diff --git a/src/core/libs/osnma_msg_receiver.cc b/src/core/libs/osnma_msg_receiver.cc index d62214848..75029e95c 100644 --- a/src/core/libs/osnma_msg_receiver.cc +++ b/src/core/libs/osnma_msg_receiver.cc @@ -46,6 +46,7 @@ namespace wht = std; #endif #if USE_OPENSSL_FALLBACK +#include #if USE_OPENSSL_3 #include #define OPENSSL_ENGINE NULL @@ -659,6 +660,90 @@ std::vector osnma_msg_receiver::computeSHA3_256(const std::vector osnma_msg_receiver::computeHMAC_SHA_256(const std::vector& key, const std::vector& input) +{ + std::vector output(32); +#if USE_OPENSSL_FALLBACK +#if USE_OPENSSL_3 + std::vector hmac(SHA256_DIGEST_LENGTH); // HMAC-SHA256 output size + + // Create HMAC context + EVP_MD_CTX* ctx = EVP_MD_CTX_new(); + HMAC_CTX_reset(ctx); + + // Initialize HMAC context with the key and HMAC algorithm + HMAC_Init_ex(ctx, key.data(), key.size(), EVP_sha256(), nullptr); + + // Update HMAC context with the message + HMAC_Update(ctx, input.data(), input.size()); + + // Finalize HMAC computation and obtain the result + unsigned int hmacLen; + HMAC_Final(ctx, hmac.data(), &hmacLen); + + // Clean up HMAC context + EVP_MD_CTX_free(ctx); + + // Resize the HMAC vector to the actual length + hmac.resize(hmacLen); + output = hmac; +#else + std::vector hmac(SHA256_DIGEST_LENGTH); + // Create HMAC context + HMAC_CTX* ctx = HMAC_CTX_new(); + HMAC_Init_ex(ctx, key.data(), key.size(), EVP_sha256(), nullptr); + + // Update HMAC context with the message + HMAC_Update(ctx, input.data(), input.size()); + + // Finalize HMAC computation + unsigned int hmacLen; + HMAC_Final(ctx, hmac.data(), &hmacLen); + + // Clean up HMAC context + HMAC_CTX_free(ctx); + + // Resize the HMAC vector to the actual length + hmac.resize(hmacLen); + + output = hmac; +#endif +#else + std::vector output_aux(32); + gnutls_hmac_hd_t hmac; + gnutls_hmac_init(&hmac, GNUTLS_MAC_SHA256, key.data(), key.size()); + gnutls_hmac(hmac, input.data(), input.size()); + gnutls_hmac_output(hmac, output_aux.data()); + output = output_aux; + gnutls_hmac_deinit(hmac, output_aux.data()); + +#endif + return output; +} + + +std::vector osnma_msg_receiver::computeCMAC_AES(const std::vector& key, const std::vector& input) +{ + std::vector output(16); +#if USE_OPENSSL_FALLBACK +#if USE_OPENSSL_3 +#else +#endif +#else + gnutls_cipher_hd_t cipher; + std::vector mac(16); + std::vector message = input; + gnutls_datum_t key_data = {const_cast(key.data()), static_cast(key.size())}; + gnutls_cipher_init(&cipher, GNUTLS_CIPHER_AES_128_CBC, &key_data, nullptr); + gnutls_cipher_set_iv(cipher, nullptr, 16); // Set IV to zero + gnutls_cipher_encrypt(cipher, message.data(), message.size()); // Encrypt the message with AES-128 + gnutls_cipher_tag(cipher, mac.data(), mac.size()); // Get the CMAC-AES tag + output = mac; + gnutls_cipher_deinit(cipher); +#endif + return output; +} + // bool signature(const std::vector& publicKey, const std::vector& digest, std::vector& signature) // { // bool success = false; diff --git a/src/core/libs/osnma_msg_receiver.h b/src/core/libs/osnma_msg_receiver.h index beb33f50b..0a182f216 100644 --- a/src/core/libs/osnma_msg_receiver.h +++ b/src/core/libs/osnma_msg_receiver.h @@ -71,6 +71,8 @@ private: std::vector computeSHA256(const std::vector& input); std::vector computeSHA3_256(const std::vector& input); + std::vector computeHMAC_SHA_256(const std::vector& key, const std::vector& input); + std::vector computeCMAC_AES(const std::vector& key, const std::vector& input); std::unique_ptr d_dsm_reader;