paulmataruso/open5gs
1
0
Fork 0
mirror of https://github.com/open5gs/open5gs.git synced 2025-11-03 21:43:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
open5gs/lib/crypt/ecc.h
Sukchan Lee 79d46be086 Introduced Subscription identifier de-concealing 
o Generate the private key as below.
   $ openssl genpkey -algorithm X25519 -out /etc/open5gs/hnet/curve25519-1.key
   $ openssl ecparam -name prime256v1 -genkey -conv_form compressed -out /etc/open5gs/hnet/secp256r1-2.key

 o The private and public keys can be viewed with the command.
   The public key is used when creating the SIM.
   $ openssl pkey -in /etc/open5gs/hnet/curve25519-1.key -text
   $ openssl ec -in /etc/open5gs/hnet/secp256r1-2.key -conv_form compressed -text

In ausf/udm.yaml

 hnet:
    o Home network public key identifier(PKI) value : 1
      Protection scheme identifier : ECIES scheme profile A
    - id: 1
      scheme: 1
      key: /etc/open5gs/hnet/curve25519-1.key

    o Home network public key identifier(PKI) value : 2
      Protection scheme identifier : ECIES scheme profile B
    - id: 2
      scheme: 2
      key: /etc/open5gs/hnet/secp256r1-2.key

    o Home network public key identifier(PKI) value : 3
      Protection scheme identifier : ECIES scheme profile A
    - id: 3
      scheme: 1
      key: /etc/open5gs/hnet/curve25519-1.key

    o Home network public key identifier(PKI) value : 4
      Protection scheme identifier : ECIES scheme profile B
    - id: 4
      scheme: 2
      key: /etc/open5gs/hnet/secp256r1-2.key

Related to #1779
2022-12-24 20:22:45 +09:00

91 lines
2.7 KiB
C
Raw Permalink Blame History

/* From https://github.com/jestan/easy-ecc */
#ifndef _EASY_ECC_H_
#define _EASY_ECC_H_
#include <stdint.h>
/* Curve selection options. */
#define secp128r1 16
#define secp192r1 24
#define secp256r1 32
#define secp384r1 48
#ifndef ECC_CURVE
#define ECC_CURVE secp256r1
#endif
#if (ECC_CURVE != secp128r1 && ECC_CURVE != secp192r1 && ECC_CURVE != secp256r1 && ECC_CURVE != secp384r1)
#error "Must define ECC_CURVE to one of the available curves"
#endif
#define ECC_BYTES ECC_CURVE
#ifdef __cplusplus
extern "C"
{
#endif
/* ecc_make_key() function.
Create a public/private key pair.
Outputs:
p_publicKey - Will be filled in with the public key.
p_privateKey - Will be filled in with the private key.
Returns 1 if the key pair was generated successfully, 0 if an error occurred.
*/
int ecc_make_key(uint8_t p_publicKey[ECC_BYTES+1], uint8_t p_privateKey[ECC_BYTES]);
/* ecdh_shared_secret() function.
Compute a shared secret given your secret key and someone else's public key.
Note: It is recommended that you hash the result of ecdh_shared_secret before using it for symmetric encryption or HMAC.
Inputs:
p_publicKey - The public key of the remote party.
p_privateKey - Your private key.
Outputs:
p_secret - Will be filled in with the shared secret value.
Returns 1 if the shared secret was generated successfully, 0 if an error occurred.
*/
int ecdh_shared_secret(const uint8_t p_publicKey[ECC_BYTES+1], const uint8_t p_privateKey[ECC_BYTES], uint8_t p_secret[ECC_BYTES]);
/* ecdsa_sign() function.
Generate an ECDSA signature for a given hash value.
Usage: Compute a hash of the data you wish to sign (SHA-2 is recommended) and pass it in to
this function along with your private key.
Inputs:
p_privateKey - Your private key.
p_hash - The message hash to sign.
Outputs:
p_signature - Will be filled in with the signature value.
Returns 1 if the signature generated successfully, 0 if an error occurred.
*/
int ecdsa_sign(const uint8_t p_privateKey[ECC_BYTES], const uint8_t p_hash[ECC_BYTES], uint8_t p_signature[ECC_BYTES*2]);
/* ecdsa_verify() function.
Verify an ECDSA signature.
Usage: Compute the hash of the signed data using the same hash as the signer and
pass it to this function along with the signer's public key and the signature values (r and s).
Inputs:
p_publicKey - The signer's public key
p_hash - The hash of the signed data.
p_signature - The signature value.
Returns 1 if the signature is valid, 0 if it is invalid.
*/
int ecdsa_verify(const uint8_t p_publicKey[ECC_BYTES+1], const uint8_t p_hash[ECC_BYTES], const uint8_t p_signature[ECC_BYTES*2]);
#ifdef __cplusplus
} /* end of extern "C" */
#endif
#endif /* _EASY_ECC_H_ */
Reference in New Issue View Git Blame Copy Permalink