void Secp256k1PP::decrypt(Secret const& _k, bytes& io_text) { CryptoPP::ECIES<CryptoPP::ECP>::Decryptor d; initializeDLScheme(_k, d); if (!io_text.size()) { io_text.resize(1); io_text[0] = 0; } size_t clen = io_text.size(); bytes plain; plain.resize(d.MaxPlaintextLength(io_text.size())); DecodingResult r; { Guard l(x_rng); r = d.Decrypt(m_rng, io_text.data(), clen, plain.data()); } if (!r.isValidCoding) { io_text.clear(); return; } io_text.resize(r.messageLength); io_text = std::move(plain); }
static void pushLocation(bytes& o_code, uint32_t _locationValue) { o_code.push_back((byte)Instruction::PUSH4); o_code.resize(o_code.size() + 4); bytesRef r(&o_code[o_code.size() - 4], 4); toBigEndian(_locationValue, r); }
void Secp256k1PP::encryptECIES(Public const& _k, bytesConstRef _sharedMacData, bytes& io_cipher) { // interop w/go ecies implementation auto r = KeyPair::create(); Secret z; ecdh::agree(r.sec(), _k, z); auto key = eciesKDF(z, bytes(), 32); bytesConstRef eKey = bytesConstRef(&key).cropped(0, 16); bytesRef mKeyMaterial = bytesRef(&key).cropped(16, 16); CryptoPP::SHA256 ctx; ctx.Update(mKeyMaterial.data(), mKeyMaterial.size()); bytes mKey(32); ctx.Final(mKey.data()); bytes cipherText = encryptSymNoAuth(SecureFixedHash<16>(eKey), h128(), bytesConstRef(&io_cipher)); if (cipherText.empty()) return; bytes msg(1 + Public::size + h128::size + cipherText.size() + 32); msg[0] = 0x04; r.pub().ref().copyTo(bytesRef(&msg).cropped(1, Public::size)); bytesRef msgCipherRef = bytesRef(&msg).cropped(1 + Public::size + h128::size, cipherText.size()); bytesConstRef(&cipherText).copyTo(msgCipherRef); // tag message CryptoPP::HMAC<SHA256> hmacctx(mKey.data(), mKey.size()); bytesConstRef cipherWithIV = bytesRef(&msg).cropped(1 + Public::size, h128::size + cipherText.size()); hmacctx.Update(cipherWithIV.data(), cipherWithIV.size()); hmacctx.Update(_sharedMacData.data(), _sharedMacData.size()); hmacctx.Final(msg.data() + 1 + Public::size + cipherWithIV.size()); io_cipher.resize(msg.size()); io_cipher.swap(msg); }
void Secp256k1PP::decrypt(Secret const& _k, bytes& io_text) { auto& ctx = Secp256k1PPCtx::get(); #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wdeprecated-declarations" #pragma clang diagnostic push #pragma clang diagnostic ignored "-Wdeprecated-declarations" CryptoPP::ECIES<CryptoPP::ECP>::Decryptor d; #pragma GCC diagnostic pop #pragma clang diagnostic pop { Guard l(ctx.x_params); d.AccessKey().Initialize(ctx.m_params, secretToExponent(_k)); } if (!io_text.size()) { io_text.resize(1); io_text[0] = 0; } size_t clen = io_text.size(); bytes plain; plain.resize(d.MaxPlaintextLength(io_text.size())); CryptoPP::DecodingResult r; { Guard l(ctx.x_rng); r = d.Decrypt(ctx.m_rng, io_text.data(), clen, plain.data()); } if (!r.isValidCoding) { io_text.clear(); return; } io_text.resize(r.messageLength); io_text = std::move(plain); }
static unsigned pushLiteral(bytes& o_code, u256 _literalValue) { unsigned br = max<unsigned>(1, bytesRequired(_literalValue)); o_code.push_back((byte)Instruction::PUSH1 + br - 1); o_code.resize(o_code.size() + br); for (unsigned i = 0; i < br; ++i) { o_code[o_code.size() - 1 - i] = (byte)(_literalValue & 0xff); _literalValue >>= 8; } return br + 1; }
bool Secp256k1PP::decryptECIES(Secret const& _k, bytesConstRef _sharedMacData, bytes& io_text) { // interop w/go ecies implementation // io_cipher[0] must be 2, 3, or 4, else invalidpublickey if (io_text.empty() || io_text[0] < 2 || io_text[0] > 4) // invalid message: publickey return false; if (io_text.size() < (1 + Public::size + h128::size + 1 + h256::size)) // invalid message: length return false; Secret z; if (!ecdh::agree(_k, *(Public*)(io_text.data() + 1), z)) return false; // Invalid pubkey or seckey. auto key = ecies::kdf(z, bytes(), 64); bytesConstRef eKey = bytesConstRef(&key).cropped(0, 16); bytesRef mKeyMaterial = bytesRef(&key).cropped(16, 16); bytes mKey(32); CryptoPP::SHA256 ctx; ctx.Update(mKeyMaterial.data(), mKeyMaterial.size()); ctx.Final(mKey.data()); bytes plain; size_t cipherLen = io_text.size() - 1 - Public::size - h128::size - h256::size; bytesConstRef cipherWithIV(io_text.data() + 1 + Public::size, h128::size + cipherLen); bytesConstRef cipherIV = cipherWithIV.cropped(0, h128::size); bytesConstRef cipherNoIV = cipherWithIV.cropped(h128::size, cipherLen); bytesConstRef msgMac(cipherNoIV.data() + cipherLen, h256::size); h128 iv(cipherIV.toBytes()); // verify tag CryptoPP::HMAC<CryptoPP::SHA256> hmacctx(mKey.data(), mKey.size()); hmacctx.Update(cipherWithIV.data(), cipherWithIV.size()); hmacctx.Update(_sharedMacData.data(), _sharedMacData.size()); h256 mac; hmacctx.Final(mac.data()); for (unsigned i = 0; i < h256::size; i++) if (mac[i] != msgMac[i]) return false; plain = decryptSymNoAuth(SecureFixedHash<16>(eKey), iv, cipherNoIV).makeInsecure(); io_text.resize(plain.size()); io_text.swap(plain); return true; }
bytes unpadded(bytes _b) { auto p = asString(_b).find_last_not_of((char)0); _b.resize(p == string::npos ? 0 : (p + 1)); return _b; }
bytes paddedRight(bytes _b, unsigned _l) { _b.resize(_l); return _b; }