Merge branch 'STF525' of https://forge.etsi.org/gitlab/ITS/ITS into STF525

.TITAN_properties

@@ -22,7 +22,6 @@
       <preprocessorIncludes>
         <listItem>./bin</listItem>
         <listItem>./src/bin</listItem>
-        <listItem>./src/bin/asn1</listItem>
         <listItem>C:\ProgramFiles\OpenSSL-Win64\include</listItem>
         <listItem>C:\npcap-sdk-0.1\Include</listItem>
         <listItem>/Users/yann/Documents/wireshark/cygwin64/usr/lib/gcc/x86_64-pc-cygwin/7.3.0/include/c++</listItem>
@@ -30,8 +29,8 @@
       <disableJSON>true</disableJSON>
       <includeSourceInfo>true</includeSourceInfo>
       <addSourceLineInfo>true</addSourceLineInfo>
-      <enableLegacyEncoding>true</enableLegacyEncoding>
       <activateDebugger>true</activateDebugger>
+      <enableLegacyEncoding>true</enableLegacyEncoding>
       <otherOptimizationFlags>-std=c++11</otherOptimizationFlags>
       <additionalObjects>
         <listItem>./src/bin/asn1/libItsAsn.so</listItem>

docker/v2/build.cmd

@@ -4,7 +4,7 @@ for /f "delims=" %%i in ('docker images -q stfubuntu') do set STFUBUNTU=%%i
 if "x%STFUBUNTU%"=="x" (
   echo Build the stfubuntu:18.04 base on ubuntu:18.04
   docker build --tag stfubuntu:18.04 -f Dockerfile.stfubuntu --force-rm  .
-  if %ERRORLEVEL% NEQ 0 exit 1
+  if %ERRORLEVEL% NEQ 0 return 1
 ) else (
   echo The stfubuntu:18.04 is already built. Skip this stage
 )
@@ -13,14 +13,14 @@ docker build --tag stf525_its --force-rm  .
 set RC=%ERRORLEVEL%
 if %RC% NEQ 0 (
   echo Docker build failed: %RC%
-  exit 1
+  return 1
 )
 docker images
 docker inspect stf525_its:latest 
 set RC=%ERRORLEVEL%
 if %RC% NEQ 0 (
   echo Docker inspect failed: %RC%
-  exit 1
+  return 1
 )
-exit 0
+return 0
 

tools/itssecurity/itssecurity.sln

@@ -7,6 +7,8 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "lib_its_security", "lib_its
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "lib_its_security_tests_unit", "test\lib_its_security_tests_unit.vcxproj", "{5151573E-B7B3-44B4-BA0B-5410831C3D9D}"
 EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "org_etsi_its_security", "org_etsi_its_security\org_etsi_its_security.vcxproj", "{B5C77DAC-BC05-426F-8E13-E60BD2732A02}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|x64 = Debug|x64
@@ -31,14 +33,14 @@ Global
 		{5151573E-B7B3-44B4-BA0B-5410831C3D9D}.Release|x64.Build.0 = Release|x64
 		{5151573E-B7B3-44B4-BA0B-5410831C3D9D}.Release|x86.ActiveCfg = Release|Win32
 		{5151573E-B7B3-44B4-BA0B-5410831C3D9D}.Release|x86.Build.0 = Release|Win32
-		{A5E5C89A-7B89-443A-9972-E0145DBA3B7E}.Debug|x64.ActiveCfg = Debug|x64
-		{A5E5C89A-7B89-443A-9972-E0145DBA3B7E}.Debug|x64.Build.0 = Debug|x64
-		{A5E5C89A-7B89-443A-9972-E0145DBA3B7E}.Debug|x86.ActiveCfg = Debug|Win32
-		{A5E5C89A-7B89-443A-9972-E0145DBA3B7E}.Debug|x86.Build.0 = Debug|Win32
-		{A5E5C89A-7B89-443A-9972-E0145DBA3B7E}.Release|x64.ActiveCfg = Release|x64
-		{A5E5C89A-7B89-443A-9972-E0145DBA3B7E}.Release|x64.Build.0 = Release|x64
-		{A5E5C89A-7B89-443A-9972-E0145DBA3B7E}.Release|x86.ActiveCfg = Release|Win32
-		{A5E5C89A-7B89-443A-9972-E0145DBA3B7E}.Release|x86.Build.0 = Release|Win32
+		{B5C77DAC-BC05-426F-8E13-E60BD2732A02}.Debug|x64.ActiveCfg = Debug|x64
+		{B5C77DAC-BC05-426F-8E13-E60BD2732A02}.Debug|x64.Build.0 = Debug|x64
+		{B5C77DAC-BC05-426F-8E13-E60BD2732A02}.Debug|x86.ActiveCfg = Debug|Win32
+		{B5C77DAC-BC05-426F-8E13-E60BD2732A02}.Debug|x86.Build.0 = Debug|Win32
+		{B5C77DAC-BC05-426F-8E13-E60BD2732A02}.Release|x64.ActiveCfg = Release|x64
+		{B5C77DAC-BC05-426F-8E13-E60BD2732A02}.Release|x64.Build.0 = Release|x64
+		{B5C77DAC-BC05-426F-8E13-E60BD2732A02}.Release|x86.ActiveCfg = Release|Win32
+		{B5C77DAC-BC05-426F-8E13-E60BD2732A02}.Release|x86.Build.0 = Release|Win32
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE

tools/itssecurity/lib_its_security/lib_its_security.c

@@ -165,6 +165,10 @@ int32_t sign_verify(
                     const uint8_t* p_sig_s,
                     const size_t p_sig_length
                    ) {
+  show_hex((const int8_t*)">>> sign_verify: p_data", p_data, p_data_length);
+  show_hex((const int8_t*)">>> sign_verify: p_sig_r", p_sig_r, p_sig_length);
+  show_hex((const int8_t*)">>> sign_verify: p_sig_s", p_sig_s, p_sig_length);
+
   // Sanity checks
   if ((p_lib_its_security_context == NULL) || (p_data == NULL) || (p_sig_r == NULL) || (p_sig_s == NULL)) {
     return -1;
@@ -177,6 +181,7 @@ int32_t sign_verify(
   ECDSA_SIG_set0(signature, r, s);
   // Check the signature
   int32_t result = ECDSA_do_verify(p_data, p_data_length, signature, p_lib_its_security_context->ec_key);
+  fprintf(stderr, "sign_verify: result=%d\n", result);
   ECDSA_SIG_free(signature);
 
   return (result == 1) ? 0 : -1;
@@ -382,7 +387,7 @@ int32_t generate_and_derive_ephemeral_key_for_encryption(
   uint8_t* k2 = (uint8_t*)malloc(k2_length);
   memcpy((void*)k2, (const void*)(k_enc + digest), k2_length);
   show_hex((const int8_t*)"k2", k2, k2_length);
-  hmac_sha256(p_ecdh_private_key->enc_sym_key, p_ecdh_private_key->sym_key_length, k2, k2_length, &p_ecdh_private_key->tag);
+  hmac_sha256(k2, k2_length, p_ecdh_private_key->enc_sym_key, p_ecdh_private_key->sym_key_length, &p_ecdh_private_key->tag);
   show_hex((const int8_t*)"tag", p_ecdh_private_key->tag, p_ecdh_private_key->tag_length);
 
   /* Generate random IV (nonce) */
@@ -486,7 +491,7 @@ int32_t generate_and_derive_ephemeral_key_for_decryption(
   uint8_t* k2 = (uint8_t*)malloc(k2_length);
   memcpy((void*)k2, (const void*)(k_enc + digest), k2_length);
   show_hex((const int8_t*)"k2", k2, k2_length);
-  hmac_sha256(p_lib_its_security_context->enc_sym_key, p_lib_its_security_context->sym_key_length, k2, k2_length, &p_lib_its_security_context->tag);
+  hmac_sha256(k2, k2_length, p_lib_its_security_context->enc_sym_key, p_lib_its_security_context->sym_key_length, &p_lib_its_security_context->tag);
   show_hex((const int8_t*)"authentication vector", p_lib_its_security_context->tag, p_lib_its_security_context->tag_length);
 
   /* Extract K1 and generate encrypted symmetric key */
@@ -822,6 +827,9 @@ int32_t hmac_sha256(
     return -1;
   }
 
+  show_hex((const int8_t*)">>> hmac_sha256: p_secret_key", p_secret_key, p_secret_key_length);
+  show_hex((const int8_t*)">>> hmac_sha256: p_message", p_message, p_message_length);
+
   uint32_t length = 64;
   uint8_t* hmac = (uint8_t*)malloc(length);
   HMAC_CTX *ctx = HMAC_CTX_new();
@@ -834,6 +842,7 @@ int32_t hmac_sha256(
   *p_hmac = (uint8_t*)malloc(16);
   memcpy((void*)*p_hmac, (const void*)hmac, 16);
   free(hmac);
+  show_hex((const int8_t*)"<<< hmac_sha256: p_message", *p_hmac, 16);
 
   return 0;
 }
@@ -845,18 +854,20 @@ int32_t prepare_data_to_be_verify(
                                   const uint8_t* p_certificate_issuer, 
                                   uint8_t** p_hashed_data
                                   ) {
+  show_hex((const int8_t*)">>> prepare_data_to_be_verify: p_data", p_data, p_data_length);
+
   // Calculate the SHA of the hashed data for signing: Hash ( Hash (Data input) || Hash (Signer identifier input) )
   uint8_t* hashed_data1; // Hash (Data input)
   int32_t result;
   if (p_lib_its_security_context->elliptic_curve == brainpool_p_384_r1) {
     result = hash_with_sha384(p_data, p_data_length, &hashed_data1);
   } else {
-    result = hash_with_sha256(p_data, p_data_length, &hashed_data1);
+    result = hash_with_sha256(p_data, p_data_length, &hashed_data1); // Hash (Data input)
   }
   if (result == -1) {
     return -1;
   }
-  uint8_t* hashed_data2; // Hash (Signer identifier input)
+  show_hex((const int8_t*)"prepare_data_to_be_verify: hashed_data1", hashed_data1, p_lib_its_security_context->key_length);
   // Check if issuer is '00...00'O vector
   bool foundNonZero = false;
   for (int i = 0; i < 32; i++) {
@@ -865,7 +876,10 @@ int32_t prepare_data_to_be_verify(
       break;
     }
   }
+  fprintf(stderr, "prepare_data_to_be_verify: foundNonZero=%d\n", foundNonZero);
+  uint8_t* hashed_data2; // Hash (Signer identifier input)
   if (foundNonZero) { 
+    // p_certificate_issuer is already the hashed id
     hashed_data2 = (uint8_t*)malloc(p_lib_its_security_context->key_length);
     memcpy((void*)hashed_data2, (const void*)p_certificate_issuer, p_lib_its_security_context->key_length);
     result = 0;
@@ -881,14 +895,17 @@ int32_t prepare_data_to_be_verify(
     free(hashed_data2);
     return -1;
   }
+  show_hex((const int8_t*)"prepare_data_to_be_verify: hashed_data2", hashed_data2, p_lib_its_security_context->key_length);
   uint8_t* hash_data_buffer = (uint8_t*)malloc(2 * p_lib_its_security_context->key_length); // Hash (Data input) || Hash (Signer identifier input)
   memcpy((void*)hash_data_buffer, (const void*)hashed_data1, p_lib_its_security_context->key_length);
   memcpy((void*)(hash_data_buffer + p_lib_its_security_context->key_length), (const void*)hashed_data2, p_lib_its_security_context->key_length);
+  show_hex((const int8_t*)"prepare_data_to_be_verify: hash_data_buffer", hash_data_buffer, 2 * p_lib_its_security_context->key_length);
   if (p_lib_its_security_context->elliptic_curve == brainpool_p_384_r1) {
     result = hash_with_sha384(hash_data_buffer, 2 * p_lib_its_security_context->key_length, p_hashed_data); // Hash ( Hash (Data input) || Hash (Signer identifier input) )
   } else {
     result = hash_with_sha256(hash_data_buffer, 2 * p_lib_its_security_context->key_length, p_hashed_data); // Hash ( Hash (Data input) || Hash (Signer identifier input) )
   }
+  show_hex((const int8_t*)"prepare_data_to_be_verify: p_hashed_data", *p_hashed_data, p_lib_its_security_context->key_length);
   free(hashed_data1);
   free(hashed_data2);
   free(hash_data_buffer);
@@ -904,6 +921,10 @@ int32_t generic_signature(
                           const uint8_t* p_private_key,
                           uint8_t** p_signature
                           ) {
+  show_hex((const int8_t*)">>> generic_signature: p_to_be_signed_secured_message", p_to_be_signed_secured_message, p_to_be_signed_secured_message_length);
+  show_hex((const int8_t*)">>> generic_signature: p_certificate_issuer", p_certificate_issuer, p_lib_its_security_context->key_length);
+  show_hex((const int8_t*)">>> generic_signature: p_private_key", p_private_key, p_lib_its_security_context->key_length);
+
     uint8_t* hashed_data;
   if (prepare_data_to_be_verify(p_lib_its_security_context, p_to_be_signed_secured_message, p_to_be_signed_secured_message_length, p_certificate_issuer, &hashed_data) == -1) {
     return -1;
@@ -919,6 +940,8 @@ int32_t generic_signature(
   }
   free(hashed_data);
   // Copy the signature
+  show_hex((const int8_t*)"generic_signature: r_sig", r_sig, p_lib_its_security_context->key_length);
+  show_hex((const int8_t*)"generic_signature: s_sig", s_sig, p_lib_its_security_context->key_length);
   *p_signature = (uint8_t*)malloc(2 * p_lib_its_security_context->key_length); // r_sig || s_sig
   memcpy((void*)*p_signature, (const void*)r_sig, p_lib_its_security_context->key_length);
   memcpy((void*)(*p_signature + p_lib_its_security_context->key_length), (const void*)s_sig, p_lib_its_security_context->key_length);
@@ -942,11 +965,14 @@ int32_t generic_verify(
   if (prepare_data_to_be_verify(p_lib_its_security_context, p_to_be_verified_data, p_to_be_verified_data_length, p_certificate_issuer, &hashed_data) == -1) {
     return -1;
   }
+  show_hex((const int8_t*)"generic_verify: p_data", hashed_data, p_lib_its_security_context->key_length);
 
   uint8_t* sig_r = (uint8_t*)malloc(p_lib_its_security_context->key_length);
   memcpy((void*)sig_r, (const void*)p_signature, p_lib_its_security_context->key_length);
+  show_hex((const int8_t*)"generic_verify: sig_r", sig_r, p_lib_its_security_context->key_length);
   uint8_t* sig_s = (uint8_t*)malloc(p_lib_its_security_context->key_length);
   memcpy((void*)sig_s, (const void*)(p_signature + p_lib_its_security_context->key_length), p_lib_its_security_context->key_length);
+  show_hex((const int8_t*)"generic_verify: sig_s", sig_s, p_lib_its_security_context->key_length);
   if (sign_verify(p_lib_its_security_context, hashed_data, p_lib_its_security_context->key_length, sig_r, sig_s, p_lib_its_security_context->key_length) == -1) {
     free(sig_r);
     free(sig_s);
@@ -961,7 +987,7 @@ int32_t generic_verify(
 }
 
 int32_t sign_with_ecdsa_nistp256_with_sha256(
-                                             lib_its_security_context_t* p_lib_its_security_context,
+                                             lib_its_security_context_t* p_lib_its_security_context,  // FIXME To be removed or remove p_private_key
                                              const uint8_t* p_to_be_signed_secured_message,
                                              const size_t p_to_be_signed_secured_message_length,
                                              const uint8_t* p_certificate_issuer,
@@ -973,6 +999,10 @@ int32_t sign_with_ecdsa_nistp256_with_sha256(
     return -1;
   }
 
+  show_hex((const int8_t*)">>> sign_with_ecdsa_nistp256_with_sha256: p_data", p_to_be_signed_secured_message, p_to_be_signed_secured_message_length);
+  show_hex((const int8_t*)">>> sign_with_ecdsa_nistp256_with_sha256: p_certificate_issuer", p_certificate_issuer, p_lib_its_security_context->key_length);
+  show_hex((const int8_t*)">>> sign_with_ecdsa_nistp256_with_sha256: p_private_key", p_private_key, p_lib_its_security_context->key_length);
+
   lib_its_security_context_t* lib_its_security_context;
   if (initialize_with_private_key(nist_p_256, p_private_key, &lib_its_security_context) == -1){
     return -1;
@@ -985,7 +1015,7 @@ int32_t sign_with_ecdsa_nistp256_with_sha256(
 }
 
 int32_t sign_with_ecdsa_brainpoolp256r1_with_sha256(
-                                                    lib_its_security_context_t* p_lib_its_security_context,
+                                                    lib_its_security_context_t* p_lib_its_security_context, // FIXME To be removed or remove p_private_key
                                                     const uint8_t* p_to_be_signed_secured_message,
                                                     const size_t p_to_be_signed_secured_message_length,
                                                     const uint8_t* p_certificate_issuer,
@@ -1009,7 +1039,7 @@ int32_t sign_with_ecdsa_brainpoolp256r1_with_sha256(
 }
 
 int32_t sign_with_ecdsa_brainpoolp384r1_with_sha384(
-                                                    lib_its_security_context_t* p_lib_its_security_context,
+                                                    lib_its_security_context_t* p_lib_its_security_context, // FIXME To be removed or remove p_private_key
                                                     const uint8_t* p_to_be_signed_secured_message,
                                                     const size_t p_to_be_signed_secured_message_length,
                                                     const uint8_t* p_certificate_issuer,
@@ -1033,7 +1063,7 @@ int32_t sign_with_ecdsa_brainpoolp384r1_with_sha384(
 }
 
 int32_t verify_with_ecdsa_nistp256_with_sha256(
-                                               lib_its_security_context_t* p_lib_its_security_context,
+                                               lib_its_security_context_t* p_lib_its_security_context, // FIXME To be removed or remove p_ecdsa_nistp256_publicKey_compressed
                                                const uint8_t* p_to_be_verified_data,
                                                const size_t p_to_be_verified_data_length,
                                                const uint8_t* p_certificate_issuer,
@@ -1041,6 +1071,9 @@ int32_t verify_with_ecdsa_nistp256_with_sha256(
                                                const uint8_t* p_ecdsa_nistp256_publicKey_compressed,
                                                const ecc_compressed_mode_t p_compressed_mode
                                                ) {
+  
+  show_hex((const int8_t*)">>> verify_with_ecdsa_nistp256_with_sha256: p_to_be_verified_data=", p_to_be_verified_data, p_to_be_verified_data_length);
+  
   // Sanity checks
   if ((p_lib_its_security_context == NULL) || (p_to_be_verified_data == NULL) || (p_signature == NULL) || (p_ecdsa_nistp256_publicKey_compressed == NULL)) {
     return -1;
@@ -1058,7 +1091,7 @@ int32_t verify_with_ecdsa_nistp256_with_sha256(
 }
 
 int32_t verify_with_ecdsa_nistp256_with_sha256_raw(
-                                                   lib_its_security_context_t* p_lib_its_security_context,
+                                                   lib_its_security_context_t* p_lib_its_security_context, // FIXME To be removed or remove p_ecdsa_nistp256_publicKey_compressed
                                                    const uint8_t* p_to_be_verified_data,
                                                    const size_t p_to_be_verified_data_length,
                                                    const uint8_t* p_signature,
@@ -1067,7 +1100,7 @@ int32_t verify_with_ecdsa_nistp256_with_sha256_raw(
                                                    ) { return -1; }
 
 int32_t verify_with_ecdsa_brainpoolp256r1_with_sha256(
-                                                      lib_its_security_context_t* p_lib_its_security_context,
+                                                      lib_its_security_context_t* p_lib_its_security_context, // FIXME To be removed or remove p_ecdsaBrainpoolp256PublicKeyCompressed
                                                       const uint8_t* p_to_be_verified_data,
                                                       const size_t p_to_be_verified_data_length,
                                                       const uint8_t* p_certificate_issuer,
@@ -1075,6 +1108,11 @@ int32_t verify_with_ecdsa_brainpoolp256r1_with_sha256(
                                                       const uint8_t* p_ecdsaBrainpoolp256PublicKeyCompressed,
                                                       const ecc_compressed_mode_t p_compressed_mode
                                                       ) {
+  show_hex((const int8_t*)">>> verify_with_ecdsa_brainpoolp256r1_with_sha256: p_to_be_verified_data=", p_to_be_verified_data, p_to_be_verified_data_length);
+  show_hex((const int8_t*)">>> verify_with_ecdsa_brainpoolp256r1_with_sha256: p_certificate_issuer=", p_certificate_issuer, 32);
+  show_hex((const int8_t*)">>> verify_with_ecdsa_brainpoolp256r1_with_sha256: p_signature=", p_signature, 64);
+  show_hex((const int8_t*)">>> verify_with_ecdsa_brainpoolp256r1_with_sha256: p_ecdsaBrainpoolp256PublicKeyCompressed=", p_ecdsaBrainpoolp256PublicKeyCompressed, 32);
+
     // Sanity checks
   if ((p_lib_its_security_context == NULL) || (p_to_be_verified_data == NULL) || (p_signature == NULL) || (p_ecdsaBrainpoolp256PublicKeyCompressed == NULL)) {
     return -1;
@@ -1092,7 +1130,7 @@ int32_t verify_with_ecdsa_brainpoolp256r1_with_sha256(
 }
 
 int32_t verify_with_ecdsa_brainpoolp384r1_with_sha384(
-                                                      lib_its_security_context_t* p_lib_its_security_context,
+                                                      lib_its_security_context_t* p_lib_its_security_context, // FIXME To be removed or remove p_ecdsaBrainpoolp384PublicKeyCompressed
                                                       const uint8_t* p_to_be_verified_data,
                                                       const size_t p_to_be_verified_data_length,
                                                       const uint8_t* p_certificate_issuer,
@@ -1100,6 +1138,8 @@ int32_t verify_with_ecdsa_brainpoolp384r1_with_sha384(
                                                       const uint8_t* p_ecdsaBrainpoolp384PublicKeyCompressed,
                                                       const ecc_compressed_mode_t p_compressed_mode
                                                       ) {
+  show_hex((const int8_t*)">>> verify_with_ecdsa_brainpoolp384r1_with_sha384: p_to_be_verified_data=", p_to_be_verified_data, p_to_be_verified_data_length);
+
   // Sanity checks
   if ((p_lib_its_security_context == NULL) || (p_to_be_verified_data == NULL) || (p_signature == NULL) || (p_ecdsaBrainpoolp384PublicKeyCompressed == NULL)) {
     return -1;
@@ -1133,6 +1173,9 @@ int32_t encrypt_with_ecies_nistp256_with_sha256(
                                                 uint8_t** p_encrypted_secured_message,
                                                 size_t* p_encrypted_secured_message_length
                                                 ) {
+  show_hex((const int8_t*)">>> encrypt_with_ecies_nistp256_with_sha256: p_to_be_encrypted_secured_message=", p_to_be_encrypted_secured_message, p_to_be_encrypted_secured_message_length);
+  show_hex((const int8_t*)">>> encrypt_with_ecies_nistp256_with_sha256: p_recipients_public_key_compressed=", p_recipients_public_key_compressed, 32);
+  show_hex((const int8_t*)">>> encrypt_with_ecies_nistp256_with_sha256: p_salt=", p_salt, p_salt_length);
     /* Sanity checks */
 
   lib_its_security_context_t* lib_its_security_context = NULL;
@@ -1147,6 +1190,7 @@ int32_t encrypt_with_ecies_nistp256_with_sha256(
   if (result == -1) {
     goto end;
   }
+  show_hex((const int8_t*)"encrypt_with_ecies_nistp256_with_sha256: Ephemeral key compressed=", lib_its_security_context->public_key_c, lib_its_security_context->key_length);
 
   /* 2. Generate and derive shared secret based on recipient's public keys */
   result = initialize_with_public_key(nist_p_256, p_recipients_public_key_compressed, p_compressed_mode, &lib_its_security_context_comp);
@@ -1192,6 +1236,8 @@ int32_t encrypt_with_ecies_nistp256_with_sha256(
   *p_encrypted_secured_message = (uint8_t*)realloc((void*)*p_encrypted_secured_message, *p_encrypted_secured_message_length + lib_its_security_context->tag_length);
   memcpy((void*)(*p_encrypted_secured_message + *p_encrypted_secured_message_length), (const void*)lib_its_security_context->tag, lib_its_security_context->tag_length);
   *p_encrypted_secured_message_length += lib_its_security_context->tag_length;
+  fprintf(stderr, "p_encrypted_secured_message_length = %ld\n", *p_encrypted_secured_message_length);
+  show_hex((const int8_t*)"p_encrypted_secured_message", *p_encrypted_secured_message, *p_encrypted_secured_message_length);
 
   result = 0;
  end:
@@ -1483,6 +1529,11 @@ int32_t decrypt(
                 uint8_t** p_plain_text_message,
                 size_t* p_plain_text_message_length
                 ) {
+    show_hex((const int8_t*)">>> decrypt: p_cipher_message", p_cipher_message, p_cipher_message_length);
+    show_hex((const int8_t*)">>> decrypt: sym_key", p_lib_its_security_context->sym_key, p_lib_its_security_context->sym_key_length);
+    show_hex((const int8_t*)">>> decrypt: nonce", p_lib_its_security_context->nonce, p_lib_its_security_context->nonce_length);
+    show_hex((const int8_t*)">>> decrypt: tag", p_lib_its_security_context->tag, p_lib_its_security_context->tag_length);
+
     /* Sanity checks */
     if ((p_lib_its_security_context == NULL) || (p_lib_its_security_context->sym_key == NULL) || (p_lib_its_security_context->nonce == NULL) || (p_cipher_message == NULL) || (p_plain_text_message == NULL)) {
         return -1;
@@ -1516,11 +1567,14 @@ int32_t decrypt(
     int len = 0;
     int result = EVP_DecryptUpdate(ctx, *p_plain_text_message, &len, p_cipher_message, p_cipher_message_length);
     EVP_CIPHER_CTX_free(ctx);
+    show_hex((const int8_t*)"decrypt: *p_plain_text_message", *p_plain_text_message, *p_plain_text_message_length);
+    fprintf(stderr, "decrypt: result=%d\n", result);
     if (result != 1) {
         free(*p_plain_text_message);
         *p_plain_text_message = NULL;
     }
 
+    fprintf(stderr, "<<< decrypt: result=%d\n", (result > 0) ? 0 : -1);
     return (result > 0) ? 0 : -1;
 }
 

tools/itssecurity/lib_its_security/lib_its_security.h

@@ -395,7 +395,7 @@ LIBITSSECURITY_API int32_t decrypt_with_ecies_brainpoolp256r1_with_sha256(
  * \param[out] p_cipher_message_length       The ciphered message length
  * \return 0 on success, -1 otherwise
  */
-  LIBITSSECURITY_API int32_t encrypt_( // Conflict with unistd.h
+LIBITSSECURITY_API int32_t encrypt_( // Conflict with unistd.h
                                     lib_its_security_context_t* p_lib_its_security_context,
                                     const uint8_t* p_plain_text_message,
                                     const size_t p_plain_text_message_length,

tools/itssecurity/lib_its_security/lib_its_security.vcxproj

@@ -88,10 +88,10 @@
   </PropertyGroup>
   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
     <ClCompile>
-      <PrecompiledHeader>Use</PrecompiledHeader>
+      <PrecompiledHeader>NotUsing</PrecompiledHeader>
       <WarningLevel>Level3</WarningLevel>
       <SDLCheck>true</SDLCheck>
-      <PreprocessorDefinitions>_DEBUG;LIBITSSECURITY_EXPORTS;_WINDOWS;_USRDLL;_Win64;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>_Win64;_DEBUG;LIBITSSECURITY_EXPORTS;_WINDOWS;_USRDLL;_Win64;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <ConformanceMode>true</ConformanceMode>
       <PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
       <AdditionalIncludeDirectories>C:\Program Files\OpenSSL-Win64\include</AdditionalIncludeDirectories>
@@ -159,6 +159,9 @@
       <AdditionalLibraryDirectories>C:\Program Files\OpenSSL-Win64\lib\VC</AdditionalLibraryDirectories>
       <AdditionalDependencies>libcrypto64MDd.lib;libssl64MDd.lib;Ws2_32.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
     </Link>
+    <PostBuildEvent>
+      <Command>cp "$(TargetPath)" "$(MSBuildProjectDirectory)\..\..\..\javasrc\nativeLibs\win32\x86_64"</Command>
+    </PostBuildEvent>
   </ItemDefinitionGroup>
   <ItemGroup>
     <ClInclude Include="lib_its_security.h" />

tools/itssecurity/org_etsi_its_security/Makefile

+PROJECTROOT  = ..
+BUILDROOT    = ../../build
+PROJECT      = org_etsi_its_security
+DEBUG        = yes
+testdir      =
+
+alibs        = $(PROJECT)
+solibs       = $(PROJECT)
+
+sources       := org_etsi_its_security_NativeSecurity.c
+sources-WIN32 :=
+headers       := org_etsi_its_security_NativeSecurity.h
+
+cflags        += -Werror
+
+packages      += openssl
+
+includes      += ../../lib_its_security /usr/lib/jvm/java-11-openjdk-amd64/include /usr/lib/jvm/java-11-openjdk-amd64/include/linux
+
+libs          += $(outdir)/libItsSecurity.a
+
+include ../../common.mk
+

tools/itssecurity/org_etsi_its_security/org_etsi_its_security.vcxproj

+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup Label="ProjectConfigurations">
+    <ProjectConfiguration Include="Debug|Win32">
+      <Configuration>Debug</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|Win32">
+      <Configuration>Release</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Debug|x64">
+      <Configuration>Debug</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|x64">
+      <Configuration>Release</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+  </ItemGroup>
+  <PropertyGroup Label="Globals">
+    <VCProjectVersion>16.0</VCProjectVersion>
+    <ProjectGuid>{B5C77DAC-BC05-426F-8E13-E60BD2732A02}</ProjectGuid>
+    <Keyword>Win32Proj</Keyword>
+    <RootNamespace>orgetsiitssecurity</RootNamespace>
+    <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+    <ConfigurationType>StaticLibrary</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <PlatformToolset>v142</PlatformToolset>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+    <ConfigurationType>StaticLibrary</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <PlatformToolset>v142</PlatformToolset>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+    <ConfigurationType>DynamicLibrary</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <PlatformToolset>v142</PlatformToolset>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+    <ConfigurationType>DynamicLibrary</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <PlatformToolset>v142</PlatformToolset>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+  <ImportGroup Label="ExtensionSettings">
+  </ImportGroup>
+  <ImportGroup Label="Shared">
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <PropertyGroup Label="UserMacros" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <LinkIncremental>false</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <LinkIncremental>true</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <LinkIncremental>true</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <LinkIncremental>false</LinkIncremental>
+  </PropertyGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <ClCompile>
+      <PrecompiledHeader>NotUsing</PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <SDLCheck>true</SDLCheck>
+      <PreprocessorDefinitions>_Win64;NDEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <ConformanceMode>true</ConformanceMode>
+      <PrecompiledHeaderFile>
+      </PrecompiledHeaderFile>
+      <AdditionalIncludeDirectories>C:\Program Files\OpenSSL-Win64\include;C:\Program Files\Java\jdk1.8.0_241\include;C:\Program Files\Java\jdk1.8.0_241\include\win32;$(ProjectDir)../lib_its_security;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+    </ClCompile>
+    <Link>
+      <SubSystem>Windows</SubSystem>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <AdditionalLibraryDirectories>$(ProjectDir)..\x64\Release;C:\Program Files\OpenSSL-Win64\lib\VC</AdditionalLibraryDirectories>
+      <AdditionalDependencies>lib_its_security.lib;libcrypto64MDd.lib;libssl64MDd.lib;Ws2_32.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+    </Link>
+    <PostBuildEvent>
+      <Command>cp "$(TargetPath)" "$(MSBuildProjectDirectory)\..\..\..\javasrc\nativeLibs\win32\x86_64"</Command>
+    </PostBuildEvent>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <ClCompile>
+      <PrecompiledHeader>Use</PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <SDLCheck>true</SDLCheck>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <ConformanceMode>true</ConformanceMode>
+      <PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
+    </ClCompile>
+    <Link>
+      <SubSystem>Windows</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <ClCompile>
+      <PrecompiledHeader>NotUsing</PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <SDLCheck>true</SDLCheck>
+      <PreprocessorDefinitions>_Win64;_DEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <ConformanceMode>true</ConformanceMode>
+      <PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
+      <AdditionalIncludeDirectories>C:\Program Files\OpenSSL-Win64\include;C:\Program Files\Java\jdk1.8.0_241\include;C:\Program Files\Java\jdk1.8.0_241\include\win32;$(ProjectDir)../lib_its_security;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+    </ClCompile>
+    <Link>
+      <SubSystem>Windows</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <AdditionalDependencies>lib_its_security.lib;libcrypto64MDd.lib;libssl64MDd.lib;Ws2_32.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+    </Link>
+    <Lib>
+      <AdditionalLibraryDirectories>$(ProjectDir)..\x64\Debug;C:\Program Files\OpenSSL-Win64\lib\VC</AdditionalLibraryDirectories>
+    </Lib>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">