port NAC to security v2
This commit is based on Lei Pi's commit, which changed certificate version from v1 to v2.
The later changes fix some bugs and refactor algo part of the library to get rid of cryptopp.
Change-Id: I3be7e0341fe85ee69f1b5f1c3ed7421a6c61d0b5
diff --git a/src/algo/aes.cpp b/src/algo/aes.cpp
index 6a7d2e0..c71946b 100644
--- a/src/algo/aes.cpp
+++ b/src/algo/aes.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2014-2015, Regents of the University of California
+ * Copyright (c) 2014-2018, Regents of the University of California
*
* This file is part of gep (Group-based Encryption Protocol for NDN).
* See AUTHORS.md for complete list of gep authors and contributors.
@@ -17,32 +17,27 @@
* gep, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
*/
-#include <ndn-cxx/encoding/buffer-stream.hpp>
#include "aes.hpp"
#include "error.hpp"
+#include <openssl/rand.h>
+#include <ndn-cxx/encoding/buffer-stream.hpp>
+#include <ndn-cxx/security/transform/buffer-source.hpp>
+#include <ndn-cxx/security/transform/stream-sink.hpp>
namespace ndn {
namespace gep {
namespace algo {
-using namespace CryptoPP;
-
-static Buffer
-transform(CipherModeBase* cipher, const uint8_t* data, size_t dataLen)
-{
- OBufferStream obuf;
- StringSource pipe(data, dataLen, true,
- new StreamTransformationFilter(*cipher, new FileSink(obuf)));
- return *(obuf.buf());
-}
-
DecryptKey<Aes>
-Aes::generateKey(RandomNumberGenerator& rng, AesKeyParams& params)
+Aes::generateKey(AesKeyParams& params)
{
- SecByteBlock key(0x00, params.getKeySize() >> 3); // Converting key bit-size to byte-size.
- rng.GenerateBlock(key.data(), key.size());
+ uint8_t key[32];
- DecryptKey<Aes> decryptKey(Buffer(key.data(), key.size()));
+ int result = RAND_bytes(key, sizeof(key));
+ if (result != 1) {
+ BOOST_THROW_EXCEPTION(Error("Cannot generate 32 bytes random AES key"));
+ }
+ DecryptKey<Aes> decryptKey(Buffer(key, sizeof(key)));
return decryptKey;
}
@@ -59,22 +54,19 @@
const uint8_t* payload, size_t payloadLen,
const EncryptParams& params)
{
- switch (params.getAlgorithmType()) {
- case tlv::AlgorithmAesEcb: {
- ECB_Mode<AES>::Decryption ecbDecryption(key, keyLen);
- return transform(&ecbDecryption, payload, payloadLen);
- }
- case tlv::AlgorithmAesCbc: {
- const Buffer& initVector = params.getIV();
- if (initVector.size() != static_cast<size_t>(AES::BLOCKSIZE))
- throw Error("incorrect initial vector size");
-
- CBC_Mode<AES>::Decryption cbcDecryption(key, keyLen, initVector.get());
- return transform(&cbcDecryption, payload, payloadLen);
- }
- default:
- throw Error("unsupported encryption mode");
+ if (params.getAlgorithmType() != tlv::AlgorithmAesCbc) {
+ BOOST_THROW_EXCEPTION(Error("unsupported AES decryption mode"));
}
+
+ const Buffer& initVector = params.getIV();
+ OBufferStream os;
+ security::transform::bufferSource(payload, payloadLen)
+ >> security::transform::blockCipher(BlockCipherAlgorithm::AES_CBC, CipherOperator::DECRYPT,
+ key, keyLen, initVector.data(), initVector.size())
+ >> security::transform::streamSink(os);
+
+ auto result = os.buf();
+ return *result;
}
Buffer
@@ -82,22 +74,20 @@
const uint8_t* payload, size_t payloadLen,
const EncryptParams& params)
{
- switch (params.getAlgorithmType()) {
- case tlv::AlgorithmAesEcb: {
- ECB_Mode<AES>::Encryption ecbEncryption(key, keyLen);
- return transform(&ecbEncryption, payload, payloadLen);
- }
- case tlv::AlgorithmAesCbc: {
- const Buffer& initVector = params.getIV();
- if (initVector.size() != static_cast<size_t>(AES::BLOCKSIZE))
- throw Error("incorrect initial vector size");
-
- CBC_Mode<AES>::Encryption cbcEncryption(key, keyLen, initVector.get());
- return transform(&cbcEncryption, payload, payloadLen);
- }
- default:
- throw Error("unsupported encryption mode");
+ if (params.getAlgorithmType() != tlv::AlgorithmAesCbc) {
+ BOOST_THROW_EXCEPTION(Error("unsupported AES decryption mode"));
}
+
+ const Buffer& initVector = params.getIV();
+ OBufferStream os;
+ security::transform::bufferSource(payload, payloadLen)
+ >> security::transform::blockCipher(BlockCipherAlgorithm::AES_CBC,
+ CipherOperator::ENCRYPT,
+ key, keyLen, initVector.data(), initVector.size())
+ >> security::transform::streamSink(os);
+
+ auto result = os.buf();
+ return *result;
}
} // namespace algo
diff --git a/src/algo/aes.hpp b/src/algo/aes.hpp
index e4363bf..d0fbabd 100644
--- a/src/algo/aes.hpp
+++ b/src/algo/aes.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2014-2015, Regents of the University of California
+ * Copyright (c) 2014-2018, Regents of the University of California
*
* This file is part of gep (Group-based Encryption Protocol for NDN).
* See AUTHORS.md for complete list of gep authors and contributors.
@@ -20,11 +20,11 @@
#ifndef NDN_GEP_ALGO_AES_HPP
#define NDN_GEP_ALGO_AES_HPP
-#include <ndn-cxx/security/key-params.hpp>
-#include "../random-number-generator.hpp"
+#include "common.hpp"
#include "encrypt-params.hpp"
#include "../decrypt-key.hpp"
-
+#include <ndn-cxx/security/transform/block-cipher.hpp>
+#include <ndn-cxx/security/key-params.hpp>
namespace ndn {
namespace gep {
@@ -34,7 +34,7 @@
{
public:
static DecryptKey<Aes>
- generateKey(RandomNumberGenerator& rng, AesKeyParams& params);
+ generateKey(AesKeyParams& params);
static EncryptKey<Aes>
deriveEncryptKey(const Buffer& keyBits);
@@ -57,4 +57,4 @@
} // namespace gep
} // namespace ndn
-#endif // NDN_GEP_ALGO_AES_ECB_HPP
+#endif // NDN_GEP_ALGO_AES_HPP
diff --git a/src/algo/encrypt-params.cpp b/src/algo/encrypt-params.cpp
index dd2afcf..91b5588 100644
--- a/src/algo/encrypt-params.cpp
+++ b/src/algo/encrypt-params.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2014-2015, Regents of the University of California
+ * Copyright (c) 2014-2018, Regents of the University of California
*
* This file is part of gep (Group-based Encryption Protocol for NDN).
* See AUTHORS.md for complete list of gep authors and contributors.
@@ -17,8 +17,9 @@
* gep, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
*/
-#include "../random-number-generator.hpp"
#include "encrypt-params.hpp"
+#include "error.hpp"
+#include <openssl/rand.h>
namespace ndn {
namespace gep {
@@ -27,10 +28,12 @@
EncryptParams::EncryptParams(tlv::AlgorithmTypeValue algorithm, uint8_t ivLength)
: m_algo(algorithm)
{
- if (ivLength != 0){
- RandomNumberGenerator rng;
+ if (ivLength != 0) {
m_iv.resize(ivLength);
- rng.GenerateBlock(m_iv.buf(), m_iv.size());
+ int result = RAND_bytes(m_iv.data(), m_iv.size());
+ if (result != 1) {
+ BOOST_THROW_EXCEPTION(Error("Cannot generate random IV"));
+ }
}
}
diff --git a/src/algo/encrypt-params.hpp b/src/algo/encrypt-params.hpp
index 0aa03b2..030f443 100644
--- a/src/algo/encrypt-params.hpp
+++ b/src/algo/encrypt-params.hpp
@@ -1,8 +1,27 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2014-2018, Regents of the University of California
+ *
+ * This file is part of gep (Group-based Encryption Protocol for NDN).
+ * See AUTHORS.md for complete list of gep authors and contributors.
+ *
+ * gep is free software: you can redistribute it and/or modify it under the terms
+ * of the GNU General Public License as published by the Free Software Foundation,
+ * either version 3 of the License, or (at your option) any later version.
+ *
+ * gep is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
+ * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+ * PURPOSE. See the GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * gep, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
+ */
+
#ifndef NDN_GEP_ENCRYPT_PARAMS_HPP
#define NDN_GEP_ENCRYPT_PARAMS_HPP
-#include <ndn-cxx/encoding/buffer-stream.hpp>
#include "../tlv.hpp"
+#include <ndn-cxx/encoding/buffer-stream.hpp>
namespace ndn {
namespace gep {
diff --git a/src/algo/encryptor.cpp b/src/algo/encryptor.cpp
index 68b0d82..c9f7745 100644
--- a/src/algo/encryptor.cpp
+++ b/src/algo/encryptor.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2014-2015, Regents of the University of California
+ * Copyright (c) 2014-2018, Regents of the University of California
*
* This file is part of ndn-group-encrypt (Group-based Encryption Protocol for NDN).
* See AUTHORS.md for complete list of ndn-group-encrypt authors and contributors.
@@ -18,19 +18,16 @@
*/
#include "encryptor.hpp"
-#include "../random-number-generator.hpp"
-#include "../encrypted-content.hpp"
#include "aes.hpp"
#include "rsa.hpp"
-
+#include "../encrypted-content.hpp"
#include "error.hpp"
+#include <openssl/rand.h>
namespace ndn {
namespace gep {
namespace algo {
-using namespace CryptoPP;
-
/**
* @brief Helper method for symmetric encryption
*
@@ -39,27 +36,28 @@
* @return An EncryptedContent
*/
static EncryptedContent
-encryptSymmetric(const uint8_t* payload, size_t payloadLen,
- const uint8_t* key, size_t keyLen,
- const Name& keyName, const EncryptParams& params)
+encryptSymmetric(const uint8_t* payload,
+ size_t payloadLen,
+ const uint8_t* key,
+ size_t keyLen,
+ const Name& keyName,
+ const EncryptParams& params)
{
tlv::AlgorithmTypeValue algType = params.getAlgorithmType();
const Buffer& iv = params.getIV();
KeyLocator keyLocator(keyName);
switch (algType) {
- case tlv::AlgorithmAesEcb: {
- const Buffer& encryptedPayload = Aes::encrypt(key, keyLen, payload, payloadLen, params);
- return EncryptedContent(algType, keyLocator, encryptedPayload.buf(), encryptedPayload.size(), iv.buf(), iv.size());
- }
case tlv::AlgorithmAesCbc: {
- BOOST_ASSERT(iv.size() == static_cast<size_t>(AES::BLOCKSIZE));
const Buffer& encryptedPayload = Aes::encrypt(key, keyLen, payload, payloadLen, params);
- return EncryptedContent(algType, keyLocator, encryptedPayload.buf(), encryptedPayload.size(), iv.buf(), iv.size());
+ return EncryptedContent(algType, keyLocator,
+ encryptedPayload.data(),
+ encryptedPayload.size(),
+ iv.data(), iv.size());
}
default: {
BOOST_ASSERT(false);
- throw algo::Error("Unsupported encryption method");
+ BOOST_THROW_EXCEPTION(algo::Error("Unsupported encryption method"));
}
}
}
@@ -75,7 +73,8 @@
static EncryptedContent
encryptAsymmetric(const uint8_t* payload, size_t payloadLen,
const uint8_t* key, size_t keyLen,
- const Name& keyName, const EncryptParams& params)
+ const Name& keyName,
+ const EncryptParams& params)
{
tlv::AlgorithmTypeValue algType = params.getAlgorithmType();
KeyLocator keyLocator(keyName);
@@ -83,12 +82,12 @@
switch (algType) {
case tlv::AlgorithmRsaPkcs:
case tlv::AlgorithmRsaOaep: {
- Buffer encryptedPayload = Rsa::encrypt(key, keyLen, payload, payloadLen, params);
- return EncryptedContent(algType, keyLocator, encryptedPayload.buf(), encryptedPayload.size());
+ Buffer encryptedPayload = Rsa::encrypt(key, keyLen, payload, payloadLen);
+ return EncryptedContent(algType, keyLocator, encryptedPayload.data(), encryptedPayload.size());
}
default: {
BOOST_ASSERT(false);
- throw algo::Error("Unsupported encryption method");
+ BOOST_THROW_EXCEPTION(algo::Error("Unsupported encryption method"));
}
}
}
@@ -101,39 +100,33 @@
Name dataName = data.getName();
dataName.append(NAME_COMPONENT_FOR).append(keyName);
data.setName(dataName);
- switch(params.getAlgorithmType()) {
+ switch (params.getAlgorithmType()) {
case tlv::AlgorithmAesCbc:
case tlv::AlgorithmAesEcb: {
- const EncryptedContent& content = encryptSymmetric(payload, payloadLen, key, keyLen, keyName, params);
+ const EncryptedContent& content =
+ encryptSymmetric(payload, payloadLen, key, keyLen, keyName, params);
data.setContent(content.wireEncode());
break;
}
case tlv::AlgorithmRsaPkcs:
case tlv::AlgorithmRsaOaep: {
- size_t maxPlaintextLength = 0;
- RSA::PublicKey publicKey;
- ByteQueue keyQueue;
-
- keyQueue.LazyPut(key, keyLen);
- publicKey.Load(keyQueue);
- RSAES_PKCS1v15_Encryptor enc(publicKey);
- maxPlaintextLength = enc.FixedMaxPlaintextLength();
-
- if (maxPlaintextLength < payloadLen) {
- RandomNumberGenerator rng;
- SecByteBlock nonceKey(0x00, 16); // 128 bits key.
- rng.GenerateBlock(nonceKey.data(), nonceKey.size());
+ if (payloadLen > keyLen - 11) {
+ uint8_t nonceKey[16];
+ int result = RAND_bytes(nonceKey, sizeof(nonceKey));
+ if (result != 1) {
+ BOOST_THROW_EXCEPTION(Error("Cannot generate 32 bytes random AES key"));
+ }
Name nonceKeyName(keyName);
nonceKeyName.append("nonce");
- EncryptParams symParams(tlv::AlgorithmAesCbc, AES::BLOCKSIZE);
+ EncryptParams symParams(tlv::AlgorithmAesCbc, 16);
const EncryptedContent& nonceContent =
- encryptSymmetric(payload, payloadLen, nonceKey.data(), nonceKey.size(), nonceKeyName, symParams);
+ encryptSymmetric(payload, payloadLen, nonceKey, sizeof(nonceKey), nonceKeyName, symParams);
const EncryptedContent& payloadContent =
- encryptAsymmetric(nonceKey.data(), nonceKey.size(), key, keyLen, keyName, params);
+ encryptAsymmetric(nonceKey, sizeof(nonceKey), key, keyLen, keyName, params);
Block content(tlv::Content);
content.push_back(payloadContent.wireEncode());
@@ -143,13 +136,14 @@
return;
}
else {
- const EncryptedContent& content = encryptAsymmetric(payload, payloadLen, key, keyLen, keyName, params);
+ const EncryptedContent& content =
+ encryptAsymmetric(payload, payloadLen, key, keyLen, keyName, params);
data.setContent(content.wireEncode());
return;
}
}
default:
- throw algo::Error("Unsupported encryption method");
+ BOOST_THROW_EXCEPTION(algo::Error("Unsupported encryption method"));
}
}
diff --git a/src/algo/encryptor.hpp b/src/algo/encryptor.hpp
index 04556b9..4dde07e 100644
--- a/src/algo/encryptor.hpp
+++ b/src/algo/encryptor.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2014-2015, Regents of the University of California
+ * Copyright (c) 2014-2018, Regents of the University of California
*
* This file is part of ndn-group-encrypt (Group-based Encryption Protocol for NDN).
* See AUTHORS.md for complete list of ndn-group-encrypt authors and contributors.
@@ -20,8 +20,8 @@
#ifndef NDN_ENCRYPTOR_HPP
#define NDN_ENCRYPTOR_HPP
-#include <ndn-cxx/data.hpp>
#include "encrypt-params.hpp"
+#include <ndn-cxx/data.hpp>
namespace ndn {
namespace gep {
@@ -39,8 +39,12 @@
* a nonce in the content of @p data.
*/
void
-encryptData(Data& data, const uint8_t* payload, size_t payloadLen,
- const Name& keyName, const uint8_t* key, size_t keyLen,
+encryptData(Data& data,
+ const uint8_t* payload,
+ size_t payloadLen,
+ const Name& keyName,
+ const uint8_t* key,
+ size_t keyLen,
const EncryptParams& params);
} // namespace algo
diff --git a/src/algo/error.hpp b/src/algo/error.hpp
index 4cb46b1..d9abdb2 100644
--- a/src/algo/error.hpp
+++ b/src/algo/error.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2014-2015, Regents of the University of California
+ * Copyright (c) 2014-2018, Regents of the University of California
*
* This file is part of gep (Group-based Encryption Protocol for NDN).
* See AUTHORS.md for complete list of gep authors and contributors.
diff --git a/src/algo/rsa.cpp b/src/algo/rsa.cpp
index f5fe848..85f4498 100644
--- a/src/algo/rsa.cpp
+++ b/src/algo/rsa.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2014-2015, Regents of the University of California
+ * Copyright (c) 2014-2018, Regents of the University of California
*
* This file is part of gep (Group-based Encryption Protocol for NDN).
* See AUTHORS.md for complete list of gep authors and contributors.
@@ -17,111 +17,66 @@
* gep, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
*/
-#include <ndn-cxx/encoding/buffer-stream.hpp>
#include "rsa.hpp"
#include "error.hpp"
+#include <ndn-cxx/encoding/buffer-stream.hpp>
+#include <ndn-cxx/security/transform/private-key.hpp>
+#include <ndn-cxx/security/transform/public-key.hpp>
namespace ndn {
namespace gep {
namespace algo {
-using namespace CryptoPP;
-
-static Buffer
-transform(SimpleProxyFilter* filter, const uint8_t* data, size_t dataLen)
-{
- OBufferStream obuf;
- filter->Attach(new FileSink(obuf));
-
- StringSource pipe(data, dataLen, true, filter);
- return *(obuf.buf());
-}
-
DecryptKey<Rsa>
-Rsa::generateKey(RandomNumberGenerator& rng, RsaKeyParams& params)
+Rsa::generateKey(RsaKeyParams& params)
{
- RSA::PrivateKey privateKey;
- privateKey.GenerateRandomWithKeySize(rng, params.getKeySize());
+ auto privateKey = security::transform::generatePrivateKey(params);
- OBufferStream obuf;
- privateKey.Save(FileSink(obuf).Ref());
+ OBufferStream os;
+ privateKey->savePkcs1(os);
- DecryptKey<Rsa> decryptKey(std::move(*obuf.buf()));
+ DecryptKey<Rsa> decryptKey(std::move(*os.buf()));
return decryptKey;
}
EncryptKey<Rsa>
Rsa::deriveEncryptKey(const Buffer& keyBits)
{
- RSA::PrivateKey privateKey;
+ security::transform::PrivateKey sKey;
+ sKey.loadPkcs1(keyBits.get<uint8_t>(), keyBits.size());
- ByteQueue keyQueue;
- keyQueue.LazyPut(keyBits.get(), keyBits.size());
- privateKey.Load(keyQueue);
+ ConstBufferPtr pKeyBits = sKey.derivePublicKey();
+ security::transform::PublicKey pKey;
+ pKey.loadPkcs8(pKeyBits->data(), pKeyBits->size());
- RSA::PublicKey publicKey(privateKey);
+ OBufferStream os;
+ pKey.savePkcs8(os);
- OBufferStream obuf;
- publicKey.Save(FileSink(obuf).Ref());
-
- EncryptKey<Rsa> encryptKey(std::move(*obuf.buf()));
+ EncryptKey<Rsa> encryptKey(std::move(*os.buf()));
return encryptKey;
}
Buffer
Rsa::decrypt(const uint8_t* key, size_t keyLen,
- const uint8_t* payload, size_t payloadLen,
- const EncryptParams& params)
+ const uint8_t* payload, size_t payloadLen)
{
- AutoSeededRandomPool rng;
- RSA::PrivateKey privateKey;
- ByteQueue keyQueue;
- keyQueue.LazyPut(key, keyLen);
- privateKey.Load(keyQueue);
+ security::transform::PrivateKey sKey;
+ sKey.loadPkcs1(key, keyLen);
- switch (params.getAlgorithmType()) {
- case tlv::AlgorithmRsaPkcs: {
- RSAES_PKCS1v15_Decryptor decryptor_pkcs1v15(privateKey);
- PK_DecryptorFilter* filter_pkcs1v15 = new PK_DecryptorFilter(rng, decryptor_pkcs1v15);
- return transform(filter_pkcs1v15, payload, payloadLen);
- }
- case tlv::AlgorithmRsaOaep: {
- RSAES_OAEP_SHA_Decryptor decryptor_oaep_sha(privateKey);
- PK_DecryptorFilter* filter_oaep_sha = new PK_DecryptorFilter(rng, decryptor_oaep_sha);
- return transform(filter_oaep_sha, payload, payloadLen);
- }
- default:
- throw Error("unsupported padding scheme");
- }
+ auto decrypted = sKey.decrypt(payload, payloadLen);
+ return *decrypted;
}
Buffer
Rsa::encrypt(const uint8_t* key, size_t keyLen,
- const uint8_t* payload, size_t payloadLen,
- const EncryptParams& params)
+ const uint8_t* payload, size_t payloadLen)
{
- AutoSeededRandomPool rng;
- RSA::PublicKey publicKey;
+ security::transform::PublicKey pKey;
+ pKey.loadPkcs8(key, keyLen);
- ByteQueue keyQueue;
- keyQueue.LazyPut(key, keyLen);
- publicKey.Load(keyQueue);
-
- switch (params.getAlgorithmType()) {
- case tlv::AlgorithmRsaPkcs: {
- RSAES_PKCS1v15_Encryptor encryptor_pkcs1v15(publicKey);
- PK_EncryptorFilter* filter_pkcs1v15 = new PK_EncryptorFilter(rng, encryptor_pkcs1v15);
- return transform(filter_pkcs1v15, payload, payloadLen);
- }
- case tlv::AlgorithmRsaOaep: {
- RSAES_OAEP_SHA_Encryptor encryptor_oaep_sha(publicKey);
- PK_EncryptorFilter* filter_oaep_sha = new PK_EncryptorFilter(rng, encryptor_oaep_sha);
- return transform(filter_oaep_sha, payload, payloadLen);
- }
- default:
- throw Error("unsupported padding scheme");
- }
+ auto cipherText = pKey.encrypt(payload, payloadLen);
+ return *cipherText;
}
} // namespace algo
diff --git a/src/algo/rsa.hpp b/src/algo/rsa.hpp
index 3e64688..db44474 100644
--- a/src/algo/rsa.hpp
+++ b/src/algo/rsa.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2014-2015, Regents of the University of California
+ * Copyright (c) 2014-2018, Regents of the University of California
*
* This file is part of gep (Group-based Encryption Protocol for NDN).
* See AUTHORS.md for complete list of gep authors and contributors.
@@ -20,10 +20,9 @@
#ifndef NDN_GEP_ALGO_RSA_HPP
#define NDN_GEP_ALGO_RSA_HPP
-#include <ndn-cxx/security/key-params.hpp>
-#include "../random-number-generator.hpp"
#include "encrypt-params.hpp"
#include "../decrypt-key.hpp"
+#include <ndn-cxx/security/key-params.hpp>
namespace ndn {
namespace gep {
@@ -33,20 +32,18 @@
{
public:
static DecryptKey<Rsa>
- generateKey(RandomNumberGenerator& rng, RsaKeyParams& params);
+ generateKey(RsaKeyParams& params);
static EncryptKey<Rsa>
deriveEncryptKey(const Buffer& keyBits);
static Buffer
decrypt(const uint8_t* key, size_t keyLen,
- const uint8_t* payload, size_t payloadLen,
- const EncryptParams& params);
+ const uint8_t* payload, size_t payloadLen);
static Buffer
encrypt(const uint8_t* key, size_t keyLen,
- const uint8_t* payload, size_t payloadLen,
- const EncryptParams& params);
+ const uint8_t* payload, size_t payloadLen);
};
typedef DecryptKey<Rsa> RsaPrivateKey;