Support for ECDH-SS
Put the static key where it can be found
Add code for support of routines
diff --git a/src/Recipient.c b/src/Recipient.c
index bcf8b9c..c57da40 100644
--- a/src/Recipient.c
+++ b/src/Recipient.c
@@ -302,6 +302,36 @@
break;
+ case COSE_Algorithm_ECDH_SS_HKDF_256:
+ if (!BuildContextBytes(&pcose->m_message, algIn, cbitKey, &pbContext, &cbContext, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
+
+ pkey = _COSE_map_get_int(&pcose->m_message, COSE_Header_ECDH_STATIC, COSE_BOTH, perr);
+ if (pkey == NULL) goto errorReturn;
+
+ CHECK_CONDITION(pRecip->m_pkey != NULL, COSE_ERR_INVALID_PARAMETER);
+ if (!ECDH_ComputeSecret(&pcose->m_message, (cn_cbor **)&pRecip->m_pkey, pkey, &pbSecret, &cbSecret, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
+
+ if (!HKDF_Extract(&pcose->m_message, pbSecret, cbSecret, 256, rgbDigest, &cbDigest, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
+
+ if (!HKDF_Expand(&pcose->m_message, 256, rgbDigest, cbDigest, pbContext, cbContext, pbKey, cbitKey / 8, perr)) goto errorReturn;
+
+ break;
+
+ case COSE_Algorithm_ECDH_SS_HKDF_512:
+ if (!BuildContextBytes(&pcose->m_message, algIn, cbitKey, &pbContext, &cbContext, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
+
+ pkey = _COSE_map_get_int(&pcose->m_message, COSE_Header_ECDH_STATIC, COSE_BOTH, perr);
+ if (pkey == NULL) goto errorReturn;
+
+ CHECK_CONDITION(pRecip->m_pkey != NULL, COSE_ERR_INVALID_PARAMETER);
+ if (!ECDH_ComputeSecret(&pcose->m_message, (cn_cbor **)&pRecip->m_pkey, pkey, &pbSecret, &cbSecret, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
+
+ if (!HKDF_Extract(&pcose->m_message, pbSecret, cbSecret, 512, rgbDigest, &cbDigest, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
+
+ if (!HKDF_Expand(&pcose->m_message, 512, rgbDigest, cbDigest, pbContext, cbContext, pbKey, cbitKey / 8, perr)) goto errorReturn;
+
+ break;
+
case COSE_Algorithm_ECDH_ES_A128KW:
if (!BuildContextBytes(&pcose->m_message, alg, 128, &pbContext, &cbContext, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
@@ -387,6 +417,8 @@
case COSE_Algorithm_Direct_HKDF_AES_256:
case COSE_Algorithm_ECDH_ES_HKDF_256:
case COSE_Algorithm_ECDH_ES_HKDF_512:
+ case COSE_Algorithm_ECDH_SS_HKDF_256:
+ case COSE_Algorithm_ECDH_SS_HKDF_512:
// This is a NOOP
cbitKey = 0;
CHECK_CONDITION(pRecipient->m_encrypt.m_recipientFirst == NULL, COSE_ERR_INVALID_PARAMETER);
@@ -460,6 +492,8 @@
case COSE_Algorithm_Direct_HKDF_AES_256:
case COSE_Algorithm_ECDH_ES_HKDF_256:
case COSE_Algorithm_ECDH_ES_HKDF_512:
+ case COSE_Algorithm_ECDH_SS_HKDF_256:
+ case COSE_Algorithm_ECDH_SS_HKDF_512:
ptmp = cn_cbor_data_create(NULL, 0, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
CHECK_CONDITION_CBOR(ptmp != NULL, cbor_error);
CHECK_CONDITION_CBOR(_COSE_array_replace(&pRecipient->m_encrypt.m_message, ptmp, INDEX_BODY, CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error);
diff --git a/test/mac_test.c b/test/mac_test.c
index db13215..894e427 100644
--- a/test/mac_test.c
+++ b/test/mac_test.c
@@ -52,6 +52,8 @@
continue;
}
+ if (!SetAttributes((HCOSE)hRecip, cn_cbor_mapget_string(pRecipients, "unsent"), Attributes_Recipient_unsent)) goto failTest;
+
if (!COSE_Recipient_SetKey(hRecip, pkey, NULL)) {
fFail = true;
continue;
@@ -114,6 +116,7 @@
if (!SetAttributes((HCOSE) hMacObj, cn_cbor_mapget_string(pMac, "protected"), Attributes_MAC_protected)) goto returnError;
if (!SetAttributes((HCOSE) hMacObj, cn_cbor_mapget_string(pMac, "unprotected"), Attributes_MAC_unprotected)) goto returnError;
+ if (!SetAttributes((HCOSE)hMacObj, cn_cbor_mapget_string(pMac, "unsent"), Attributes_MAC_unsent)) goto returnError;
const cn_cbor * pAlg = COSE_Mac_map_get_int(hMacObj, 1, COSE_BOTH, NULL);
@@ -130,6 +133,7 @@
if (!SetAttributes((HCOSE) hRecip, cn_cbor_mapget_string(pRecipients, "protected"), Attributes_Recipient_protected)) goto returnError;
if (!SetAttributes((HCOSE) hRecip, cn_cbor_mapget_string(pRecipients, "unprotected"), Attributes_Recipient_unprotected)) goto returnError;
+ if (!SetAttributes((HCOSE) hRecip, cn_cbor_mapget_string(pRecipients, "unsent"), Attributes_Recipient_unsent)) goto returnError;
if (!COSE_Recipient_SetKey(hRecip, pkey, NULL))goto returnError;
