Newer
Older
}
/**
* \brief Produce a new public/private key pair based on Elliptic Curve Digital Signature Algorithm (ECDSA) algorithm.
* This function should not be used by the ATS
* \param p_privateKey The new private key value
* \param p_publicKeyX The new public key value (x coordinate)
* \param p_publicKeyX The new public key value (y coordinate)
* \return true on success, false otherwise
fx_generateKeyPair_nistp256(out octetstring<UInt64> p_privateKey, out octetstring p_publicKeyX, out octetstring p_publicKeyY) return boolean;
*/
BOOLEAN fx__generateKeyPair__nistp256(
OCTETSTRING& p__privateKey,
OCTETSTRING& p__publicKeyX,
OCTETSTRING& p__publicKeyY,
OCTETSTRING& p__publicKeyCompressed,
INTEGER& p__compressedMode
) {
security_ecc k(ec_elliptic_curves::nist_p_256);
if (k.generate() != 0) {
p__privateKey = OCTETSTRING(0, nullptr);
p__publicKeyX = OCTETSTRING(0, nullptr);
p__publicKeyY = OCTETSTRING(0, nullptr);
p__publicKeyCompressed = OCTETSTRING(0, nullptr);
return FALSE;
}
// Sanity checks
if (k.private_key().lengthof() != 32) {
loggers::get_instance().error("fx__generateKeyPair__nistp256: Invalid private key size");
return FALSE;
}
if (k.public_key_x().lengthof() != 32) {
loggers::get_instance().error("fx__generateKeyPair__nistp256: Invalid public key X-coordonate size");
return FALSE;
}
if (k.public_key_y().lengthof() != 32) {
loggers::get_instance().error("fx__generateKeyPair__nistp256: Invalid public key Y-coordonate size");
return FALSE;
}
if (k.public_key_compressed().lengthof() != 32) {
loggers::get_instance().error("fx__generateKeyPair__nistp256: Invalid public compressed key size");
return FALSE;
}
p__privateKey = k.private_key();
p__publicKeyX = k.public_key_x();
p__publicKeyY = k.public_key_y();
p__publicKeyCompressed = k.public_key_compressed();
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
p__compressedMode = INTEGER((int)k.public_key_compressed_mode());
return TRUE;
}
/**
* \brief Produce a new public/private key pair based on Elliptic Curve Digital Signature Algorithm (ECDSA) algorithm.
* This function should not be used by the ATS
* \param p_privateKey The new private key value
* \param p_publicKeyX The new public key value (x coordinate)
* \param p_publicKeyX The new public key value (y coordinate)
* \return true on success, false otherwise
fx_generateKeyPair_nistp256(out octetstring<UInt64> p_privateKey, out octetstring p_publicKeyX, out octetstring p_publicKeyY) return boolean;
*/
BOOLEAN fx__generateKeyPair__brainpoolp256(
OCTETSTRING& p__privateKey,
OCTETSTRING& p__publicKeyX,
OCTETSTRING& p__publicKeyY,
OCTETSTRING& p__publicKeyCompressed,
INTEGER& p__compressedMode
) {
security_ecc k(ec_elliptic_curves::brainpool_p_256_r1);
if (k.generate() != 0) {
p__privateKey = OCTETSTRING(0, nullptr);
p__publicKeyX = OCTETSTRING(0, nullptr);
p__publicKeyY = OCTETSTRING(0, nullptr);
p__publicKeyCompressed = OCTETSTRING(0, nullptr);
return FALSE;
}
// Sanity checks
if (k.private_key().lengthof() != 32) {
loggers::get_instance().error("fx__generateKeyPair__brainpoolp256: Invalid private key size");
return FALSE;
}
if (k.public_key_x().lengthof() != 32) {
loggers::get_instance().error("fx__generateKeyPair__brainpoolp256: Invalid public key X-coordonate size");
return FALSE;
}
if (k.public_key_y().lengthof() != 32) {
loggers::get_instance().error("fx__generateKeyPair__brainpoolp256: Invalid public key Y-coordonate size");
return FALSE;
}
if (k.public_key_compressed().lengthof() != 32) {
loggers::get_instance().error("fx__generateKeyPair__brainpoolp256: Invalid public compressed key size");
return FALSE;
}
p__privateKey = k.private_key();
p__publicKeyX = k.public_key_x();
p__publicKeyY = k.public_key_y();
p__publicKeyCompressed = k.public_key_compressed();
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
p__compressedMode = INTEGER((int)k.public_key_compressed_mode());
return TRUE;
}
/**
* \brief Produce a new public/private key pair based on Elliptic Curve Digital Signature Algorithm (ECDSA) algorithm.
* This function should not be used by the ATS
* \param p_privateKey The new private key value
* \param p_publicKeyX The new public key value (x coordinate)
* \param p_publicKeyX The new public key value (y coordinate)
* \return true on success, false otherwise
fx_generateKeyPair_nistp256(out octetstring<UInt64> p_privateKey, out octetstring p_publicKeyX, out octetstring p_publicKeyY) return boolean;
*/
BOOLEAN fx__generateKeyPair__brainpoolp384(
OCTETSTRING& p__privateKey,
OCTETSTRING& p__publicKeyX,
OCTETSTRING& p__publicKeyY,
OCTETSTRING& p__publicKeyCompressed,
INTEGER& p__compressedMode
) {
security_ecc k(ec_elliptic_curves::brainpool_p_384_r1);
if (k.generate() != 0) {
p__privateKey = OCTETSTRING(0, nullptr);
p__publicKeyX = OCTETSTRING(0, nullptr);
p__publicKeyY = OCTETSTRING(0, nullptr);
p__publicKeyCompressed = OCTETSTRING(0, nullptr);
return FALSE;
}
// Sanity checks
if (k.private_key().lengthof() != 48) {
loggers::get_instance().error("fx__generateKeyPair__brainpoolp384: Invalid private key size");
return FALSE;
}
if (k.public_key_x().lengthof() != 48) {
loggers::get_instance().error("fx__generateKeyPair__brainpoolp384: Invalid public key X-coordonate size");
return FALSE;
}
if (k.public_key_y().lengthof() != 48) {
loggers::get_instance().error("fx__generateKeyPair__brainpoolp384: Invalid public key Y-coordonate size");
return FALSE;
}
if (k.public_key_compressed().lengthof() != 48) {
loggers::get_instance().error("fx__generateKeyPair__brainpoolp384: Invalid public compressed key size");
return FALSE;
}
p__privateKey = k.private_key();
p__publicKeyX = k.public_key_x();
p__publicKeyY = k.public_key_y();
p__publicKeyCompressed = k.public_key_compressed();
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
p__compressedMode = INTEGER((int)k.public_key_compressed_mode());
return TRUE;
}
// group encryption
// group certificatesLoader
/**
* \brief Load in memory cache the certificates available in the specified directory
* \param p_rootDirectory Root directory to access to the certificates identified by the certificate ID
* \param p_configId A configuration identifier
* @remark This method SHALL be call before any usage of certificates
* \return true on success, false otherwise
fx_loadCertificates(in charstring p_rootDirectory, in charstring p_configId) return boolean;
*/
BOOLEAN fx__loadCertificates(
const CHARSTRING& p__rootDirectory,
const CHARSTRING& p__configId
) {
loggers::get_instance().log(">>> fx__loadCertificates: '%s', '%s'", static_cast<const char*>(p__rootDirectory), static_cast<const char*>(p__configId));
std::string str(static_cast<const char*>(p__rootDirectory));
if (p__configId.lengthof() != 0) {
str += "/";
str += std::string(static_cast<const char*>(p__configId));
}
params params;
params.insert(std::pair<std::string, std::string>(std::string("sec_db_path"), str));
if (security_services::get_instance().setup(params) == -1) {
return FALSE;
}
return TRUE;
}
BOOLEAN fx__store__certificate(const CHARSTRING& p__cert__id, const OCTETSTRING& p__cert, const OCTETSTRING& p__private__key, const OCTETSTRING& p__public__key__x, const OCTETSTRING& p__public__key__y, const OCTETSTRING& p__public__key__compressed, const INTEGER& p__public__key__compressed__mode, const OCTETSTRING& p__hash, const OCTETSTRING& p__hash__256, const OCTETSTRING& p__hashid8, const OCTETSTRING& p__issuer, const OCTETSTRING_template& p__private__enc__key, const OCTETSTRING_template& p__public__enc__key__x, const OCTETSTRING_template& p__public__enc__key__y, const OCTETSTRING_template& p__public__enc__compressed__key, const INTEGER_template& p__public__enc__key__compressed__mode) {
loggers::get_instance().log(">>> fx__store__certificate: '%s'", static_cast<const char*>(p__cert__id));
int result;
if (!p__private__enc__key.is_omit()) {
const OCTETSTRING private_enc_key = p__private__enc__key.valueof();
const OCTETSTRING public_enc_key_x = p__public__enc__key__x.valueof();
const OCTETSTRING public_enc_key_y = p__public__enc__key__y.valueof();
result = security_services::get_instance().store_certificate(p__cert__id, p__cert, p__private__key, p__public__key__x, p__public__key__y, p__public__key__compressed, p__public__key__compressed__mode, p__hash, p__hash__256, p__hashid8, p__issuer, p__private__enc__key.valueof(), p__public__enc__key__x.valueof(), p__public__enc__key__y.valueof(), p__public__enc__compressed__key.valueof(), p__public__enc__key__compressed__mode.valueof());
result = security_services::get_instance().store_certificate(p__cert__id, p__cert, p__private__key, p__public__key__x, p__public__key__y, p__public__key__compressed, p__public__key__compressed__mode, p__hash, p__hash__256, p__hashid8, p__issuer, OCTETSTRING(0, nullptr), OCTETSTRING(0, nullptr), OCTETSTRING(0, nullptr), OCTETSTRING(0, nullptr), INTEGER(-1));
}
return (result == 0);
}
/**
* \brief Unload from memory cache the certificates
* \return true on success, false otherwise
*/
BOOLEAN fx__unloadCertificates(
) {
return TRUE;
}
/**
* \brief Read the specified certificate
* \param p_certificate_id the certificate identifier
* \param p_certificate the expected certificate
* \return true on success, false otherwise
*/
BOOLEAN fx__readCertificate(
const CHARSTRING& p__certificateId,
OCTETSTRING& p__certificate
) {
loggers::get_instance().log(">>> fx__readCertificate: '%s'", static_cast<const char*>(p__certificateId));
if (security_services::get_instance().read_certificate(p__certificateId, p__certificate) == -1) {
return FALSE;
}
return TRUE;
}
BOOLEAN fx__readCertificateFromDigest(
const OCTETSTRING& p__digest,
loggers::get_instance().log_msg(">>> fx__readCertificateFromDigest: ", p__digest);
if (security_services::get_instance().read_certificate_from_digest(p__digest, p__certificateId) == -1) {
return FALSE;
}
loggers::get_instance().log_msg("fx__readCertificateFromDigest: ", p__certificateId);
return TRUE;
}
BOOLEAN fx__readCertificateFromHashedId3(
const OCTETSTRING& p__digest,
CHARSTRING& p__certificateId
) {
loggers::get_instance().log_msg(">>> fx__readCertificateFromHashedId3: ", p__digest);
if (security_services::get_instance().read_certificate_from_hashed_id3(p__digest, p__certificateId) == -1) {
return FALSE;
}
loggers::get_instance().log_msg("fx__readCertificateFromHashedId3: ", p__certificateId);
return TRUE;
}
/**
* \brief Read the specified certificate digest
* \param p_certificate_id the certificate identifier
* \param p_digest the expected certificate
* \return true on success, false otherwise
*/
BOOLEAN fx__readCertificateDigest(
const CHARSTRING& p__certificateId,
OCTETSTRING& p__digest
) {
loggers::get_instance().log(">>> fx__readCertificateDigest: '%s'", static_cast<const char*>(p__certificateId));
if (security_services::get_instance().read_certificate_digest(p__certificateId, p__digest) == -1) {
return FALSE;
}
return TRUE;
}
/**
* \brief Read the whole-hash of the certificate
* \param p_certificate_id the certificate identifier
* \param p_hash the expected certificate
* \return true on success, false otherwise
*/
BOOLEAN fx__readCertificateHash(
const CHARSTRING& p__certificateId,
OCTETSTRING& p__hash
) {
loggers::get_instance().log(">>> fx__readCertificateHash: '%s'", static_cast<const char*>(p__certificateId));
if (security_services::get_instance().read_certificate_hash(p__certificateId, p__hash) == -1) {
return FALSE;
}
return TRUE;
}
/**
* \brief Read the whole-hash of the certificate using SHA 256
* \param p_certificate_id the certificate identifier
* \param p_hash the expected certificate
* \return true on success, false otherwise
*/
BOOLEAN fx__readCertificateHash256(
const CHARSTRING& p__certificateId,
OCTETSTRING& p__hash
) {
loggers::get_instance().log(">>> fx__readCertificateHash256: '%s'", static_cast<const char*>(p__certificateId));
if (security_services::get_instance().read_certificate_hash_sha_256(p__certificateId, p__hash) == -1) {
return FALSE;
}
return TRUE;
}
/**
* \brief Read the private keys for the specified certificate
* \param p_certificate_id the keys identifier
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
* \param p_signingPrivateKey the signing private key
* \return true on success, false otherwise
*/
BOOLEAN fx__readSigningKey(
const CHARSTRING& p__certificateId,
OCTETSTRING& p__signingPrivateKey
) {
loggers::get_instance().log(">>> fx__readSigningKey: '%s'", static_cast<const char*>(p__certificateId));
if (security_services::get_instance().read_private_key(p__certificateId, p__signingPrivateKey) == -1) {
return FALSE;
}
return TRUE;
}
/**
* \brief Read the private keys for the specified certificate
* \param p_keysId the keys identifier
* \param p_encryptPrivateKey the encrypt private key
* \return true on success, false otherwise
fx_readEncryptingKey(in charstring p_keysId, out Oct32 p_encryptingPrivateKey) return boolean;
*/
BOOLEAN fx__readEncryptingKey(
const CHARSTRING& p__certificateId,
OCTETSTRING& p__encryptingPrivateKey
) {
loggers::get_instance().log(">>> fx__readSigningKey: '%s'", static_cast<const char*>(p__certificateId));
if (security_services::get_instance().read_private_enc_key(p__certificateId, p__encryptingPrivateKey) == -1) {
return FALSE;
}
return TRUE;
}
// group geodesic
/* * \brief Check that given polygon doesn't have neither self-intersections nor holes.
* \param p_region Polygonal Region
* \return true on success, false otherwise
* @verdict Unchanged
fx_isValidPolygonalRegion(in PolygonalRegion p_region) return boolean;
*/
BOOLEAN fx__isValidPolygonalRegion(
const IEEE1609dot2BaseTypes::PolygonalRegion& p__region
) {
return TRUE;
}
/* * \brief Check if a polygonal region is inside another one
* \param p_parent The main polygonal region
* \param p_region The polygonal region to be included
* \return true on success, false otherwise
* @verdict Unchanged
fx_isPolygonalRegionInside(in PolygonalRegion p_parent, in PolygonalRegion p_region) return boolean;
*/
BOOLEAN fx__isPolygonalRegionInside(
const IEEE1609dot2BaseTypes::PolygonalRegion& p__parent,
const IEEE1609dot2BaseTypes::PolygonalRegion& p__region
) {
return TRUE;
}
/* * \brief Check that the location is inside a circular region
* \param p_region The circular region to consider
* \param p_location The device location
* \return true on success, false otherwise
* @verdict Unchanged
fx_isLocationInsideCircularRegion(in CircularRegion p_region, in ThreeDLocation p_location) return boolean;
*/
BOOLEAN fx__isLocationInsideCircularRegion(
const IEEE1609dot2BaseTypes::CircularRegion& p__region,
const IEEE1609dot2BaseTypes::ThreeDLocation& p__location
) {
return TRUE;
}
/* * \brief Check that the location is inside a rectangular region
* \param p_region The rectangular region to consider
* \param p_location The device location
* \return true on success, false otherwise
* @verdict Unchanged
fx_isLocationInsideRectangularRegion(in SequenceOfRectangularRegion p_region, in ThreeDLocation p_location) return boolean;
*/
BOOLEAN fx__isLocationInsideRectangularRegion(
const IEEE1609dot2BaseTypes::SequenceOfRectangularRegion& p__region,
const IEEE1609dot2BaseTypes::ThreeDLocation& p__location
) {
return TRUE;
}
/* * \brief Check that the location is inside a polygonal region
* \param p_region The polygonal region to consider
* \param p_location The device location
* \return true on success, false otherwise
* @verdict Unchanged
fx_isLocationInsidePolygonalRegion(in PolygonalRegion p_region, in ThreeDLocation p_location) return boolean;
*/
BOOLEAN fx__isLocationInsidePolygonalRegion(
const IEEE1609dot2BaseTypes::PolygonalRegion& p__region,
const IEEE1609dot2BaseTypes::ThreeDLocation& p__location
) {
return TRUE;
}
/* * \brief Check if the location is inside an identified region
* \param p_region The identified region to consider
* \param p_location The device location
* \return true on success, false otherwise
* @verdict Unchanged
fx_isLocationInsideIdentifiedRegion(in IdentifiedRegion p_region, in ThreeDLocation p_location) return boolean;
*/
BOOLEAN fx__isLocationInsideIdentifiedRegion(
const IEEE1609dot2BaseTypes::IdentifiedRegion& p__region,
const IEEE1609dot2BaseTypes::ThreeDLocation& p__location
) {
return TRUE;
}
/* * \brief Check if the location is inside an undefined region
* \param p_region The identified region to consider
* \param p_location The device location
* \return true on success, false otherwise
* @verdict Unchanged
fx_isLocationInsideOtherRegion(in octetstring p_region, in ThreeDLocation p_location) return boolean;
*/
BOOLEAN fx__isLocationInsideOtherRegion(
const OCTETSTRING& p_region,
const IEEE1609dot2BaseTypes::ThreeDLocation& p_location
) {
return TRUE;
}
/* * \brief Check that p_circular_region_1 circular region is included into p_circular_region_2 circular region
* \param p_circular_region_1 Circular region 1
* \param p_circular_region_2 Circular region 2
* \return true on success, false otherwise
fx_areCirclesInside(in CircularRegion p_circular_region_1, in CircularRegion p_circular_region_2) return boolean;
*/
BOOLEAN fx__areCirclesInside(
const IEEE1609dot2BaseTypes::CircularRegion& p_circular_region_1,
const IEEE1609dot2BaseTypes::CircularRegion& p_circular_region_2
) {
return TRUE;
}
/* * \brief Check that p_rectanglar_region_1 rectangular region is included into p_rectanglar_region_2 rectangular region
* \param p_rectanglar_region_1 Rectangular region 1
* \param p_rectanglar_region_2 Rectangular region 2
* \return true on success, false otherwise
fx_areRectanglesInside(in SequenceOfRectangularRegion p_rectanglar_region_1, in SequenceOfRectangularRegion p_rectanglar_region_2) return boolean;
*/
BOOLEAN fx__areRectanglesInside(
const IEEE1609dot2BaseTypes::SequenceOfRectangularRegion& p_rectanglar_region_1,
const IEEE1609dot2BaseTypes::SequenceOfRectangularRegion& p_rectanglar_region_2
) {
return TRUE;
}
/* * \brief Check that p_polygonal_region_1 polygonal region is included into p_polygonal_region_2 polygonal region
* \param p_polygonal_region_1 Polygonal region 1
* \param p_polygonal_region_2 Polygonal region 2
* \return true on success, false otherwise
fx_arePolygonsInside(in PolygonalRegion p_polygonal_region_1, in PolygonalRegion p_polygonal_region_2) return boolean;
*/
BOOLEAN fx__arePolygonsInside(
const IEEE1609dot2BaseTypes::PolygonalRegion& p_polygonal_region_1,
const IEEE1609dot2BaseTypes::PolygonalRegion& p_polygonal_region_2
) {
return TRUE;
}
/**
* \brief Convert a spacial coordinate from DMS to DMS
* \param p_degrees The degrees (D)
* \param p_minutes The minutes (M)
* \param p_seconds The seconds (S)
* \param p_latlon The latitude/longitude: (N|S|E|W)
* \return The decimal coordinate on success, 0.0, otherwise
* @verdict Unchanged
fx_dms2dd(in Int p_degrees, in Int p_minutes, in float p_seconds, in Oct1 p_latlon) return float;
*/
FLOAT fx__dms2dd(
const INTEGER& p__degrees,
const INTEGER& p__minutes,
const FLOAT& p__seconds,
const OCTETSTRING& p__latlon
) {
return 0.0;
}
} // end of namespace