Replace usage of std::vector<unsigned char> by OCTETSTRING

ccsrc/Externals/LibItsSecurity_externals.cc

@@ -560,13 +560,14 @@ namespace LibItsSecurity__Functions
     
     security_ecc ec(ec_elliptic_curves::nist_p_256);
     // Extract the tag
-    OCTETSTRING tag(16, static_cast<const unsigned char*>(p__ct) - 16);
+    OCTETSTRING tag(16, p__ct.lengthof() - 16 + static_cast<const unsigned char*>(p__ct));
     loggers::get_instance().log_msg("fx__test__decrypt__aes__128__ccm__test: tag: ", tag);
     // Remove the tag from the end of the encrypted message
     OCTETSTRING ct(p__ct.lengthof() - 16, static_cast<const unsigned char*>(p__ct));
+    loggers::get_instance().log_msg("fx__test__decrypt__aes__128__ccm__test: ct: ", ct);
     
     OCTETSTRING message;
-    if (ec.decrypt(encryption_algotithm::aes_128_ccm, p__k, p__n, tag, p__ct, message) == -1) {
+    if (ec.decrypt(encryption_algotithm::aes_128_ccm, p__k, p__n, tag, ct, message) == -1) {
       loggers::get_instance().warning("fx__test__decrypt__aes__128__ccm__test: Failed to decrypt message");
       return OCTETSTRING(0, nullptr);
     }

ccsrc/Protocols/Security/hmac.cc

@@ -18,7 +18,7 @@ int hmac::generate(const OCTETSTRING p_buffer, const OCTETSTRING p_secret_key, O
     return -1;
   }
 
-  return generate( static_cast<const unsigned char*>(p_buffer), p_buffer.lengthof(),  static_cast<const unsigned char*>(p_secret_key), p_secret_key.lengthof(), p_hmac);
+  return generate(static_cast<const unsigned char*>(p_buffer), p_buffer.lengthof(),  static_cast<const unsigned char*>(p_secret_key), p_secret_key.lengthof(), p_hmac);
 }
 
 int hmac::generate(const unsigned char* p_buffer, const size_t p_buffer_length, const unsigned char* p_secret_key, const size_t p_secret_key_length, OCTETSTRING& p_hmac) {

ccsrc/Protocols/Security/hmac.hh

@@ -41,7 +41,7 @@ public:
   /*!
    * \brief Default destructor
    */
-  virtual ~hmac() { if (_ctx == nullptr) { ::HMAC_CTX_free(_ctx); }; };
+  virtual ~hmac() { if (_ctx != nullptr) { ::HMAC_CTX_free(_ctx); }; };
 
   /*!
    * \fn int generate(const OCTETSTRING p_buffer, const OCTETSTRING p_secret_key, OCTETSTRING& p_hmac);

ccsrc/Protocols/Security/security_cache.cc

@@ -9,6 +9,8 @@
  *            All rights reserved.
  * \version   0.1
  */
+#include <TTCN3.hh>
+
 #include "security_cache.hh"
 
 #include "params.hh"
@@ -59,7 +61,7 @@ int security_cache::get_certificate(const std::string& p_certificate_id, OCTETST
     dump();
     return -1;
   }
-  p_certificate = it->second.get()->certificate()
+  p_certificate = it->second.get()->certificate();
   
   return 0;
 }
@@ -152,8 +154,8 @@ int security_cache::get_public_comp_key(const std::string& p_certificate_id, OCT
     return -1;
   }
   const OCTETSTRING public_comp_key = it->second.get()->public_comp_key(); // 33 or 49 bytes length
-  p_public_comp_key = OCTETSTRING(public_comp_key.lengthof() - 1, 1 + static_cast<const unsihned char*?>(public_comp_key)); // 32 or 48 bytes length
-  p_comp_mode = INTEGER(((public_comp_key[0] % 2) == 0) ? 0 : 1); // compressed-y-0 or compressed-y-1
+  p_public_comp_key = OCTETSTRING(public_comp_key.lengthof() - 1, 1 + static_cast<const unsigned char*>(public_comp_key)); // 32 or 48 bytes length
+  p_comp_mode = INTEGER(((public_comp_key[0].get_octet() % 2) == 0) ? 0 : 1); // compressed-y-0 or compressed-y-1
 
   return 0;
 }
@@ -166,8 +168,7 @@ int security_cache::get_private_enc_key(const std::string& p_certificate_id, OCT
     loggers::get_instance().warning("security_cache::get_private_enc_key: record not found");
     return -1;
   }
-  const OCTETSTRING private_enc_key = it->second.get()->private_enc_key();
-  p_private_enc_key = OCTETSTRING(private_enc_key.lengthof(), private_enc_key.data());
+  p_private_enc_key = it->second.get()->private_enc_key();
 
   return 0;
 }
@@ -180,10 +181,8 @@ int security_cache::get_public_enc_keys(const std::string& p_certificate_id, OCT
     loggers::get_instance().warning("security_cache::get_public_enc_keys: record not found");
     return -1;
   }
-  const OCTETSTRING public_enc_key_x = it->second.get()->public_enc_key_x();
-  p_public_enc_key_x = OCTETSTRING(public_enc_key_x.lengthof(), public_enc_key_x.data());
-  const OCTETSTRING public_enc_key_y = it->second.get()->public_enc_key_y();
-  p_public_enc_key_y = OCTETSTRING(public_enc_key_y.lengthof(), public_enc_key_y.data());
+  p_public_enc_key_x = it->second.get()->public_enc_key_x();
+  p_public_enc_key_y = it->second.get()->public_enc_key_y();
 
   return 0;
 }
@@ -197,15 +196,15 @@ int security_cache::get_public_enc_comp_key(const std::string& p_certificate_id,
     return -1;
   }
   const OCTETSTRING public_enc_comp_key = it->second.get()->public_enc_comp_key(); // 33 or 49 bytes length
-  p_public_enc_comp_key = OCTETSTRING(public_enc_comp_key.lengthof() - 1, 1 + public_enc_comp_key.data()); // 32 or 48 bytes length
-  p_enc_comp_mode = INTEGER(((public_enc_comp_key[0] % 2) == 0) ? 0 : 1); // compressed-y-0 or compressed-y-1 
+  p_public_enc_comp_key = OCTETSTRING(public_enc_comp_key.lengthof() - 1, 1 + static_cast<const unsigned char*>(public_enc_comp_key)); // 32 or 48 bytes length
+  p_enc_comp_mode = INTEGER(((public_enc_comp_key[0].get_octet() % 2) == 0) ? 0 : 1); // compressed-y-0 or compressed-y-1 
 
   return 0;
 }
 
 bool security_cache::fill_vector(OCTETSTRING& p_vector, const OCTETSTRING& p_org) {
   if (p_vector.is_bound()) {
-    p_vector = OCTETSTRING(p_org.lengthof(), static_cast<const unsigned char*>(p_org));
+    p_vector = p_org;
     return true;
   }
   p_vector = OCTETSTRING(0, nullptr);
@@ -278,7 +277,7 @@ int security_cache::store_certificate(const CHARSTRING& p_cert_id, const OCTETST
 }
 
 void security_cache::dump() const {
-  loggers::get_instance().log("security_cache::dump_certificates: # items = %d", _certificates.lengthof());
+  loggers::get_instance().log("security_cache::dump_certificates: # items = %d", _certificates.size());
   for (std::map<std::string, std::unique_ptr<security_db_record> >::const_iterator it = _certificates.cbegin(); it != _certificates.cend(); ++it) {
     security_db_record* p = it->second.get();
     loggers::get_instance().log("security_cache::dump: certificate_id = %s", p->certificate_id().c_str());

ccsrc/Protocols/Security/security_db.cc

+#include <TTCN3.hh>
+
 #include "security_db.hh"
 
 #include "params.hh"

ccsrc/Protocols/Security/security_db_record.hh

@@ -40,7 +40,7 @@ class security_db_record {
   OCTETSTRING _pu_enc_key_x;       /*!< Public encryption key X-coordinate storage */
   OCTETSTRING _pu_enc_key_y;       /*!< Public encryption key Y-coordinate storage */
   OCTETSTRING _pu_enc_comp_key;    /*!< Public compressed encryption key storage */
-  bool _to_be_saved;                              /*!< Flag to indicate if the record shall be saved, i.e. has been modified */
+  bool _to_be_saved;               /*!< Flag to indicate if the record shall be saved, i.e. has been modified */
   IEEE1609dot2::CertificateBase* _decoded_certificate;
   
 public: /*! \publicsection */

ccsrc/Protocols/Security/security_ecc.cc

@@ -8,6 +8,8 @@
  *            All rights reserved.
  * \version   0.1
  */
+#include <TTCN3.hh>
+
 #include <openssl/ecdsa.h>
 #include <openssl/rand.h>
 
@@ -54,6 +56,7 @@ security_ecc::security_ecc(const ec_elliptic_curves p_elliptic_curve, const OCTE
   // Set private key
   ::EC_KEY_set_private_key(_ec_key, p);
   if (::EC_KEY_check_key(_ec_key) != 0) {
+    ::BN_clear_free(p);
     loggers::get_instance().error("security_ecc::security_ecc (1): Invalid private key");
   }
   ::BN_clear_free(p);
@@ -64,6 +67,7 @@ security_ecc::security_ecc(const ec_elliptic_curves p_elliptic_curve, const OCTE
   BIGNUM* xy = ::BN_new();
   ::EC_POINT_point2bn(_ec_group, ec_point, POINT_CONVERSION_UNCOMPRESSED, xy, _bn_ctx);
   if (BN_num_bytes(xy) == 0) {
+    ::BN_clear_free(xy);
     loggers::get_instance().error("security_ecc::security_ecc (1): Failed to generate xy coordinates, check algorithms");
   }
   loggers::get_instance().log("security_ecc::security_ecc (1): xy length: %d", BN_num_bytes(xy));
@@ -95,7 +99,7 @@ security_ecc::security_ecc(const ec_elliptic_curves p_elliptic_curve, const OCTE
     } else { // Remove first byte
       loggers::get_instance().log_msg("security_ecc::security_ecc (1): Complete _pub_key_compressed=", _pub_key_compressed);
       _pub_key_compressed_mode = ((v[0].get_octet() & 0x01) == 0x00) ? ecc_compressed_mode::compressed_y_0 : ecc_compressed_mode::compressed_y_1;
-      _pub_key_compressed = OCTETSTRING().erase(_pub_key_compressed.lengthof() - 1, 1 + static_cast<const unsigned char*>(_pub_key_compressed));
+      _pub_key_compressed = OCTETSTRING(_pub_key_compressed.lengthof() - 1, 1 + static_cast<const unsigned char*>(_pub_key_compressed));
     }
   }
   ::EC_POINT_free(ec_point);
@@ -144,6 +148,8 @@ security_ecc::security_ecc(const ec_elliptic_curves p_elliptic_curve, const OCTE
     result = ::EC_POINT_set_affine_coordinates_GF2m(_ec_group, ec_point, x, y, _bn_ctx);
   } // End of 'switch' statement
   if (result == 0) {
+    ::BN_clear_free(x);
+    ::BN_clear_free(y);
     loggers::get_instance().error("security_ecc::security_ecc (2): Failed to get coordinates");
   }
   ::BN_clear_free(x); x = nullptr;
@@ -220,6 +226,7 @@ security_ecc::security_ecc(const ec_elliptic_curves p_elliptic_curve, const OCTE
   BIGNUM* xy = ::BN_new();
   ::EC_POINT_point2bn(_ec_group, ec_point, POINT_CONVERSION_UNCOMPRESSED, xy, _bn_ctx);
   if (BN_num_bytes(xy) == 0) {
+    ::BN_clear_free(xy);
     loggers::get_instance().error("security_ecc::security_ecc (3): Failed to generate xy coordinates, check algorithms");
   }
   loggers::get_instance().log("security_ecc::security_ecc (3): xy length: %d", BN_num_bytes(xy));
@@ -312,7 +319,7 @@ int security_ecc::generate() {
     _pub_key_compressed  = OCTETSTRING(0, nullptr);
   } else { // Remove first byte
     loggers::get_instance().log_msg("security_ecc::generate: Complete _pub_key_compressed=", _pub_key_compressed);
-    _pub_key_compressed_mode = ((_pub_key_compressed[0].get_byte() & 0x01) == 0x00) ? ecc_compressed_mode::compressed_y_0 : ecc_compressed_mode::compressed_y_1;
+    _pub_key_compressed_mode = ((_pub_key_compressed[0].get_octet() & 0x01) == 0x00) ? ecc_compressed_mode::compressed_y_0 : ecc_compressed_mode::compressed_y_1;
     _pub_key_compressed = OCTETSTRING(_pub_key_compressed.lengthof() -1, 1 + static_cast<const unsigned char*>(_pub_key_compressed));
   }
   loggers::get_instance().log_msg("security_ecc::generate: _pri_key=", _pri_key);
@@ -389,7 +396,7 @@ int security_ecc::generate_and_derive_ephemeral_key(const encryption_algotithm p
   const int k_mac = k_length + k_length;
   OCTETSTRING digest(k_enc + k_mac, 0x00);
   loggers::get_instance().log("security_ecc::generate_and_derive_ephemeral_key (1): k_enc size:%d - k_mac size: %d - digest size:%d: ", k_enc, k_mac, digest.lengthof());
-  if (PKCS5_PBKDF2_HMAC((unsigned char*)static_cast<const unsigned char*>(_secret_key), _secret_key.lengthof(), nullptr, 0, 2000, EVP_sha256(), digest.lengthof(), (unsigned char*)static_cast<const unsigned char*>(digest)) != 1) {
+  if (PKCS5_PBKDF2_HMAC((const char*)static_cast<const unsigned char*>(_secret_key), _secret_key.lengthof(), nullptr, 0, 2000, EVP_sha256(), digest.lengthof(), (unsigned char*)static_cast<const unsigned char*>(digest)) != 1) {
     loggers::get_instance().warning("security_ecc::generate_and_derive_ephemeral_key: Failed to derive shared secret key");
     return -1;
   }
@@ -479,23 +486,23 @@ int security_ecc::generate_and_derive_ephemeral_key(const encryption_algotithm p
   const int k_mac = k_length + k_length;
   OCTETSTRING digest(k_enc + k_mac, 0x00);
   loggers::get_instance().log("security_ecc::generate_and_derive_ephemeral_key (2): k_enc size:%d - k_mac size: %d - digest size:%d: ", k_enc, k_mac, digest.lengthof());
-  if (PKCS5_PBKDF2_HMAC((unsigned char*)static_cast<const unsigned char*>(_secret_key), _secret_key.lengthof(), nullptr, 0, 2000, EVP_sha256(), digest.lengthof(), (unsigned char*)static_cast<const unsigned char*>(digest)) != 1) {
+  if (PKCS5_PBKDF2_HMAC((const char*)static_cast<const unsigned char*>(_secret_key), _secret_key.lengthof(), nullptr, 0, 2000, EVP_sha256(), digest.lengthof(), (unsigned char*)static_cast<const unsigned char*>(digest)) != 1) {
     loggers::get_instance().warning("security_ecc::generate_and_derive_ephemeral_key: Failed to derive shared secret key");
     return -1;
   }
   loggers::get_instance().log_msg("security_ecc::generate_and_derive_ephemeral_key (2): digest: ", digest);
 
   // Extract AES 128 parameters
-  _nonce = OCTETSTRING(nonce_length, static_cast<const unsigned char*>(digest));
-  loggers::get_instance().log_msg("security_ecc::generate_and_derive_ephemeral_key (2): _nonce: ", _nonce);
-  _sym_key = OCTETSTRING(sym_key_length, _nonce.lengthof() + static_cast<const unsigned char*>(digest));
-  loggers::get_instance().log_msg("security_ecc::generate_and_derive_ephemeral_key (2): _sym_key: ", _sym_key);
-  _tag = OCTETSTRING(tag_length, _nonce.lengthof() +  + _sym_key.lengthof() + static_cast<const unsigned char*>(digest)); // TODO Useless???
-  loggers::get_instance().log_msg("security_ecc::generate_and_derive_ephemeral_key (2): _tag: ", _tag);
+  OCTETSTRING nonce(nonce_length, static_cast<const unsigned char*>(digest));
+  loggers::get_instance().log_msg("security_ecc::generate_and_derive_ephemeral_key (2): Generated nonce: ", nonce);
+  OCTETSTRING sym_key(sym_key_length, nonce.lengthof() + static_cast<const unsigned char*>(digest));
+  loggers::get_instance().log_msg("security_ecc::generate_and_derive_ephemeral_key (2): sym_key: ", sym_key);
+  OCTETSTRING tag(tag_length, nonce.lengthof() + sym_key.lengthof() + tag.lengthof() + static_cast<const unsigned char*>(digest)); // TODO Useless???
+  loggers::get_instance().log_msg("security_ecc::generate_and_derive_ephemeral_key (2): tag: ", tag);
   // Extract the HMAC key
-  OCTETSTRING hmac_secret = OCTETSTRING(k_length + k_length, nonce_length + sym_key_length + tag_length + static_cast<const unsigned char*>(digest));
+  OCTETSTRING hmac_secret(k_length + k_length, nonce_length + sym_key_length + tag_length + static_cast<const unsigned char*>(digest));
   loggers::get_instance().log_msg("security_ecc::generate_and_derive_ephemeral_key (2): hmac_secret: ", hmac_secret);
-
+  
   // Encrypt the _sym_key
   if (encrypt(encryption_algotithm::aes_128_ccm, _sym_key, _nonce, _sym_key, _enc_sym_key) == -1) {
     loggers::get_instance().warning("security_ecc::generate_and_derive_ephemeral_key (2): Failed to encrypt key");
@@ -569,7 +576,7 @@ int security_ecc::encrypt(const encryption_algotithm p_enc_algorithm, const OCTE
   int len = 0;
   ::EVP_EncryptUpdate(ctx, (unsigned char*)static_cast<const unsigned char*>(p_enc_message), &len, static_cast<const unsigned char*>(p_message), p_message.lengthof());
   // Finalize the encryption session
-  ::EVP_EncryptFinal_ex(ctx, (unsigned char*)static_cast<const unsigned char*>(p_enc_message)) + len, &len);
+  ::EVP_EncryptFinal_ex(ctx, (unsigned char*)static_cast<const unsigned char*>(p_enc_message) + len, &len);
   // Get the authentication tag(const char*)static_cast<const unsigned char*>(
   ::EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_GET_TAG, _tag.lengthof(), (unsigned char*)static_cast<const unsigned char*>(_tag));
   loggers::get_instance().log_msg("security_ecc::encrypt: tag: ", _tag);
@@ -593,7 +600,7 @@ int security_ecc::encrypt(const encryption_algotithm p_enc_algorithm, const OCTE
     ::EVP_EncryptInit_ex(ctx, EVP_aes_128_ccm(), nullptr, nullptr, nullptr);
     // Allocate buffers size
     _tag = int2oct(0, 16);
-    p_enc_message.resize(p_message.lengthof());
+    p_enc_message = int2oct(0, p_message.lengthof());
     break;
   case encryption_algotithm::aes_256_ccm:
     ::EVP_EncryptInit_ex(ctx, EVP_aes_256_ccm(), nullptr, nullptr, nullptr);
@@ -612,7 +619,7 @@ int security_ecc::encrypt(const encryption_algotithm p_enc_algorithm, const OCTE
   // Set tag length
   ::EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, _tag.lengthof(), nullptr);
   // Prime the key and nonce
-  ::EVP_EncryptInit_ex(ctx, nullptr, nullptr, (unsigned char*)static_cast<const unsigned char*>(_sym_key), (const char*)static_cast<const unsigned char*>(_nonce));
+  ::EVP_EncryptInit_ex(ctx, nullptr, nullptr, static_cast<const unsigned char*>(_sym_key), static_cast<const unsigned char*>(_nonce));
   // No authentication data
   // Encrypt the data
   int len = 0;
@@ -655,11 +662,11 @@ int security_ecc::decrypt(const encryption_algotithm p_enc_algorithm, const OCTE
   // Set nonce length
   EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, _nonce.lengthof(), nullptr);
   // Set expected tag value
-  EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, _tag.lengthof(), static_cast<const unsigned char*>(_tag));
+  EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, _tag.lengthof(), (unsigned char*)static_cast<const unsigned char*>(_tag));
   // Specify key and IV
   EVP_DecryptInit_ex(ctx, nullptr, nullptr, static_cast<const unsigned char*>(_sym_key), static_cast<const unsigned char*>(_nonce));
   // Decrypt plaintext, verify tag: can only be called once
-  p_message.resize(p_enc_message.lengthof());
+  p_message = int2oct(0, p_enc_message.lengthof());
   int len = 0;
   int result = EVP_DecryptUpdate(ctx, (unsigned char*)static_cast<const unsigned char*>(p_message), &len, static_cast<const unsigned char*>(p_enc_message), p_enc_message.lengthof());
   loggers::get_instance().log("security_ecc::decrypt: len: %d", len);
@@ -698,11 +705,11 @@ int security_ecc::decrypt(const OCTETSTRING& p_tag, const OCTETSTRING& p_enc_mes
   // Set nonce length
   EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, _nonce.lengthof(), nullptr);
   // Set expected tag value
-  EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, _tag.lengthof(), static_cast<const unsigned char*>(_tag));
+  EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, _tag.lengthof(), (unsigned char*)static_cast<const unsigned char*>(_tag));
   // Specify key and IV
   EVP_DecryptInit_ex(ctx, nullptr, nullptr, static_cast<const unsigned char*>(_sym_key), static_cast<const unsigned char*>(_nonce));
   // Decrypt plaintext, verify tag: can only be called once
-  p_message.resize(p_enc_message.lengthof());
+  p_message = int2oct(0, p_enc_message.lengthof());
   int len = 0;
   int result = EVP_DecryptUpdate(ctx, (unsigned char*)static_cast<const unsigned char*>(p_message), &len, static_cast<const unsigned char*>(p_enc_message), p_enc_message.lengthof());
   loggers::get_instance().log("security_ecc::decrypt: len: %d", len);
@@ -811,7 +818,7 @@ const int security_ecc::init() {
 int security_ecc::bin_to_ec_point(const OCTETSTRING& p_public_key_x, const OCTETSTRING& p_public_key_y, EC_POINT** p_ec_point) { // ec_key_public_key_bin_to_point
   BIGNUM* pubk_bn;
 
-  OCTETSTRING v(1, 0x04);
+  OCTETSTRING v = int2oct(4, 1);
   v += p_public_key_x;
   v += p_public_key_y;
 

ccsrc/Protocols/Security/security_services.hh

@@ -8,20 +8,21 @@
 
 #include "security_ecc.hh"
 
-class OCTETSTRING;
-class CHARSTRING;
+class OCTETSTRING; //! TITAN forward declaration
+class CHARSTRING; //! TITAN forward declaration
 
 namespace IEEE1609dot2BaseTypes {
-  class HashAlgorithm;
-  class Signature;}
+  class HashAlgorithm; //! TITAN forward declaration
+  class Signature; //! TITAN forward declaration
+}
 
 namespace IEEE1609dot2 {
-  class Ieee1609Dot2Data;
-  class Ieee1609Dot2Content;
-  class ToBeSignedData;
-  class SignedData;
-  class EncryptedData;
-  class SignerIdentifier;
+  class Ieee1609Dot2Data; //! TITAN forward declaration
+  class Ieee1609Dot2Content; //! TITAN forward declaration
+  class ToBeSignedData; //! TITAN forward declaration
+  class SignedData; //! TITAN forward declaration
+  class EncryptedData; //! TITAN forward declaration
+  class SignerIdentifier; //! TITAN forward declaration
 }
 
 /*!
@@ -45,7 +46,7 @@ class security_services {
   std::unique_ptr<security_cache> _security_cache;
   std::unique_ptr<security_db> _security_db;
   unsigned long long _last_generation_time;
-  std::vector<unsigned char> _unknown_certificate;
+  OCTETSTRING _unknown_certificate;
   int _latitude;
   int _longitude;
   int _elevation;

ccsrc/Protocols/Security/sha256.cc

@@ -34,7 +34,7 @@ int sha256::generate(const unsigned char* p_buffer, const size_t p_length, OCTET
   // Compute the hash value
   ::SHA256_Init(&_ctx);
   ::SHA256_Update(&_ctx, p_buffer, p_length);
-  ::SHA256_Final(static_cast<unsigned char*>(p_hash.data()), &_ctx);
+  ::SHA256_Final((unsigned char*)static_cast<const unsigned char*>(p_hash), &_ctx);
   return 0;
 };
 

ccsrc/Protocols/Security/sha384.cc

@@ -36,7 +36,7 @@ int sha384::generate(const unsigned char* p_buffer, const size_t p_length, OCTET
   // Compute the hash value
   ::SHA384_Init(&_ctx);
   ::SHA384_Update(&_ctx, p_buffer, p_length);
-  ::SHA384_Final(static_cast<unsigned char*>(p_hash.data()), &_ctx);
+  ::SHA384_Final((unsigned char*)static_cast<const unsigned char*>(p_hash), &_ctx);
   return 0;
 }
 

etc/TestCodec/TestCodec.cfg

@@ -277,15 +277,15 @@ system.utPort.params := "UT_GN/UDP(dst_ip=192.168.56.1)"
 #TestCodec_SecuredFuntions.tc_f_signWithEcdsaNistp256WithSha256_1
 #TestCodec_SecuredFuntions.tc_f_verifyWithEcdsaNistp256WithSha256_1
 #TestCodec_SecuredFuntions.tc_f_verifyWithEcdsaNistp256WithSha256_2
-#TestCodec_SecuredFuntions.tc_f_verifyWithEcdsaNistp256WithSha256_3
+#TestCodec_SecuredFuntions.tc_f_verifyWithEcdsaNistp256WithSha256_3 # Shall failed on error: Dynamic test case error: security_ecc::security_ecc (2): Failed to get coordinates
 #TestCodec_SecuredFuntions.tc_f_signWithEcdsaBrainpoolp256WithSha256_1
 #TestCodec_SecuredFuntions.tc_f_verifyWithEcdsaBrainpoolp256WithSha256_1
 #TestCodec_SecuredFuntions.tc_f_verifyWithEcdsaBrainpoolp256WithSha256_2
-#TestCodec_SecuredFuntions.tc_f_verifyWithEcdsaBrainpoolp256WithSha256_3
+#TestCodec_SecuredFuntions.tc_f_verifyWithEcdsaBrainpoolp256WithSha256_3 # Shall failed on error: Dynamic test case error: security_ecc::security_ecc (2): Failed to get coordinates
 #TestCodec_SecuredFuntions.tc_f_signWithEcdsaBrainpoolp384WithSha384_1
 #TestCodec_SecuredFuntions.tc_f_verifyWithEcdsaBrainpoolp384WithSha384_1
 #TestCodec_SecuredFuntions.tc_f_verifyWithEcdsaBrainpoolp384WithSha384_2
-#TestCodec_SecuredFuntions.tc_f_verifyWithEcdsaBrainpoolp384WithSha384_3
+TestCodec_SecuredFuntions.tc_f_verifyWithEcdsaBrainpoolp384WithSha384_3 # Shall failed on error: Dynamic test case error: security_ecc::security_ecc (2): Failed to get coordinates
 #TestCodec_SecuredFuntions.tc_load_certificates
 #TestCodec_SecuredFuntions.tc_read_certificate_1
 #TestCodec_SecuredFuntions.tc_read_certificate_2
@@ -325,9 +325,9 @@ system.utPort.params := "UT_GN/UDP(dst_ip=192.168.56.1)"
 #TestCodec_SignedAndEncryptedMessages.tc_decrypted_signed_message_4
 #TestCodec_SignedAndEncryptedMessages.tc_decrypted_signed_message_5
 # Pki
-TestCodec_Pki.tc_inner_ec_request_1
-TestCodec_Pki.tc_inner_ec_request_2
-TestCodec_Pki.tc_inner_ec_response_1
+#TestCodec_Pki.tc_inner_ec_request_1
+#TestCodec_Pki.tc_inner_ec_request_2
+#TestCodec_Pki.tc_inner_ec_response_1
 
 [MAIN_CONTROLLER]
 # The options herein control the behavior of MC.

ttcn/TestCodec/TestCodec_SecuredFuntions.ttcn

@@ -366,21 +366,29 @@ module TestCodec_SecuredFuntions {
       if (f_verifyWithEcdsaNistp256WithSha256_1(v_encMsg, int2oct(10, 32), v_sig, v_publicKeyX, v_publicKeyY) == false) {
         setverdict(fail);
         stop;
+      } else {
+        setverdict(pass);
       }
       
       if (f_verifyWithEcdsaNistp256WithSha256_1('0A0A0A0A'O, int2oct(10, 32), v_sig, v_publicKeyX, v_publicKeyY) == true) {
         setverdict(fail);
         stop;
+      } else {
+        setverdict(pass);
       }
       
       v_sig_wrong := v_sig;
       v_sig_wrong[0] := 'FF'O;
       if (f_verifyWithEcdsaNistp256WithSha256(v_encMsg, int2oct(10, 32), v_sig_wrong, v_publicKeyCompressed, v_compressedMode) == true) {
         setverdict(fail);
+      } else {
+        setverdict(pass);
       }
       if (f_verifyWithEcdsaNistp256WithSha256_1(v_encMsg, int2oct(10, 32), v_sig_wrong, v_publicKeyX, v_publicKeyY) == true) {
         setverdict(fail);
         stop;
+      } else {
+        setverdict(pass);
       }
       
       v_publicKeyX_wrong := v_publicKeyCompressed;
@@ -571,16 +579,22 @@ module TestCodec_SecuredFuntions {
       v_sig := f_signWithEcdsaBrainpoolp256WithSha256(v_encMsg, int2oct(10, 32), v_private_key);  
       if (f_verifyWithEcdsaBrainpoolp256WithSha256_1(v_encMsg, int2oct(10, 32), v_sig, v_publicKeyX, v_publicKeyY) == false) {
         setverdict(fail);
+      } else {
+        setverdict(pass);
       }
       
       if (f_verifyWithEcdsaBrainpoolp256WithSha256_1('0A0A0A0A'O, int2oct(10, 32), v_sig, v_publicKeyX, v_publicKeyY) == true) {
         setverdict(fail);
+      } else {
+        setverdict(pass);
       }
       
       v_sig_wrong := v_sig;
       v_sig_wrong[0] := 'FF'O;
       if (f_verifyWithEcdsaBrainpoolp256WithSha256_1(v_encMsg, int2oct(10, 32), v_sig_wrong, v_publicKeyX, v_publicKeyY) == true) {
         setverdict(fail);
+      } else {
+        setverdict(pass);
       }
       
       v_publicKeyX_wrong := v_publicKeyX;
@@ -711,25 +725,35 @@ module TestCodec_SecuredFuntions {
       v_sig := f_signWithEcdsaBrainpoolp384WithSha384(v_encMsg, int2oct(10, 48), v_private_key);  
       if (f_verifyWithEcdsaBrainpoolp384WithSha384(v_encMsg, int2oct(10, 48), v_sig, v_publicKeyCompressed, v_compressedMode) == false) {
         setverdict(fail);
+      } else {
+        setverdict(pass);
       }
       if (f_verifyWithEcdsaBrainpoolp384WithSha384_1(v_encMsg, int2oct(10, 48), v_sig, v_publicKeyX, v_publicKeyY) == false) {
         setverdict(fail);
+      } else {
+        setverdict(pass);
       }
       
       if (f_verifyWithEcdsaBrainpoolp384WithSha384_1('0A0A0A0A'O, int2oct(10, 48), v_sig, v_publicKeyX, v_publicKeyY) == true) {
         setverdict(fail);
+      } else {
+        setverdict(pass);
       }
       
       v_sig_wrong := v_sig;
       v_sig_wrong[0] := 'FF'O;
       if (f_verifyWithEcdsaBrainpoolp384WithSha384_1(v_encMsg, int2oct(10, 48), v_sig_wrong, v_publicKeyX, v_publicKeyY) == true) {
         setverdict(fail);
+      } else {
+        setverdict(pass);
       }
       
       v_publicKeyX_wrong := v_publicKeyCompressed;
       v_publicKeyX_wrong[0] := 'FF'O;
       if (f_verifyWithEcdsaBrainpoolp384WithSha384(v_encMsg, int2oct(10, 48), v_sig, v_publicKeyX_wrong, v_compressedMode) == true) {
         setverdict(fail);
+      } else {
+        setverdict(pass);
       }
       v_publicKeyX_wrong := v_publicKeyX;
       v_publicKeyX_wrong[0] := 'FF'O;