Adding Encryptor class to encrypt content and place in Data packets.
Change-Id: Ie77fd51b58091bbbb182ab9197a58a55b183654c
Refs: #3014
diff --git a/src/algo/aes.cpp b/src/algo/aes.cpp
index 07cb788..1bcb6b6 100644
--- a/src/algo/aes.cpp
+++ b/src/algo/aes.cpp
@@ -19,6 +19,7 @@
#include <ndn-cxx/encoding/buffer-stream.hpp>
#include "aes.hpp"
+#include "error.hpp"
namespace ndn {
namespace gep {
@@ -26,8 +27,14 @@
using namespace CryptoPP;
-Buffer
-crypt(CipherModeBase* cipher, const Buffer& data);
+static Buffer
+transform(CipherModeBase* cipher, const uint8_t* data, size_t dataLen)
+{
+ OBufferStream obuf;
+ StringSource pipe(data, dataLen, true,
+ new StreamTransformationFilter(*cipher, new FileSink(obuf)));
+ return *(obuf.buf());
+}
DecryptKey<Aes>
Aes::generateKey(RandomNumberGenerator& rng, AesKeyParams& params)
@@ -48,64 +55,51 @@
}
Buffer
-Aes::decrypt(const Buffer& keyBits, const Buffer& encryptedData, const EncryptParams& params)
+Aes::decrypt(const uint8_t* key, size_t keyLen,
+ const uint8_t* payload, size_t payloadLen,
+ const EncryptParams& params)
{
- switch (params.getEncryptMode()) {
- case ENCRYPT_MODE_ECB_AES:
- {
- ECB_Mode<AES>::Decryption ecbDecryption(keyBits.get(), keyBits.size());
- return crypt(&ecbDecryption, encryptedData);
+ switch (params.getAlgorithmType()) {
+ case tlv::AlgorithmAesEcb: {
+ ECB_Mode<AES>::Decryption ecbDecryption(key, keyLen);
+ return transform(&ecbDecryption, payload, payloadLen);
}
-
- case ENCRYPT_MODE_CBC_AES:
- {
- Buffer initVector = params.getIV();
+ case tlv::AlgorithmAesCbc: {
+ const Buffer& initVector = params.getIV();
if (initVector.size() != static_cast<size_t>(AES::BLOCKSIZE))
throw Error("incorrect initial vector size");
- CBC_Mode<AES>::Decryption cbcDecryption(keyBits.get(), keyBits.size(), initVector.get());
- return crypt(&cbcDecryption, encryptedData);
+ CBC_Mode<AES>::Decryption cbcDecryption(key, keyLen, initVector.get());
+ return transform(&cbcDecryption, payload, payloadLen);
}
-
- default:
- throw Error("unsupported encryption mode");
+ default:
+ throw Error("unsupported encryption mode");
}
}
Buffer
-Aes::encrypt(const Buffer& keyBits, const Buffer& plainData, const EncryptParams& params)
+Aes::encrypt(const uint8_t* key, size_t keyLen,
+ const uint8_t* payload, size_t payloadLen,
+ const EncryptParams& params)
{
- switch (params.getEncryptMode()) {
- case ENCRYPT_MODE_ECB_AES:
- {
- ECB_Mode<AES>::Encryption ecbEncryption(keyBits.get(), keyBits.size());
- return crypt(&ecbEncryption, plainData);
+ switch (params.getAlgorithmType()) {
+ case tlv::AlgorithmAesEcb: {
+ ECB_Mode<AES>::Encryption ecbEncryption(key, keyLen);
+ return transform(&ecbEncryption, payload, payloadLen);
}
-
- case ENCRYPT_MODE_CBC_AES:
- {
- Buffer initVector = params.getIV();
+ case tlv::AlgorithmAesCbc: {
+ const Buffer& initVector = params.getIV();
if (initVector.size() != static_cast<size_t>(AES::BLOCKSIZE))
throw Error("incorrect initial vector size");
- CBC_Mode<AES>::Encryption cbcEncryption(keyBits.get(), keyBits.size(), initVector.get());
- return crypt(&cbcEncryption, plainData);
+ CBC_Mode<AES>::Encryption cbcEncryption(key, keyLen, initVector.get());
+ return transform(&cbcEncryption, payload, payloadLen);
}
-
- default:
- throw Error("unsupported encryption mode");
+ default:
+ throw Error("unsupported encryption mode");
}
}
-Buffer
-crypt(CipherModeBase* cipher, const Buffer& data)
-{
- OBufferStream obuf;
- StringSource pipe(data.get(), data.size(), true,
- new StreamTransformationFilter(*cipher, new FileSink(obuf)));
- return *(obuf.buf());
-}
-
} // namespace algo
} // namespace gep
} // namespace ndn
diff --git a/src/algo/aes.hpp b/src/algo/aes.hpp
index 931b28d..657d6c0 100644
--- a/src/algo/aes.hpp
+++ b/src/algo/aes.hpp
@@ -24,7 +24,7 @@
#include "random-number-generator.hpp"
#include "algo/encrypt-params.hpp"
#include "decrypt-key.hpp"
-#include "error.hpp"
+
namespace ndn {
namespace gep {
@@ -40,10 +40,14 @@
deriveEncryptKey(const Buffer& keyBits);
static Buffer
- decrypt(const Buffer& keyBits, const Buffer& encryptedData, const EncryptParams& params);
+ decrypt(const uint8_t* key, size_t keyLen,
+ const uint8_t* payload, size_t payloadLen,
+ const EncryptParams& params);
static Buffer
- encrypt(const Buffer& keyBits, const Buffer& plainData, const EncryptParams& params);
+ encrypt(const uint8_t* key, size_t keyLen,
+ const uint8_t* payload, size_t payloadLen,
+ const EncryptParams& params);
};
typedef DecryptKey<Aes> AesEncryptKey;
diff --git a/src/algo/encrypt-params.cpp b/src/algo/encrypt-params.cpp
index 296cb22..1e7a3a0 100644
--- a/src/algo/encrypt-params.cpp
+++ b/src/algo/encrypt-params.cpp
@@ -24,9 +24,8 @@
namespace gep {
namespace algo {
-EncryptParams::EncryptParams(EncryptionMode encryptMode, PaddingScheme paddingScheme, uint8_t ivLength = 0)
- : m_encryptMode(encryptMode)
- , m_paddingScheme(paddingScheme)
+EncryptParams::EncryptParams(tlv::AlgorithmTypeValue algorithm, uint8_t ivLength)
+ : m_algo(algorithm)
{
if (ivLength != 0){
RandomNumberGenerator rng;
@@ -36,21 +35,15 @@
}
void
-EncryptParams::setIV(const Buffer& iv)
+EncryptParams::setIV(const uint8_t* iv, size_t ivLen)
{
- m_iv = iv;
+ m_iv = Buffer(iv, ivLen);
}
void
-EncryptParams::setEncryptMode(const EncryptionMode& encryptMode)
+EncryptParams::setAlgorithmType(tlv::AlgorithmTypeValue algorithm)
{
- m_encryptMode = encryptMode;
-}
-
-void
-EncryptParams::setPaddingScheme(const PaddingScheme& paddingScheme)
-{
- m_paddingScheme = paddingScheme;
+ m_algo = algorithm;
}
Buffer
@@ -59,18 +52,12 @@
return m_iv;
}
-EncryptionMode
-EncryptParams::getEncryptMode() const
+tlv::AlgorithmTypeValue
+EncryptParams::getAlgorithmType() const
{
- return m_encryptMode;
-}
-
-PaddingScheme
-EncryptParams::getPaddingScheme() const
-{
- return m_paddingScheme;
+ return m_algo;
}
} // namespace algo
} // namespace gep
-} // namespace ndn
\ No newline at end of file
+} // namespace ndn
diff --git a/src/algo/encrypt-params.hpp b/src/algo/encrypt-params.hpp
index 2be5d99..80b97a3 100644
--- a/src/algo/encrypt-params.hpp
+++ b/src/algo/encrypt-params.hpp
@@ -2,55 +2,31 @@
#define NDN_GEP_ENCRYPT_PARAMS_HPP
#include <ndn-cxx/encoding/buffer-stream.hpp>
+#include "tlv.hpp"
namespace ndn {
namespace gep {
-
-enum EncryptionMode {
- ENCRYPT_MODE_ECB_AES,
- ENCRYPT_MODE_CBC_AES,
- ENCRYPT_MODE_RSA
-};
-
-enum PaddingScheme {
- PADDING_SCHEME_PKCS7,
- PADDING_SCHEME_PKCS1v15,
- PADDING_SCHEME_OAEP_SHA
-};
-
namespace algo {
class EncryptParams
{
public:
- EncryptParams(EncryptionMode encryptMode, PaddingScheme paddingScheme, uint8_t ivLength);
-
- virtual
- ~EncryptParams()
- {
- }
+ EncryptParams(tlv::AlgorithmTypeValue algorithm, uint8_t ivLength = 0);
void
- setIV(const Buffer& iv);
+ setIV(const uint8_t* iv, size_t ivLen);
void
- setEncryptMode(const EncryptionMode& encryptMode);
-
- void
- setPaddingScheme(const PaddingScheme& paddingScheme);
+ setAlgorithmType(tlv::AlgorithmTypeValue algorithm);
Buffer
getIV() const;
- EncryptionMode
- getEncryptMode() const;
-
- PaddingScheme
- getPaddingScheme() const;
+ tlv::AlgorithmTypeValue
+ getAlgorithmType() const;
private:
- EncryptionMode m_encryptMode;
- PaddingScheme m_paddingScheme;
+ tlv::AlgorithmTypeValue m_algo;
Buffer m_iv;
};
diff --git a/src/algo/rsa.cpp b/src/algo/rsa.cpp
index 66361fb..f5fe848 100644
--- a/src/algo/rsa.cpp
+++ b/src/algo/rsa.cpp
@@ -19,6 +19,7 @@
#include <ndn-cxx/encoding/buffer-stream.hpp>
#include "rsa.hpp"
+#include "error.hpp"
namespace ndn {
namespace gep {
@@ -26,8 +27,15 @@
using namespace CryptoPP;
-Buffer
-crypt(SimpleProxyFilter* filter, const Buffer& data);
+static Buffer
+transform(SimpleProxyFilter* filter, const uint8_t* data, size_t dataLen)
+{
+ OBufferStream obuf;
+ filter->Attach(new FileSink(obuf));
+
+ StringSource pipe(data, dataLen, true, filter);
+ return *(obuf.buf());
+}
DecryptKey<Rsa>
Rsa::generateKey(RandomNumberGenerator& rng, RsaKeyParams& params)
@@ -61,75 +69,61 @@
}
Buffer
-Rsa::decrypt(const Buffer& keyBits, const Buffer& encryptedData, const EncryptParams& params)
+Rsa::decrypt(const uint8_t* key, size_t keyLen,
+ const uint8_t* payload, size_t payloadLen,
+ const EncryptParams& params)
{
AutoSeededRandomPool rng;
RSA::PrivateKey privateKey;
ByteQueue keyQueue;
- keyQueue.LazyPut(keyBits.data(), keyBits.size());
+ keyQueue.LazyPut(key, keyLen);
privateKey.Load(keyQueue);
- switch (params.getPaddingScheme()) {
- case PADDING_SCHEME_PKCS1v15:
- {
+ switch (params.getAlgorithmType()) {
+ case tlv::AlgorithmRsaPkcs: {
RSAES_PKCS1v15_Decryptor decryptor_pkcs1v15(privateKey);
PK_DecryptorFilter* filter_pkcs1v15 = new PK_DecryptorFilter(rng, decryptor_pkcs1v15);
- return crypt(filter_pkcs1v15, encryptedData);
+ return transform(filter_pkcs1v15, payload, payloadLen);
}
-
- case PADDING_SCHEME_OAEP_SHA:
- {
+ case tlv::AlgorithmRsaOaep: {
RSAES_OAEP_SHA_Decryptor decryptor_oaep_sha(privateKey);
PK_DecryptorFilter* filter_oaep_sha = new PK_DecryptorFilter(rng, decryptor_oaep_sha);
- return crypt(filter_oaep_sha, encryptedData);
+ return transform(filter_oaep_sha, payload, payloadLen);
}
-
- default:
- throw Error("unsupported padding scheme");
+ default:
+ throw Error("unsupported padding scheme");
}
}
Buffer
-Rsa::encrypt(const Buffer& keyBits, const Buffer& plainData, const EncryptParams& params)
+Rsa::encrypt(const uint8_t* key, size_t keyLen,
+ const uint8_t* payload, size_t payloadLen,
+ const EncryptParams& params)
{
AutoSeededRandomPool rng;
RSA::PublicKey publicKey;
ByteQueue keyQueue;
- keyQueue.LazyPut(keyBits.data(), keyBits.size());
+ keyQueue.LazyPut(key, keyLen);
publicKey.Load(keyQueue);
- switch (params.getPaddingScheme()) {
- case PADDING_SCHEME_PKCS1v15:
- {
+ switch (params.getAlgorithmType()) {
+ case tlv::AlgorithmRsaPkcs: {
RSAES_PKCS1v15_Encryptor encryptor_pkcs1v15(publicKey);
PK_EncryptorFilter* filter_pkcs1v15 = new PK_EncryptorFilter(rng, encryptor_pkcs1v15);
- return crypt(filter_pkcs1v15, plainData);
+ return transform(filter_pkcs1v15, payload, payloadLen);
}
-
- case PADDING_SCHEME_OAEP_SHA:
- {
+ case tlv::AlgorithmRsaOaep: {
RSAES_OAEP_SHA_Encryptor encryptor_oaep_sha(publicKey);
PK_EncryptorFilter* filter_oaep_sha = new PK_EncryptorFilter(rng, encryptor_oaep_sha);
- return crypt(filter_oaep_sha, plainData);
+ return transform(filter_oaep_sha, payload, payloadLen);
}
-
- default:
- throw Error("unsupported padding scheme");
+ default:
+ throw Error("unsupported padding scheme");
}
}
-Buffer
-crypt(SimpleProxyFilter* filter, const Buffer& data)
-{
- OBufferStream obuf;
- filter->Attach(new FileSink(obuf));
-
- StringSource pipe(data.get(), data.size(), true, filter);
- return *(obuf.buf());
-}
-
} // namespace algo
} // namespace gep
} // namespace ndn
diff --git a/src/algo/rsa.hpp b/src/algo/rsa.hpp
index 7d4567b..c1d3a8b 100644
--- a/src/algo/rsa.hpp
+++ b/src/algo/rsa.hpp
@@ -21,11 +21,9 @@
#define NDN_GEP_ALGO_RSA_HPP
#include <ndn-cxx/security/key-params.hpp>
-
#include "random-number-generator.hpp"
#include "algo/encrypt-params.hpp"
#include "decrypt-key.hpp"
-#include "error.hpp"
namespace ndn {
namespace gep {
@@ -41,10 +39,14 @@
deriveEncryptKey(const Buffer& keyBits);
static Buffer
- decrypt(const Buffer& keyBits, const Buffer& encryptedData, const EncryptParams& params);
+ decrypt(const uint8_t* key, size_t keyLen,
+ const uint8_t* payload, size_t payloadLen,
+ const EncryptParams& params);
static Buffer
- encrypt(const Buffer& keyBits, const Buffer& plainData, const EncryptParams& params);
+ encrypt(const uint8_t* key, size_t keyLen,
+ const uint8_t* payload, size_t payloadLen,
+ const EncryptParams& params);
};
typedef DecryptKey<Rsa> RsaPrivateKey;