Skip to content
GitLab
Commit 01097524 authored by garciay's avatar garciay
Browse files

Merge with C2C project 

Add AcSecPrimitive/AcSecResponse support for CAM (DENM & GN to be done)
parent 964ca145
Hide whitespace changes
Inline Side-by-side
javasrc/adapter/org/etsi/adapter/ITERequired.java
View file @ 01097524
...@@ -60,4 +60,15 @@ public interface ITERequired { ...@@ -60,4 +60,15 @@ public interface ITERequired {
* @return Value associated to the TA parameter * @return Value associated to the TA parameter
*/ */
Value getTaParameter(String param); Value getTaParameter(String param);
/**
* Logs the debug message.
*/
void logDebug(String debugMessage);
/**
* Logs the error message.
*/
void logError(String errorMessage);
} }
javasrc/adapter/org/etsi/its/adapter/ComponentMgr.java
View file @ 01097524
...@@ -12,6 +12,7 @@ import java.util.LinkedHashMap; ...@@ -12,6 +12,7 @@ import java.util.LinkedHashMap;
import java.util.Map; import java.util.Map;
import java.util.Observer; import java.util.Observer;
import org.etsi.adapter.TERFactory;
import org.etsi.common.ITuple; import org.etsi.common.ITuple;
import org.etsi.common.Tuple; import org.etsi.common.Tuple;
import org.etsi.its.adapter.ports.IObservable; import org.etsi.its.adapter.ports.IObservable;
...@@ -58,7 +59,7 @@ public class ComponentMgr{ ...@@ -58,7 +59,7 @@ public class ComponentMgr{
public void addComponent(TriComponentId component) { public void addComponent(TriComponentId component) {
// Sanity check // Sanity check
if(component == null) { if(component == null) {
System.err.println("Error: Trying to add null component"); TERFactory.getInstance().logError("Error: Trying to add null component");
return; return;
} }
...@@ -81,11 +82,11 @@ public class ComponentMgr{ ...@@ -81,11 +82,11 @@ public class ComponentMgr{
public void addPort(final String componentName, final TriPortId ttcnPort, final IPort port) { public void addPort(final String componentName, final TriPortId ttcnPort, final IPort port) {
// Sanity checks // Sanity checks
if(componentName.isEmpty() || (ttcnPort == null) || (port == null)) { if(componentName.isEmpty() || (ttcnPort == null) || (port == null)) {
System.err.println("Wrong parameters"); TERFactory.getInstance().logError("Wrong parameters");
return; return;
} }
if(!mapCompNameToTriComp.containsKey(componentName)) { if(!mapCompNameToTriComp.containsKey(componentName)) {
System.err.println("Error: Trying to add port to unknown component"); TERFactory.getInstance().logError("Error: Trying to add port to unknown component");
return; return;
} }
if(!mapTriPortToTuple.containsKey(componentName)) { if(!mapTriPortToTuple.containsKey(componentName)) {
...@@ -110,7 +111,7 @@ public class ComponentMgr{ ...@@ -110,7 +111,7 @@ public class ComponentMgr{
// Sanity checks // Sanity checks
if(componentName == null || componentName.isEmpty()) { if(componentName == null || componentName.isEmpty()) {
System.err.println("Invalid component"); TERFactory.getInstance().logError("Invalid component");
return null; return null;
} }
...@@ -127,15 +128,15 @@ public class ComponentMgr{ ...@@ -127,15 +128,15 @@ public class ComponentMgr{
// Sanity checks // Sanity checks
if(componentName.isEmpty() || portName.isEmpty()) { if(componentName.isEmpty() || portName.isEmpty()) {
System.err.println("Wrong parameters"); TERFactory.getInstance().logError("Wrong parameters");
return null; return null;
} }
if(!mapCompNameToTriComp.containsKey(componentName)) { if(!mapCompNameToTriComp.containsKey(componentName)) {
System.err.println("Unknown component"); TERFactory.getInstance().logError("Unknown component");
return null; return null;
} }
if(!mapTriPortToTuple.containsKey(componentName)) { if(!mapTriPortToTuple.containsKey(componentName)) {
System.err.println("No port list entry"); TERFactory.getInstance().logError("No port list entry");
return null; return null;
} }
...@@ -160,15 +161,15 @@ public class ComponentMgr{ ...@@ -160,15 +161,15 @@ public class ComponentMgr{
// Sanity checks // Sanity checks
if(componentName.isEmpty() || portName.isEmpty()) { if(componentName.isEmpty() || portName.isEmpty()) {
System.err.println("Wrong parameters"); TERFactory.getInstance().logError("Wrong parameters");
return null; return null;
} }
if(!mapCompNameToTriComp.containsKey(componentName)) { if(!mapCompNameToTriComp.containsKey(componentName)) {
System.err.println("Unknown component"); TERFactory.getInstance().logError("Unknown component");
return null; return null;
} }
if(!mapTriPortToTuple.containsKey(componentName)) { if(!mapTriPortToTuple.containsKey(componentName)) {
System.err.println("No port list entry"); TERFactory.getInstance().logError("No port list entry");
return null; return null;
} }
...@@ -204,15 +205,15 @@ public class ComponentMgr{ ...@@ -204,15 +205,15 @@ public class ComponentMgr{
// Sanity checks // Sanity checks
if(componentName.isEmpty() || portName.isEmpty()) { if(componentName.isEmpty() || portName.isEmpty()) {
System.err.println("Wrong parameters"); TERFactory.getInstance().logError("Wrong parameters");
return; return;
} }
if(!mapCompNameToTriComp.containsKey(componentName)) { if(!mapCompNameToTriComp.containsKey(componentName)) {
System.err.println("Unknown component"); TERFactory.getInstance().logError("Unknown component");
return; return;
} }
if(!mapTriPortToTuple.containsKey(componentName)) { if(!mapTriPortToTuple.containsKey(componentName)) {
System.err.println("No port list entry"); TERFactory.getInstance().logError("No port list entry");
return; return;
} }
......
javasrc/adapter/org/etsi/its/adapter/Management.java
View file @ 01097524
...@@ -48,7 +48,7 @@ public class Management implements IManagementTA, IManagementLayers { ...@@ -48,7 +48,7 @@ public class Management implements IManagementTA, IManagementLayers {
/** /**
* Maximum time for getting Long position vector (in seconds) * Maximum time for getting Long position vector (in seconds)
*/ */
private static final int GET_LPV_TIMEOUT = 10; private static final int GET_LPV_TIMEOUT = 10; //FIXME: Might be a parameter rather than a constant
/** /**
* Interval for polling the location table during GetLpv (in ms) * Interval for polling the location table during GetLpv (in ms)
...@@ -353,6 +353,8 @@ public class Management implements IManagementTA, IManagementLayers { ...@@ -353,6 +353,8 @@ public class Management implements IManagementTA, IManagementLayers {
// Ensure that management settings are reset // Ensure that management settings are reset
beaconHeader = null; beaconHeader = null;
enqueueBeacon = null; enqueueBeacon = null;
locTable.clear();
} }
@Override @Override
......
javasrc/adapter/org/etsi/its/adapter/PcapMultiplexer.java
View file @ 01097524
...@@ -49,7 +49,7 @@ public class PcapMultiplexer implements Runnable { ...@@ -49,7 +49,7 @@ public class PcapMultiplexer implements Runnable {
int r = Pcap.findAllDevs(alldevs, errbuf); int r = Pcap.findAllDevs(alldevs, errbuf);
if (r == Pcap.NOT_OK || alldevs.isEmpty()) { if (r == Pcap.NOT_OK || alldevs.isEmpty()) {
System.err.printf("Can't read list of devices, error is %s", errbuf.toString()); TERFactory.getInstance().logError("Can't read list of devices, error is %s" + errbuf.toString());
return; return;
} }
...@@ -72,7 +72,7 @@ public class PcapMultiplexer implements Runnable { ...@@ -72,7 +72,7 @@ public class PcapMultiplexer implements Runnable {
} }
device = alldevs.get(ifaceIndex); device = alldevs.get(ifaceIndex);
System.out.println("Listening: " + device.getName()); // TERFactory.getInstance().logDebug("Listening: " + device.getName());
} }
/** /**
...@@ -84,7 +84,7 @@ public class PcapMultiplexer implements Runnable { ...@@ -84,7 +84,7 @@ public class PcapMultiplexer implements Runnable {
} }
public synchronized void register(Layer client, byte[] macAddress, short frameType) { public synchronized void register(Layer client, byte[] macAddress, short frameType) {
System.out.println(">>>PcapMultiplexer.registering: " + frameType); // TERFactory.getInstance().logDebug(">>>PcapMultiplexer.registering: " + frameType);
if(clientsToMacs.isEmpty()) { if(clientsToMacs.isEmpty()) {
// Open interface // Open interface
...@@ -94,7 +94,7 @@ public class PcapMultiplexer implements Runnable { ...@@ -94,7 +94,7 @@ public class PcapMultiplexer implements Runnable {
pcap = Pcap.openLive(device.getName(), snaplen, flags, timeout, errbuf); pcap = Pcap.openLive(device.getName(), snaplen, flags, timeout, errbuf);
if (pcap == null) { if (pcap == null) {
System.err.printf("Error while opening device for capture: " TERFactory.getInstance().logError("Error while opening device for capture: "
+ errbuf.toString()); + errbuf.toString());
return; return;
} }
...@@ -103,7 +103,7 @@ public class PcapMultiplexer implements Runnable { ...@@ -103,7 +103,7 @@ public class PcapMultiplexer implements Runnable {
filter = ""; filter = "";
} }
else { else {
System.out.println("Another Client !"); // TERFactory.getInstance().logDebug("Another Client !");
filter = filter + " and "; filter = filter + " and ";
} }
...@@ -114,7 +114,7 @@ public class PcapMultiplexer implements Runnable { ...@@ -114,7 +114,7 @@ public class PcapMultiplexer implements Runnable {
} }
filter = filter + "not ether src " + strMacAddress; filter = filter + "not ether src " + strMacAddress;
System.out.println("New filter: " + filter); // TERFactory.getInstance().logDebug("New filter: " + filter);
// Apply filter // Apply filter
PcapBpfProgram bpfFilter = new PcapBpfProgram(); PcapBpfProgram bpfFilter = new PcapBpfProgram();
...@@ -122,7 +122,7 @@ public class PcapMultiplexer implements Runnable { ...@@ -122,7 +122,7 @@ public class PcapMultiplexer implements Runnable {
int netmask = 0; int netmask = 0;
int r = pcap.compile(bpfFilter, filter, optimize, netmask); int r = pcap.compile(bpfFilter, filter, optimize, netmask);
if (r != Pcap.OK) { if (r != Pcap.OK) {
System.out.println("Filter error: " + pcap.getErr()); // TERFactory.getInstance().logDebug("Filter error: " + pcap.getErr());
} }
pcap.setFilter(bpfFilter); pcap.setFilter(bpfFilter);
......
javasrc/adapter/org/etsi/its/adapter/SecurityHelper.java
View file @ 01097524
...@@ -11,7 +11,11 @@ import java.io.IOException; ...@@ -11,7 +11,11 @@ import java.io.IOException;
import java.util.HashMap; import java.util.HashMap;
import java.util.Map; import java.util.Map;
import org.etsi.adapter.TERFactory;
import org.etsi.common.ByteHelper; import org.etsi.common.ByteHelper;
//import org.etsi.its.adapter.layers.ETSI;
import de.fraunhofer.sit.c2x.CryptoLib; import de.fraunhofer.sit.c2x.CryptoLib;
...@@ -21,6 +25,18 @@ public class SecurityHelper { ...@@ -21,6 +25,18 @@ public class SecurityHelper {
public static SecurityHelper getInstance() { return Instance; } public static SecurityHelper getInstance() { return Instance; }
/**
* SSP value
* @see ETSI TS 103 097
*/
public static final String SEC_SSP = "SSP";
/**
* ITS-AID value
* @see ETSI TS 103 097
*/
public static final String SEC_ITS_AID = "ITS_AID";
/** /**
* Storage for received certificates * Storage for received certificates
*/ */
...@@ -86,14 +102,14 @@ public class SecurityHelper { ...@@ -86,14 +102,14 @@ public class SecurityHelper {
return (long) Math.ceil(d / Byte.SIZE); return (long) Math.ceil(d / Byte.SIZE);
} }
public byte[] checkSecuredProfileAndExtractPayload(final byte[] p_message, final int p_offset, final boolean p_enforceSecurityCheck, final int p_itsAidOther) { public byte[] checkSecuredProfileAndExtractPayload(final byte[] p_message, final int p_offset, final boolean p_enforceSecurityCheck, final int p_itsAidOther, Map<String, Object> lowerInfo) {
System.out.println(">>> SecurityHelper.checkSecuredProfileAndExtractPayload: " + ByteHelper.byteArrayToString(p_message)); TERFactory.getInstance().logDebug(">>> SecurityHelper.checkSecuredProfileAndExtractPayload: " + ByteHelper.byteArrayToString(p_message));
ByteArrayInputStream decvalue = new ByteArrayInputStream(p_message, p_offset, p_message.length - p_offset); ByteArrayInputStream decvalue = new ByteArrayInputStream(p_message, p_offset, p_message.length - p_offset);
// Check version // Check version
if (decvalue.read() != 2) { if (decvalue.read() != 2) {
System.err.println("SecurityHelper.checkSecuredProfileAndExtractPayload: Drop packet - Wrong version number"); TERFactory.getInstance().logError("SecurityHelper.checkSecuredProfileAndExtractPayload: Drop packet - Wrong version number");
if (p_enforceSecurityCheck) { if (p_enforceSecurityCheck) {
// Drop it // Drop it
return null; return null;
...@@ -101,12 +117,12 @@ public class SecurityHelper { ...@@ -101,12 +117,12 @@ public class SecurityHelper {
} }
// Extract header fields length and header fields // Extract header fields length and header fields
long headerFieldsLength = tls2size(decvalue); long headerFieldsLength = tls2size(decvalue);
System.out.println("SecurityHelper.checkSecuredProfileAndExtractPayload: headerFieldsLength:" + headerFieldsLength); TERFactory.getInstance().logDebug("SecurityHelper.checkSecuredProfileAndExtractPayload: headerFieldsLength:" + headerFieldsLength);
byte[] headerFields = new byte[(int) headerFieldsLength]; byte[] headerFields = new byte[(int) headerFieldsLength];
decvalue.read(headerFields, 0, (int) headerFieldsLength); decvalue.read(headerFields, 0, (int) headerFieldsLength);
ByteArrayOutputStream certificateKeys = new ByteArrayOutputStream(); ByteArrayOutputStream certificateKeys = new ByteArrayOutputStream();
if (!checkHeaderfields(headerFields, certificateKeys, p_enforceSecurityCheck, p_itsAidOther)) { if (!checkHeaderfields(headerFields, certificateKeys, p_enforceSecurityCheck, p_itsAidOther, lowerInfo)) {
System.err.println("SecurityHelper.checkSecuredProfileAndExtractPayload: Drop packet - Wrong Headerfields"); TERFactory.getInstance().logError("SecurityHelper.checkSecuredProfileAndExtractPayload: Drop packet - Wrong Headerfields");
if (p_enforceSecurityCheck) { if (p_enforceSecurityCheck) {
// Drop it // Drop it
return null; return null;
...@@ -116,28 +132,28 @@ public class SecurityHelper { ...@@ -116,28 +132,28 @@ public class SecurityHelper {
byte[] keys = certificateKeys.toByteArray(); byte[] keys = certificateKeys.toByteArray();
if ((keys[0] == 0x02) || (keys[0] == 0x03)) { // Key length = 32 bytes if ((keys[0] == 0x02) || (keys[0] == 0x03)) { // Key length = 32 bytes
aaSigningPublicKeyX = ByteHelper.extract(keys, 1, 32); aaSigningPublicKeyX = ByteHelper.extract(keys, 1, 32);
System.out.println("SecurityHelper.checkSecuredProfileAndExtractPayload: aaSigningPublicKeyX:" + ByteHelper.byteArrayToString(aaSigningPublicKeyX)); TERFactory.getInstance().logDebug("SecurityHelper.checkSecuredProfileAndExtractPayload: aaSigningPublicKeyX:" + ByteHelper.byteArrayToString(aaSigningPublicKeyX));
} else { // Key length = 64 bytes } else { // Key length = 64 bytes
aaSigningPublicKeyX = ByteHelper.extract(keys, 1, 32); aaSigningPublicKeyX = ByteHelper.extract(keys, 1, 32);
System.out.println("SecurityHelper.checkSecuredProfileAndExtractPayload: aaSigningPublicKeyX:" + ByteHelper.byteArrayToString(aaSigningPublicKeyX)); TERFactory.getInstance().logDebug("SecurityHelper.checkSecuredProfileAndExtractPayload: aaSigningPublicKeyX:" + ByteHelper.byteArrayToString(aaSigningPublicKeyX));
aaSigningPublicKeyY = ByteHelper.extract(keys, 33, 32); aaSigningPublicKeyY = ByteHelper.extract(keys, 33, 32);
System.out.println("SecurityHelper.checkSecuredProfileAndExtractPayload: aaSigningPublicKeyX:" + ByteHelper.byteArrayToString(aaSigningPublicKeyX)); TERFactory.getInstance().logDebug("SecurityHelper.checkSecuredProfileAndExtractPayload: aaSigningPublicKeyX:" + ByteHelper.byteArrayToString(aaSigningPublicKeyX));
} }
// FIXME Add encryption support // FIXME Add encryption support
System.out.println("SecurityHelper.checkSecuredProfileAndExtractPayload: headerFields:" + ByteHelper.byteArrayToString(headerFields)); TERFactory.getInstance().logDebug("SecurityHelper.checkSecuredProfileAndExtractPayload: headerFields:" + ByteHelper.byteArrayToString(headerFields));
// Extract payload, decvalue is updated with the payload // Extract payload, decvalue is updated with the payload
if (decvalue.read() != 1) { if (decvalue.read() != 1) {
System.err.println("SecurityHelper.checkSecuredProfileAndExtractPayload: Drop packet - Wrong Payload type"); TERFactory.getInstance().logError("SecurityHelper.checkSecuredProfileAndExtractPayload: Drop packet - Wrong Payload type");
if (p_enforceSecurityCheck) { if (p_enforceSecurityCheck) {
// Drop it // Drop it
return null; return null;
} }
} }
long payloadLength = tls2size(decvalue); long payloadLength = tls2size(decvalue);
System.out.println("SecurityHelper.checkSecuredProfileAndExtractPayload: payloadLength:" + payloadLength); TERFactory.getInstance().logDebug("SecurityHelper.checkSecuredProfileAndExtractPayload: payloadLength:" + payloadLength);
byte[] payload = new byte[(int) payloadLength]; byte[] payload = new byte[(int) payloadLength];
decvalue.read(payload, 0, (int) payloadLength); decvalue.read(payload, 0, (int) payloadLength);
System.out.println("SecurityHelper.checkSecuredProfileAndExtractPayload: payload:" + ByteHelper.byteArrayToString(payload)); TERFactory.getInstance().logDebug("SecurityHelper.checkSecuredProfileAndExtractPayload: payload:" + ByteHelper.byteArrayToString(payload));
if (p_enforceSecurityCheck) { // Extract Secure Trailer if (p_enforceSecurityCheck) { // Extract Secure Trailer
long secureTrailerLength = tls2size(decvalue); long secureTrailerLength = tls2size(decvalue);
byte[] secureTrailer = new byte[(int) secureTrailerLength]; byte[] secureTrailer = new byte[(int) secureTrailerLength];
...@@ -145,39 +161,39 @@ public class SecurityHelper { ...@@ -145,39 +161,39 @@ public class SecurityHelper {
ByteArrayOutputStream signature = new ByteArrayOutputStream(); ByteArrayOutputStream signature = new ByteArrayOutputStream();
if (!extractMessageSignature(secureTrailer, signature)) { if (!extractMessageSignature(secureTrailer, signature)) {
// Drop it // Drop it
System.err.println("SecurityHelper.checkSecuredProfileAndExtractPayload: Drop packet - Wrong Signatures"); TERFactory.getInstance().logError("SecurityHelper.checkSecuredProfileAndExtractPayload: Drop packet - Wrong Signatures");
return null; return null;
} }
System.out.println("SecurityHelper.checkSecuredProfileAndExtractPayload: signature:" + ByteHelper.byteArrayToString(signature.toByteArray())); TERFactory.getInstance().logDebug("SecurityHelper.checkSecuredProfileAndExtractPayload: signature:" + ByteHelper.byteArrayToString(signature.toByteArray()));
// Build signed data // Build signed data
byte[] toBeVerifiedData = ByteHelper.extract( byte[] toBeVerifiedData = ByteHelper.extract(
p_message, p_message,
p_offset, p_offset,
p_message.length - (int)(p_offset + secureTrailerLength - 1 /* Exclude signature structure but keep signature type and signature length */) p_message.length - (int)(p_offset + secureTrailerLength - 1 /* Exclude signature structure but keep signature type and signature length */)
); );
System.out.println("SecurityHelper.checkSecuredProfileAndExtractPayload:" + ByteHelper.byteArrayToString(toBeVerifiedData)); TERFactory.getInstance().logDebug("SecurityHelper.checkSecuredProfileAndExtractPayload:" + ByteHelper.byteArrayToString(toBeVerifiedData));
boolean result; boolean result;
try { try {
if (aaSigningPublicKeyY == null) { if (aaSigningPublicKeyY == null) {
// FIXME FSCOM: Check how t verify compressed signature // FIXME FSCOM: Check how t verify compressed signature
return payload; return payload;
} }
result = CryptoLib.verifyWithEcdsaNistp256WithSha256( result = CryptoLib.verifyWithEcdsaNistp256WithSha256(
toBeVerifiedData, toBeVerifiedData,
signature.toByteArray(), signature.toByteArray(),
aaSigningPublicKeyX, aaSigningPublicKeyX,
aaSigningPublicKeyY aaSigningPublicKeyY
); );
System.out.println("SecurityHelper.checkSecuredProfileAndExtractPayload: Verify signature: " + new Boolean(result)); TERFactory.getInstance().logDebug("SecurityHelper.checkSecuredProfileAndExtractPayload: Verify signature: " + new Boolean(result));
if (!result) { if (!result) {
// Drop packet // Drop packet
System.out.println("SecurityHelper.checkSecuredProfileAndExtractPayload: toBeVerifiedData :" + ByteHelper.byteArrayToString(toBeVerifiedData)); TERFactory.getInstance().logDebug("SecurityHelper.checkSecuredProfileAndExtractPayload: toBeVerifiedData :" + ByteHelper.byteArrayToString(toBeVerifiedData));
// Calculate Digest digest from the buffer toBeVerifiedData // Calculate Digest digest from the buffer toBeVerifiedData
System.out.println("SecurityHelper.checkSecuredProfileAndExtractPayload: Hash :" + ByteHelper.byteArrayToString(CryptoLib.hashWithSha256(toBeVerifiedData))); TERFactory.getInstance().logDebug("SecurityHelper.checkSecuredProfileAndExtractPayload: Hash :" + ByteHelper.byteArrayToString(CryptoLib.hashWithSha256(toBeVerifiedData)));
System.out.println("SecurityHelper.checkSecuredProfileAndExtractPayload: signature :" + ByteHelper.byteArrayToString(signature.toByteArray())); TERFactory.getInstance().logDebug("SecurityHelper.checkSecuredProfileAndExtractPayload: signature :" + ByteHelper.byteArrayToString(signature.toByteArray()));
System.out.println("SecurityHelper.checkSecuredProfileAndExtractPayload: aaSigningPublicKeyX:" + ByteHelper.byteArrayToString(aaSigningPublicKeyX)); TERFactory.getInstance().logDebug("SecurityHelper.checkSecuredProfileAndExtractPayload: aaSigningPublicKeyX:" + ByteHelper.byteArrayToString(aaSigningPublicKeyX));
System.out.println("SecurityHelper.checkSecuredProfileAndExtractPayload: aaSigningPublicKeyY:" + ByteHelper.byteArrayToString(aaSigningPublicKeyY)); TERFactory.getInstance().logDebug("SecurityHelper.checkSecuredProfileAndExtractPayload: aaSigningPublicKeyY:" + ByteHelper.byteArrayToString(aaSigningPublicKeyY));
System.err.println("SecurityHelper.checkSecuredProfileAndExtractPayload: Drop packet - Invalid signature"); TERFactory.getInstance().logError("SecurityHelper.checkSecuredProfileAndExtractPayload: Drop packet - Invalid signature");
return null; return null;
} }
...@@ -187,19 +203,19 @@ public class SecurityHelper { ...@@ -187,19 +203,19 @@ public class SecurityHelper {
} }
// Drop packet // Drop packet
System.err.println("<<< SecurityHelper.checkSecuredProfileAndExtractPayload: dropped"); TERFactory.getInstance().logError("<<< SecurityHelper.checkSecuredProfileAndExtractPayload: dropped");
return null; return null;
} }
return payload; return payload;
} }
public boolean checkHeaderfields(final byte[] p_headerfields, final ByteArrayOutputStream p_keys, final boolean p_enforceSecurityCheck, final int p_itsAidOther) { public boolean checkHeaderfields(final byte[] p_headerfields, final ByteArrayOutputStream p_keys, final boolean p_enforceSecurityCheck, final int p_itsAidOther, Map<String, Object> lowerInfo) {
System.out.println(">>> SecurityHelper.checkHeaderfields: " + ByteHelper.byteArrayToString(p_headerfields)); TERFactory.getInstance().logDebug(">>> SecurityHelper.checkHeaderfields: " + ByteHelper.byteArrayToString(p_headerfields));
// Sanity check // Sanity check
if (p_headerfields.length == 0) { if (p_headerfields.length == 0) {
System.err.println("SecurityHelper.checkHeaderfields: Drop packet - Invalid header fields"); TERFactory.getInstance().logError("SecurityHelper.checkHeaderfields: Drop packet - Invalid header fields");
return false; return false;
} }
// Extract digest or certificate // Extract digest or certificate
...@@ -212,7 +228,7 @@ public class SecurityHelper { ...@@ -212,7 +228,7 @@ public class SecurityHelper {
(p_headerfields[signerInfoTypeIndex + 1] != 0x03) // SignerInfo Type: certificate chain (3) (p_headerfields[signerInfoTypeIndex + 1] != 0x03) // SignerInfo Type: certificate chain (3)
) )
) { ) {
System.err.println("SecurityHelper.checkHeaderfields: Drop packet - Certificate"); TERFactory.getInstance().logError("SecurityHelper.checkHeaderfields: Drop packet - Certificate");
if (p_enforceSecurityCheck) { if (p_enforceSecurityCheck) {
// Drop it // Drop it
return false; return false;
...@@ -222,19 +238,19 @@ public class SecurityHelper { ...@@ -222,19 +238,19 @@ public class SecurityHelper {
if (p_headerfields[signerInfoTypeIndex] == 0x02) { // SignerInfo Type: Certificate (2) if (p_headerfields[signerInfoTypeIndex] == 0x02) { // SignerInfo Type: Certificate (2)
signerInfoTypeIndex += 1; signerInfoTypeIndex += 1;
// Extract certificate because of it is an Other message profile // Extract certificate because of it is an Other message profile
byte[] certificate = decodeCertificate(p_headerfields, signerInfoTypeIndex, p_keys, p_enforceSecurityCheck); byte[] certificate = decodeCertificate(p_headerfields, signerInfoTypeIndex, p_keys, p_enforceSecurityCheck, lowerInfo);
if (certificate == null) { if (certificate == null) {
System.err.println("SecurityHelper.checkHeaderfields: Drop packet - Certificate not decoded"); TERFactory.getInstance().logError("SecurityHelper.checkHeaderfields: Drop packet - Certificate not decoded");
if (p_enforceSecurityCheck) { if (p_enforceSecurityCheck) {
// Drop it // Drop it
return false; return false;
} }
} }
System.out.println("SecurityHelper.checkHeaderfields: Certificate=" + ByteHelper.byteArrayToString(certificate)); TERFactory.getInstance().logDebug("SecurityHelper.checkHeaderfields: Certificate=" + ByteHelper.byteArrayToString(certificate));
// Add it in our map