Commit 64be0b12 authored by garciay's avatar garciay
Browse files

Security support in the TA

parent 8d8548fa
......@@ -349,7 +349,7 @@ namespace LibItsSecurity__Functions
const CHARSTRING& p__rootDirectory,
const CHARSTRING& p__configId
) {
loggers::get_instance().log("GeoNetworkingLayer::GeoNetworkingLayer: ###################");
loggers::get_instance().log("fx__loadCertificates: '%s', '%s'", p__rootDirectory, p__configId);
Params params;
params.insert(std::pair<std::string, std::string>(std::string("sec_db_path"), std::string(static_cast<const char*>(p__rootDirectory))));
if (security_services::get_instance().setup(params) == -1) {
......
......@@ -56,7 +56,9 @@ public:
static const std::string& distanceA; //! Test system GeoNetworking DistanceA parameter name
static const std::string& distanceB; //! Test system GeoNetworking DistanceB parameter name
static const std::string& angle; //! Test system GeoNetworking Angle parameter name
static const std::string& payload_type; //! Tyoe of payload, value is the ITS Conatainer message identifier or omitted in case of unknown payload
static const std::string& next_header; //! Upper layer settings
static const std::string& header_type; //! Upper layer settings
static const std::string& header_sub_type; //! Upper layer settings
......
......@@ -50,6 +50,8 @@ const std::string& Params::distanceA = std::string("distanceA");
const std::string& Params::distanceB = std::string("distanceB");
const std::string& Params::angle = std::string("angle");
const std::string& Params::payload_type = std::string("payload_type");
const std::string& Params::next_header = std::string("next_header");
const std::string& Params::header_type = std::string("header_type");
const std::string& Params::header_sub_type = std::string("header_sub_type");
......
......@@ -8,16 +8,18 @@ CAMLayer::CAMLayer(const std::string & p_type, const std::string & param) : TLay
loggers::get_instance().log(">>> CAMLayer::CAMLayer: %s, %s", to_string().c_str(), param.c_str());
// Setup parameters
Params::convert(_params, param);
_params.insert(std::make_pair<std::string, std::string>("its_aid", "36")); // ETSI TS 102 965 V1.2.1 (2015-06)
_params.insert(std::make_pair<std::string, std::string>("payload_type", "2")); // CA message id - See ETSI TS 102 894
//params.log();
}
void CAMLayer::sendMsg(const LibItsCam__TestSystem::CamReq& p, Params& params){
loggers::get_instance().log_msg(">>> CAMLayer::sendMsg: ", p);
params.log();
// Encode CAM PDU
OCTETSTRING data;
if (_codec.encode(p.msgOut(), data) == -1) {
loggers::get_instance().warning("CAMLayer::sendMsg: Encodeing failure");
loggers::get_instance().warning("CAMLayer::sendMsg: Encoding failure");
return;
}
......@@ -26,7 +28,7 @@ void CAMLayer::sendMsg(const LibItsCam__TestSystem::CamReq& p, Params& params){
void CAMLayer::sendData(OCTETSTRING& data, Params& params) {
loggers::get_instance().log_msg(">>> CAMLayer::sendData: ", data);
//params.log();
sendToAllLayers(data, params);
}
......
......@@ -8,6 +8,8 @@ DENMLayer::DENMLayer(const std::string & p_type, const std::string & param) : TL
loggers::get_instance().log(">>> DENMLayer::DENMLayer: %s, %s", to_string().c_str(), param.c_str());
// Setup parameters
Params::convert(_params, param);
_params.insert(std::make_pair<std::string, std::string>("its_aid", "37")); // ETSI TS 102 965 V1.2.1 (2015-06)
_params.insert(std::make_pair<std::string, std::string>("payload_type", "1")); // DE message id - See ETSI TS 102 894
}
void DENMLayer::sendMsg(const LibItsDenm__TestSystem::DenmReq& p, Params& params){
......
......@@ -66,7 +66,11 @@ GeoNetworkingLayer::GeoNetworkingLayer(const std::string & p_type, const std::st
_enable_security_checks = (1 == converter::get_instance().string_to_int(it->second));
}
// Add broadcast address if needed
it = _params.find("mac_bc");
it = _params.find(Params::its_aid);
if (it == _params.cend()) {
_params.insert(std::pair<std::string, std::string>(std::string("its_aid"), "38"));
}
it = _params.find(Params::mac_bc);
if (it == _params.cend()) {
_params.insert(std::pair<std::string, std::string>(std::string("mac_bc"), "FFFFFFFFFFFF"));
}
......@@ -83,10 +87,10 @@ GeoNetworkingLayer::GeoNetworkingLayer(const std::string & p_type, const std::st
if (it == _params.cend()) {
_params.insert(std::pair<std::string, std::string>(std::string("sec_db_path"), ""));
}
it = _params.find(Params::hash);
if (it == _params.cend()) {
_params.insert(std::pair<std::string, std::string>(std::string("sec_sign"), "SHA-256"));
}
// TODO it = _params.find(Params::hash);
// if (it == _params.cend()) {
// _params.insert(std::pair<std::string, std::string>(std::string("sec_sign"), "SHA-256"));
// }
it = _params.find(Params::signature);
if (it == _params.cend()) {
_params.insert(std::pair<std::string, std::string>(std::string("signature"), "NISTP-256"));
......@@ -133,7 +137,7 @@ void GeoNetworkingLayer::sendMsg(const LibItsGeoNetworking__TestSystem::GeoNetwo
// Encode GeoNetworking PDU
OCTETSTRING data;
_codec.encode(p.msgOut(), data);
sendData(data, params);
sendData(data, _params);
}
void GeoNetworkingLayer::sendData(OCTETSTRING& data, Params& params) {
......@@ -141,12 +145,15 @@ void GeoNetworkingLayer::sendData(OCTETSTRING& data, Params& params) {
params.log();
if (_device_mode) { // Need to build a GN packet
params[Params::certificate] = _params[Params::certificate];
//params[Params::sec_sign] = _params[Params::sec_sign];
params[Params::signature] = _params[Params::signature];
if (build_geonetworking_pdu(data, params) != 0) {
return;
}
}
if (_secured_mode) {
if (build_secured_pdu(data, _params) != 0) {
if (_secured_mode) { // Add security support
if (build_secured_pdu(data, params) != 0) {
return;
}
}
......@@ -755,7 +762,7 @@ void GeoNetworkingLayer::timer_irq_sigalrm_handler(int p_signal, siginfo_t *p_si
int GeoNetworkingLayer::build_geonetworking_pdu(OCTETSTRING& data, Params& params) {
loggers::get_instance().log(">>> GeoNetworkingLayer::build_geonetworking_pdu");
params.log();
//params.log();
std::string next_header;
Params::const_iterator it = params.find(Params::next_header);
......@@ -840,6 +847,7 @@ int GeoNetworkingLayer::build_geonetworking_pdu(OCTETSTRING& data, Params& param
int GeoNetworkingLayer::build_secured_pdu(OCTETSTRING& data, Params& params) {
loggers::get_instance().log_msg(">>> GeoNetworkingLayer::build_secured_pdu: ", data);
//params.log();
LibItsGeoNetworking__TypesAndValues::BasicHeader basic_header;
decode_basic_header(data, basic_header);
......@@ -877,7 +885,7 @@ int GeoNetworkingLayer::decode_basic_header(const OCTETSTRING& p_data, LibItsGeo
// Update security mode
OCTETSTRING bh = OCTETSTRING(4, static_cast<const unsigned char*>(p_data)); // Extract the basic header as specified in ETSI EN 302 636-4-1 V1.3.1 (2017-08) Clause 9.6
loggers::get_instance().log_msg("GeoNetworkingLayer::receiveData: bh: ", bh);
loggers::get_instance().log_msg("GeoNetworkingLayer::decode_basic_header: bh: ", bh);
TTCN_Buffer decoding_buffer(bh);
p_basic_header.RAW_decode(*p_basic_header.get_descriptor(), decoding_buffer, decoding_buffer.get_len() * 8, raw_order_t::ORDER_MSB);
loggers::get_instance().log_msg("GeoNetworkingLayer::decode_basic_header: ", p_basic_header);
......
#include "security_cache.hh"
#include "Params.hh"
#include "converter.hh"
#include "EtsiTs103097Codec_Certificate.hh"
#include "loggers.hh"
security_cache::security_cache(): _certificates(), _hashed_id8s(), _issuers() {
loggers::get_instance().log(">>> security_cache::security_cache");
} // End of ctor
security_cache::~security_cache() {
loggers::get_instance().log(">>> security_cache::~security_cache");
clear();
} // End of dtor
int security_cache::clear() {
loggers::get_instance().log(">>> security_cache::clear");
_certificates.clear(); // Smart pointers will do the job
_hashed_id8s.clear();
_issuers.clear();
return 0;
} // End of clear method
int security_cache::get_certificate_id(const OCTETSTRING& p_hashed_id8, std::string& p_certifcate_id) const {
loggers::get_instance().log_msg(">>> security_cache::get_certificate_id: ", p_hashed_id8);
std::vector<unsigned char> key(static_cast<const unsigned char*>(p_hashed_id8), p_hashed_id8.lengthof() + static_cast<const unsigned char*>(p_hashed_id8));
std::map<std::vector<unsigned char>, std::string>::const_iterator it = _hashed_id8s.find(key);
if (it == _hashed_id8s.cend()) {
p_certifcate_id = "";
return -1;
}
p_certifcate_id = it->second;
return 0;
}
int security_cache::get_certificate_id_by_issuer(const OCTETSTRING& p_issuer, std::string& p_certifcate_id) const {
loggers::get_instance().log_msg(">>> security_cache::get_certificate_id_by_issuer: ", p_issuer);
std::vector<unsigned char> key(static_cast<const unsigned char*>(p_issuer), p_issuer.lengthof() + static_cast<const unsigned char*>(p_issuer));
std::map<std::vector<unsigned char>, std::string>::const_iterator it = _issuers.find(key);
if (it == _issuers.cend()) {
p_certifcate_id = "";
return -1;
}
p_certifcate_id = it->second;
return 0;
}
int security_cache::get_certificate(const std::string& p_certificate_id, OCTETSTRING& p_certificate) const {
loggers::get_instance().log(">>> security_cache::get_certificate: '%s'", p_certificate_id.c_str());
std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_cache::get_certificate: record not found");
return -1;
}
const std::vector<unsigned char> cert = it->second.get()->certificate();
p_certificate = OCTETSTRING(cert.size(), cert.data());
return 0;
}
int security_cache::get_certificate(const std::string& p_certificate_id, IEEE1609dot2::CertificateBase& p_certificate) const {
loggers::get_instance().log(">>> security_cache::get_certificate: '%s'", p_certificate_id.c_str());
std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_cache::get_certificate: record not found");
return -1;
}
p_certificate = it->second.get()->decoded_certificate();
return 0;
}
int security_cache::get_issuer(const std::string& p_certificate_id, OCTETSTRING& p_hashed_id_issuer) const {
loggers::get_instance().log(">>> security_cache::get_issuer: '%s'", p_certificate_id.c_str());
std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_cache::get_certificate: record not found");
return -1;
}
const std::vector<unsigned char> issuer = it->second.get()->issuer();
p_hashed_id_issuer = OCTETSTRING(issuer.size(), issuer.data());
return 0;
}
int security_cache::get_hashed_id(const std::string& p_certificate_id, OCTETSTRING& p_hashed_id) const {
loggers::get_instance().log(">>> security_cache::get_hashed_id: '%s'", p_certificate_id.c_str());
std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_cache::get_certificate: record not found");
return -1;
}
const std::vector<unsigned char> hashed_id = it->second.get()->hashed_id();
p_hashed_id = OCTETSTRING(hashed_id.size(), hashed_id.data());
return 0;
}
int security_cache::get_private_key(const std::string& p_certificate_id, OCTETSTRING& p_private_key) const {
loggers::get_instance().log(">>> security_cache::get_private_key: '%s'", p_certificate_id.c_str());
std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_cache::get_certificate: record not found");
return -1;
}
const std::vector<unsigned char> private_key = it->second.get()->private_key();
p_private_key = OCTETSTRING(private_key.size(), private_key.data());
return 0;
}
int security_cache::get_public_keys(const std::string& p_certificate_id, OCTETSTRING& p_public_key_x, OCTETSTRING& p_public_key_y) const {
loggers::get_instance().log(">>> security_cache::get_public_keys: '%s'", p_certificate_id.c_str());
std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_cache::get_certificate: record not found");
return -1;
}
const std::vector<unsigned char> public_key_x = it->second.get()->public_key_x();
p_public_key_x = OCTETSTRING(public_key_x.size(), public_key_x.data());
const std::vector<unsigned char> public_key_y = it->second.get()->public_key_y();
p_public_key_y = OCTETSTRING(public_key_y.size(), public_key_y.data());
return 0;
}
int security_cache::store_certificate(const CHARSTRING& p_cert_id, const OCTETSTRING& p_cert, const OCTETSTRING& p_private_key, const OCTETSTRING& p_public_key_x, const OCTETSTRING& p_public_key_y, const OCTETSTRING& p_hashed_id8, const OCTETSTRING& p_issuer) {
loggers::get_instance().log_msg(">>> security_cache::store_certificate: ", p_cert_id);
std::string key(static_cast<const char*>(p_cert_id));
std::vector<unsigned char> cert(static_cast<const unsigned char*>(p_cert), static_cast<const unsigned char*>(p_cert) + p_cert.lengthof());
std::vector<unsigned char> private_key(static_cast<const unsigned char*>(p_private_key), static_cast<const unsigned char*>(p_private_key) + p_private_key.lengthof());
std::vector<unsigned char> public_key_x(static_cast<const unsigned char*>(p_public_key_x), static_cast<const unsigned char*>(p_public_key_x) + p_public_key_x.lengthof());
std::vector<unsigned char> public_key_y(static_cast<const unsigned char*>(p_public_key_y), static_cast<const unsigned char*>(p_public_key_y) + p_public_key_y.lengthof());
std::vector<unsigned char> hashed_id8(static_cast<const unsigned char*>(p_hashed_id8), static_cast<const unsigned char*>(p_hashed_id8) + p_hashed_id8.lengthof());
std::vector<unsigned char> issuer(static_cast<const unsigned char*>(p_issuer), static_cast<const unsigned char*>(p_issuer) + p_issuer.lengthof());
EtsiTs103097Codec_Certificate codec;
IEEE1609dot2::CertificateBase decoded_certificate;
codec.decode(p_cert, decoded_certificate);
loggers::get_instance().log_msg("security_cache::store_certificate: Decoded certificate: ", decoded_certificate);
security_db_record* p = new security_db_record(
key, // Certificate id
cert, // Certificate
decoded_certificate,
issuer, // Hashed ID fo the issuer, empty for CA
hashed_id8, // Hashed ID
private_key, // Private key
public_key_x, // Public key X
public_key_y // Public key Y
);
if (p == nullptr) {
return -1;
}
std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator i = _certificates.find(key);
if (i != _certificates.cend()) {
_certificates.erase(i);
}
std::map<std::vector<unsigned char>, std::string>::const_iterator h = _hashed_id8s.find(hashed_id8);
if (h != _hashed_id8s.cend()) {
_hashed_id8s.erase(h);
}
_certificates.insert(std::pair<std::string, std::unique_ptr<security_db_record> >(key, std::unique_ptr<security_db_record>(p)));
_hashed_id8s.insert(std::pair<std::vector<unsigned char>, std::string&>(hashed_id8, key));
dump();
return 0;
}
void security_cache::dump() const {
loggers::get_instance().log("security_cache::dump_certificates: # items = %d", _certificates.size());
for (std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.cbegin(); it != _certificates.cend(); ++it) {
security_db_record* p = it->second.get();
loggers::get_instance().log("security_cache::dump: certificate_id = %s", p->certificate_id().c_str());
loggers::get_instance().log_to_hexa("security_cache::dump: certificate = ", p->certificate().data(), p->certificate().size());
loggers::get_instance().log_msg("security_cache::dump: decoded certificate = ", p->decoded_certificate());
loggers::get_instance().log_to_hexa("security_cache::dump: hashed_id = ", p->hashed_id().data(), p->hashed_id().size());
loggers::get_instance().log_to_hexa("security_cache::dump: hashed_id_issuer = ", p->issuer().data(), p->issuer().size());
loggers::get_instance().log_to_hexa("security_cache::dump: private_key = ", p->private_key().data(), p->private_key().size());
loggers::get_instance().log_to_hexa("security_cache::dump: public_key_x = ", p->public_key_x().data(), p->public_key_x().size());
loggers::get_instance().log_to_hexa("security_cache::dump: public_key_y = ", p->public_key_y().data(), p->public_key_y().size());
} // End of 'for' statement
for (std::map<std::vector<unsigned char>, std::string>::const_iterator it = _hashed_id8s.cbegin(); it != _hashed_id8s.cend(); ++it) {
loggers::get_instance().log("security_cache::dump: Hashedid8 idx = %s", it->second.c_str());
} // End of 'for' statement
} // End of method dump
#pragma once
#include <string>
#include <memory>
#include <vector>
#include <map>
#include "security_db_record.hh"
class OCTETSTRING;
class CHARSTRING;
/*!
* \class security_cache
* \brief This class provides security record description for in memory security database. In memory mens there is no disk load/save mechanism
*/
class security_cache {
protected: /*! \protectedsection */
// TODO Enforce with const security_cache_record, and const std::string
std::map<std::string, std::unique_ptr<security_db_record> > _certificates; //! List of the certificates indexed by the certificate identifier
std::map<std::vector<unsigned char>, std::string> _hashed_id8s; //! List of the certificates indexed by the HashedId8
std::map<std::vector<unsigned char>, std::string> _issuers; //! List of the certificates indexed by the IssuerIdentifier
public: /*! \publicsection */
/*!
* \brief Default ctor
*/
security_cache();
/*!
* \brief Default private dtor
*/
virtual ~security_cache();
int get_certificate_id(const OCTETSTRING& p_hashed_id8, std::string& p_certifcate_id) const;
int get_certificate_id_by_issuer(const OCTETSTRING& p_issuer, std::string& p_certifcate_id) const;
int get_certificate(const std::string& p_certifcate_id, OCTETSTRING& p_certificate) const;
int get_certificate(const std::string& p_certifcate_id, IEEE1609dot2::CertificateBase& p_certificate) const;
int get_issuer(const std::string& p_certifcate_id, OCTETSTRING& p_hashed_id_issuer) const;
int get_hashed_id(const std::string& p_certifcate_id, OCTETSTRING& p_hashed_id) const;
int get_private_key(const std::string& p_certifcate_id, OCTETSTRING& p_private_key) const;
int get_public_keys(const std::string& p_certifcate_id, OCTETSTRING& p_public_key_x, OCTETSTRING& p_public_key_y) const;
virtual int store_certificate(const CHARSTRING& p_cert_id, const OCTETSTRING& p_cert, const OCTETSTRING& p_private_key, const OCTETSTRING& p_public_key_x, const OCTETSTRING& p_public_key_y, const OCTETSTRING& p_hashid8, const OCTETSTRING& p_issuer);
//virtual int store_certificate(const std::sring& p_cert_id, const std::vector<unsigned char>& p_cert, const std::vector<unsigned char>& p_private_key, const std::vector<unsigned char>& p_public_key_x, const std::vector<unsigned char>& p_public_key_y, const std::vector<unsigned char>& p_hashid8, const std::vector<unsigned char>& p_issuer);
virtual int clear();
void dump() const;
}; // End of class security_cache
......@@ -10,11 +10,7 @@
#include "loggers.hh"
security_db::security_db(): _certificates(), _hashed_id8s(), _issuers() {
loggers::get_instance().log(">>> security_db::security_db");
} // End of ctor
security_db::security_db(const std::string& p_db_path): security_db() {
security_db::security_db(const std::string& p_db_path) {
loggers::get_instance().log(">>> security_db::security_db: '%s'", p_db_path.c_str());
load_from_files(p_db_path);
......@@ -22,130 +18,15 @@ security_db::security_db(const std::string& p_db_path): security_db() {
} // End of ctor
security_db::~security_db() {
clear();
loggers::get_instance().log(">>> security_db::~security_db");
} // End of dtor
int security_db::clear() {
_certificates.clear(); // Smart pointers will do the job
_hashed_id8s.clear();
_issuers.clear();
loggers::get_instance().log(">>> security_db::clear");
// TODO Check if something shale be done here
return 0;
} // End of clear method
int security_db::get_certificate_id(const OCTETSTRING& p_hashed_id8, std::string& p_certifcate_id) const {
loggers::get_instance().log_msg(">>> security_db::get_certificate_id: ", p_hashed_id8);
std::vector<unsigned char> key(static_cast<const unsigned char*>(p_hashed_id8), p_hashed_id8.lengthof() + static_cast<const unsigned char*>(p_hashed_id8));
std::map<std::vector<unsigned char>, std::string>::const_iterator it = _hashed_id8s.find(key);
if (it == _hashed_id8s.cend()) {
p_certifcate_id = "";
return -1;
}
p_certifcate_id = it->second;
return 0;
}
int security_db::get_certificate_id_by_issuer(const OCTETSTRING& p_issuer, std::string& p_certifcate_id) const {
loggers::get_instance().log_msg(">>> security_db::get_certificate_id_by_issuer: ", p_issuer);
std::vector<unsigned char> key(static_cast<const unsigned char*>(p_issuer), p_issuer.lengthof() + static_cast<const unsigned char*>(p_issuer));
std::map<std::vector<unsigned char>, std::string>::const_iterator it = _issuers.find(key);
if (it == _issuers.cend()) {
p_certifcate_id = "";
return -1;
}
p_certifcate_id = it->second;
return 0;
}
int security_db::get_certificate(const std::string& p_certificate_id, OCTETSTRING& p_certificate) const {
loggers::get_instance().log(">>> security_db::get_certificate: '%s'", p_certificate_id.c_str());
std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_db::get_certificate: record not found");
return -1;
}
const std::vector<unsigned char> cert = it->second.get()->certificate();
p_certificate = OCTETSTRING(cert.size(), cert.data());
return 0;
}
int security_db::get_certificate(const std::string& p_certificate_id, IEEE1609dot2::CertificateBase& p_certificate) const {
loggers::get_instance().log(">>> security_db::get_certificate: '%s'", p_certificate_id.c_str());
std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_db::get_certificate: record not found");
return -1;
}
p_certificate = it->second.get()->decoded_certificate();
return 0;
}
int security_db::get_issuer(const std::string& p_certificate_id, OCTETSTRING& p_hashed_id_issuer) const {
loggers::get_instance().log(">>> security_db::get_issuer: '%s'", p_certificate_id.c_str());
std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_db::get_certificate: record not found");
return -1;
}
const std::vector<unsigned char> issuer = it->second.get()->issuer();
p_hashed_id_issuer = OCTETSTRING(issuer.size(), issuer.data());
return 0;
}
int security_db::get_hashed_id(const std::string& p_certificate_id, OCTETSTRING& p_hashed_id) const {
loggers::get_instance().log(">>> security_db::get_hashed_id: '%s'", p_certificate_id.c_str());
std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_db::get_certificate: record not found");
return -1;
}
const std::vector<unsigned char> hashed_id = it->second.get()->hashed_id();
p_hashed_id = OCTETSTRING(hashed_id.size(), hashed_id.data());
return 0;
}
int security_db::get_private_key(const std::string& p_certificate_id, OCTETSTRING& p_private_key) const {
loggers::get_instance().log(">>> security_db::get_private_key: '%s'", p_certificate_id.c_str());
std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_db::get_certificate: record not found");
return -1;
}
const std::vector<unsigned char> private_key = it->second.get()->private_key();
p_private_key = OCTETSTRING(private_key.size(), private_key.data());
return 0;
}
int security_db::get_public_keys(const std::string& p_certificate_id, OCTETSTRING& p_public_key_x, OCTETSTRING& p_public_key_y) const {
loggers::get_instance().log(">>> security_db::get_public_keys: '%s'", p_certificate_id.c_str());
std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id);
if (it == _certificates.cend()) {
loggers::get_instance().warning("security_db::get_certificate: record not found");
return -1;
}
const std::vector<unsigned char> public_key_x = it->second.get()->public_key_x();
p_public_key_x = OCTETSTRING(public_key_x.size(), public_key_x.data());
const std::vector<unsigned char> public_key_y = it->second.get()->public_key_y();
p_public_key_y = OCTETSTRING(public_key_y.size(), public_key_y.data());
return 0;
}
int security_db::load_from_files(const std::string& p_db_path) {
loggers::get_instance().log(">>> security_db::load_from_files: '%s'", p_db_path.c_str());
......@@ -165,63 +46,18 @@ int security_db::load_from_files(const std::string& p_db_path) {
int security_db::store_certificate(const CHARSTRING& p_cert_id, const OCTETSTRING& p_cert, const OCTETSTRING& p_private_key, const OCTETSTRING& p_public_key_x, const OCTETSTRING& p_public_key_y, const OCTETSTRING& p_hashed_id8, const OCTETSTRING& p_issuer) {
loggers::get_instance().log_msg(">>> security_db::store_certificate: ", p_cert_id);
std::string key(static_cast<const char*>(p_cert_id));
std::vector<unsigned char> cert(static_cast<const unsigned char*>(p_cert), static_cast<const unsigned char*>(p_cert) + p_cert.lengthof());
std::vector<unsigned char> private_key(static_cast<const unsigned char*>(p_private_key), static_cast<const unsigned char*>(p_private_key) + p_private_key.lengthof());
std::vector<unsigned char> public_key_x(static_cast<const unsigned char*>(p_public_key_x), static_cast<const unsigned char*>(p_public_key_x) + p_public_key_x.lengthof());
std::vector<unsigned char> public_key_y(static_cast<const unsigned char*>(p_public_key_y), static_cast<const unsigned char*>(p_public_key_y) + p_public_key_y.lengthof());
std::vector<unsigned char> hashed_id8(static_cast<const unsigned char*>(p_hashed_id8), static_cast<const unsigned char*>(p_hashed_id8) + p_hashed_id8.lengthof());
std::vector<unsigned char> issuer(static_cast<const unsigned char*>(p_issuer), static_cast<const unsigned char*>(p_issuer) + p_issuer.lengthof());
EtsiTs103097Codec_Certificate codec;
IEEE1609dot2::CertificateBase decoded_certificate;
codec.decode(p_cert, decoded_certificate);
loggers::get_instance().log_msg("security_db::store_certificate: Decoded certificate: ", decoded_certificate);
security_db_record* p = new security_db_record(
key, // Certificate id
cert, // Certificate