Skip to content

Commit

Permalink
hotplace rev.438 COSE
Browse files Browse the repository at this point in the history
  • Loading branch information
princeb612 committed Dec 5, 2023
1 parent 31aed66 commit 6efbc92
Show file tree
Hide file tree
Showing 11 changed files with 813 additions and 351 deletions.
7 changes: 5 additions & 2 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,11 @@
* sdk/crypto/jose/
* test/jose/

* RFC 8152 CBOR Object Signing and Encryption (COSE)
* RFC 8812 CBOR Object Signing and Encryption (COSE) and JSON Object Signing and Encryption (JOSE) Registrations for Web Authentication (WebAuthn) Algorithms
* sdk/crypto/cose/
* test/cose/

## applied

* RFC 2144 The CAST-128 Encryption Algorithm (May 1997)
Expand Down Expand Up @@ -90,11 +95,9 @@

## studying

* RFC 8152 CBOR Object Signing and Encryption (COSE)
* RFC 8230 Using RSA Algorithms with CBOR Object Signing and Encryption (COSE) Messages
* RFC 8392 CBOR Web Token (CWT)
* RFC 8778 Use of the HSS/LMS Hash-Based Signature Algorithm with CBOR Object Signing and Encryption (COSE)
* RFC 8812 CBOR Object Signing and Encryption (COSE) and JSON Object Signing and Encryption (JOSE) Registrations for Web Authentication (WebAuthn) Algorithms
* RFC 9021 Use of the Walnut Digital Signature Algorithm with CBOR Object Signing and Encryption (COSE)
* RFC 9052 CBOR Object Signing and Encryption (COSE): Structures and Process
* RFC 9053 CBOR Object Signing and Encryption (COSE): Initial Algorithms
Expand Down
11 changes: 3 additions & 8 deletions sdk/crypto/cose/cbor_object_encryption.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@ cbor_object_encryption::~cbor_object_encryption() {

return_t cbor_object_encryption::encrypt(cose_context_t* handle, crypto_key* key, cose_alg_t method, binary_t const& input, binary_t& output) {
return_t ret = errorcode_t::success;
cbor_object_signing_encryption cose;

__try2 {
if (nullptr == handle) {
Expand All @@ -49,7 +50,7 @@ return_t cbor_object_encryption::encrypt(cose_context_t* handle, crypto_key* key
std::list<cose_alg_t> methods;
methods.push_back(method);

ret = encrypt(handle, key, methods, input, output);
ret = cose.encrypt(handle, key, methods, input, output);
}
__finally2 {
// do nothing
Expand All @@ -59,17 +60,14 @@ return_t cbor_object_encryption::encrypt(cose_context_t* handle, crypto_key* key

return_t cbor_object_encryption::encrypt(cose_context_t* handle, crypto_key* key, std::list<cose_alg_t> methods, binary_t const& input, binary_t& output) {
return_t ret = errorcode_t::success;
return_t check = errorcode_t::success;
crypto_advisor* advisor = crypto_advisor::get_instance();
std::set<return_t> results;
cbor_object_signing_encryption cose;
cbor_publisher publisher;

__try2 {
if (nullptr == handle || nullptr == key) {
ret = errorcode_t::invalid_parameter;
__leave2;
}
ret = cose.encrypt(handle, key, methods, input, output);
}
__finally2 {
// do nothing
Expand Down Expand Up @@ -101,9 +99,6 @@ return_t cbor_object_encryption::encrypt(cose_context_t* handle, crypto_key* key

return_t cbor_object_encryption::decrypt(cose_context_t* handle, crypto_key* key, binary_t const& input, binary_t& output, bool& result) {
return_t ret = errorcode_t::success;
return_t check = errorcode_t::success;
crypto_advisor* advisor = crypto_advisor::get_instance();
std::set<return_t> results;
cbor_object_signing_encryption cose;

// RFC 8152 4.3. Externally Supplied Data
Expand Down
16 changes: 9 additions & 7 deletions sdk/crypto/cose/cbor_object_signing.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,18 +57,15 @@ return_t cbor_object_signing::sign(cose_context_t* handle, crypto_key* key, cose

return_t cbor_object_signing::sign(cose_context_t* handle, crypto_key* key, std::list<cose_alg_t> methods, binary_t const& input, binary_t& output) {
return_t ret = errorcode_t::success;
return ret;
}

return_t cbor_object_signing::mac(cose_context_t* handle, crypto_key* key, cose_alg_t method, binary_t const& input, binary_t& output) {
return_t ret = errorcode_t::success;

cbor_object_signing_encryption cose;
ret = cose.sign(handle, key, methods, input, output);
return ret;
}

return_t cbor_object_signing::mac(cose_context_t* handle, crypto_key* key, std::list<cose_alg_t> methods, binary_t const& input, binary_t& output) {
return_t ret = errorcode_t::success;

cbor_object_signing_encryption cose;
ret = cose.mac(handle, key, methods, input, output);
return ret;
}

Expand All @@ -82,6 +79,11 @@ return_t cbor_object_signing::verify(cose_context_t* handle, crypto_key* key, bi
ret = errorcode_t::invalid_parameter;
__leave2;
}
binary_t dummy;
ret = cose.process(handle, key, input, dummy);
if (errorcode_t::success == ret) {
result = true;
}
}
__finally2 {
// do nothing
Expand Down
10 changes: 0 additions & 10 deletions sdk/crypto/cose/cbor_object_signing.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,16 +46,6 @@ class cbor_object_signing {
* @remarks see json_object_signing_encryption::sign
*/
return_t sign(cose_context_t* handle, crypto_key* key, std::list<cose_alg_t> methods, binary_t const& input, binary_t& output);
/**
* @brief mac
* @param cose_context_t* handle [in]
* @param crypto_key* key [in]
* @param cose_alg_t method [in]
* @param binary_t const& input [in]
* @param binary_t& output [out]
* @return error code (see error.hpp)
*/
return_t mac(cose_context_t* handle, crypto_key* key, cose_alg_t method, binary_t const& input, binary_t& output);
/**
* @brief mac
* @param cose_context_t* handle [in]
Expand Down
182 changes: 181 additions & 1 deletion sdk/crypto/cose/cbor_object_signing_encryption.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -179,6 +179,41 @@ return_t cbor_object_signing_encryption::encrypt(cose_context_t* handle, crypto_
return ret;
}

return_t cbor_object_signing_encryption::encrypt2(cose_context_t* handle, crypto_key* key, binary_t const& input, binary_t& output) {
return_t ret = errorcode_t::success;

__try2 {
if (nullptr == handle || nullptr == key) {
ret = errorcode_t::invalid_parameter;
__leave2;
}

ret = preprocess(handle, key, input);
if (errorcode_t::success != ret) {
__leave2;
}

ret = preprocess_random(handle, key);
if (errorcode_t::success != ret) {
__leave2;
}

handle->composer->_cbor_tag = cose_tag_encrypt;
ret = process(handle, key, input, output, cose_mode_t::cose_mode_send);
if (errorcode_t::success != ret) {
__leave2;
}

cbor_array* root = nullptr;
handle->composer->compose(&root, output);
root->release();
}
__finally2 {
// do nothing
}
return ret;
}

return_t cbor_object_signing_encryption::decrypt(cose_context_t* handle, crypto_key* key, binary_t const& input, binary_t& output, bool& result) {
return_t ret = errorcode_t::success;
ret = process(handle, key, input, output, cose_mode_t::cose_mode_recv);
Expand Down Expand Up @@ -207,7 +242,42 @@ return_t cbor_object_signing_encryption::sign(cose_context_t* handle, crypto_key
__leave2;
}

handle->composer->_cbor_tag = cose_tag_sign;
handle->composer->_cbor_tag = cose_tag_sign1;
ret = process(handle, key, input, output, cose_mode_t::cose_mode_send);
if (errorcode_t::success != ret) {
__leave2;
}

cbor_array* root = nullptr;
handle->composer->compose(&root, output);
root->release();
}
__finally2 {
// do nothing
}
return ret;
}

return_t cbor_object_signing_encryption::sign2(cose_context_t* handle, crypto_key* key, binary_t const& input, binary_t& output) {
return_t ret = errorcode_t::success;

__try2 {
if (nullptr == handle || nullptr == key) {
ret = errorcode_t::invalid_parameter;
__leave2;
}

ret = preprocess(handle, key, input);
if (errorcode_t::success != ret) {
__leave2;
}

ret = preprocess_random(handle, key);
if (errorcode_t::success != ret) {
__leave2;
}

handle->composer->_cbor_tag = cose_tag_encrypt;
ret = process(handle, key, input, output, cose_mode_t::cose_mode_send);
if (errorcode_t::success != ret) {
__leave2;
Expand Down Expand Up @@ -252,6 +322,41 @@ return_t cbor_object_signing_encryption::mac(cose_context_t* handle, crypto_key*
return ret;
}

return_t cbor_object_signing_encryption::mac2(cose_context_t* handle, crypto_key* key, binary_t const& input, binary_t& output) {
return_t ret = errorcode_t::success;

__try2 {
if (nullptr == handle || nullptr == key) {
ret = errorcode_t::invalid_parameter;
__leave2;
}

ret = preprocess(handle, key, input);
if (errorcode_t::success != ret) {
__leave2;
}

ret = preprocess_random(handle, key);
if (errorcode_t::success != ret) {
__leave2;
}

handle->composer->_cbor_tag = cose_tag_encrypt;
ret = process(handle, key, input, output, cose_mode_t::cose_mode_send);
if (errorcode_t::success != ret) {
__leave2;
}

cbor_array* root = nullptr;
handle->composer->compose(&root, output);
root->release();
}
__finally2 {
// do nothing
}
return ret;
}

return_t cbor_object_signing_encryption::verify(cose_context_t* handle, crypto_key* key, binary_t const& input, bool& result) {
return_t ret = errorcode_t::success;
binary_t dummy;
Expand Down Expand Up @@ -404,6 +509,48 @@ return_t cbor_object_signing_encryption::subprocess(cose_context_t* handle, cryp
return_t cbor_object_signing_encryption::preprocess(cose_context_t* handle, crypto_key* key, std::list<cose_alg_t>& algs, crypt_category_t category,
binary_t const& input) {
return_t ret = errorcode_t::success;
__try2 {
ret = preprocess_skeleton(handle, key, algs, category, input);
if (errorcode_t::success != ret) {
__leave2;
}
ret = preprocess_random(handle, key);
if (errorcode_t::success != ret) {
__leave2;
}
}
__finally2 {
// do nothing
}
return ret;
}

return_t cbor_object_signing_encryption::preprocess(cose_context_t* handle, crypto_key* key, binary_t const& input) {
return_t ret = errorcode_t::success;

__try2 {
if (nullptr == handle) {
ret = errorcode_t::invalid_parameter;
__leave2;
}

cose_layer& body = handle->composer->get_layer();
body.setparam(cose_param_t::cose_param_plaintext, input);

ret = preprocess_random(handle, key);
if (errorcode_t::success != ret) {
__leave2;
}
}
__finally2 {
// do nothing
}
return ret;
}

return_t cbor_object_signing_encryption::preprocess_skeleton(cose_context_t* handle, crypto_key* key, std::list<cose_alg_t>& algs, crypt_category_t category,
binary_t const& input) {
return_t ret = errorcode_t::success;
return_t check = errorcode_t::success;
crypto_advisor* advisor = crypto_advisor::get_instance();

Expand Down Expand Up @@ -480,6 +627,26 @@ return_t cbor_object_signing_encryption::preprocess(cose_context_t* handle, cryp
}

body.setparam(cose_param_t::cose_param_plaintext, input);
}
__finally2 {
// do nothing
}
return ret;
}

return_t cbor_object_signing_encryption::preprocess_random(cose_context_t* handle, crypto_key* key) {
return_t ret = errorcode_t::success;
return_t check = errorcode_t::success;
return_t test = errorcode_t::success;
crypto_advisor* advisor = crypto_advisor::get_instance();

__try2 {
if (nullptr == handle) {
ret = errorcode_t::invalid_parameter;
__leave2;
}

cose_layer& body = handle->composer->get_layer();

// random
cose_recipients& recipients1 = body.get_recipients();
Expand Down Expand Up @@ -537,9 +704,22 @@ return_t cbor_object_signing_encryption::preprocess_dorandom(cose_context_t* han
}

cose_alg_t alg = alg = layer->get_algorithm();
crypt_category_t category = advisor->categoryof(alg);
std::string kid = layer->get_kid();

// fail if cose_key_t::cose_alg not exist
const hint_cose_algorithm_t* hint = advisor->hintof_cose_algorithm(alg);
if (nullptr == hint) {
ret = errorcode_t::request;
__leave2;
}

// if kid not provided
if (crypt_category_t::crypt_category_keyagreement == category && kid.empty()) {
key->select(kid, alg);
layer->get_unprotected().add(cose_key_t::cose_kid, kid);
}

const hint_cose_group_t* hint_group = hint->hint_group;
uint32 flags = hint_group->hintflags;

Expand Down
Loading

0 comments on commit 6efbc92

Please sign in to comment.