Bug fixed in GnLayer/Security (thanks to Yogoko)

javasrc/adapter/org/etsi/its/adapter/Management.java

@@ -431,26 +431,26 @@ public class Management implements IManagementTA, IManagementLayers {
             _certCache.readCertificate(certificateId, certificate);
             // Extract public keys
             atCertificate = certificate.toByteArray();
-            TERFactory.getInstance().logDebug("Management.setupSecuredModeFromTaConfig: certificate=" + ByteHelper.byteArrayToString(atCertificate));
+            TERFactory.getInstance().logDebug("Management.setupSecuredMode: certificate=" + ByteHelper.byteArrayToString(atCertificate));
             // Compute AT certificate digest
             byte[] atHash = CryptoLib.hashWithSha256(atCertificate);
             atCertificateDigest = ByteHelper.extract(atHash, atHash.length - 8, 8);
-            TERFactory.getInstance().logDebug("Management.setupSecuredModeFromTaConfig: atCertificateDigest=" + ByteHelper.byteArrayToString(atCertificateDigest));
+            TERFactory.getInstance().logDebug("Management.setupSecuredMode: atCertificateDigest=" + ByteHelper.byteArrayToString(atCertificateDigest));
             int offset = 16; // FIXME To be enhanced
             // KeyX
             signingPublicKeyX = new byte[32];
             System.arraycopy(atCertificate, offset, signingPublicKeyX, 0, 32);
             offset += 32;
-            TERFactory.getInstance().logDebug("Management.setupSecuredModeFromTaConfig: signingPublicKeyX=" + ByteHelper.byteArrayToString(signingPublicKeyX));
+            TERFactory.getInstance().logDebug("Management.setupSecuredMode: signingPublicKeyX=" + ByteHelper.byteArrayToString(signingPublicKeyX));
             // KeyY
             signingPublicKeyY = new byte[32];
             System.arraycopy(atCertificate, offset, signingPublicKeyY, 0, 32);
-            TERFactory.getInstance().logDebug("Management.setupSecuredModeFromTaConfig: signingPublicKeyY=" + ByteHelper.byteArrayToString(signingPublicKeyY));
+            TERFactory.getInstance().logDebug("Management.setupSecuredMode: signingPublicKeyY=" + ByteHelper.byteArrayToString(signingPublicKeyY));
             // Extract private keys
             ByteArrayOutputStream signingPrivateKey = new ByteArrayOutputStream();
             _certCache.readSigningKey(certificateId, signingPrivateKey);
             this.signingPrivateKey = signingPrivateKey.toByteArray().clone();
-            TERFactory.getInstance().logDebug("Management.setupSecuredModeFromTaConfig: signingPrivateKey=" + ByteHelper.byteArrayToString(this.signingPrivateKey));
+            TERFactory.getInstance().logDebug("Management.setupSecuredMode: signingPrivateKey=" + ByteHelper.byteArrayToString(this.signingPrivateKey));
             // TODO Add support of encryption
         }
     }

javasrc/adapter/org/etsi/its/adapter/PcapMultiplexer.java

@@ -242,11 +242,11 @@ public class PcapMultiplexer implements Runnable {
         if(clientsToMacs.containsKey(client.toString())) {
             
             byte[] packet = ByteHelper.concat(
-                    dest,   
-                    clientsToMacs.get(client.toString()), 
-                    ByteHelper.intToByteArray(clientsToFrameTypes.get(client.toString()), 2), 
-                    payload);
-    
+                dest,   
+                clientsToMacs.get(client.toString()), 
+                ByteHelper.intToByteArray(clientsToFrameTypes.get(client.toString()), 2), 
+                payload);
+            
             pcap.sendPacket(packet);
             return packet;
         }

javasrc/adapter/org/etsi/its/adapter/TestAdapter.java

@@ -14,12 +14,12 @@ import java.util.Observer;
 import org.etsi.adapter.ITERequired;
 import org.etsi.adapter.TERFactory;
 import org.etsi.its.adapter.ports.AdapterControlPort;
+import org.etsi.its.adapter.ports.ConfigTesterPort;
 import org.etsi.its.adapter.ports.IPort;
 import org.etsi.its.adapter.ports.PortEvent;
 import org.etsi.its.adapter.ports.ProtocolPortFactory;
 import org.etsi.its.adapter.ports.UpperTesterPort;
 import org.etsi.ttcn.tci.CharstringValue;
-import org.etsi.ttcn.tri.TriActionTemplate;
 import org.etsi.ttcn.tri.TriAddress;
 import org.etsi.ttcn.tri.TriAddressList;
 import org.etsi.ttcn.tri.TriCommunicationSA;
@@ -73,7 +73,6 @@ public class TestAdapter implements TriCommunicationSA, Observer {
     /* (non-Javadoc)
      * @see org.etsi.ttcn.tri.TriCommunicationSA#triExecuteTestcase(org.etsi.ttcn.tri.TriTestCaseId, org.etsi.ttcn.tri.TriPortIdList)
      */
-    @Override
     public TriStatus triExecuteTestcase(final TriTestCaseId tcId, final TriPortIdList portList) {
         return required.getTriStatus(TriStatus.TRI_OK);
     } 
@@ -92,6 +91,8 @@ public class TestAdapter implements TriCommunicationSA, Observer {
             port = new AdapterControlPort(portName, ComponentId);
         } else if (tsiPortId.getPortName().toLowerCase().endsWith("utport")) {
             port = new UpperTesterPort(portName, ComponentId);
+        } else if (tsiPortId.getPortName().toLowerCase().endsWith("cfport")) {
+            port = new ConfigTesterPort(portName, ComponentId);
         } else {
             String componentName = compPortId.getComponent().getComponentName();
             
@@ -141,7 +142,7 @@ public class TestAdapter implements TriCommunicationSA, Observer {
         }
         
         port.send(message.getEncodedMessage());
-        return required.getTriStatus(TriStatus.TRI_OK);                
+        return required.getTriStatus(TriStatus.TRI_OK);
     } 
 
     /* (non-Javadoc)
@@ -299,15 +300,6 @@ public class TestAdapter implements TriCommunicationSA, Observer {
         return required.getTriStatus(TriStatus.TRI_ERROR, "triSutActionInformal not implemented");    
     }
 
-    /**
-     * triSutActionTemplate not implemented
-     * @see org.etsi.ttcn.tri.TriCommunicationSA#triSutActionTemplate(org.etsi.ttcn.tri.TriActionTemplate)
-     */
-    @Override
-    public TriStatus triSutActionTemplate(TriActionTemplate templateValue) {
-        return required.getTriStatus(TriStatus.TRI_ERROR, "triSutActionTemplate not implemented");
-    }
-
     /**
      * triMapParam not implemented
      * @see org.etsi.ttcn.tri.TriCommunicationSA#triMapParam(org.etsi.ttcn.tri.TriPortId, org.etsi.ttcn.tri.TriPortId, org.etsi.ttcn.tri.TriParameterList)
@@ -325,4 +317,27 @@ public class TestAdapter implements TriCommunicationSA, Observer {
     public TriStatus triUnmapParam(TriPortId compPortId, TriPortId tsiPortId, TriParameterList paramList) {
         return required.getTriStatus(TriStatus.TRI_ERROR, "triUnmapParam not implemented");
     }
+
+	@Override
+	public TriStatus triExecuteTestCase(TriTestCaseId tcId, TriPortIdList portList) {
+		return this.triExecuteTestcase(tcId, portList);
+	}
+
+	@Override
+	public TriStatus triGetStreamValue(TriComponentId arg0, TriPortId arg1, TriAddress arg2, TriMessage arg3) {
+		// TODO Auto-generated method stub
+		return null;
+	}
+
+	@Override
+	public TriStatus triSetStreamValue(TriComponentId arg0, TriPortId arg1, TriAddress arg2, TriMessage arg3) {
+		// TODO Auto-generated method stub
+		return null;
+	}
+
+	@Override
+	public TriStatus triStaticMap(TriPortId arg0, TriPortId arg1) {
+		// TODO Auto-generated method stub
+		return null;
+	}
 } 

javasrc/adapter/org/etsi/its/adapter/layers/GnLayer.java

@@ -664,19 +664,37 @@ public class GnLayer extends Layer implements Runnable, IEthernetSpecific {
         byte[] generationTime = ByteHelper.longToByteArray((long)(curtime - 1072915200000L) * 1000L, Long.SIZE / Byte.SIZE); // In microseconds
         //TERFactory.getInstance().logDebug("GnLayer.createSecuredMessage: generationTime=" + ByteHelper.byteArrayToString(generationTime));
         // Build the payload to be signed
-        byte[] headersField = ByteHelper.concat(
-            ByteHelper.concat(                                // SecuredMessage HeaderFields
-                new byte[] {
-                    (byte)0x80,                               // signerInfo
-                    (byte)0x01                                //     Certificate digest with ecdsap256
-                },
-                management.getAtCertificateDigest(),          //         Hashed8
-                new byte[] {
-                    (byte)0x00,                               // generationTime
-                },
-                generationTime                               //    Time64 value
-            )
-        );
+        byte[] headersField = null;
+        boolean withCertificate = true; // FIXME Check that GnLayer is really used only for PICS_xxxM_RECEPTION tests. If so, always add AT certificate
+        if (withCertificate) {
+            headersField = ByteHelper.concat(
+                ByteHelper.concat(                                // SecuredMessage HeaderFields
+                    new byte[] {
+                        (byte)0x80,                               // signerInfo
+                        (byte)0x02                                //     Certificate
+                    },
+                    management.getAtCertificate(),                //         Hashed8
+                    new byte[] {
+                        (byte)0x00,                               // generationTime
+                    },
+                    generationTime                               //    Time64 value
+                )
+            );
+        } else {
+            headersField = ByteHelper.concat(
+                ByteHelper.concat(                                // SecuredMessage HeaderFields
+                    new byte[] {
+                        (byte)0x80,                               // signerInfo
+                        (byte)0x01                                //     Certificate digest with ecdsap256
+                    },
+                    management.getAtCertificateDigest(),          //         Hashed8
+                    new byte[] {
+                        (byte)0x00,                               // generationTime
+                    },
+                    generationTime                               //    Time64 value
+                )
+            );
+        }
         int its_aid = -1;
         switch ((int) params.get(BtpLayer.BTP_DSTPORT)) {
             case 2001: // CAM
@@ -744,11 +762,17 @@ public class GnLayer extends Layer implements Runnable, IEthernetSpecific {
             );
         }
         byte[] payloadLengthTls = SecurityHelper.getInstance().size2tls(payloadLength);
+        byte[] headersFieldLength = null;
+        if (headersField.length < 127) {
+            headersFieldLength = new byte[] { (byte)headersField.length };
+        } else {
+            headersFieldLength = SecurityHelper.getInstance().size2tls(headersField.length);
+        }
         byte[] toBeSignedData = ByteHelper.concat(
             new byte[] {                                      // SecuredMessage version 
                 (byte)0x02                                    //     version
             },
-            new byte[] { (byte)headersField.length },         // HeadersField length
+            headersFieldLength,                               // HeadersField length
             headersField,                                     // HeaderFields
             new byte[] {                                      // SecuredMessage Payloads
                 (byte)0x01,                                   //     Secured payload type: signed (1)
@@ -757,8 +781,8 @@ public class GnLayer extends Layer implements Runnable, IEthernetSpecific {
             commonHdr, 
             extHdr, 
             message,                                          // End of SecuredMessage Payloads
-            new byte[] { (byte)0x01 },                        // Signature
-            new byte[] { (byte)0x43 }                         // Signature length
+            new byte[] { (byte)0x43 },                        // Signature length
+            new byte[] { (byte)0x01 }                         // Signature
         );
         //TERFactory.getInstance().logDebug("GnLayer.createSecuredMessage: toBeSignedData=" + ByteHelper.byteArrayToString(toBeSignedData));
         
@@ -774,7 +798,10 @@ public class GnLayer extends Layer implements Runnable, IEthernetSpecific {
             toBeSent  = ByteHelper.concat(
                 basicHdr,
                 toBeSignedData,
-                new byte[] { 0x01, 0x00, 0x02 }, // Signature header
+                new byte[] { 
+                    (byte)0x00, // Public Key Alg: ecdsa nistp256 with sha256 (0)
+                    (byte)0x02  // ECC Point Type: compressed lsb y-0 (2)
+                }, // Signature header
                 ByteHelper.extract(signatureBytes, 2, signatureBytes.length - 2)
             );
         } catch (Exception e) {

javasrc/adapter/org/etsi/its/adapter/ports/GnPort.java

@@ -221,8 +221,8 @@ public class GnPort extends ProtocolPort implements Runnable, IEthernetSpecific
                 (byte)p_beacon.length                         //     Data payload length
             },
             p_beacon,                                         // End of SecuredMessage Payloads
-            new byte[] { (byte)0x43 },                        // Signature length
-            new byte[] { (byte)0x01 }                         // Signature
+            new byte[] { (byte)0x01 },                        // Signature
+            new byte[] { (byte)0x43 }                         // Signature length
         );
         //TERFactory.getInstance().logDebug("GnPort.buildToBeSignedData: toBeSignedData=" + ByteHelper.byteArrayToString(toBeSignedData));