Update ETIS IS ports

e1c63bb3 · garciay · 598f6a45 · e1c63bb3 · e1c63bb3 · e1c63bb3
Commit e1c63bb3 authored Aug 16, 2016 by garciay
--- a/javasrc/adapter/org/etsi/its/adapter/SecurityHelper.java
+++ b/javasrc/adapter/org/etsi/its/adapter/SecurityHelper.java
@@ -109,9 +109,9 @@ public class SecurityHelper {
        
        // Check version
        if (decvalue.read() != 2) {
-            TERFactory.getInstance().logError("SecurityHelper.checkSecuredProfileAndExtractPayload: Drop packet - Wrong version number");
            if (p_enforceSecurityCheck) {
                // Drop it
+                TERFactory.getInstance().logError("SecurityHelper.checkSecuredProfileAndExtractPayload: Drop packet - Wrong version number");
                return null;
            }
        }
@@ -122,24 +122,28 @@ public class SecurityHelper {
        decvalue.read(headerFields, 0, (int) headerFieldsLength);
        ByteArrayOutputStream certificateKeys = new ByteArrayOutputStream();
        if (!checkHeaderfields(headerFields, certificateKeys, p_enforceSecurityCheck, p_itsAidOther, lowerInfo)) {
-            TERFactory.getInstance().logError("SecurityHelper.checkSecuredProfileAndExtractPayload: Drop packet - Wrong Headerfields");
            if (p_enforceSecurityCheck) {
                // Drop it
+                TERFactory.getInstance().logError("SecurityHelper.checkSecuredProfileAndExtractPayload: Drop packet - Wrong Headerfields");
                return null;
            }
        }
        byte[] aaSigningPublicKeyX = null, aaSigningPublicKeyY = null;
-        byte[] keys = certificateKeys.toByteArray();
-        if ((keys[0] == 0x02) || (keys[0] == 0x03)) { // Key length = 32 bytes
-            aaSigningPublicKeyX = ByteHelper.extract(keys, 1, 32);
-            TERFactory.getInstance().logDebug("SecurityHelper.checkSecuredProfileAndExtractPayload: aaSigningPublicKeyX:" + ByteHelper.byteArrayToString(aaSigningPublicKeyX));       
-        } else { // Key length = 64 bytes
-            aaSigningPublicKeyX = ByteHelper.extract(keys, 1, 32);
-            TERFactory.getInstance().logDebug("SecurityHelper.checkSecuredProfileAndExtractPayload: aaSigningPublicKeyX:" + ByteHelper.byteArrayToString(aaSigningPublicKeyX));
-            aaSigningPublicKeyY = ByteHelper.extract(keys, 33, 32);
-            TERFactory.getInstance().logDebug("SecurityHelper.checkSecuredProfileAndExtractPayload: aaSigningPublicKeyX:" + ByteHelper.byteArrayToString(aaSigningPublicKeyX));
+        if (p_enforceSecurityCheck) { 
+            byte[] keys = certificateKeys.toByteArray();
+            if ((keys[0] == 0x02) || (keys[0] == 0x03)) { // Key length = 32 bytes
+                aaSigningPublicKeyX = ByteHelper.extract(keys, 1, 32);
+                TERFactory.getInstance().logDebug("SecurityHelper.checkSecuredProfileAndExtractPayload: aaSigningPublicKeyX:" + ByteHelper.byteArrayToString(aaSigningPublicKeyX));       
+            } else { // Key length = 64 bytes
+                aaSigningPublicKeyX = ByteHelper.extract(keys, 1, 32);
+                TERFactory.getInstance().logDebug("SecurityHelper.checkSecuredProfileAndExtractPayload: aaSigningPublicKeyX:" + ByteHelper.byteArrayToString(aaSigningPublicKeyX));
+                aaSigningPublicKeyY = ByteHelper.extract(keys, 33, 32);
+                TERFactory.getInstance().logDebug("SecurityHelper.checkSecuredProfileAndExtractPayload: aaSigningPublicKeyX:" + ByteHelper.byteArrayToString(aaSigningPublicKeyX));
+            }
        }
        // FIXME Add encryption support
+//        if (p_enforceSecurityCheck) { 
+//        }
        TERFactory.getInstance().logDebug("SecurityHelper.checkSecuredProfileAndExtractPayload: headerFields:" + ByteHelper.byteArrayToString(headerFields));
        // Extract payload, decvalue is updated with the payload
        if (decvalue.read() != 1) {
@@ -259,11 +263,11 @@ public class SecurityHelper {
            byte[] hashedid8 = ByteHelper.extract(p_headerfields, signerInfoTypeIndex, Long.SIZE / Byte.SIZE);
            signerInfoTypeIndex += (Long.SIZE / Byte.SIZE);
            Long lKey = ByteHelper.byteArrayToLong(hashedid8);
-            TERFactory.getInstance().logDebug("SecurityHelper.checkHeaderfields: Certificate digest with SHA256=" + lKey + "/ " + ByteHelper.byteArrayToString(hashedid8));
+            TERFactory.getInstance().logDebug("SecurityHelper.checkHeaderfields: Certificate digest with SHA256=" + lKey + " / " + ByteHelper.byteArrayToString(hashedid8));
            if (!_neighborsCertificates.containsKey(lKey) || (_neighborsCertificates.get(lKey) == null)) { //FIXME as long as the cert chain is not complete, it should not be seen as error -> raise CR
-                TERFactory.getInstance().logError("SecurityHelper.checkHeaderfields: Drop packet - Unknown HahedId8");
                if (p_enforceSecurityCheck) { 
                    // Drop it
+                    TERFactory.getInstance().logError("SecurityHelper.checkHeaderfields: Drop packet - Unknown HahedId8");
                    return false;
                }
            }
@@ -271,9 +275,10 @@ public class SecurityHelper {
                p_keys.write(_neighborsCertificates.get(lKey).toByteArray());
            } catch (Exception e) {
                // Drop it
-                e.printStackTrace();
+                //e.printStackTrace();
                if (p_enforceSecurityCheck) { 
                    // Drop it
+                    TERFactory.getInstance().logError("SecurityHelper.checkHeaderfields: key " + lKey + "_neighbors certificates table");
                    return false;
                }
            }
@@ -316,9 +321,9 @@ public class SecurityHelper {
        long generationTime = ByteHelper.byteArrayToLong(ByteHelper.extract(p_headerfields, signerInfoTypeIndex, Long.SIZE / Byte.SIZE));
        TERFactory.getInstance().logDebug("SecurityHelper.checkHeaderfields: generationTime=" + generationTime);
        if (Math.abs(System.currentTimeMillis() - generationTime) < 1000) {
-            TERFactory.getInstance().logError("SecurityHelper.checkHeaderfields: Drop packet - GenerationTime out of range");
            if (p_enforceSecurityCheck) { 
                // Drop it
+                TERFactory.getInstance().logError("SecurityHelper.checkHeaderfields: Drop packet - GenerationTime out of range");
                return false;
            }
        }
@@ -351,9 +356,9 @@ public class SecurityHelper {
                                                                         // TODO Add MAPEM/SPATEM, IVIM & SREM/SSEM
                        (p_headerfields[signerInfoTypeIndex] != p_itsAidOther)
                    ) {
-                        TERFactory.getInstance().logError("SecurityHelper.checkHeaderfields: Drop packet - Unknown ItsAid value");
                        if (p_enforceSecurityCheck) { 
                            // Drop it
+                            TERFactory.getInstance().logError("SecurityHelper.checkHeaderfields: Drop packet - Unknown ItsAid value");
                            return false;
                        }
                    }

--- a/javasrc/adapter/org/etsi/its/adapter/layers/GnLayer.java
+++ b/javasrc/adapter/org/etsi/its/adapter/layers/GnLayer.java
@@ -237,7 +237,7 @@ public class GnLayer extends Layer implements Runnable, IEthernetSpecific {
     */
    @Override
    public boolean send(byte[] message, Map<String, Object> params) {
-//        TERFactory.getInstance().logDebug(">>> GnLayer.send: " + ByteHelper.byteArrayToString(message));
+        //TERFactory.getInstance().logDebug(">>> GnLayer.send: " + ByteHelper.byteArrayToString(message));
        
        byte [] extHdr = null;
        int ht;
@@ -299,7 +299,7 @@ public class GnLayer extends Layer implements Runnable, IEthernetSpecific {
            toBeSent = createSecuredMessage(basicHdr, commonHdr, extHdr, message);
        }
        
-//        TERFactory.getInstance().logDebug("<<< GnLayer.send: " + ByteHelper.byteArrayToString(toBeSent));
+        //TERFactory.getInstance().logDebug("<<< GnLayer.send: " + ByteHelper.byteArrayToString(toBeSent));
        return super.send(toBeSent, params);
    }
    
@@ -308,7 +308,7 @@ public class GnLayer extends Layer implements Runnable, IEthernetSpecific {
     */
    @Override
    public void receive(byte[] message, Map<String, Object> lowerInfo) {
-//        TERFactory.getInstance().logDebug(">>> GnLayer.receive: " + ByteHelper.byteArrayToString(message));
+        //TERFactory.getInstance().logDebug(">>> GnLayer.receive: " + ByteHelper.byteArrayToString(message));
        
        byte[] basicHdr = new byte[4]; 
        System.arraycopy(message, 0, basicHdr, 0, 4);
@@ -350,7 +350,7 @@ public class GnLayer extends Layer implements Runnable, IEthernetSpecific {
                        params.put(GN_DEPV, depv);
                        params.put(GN_TYPE, HT_LS);
                        params.put(GN_SUBTYPE, HST_LSREPLY);
-//                        TERFactory.getInstance().logDebug("GnLayer.receive: Send LS_REPLAY in unsecured mode");
+                        //TERFactory.getInstance().logDebug("GnLayer.receive: Send LS_REPLAY in unsecured mode");
                        send(null, params);
                    }
                }
@@ -377,10 +377,10 @@ public class GnLayer extends Layer implements Runnable, IEthernetSpecific {
        } else if (nextHeader == 0x02) { // Secured tag
            byte[] payload = SecurityHelper.getInstance().checkSecuredProfileAndExtractPayload(message, basicHdr.length, management.isEnforceSecuredModeSet(), management.getItsAidOther(), lowerInfo);
            if (payload != null) {
-//                    TERFactory.getInstance().logDebug("GnLayer.receive: payload=" + ByteHelper.byteArrayToString(payload));
+                    //TERFactory.getInstance().logDebug("GnLayer.receive: payload=" + ByteHelper.byteArrayToString(payload));
                byte[] commonHdr = new byte[8];
                System.arraycopy(payload, 0, commonHdr, 0, 8);
-//                    TERFactory.getInstance().logDebug("GnLayer.receive: commonHdr=" + ByteHelper.byteArrayToString(commonHdr));
+                    //TERFactory.getInstance().logDebug("GnLayer.receive: commonHdr=" + ByteHelper.byteArrayToString(commonHdr));
                nextHeader = (byte)((commonHdr[0] & (byte)0xF0) >> 4);
                int trafficClass = (int)(commonHdr[2]);
                
@@ -392,7 +392,7 @@ public class GnLayer extends Layer implements Runnable, IEthernetSpecific {
                byte[] pl = new byte[2];
                System.arraycopy(commonHdr, 4, pl , 0, 2);
                int payloadLength = ByteHelper.byteArrayToInt(pl);
-//                    System.out.println("GnLayer.receive: Message payload length=" + payloadLength);
+                    System.out.println("GnLayer.receive: Message payload length=" + payloadLength);
                
                if(headerType == HT_LS) {
                    // Process LS messages
@@ -411,7 +411,7 @@ public class GnLayer extends Layer implements Runnable, IEthernetSpecific {
                            params.put(GN_DEPV, depv);
                            params.put(GN_TYPE, HT_LS);
                            params.put(GN_SUBTYPE, HST_LSREPLY);
-                            TERFactory.getInstance().logDebug("GnLayer.receive: Send LS_REPLAY in secured mode");
+                            //TERFactory.getInstance().logDebug("GnLayer.receive: Send LS_REPLAY in secured mode");
                            send(null, params);
                        }
                    } else {
@@ -422,7 +422,7 @@ public class GnLayer extends Layer implements Runnable, IEthernetSpecific {
                    if(payloadLength > 0) {
                        byte[] mpayload = new byte[payloadLength];
                        System.arraycopy(payload, commonHdr.length + 44/*Topology-Scoped Broadcast*/, mpayload, 0, payloadLength);
-//                            System.out.println("GnLayer.receive: Message =" + ByteHelper.byteArrayToString(mpayload));
+                        //TERFactory.getInstance().logDebug("GnLayer.receive: Message =" + ByteHelper.byteArrayToString(mpayload));
                        lowerInfo.put(GN_NEXTHEADER, nextHeader);
                        lowerInfo.put(GN_TYPE, headerType);
                        lowerInfo.put(GN_SUBTYPE, headerSubType);
@@ -433,9 +433,8 @@ public class GnLayer extends Layer implements Runnable, IEthernetSpecific {
                }
            } else {
                // Drop it
-                // //FIXME as long as the cert chain is not complete, it should not be seen as error -> raise CR
-//                TERFactory.getInstance().logError("GnLayer.receive: Invalid basic header type");
-                TERFactory.getInstance().logDebug("GnLayer.receive: Invalid basic header type");
+                // FIXME as long as the cert chain is not complete, it should not be seen as error -> raise CR
+                //TERFactory.getInstance().logError("GnLayer.receive: Invalid basic header type");
                return;
            }
        }
@@ -639,7 +638,7 @@ public class GnLayer extends Layer implements Runnable, IEthernetSpecific {
    }
    
    private byte[] createSecuredMessage(final byte[] basicHdr, final byte[] commonHdr, final byte[] extHdr, final byte[] message) {
-//        TERFactory.getInstance().logDebug(">>> GnLayer.createSecuredMessage");
+        //TERFactory.getInstance().logDebug(">>> GnLayer.createSecuredMessage");
        
        // SecuredMessage payload length
        int payloadLength = commonHdr.length + extHdr.length + message.length;
@@ -647,7 +646,7 @@ public class GnLayer extends Layer implements Runnable, IEthernetSpecific {
        // Build the generation time value
        long curtime = System.currentTimeMillis();
        byte[] generationTime = ByteHelper.longToByteArray((long)(curtime - 1072915200000L) * 1000L, Long.SIZE / Byte.SIZE); // In microseconds
-//        TERFactory.getInstance().logDebug("GnLayer.createSecuredMessage: generationTime=" + ByteHelper.byteArrayToString(generationTime));
+        //TERFactory.getInstance().logDebug("GnLayer.createSecuredMessage: generationTime=" + ByteHelper.byteArrayToString(generationTime));
        // Build the payload to be signed
        byte[] headersField = ByteHelper.concat(
            ByteHelper.concat(                                // SecuredMessage HeaderFields
@@ -732,16 +731,16 @@ public class GnLayer extends Layer implements Runnable, IEthernetSpecific {
            new byte[] { (byte)0x01 },                        // Signature
            new byte[] { (byte)0x43 }                         // Signature length
        );
-//        TERFactory.getInstance().logDebug("GnLayer.createSecuredMessage: toBeSignedData=" + ByteHelper.byteArrayToString(toBeSignedData));
+        //TERFactory.getInstance().logDebug("GnLayer.createSecuredMessage: toBeSignedData=" + ByteHelper.byteArrayToString(toBeSignedData));
        
        byte[] toBeSent = null;
        try {
            // Calculate the hash
            byte[] hash = CryptoLib.hashWithSha256(toBeSignedData);
-//            TERFactory.getInstance().logDebug("GnLayer.createSecuredMessage: hash=" + ByteHelper.byteArrayToString(hash));
+            //TERFactory.getInstance().logDebug("GnLayer.createSecuredMessage: hash=" + ByteHelper.byteArrayToString(hash));
            // Signed the hash
            byte[] signatureBytes = CryptoLib.signWithEcdsaNistp256WithSha256(hash, management.getSigningPrivateKey());
-//            TERFactory.getInstance().logDebug("GnLayer.createSecuredMessage: signatureBytes=" + ByteHelper.byteArrayToString(signatureBytes));
+            //TERFactory.getInstance().logDebug("GnLayer.createSecuredMessage: signatureBytes=" + ByteHelper.byteArrayToString(signatureBytes));
            // Add signature
            toBeSent  = ByteHelper.concat(
                basicHdr,
@@ -753,7 +752,7 @@ public class GnLayer extends Layer implements Runnable, IEthernetSpecific {
            e.printStackTrace();
        }
        
-//        TERFactory.getInstance().logDebug("GnLayer.createSecuredMessage: toBeSent=" + ByteHelper.byteArrayToString(toBeSent));
+        //TERFactory.getInstance().logDebug("GnLayer.createSecuredMessage: toBeSent=" + ByteHelper.byteArrayToString(toBeSent));
        return toBeSent;
    }
    

--- a/javasrc/adapter/org/etsi/its/adapter/ports/CamPort.java
+++ b/javasrc/adapter/org/etsi/its/adapter/ports/CamPort.java
@@ -38,10 +38,10 @@ public class CamPort extends ProtocolPort {
     */
    @Override
    public void receive(byte[] message, Map<String, Object> lowerInfo) {
-//        TERFactory.getInstance().logDebug(">>> denmPort.receive: " + ByteHelper.byteArrayToString(message));
+//        TERFactory.getInstance().logDebug(">>> CamPort.receive: " + ByteHelper.byteArrayToString(message));
        
-        if (message[1] != 0x02) { // Check that received packet has CAM message id
-            TERFactory.getInstance().logDebug("camPort.receive: drop packet " + ByteHelper.byteArrayToString(message));
+        if (message[1] != 0x02) { // Check that received packet has CAM message id - See ETSI TS 102 894
+            TERFactory.getInstance().logDebug("CamPort.receive: drop packet " + ByteHelper.byteArrayToString(message));
            return; // Drop it
        }
        

--- a/javasrc/adapter/org/etsi/its/adapter/ports/DenmPort.java
+++ b/javasrc/adapter/org/etsi/its/adapter/ports/DenmPort.java
@@ -38,10 +38,10 @@ public class DenmPort extends ProtocolPort {
     */
    @Override
    public void receive(byte[] message, Map<String, Object> lowerInfo) {
-//        TERFactory.getInstance().logDebug(">>> denmPort.receive: " + ByteHelper.byteArrayToString(message));
+//        TERFactory.getInstance().logDebug(">>> DenmPort.receive: " + ByteHelper.byteArrayToString(message));
        
-        if (message[1] != 0x01) { // Check that received packet has DENM message id
-            TERFactory.getInstance().logDebug("denmPort.receive: drop packet " + ByteHelper.byteArrayToString(message));
+        if (message[1] != 0x01) { // Check that received packet has DENM message id - See ETSI TS 102 894
+            TERFactory.getInstance().logDebug("DenmPort.receive: drop packet " + ByteHelper.byteArrayToString(message));
            return; // Drop it
        }
        

--- a/javasrc/adapter/org/etsi/its/adapter/ports/IvimPort.java
+++ b/javasrc/adapter/org/etsi/its/adapter/ports/IvimPort.java
@@ -38,10 +38,10 @@ public class IvimPort extends ProtocolPort {
     */
    @Override
    public void receive(byte[] message, Map<String, Object> lowerInfo) {
-//        TERFactory.getInstance().logDebug(">>> denmPort.receive: " + ByteHelper.byteArrayToString(message));
+//        TERFactory.getInstance().logDebug(">>> IvimPort.receive: " + ByteHelper.byteArrayToString(message));
        
-        if (message[1] != 0x02) { // Check that received packet has CAM message id
-            TERFactory.getInstance().logDebug("ivimPort.receive: drop packet " + ByteHelper.byteArrayToString(message));
+        if (message[1] != 0x06) { // Check that received packet has IVIM message id - See ETSI TS 102 894
+            TERFactory.getInstance().logDebug("IvimPort.receive: drop packet " + ByteHelper.byteArrayToString(message));
            return; // Drop it
        }
        

--- a/javasrc/adapter/org/etsi/its/adapter/ports/MapemSpatemPort.java
+++ b/javasrc/adapter/org/etsi/its/adapter/ports/MapemSpatemPort.java
@@ -3,6 +3,7 @@ package org.etsi.its.adapter.ports;
 import java.util.HashMap;
 import java.util.Map;

+import org.etsi.adapter.TERFactory;
 import org.etsi.common.ByteHelper;
 import org.etsi.its.adapter.SecurityHelper;
 import org.etsi.its.adapter.layers.BtpLayer;
@@ -26,8 +27,14 @@ public class MapemSpatemPort extends ProtocolPort {
     */
    @Override
    public void receive(byte[] message, Map<String, Object> lowerInfo) {
+//      TERFactory.getInstance().logDebug(">>> MapemSpatemPort.receive: " + ByteHelper.byteArrayToString(message));
        
-        // Encode with CAM indication header
+        if ((message[1] != 0x04) && (message[1] != 0x05)) { // Check that received packet has MAPEM/SPATEM message id - See ETSI TS 102 894
+            TERFactory.getInstance().logDebug("MapemSpatemPort.receive: drop packet " + ByteHelper.byteArrayToString(message));
+            return; // Drop it
+        }
+        
+        // Encode with MAPEM/SPATEM indication header
        byte[] msgInd = ByteHelper.concat(
            message, 
            new byte[] { (Byte) lowerInfo.get(GnLayer.GN_NEXTHEADER) },

--- a/javasrc/adapter/org/etsi/its/adapter/ports/SremSsemPort.java
+++ b/javasrc/adapter/org/etsi/its/adapter/ports/SremSsemPort.java
@@ -3,6 +3,7 @@ package org.etsi.its.adapter.ports;
 import java.util.HashMap;
 import java.util.Map;

+import org.etsi.adapter.TERFactory;
 import org.etsi.common.ByteHelper;
 import org.etsi.its.adapter.SecurityHelper;
 import org.etsi.its.adapter.layers.BtpLayer;
@@ -26,8 +27,14 @@ public class SremSsemPort extends ProtocolPort {
     */
    @Override
    public void receive(byte[] message, Map<String, Object> lowerInfo) {
+//      TERFactory.getInstance().logDebug(">>> SremSsemPort.receive: " + ByteHelper.byteArrayToString(message));
        
-        // Encode with CAM indication header
+        if ((message[1] != 0x09) && (message[1] != 0x0A)) { // Check that received packet has SREM/SSEM message id - See ETSI TS 102 894
+            TERFactory.getInstance().logDebug("SremSsemPort.receive: drop packet " + ByteHelper.byteArrayToString(message));
+            return; // Drop it
+        }
+        
+        // Encode with SREM/SSEM indication header
        byte[] msgInd = ByteHelper.concat(
            message, 
            new byte[] { (Byte) lowerInfo.get(GnLayer.GN_NEXTHEADER) },