Data Structures
class	ZtPolicyEngine
	Implements policy enforcement for Zero Trust security in NS-3 simulations. More...

class	ZtTlsHandshake
	Simulates a Zero Trust-based TLS handshake mechanism between NS-3 nodes. More...

Functions
std::string	EncryptPayload (const std::string &data, const byte *key, std::string &ivOut)
	Encrypts a plaintext string using AES-CBC mode with a randomly generated IV.

std::string	DecryptPayload (const std::string &cipher, const byte *key)
	Decrypts a ciphertext string encrypted with EncryptPayload.

SecByteBlock	HexDecodeKey (const std::string &hex)
	Decodes a hex-encoded AES key string into a raw key byte block.

std::vector< CryptoPP::byte >	HexToBytes (const std::string &hex)
	Converts a hexadecimal string into a byte vector.

std::string	EncryptPayload (const std::string &data, const CryptoPP::byte *key, std::string &ivOut)
	Encrypts the given plaintext using AES-CBC with a randomly generated IV.

std::string	DecryptPayload (const std::string &cipher, const CryptoPP::byte *key)
	Decrypts the given ciphertext using AES-CBC.

	NS_LOG_COMPONENT_DEFINE ("ZtPolicyEngine")

	NS_LOG_COMPONENT_DEFINE ("ZtTlsHandshake")

Function Documentation

◆ DecryptPayload() [1/2]

std::string ns3::DecryptPayload	(	const std::string &	cipher,
		const byte *	key
	)

Decrypts a ciphertext string encrypted with EncryptPayload.

Parameters

cipher	The ciphertext with the IV prepended.
key	The AES key used for decryption.

Returns: The decrypted plaintext string.

Definition at line 48 of file zt-encryption-utils.cc.

                                                                   {
  std::string iv = cipher.substr(0, AES::BLOCKSIZE);
  std::string actualCipher = cipher.substr(AES::BLOCKSIZE);
 
  std::string recovered;
  CBC_Mode<AES>::Decryption dec;
  dec.SetKeyWithIV(key, AES::DEFAULT_KEYLENGTH, (const byte*)iv.data());
 
  StringSource(actualCipher, true,
    new StreamTransformationFilter(dec,
      new StringSink(recovered)
    )
  );
 
  return recovered;
}

Here is the caller graph for this function:

◆ DecryptPayload() [2/2]

std::string ns3::DecryptPayload	(	const std::string &	cipher,
		const CryptoPP::byte *	key
	)

Decrypts the given ciphertext using AES-CBC.

Parameters

cipher	The ciphertext with the IV prepended.
key	Pointer to the AES key used for decryption.

Returns: The recovered plaintext string.

◆ EncryptPayload() [1/2]

std::string ns3::EncryptPayload	(	const std::string &	data,
		const byte *	key,
		std::string &	ivOut
	)

Encrypts a plaintext string using AES-CBC mode with a randomly generated IV.

Parameters

data	The plaintext data to encrypt.
key	The AES key used for encryption.
ivOut	Reference to store the generated IV.

Returns: The resulting ciphertext with the IV prepended.

Definition at line 22 of file zt-encryption-utils.cc.

                                                                                   {
  AutoSeededRandomPool prng;
  byte iv[AES::BLOCKSIZE];
  prng.GenerateBlock(iv, sizeof(iv));
  ivOut.assign((char*)iv, AES::BLOCKSIZE);
 
  std::string cipher;
  CBC_Mode<AES>::Encryption enc;
  enc.SetKeyWithIV(key, AES::DEFAULT_KEYLENGTH, iv);
 
  StringSource(data, true,
    new StreamTransformationFilter(enc,
      new StringSink(cipher)
    )
  );
 
  return ivOut + cipher;  // prepend IV to ciphertext
}

Here is the caller graph for this function:

◆ EncryptPayload() [2/2]

std::string ns3::EncryptPayload	(	const std::string &	data,
		const CryptoPP::byte *	key,
		std::string &	ivOut
	)

Encrypts the given plaintext using AES-CBC with a randomly generated IV.

Parameters

data	The plaintext to encrypt.
key	Pointer to the AES key used for encryption.
ivOut	Reference to store the generated IV used during encryption.

Returns: The ciphertext with the IV prepended.

◆ HexDecodeKey()

CryptoPP::SecByteBlock ns3::HexDecodeKey ( const std::string & hex )

Decodes a hex-encoded AES key string into a raw key byte block.

Converts a hexadecimal string into a raw AES key.

Parameters

hex	Hexadecimal string representing the AES key.

Returns: A Crypto++ SecByteBlock containing the decoded key.

Parameters

hex	The hex-encoded AES key string.

Returns: A CryptoPP SecByteBlock representing the decoded key.

Definition at line 71 of file zt-encryption-utils.cc.

                                                {
  SecByteBlock key(AES::DEFAULT_KEYLENGTH);
  StringSource(hex, true,
    new HexDecoder(new ArraySink(key, key.size())));
  return key;
}

Here is the caller graph for this function:

◆ HexToBytes()

std::vector< CryptoPP::byte > ns3::HexToBytes ( const std::string & hex )

Converts a hexadecimal string into a byte vector.

Parameters

hex	The hexadecimal string to convert.

Returns: A vector of bytes corresponding to the decoded hex string.

Parameters

hex	The hex string to convert.

Returns: A vector of bytes decoded from the hexadecimal input.

Definition at line 84 of file zt-encryption-utils.cc.

                                                         {
  std::string decoded;
  CryptoPP::StringSource(hex, true,
    new CryptoPP::HexDecoder(
      new CryptoPP::StringSink(decoded)
    )
  );
 
  return std::vector<CryptoPP::byte>(decoded.begin(), decoded.end());
}

Here is the caller graph for this function:

◆ NS_LOG_COMPONENT_DEFINE() [1/2]

ns3::NS_LOG_COMPONENT_DEFINE ( "ZtPolicyEngine" )

◆ NS_LOG_COMPONENT_DEFINE() [2/2]

ns3::NS_LOG_COMPONENT_DEFINE ( "ZtTlsHandshake" )

Data Structures

Functions

Function Documentation

◆ DecryptPayload() [1/2]

◆ DecryptPayload() [2/2]

◆ EncryptPayload() [1/2]

◆ EncryptPayload() [2/2]

◆ HexDecodeKey()

◆ HexToBytes()

◆ NS_LOG_COMPONENT_DEFINE() [1/2]

◆ NS_LOG_COMPONENT_DEFINE() [2/2]