std::unique_ptr<ArchiveKeys> ArchiveKeys::create_and_save(std::ostream &stream, RsaKeyPair *keypair){ std::unique_ptr<ArchiveKeys> ret; if (keypair){ ret = make_unique(new ArchiveKeys(CryptoPP::Twofish::MAX_KEYLENGTH, CryptoPP::Twofish::BLOCKSIZE)); CryptoPP::RSA::PublicKey pub; auto &public_key = keypair->get_public_key(); pub.Load(CryptoPP::ArraySource((const byte *)&public_key[0], public_key.size(), true)); typedef CryptoPP::RSAES<CryptoPP::OAEP<CryptoPP::SHA>>::Encryptor encryptor_t; typedef CryptoPP::PK_EncryptorFilter filter_t; encryptor_t enc(pub); CryptoPP::SecByteBlock buffer(ret->get_size()); size_t offset = 0; for (size_t i = 0; i < ret->key_count; i++){ auto &key = ret->get_key(i); auto &iv = ret->get_iv(i); memcpy(buffer.data() + offset, key.data(), key.size()); offset += key.size(); memcpy(buffer.data() + offset, iv.data(), iv.size()); offset += iv.size(); } CryptoPP::ArraySource(buffer.data(), buffer.size(), true, new filter_t(*random_number_generator, enc, new CryptoPP::FileSink(stream))); } return ret; }
shared_ptr<ndn::Data> makeData( shared_ptr<const ndn::Interest> interest ) override { bool verified = false; if( !interest->hasPayload() ) return NULL; Block payload( interest->getPayload(), interest->getPayloadLength() ); try { payload.parse(); NdnTagVerificationRequest request( payload ); const KeyLocator& locator = request.getLocator(); if( locator.getType() != KeyLocator::KeyLocator_KeyDigest ) { verified = false; } else { CryptoPP::RSA::PublicKey pkey; const Block& key_digest = locator.getKeyDigest(); string keystr( (char*)key_digest.value(), key_digest.value_size() ); CryptoPP::StringSource keysource( keystr, true ); pkey.Load( keysource ); NdnVerifier verifier( pkey ); verified = verifier.verify( request.getTag() ); } auto data = make_shared< Data >( interest->getName() ); data->setContentType( tlv::ContentType_Blob ); data->setFreshnessPeriod( time::milliseconds( 0 ) ); NdnTagVerificationResponse response( request.getTag(), verified ); data->setContent( response.wireEncode() ); // no legit signature is required since // packets/interests with the prefix "ndn/internal" // should be rejected by network gateways Signature sig( SignatureInfo( tlv::SignatureNone ), Block( tlv::SignatureValue ) ); data->setSignature( sig ); data->wireEncode(); return data; } catch( ... ) { return NULL; } }
string RSA_Encryption(const string & plain){ //Encryption AutoSeededRandomPool rng; //Load public key CryptoPP::RSA::PublicKey pubKey; CryptoPP::ByteQueue bytes; FileSource file("pubkey.txt", true, new Base64Decoder); file.TransferTo(bytes); bytes.MessageEnd(); pubKey.Load(bytes); RSAES_OAEP_SHA_Encryptor e(pubKey); string cipher; StringSource ss1(plain, true, new PK_EncryptorFilter(rng, e, new StringSink(cipher) ) // PK_EncryptorFilter ); // StringSource return cipher; }