Commit 8ca51d38 authored by garciay's avatar garciay
Browse files

STF538: Certificate generation script

parent f0c30b43
......@@ -337,7 +337,7 @@ namespace LibItsSecurity__Functions
// group certificatesLoader
/*
/**
* @desc Load in memory cache the certificates available in the specified directory
* @param p_rootDirectory Root directory to access to the certificates identified by the certificate ID
* @param p_configId A configuration identifier
......@@ -349,9 +349,15 @@ namespace LibItsSecurity__Functions
const CHARSTRING& p__rootDirectory,
const CHARSTRING& p__configId
) {
loggers::get_instance().log("fx__loadCertificates: '%s', '%s'", p__rootDirectory, p__configId);
loggers::get_instance().log(">>> fx__loadCertificates: '%s', '%s'", static_cast<const char*>(p__rootDirectory), static_cast<const char*>(p__configId));
std::string str(static_cast<const char*>(p__rootDirectory));
if (p__configId.lengthof() != 0) {
str += "/";
str += std::string(static_cast<const char*>(p__configId));
}
Params params;
params.insert(std::pair<std::string, std::string>(std::string("sec_db_path"), std::string(static_cast<const char*>(p__rootDirectory))));
params.insert(std::pair<std::string, std::string>(std::string("sec_db_path"), str));
if (security_services::get_instance().setup(params) == -1) {
return FALSE;
}
......@@ -367,64 +373,82 @@ namespace LibItsSecurity__Functions
return TRUE;
}
/*
/**
* @desc Unload from memory cache the certificates
* @return true on success, false otherwise
fx_unloadCertificates() return boolean;
*/
*/
BOOLEAN fx__unloadCertificates(
) {
return TRUE;
}
/* * @desc Read the specified certificate
/**
* @desc Read the specified certificate
* @param p_certificateId the certificate identifier
* @param p_certificate the expected certificate
* @return true on success, false otherwise
fx_readCertificate(in charstring p_certificateId, out octetstring p_certificate) return boolean;
*/
*/
BOOLEAN fx__readCertificate(
const CHARSTRING& p__certificateId,
OCTETSTRING& p__certificate
) {
loggers::get_instance().log(">>> fx__readCertificate: '%s'", static_cast<const char*>(p__certificateId));
if (security_services::get_instance().read_certificate(p__certificateId, p__certificate) == -1) {
return FALSE;
}
return TRUE;
}
/* * @desc Read the specified certificate digest
/**
* @desc Read the specified certificate digest
* @param p_certificateId the certificate identifier
* @param p_digest the expected certificate
* @return true on success, false otherwise
fx_readCertificateDigest(in charstring p_certificateId, out HashedId8 p_digest) return boolean;
*/
*/
BOOLEAN fx__readCertificateDigest(
const CHARSTRING& p__certificateId,
OCTETSTRING& p__digest
) {
loggers::get_instance().log(">>> fx__readCertificateDigest: '%s'", static_cast<const char*>(p__certificateId));
if (security_services::get_instance().read_certificate_digest(p__certificateId, p__digest) == -1) {
return FALSE;
}
return TRUE;
}
/* * @desc Read the private keys for the specified certificate
* @param p_keysId the keys identifier
/**
* @desc Read the private keys for the specified certificate
* @param p_certificateId the keys identifier
* @param p_signingPrivateKey the signing private key
* @return true on success, false otherwise
fx_readSigningKey(in charstring p_keysId, out Oct32 p_signingPrivateKey) return boolean;
*/
*/
BOOLEAN fx__readSigningKey(
const CHARSTRING& p__keysId,
const CHARSTRING& p__certificateId,
OCTETSTRING& p__signingPrivateKey
) {
loggers::get_instance().log(">>> fx__readSigningKey: '%s'", static_cast<const char*>(p__certificateId));
if (security_services::get_instance().read_private_key(p__certificateId, p__signingPrivateKey) == -1) {
return FALSE;
}
return TRUE;
}
/* * @desc Read the private keys for the specified certificate
/**
* @desc Read the private keys for the specified certificate
* @param p_keysId the keys identifier
* @param p_encryptPrivateKey the encrypt private key
* @return true on success, false otherwise
fx_readEncryptingKey(in charstring p_keysId, out Oct32 p_encryptingPrivateKey) return boolean;
*/
BOOLEAN fx__readEncryptingKey(
const CHARSTRING& p__keysId,
const CHARSTRING& p__certificateId,
OCTETSTRING& p__encryptingPrivateKey
) {
return TRUE;
......
......@@ -121,9 +121,31 @@ namespace LibItsGeoNetworking__TestSystem {
}
void AdapterControlPort::outgoing_send(const LibItsCommon__TypesAndValues::AcSecPrimitive& /*send_par*/)
void AdapterControlPort::outgoing_send(const LibItsCommon__TypesAndValues::AcSecPrimitive& send_par)
{
loggers::get_instance().log_msg(">>> AdapterControlPort::outgoing_send: ", send_par);
// Register this object for AdapterControlPort
GeoNetworkingLayer* p = registration<GeoNetworkingLayer>::get_instance().get_item(std::string("GN"));
if (p != NULL) {
loggers::get_instance().log("AdapterControlPort::outgoing_send: Got GN layer %p", p);
LibItsCommon__TypesAndValues::AdapterControlResults response;
response.acSecResponse() = BOOLEAN(true);
if (send_par.ischosen(LibItsCommon__TypesAndValues::AcSecPrimitive::ALT_acEnableSecurity)) {
loggers::get_instance().log("AdapterControlPort::outgoing_send: Enable secured mode");
std::string str(static_cast<const char*>(send_par.acEnableSecurity().certificateId()));
if (p->enable_secured_mode(str, send_par.acEnableSecurity().enforceSecurity()) == -1) {
response.acSecResponse() = BOOLEAN(false);
}
} else {
response.acSecResponse() = BOOLEAN(false);
}
// Send response
loggers::get_instance().log_msg("AdapterControlPort::outgoing_send: Send response: ", response);
incoming_message(response);
} else {
loggers::get_instance().error("AdapterControlPort::outgoing_send: %s not registered", "geoNetworkingPort");
}
}
} /* end of namespace */
......@@ -497,6 +497,13 @@ void GeoNetworkingLayer::stop_pass_beaconing() {
_pass_beacon_table.reset();
} // End of stop_pass_beaconing method
int GeoNetworkingLayer::enable_secured_mode(const std::string p_certificate_id, const boolean p_enforce_security) {
loggers::get_instance().log(">>> GeoNetworkingLayer::enable_secured_mode: '%s' - %x", p_certificate_id, p_enforce_security);
return -1;
}
const LongPosVector* GeoNetworkingLayer::get_lpv(const GN__Address& p_gn_address)
{
loggers::get_instance().log_msg(">>> GeoNetworkingLayer::get_lpv", p_gn_address);
......
......@@ -123,6 +123,7 @@ public:
void stop_beaconing();
void start_pass_beaconing(const LibItsGeoNetworking__TypesAndValues::BeaconHeader& p_beacon);
void stop_pass_beaconing();
int enable_secured_mode(const std::string p_certificate_id, const boolean p_enforce_security = false);
private:
void send_beacon();
......
......@@ -10,6 +10,7 @@
#include <linux/if_packet.h> // Used for raw sockets
#endif // LINUX
#include <netinet/in.h>
#include <netinet/udp.h>
#include <netinet/tcp.h>
#include <arpa/inet.h>
#include <net/if.h> // Used for raw sockets
......
......@@ -4,27 +4,27 @@
#include <arpa/inet.h>
#if !defined(LINUX)
#include <netdb.h>
//#include <w32api/winsock2.h>
#include <netinet/udp.h>
struct iphdr {
#if defined(__LITTLE_ENDIAN_BITFIELD)
u_char ihl:4,
#if __BYTE_ORDER == __LITTLE_ENDIAN
u_int8_t ihl:4,
version:4;
#elif defined (__BIG_ENDIAN_BITFIELD)
u_char version:4,
#elif __BYTE_ORDER == __BIG_ENDIAN
u_int8_t version:4,
ihl:4;
#else
#error "Please fix <asm/byteorder.h>"
#endif
u_char tos;
u_short tot_len;
u_short id;
u_short frag_off;
u_char ttl;
u_char protocol;
u_short check;
u_int saddr;
u_int daddr;
//The options start here.
u_int8_t tos;
u_int16_t tot_len;
u_int16_t id;
u_int16_t frag_off;
u_int8_t ttl;
u_int8_t protocol;
u_int16_t check;
struct in_addr saddr;
struct in_addr daddr;
//The options start here.
};
#else // LINUX
#include <linux/ip.h>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment