Loading ccsrc/Protocols/GeoNetworking/GeoNetworkingLayer.cc +3 −3 Original line number Diff line number Diff line Loading @@ -174,6 +174,7 @@ void GeoNetworkingLayer::receiveData(OCTETSTRING& data, Params& params) { OCTETSTRING unsecured_gn_payload; OCTETSTRING secured_data = OCTETSTRING(data.lengthof() - basic_header_len, static_cast<const unsigned char*>(data) + basic_header_len); /////////////////// // FIXME Check what to do with this! if (*static_cast<const unsigned char*>(secured_data) == 0x02) { // This is the old Security version format, discard it loggers::get_instance().warning("GeoNetworkingLayer::receiveData: Old security format, discard it"); return; Loading Loading @@ -425,7 +426,7 @@ void GeoNetworkingLayer::send_beacon() { } // Update timestamp unsigned long long ms = std::chrono::duration_cast<std::chrono::milliseconds>(std::chrono::system_clock::now().time_since_epoch()).count() - 1072911600000L; // TODO Add method such as its_time() & its_time_mod() eh->beaconHeader().srcPosVector().timestamp__().set_long_long_val(static_cast<unsigned int>(ms)); eh->beaconHeader().srcPosVector().timestamp__().set_long_long_val((unsigned int)ms); //loggers::get_instance().log_msg("GeoNetworkingLayer::send_beacon: ", *_beacon); // Encode message using TITAN because of payload in omited TTCN_Buffer encoding_buffer; Loading Loading @@ -848,11 +849,10 @@ int GeoNetworkingLayer::build_secured_pdu(OCTETSTRING& data, Params& params) { basic_header.nextHeader() = BasicNextHeader::e__securedPacket; OCTETSTRING unsecured_gn_payload = OCTETSTRING(data.lengthof() - basic_header_len, static_cast<const unsigned char*>(data) + basic_header_len); OCTETSTRING secured_gn_payload; if (security_services::get_instance().secure_gn_payload(unsecured_gn_payload, false, secured_gn_payload, params) != 0) { if (security_services::get_instance().secure_gn_payload(unsecured_gn_payload, secured_gn_payload, params) != 0) { loggers::get_instance().warning("GeoNetworkingLayer::build_secured_pdu: failed to build secured pdu"); return -1; } // TODO Add timer to check if certificate shall be sent // Encode the basid header //loggers::get_instance().log_msg("GeoNetworkingLayer::build_secured_pdu: New basic_header = ", basic_header); Loading ccsrc/Protocols/Security/certificates_loader.cc +25 −11 Original line number Diff line number Diff line #include <iostream> #include <fstream> #include "EtsiTs103097Module.hh" #include "certificates_loader.hh" namespace fs = std::experimental::filesystem; #include "EtsiTs103097Codec_Certificate.hh" #include "converter.hh" Loading @@ -21,8 +24,11 @@ int certificates_loader::build_path(const std::string& p_root_directory) { if (!p_root_directory.empty()) { _full_path = p_root_directory; if (!std::experimental::filesystem::is_directory(_full_path)) { // Create directory if (!std::experimental::filesystem::create_directory(_full_path)) { _full_path = "./"; } } } else { _full_path = "./"; } Loading @@ -37,7 +43,7 @@ int certificates_loader::build_path(const std::string& p_root_directory) { return 0; } // End of method build_path int certificates_loader::load_certificates(std::map<std::string, std::unique_ptr<security_db_record> >& p_certificates, std::map<std::vector<unsigned char>, std::string>& p_hashed_id8s) { int certificates_loader::load_certificates(std::map<std::string, std::unique_ptr<security_db_record> >& p_certificates, std::map<std::vector<unsigned char>, std::string>& p_hashed_id8s, std::map<std::vector<unsigned char>, std::string>& p_issuers) { loggers::get_instance().log(">>> certificates_loader::load_certificates"); // Sanity check Loading @@ -52,7 +58,7 @@ int certificates_loader::load_certificates(std::map<std::string, std::unique_ptr return -1; } // Build the certificates cache if (build_certificates_cache(files, p_certificates, p_hashed_id8s) == -1) { if (build_certificates_cache(files, p_certificates, p_hashed_id8s, p_issuers) == -1) { loggers::get_instance().warning("certificates_loader::load_certificates: Failed to build the certificate cache"); return -1; } Loading Loading @@ -82,11 +88,11 @@ int certificates_loader::retrieve_certificates_list(std::set<std::experimental:: if (folders.size() == 0) { loggers::get_instance().warning("certificates_loader::retrieve_certificates_list: No folder after filtering"); return -1; folders.insert(_full_path); } // Process files p_files.clear(); std::set<std::string> extensions_filter{ _certificateExt, _privateKeyExt, _publicKeysExt }; std::set<std::string> extensions_filter{ _certificateExt, _privateKeyExt, _publicKeysExt, _hashedidDigestExt, _issuerDigestExt }; for (std::set<std::experimental::filesystem::path>::const_reverse_iterator f = folders.crbegin(); f != folders.crend(); ++f) { loggers::get_instance().log("certificates_loader::retrieve_certificates_list: Processing directory '%s'", f->string().c_str()); for(const std::experimental::filesystem::directory_entry it : std::experimental::filesystem::recursive_directory_iterator(*f)) { Loading @@ -110,14 +116,15 @@ int certificates_loader::retrieve_certificates_list(std::set<std::experimental:: return 0; } // End of method retrieve_certificates_list int certificates_loader::build_certificates_cache(std::set<std::experimental::filesystem::path>& p_files, std::map<std::string, std::unique_ptr<security_db_record> >& p_certificates, std::map<std::vector<unsigned char>, std::string>& p_hashed_id8s) { int certificates_loader::build_certificates_cache(std::set<std::experimental::filesystem::path>& p_files, std::map<std::string, std::unique_ptr<security_db_record> >& p_certificates, std::map<std::vector<unsigned char>, std::string>& p_hashed_id8s, std::map<std::vector<unsigned char>, std::string>& p_issuers) { loggers::get_instance().log(">>> certificates_loader::build_certificates_cache"); std::set<std::experimental::filesystem::path>::const_iterator it = p_files.cbegin(); do { loggers::get_instance().log("certificates_loader::build_certificates_cache: Caching '%s'", it->string().c_str()); std::experimental::filesystem::path p = *it; std::string key = p.filename(); const std::string& key = p.stem(); loggers::get_instance().log("certificates_loader::build_certificates_cache: Key = '%s'", key.c_str()); // Load certificate file it = p_files.find(p.replace_extension(_certificateExt)); Loading Loading @@ -212,10 +219,16 @@ int certificates_loader::build_certificates_cache(std::set<std::experimental::fi p_files.erase(it); // Create new record EtsiTs103097Codec_Certificate codec; IEEE1609dot2::CertificateBase decoded_certificate; OCTETSTRING os(certificate.size(), certificate.data()); codec.decode(os, decoded_certificate); loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: Decoded certificate: ", decoded_certificate); p_certificates.insert(std::pair<const std::string, std::unique_ptr<security_db_record> >(key, std::unique_ptr<security_db_record>( new security_db_record( key, certificate, // Certificate decoded_certificate, issuer, // Hashed ID fo the issuer, empty for CA hashed_id, // Hashed ID private_key, // Private key Loading @@ -229,6 +242,7 @@ int certificates_loader::build_certificates_cache(std::set<std::experimental::fi return -1; } p_hashed_id8s.insert(std::pair<std::vector<unsigned char>, std::string>(i->second.get()->hashed_id(), i->first)); p_issuers.insert(std::pair<std::vector<unsigned char>, std::string>(i->second.get()->issuer(), i->first)); // Reset pointer it = p_files.cbegin(); Loading @@ -243,7 +257,7 @@ int certificates_loader::save_certificate(const security_db_record& p_certificat // Certificate file std::experimental::filesystem::path p(_full_path); p /= p_certificate.certificate_id(); p += _certificateExt;//, _privateKeyExt{".pkey"}, _publicKeysExt{".vkey"} p += _certificateExt; if (std::experimental::filesystem::exists(p)) { std::experimental::filesystem::remove(p); } Loading @@ -256,7 +270,7 @@ int certificates_loader::save_certificate(const security_db_record& p_certificat // Private key p = _full_path; p /= p_certificate.certificate_id(); p += _privateKeyExt; // _publicKeysExt{".vkey"} p += _privateKeyExt; if (std::experimental::filesystem::exists(p)) { std::experimental::filesystem::remove(p); } Loading Loading @@ -289,7 +303,7 @@ int certificates_loader::save_certificate(const security_db_record& p_certificat } loggers::get_instance().log("certificates_loader::save_certificate: Issuer digest file: '%s'", p.string().c_str()); os.open(p.string(), ios::out | ios::binary); os.write(reinterpret_cast<const char *>(p_certificate.hashed_id_issuer().data()), p_certificate.hashed_id_issuer().size()); os.write(reinterpret_cast<const char *>(p_certificate.issuer().data()), p_certificate.issuer().size()); os.close(); std::experimental::filesystem::permissions(p, std::experimental::filesystem::perms::add_perms | std::experimental::filesystem::perms::owner_all | std::experimental::filesystem::perms::group_all | std::experimental::filesystem::perms::others_all); Loading ccsrc/Protocols/Security/certificates_loader.hh +2 −2 Original line number Diff line number Diff line Loading @@ -71,13 +71,13 @@ public: /*! \publicsection */ int build_path(const std::string& p_root_directory); int load_certificates(std::map<std::string, std::unique_ptr<security_db_record> >& p_certificates, std::map<std::vector<unsigned char>, std::string>& p_hashed_id8s); int load_certificates(std::map<std::string, std::unique_ptr<security_db_record> >& p_certificates, std::map<std::vector<unsigned char>, std::string>& p_hashed_id8s, std::map<std::vector<unsigned char>, std::string>& p_issuers); //int load_certificate(std::unique_ptr<security_db_record> >& p_certificate, std::map<const std::vector<unsigned char>, const std::string&>& p_hashed_id8s); int save_certificate(const security_db_record& p_certificate); private: int retrieve_certificates_list(std::set<std::experimental::filesystem::path>& p_files); int build_certificates_cache(std::set<std::experimental::filesystem::path>& p_files, std::map<std::string, std::unique_ptr<security_db_record> >& p_certificates, std::map<std::vector<unsigned char>, std::string>& p_hashed_id8s); int build_certificates_cache(std::set<std::experimental::filesystem::path>& p_files, std::map<std::string, std::unique_ptr<security_db_record> >& p_certificates, std::map<std::vector<unsigned char>, std::string>& p_hashed_id8s, std::map<std::vector<unsigned char>, std::string>& p_issuers); }; // End of class certificates_loader ccsrc/Protocols/Security/security_db.cc +44 −8 Original line number Diff line number Diff line Loading @@ -6,9 +6,11 @@ #include "certificates_loader.hh" #include "EtsiTs103097Codec_Certificate.hh" #include "loggers.hh" security_db::security_db(): _certificates(), _hashed_id8s() { security_db::security_db(): _certificates(), _hashed_id8s(), _issuers() { loggers::get_instance().log(">>> security_db::security_db"); } // End of ctor Loading @@ -26,6 +28,7 @@ security_db::~security_db() { int security_db::clear() { _certificates.clear(); // Smart pointers will do the job _hashed_id8s.clear(); _issuers.clear(); return 0; } // End of clear method Loading @@ -44,6 +47,20 @@ int security_db::get_certificate_id(const OCTETSTRING& p_hashed_id8, std::string return 0; } int security_db::get_certificate_id_by_issuer(const OCTETSTRING& p_issuer, std::string& p_certifcate_id) const { loggers::get_instance().log_msg(">>> security_db::get_certificate_id_by_issuer: ", p_issuer); std::vector<unsigned char> key(static_cast<const unsigned char*>(p_issuer), p_issuer.lengthof() + static_cast<const unsigned char*>(p_issuer)); std::map<std::vector<unsigned char>, std::string>::const_iterator it = _issuers.find(key); if (it == _issuers.cend()) { p_certifcate_id = ""; return -1; } p_certifcate_id = it->second; return 0; } int security_db::get_certificate(const std::string& p_certificate_id, OCTETSTRING& p_certificate) const { loggers::get_instance().log(">>> security_db::get_certificate: '%s'", p_certificate_id.c_str()); Loading @@ -58,16 +75,29 @@ int security_db::get_certificate(const std::string& p_certificate_id, OCTETSTRIN return 0; } int security_db::get_hashed_id_issuer(const std::string& p_certificate_id, OCTETSTRING& p_hashed_id_issuer) const { loggers::get_instance().log(">>> security_db::get_hashed_id_issuer: '%s'", p_certificate_id.c_str()); int security_db::get_certificate(const std::string& p_certificate_id, IEEE1609dot2::CertificateBase& p_certificate) const { loggers::get_instance().log(">>> security_db::get_certificate: '%s'", p_certificate_id.c_str()); std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id); if (it == _certificates.cend()) { loggers::get_instance().warning("security_db::get_certificate: record not found"); return -1; } p_certificate = it->second.get()->decoded_certificate(); return 0; } int security_db::get_issuer(const std::string& p_certificate_id, OCTETSTRING& p_hashed_id_issuer) const { loggers::get_instance().log(">>> security_db::get_issuer: '%s'", p_certificate_id.c_str()); std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id); if (it == _certificates.cend()) { loggers::get_instance().warning("security_db::get_certificate: record not found"); return -1; } const std::vector<unsigned char> hashed_id_issuer = it->second.get()->hashed_id_issuer(); p_hashed_id_issuer = OCTETSTRING(hashed_id_issuer.size(), hashed_id_issuer.data()); const std::vector<unsigned char> issuer = it->second.get()->issuer(); p_hashed_id_issuer = OCTETSTRING(issuer.size(), issuer.data()); return 0; } Loading Loading @@ -124,7 +154,7 @@ int security_db::load_from_files(const std::string& p_db_path) { return -1; } if (certificates_loader::get_instance().load_certificates(_certificates, _hashed_id8s) == -1) { if (certificates_loader::get_instance().load_certificates(_certificates, _hashed_id8s, _issuers) == -1) { loggers::get_instance().log(">>> security_db::load_from_files: certificates_loader::load_certificates method failed"); return -1; } Loading @@ -142,9 +172,14 @@ int security_db::store_certificate(const CHARSTRING& p_cert_id, const OCTETSTRIN std::vector<unsigned char> public_key_y(static_cast<const unsigned char*>(p_public_key_y), static_cast<const unsigned char*>(p_public_key_y) + p_public_key_y.lengthof()); std::vector<unsigned char> hashed_id8(static_cast<const unsigned char*>(p_hashed_id8), static_cast<const unsigned char*>(p_hashed_id8) + p_hashed_id8.lengthof()); std::vector<unsigned char> issuer(static_cast<const unsigned char*>(p_issuer), static_cast<const unsigned char*>(p_issuer) + p_issuer.lengthof()); EtsiTs103097Codec_Certificate codec; IEEE1609dot2::CertificateBase decoded_certificate; codec.decode(p_cert, decoded_certificate); loggers::get_instance().log_msg("security_db::store_certificate: Decoded certificate: ", decoded_certificate); security_db_record* p = new security_db_record( key, // Certificate id cert, // Certificate decoded_certificate, issuer, // Hashed ID fo the issuer, empty for CA hashed_id8, // Hashed ID private_key, // Private key Loading Loading @@ -179,8 +214,9 @@ void security_db::dump() const { security_db_record* p = it->second.get(); loggers::get_instance().log("security_db::dump: certificate_id = %s", p->certificate_id().c_str()); loggers::get_instance().log_to_hexa("security_db::dump: certificate = ", p->certificate().data(), p->certificate().size()); loggers::get_instance().log_msg("security_db::dump: decoded certificate = ", p->decoded_certificate()); loggers::get_instance().log_to_hexa("security_db::dump: hashed_id = ", p->hashed_id().data(), p->hashed_id().size()); loggers::get_instance().log_to_hexa("security_db::dump: hashed_id_issuer = ", p->hashed_id_issuer().data(), p->hashed_id_issuer().size()); loggers::get_instance().log_to_hexa("security_db::dump: hashed_id_issuer = ", p->issuer().data(), p->issuer().size()); loggers::get_instance().log_to_hexa("security_db::dump: private_key = ", p->private_key().data(), p->private_key().size()); loggers::get_instance().log_to_hexa("security_db::dump: public_key_x = ", p->public_key_x().data(), p->public_key_x().size()); loggers::get_instance().log_to_hexa("security_db::dump: public_key_y = ", p->public_key_y().data(), p->public_key_y().size()); Loading ccsrc/Protocols/Security/security_db.hh +4 −1 Original line number Diff line number Diff line Loading @@ -18,6 +18,7 @@ class security_db { // TODO Enforce with const security_db_record, and const std::string std::map<std::string, std::unique_ptr<security_db_record> > _certificates; //! List of the certificates indexed by the certficate identifier std::map<std::vector<unsigned char>, std::string> _hashed_id8s; //! List of the certificates indexed by the HashedId8 std::map<std::vector<unsigned char>, std::string> _issuers; //! List of the certificates indexed by the IssuerIdentifier public: /*! \publicsection */ /*! Loading @@ -34,8 +35,10 @@ public: /*! \publicsection */ ~security_db(); int get_certificate_id(const OCTETSTRING& p_hashed_id8, std::string& p_certifcate_id) const; int get_certificate_id_by_issuer(const OCTETSTRING& p_issuer, std::string& p_certifcate_id) const; int get_certificate(const std::string& p_certifcate_id, OCTETSTRING& p_certificate) const; int get_hashed_id_issuer(const std::string& p_certifcate_id, OCTETSTRING& p_hashed_id_issuer) const; int get_certificate(const std::string& p_certifcate_id, IEEE1609dot2::CertificateBase& p_certificate) const; int get_issuer(const std::string& p_certifcate_id, OCTETSTRING& p_hashed_id_issuer) const; int get_hashed_id(const std::string& p_certifcate_id, OCTETSTRING& p_hashed_id) const; int get_private_key(const std::string& p_certifcate_id, OCTETSTRING& p_private_key) const; int get_public_keys(const std::string& p_certifcate_id, OCTETSTRING& p_public_key_x, OCTETSTRING& p_public_key_y) const; Loading Loading
ccsrc/Protocols/GeoNetworking/GeoNetworkingLayer.cc +3 −3 Original line number Diff line number Diff line Loading @@ -174,6 +174,7 @@ void GeoNetworkingLayer::receiveData(OCTETSTRING& data, Params& params) { OCTETSTRING unsecured_gn_payload; OCTETSTRING secured_data = OCTETSTRING(data.lengthof() - basic_header_len, static_cast<const unsigned char*>(data) + basic_header_len); /////////////////// // FIXME Check what to do with this! if (*static_cast<const unsigned char*>(secured_data) == 0x02) { // This is the old Security version format, discard it loggers::get_instance().warning("GeoNetworkingLayer::receiveData: Old security format, discard it"); return; Loading Loading @@ -425,7 +426,7 @@ void GeoNetworkingLayer::send_beacon() { } // Update timestamp unsigned long long ms = std::chrono::duration_cast<std::chrono::milliseconds>(std::chrono::system_clock::now().time_since_epoch()).count() - 1072911600000L; // TODO Add method such as its_time() & its_time_mod() eh->beaconHeader().srcPosVector().timestamp__().set_long_long_val(static_cast<unsigned int>(ms)); eh->beaconHeader().srcPosVector().timestamp__().set_long_long_val((unsigned int)ms); //loggers::get_instance().log_msg("GeoNetworkingLayer::send_beacon: ", *_beacon); // Encode message using TITAN because of payload in omited TTCN_Buffer encoding_buffer; Loading Loading @@ -848,11 +849,10 @@ int GeoNetworkingLayer::build_secured_pdu(OCTETSTRING& data, Params& params) { basic_header.nextHeader() = BasicNextHeader::e__securedPacket; OCTETSTRING unsecured_gn_payload = OCTETSTRING(data.lengthof() - basic_header_len, static_cast<const unsigned char*>(data) + basic_header_len); OCTETSTRING secured_gn_payload; if (security_services::get_instance().secure_gn_payload(unsecured_gn_payload, false, secured_gn_payload, params) != 0) { if (security_services::get_instance().secure_gn_payload(unsecured_gn_payload, secured_gn_payload, params) != 0) { loggers::get_instance().warning("GeoNetworkingLayer::build_secured_pdu: failed to build secured pdu"); return -1; } // TODO Add timer to check if certificate shall be sent // Encode the basid header //loggers::get_instance().log_msg("GeoNetworkingLayer::build_secured_pdu: New basic_header = ", basic_header); Loading
ccsrc/Protocols/Security/certificates_loader.cc +25 −11 Original line number Diff line number Diff line #include <iostream> #include <fstream> #include "EtsiTs103097Module.hh" #include "certificates_loader.hh" namespace fs = std::experimental::filesystem; #include "EtsiTs103097Codec_Certificate.hh" #include "converter.hh" Loading @@ -21,8 +24,11 @@ int certificates_loader::build_path(const std::string& p_root_directory) { if (!p_root_directory.empty()) { _full_path = p_root_directory; if (!std::experimental::filesystem::is_directory(_full_path)) { // Create directory if (!std::experimental::filesystem::create_directory(_full_path)) { _full_path = "./"; } } } else { _full_path = "./"; } Loading @@ -37,7 +43,7 @@ int certificates_loader::build_path(const std::string& p_root_directory) { return 0; } // End of method build_path int certificates_loader::load_certificates(std::map<std::string, std::unique_ptr<security_db_record> >& p_certificates, std::map<std::vector<unsigned char>, std::string>& p_hashed_id8s) { int certificates_loader::load_certificates(std::map<std::string, std::unique_ptr<security_db_record> >& p_certificates, std::map<std::vector<unsigned char>, std::string>& p_hashed_id8s, std::map<std::vector<unsigned char>, std::string>& p_issuers) { loggers::get_instance().log(">>> certificates_loader::load_certificates"); // Sanity check Loading @@ -52,7 +58,7 @@ int certificates_loader::load_certificates(std::map<std::string, std::unique_ptr return -1; } // Build the certificates cache if (build_certificates_cache(files, p_certificates, p_hashed_id8s) == -1) { if (build_certificates_cache(files, p_certificates, p_hashed_id8s, p_issuers) == -1) { loggers::get_instance().warning("certificates_loader::load_certificates: Failed to build the certificate cache"); return -1; } Loading Loading @@ -82,11 +88,11 @@ int certificates_loader::retrieve_certificates_list(std::set<std::experimental:: if (folders.size() == 0) { loggers::get_instance().warning("certificates_loader::retrieve_certificates_list: No folder after filtering"); return -1; folders.insert(_full_path); } // Process files p_files.clear(); std::set<std::string> extensions_filter{ _certificateExt, _privateKeyExt, _publicKeysExt }; std::set<std::string> extensions_filter{ _certificateExt, _privateKeyExt, _publicKeysExt, _hashedidDigestExt, _issuerDigestExt }; for (std::set<std::experimental::filesystem::path>::const_reverse_iterator f = folders.crbegin(); f != folders.crend(); ++f) { loggers::get_instance().log("certificates_loader::retrieve_certificates_list: Processing directory '%s'", f->string().c_str()); for(const std::experimental::filesystem::directory_entry it : std::experimental::filesystem::recursive_directory_iterator(*f)) { Loading @@ -110,14 +116,15 @@ int certificates_loader::retrieve_certificates_list(std::set<std::experimental:: return 0; } // End of method retrieve_certificates_list int certificates_loader::build_certificates_cache(std::set<std::experimental::filesystem::path>& p_files, std::map<std::string, std::unique_ptr<security_db_record> >& p_certificates, std::map<std::vector<unsigned char>, std::string>& p_hashed_id8s) { int certificates_loader::build_certificates_cache(std::set<std::experimental::filesystem::path>& p_files, std::map<std::string, std::unique_ptr<security_db_record> >& p_certificates, std::map<std::vector<unsigned char>, std::string>& p_hashed_id8s, std::map<std::vector<unsigned char>, std::string>& p_issuers) { loggers::get_instance().log(">>> certificates_loader::build_certificates_cache"); std::set<std::experimental::filesystem::path>::const_iterator it = p_files.cbegin(); do { loggers::get_instance().log("certificates_loader::build_certificates_cache: Caching '%s'", it->string().c_str()); std::experimental::filesystem::path p = *it; std::string key = p.filename(); const std::string& key = p.stem(); loggers::get_instance().log("certificates_loader::build_certificates_cache: Key = '%s'", key.c_str()); // Load certificate file it = p_files.find(p.replace_extension(_certificateExt)); Loading Loading @@ -212,10 +219,16 @@ int certificates_loader::build_certificates_cache(std::set<std::experimental::fi p_files.erase(it); // Create new record EtsiTs103097Codec_Certificate codec; IEEE1609dot2::CertificateBase decoded_certificate; OCTETSTRING os(certificate.size(), certificate.data()); codec.decode(os, decoded_certificate); loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: Decoded certificate: ", decoded_certificate); p_certificates.insert(std::pair<const std::string, std::unique_ptr<security_db_record> >(key, std::unique_ptr<security_db_record>( new security_db_record( key, certificate, // Certificate decoded_certificate, issuer, // Hashed ID fo the issuer, empty for CA hashed_id, // Hashed ID private_key, // Private key Loading @@ -229,6 +242,7 @@ int certificates_loader::build_certificates_cache(std::set<std::experimental::fi return -1; } p_hashed_id8s.insert(std::pair<std::vector<unsigned char>, std::string>(i->second.get()->hashed_id(), i->first)); p_issuers.insert(std::pair<std::vector<unsigned char>, std::string>(i->second.get()->issuer(), i->first)); // Reset pointer it = p_files.cbegin(); Loading @@ -243,7 +257,7 @@ int certificates_loader::save_certificate(const security_db_record& p_certificat // Certificate file std::experimental::filesystem::path p(_full_path); p /= p_certificate.certificate_id(); p += _certificateExt;//, _privateKeyExt{".pkey"}, _publicKeysExt{".vkey"} p += _certificateExt; if (std::experimental::filesystem::exists(p)) { std::experimental::filesystem::remove(p); } Loading @@ -256,7 +270,7 @@ int certificates_loader::save_certificate(const security_db_record& p_certificat // Private key p = _full_path; p /= p_certificate.certificate_id(); p += _privateKeyExt; // _publicKeysExt{".vkey"} p += _privateKeyExt; if (std::experimental::filesystem::exists(p)) { std::experimental::filesystem::remove(p); } Loading Loading @@ -289,7 +303,7 @@ int certificates_loader::save_certificate(const security_db_record& p_certificat } loggers::get_instance().log("certificates_loader::save_certificate: Issuer digest file: '%s'", p.string().c_str()); os.open(p.string(), ios::out | ios::binary); os.write(reinterpret_cast<const char *>(p_certificate.hashed_id_issuer().data()), p_certificate.hashed_id_issuer().size()); os.write(reinterpret_cast<const char *>(p_certificate.issuer().data()), p_certificate.issuer().size()); os.close(); std::experimental::filesystem::permissions(p, std::experimental::filesystem::perms::add_perms | std::experimental::filesystem::perms::owner_all | std::experimental::filesystem::perms::group_all | std::experimental::filesystem::perms::others_all); Loading
ccsrc/Protocols/Security/certificates_loader.hh +2 −2 Original line number Diff line number Diff line Loading @@ -71,13 +71,13 @@ public: /*! \publicsection */ int build_path(const std::string& p_root_directory); int load_certificates(std::map<std::string, std::unique_ptr<security_db_record> >& p_certificates, std::map<std::vector<unsigned char>, std::string>& p_hashed_id8s); int load_certificates(std::map<std::string, std::unique_ptr<security_db_record> >& p_certificates, std::map<std::vector<unsigned char>, std::string>& p_hashed_id8s, std::map<std::vector<unsigned char>, std::string>& p_issuers); //int load_certificate(std::unique_ptr<security_db_record> >& p_certificate, std::map<const std::vector<unsigned char>, const std::string&>& p_hashed_id8s); int save_certificate(const security_db_record& p_certificate); private: int retrieve_certificates_list(std::set<std::experimental::filesystem::path>& p_files); int build_certificates_cache(std::set<std::experimental::filesystem::path>& p_files, std::map<std::string, std::unique_ptr<security_db_record> >& p_certificates, std::map<std::vector<unsigned char>, std::string>& p_hashed_id8s); int build_certificates_cache(std::set<std::experimental::filesystem::path>& p_files, std::map<std::string, std::unique_ptr<security_db_record> >& p_certificates, std::map<std::vector<unsigned char>, std::string>& p_hashed_id8s, std::map<std::vector<unsigned char>, std::string>& p_issuers); }; // End of class certificates_loader
ccsrc/Protocols/Security/security_db.cc +44 −8 Original line number Diff line number Diff line Loading @@ -6,9 +6,11 @@ #include "certificates_loader.hh" #include "EtsiTs103097Codec_Certificate.hh" #include "loggers.hh" security_db::security_db(): _certificates(), _hashed_id8s() { security_db::security_db(): _certificates(), _hashed_id8s(), _issuers() { loggers::get_instance().log(">>> security_db::security_db"); } // End of ctor Loading @@ -26,6 +28,7 @@ security_db::~security_db() { int security_db::clear() { _certificates.clear(); // Smart pointers will do the job _hashed_id8s.clear(); _issuers.clear(); return 0; } // End of clear method Loading @@ -44,6 +47,20 @@ int security_db::get_certificate_id(const OCTETSTRING& p_hashed_id8, std::string return 0; } int security_db::get_certificate_id_by_issuer(const OCTETSTRING& p_issuer, std::string& p_certifcate_id) const { loggers::get_instance().log_msg(">>> security_db::get_certificate_id_by_issuer: ", p_issuer); std::vector<unsigned char> key(static_cast<const unsigned char*>(p_issuer), p_issuer.lengthof() + static_cast<const unsigned char*>(p_issuer)); std::map<std::vector<unsigned char>, std::string>::const_iterator it = _issuers.find(key); if (it == _issuers.cend()) { p_certifcate_id = ""; return -1; } p_certifcate_id = it->second; return 0; } int security_db::get_certificate(const std::string& p_certificate_id, OCTETSTRING& p_certificate) const { loggers::get_instance().log(">>> security_db::get_certificate: '%s'", p_certificate_id.c_str()); Loading @@ -58,16 +75,29 @@ int security_db::get_certificate(const std::string& p_certificate_id, OCTETSTRIN return 0; } int security_db::get_hashed_id_issuer(const std::string& p_certificate_id, OCTETSTRING& p_hashed_id_issuer) const { loggers::get_instance().log(">>> security_db::get_hashed_id_issuer: '%s'", p_certificate_id.c_str()); int security_db::get_certificate(const std::string& p_certificate_id, IEEE1609dot2::CertificateBase& p_certificate) const { loggers::get_instance().log(">>> security_db::get_certificate: '%s'", p_certificate_id.c_str()); std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id); if (it == _certificates.cend()) { loggers::get_instance().warning("security_db::get_certificate: record not found"); return -1; } p_certificate = it->second.get()->decoded_certificate(); return 0; } int security_db::get_issuer(const std::string& p_certificate_id, OCTETSTRING& p_hashed_id_issuer) const { loggers::get_instance().log(">>> security_db::get_issuer: '%s'", p_certificate_id.c_str()); std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.find(p_certificate_id); if (it == _certificates.cend()) { loggers::get_instance().warning("security_db::get_certificate: record not found"); return -1; } const std::vector<unsigned char> hashed_id_issuer = it->second.get()->hashed_id_issuer(); p_hashed_id_issuer = OCTETSTRING(hashed_id_issuer.size(), hashed_id_issuer.data()); const std::vector<unsigned char> issuer = it->second.get()->issuer(); p_hashed_id_issuer = OCTETSTRING(issuer.size(), issuer.data()); return 0; } Loading Loading @@ -124,7 +154,7 @@ int security_db::load_from_files(const std::string& p_db_path) { return -1; } if (certificates_loader::get_instance().load_certificates(_certificates, _hashed_id8s) == -1) { if (certificates_loader::get_instance().load_certificates(_certificates, _hashed_id8s, _issuers) == -1) { loggers::get_instance().log(">>> security_db::load_from_files: certificates_loader::load_certificates method failed"); return -1; } Loading @@ -142,9 +172,14 @@ int security_db::store_certificate(const CHARSTRING& p_cert_id, const OCTETSTRIN std::vector<unsigned char> public_key_y(static_cast<const unsigned char*>(p_public_key_y), static_cast<const unsigned char*>(p_public_key_y) + p_public_key_y.lengthof()); std::vector<unsigned char> hashed_id8(static_cast<const unsigned char*>(p_hashed_id8), static_cast<const unsigned char*>(p_hashed_id8) + p_hashed_id8.lengthof()); std::vector<unsigned char> issuer(static_cast<const unsigned char*>(p_issuer), static_cast<const unsigned char*>(p_issuer) + p_issuer.lengthof()); EtsiTs103097Codec_Certificate codec; IEEE1609dot2::CertificateBase decoded_certificate; codec.decode(p_cert, decoded_certificate); loggers::get_instance().log_msg("security_db::store_certificate: Decoded certificate: ", decoded_certificate); security_db_record* p = new security_db_record( key, // Certificate id cert, // Certificate decoded_certificate, issuer, // Hashed ID fo the issuer, empty for CA hashed_id8, // Hashed ID private_key, // Private key Loading Loading @@ -179,8 +214,9 @@ void security_db::dump() const { security_db_record* p = it->second.get(); loggers::get_instance().log("security_db::dump: certificate_id = %s", p->certificate_id().c_str()); loggers::get_instance().log_to_hexa("security_db::dump: certificate = ", p->certificate().data(), p->certificate().size()); loggers::get_instance().log_msg("security_db::dump: decoded certificate = ", p->decoded_certificate()); loggers::get_instance().log_to_hexa("security_db::dump: hashed_id = ", p->hashed_id().data(), p->hashed_id().size()); loggers::get_instance().log_to_hexa("security_db::dump: hashed_id_issuer = ", p->hashed_id_issuer().data(), p->hashed_id_issuer().size()); loggers::get_instance().log_to_hexa("security_db::dump: hashed_id_issuer = ", p->issuer().data(), p->issuer().size()); loggers::get_instance().log_to_hexa("security_db::dump: private_key = ", p->private_key().data(), p->private_key().size()); loggers::get_instance().log_to_hexa("security_db::dump: public_key_x = ", p->public_key_x().data(), p->public_key_x().size()); loggers::get_instance().log_to_hexa("security_db::dump: public_key_y = ", p->public_key_y().data(), p->public_key_y().size()); Loading
ccsrc/Protocols/Security/security_db.hh +4 −1 Original line number Diff line number Diff line Loading @@ -18,6 +18,7 @@ class security_db { // TODO Enforce with const security_db_record, and const std::string std::map<std::string, std::unique_ptr<security_db_record> > _certificates; //! List of the certificates indexed by the certficate identifier std::map<std::vector<unsigned char>, std::string> _hashed_id8s; //! List of the certificates indexed by the HashedId8 std::map<std::vector<unsigned char>, std::string> _issuers; //! List of the certificates indexed by the IssuerIdentifier public: /*! \publicsection */ /*! Loading @@ -34,8 +35,10 @@ public: /*! \publicsection */ ~security_db(); int get_certificate_id(const OCTETSTRING& p_hashed_id8, std::string& p_certifcate_id) const; int get_certificate_id_by_issuer(const OCTETSTRING& p_issuer, std::string& p_certifcate_id) const; int get_certificate(const std::string& p_certifcate_id, OCTETSTRING& p_certificate) const; int get_hashed_id_issuer(const std::string& p_certifcate_id, OCTETSTRING& p_hashed_id_issuer) const; int get_certificate(const std::string& p_certifcate_id, IEEE1609dot2::CertificateBase& p_certificate) const; int get_issuer(const std::string& p_certifcate_id, OCTETSTRING& p_hashed_id_issuer) const; int get_hashed_id(const std::string& p_certifcate_id, OCTETSTRING& p_hashed_id) const; int get_private_key(const std::string& p_certifcate_id, OCTETSTRING& p_private_key) const; int get_public_keys(const std::string& p_certifcate_id, OCTETSTRING& p_public_key_x, OCTETSTRING& p_public_key_y) const; Loading
