Security

Contents

• Security in general
• Hash functions
• RSA encryption and signatures
• AES encryption and decryption

Security in general

The security component of MIRA contains the following functions:

• Hash function (see Hash functions)
• RSA encryption and RSA signatures (see RSA encryption and signatures)
• AES encryption and decryption (see AES encryption and decryption)

Hash functions

MIRA implements a template based generic hash stream (see HashStream) and three standard hash streams (see MD5, SHA1 and SHA256).

To put data in a hash stream, the standard << operator can be used. To get the resulting hash value, the function getDigest has to be used.

Example:

MD5 md5Hash;
md5Hash << "Hello world.";
  
HashDigest digest = md5Hash.getDigest();
std::cout << "MD5: " << digest.toString() << std::endl;

RSA encryption and signatures

To create and handle RSA keys, the class RSAKey can be used.

RSA encryption

The implementation of the RSA encryption and decryption is based on the boost::iostreams.

Encryption of some data with a public key can be done like this:

RSAKey tPublicKey, tPrivateKey;
RSAKey::generateKey(1024, tPublicKey, tPrivateKey);

boost::iostreams::filtering_ostream tOut;
tOut.push(RSAPublicEncryptionFilter(tPublicKey));
tOut.push(boost::iostreams::file_sink("rsa.dat", std::ios::out | std::ios::binary));
tOut << "Hello_world!" << endl;

To decrypt the data with the private key, the following has to be done:

string tMsg;

boost::iostreams::filtering_istream tIn;
tIn.push(RSAPrivateDecryptionFilter(tPrivateKey));
tIn.push(boost::iostreams::file_source("rsa.dat", std::ios::in | std::ios::binary));
tIn >> tMsg;

std::cout << tMsg << std::endl;

RSA signatures

MIRA also supports signing and verifying messages using an RSA public/private key pair by means of the class RSASignature.

To sign a message, the method mira::RSASignature::signMessage has to be used.

To verify the integrity of a message signature, the function mira::RSASignature::verifyMessage can be used.

AES encryption and decryption

The implementation of the AES encryption and decryption is based on the boost::iostreams.

AES encryption example

Encryption of some data can be done like this:

AESConfiguration cfg;
cfg.bitLength = AES_256;
cfg.blockCipherMode = AES_CBC;
cfg.salt = "12345678";

boost::iostreams::filtering_ostream tOut;
tOut.push(AESEncryptionFilter(cfg, "Password"));
tOut.push(boost::iostreams::file_sink("aes.dat", std::ios::out | std::ios::binary));
tOut << "Hello_world!" << endl;

AES decryption example

To decrypt the data, the following has to be done:

string tMsg;

boost::iostreams::filtering_istream tIn;
tIn.push(AESDecryptionFilter(cfg, "Password"));
tIn.push(boost::iostreams::file_source("aes.dat", std::ios::in | std::ios::binary));
tIn >> tMsg;

std::cout << tMsg << std::endl;