Commit 9a525caf authored by garciay's avatar garciay
Browse files

Bug fixed in GnLayer/Security (thanks to Yogoko)

parent 442632e6
......@@ -431,26 +431,26 @@ public class Management implements IManagementTA, IManagementLayers {
_certCache.readCertificate(certificateId, certificate);
// Extract public keys
atCertificate = certificate.toByteArray();
TERFactory.getInstance().logDebug("Management.setupSecuredModeFromTaConfig: certificate=" + ByteHelper.byteArrayToString(atCertificate));
TERFactory.getInstance().logDebug("Management.setupSecuredMode: certificate=" + ByteHelper.byteArrayToString(atCertificate));
// Compute AT certificate digest
byte[] atHash = CryptoLib.hashWithSha256(atCertificate);
atCertificateDigest = ByteHelper.extract(atHash, atHash.length - 8, 8);
TERFactory.getInstance().logDebug("Management.setupSecuredModeFromTaConfig: atCertificateDigest=" + ByteHelper.byteArrayToString(atCertificateDigest));
TERFactory.getInstance().logDebug("Management.setupSecuredMode: atCertificateDigest=" + ByteHelper.byteArrayToString(atCertificateDigest));
int offset = 16; // FIXME To be enhanced
// KeyX
signingPublicKeyX = new byte[32];
System.arraycopy(atCertificate, offset, signingPublicKeyX, 0, 32);
offset += 32;
TERFactory.getInstance().logDebug("Management.setupSecuredModeFromTaConfig: signingPublicKeyX=" + ByteHelper.byteArrayToString(signingPublicKeyX));
TERFactory.getInstance().logDebug("Management.setupSecuredMode: signingPublicKeyX=" + ByteHelper.byteArrayToString(signingPublicKeyX));
// KeyY
signingPublicKeyY = new byte[32];
System.arraycopy(atCertificate, offset, signingPublicKeyY, 0, 32);
TERFactory.getInstance().logDebug("Management.setupSecuredModeFromTaConfig: signingPublicKeyY=" + ByteHelper.byteArrayToString(signingPublicKeyY));
TERFactory.getInstance().logDebug("Management.setupSecuredMode: signingPublicKeyY=" + ByteHelper.byteArrayToString(signingPublicKeyY));
// Extract private keys
ByteArrayOutputStream signingPrivateKey = new ByteArrayOutputStream();
_certCache.readSigningKey(certificateId, signingPrivateKey);
this.signingPrivateKey = signingPrivateKey.toByteArray().clone();
TERFactory.getInstance().logDebug("Management.setupSecuredModeFromTaConfig: signingPrivateKey=" + ByteHelper.byteArrayToString(this.signingPrivateKey));
TERFactory.getInstance().logDebug("Management.setupSecuredMode: signingPrivateKey=" + ByteHelper.byteArrayToString(this.signingPrivateKey));
// TODO Add support of encryption
}
}
......
......@@ -14,12 +14,12 @@ import java.util.Observer;
import org.etsi.adapter.ITERequired;
import org.etsi.adapter.TERFactory;
import org.etsi.its.adapter.ports.AdapterControlPort;
import org.etsi.its.adapter.ports.ConfigTesterPort;
import org.etsi.its.adapter.ports.IPort;
import org.etsi.its.adapter.ports.PortEvent;
import org.etsi.its.adapter.ports.ProtocolPortFactory;
import org.etsi.its.adapter.ports.UpperTesterPort;
import org.etsi.ttcn.tci.CharstringValue;
import org.etsi.ttcn.tri.TriActionTemplate;
import org.etsi.ttcn.tri.TriAddress;
import org.etsi.ttcn.tri.TriAddressList;
import org.etsi.ttcn.tri.TriCommunicationSA;
......@@ -73,7 +73,6 @@ public class TestAdapter implements TriCommunicationSA, Observer {
/* (non-Javadoc)
* @see org.etsi.ttcn.tri.TriCommunicationSA#triExecuteTestcase(org.etsi.ttcn.tri.TriTestCaseId, org.etsi.ttcn.tri.TriPortIdList)
*/
@Override
public TriStatus triExecuteTestcase(final TriTestCaseId tcId, final TriPortIdList portList) {
return required.getTriStatus(TriStatus.TRI_OK);
}
......@@ -92,6 +91,8 @@ public class TestAdapter implements TriCommunicationSA, Observer {
port = new AdapterControlPort(portName, ComponentId);
} else if (tsiPortId.getPortName().toLowerCase().endsWith("utport")) {
port = new UpperTesterPort(portName, ComponentId);
} else if (tsiPortId.getPortName().toLowerCase().endsWith("cfport")) {
port = new ConfigTesterPort(portName, ComponentId);
} else {
String componentName = compPortId.getComponent().getComponentName();
......@@ -299,15 +300,6 @@ public class TestAdapter implements TriCommunicationSA, Observer {
return required.getTriStatus(TriStatus.TRI_ERROR, "triSutActionInformal not implemented");
}
/**
* triSutActionTemplate not implemented
* @see org.etsi.ttcn.tri.TriCommunicationSA#triSutActionTemplate(org.etsi.ttcn.tri.TriActionTemplate)
*/
@Override
public TriStatus triSutActionTemplate(TriActionTemplate templateValue) {
return required.getTriStatus(TriStatus.TRI_ERROR, "triSutActionTemplate not implemented");
}
/**
* triMapParam not implemented
* @see org.etsi.ttcn.tri.TriCommunicationSA#triMapParam(org.etsi.ttcn.tri.TriPortId, org.etsi.ttcn.tri.TriPortId, org.etsi.ttcn.tri.TriParameterList)
......@@ -325,4 +317,27 @@ public class TestAdapter implements TriCommunicationSA, Observer {
public TriStatus triUnmapParam(TriPortId compPortId, TriPortId tsiPortId, TriParameterList paramList) {
return required.getTriStatus(TriStatus.TRI_ERROR, "triUnmapParam not implemented");
}
@Override
public TriStatus triExecuteTestCase(TriTestCaseId tcId, TriPortIdList portList) {
return this.triExecuteTestcase(tcId, portList);
}
@Override
public TriStatus triGetStreamValue(TriComponentId arg0, TriPortId arg1, TriAddress arg2, TriMessage arg3) {
// TODO Auto-generated method stub
return null;
}
@Override
public TriStatus triSetStreamValue(TriComponentId arg0, TriPortId arg1, TriAddress arg2, TriMessage arg3) {
// TODO Auto-generated method stub
return null;
}
@Override
public TriStatus triStaticMap(TriPortId arg0, TriPortId arg1) {
// TODO Auto-generated method stub
return null;
}
}
......@@ -664,7 +664,24 @@ public class GnLayer extends Layer implements Runnable, IEthernetSpecific {
byte[] generationTime = ByteHelper.longToByteArray((long)(curtime - 1072915200000L) * 1000L, Long.SIZE / Byte.SIZE); // In microseconds
//TERFactory.getInstance().logDebug("GnLayer.createSecuredMessage: generationTime=" + ByteHelper.byteArrayToString(generationTime));
// Build the payload to be signed
byte[] headersField = ByteHelper.concat(
byte[] headersField = null;
boolean withCertificate = true; // FIXME Check that GnLayer is really used only for PICS_xxxM_RECEPTION tests. If so, always add AT certificate
if (withCertificate) {
headersField = ByteHelper.concat(
ByteHelper.concat( // SecuredMessage HeaderFields
new byte[] {
(byte)0x80, // signerInfo
(byte)0x02 // Certificate
},
management.getAtCertificate(), // Hashed8
new byte[] {
(byte)0x00, // generationTime
},
generationTime // Time64 value
)
);
} else {
headersField = ByteHelper.concat(
ByteHelper.concat( // SecuredMessage HeaderFields
new byte[] {
(byte)0x80, // signerInfo
......@@ -677,6 +694,7 @@ public class GnLayer extends Layer implements Runnable, IEthernetSpecific {
generationTime // Time64 value
)
);
}
int its_aid = -1;
switch ((int) params.get(BtpLayer.BTP_DSTPORT)) {
case 2001: // CAM
......@@ -744,11 +762,17 @@ public class GnLayer extends Layer implements Runnable, IEthernetSpecific {
);
}
byte[] payloadLengthTls = SecurityHelper.getInstance().size2tls(payloadLength);
byte[] headersFieldLength = null;
if (headersField.length < 127) {
headersFieldLength = new byte[] { (byte)headersField.length };
} else {
headersFieldLength = SecurityHelper.getInstance().size2tls(headersField.length);
}
byte[] toBeSignedData = ByteHelper.concat(
new byte[] { // SecuredMessage version
(byte)0x02 // version
},
new byte[] { (byte)headersField.length }, // HeadersField length
headersFieldLength, // HeadersField length
headersField, // HeaderFields
new byte[] { // SecuredMessage Payloads
(byte)0x01, // Secured payload type: signed (1)
......@@ -757,8 +781,8 @@ public class GnLayer extends Layer implements Runnable, IEthernetSpecific {
commonHdr,
extHdr,
message, // End of SecuredMessage Payloads
new byte[] { (byte)0x01 }, // Signature
new byte[] { (byte)0x43 } // Signature length
new byte[] { (byte)0x43 }, // Signature length
new byte[] { (byte)0x01 } // Signature
);
//TERFactory.getInstance().logDebug("GnLayer.createSecuredMessage: toBeSignedData=" + ByteHelper.byteArrayToString(toBeSignedData));
......@@ -774,7 +798,10 @@ public class GnLayer extends Layer implements Runnable, IEthernetSpecific {
toBeSent = ByteHelper.concat(
basicHdr,
toBeSignedData,
new byte[] { 0x01, 0x00, 0x02 }, // Signature header
new byte[] {
(byte)0x00, // Public Key Alg: ecdsa nistp256 with sha256 (0)
(byte)0x02 // ECC Point Type: compressed lsb y-0 (2)
}, // Signature header
ByteHelper.extract(signatureBytes, 2, signatureBytes.length - 2)
);
} catch (Exception e) {
......
......@@ -221,8 +221,8 @@ public class GnPort extends ProtocolPort implements Runnable, IEthernetSpecific
(byte)p_beacon.length // Data payload length
},
p_beacon, // End of SecuredMessage Payloads
new byte[] { (byte)0x43 }, // Signature length
new byte[] { (byte)0x01 } // Signature
new byte[] { (byte)0x01 }, // Signature
new byte[] { (byte)0x43 } // Signature length
);
//TERFactory.getInstance().logDebug("GnPort.buildToBeSignedData: toBeSignedData=" + ByteHelper.byteArrayToString(toBeSignedData));
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment