|
|
@ -373,7 +373,7 @@ namespace crypto |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
// ECIES
|
|
|
|
// ECIES
|
|
|
|
void ECIESEncrypt (const EC_GROUP * curve, const EC_POINT * key, const uint8_t * data, uint8_t * encrypted, BN_CTX * ctx) |
|
|
|
void ECIESEncrypt (const EC_GROUP * curve, const EC_POINT * key, const uint8_t * data, uint8_t * encrypted, BN_CTX * ctx, bool zeroPadding) |
|
|
|
{ |
|
|
|
{ |
|
|
|
BN_CTX_start (ctx); |
|
|
|
BN_CTX_start (ctx); |
|
|
|
BIGNUM * q = BN_CTX_get (ctx); |
|
|
|
BIGNUM * q = BN_CTX_get (ctx); |
|
|
@ -386,10 +386,19 @@ namespace crypto |
|
|
|
EC_POINT_mul (curve, p, k, nullptr, nullptr, ctx); |
|
|
|
EC_POINT_mul (curve, p, k, nullptr, nullptr, ctx); |
|
|
|
BIGNUM * x = BN_CTX_get (ctx), * y = BN_CTX_get (ctx); |
|
|
|
BIGNUM * x = BN_CTX_get (ctx), * y = BN_CTX_get (ctx); |
|
|
|
EC_POINT_get_affine_coordinates_GFp (curve, p, x, y, nullptr); |
|
|
|
EC_POINT_get_affine_coordinates_GFp (curve, p, x, y, nullptr); |
|
|
|
encrypted[0] = 0; |
|
|
|
if (zeroPadding) |
|
|
|
bn2buf (x, encrypted + 1, len); |
|
|
|
{ |
|
|
|
bn2buf (y, encrypted + 1 + len, len); |
|
|
|
encrypted[0] = 0; |
|
|
|
RAND_bytes (encrypted + 1 + 2*len, 256 - 2*len); |
|
|
|
bn2buf (x, encrypted + 1, len); |
|
|
|
|
|
|
|
bn2buf (y, encrypted + 1 + len, len); |
|
|
|
|
|
|
|
RAND_bytes (encrypted + 1 + 2*len, 256 - 2*len); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
else |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
bn2buf (x, encrypted, len); |
|
|
|
|
|
|
|
bn2buf (y, encrypted + len, len); |
|
|
|
|
|
|
|
RAND_bytes (encrypted + 2*len, 256 - 2*len); |
|
|
|
|
|
|
|
} |
|
|
|
// ecryption key and iv
|
|
|
|
// ecryption key and iv
|
|
|
|
EC_POINT_mul (curve, p, nullptr, key, k, ctx); |
|
|
|
EC_POINT_mul (curve, p, nullptr, key, k, ctx); |
|
|
|
EC_POINT_get_affine_coordinates_GFp (curve, p, x, y, nullptr); |
|
|
|
EC_POINT_get_affine_coordinates_GFp (curve, p, x, y, nullptr); |
|
|
@ -403,16 +412,21 @@ namespace crypto |
|
|
|
memcpy (m+33, data, 222); |
|
|
|
memcpy (m+33, data, 222); |
|
|
|
SHA256 (m+33, 222, m+1); |
|
|
|
SHA256 (m+33, 222, m+1); |
|
|
|
// encrypt
|
|
|
|
// encrypt
|
|
|
|
encrypted[257] = 0; |
|
|
|
|
|
|
|
CBCEncryption encryption; |
|
|
|
CBCEncryption encryption; |
|
|
|
encryption.SetKey (shared); |
|
|
|
encryption.SetKey (shared); |
|
|
|
encryption.SetIV (iv); |
|
|
|
encryption.SetIV (iv); |
|
|
|
encryption.Encrypt (m, 256, encrypted + 258); |
|
|
|
if (zeroPadding) |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
encrypted[257] = 0; |
|
|
|
|
|
|
|
encryption.Encrypt (m, 256, encrypted + 258); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
else |
|
|
|
|
|
|
|
encryption.Encrypt (m, 256, encrypted + 256); |
|
|
|
EC_POINT_free (p); |
|
|
|
EC_POINT_free (p); |
|
|
|
BN_CTX_end (ctx); |
|
|
|
BN_CTX_end (ctx); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
bool ECIESDecrypt (const EC_GROUP * curve, const BIGNUM * key, const uint8_t * encrypted, uint8_t * data, BN_CTX * ctx) |
|
|
|
bool ECIESDecrypt (const EC_GROUP * curve, const BIGNUM * key, const uint8_t * encrypted, uint8_t * data, BN_CTX * ctx, bool zeroPadding) |
|
|
|
{ |
|
|
|
{ |
|
|
|
bool ret = true; |
|
|
|
bool ret = true; |
|
|
|
BN_CTX_start (ctx); |
|
|
|
BN_CTX_start (ctx); |
|
|
@ -421,8 +435,16 @@ namespace crypto |
|
|
|
int len = BN_num_bytes (q); |
|
|
|
int len = BN_num_bytes (q); |
|
|
|
// point for shared secret
|
|
|
|
// point for shared secret
|
|
|
|
BIGNUM * x = BN_CTX_get (ctx), * y = BN_CTX_get (ctx); |
|
|
|
BIGNUM * x = BN_CTX_get (ctx), * y = BN_CTX_get (ctx); |
|
|
|
BN_bin2bn (encrypted + 1, len, x); |
|
|
|
if (zeroPadding) |
|
|
|
BN_bin2bn (encrypted + 1 + len, len, y); |
|
|
|
{ |
|
|
|
|
|
|
|
BN_bin2bn (encrypted + 1, len, x); |
|
|
|
|
|
|
|
BN_bin2bn (encrypted + 1 + len, len, y); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
else |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
BN_bin2bn (encrypted, len, x); |
|
|
|
|
|
|
|
BN_bin2bn (encrypted + len, len, y); |
|
|
|
|
|
|
|
} |
|
|
|
auto p = EC_POINT_new (curve); |
|
|
|
auto p = EC_POINT_new (curve); |
|
|
|
if (EC_POINT_set_affine_coordinates_GFp (curve, p, x, y, nullptr)) |
|
|
|
if (EC_POINT_set_affine_coordinates_GFp (curve, p, x, y, nullptr)) |
|
|
|
{ |
|
|
|
{ |
|
|
@ -439,7 +461,10 @@ namespace crypto |
|
|
|
CBCDecryption decryption; |
|
|
|
CBCDecryption decryption; |
|
|
|
decryption.SetKey (shared); |
|
|
|
decryption.SetKey (shared); |
|
|
|
decryption.SetIV (iv); |
|
|
|
decryption.SetIV (iv); |
|
|
|
decryption.Decrypt (encrypted + 258, 256, m); |
|
|
|
if (zeroPadding) |
|
|
|
|
|
|
|
decryption.Decrypt (encrypted + 258, 256, m); |
|
|
|
|
|
|
|
else |
|
|
|
|
|
|
|
decryption.Decrypt (encrypted + 256, 256, m); |
|
|
|
// verify and copy
|
|
|
|
// verify and copy
|
|
|
|
uint8_t hash[32]; |
|
|
|
uint8_t hash[32]; |
|
|
|
SHA256 (m + 33, 222, hash); |
|
|
|
SHA256 (m + 33, 222, hash); |
|
|
|