 1) { free(*p_plain_text_message); *p_plain_text_message = NULL; } + fprintf(stderr, "<<< decrypt: result=%d\n", (result > 0) ? 0 : -1); return (result > 0) ? 0 : -1; } diff --git a/tools/itssecurity/lib_its_security/lib_its_security.h b/tools/itssecurity/lib_its_security/lib_its_security.h index 13e1d545fd6600069da517bb28f2c9816d74f08d..44d7e3e2f3ad6c9923054b53f4409614469ca131 100644 --- a/tools/itssecurity/lib_its_security/lib_its_security.h +++ b/tools/itssecurity/lib_its_security/lib_its_security.h @@ -395,13 +395,13 @@ LIBITSSECURITY_API int32_t decrypt_with_ecies_brainpoolp256r1_with_sha256( * \param[out] p_cipher_message_length The ciphered message length * \return 0 on success, -1 otherwise */ - LIBITSSECURITY_API int32_t encrypt_( // Conflict with unistd.h - lib_its_security_context_t* p_lib_its_security_context, - const uint8_t* p_plain_text_message, - const size_t p_plain_text_message_length, - uint8_t** p_cipher_message, - size_t* p_cipher_message_length - ); +LIBITSSECURITY_API int32_t encrypt_( // Conflict with unistd.h + lib_its_security_context_t* p_lib_its_security_context, + const uint8_t* p_plain_text_message, + const size_t p_plain_text_message_length, + uint8_t** p_cipher_message, + size_t* p_cipher_message_length + ); /** * \fn int32_t decrypt(lib_its_security_context_t* p_lib_its_security_context, const uint8_t* p_cipher_message, const size_t p_cipher_message_length, uint8_t** p_plain_text_message, size_t* p_plain_text_message_length); diff --git a/tools/itssecurity/lib_its_security/lib_its_security.vcxproj b/tools/itssecurity/lib_its_security/lib_its_security.vcxproj index 5ea7b624b9e0c532f4d8d82e91db8424a9ddb3f5..56294ec5eb8cba60248efa9171bf6ee338661aa7 100644 --- a/tools/itssecurity/lib_its_security/lib_its_security.vcxproj +++ b/tools/itssecurity/lib_its_security/lib_its_security.vcxproj @@ -88,10 +88,10 @@ - Use + NotUsing Level3 true - _DEBUG;LIBITSSECURITY_EXPORTS;_WINDOWS;_USRDLL;_Win64;%(PreprocessorDefinitions) + _Win64;_DEBUG;LIBITSSECURITY_EXPORTS;_WINDOWS;_USRDLL;_Win64;%(PreprocessorDefinitions) true pch.h C:\Program Files\OpenSSL-Win64\include @@ -159,6 +159,9 @@ C:\Program Files\OpenSSL-Win64\lib\VC libcrypto64MDd.lib;libssl64MDd.lib;Ws2_32.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + cp "$(TargetPath)" "$(MSBuildProjectDirectory)\..\..\..\javasrc\nativeLibs\win32\x86_64" + diff --git a/tools/itssecurity/org_etsi_its_security/Makefile b/tools/itssecurity/org_etsi_its_security/Makefile new file mode 100644 index 0000000000000000000000000000000000000000..7dd556d523dd4a908fd843b63d6f2961c57df633 --- /dev/null +++ b/tools/itssecurity/org_etsi_its_security/Makefile @@ -0,0 +1,23 @@ +PROJECTROOT = .. +BUILDROOT = ../../build +PROJECT = org_etsi_its_security +DEBUG = yes +testdir = + +alibs = $(PROJECT) +solibs = $(PROJECT) + +sources := org_etsi_its_security_NativeSecurity.c +sources-WIN32 := +headers := org_etsi_its_security_NativeSecurity.h + +cflags += -Werror + +packages += openssl + +includes += ../../lib_its_security /usr/lib/jvm/java-11-openjdk-amd64/include /usr/lib/jvm/java-11-openjdk-amd64/include/linux + +libs += $(outdir)/libItsSecurity.a + +include ../../common.mk + diff --git a/tools/itssecurity/org_etsi_its_security/org_etsi_its_security.vcxproj b/tools/itssecurity/org_etsi_its_security/org_etsi_its_security.vcxproj new file mode 100644 index 0000000000000000000000000000000000000000..d04c044ffdb172c02ed7ec9e4c371e42c6af5ece --- /dev/null +++ b/tools/itssecurity/org_etsi_its_security/org_etsi_its_security.vcxproj @@ -0,0 +1,173 @@ + + + + + Debug + Win32 + + + Release + Win32 + + + Debug + x64 + + + Release + x64 + + + + 16.0 + {B5C77DAC-BC05-426F-8E13-E60BD2732A02} + Win32Proj + orgetsiitssecurity + 10.0 + + + + StaticLibrary + true + v142 + Unicode + + + StaticLibrary + false + v142 + true + Unicode + + + DynamicLibrary + true + v142 + Unicode + + + DynamicLibrary + false + v142 + true + Unicode + + + + + + + + + + + + + + + + + + + + + false + + + true + + + true + + + false + + + + NotUsing + Level3 + true + true + true + _Win64;NDEBUG;_LIB;%(PreprocessorDefinitions) + true + + + C:\Program Files\OpenSSL-Win64\include;C:\Program Files\Java\jdk1.8.0_241\include;C:\Program Files\Java\jdk1.8.0_241\include\win32;$(ProjectDir)../lib_its_security;%(AdditionalIncludeDirectories) + + + Windows + true + true + true + $(ProjectDir)..\x64\Release;C:\Program Files\OpenSSL-Win64\lib\VC + lib_its_security.lib;libcrypto64MDd.lib;libssl64MDd.lib;Ws2_32.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + cp "$(TargetPath)" "$(MSBuildProjectDirectory)\..\..\..\javasrc\nativeLibs\win32\x86_64" + + + + + Use + Level3 + true + WIN32;_DEBUG;_LIB;%(PreprocessorDefinitions) + true + pch.h + + + Windows + true + + + + + NotUsing + Level3 + true + _Win64;_DEBUG;_LIB;%(PreprocessorDefinitions) + true + pch.h + C:\Program Files\OpenSSL-Win64\include;C:\Program Files\Java\jdk1.8.0_241\include;C:\Program Files\Java\jdk1.8.0_241\include\win32;$(ProjectDir)../lib_its_security;%(AdditionalIncludeDirectories) + + + Windows + true + lib_its_security.lib;libcrypto64MDd.lib;libssl64MDd.lib;Ws2_32.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + $(ProjectDir)..\x64\Debug;C:\Program Files\OpenSSL-Win64\lib\VC + + + + + Use + Level3 + true + true + true + WIN32;NDEBUG;_LIB;%(PreprocessorDefinitions) + true + pch.h + + + Windows + true + true + true + + + + + + Create + Create + Create + Create + + + + + + \ No newline at end of file diff --git a/tools/itssecurity/org_etsi_its_security/org_etsi_its_security.vcxproj.user b/tools/itssecurity/org_etsi_its_security/org_etsi_its_security.vcxproj.user new file mode 100644 index 0000000000000000000000000000000000000000..88a550947edbc3c5003a41726f0749201fdb6822 --- /dev/null +++ b/tools/itssecurity/org_etsi_its_security/org_etsi_its_security.vcxproj.user @@ -0,0 +1,4 @@ + + + + \ No newline at end of file diff --git a/tools/itssecurity/org_etsi_its_security/org_etsi_its_security_NativeSecurity.c b/tools/itssecurity/org_etsi_its_security/org_etsi_its_security_NativeSecurity.c new file mode 100644 index 0000000000000000000000000000000000000000..b47d13fd8f4117f79bf0d6d8fc9036072a36dc6a --- /dev/null +++ b/tools/itssecurity/org_etsi_its_security/org_etsi_its_security_NativeSecurity.c @@ -0,0 +1,840 @@ +/* system headers */ +#include +#include +#include +#include +//add whatever is needed +#include +#include "org_etsi_its_security_NativeSecurity.h" + +#include "lib_its_security.h" + +//if you use other memory allocation function, please inform me! +#ifdef WIN32 +DLLAPI void* _tt_calloc(size_t, size_t); +#define calloc(NUM, SIZE) _tt_calloc(NUM, SIZE) +DLLAPI void _tt_free(void*); +#define free(PTR) _tt_free(PTR) +#else +#endif //WIN32 + +#ifdef WIN32 +void* _tt_calloc(size_t num, size_t elemSize) { +#if (_MSC_VER >= 1700) // newer than Visual Studio 2012 + size_t size = num * elemSize; + void* res = CoTaskMemAlloc(size); + memset(res, 0, size); + return res; +#else + return HeapAlloc(GetProcessHeap(), HEAP_GENERATE_EXCEPTIONS | HEAP_ZERO_MEMORY, (num) * (elemSize)); +#endif +} + +void _tt_free(void* ptr) { +#if (_MSC_VER >= 1700) // newer than Visual Studio 2012 + CoTaskMemFree(ptr); +#else + HeapFree(GetProcessHeap(), 0, ptr); +#endif +} +#endif //WIN32 + +/* + * Class: org_etsi_its_security_NativeSecurity + * Method: hashWithSha384 + * Signature: ([B)[B + */ +JNIEXPORT jbyteArray JNICALL Java_org_etsi_its_security_NativeSecurity_hashWithSha256(JNIEnv* env, jobject jobj, jbyteArray p_toBeHashedData) { + jbyteArray java_hashed_data; + int32_t result; + + // Extract buffers + size_t to_be_hashed_data_length = (*env)->GetArrayLength(env, p_toBeHashedData); + uint8_t* to_be_hashed_data = (uint8_t*)calloc(sizeof(uint8_t), to_be_hashed_data_length); + (*env)->GetByteArrayRegion(env, p_toBeHashedData, 0, (jsize)to_be_hashed_data_length, (jbyte*)to_be_hashed_data); + // Call lib_its_security implementation + uint8_t* hashed_data = NULL; + result = hash_with_sha256(to_be_hashed_data, to_be_hashed_data_length, &hashed_data); + // Prepare return value + java_hashed_data = (*env)->NewByteArray(env, (jsize)32); + if (result == 0) { + (*env)->SetByteArrayRegion(env, java_hashed_data, 0, (jsize)32, (jbyte*)hashed_data); + } + // Free allocated resources + free(hashed_data); + + return java_hashed_data; +} + +/* + * Class: org_etsi_its_security_NativeSecurity + * Method: hashWithSha384 + * Signature: ([B)[B + */ +JNIEXPORT jbyteArray JNICALL Java_org_etsi_its_security_NativeSecurity_hashWithSha384(JNIEnv* env, jobject jobj, jbyteArray p_toBeHashedData) { + jbyteArray java_hashed_data; + int32_t result; + + // Extract buffers + size_t to_be_hashed_data_length = (*env)->GetArrayLength(env, p_toBeHashedData); + uint8_t* to_be_hashed_data = (uint8_t*)calloc(sizeof(uint8_t), to_be_hashed_data_length); + (*env)->GetByteArrayRegion(env, p_toBeHashedData, 0, (jsize)to_be_hashed_data_length, (jbyte*)to_be_hashed_data); + // Call lib_its_security implementation + uint8_t* hashed_data = NULL; + result = hash_with_sha384(to_be_hashed_data, to_be_hashed_data_length, &hashed_data); + // Prepare return value + java_hashed_data = (*env)->NewByteArray(env, (jsize)48); + if (result == 0) { + (*env)->SetByteArrayRegion(env, java_hashed_data, 0, (jsize)48, (jbyte*)hashed_data); + } + // Free allocated resources + free(hashed_data); + + return java_hashed_data; +} + +/* + * Class: org_etsi_its_security_NativeSecurity + * Method: hmacWithSha256 + * Signature: ([B[B)[B + */ +JNIEXPORT jbyteArray JNICALL Java_org_etsi_its_security_NativeSecurity_hmacWithSha256(JNIEnv* env, jobject jobj, jbyteArray p_secretKey, jbyteArray p_message) { + jbyteArray java_hmac; + int32_t result; + + // Extract buffers + size_t secret_key_length = (*env)->GetArrayLength(env, p_secretKey); + uint8_t* secret_key = (uint8_t*)calloc(sizeof(uint8_t), secret_key_length); + (*env)->GetByteArrayRegion(env, p_secretKey, 0, (jsize)secret_key_length, (jbyte*)secret_key); + size_t message_length = (*env)->GetArrayLength(env, p_message); + uint8_t* message = (uint8_t*)calloc(sizeof(uint8_t), message_length); + (*env)->GetByteArrayRegion(env, p_message, 0, (jsize)message_length, (jbyte*)message); + + // Call lib_its_security implementation + uint8_t* hmac = NULL; + result = hmac_sha256(secret_key, secret_key_length, message, message_length, &hmac); + // Prepare return value + java_hmac = (*env)->NewByteArray(env, (jsize)16); // HMAC with SHA256 of the message resized to 16 bytes + if (result == 0) { + (*env)->SetByteArrayRegion(env, java_hmac, 0, (jsize)16, (jbyte*)hmac); + } + // Free allocated resources + free(secret_key); + free(message); + free(hmac); + + return java_hmac; +} + +/* + * Class: org_etsi_its_security_NativeSecurity + * Method: signWithEcdsaNistp256WithSha256 + * Signature: ([B[B[B)[B + */ +JNIEXPORT jbyteArray JNICALL Java_org_etsi_its_security_NativeSecurity_signWithEcdsaNistp256WithSha256 +(JNIEnv* env, jobject jobj, jbyteArray p_to_be_signed_secured_message, jbyteArray p_certificate_issuer, jbyteArray p_private_key) { + jbyteArray java_signature = NULL; + + //fprintf(stderr, ">>> Java_org_etsi_its_security_NativeSecurity_signWithEcdsaNistp256WithSha256\n"); + + // Create intermal context + lib_its_security_context_t* lib_its_security_context = NULL; + int32_t result = initialize(nist_p_256, &lib_its_security_context); + // fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_signWithEcdsaNistp256WithSha256: result=%d\n", result); + if (result == 0) { + // Extract buffers + size_t to_be_signed_secured_message_length = (*env)->GetArrayLength(env, p_to_be_signed_secured_message); + //fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_signWithEcdsaNistp256WithSha256: to_be_signed_secured_message_length=%ld\n", to_be_signed_secured_message_length); + uint8_t* to_be_signed_secured_message = (uint8_t*)calloc(sizeof(uint8_t), to_be_signed_secured_message_length); + (*env)->GetByteArrayRegion(env, p_to_be_signed_secured_message, 0, (jsize)to_be_signed_secured_message_length, (jbyte*)to_be_signed_secured_message); + size_t certificate_issuer_length = 32;//(*env)->GetArrayLength(env, p_certificate_issuer); + //fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_signWithEcdsaNistp256WithSha256: certificate_issuer_length=%ld\n", certificate_issuer_length); + uint8_t* certificate_issuer = (uint8_t*)calloc(sizeof(uint8_t), certificate_issuer_length); + (*env)->GetByteArrayRegion(env, p_certificate_issuer, 0, (jsize)certificate_issuer_length, (jbyte*)certificate_issuer); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_signWithEcdsaNistp256WithSha256: certificate_issuer=%02x%02x%02x%02x%02x%02x\n", *certificate_issuer, *(certificate_issuer + 1), *(certificate_issuer + 2), *(certificate_issuer + 3), *(certificate_issuer + 4), *(certificate_issuer + 5)); + size_t private_key_length = (*env)->GetArrayLength(env, p_private_key); + //fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_signWithEcdsaNistp256WithSha256: private_key_length=%ld\n", private_key_length); + uint8_t* private_key = (uint8_t*)calloc(sizeof(uint8_t), private_key_length); + (*env)->GetByteArrayRegion(env, p_private_key, 0, (jsize)private_key_length, (jbyte*)private_key); + uint8_t* signature = NULL; + result = sign_with_ecdsa_nistp256_with_sha256(lib_its_security_context, to_be_signed_secured_message, to_be_signed_secured_message_length, certificate_issuer, private_key, &signature); + //fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_signWithEcdsaNistp256WithSha256: result=%d\n", result); + if (result == 0) { + // Prepare return value + java_signature = (*env)->NewByteArray(env, (jsize)64); + (*env)->SetByteArrayRegion(env, java_signature, 0, (jsize)64, (jbyte*)signature); + // Free allocated resources + free(signature); + } + free(to_be_signed_secured_message); + free(certificate_issuer); + free(private_key); + uninitialize(&lib_its_security_context); + } + + return java_signature; +} + +/* + * Class: org_etsi_its_security_NativeSecurity + * Method: signWithEcdsaBrainpoolp256r1WithSha256 + * Signature: ([B[B[B)[B + */ +JNIEXPORT jbyteArray JNICALL Java_org_etsi_its_security_NativeSecurity_signWithEcdsaBrainpoolp256r1WithSha256 +(JNIEnv* env, jobject jobj, jbyteArray p_to_be_signed_secured_message, jbyteArray p_certificate_issuer, jbyteArray p_private_key) { + jbyteArray java_signature = NULL; + + // Create intermal context + lib_its_security_context_t* lib_its_security_context = NULL; + int32_t result = initialize(brainpool_p_256_r1, &lib_its_security_context); + if (result == 0) { + // Extract buffers + size_t to_be_signed_secured_message_length = (*env)->GetArrayLength(env, p_to_be_signed_secured_message); + uint8_t* to_be_signed_secured_message = (uint8_t*)calloc(sizeof(uint8_t), to_be_signed_secured_message_length); + (*env)->GetByteArrayRegion(env, p_to_be_signed_secured_message, 0, (jsize)to_be_signed_secured_message_length, (jbyte*)to_be_signed_secured_message); + size_t certificate_issuer_length = (*env)->GetArrayLength(env, p_certificate_issuer); + uint8_t* certificate_issuer = (uint8_t*)calloc(sizeof(uint8_t), certificate_issuer_length); + (*env)->GetByteArrayRegion(env, p_certificate_issuer, 0, (jsize)certificate_issuer_length, (jbyte*)certificate_issuer); + size_t private_key_length = (*env)->GetArrayLength(env, p_private_key); + uint8_t* private_key = (uint8_t*)calloc(sizeof(uint8_t), private_key_length); + (*env)->GetByteArrayRegion(env, p_private_key, 0, (jsize)private_key_length, (jbyte*)private_key); + uint8_t* signature = NULL; + result = sign_with_ecdsa_brainpoolp256r1_with_sha256(lib_its_security_context, to_be_signed_secured_message, to_be_signed_secured_message_length, certificate_issuer, private_key, &signature); + if (result == 0) { + // Prepare return value + java_signature = (*env)->NewByteArray(env, (jsize)64); + (*env)->SetByteArrayRegion(env, java_signature, 0, (jsize)64, (jbyte*)signature); + // Free allocated resources + free(signature); + } + free(to_be_signed_secured_message); + free(certificate_issuer); + free(private_key); + uninitialize(&lib_its_security_context); + } + + return java_signature; +} + +/* + * Class: org_etsi_its_security_NativeSecurity + * Method: signWithEcdsaBrainpoolp384r1WithSha384 + * Signature: ([B[B[B)[B + */ +JNIEXPORT jbyteArray JNICALL Java_org_etsi_its_security_NativeSecurity_signWithEcdsaBrainpoolp384r1WithSha384 +(JNIEnv* env, jobject jobj, jbyteArray p_to_be_signed_secured_message, jbyteArray p_certificate_issuer, jbyteArray p_private_key) { + jbyteArray java_signature = NULL; + + // Create intermal context + lib_its_security_context_t* lib_its_security_context = NULL; + int32_t result = initialize(brainpool_p_384_r1, &lib_its_security_context); + if (result == 0) { + // Extract buffers + size_t to_be_signed_secured_message_length = (*env)->GetArrayLength(env, p_to_be_signed_secured_message); + uint8_t* to_be_signed_secured_message = (uint8_t*)calloc(sizeof(uint8_t), to_be_signed_secured_message_length); + (*env)->GetByteArrayRegion(env, p_to_be_signed_secured_message, 0, (jsize)to_be_signed_secured_message_length, (jbyte*)to_be_signed_secured_message); + size_t certificate_issuer_length = (*env)->GetArrayLength(env, p_certificate_issuer); + uint8_t* certificate_issuer = (uint8_t*)calloc(sizeof(uint8_t), certificate_issuer_length); + (*env)->GetByteArrayRegion(env, p_certificate_issuer, 0, (jsize)certificate_issuer_length, (jbyte*)certificate_issuer); + size_t private_key_length = (*env)->GetArrayLength(env, p_private_key); + uint8_t* private_key = (uint8_t*)calloc(sizeof(uint8_t), private_key_length); + (*env)->GetByteArrayRegion(env, p_private_key, 0, (jsize)private_key_length, (jbyte*)private_key); + uint8_t* signature = NULL; + result = sign_with_ecdsa_brainpoolp384r1_with_sha384(lib_its_security_context, to_be_signed_secured_message, to_be_signed_secured_message_length, certificate_issuer, private_key, &signature); + if (result == 0) { + // Prepare return value + java_signature = (*env)->NewByteArray(env, (jsize)96); + (*env)->SetByteArrayRegion(env, java_signature, 0, (jsize)96, (jbyte*)signature); + // Free allocated resources + free(signature); + } + free(to_be_signed_secured_message); + free(certificate_issuer); + free(private_key); + uninitialize(&lib_its_security_context); + } + + return java_signature; +} + +/* + * Class: org_etsi_its_security_NativeSecurity + * Method: verifyWithEcdsaNistp256WithSha256 + * Signature: ([B[B[B[BI)I + */ +JNIEXPORT jint JNICALL Java_org_etsi_its_security_NativeSecurity_verifyWithEcdsaNistp256WithSha256 +(JNIEnv* env, jobject jobj, jbyteArray p_to_be_verified_data, jbyteArray p_certificate_issuer, jbyteArray p_signature, jbyteArray p_ecdsaNistp256PublicKeyCompressed, jint p_compressed_mode) { + fprintf(stderr, ">>> Java_org_etsi_its_security_NativeSecurity_verifyWithEcdsaNistp256WithSha256\n"); + + // Create intermal context + lib_its_security_context_t* lib_its_security_context = NULL; + int32_t result = initialize(nist_p_256, &lib_its_security_context); + //fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_verifyWithEcdsaNistp256WithSha256: result=%d\n", result); + if (result == 0) { + // Extract buffers + size_t to_be_verified_data_length = (*env)->GetArrayLength(env, p_to_be_verified_data); + //fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_verifyWithEcdsaNistp256WithSha256: to_be_verified_data_length=%ld\n", to_be_verified_data_length); + uint8_t* to_be_verified_data = (uint8_t*)calloc(sizeof(uint8_t), to_be_verified_data_length); + (*env)->GetByteArrayRegion(env, p_to_be_verified_data, 0, (jsize)to_be_verified_data_length, (jbyte*)to_be_verified_data); + size_t certificate_issuer_length = (*env)->GetArrayLength(env, p_certificate_issuer); + //fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_verifyWithEcdsaNistp256WithSha256: certificate_issuer_length=%ld\n", certificate_issuer_length); + uint8_t* certificate_issuer = (uint8_t*)calloc(sizeof(uint8_t), certificate_issuer_length); + (*env)->GetByteArrayRegion(env, p_certificate_issuer, 0, (jsize)certificate_issuer_length, (jbyte*)certificate_issuer); + size_t signature_length = (*env)->GetArrayLength(env, p_signature); + //fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_verifyWithEcdsaNistp256WithSha256: signature_length=%ld\n", signature_length); + uint8_t* signature = (uint8_t*)calloc(sizeof(uint8_t), signature_length); + (*env)->GetByteArrayRegion(env, p_signature, 0, (jsize)signature_length, (jbyte*)signature); + size_t compressed_key_length = (*env)->GetArrayLength(env, p_ecdsaNistp256PublicKeyCompressed); + //fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_verifyWithEcdsaNistp256WithSha256: compressed_key_length=%ld\n", compressed_key_length); + uint8_t* compressed_key = (uint8_t*)calloc(sizeof(uint8_t), compressed_key_length); + (*env)->GetByteArrayRegion(env, p_ecdsaNistp256PublicKeyCompressed, 0, (jsize)compressed_key_length, (jbyte*)compressed_key); + result = verify_with_ecdsa_nistp256_with_sha256(lib_its_security_context, to_be_verified_data, to_be_verified_data_length, certificate_issuer, signature, compressed_key, (int32_t)p_compressed_mode); + //fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_verifyWithEcdsaNistp256WithSha256: result=%d\n", result); + free(to_be_verified_data); + free(certificate_issuer); + free(signature); + free(compressed_key); + uninitialize(&lib_its_security_context); + } + + return (jint)result; +} + +/* + * Class: org_etsi_its_security_NativeSecurity + * Method: verifyWithEcdsaBrainpoolp256r1WithSha256 + * Signature: ([B[B[B[BI)I + */ +JNIEXPORT jint JNICALL Java_org_etsi_its_security_NativeSecurity_verifyWithEcdsaBrainpoolp256r1WithSha256 +(JNIEnv* env, jobject jobj, jbyteArray p_to_be_verified_data, jbyteArray p_certificate_issuer, jbyteArray p_signature, jbyteArray p_ecdsaNistp256PublicKeyCompressed, jint p_compressed_mode) { + // Create intermal context + lib_its_security_context_t* lib_its_security_context = NULL; + int32_t result = initialize(brainpool_p_256_r1, &lib_its_security_context); + if (result == 0) { + // Extract buffers + size_t to_be_verified_data_length = (*env)->GetArrayLength(env, p_to_be_verified_data); + uint8_t* to_be_verified_data = (uint8_t*)calloc(sizeof(uint8_t), to_be_verified_data_length); + (*env)->GetByteArrayRegion(env, p_to_be_verified_data, 0, (jsize)to_be_verified_data_length, (jbyte*)to_be_verified_data); + size_t certificate_issuer_length = (*env)->GetArrayLength(env, p_certificate_issuer); + uint8_t* certificate_issuer = (uint8_t*)calloc(sizeof(uint8_t), certificate_issuer_length); + (*env)->GetByteArrayRegion(env, p_certificate_issuer, 0, (jsize)certificate_issuer_length, (jbyte*)certificate_issuer); + size_t signature_length = (*env)->GetArrayLength(env, p_signature); + uint8_t* signature = (uint8_t*)calloc(sizeof(uint8_t), signature_length); + (*env)->GetByteArrayRegion(env, p_signature, 0, (jsize)signature_length, (jbyte*)signature); + size_t compressed_key_length = (*env)->GetArrayLength(env, p_ecdsaNistp256PublicKeyCompressed); + uint8_t* compressed_key = (uint8_t*)calloc(sizeof(uint8_t), compressed_key_length); + (*env)->GetByteArrayRegion(env, p_ecdsaNistp256PublicKeyCompressed, 0, (jsize)compressed_key_length, (jbyte*)compressed_key); + result = verify_with_ecdsa_brainpoolp256r1_with_sha256(lib_its_security_context, to_be_verified_data, to_be_verified_data_length, certificate_issuer, signature, compressed_key, (int32_t)p_compressed_mode); + free(to_be_verified_data); + free(certificate_issuer); + free(signature); + free(compressed_key); + uninitialize(&lib_its_security_context); + } + + return (jint)result; +} + +/* + * Class: org_etsi_its_security_NativeSecurity + * Method: fx_verifyWithEcdsaBrainpoolp384r1WithSha384 + * Signature: ([B[B[B[BI)I + */ +JNIEXPORT jint JNICALL Java_org_etsi_its_security_NativeSecurity_verifyWithEcdsaBrainpoolp384r1WithSha384 +(JNIEnv* env, jobject jobj, jbyteArray p_to_be_verified_data, jbyteArray p_certificate_issuer, jbyteArray p_signature, jbyteArray p_ecdsaNistp384PublicKeyCompressed, jint p_compressed_mode) { + // Create intermal context + lib_its_security_context_t* lib_its_security_context = NULL; + int32_t result = initialize(brainpool_p_384_r1, &lib_its_security_context); + if (result == 0) { + // Extract buffers + size_t to_be_verified_data_length = (*env)->GetArrayLength(env, p_to_be_verified_data); + uint8_t* to_be_verified_data = (uint8_t*)calloc(sizeof(uint8_t), to_be_verified_data_length); + (*env)->GetByteArrayRegion(env, p_to_be_verified_data, 0, (jsize)to_be_verified_data_length, (jbyte*)to_be_verified_data); + size_t certificate_issuer_length = (*env)->GetArrayLength(env, p_certificate_issuer); + uint8_t* certificate_issuer = (uint8_t*)calloc(sizeof(uint8_t), certificate_issuer_length); + (*env)->GetByteArrayRegion(env, p_certificate_issuer, 0, (jsize)certificate_issuer_length, (jbyte*)certificate_issuer); + size_t signature_length = (*env)->GetArrayLength(env, p_signature); + uint8_t* signature = (uint8_t*)calloc(sizeof(uint8_t), signature_length); + (*env)->GetByteArrayRegion(env, p_signature, 0, (jsize)signature_length, (jbyte*)signature); + size_t compressed_key_length = (*env)->GetArrayLength(env, p_ecdsaNistp384PublicKeyCompressed); + uint8_t* compressed_key = (uint8_t*)calloc(sizeof(uint8_t), compressed_key_length); + (*env)->GetByteArrayRegion(env, p_ecdsaNistp384PublicKeyCompressed, 0, (jsize)compressed_key_length, (jbyte*)compressed_key); + result = verify_with_ecdsa_brainpoolp384r1_with_sha384(lib_its_security_context, to_be_verified_data, to_be_verified_data_length, certificate_issuer, signature, compressed_key, (int32_t)p_compressed_mode); + free(to_be_verified_data); + free(certificate_issuer); + free(signature); + free(compressed_key); + uninitialize(&lib_its_security_context); + } + + return (jint)result; +} + +/* + * Class: org_etsi_its_security_NativeSecurity + * Method: generate_key_pair + * Signature: (ILjava/nio/ByteBuffer;Ljava/nio/ByteBuffer;Ljava/nio/ByteBuffer;Ljava/nio/ByteBuffer;)I + */ +JNIEXPORT jint JNICALL Java_org_etsi_its_security_NativeSecurity_generate_1key_1pair(JNIEnv* env, jobject jobj, jint p_eccEllipticCurve, jobject p_private_key, jobject p_public_key_x, jobject p_public_key_y, jobject p_public_key_compressed) { + fprintf(stderr, ">>> Java_org_etsi_its_security_NativeSecurity_generate_1key_1pair_1\n"); + + lib_its_security_context_t* lib_its_security_context = NULL; + size_t length = 32; + int32_t result = 0; + switch ((int)p_eccEllipticCurve) { + case 0: // Nist P256 + result = initialize(nist_p_256, &lib_its_security_context); + break; + case 1: // Brainpool P256 r1 + result = initialize(brainpool_p_256_r1, &lib_its_security_context); + break; + case 2: // Brainpool P384 r1 + result = initialize(brainpool_p_384_r1, &lib_its_security_context); + length = 48; + break; + } + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_generate_1key_1pair_1: result=%d\n", result); + if (result == 0) { + uint8_t* private_key = NULL; + uint8_t* public_key_x = NULL; + uint8_t* public_key_y = NULL; + uint8_t* public_key_compressed = NULL; + ecc_compressed_mode_t public_key_compressed_mode; + result = generate_key_pair(lib_its_security_context, &private_key, &public_key_x, &public_key_y, &public_key_compressed, &public_key_compressed_mode); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_generate_1key_1pair_1: result=%d\n", result); + if (result == 0) { + // Copy all keys into Java buffers, assumimng the allocated memory is correct ;) + uint8_t* p = (*env)->GetDirectBufferAddress(env, p_private_key); + for (size_t i = 0; i < length; i++) { + *p++ = *(private_key + i); + } + free(private_key); + p = (*env)->GetDirectBufferAddress(env, p_public_key_x); + for (size_t i = 0; i < length; i++) { + *p++ = *(public_key_x + i); + } + free(public_key_x); + p = (*env)->GetDirectBufferAddress(env, p_public_key_y); + for (size_t i = 0; i < length; i++) { + *p++ = *(public_key_y + i); + } + free(public_key_y); + p = (*env)->GetDirectBufferAddress(env, p_public_key_compressed); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_generate_1key_1pair_1: public_key_compressed_mode=%d\n", public_key_compressed_mode); + *p++ = (public_key_compressed_mode == compressed_y_0) ? 0x02 : 0x03; + for (size_t i = 0; i < length; i++) { + *p++ = *(public_key_compressed + i); + } + free(public_key_compressed); + } + } + uninitialize(&lib_its_security_context); + + return (jint)result; +} + +/* + * Class: org_etsi_its_security_NativeSecurity + * Method: encrypt_with_ecies_nistp256_with_sha256 + * Signature: ([B[B[BLjava/nio/ByteBuffer;Ljava/nio/ByteBuffer;Ljava/nio/ByteBuffer;Ljava/nio/ByteBuffer;Ljava/nio/ByteBuffer;)[B + */ +JNIEXPORT jbyteArray JNICALL Java_org_etsi_its_security_NativeSecurity_encrypt_1with_1ecies_1nistp256_1with_1sha256(JNIEnv* env, jobject jobj, jbyteArray p_toBeEncryptedSecuredMessage, jbyteArray p_recipientsPublicKeyCompressed, jbyteArray p_salt, jobject p_public_ephemeral_key_compressed, jobject p_aes_sym_key, jobject p_encrypted_sym_key, jobject p_authentication_vector, jobject p_nonce) { + fprintf(stderr, ">>> Java_org_etsi_its_security_NativeSecurity_encrypt_1with_1ecies_1nistp256_1with_1sha256\n"); + + jbyteArray java_ciphered_message = NULL; + lib_its_security_context_t* lib_its_security_context = NULL; + // Extract the recipient's public keys + size_t compressed_key_length = (*env)->GetArrayLength(env, p_recipientsPublicKeyCompressed); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_encrypt_1with_1ecies_1nistp256_1with_1sha256: compressed_key_length = %zd\n", compressed_key_length); + uint8_t* compressed_key = (uint8_t*)calloc(sizeof(uint8_t), compressed_key_length); + (*env)->GetByteArrayRegion(env, p_recipientsPublicKeyCompressed, 0, (jsize)compressed_key_length, (jbyte*)compressed_key); + ecc_compressed_mode_t compressed_mode = (ecc_compressed_mode_t)(*compressed_key); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_encrypt_1with_1ecies_1nistp256_1with_1sha256: compressed_mode = %d\n", compressed_mode); + int32_t result = initialize_with_public_key(nist_p_256, compressed_key + 1, compressed_mode, &lib_its_security_context); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_encrypt_1with_1ecies_1nistp256_1with_1sha256: result = %d\n", result); + if (result == 0) { + // Extract buffers + size_t plain_text_message_length = (*env)->GetArrayLength(env, p_toBeEncryptedSecuredMessage); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_encrypt_1with_1ecies_1nistp256_1with_1sha256: plain_text_message_length = %zd\n", plain_text_message_length); + uint8_t* plain_text_message = (uint8_t*)calloc(sizeof(uint8_t), plain_text_message_length); + (*env)->GetByteArrayRegion(env, p_toBeEncryptedSecuredMessage, 0, (jsize)plain_text_message_length, (jbyte*)plain_text_message); + size_t salt_length = (*env)->GetArrayLength(env, p_salt); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_encrypt_1with_1ecies_1nistp256_1with_1sha256: salt_length = %zd\n", salt_length); + uint8_t* salt = (uint8_t*)calloc(sizeof(uint8_t), salt_length); + (*env)->GetByteArrayRegion(env, p_salt, 0, (jsize)salt_length, (jbyte*)salt); + uint8_t* ephemeral_key_compressed = NULL; + ecc_compressed_mode_t ephemeral_compressed_mode = compressed_y_0; + uint8_t* aes_sym_key = NULL; + uint8_t* encrypted_sym_key = NULL; + uint8_t* authentication_vector = NULL; + uint8_t* nonce = NULL; + uint8_t* ciphered_message = NULL; + size_t ciphered_message_length = 0; + result = encrypt_with_ecies_nistp256_with_sha256(lib_its_security_context/*recipient's public keys*/, plain_text_message, plain_text_message_length, lib_its_security_context->public_key_c, lib_its_security_context->compressed_mode, salt, salt_length, &ephemeral_key_compressed, &ephemeral_compressed_mode, &aes_sym_key, &encrypted_sym_key, &authentication_vector, &nonce, &ciphered_message, &ciphered_message_length); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_encrypt_1with_1ecies_1nistp256_1with_1sha256: result = %d\n", result); + if (result == 0) { + // Copy encryption information into Java buffers, assumimng the allocated memory is correct ;) + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_encrypt_1with_1ecies_1nistp256_1with_1sha256: ephemeral_compressed_mode = %d\n", ephemeral_compressed_mode); + uint8_t* p = (*env)->GetDirectBufferAddress(env, p_public_ephemeral_key_compressed); + *p++ = (ephemeral_compressed_mode == compressed_y_0) ? 0x02 : 0x03; + for (size_t i = 0; i < 32; i++) { + *p++ = *(ephemeral_key_compressed + i); + } + free(ephemeral_key_compressed); + p = (*env)->GetDirectBufferAddress(env, p_aes_sym_key); + for (size_t i = 0; i < 16; i++) { + *p++ = *(aes_sym_key + i); + } + free(aes_sym_key); + p = (*env)->GetDirectBufferAddress(env, p_encrypted_sym_key); + for (size_t i = 0; i < 16; i++) { + *p++ = *(encrypted_sym_key + i); + } + free(encrypted_sym_key); + p = (*env)->GetDirectBufferAddress(env, p_authentication_vector); + for (size_t i = 0; i < 16; i++) { + *p++ = *(authentication_vector + i); + } + free(authentication_vector); + p = (*env)->GetDirectBufferAddress(env, p_nonce); + for (size_t i = 0; i < 12; i++) { + *p++ = *(nonce + i); + } + free(nonce); + // Prepare return value + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_encrypt_1with_1ecies_1nistp256_1with_1sha256: result = %d\n", (jsize)ciphered_message_length); + java_ciphered_message = (*env)->NewByteArray(env, (jsize)ciphered_message_length); + (*env)->SetByteArrayRegion(env, java_ciphered_message, 0, (jsize)ciphered_message_length, (jbyte*)ciphered_message); + // Free allocated resources + free(ciphered_message); + } + free(compressed_key); + free(plain_text_message); + free(salt); + uninitialize(&lib_its_security_context); + } + + return java_ciphered_message; +} + +/* + * Class: org_etsi_its_security_NativeSecurity + * Method: encrypt_with_ecies_brainpoolp256r1_with_sha256 + * Signature: ([B[B[BLjava/nio/ByteBuffer;Ljava/nio/ByteBuffer;Ljava/nio/ByteBuffer;Ljava/nio/ByteBuffer;Ljava/nio/ByteBuffer;)[B + */ +JNIEXPORT jbyteArray JNICALL Java_org_etsi_its_security_NativeSecurity_encrypt_1with_1ecies_1brainpoolp256r1_1with_1sha256(JNIEnv* env, jobject jobj, jbyteArray p_toBeEncryptedSecuredMessage, jbyteArray p_recipientsPublicKeyCompressed, jbyteArray p_salt, jobject p_public_ephemeral_key_compressed, jobject p_aes_sym_key, jobject p_encrypted_sym_key, jobject p_authentication_vector, jobject p_nonce) { + fprintf(stderr, ">>> Java_org_etsi_its_security_NativeSecurity_encrypt_1with_1ecies_1brainpoolp256r1_1with_1sha256\n"); + + jbyteArray java_ciphered_message = NULL; + lib_its_security_context_t* lib_its_security_context = NULL; + // Extract the recipient's public keys + size_t compressed_key_length = (*env)->GetArrayLength(env, p_recipientsPublicKeyCompressed); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_encrypt_1with_1ecies_1brainpoolp256r1_1with_1sha256: compressed_key_length = %zd\n", compressed_key_length); + uint8_t* compressed_key = (uint8_t*)calloc(sizeof(uint8_t), compressed_key_length); + (*env)->GetByteArrayRegion(env, p_recipientsPublicKeyCompressed, 0, (jsize)compressed_key_length, (jbyte*)compressed_key); + ecc_compressed_mode_t compressed_mode = (ecc_compressed_mode_t)(*compressed_key); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_encrypt_1with_1ecies_1brainpoolp256r1_1with_1sha256: compressed_mode = %d\n", compressed_mode); + int32_t result = initialize_with_public_key(brainpool_p_256_r1, compressed_key + 1, compressed_mode, &lib_its_security_context); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_encrypt_1with_1ecies_1brainpoolp256r1_1with_1sha256: result = %d\n", result); + if (result == 0) { + // Extract buffers + size_t plain_text_message_length = (*env)->GetArrayLength(env, p_toBeEncryptedSecuredMessage); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_encrypt_1with_1ecies_1brainpoolp256r1_1with_1sha256: plain_text_message_length = %zd\n", plain_text_message_length); + uint8_t* plain_text_message = (uint8_t*)calloc(sizeof(uint8_t), plain_text_message_length); + (*env)->GetByteArrayRegion(env, p_toBeEncryptedSecuredMessage, 0, (jsize)plain_text_message_length, (jbyte*)plain_text_message); + size_t salt_length = (*env)->GetArrayLength(env, p_salt); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_encrypt_1with_1ecies_1brainpoolp256r1_1with_1sha256: salt_length = %zd\n", salt_length); + uint8_t* salt = (uint8_t*)calloc(sizeof(uint8_t), salt_length); + (*env)->GetByteArrayRegion(env, p_salt, 0, (jsize)salt_length, (jbyte*)salt); + uint8_t* ephemeral_key_compressed = NULL; + ecc_compressed_mode_t ephemeral_compressed_mode = compressed_y_0; + uint8_t* aes_sym_key = NULL; + uint8_t* encrypted_sym_key = NULL; + uint8_t* authentication_vector = NULL; + uint8_t* nonce = NULL; + uint8_t* ciphered_message = NULL; + size_t ciphered_message_length = 0; + result = encrypt_with_ecies_brainpoolp256r1_with_sha256(lib_its_security_context/*recipient's public keys*/, plain_text_message, plain_text_message_length, lib_its_security_context->public_key_c, lib_its_security_context->compressed_mode, salt, salt_length, &ephemeral_key_compressed, &ephemeral_compressed_mode, &aes_sym_key, &encrypted_sym_key, &authentication_vector, &nonce, &ciphered_message, &ciphered_message_length); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_encrypt_1with_1ecies_1brainpoolp256r1_1with_1sha256: result = %d\n", result); + if (result == 0) { + // Copy encryption information into Java buffers, assumimng the allocated memory is correct ;) + uint8_t* p = (*env)->GetDirectBufferAddress(env, p_public_ephemeral_key_compressed); + *p = (ephemeral_compressed_mode == compressed_y_0) ? 0x02 : 0x03; + for (size_t i = 0; i < 32; i++) { + *p++ = *(ephemeral_key_compressed + i); + } + free(ephemeral_key_compressed); + p = (*env)->GetDirectBufferAddress(env, p_aes_sym_key); + for (size_t i = 0; i < 16; i++) { + *p++ = *(aes_sym_key + i); + } + free(aes_sym_key); + p = (*env)->GetDirectBufferAddress(env, p_encrypted_sym_key); + for (size_t i = 0; i < 16; i++) { + *p++ = *(encrypted_sym_key + i); + } + free(encrypted_sym_key); + p = (*env)->GetDirectBufferAddress(env, p_authentication_vector); + for (size_t i = 0; i < 16; i++) { + *p++ = *(authentication_vector + i); + } + free(authentication_vector); + p = (*env)->GetDirectBufferAddress(env, p_nonce); + for (size_t i = 0; i < 12; i++) { + *p++ = *(nonce + i); + } + free(nonce); + // Prepare return value + java_ciphered_message = (*env)->NewByteArray(env, (jsize)ciphered_message_length); + (*env)->SetByteArrayRegion(env, java_ciphered_message, 0, (jsize)ciphered_message_length, (jbyte*)ciphered_message); + // Free allocated resources + free(ciphered_message); + } + free(compressed_key); + free(plain_text_message); + free(salt); + uninitialize(&lib_its_security_context); + } + + return java_ciphered_message; +} +/* + * Class: org_etsi_its_security_NativeSecurity + * Method: decrypt_with_ecies_nistp256_with_sha256 + * Signature: ([B[B[B[B[B[B[BLjava/nio/ByteBuffer;)[B + */ +JNIEXPORT jbyteArray JNICALL Java_org_etsi_its_security_NativeSecurity_decrypt_1with_1ecies_1nistp256_1with_1sha256(JNIEnv* env, jobject jobj, jbyteArray p_encryptedSecuredMessage, jbyteArray p_privateEncKey, jbyteArray p_publicEphemeralKeyCompressed, jbyteArray p_encrypted_sym_key, jbyteArray p_authentication_vector, jbyteArray p_nonce, jbyteArray p_salt, jobject p_aes_enc_sym_key) { + fprintf(stderr, ">>> Java_org_etsi_its_security_NativeSecurity_decrypt_1with_1ecies_1nistp256_1with_1sha256\n"); + + jbyteArray java_plain_text_message = NULL; + lib_its_security_context_t* lib_its_security_context = NULL; + // Extract the recipient's private key + size_t recipient_private_key_length = (*env)->GetArrayLength(env, p_privateEncKey); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_decrypt_1with_1ecies_1nistp256_1with_1sha256: recipient_private_key_length = %zd\n", recipient_private_key_length); + uint8_t* recipient_private_key = (uint8_t*)calloc(sizeof(uint8_t), recipient_private_key_length); + (*env)->GetByteArrayRegion(env, p_privateEncKey, 0, (jsize)recipient_private_key_length, (jbyte*)recipient_private_key); + int32_t result = initialize_with_private_key(nist_p_256, recipient_private_key, &lib_its_security_context); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_decrypt_1with_1ecies_1nistp256_1with_1sha256: result = %d\n", result); + if (result == 0) { + // Extract buffers + size_t encrypted_secured_message_length = (*env)->GetArrayLength(env, p_encryptedSecuredMessage); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_decrypt_1with_1ecies_1nistp256_1with_1sha256: encrypted_secured_message_length = %zd\n", encrypted_secured_message_length); + uint8_t* encrypted_secured_message = (uint8_t*)calloc(sizeof(uint8_t), encrypted_secured_message_length); + (*env)->GetByteArrayRegion(env, p_encryptedSecuredMessage, 0, (jsize)encrypted_secured_message_length, (jbyte*)encrypted_secured_message); + size_t ephemeral_key_compressed_length = (*env)->GetArrayLength(env, p_publicEphemeralKeyCompressed); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_decrypt_1with_1ecies_1nistp256_1with_1sha256: compressed_key_length = %zd\n", ephemeral_key_compressed_length); + uint8_t* ephemeral_key_compressed = (uint8_t*)calloc(sizeof(uint8_t), ephemeral_key_compressed_length); + (*env)->GetByteArrayRegion(env, p_publicEphemeralKeyCompressed, 0, (jsize)ephemeral_key_compressed_length, (jbyte*)ephemeral_key_compressed); + ecc_compressed_mode_t ephemeral_compressed_mode = (ecc_compressed_mode_t)(*ephemeral_key_compressed); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_decrypt_1with_1ecies_1nistp256_1with_1sha256: ephemeral_compressed_mode = %d\n", ephemeral_compressed_mode); + size_t encrypted_sym_key_length = (*env)->GetArrayLength(env, p_encrypted_sym_key); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_decrypt_1with_1ecies_1nistp256_1with_1sha256: encrypted_sym_key_length = %zd\n", encrypted_sym_key_length); + uint8_t* encrypted_sym_key = (uint8_t*)calloc(sizeof(uint8_t), encrypted_sym_key_length); + (*env)->GetByteArrayRegion(env, p_encrypted_sym_key, 0, (jsize)encrypted_sym_key_length, (jbyte*)encrypted_sym_key); + size_t authentication_vector_length = (*env)->GetArrayLength(env, p_authentication_vector); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_decrypt_1with_1ecies_1nistp256_1with_1sha256: authentication_vector_length = %zd\n", authentication_vector_length); + uint8_t* authentication_vector = (uint8_t*)calloc(sizeof(uint8_t), authentication_vector_length); + (*env)->GetByteArrayRegion(env, p_authentication_vector, 0, (jsize)authentication_vector_length, (jbyte*)authentication_vector); + size_t nonce_length = (*env)->GetArrayLength(env, p_nonce); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_decrypt_1with_1ecies_1nistp256_1with_1sha256: nonce_length = %zd\n", nonce_length); + uint8_t* nonce = (uint8_t*)calloc(sizeof(uint8_t), nonce_length); + (*env)->GetByteArrayRegion(env, p_nonce, 0, (jsize)nonce_length, (jbyte*)nonce); + size_t salt_length = (*env)->GetArrayLength(env, p_salt); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_decrypt_1with_1ecies_1nistp256_1with_1sha256: salt_length = %zd\n", salt_length); + uint8_t* salt = (uint8_t*)calloc(sizeof(uint8_t), salt_length); + (*env)->GetByteArrayRegion(env, p_salt, 0, (jsize)salt_length, (jbyte*)salt); + size_t plain_text_message_length = 0; + uint8_t* plain_text_message = NULL; + uint8_t* aes_enc_sym_key = NULL; + result = decrypt_with_ecies_nistp256_with_sha256(lib_its_security_context, encrypted_secured_message, encrypted_secured_message_length, lib_its_security_context->private_key, ephemeral_key_compressed + 1, ephemeral_compressed_mode, encrypted_sym_key, authentication_vector, nonce, salt, salt_length, &aes_enc_sym_key, &plain_text_message, &plain_text_message_length); + if (result == 0) { + uint8_t* p = (*env)->GetDirectBufferAddress(env, p_aes_enc_sym_key); + for (size_t i = 0; i < 16; i++) { + *p++ = *(aes_enc_sym_key + i); + } + free(aes_enc_sym_key); + // Prepare return value + java_plain_text_message = (*env)->NewByteArray(env, (jsize)plain_text_message_length); + (*env)->SetByteArrayRegion(env, java_plain_text_message, 0, (jsize)plain_text_message_length, (jbyte*)plain_text_message); + // Free allocated resources + free(plain_text_message); + } + free(recipient_private_key); + free(ephemeral_key_compressed); + free(encrypted_sym_key); + free(authentication_vector); + free(nonce); + free(salt); + uninitialize(&lib_its_security_context); + } + + return java_plain_text_message; +} + +/* + * Class: org_etsi_its_security_NativeSecurity + * Method: decrypt_with_ecies_brainpoolp256r1_with_sha256 + * Signature: ([B[B[B[B[B[B[BLjava/nio/ByteBuffer;)[B + */ +JNIEXPORT jbyteArray JNICALL Java_org_etsi_its_security_NativeSecurity_decrypt_1with_1ecies_1brainpoolp256r1_1with_1sha256(JNIEnv* env, jobject jobj, jbyteArray p_encryptedSecuredMessage, jbyteArray p_privateEncKey, jbyteArray p_publicEphemeralKeyCompressed, jbyteArray p_encrypted_sym_key, jbyteArray p_authentication_vector, jbyteArray p_nonce, jbyteArray p_salt, jobject p_aes_enc_sym_key) { + fprintf(stderr, ">>> Java_org_etsi_its_security_NativeSecurity_decrypt_1with_1ecies_1brainpoolp256r1_1with_1sha256\n"); + + jbyteArray java_plain_text_message = NULL; + lib_its_security_context_t* lib_its_security_context = NULL; + // Extract the recipient's private key + size_t recipient_private_key_length = (*env)->GetArrayLength(env, p_privateEncKey); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_decrypt_1with_1ecies_1brainpoolp256r1_1with_1sha256: recipient_private_key_length = %zd\n", recipient_private_key_length); + uint8_t* recipient_private_key = (uint8_t*)calloc(sizeof(uint8_t), recipient_private_key_length); + (*env)->GetByteArrayRegion(env, p_privateEncKey, 0, (jsize)recipient_private_key_length, (jbyte*)recipient_private_key); + int32_t result = initialize_with_private_key(brainpool_p_256_r1, recipient_private_key, &lib_its_security_context); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_decrypt_1with_1ecies_1brainpoolp256r1_1with_1sha256: result = %d\n", result); + if (result == 0) { + // Extract buffers + size_t encrypted_secured_message_length = (*env)->GetArrayLength(env, p_encryptedSecuredMessage); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_decrypt_1with_1ecies_1brainpoolp256r1_1with_1sha256: encrypted_secured_message_length = %zd\n", encrypted_secured_message_length); + uint8_t* encrypted_secured_message = (uint8_t*)calloc(sizeof(uint8_t), encrypted_secured_message_length); + (*env)->GetByteArrayRegion(env, p_encryptedSecuredMessage, 0, (jsize)encrypted_secured_message_length, (jbyte*)encrypted_secured_message); + size_t ephemeral_key_compressed_length = (*env)->GetArrayLength(env, p_publicEphemeralKeyCompressed); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_decrypt_1with_1ecies_1brainpoolp256r1_1with_1sha256: compressed_key_length = %zd\n", ephemeral_key_compressed_length); + uint8_t* ephemeral_key_compressed = (uint8_t*)calloc(sizeof(uint8_t), ephemeral_key_compressed_length); + (*env)->GetByteArrayRegion(env, p_publicEphemeralKeyCompressed, 0, (jsize)ephemeral_key_compressed_length, (jbyte*)ephemeral_key_compressed); + ecc_compressed_mode_t ephemeral_compressed_mode = (ecc_compressed_mode_t)(*ephemeral_key_compressed); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_decrypt_1with_1ecies_1brainpoolp256r1_1with_1sha256: ephemeral_compressed_mode = %d\n", ephemeral_compressed_mode); + size_t encrypted_sym_key_length = (*env)->GetArrayLength(env, p_encrypted_sym_key); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_decrypt_1with_1ecies_1brainpoolp256r1_1with_1sha256: encrypted_sym_key_length = %zd\n", encrypted_sym_key_length); + uint8_t* encrypted_sym_key = (uint8_t*)calloc(sizeof(uint8_t), encrypted_sym_key_length); + (*env)->GetByteArrayRegion(env, p_encrypted_sym_key, 0, (jsize)encrypted_sym_key_length, (jbyte*)encrypted_sym_key); + size_t authentication_vector_length = (*env)->GetArrayLength(env, p_authentication_vector); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_decrypt_1with_1ecies_1brainpoolp256r1_1with_1sha256: authentication_vector_length = %zd\n", authentication_vector_length); + uint8_t* authentication_vector = (uint8_t*)calloc(sizeof(uint8_t), authentication_vector_length); + (*env)->GetByteArrayRegion(env, p_authentication_vector, 0, (jsize)authentication_vector_length, (jbyte*)authentication_vector); + size_t nonce_length = (*env)->GetArrayLength(env, p_nonce); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_decrypt_1with_1ecies_1brainpoolp256r1_1with_1sha256: nonce_length = %zd\n", nonce_length); + uint8_t* nonce = (uint8_t*)calloc(sizeof(uint8_t), nonce_length); + (*env)->GetByteArrayRegion(env, p_nonce, 0, (jsize)nonce_length, (jbyte*)nonce); + size_t salt_length = (*env)->GetArrayLength(env, p_salt); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_decrypt_1with_1ecies_1brainpoolp256r1_1with_1sha256: salt_length = %zd\n", salt_length); + uint8_t* salt = (uint8_t*)calloc(sizeof(uint8_t), salt_length); + (*env)->GetByteArrayRegion(env, p_salt, 0, (jsize)salt_length, (jbyte*)salt); + size_t plain_text_message_length = 0; + uint8_t* plain_text_message = NULL; + uint8_t* aes_enc_sym_key = NULL; + result = decrypt_with_ecies_brainpoolp256r1_with_sha256(lib_its_security_context, encrypted_secured_message, encrypted_secured_message_length, lib_its_security_context->private_key, ephemeral_key_compressed + 1, ephemeral_compressed_mode, encrypted_sym_key, authentication_vector, nonce, salt, salt_length, &aes_enc_sym_key, &plain_text_message, &plain_text_message_length); + if (result == 0) { + uint8_t* p = (*env)->GetDirectBufferAddress(env, p_aes_enc_sym_key); + for (size_t i = 0; i < 16; i++) { + *p++ = *(aes_enc_sym_key + i); + } + free(aes_enc_sym_key); + // Prepare return value + java_plain_text_message = (*env)->NewByteArray(env, (jsize)plain_text_message_length); + (*env)->SetByteArrayRegion(env, java_plain_text_message, 0, (jsize)plain_text_message_length, (jbyte*)plain_text_message); + // Free allocated resources + free(plain_text_message); + } + free(recipient_private_key); + free(ephemeral_key_compressed); + free(encrypted_sym_key); + free(authentication_vector); + free(nonce); + free(salt); + uninitialize(&lib_its_security_context); + } + + return java_plain_text_message; +} + +/* + * Class: org_etsi_its_security_NativeSecurity + * Method: encrypt_aes_128_ccm_test + * Signature: ([B[B[B)[B + */ +JNIEXPORT jbyteArray JNICALL Java_org_etsi_its_security_NativeSecurity_encrypt_1aes_1128_1ccm_1test(JNIEnv* env, jobject jobj, jbyteArray p_k, jbyteArray p_n, jbyteArray p_pt) { + fprintf(stderr, ">>> Java_org_etsi_its_security_NativeSecurity_encrypt_1aes_1128_1ccm_1test\n"); + + jbyteArray java_ciphered_message = NULL; + lib_its_security_context_t* lib_its_security_context = NULL; + int32_t result = initialize(nist_p_256, &lib_its_security_context); + if (result == 0) { + lib_its_security_context->encryption_algorithm = aes_128_ccm; + + // Extract buffers + lib_its_security_context->sym_key_length = (*env)->GetArrayLength(env, p_k); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_encrypt_1aes_1128_1ccm_1test: sym_key_length = %zd\n", lib_its_security_context->sym_key_length); + lib_its_security_context->sym_key = (uint8_t*)calloc(sizeof(uint8_t), lib_its_security_context->sym_key_length); + (*env)->GetByteArrayRegion(env, p_k, 0, (jsize)lib_its_security_context->sym_key_length, (jbyte*)lib_its_security_context->sym_key); + lib_its_security_context->nonce_length = (*env)->GetArrayLength(env, p_n); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_encrypt_1aes_1128_1ccm_1test: nonce_length = %zd\n", lib_its_security_context->nonce_length); + lib_its_security_context->nonce = (uint8_t*)calloc(sizeof(uint8_t), lib_its_security_context->nonce_length); + (*env)->GetByteArrayRegion(env, p_n, 0, (jsize)lib_its_security_context->nonce_length, (jbyte*)lib_its_security_context->nonce); + size_t plain_text_message_length = (*env)->GetArrayLength(env, p_pt); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_encrypt_1aes_1128_1ccm_1test: plain_text_message_length = %zd\n", plain_text_message_length); + uint8_t* plain_text_message = (uint8_t*)calloc(sizeof(uint8_t), plain_text_message_length); + (*env)->GetByteArrayRegion(env, p_pt, 0, (jsize)plain_text_message_length, (jbyte*)plain_text_message); + size_t encrypted_secured_message_length = 0; + uint8_t* encrypted_secured_message = NULL; + result = encrypt_(lib_its_security_context, plain_text_message, plain_text_message_length, &encrypted_secured_message, &encrypted_secured_message_length); + if (result == 0) { + // Prepare return value + java_ciphered_message = (*env)->NewByteArray(env, (jsize)encrypted_secured_message_length); + (*env)->SetByteArrayRegion(env, java_ciphered_message, 0, (jsize)encrypted_secured_message_length, (jbyte*)encrypted_secured_message); + // Free allocated resources + free(encrypted_secured_message); + } + // Free allocated resources + free(plain_text_message); + uninitialize(&lib_its_security_context); + } + + return java_ciphered_message; +} + +/* + * Class: org_etsi_its_security_NativeSecurity + * Method: decrypt_aes_128_ccm_test + * Signature: ([B[B[B)[B + */ +JNIEXPORT jbyteArray JNICALL Java_org_etsi_its_security_NativeSecurity_decrypt_1aes_1128_1ccm_1test(JNIEnv* env, jobject jobj, jbyteArray p_k, jbyteArray p_n, jbyteArray p_ct) { + fprintf(stderr, ">>> Java_org_etsi_its_security_NativeSecurity_decrypt_1aes_1128_1ccm_1test\n"); + + jbyteArray java_plain_text_message = NULL; + lib_its_security_context_t* lib_its_security_context = NULL; + int32_t result = initialize(nist_p_256, &lib_its_security_context); + if (result == 0) { + lib_its_security_context->encryption_algorithm = aes_128_ccm; + + // Extract buffers + lib_its_security_context->sym_key_length = (*env)->GetArrayLength(env, p_k); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_decrypt_1aes_1128_1ccm_1test: sym_key_length= %zd\n", lib_its_security_context->sym_key_length); + lib_its_security_context->sym_key = (uint8_t*)calloc(sizeof(uint8_t), lib_its_security_context->sym_key_length); + (*env)->GetByteArrayRegion(env, p_k, 0, (jsize)lib_its_security_context->sym_key_length, (jbyte*)lib_its_security_context->sym_key); + lib_its_security_context->nonce_length = (*env)->GetArrayLength(env, p_n); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_decrypt_1aes_1128_1ccm_1test: nonce_length= %zd\n", lib_its_security_context->nonce_length); + lib_its_security_context->nonce = (uint8_t*)calloc(sizeof(uint8_t), lib_its_security_context->nonce_length); + (*env)->GetByteArrayRegion(env, p_n, 0, (jsize)lib_its_security_context->nonce_length, (jbyte*)lib_its_security_context->nonce); + size_t encrypted_secured_message_length = (*env)->GetArrayLength(env, p_ct) - 16; // Extract the tag from the ciphered message + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_decrypt_1aes_1128_1ccm_1test: encrypted_secured_message_length= %zd\n", encrypted_secured_message_length); + uint8_t* encrypted_secured_message = (uint8_t*)calloc(sizeof(uint8_t), encrypted_secured_message_length); // Extract the ciphered message + (*env)->GetByteArrayRegion(env, p_ct, 0, (jsize)encrypted_secured_message_length, (jbyte*)encrypted_secured_message); + lib_its_security_context->tag_length = 16; // Extract the tag + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_decrypt_1aes_1128_1ccm_1test: tag_length= %zd\n", lib_its_security_context->tag_length); + lib_its_security_context->tag = (uint8_t*)calloc(sizeof(uint8_t), lib_its_security_context->tag_length); + (*env)->GetByteArrayRegion(env, p_ct, encrypted_secured_message_length, (jsize)lib_its_security_context->tag_length, (jbyte*)lib_its_security_context->tag); + size_t plain_text_message_length; + uint8_t* plain_text_message = NULL; + result = decrypt(lib_its_security_context, encrypted_secured_message, encrypted_secured_message_length, &plain_text_message, &plain_text_message_length); + fprintf(stderr, "Java_org_etsi_its_security_NativeSecurity_decrypt_1aes_1128_1ccm_1test: result= %d\n", result); + if (result == 0) { + // Prepare return value + java_plain_text_message = (*env)->NewByteArray(env, (jsize)plain_text_message_length); + (*env)->SetByteArrayRegion(env, java_plain_text_message, 0, (jsize)plain_text_message_length, (jbyte*)plain_text_message); + // Free allocated resources + free(plain_text_message); + } + // Free allocated resources + free(encrypted_secured_message); + uninitialize(&lib_its_security_context); + } + + return java_plain_text_message; +} diff --git a/tools/itssecurity/org_etsi_its_security/org_etsi_its_security_NativeSecurity.h b/tools/itssecurity/org_etsi_its_security/org_etsi_its_security_NativeSecurity.h new file mode 100644 index 0000000000000000000000000000000000000000..7799fc7fc042821991950342a2127eb195b0c4f2 --- /dev/null +++ b/tools/itssecurity/org_etsi_its_security/org_etsi_its_security_NativeSecurity.h @@ -0,0 +1,141 @@ +/* DO NOT EDIT THIS FILE - it is machine generated */ +#include +/* Header for class org_etsi_its_security_NativeSecurity */ + +#ifndef _Included_org_etsi_its_security_NativeSecurity +#define _Included_org_etsi_its_security_NativeSecurity +#ifdef __cplusplus +extern "C" { +#endif + /* + * Class: org_etsi_its_security_NativeSecurity + * Method: hashWithSha256 + * Signature: ([B)[B + */ + JNIEXPORT jbyteArray JNICALL Java_org_etsi_its_security_NativeSecurity_hashWithSha256 + (JNIEnv*, jobject, jbyteArray); + + /* + * Class: org_etsi_its_security_NativeSecurity + * Method: hashWithSha384 + * Signature: ([B)[B + */ + JNIEXPORT jbyteArray JNICALL Java_org_etsi_its_security_NativeSecurity_hashWithSha384 + (JNIEnv*, jobject, jbyteArray); + + /* + * Class: org_etsi_its_security_NativeSecurity + * Method: hmacWithSha256 + * Signature: ([B[B)[B + */ + JNIEXPORT jbyteArray JNICALL Java_org_etsi_its_security_NativeSecurity_hmacWithSha256 + (JNIEnv*, jobject, jbyteArray, jbyteArray); + + /* + * Class: org_etsi_its_security_NativeSecurity + * Method: signWithEcdsaNistp256WithSha256 + * Signature: ([B[B[B)[B + */ + JNIEXPORT jbyteArray JNICALL Java_org_etsi_its_security_NativeSecurity_signWithEcdsaNistp256WithSha256 + (JNIEnv*, jobject, jbyteArray, jbyteArray, jbyteArray); + + /* + * Class: org_etsi_its_security_NativeSecurity + * Method: signWithEcdsaBrainpoolp256r1WithSha256 + * Signature: ([B[B[B)[B + */ + JNIEXPORT jbyteArray JNICALL Java_org_etsi_its_security_NativeSecurity_signWithEcdsaBrainpoolp256r1WithSha256 + (JNIEnv*, jobject, jbyteArray, jbyteArray, jbyteArray); + + /* + * Class: org_etsi_its_security_NativeSecurity + * Method: signWithEcdsaBrainpoolp384r1WithSha384 + * Signature: ([B[B[B)[B + */ + JNIEXPORT jbyteArray JNICALL Java_org_etsi_its_security_NativeSecurity_signWithEcdsaBrainpoolp384r1WithSha384 + (JNIEnv*, jobject, jbyteArray, jbyteArray, jbyteArray); + + /* + * Class: org_etsi_its_security_NativeSecurity + * Method: verifyWithEcdsaNistp256WithSha256 + * Signature: ([B[B[B[BI)I + */ + JNIEXPORT jint JNICALL Java_org_etsi_its_security_NativeSecurity_verifyWithEcdsaNistp256WithSha256 + (JNIEnv*, jobject, jbyteArray, jbyteArray, jbyteArray, jbyteArray, jint); + + /* + * Class: org_etsi_its_security_NativeSecurity + * Method: verifyWithEcdsaBrainpoolp256r1WithSha256 + * Signature: ([B[B[B[BI)I + */ + JNIEXPORT jint JNICALL Java_org_etsi_its_security_NativeSecurity_verifyWithEcdsaBrainpoolp256r1WithSha256 + (JNIEnv*, jobject, jbyteArray, jbyteArray, jbyteArray, jbyteArray, jint); + + /* + * Class: org_etsi_its_security_NativeSecurity + * Method: verifyWithEcdsaBrainpoolp384r1WithSha384 + * Signature: ([B[B[B[BI)I + */ + JNIEXPORT jint JNICALL Java_org_etsi_its_security_NativeSecurity_verifyWithEcdsaBrainpoolp384r1WithSha384 + (JNIEnv*, jobject, jbyteArray, jbyteArray, jbyteArray, jbyteArray, jint); + + /* + * Class: org_etsi_its_security_NativeSecurity + * Method: generate_key_pair + * Signature: (ILjava/nio/ByteBuffer;Ljava/nio/ByteBuffer;Ljava/nio/ByteBuffer;Ljava/nio/ByteBuffer;)I + */ + JNIEXPORT jint JNICALL Java_org_etsi_its_security_NativeSecurity_generate_1key_1pair + (JNIEnv*, jobject, jint, jobject, jobject, jobject, jobject); + + /* + * Class: org_etsi_its_security_NativeSecurity + * Method: encrypt_with_ecies_nistp256_with_sha256 + * Signature: ([B[B[BLjava/nio/ByteBuffer;Ljava/nio/ByteBuffer;Ljava/nio/ByteBuffer;Ljava/nio/ByteBuffer;Ljava/nio/ByteBuffer;)[B + */ + JNIEXPORT jbyteArray JNICALL Java_org_etsi_its_security_NativeSecurity_encrypt_1with_1ecies_1nistp256_1with_1sha256 + (JNIEnv*, jobject, jbyteArray, jbyteArray, jbyteArray, jobject, jobject, jobject, jobject, jobject); + + /* + * Class: org_etsi_its_security_NativeSecurity + * Method: encrypt_with_ecies_brainpoolp256r1_with_sha256 + * Signature: ([B[B[BLjava/nio/ByteBuffer;Ljava/nio/ByteBuffer;Ljava/nio/ByteBuffer;Ljava/nio/ByteBuffer;Ljava/nio/ByteBuffer;)[B + */ + JNIEXPORT jbyteArray JNICALL Java_org_etsi_its_security_NativeSecurity_encrypt_1with_1ecies_1brainpoolp256r1_1with_1sha256 + (JNIEnv*, jobject, jbyteArray, jbyteArray, jbyteArray, jobject, jobject, jobject, jobject, jobject); + + /* + * Class: org_etsi_its_security_NativeSecurity + * Method: decrypt_with_ecies_nistp256_with_sha256 + * Signature: ([B[B[B[B[B[B[BLjava/nio/ByteBuffer;)[B + */ + JNIEXPORT jbyteArray JNICALL Java_org_etsi_its_security_NativeSecurity_decrypt_1with_1ecies_1nistp256_1with_1sha256 + (JNIEnv*, jobject, jbyteArray, jbyteArray, jbyteArray, jbyteArray, jbyteArray, jbyteArray, jbyteArray, jobject); + + /* + * Class: org_etsi_its_security_NativeSecurity + * Method: decrypt_with_ecies_brainpoolp256r1_with_sha256 + * Signature: ([B[B[B[B[B[B[BLjava/nio/ByteBuffer;)[B + */ + JNIEXPORT jbyteArray JNICALL Java_org_etsi_its_security_NativeSecurity_decrypt_1with_1ecies_1brainpoolp256r1_1with_1sha256 + (JNIEnv*, jobject, jbyteArray, jbyteArray, jbyteArray, jbyteArray, jbyteArray, jbyteArray, jbyteArray, jobject); + + /* + * Class: org_etsi_its_security_NativeSecurity + * Method: encrypt_aes_128_ccm_test + * Signature: ([B[B[B)[B + */ + JNIEXPORT jbyteArray JNICALL Java_org_etsi_its_security_NativeSecurity_encrypt_1aes_1128_1ccm_1test + (JNIEnv*, jobject, jbyteArray, jbyteArray, jbyteArray); + + /* + * Class: org_etsi_its_security_NativeSecurity + * Method: decrypt_aes_128_ccm_test + * Signature: ([B[B[B)[B + */ + JNIEXPORT jbyteArray JNICALL Java_org_etsi_its_security_NativeSecurity_decrypt_1aes_1128_1ccm_1test + (JNIEnv*, jobject, jbyteArray, jbyteArray, jbyteArray); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/tools/itssecurity/test/lib_its_security_tests_unit.vcxproj b/tools/itssecurity/test/lib_its_security_tests_unit.vcxproj index cd0af22cc58f0c7d1d793452fb85f2cf48178524..f098986fed7a8331f6d25a60fe0a80fe5d5fa5e1 100644 --- a/tools/itssecurity/test/lib_its_security_tests_unit.vcxproj +++ b/tools/itssecurity/test/lib_its_security_tests_unit.vcxproj @@ -65,7 +65,7 @@ - Use + NotUsing pch.h Disabled _Win64;X64;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) @@ -77,7 +77,7 @@ true Console - C:\Users\yanng\source\repos\TestOpenSSL\x64\Debug;C:\Program Files\OpenSSL-Win64\lib\VC + $(ProjectDir)..\x64\Debug;C:\Program Files\OpenSSL-Win64\lib\VC lib_its_security.lib;libcrypto64MDd.lib;libssl64MDd.lib;Ws2_32.lib;%(AdditionalDependencies) $(OutDir)$(TargetName).pdb diff --git a/tools/itssecurity/test/test_lib_its_security.cc b/tools/itssecurity/test/test_lib_its_security.cc index be4eddc268d779d481a31b34ed17b621735128ab..af6ae8d4bfeebab44013d5e1c4ad39f13ec1fb0b 100755 --- a/tools/itssecurity/test/test_lib_its_security.cc +++ b/tools/itssecurity/test/test_lib_its_security.cc @@ -640,6 +640,34 @@ TEST(lib_its_security_test_suite, sign_with_ecdsa_brainpoolp256r1_with_sha256_4) EXPECT_TRUE(lib_its_security_context == NULL); } +TEST(lib_its_security_test_suite, sign_with_ecdsa_brainpoolp256r1_with_sha256_5) { + // Preamble + lib_its_security_context_t* lib_its_security_context = NULL; + size_t l; + uint8_t* public_key_compressed = hex_to_bin((const int8_t*)"45dc4fbf42910e1843bc33ed5752e3781fa84432af6d77c3f35bc105e8493842", &l); + ecc_compressed_mode_t public_key_compressed_mode = compressed_y_0; + EXPECT_TRUE(initialize_with_public_key(brainpool_p_256_r1, public_key_compressed, public_key_compressed_mode, &lib_its_security_context) == 0); + + // Test body + size_t data_length; + uint8_t* data = hex_to_bin((const int8_t*)"40038081CD018140B35BB1620425E515B0AE24C8183B64FF008003008062C042D452D16EBA70812431356433396237342D653232372D346431322D383039622D36313033373631623235393000000000001E80314F8400788301028000FA80017C0001018002026F81030201C080808369D872E470EC6CFB9483834DAF3BA42430ED455308382F8893C94195F31125528180256EF768A3101619D9D67071B20CE3339EFEA006FBD11CEDE0406BE63E0F947B54D4BDE21CB10580CB8D3119F6152FD0C48E07A95CB26A72746EE3B62600B27F4002026F0001D16790C0B1BD", &data_length); + uint8_t* issuer = hex_to_bin((const int8_t*)"89bab7dea15bdaf3ff0357d952760a25735dd9816941bf6562c042d452d16eba", &l); + uint8_t* sig = hex_to_bin((const int8_t*)"03F5D9B6C73AE57FE2372F0F9580349A474AF3CE30CE986E7DFDEF8E87BA309B45677D03B713594E0C731B3C680A87631A9E23993678B2268E1715B8EB5E07CF", &l); + EXPECT_TRUE(verify_with_ecdsa_brainpoolp256r1_with_sha256(lib_its_security_context, data, data_length, issuer, sig, public_key_compressed, public_key_compressed_mode) == 0); + free(data); + data = hex_to_bin((const int8_t*)"018140917e149bda9bb458c5ae3d48757c41b3008003008062c042d452d16eba70812436393761346436332d366666342d343234642d613664342d38333738653034306234316200000000001e8113df8400788301028000fa80017c0001018002026f81030201c08080839f4d40e1aa679757aad00885fdf365b4b9764d51e5f4cbba38765813fddc6f8d8180934615ee798ccc3786dc0a8b305ddc04cc7641acf1c52fce051ebf7a5266e9fb490f723920145aa9a014231948b01ba5227f8adda0e5c912376930330a09c1944002026f0001d17511c52f26", &data_length); + EXPECT_TRUE(verify_with_ecdsa_brainpoolp256r1_with_sha256(lib_its_security_context, data, data_length, issuer, sig, public_key_compressed, public_key_compressed_mode) == -1); + + // Postamble + free(data); + free(issuer); + free(sig); + free(public_key_compressed); + EXPECT_TRUE(lib_its_security_context->ec_key != NULL); + EXPECT_TRUE(uninitialize(&lib_its_security_context) == 0); + EXPECT_TRUE(lib_its_security_context == NULL); +} + TEST(lib_its_security_test_suite, sign_with_ecdsa_brainpoolp384r1_with_sha384_1) { // Preamble lib_its_security_context_t* lib_its_security_context = NULL; diff --git a/ttcn/AtsGenCert/ItsGenCert_Functions.ttcn b/ttcn/AtsGenCert/ItsGenCert_Functions.ttcn index 49ad129a824eb77cc7660c0773c030a7839538d0..1aeef7b562c1fa579a6d5eb93dfad5b11299b3a9 100644 --- a/ttcn/AtsGenCert/ItsGenCert_Functions.ttcn +++ b/ttcn/AtsGenCert/ItsGenCert_Functions.ttcn @@ -302,6 +302,7 @@ module ItsGenCert_Functions { p_certificate_details_list[v_counter].public_key_compressed, p_certificate_details_list[v_counter].public_key_compressed_mode, p_certificate_details_list[v_counter].hash, + p_certificate_details_list[v_counter].hash_256, p_certificate_details_list[v_counter].hashid8, p_certificate_details_list[v_counter].issuer, p_certificate_details_list[v_counter].private_enc_key, @@ -319,6 +320,7 @@ module ItsGenCert_Functions { p_certificate_details_list[v_counter].public_key_compressed, p_certificate_details_list[v_counter].public_key_compressed_mode, p_certificate_details_list[v_counter].hash, + p_certificate_details_list[v_counter].hash_256, p_certificate_details_list[v_counter].hashid8, p_certificate_details_list[v_counter].issuer, omit,