Commit af58f006 authored by Yann Garcia's avatar Yann Garcia
Browse files

Add PKI support to RSU simumlator

parents 2a61e6eb b2f059c6
......@@ -818,7 +818,7 @@ namespace LibItsSecurity__Functions
* \see http://digital.csic.es/bitstream/10261/32671/1/V2-I2-P7-13.pdf
*/
// TODO Use common function for both fx__encryptWithEciesxxx and fx__decryptWithEciesxxx function
OCTETSTRING fx__decryptWithEciesNistp256WithSha256(const OCTETSTRING& p__encryptedSecuredMessage, const OCTETSTRING& p__privateEncKey, const OCTETSTRING& p__publicEphemeralKeyCompressed, const INTEGER& p__ephemeralCompressedMode, const OCTETSTRING& p__encrypted__sym__key, const OCTETSTRING& p__authentication__vector, const OCTETSTRING& p__nonce, const OCTETSTRING& p__salt) {
OCTETSTRING fx__decryptWithEciesNistp256WithSha256(const OCTETSTRING& p__encryptedSecuredMessage, const OCTETSTRING& p__privateEncKey, const OCTETSTRING& p__publicEphemeralKeyCompressed, const INTEGER& p__ephemeralCompressedMode, const OCTETSTRING& p__encrypted__sym__key, const OCTETSTRING& p__authentication__vector, const OCTETSTRING& p__nonce, const OCTETSTRING& p__salt, OCTETSTRING& p__aes__sym__enc__key) {
loggers::get_instance().log_msg(">>> fx__decryptWithEciesNistp256WithSha256: p__toBeEncryptedSecuredMessage: ", p__encryptedSecuredMessage);
loggers::get_instance().log_msg(">>> fx__decryptWithEciesNistp256WithSha256: p__privateEncKey: ", p__privateEncKey);
loggers::get_instance().log_msg(">>> fx__decryptWithEciesNistp256WithSha256: p__publicEphemeralKeyCompressed: ", p__publicEphemeralKeyCompressed);
......@@ -849,6 +849,8 @@ namespace LibItsSecurity__Functions
return OCTETSTRING(0, nullptr);
}
loggers::get_instance().log_msg("fx__decryptWithEciesNistp256WithSha256: dec message: ", message);
p__aes__sym__enc__key = ec.symmetric_encryption_key();
loggers::get_instance().log_msg("fx__decryptWithEciesNistp256WithSha256: AES 128 encryption key: ", p__aes__sym__enc__key);
return message;
}
......@@ -960,7 +962,7 @@ namespace LibItsSecurity__Functions
return enc_message;
}
OCTETSTRING fx__decryptWithEciesBrainpoolp256WithSha256(const OCTETSTRING& p__encryptedSecuredMessage, const OCTETSTRING& p__privateEncKey, const OCTETSTRING& p__publicEphemeralKeyCompressed, const INTEGER& p__ephemeralCompressedMode, const OCTETSTRING& p__encrypted__sym__key, const OCTETSTRING& p__authentication__vector, const OCTETSTRING& p__nonce) {
OCTETSTRING fx__decryptWithEciesBrainpoolp256WithSha256(const OCTETSTRING& p__encryptedSecuredMessage, const OCTETSTRING& p__privateEncKey, const OCTETSTRING& p__publicEphemeralKeyCompressed, const INTEGER& p__ephemeralCompressedMode, const OCTETSTRING& p__encrypted__sym__key, const OCTETSTRING& p__authentication__vector, const OCTETSTRING& p__nonce, const OCTETSTRING& p__salt, OCTETSTRING& p__aes__sym__enc__key) {
loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__toBeEncryptedSecuredMessage: ", p__encryptedSecuredMessage);
loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__privateEncKey: ", p__privateEncKey);
loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__publicEphemeralKeyCompressed: ", p__publicEphemeralKeyCompressed);
......@@ -968,6 +970,7 @@ namespace LibItsSecurity__Functions
loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__nonce: ", p__nonce);
loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__authentication__vector: ", p__authentication__vector);
loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__encrypted__sym__key: ", p__encrypted__sym__key);
loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__salt", p__salt);
// 1. Create security_ecc instance based on public ephemeral keys
security_ecc ec(ec_elliptic_curves::brainpool_p_256_r1, p__privateEncKey);
......@@ -990,6 +993,8 @@ namespace LibItsSecurity__Functions
return OCTETSTRING(0, nullptr);
}
loggers::get_instance().log_msg("fx__decryptWithEciesBrainpoolp256WithSha256: dec message: ", message);
p__aes__sym__enc__key = ec.symmetric_encryption_key();
loggers::get_instance().log_msg("fx__decryptWithEciesBrainpoolp256WithSha256: AES 128 encryption key: ", p__aes__sym__enc__key);
return message;
}
......
......@@ -80,9 +80,9 @@ const std::string& params::uri = std::string("uri");
const std::string& params::host = std::string("host");
const std::string& params::content_type = std::string("content_type");
const std::string& params::sip_url = std::string("sip_url");
const std::string& params::sip_version = std::string("sip_version");
const std::string& params::payload = std::string("payload");
//const std::string& params::sip_url = std::string("sip_url");
//const std::string& params::sip_version = std::string("sip_version");
//const std::string& params::payload = std::string("payload");
const std::string& params::codecs = std::string("codecs");
......
......@@ -91,25 +91,25 @@ void commsignia_layer::receive_data(OCTETSTRING& data, params& params) {
const unsigned char* p = static_cast<const unsigned char *>(data);
const commsignia_layer::c2p_recv* r = (const commsignia_layer::c2p_recv*)p;
loggers::get_instance().log("commsignia_layer::receive_data: version=%02x", r->version);
loggers::get_instance().log("commsignia_layer::receive_data: timestamp1=%08x", ntohl(r->timestamp_sec));
loggers::get_instance().log("commsignia_layer::receive_data: timestamp2=%08x", ntohl(r->timestamp_msec));
loggers::get_instance().log("commsignia_layer::receive_data: timestamp2=%08x", ntohl(r->timestamp_msec));
loggers::get_instance().log("commsignia_layer::receive_data: antenna=%02x", r->antenna);
loggers::get_instance().log("commsignia_layer::receive_data: rssi_ant2=%02x", r->rssi_ant2);
loggers::get_instance().log("commsignia_layer::receive_data: noise_ant1=%02x", r->noise_ant1);
loggers::get_instance().log("commsignia_layer::receive_data: noise_ant2=%02x", r->noise_ant2);
const commsignia_layer::c2p_s_v1_tx_t* r = (const commsignia_layer::c2p_s_v1_tx_t*)p;
loggers::get_instance().log("commsignia_layer::receive_data: version=%02x", r->s_header.u8_ver_type);
loggers::get_instance().log("commsignia_layer::receive_data: timestamp1=%08x", ntohl(r->s_header.u32_tst_sec));
loggers::get_instance().log("commsignia_layer::receive_data: timestamp2=%08x", ntohl(r->s_header.u32_tst_msec));
loggers::get_instance().log("commsignia_layer::receive_data: primary_channel=%08x", ntohl(r->u8_primary_channel));
loggers::get_instance().log("commsignia_layer::receive_data: secondary_channel=%08x", ntohl(r->u8_secondary_channel));
loggers::get_instance().log("commsignia_layer::receive_data: antenna=%02x", r->u8_antenna);
loggers::get_instance().log("commsignia_layer::receive_data: s8_tssi_ant_1=%d", r->s8_tssi_ant_1);
loggers::get_instance().log("commsignia_layer::receive_data: s8_tssi_ant_2=%d", r->s8_tssi_ant_2);
// Filtering on antenna index
loggers::get_instance().log("commsignia_layer::receive_data: compare %02x with %02x", r->antenna, static_cast<unsigned char>(std::strtoul(_params[params::interface_id].c_str(), NULL, 10)));
if (r->antenna != static_cast<unsigned char>(std::strtoul(_params[params::interface_id].c_str(), NULL, 10))) {
loggers::get_instance().log("commsignia_layer::receive_data: compare %02x with %02x", r->u8_antenna, static_cast<unsigned char>(std::stoi(_params[params::interface_id])));
if (r->u8_antenna != std::stoi(_params[params::interface_id])) {
// Discard packet
loggers::get_instance().warning("commsignia_layer::receive_data: Discard packet due to wrong antenna id");
return;
} // else, continue
const commsignia_layer::c2p_802_11p_hdr* h = (const commsignia_layer::c2p_802_11p_hdr*)(p + sizeof(commsignia_layer::c2p_recv));
//loggers::get_instance().log("commsignia_layer::receive_data: frame_ctrl=%04x", ntohs(h->frame_ctrl));
const commsignia_layer::c2p_802_11p_hdr* h = (const commsignia_layer::c2p_802_11p_hdr*)(p + sizeof(commsignia_layer::c2p_s_v1_tx_t));
loggers::get_instance().log("commsignia_layer::receive_data: frame_ctrl=%04x", ntohs(h->frame_ctrl));
OCTETSTRING dst = OCTETSTRING(6, (const unsigned char*)&h->dst_addr);
loggers::get_instance().log_msg("commsignia_layer::receive_data: dst: ", dst);
OCTETSTRING src = OCTETSTRING(6, (const unsigned char*)&h->src_addr);
......@@ -124,15 +124,16 @@ void commsignia_layer::receive_data(OCTETSTRING& data, params& params) {
const commsignia_layer::c2p_llc_hdr* l;
int length;
if ((ntohs(h->frame_ctrl) & 0xf000) == 0x8000) {
l = (const commsignia_layer::c2p_llc_hdr*)(p + sizeof(commsignia_layer::c2p_recv) + sizeof(commsignia_layer::c2p_802_11p_hdr) + sizeof(commsignia_layer::c2p_qos_ctrl));
length = sizeof(commsignia_layer::c2p_recv) + sizeof(commsignia_layer::c2p_802_11p_hdr) + sizeof(commsignia_layer::c2p_qos_ctrl) + sizeof(commsignia_layer::c2p_llc_hdr);
l = (const commsignia_layer::c2p_llc_hdr*)(p + sizeof(commsignia_layer::c2p_s_v1_tx_t) + sizeof(commsignia_layer::c2p_802_11p_hdr) + sizeof(commsignia_layer::c2p_qos_ctrl));
length = sizeof(commsignia_layer::c2p_s_v1_tx_t) + sizeof(commsignia_layer::c2p_802_11p_hdr) + sizeof(commsignia_layer::c2p_qos_ctrl) + sizeof(commsignia_layer::c2p_llc_hdr);
} else {
l = (const commsignia_layer::c2p_llc_hdr*)(p + sizeof(commsignia_layer::c2p_recv) + sizeof(commsignia_layer::c2p_802_11p_hdr));
length = sizeof(commsignia_layer::c2p_recv) + sizeof(commsignia_layer::c2p_802_11p_hdr) + sizeof(commsignia_layer::c2p_llc_hdr);
l = (const commsignia_layer::c2p_llc_hdr*)(p + sizeof(commsignia_layer::c2p_s_v1_tx_t) + sizeof(commsignia_layer::c2p_802_11p_hdr));
length = sizeof(commsignia_layer::c2p_s_v1_tx_t) + sizeof(commsignia_layer::c2p_802_11p_hdr) + sizeof(commsignia_layer::c2p_llc_hdr);
}
loggers::get_instance().log("commsignia_layer::receive_data: dsap=%02x", l->dsap);
loggers::get_instance().log("commsignia_layer::receive_data: ssap=%02x", l->ssap);
loggers::get_instance().log("commsignia_layer::receive_data: type=%04x", l->type);
// Check ether type
if ((_eth_type[1] == (unsigned char)((l->type & 0xff00) >> 8)) && (_eth_type[0] == (unsigned char)(l->type & 0xff))) { // Warning: Network ordered bytes
// Extract payload
......
......@@ -24,28 +24,28 @@ class commsignia_layer : public layer {
static constexpr unsigned char LL_ORG_CODE_LENGTH = 3;
/**
* \struct C2P packet description: Version 1, packet type: RX
* \struct C2P packet description
*/
typedef struct {
unsigned char version;
unsigned int timestamp_sec;
unsigned int timestamp_msec;
unsigned char primary_channel;
unsigned char secondary_channel;
unsigned char used_iface;
unsigned char data_rate;
unsigned char antenna;
unsigned int latitude;
unsigned int longitude;
unsigned short speed;
unsigned short heading;
unsigned char rssi_ant1;
unsigned char rssi_ant2;
unsigned char noise_ant1;
unsigned char noise_ant2;
unsigned short cbr_ant1;
unsigned short cbr_ant2;
} __attribute__((__packed__)) c2p_recv;
unsigned char u8_ver_type;
unsigned int u32_tst_sec;
unsigned int u32_tst_msec;
} c2p_s_header_t;
typedef struct {
c2p_s_header_t s_header;
unsigned char u8_primary_channel;
unsigned char u8_secondary_channel;
unsigned char u8_used_interface;
unsigned char u8_data_rate;
unsigned char u8_antenna;
int s32_latitude;
int s32_longitude;
unsigned short u16_speed;
unsigned short u16_heading;
signed char s8_txp;
signed char s8_tssi_ant_1;
signed char s8_tssi_ant_2;
} c2p_s_v1_tx_t;
/**
* \struct Injected data header
......@@ -73,7 +73,7 @@ class commsignia_layer : public layer {
} __attribute__((__packed__)) c2p_llc_hdr;
params _params; //! Layer parameters
c2p_recv _c2p_recv; //! \todo
c2p_s_v1_tx_t _c2p_recv; //! \todo
c2p_802_11p_hdr _802_11p_hdr; //! \todo
c2p_llc_hdr _c2p_llc_hdr; //! \todo
std::vector<unsigned char> _mac_src; //! Used to optimize filtering on source mac address in \see commsignia_layer::receive_data method
......
......@@ -215,7 +215,7 @@ int http_codec::encode_request(const LibItsHttp__TypesAndValues::Request& p_requ
if (_ec.is_content_length_present == 0x01) {
loggers::get_instance().log_msg("http_codec::encode_request: Add body ", os);
p_encoding_buffer.put_os(os);
//FIXME For test With GEMALTO, comment to be removed, p_encoding_buffer.put_cs("\r\n");
p_encoding_buffer.put_cs("\r\n");
}
loggers::get_instance().log_to_hexa("<<< http_codec::encode_request: ", p_encoding_buffer);
......
......@@ -17,11 +17,11 @@
certificates_loader * certificates_loader::instance = nullptr;
certificates_loader::certificates_loader(): _certificateExt{".oer"}, _privateKeyExt{".vkey"}, _privateEncKeyExt{".ekey"}, _full_path(), _is_cache_initialized{false}, _directory_filter{".svn", "._.DS_Store", ".DS_Store"} {
loggers::get_instance().log(">>> certificates_loader::certificates_loader");
//loggers::get_instance().log(">>> certificates_loader::certificates_loader");
} // End of ctor
int certificates_loader::build_path(const std::string& p_root_directory) {
loggers::get_instance().log(">>> certificates_loader::build_path: '%s'", p_root_directory.c_str());
//loggers::get_instance().log(">>> certificates_loader::build_path: '%s'", p_root_directory.c_str());
// Build full path
if (!p_root_directory.empty()) {
......@@ -38,7 +38,7 @@ int certificates_loader::build_path(const std::string& p_root_directory) {
_full_path = "./";
}
std::experimental::filesystem::canonical(_full_path);
loggers::get_instance().log("certificates_loader::build_path: full path: %s", _full_path.string().c_str());
//loggers::get_instance().log("certificates_loader::build_path: full path: %s", _full_path.string().c_str());
if (!std::experimental::filesystem::exists(_full_path)) {
loggers::get_instance().warning("certificates_loader::build_path: Invalid path");
_full_path.clear();
......@@ -49,7 +49,7 @@ int certificates_loader::build_path(const std::string& p_root_directory) {
} // End of method build_path
int certificates_loader::load_certificates(std::map<std::string, std::unique_ptr<security_db_record> >& p_certificates, std::map<OCTETSTRING/*std::vector<unsigned char>*/, std::string, security_cache_comp>& p_hashed_id8s) {
loggers::get_instance().log(">>> certificates_loader::load_certificates");
//loggers::get_instance().log(">>> certificates_loader::load_certificates");
// Sanity check
if (_is_cache_initialized) {
......@@ -74,7 +74,7 @@ int certificates_loader::load_certificates(std::map<std::string, std::unique_ptr
} // End of method load_certificates
int certificates_loader::retrieve_certificates_list(std::set<std::experimental::filesystem::path>& p_files) {
loggers::get_instance().log(">>> certificates_loader::retrieve_certificates_list");
//loggers::get_instance().log(">>> certificates_loader::retrieve_certificates_list");
// Walk through directories
std::set<std::experimental::filesystem::path> folders;
......@@ -104,13 +104,13 @@ int certificates_loader::retrieve_certificates_list(std::set<std::experimental::
if (std::experimental::filesystem::is_regular_file(it)) {
//loggers::get_instance().log("certificates_loader::retrieve_certificates_list: Check extension '%s'", it.path().extension().string().c_str());
if (it.path().extension().string().compare(_certificateExt) == 0) {
loggers::get_instance().log("certificates_loader::retrieve_certificates_list: Add file '%s'", it.path().filename().string().c_str());
//loggers::get_instance().log("certificates_loader::retrieve_certificates_list: Add file '%s'", it.path().filename().string().c_str());
p_files.insert(it);
}
}
} // End of 'for' statement
} // End of 'for' statement
loggers::get_instance().log("certificates_loader::retrieve_certificates_list: # of files to cache: %d", p_files.size());
//loggers::get_instance().log("certificates_loader::retrieve_certificates_list: # of files to cache: %d", p_files.size());
if (p_files.size() == 0) {
loggers::get_instance().warning("certificates_loader::retrieve_certificates_list: No certificate found");
return -1;
......@@ -120,7 +120,7 @@ int certificates_loader::retrieve_certificates_list(std::set<std::experimental::
} // End of method retrieve_certificates_list
int certificates_loader::build_certificates_cache(std::set<std::experimental::filesystem::path>& p_files, std::map<std::string, std::unique_ptr<security_db_record> >& p_certificates, std::map<OCTETSTRING/*std::vector<unsigned char>*/, std::string, security_cache_comp>& p_hashed_id8s) {
loggers::get_instance().log(">>> certificates_loader::build_certificates_cache");
//loggers::get_instance().log(">>> certificates_loader::build_certificates_cache");
std::set<std::experimental::filesystem::path>::const_iterator it = p_files.cbegin();
std::pair<std::map<std::string, std::unique_ptr<security_db_record> >::iterator, bool> result;
......@@ -128,7 +128,7 @@ int certificates_loader::build_certificates_cache(std::set<std::experimental::fi
loggers::get_instance().log("certificates_loader::build_certificates_cache: Caching '%s'", it->string().c_str());
std::experimental::filesystem::path p = *it;
const std::string& key = p.stem();
loggers::get_instance().log("certificates_loader::build_certificates_cache: Key = '%s'", key.c_str());
//loggers::get_instance().log("certificates_loader::build_certificates_cache: Key = '%s'", key.c_str());
// Load certificate file
it = p_files.find(p.replace_extension(_certificateExt));
......@@ -136,7 +136,7 @@ int certificates_loader::build_certificates_cache(std::set<std::experimental::fi
loggers::get_instance().warning("certificates_loader::build_certificates_cache: Certificate file not found for '%s'", key.c_str());
return -1;
}
loggers::get_instance().log("certificates_loader::build_certificates_cache: Caching certificate '%s'", it->string().c_str());
//loggers::get_instance().log("certificates_loader::build_certificates_cache: Caching certificate '%s'", it->string().c_str());
std::ifstream is(it->string(), ios::in | ios::binary);
if (!is.is_open()) {
loggers::get_instance().warning("certificates_loader::build_certificates_cache: Failed to open certificate file");
......@@ -151,7 +151,7 @@ int certificates_loader::build_certificates_cache(std::set<std::experimental::fi
// Load private key file
OCTETSTRING private_key;
p = p.replace_extension(_privateKeyExt);
loggers::get_instance().log("certificates_loader::build_certificates_cache: Caching private keys '%s'", p.string().c_str());
//loggers::get_instance().log("certificates_loader::build_certificates_cache: Caching private keys '%s'", p.string().c_str());
is.open(p, ios::in | ios::binary);
if (!is.is_open()) {
loggers::get_instance().warning("certificates_loader::build_certificates_cache: Failed to open Private key");
......@@ -170,7 +170,7 @@ int certificates_loader::build_certificates_cache(std::set<std::experimental::fi
// Load private encryption key file if present
OCTETSTRING private_enc_key;
p = p.replace_extension(_privateEncKeyExt);
loggers::get_instance().log("certificates_loader::build_certificates_cache: Caching private encryption key '%s'", p.string().c_str());
//loggers::get_instance().log("certificates_loader::build_certificates_cache: Caching private encryption key '%s'", p.string().c_str());
is.open(p, ios::in | ios::binary);
if (!is.is_open()) {
loggers::get_instance().warning("certificates_loader::build_certificates_cache: Failed to open Private encryption key file");
......@@ -194,7 +194,7 @@ int certificates_loader::build_certificates_cache(std::set<std::experimental::fi
loggers::get_instance().warning("certificates_loader::build_certificates_cache: Failed to decode certificate for '%s'", key.c_str());
return -1;
} else {
loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: Decoded certificate: ", decoded_certificate);
//loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: Decoded certificate: ", decoded_certificate);
// Prepare all fields
if (!decoded_certificate.toBeSigned().verifyKeyIndicator().ischosen(IEEE1609dot2::VerificationKeyIndicator::ALT_verificationKey)) {
loggers::get_instance().warning("certificates_loader::build_certificates_cache: Wrong VerificationKeyIndicator variant for '%s'", key.c_str());
......@@ -214,9 +214,9 @@ int certificates_loader::build_certificates_cache(std::set<std::experimental::fi
IEEE1609dot2BaseTypes::EccP384CurvePoint& p = b.ecdsaBrainpoolP384r1();
fill_public_key_vectors(ec_elliptic_curves::brainpool_p_384_r1, p, public_comp_key, public_key_x, public_key_y);
}
loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: public_key_x: ", public_key_x);
loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: public_key_y: ", public_key_y);
loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: public_comp_key: ", public_comp_key);
//loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: public_key_x: ", public_key_x);
//loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: public_key_y: ", public_key_y);
//loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: public_comp_key: ", public_comp_key);
OCTETSTRING public_enc_key_x;
OCTETSTRING public_enc_key_y;
......@@ -231,9 +231,9 @@ int certificates_loader::build_certificates_cache(std::set<std::experimental::fi
IEEE1609dot2BaseTypes::EccP256CurvePoint& p = v.publicKey().eciesBrainpoolP256r1();
fill_public_key_vectors(ec_elliptic_curves::brainpool_p_256_r1, p, public_enc_comp_key, public_enc_key_x, public_enc_key_y);
}
loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: public_enc_key_x: ", public_enc_key_x);
loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: public_enc_key_y: ", public_enc_key_y);
loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: public_enc_comp_key: ", public_enc_comp_key);
//loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: public_enc_key_x: ", public_enc_key_x);
//loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: public_enc_key_y: ", public_enc_key_y);
//loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: public_enc_comp_key: ", public_enc_comp_key);
} else {
public_enc_key_x = OCTETSTRING(0, nullptr);
public_enc_key_y = OCTETSTRING(0, nullptr);
......@@ -259,11 +259,11 @@ int certificates_loader::build_certificates_cache(std::set<std::experimental::fi
if (decoded_certificate.issuer().self__() == IEEE1609dot2BaseTypes::HashAlgorithm::sha256) {
sha256 sha;
sha.generate(certificate, hash);
loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: Whole-certificate SHA-256 hash: ", hash);
//loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: Whole-certificate SHA-256 hash: ", hash);
} else {
sha384 sha;
sha.generate(certificate, hash);
loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: Whole-certificate SHA-384 hash: ", hash);
//loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: Whole-certificate SHA-384 hash: ", hash);
}
hashed_id = OCTETSTRING(8, static_cast<const unsigned char*>(hash) + hash.lengthof() - 8);
issuer = hashed_id;
......@@ -272,9 +272,9 @@ int certificates_loader::build_certificates_cache(std::set<std::experimental::fi
hashed_id = int2oct(0, 8);
issuer = int2oct(0, 8);
}
loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: hash: ", hash);
loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: hashed_id: ", hashed_id);
loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: issuer: ", issuer);
//loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: hash: ", hash);
//loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: hashed_id: ", hashed_id);
//loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: issuer: ", issuer);
// Create new record
security_db_record* p = new security_db_record(
......@@ -299,8 +299,8 @@ int certificates_loader::build_certificates_cache(std::set<std::experimental::fi
delete p;
return -1;
}
loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: add key: ", result.first->second.get()->hashed_id());
loggers::get_instance().log("certificates_loader::build_certificates_cache: for : %s", result.first->first.c_str());
//loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: add key: ", result.first->second.get()->hashed_id());
//loggers::get_instance().log("certificates_loader::build_certificates_cache: for : %s", result.first->first.c_str());
p_hashed_id8s.insert(std::pair<OCTETSTRING, std::string>(result.first->second.get()->hashed_id(), result.first->first));
/*std::vector<unsigned char> v(static_cast<const unsigned char*>(result.first->second.get()->hashed_id()), result.first->second.get()->hashed_id().lengthof() + static_cast<const unsigned char*>(result.first->second.get()->hashed_id()));
loggers::get_instance().log_to_hexa("security_cache::store_certificate: Converted hashed_id8: ", v.data(), v.size());
......@@ -387,7 +387,7 @@ void certificates_loader::fill_public_key_vectors(const ec_elliptic_curves p_ell
}
}
void certificates_loader::fill_public_key_vectors(const ec_elliptic_curves p_elliptic_curve, const IEEE1609dot2BaseTypes::EccP384CurvePoint& p_ecc_point, OCTETSTRING& p_public_comp_key, OCTETSTRING& p_public_key_x, OCTETSTRING& p_public_key_y) {
loggers::get_instance().log_msg(">>> certificates_loader::fill_public_key_vectors: ", p_ecc_point);
//loggers::get_instance().log_msg(">>> certificates_loader::fill_public_key_vectors: ", p_ecc_point);
if (p_ecc_point.ischosen(IEEE1609dot2BaseTypes::EccP384CurvePoint::ALT_compressed__y__0)) {
p_public_comp_key = int2oct(2, 1) + p_ecc_point.compressed__y__0();
......
......@@ -31,36 +31,36 @@ tcp_layer::tcp_layer(const std::string & p_type, const std::string & param) : la
_params.insert(std::pair<std::string, std::string>(std::string("server"), "127.0.0.1")); // TODO Try using params::server instead of std::string("server")
}
if (!parameter_set(params::server.c_str(), _params[params::server].c_str())) {
loggers::get_instance().warning("tcp_layer::set_parameter: Unprocessed parameter: %s", params::server.c_str());
loggers::get_instance().warning("tcp_layer::tcp_layer: Unprocessed parameter: %s", params::server.c_str());
}
set_ssl_use_ssl(false);
it = _params.find(params::use_ssl);
if (it == _params.cend()) {
_params.insert(std::pair<std::string, std::string>(std::string("use_ssl"), "0"));
_params.insert(std::pair<std::string, std::string>(params::use_ssl, "0"));
} else if (it->second.compare("1") == 0) {
set_ssl_use_ssl(true);
}
it = _params.find(params::port);
if (it == _params.cend()) {
if (_params[params::use_ssl].compare("0") == 0) { // Use standard HTTP port
_params.insert(std::pair<std::string, std::string>(std::string("port"), "80"));
_params.insert(std::pair<std::string, std::string>(params::port, "80"));
} else { // Use standard HTTPS port
_params.insert(std::pair<std::string, std::string>(std::string("port"), "443"));
_params.insert(std::pair<std::string, std::string>(params::port, "443"));
}
}
if (!parameter_set(params::port.c_str(), _params[params::port].c_str())) {
loggers::get_instance().warning("tcp_layer::set_parameter: Unprocessed parameter: %s", params::port.c_str());
loggers::get_instance().warning("tcp_layer::tcp_layer: Unprocessed parameter: %s", params::port.c_str());
}
it = _params.find(params::local_port);
if (it == _params.cend()) {
if (_params[params::use_ssl].compare("0") == 0) { // Use standard HTTP local_port
_params.insert(std::pair<std::string, std::string>(std::string("local_port"), "80"));
_params.insert(std::pair<std::string, std::string>(params::local_port, "80"));
} else { // Use standard HTTPS local_port
_params.insert(std::pair<std::string, std::string>(std::string("local_port"), "443"));
_params.insert(std::pair<std::string, std::string>(params::local_port, "443"));
}
}
if (!parameter_set(params::local_port.c_str(), _params[params::local_port].c_str())) {
loggers::get_instance().warning("tcp_layer::set_parameter: Unprocessed parameter: %s", params::local_port.c_str());
loggers::get_instance().warning("tcp_layer::tcp_layer: Unprocessed parameter: %s", params::local_port.c_str());
}
parameter_set(use_connection_ASPs_name(), (!server_mode) ? "yes" : "no");
......@@ -75,7 +75,8 @@ tcp_layer::tcp_layer(const std::string & p_type, const std::string & param) : la
map_user();
if (!_reconnect_on_send) {
if (!_reconnect_on_send && (server_mode == 0)) {
loggers::get_instance().log("tcp_layer::tcp_layer: Establish connection: %s/%s", _params[params::server].c_str(), _params[params::port].c_str());
open_client_connection(_params[params::server].c_str(), _params[params::port].c_str(), NULL, NULL);
}
}
......
......@@ -28,7 +28,7 @@
<aid value="100"/> <!-- not allocated -->
<aid value="101"/> <!-- not allocated -->
<aid value="102"/> <!-- not allocated -->
<aid value="CRT-REQ">01 FE</aid> <!-- Cert request: any -->
<aid value="CRT-REQ">01 FE/FF 01</aid> <!-- Cert request: any -->
</attribute>
<attribute type="its_aid_ssp_list">
<ssp aid="CRL">01</ssp> <!-- CRL -->
......
......@@ -27,7 +27,7 @@
<aid value="IVI"/> <!-- IVI -->
<aid value="TLC"/> <!-- TLC -->
<aid value="GN-MGMT"/> <!-- GN-MGMT -->
<aid value="CRT-REQ">01 FE</aid> <!-- Cert request: any -->
<aid value="CRT-REQ">01 FE/FF 01</aid> <!-- Cert request: any -->
</attribute>
<attribute type="its_aid_ssp_list">
<ssp aid="CRL">01</ssp> <!-- CRL -->
......
<!-- Authorization authority certificate without any region restriction -->
<certificate>
<version>3</version>
<signer type="digest" name="CERT_IUT_A_RCA"/>
<subject type="EA" name="">
<!-- verification_key -->
<attribute type="verification_key">
<public_key algorithm="ecdsa_nistp256_with_sha256">
<ecc_point type="compressed"/>
</public_key>
</attribute>
<!-- encryption_key -->
<attribute type="encryption_key">
<public_key sym_alg="0" algorithm="0">
><ecc_point type="compressed"/>
</public_key>
</attribute>
<!-- assurance_level -->
<attribute type="assurance_level">
<assurance level="4" confidence="0"/>
</attribute>
<!-- its_aid_list -->
<attribute type="its_aid_list" eeType="04"> <!-- issue permissions -->
<aid value="CAM"/> <!--CAM-->
<aid value="DENM"/> <!--DENM-->
<aid value="SPAT"/> <!-- TLM / SPAT -->
<aid value="MAP"/> <!-- RLT / MAP-->
<aid value="IVI"/> <!-- IVI -->
<aid value="TLC"/> <!-- TLC -->
<aid value="GN-MGMT"/> <!-- GN-MGMT -->
<aid value="CRT-REQ">01 C0</aid> <!-- Cert request: -->
</attribute>
<attribute type="its_aid_ssp_list"> <!-- app permissions -->
<ssp aid="CRT-REQ">01 0E</ssp> <!-- Cert request: -->
</attribute>
</subject>
<validity>
<restriction type="time" start="-365d" end="+730d"/>
<restriction type="region">
<none/>
</restriction>
</validity>
<signature algorithm="0"/>
</certificate>
<!-- General authorization ticket certificate without any region restriction -->
<certificate>
<version>3</version>
<signer type="digest" name="CERT_TS_A_EA"/>
<subject type="EC" name="">
<!-- verification_key -->
<attribute type="verification_key">
<public_key algorithm="0">
<ecc_point type="compressed"/>
</public_key>
</attribute>
<!-- encryption_key -->
<attribute type="encryption_key">
<public_key sym_alg="0" algorithm="0">
><ecc_point type="compressed"/>
</public_key>
</attribute>
<!-- assurance_level -->
<attribute type="assurance_level">
<assurance level="3"/>
</attribute>
<!-- its_aid_ssp_list -->
<attribute type="its_aid_ssp_list">
<ssp aid="CRT-REQ">01 C0</ssp> <!-- Cert request -->
</attribute>
</subject>
<validity>
<restriction type="time" start="+0d" end="+365d"/>
<restriction type="region">
<none/>
</restriction>
</validity>
<signature algorithm="0"/>
</certificate>
<!-- Enrolment certificate without CRT-REQ PSID -->
<certificate>
<version>3</version>
<signer type="digest" name="CERT_TS_A_EA"/>
<subject type="EC" name="">
<!-- verification_key -->
<attribute type="verification_key">
<public_key algorithm="0">
<ecc_point type="compressed"/>
</public_key>
</attribute>
<!-- encryption_key -->
<attribute type="encryption_key">
<public_key sym_alg="0" algorithm="0">
><ecc_point type="compressed"/>
</public_key>
</attribute>
<!-- assurance_level -->
<attribute type="assurance_level">
<assurance level="3"/>
</attribute>
<!-- its_aid_ssp_list -->
<attribute type="its_aid_ssp_list">
<ssp aid="CAM"></ssp> <!-- Cert request -->
</attribute>
</subject>
<validity>
<restriction type="time" start="+0d" end="+365d"/>
<restriction type="region">
<none/>
</restriction>
</validity>
<signature algorithm="0"/>
</certificate>
<!-- Enrolment certificate containing CRT-REQ PSID with SSP version 0 -->
<certificate>
<version>3</version>
<signer type="digest" name="CERT_TS_A_EA"/>
<subject type="EC" name="">
<!-- verification_key -->
<attribute type="verification_key">
<public_key algorithm="0">
<ecc_point type="compressed"/>
</public_key>
</attribute>
<!-- encryption_key -->