Newer
Older
#include "pki_layer_factory.hh"
#include "codec_stack_builder.hh"
#include "loggers.hh"
pki_layer::pki_layer(const std::string & p_type, const std::string & param) : t_layer<LibItsPki__TestSystem::PkiPort>(p_type), _params(), _etsi_ts102941_types_enrolment_inner_request(), _etsi_ts102941_types_enrolment_inner_response(), _codec()
{
loggers::get_instance().log(">>> pki_layer::pki_layer: %s, %s", to_string().c_str(), param.c_str());
// Setup parameters
params::convert(_params, param);
// Sanity checks
params::const_iterator it = _params.find(params::certificate);
if (it == _params.cend()) {
_params[params::certificate] = "CERT_TS_A_EA";
}
it = _params.find(params::peer_certificate);
if (it == _params.cend()) {
_params[params::certificate] = "CERT_IUT_A_EA";
}
// Register this object for AdapterControlPort
loggers::get_instance().log("pki_layer::pki_layer: Register %s/%p", p_type.c_str(), this);
registration<pki_layer>::get_instance().add_item(p_type, this);
}
void pki_layer::set_pki_keys(const LibItsPki__TypesAndValues::AcSetSecurityData& p_ac_set_security_data) {
_ac_set_security_data.reset(new LibItsPki__TypesAndValues::AcSetSecurityData(p_ac_set_security_data));
}
void pki_layer::sendMsg(const EtsiTs102941TypesEnrolment::InnerEcRequest& p_inner_ec_request, params& p_param) {
loggers::get_instance().log_msg(">>> pki_layer::sendMsg: ", p_inner_ec_request);
// Sanity checks
if (_ac_set_security_data.get() == nullptr) {
loggers::get_instance().error("pki_layer::sendMsg: Security data missing");
return;
}
OCTETSTRING inner_ec_request;
_etsi_ts102941_types_enrolment_inner_request.encode(p_inner_ec_request, inner_ec_request);
// Build the EtsiTs103097Data-Signed
OCTETSTRING etsi_ts_102941_data;
if (generate_inner_ec_request_signed_for_pop(inner_ec_request, etsi_ts_102941_data) == -1) {
loggers::get_instance().warning("pki_layer::sendMsg: Failed to generate InnerExRequestSignedForPop");
return;
// Secured the Pki message
OCTETSTRING signed_and_encrypted_data;
if (sign_and_encrypt_payload(daetsi_ts_102941_datata, signed_and_encrypted_data) == 0) {
loggers::get_instance().warning("pki_layer::sendMsg: Failed to secure Pki message");
return;
}
send_data(signed_and_encrypted_data, _params);
void pki_layer::sendMsg(const EtsiTs102941TypesEnrolment::InnerEcResponse& p_inner_ec_response, params& p_param) {
loggers::get_instance().log_msg(">>> pki_layer::sendMsg: ", p_inner_ec_response);
_etsi_ts102941_types_enrolment_inner_response.encode(p_inner_ec_response, data);
if (sign_and_encrypt_payload(data, secured_data) == 0) {
send_data(data, _params);
}
}
void pki_layer::send_data(OCTETSTRING& data, params& params) {
loggers::get_instance().log_msg(">>> pki_layer::send_data: ", data);
send_to_all_layers(data, params);
}
void pki_layer::receive_data(OCTETSTRING& data, params& params)
{
loggers::get_instance().log_msg(">>> pki_layer::receive_data: ", data);
// // Decode HTTP message
// LibItsPki__TypesAndValues::HttpMessage pki_message;
// if (_codec.decode(data, pki_message) == -1) {
// loggers::get_instance().warning("pki_layer::receive_data: Failed to decode data");
// return;
// }
// // Pass it to the ports
// to_all_upper_ports(pki_message, params);
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
int pki_layer::generate_inner_ec_request_signed_for_pop(const OCTETSTRING& p_inner_ec_request, OCTETSTRING& p_etsi_ts_102941_data) {
loggers::get_instance().log_msg(">>> pki_layer::generate_inner_ec_request_signed_for_pop: ", p_inner_ec_request);
// Set unsecured data
IEEE1609dot2::Ieee1609Dot2Content unsecured_data_content;
unsecured_data_content.unsecuredData() = p_inner_ec_request;
IEEE1609dot2::Ieee1609Dot2Data unsecured_data(ProtocolVersion, unsecured_data_content);
// Set hash algorithm
IEEE1609dot2BaseTypes::HashAlgorithm hashId(IEEE1609dot2BaseTypes::HashAlgorithm::sha256);
if (p_params[params::hash].compare("SHA-384") == 0) {
hashId = IEEE1609dot2BaseTypes::HashAlgorithm::sha384;
}
// Set SignedDataPayload
IEEE1609dot2::SignedDataPayload payload;
payload.data() = unsecured_data;
payload.extDataHash().set_to_omit();
IEEE1609dot2::HeaderInfo header_info;
// Set secured field
header_info.psid() = converter::get_instance().string_to_int(p_params[params::its_aid]);
header_info.expiryTime().set_to_omit();
header_info.generationLocation().set_to_omit();
header_info.p2pcdLearningRequest().set_to_omit();
header_info.missingCrlIdentifier().set_to_omit();
header_info.encryptionKey().set_to_omit();
INTEGER i;
i.set_long_long_val((unsigned int) ms);
header_info.generationTime() = OPTIONAL<INTEGER>(i);
header_info.inlineP2pcdRequest().set_to_omit();
header_info.requestedCertificate().set_to_omit();
IEEE1609dot2::ToBeSignedData tbs_data;
tbs_data.payload() = payload;
tbs_data.headerInfo() = header_info;
loggers::get_instance().log_msg("pki_layer::sign_payload: tbs_data = ", tbs_data);
// Sign the ToBeSignedData data structure
IEEE1609dot2BaseTypes::Signature signature;
if (security_services::get_instance().sign_tbs_data(tbs_data, hashId, signature, p_params) != 0) {
loggers::get_instance().warning("pki_layer::sign_payload: Failed to secure payload");
return -1;
}
IEEE1609dot2::SignerIdentifier signer;
loggers::get_instance().log("pki_layer::sign_payload: ms = %d - _last_generation_time = %d - ms - _last_generation_time = %d", (unsigned int) ms, _last_generation_time, (unsigned int) (ms - _last_generation_time));
signer.self() = nullptr;
IEEE1609dot2::SignedData signed_data(hashId, tbs_data, signer, signature);
loggers::get_instance().log_msg("pki_layer::sign_payload: signed_data = ", signed_data);
IEEE1609dot2::Ieee1609Dot2Content ieee_dot2_content;
ieee_dot2_content.signedData() = signed_data;
IEEE1609dot2::Ieee1609Dot2Data ieee_1609dot2_data(pki_layer::ProtocolVersion, ieee_dot2_content);
loggers::get_instance().log_msg("pki_layer::sign_payload: ieee_1609dot2_data = ", ieee_1609dot2_data);
// Set EtsiTs102941Data layer
EtsiTs102941MessagesItss::EtsiTs102941Data etsi_ts_102941_data;
etsi_ts_102941_data.content().enrolmentRequest = ieee_1609dot2_data;
_codec.encode(ieee_1609dot2_data, p_etsi_ts_102941_data);
if (!p_etsi_ts_102941_data.is_bound()) {
loggers::get_instance().warning("pki_layer::sign_payload: Failed to encode Ieee1609Dot2Data");
return -1;
}
return 0;
}
int pki_layer::sign_and_encrypt_payload(const OCTETSTRING& p_data, OCTETSTRING& p_secured_data) {
loggers::get_instance().log_msg(">>> pki_layer::sign_and_encrypt_payload: ", p_data);
// 1. Signed the data
OCTETSTRING signed_data;
if (security_services::get_instance().sign_payload(p_data, signed_data, _params) == -1) {
loggers::get_instance().warning("http_etsi_ieee1609dot2_codec::encode: Failed to sign data");
return -1;
loggers::get_instance().log_msg("pki_layer::sign_and_encrypt_payload: signed_data=", signed_data);
// 2. Encrypt the signed packet
if (security_services::get_instance().encrypt_gn_payload(signed_data, p_secured_data, _params) == -1) {
loggers::get_instance().warning("http_etsi_ieee1609dot2_codec::encode: Failed to encrypt data");
return -1;
}
loggers::get_instance().log_msg("<<< http_etsi_ieee1609dot2_codec::encode: ", p_secured_data);
return 0;
}
pki_layer_factory pki_layer_factory::_f;