Loading ccsrc/Externals/LibItsSecurity_externals.cc +8 −6 Original line number Original line Diff line number Diff line Loading @@ -688,6 +688,7 @@ namespace LibItsSecurity__Functions * \param[out] p__encrypted__sym__key The encrypted AES 128 symmetric key * \param[out] p__encrypted__sym__key The encrypted AES 128 symmetric key * \param[out] p__authentication__vector The tag of the encrypted AES 128 symmetric key * \param[out] p__authentication__vector The tag of the encrypted AES 128 symmetric key * \param[out] p__nonce The nonce vector * \param[out] p__nonce The nonce vector * \param[in] p__use__hardcoded__values In debug mode, set to true to use hardcoded values * \return The original message * \return The original message * \see IEEE Std 1609.2-2017 Clause 5.3.5 Public key encryption algorithms: ECIES * \see IEEE Std 1609.2-2017 Clause 5.3.5 Public key encryption algorithms: ECIES * \see https://www.nominet.uk/researchblog/how-elliptic-curve-cryptography-encryption-works/ * \see https://www.nominet.uk/researchblog/how-elliptic-curve-cryptography-encryption-works/ Loading @@ -696,25 +697,26 @@ namespace LibItsSecurity__Functions // TODO Use common function for both fx__encryptWithEciesxxx and fx__decryptWithEciesxxx function // TODO Use common function for both fx__encryptWithEciesxxx and fx__decryptWithEciesxxx function OCTETSTRING fx__encryptWithEciesNistp256WithSha256(const OCTETSTRING& p__toBeEncryptedSecuredMessage, const OCTETSTRING& p__recipientsPublicKeyCompressed, const INTEGER& p__compressedMode, const OCTETSTRING& p__salt, OCTETSTRING& p__publicEphemeralKeyCompressed, INTEGER& p__ephemeralCompressedMode,OCTETSTRING& p__aes__sym__key, OCTETSTRING& p__encrypted__sym__key, OCTETSTRING& p__authentication__vector, OCTETSTRING& p__nonce, const BOOLEAN& p__use__hardcoded__values) { OCTETSTRING fx__encryptWithEciesNistp256WithSha256(const OCTETSTRING& p__toBeEncryptedSecuredMessage, const OCTETSTRING& p__recipientsPublicKeyCompressed, const INTEGER& p__compressedMode, const OCTETSTRING& p__salt, OCTETSTRING& p__publicEphemeralKeyCompressed, INTEGER& p__ephemeralCompressedMode,OCTETSTRING& p__aes__sym__key, OCTETSTRING& p__encrypted__sym__key, OCTETSTRING& p__authentication__vector, OCTETSTRING& p__nonce, const BOOLEAN& p__use__hardcoded__values) { loggers::get_instance().log_msg(">>> fx__encryptWithEciesNistp256WithSha256: p__toBeEncryptedSecuredMessage: ", p__toBeEncryptedSecuredMessage); loggers::get_instance().log_msg(">>> fx__encryptWithEciesNistp256WithSha256: p__toBeEncryptedSecuredMessage: ", p__toBeEncryptedSecuredMessage); loggers::get_instance().log_msg(">>> fx__encryptWithEciesNistp256WithSha256: p__recipientsPublicKeyCompressed", p__recipientsPublicKeyCompressed); loggers::get_instance().log_msg(">>> fx__encryptWithEciesNistp256WithSha256: p__recipientsPublicKeyCompressed: ", p__recipientsPublicKeyCompressed); loggers::get_instance().log(">>> fx__encryptWithEciesNistp256WithSha256: p__compressedMode: %d", static_cast<int>(p__compressedMode)); loggers::get_instance().log(">>> fx__encryptWithEciesNistp256WithSha256: p__compressedMode: %d", static_cast<int>(p__compressedMode)); loggers::get_instance().log_msg(">>> fx__encryptWithEciesNistp256WithSha256: p__salt", p__salt); loggers::get_instance().log_msg(">>> fx__encryptWithEciesNistp256WithSha256: p__salt: ", p__salt); loggers::get_instance().log(">>> fx__encryptWithEciesNistp256WithSha256: p__use__hardcoded__values: %x", static_cast<const boolean>(p__use__hardcoded__values)); // 1. Generate new Private/Public Ephemeral key // 1. Generate new Private/Public Ephemeral key std::unique_ptr<security_ecc> ec; std::unique_ptr<security_ecc> ec; if (!p__use__hardcoded__values) { if (!static_cast<const boolean>(p__use__hardcoded__values)) { ec.reset(new security_ecc(ec_elliptic_curves::nist_p_256)); ec.reset(new security_ecc(ec_elliptic_curves::nist_p_256)); if (ec->generate() == -1) { if (ec->generate() == -1) { loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to generate ephemeral keys"); loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to generate ephemeral keys"); return OCTETSTRING(0, nullptr); return OCTETSTRING(0, nullptr); } } } else { } else { ec.reset(new security_ecc(ec_elliptic_curves::nist_p_256, str2oct("EE9CC7FBD9EDECEA41F7C8BD258E8D2E988E75BD069ADDCA1E5A38E534AC6818"), str2oct("5AE3C8D9FE0B1FC7438F29417C240F8BF81C358EC1A4D0C6E98D8EDBCC714017"))); // Private/Public ephemeral keys ec.reset(new security_ecc(ec_elliptic_curves::nist_p_256, str2oct("0722B39ABC7B6C5301CA0408F454F81553D7FE59F492DBF385B6B6D1F81E0F68"))); // Hardcoded private key } } // 2. Generate and derive shared secret based on recipient's private keys // 2. Generate and derive shared secret based on recipient's private keys security_ecc ec_comp(ec_elliptic_curves::nist_p_256, p__recipientsPublicKeyCompressed, (static_cast<int>(p__compressedMode) == 0) ? ecc_compressed_mode::compressed_y_0 : ecc_compressed_mode::compressed_y_1); security_ecc ec_comp(ec_elliptic_curves::nist_p_256, p__recipientsPublicKeyCompressed, (static_cast<int>(p__compressedMode) == 0) ? ecc_compressed_mode::compressed_y_0 : ecc_compressed_mode::compressed_y_1); if (p__use__hardcoded__values) { if (static_cast<const boolean>(p__use__hardcoded__values)) { // Set AES encryption key to an harcoded value ec_comp.symmetric_encryption_key(str2oct("A6342013D623AD6C5F6882469673AE33")); ec->symmetric_encryption_key(str2oct("5A4E63B247C714644E85CAC49BD26C81")); } } if (ec->generate_and_derive_ephemeral_key(encryption_algotithm::aes_128_ccm, ec_comp.public_key_x(), ec_comp.public_key_y(), p__salt) == -1) { if (ec->generate_and_derive_ephemeral_key(encryption_algotithm::aes_128_ccm, ec_comp.public_key_x(), ec_comp.public_key_y(), p__salt) == -1) { loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to generate and derive secret key"); loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to generate and derive secret key"); Loading ccsrc/Protocols/Http/http_codec.cc +2 −2 Original line number Original line Diff line number Diff line Loading @@ -400,7 +400,7 @@ int http_codec::encode_body(const LibItsHttp__MessageBodyTypes::HttpMessageBody& _codecs["http_its"]->encode((Record_Type&)binary_body.ieee1609dot2__data(), p_encoding_buffer); // TODO Use params _codecs["http_its"]->encode((Record_Type&)binary_body.ieee1609dot2__data(), p_encoding_buffer); // TODO Use params #if !defined(GEMALTO_FIX) #if defined(GEMALTO_FIX) // Temporary fix to be removed // GEMALTO Encode in hex string // GEMALTO Encode in hex string CHARSTRING buf = oct2str(p_encoding_buffer); CHARSTRING buf = oct2str(p_encoding_buffer); p_encoding_buffer = OCTETSTRING(buf.lengthof(), (const unsigned char*)(static_cast<const char*>(buf))); p_encoding_buffer = OCTETSTRING(buf.lengthof(), (const unsigned char*)(static_cast<const char*>(buf))); Loading Loading @@ -477,7 +477,7 @@ int http_codec::decode_body(TTCN_Buffer& decoding_buffer, LibItsHttp__MessageBod OCTETSTRING s(decoding_buffer.get_len() - decoding_buffer.get_pos(), decoding_buffer.get_data() + decoding_buffer.get_pos()); OCTETSTRING s(decoding_buffer.get_len() - decoding_buffer.get_pos(), decoding_buffer.get_data() + decoding_buffer.get_pos()); loggers::get_instance().log_msg("http_codec::decode_body: raw body=", s); loggers::get_instance().log_msg("http_codec::decode_body: raw body=", s); #if !defined(GEMALTO_FIX) #if defined(GEMALTO_FIX) // Temporary fix to be removed // GEMALTO Encode in hex string // GEMALTO Encode in hex string if ((s.lengthof() & 0x00000001) == 0x00000001) { if ((s.lengthof() & 0x00000001) == 0x00000001) { s = int2oct(0, 1) + s; s = int2oct(0, 1) + s; Loading docker/Dockerfile +1 −1 Original line number Original line Diff line number Diff line Loading @@ -86,7 +86,7 @@ USER etsi RUN cd /home/etsi/dev \ RUN cd /home/etsi/dev \ && git clone -b STF525 --recurse-submodules https://forge.etsi.org/gitlab/ITS/ITS.git ./STF525_Its \ && git clone -b STF525 --recurse-submodules https://forge.etsi.org/gitlab/ITS/ITS.git ./STF525_Its \ && cd /home/etsi/dev/STF525_Its/ttcn/LibIts \ && cd /home/etsi/dev/STF525_Its/ttcn/LibIts \ && git checkout STF525 && git checkout STF525 \ && cd /home/etsi/dev/STF525_Its/scripts \ && cd /home/etsi/dev/STF525_Its/scripts \ && chmod 775 *.bash devenv.bash.* \ && chmod 775 *.bash devenv.bash.* \ && cd /home/etsi \ && cd /home/etsi \ Loading etc/AtsPki/AtsPki.cfg +17 −14 Original line number Original line Diff line number Diff line [MODULE_PARAMETERS] [MODULE_PARAMETERS] # This section shall contain the values of all parameters that are defined in your TTCN-3 modules. # This section shall contain the values of all parameters that are defined in your TTCN-3 modules. Loading @@ -16,10 +17,16 @@ LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := { LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB LibItsGeoNetworking_Pixits.PX_NEIGHBOUR_DISCOVERY_DELAY := 2.0 LibItsGeoNetworking_Pixits.PX_NEIGHBOUR_DISCOVERY_DELAY := 2.0 #LibItsHttp_Pics.PICS_HEADER_HOST := "127.0.0.1" #"ptsv2.com" LibItsHttp_Pics.PICS_HEADER_HOST := "etsi.ea.msi-dev.acloud.gemalto.com" LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request" LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request" LibItsPki_Pics.PICS_HTTP_GET_URI := "/" # Gemalto #LibItsHttp_Pics.PICS_HEADER_HOST := "etsi.ea.msi-dev.acloud.gemalto.com" #LibItsPki_Pics.PICS_HTTP_POST_URI := "/" # httpbin.org LibItsHttp_Pics.PICS_HEADER_HOST := "httpbin.org" LibItsPki_Pics.PICS_HTTP_POST_URI := "/its" LibItsSecurity_Pics.PICS_SEC_FIXED_KEYS := true # Seed # Enable Security support # Enable Security support LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true Loading @@ -28,8 +35,6 @@ LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp" # Configuration sub-directory to access certificate stored in files # Configuration sub-directory to access certificate stored in files LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert" LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert" # Seed LibItsSecurity_Pics.PICS_SEC_FIXED_KEYS := false [LOGGING] [LOGGING] # In this section you can specify the name of the log file and the classes of events # In this section you can specify the name of the log file and the classes of events Loading Loading @@ -116,11 +121,9 @@ LogEventTypes:= Yes # Single GeoNetworking component port # Single GeoNetworking component port system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730)/ETH(mac_src=080027500f9b)/PCAP(mac_src=080027500f9b,nic=eth2)" system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730)/ETH(mac_src=080027500f9b)/PCAP(mac_src=080027500f9b,nic=eth2)" #system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=ptsv2.com,use_ssl=0)" system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=75.75.74.66,port=8000,use_ssl=0)" # httpbin.org #system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=127.0.0.1,port=8000,use_ssl=0)" #system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=52.85.200.75,port=80,use_ssl=0)" # Gemalto system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=52.85.200.75,port=80,use_ssl=0)" #system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=etsi.ea.msi-dev.acloud.gemalto.com,port=80,use_ssl=0)" # Gemalto #system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=etsi.ea.msi-dev.acloud.gemalto.com,port=80,use_ssl=0)" system.pkiPort.params := "PKI(certificate=CERT_EA)/HTTP(device_mode=1,uri=/its/inner_ec_request,host=httpbin.org,content_type=application/x-its-request)/TCP(server=127.0.0.1,port=8000,use_ssl=0)" # GeoNetworking UpperTester port based on UDP # GeoNetworking UpperTester port based on UDP system.utPort.params := "UT_PKI/UDP(dst_ip=172.23.0.1,dst_port=8000)" system.utPort.params := "UT_PKI/UDP(dst_ip=172.23.0.1,dst_port=8000)" Loading @@ -129,11 +132,8 @@ system.utPort.params := "UT_PKI/UDP(dst_ip=172.23.0.1,dst_port=8000)" #ItsPki_TestCases.TC_SEC_PKI_ITSS_ENR_BV_01 #ItsPki_TestCases.TC_SEC_PKI_ITSS_ENR_BV_01 #ItsPki_TestCases.TC_SEC_PKI_ITSS_ENR_BV_02 #ItsPki_TestCases.TC_SEC_PKI_ITSS_ENR_BV_02 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_01 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_01 #ItsPki_TestCases.TC_SEC_PKI_SND_AA_BV_00 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_02 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_02 ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_03 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_03 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_04 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_04 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_05 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_05 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_06 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_06 Loading @@ -144,6 +144,9 @@ ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_03 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_11 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_11 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_12 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_12 ItsPki_TestCases.TC_SEC_PKI_SND_AA_BV_00 [MAIN_CONTROLLER] [MAIN_CONTROLLER] # The options herein control the behavior of MC. # The options herein control the behavior of MC. KillTimer := 10.0 KillTimer := 10.0 Loading etc/TestCodec/TestCodec.cfg +2 −4 Original line number Original line Diff line number Diff line Loading @@ -351,10 +351,8 @@ system.pkiPort.params := "PKI/HTTP(device_mode=1,uri=/its/inner_ec_request,host= #TestCodec_Pki.tc_decode_inner_ec_response_1 #TestCodec_Pki.tc_decode_inner_ec_response_1 #TestCodec_Pki.tc_inner_ec_request_1 #TestCodec_Pki.tc_inner_ec_request_1 #TestCodec_Pki.tc_inner_ec_request_2 #TestCodec_Pki.tc_inner_ec_request_2 TestCodec_Pki.tc_inner_ec_request_3 #TestCodec_Pki.tc_inner_ec_request_3 #TestCodec_Pki.tc_inner_ec_response_1 TestCodec_Pki.tc_inner_ec_response_1 #TestCodec_Pki.tc_inner_ec_response_2 #TestCodec_Pki.tc_inner_ec_response_3 #TestCodec_Pki.tc_inner_ec_functions_1 #TestCodec_Pki.tc_inner_ec_functions_1 #TestCodec_Pki.tc_inner_ec_functions_2 #TestCodec_Pki.tc_inner_ec_functions_2 #TestCodec_Pki.tc_inner_ec_functions_3 #TestCodec_Pki.tc_inner_ec_functions_3 Loading Loading
ccsrc/Externals/LibItsSecurity_externals.cc +8 −6 Original line number Original line Diff line number Diff line Loading @@ -688,6 +688,7 @@ namespace LibItsSecurity__Functions * \param[out] p__encrypted__sym__key The encrypted AES 128 symmetric key * \param[out] p__encrypted__sym__key The encrypted AES 128 symmetric key * \param[out] p__authentication__vector The tag of the encrypted AES 128 symmetric key * \param[out] p__authentication__vector The tag of the encrypted AES 128 symmetric key * \param[out] p__nonce The nonce vector * \param[out] p__nonce The nonce vector * \param[in] p__use__hardcoded__values In debug mode, set to true to use hardcoded values * \return The original message * \return The original message * \see IEEE Std 1609.2-2017 Clause 5.3.5 Public key encryption algorithms: ECIES * \see IEEE Std 1609.2-2017 Clause 5.3.5 Public key encryption algorithms: ECIES * \see https://www.nominet.uk/researchblog/how-elliptic-curve-cryptography-encryption-works/ * \see https://www.nominet.uk/researchblog/how-elliptic-curve-cryptography-encryption-works/ Loading @@ -696,25 +697,26 @@ namespace LibItsSecurity__Functions // TODO Use common function for both fx__encryptWithEciesxxx and fx__decryptWithEciesxxx function // TODO Use common function for both fx__encryptWithEciesxxx and fx__decryptWithEciesxxx function OCTETSTRING fx__encryptWithEciesNistp256WithSha256(const OCTETSTRING& p__toBeEncryptedSecuredMessage, const OCTETSTRING& p__recipientsPublicKeyCompressed, const INTEGER& p__compressedMode, const OCTETSTRING& p__salt, OCTETSTRING& p__publicEphemeralKeyCompressed, INTEGER& p__ephemeralCompressedMode,OCTETSTRING& p__aes__sym__key, OCTETSTRING& p__encrypted__sym__key, OCTETSTRING& p__authentication__vector, OCTETSTRING& p__nonce, const BOOLEAN& p__use__hardcoded__values) { OCTETSTRING fx__encryptWithEciesNistp256WithSha256(const OCTETSTRING& p__toBeEncryptedSecuredMessage, const OCTETSTRING& p__recipientsPublicKeyCompressed, const INTEGER& p__compressedMode, const OCTETSTRING& p__salt, OCTETSTRING& p__publicEphemeralKeyCompressed, INTEGER& p__ephemeralCompressedMode,OCTETSTRING& p__aes__sym__key, OCTETSTRING& p__encrypted__sym__key, OCTETSTRING& p__authentication__vector, OCTETSTRING& p__nonce, const BOOLEAN& p__use__hardcoded__values) { loggers::get_instance().log_msg(">>> fx__encryptWithEciesNistp256WithSha256: p__toBeEncryptedSecuredMessage: ", p__toBeEncryptedSecuredMessage); loggers::get_instance().log_msg(">>> fx__encryptWithEciesNistp256WithSha256: p__toBeEncryptedSecuredMessage: ", p__toBeEncryptedSecuredMessage); loggers::get_instance().log_msg(">>> fx__encryptWithEciesNistp256WithSha256: p__recipientsPublicKeyCompressed", p__recipientsPublicKeyCompressed); loggers::get_instance().log_msg(">>> fx__encryptWithEciesNistp256WithSha256: p__recipientsPublicKeyCompressed: ", p__recipientsPublicKeyCompressed); loggers::get_instance().log(">>> fx__encryptWithEciesNistp256WithSha256: p__compressedMode: %d", static_cast<int>(p__compressedMode)); loggers::get_instance().log(">>> fx__encryptWithEciesNistp256WithSha256: p__compressedMode: %d", static_cast<int>(p__compressedMode)); loggers::get_instance().log_msg(">>> fx__encryptWithEciesNistp256WithSha256: p__salt", p__salt); loggers::get_instance().log_msg(">>> fx__encryptWithEciesNistp256WithSha256: p__salt: ", p__salt); loggers::get_instance().log(">>> fx__encryptWithEciesNistp256WithSha256: p__use__hardcoded__values: %x", static_cast<const boolean>(p__use__hardcoded__values)); // 1. Generate new Private/Public Ephemeral key // 1. Generate new Private/Public Ephemeral key std::unique_ptr<security_ecc> ec; std::unique_ptr<security_ecc> ec; if (!p__use__hardcoded__values) { if (!static_cast<const boolean>(p__use__hardcoded__values)) { ec.reset(new security_ecc(ec_elliptic_curves::nist_p_256)); ec.reset(new security_ecc(ec_elliptic_curves::nist_p_256)); if (ec->generate() == -1) { if (ec->generate() == -1) { loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to generate ephemeral keys"); loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to generate ephemeral keys"); return OCTETSTRING(0, nullptr); return OCTETSTRING(0, nullptr); } } } else { } else { ec.reset(new security_ecc(ec_elliptic_curves::nist_p_256, str2oct("EE9CC7FBD9EDECEA41F7C8BD258E8D2E988E75BD069ADDCA1E5A38E534AC6818"), str2oct("5AE3C8D9FE0B1FC7438F29417C240F8BF81C358EC1A4D0C6E98D8EDBCC714017"))); // Private/Public ephemeral keys ec.reset(new security_ecc(ec_elliptic_curves::nist_p_256, str2oct("0722B39ABC7B6C5301CA0408F454F81553D7FE59F492DBF385B6B6D1F81E0F68"))); // Hardcoded private key } } // 2. Generate and derive shared secret based on recipient's private keys // 2. Generate and derive shared secret based on recipient's private keys security_ecc ec_comp(ec_elliptic_curves::nist_p_256, p__recipientsPublicKeyCompressed, (static_cast<int>(p__compressedMode) == 0) ? ecc_compressed_mode::compressed_y_0 : ecc_compressed_mode::compressed_y_1); security_ecc ec_comp(ec_elliptic_curves::nist_p_256, p__recipientsPublicKeyCompressed, (static_cast<int>(p__compressedMode) == 0) ? ecc_compressed_mode::compressed_y_0 : ecc_compressed_mode::compressed_y_1); if (p__use__hardcoded__values) { if (static_cast<const boolean>(p__use__hardcoded__values)) { // Set AES encryption key to an harcoded value ec_comp.symmetric_encryption_key(str2oct("A6342013D623AD6C5F6882469673AE33")); ec->symmetric_encryption_key(str2oct("5A4E63B247C714644E85CAC49BD26C81")); } } if (ec->generate_and_derive_ephemeral_key(encryption_algotithm::aes_128_ccm, ec_comp.public_key_x(), ec_comp.public_key_y(), p__salt) == -1) { if (ec->generate_and_derive_ephemeral_key(encryption_algotithm::aes_128_ccm, ec_comp.public_key_x(), ec_comp.public_key_y(), p__salt) == -1) { loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to generate and derive secret key"); loggers::get_instance().warning("fx__encryptWithEciesNistp256WithSha256: Failed to generate and derive secret key"); Loading
ccsrc/Protocols/Http/http_codec.cc +2 −2 Original line number Original line Diff line number Diff line Loading @@ -400,7 +400,7 @@ int http_codec::encode_body(const LibItsHttp__MessageBodyTypes::HttpMessageBody& _codecs["http_its"]->encode((Record_Type&)binary_body.ieee1609dot2__data(), p_encoding_buffer); // TODO Use params _codecs["http_its"]->encode((Record_Type&)binary_body.ieee1609dot2__data(), p_encoding_buffer); // TODO Use params #if !defined(GEMALTO_FIX) #if defined(GEMALTO_FIX) // Temporary fix to be removed // GEMALTO Encode in hex string // GEMALTO Encode in hex string CHARSTRING buf = oct2str(p_encoding_buffer); CHARSTRING buf = oct2str(p_encoding_buffer); p_encoding_buffer = OCTETSTRING(buf.lengthof(), (const unsigned char*)(static_cast<const char*>(buf))); p_encoding_buffer = OCTETSTRING(buf.lengthof(), (const unsigned char*)(static_cast<const char*>(buf))); Loading Loading @@ -477,7 +477,7 @@ int http_codec::decode_body(TTCN_Buffer& decoding_buffer, LibItsHttp__MessageBod OCTETSTRING s(decoding_buffer.get_len() - decoding_buffer.get_pos(), decoding_buffer.get_data() + decoding_buffer.get_pos()); OCTETSTRING s(decoding_buffer.get_len() - decoding_buffer.get_pos(), decoding_buffer.get_data() + decoding_buffer.get_pos()); loggers::get_instance().log_msg("http_codec::decode_body: raw body=", s); loggers::get_instance().log_msg("http_codec::decode_body: raw body=", s); #if !defined(GEMALTO_FIX) #if defined(GEMALTO_FIX) // Temporary fix to be removed // GEMALTO Encode in hex string // GEMALTO Encode in hex string if ((s.lengthof() & 0x00000001) == 0x00000001) { if ((s.lengthof() & 0x00000001) == 0x00000001) { s = int2oct(0, 1) + s; s = int2oct(0, 1) + s; Loading
docker/Dockerfile +1 −1 Original line number Original line Diff line number Diff line Loading @@ -86,7 +86,7 @@ USER etsi RUN cd /home/etsi/dev \ RUN cd /home/etsi/dev \ && git clone -b STF525 --recurse-submodules https://forge.etsi.org/gitlab/ITS/ITS.git ./STF525_Its \ && git clone -b STF525 --recurse-submodules https://forge.etsi.org/gitlab/ITS/ITS.git ./STF525_Its \ && cd /home/etsi/dev/STF525_Its/ttcn/LibIts \ && cd /home/etsi/dev/STF525_Its/ttcn/LibIts \ && git checkout STF525 && git checkout STF525 \ && cd /home/etsi/dev/STF525_Its/scripts \ && cd /home/etsi/dev/STF525_Its/scripts \ && chmod 775 *.bash devenv.bash.* \ && chmod 775 *.bash devenv.bash.* \ && cd /home/etsi \ && cd /home/etsi \ Loading
etc/AtsPki/AtsPki.cfg +17 −14 Original line number Original line Diff line number Diff line [MODULE_PARAMETERS] [MODULE_PARAMETERS] # This section shall contain the values of all parameters that are defined in your TTCN-3 modules. # This section shall contain the values of all parameters that are defined in your TTCN-3 modules. Loading @@ -16,10 +17,16 @@ LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := { LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB LibItsGeoNetworking_Pixits.PX_NEIGHBOUR_DISCOVERY_DELAY := 2.0 LibItsGeoNetworking_Pixits.PX_NEIGHBOUR_DISCOVERY_DELAY := 2.0 #LibItsHttp_Pics.PICS_HEADER_HOST := "127.0.0.1" #"ptsv2.com" LibItsHttp_Pics.PICS_HEADER_HOST := "etsi.ea.msi-dev.acloud.gemalto.com" LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request" LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request" LibItsPki_Pics.PICS_HTTP_GET_URI := "/" # Gemalto #LibItsHttp_Pics.PICS_HEADER_HOST := "etsi.ea.msi-dev.acloud.gemalto.com" #LibItsPki_Pics.PICS_HTTP_POST_URI := "/" # httpbin.org LibItsHttp_Pics.PICS_HEADER_HOST := "httpbin.org" LibItsPki_Pics.PICS_HTTP_POST_URI := "/its" LibItsSecurity_Pics.PICS_SEC_FIXED_KEYS := true # Seed # Enable Security support # Enable Security support LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true Loading @@ -28,8 +35,6 @@ LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp" # Configuration sub-directory to access certificate stored in files # Configuration sub-directory to access certificate stored in files LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert" LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert" # Seed LibItsSecurity_Pics.PICS_SEC_FIXED_KEYS := false [LOGGING] [LOGGING] # In this section you can specify the name of the log file and the classes of events # In this section you can specify the name of the log file and the classes of events Loading Loading @@ -116,11 +121,9 @@ LogEventTypes:= Yes # Single GeoNetworking component port # Single GeoNetworking component port system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730)/ETH(mac_src=080027500f9b)/PCAP(mac_src=080027500f9b,nic=eth2)" system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730)/ETH(mac_src=080027500f9b)/PCAP(mac_src=080027500f9b,nic=eth2)" #system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=ptsv2.com,use_ssl=0)" system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=75.75.74.66,port=8000,use_ssl=0)" # httpbin.org #system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=127.0.0.1,port=8000,use_ssl=0)" #system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=52.85.200.75,port=80,use_ssl=0)" # Gemalto system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=52.85.200.75,port=80,use_ssl=0)" #system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=etsi.ea.msi-dev.acloud.gemalto.com,port=80,use_ssl=0)" # Gemalto #system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=etsi.ea.msi-dev.acloud.gemalto.com,port=80,use_ssl=0)" system.pkiPort.params := "PKI(certificate=CERT_EA)/HTTP(device_mode=1,uri=/its/inner_ec_request,host=httpbin.org,content_type=application/x-its-request)/TCP(server=127.0.0.1,port=8000,use_ssl=0)" # GeoNetworking UpperTester port based on UDP # GeoNetworking UpperTester port based on UDP system.utPort.params := "UT_PKI/UDP(dst_ip=172.23.0.1,dst_port=8000)" system.utPort.params := "UT_PKI/UDP(dst_ip=172.23.0.1,dst_port=8000)" Loading @@ -129,11 +132,8 @@ system.utPort.params := "UT_PKI/UDP(dst_ip=172.23.0.1,dst_port=8000)" #ItsPki_TestCases.TC_SEC_PKI_ITSS_ENR_BV_01 #ItsPki_TestCases.TC_SEC_PKI_ITSS_ENR_BV_01 #ItsPki_TestCases.TC_SEC_PKI_ITSS_ENR_BV_02 #ItsPki_TestCases.TC_SEC_PKI_ITSS_ENR_BV_02 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_01 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_01 #ItsPki_TestCases.TC_SEC_PKI_SND_AA_BV_00 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_02 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_02 ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_03 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_03 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_04 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_04 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_05 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_05 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_06 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_06 Loading @@ -144,6 +144,9 @@ ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_03 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_11 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_11 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_12 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_12 ItsPki_TestCases.TC_SEC_PKI_SND_AA_BV_00 [MAIN_CONTROLLER] [MAIN_CONTROLLER] # The options herein control the behavior of MC. # The options herein control the behavior of MC. KillTimer := 10.0 KillTimer := 10.0 Loading
etc/TestCodec/TestCodec.cfg +2 −4 Original line number Original line Diff line number Diff line Loading @@ -351,10 +351,8 @@ system.pkiPort.params := "PKI/HTTP(device_mode=1,uri=/its/inner_ec_request,host= #TestCodec_Pki.tc_decode_inner_ec_response_1 #TestCodec_Pki.tc_decode_inner_ec_response_1 #TestCodec_Pki.tc_inner_ec_request_1 #TestCodec_Pki.tc_inner_ec_request_1 #TestCodec_Pki.tc_inner_ec_request_2 #TestCodec_Pki.tc_inner_ec_request_2 TestCodec_Pki.tc_inner_ec_request_3 #TestCodec_Pki.tc_inner_ec_request_3 #TestCodec_Pki.tc_inner_ec_response_1 TestCodec_Pki.tc_inner_ec_response_1 #TestCodec_Pki.tc_inner_ec_response_2 #TestCodec_Pki.tc_inner_ec_response_3 #TestCodec_Pki.tc_inner_ec_functions_1 #TestCodec_Pki.tc_inner_ec_functions_1 #TestCodec_Pki.tc_inner_ec_functions_2 #TestCodec_Pki.tc_inner_ec_functions_2 #TestCodec_Pki.tc_inner_ec_functions_3 #TestCodec_Pki.tc_inner_ec_functions_3 Loading
