From fceeec865de768d6532e0f5396b2e8155ee2eb4a Mon Sep 17 00:00:00 2001 From: "Soo han, Kim" Date: Tue, 17 Oct 2023 17:24:54 +0900 Subject: [PATCH] hotplace rev.333 RFC 8152 C.3.1 C.3.3 decryption --- sdk/crypto/basic/crypto_advisor.cpp | 6 + sdk/crypto/basic/openssl_crypt.cpp | 32 +++-- sdk/crypto/basic/openssl_crypt.hpp | 25 +++- sdk/crypto/cose/README.md | 132 ++++++++++----------- sdk/crypto/cose/cbor_object_encryption.cpp | 68 ++++++++--- sdk/crypto/types.hpp | 4 +- 6 files changed, 174 insertions(+), 93 deletions(-) diff --git a/sdk/crypto/basic/crypto_advisor.cpp b/sdk/crypto/basic/crypto_advisor.cpp index 0c5e8406..7645ada6 100644 --- a/sdk/crypto/basic/crypto_advisor.cpp +++ b/sdk/crypto/basic/crypto_advisor.cpp @@ -1615,16 +1615,22 @@ const hint_cose_algorithm_t hint_cose_algorithms[] = { cose_alg_t::cose_aes_128_gcm, // 1 crypto_kty_t::kty_hmac, cose_group_t::cose_group_aesgcm, + 0, + "aes-128-gcm", }, { cose_alg_t::cose_aes_192_gcm, // 2 crypto_kty_t::kty_hmac, cose_group_t::cose_group_aesgcm, + 0, + "aes-192-gcm", }, { cose_alg_t::cose_aes_256_gcm, // 3 crypto_kty_t::kty_hmac, cose_group_t::cose_group_aesgcm, + 0, + "aes-256-gcm", }, { cose_alg_t::cose_hs256_64, // 4, diff --git a/sdk/crypto/basic/openssl_crypt.cpp b/sdk/crypto/basic/openssl_crypt.cpp index cc3ae0e9..30fa43f9 100644 --- a/sdk/crypto/basic/openssl_crypt.cpp +++ b/sdk/crypto/basic/openssl_crypt.cpp @@ -287,6 +287,8 @@ return_t openssl_crypt::encrypt(crypt_context_t* handle, const unsigned char* da return encrypt2(handle, data_plain, size_plain, out_encrypted); } +return_t openssl_crypt::encrypt(crypt_context_t* handle, binary_t const& input, binary_t& out) { return encrypt(handle, &input[0], input.size(), out); } + return_t openssl_crypt::encrypt2(crypt_context_t* handle, const unsigned char* data_plain, size_t size_plain, binary_t& out_encrypted, binary_t* aad, binary_t* tag) { return_t ret = errorcode_t::success; @@ -311,7 +313,9 @@ return_t openssl_crypt::encrypt2(crypt_context_t* handle, const unsigned char* d return ret; } -return_t openssl_crypt::encrypt(crypt_context_t* handle, binary_t const& input, binary_t& out) { return encrypt(handle, &input[0], input.size(), out); } +return_t openssl_crypt::encrypt2(crypt_context_t* handle, binary_t const& data_plain, binary_t& out_encrypted, binary_t* aad, binary_t* tag) { + return encrypt2(handle, &data_plain[0], data_plain.size(), out_encrypted, aad, tag); +} return_t openssl_crypt::encrypt2(crypt_context_t* handle, const unsigned char* data_plain, size_t size_plain, unsigned char* out_encrypted, size_t* size_encrypted, binary_t* aad, binary_t* tag) { @@ -348,6 +352,17 @@ return_t openssl_crypt::encrypt2(crypt_context_t* handle, const unsigned char* d __leave2_trace(ret); } + // https://www.openssl.org/docs/man1.1.1/man3/EVP_CIPHER_iv_length.html + // EVP_CTRL_CCM_SET_L + // If not set a default is used (8 for AES CCM). + // EVP_CTRL_AEAD_SET_IVLEN + // For GCM AES and OCB AES the default is 12 (i.e. 96 bits) + // The nonce length is given by 15 - L so it is 7 by default for AES CCM. + // If not called a default nonce length of 12 (i.e. 96 bits) is used. (ChaCha20-Poly1305) + // EVP_CTRL_AEAD_SET_TAG + // If not set a default value is used (12 for AES CCM) + // For OCB AES, the default tag length is 16 (i.e. 128 bits). + if (crypt_mode_t::gcm == context->mode) { // 16bytes (128bits) // RFC 7516 @@ -362,6 +377,9 @@ return_t openssl_crypt::encrypt2(crypt_context_t* handle, const unsigned char* d // // RFC 7539 2.5. The Poly1305 Algorithm // Poly1305 takes a 32-byte one-time key and a message and produces a 16-byte tag. + // + // RFC 8152 10.1. AES GCM + // the size of the authentication tag is fixed at 128 bits tag_size = 16; } else if (crypt_mode_t::ccm == context->mode) { tag_size = 14; @@ -372,7 +390,7 @@ return_t openssl_crypt::encrypt2(crypt_context_t* handle, const unsigned char* d EVP_CIPHER_CTX_ctrl(context->encrypt_context, EVP_CTRL_AEAD_SET_TAG, tag_size, nullptr); binary_t& key = context->datamap[crypt_item_t::item_cek]; - EVP_CipherInit_ex(context->encrypt_context, nullptr, nullptr, &key[0], nullptr, 1); + EVP_CipherInit_ex(context->encrypt_context, nullptr, nullptr, &key[0], &iv[0], 1); ret_cipher = EVP_CipherUpdate(context->encrypt_context, nullptr, &size_update, nullptr, size_plain); if (1 > ret_cipher) { @@ -446,10 +464,6 @@ return_t openssl_crypt::encrypt2(crypt_context_t* handle, const unsigned char* d tag->resize(tag_size); ret_cipher = EVP_CIPHER_CTX_ctrl(context->encrypt_context, EVP_CTRL_AEAD_GET_TAG, tag->size(), &(*tag)[0]); if (1 > ret_cipher) { - // check (openssl 1.1.1, 3.0.x, 3.1.x) - // [../openssl-3.1.1/crypto/evp/evp_fetch.c @ 341] error:0308010C:digital envelope routines::unsupported - // [../openssl-3.1.1/providers/implementations/ciphers/ciphercommon_ccm.c @ 278] error:1C800066:Provider routines::cipher operation failed - // [../openssl-3.1.1/providers/implementations/ciphers/ciphercommon_ccm.c @ 206] error:1C800077:Provider routines::tag not set ret = errorcode_t::internal_error; __leave2_trace_openssl(ret); } @@ -535,6 +549,10 @@ return_t openssl_crypt::decrypt2(crypt_context_t* handle, const unsigned char* d return ret; } +return_t openssl_crypt::decrypt2(crypt_context_t* handle, binary_t const& data_encrypted, binary_t& out_decrypted, binary_t* aad, binary_t* tag) { + return decrypt2(handle, &data_encrypted[0], data_encrypted.size(), out_decrypted, aad, tag); +} + return_t openssl_crypt::decrypt2(crypt_context_t* handle, const unsigned char* data_encrypted, size_t size_encrypted, unsigned char* out_decrypted, size_t* size_decrypted, binary_t* aad, binary_t* tag) { return_t ret = errorcode_t::success; @@ -576,7 +594,7 @@ return_t openssl_crypt::decrypt2(crypt_context_t* handle, const unsigned char* d EVP_CIPHER_CTX_ctrl(context->decrypt_context, EVP_CTRL_AEAD_SET_TAG, tag->size(), &(*tag)[0]); binary_t& key = context->datamap[crypt_item_t::item_cek]; - EVP_CipherInit_ex(context->decrypt_context, nullptr, nullptr, &key[0], nullptr, 0); + EVP_CipherInit_ex(context->decrypt_context, nullptr, nullptr, &key[0], &iv[0], 0); ret_cipher = EVP_CipherUpdate(context->decrypt_context, nullptr, &size_update, nullptr, size_encrypted); } else if (crypt_mode_t::gcm == context->mode) { diff --git a/sdk/crypto/basic/openssl_crypt.hpp b/sdk/crypto/basic/openssl_crypt.hpp index 14d33d63..2d9e73db 100644 --- a/sdk/crypto/basic/openssl_crypt.hpp +++ b/sdk/crypto/basic/openssl_crypt.hpp @@ -152,7 +152,7 @@ class openssl_crypt : public crypt_t { */ virtual return_t encrypt(crypt_context_t* handle, binary_t const& input, binary_t& out); /** - * @brief encrypt (GCM) + * @brief encrypt (GCM/CCM) * @param crypt_context_t* handle [in] * @param const unsigned char* data_plain * @param size_t size_plain [in] @@ -163,7 +163,16 @@ class openssl_crypt : public crypt_t { virtual return_t encrypt2(crypt_context_t* handle, const unsigned char* data_plain, size_t size_plain, binary_t& out_encrypted, binary_t* aad = nullptr, binary_t* tag = nullptr); /** - * @brief encrypte + * @brief encrypt (GCM/CCM) + * @param crypt_context_t* handle [in] + * @param binary_t const& plain [in] + * @param binary_t& out_encrypte [out] + * @param binary_t* aad [inopt] + * @param binary_t* tag [outopt] + */ + virtual return_t encrypt2(crypt_context_t* handle, binary_t const& plain, binary_t& out_encrypted, binary_t* aad = nullptr, binary_t* tag = nullptr); + /** + * @brief encrypt * @param crypt_context_t* handle [in] * @param const unsigned char* data_plain [in] * @param size_t size_plain [in] @@ -209,7 +218,7 @@ class openssl_crypt : public crypt_t { virtual return_t decrypt(crypt_context_t* handle, binary_t const& input, binary_t& out); /** - * @brief decrypt (GCM) + * @brief decrypt (GCM/CCOM) * @param crypt_context_t* handle [in] * @param const unsigned char* data_encrypted [in] * @param size_t size_encrypted [in] @@ -219,6 +228,16 @@ class openssl_crypt : public crypt_t { */ virtual return_t decrypt2(crypt_context_t* handle, const unsigned char* data_encrypted, size_t size_encrypted, binary_t& out_decrypted, binary_t* aad = nullptr, binary_t* tag = nullptr); + /** + * @brief decrypt (GCM/CCOM) + * @param crypt_context_t* handle [in] + * @param binary_t const& data_encrypted [in] + * @param binary_t& out_decrypted [out] + * @param binary_t* aad [inpot] + * @param binary_t* tag [inopt] + */ + virtual return_t decrypt2(crypt_context_t* handle, binary_t const& data_encrypted, binary_t& out_decrypted, binary_t* aad = nullptr, + binary_t* tag = nullptr); /** * @brief decrypt * @param crypt_context_t* handle [in] diff --git a/sdk/crypto/cose/README.md b/sdk/crypto/cose/README.md index b47cf6cf..17efabfe 100644 --- a/sdk/crypto/cose/README.md +++ b/sdk/crypto/cose/README.md @@ -1,73 +1,71 @@ ## check1 -| | | AAD | Context | CEK | -|-- |-- |-- |-- |-- | -| - | A128KW | Enc_structure | KDF_Context | | -| - | A192KW | Enc_structure | KDF_Context | | -| - | A256KW | Enc_structure | KDF_Context | | -| - | DIRECT | Enc_structure | KDF_Context | | -| - | RSA_OAEP_SHA1 | Enc_structure | KDF_Context | | -| - | RSA_OAEP_SHA256 | Enc_structure | KDF_Context | | -| - | RSA_OAEP_SHA512 | Enc_structure | KDF_Context | | -| - | HKDF_SHA_256 | Enc_structure | KDF_Context | | -| - | HKDF_SHA_512 | Enc_structure | KDF_Context | | -| - | HKDF_AES_128 | Enc_structure | KDF_Context | | -| - | HKDF_AES_256 | Enc_structure | KDF_Context | | -| - | ECDH_ES_HKDF_256 | Enc_structure | KDF_Context | kdf_hkdf (dlen,ecdh_shared,salt,context,prf) | -| - | ECDH_ES_HKDF_512 | Enc_structure | KDF_Context | kdf_hkdf (dlen,ecdh_shared,salt,context,prf) | -| - | ECDH_SS_HKDF_256 | Enc_structure | KDF_Context | kdf_hkdf (dlen,ecdh_shared,salt,context,prf) | -| - | ECDH_SS_HKDF_512 | Enc_structure | KDF_Context | kdf_hkdf (dlen,ecdh_shared,salt,context,prf) | -| - | ECDH_ES_A128KW | Enc_structure | KDF_Context | | -| - | ECDH_ES_A192KW | Enc_structure | KDF_Context | | -| - | ECDH_ES_A256KW | Enc_structure | KDF_Context | | -| - | ECDH_ES_A128KW | Enc_structure | KDF_Context | | -| - | ECDH_ES_A192KW | Enc_structure | KDF_Context | | -| - | ECDH_ES_A256KW | Enc_structure | KDF_Context | | -| - | AES_128_GCM | Enc_structure | KDF_Context | | -| - | AES_192_GCM | Enc_structure | KDF_Context | | -| - | AES_256_GCM | Enc_structure | KDF_Context | | -| - | AES_CBC_MAC_128_64 | Enc_structure | KDF_Context | | -| - | AES_CBC_MAC_256_64 | Enc_structure | KDF_Context | | -| - | AES_CBC_MAC_128_128 | Enc_structure | KDF_Context | | -| - | AES_CBC_MAC_256_128 | Enc_structure | KDF_Context | | -| - | CHACHA20_POLY1305 | Enc_structure | KDF_Context | | -| - | AES_CCM_16_64_128 | Enc_structure | KDF_Context | | -| - | AES_CCM_16_64_256 | Enc_structure | KDF_Context | | -| - | AES_CCM_64_64_128 | Enc_structure | KDF_Context | | -| - | AES_CCM_64_64_256 | Enc_structure | KDF_Context | | -| - | AES_CCM_16_128_128 | Enc_structure | KDF_Context | | -| - | AES_CCM_16_128_256 | Enc_structure | KDF_Context | | -| - | AES_CCM_64_128_128 | Enc_structure | KDF_Context | | -| - | AES_CCM_64_128_256 | Enc_structure | KDF_Context | | - -* AES-CCM test failed +| | | AAD | Context | CEK | Final | +|-- |-- |-- |-- |-- |-- | +| - | A128KW | Enc_structure | | | | +| - | A192KW | Enc_structure | | | | +| - | A256KW | Enc_structure | | | | +| - | DIRECT | Enc_structure | | | | +| - | RSA_OAEP_SHA1 | Enc_structure | | | | +| - | RSA_OAEP_SHA256 | Enc_structure | | | | +| - | RSA_OAEP_SHA512 | Enc_structure | | | | +| - | HKDF_SHA_256 | Enc_structure | | | | +| - | HKDF_SHA_512 | Enc_structure | | | | +| - | HKDF_AES_128 | Enc_structure | | | | +| - | HKDF_AES_256 | Enc_structure | | | | +| - | ECDH_ES_HKDF_256 | Enc_structure | KDF_Context | kdf_hkdf (dlen,ecdh_shared,salt,context,prf) | PASS | +| - | ECDH_ES_HKDF_512 | Enc_structure | KDF_Context | kdf_hkdf (dlen,ecdh_shared,salt,context,prf) | PASS | +| - | ECDH_SS_HKDF_256 | Enc_structure | KDF_Context | kdf_hkdf (dlen,ecdh_shared,salt,context,prf) | PASS | +| - | ECDH_SS_HKDF_512 | Enc_structure | KDF_Context | kdf_hkdf (dlen,ecdh_shared,salt,context,prf) | PASS | +| - | ECDH_ES_A128KW | Enc_structure | | | | +| - | ECDH_ES_A192KW | Enc_structure | | | | +| - | ECDH_ES_A256KW | Enc_structure | | | | +| - | ECDH_ES_A128KW | Enc_structure | | | | +| - | ECDH_ES_A192KW | Enc_structure | | | | +| - | ECDH_ES_A256KW | Enc_structure | | | | +| - | AES_128_GCM | Enc_structure | | | | +| - | AES_192_GCM | Enc_structure | | | | +| - | AES_256_GCM | Enc_structure | | | | +| - | AES_CBC_MAC_128_64 | Enc_structure | | | | +| - | AES_CBC_MAC_256_64 | Enc_structure | | | | +| - | AES_CBC_MAC_128_128 | Enc_structure | | | | +| - | AES_CBC_MAC_256_128 | Enc_structure | | | | +| - | CHACHA20_POLY1305 | Enc_structure | | | | +| - | AES_CCM_16_64_128 | Enc_structure | | | | +| - | AES_CCM_16_64_256 | Enc_structure | | | | +| - | AES_CCM_64_64_128 | Enc_structure | | | | +| - | AES_CCM_64_64_256 | Enc_structure | | | | +| - | AES_CCM_16_128_128 | Enc_structure | | | | +| - | AES_CCM_16_128_256 | Enc_structure | | | | +| - | AES_CCM_64_128_128 | Enc_structure | | | | +| - | AES_CCM_64_128_256 | Enc_structure | | | | ## check2 -| | | -|-- |-- | -| - | HMAC_256_64 | -| - | HMAC_256_256 | -| - | HMAC_384_256 | -| - | HMAC_512_512 | -| - | RS256 | -| - | RS384 | -| - | RS512 | -| - | RS1 | -| - | ES256 | -| - | ES384 | -| - | ES512 | -| - | ES256K | -| - | PS256 | -| - | PS384 | -| - | PS512 | -| - | EdDSA | -| - | SHA1 | -| - | SHA256_64 | -| - | SHA256 | -| - | SHA512_256 | -| - | SHA384 | -| - | SHA512 | -| - | SHAKE128 | -| - | SHAKE256 | +| | | | Final | +|-- |-- | -- | -- | +| - | HMAC_256_64 | Sig_structure | | +| - | HMAC_256_256 | Sig_structure | | +| - | HMAC_384_256 | Sig_structure | | +| - | HMAC_512_512 | Sig_structure | | +| - | RS256 | Sig_structure | PASS | +| - | RS384 | Sig_structure | PASS | +| - | RS512 | Sig_structure | PASS | +| - | RS1 | Sig_structure | | +| - | ES256 | Sig_structure | PASS | +| - | ES384 | Sig_structure | PASS | +| - | ES512 | Sig_structure | PASS | +| - | ES256K | Sig_structure | | +| - | PS256 | Sig_structure | PASS | +| - | PS384 | Sig_structure | PASS | +| - | PS512 | Sig_structure | PASS | +| - | EdDSA | Sig_structure | PASS | +| - | SHA1 | Sig_structure | | +| - | SHA256_64 | Sig_structure | | +| - | SHA256 | Sig_structure | | +| - | SHA512_256 | Sig_structure | | +| - | SHA384 | Sig_structure | | +| - | SHA512 | Sig_structure | | +| - | SHAKE128 | Sig_structure | | +| - | SHAKE256 | Sig_structure | | diff --git a/sdk/crypto/cose/cbor_object_encryption.cpp b/sdk/crypto/cose/cbor_object_encryption.cpp index 884f5a74..2f87505d 100644 --- a/sdk/crypto/cose/cbor_object_encryption.cpp +++ b/sdk/crypto/cose/cbor_object_encryption.cpp @@ -254,6 +254,16 @@ return_t compose_kdf_context(cose_context_t* handle, cose_parts_t* source, binar return ret; } +void split(binary_t const& source, size_t& pos, binary_t& tag, size_t tagsize) { + tag.clear(); + const byte_t* ptr = &source[0]; + size_t size = source.size(); + if (size > tagsize) { + tag.insert(tag.end(), ptr + (size - tagsize), ptr + (size)); + pos = (size - tagsize); + } +} + return_t cbor_object_encryption::decrypt(cose_context_t* handle, crypto_key* key, binary_t const& input, bool& result) { return_t ret = errorcode_t::not_supported; return_t check = errorcode_t::success; @@ -284,18 +294,24 @@ return_t cbor_object_encryption::decrypt(cose_context_t* handle, crypto_key* key compose_enc_structure(authenticated_data, handle->tag, handle->body.bin_protected, handle->external); const char* k = nullptr; + binary_t iv; + iv.resize(8); + memset(&iv[0], 0xa6, iv.size()); + composer.finditem(cose_key_t::cose_iv, iv, handle->body.unprotected_map); size_t size_subitems = handle->subitems.size(); std::list::iterator iter; for (iter = handle->subitems.begin(); iter != handle->subitems.end(); iter++) { cose_parts_t& item = *iter; + binary_t ciphertext; binary_t context; binary_t decrypted; binary_t cek; - binary_t iv; binary_t salt; binary_t secret; + binary_t tag; + openssl_crypt crypt; openssl_hash hash; crypt_context_t* crypt_handle = nullptr; @@ -310,17 +326,17 @@ return_t cbor_object_encryption::decrypt(cose_context_t* handle, crypto_key* key k = kid.c_str(); } - const hint_cose_algorithm_t* hint = advisor->hintof_cose_algorithm((cose_alg_t)alg); - if (nullptr == hint) { + const hint_cose_algorithm_t* alg_hint = advisor->hintof_cose_algorithm((cose_alg_t)alg); + if (nullptr == alg_hint) { continue; } - pkey = key->find(k, hint->kty); + pkey = key->find(k, alg_hint->kty); if (nullptr == pkey) { continue; } - cose_group_t group = hint->group; + cose_group_t group = alg_hint->group; // reversing "AAD_hex", "CEK_hex", "Context_hex" from https://github.com/cose-wg/Examples @@ -344,18 +360,20 @@ return_t cbor_object_encryption::decrypt(cose_context_t* handle, crypto_key* key // RFC 8152 11.1. HMAC-Based Extract-and-Expand Key Derivation Function (HKDF) dh_key_agreement(pkey, item.epk, secret); compose_kdf_context(handle, &item, context); - salt.resize(hint->kdf_dlen); - kdf_hkdf(cek, hint->kdf_dlen, secret, salt, context, hint->hkdf_prf); + salt.resize(alg_hint->alglen); + kdf_hkdf(cek, alg_hint->alglen, secret, salt, context, alg_hint->algname); + // CEK } else if (cose_group_t::cose_group_ecdh_ss_hkdf == group) { // RFC 8152 12.4.1. ECDH // RFC 8152 11.1. HMAC-Based Extract-and-Expand Key Derivation Function (HKDF) std::string static_keyid; composer.finditem(cose_key_t::cose_static_key_id, static_keyid, item.unprotected_map); - EVP_PKEY* epk = key->find(static_keyid.c_str(), hint->kty); + EVP_PKEY* epk = key->find(static_keyid.c_str(), alg_hint->kty); dh_key_agreement(pkey, epk, secret); compose_kdf_context(handle, &item, context); - salt.resize(hint->kdf_dlen); - kdf_hkdf(cek, hint->kdf_dlen, secret, salt, context, hint->hkdf_prf); + salt.resize(alg_hint->alglen); + kdf_hkdf(cek, alg_hint->alglen, secret, salt, context, alg_hint->algname); + // CEK } else if (cose_group_t::cose_group_ecdh_es_aeskw == group) { // RFC 8152 12.5.1. ECDH // RFC 8152 12.2.1. AES Key Wrap @@ -367,13 +385,10 @@ return_t cbor_object_encryption::decrypt(cose_context_t* handle, crypto_key* key compose_kdf_context(handle, &item, context); std::string static_keyid; composer.finditem(cose_key_t::cose_static_key_id, static_keyid, item.unprotected_map); - EVP_PKEY* epk = key->find(static_keyid.c_str(), hint->kty); + EVP_PKEY* epk = key->find(static_keyid.c_str(), alg_hint->kty); dh_key_agreement(pkey, epk, secret); // 12.5. Key Agreement with Key Wrap // encryptedKey = KeyWrap(KDF(DH-Shared, context), CEK) - binary_t kw_iv; - kw_iv.resize(8); - memset(&kw_iv[0], 0xa6, kw_iv.size()); } else if (cose_group_t::cose_group_rsassa_pss == group) { } else if (cose_group_t::cose_group_rsa_oaep == group) { } else if (cose_group_t::cose_group_rsassa_pkcs15 == group) { @@ -389,6 +404,23 @@ return_t cbor_object_encryption::decrypt(cose_context_t* handle, crypto_key* key } else if (cose_group_t::cose_group_iv == group) { } + int enc_alg = 0; + if (cek.size()) { + composer.finditem(cose_key_t::cose_alg, enc_alg, handle->body.protected_map); + const hint_cose_algorithm_t* enc_hint = advisor->hintof_cose_algorithm((cose_alg_t)enc_alg); + if (cose_group_t::cose_group_aesgcm == enc_hint->group) { + // RFC 8152 Combine the authentication tag for encryption algorithms with the ciphertext. + size_t pos = 0; + split(handle->payload, pos, tag, 16); + + crypt.open(&crypt_handle, enc_hint->algname, cek, iv); + check = crypt.decrypt2(crypt_handle, &handle->payload[0], pos, decrypted, &authenticated_data, &tag); + crypt.close(crypt_handle); + + results.insert((errorcode_t::success == check) ? true : false); + } + } + basic_stream bs; dump_memory(authenticated_data, &bs); printf("aad\n%s\n%s\n", bs.c_str(), base16_encode(authenticated_data).c_str()); @@ -396,6 +428,10 @@ return_t cbor_object_encryption::decrypt(cose_context_t* handle, crypto_key* key dump_memory(cek, &bs); printf("cek\n%s\n%s\n", bs.c_str(), base16_encode(cek).c_str()); } + if (ciphertext.size()) { + dump_memory(ciphertext, &bs); + printf("ciphertext\n%s\n%s\n", bs.c_str(), base16_encode(ciphertext).c_str()); + } if (context.size()) { dump_memory(context, &bs); printf("context\n%s\n%s\n", bs.c_str(), base16_encode(context).c_str()); @@ -416,6 +452,10 @@ return_t cbor_object_encryption::decrypt(cose_context_t* handle, crypto_key* key dump_memory(secret, &bs); printf("secret\n%s\n%s\n", bs.c_str(), base16_encode(secret).c_str()); } + if (tag.size()) { + dump_memory(tag, &bs); + printf("tag\n%s\n%s\n", bs.c_str(), base16_encode(tag).c_str()); + } } if ((1 == results.size()) && (true == *results.begin())) { diff --git a/sdk/crypto/types.hpp b/sdk/crypto/types.hpp index dfdcaa1d..7f02f4d9 100644 --- a/sdk/crypto/types.hpp +++ b/sdk/crypto/types.hpp @@ -687,8 +687,8 @@ typedef struct _hint_cose_algorithm_t { cose_alg_t alg; crypto_kty_t kty; cose_group_t group; - int16 kdf_dlen; - const char* hkdf_prf; + int16 alglen; // kdf_dlen + const char* algname; // hkdf_prf // studying } hint_cose_algorithm_t;