STF507: Bug fixed in decodeCertificate method

21f372c6 · garciay · 7b1508fd · 21f372c6
Commit 21f372c6 authored Mar 16, 2016 by garciay
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 4 deletions

javasrc/adapter/org/etsi/its/adapter/SecurityHelper.java javasrc/adapter/org/etsi/its/adapter/SecurityHelper.java +7 -4

No files found.
--- a/javasrc/adapter/org/etsi/its/adapter/SecurityHelper.java
+++ b/javasrc/adapter/org/etsi/its/adapter/SecurityHelper.java
@@ -212,7 +212,7 @@ public class SecurityHelper {
        if (p_headerfields[signerInfoTypeIndex] == 0x02) { //  SignerInfo Type: Certificate (2)
            signerInfoTypeIndex += 1;
            // Extract certificate because of it is an Other message profile
-            byte[] certificate = decodeCertificate(p_headerfields, signerInfoTypeIndex, p_keys);
+            byte[] certificate = decodeCertificate(p_headerfields, signerInfoTypeIndex, p_keys, p_enforceSecurityCheck);
            if (certificate == null) {
                System.err.println("SecurityHelper.checkHeaderfields: Drop packet - Certificate not decoded");
                if (p_enforceSecurityCheck) { 
@@ -261,7 +261,7 @@ public class SecurityHelper {
            do {
                // Extract certificate because of it is an Other message profile
                keys = new ByteArrayOutputStream();
-                byte[] certificate = decodeCertificate(p_headerfields, signerInfoTypeIndex, keys);
+                byte[] certificate = decodeCertificate(p_headerfields, signerInfoTypeIndex, keys, p_enforceSecurityCheck);
                if (certificate == null) {
                    // Drop it
                    System.err.println("SecurityHelper.checkHeaderfields: Drop packet - Failed to decode chain of certificate");
@@ -345,7 +345,7 @@ public class SecurityHelper {
        return true;
    }
    
-    public byte[] decodeCertificate(final byte[] p_headerfields, final int p_offset, final ByteArrayOutputStream p_keys) { 
+    public byte[] decodeCertificate(final byte[] p_headerfields, final int p_offset, final ByteArrayOutputStream p_keys, final boolean p_enforceSecurityCheck) { 
        System.out.println(">>> SecurityHelper.decodeCertificate: " + ByteHelper.byteArrayToString(ByteHelper.extract(p_headerfields, p_offset, p_headerfields.length - p_offset)));
        
        ByteArrayInputStream headerfields = new ByteArrayInputStream(p_headerfields, p_offset, p_headerfields.length - p_offset);
@@ -356,7 +356,10 @@ public class SecurityHelper {
            cert.write((byte)headerfields.read());
            if (cert.toByteArray()[0] != 0x02) {
                System.err.println("SecurityHelper.decodeCertificate: Wrong version number");
-                return null;
+                if (p_enforceSecurityCheck) { 
+                    // Drop it
+                    return null;
+                } // else continue
            }
            // SignerInfo type
            byte signerInfoType = (byte)headerfields.read();