Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
#include "security_cache.hh"
#include "params.hh"
#include "converter.hh"
using namespace std; // Required for isnan()
#include "etsi_ts103097_certificate_codec.hh"
#include "loggers.hh"
security_cache::security_cache(): _certificates(), _hashed_id8s() {
loggers::get_instance().log(">>> security_cache::security_cache");
} // End of ctor
security_cache::~security_cache() {
loggers::get_instance().log(">>> security_cache::~security_cache");
clear();
} // End of dtor
int security_cache::clear() {
loggers::get_instance().log(">>> security_cache::clear");
_certificates.clear(); // Smart pointers will do the job
_hashed_id8s.clear();
return 0;
} // End of clear method
int security_cache::get_certificate_id(const OCTETSTRING& p_hashed_id8, std::string& p_certifcate_id) const {
loggers::get_instance().log_msg(">>> security_cache::get_certificate_id: ", p_hashed_id8);
std::vector<unsigned char> key(static_cast<const unsigned char*>(p_hashed_id8), p_hashed_id8.lengthof() + static_cast<const unsigned char*>(p_hashed_id8));
std::map<std::vector<unsigned char>, std::string>::const_iterator it = _hashed_id8s.find(key);
if (it == _hashed_id8s.cend()) {
p_certifcate_id = "";
return -1;
}
p_certifcate_id = it->second;
return 0;
}
int security_cache::get_certificate(const std::string& p_certificate_id, OCTETSTRING& p_certificate) const {
loggers::get_instance().log(">>> security_cache::get_certificate: '%s'", p_certificate_id.c_str());
std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_cache::get_certificate: record not found");
dump();
return -1;
}
const std::vector<unsigned char> cert = it->second.get()->certificate();
p_certificate = OCTETSTRING(cert.size(), cert.data());
return 0;
}
int security_cache::get_certificate(const std::string& p_certificate_id, IEEE1609dot2::CertificateBase& p_certificate) const {
loggers::get_instance().log(">>> security_cache::get_certificate: '%s'", p_certificate_id.c_str());
std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_cache::get_certificate: record not found");
return -1;
}
p_certificate = it->second.get()->decoded_certificate();
return 0;
}
int security_cache::get_issuer(const std::string& p_certificate_id, OCTETSTRING& p_hashed_id_issuer) const {
loggers::get_instance().log(">>> security_cache::get_issuer: '%s'", p_certificate_id.c_str());
std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_cache::get_issuer: record not found");
return -1;
}
const std::vector<unsigned char> issuer = it->second.get()->issuer();
p_hashed_id_issuer = OCTETSTRING(issuer.size(), issuer.data());
return 0;
}
int security_cache::get_hashed_id(const std::string& p_certificate_id, OCTETSTRING& p_hashed_id) const {
loggers::get_instance().log(">>> security_cache::get_hashed_id: '%s'", p_certificate_id.c_str());
std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_cache::get_hashed_id: record not found");
return -1;
}
const std::vector<unsigned char> hashed_id = it->second.get()->hashed_id();
p_hashed_id = OCTETSTRING(hashed_id.size(), hashed_id.data());
return 0;
}
int security_cache::get_hash(const std::string& p_certificate_id, OCTETSTRING& p_hash) const {
loggers::get_instance().log(">>> security_cache::get_hash: '%s'", p_certificate_id.c_str());
std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_cache::get_hash: record not found");
return -1;
}
const std::vector<unsigned char> hash = it->second.get()->hash();
p_hash = OCTETSTRING(hash.size(), hash.data());
return 0;
}
int security_cache::get_private_key(const std::string& p_certificate_id, OCTETSTRING& p_private_key) const {
loggers::get_instance().log(">>> security_cache::get_private_key: '%s'", p_certificate_id.c_str());
std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_cache::get_private_key: record not found");
return -1;
}
const std::vector<unsigned char> private_key = it->second.get()->private_key();
p_private_key = OCTETSTRING(private_key.size(), private_key.data());
return 0;
}
int security_cache::get_public_keys(const std::string& p_certificate_id, OCTETSTRING& p_public_key_x, OCTETSTRING& p_public_key_y) const {
loggers::get_instance().log(">>> security_cache::get_public_keys: '%s'", p_certificate_id.c_str());
std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_cache::get_public_keys: record not found");
return -1;
}
const std::vector<unsigned char> public_key_x = it->second.get()->public_key_x();
p_public_key_x = OCTETSTRING(public_key_x.size(), public_key_x.data());
const std::vector<unsigned char> public_key_y = it->second.get()->public_key_y();
p_public_key_y = OCTETSTRING(public_key_y.size(), public_key_y.data());
return 0;
}
int security_cache::get_public_comp_key(const std::string& p_certificate_id, OCTETSTRING& p_public_comp_key, INTEGER& p_comp_mode) const {
loggers::get_instance().log(">>> security_cache::get_public_comp_key: '%s'", p_certificate_id.c_str());
std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_cache::get_public_comp_key: record not found");
return -1;
}
const std::vector<unsigned char> public_comp_key = it->second.get()->public_comp_key(); // 33 or 49 bytes length
p_public_comp_key = OCTETSTRING(public_comp_key.size() - 1, 1 + public_comp_key.data()); // 32 or 48 bytes length
p_comp_mode = INTEGER(((public_comp_key[0] % 2) == 0) ? 0 : 1); // compressed-y-0 or compressed-y-1
return 0;
}
int security_cache::get_private_enc_key(const std::string& p_certificate_id, OCTETSTRING& p_private_enc_key) const {
loggers::get_instance().log(">>> security_cache::get_private_enc_key: '%s'", p_certificate_id.c_str());
std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_cache::get_private_enc_key: record not found");
return -1;
}
const std::vector<unsigned char> private_enc_key = it->second.get()->private_enc_key();
p_private_enc_key = OCTETSTRING(private_enc_key.size(), private_enc_key.data());
return 0;
}
int security_cache::get_public_enc_keys(const std::string& p_certificate_id, OCTETSTRING& p_public_enc_key_x, OCTETSTRING& p_public_enc_key_y) const {
loggers::get_instance().log(">>> security_cache::get_public_enc_keys: '%s'", p_certificate_id.c_str());
std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_cache::get_public_enc_keys: record not found");
return -1;
}
const std::vector<unsigned char> public_enc_key_x = it->second.get()->public_enc_key_x();
p_public_enc_key_x = OCTETSTRING(public_enc_key_x.size(), public_enc_key_x.data());
const std::vector<unsigned char> public_enc_key_y = it->second.get()->public_enc_key_y();
p_public_enc_key_y = OCTETSTRING(public_enc_key_y.size(), public_enc_key_y.data());
return 0;
}
int security_cache::get_public_enc_comp_key(const std::string& p_certificate_id, OCTETSTRING& p_public_enc_comp_key, INTEGER& p_enc_comp_mode) const {
loggers::get_instance().log(">>> security_cache::get_public_enc_comp_key: '%s'", p_certificate_id.c_str());
std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_cache::get_public_enc_comp_key: record not found");
return -1;
}
const std::vector<unsigned char> public_enc_comp_key = it->second.get()->public_enc_comp_key(); // 33 or 49 bytes length
p_public_enc_comp_key = OCTETSTRING(public_enc_comp_key.size() - 1, 1 + public_enc_comp_key.data()); // 32 or 48 bytes length
p_enc_comp_mode = INTEGER(((public_enc_comp_key[0] % 2) == 0) ? 0 : 1); // compressed-y-0 or compressed-y-1
return 0;
}
static bool fill_vector(std::vector<unsigned char>& v, const OCTETSTRING& o) {
if(o.is_bound()) {
v.assign(static_cast<const unsigned char*>(o), static_cast<const unsigned char*>(o) + o.lengthof());
return true;
}else{
v.clear();
return false;
}
}
int security_cache::store_certificate(const CHARSTRING& p_cert_id, const OCTETSTRING& p_cert, const OCTETSTRING& p_private_key, const OCTETSTRING& p_public_key_x, const OCTETSTRING& p_public_key_y, const OCTETSTRING& p_public_compressed_key, const INTEGER& p_public_compressed_key_mode, const OCTETSTRING& p_hashed_id8, const OCTETSTRING& p_issuer, const OCTETSTRING& p_private_enc_key, const OCTETSTRING& p_public_enc_key_x, const OCTETSTRING& p_public_enc_key_y, const OCTETSTRING& p_public_enc_compressed_key, const INTEGER& p_public_enc_compressed_key_mode) {
loggers::get_instance().log_msg(">>> security_cache::store_certificate: ", p_cert_id);
std::string key(static_cast<const char*>(p_cert_id));
std::vector<unsigned char> cert, private_key, public_key_x, public_key_y, public_comp_key, hashed_id8, issuer;
std::vector<unsigned char> private_enc_key, public_enc_key_x, public_enc_key_y, public_enc_comp_key;
fill_vector(cert, p_cert);
fill_vector(private_key, p_private_key);
fill_vector(public_key_x, p_public_key_x);
fill_vector(public_key_y, p_public_key_y);
if(fill_vector(public_comp_key, p_public_compressed_key)){
public_comp_key.insert(public_comp_key.begin(), (unsigned char)(2 + p_public_compressed_key_mode)); // Add one byte to indicate cmpressed-y-0 (0x02) or compressed-y-1 (0x03)
loggers::get_instance().log_to_hexa("security_cache::store_certificate: public_comp_key: ", public_comp_key.data(), public_comp_key.size());
}
fill_vector(hashed_id8, p_hashed_id8);
fill_vector(issuer, p_issuer);
fill_vector(private_enc_key, p_private_enc_key);
fill_vector(public_enc_key_x, p_public_enc_key_x);
fill_vector(public_enc_key_y, p_public_enc_key_y);
if(fill_vector(public_enc_comp_key, p_public_enc_compressed_key)) {
public_enc_comp_key.insert(public_enc_comp_key.begin(), (unsigned char)(2 + p_public_compressed_key_mode)); // Add one byte to indicate cmpressed-y-0 (0x02) or compressed-y-1 (0x03)
loggers::get_instance().log_to_hexa("security_cache::store_certificate: public_enc_comp_key: ", public_enc_comp_key.data(), public_enc_comp_key.size());
IEEE1609dot2::CertificateBase decoded_certificate;
etsi_ts103097_certificate_codec codec;
codec.decode(p_cert, decoded_certificate);
loggers::get_instance().log_msg("security_cache::store_certificate: Decoded certificate: ", decoded_certificate);
security_db_record* p = new security_db_record(
key, // Certificate id
cert, // Certificate
issuer, // Hashed ID for the issuer
hashed_id8, // Hashed ID
private_key, // Private key
public_key_x, // Public key X-coordinate
public_key_y, // Public key Y-coordinate
public_comp_key, // Public compressed key, 33 or 49 bytes
private_enc_key, // Private encryption key
public_enc_key_x, // Public encryption key X-coordinate
public_enc_key_y, // Public encryption key Y-coordinate
public_enc_comp_key // Public encryption compressed key, 33 or 49 bytes
);
if (p == nullptr) {
return -1;
}
std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator i = _certificates.find(key);
if (i != _certificates.cend()) {
_certificates.erase(i);
}
std::map<std::vector<unsigned char>, std::string>::const_iterator h = _hashed_id8s.find(hashed_id8);
if (h != _hashed_id8s.cend()) {
_hashed_id8s.erase(h);
}
_certificates.insert(std::pair<std::string, std::unique_ptr<security_db_record> >(key, std::unique_ptr<security_db_record>(p)));
_hashed_id8s.insert(std::pair<std::vector<unsigned char>, std::string&>(hashed_id8, key));
return 0;
}
void security_cache::dump() const {
loggers::get_instance().log("security_cache::dump_certificates: # items = %d", _certificates.size());
for (std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.cbegin(); it != _certificates.cend(); ++it) {
security_db_record* p = it->second.get();
loggers::get_instance().log("security_cache::dump: certificate_id = %s", p->certificate_id().c_str());
loggers::get_instance().log_to_hexa("security_cache::dump: certificate = ", p->certificate().data(), p->certificate().size());
loggers::get_instance().log_msg("security_cache::dump: decoded certificate = ", p->decoded_certificate());
loggers::get_instance().log_to_hexa("security_cache::dump: issuer = ", p->issuer().data(), p->issuer().size());
loggers::get_instance().log_to_hexa("security_cache::dump: hashed_id = ", p->hashed_id().data(), p->hashed_id().size());
loggers::get_instance().log_to_hexa("security_cache::dump: hash = ", p->hash().data(), p->hash().size());
loggers::get_instance().log_to_hexa("security_cache::dump: private_key = ", p->private_key().data(), p->private_key().size());
loggers::get_instance().log_to_hexa("security_cache::dump: public_key_x = ", p->public_key_x().data(), p->public_key_x().size());
loggers::get_instance().log_to_hexa("security_cache::dump: public_key_y = ", p->public_key_y().data(), p->public_key_y().size());
loggers::get_instance().log_to_hexa("security_cache::dump: public_comp_key = ", p->public_comp_key().data(), p->public_comp_key().size());
loggers::get_instance().log_to_hexa("security_cache::dump: private_enc_key = ", p->private_enc_key().data(), p->private_enc_key().size());
loggers::get_instance().log_to_hexa("security_cache::dump: public_enc_key_x = ", p->public_enc_key_x().data(), p->public_enc_key_x().size());
loggers::get_instance().log_to_hexa("security_cache::dump: public_enc_key_y = ", p->public_enc_key_y().data(), p->public_enc_key_y().size());
loggers::get_instance().log_to_hexa("security_cache::dump: public_enc_comp_key = ", p->public_enc_comp_key().data(), p->public_enc_comp_key().size());
} // End of 'for' statement
for (std::map<std::vector<unsigned char>, std::string>::const_iterator it = _hashed_id8s.cbegin(); it != _hashed_id8s.cend(); ++it) {
loggers::get_instance().log("security_cache::dump: Hashedid8 idx = %s", it->second.c_str());
} // End of 'for' statement
} // End of method dump