Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
ITS - Intelligent Transport Systems
ITS
Commits
baa1c1f4
Commit
baa1c1f4
authored
Dec 18, 2018
by
Yann Garcia
Browse files
Finalyze support of AuthorizarionRequest/Response
parent
5cbd336a
Changes
8
Expand all
Hide whitespace changes
Inline
Side-by-side
ccsrc/Externals/LibItsSecurity_externals.cc
View file @
baa1c1f4
...
...
@@ -688,6 +688,7 @@ namespace LibItsSecurity__Functions
* \param[out] p__encrypted__sym__key The encrypted AES 128 symmetric key
* \param[out] p__authentication__vector The tag of the encrypted AES 128 symmetric key
* \param[out] p__nonce The nonce vector
* \param[in] p__use__hardcoded__values In debug mode, set to true to use hardcoded values
* \return The original message
* \see IEEE Std 1609.2-2017 Clause 5.3.5 Public key encryption algorithms: ECIES
* \see https://www.nominet.uk/researchblog/how-elliptic-curve-cryptography-encryption-works/
...
...
@@ -696,25 +697,26 @@ namespace LibItsSecurity__Functions
// TODO Use common function for both fx__encryptWithEciesxxx and fx__decryptWithEciesxxx function
OCTETSTRING
fx__encryptWithEciesNistp256WithSha256
(
const
OCTETSTRING
&
p__toBeEncryptedSecuredMessage
,
const
OCTETSTRING
&
p__recipientsPublicKeyCompressed
,
const
INTEGER
&
p__compressedMode
,
const
OCTETSTRING
&
p__salt
,
OCTETSTRING
&
p__publicEphemeralKeyCompressed
,
INTEGER
&
p__ephemeralCompressedMode
,
OCTETSTRING
&
p__aes__sym__key
,
OCTETSTRING
&
p__encrypted__sym__key
,
OCTETSTRING
&
p__authentication__vector
,
OCTETSTRING
&
p__nonce
,
const
BOOLEAN
&
p__use__hardcoded__values
)
{
loggers
::
get_instance
().
log_msg
(
">>> fx__encryptWithEciesNistp256WithSha256: p__toBeEncryptedSecuredMessage: "
,
p__toBeEncryptedSecuredMessage
);
loggers
::
get_instance
().
log_msg
(
">>> fx__encryptWithEciesNistp256WithSha256: p__recipientsPublicKeyCompressed"
,
p__recipientsPublicKeyCompressed
);
loggers
::
get_instance
().
log_msg
(
">>> fx__encryptWithEciesNistp256WithSha256: p__recipientsPublicKeyCompressed
:
"
,
p__recipientsPublicKeyCompressed
);
loggers
::
get_instance
().
log
(
">>> fx__encryptWithEciesNistp256WithSha256: p__compressedMode: %d"
,
static_cast
<
int
>
(
p__compressedMode
));
loggers
::
get_instance
().
log_msg
(
">>> fx__encryptWithEciesNistp256WithSha256: p__salt"
,
p__salt
);
loggers
::
get_instance
().
log_msg
(
">>> fx__encryptWithEciesNistp256WithSha256: p__salt: "
,
p__salt
);
loggers
::
get_instance
().
log
(
">>> fx__encryptWithEciesNistp256WithSha256: p__use__hardcoded__values: %x"
,
static_cast
<
const
boolean
>
(
p__use__hardcoded__values
));
// 1. Generate new Private/Public Ephemeral key
std
::
unique_ptr
<
security_ecc
>
ec
;
if
(
!
p__use__hardcoded__values
)
{
if
(
!
static_cast
<
const
boolean
>
(
p__use__hardcoded__values
)
)
{
ec
.
reset
(
new
security_ecc
(
ec_elliptic_curves
::
nist_p_256
));
if
(
ec
->
generate
()
==
-
1
)
{
loggers
::
get_instance
().
warning
(
"fx__encryptWithEciesNistp256WithSha256: Failed to generate ephemeral keys"
);
return
OCTETSTRING
(
0
,
nullptr
);
}
}
else
{
ec
.
reset
(
new
security_ecc
(
ec_elliptic_curves
::
nist_p_256
,
str2oct
(
"
EE9CC7FBD9EDECEA41F7C8BD258E8D2E988E75BD069ADDCA1E5A38E534AC6818"
),
str2oct
(
"5AE3C8D9FE0B1FC7438F29417C240F8BF81C358EC1A4D0C6E98D8EDBCC714017"
)));
// Private/Public ephemeral
key
s
ec
.
reset
(
new
security_ecc
(
ec_elliptic_curves
::
nist_p_256
,
str2oct
(
"
0722B39ABC7B6C5301CA0408F454F81553D7FE59F492DBF385B6B6D1F81E0F68"
)));
// Hardcoded private
key
}
// 2. Generate and derive shared secret based on recipient's private keys
security_ecc
ec_comp
(
ec_elliptic_curves
::
nist_p_256
,
p__recipientsPublicKeyCompressed
,
(
static_cast
<
int
>
(
p__compressedMode
)
==
0
)
?
ecc_compressed_mode
::
compressed_y_0
:
ecc_compressed_mode
::
compressed_y_1
);
if
(
p__use__hardcoded__values
)
{
ec
_comp
.
symmetric_encryption_key
(
str2oct
(
"
A6342013D623AD6C5F6882469673AE33
"
));
if
(
static_cast
<
const
boolean
>
(
p__use__hardcoded__values
)
)
{
// Set AES encryption key to an harcoded value
ec
->
symmetric_encryption_key
(
str2oct
(
"
5A4E63B247C714644E85CAC49BD26C81
"
));
}
if
(
ec
->
generate_and_derive_ephemeral_key
(
encryption_algotithm
::
aes_128_ccm
,
ec_comp
.
public_key_x
(),
ec_comp
.
public_key_y
(),
p__salt
)
==
-
1
)
{
loggers
::
get_instance
().
warning
(
"fx__encryptWithEciesNistp256WithSha256: Failed to generate and derive secret key"
);
...
...
ccsrc/Protocols/Http/http_codec.cc
View file @
baa1c1f4
...
...
@@ -400,7 +400,7 @@ int http_codec::encode_body(const LibItsHttp__MessageBodyTypes::HttpMessageBody&
_codecs
[
"http_its"
]
->
encode
((
Record_Type
&
)
binary_body
.
ieee1609dot2__data
(),
p_encoding_buffer
);
// TODO Use params
#if
!
defined(GEMALTO_FIX)
#if defined(GEMALTO_FIX)
// Temporary fix to be removed
// GEMALTO Encode in hex string
CHARSTRING
buf
=
oct2str
(
p_encoding_buffer
);
p_encoding_buffer
=
OCTETSTRING
(
buf
.
lengthof
(),
(
const
unsigned
char
*
)(
static_cast
<
const
char
*>
(
buf
)));
...
...
@@ -477,7 +477,7 @@ int http_codec::decode_body(TTCN_Buffer& decoding_buffer, LibItsHttp__MessageBod
OCTETSTRING
s
(
decoding_buffer
.
get_len
()
-
decoding_buffer
.
get_pos
(),
decoding_buffer
.
get_data
()
+
decoding_buffer
.
get_pos
());
loggers
::
get_instance
().
log_msg
(
"http_codec::decode_body: raw body="
,
s
);
#if
!
defined(GEMALTO_FIX)
#if defined(GEMALTO_FIX)
// Temporary fix to be removed
// GEMALTO Encode in hex string
if
((
s
.
lengthof
()
&
0x00000001
)
==
0x00000001
)
{
s
=
int2oct
(
0
,
1
)
+
s
;
...
...
docker/Dockerfile
View file @
baa1c1f4
...
...
@@ -86,7 +86,7 @@ USER etsi
RUN
cd
/home/etsi/dev
\
&&
git clone
-b
STF525
--recurse-submodules
https://forge.etsi.org/gitlab/ITS/ITS.git ./STF525_Its
\
&&
cd
/home/etsi/dev/STF525_Its/ttcn/LibIts
\
&&
git checkout STF525
&&
git checkout STF525
\
&&
cd
/home/etsi/dev/STF525_Its/scripts
\
&&
chmod
775
*
.bash devenv.bash.
*
\
&&
cd
/home/etsi
\
...
...
etc/AtsPki/AtsPki.cfg
View file @
baa1c1f4
[MODULE_PARAMETERS]
# This section shall contain the values of all parameters that are defined in your TTCN-3 modules.
...
...
@@ -16,10 +17,16 @@ LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := {
LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB
LibItsGeoNetworking_Pixits.PX_NEIGHBOUR_DISCOVERY_DELAY := 2.0
#LibItsHttp_Pics.PICS_HEADER_HOST := "127.0.0.1" #"ptsv2.com"
LibItsHttp_Pics.PICS_HEADER_HOST := "etsi.ea.msi-dev.acloud.gemalto.com"
LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request"
LibItsPki_Pics.PICS_HTTP_GET_URI := "/"
# Gemalto
#LibItsHttp_Pics.PICS_HEADER_HOST := "etsi.ea.msi-dev.acloud.gemalto.com"
#LibItsPki_Pics.PICS_HTTP_POST_URI := "/"
# httpbin.org
LibItsHttp_Pics.PICS_HEADER_HOST := "httpbin.org"
LibItsPki_Pics.PICS_HTTP_POST_URI := "/its"
LibItsSecurity_Pics.PICS_SEC_FIXED_KEYS := true # Seed
# Enable Security support
LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true
...
...
@@ -28,8 +35,6 @@ LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp"
# Configuration sub-directory to access certificate stored in files
LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert"
# Seed
LibItsSecurity_Pics.PICS_SEC_FIXED_KEYS := false
[LOGGING]
# In this section you can specify the name of the log file and the classes of events
...
...
@@ -116,11 +121,9 @@ LogEventTypes:= Yes
# Single GeoNetworking component port
system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730)/ETH(mac_src=080027500f9b)/PCAP(mac_src=080027500f9b,nic=eth2)"
#system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=ptsv2.com,use_ssl=0)"
#system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=127.0.0.1,port=8000,use_ssl=0)"
system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=52.85.200.75,port=80,use_ssl=0)"
#system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=etsi.ea.msi-dev.acloud.gemalto.com,port=80,use_ssl=0)"
system.pkiPort.params := "PKI(certificate=CERT_EA)/HTTP(device_mode=1,uri=/its/inner_ec_request,host=httpbin.org,content_type=application/x-its-request)/TCP(server=127.0.0.1,port=8000,use_ssl=0)"
system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=75.75.74.66,port=8000,use_ssl=0)" # httpbin.org
#system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=52.85.200.75,port=80,use_ssl=0)" # Gemalto
#system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=etsi.ea.msi-dev.acloud.gemalto.com,port=80,use_ssl=0)" # Gemalto
# GeoNetworking UpperTester port based on UDP
system.utPort.params := "UT_PKI/UDP(dst_ip=172.23.0.1,dst_port=8000)"
...
...
@@ -129,11 +132,8 @@ system.utPort.params := "UT_PKI/UDP(dst_ip=172.23.0.1,dst_port=8000)"
#ItsPki_TestCases.TC_SEC_PKI_ITSS_ENR_BV_01
#ItsPki_TestCases.TC_SEC_PKI_ITSS_ENR_BV_02
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_01
#ItsPki_TestCases.TC_SEC_PKI_SND_AA_BV_00
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_02
ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_03
#
ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_03
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_04
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_05
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_06
...
...
@@ -144,6 +144,9 @@ ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_03
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_11
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_12
ItsPki_TestCases.TC_SEC_PKI_SND_AA_BV_00
[MAIN_CONTROLLER]
# The options herein control the behavior of MC.
KillTimer := 10.0
...
...
etc/TestCodec/TestCodec.cfg
View file @
baa1c1f4
...
...
@@ -351,10 +351,8 @@ system.pkiPort.params := "PKI/HTTP(device_mode=1,uri=/its/inner_ec_request,host=
#TestCodec_Pki.tc_decode_inner_ec_response_1
#TestCodec_Pki.tc_inner_ec_request_1
#TestCodec_Pki.tc_inner_ec_request_2
TestCodec_Pki.tc_inner_ec_request_3
#TestCodec_Pki.tc_inner_ec_response_1
#TestCodec_Pki.tc_inner_ec_response_2
#TestCodec_Pki.tc_inner_ec_response_3
#TestCodec_Pki.tc_inner_ec_request_3
TestCodec_Pki.tc_inner_ec_response_1
#TestCodec_Pki.tc_inner_ec_functions_1
#TestCodec_Pki.tc_inner_ec_functions_2
#TestCodec_Pki.tc_inner_ec_functions_3
...
...
ttcn/AtsPki/ItsPki_TestCases.ttcn
View file @
baa1c1f4
This diff is collapsed.
Click to expand it.
LibIts
@
b745c0b2
Compare
97625181
...
b745c0b2
Subproject commit
9762518193609ba46d9b89895ddee2cc9a31cc2
c
Subproject commit
b745c0b23fc463ff118fc60c06831711651b77e
c
ttcn/TestCodec/TestCodec_Pki.ttcn
View file @
baa1c1f4
This diff is collapsed.
Click to expand it.
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment