Finalyze support of AuthorizarionRequest/Response

ccsrc/Externals/LibItsSecurity_externals.cc

@@ -688,6 +688,7 @@ namespace LibItsSecurity__Functions
    * \param[out] p__encrypted__sym__key The encrypted AES 128 symmetric key
    * \param[out] p__authentication__vector The tag of the encrypted AES 128 symmetric key
    * \param[out] p__nonce The nonce vector
+   * \param[in] p__use__hardcoded__values In debug mode, set to true to use hardcoded values
    * \return The original message
    * \see IEEE Std 1609.2-2017 Clause 5.3.5 Public key encryption algorithms: ECIES
    * \see https://www.nominet.uk/researchblog/how-elliptic-curve-cryptography-encryption-works/
@@ -696,25 +697,26 @@ namespace LibItsSecurity__Functions
   // TODO Use common function for both fx__encryptWithEciesxxx and fx__decryptWithEciesxxx function
   OCTETSTRING fx__encryptWithEciesNistp256WithSha256(const OCTETSTRING& p__toBeEncryptedSecuredMessage, const OCTETSTRING& p__recipientsPublicKeyCompressed, const INTEGER& p__compressedMode, const OCTETSTRING& p__salt, OCTETSTRING& p__publicEphemeralKeyCompressed, INTEGER& p__ephemeralCompressedMode,OCTETSTRING& p__aes__sym__key, OCTETSTRING& p__encrypted__sym__key, OCTETSTRING& p__authentication__vector, OCTETSTRING& p__nonce, const BOOLEAN& p__use__hardcoded__values) {
     loggers::get_instance().log_msg(">>> fx__encryptWithEciesNistp256WithSha256: p__toBeEncryptedSecuredMessage: ", p__toBeEncryptedSecuredMessage);
-    loggers::get_instance().log_msg(">>> fx__encryptWithEciesNistp256WithSha256: p__recipientsPublicKeyCompressed", p__recipientsPublicKeyCompressed);
+    loggers::get_instance().log_msg(">>> fx__encryptWithEciesNistp256WithSha256: p__recipientsPublicKeyCompressed: ", p__recipientsPublicKeyCompressed);
     loggers::get_instance().log(">>> fx__encryptWithEciesNistp256WithSha256: p__compressedMode: %d", static_cast<int>(p__compressedMode));
-    loggers::get_instance().log_msg(">>> fx__encryptWithEciesNistp256WithSha256: p__salt", p__salt);
+    loggers::get_instance().log_msg(">>> fx__encryptWithEciesNistp256WithSha256: p__salt: ", p__salt);
+    loggers::get_instance().log(">>> fx__encryptWithEciesNistp256WithSha256: p__use__hardcoded__values: %x", static_cast<const boolean>(p__use__hardcoded__values));
     
     // 1. Generate new Private/Public Ephemeral key
     std::unique_ptr<security_ecc> ec;
-    if (!p__use__hardcoded__values) {
+    if (!static_cast<const boolean>(p__use__hardcoded__values)) {
       ec.reset(new security_ecc(ec_elliptic_curves::nist_p_256));
       if (ec->generate() == -1) {
         loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to generate ephemeral keys");
         return OCTETSTRING(0, nullptr);
       }
     } else {
-      ec.reset(new security_ecc(ec_elliptic_curves::nist_p_256, str2oct("EE9CC7FBD9EDECEA41F7C8BD258E8D2E988E75BD069ADDCA1E5A38E534AC6818"), str2oct("5AE3C8D9FE0B1FC7438F29417C240F8BF81C358EC1A4D0C6E98D8EDBCC714017"))); // Private/Public ephemeral keys
+      ec.reset(new security_ecc(ec_elliptic_curves::nist_p_256, str2oct("0722B39ABC7B6C5301CA0408F454F81553D7FE59F492DBF385B6B6D1F81E0F68"))); // Hardcoded private key
     }
     // 2. Generate and derive shared secret based on recipient's private keys
     security_ecc ec_comp(ec_elliptic_curves::nist_p_256, p__recipientsPublicKeyCompressed, (static_cast<int>(p__compressedMode) == 0) ? ecc_compressed_mode::compressed_y_0 : ecc_compressed_mode::compressed_y_1);
-    if (p__use__hardcoded__values) {
-      ec_comp.symmetric_encryption_key(str2oct("A6342013D623AD6C5F6882469673AE33"));
+    if (static_cast<const boolean>(p__use__hardcoded__values)) { // Set AES encryption key to an harcoded value
+      ec->symmetric_encryption_key(str2oct("5A4E63B247C714644E85CAC49BD26C81"));
     }
     if (ec->generate_and_derive_ephemeral_key(encryption_algotithm::aes_128_ccm, ec_comp.public_key_x(), ec_comp.public_key_y(), p__salt) == -1) {
       loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to generate and derive secret key");

ccsrc/Protocols/Http/http_codec.cc

@@ -400,7 +400,7 @@ int http_codec::encode_body(const LibItsHttp__MessageBodyTypes::HttpMessageBody&
           _codecs["http_its"]->encode((Record_Type&)binary_body.ieee1609dot2__data(), p_encoding_buffer); // TODO Use params
           
           
-#if !defined(GEMALTO_FIX)
+#if defined(GEMALTO_FIX) // Temporary fix to be removed
           // GEMALTO Encode in hex string
           CHARSTRING buf = oct2str(p_encoding_buffer);
           p_encoding_buffer = OCTETSTRING(buf.lengthof(), (const unsigned char*)(static_cast<const char*>(buf)));
@@ -477,7 +477,7 @@ int http_codec::decode_body(TTCN_Buffer& decoding_buffer, LibItsHttp__MessageBod
   OCTETSTRING s(decoding_buffer.get_len() - decoding_buffer.get_pos(), decoding_buffer.get_data() + decoding_buffer.get_pos());
   loggers::get_instance().log_msg("http_codec::decode_body: raw body=", s);
   
-#if !defined(GEMALTO_FIX)
+#if defined(GEMALTO_FIX) // Temporary fix to be removed
   // GEMALTO Encode in hex string
   if ((s.lengthof() & 0x00000001) == 0x00000001) {
     s = int2oct(0, 1) + s;

docker/Dockerfile

@@ -86,7 +86,7 @@ USER etsi
 RUN cd /home/etsi/dev \
     && git clone -b STF525 --recurse-submodules https://forge.etsi.org/gitlab/ITS/ITS.git ./STF525_Its \
     && cd /home/etsi/dev/STF525_Its/ttcn/LibIts \
-    && git checkout STF525
+    && git checkout STF525 \
     && cd /home/etsi/dev/STF525_Its/scripts \
     && chmod 775 *.bash devenv.bash.* \
     && cd /home/etsi \

etc/AtsPki/AtsPki.cfg

 
+
 [MODULE_PARAMETERS]
 # This section shall contain the values of all parameters that are defined in your TTCN-3 modules.
 
@@ -16,10 +17,16 @@ LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := {
 LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB
 LibItsGeoNetworking_Pixits.PX_NEIGHBOUR_DISCOVERY_DELAY := 2.0
 
-#LibItsHttp_Pics.PICS_HEADER_HOST := "127.0.0.1" #"ptsv2.com"
-LibItsHttp_Pics.PICS_HEADER_HOST := "etsi.ea.msi-dev.acloud.gemalto.com"
 LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request"
-LibItsPki_Pics.PICS_HTTP_GET_URI := "/"
+
+# Gemalto
+#LibItsHttp_Pics.PICS_HEADER_HOST := "etsi.ea.msi-dev.acloud.gemalto.com"
+#LibItsPki_Pics.PICS_HTTP_POST_URI := "/"
+
+# httpbin.org
+LibItsHttp_Pics.PICS_HEADER_HOST := "httpbin.org"
+LibItsPki_Pics.PICS_HTTP_POST_URI := "/its"
+LibItsSecurity_Pics.PICS_SEC_FIXED_KEYS := true # Seed
 
 # Enable Security support
 LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true
@@ -28,8 +35,6 @@ LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp"
 # Configuration sub-directory to access certificate stored in files
 LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert"
 
-# Seed
-LibItsSecurity_Pics.PICS_SEC_FIXED_KEYS := false
 
 [LOGGING]
 # In this section you can specify the name of the log file and the classes of events
@@ -116,11 +121,9 @@ LogEventTypes:= Yes
 
 # Single GeoNetworking component port
 system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730)/ETH(mac_src=080027500f9b)/PCAP(mac_src=080027500f9b,nic=eth2)"
-#system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=ptsv2.com,use_ssl=0)"
-#system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=127.0.0.1,port=8000,use_ssl=0)"
-system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=52.85.200.75,port=80,use_ssl=0)"
-#system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=etsi.ea.msi-dev.acloud.gemalto.com,port=80,use_ssl=0)"
-system.pkiPort.params := "PKI(certificate=CERT_EA)/HTTP(device_mode=1,uri=/its/inner_ec_request,host=httpbin.org,content_type=application/x-its-request)/TCP(server=127.0.0.1,port=8000,use_ssl=0)"
+system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=75.75.74.66,port=8000,use_ssl=0)" # httpbin.org
+#system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=52.85.200.75,port=80,use_ssl=0)" # Gemalto
+#system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=etsi.ea.msi-dev.acloud.gemalto.com,port=80,use_ssl=0)" # Gemalto
 
 # GeoNetworking UpperTester port based on UDP
 system.utPort.params := "UT_PKI/UDP(dst_ip=172.23.0.1,dst_port=8000)"
@@ -129,11 +132,8 @@ system.utPort.params := "UT_PKI/UDP(dst_ip=172.23.0.1,dst_port=8000)"
 #ItsPki_TestCases.TC_SEC_PKI_ITSS_ENR_BV_01
 #ItsPki_TestCases.TC_SEC_PKI_ITSS_ENR_BV_02
 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_01
-
-#ItsPki_TestCases.TC_SEC_PKI_SND_AA_BV_00
-
 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_02
-ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_03
+#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_03
 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_04
 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_05
 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_06
@@ -144,6 +144,9 @@ ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_03
 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_11
 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_12
 
+ItsPki_TestCases.TC_SEC_PKI_SND_AA_BV_00
+
+
 [MAIN_CONTROLLER]
 # The options herein control the behavior of MC.
 KillTimer := 10.0

etc/TestCodec/TestCodec.cfg

@@ -351,10 +351,8 @@ system.pkiPort.params := "PKI/HTTP(device_mode=1,uri=/its/inner_ec_request,host=
 #TestCodec_Pki.tc_decode_inner_ec_response_1
 #TestCodec_Pki.tc_inner_ec_request_1
 #TestCodec_Pki.tc_inner_ec_request_2
-TestCodec_Pki.tc_inner_ec_request_3
-#TestCodec_Pki.tc_inner_ec_response_1
-#TestCodec_Pki.tc_inner_ec_response_2
-#TestCodec_Pki.tc_inner_ec_response_3
+#TestCodec_Pki.tc_inner_ec_request_3
+TestCodec_Pki.tc_inner_ec_response_1
 #TestCodec_Pki.tc_inner_ec_functions_1
 #TestCodec_Pki.tc_inner_ec_functions_2
 #TestCodec_Pki.tc_inner_ec_functions_3

LibIts @ b745c0b2

-Subproject commit 9762518193609ba46d9b89895ddee2cc9a31cc2c
+Subproject commit b745c0b23fc463ff118fc60c06831711651b77ec