Security support in the TA

64be0b12 · garciay · 8d8548fa · 64be0b12 · 64be0b12 · 64be0b12
Commit 64be0b12 authored Feb 16, 2018 by garciay
12 changed files
--- a/ccsrc/Externals/LibItsSecurity_externals.cc
+++ b/ccsrc/Externals/LibItsSecurity_externals.cc
@@ -349,7 +349,7 @@ namespace LibItsSecurity__Functions
                               const CHARSTRING& p__rootDirectory,
                               const CHARSTRING& p__configId
                               ) {
-    loggers::get_instance().log("GeoNetworkingLayer::GeoNetworkingLayer: ###################");
+    loggers::get_instance().log("fx__loadCertificates: '%s', '%s'", p__rootDirectory, p__configId);
    Params params;
    params.insert(std::pair<std::string, std::string>(std::string("sec_db_path"), std::string(static_cast<const char*>(p__rootDirectory))));
    if (security_services::get_instance().setup(params) == -1) {

--- a/ccsrc/Framework/Params.hh
+++ b/ccsrc/Framework/Params.hh
@@ -56,7 +56,9 @@ public:
  static const std::string& distanceA;             //! Test system GeoNetworking DistanceA parameter name
  static const std::string& distanceB;             //! Test system GeoNetworking DistanceB parameter name
  static const std::string& angle;                 //! Test system GeoNetworking Angle parameter name
-  
+
+  static const std::string& payload_type;          //! Tyoe of payload, value is the ITS Conatainer message identifier or omitted in case of unknown payload
+
  static const std::string& next_header;           //! Upper layer settings
  static const std::string& header_type;           //! Upper layer settings
  static const std::string& header_sub_type;       //! Upper layer settings

--- a/ccsrc/Framework/src/Params.cc
+++ b/ccsrc/Framework/src/Params.cc
@@ -50,6 +50,8 @@ const std::string& Params::distanceA = std::string("distanceA");
 const std::string& Params::distanceB = std::string("distanceB");
 const std::string& Params::angle = std::string("angle");

+const std::string& Params::payload_type = std::string("payload_type");
+
 const std::string& Params::next_header = std::string("next_header");
 const std::string& Params::header_type = std::string("header_type");
 const std::string& Params::header_sub_type = std::string("header_sub_type");

--- a/ccsrc/Protocols/CAM/CAMLayer.cc
+++ b/ccsrc/Protocols/CAM/CAMLayer.cc
@@ -8,16 +8,18 @@ CAMLayer::CAMLayer(const std::string & p_type, const std::string & param) : TLay
  loggers::get_instance().log(">>> CAMLayer::CAMLayer: %s, %s", to_string().c_str(), param.c_str());
  // Setup parameters
  Params::convert(_params, param);
+  _params.insert(std::make_pair<std::string, std::string>("its_aid", "36")); // ETSI TS 102 965 V1.2.1 (2015-06)
+  _params.insert(std::make_pair<std::string, std::string>("payload_type", "2")); // CA message id - See ETSI TS 102 894
+  //params.log();
 }

 void CAMLayer::sendMsg(const LibItsCam__TestSystem::CamReq& p, Params& params){
  loggers::get_instance().log_msg(">>> CAMLayer::sendMsg: ", p);
-  params.log();
  
  // Encode CAM PDU
  OCTETSTRING data;
  if (_codec.encode(p.msgOut(), data) == -1) {
-    loggers::get_instance().warning("CAMLayer::sendMsg: Encodeing failure");
+    loggers::get_instance().warning("CAMLayer::sendMsg: Encoding failure");
    return;
  }

@@ -26,7 +28,7 @@ void CAMLayer::sendMsg(const LibItsCam__TestSystem::CamReq& p, Params& params){

 void CAMLayer::sendData(OCTETSTRING& data, Params& params) {
  loggers::get_instance().log_msg(">>> CAMLayer::sendData: ", data);
-  //params.log();
+  
  sendToAllLayers(data, params);
 }


--- a/ccsrc/Protocols/DENM/DENMLayer.cc
+++ b/ccsrc/Protocols/DENM/DENMLayer.cc
@@ -8,6 +8,8 @@ DENMLayer::DENMLayer(const std::string & p_type, const std::string & param) : TL
  loggers::get_instance().log(">>> DENMLayer::DENMLayer: %s, %s", to_string().c_str(), param.c_str());
  // Setup parameters
  Params::convert(_params, param);
+  _params.insert(std::make_pair<std::string, std::string>("its_aid", "37")); // ETSI TS 102 965 V1.2.1 (2015-06)
+  _params.insert(std::make_pair<std::string, std::string>("payload_type", "1")); // DE message id - See ETSI TS 102 894
 }

 void DENMLayer::sendMsg(const LibItsDenm__TestSystem::DenmReq& p, Params& params){

--- a/ccsrc/Protocols/GeoNetworking/GeoNetworkingLayer.cc
+++ b/ccsrc/Protocols/GeoNetworking/GeoNetworkingLayer.cc
@@ -66,7 +66,11 @@ GeoNetworkingLayer::GeoNetworkingLayer(const std::string & p_type, const std::st
    _enable_security_checks = (1 == converter::get_instance().string_to_int(it->second));
  }
  // Add broadcast address if needed
-  it = _params.find("mac_bc");
+  it = _params.find(Params::its_aid);
+  if (it == _params.cend()) {
+    _params.insert(std::pair<std::string, std::string>(std::string("its_aid"), "38"));
+  }
+  it = _params.find(Params::mac_bc);
  if (it == _params.cend()) {
    _params.insert(std::pair<std::string, std::string>(std::string("mac_bc"), "FFFFFFFFFFFF"));
  }
@@ -83,10 +87,10 @@ GeoNetworkingLayer::GeoNetworkingLayer(const std::string & p_type, const std::st
  if (it == _params.cend()) {
    _params.insert(std::pair<std::string, std::string>(std::string("sec_db_path"), ""));
  }
-  it = _params.find(Params::hash);
-  if (it == _params.cend()) {
-    _params.insert(std::pair<std::string, std::string>(std::string("sec_sign"), "SHA-256"));
-  }
+  // TODO it = _params.find(Params::hash);
+  // if (it == _params.cend()) {
+  //   _params.insert(std::pair<std::string, std::string>(std::string("sec_sign"), "SHA-256"));
+  // }
  it = _params.find(Params::signature);
  if (it == _params.cend()) {
    _params.insert(std::pair<std::string, std::string>(std::string("signature"), "NISTP-256"));
@@ -133,7 +137,7 @@ void GeoNetworkingLayer::sendMsg(const LibItsGeoNetworking__TestSystem::GeoNetwo
  // Encode GeoNetworking PDU
  OCTETSTRING data;
  _codec.encode(p.msgOut(), data);
-  sendData(data, params);
+  sendData(data, _params);
 }

 void GeoNetworkingLayer::sendData(OCTETSTRING& data, Params& params) {
@@ -141,12 +145,15 @@ void GeoNetworkingLayer::sendData(OCTETSTRING& data, Params& params) {
  params.log();

  if (_device_mode) { // Need to build a GN packet
+    params[Params::certificate] = _params[Params::certificate];
+    //params[Params::sec_sign] = _params[Params::sec_sign];
+    params[Params::signature] = _params[Params::signature];
    if (build_geonetworking_pdu(data, params) != 0) {
      return;
    }
  }
-  if (_secured_mode) {
-    if (build_secured_pdu(data, _params) != 0) {
+  if (_secured_mode) { // Add security support
+    if (build_secured_pdu(data, params) != 0) {
      return;
    }
  }
@@ -755,7 +762,7 @@ void GeoNetworkingLayer::timer_irq_sigalrm_handler(int p_signal, siginfo_t *p_si

 int GeoNetworkingLayer::build_geonetworking_pdu(OCTETSTRING& data, Params& params) {
  loggers::get_instance().log(">>> GeoNetworkingLayer::build_geonetworking_pdu");
-  params.log();
+  //params.log();
  
  std::string next_header;
  Params::const_iterator it = params.find(Params::next_header);
@@ -840,6 +847,7 @@ int GeoNetworkingLayer::build_geonetworking_pdu(OCTETSTRING& data, Params& param

 int GeoNetworkingLayer::build_secured_pdu(OCTETSTRING& data, Params& params) {
  loggers::get_instance().log_msg(">>> GeoNetworkingLayer::build_secured_pdu: ", data);
+  //params.log();
  
  LibItsGeoNetworking__TypesAndValues::BasicHeader basic_header;
  decode_basic_header(data, basic_header);
@@ -877,7 +885,7 @@ int GeoNetworkingLayer::decode_basic_header(const OCTETSTRING& p_data, LibItsGeo
  
  // Update security mode
  OCTETSTRING bh = OCTETSTRING(4, static_cast<const unsigned char*>(p_data)); // Extract the basic header as specified in ETSI EN 302 636-4-1 V1.3.1 (2017-08) Clause 9.6
-  loggers::get_instance().log_msg("GeoNetworkingLayer::receiveData: bh: ", bh);
+  loggers::get_instance().log_msg("GeoNetworkingLayer::decode_basic_header: bh: ", bh);
  TTCN_Buffer decoding_buffer(bh);
  p_basic_header.RAW_decode(*p_basic_header.get_descriptor(), decoding_buffer, decoding_buffer.get_len() * 8, raw_order_t::ORDER_MSB);
  loggers::get_instance().log_msg("GeoNetworkingLayer::decode_basic_header: ", p_basic_header);

--- a/ccsrc/Protocols/Security/security_cache.cc
+++ b/ccsrc/Protocols/Security/security_cache.cc
+#include "security_cache.hh"
+
+#include "Params.hh"
+
+#include "converter.hh"
+
+#include "EtsiTs103097Codec_Certificate.hh"
+
+#include "loggers.hh"
+
+security_cache::security_cache(): _certificates(), _hashed_id8s(), _issuers() {
+  loggers::get_instance().log(">>> security_cache::security_cache");
+} // End of ctor
+
+security_cache::~security_cache() {
+  loggers::get_instance().log(">>> security_cache::~security_cache");
+  clear();
+} // End of dtor
+
+int security_cache::clear() {
+  loggers::get_instance().log(">>> security_cache::clear");
+  _certificates.clear(); // Smart pointers will do the job
+  _hashed_id8s.clear();
+  _issuers.clear();
+  
+  return 0;
+} // End of clear method
+
+int security_cache::get_certificate_id(const OCTETSTRING& p_hashed_id8, std::string& p_certifcate_id) const {
+  loggers::get_instance().log_msg(">>> security_cache::get_certificate_id: ", p_hashed_id8);
+
+  std::vector<unsigned char> key(static_cast<const unsigned char*>(p_hashed_id8), p_hashed_id8.lengthof() + static_cast<const unsigned char*>(p_hashed_id8));
+  std::map<std::vector<unsigned char>, std::string>::const_iterator it = _hashed_id8s.find(key);
+  if (it == _hashed_id8s.cend()) {
+    p_certifcate_id = "";
+    return -1;
+  }
+  p_certifcate_id = it->second;
+
+  return 0;
+}
+
+int security_cache::get_certificate_id_by_issuer(const OCTETSTRING& p_issuer, std::string& p_certifcate_id) const {
+  loggers::get_instance().log_msg(">>> security_cache::get_certificate_id_by_issuer: ", p_issuer);
+
+  std::vector<unsigned char> key(static_cast<const unsigned char*>(p_issuer), p_issuer.lengthof() + static_cast<const unsigned char*>(p_issuer));
+  std::map<std::vector<unsigned char>, std::string>::const_iterator it = _issuers.find(key);
+  if (it == _issuers.cend()) {
+    p_certifcate_id = "";
+    return -1;
+  }
+  p_certifcate_id = it->second;
+
+  return 0;
+}
+
+int security_cache::get_certificate(const std::string& p_certificate_id, OCTETSTRING& p_certificate) const {
+  loggers::get_instance().log(">>> security_cache::get_certificate: '%s'", p_certificate_id.c_str());
+
+  std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
+  if (it == _certificates.cend()) {
+    loggers::get_instance().warning("security_cache::get_certificate: record not found");
+    return -1;
+  }
+  const std::vector<unsigned char> cert = it->second.get()->certificate();
+  p_certificate = OCTETSTRING(cert.size(), cert.data());
+  
+  return 0;
+}
+
+int security_cache::get_certificate(const std::string& p_certificate_id, IEEE1609dot2::CertificateBase& p_certificate) const {
+  loggers::get_instance().log(">>> security_cache::get_certificate: '%s'", p_certificate_id.c_str());
+
+  std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
+  if (it == _certificates.cend()) {
+    loggers::get_instance().warning("security_cache::get_certificate: record not found");
+    return -1;
+  }
+  p_certificate = it->second.get()->decoded_certificate();
+  
+  return 0;
+}
+
+int security_cache::get_issuer(const std::string& p_certificate_id, OCTETSTRING& p_hashed_id_issuer) const {
+  loggers::get_instance().log(">>> security_cache::get_issuer: '%s'", p_certificate_id.c_str());
+
+  std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
+  if (it == _certificates.cend()) {
+    loggers::get_instance().warning("security_cache::get_certificate: record not found");
+    return -1;
+  }
+  const std::vector<unsigned char> issuer = it->second.get()->issuer();
+  p_hashed_id_issuer = OCTETSTRING(issuer.size(), issuer.data());
+  
+  return 0;
+}
+
+int security_cache::get_hashed_id(const std::string& p_certificate_id, OCTETSTRING& p_hashed_id) const {
+  loggers::get_instance().log(">>> security_cache::get_hashed_id: '%s'", p_certificate_id.c_str());
+
+  std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
+  if (it == _certificates.cend()) {
+    loggers::get_instance().warning("security_cache::get_certificate: record not found");
+    return -1;
+  }
+  const std::vector<unsigned char> hashed_id = it->second.get()->hashed_id();
+  p_hashed_id = OCTETSTRING(hashed_id.size(), hashed_id.data());
+  
+  return 0;
+}
+
+int security_cache::get_private_key(const std::string& p_certificate_id, OCTETSTRING& p_private_key) const {
+  loggers::get_instance().log(">>> security_cache::get_private_key: '%s'", p_certificate_id.c_str());
+
+  std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
+  if (it == _certificates.cend()) {
+    loggers::get_instance().warning("security_cache::get_certificate: record not found");
+    return -1;
+  }
+  const std::vector<unsigned char> private_key = it->second.get()->private_key();
+  p_private_key = OCTETSTRING(private_key.size(), private_key.data());
+  
+  return 0;
+}
+
+int security_cache::get_public_keys(const std::string& p_certificate_id, OCTETSTRING& p_public_key_x, OCTETSTRING& p_public_key_y) const {
+  loggers::get_instance().log(">>> security_cache::get_public_keys: '%s'", p_certificate_id.c_str());
+
+  std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
+  if (it == _certificates.cend()) {
+    loggers::get_instance().warning("security_cache::get_certificate: record not found");
+    return -1;
+  }
+  const std::vector<unsigned char> public_key_x = it->second.get()->public_key_x();
+  p_public_key_x = OCTETSTRING(public_key_x.size(), public_key_x.data());
+  const std::vector<unsigned char> public_key_y = it->second.get()->public_key_y();
+  p_public_key_y = OCTETSTRING(public_key_y.size(), public_key_y.data());
+  
+  return 0;
+}
+
+int security_cache::store_certificate(const CHARSTRING& p_cert_id, const OCTETSTRING& p_cert, const OCTETSTRING& p_private_key, const OCTETSTRING& p_public_key_x, const OCTETSTRING& p_public_key_y, const OCTETSTRING& p_hashed_id8, const OCTETSTRING& p_issuer) {
+  loggers::get_instance().log_msg(">>> security_cache::store_certificate: ", p_cert_id);
+
+  std::string key(static_cast<const char*>(p_cert_id));
+  std::vector<unsigned char> cert(static_cast<const unsigned char*>(p_cert), static_cast<const unsigned char*>(p_cert) + p_cert.lengthof());
+  std::vector<unsigned char> private_key(static_cast<const unsigned char*>(p_private_key), static_cast<const unsigned char*>(p_private_key) + p_private_key.lengthof());
+  std::vector<unsigned char> public_key_x(static_cast<const unsigned char*>(p_public_key_x), static_cast<const unsigned char*>(p_public_key_x) + p_public_key_x.lengthof());
+  std::vector<unsigned char> public_key_y(static_cast<const unsigned char*>(p_public_key_y), static_cast<const unsigned char*>(p_public_key_y) + p_public_key_y.lengthof());
+  std::vector<unsigned char> hashed_id8(static_cast<const unsigned char*>(p_hashed_id8), static_cast<const unsigned char*>(p_hashed_id8) + p_hashed_id8.lengthof());
+  std::vector<unsigned char> issuer(static_cast<const unsigned char*>(p_issuer), static_cast<const unsigned char*>(p_issuer) + p_issuer.lengthof());
+  EtsiTs103097Codec_Certificate codec;
+  IEEE1609dot2::CertificateBase decoded_certificate;
+  codec.decode(p_cert, decoded_certificate);
+  loggers::get_instance().log_msg("security_cache::store_certificate: Decoded certificate: ", decoded_certificate);
+  security_db_record* p = new security_db_record(
+                                                 key,          // Certificate id
+                                                 cert,         // Certificate
+                                                 decoded_certificate,
+                                                 issuer,       // Hashed ID fo the issuer, empty for CA
+                                                 hashed_id8,   // Hashed ID
+                                                 private_key,  // Private key
+                                                 public_key_x, // Public key X
+                                                 public_key_y  // Public key Y
+                                                 );
+  if (p == nullptr) {
+    return -1;
+  }
+  std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator i = _certificates.find(key);
+  if (i != _certificates.cend()) {
+    _certificates.erase(i);
+  }
+  std::map<std::vector<unsigned char>, std::string>::const_iterator h = _hashed_id8s.find(hashed_id8);
+  if (h != _hashed_id8s.cend()) {
+    _hashed_id8s.erase(h);
+  }
+  _certificates.insert(std::pair<std::string, std::unique_ptr<security_db_record> >(key, std::unique_ptr<security_db_record>(p)));
+  _hashed_id8s.insert(std::pair<std::vector<unsigned char>, std::string&>(hashed_id8, key));
+  dump();
+
+  return 0;
+}
+
+void security_cache::dump() const {
+  loggers::get_instance().log("security_cache::dump_certificates: # items = %d", _certificates.size());
+  for (std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.cbegin(); it != _certificates.cend(); ++it) {
+    security_db_record* p = it->second.get();
+    loggers::get_instance().log("security_cache::dump: certificate_id = %s", p->certificate_id().c_str());
+    loggers::get_instance().log_to_hexa("security_cache::dump: certificate = ", p->certificate().data(), p->certificate().size());
+    loggers::get_instance().log_msg("security_cache::dump: decoded certificate = ", p->decoded_certificate());
+    loggers::get_instance().log_to_hexa("security_cache::dump: hashed_id = ", p->hashed_id().data(), p->hashed_id().size());
+    loggers::get_instance().log_to_hexa("security_cache::dump: hashed_id_issuer = ", p->issuer().data(), p->issuer().size());
+    loggers::get_instance().log_to_hexa("security_cache::dump: private_key = ", p->private_key().data(), p->private_key().size());
+    loggers::get_instance().log_to_hexa("security_cache::dump: public_key_x = ", p->public_key_x().data(), p->public_key_x().size());
+    loggers::get_instance().log_to_hexa("security_cache::dump: public_key_y = ", p->public_key_y().data(), p->public_key_y().size());
+  } // End of 'for' statement
+  for (std::map<std::vector<unsigned char>, std::string>::const_iterator it = _hashed_id8s.cbegin(); it != _hashed_id8s.cend(); ++it) {
+    loggers::get_instance().log("security_cache::dump: Hashedid8 idx = %s", it->second.c_str());
+  } // End of 'for' statement
+} // End of method dump
--- a/ccsrc/Protocols/Security/security_cache.hh
+++ b/ccsrc/Protocols/Security/security_cache.hh
+#pragma once
+
+#include <string>
+#include <memory>
+#include <vector>
+#include <map>
+
+#include "security_db_record.hh"
+
+class OCTETSTRING;
+class CHARSTRING;
+
+/*!
+ * \class security_cache
+ * \brief This class provides security record description for in memory security database. In memory mens there is no disk load/save mechanism
+ */
+class security_cache {
+protected: /*! \protectedsection */
+  // TODO Enforce with const security_cache_record, and const std::string
+  std::map<std::string, std::unique_ptr<security_db_record> > _certificates; //! List of the certificates indexed by the certificate identifier
+  std::map<std::vector<unsigned char>, std::string> _hashed_id8s; //! List of the certificates indexed by the HashedId8
+  std::map<std::vector<unsigned char>, std::string> _issuers; //! List of the certificates indexed by the IssuerIdentifier
+  
+public: /*! \publicsection */
+  /*!
+   * \brief Default ctor
+   */
+  security_cache();
+  /*!
+   * \brief Default private dtor
+   */
+  virtual ~security_cache();
+
+  int get_certificate_id(const OCTETSTRING& p_hashed_id8, std::string& p_certifcate_id) const;
+  int get_certificate_id_by_issuer(const OCTETSTRING& p_issuer, std::string& p_certifcate_id) const;
+  int get_certificate(const std::string& p_certifcate_id, OCTETSTRING& p_certificate) const;
+  int get_certificate(const std::string& p_certifcate_id, IEEE1609dot2::CertificateBase& p_certificate) const;
+  int get_issuer(const std::string& p_certifcate_id, OCTETSTRING& p_hashed_id_issuer) const;
+  int get_hashed_id(const std::string& p_certifcate_id, OCTETSTRING& p_hashed_id) const;
+  int get_private_key(const std::string& p_certifcate_id, OCTETSTRING& p_private_key) const;
+  int get_public_keys(const std::string& p_certifcate_id, OCTETSTRING& p_public_key_x, OCTETSTRING& p_public_key_y) const;
+
+  virtual int store_certificate(const CHARSTRING& p_cert_id, const OCTETSTRING& p_cert, const OCTETSTRING& p_private_key, const OCTETSTRING& p_public_key_x, const OCTETSTRING& p_public_key_y, const OCTETSTRING& p_hashid8, const OCTETSTRING& p_issuer);
+
+  //virtual int store_certificate(const std::sring& p_cert_id, const std::vector<unsigned char>& p_cert, const std::vector<unsigned char>& p_private_key, const std::vector<unsigned char>& p_public_key_x, const std::vector<unsigned char>& p_public_key_y, const std::vector<unsigned char>& p_hashid8, const std::vector<unsigned char>& p_issuer);
+  virtual int clear();
+  
+  void dump() const;
+  
+}; // End of class security_cache
--- a/ccsrc/Protocols/Security/security_db.cc
+++ b/ccsrc/Protocols/Security/security_db.cc
@@ -10,11 +10,7 @@

 #include "loggers.hh"

-security_db::security_db(): _certificates(), _hashed_id8s(), _issuers() {
-  loggers::get_instance().log(">>> security_db::security_db");
-} // End of ctor
-
-security_db::security_db(const std::string& p_db_path): security_db() {
+security_db::security_db(const std::string& p_db_path) {
  loggers::get_instance().log(">>> security_db::security_db: '%s'", p_db_path.c_str());

  load_from_files(p_db_path);
@@ -22,130 +18,15 @@ security_db::security_db(const std::string& p_db_path): security_db() {
 } // End of ctor

 security_db::~security_db() {
-  clear();
+  loggers::get_instance().log(">>> security_db::~security_db");
 } // End of dtor

 int security_db::clear() {
-  _certificates.clear(); // Smart pointers will do the job
-  _hashed_id8s.clear();
-  _issuers.clear();
-  
+  loggers::get_instance().log(">>> security_db::clear");
+  // TODO Check if something shale be done here
  return 0;
 } // End of clear method

-int security_db::get_certificate_id(const OCTETSTRING& p_hashed_id8, std::string& p_certifcate_id) const {
-  loggers::get_instance().log_msg(">>> security_db::get_certificate_id: ", p_hashed_id8);
-
-  std::vector<unsigned char> key(static_cast<const unsigned char*>(p_hashed_id8), p_hashed_id8.lengthof() + static_cast<const unsigned char*>(p_hashed_id8));
-  std::map<std::vector<unsigned char>, std::string>::const_iterator it = _hashed_id8s.find(key);
-  if (it == _hashed_id8s.cend()) {
-    p_certifcate_id = "";
-    return -1;
-  }
-  p_certifcate_id = it->second;
-
-  return 0;
-}
-
-int security_db::get_certificate_id_by_issuer(const OCTETSTRING& p_issuer, std::string& p_certifcate_id) const {
-  loggers::get_instance().log_msg(">>> security_db::get_certificate_id_by_issuer: ", p_issuer);
-
-  std::vector<unsigned char> key(static_cast<const unsigned char*>(p_issuer), p_issuer.lengthof() + static_cast<const unsigned char*>(p_issuer));
-  std::map<std::vector<unsigned char>, std::string>::const_iterator it = _issuers.find(key);
-  if (it == _issuers.cend()) {
-    p_certifcate_id = "";
-    return -1;
-  }
-  p_certifcate_id = it->second;
-
-  return 0;
-}
-
-int security_db::get_certificate(const std::string& p_certificate_id, OCTETSTRING& p_certificate) const {
-  loggers::get_instance().log(">>> security_db::get_certificate: '%s'", p_certificate_id.c_str());
-
-  std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
-  if (it == _certificates.cend()) {
-    loggers::get_instance().warning("security_db::get_certificate: record not found");
-    return -1;
-  }
-  const std::vector<unsigned char> cert = it->second.get()->certificate();
-  p_certificate = OCTETSTRING(cert.size(), cert.data());
-  
-  return 0;
-}
-
-int security_db::get_certificate(const std::string& p_certificate_id, IEEE1609dot2::CertificateBase& p_certificate) const {
-  loggers::get_instance().log(">>> security_db::get_certificate: '%s'", p_certificate_id.c_str());
-
-  std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
-  if (it == _certificates.cend()) {
-    loggers::get_instance().warning("security_db::get_certificate: record not found");
-    return -1;
-  }
-  p_certificate = it->second.get()->decoded_certificate();
-  
-  return 0;
-}
-
-int security_db::get_issuer(const std::string& p_certificate_id, OCTETSTRING& p_hashed_id_issuer) const {
-  loggers::get_instance().log(">>> security_db::get_issuer: '%s'", p_certificate_id.c_str());
-
-  std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
-  if (it == _certificates.cend()) {
-    loggers::get_instance().warning("security_db::get_certificate: record not found");
-    return -1;
-  }
-  const std::vector<unsigned char> issuer = it->second.get()->issuer();
-  p_hashed_id_issuer = OCTETSTRING(issuer.size(), issuer.data());
-  
-  return 0;
-}
-
-int security_db::get_hashed_id(const std::string& p_certificate_id, OCTETSTRING& p_hashed_id) const {
-  loggers::get_instance().log(">>> security_db::get_hashed_id: '%s'", p_certificate_id.c_str());
-
-  std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
-  if (it == _certificates.cend()) {
-    loggers::get_instance().warning("security_db::get_certificate: record not found");
-    return -1;
-  }
-  const std::vector<unsigned char> hashed_id = it->second.get()->hashed_id();
-  p_hashed_id = OCTETSTRING(hashed_id.size(), hashed_id.data());
-  
-  return 0;
-}
-
-int security_db::get_private_key(const std::string& p_certificate_id, OCTETSTRING& p_private_key) const {
-  loggers::get_instance().log(">>> security_db::get_private_key: '%s'", p_certificate_id.c_str());
-
-  std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
-  if (it == _certificates.cend()) {
-    loggers::get_instance().warning("security_db::get_certificate: record not found");
-    return -1;
-  }
-  const std::vector<unsigned char> private_key = it->second.get()->private_key();
-  p_private_key = OCTETSTRING(private_key.size(), private_key.data());
-  
-  return 0;
-}
-
-int security_db::get_public_keys(const std::string& p_certificate_id, OCTETSTRING& p_public_key_x, OCTETSTRING& p_public_key_y) const {
-  loggers::get_instance().log(">>> security_db::get_public_keys: '%s'", p_certificate_id.c_str());
-
-  std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
-  if (it == _certificates.cend()) {
-    loggers::get_instance().warning("security_db::get_certificate: record not found");
-    return -1;
-  }
-  const std::vector<unsigned char> public_key_x = it->second.get()->public_key_x();
-  p_public_key_x = OCTETSTRING(public_key_x.size(), public_key_x.data());
-  const std::vector<unsigned char> public_key_y = it->second.get()->public_key_y();
-  p_public_key_y = OCTETSTRING(public_key_y.size(), public_key_y.data());
-  
-  return 0;
-}
-
 int security_db::load_from_files(const std::string& p_db_path) {
  loggers::get_instance().log(">>> security_db::load_from_files: '%s'", p_db_path.c_str());

@@ -165,63 +46,18 @@ int security_db::load_from_files(const std::string& p_db_path) {
 int security_db::store_certificate(const CHARSTRING& p_cert_id, const OCTETSTRING& p_cert, const OCTETSTRING& p_private_key, const OCTETSTRING& p_public_key_x, const OCTETSTRING& p_public_key_y, const OCTETSTRING& p_hashed_id8, const OCTETSTRING& p_issuer) {
  loggers::get_instance().log_msg(">>> security_db::store_certificate: ", p_cert_id);

-  std::string key(static_cast<const char*>(p_cert_id));
-  std::vector<unsigned char> cert(static_cast<const unsigned char*>(p_cert), static_cast<const unsigned char*>(p_cert) + p_cert.lengthof());
-  std::vector<unsigned char> private_key(static_cast<const unsigned char*>(p_private_key), static_cast<const unsigned char*>(p_private_key) + p_private_key.lengthof());
-  std::vector<unsigned char> public_key_x(static_cast<const unsigned char*>(p_public_key_x), static_cast<const unsigned char*>(p_public_key_x) + p_public_key_x.lengthof());
-  std::vector<unsigned char> public_key_y(static_cast<const unsigned char*>(p_public_key_y), static_cast<const unsigned char*>(p_public_key_y) + p_public_key_y.lengthof());
-  std::vector<unsigned char> hashed_id8(static_cast<const unsigned char*>(p_hashed_id8), static_cast<const unsigned char*>(p_hashed_id8) + p_hashed_id8.lengthof());
-  std::vector<unsigned char> issuer(static_cast<const unsigned char*>(p_issuer), static_cast<const unsigned char*>(p_issuer) + p_issuer.lengthof());
-  EtsiTs103097Codec_Certificate codec;
-  IEEE1609dot2::CertificateBase decoded_certificate;
-  codec.decode(p_cert, decoded_certificate);
-  loggers::get_instance().log_msg("security_db::store_certificate: Decoded certificate: ", decoded_certificate);
-  security_db_record* p = new security_db_record(
-                                                 key,          // Certificate id
-                                                 cert,         // Certificate