Add PKI support to RSU simumlator

af58f006 · Yann Garcia · 2a61e6eb · b2f059c6 · af58f006 · af58f006
Commit af58f006 authored Feb 13, 2019 by Yann Garcia
--- a/ccsrc/Externals/LibItsSecurity_externals.cc
+++ b/ccsrc/Externals/LibItsSecurity_externals.cc
@@ -818,7 +818,7 @@ namespace LibItsSecurity__Functions
   * \see http://digital.csic.es/bitstream/10261/32671/1/V2-I2-P7-13.pdf
   */
  // TODO Use common function for both fx__encryptWithEciesxxx and fx__decryptWithEciesxxx function
-  OCTETSTRING fx__decryptWithEciesNistp256WithSha256(const OCTETSTRING& p__encryptedSecuredMessage, const OCTETSTRING& p__privateEncKey, const OCTETSTRING& p__publicEphemeralKeyCompressed, const INTEGER& p__ephemeralCompressedMode, const OCTETSTRING& p__encrypted__sym__key, const OCTETSTRING& p__authentication__vector, const OCTETSTRING& p__nonce, const OCTETSTRING& p__salt) {
+  OCTETSTRING fx__decryptWithEciesNistp256WithSha256(const OCTETSTRING& p__encryptedSecuredMessage, const OCTETSTRING& p__privateEncKey, const OCTETSTRING& p__publicEphemeralKeyCompressed, const INTEGER& p__ephemeralCompressedMode, const OCTETSTRING& p__encrypted__sym__key, const OCTETSTRING& p__authentication__vector, const OCTETSTRING& p__nonce, const OCTETSTRING& p__salt, OCTETSTRING& p__aes__sym__enc__key) {
    loggers::get_instance().log_msg(">>> fx__decryptWithEciesNistp256WithSha256: p__toBeEncryptedSecuredMessage: ", p__encryptedSecuredMessage);
    loggers::get_instance().log_msg(">>> fx__decryptWithEciesNistp256WithSha256: p__privateEncKey: ", p__privateEncKey);
    loggers::get_instance().log_msg(">>> fx__decryptWithEciesNistp256WithSha256: p__publicEphemeralKeyCompressed: ", p__publicEphemeralKeyCompressed);
@@ -849,6 +849,8 @@ namespace LibItsSecurity__Functions
      return OCTETSTRING(0, nullptr);
    }
    loggers::get_instance().log_msg("fx__decryptWithEciesNistp256WithSha256: dec message: ", message);
+    p__aes__sym__enc__key = ec.symmetric_encryption_key();
+    loggers::get_instance().log_msg("fx__decryptWithEciesNistp256WithSha256: AES 128 encryption key: ", p__aes__sym__enc__key);
    
    return message;
  }
@@ -960,7 +962,7 @@ namespace LibItsSecurity__Functions
    return enc_message;
  }
  
-  OCTETSTRING fx__decryptWithEciesBrainpoolp256WithSha256(const OCTETSTRING& p__encryptedSecuredMessage, const OCTETSTRING& p__privateEncKey, const OCTETSTRING& p__publicEphemeralKeyCompressed, const INTEGER& p__ephemeralCompressedMode, const OCTETSTRING& p__encrypted__sym__key, const OCTETSTRING& p__authentication__vector, const OCTETSTRING& p__nonce) {
+  OCTETSTRING fx__decryptWithEciesBrainpoolp256WithSha256(const OCTETSTRING& p__encryptedSecuredMessage, const OCTETSTRING& p__privateEncKey, const OCTETSTRING& p__publicEphemeralKeyCompressed, const INTEGER& p__ephemeralCompressedMode, const OCTETSTRING& p__encrypted__sym__key, const OCTETSTRING& p__authentication__vector, const OCTETSTRING& p__nonce, const OCTETSTRING& p__salt, OCTETSTRING& p__aes__sym__enc__key) {
    loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__toBeEncryptedSecuredMessage: ", p__encryptedSecuredMessage);
    loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__privateEncKey: ", p__privateEncKey);
    loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__publicEphemeralKeyCompressed: ", p__publicEphemeralKeyCompressed);
@@ -968,6 +970,7 @@ namespace LibItsSecurity__Functions
    loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__nonce: ", p__nonce);
    loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__authentication__vector: ", p__authentication__vector);
    loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__encrypted__sym__key: ", p__encrypted__sym__key);
+    loggers::get_instance().log_msg(">>> fx__decryptWithEciesBrainpoolp256WithSha256: p__salt", p__salt);

    // 1. Create security_ecc instance based on public ephemeral keys
    security_ecc ec(ec_elliptic_curves::brainpool_p_256_r1, p__privateEncKey);
@@ -990,6 +993,8 @@ namespace LibItsSecurity__Functions
      return OCTETSTRING(0, nullptr);
    }
    loggers::get_instance().log_msg("fx__decryptWithEciesBrainpoolp256WithSha256: dec message: ", message);
+    p__aes__sym__enc__key = ec.symmetric_encryption_key();
+    loggers::get_instance().log_msg("fx__decryptWithEciesBrainpoolp256WithSha256: AES 128 encryption key: ", p__aes__sym__enc__key);

    return message;
  }

--- a/ccsrc/Framework/src/params.cc
+++ b/ccsrc/Framework/src/params.cc
@@ -80,9 +80,9 @@ const std::string& params::uri = std::string("uri");
 const std::string& params::host = std::string("host");
 const std::string& params::content_type = std::string("content_type");

-const std::string& params::sip_url = std::string("sip_url");
-const std::string& params::sip_version = std::string("sip_version");
-const std::string& params::payload = std::string("payload");
+//const std::string& params::sip_url = std::string("sip_url");
+//const std::string& params::sip_version = std::string("sip_version");
+//const std::string& params::payload = std::string("payload");

 const std::string& params::codecs = std::string("codecs");


--- a/ccsrc/Protocols/Commsignia/commsignia_layer.cc
+++ b/ccsrc/Protocols/Commsignia/commsignia_layer.cc
@@ -91,25 +91,25 @@ void commsignia_layer::receive_data(OCTETSTRING& data, params& params) {
  
  const unsigned char* p = static_cast<const unsigned char *>(data);

-  const commsignia_layer::c2p_recv* r = (const commsignia_layer::c2p_recv*)p;
-  loggers::get_instance().log("commsignia_layer::receive_data: version=%02x", r->version);
-  loggers::get_instance().log("commsignia_layer::receive_data: timestamp1=%08x", ntohl(r->timestamp_sec));
-  loggers::get_instance().log("commsignia_layer::receive_data: timestamp2=%08x", ntohl(r->timestamp_msec));
-  loggers::get_instance().log("commsignia_layer::receive_data: timestamp2=%08x", ntohl(r->timestamp_msec));
-  loggers::get_instance().log("commsignia_layer::receive_data: antenna=%02x", r->antenna);
-  loggers::get_instance().log("commsignia_layer::receive_data: rssi_ant2=%02x", r->rssi_ant2);
-  loggers::get_instance().log("commsignia_layer::receive_data: noise_ant1=%02x", r->noise_ant1);
-  loggers::get_instance().log("commsignia_layer::receive_data: noise_ant2=%02x", r->noise_ant2);
+  const commsignia_layer::c2p_s_v1_tx_t* r = (const commsignia_layer::c2p_s_v1_tx_t*)p;
+  loggers::get_instance().log("commsignia_layer::receive_data: version=%02x", r->s_header.u8_ver_type);
+  loggers::get_instance().log("commsignia_layer::receive_data: timestamp1=%08x", ntohl(r->s_header.u32_tst_sec));
+  loggers::get_instance().log("commsignia_layer::receive_data: timestamp2=%08x", ntohl(r->s_header.u32_tst_msec));
+  loggers::get_instance().log("commsignia_layer::receive_data: primary_channel=%08x", ntohl(r->u8_primary_channel));
+  loggers::get_instance().log("commsignia_layer::receive_data: secondary_channel=%08x", ntohl(r->u8_secondary_channel));
+  loggers::get_instance().log("commsignia_layer::receive_data: antenna=%02x", r->u8_antenna);
+  loggers::get_instance().log("commsignia_layer::receive_data: s8_tssi_ant_1=%d", r->s8_tssi_ant_1);
+  loggers::get_instance().log("commsignia_layer::receive_data: s8_tssi_ant_2=%d", r->s8_tssi_ant_2);
  // Filtering on antenna index
-  loggers::get_instance().log("commsignia_layer::receive_data: compare %02x with %02x", r->antenna, static_cast<unsigned char>(std::strtoul(_params[params::interface_id].c_str(), NULL, 10)));
-  if (r->antenna != static_cast<unsigned char>(std::strtoul(_params[params::interface_id].c_str(), NULL, 10))) {
+  loggers::get_instance().log("commsignia_layer::receive_data: compare %02x with %02x", r->u8_antenna, static_cast<unsigned char>(std::stoi(_params[params::interface_id])));
+  if (r->u8_antenna != std::stoi(_params[params::interface_id])) {
    // Discard packet
    loggers::get_instance().warning("commsignia_layer::receive_data: Discard packet due to wrong antenna id");
    return;
  } // else, continue

-  const commsignia_layer::c2p_802_11p_hdr* h = (const commsignia_layer::c2p_802_11p_hdr*)(p + sizeof(commsignia_layer::c2p_recv));
-  //loggers::get_instance().log("commsignia_layer::receive_data: frame_ctrl=%04x", ntohs(h->frame_ctrl));
+  const commsignia_layer::c2p_802_11p_hdr* h = (const commsignia_layer::c2p_802_11p_hdr*)(p + sizeof(commsignia_layer::c2p_s_v1_tx_t));
+  loggers::get_instance().log("commsignia_layer::receive_data: frame_ctrl=%04x", ntohs(h->frame_ctrl));
  OCTETSTRING dst = OCTETSTRING(6, (const unsigned char*)&h->dst_addr);
  loggers::get_instance().log_msg("commsignia_layer::receive_data: dst: ", dst);
  OCTETSTRING src = OCTETSTRING(6, (const unsigned char*)&h->src_addr);
@@ -124,15 +124,16 @@ void commsignia_layer::receive_data(OCTETSTRING& data, params& params) {
  const commsignia_layer::c2p_llc_hdr* l;
  int length;
  if ((ntohs(h->frame_ctrl) & 0xf000) == 0x8000) {
-    l = (const commsignia_layer::c2p_llc_hdr*)(p + sizeof(commsignia_layer::c2p_recv) + sizeof(commsignia_layer::c2p_802_11p_hdr) + sizeof(commsignia_layer::c2p_qos_ctrl));
-    length = sizeof(commsignia_layer::c2p_recv) + sizeof(commsignia_layer::c2p_802_11p_hdr) + sizeof(commsignia_layer::c2p_qos_ctrl) + sizeof(commsignia_layer::c2p_llc_hdr);
+    l = (const commsignia_layer::c2p_llc_hdr*)(p + sizeof(commsignia_layer::c2p_s_v1_tx_t) + sizeof(commsignia_layer::c2p_802_11p_hdr) + sizeof(commsignia_layer::c2p_qos_ctrl));
+    length = sizeof(commsignia_layer::c2p_s_v1_tx_t) + sizeof(commsignia_layer::c2p_802_11p_hdr) + sizeof(commsignia_layer::c2p_qos_ctrl) + sizeof(commsignia_layer::c2p_llc_hdr);
  } else {
-    l = (const commsignia_layer::c2p_llc_hdr*)(p + sizeof(commsignia_layer::c2p_recv) + sizeof(commsignia_layer::c2p_802_11p_hdr));
-    length = sizeof(commsignia_layer::c2p_recv) + sizeof(commsignia_layer::c2p_802_11p_hdr) + sizeof(commsignia_layer::c2p_llc_hdr);
+    l = (const commsignia_layer::c2p_llc_hdr*)(p + sizeof(commsignia_layer::c2p_s_v1_tx_t) + sizeof(commsignia_layer::c2p_802_11p_hdr));
+    length = sizeof(commsignia_layer::c2p_s_v1_tx_t) + sizeof(commsignia_layer::c2p_802_11p_hdr) + sizeof(commsignia_layer::c2p_llc_hdr);
  }
  loggers::get_instance().log("commsignia_layer::receive_data: dsap=%02x", l->dsap);
  loggers::get_instance().log("commsignia_layer::receive_data: ssap=%02x", l->ssap);
  loggers::get_instance().log("commsignia_layer::receive_data: type=%04x", l->type);
+
  // Check ether type
  if ((_eth_type[1] == (unsigned char)((l->type & 0xff00) >> 8)) && (_eth_type[0] == (unsigned char)(l->type & 0xff))) { // Warning: Network ordered bytes
    // Extract payload

--- a/ccsrc/Protocols/Commsignia/commsignia_layer.hh
+++ b/ccsrc/Protocols/Commsignia/commsignia_layer.hh
@@ -24,28 +24,28 @@ class commsignia_layer : public layer {
  static constexpr unsigned char LL_ORG_CODE_LENGTH = 3;
  
  /**
-   * \struct C2P packet description: Version 1, packet type: RX
+   * \struct C2P packet description
   */
  typedef struct {
-    unsigned char version;
-    unsigned int timestamp_sec;
-    unsigned int timestamp_msec;
-    unsigned char primary_channel;
-    unsigned char secondary_channel;
-    unsigned char used_iface;
-    unsigned char data_rate;
-    unsigned char antenna;
-    unsigned int latitude;
-    unsigned int longitude;
-    unsigned short speed;
-    unsigned short heading;
-    unsigned char rssi_ant1;
-    unsigned char rssi_ant2;
-    unsigned char noise_ant1;
-    unsigned char noise_ant2;
-    unsigned short cbr_ant1;
-    unsigned short cbr_ant2;
-  } __attribute__((__packed__)) c2p_recv;
+    unsigned char u8_ver_type;
+    unsigned int u32_tst_sec;
+    unsigned int u32_tst_msec;
+  } c2p_s_header_t;
+  typedef struct {
+    c2p_s_header_t s_header;
+    unsigned char u8_primary_channel;
+    unsigned char u8_secondary_channel;
+    unsigned char u8_used_interface;
+    unsigned char u8_data_rate;
+    unsigned char u8_antenna;
+    int s32_latitude;
+    int s32_longitude;
+    unsigned short u16_speed;
+    unsigned short u16_heading;
+    signed char s8_txp;
+    signed char s8_tssi_ant_1;
+    signed char s8_tssi_ant_2;
+  } c2p_s_v1_tx_t;

  /**
   * \struct Injected data header
@@ -73,7 +73,7 @@ class commsignia_layer : public layer {
  } __attribute__((__packed__)) c2p_llc_hdr;

  params _params;                       //! Layer parameters
-  c2p_recv _c2p_recv;                   //! \todo
+  c2p_s_v1_tx_t _c2p_recv;              //! \todo
  c2p_802_11p_hdr _802_11p_hdr;         //! \todo
  c2p_llc_hdr _c2p_llc_hdr;             //! \todo
  std::vector<unsigned char> _mac_src;  //! Used to optimize filtering on source mac address in \see commsignia_layer::receive_data method

--- a/ccsrc/Protocols/Http/http_codec.cc
+++ b/ccsrc/Protocols/Http/http_codec.cc
@@ -215,7 +215,7 @@ int http_codec::encode_request(const LibItsHttp__TypesAndValues::Request& p_requ
  if (_ec.is_content_length_present == 0x01) {
    loggers::get_instance().log_msg("http_codec::encode_request: Add body ", os);
    p_encoding_buffer.put_os(os);
-    //FIXME For test With GEMALTO, comment to be removed, p_encoding_buffer.put_cs("\r\n");
+    p_encoding_buffer.put_cs("\r\n");
  }

  loggers::get_instance().log_to_hexa("<<< http_codec::encode_request: ", p_encoding_buffer);

--- a/ccsrc/Protocols/Security/certificates_loader.cc
+++ b/ccsrc/Protocols/Security/certificates_loader.cc
@@ -17,11 +17,11 @@
 certificates_loader * certificates_loader::instance = nullptr;

 certificates_loader::certificates_loader(): _certificateExt{".oer"}, _privateKeyExt{".vkey"}, _privateEncKeyExt{".ekey"}, _full_path(), _is_cache_initialized{false}, _directory_filter{".svn", "._.DS_Store", ".DS_Store"} {
-  loggers::get_instance().log(">>> certificates_loader::certificates_loader");
+  //loggers::get_instance().log(">>> certificates_loader::certificates_loader");
 } // End of ctor

 int certificates_loader::build_path(const std::string& p_root_directory) {
-  loggers::get_instance().log(">>> certificates_loader::build_path: '%s'", p_root_directory.c_str());
+  //loggers::get_instance().log(">>> certificates_loader::build_path: '%s'", p_root_directory.c_str());

  // Build full path
  if (!p_root_directory.empty()) {
@@ -38,7 +38,7 @@ int certificates_loader::build_path(const std::string& p_root_directory) {
    _full_path = "./";
  }
  std::experimental::filesystem::canonical(_full_path);
-  loggers::get_instance().log("certificates_loader::build_path: full path: %s", _full_path.string().c_str());
+  //loggers::get_instance().log("certificates_loader::build_path: full path: %s", _full_path.string().c_str());
  if (!std::experimental::filesystem::exists(_full_path)) {
    loggers::get_instance().warning("certificates_loader::build_path: Invalid path");
    _full_path.clear();
@@ -49,7 +49,7 @@ int certificates_loader::build_path(const std::string& p_root_directory) {
 } // End of method build_path

 int certificates_loader::load_certificates(std::map<std::string, std::unique_ptr<security_db_record> >& p_certificates, std::map<OCTETSTRING/*std::vector<unsigned char>*/, std::string, security_cache_comp>& p_hashed_id8s) {
-  loggers::get_instance().log(">>> certificates_loader::load_certificates");
+  //loggers::get_instance().log(">>> certificates_loader::load_certificates");

  // Sanity check
  if (_is_cache_initialized) {
@@ -74,7 +74,7 @@ int certificates_loader::load_certificates(std::map<std::string, std::unique_ptr
 } // End of method load_certificates

 int certificates_loader::retrieve_certificates_list(std::set<std::experimental::filesystem::path>& p_files) {
-  loggers::get_instance().log(">>> certificates_loader::retrieve_certificates_list");
+  //loggers::get_instance().log(">>> certificates_loader::retrieve_certificates_list");

  // Walk through directories
  std::set<std::experimental::filesystem::path> folders;
@@ -104,13 +104,13 @@ int certificates_loader::retrieve_certificates_list(std::set<std::experimental::
      if (std::experimental::filesystem::is_regular_file(it)) {
        //loggers::get_instance().log("certificates_loader::retrieve_certificates_list: Check extension '%s'", it.path().extension().string().c_str());
        if (it.path().extension().string().compare(_certificateExt) == 0) {
-          loggers::get_instance().log("certificates_loader::retrieve_certificates_list: Add file '%s'", it.path().filename().string().c_str());
+          //loggers::get_instance().log("certificates_loader::retrieve_certificates_list: Add file '%s'", it.path().filename().string().c_str());
          p_files.insert(it);
        }
      }
    } // End of 'for' statement
  } // End of 'for' statement
-  loggers::get_instance().log("certificates_loader::retrieve_certificates_list: # of files to cache: %d", p_files.size());
+  //loggers::get_instance().log("certificates_loader::retrieve_certificates_list: # of files to cache: %d", p_files.size());
  if (p_files.size() == 0) {
    loggers::get_instance().warning("certificates_loader::retrieve_certificates_list: No certificate found");
    return -1;
@@ -120,7 +120,7 @@ int certificates_loader::retrieve_certificates_list(std::set<std::experimental::
 } // End of method retrieve_certificates_list

 int certificates_loader::build_certificates_cache(std::set<std::experimental::filesystem::path>& p_files, std::map<std::string, std::unique_ptr<security_db_record> >& p_certificates, std::map<OCTETSTRING/*std::vector<unsigned char>*/, std::string, security_cache_comp>& p_hashed_id8s) {
-  loggers::get_instance().log(">>> certificates_loader::build_certificates_cache");
+  //loggers::get_instance().log(">>> certificates_loader::build_certificates_cache");

  std::set<std::experimental::filesystem::path>::const_iterator it = p_files.cbegin();
  std::pair<std::map<std::string, std::unique_ptr<security_db_record> >::iterator, bool> result;
@@ -128,7 +128,7 @@ int certificates_loader::build_certificates_cache(std::set<std::experimental::fi
    loggers::get_instance().log("certificates_loader::build_certificates_cache: Caching '%s'", it->string().c_str());
    std::experimental::filesystem::path p = *it;
    const std::string& key = p.stem();
-    loggers::get_instance().log("certificates_loader::build_certificates_cache: Key = '%s'", key.c_str());
+    //loggers::get_instance().log("certificates_loader::build_certificates_cache: Key = '%s'", key.c_str());

    // Load certificate file
    it = p_files.find(p.replace_extension(_certificateExt));
@@ -136,7 +136,7 @@ int certificates_loader::build_certificates_cache(std::set<std::experimental::fi
      loggers::get_instance().warning("certificates_loader::build_certificates_cache: Certificate file not found for '%s'", key.c_str());
      return -1;
    }
-    loggers::get_instance().log("certificates_loader::build_certificates_cache: Caching certificate '%s'", it->string().c_str());
+    //loggers::get_instance().log("certificates_loader::build_certificates_cache: Caching certificate '%s'", it->string().c_str());
    std::ifstream is(it->string(), ios::in | ios::binary);
    if (!is.is_open()) {
      loggers::get_instance().warning("certificates_loader::build_certificates_cache: Failed to open certificate file");
@@ -151,7 +151,7 @@ int certificates_loader::build_certificates_cache(std::set<std::experimental::fi
    // Load private key file
    OCTETSTRING private_key;
    p = p.replace_extension(_privateKeyExt);
-    loggers::get_instance().log("certificates_loader::build_certificates_cache: Caching private keys '%s'", p.string().c_str());
+    //loggers::get_instance().log("certificates_loader::build_certificates_cache: Caching private keys '%s'", p.string().c_str());
    is.open(p, ios::in | ios::binary);
    if (!is.is_open()) {
      loggers::get_instance().warning("certificates_loader::build_certificates_cache: Failed to open Private key");
@@ -170,7 +170,7 @@ int certificates_loader::build_certificates_cache(std::set<std::experimental::fi
    // Load private encryption key file if present
    OCTETSTRING private_enc_key;
    p = p.replace_extension(_privateEncKeyExt);
-    loggers::get_instance().log("certificates_loader::build_certificates_cache: Caching private encryption key '%s'", p.string().c_str());
+    //loggers::get_instance().log("certificates_loader::build_certificates_cache: Caching private encryption key '%s'", p.string().c_str());
    is.open(p, ios::in | ios::binary);
    if (!is.is_open()) {
      loggers::get_instance().warning("certificates_loader::build_certificates_cache: Failed to open Private encryption key file");
@@ -194,7 +194,7 @@ int certificates_loader::build_certificates_cache(std::set<std::experimental::fi
      loggers::get_instance().warning("certificates_loader::build_certificates_cache: Failed to decode certificate for '%s'", key.c_str());
      return -1;
    } else {
-      loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: Decoded certificate: ", decoded_certificate);
+      //loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: Decoded certificate: ", decoded_certificate);
      // Prepare all fields
      if (!decoded_certificate.toBeSigned().verifyKeyIndicator().ischosen(IEEE1609dot2::VerificationKeyIndicator::ALT_verificationKey)) {
        loggers::get_instance().warning("certificates_loader::build_certificates_cache: Wrong VerificationKeyIndicator variant for '%s'", key.c_str());
@@ -214,9 +214,9 @@ int certificates_loader::build_certificates_cache(std::set<std::experimental::fi
        IEEE1609dot2BaseTypes::EccP384CurvePoint& p = b.ecdsaBrainpoolP384r1();
        fill_public_key_vectors(ec_elliptic_curves::brainpool_p_384_r1, p, public_comp_key, public_key_x, public_key_y);
      }
-      loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: public_key_x: ", public_key_x);
-      loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: public_key_y: ", public_key_y);
-      loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: public_comp_key: ", public_comp_key);
+      //loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: public_key_x: ", public_key_x);
+      //loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: public_key_y: ", public_key_y);
+      //loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: public_comp_key: ", public_comp_key);
      
      OCTETSTRING public_enc_key_x;
      OCTETSTRING public_enc_key_y;
@@ -231,9 +231,9 @@ int certificates_loader::build_certificates_cache(std::set<std::experimental::fi
          IEEE1609dot2BaseTypes::EccP256CurvePoint& p = v.publicKey().eciesBrainpoolP256r1();
          fill_public_key_vectors(ec_elliptic_curves::brainpool_p_256_r1, p, public_enc_comp_key, public_enc_key_x, public_enc_key_y);
        }
-        loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: public_enc_key_x: ", public_enc_key_x);
-        loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: public_enc_key_y: ", public_enc_key_y);
-        loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: public_enc_comp_key: ", public_enc_comp_key);
+        //loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: public_enc_key_x: ", public_enc_key_x);
+        //loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: public_enc_key_y: ", public_enc_key_y);
+        //loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: public_enc_comp_key: ", public_enc_comp_key);
      } else {
        public_enc_key_x = OCTETSTRING(0, nullptr);
        public_enc_key_y = OCTETSTRING(0, nullptr);
@@ -259,11 +259,11 @@ int certificates_loader::build_certificates_cache(std::set<std::experimental::fi
        if (decoded_certificate.issuer().self__() == IEEE1609dot2BaseTypes::HashAlgorithm::sha256) {
          sha256 sha;
          sha.generate(certificate, hash);
-          loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: Whole-certificate SHA-256 hash: ", hash);
+          //loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: Whole-certificate SHA-256 hash: ", hash);
        } else {
          sha384 sha;
          sha.generate(certificate, hash);
-          loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: Whole-certificate SHA-384 hash: ", hash);
+          //loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: Whole-certificate SHA-384 hash: ", hash);
        }
        hashed_id = OCTETSTRING(8, static_cast<const unsigned char*>(hash) + hash.lengthof() - 8);
        issuer = hashed_id;
@@ -272,9 +272,9 @@ int certificates_loader::build_certificates_cache(std::set<std::experimental::fi
        hashed_id = int2oct(0, 8);
        issuer = int2oct(0, 8);
      }
-      loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: hash: ", hash);
-      loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: hashed_id: ", hashed_id);
-      loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: issuer: ", issuer);
+      //loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: hash: ", hash);
+      //loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: hashed_id: ", hashed_id);
+      //loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: issuer: ", issuer);
      
      // Create new record
      security_db_record* p = new security_db_record(
@@ -299,8 +299,8 @@ int certificates_loader::build_certificates_cache(std::set<std::experimental::fi
        delete p;
        return -1;
      }
-      loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: add key: ", result.first->second.get()->hashed_id());
-      loggers::get_instance().log("certificates_loader::build_certificates_cache: for : %s", result.first->first.c_str());
+      //loggers::get_instance().log_msg("certificates_loader::build_certificates_cache: add key: ", result.first->second.get()->hashed_id());
+      //loggers::get_instance().log("certificates_loader::build_certificates_cache: for : %s", result.first->first.c_str());
      p_hashed_id8s.insert(std::pair<OCTETSTRING, std::string>(result.first->second.get()->hashed_id(), result.first->first));
      /*std::vector<unsigned char> v(static_cast<const unsigned char*>(result.first->second.get()->hashed_id()), result.first->second.get()->hashed_id().lengthof() + static_cast<const unsigned char*>(result.first->second.get()->hashed_id()));
      loggers::get_instance().log_to_hexa("security_cache::store_certificate: Converted hashed_id8: ", v.data(), v.size());
@@ -387,7 +387,7 @@ void certificates_loader::fill_public_key_vectors(const ec_elliptic_curves p_ell
  }
 }
 void certificates_loader::fill_public_key_vectors(const ec_elliptic_curves p_elliptic_curve, const IEEE1609dot2BaseTypes::EccP384CurvePoint& p_ecc_point, OCTETSTRING& p_public_comp_key, OCTETSTRING& p_public_key_x, OCTETSTRING& p_public_key_y) {
-  loggers::get_instance().log_msg(">>> certificates_loader::fill_public_key_vectors: ", p_ecc_point);
+  //loggers::get_instance().log_msg(">>> certificates_loader::fill_public_key_vectors: ", p_ecc_point);

  if (p_ecc_point.ischosen(IEEE1609dot2BaseTypes::EccP384CurvePoint::ALT_compressed__y__0)) {
    p_public_comp_key = int2oct(2, 1) + p_ecc_point.compressed__y__0();

--- a/ccsrc/Protocols/Tcp/tcp_layer.cc
+++ b/ccsrc/Protocols/Tcp/tcp_layer.cc
@@ -31,36 +31,36 @@ tcp_layer::tcp_layer(const std::string & p_type, const std::string & param) : la
    _params.insert(std::pair<std::string, std::string>(std::string("server"), "127.0.0.1")); // TODO Try using params::server instead of std::string("server")
  }
  if (!parameter_set(params::server.c_str(), _params[params::server].c_str())) {
-    loggers::get_instance().warning("tcp_layer::set_parameter: Unprocessed parameter: %s", params::server.c_str());
+    loggers::get_instance().warning("tcp_layer::tcp_layer: Unprocessed parameter: %s", params::server.c_str());
  }
  set_ssl_use_ssl(false);
  it = _params.find(params::use_ssl);
  if (it == _params.cend()) {
-    _params.insert(std::pair<std::string, std::string>(std::string("use_ssl"), "0"));
+    _params.insert(std::pair<std::string, std::string>(params::use_ssl, "0"));
  } else if (it->second.compare("1") == 0) {
    set_ssl_use_ssl(true);
  }
  it = _params.find(params::port);
  if (it == _params.cend()) {
    if (_params[params::use_ssl].compare("0") == 0) { // Use standard HTTP port
-      _params.insert(std::pair<std::string, std::string>(std::string("port"), "80"));
+      _params.insert(std::pair<std::string, std::string>(params::port, "80"));
    } else { // Use standard HTTPS port
-      _params.insert(std::pair<std::string, std::string>(std::string("port"), "443"));
+      _params.insert(std::pair<std::string, std::string>(params::port, "443"));
    }
  }
  if (!parameter_set(params::port.c_str(), _params[params::port].c_str())) {
-    loggers::get_instance().warning("tcp_layer::set_parameter: Unprocessed parameter: %s", params::port.c_str());
+    loggers::get_instance().warning("tcp_layer::tcp_layer: Unprocessed parameter: %s", params::port.c_str());
  }
  it = _params.find(params::local_port);
  if (it == _params.cend()) {
    if (_params[params::use_ssl].compare("0") == 0) { // Use standard HTTP local_port
-      _params.insert(std::pair<std::string, std::string>(std::string("local_port"), "80"));
+      _params.insert(std::pair<std::string, std::string>(params::local_port, "80"));
    } else { // Use standard HTTPS local_port
-      _params.insert(std::pair<std::string, std::string>(std::string("local_port"), "443"));
+      _params.insert(std::pair<std::string, std::string>(params::local_port, "443"));
    }
  }
  if (!parameter_set(params::local_port.c_str(), _params[params::local_port].c_str())) {
-    loggers::get_instance().warning("tcp_layer::set_parameter: Unprocessed parameter: %s", params::local_port.c_str());
+    loggers::get_instance().warning("tcp_layer::tcp_layer: Unprocessed parameter: %s", params::local_port.c_str());
  }

  parameter_set(use_connection_ASPs_name(), (!server_mode) ? "yes" : "no");
@@ -75,7 +75,8 @@ tcp_layer::tcp_layer(const std::string & p_type, const std::string & param) : la

  map_user();

-  if (!_reconnect_on_send) {
+  if (!_reconnect_on_send && (server_mode == 0)) {
+    loggers::get_instance().log("tcp_layer::tcp_layer: Establish connection: %s/%s", _params[params::server].c_str(), _params[params::port].c_str());
 	  open_client_connection(_params[params::server].c_str(), _params[params::port].c_str(), NULL, NULL);
  }
                                                                                                                                                            }

--- a/data/v3/profiles/CERT_IUT_A_RCA.xml
+++ b/data/v3/profiles/CERT_IUT_A_RCA.xml
@@ -28,7 +28,7 @@
 			<aid value="100"/>  <!-- not allocated -->
 			<aid value="101"/>  <!-- not allocated -->
 			<aid value="102"/>  <!-- not allocated -->
-			<aid value="CRT-REQ">01 FE</aid> <!-- Cert request: any -->
+			<aid value="CRT-REQ">01 FE/FF 01</aid> <!-- Cert request: any -->
 		</attribute>
 		<attribute type="its_aid_ssp_list">
 			<ssp aid="CRL">01</ssp> <!-- CRL  -->

--- a/data/v3/profiles/CERT_IUT_C_RCA.xml
+++ b/data/v3/profiles/CERT_IUT_C_RCA.xml
@@ -27,7 +27,7 @@
 			<aid value="IVI"/> <!-- IVI -->
 			<aid value="TLC"/> <!-- TLC -->
 			<aid value="GN-MGMT"/> <!-- GN-MGMT -->
-			<aid value="CRT-REQ">01 FE</aid> <!-- Cert request: any -->
+			<aid value="CRT-REQ">01 FE/FF 01</aid> <!-- Cert request: any -->
 		</attribute>
 		<attribute type="its_aid_ssp_list">
 			<ssp aid="CRL">01</ssp> <!-- CRL  -->

--- a/data/v3/profiles/CERT_TS_A_EA.xml
+++ b/data/v3/profiles/CERT_TS_A_EA.xml
+<!-- Authorization authority certificate without any region restriction -->
+<certificate>
+	<version>3</version>
+	<signer type="digest" name="CERT_IUT_A_RCA"/>
+	<subject type="EA" name="">
+		<!-- verification_key -->
+		<attribute type="verification_key">
+			<public_key algorithm="ecdsa_nistp256_with_sha256">
+				<ecc_point type="compressed"/>
+			</public_key>
+		</attribute>
+		<!-- encryption_key -->
+		<attribute type="encryption_key">
+			<public_key sym_alg="0" algorithm="0">
+				><ecc_point type="compressed"/>
+			</public_key>
+		</attribute>
+		<!-- assurance_level -->
+		<attribute type="assurance_level">
+			<assurance level="4" confidence="0"/>
+		</attribute>
+		<!-- its_aid_list -->
+		<attribute type="its_aid_list" eeType="04"> <!-- issue permissions -->
+			<aid value="CAM"/>  <!--CAM-->
+			<aid value="DENM"/>  <!--DENM-->
+			<aid value="SPAT"/> <!-- TLM / SPAT -->
+			<aid value="MAP"/> <!-- RLT / MAP-->
+			<aid value="IVI"/> <!-- IVI -->
+			<aid value="TLC"/> <!-- TLC -->
+			<aid value="GN-MGMT"/> <!-- GN-MGMT -->
+			<aid value="CRT-REQ">01 C0</aid> <!-- Cert request:  -->
+		</attribute>
+		<attribute type="its_aid_ssp_list"> <!-- app permissions -->
+			<ssp aid="CRT-REQ">01 0E</ssp> <!-- Cert request:  -->
+		</attribute>
+	</subject>
+	<validity>
+		<restriction type="time" start="-365d" end="+730d"/>
+		<restriction type="region">
+			<none/>
+		</restriction>
+	</validity>
+	<signature algorithm="0"/>
+</certificate>
--- a/data/v3/profiles/CERT_TS_A_EC.xml
+++ b/data/v3/profiles/CERT_TS_A_EC.xml
+<!-- General authorization ticket certificate without any region restriction -->
+<certificate>
+	<version>3</version>
+	<signer type="digest" name="CERT_TS_A_EA"/>
+	<subject type="EC" name="">
+		<!-- verification_key -->
+		<attribute type="verification_key">
+			<public_key algorithm="0">
+				<ecc_point type="compressed"/>
+			</public_key>
+		</attribute>
+		<!-- encryption_key -->
+		<attribute type="encryption_key">
+			<public_key sym_alg="0" algorithm="0">
+				><ecc_point type="compressed"/>
+			</public_key>
+		</attribute>
+		<!-- assurance_level -->
+		<attribute type="assurance_level">
+			<assurance level="3"/>
+		</attribute>
+		<!-- its_aid_ssp_list -->
+		<attribute type="its_aid_ssp_list">
+			<ssp aid="CRT-REQ">01 C0</ssp> <!-- Cert request  -->
+		</attribute>
+	</subject>
+	<validity>
+		<restriction type="time" start="+0d" end="+365d"/>
+		<restriction type="region">
+			<none/>
+		</restriction>
+	</validity>
+	<signature algorithm="0"/>
+</certificate>
--- a/data/v3/profiles/CERT_TS_EC_ENR_RCV_02_BI_01.xml
+++ b/data/v3/profiles/CERT_TS_EC_ENR_RCV_02_BI_01.xml
+<!-- Enrolment certificate without CRT-REQ PSID  -->
+<certificate>
+	<version>3</version>
+	<signer type="digest" name="CERT_TS_A_EA"/>
+	<subject type="EC" name="">
+		<!-- verification_key -->
+		<attribute type="verification_key">
+			<public_key algorithm="0">
+				<ecc_point type="compressed"/>
+			</public_key>
+		</attribute>
+		<!-- encryption_key -->
+		<attribute type="encryption_key">
+			<public_key sym_alg="0" algorithm="0">
+				><ecc_point type="compressed"/>
+			</public_key>
+		</attribute>
+		<!-- assurance_level -->
+		<attribute type="assurance_level">
+			<assurance level="3"/>
+		</attribute>
+		<!-- its_aid_ssp_list -->
+		<attribute type="its_aid_ssp_list">
+			<ssp aid="CAM"></ssp> <!-- Cert request  -->
+		</attribute>
+	</subject>
+	<validity>
+		<restriction type="time" start="+0d" end="+365d"/>
+		<restriction type="region">
+			<none/>
+		</restriction>
+	</validity>
+	<signature algorithm="0"/>
+</certificate>
--- a/data/v3/profiles/CERT_TS_EC_ENR_RCV_02_BI_02.xml
+++ b/data/v3/profiles/CERT_TS_EC_ENR_RCV_02_BI_02.xml
+<!-- Enrolment certificate containing CRT-REQ PSID with SSP version 0 -->
+<certificate>
+	<version>3</version>
+	<signer type="digest" name="CERT_TS_A_EA"/>
+	<subject type="EC" name="">
+		<!-- verification_key -->
+		<attribute type="verification_key">
+			<public_key algorithm="0">
+				<ecc_point type="compressed"/>
+			</public_key>
+		</attribute>
+