iso24727crypto.hpp

Go to the documentation of this file.

#pragma once
 
#include <cstdint>
#include <logicalaccess/plugins/crypto/lla_crypto_api.hpp>
#include <logicalaccess/plugins/crypto/symmetric_cipher.hpp>
#include <logicalaccess/plugins/crypto/sha.hpp>
#include <logicalaccess/lla_fwd.hpp>
#include <string>
#include <vector>
 
namespace logicalaccess
{
class LLA_CRYPTO_API ISO24727Crypto
{
  public:
    explicit ISO24727Crypto(const std::string &cipher = "3des",
                            const std::string &hash   = "sha1");
 
    ByteVector step1(const ByteVector &random_icc, ByteVector random_ifd = {},
                     ByteVector random_k_ifd = {});
 
    bool step2(const ByteVector &auth_response);
 
    bool secureMode() const;
 
    ByteVector encrypt_apdu(const ByteVector &apdu);
 
    ByteVector decrypt_rapdu(const ByteVector &rapdu);
 
    ByteVector encrypt_apdu(std::shared_ptr<openssl::SymmetricCipher> cipher,
                            const ByteVector &apdu, const ByteVector &ks_enc,
                            const ByteVector &ks_mac, const ByteVector &ssc);
 
    ByteVector decrypt_rapdu(std::shared_ptr<openssl::SymmetricCipher> cipher,
                             const ByteVector &rapdu, const ByteVector &ks_enc,
                             const ByteVector &ks_mac, const ByteVector &ssc);
 
    ByteVector get_session_enc_key() const;
    ByteVector get_session_mac_key() const;
    ByteVector get_send_session_counter() const;
 
    virtual ByteVector auth_pad(const ByteVector &data);
 
    virtual void compute_session_keys(const ByteVector &k_icc,
                                      const ByteVector &random_icc) = 0;
 
    virtual ByteVector compute_mac(std::shared_ptr<openssl::SymmetricCipher> cipher,
                                   const ByteVector &in, const ByteVector &k_mac,
                                   const ByteVector &iv  = {},
                                   const ByteVector &scc = {}) = 0;
 
    virtual void reset();
 
    std::shared_ptr<openssl::SymmetricCipher> createCipher() const;
 
    static ByteVector pad(const ByteVector &in, unsigned int padlen = 8);
 
    static ByteVector unpad(const ByteVector &in);
 
    static ByteVector increment_ssc(const ByteVector &in);
 
    static ByteVector hash_data(const ByteVector &data,
                                const std::string hash_algo = "sha1");
 
 
    ByteVector k_enc_;
    ByteVector k_mac_;
 
  protected:
    std::string cipher_;
    std::string hash_;
    ByteVector random_ifd_;
    ByteVector random_k_ifd_;
 
    bool step2_success_;
 
    ByteVector S_enc_;
    ByteVector S_mac_;
    ByteVector S_send_counter_;
};
}