STF545: Add acPkiPort support for Pki. Conflict with acPort to be fixed

ccsrc/Externals/LibItsCommon_externals.cc

@@ -76,15 +76,13 @@ namespace LibItsCommon__Functions
     double d_lonA = ((double)p__longitudeA)/10000000.0;
     double d_lonB = ((double)p__longitudeB)/10000000.0;
 
-    double earth_radius = 6371000.0; //meters
-
     double d_lat = (d_latB  - d_latA) * (M_PI/180.0);
     double d_lon = (d_lonB - d_lonA) * (M_PI/180.0);
   
     double a = sin(d_lat/2)*sin(d_lat/2) + cos(d_latA*M_PI/180.0)*cos(d_latB*M_PI/180.0)*sin(d_lon/2)*sin(d_lon/2);
     double c = 2*atan2(sqrt(a), sqrt(1-a));
 
-    return FLOAT(earth_radius*c);
+    return FLOAT(earthRadius*c);
   }
 
   /*       * @desc    External function to compute a position using a reference position, a distance and an orientation 

ccsrc/Framework/params.hh

@@ -77,8 +77,11 @@ public: //! \publicsection
   static const std::string& interface_id;          //! Commsignia antenna selector
 
   static const std::string& server;                //! HTTP server address (e.g. www.etsi.org)
-  static const std::string& port;                  //! Commsignia HTTP server port. Default: 80
+  static const std::string& port;                  //! HTTP server port. Default: 80
   static const std::string& use_ssl;               //! Set to 1 to use SSL to communicate with the HTTP server. Default: false
+  static const std::string& uri;                   //! HTTP URI value. Default: /
+  static const std::string& host;                  //! HTTP Host value. Default: 127.0.0.1
+  static const std::string& content_type;          //! HTTP Content-type value. Default: application/text
 
   static const std::string& codecs;                //! List of codecs to use for HTTP application layers
 

ccsrc/Framework/src/params.cc

@@ -72,6 +72,9 @@ const std::string& params::interface_id = std::string("interface_id");
 const std::string& params::server = std::string("server");
 const std::string& params::port = std::string("port");
 const std::string& params::use_ssl = std::string("use_ssl");
+const std::string& params::uri = std::string("uri");
+const std::string& params::host = std::string("host");
+const std::string& params::content_type = std::string("content_type");
 
 const std::string& params::codecs = std::string("codecs");
 

ccsrc/Ports/LibIts_ports/Pki_ports/AdapterControlPort_Pki.partC

 #include <TTCN3.hh>
 
+#include "LibItsPki_TestSystem.hh"
+
 #include "loggers.hh"
 #include "registration.hh"
 
@@ -8,87 +10,87 @@
 //=============================================================================
 namespace LibItsPki__TestSystem {
 
-  AdapterControlPort::AdapterControlPort(const char *par_port_name)
-    : AdapterControlPort_BASE(par_port_name), _params()
+  AdapterControlPkiPort::AdapterControlPkiPort(const char *par_port_name)
+    : AdapterControlPkiPort_BASE(par_port_name), _params()
   {
-    loggers::get_instance().log("AdapterControlPort::AdapterControlPort");
+    loggers::get_instance().log("AdapterControlPkiPort::AdapterControlPkiPort");
 
 
   }
 
-  AdapterControlPort::~AdapterControlPort()
+  AdapterControlPkiPort::~AdapterControlPkiPort()
   {
 
   }
 
-  void AdapterControlPort::set_parameter(const char * parameter_name, const char * parameter_value)
+  void AdapterControlPkiPort::set_parameter(const char * parameter_name, const char * parameter_value)
   {
-    loggers::get_instance().log("AdapterControlPort::set_parameter: %s=%s", parameter_name, parameter_value);
+    loggers::get_instance().log("AdapterControlPkiPort::set_parameter: %s=%s", parameter_name, parameter_value);
 
   }
 
-  /*void AdapterControlPort::Handle_Fd_Event(int fd, boolean is_readable,
+  /*void AdapterControlPkiPort::Handle_Fd_Event(int fd, boolean is_readable,
     boolean is_writable, boolean is_error) {}*/
 
-  void AdapterControlPort::Handle_Fd_Event_Error(int /*fd*/)
+  void AdapterControlPkiPort::Handle_Fd_Event_Error(int /*fd*/)
   {
 
   }
 
-  void AdapterControlPort::Handle_Fd_Event_Writable(int /*fd*/)
+  void AdapterControlPkiPort::Handle_Fd_Event_Writable(int /*fd*/)
   {
 
   }
 
-  void AdapterControlPort::Handle_Fd_Event_Readable(int /*fd*/)
+  void AdapterControlPkiPort::Handle_Fd_Event_Readable(int /*fd*/)
   {
 
   }
 
-  /*void AdapterControlPort::Handle_Timeout(double time_since_last_call) {}*/
+  /*void AdapterControlPkiPort::Handle_Timeout(double time_since_last_call) {}*/
 
-  void AdapterControlPort::user_map(const char * system_port)
+  void AdapterControlPkiPort::user_map(const char * system_port)
   {
-    loggers::get_instance().log(">>> AdapterControlPort::user_map: %s", system_port);
+    loggers::get_instance().log(">>> AdapterControlPkiPort::user_map: %s", system_port);
 
   }
 
-  void AdapterControlPort::user_unmap(const char * system_port)
+  void AdapterControlPkiPort::user_unmap(const char * system_port)
   {
-    loggers::get_instance().log(">>> AdapterControlPort::user_unmap: %s", system_port);
+    loggers::get_instance().log(">>> AdapterControlPkiPort::user_unmap: %s", system_port);
 
   }
 
-  void AdapterControlPort::user_start()
+  void AdapterControlPkiPort::user_start()
   {
 
   }
 
-  void AdapterControlPort::user_stop()
+  void AdapterControlPkiPort::user_stop()
   {
 
   }
 
-  void AdapterControlPort::outgoing_send(const LibItsPki__TypesAndValues::AcPkiPrimitive& send_par)
+  void AdapterControlPkiPort::outgoing_send(const LibItsPki__TypesAndValues::AcPkiPrimitive& send_par)
   {
-    loggers::get_instance().log_msg(">>> AdapterControlPort::outgoing_send: ", send_par);
+    loggers::get_instance().log_msg(">>> AdapterControlPkiPort::outgoing_send: ", send_par);
     
-    // Register this object for AdapterControlPort
+    // Register this object for AdapterControlPkiPort
     pki_layer* p = registration<pki_layer>::get_instance().get_item(std::string("PKI"));
     if (p != NULL) {
-      loggers::get_instance().log("AdapterControlPort::outgoing_send: Got PKI layer %p", p);
+      loggers::get_instance().log("AdapterControlPkiPort::outgoing_send: Got PKI layer %p", p);
       LibItsPki__TypesAndValues::AcPkiResponse response;
       response.result() = BOOLEAN(false);
       if (send_par.ischosen(LibItsPki__TypesAndValues::AcPkiPrimitive::ALT_acSetSecurityData)) {
-        loggers::get_instance().log("AdapterControlPort::outgoing_send: AcSetSecurityData");
+        loggers::get_instance().log("AdapterControlPkiPort::outgoing_send: AcSetSecurityData");
         p->set_pki_keys(send_par.acSetSecurityData());
         response.result() = BOOLEAN(true);
       }
       // Send response
-      loggers::get_instance().log_msg("AdapterControlPort::outgoing_send: Send response: ", response);
+      loggers::get_instance().log_msg("AdapterControlPkiPort::outgoing_send: Send response: ", response);
       incoming_message(response);
     } else {
-      loggers::get_instance().error("AdapterControlPort::outgoing_send: pkiPort not registered");
+      loggers::get_instance().error("AdapterControlPkiPort::outgoing_send: pkiPort not registered");
     }
   }
 

ccsrc/Ports/LibIts_ports/Pki_ports/AdapterControlPort_Pki.partH

@@ -3,14 +3,18 @@
 
 #include "params.hh"
 
+namespace LibItsPki__TypesAndValues {
+  class AcPkiPrimitive;
+}
+
 namespace LibItsPki__TestSystem {
 
-class AdapterControlPort : public AdapterControlPort_BASE {
-        params _params;
+class AdapterControlPkiPort : public AdapterControlPkiPort_BASE {
+  params _params;
 	
 public:
-	AdapterControlPort(const char *par_port_name = NULL);
-	~AdapterControlPort();
+	AdapterControlPkiPort(const char *par_port_name = NULL);
+	~AdapterControlPkiPort();
 
 	void set_parameter(const char *parameter_name,
 		const char *parameter_value);

ccsrc/Protocols/GeoNetworking/geonetworking_layer.cc

@@ -170,7 +170,7 @@ void geonetworking_layer::send_data(OCTETSTRING& data, params& params) {
   if (_device_mode) { // Need to build a GN packet
     params[params::certificate] = _params[params::certificate];
     params[params::hash] = _params[params::hash];
-    params[params::signature] = _params[params::signature];
+    params[params::signature] = _params[params::signature]; // TODO Should be removed
     if (build_geonetworking_pdu(data, params) != 0) {
       return;
     }
@@ -1075,7 +1075,7 @@ int geonetworking_layer::setup_secured_mode() {
   if (it == _params.cend()) {
     _params.insert(std::pair<std::string, std::string>(std::string("hash"), "SHA-256"));
   }
-  it = _params.find(params::signature);
+  it = _params.find(params::signature); // TODO Should be removed
   if (it == _params.cend()) {
     _params.insert(std::pair<std::string, std::string>(std::string("signature"), "NISTP-256"));
   }

ccsrc/Protocols/Http/http_layer.cc

@@ -11,7 +11,7 @@ using namespace std; // Required for isnan()
 #include "LibItsHttp_TypesAndValues.hh"
 #include "LibItsHttp_TestSystem.hh"
 
-http_layer::http_layer(const std::string & p_type, const std::string & param) : t_layer<LibItsHttp__TestSystem::HttpPort>(p_type), _params()//, _device_mode{false}
+http_layer::http_layer(const std::string & p_type, const std::string & param) : t_layer<LibItsHttp__TestSystem::HttpPort>(p_type), _params(), _device_mode{false}
 {
   loggers::get_instance().log(">>> http_layer::http_layer: %s, %s", to_string().c_str(), param.c_str());
   // Setup parameters
@@ -21,6 +21,22 @@ http_layer::http_layer(const std::string & p_type, const std::string & param) :
   if (it != _params.cend()) {
     _codec.set_payload_codecs(it->second);
   }
+  it = _params.find(params::device_mode);
+  if (it != _params.cend()) {
+    _device_mode = (1 == converter::get_instance().string_to_int(it->second));
+  }
+  it = _params.find(params::uri);
+  if (it == _params.cend()) {
+    _params[params::uri] = "/";
+  }
+  it = _params.find(params::host);
+  if (it == _params.cend()) {
+    _params[params::host] = "127.0.0.1";
+  }
+  it = _params.find(params::content_type);
+  if (it == _params.cend()) {
+    _params[params::content_type] = "application/text";
+  }
 }
 
 void http_layer::sendMsg(const LibItsHttp__TypesAndValues::HttpMessage& p_http_message, params& p_param) {
@@ -34,7 +50,29 @@ void http_layer::sendMsg(const LibItsHttp__TypesAndValues::HttpMessage& p_http_m
 
 void http_layer::send_data(OCTETSTRING& data, params& params) {
   loggers::get_instance().log_msg(">>> http_layer::send_data: ", data);
-
+  
+  if (_device_mode) { // Need to build an HTTP packet
+    loggers::get_instance().log("http_layer::send_data: Build http layer");
+    TTCN_Buffer buffer;
+    buffer.put_cs("GET");
+    buffer.put_c(' ');
+    buffer.put_cs(_params[params::uri].c_str());
+    buffer.put_cs(" HTTP/1.1\r\n");
+    buffer.put_cs("Host: ");
+    buffer.put_cs(_params[params::host].c_str());
+    buffer.put_cs("\r\n");
+    buffer.put_cs("Content-type: ");
+    buffer.put_cs(_params[params::content_type].c_str());
+    buffer.put_cs("\r\n");
+    buffer.put_cs("Content-length: ");
+    buffer.put_cs(static_cast<const char*>(int2str(data.lengthof() + 2/*Stand for the last CRLF*/)));
+    buffer.put_cs("\r\n\r\n");
+    buffer.put_os(data);
+    buffer.put_cs("\r\n");
+    data = OCTETSTRING(buffer.get_len(), buffer.get_data());
+  }
+  
+  loggers::get_instance().log_msg("http_layer::send_data: ", data);
   send_to_all_layers(data, params);
 }
 
@@ -48,9 +86,39 @@ void http_layer::receive_data(OCTETSTRING& data, params& params)
     loggers::get_instance().warning("http_layer::receive_data: Failed to decode data");
     return;
   }
-  
-  // Pass it to the ports
-  to_all_upper_ports(http_message, params);
+  if (_device_mode) {
+    OCTETSTRING os;
+    if (http_message.ischosen(LibItsHttp__TypesAndValues::HttpMessage::ALT_response)) {
+      if (http_message.response().body().ispresent()) {
+        LibItsHttp__MessageBodyTypes::HttpMessageBody& body = static_cast<LibItsHttp__MessageBodyTypes::HttpMessageBody&>(*http_message.response().body().get_opt_value());
+        if (body.ischosen(LibItsHttp__MessageBodyTypes::HttpMessageBody::ALT_binary__body)) {
+          LibItsHttp__BinaryMessageBodyTypes::BinaryBody& binary = body.binary__body();
+          if (binary.ischosen(LibItsHttp__BinaryMessageBodyTypes::BinaryBody::ALT_raw)) {
+            os = binary.raw();
+          } else {
+            loggers::get_instance().warning("http_layer::receive_data: A raw binary payload is expected");
+          }
+        } else if (body.ischosen(LibItsHttp__MessageBodyTypes::HttpMessageBody::ALT_html__body)){
+          // TODO To be done
+          loggers::get_instance().warning("http_layer::receive_data: Not implemented yet");
+        } else if (body.ischosen(LibItsHttp__MessageBodyTypes::HttpMessageBody::ALT_xml__body)){ 
+          // TODO To be done
+          loggers::get_instance().warning("http_layer::receive_data: Not implemented yet");
+        } else if (body.ischosen(LibItsHttp__MessageBodyTypes::HttpMessageBody::ALT_text__body)){
+          // TODO To be done
+          loggers::get_instance().warning("http_layer::receive_data: Not implemented yet");
+        }
+        receive_to_all_layers(os, params);
+      } else {
+        loggers::get_instance().warning("http_layer::receive_data: No body present");
+      }
+    } else {
+      loggers::get_instance().warning("http_layer::receive_data: An HTTP response is expected");
+    }
+  } else {
+    // Pass it to the ports
+    to_all_upper_ports(http_message, params);
+  }
 }
 
 http_layer_factory http_layer_factory::_f;

ccsrc/Protocols/Http/http_layer.hh

@@ -33,6 +33,7 @@ class OCTETSTRING; //! Forward declaration of TITAN class
 class http_layer : public t_layer<LibItsHttp__TestSystem::HttpPort> {
   params _params;
   http_codec _codec;
+  bool _device_mode;
 
 public: //! \publicsection
   /*!
@@ -41,7 +42,7 @@ public: //! \publicsection
    * \param[in] p_type \todo
    * \param[in] p_param \todo
    */
-  http_layer() : t_layer(), _params() { };
+  http_layer() : t_layer(), _params(), _device_mode{false} { };
   /*!
    * \brief Specialised constructor
    *        Create a new instance of the http_layer class

ccsrc/Protocols/Pki/pki_layer.cc

@@ -30,22 +30,19 @@ pki_layer::pki_layer(const std::string & p_type, const std::string & param) : t_
   }
   it = _params.find(params::peer_certificate);
   if (it == _params.cend()) {
-    _params[params::certificate] = "CERT_IUT_A_EA";
+    _params[params::peer_certificate] = "CERT_IUT_A_EA";
   }
   _params[params::its_aid] = "2468";
   _params[params::payload_type] = "";
-  _params[params::signature] = "NISTP-256";
+  _params[params::signature] = "NISTP-256"; // TODO Should be removed
   _params[params::encrypted_mode] = "1";
+  _params[params::hash] = "SHA-256"; // TODO Should be removed
 
   // Register this object for AdapterControlPort
   loggers::get_instance().log("pki_layer::pki_layer: Register %s/%p", p_type.c_str(), this);
   registration<pki_layer>::get_instance().add_item(p_type, this);
 }
 
-void pki_layer::set_pki_keys(const LibItsPki__TypesAndValues::AcSetSecurityData& p_ac_set_security_data) {
-  _ac_set_security_data.reset(new LibItsPki__TypesAndValues::AcSetSecurityData(p_ac_set_security_data));
-}
-
 void pki_layer::sendMsg(const EtsiTs102941TypesEnrolment::InnerEcRequest& p_inner_ec_request, params& p_param) {
   loggers::get_instance().log_msg(">>> pki_layer::sendMsg: ", p_inner_ec_request);
 
@@ -57,19 +54,14 @@ void pki_layer::sendMsg(const EtsiTs102941TypesEnrolment::InnerEcRequest& p_inne
 
   OCTETSTRING inner_ec_request;
   _etsi_ts102941_types_enrolment_inner_request.encode(p_inner_ec_request, inner_ec_request);
-  // Build the EtsiTs103097Data-Signed
+  // Build the EtsiTs103097Data-Encrypted
   OCTETSTRING etsi_ts_102941_data;
-  if (generate_inner_ec_request_signed_for_pop(inner_ec_request, etsi_ts_102941_data, p_param) == -1) {
+  if (generate_inner_ec_request_signed_for_pop(inner_ec_request, etsi_ts_102941_data, _params) == -1) {
     loggers::get_instance().warning("pki_layer::sendMsg: Failed to generate InnerExRequestSignedForPop");
     return;
   }
-  // Secured the Pki message
-  OCTETSTRING signed_and_encrypted_data;
-  if (sign_and_encrypt_payload(etsi_ts_102941_data, signed_and_encrypted_data) == 0) {
-    loggers::get_instance().warning("pki_layer::sendMsg: Failed to secure Pki message");
-    return;
-  }
-  send_data(signed_and_encrypted_data, _params);
+  
+  send_data(etsi_ts_102941_data, _params);
 }
 
 void pki_layer::sendMsg(const EtsiTs102941TypesEnrolment::InnerEcResponse& p_inner_ec_response, params& p_param) {
@@ -79,7 +71,7 @@ void pki_layer::sendMsg(const EtsiTs102941TypesEnrolment::InnerEcResponse& p_inn
   _etsi_ts102941_types_enrolment_inner_response.encode(p_inner_ec_response, data);
   // Add security
   OCTETSTRING secured_data;
-  if (sign_and_encrypt_payload(data, secured_data) == 0) {
+  if (sign_and_encrypt_payload(data, secured_data, p_param) == 0) {
     send_data(data, _params);
   }
 }
@@ -94,27 +86,39 @@ void pki_layer::receive_data(OCTETSTRING& data, params& params)
 {
   loggers::get_instance().log_msg(">>> pki_layer::receive_data: ", data);
 
-  // // Decode HTTP message
-  // LibItsPki__TypesAndValues::HttpMessage pki_message;
-  // if (_codec.decode(data, pki_message) == -1) {
-  //   loggers::get_instance().warning("pki_layer::receive_data: Failed to decode data");
-  //   return;
-  // }
+  IEEE1609dot2::Ieee1609Dot2Data etsi_ts_1609dot2_data;
+  if (decrypt_and_check_signature(data, etsi_ts_1609dot2_data, _params) == -1) {
+    loggers::get_instance().warning("pki_layer::sendMsg: Failed to secure Pki message");
+    return;
+  }
   
-  // // Pass it to the ports
-  // to_all_upper_ports(pki_message, params);
+  // Pass it to the ports
+  //to_all_upper_ports(pki_message, params);
+}
+
+void pki_layer::set_pki_keys(const LibItsPki__TypesAndValues::AcSetSecurityData& p_ac_set_security_data) {
+  loggers::get_instance().log_msg(">>> pki_layer::set_pki_keys: ", p_ac_set_security_data);
+
+  _ac_set_security_data.reset(new LibItsPki__TypesAndValues::AcSetSecurityData(p_ac_set_security_data));
+  loggers::get_instance().log_msg("pki_layer::set_pki_keys: New data", *_ac_set_security_data);
+  _params[params::certificate] = p_ac_set_security_data.certificateId();
+  _params[params::peer_certificate] = p_ac_set_security_data.peer__certificateId();
 }
 
 int pki_layer::generate_inner_ec_request_signed_for_pop(const OCTETSTRING& p_inner_ec_request, OCTETSTRING& p_etsi_ts_102941_data, params& p_params) {
   loggers::get_instance().log_msg(">>> pki_layer::generate_inner_ec_request_signed_for_pop: ", p_inner_ec_request);
 
+  // Re-configure default parameters
+  params p(p_params);
+  p[params::peer_certificate] = p[params::certificate]; // ETSI TS 102 941 Clause 6.2.3.2.1	Enrolment request 
+  
   // Set unsecured data
   IEEE1609dot2::Ieee1609Dot2Content unsecured_data_content;
   unsecured_data_content.unsecuredData() = p_inner_ec_request;
   IEEE1609dot2::Ieee1609Dot2Data unsecured_data(security_services::get_instance().get_protocol_version(), unsecured_data_content);
   // Set hash algorithm
   IEEE1609dot2BaseTypes::HashAlgorithm hashId(IEEE1609dot2BaseTypes::HashAlgorithm::sha256);
-  if (p_params[params::hash].compare("SHA-384") == 0) {
+  if (p[params::hash].compare("SHA-384") == 0) {
     hashId = IEEE1609dot2BaseTypes::HashAlgorithm::sha384;
   }
   // Set SignedDataPayload
@@ -122,68 +126,89 @@ int pki_layer::generate_inner_ec_request_signed_for_pop(const OCTETSTRING& p_inn
   payload.data() = unsecured_data;
   payload.extDataHash().set_to_omit();
   IEEE1609dot2::HeaderInfo header_info;
-  // Set secured field
-  header_info.psid() = converter::get_instance().string_to_int(p_params[params::its_aid]);
+  header_info.psid() = converter::get_instance().string_to_int(p[params::its_aid]);
+  unsigned long long ms = base_time::get_instance().get_its_current_time();
+  INTEGER i;
+  i.set_long_long_val((unsigned int)ms);
+  header_info.generationTime() = OPTIONAL<INTEGER>(i);
   header_info.expiryTime().set_to_omit();
   header_info.generationLocation().set_to_omit();
   header_info.p2pcdLearningRequest().set_to_omit();
   header_info.missingCrlIdentifier().set_to_omit();
   header_info.encryptionKey().set_to_omit();
-  unsigned long long ms = base_time::get_instance().get_its_current_time();
-  INTEGER i;
-  i.set_long_long_val((unsigned int)ms);
-  header_info.generationTime() = OPTIONAL<INTEGER>(i);
   header_info.inlineP2pcdRequest().set_to_omit();
   header_info.requestedCertificate().set_to_omit();
 
   IEEE1609dot2::ToBeSignedData tbs_data;
   tbs_data.payload() = payload;
   tbs_data.headerInfo() = header_info;
-  loggers::get_instance().log_msg("pki_layer::sign_payload: tbs_data = ", tbs_data);
-  // Sign the ToBeSignedData data structure
+  loggers::get_instance().log_msg("pki_layer::generate_inner_ec_request_signed_for_pop: tbs_data = ", tbs_data);
+  // Sign the ToBeSignedData data structure using the private key of the requested certificate
+  loggers::get_instance().log_msg("pki_layer::generate_inner_ec_request_signed_for_pop: Private key = ", _ac_set_security_data->private__key());
   IEEE1609dot2BaseTypes::Signature signature;
-  /* TODOD Sign with private key if (security_services::get_instance().sign_tbs_data(tbs_data, hashId, signature, p_params) != 0) {
-    loggers::get_instance().warning("pki_layer::sign_payload: Failed to secure payload");
+  if (security_services::get_instance().sign_tbs_data(tbs_data, hashId, _ac_set_security_data->private__key(), signature, p) != 0) {
+    loggers::get_instance().warning("pki_layer::generate_inner_ec_request_signed_for_pop: Failed to secure payload");
     return -1;
-  }*/
+  }
+  // Finalyse the EtsiTs103097Data-Signed
   IEEE1609dot2::SignerIdentifier signer;
-  signer.self__() = ASN_NULL();
+  signer.self__() = ASN_NULL_VALUE;
   IEEE1609dot2::SignedData signed_data(hashId, tbs_data, signer, signature);
-  loggers::get_instance().log_msg("pki_layer::sign_payload: signed_data = ", signed_data);
+  loggers::get_instance().log_msg("pki_layer::generate_inner_ec_request_signed_for_pop: signed_data = ", signed_data);
   IEEE1609dot2::Ieee1609Dot2Content ieee_dot2_content;
   ieee_dot2_content.signedData() = signed_data;
   IEEE1609dot2::Ieee1609Dot2Data ieee_1609dot2_data(pki_layer::ProtocolVersion, ieee_dot2_content);
-  loggers::get_instance().log_msg("pki_layer::sign_payload: ieee_1609dot2_data = ", ieee_1609dot2_data);
-  // Set EtsiTs102941Data layer
+  loggers::get_instance().log_msg("pki_layer::generate_inner_ec_request_signed_for_pop: ieee_1609dot2_data = ", ieee_1609dot2_data);
+  // Create the EtsiTs102941Data layer (InnerEcRequestSignedForPop)
   EtsiTs102941MessagesItss::EtsiTs102941Data etsi_ts_102941_data;
   etsi_ts_102941_data.content().enrolmentRequest() = ieee_1609dot2_data;
-  _codec.encode(ieee_1609dot2_data, p_etsi_ts_102941_data);
-  if (!p_etsi_ts_102941_data.is_bound()) {
-    loggers::get_instance().warning("pki_layer::sign_payload: Failed to encode Ieee1609Dot2Data");
+  loggers::get_instance().log_msg("pki_layer::generate_inner_ec_request_signed_for_pop: InnerEcRequestSignedForPop: ", etsi_ts_102941_data);
+  OCTETSTRING os;
+  _codec.encode(ieee_1609dot2_data, os);
+  if (!os.is_bound()) {
+    loggers::get_instance().warning("pki_layer::generate_inner_ec_request_signed_for_pop: Failed to encode InnerEcRequestSignedForPop");
+    return -1;
+  }
+  loggers::get_instance().log_msg("pki_layer::generate_inner_ec_request_signed_for_pop: ", os);
+  // Secured the EtsiTs102941Data layer
+  if (sign_and_encrypt_payload(os, p_etsi_ts_102941_data, p) == -1) {
+    loggers::get_instance().warning("pki_layer::generate_inner_ec_request_signed_for_pop: Failed to secure Pki message");
     return -1;
   }
 
+  loggers::get_instance().log_msg("<<< pki_layer::generate_inner_ec_request_signed_for_pop: ", p_etsi_ts_102941_data);
   return 0;
 }
 
-
-
-int pki_layer::sign_and_encrypt_payload(const OCTETSTRING& p_data, OCTETSTRING& p_secured_data) {
-  loggers::get_instance().log_msg(">>> pki_layer::sign_and_encrypt_payload: ", p_data);
+int pki_layer::sign_and_encrypt_payload(const OCTETSTRING& p_etsi_ts_102941_data, OCTETSTRING& p_secured_data, params& p_params) {
+  loggers::get_instance().log_msg(">>> pki_layer::sign_and_encrypt_payload: ", p_etsi_ts_102941_data);
 
   // 1. Signed the data
   OCTETSTRING signed_data;
-  if (security_services::get_instance().sign_payload(p_data, signed_data, _params) == -1) {
+  if (security_services::get_instance().sign_payload(p_etsi_ts_102941_data, signed_data, p_params) == -1) {
     loggers::get_instance().warning("http_etsi_ieee1609dot2_codec::encode: Failed to sign data");
     return -1;
   }
   loggers::get_instance().log_msg("pki_layer::sign_and_encrypt_payload: signed_data=", signed_data);
   // 2. Encrypt the signed packet
-  if (security_services::get_instance().encrypt_gn_payload(signed_data, p_secured_data, _params) == -1) {
-    loggers::get_instance().warning("http_etsi_ieee1609dot2_codec::encode: Failed to encrypt data");
+  if (security_services::get_instance().encrypt_gn_payload(signed_data, p_secured_data, p_params) == -1) {
+    loggers::get_instance().warning("http_etsi_ieee1609dot2_codec::sign_and_encrypt_payload: Failed to encrypt data");
+    return -1;
+  }
+  loggers::get_instance().log_msg("<<< http_etsi_ieee1609dot2_codec::sign_and_encrypt_payload: ", p_secured_data);
+  
+  return 0;
+}
+
+int pki_layer::decrypt_and_check_signature(const OCTETSTRING& p_signed_and_encrypted_data, IEEE1609dot2::Ieee1609Dot2Data& p_etsi_ts_1609dot2_data, params& p_params) {
+  loggers::get_instance().log_msg(">>> pki_layer::decrypt_and_check_signature: ", p_signed_and_encrypted_data);
+
+  // 1. Decrypt the Pki message
+  OCTETSTRING os;
+  if (security_services::get_instance().decrypt_gn_payload(p_signed_and_encrypted_data, os, p_params) == -1) {
+    loggers::get_instance().warning("http_etsi_ieee1609dot2_codec::decrypt_and_check_signature: Failed to encrypt data");
     return -1;
   }
-  loggers::get_instance().log_msg("<<< http_etsi_ieee1609dot2_codec::encode: ", p_secured_data);
   
   return 0;
 }

ccsrc/Protocols/Pki/pki_layer.hh

@@ -106,10 +106,12 @@ private:
 
   /*!
    * \fn int sign_and_encrypt_payload(const OCTETSTRING& p_data, OCTETSTRING& p_secured_data);
-   * \brief Sign and encryptpayload
-   * \param[in] p_data The bytes formated data received
+   * \brief Sign and encrypt payload
+   * \param[in] p_etsi_ts_102941_data The encoded form of the EtsiTs102941Data message
+   * \param[out] p_secured_data The secured Pki message
    * \param[in] p_params Some lower layers parameters values when data was received
    */
-  int sign_and_encrypt_payload(const OCTETSTRING& p_data, OCTETSTRING& p_secured_data);
+  int sign_and_encrypt_payload(const OCTETSTRING& p_etsi_ts_102941_data, OCTETSTRING& p_secured_data, params& p_params);
+  int decrypt_and_check_signature(const OCTETSTRING& p_signed_and_encrypted_data, IEEE1609dot2::Ieee1609Dot2Data& p_etsi_ts_1609dot2_data, params& p_params);
 }; // End of class pki_layer
 

ccsrc/Protocols/Security/security_cache.cc

@@ -23,8 +23,8 @@ using namespace std; // Required for isnan()
 #include "loggers.hh"
 
 bool security_cache_comp::operator()(const OCTETSTRING& p_lhs, const OCTETSTRING& p_rhs) const {
-  loggers::get_instance().log_msg(">>> security_cache_comp::operator(): ", p_lhs);
-  loggers::get_instance().log_msg(">>> security_cache_comp::operator(): ", p_rhs);
+  loggers::get_instance().log_msg(">>> security_cache_comp::operator(): p_lhs= ", p_lhs);
+  loggers::get_instance().log_msg(">>> security_cache_comp::operator(): p_rhs= ", p_rhs);
   unsigned char* first1 = (unsigned char*)static_cast<const unsigned char*>(p_lhs);
   unsigned char* first2 = (unsigned char*)static_cast<const unsigned char*>(p_rhs);
   unsigned char* last1 = p_lhs.lengthof() + (unsigned char*)static_cast<const unsigned char*>(p_lhs);
@@ -297,8 +297,11 @@ int security_cache::store_certificate(const CHARSTRING& p_cert_id, const OCTETST
   //std::vector<unsigned char> v(static_cast<const unsigned char*>(hashed_id8), hashed_id8.lengthof() + static_cast<const unsigned char*>(hashed_id8));
   //std::map<std::vector<unsigned char>, std::string>::const_iterator h = _hashed_id8s.find(v);
   if (h != _hashed_id8s.cend()) {
+    loggers::get_instance().log_msg("security_cache::store_certificate: Replace entry ", h->first);
     _hashed_id8s.erase(h);
   }
+  loggers::get_instance().log_msg("security_cache::store_certificate: Add entry ", hashed_id8);
+  loggers::get_instance().log("security_cache::store_certificate: Add entry for key %s", key.c_str());
   _hashed_id8s.insert(std::pair<OCTETSTRING, std::string&>(hashed_id8, key));
   //_hashed_id8s.insert(std::pair<std::vector<unsigned char>, std::string&>(v, key));
   
@@ -327,6 +330,7 @@ void security_cache::dump() const {
     loggers::get_instance().log_msg