std::unique_ptr<ArchiveKeys> ArchiveKeys::create_and_save(std::ostream &stream, RsaKeyPair *keypair){ std::unique_ptr<ArchiveKeys> ret; if (keypair){ ret = make_unique(new ArchiveKeys(CryptoPP::Twofish::MAX_KEYLENGTH, CryptoPP::Twofish::BLOCKSIZE)); CryptoPP::RSA::PublicKey pub; auto &public_key = keypair->get_public_key(); pub.Load(CryptoPP::ArraySource((const byte *)&public_key[0], public_key.size(), true)); typedef CryptoPP::RSAES<CryptoPP::OAEP<CryptoPP::SHA>>::Encryptor encryptor_t; typedef CryptoPP::PK_EncryptorFilter filter_t; encryptor_t enc(pub); CryptoPP::SecByteBlock buffer(ret->get_size()); size_t offset = 0; for (size_t i = 0; i < ret->key_count; i++){ auto &key = ret->get_key(i); auto &iv = ret->get_iv(i); memcpy(buffer.data() + offset, key.data(), key.size()); offset += key.size(); memcpy(buffer.data() + offset, iv.data(), iv.size()); offset += iv.size(); } CryptoPP::ArraySource(buffer.data(), buffer.size(), true, new filter_t(*random_number_generator, enc, new CryptoPP::FileSink(stream))); } return ret; }
shared_ptr<ndn::Data> makeData( shared_ptr<const ndn::Interest> interest ) override { bool verified = false; if( !interest->hasPayload() ) return NULL; Block payload( interest->getPayload(), interest->getPayloadLength() ); try { payload.parse(); NdnTagVerificationRequest request( payload ); const KeyLocator& locator = request.getLocator(); if( locator.getType() != KeyLocator::KeyLocator_KeyDigest ) { verified = false; } else { CryptoPP::RSA::PublicKey pkey; const Block& key_digest = locator.getKeyDigest(); string keystr( (char*)key_digest.value(), key_digest.value_size() ); CryptoPP::StringSource keysource( keystr, true ); pkey.Load( keysource ); NdnVerifier verifier( pkey ); verified = verifier.verify( request.getTag() ); } auto data = make_shared< Data >( interest->getName() ); data->setContentType( tlv::ContentType_Blob ); data->setFreshnessPeriod( time::milliseconds( 0 ) ); NdnTagVerificationResponse response( request.getTag(), verified ); data->setContent( response.wireEncode() ); // no legit signature is required since // packets/interests with the prefix "ndn/internal" // should be rejected by network gateways Signature sig( SignatureInfo( tlv::SignatureNone ), Block( tlv::SignatureValue ) ); data->setSignature( sig ); data->wireEncode(); return data; } catch( ... ) { return NULL; } }
string RSA_Encryption(const string & plain){ //Encryption AutoSeededRandomPool rng; //Load public key CryptoPP::RSA::PublicKey pubKey; CryptoPP::ByteQueue bytes; FileSource file("pubkey.txt", true, new Base64Decoder); file.TransferTo(bytes); bytes.MessageEnd(); pubKey.Load(bytes); RSAES_OAEP_SHA_Encryptor e(pubKey); string cipher; StringSource ss1(plain, true, new PK_EncryptorFilter(rng, e, new StringSink(cipher) ) // PK_EncryptorFilter ); // StringSource return cipher; }
void cKeysStorage::savePubFile(unsigned int numberOfKey, const CryptoPP::RSA::PublicKey& pPubKey, std::string fileName) { std::ofstream mOutFile; std::string mOutName; //(std::to_string(numberOfKey)); //mOutName += ".pub"; mOutName = fileName; std::cout << "Pub file: " << fileName << std::endl; //mOutFile.open(mOutName); //save header //mOutFile << "version 1" << std::endl; //mOutFile << "crypto rsa" << std::endl; //mOutFile << "size 4096" << std::endl; //mOutFile << "END" << std::endl; //generate pub key in txt file //Base64Encoder pubkeysink(new FileSink("tmp")); Base64Encoder pubkeysink(new FileSink(mOutName.c_str())); pPubKey.DEREncode(pubkeysink); pubkeysink.MessageEnd(); //std::cout << "Pub key:" << std::endl; //append from tmp to pub file /*std::ifstream tmpFile("tmp"); char s; while (!tmpFile.eof()) { tmpFile >> std::noskipws >> s; mOutFile << s; std::cout << s; } mOutFile.close(); std::cout << std::endl;*/ std::cout << "end of savePubFile" << std::endl; }
bool cKeysStorage::RSAVerifyFile(const std::string &fileName, const std::string &instance) // load .sig file { using namespace CryptoPP; std::cout << "Start RSAVerifyFile" << std::endl; std::cout << "File name: " << fileName << std::endl; std::cout << "instance: " << instance << std::endl; std::string line; std::string clearTextFileName; int pubicKeyNumber; // read sig file std::ifstream input(fileName); input >> line; //parse data input >> pubicKeyNumber; //std::cout << line << " " << pubicKeyNumber << std::endl; std::cout << "====sig===" << std::endl; for (int i = 0; i < 4; ++i) // 3 lines { input >> line; std::cout << line << " "; input >> line; std::cout << line << " " << std::endl; } std::cout << "====sig===" << std::endl; clearTextFileName = line; input >> line; input >> line; std::string sig2file = line; std::cout << std::endl; std::cout << "clear file: " << clearTextFileName << std::endl; std::cout << "sig2 file: " << sig2file << std::endl; //load signature std::string signedTxt; FileSource(clearTextFileName.c_str(), true, new StringSink(signedTxt)); std::string signature; FileSource(sig2file.c_str(), true, new StringSink(signature)); //std::cout << std::endl << "signature " << std::noskipws << signature << std::endl; //std::cout << std::endl << "pubicKeyNumber " << pubicKeyNumber << std::endl; std::string pubFile; pubFile = instance + "-key" + std::to_string(pubicKeyNumber) + ".pub"; std::cout << "pub file: " << pubFile << std::endl; CryptoPP::RSA::PublicKey currentPubKey = loadPubFile(pubFile); AutoSeededRandomPool rng; std::cout << "pub key validate " << currentPubKey.Validate(rng, 1); std::cout << std::endl << "start verify" << std::endl; RSASSA_PKCS1v15_SHA_Verifier verifier(currentPubKey); std::string combined(signedTxt); combined.append(signature); try { StringSource(combined, true, new SignatureVerificationFilter(verifier, NULL, SignatureVerificationFilter::THROW_EXCEPTION) ); std::cout << "Signature OK" << std::endl; return true; } catch(SignatureVerificationFilter::SignatureVerificationFailed &err) { std::cout << "verify error " << err.what() << std::endl; return false; } //std::cout << "end of RsaVerifyFile" << std::endl; }