Commit 353cf4db authored by garciay's avatar garciay
Browse files

Enahance certificate loader

parent cab6e9e7
......@@ -951,7 +951,7 @@ namespace LibItsSecurity__Functions
return TRUE;
}
BOOLEAN fx__store__certificate(const CHARSTRING& p__cert__id, const OCTETSTRING& p__cert, const OCTETSTRING& p__private__key, const OCTETSTRING& p__public__key__x, const OCTETSTRING& p__public__key__y, const OCTETSTRING& p__public__key__compressed, const INTEGER& p__public__key__compressed__mode, const OCTETSTRING& p__hashid8, const OCTETSTRING& p__issuer, const OCTETSTRING_template& p__private__enc__key, const OCTETSTRING_template& p__public__enc__key__x, const OCTETSTRING_template& p__public__enc__key__y, const OCTETSTRING_template& p__public__enc__compressed__key, const INTEGER_template& p__public__enc__key__compressed__mode) {
BOOLEAN fx__store__certificate(const CHARSTRING& p__cert__id, const OCTETSTRING& p__cert, const OCTETSTRING& p__private__key, const OCTETSTRING& p__public__key__x, const OCTETSTRING& p__public__key__y, const OCTETSTRING& p__public__key__compressed, const INTEGER& p__public__key__compressed__mode, const OCTETSTRING& p__hash, const OCTETSTRING& p__hashid8, const OCTETSTRING& p__issuer, const OCTETSTRING_template& p__private__enc__key, const OCTETSTRING_template& p__public__enc__key__x, const OCTETSTRING_template& p__public__enc__key__y, const OCTETSTRING_template& p__public__enc__compressed__key, const INTEGER_template& p__public__enc__key__compressed__mode) {
loggers::get_instance().log(">>> fx__store__certificate: '%s'", static_cast<const char*>(p__cert__id));
int result;
......@@ -959,9 +959,9 @@ namespace LibItsSecurity__Functions
const OCTETSTRING private_enc_key = p__private__enc__key.valueof();
const OCTETSTRING public_enc_key_x = p__public__enc__key__x.valueof();
const OCTETSTRING public_enc_key_y = p__public__enc__key__y.valueof();
result = security_services::get_instance().store_certificate(p__cert__id, p__cert, p__private__key, p__public__key__x, p__public__key__y, p__public__key__compressed, p__public__key__compressed__mode, p__hashid8, p__issuer, p__private__enc__key.valueof(), p__public__enc__key__x.valueof(), p__public__enc__key__y.valueof(), p__public__enc__compressed__key.valueof(), p__public__enc__key__compressed__mode.valueof());
result = security_services::get_instance().store_certificate(p__cert__id, p__cert, p__private__key, p__public__key__x, p__public__key__y, p__public__key__compressed, p__public__key__compressed__mode, p__hash, p__hashid8, p__issuer, p__private__enc__key.valueof(), p__public__enc__key__x.valueof(), p__public__enc__key__y.valueof(), p__public__enc__compressed__key.valueof(), p__public__enc__key__compressed__mode.valueof());
} else {
result = security_services::get_instance().store_certificate(p__cert__id, p__cert, p__private__key, p__public__key__x, p__public__key__y, p__public__key__compressed, p__public__key__compressed__mode, p__hashid8, p__issuer, OCTETSTRING(0, nullptr), OCTETSTRING(0, nullptr), OCTETSTRING(0, nullptr), OCTETSTRING(0, nullptr), INTEGER(-1));
result = security_services::get_instance().store_certificate(p__cert__id, p__cert, p__private__key, p__public__key__x, p__public__key__y, p__public__key__compressed, p__public__key__compressed__mode, p__hash, p__hashid8, p__issuer, OCTETSTRING(0, nullptr), OCTETSTRING(0, nullptr), OCTETSTRING(0, nullptr), OCTETSTRING(0, nullptr), INTEGER(-1));
}
return (result == 0);
......
......@@ -19,6 +19,7 @@
#include <experimental/filesystem>
#include "security_db_record.hh"
#include "security_ecc.hh"
namespace IEEE1609dot2BaseTypes {
class EccP256CurvePoint; //! Declare TITAN class
......@@ -31,15 +32,9 @@ namespace IEEE1609dot2BaseTypes {
* \remark Singleton pattern
*/
class certificates_loader {
std::string _certificateExt; //! COER encoding certificate extension. Default: .oer
std::string _privateKeyExt; //! Private signing key extension. Default: .vkey
std::string _privateEncKeyExt; //! Private cyphering key extension. Default: .ekey
std::string _publicKeysExt;
std::string _publicCompKeysExt;
std::string _publicEncKeysExt;
std::string _hashedidDigestExt;
std::string _issuerDigestExt;
std::string _publicEncCompKeysExt;
std::string _certificateExt; //! COER encoding certificate extension. Default: .oer
std::string _privateKeyExt; //! Private signing key extension. Default: .vkey
std::string _privateEncKeyExt; //! Private cyphering key extension. Default: .ekey
std::experimental::filesystem::path _full_path; //! The full folder path to load certificates
bool _is_cache_initialized; //! Set to true when certificates are successfully loaded from file system
std::set<std::string> _directory_filter; //! Directory filter (for local development purposes only)
......@@ -80,6 +75,6 @@ private:
int build_certificates_cache(std::set<std::experimental::filesystem::path>& p_files, std::map<std::string, std::unique_ptr<security_db_record> >& p_certificates, std::map<OCTETSTRING, std::string>& p_hashed_id8s);
void fill_public_key_vectors(const IEEE1609dot2BaseTypes::EccP256CurvePoint& p_ecc_point, OCTETSTRING& p_public_comp_key, OCTETSTRING& p_public_key_x, OCTETSTRING& p_public_key_y);
void fill_public_key_vectors(const IEEE1609dot2BaseTypes::EccP384CurvePoint& p_ecc_point, OCTETSTRING& p_public_comp_key, OCTETSTRING& p_public_key_x, OCTETSTRING& p_public_key_y);
void fill_public_key_vectors(const ec_elliptic_curves p_elliptic_curve, const IEEE1609dot2BaseTypes::EccP256CurvePoint& p_ecc_point, OCTETSTRING& p_public_comp_key, OCTETSTRING& p_public_key_x, OCTETSTRING& p_public_key_y);
void fill_public_key_vectors(const ec_elliptic_curves p_elliptic_curve, const IEEE1609dot2BaseTypes::EccP384CurvePoint& p_ecc_point, OCTETSTRING& p_public_comp_key, OCTETSTRING& p_public_key_x, OCTETSTRING& p_public_key_y);
}; // End of class certificates_loader
......@@ -211,11 +211,11 @@ bool security_cache::fill_vector(OCTETSTRING& p_vector, const OCTETSTRING& p_org
return false;
}
int security_cache::store_certificate(const CHARSTRING& p_cert_id, const OCTETSTRING& p_cert, const OCTETSTRING& p_private_key, const OCTETSTRING& p_public_key_x, const OCTETSTRING& p_public_key_y, const OCTETSTRING& p_public_compressed_key, const INTEGER& p_public_compressed_key_mode, const OCTETSTRING& p_hashed_id8, const OCTETSTRING& p_issuer, const OCTETSTRING& p_private_enc_key, const OCTETSTRING& p_public_enc_key_x, const OCTETSTRING& p_public_enc_key_y, const OCTETSTRING& p_public_enc_compressed_key, const INTEGER& p_public_enc_compressed_key_mode) {
int security_cache::store_certificate(const CHARSTRING& p_cert_id, const OCTETSTRING& p_cert, const OCTETSTRING& p_private_key, const OCTETSTRING& p_public_key_x, const OCTETSTRING& p_public_key_y, const OCTETSTRING& p_public_compressed_key, const INTEGER& p_public_compressed_key_mode, const OCTETSTRING& p_hash, const OCTETSTRING& p_hashed_id8, const OCTETSTRING& p_issuer, const OCTETSTRING& p_private_enc_key, const OCTETSTRING& p_public_enc_key_x, const OCTETSTRING& p_public_enc_key_y, const OCTETSTRING& p_public_enc_compressed_key, const INTEGER& p_public_enc_compressed_key_mode) {
loggers::get_instance().log_msg(">>> security_cache::store_certificate: ", p_cert_id);
std::string key(static_cast<const char*>(p_cert_id));
OCTETSTRING cert, private_key, public_key_x, public_key_y, public_comp_key, hashed_id8, issuer;
OCTETSTRING cert, private_key, public_key_x, public_key_y, public_comp_key, hash, hashed_id8, issuer;
OCTETSTRING private_enc_key, public_enc_key_x, public_enc_key_y, public_enc_comp_key;
security_cache::fill_vector(cert, p_cert);
......@@ -228,6 +228,7 @@ int security_cache::store_certificate(const CHARSTRING& p_cert_id, const OCTETST
loggers::get_instance().log_msg("security_cache::store_certificate: public_comp_key: ", public_comp_key);
}
security_cache::fill_vector(hash, p_hash);
security_cache::fill_vector(hashed_id8, p_hashed_id8);
security_cache::fill_vector(issuer, p_issuer);
......@@ -248,7 +249,8 @@ int security_cache::store_certificate(const CHARSTRING& p_cert_id, const OCTETST
cert, // Certificate
decoded_certificate,
issuer, // Hashed ID for the issuer
hashed_id8, // Hashed ID
hash, // Whole-certificate hash
hashed_id8, // Whole-certificate hashed ID
private_key, // Private key
public_key_x, // Public key X-coordinate
public_key_y, // Public key Y-coordinate
......
......@@ -56,7 +56,7 @@ public: /*! \publicsection */
int get_public_enc_keys(const std::string& p_certificate_id, OCTETSTRING& p_public_enc_key_x, OCTETSTRING& p_public_enc_key_y) const;
int get_public_enc_comp_key(const std::string& p_certificate_id, OCTETSTRING& p_public_enc_comp_key, INTEGER& p_enc_comp_mode) const;
virtual int store_certificate(const CHARSTRING& p_cert_id, const OCTETSTRING& p_cert, const OCTETSTRING& p_private_key, const OCTETSTRING& p_public_key_x, const OCTETSTRING& p_public_key_y, const OCTETSTRING& p_public_compressed_key, const INTEGER& p_public_compressed_key_mode, const OCTETSTRING& p_hashid8, const OCTETSTRING& p_issuer, const OCTETSTRING& p_private_enc_key, const OCTETSTRING& p_public_enc_key_x, const OCTETSTRING& p_public_enc_key_y, const OCTETSTRING& p_public_enc_compressed_key, const INTEGER& p_public_enc_compressed_key_mode);
virtual int store_certificate(const CHARSTRING& p_cert_id, const OCTETSTRING& p_cert, const OCTETSTRING& p_private_key, const OCTETSTRING& p_public_key_x, const OCTETSTRING& p_public_key_y, const OCTETSTRING& p_public_compressed_key, const INTEGER& p_public_compressed_key_mode, const OCTETSTRING& p_hash, const OCTETSTRING& p_hashid8, const OCTETSTRING& p_issuer, const OCTETSTRING& p_private_enc_key, const OCTETSTRING& p_public_enc_key_x, const OCTETSTRING& p_public_enc_key_y, const OCTETSTRING& p_public_enc_compressed_key, const INTEGER& p_public_enc_compressed_key_mode);
virtual int clear();
......
......@@ -40,10 +40,10 @@ int security_db::load_from_files(const std::string& p_db_path) {
return 0;
}
int security_db::store_certificate(const CHARSTRING& p_cert_id, const OCTETSTRING& p_cert, const OCTETSTRING& p_private_key, const OCTETSTRING& p_public_key_x, const OCTETSTRING& p_public_key_y, const OCTETSTRING& p_public_compressed_key, const INTEGER& p_public_compressed_key_mode, const OCTETSTRING& p_hashed_id8, const OCTETSTRING& p_issuer, const OCTETSTRING& p_private_enc_key, const OCTETSTRING& p_public_enc_key_x, const OCTETSTRING& p_public_enc_key_y, const OCTETSTRING& p_public_enc_compressd_key, const INTEGER& p_public_enc_compressed_key_mode) {
int security_db::store_certificate(const CHARSTRING& p_cert_id, const OCTETSTRING& p_cert, const OCTETSTRING& p_private_key, const OCTETSTRING& p_public_key_x, const OCTETSTRING& p_public_key_y, const OCTETSTRING& p_public_compressed_key, const INTEGER& p_public_compressed_key_mode, const OCTETSTRING& p_hash, const OCTETSTRING& p_hashed_id8, const OCTETSTRING& p_issuer, const OCTETSTRING& p_private_enc_key, const OCTETSTRING& p_public_enc_key_x, const OCTETSTRING& p_public_enc_key_y, const OCTETSTRING& p_public_enc_compressd_key, const INTEGER& p_public_enc_compressed_key_mode) {
loggers::get_instance().log_msg(">>> security_db::store_certificate: ", p_cert_id);
if (security_cache::store_certificate(p_cert_id, p_cert, p_private_key, p_public_key_x, p_public_key_y, p_public_compressed_key, p_public_compressed_key_mode, p_hashed_id8, p_issuer, p_private_enc_key, p_public_enc_key_x, p_public_enc_key_y, p_public_enc_compressd_key, p_public_enc_compressed_key_mode) != 0) {
if (security_cache::store_certificate(p_cert_id, p_cert, p_private_key, p_public_key_x, p_public_key_y, p_public_compressed_key, p_public_compressed_key_mode, p_hash, p_hashed_id8, p_issuer, p_private_enc_key, p_public_enc_key_x, p_public_enc_key_y, p_public_enc_compressd_key, p_public_enc_compressed_key_mode) != 0) {
return -1;
}
......
......@@ -38,7 +38,7 @@ public: /*! \publicsection */
* \param[in] p_cert_id The certificate identifier
* \return 0 on success, -1 otherwise
*/
int store_certificate(const CHARSTRING& p_cert_id, const OCTETSTRING& p_cert, const OCTETSTRING& p_private_key, const OCTETSTRING& p_public_key_x, const OCTETSTRING& p_public_key_y, const OCTETSTRING& p_public_compressed_key, const INTEGER& p_public_compressed_key_mode, const OCTETSTRING& p_hashid8, const OCTETSTRING& p_issuer, const OCTETSTRING& p_private_enc_key, const OCTETSTRING& p_public_enc_key_x, const OCTETSTRING& p_public_enc_key_y, const OCTETSTRING& p_public_enc_compressed_key, const INTEGER& p_public_enc_compressed_key_mode);
int store_certificate(const CHARSTRING& p_cert_id, const OCTETSTRING& p_cert, const OCTETSTRING& p_private_key, const OCTETSTRING& p_public_key_x, const OCTETSTRING& p_public_key_y, const OCTETSTRING& p_public_compressed_key, const INTEGER& p_public_compressed_key_mode, const OCTETSTRING& p_hash, const OCTETSTRING& p_hashid8, const OCTETSTRING& p_issuer, const OCTETSTRING& p_private_enc_key, const OCTETSTRING& p_public_enc_key_x, const OCTETSTRING& p_public_enc_key_y, const OCTETSTRING& p_public_enc_compressed_key, const INTEGER& p_public_enc_compressed_key_mode);
private: /*! \privatesection */
/*!
......
......@@ -19,6 +19,7 @@ security_db_record::security_db_record(
const OCTETSTRING& p_certificate,
const IEEE1609dot2::CertificateBase& p_decoded_certificate,
const OCTETSTRING& p_hashed_id_issuer,
const OCTETSTRING& p_hash,
const OCTETSTRING& p_hashed_id,
const OCTETSTRING& p_pr_key,
const OCTETSTRING& p_pu_key_x,
......@@ -29,14 +30,7 @@ security_db_record::security_db_record(
const OCTETSTRING& p_pu_enc_key_y,
const OCTETSTRING& p_pu_enc_comp_key,
const bool p_to_be_saved
): _algorithm{ec_elliptic_curves::nist_p_256}, _certificate_id(p_certificate_id), _certificate(p_certificate), _hashed_id_issuer(p_hashed_id_issuer), _hash(), _hashed_id(p_hashed_id), _pr_key(p_pr_key), _pu_key_x(p_pu_key_x), _pu_key_y(p_pu_key_y), _pu_comp_key(p_pu_comp_key), _pr_enc_key(p_pr_enc_key), _pu_enc_key_x(p_pu_enc_key_x), _pu_enc_key_y(p_pu_enc_key_y), _pu_enc_comp_key(p_pu_enc_comp_key), _to_be_saved(p_to_be_saved), _decoded_certificate(static_cast<IEEE1609dot2::CertificateBase*>(p_decoded_certificate.clone())) {
if (p_pr_key.lengthof() == 32) {
sha256 sha;
sha.generate(_certificate, _hash);
} else {
sha384 sha;
sha.generate(_certificate, _hash);
}
): _algorithm{ec_elliptic_curves::nist_p_256}, _certificate_id(p_certificate_id), _certificate(p_certificate), _hashed_id_issuer(p_hashed_id_issuer), _hash(p_hash), _hashed_id(p_hashed_id), _pr_key(p_pr_key), _pu_key_x(p_pu_key_x), _pu_key_y(p_pu_key_y), _pu_comp_key(p_pu_comp_key), _pr_enc_key(p_pr_enc_key), _pu_enc_key_x(p_pu_enc_key_x), _pu_enc_key_y(p_pu_enc_key_y), _pu_enc_comp_key(p_pu_enc_comp_key), _to_be_saved(p_to_be_saved), _decoded_certificate(static_cast<IEEE1609dot2::CertificateBase*>(p_decoded_certificate.clone())) {
}
const IEEE1609dot2::CertificateBase& security_db_record::decoded_certificate() const {
......
......@@ -30,7 +30,7 @@ class security_db_record {
std::string _certificate_id; /*!< Certificate storage*/
OCTETSTRING _certificate; /*!< COER storage */
OCTETSTRING _hashed_id_issuer; /*!< Hash id 8 of the issuer certificate */
OCTETSTRING _hash; /*!< Certificate hash storage */
OCTETSTRING _hash; /*!< Certificate hash storage */ // TODO Check if it's usefull, otherwise remove it
OCTETSTRING _hashed_id; /*!< Certificate hash id 8 storage */
OCTETSTRING _pr_key; /*!< Private key storage */
OCTETSTRING _pu_key_x; /*!< Public key X-coordinate storage */
......@@ -54,6 +54,7 @@ public: /*! \publicsection */
* \param[in] p_certificate The COER encoded certificate
* \param[in] p_decoded_certificate The decoded certificate
* \param[in] p_hashed_id_issuer The HashedId of the certificate issuer
* \param[in] p_hash The whole-certificate hash
* \param[in] p_hashed_id The whole-certificate hashed id
* \param[in] p_pr_key The private signature key
* \param[in] p_pu_key_x The public X-coordinate signature key
......@@ -65,7 +66,7 @@ public: /*! \publicsection */
* \param[in] p_pu_enc_comp_key_y The public compressed coordinate encryption key
* \param[in] p_to_be_saved Set to true to save on disk this certificate.Default: true
*/
security_db_record(const std::string& p_certificate_id, const OCTETSTRING& p_certificate, const IEEE1609dot2::CertificateBase& p_decoded_certificate, const OCTETSTRING& p_hashed_id_issuer, const OCTETSTRING& p_hashed_id, const OCTETSTRING& p_pr_key, const OCTETSTRING& p_pu_key_x, const OCTETSTRING& p_pu_key_y, const OCTETSTRING& p_pu_comp_key, const OCTETSTRING& p_pr_enc_key, const OCTETSTRING& p_pu_enc_key_x, const OCTETSTRING& p_pu_enc_key_y, const OCTETSTRING& p_pu_enc_comp_key_y, const bool p_to_be_saved = true);
security_db_record(const std::string& p_certificate_id, const OCTETSTRING& p_certificate, const IEEE1609dot2::CertificateBase& p_decoded_certificate, const OCTETSTRING& p_hashed_id_issuer, const OCTETSTRING& p_hash, const OCTETSTRING& p_hashed_id, const OCTETSTRING& p_pr_key, const OCTETSTRING& p_pu_key_x, const OCTETSTRING& p_pu_key_y, const OCTETSTRING& p_pu_comp_key, const OCTETSTRING& p_pr_enc_key, const OCTETSTRING& p_pu_enc_key_x, const OCTETSTRING& p_pu_enc_key_y, const OCTETSTRING& p_pu_enc_comp_key_y, const bool p_to_be_saved = true);
/*!
* \brief Default dtor
......
......@@ -68,7 +68,7 @@ int security_services::setup(params& p_params) { // FIXME Rename this method
return 0;
}
int security_services::store_certificate(const CHARSTRING& p_cert_id, const OCTETSTRING& p_cert, const OCTETSTRING& p_private_key, const OCTETSTRING& p_public_key_x, const OCTETSTRING& p_public_key_y, const OCTETSTRING& p_public_comp_key, const INTEGER& p_public_comp_key_mode, const OCTETSTRING& p_hashid8, const OCTETSTRING& p_issuer, const OCTETSTRING& p_private_enc_key, const OCTETSTRING& p_public_enc_key_x, const OCTETSTRING& p_public_enc_key_y, const OCTETSTRING& p_public_enc_compressed_key, const INTEGER& p_public_enc_key_compressed_mode) {
int security_services::store_certificate(const CHARSTRING& p_cert_id, const OCTETSTRING& p_cert, const OCTETSTRING& p_private_key, const OCTETSTRING& p_public_key_x, const OCTETSTRING& p_public_key_y, const OCTETSTRING& p_public_comp_key, const INTEGER& p_public_comp_key_mode, const OCTETSTRING& p_hash, const OCTETSTRING& p_hashid8, const OCTETSTRING& p_issuer, const OCTETSTRING& p_private_enc_key, const OCTETSTRING& p_public_enc_key_x, const OCTETSTRING& p_public_enc_key_y, const OCTETSTRING& p_public_enc_compressed_key, const INTEGER& p_public_enc_key_compressed_mode) {
loggers::get_instance().log_msg(">>> security_services::store_certificate: ", p_cert_id);
// Sanity checks
......@@ -76,7 +76,7 @@ int security_services::store_certificate(const CHARSTRING& p_cert_id, const OCTE
loggers::get_instance().warning("security_services::store_certificate: Not initialised");
return -1;
}
return _security_db.get()->store_certificate(p_cert_id, p_cert, p_private_key, p_public_key_x, p_public_key_y, p_public_comp_key, p_public_comp_key_mode, p_hashid8, p_issuer, p_private_enc_key, p_public_enc_key_x, p_public_enc_key_y, p_public_enc_compressed_key, p_public_enc_key_compressed_mode);
return _security_db.get()->store_certificate(p_cert_id, p_cert, p_private_key, p_public_key_x, p_public_key_y, p_public_comp_key, p_public_comp_key_mode, p_hash, p_hashid8, p_issuer, p_private_enc_key, p_public_enc_key_x, p_public_enc_key_y, p_public_enc_compressed_key, p_public_enc_key_compressed_mode);
}
int security_services::verify_and_extract_gn_payload(const OCTETSTRING& p_secured_gn_payload, const bool p_verify, IEEE1609dot2::Ieee1609Dot2Data& p_ieee_1609dot2_data, OCTETSTRING& p_unsecured_gn_payload, params& p_params) {
......@@ -891,6 +891,9 @@ int security_services::extract_encryption_keys(const IEEE1609dot2::CertificateBa
}
} else {
loggers::get_instance().warning("security_services::extract_encryption_keys: EncryptionKey omitted");
p_public_enc_key_x = OCTETSTRING(0, nullptr);
p_public_enc_key_y = OCTETSTRING(0, nullptr);
p_public_enc_comp_key = OCTETSTRING(0, nullptr);
return 0; // Normal termination
}
......@@ -949,8 +952,9 @@ int security_services::extract_encryption_keys(const IEEE1609dot2::CertificateBa
public_comp_key,
public_comp_key_mode,
hash_cert,
hashed_id8,
p_certificate.issuer().sha256AndDigest(),
int2oct(0, 32), // Encryption private not used
OCTETSTRING(0, nullptr), // Encryption private not used
public_enc_key_x,
public_enc_key_y,
public_enc_comp_key,
......@@ -997,8 +1001,9 @@ int security_services::extract_encryption_keys(const IEEE1609dot2::CertificateBa
public_comp_key,
public_comp_key_mode,
hash_cert,
hashed_id8,
p_certificate.issuer().sha384AndDigest(),
int2oct(0,48), // Encryption private not used
OCTETSTRING(0, nullptr), // Encryption private not used
public_enc_key_x,
public_enc_key_y,
public_enc_comp_key,
......
......@@ -101,7 +101,7 @@ public: /*! \publicsection */
int setup(params &p_params);
int store_certificate(const CHARSTRING& p_cert_id, const OCTETSTRING& p_cert, const OCTETSTRING& p_private_key, const OCTETSTRING& p_public_key_x, const OCTETSTRING& p_public_key_y, const OCTETSTRING& p_public_comp_key, const INTEGER& p_public_comp_key_mode, const OCTETSTRING& p_hashid8, const OCTETSTRING& p_issuer, const OCTETSTRING& p_private_enc_key, const OCTETSTRING& p_public_enc_key_x, const OCTETSTRING& p_public_enc_key_y, const OCTETSTRING& p_public_enc_compressed_key, const INTEGER& p_public_enc_key_compressed_mode);
int store_certificate(const CHARSTRING& p_cert_id, const OCTETSTRING& p_cert, const OCTETSTRING& p_private_key, const OCTETSTRING& p_public_key_x, const OCTETSTRING& p_public_key_y, const OCTETSTRING& p_public_comp_key, const INTEGER& p_public_comp_key_mode, const OCTETSTRING& p_hash, const OCTETSTRING& p_hashid8, const OCTETSTRING& p_issuer, const OCTETSTRING& p_private_enc_key, const OCTETSTRING& p_public_enc_key_x, const OCTETSTRING& p_public_enc_key_y, const OCTETSTRING& p_public_enc_compressed_key, const INTEGER& p_public_enc_key_compressed_mode);
inline void set_position(const int p_latitude, const int p_longitude, const int p_elevation = 0) { _latitude = p_latitude; _longitude = p_longitude; _elevation = p_elevation; };
......
......@@ -21,7 +21,7 @@ LibCommon_Time.PX_TAC := 35.0
# Root path to access certificate stored in files, identified by certficate ID
LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp"
# Configuration sub-directory to access certificate stored in files
LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "cert_asn1c" #"test_01";
LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "Yann" #"cert_asn1c" #"test_01";
[LOGGING]
# In this section you can specify the name of the log file and the classes of events
......@@ -286,11 +286,6 @@ system.utPort.params := "UT_GN/UDP(dst_ip=192.168.56.1)"
#TestCodec_SecuredFuntions.tc_f_verifyWithEcdsaBrainpoolp384WithSha384_1
#TestCodec_SecuredFuntions.tc_f_verifyWithEcdsaBrainpoolp384WithSha384_2
#TestCodec_SecuredFuntions.tc_f_verifyWithEcdsaBrainpoolp384WithSha384_3 # Shall failed on error: Dynamic test case error: security_ecc::security_ecc (2): Failed to get coordinates
#TestCodec_SecuredFuntions.tc_load_certificates
#TestCodec_SecuredFuntions.tc_read_certificate_1
#TestCodec_SecuredFuntions.tc_read_certificate_2
#TestCodec_SecuredFuntions.tc_read_certificate_digest
#TestCodec_SecuredFuntions.tc_read_certificate_hash
# Certificates
#TestCodec_Certificates.tc_root_certificate_sha256_1
#TestCodec_Certificates.tc_root_certificate_sha256_2
......@@ -310,8 +305,13 @@ system.utPort.params := "UT_GN/UDP(dst_ip=192.168.56.1)"
#TestCodec_SecuredMessages.tc_secured_message_signed_and_encrypted_1
#TestCodec_SecuredMessages.tc_secured_message_signed_and_encrypted_2
# Chain of certificates
#TestCodec_ChainOfCertificates.tc_full_check_certificate_1
TestCodec_ChainOfCertificates.tc_full_check_certificate_1
#TestCodec_ChainOfCertificates.tc_full_check_certificate_2
TestCodec_SecuredFuntions.tc_load_certificates
TestCodec_SecuredFuntions.tc_read_certificate_1
TestCodec_SecuredFuntions.tc_read_certificate_2
TestCodec_SecuredFuntions.tc_read_certificate_digest
TestCodec_SecuredFuntions.tc_read_certificate_hash
# Encryption
#TestCodec_SignedAndEncryptedMessages.tc_test_hmac_sha256_test1
#TestCodec_SignedAndEncryptedMessages.tc_test_hmac_sha256_test2
......@@ -319,9 +319,9 @@ system.utPort.params := "UT_GN/UDP(dst_ip=192.168.56.1)"
#TestCodec_SignedAndEncryptedMessages.tc_test_encrypt_aes_128_ccm_test_1
#TestCodec_SignedAndEncryptedMessages.tc_test_encrypt_aes_128_ccm_test_2
#TestCodec_SignedAndEncryptedMessages.tc_test_encrypt_aes_128_ccm_test_3
TestCodec_SignedAndEncryptedMessages.tc_encrypted_signed_message_1
TestCodec_SignedAndEncryptedMessages.tc_decrypted_signed_message_2
TestCodec_SignedAndEncryptedMessages.tc_decrypted_signed_message_3
#TestCodec_SignedAndEncryptedMessages.tc_encrypted_signed_message_1
#TestCodec_SignedAndEncryptedMessages.tc_decrypted_signed_message_2
#TestCodec_SignedAndEncryptedMessages.tc_decrypted_signed_message_3
#TestCodec_SignedAndEncryptedMessages.tc_decrypted_signed_message_4
# Pki
#TestCodec_Pki.tc_inner_ec_request_1
......
......@@ -150,9 +150,9 @@ module TestCodec_ChainOfCertificates {
// Store Private key in binary format
fx_loadCertificates("/home/vagrant/tmp/Yann", "");
fx_store_certificate("CERT_TEST_A_ROOT", v_chain_sec_info.ca.enc_cert, v_chain_sec_info.ca.private_key, v_chain_sec_info.ca.public_key_x, v_chain_sec_info.ca.public_key_y, v_chain_sec_info.ca.public_key_compressed, v_chain_sec_info.ca.compressed_mode, v_chain_sec_info.ca.hashedid8, v_chain_sec_info.ca.issuer, omit, omit, omit, omit, omit);
fx_store_certificate("CERT_TS_A_AA", v_chain_sec_info.aa.enc_cert, v_chain_sec_info.aa.private_key, v_chain_sec_info.aa.public_key_x, v_chain_sec_info.aa.public_key_y, v_chain_sec_info.aa.public_key_compressed, v_chain_sec_info.aa.compressed_mode, v_chain_sec_info.aa.hashedid8, v_chain_sec_info.aa.issuer, omit, omit, omit, omit, omit);
fx_store_certificate("CERT_TS_A_AT", v_chain_sec_info.at.enc_cert, v_chain_sec_info.at.private_key, v_chain_sec_info.at.public_key_x, v_chain_sec_info.at.public_key_y, v_chain_sec_info.at.public_key_compressed, v_chain_sec_info.at.compressed_mode, v_chain_sec_info.at.hashedid8, v_chain_sec_info.at.issuer, omit, omit, omit, omit, omit);
fx_store_certificate("CERT_IUT_A_RCA", v_chain_sec_info.ca.enc_cert, v_chain_sec_info.ca.private_key, v_chain_sec_info.ca.public_key_x, v_chain_sec_info.ca.public_key_y, v_chain_sec_info.ca.public_key_compressed, v_chain_sec_info.ca.compressed_mode, v_chain_sec_info.ca.hash, v_chain_sec_info.ca.hashedid8, v_chain_sec_info.ca.issuer, omit, omit, omit, omit, omit);
fx_store_certificate("CERT_IUT_A_AA", v_chain_sec_info.aa.enc_cert, v_chain_sec_info.aa.private_key, v_chain_sec_info.aa.public_key_x, v_chain_sec_info.aa.public_key_y, v_chain_sec_info.aa.public_key_compressed, v_chain_sec_info.aa.compressed_mode, v_chain_sec_info.aa.hash, v_chain_sec_info.aa.hashedid8, v_chain_sec_info.aa.issuer, omit, omit, omit, omit, omit);
fx_store_certificate("CERT_IUT_A_AT", v_chain_sec_info.at.enc_cert, v_chain_sec_info.at.private_key, v_chain_sec_info.at.public_key_x, v_chain_sec_info.at.public_key_y, v_chain_sec_info.at.public_key_compressed, v_chain_sec_info.at.compressed_mode, v_chain_sec_info.at.hash, v_chain_sec_info.at.hashedid8, v_chain_sec_info.at.issuer, omit, omit, omit, omit, omit);
// Create a basic GeoNetworking message
v_gnNonSecuredPacket := m_geoNwShbPacket(
......@@ -300,9 +300,9 @@ module TestCodec_ChainOfCertificates {
// Store Private key in binary format
fx_loadCertificates("/home/vagrant/tmp/Yann", "");
fx_store_certificate("CERT_TEST_B_ROOT", v_chain_sec_info.ca.enc_cert, v_chain_sec_info.ca.private_key, v_chain_sec_info.ca.public_key_x, v_chain_sec_info.ca.public_key_y, v_chain_sec_info.ca.public_key_compressed, v_chain_sec_info.ca.compressed_mode, v_chain_sec_info.ca.hashedid8, v_chain_sec_info.ca.issuer, omit, omit, omit, omit, omit);
fx_store_certificate("CERT_TS_B_AA", v_chain_sec_info.aa.enc_cert, v_chain_sec_info.aa.private_key, v_chain_sec_info.aa.public_key_x, v_chain_sec_info.aa.public_key_y, v_chain_sec_info.aa.public_key_compressed, v_chain_sec_info.aa.compressed_mode, v_chain_sec_info.aa.hashedid8, v_chain_sec_info.aa.issuer, omit, omit, omit, omit, omit);
fx_store_certificate("CERT_TS_B_AT", v_chain_sec_info.at.enc_cert, v_chain_sec_info.at.private_key, v_chain_sec_info.at.public_key_x, v_chain_sec_info.at.public_key_y, v_chain_sec_info.at.public_key_compressed, v_chain_sec_info.at.compressed_mode, v_chain_sec_info.at.hashedid8, v_chain_sec_info.at.issuer, omit, omit, omit, omit, omit);
fx_store_certificate("CERT_TEST_B_ROOT", v_chain_sec_info.ca.enc_cert, v_chain_sec_info.ca.private_key, v_chain_sec_info.ca.public_key_x, v_chain_sec_info.ca.public_key_y, v_chain_sec_info.ca.public_key_compressed, v_chain_sec_info.ca.compressed_mode, v_chain_sec_info.ca.hash, v_chain_sec_info.ca.hashedid8, v_chain_sec_info.ca.issuer, omit, omit, omit, omit, omit);
fx_store_certificate("CERT_TS_B_AA", v_chain_sec_info.aa.enc_cert, v_chain_sec_info.aa.private_key, v_chain_sec_info.aa.public_key_x, v_chain_sec_info.aa.public_key_y, v_chain_sec_info.aa.public_key_compressed, v_chain_sec_info.aa.compressed_mode, v_chain_sec_info.aa.hash, v_chain_sec_info.aa.hashedid8, v_chain_sec_info.aa.issuer, omit, omit, omit, omit, omit);
fx_store_certificate("CERT_TS_B_AT", v_chain_sec_info.at.enc_cert, v_chain_sec_info.at.private_key, v_chain_sec_info.at.public_key_x, v_chain_sec_info.at.public_key_y, v_chain_sec_info.at.public_key_compressed, v_chain_sec_info.at.compressed_mode, v_chain_sec_info.at.hash, v_chain_sec_info.at.hashedid8, v_chain_sec_info.at.issuer, omit, omit, omit, omit, omit);
// Create a basic GeoNetworking message
v_gnNonSecuredPacket := m_geoNwShbPacket(
......
......@@ -66,7 +66,7 @@ module TestCodec_SecuredFuntions {
setverdict(pass);
}
if (fx_readCertificate("CERT_IUT_A_RCA", v_certificate) == false) {
if (fx_readCertificate("CERT_IUT_A_AA", v_certificate) == false) {
setverdict(fail);
} else {
var bitstring v_oct2bit;
......@@ -88,7 +88,7 @@ module TestCodec_SecuredFuntions {
setverdict(fail);
} else {
var octetstring v_digest;
if (fx_readCertificateDigest("CERT_IUT_A_RCA", v_digest) == false) {
if (fx_readCertificateDigest("CERT_IUT_A_AA", v_digest) == false) {
setverdict(fail);
} else {
log("v_digest = ", v_digest);
......@@ -102,7 +102,7 @@ module TestCodec_SecuredFuntions {
setverdict(fail);
} else {
var octetstring v_hash;
if (fx_readCertificateHash("CERT_IUT_A_RCA", v_hash) == false) {
if (fx_readCertificateHash("CERT_IUT_A_AA", v_hash) == false) {
setverdict(fail);
} else {
log("v_hash = ", v_hash);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment