AusweisApp2
SecureMessaging.h
gehe zur Dokumentation dieser Datei
1 
7 #pragma once
8 
10 #include "CommandApdu.h"
11 #include "pace/CipherMac.h"
12 #include "pace/SymmetricCipher.h"
13 #include "ResponseApdu.h"
14 
15 #include <QByteArray>
16 
17 
18 namespace governikus
19 {
20 
26  : public ASN1_OCTET_STRING {};
28 
29 
30 class SecureMessaging final
31 {
32  private:
33  SymmetricCipher mCipher;
34  CipherMac mCipherMac;
35  quint32 mSendSequenceCounter;
36 
37  QByteArray padToCipherBlockSize(const QByteArray& pData) const;
38  QByteArray unpadFromCipherBlockSize(const QByteArray& pData) const;
39  QByteArray createSecuredHeader(const CommandApdu& pCommandApdu) const;
40  QByteArray createMac(const QByteArray& pSecuredHeader, const QByteArray& pFormattedEncryptedData, const QByteArray& pSecuredLe);
41  int createNewLe(const QByteArray& pSecuredData, int pOldLe) const;
42  QByteArray getSendSequenceCounter() const;
43  QByteArray getEncryptedIv();
44 
45  QByteArray createSecuredLe(int pLe);
46 
47  public:
48  SecureMessaging(const QByteArray& pPaceAlgorithm, const QByteArray& pEncKey, const QByteArray& pMacKey);
49  ~SecureMessaging() = default;
50 
54  bool isInitialized();
55 
56  CommandApdu encrypt(const CommandApdu& pCommandApdu);
57 
63  ResponseApdu decrypt(const ResponseApdu& pEncryptedResponseApdu);
64 };
65 
66 } // namespace governikus
governikus::SM_PROTECTED_LE
Message part of the Secure Messaging command APDU containing the expected length.
Definition: SecureMessaging.h:26
governikus::CommandApdu
Definition: CommandApdu.h:16
governikus::CommandApdu::getP2
char getP2() const
Definition: CommandApdu.cpp:119
governikus::CommandApdu::EXTENDED_MAX_LE
static const int EXTENDED_MAX_LE
Definition: CommandApdu.h:25
DECLARE_ASN1_OBJECT
#define DECLARE_ASN1_OBJECT(name)
Definition: ASN1TemplateUtil.h:169
CipherMac.h
governikus::ResponseApdu
Definition: ResponseApdu.h:84
SecureMessagingResponse.h
governikus::SecureMessagingResponse::isInvalid
bool isInvalid() const
Is the message structure invalid, i.e.
Definition: SecureMessagingResponse.cpp:139
governikus::CommandApdu::getCLA
char getCLA() const
Definition: CommandApdu.cpp:101
governikus::SecureMessaging::SecureMessaging
SecureMessaging(const QByteArray &pPaceAlgorithm, const QByteArray &pEncKey, const QByteArray &pMacKey)
Definition: SecureMessaging.cpp:37
governikus::CommandApdu::getData
QByteArray getData() const
Definition: CommandApdu.cpp:180
governikus::SecureMessagingResponse::getSecuredStatusCode
StatusCode getSecuredStatusCode() const
Returns the processing status.
Definition: SecureMessagingResponse.cpp:110
governikus::SecureMessagingResponse::getSecuredStatusCodeBytes
QByteArray getSecuredStatusCodeBytes() const
Returns the processing status bytes.
Definition: SecureMessagingResponse.cpp:127
governikus::SymmetricCipher
Definition: SymmetricCipher.h:16
ASN1Util.h
governikus::SymmetricCipher::setIv
bool setIv(const QByteArray &pIv)
Sets the initialization vector.
Definition: SymmetricCipher.cpp:132
governikus::CipherMac::generate
QByteArray generate(const QByteArray &pMessage)
Generates the MAC of a message.
Definition: CipherMac.cpp:80
governikus::SecureMessaging::decrypt
ResponseApdu decrypt(const ResponseApdu &pEncryptedResponseApdu)
Decrypt given ResponseApdu.
Definition: SecureMessaging.cpp:202
governikus::SecureMessaging
Definition: SecureMessaging.h:31
governikus::SecureMessaging::~SecureMessaging
~SecureMessaging()=default
SymmetricCipher.h
governikus::SymmetricCipher::decrypt
QByteArray decrypt(const QByteArray &pEncryptedData)
Decrypts the message.
Definition: SymmetricCipher.cpp:153
governikus::Apdu::getBuffer
const QByteArray & getBuffer() const
Definition: Apdu.cpp:31
governikus::SecureMessagingResponse
Response APDU for Secure Messaging as defined in TR-03110-3.
Definition: SecureMessagingResponse.h:48
governikus::SecureMessagingResponse::getEncryptedData
QByteArray getEncryptedData() const
Returns the encrypted data without padding-content indicator.
Definition: SecureMessagingResponse.cpp:92
governikus::CommandApdu::getINS
char getINS() const
Definition: CommandApdu.cpp:107
CommandApdu.h
IMPLEMENT_ASN1_OBJECT
#define IMPLEMENT_ASN1_OBJECT(name)
Definition: ASN1TemplateUtil.h:144
governikus
Implementation of ActivationContext for Intent based activation on Android systems.
Definition: ActivationContext.h:15
governikus::CipherMac
Definition: CipherMac.h:16
governikus::SecureMessagingResponse::getEncryptedDataObjectEncoded
QByteArray getEncryptedDataObjectEncoded() const
Returns the encoded ASN.1 object containing the encrypted data.
Definition: SecureMessagingResponse.cpp:98
governikus::SecureMessagingResponse::getSecuredStatusCodeObjectEncoded
QByteArray getSecuredStatusCodeObjectEncoded() const
Returns the encoded ASN.1 object containing the processing status.
Definition: SecureMessagingResponse.cpp:133
governikus::Asn1OctetStringUtil::setValue
static void setValue(const QByteArray &pValue, ASN1_OCTET_STRING *pAsn1OctetString)
Definition: ASN1Util.cpp:59
ISO_LEADING_PAD_BYTE
const char ISO_LEADING_PAD_BYTE
Definition: SecureMessaging.cpp:20
ISO_PAD_BYTE
const char ISO_PAD_BYTE
Definition: SecureMessaging.cpp:21
governikus::CommandApdu::NO_LE
static const int NO_LE
Definition: CommandApdu.h:21
governikus::SecureMessagingResponse::getMac
QByteArray getMac() const
Returns the cryptographic checsum.
Definition: SecureMessagingResponse.cpp:104
governikus::SecureMessaging::isInitialized
bool isInitialized()
Returns true, if initialization succeeded, i.e.
Definition: SecureMessaging.cpp:47
governikus::encodeObject
QByteArray encodeObject(T *pObject)
Template function for encoding an OpenSSL type as DER encoded QByteArray.
Definition: ASN1TemplateUtil.h:69
governikus::SymmetricCipher::getBlockSize
int getBlockSize() const
Definition: SymmetricCipher.cpp:146
governikus::SymmetricCipher::encrypt
QByteArray encrypt(const QByteArray &pPlainData)
Encrypts the message.
Definition: SymmetricCipher.cpp:91
governikus::ResponseApdu::getReturnCode
StatusCode getReturnCode() const
Definition: ResponseApdu.cpp:52
ResponseApdu.h
governikus::CommandApdu::SHORT_MAX_LE
static const int SHORT_MAX_LE
Definition: CommandApdu.h:23
governikus::SecureMessaging::encrypt
CommandApdu encrypt(const CommandApdu &pCommandApdu)
Definition: SecureMessaging.cpp:89
governikus::CommandApdu::CLA_SECURE_MESSAGING
static const char CLA_SECURE_MESSAGING
Definition: CommandApdu.h:28
SecureMessaging.h
ASN1TemplateUtil.h
governikus::SymmetricCipher::isInitialized
bool isInitialized()
Returns true, if initialization succeeded, i.e.
Definition: SymmetricCipher.cpp:85
governikus::CommandApdu::getLe
int getLe() const
Definition: CommandApdu.cpp:153
governikus::CipherMac::isInitialized
bool isInitialized()
Returns true, if initialization succeeded, i.e.
Definition: CipherMac.cpp:74
governikus::CommandApdu::getP1
char getP1() const
Definition: CommandApdu.cpp:113