Continue PKI ATS development

ccsrc/EncDec/LibItsPki_Encdec.cc

@@ -8,6 +8,9 @@
 #include "etsi_ts102941_types_authorization_inner_response.hh"
 #include "etsi_ts102941_types_authorization_shared_at_request.hh"
 #include "etsi_ts102941_types_authorization_validation_request.hh"
+#include "etsi_ts102941_base_types_public_keys.hh"
+#include "ieee_11609dot2_base_types_public_encryption_key.hh"
+#include "ieee_11609dot2_base_types_public_verification_key.hh"
 
 #include "loggers.hh"
 
@@ -200,7 +203,7 @@ namespace LibItsPki__EncdecDeclarations {
     return 0;
   }
   
-  BITSTRING fx__enc__AuthorizationValidationRequest(EtsiTs102941TypesAuthorizationValidation::AuthorizationValidationRequest const& p_shared_at) {
+    BITSTRING fx__enc__AuthorizationValidationRequest(EtsiTs102941TypesAuthorizationValidation::AuthorizationValidationRequest const& p_shared_at) {
     loggers::get_instance().log_msg(">>> fx__enc__AuthorizationValidationRequest: ", p_shared_at);
 
     etsi_ts102941_types_authorization_validation_request codec;
@@ -227,4 +230,85 @@ namespace LibItsPki__EncdecDeclarations {
     return 0;
   }
   
+BITSTRING fx__enc__PublicKeys(EtsiTs102941BaseTypes::PublicKeys const& p_public_keys) {
+    loggers::get_instance().log_msg(">>> fx__enc__PublicKeys: ", p_public_keys);
+
+    etsi_ts102941_base_types_public_keys codec;
+    OCTETSTRING os;
+    if (codec.encode(p_public_keys, os) == -1) {
+      loggers::get_instance().warning("fx__enc__PublicKeys: -1 result code was returned");
+      return int2bit(0, 1);
+    }
+
+    return oct2bit(os);
+  }
+  
+  INTEGER fx__dec__PublicKeys(BITSTRING& b, EtsiTs102941BaseTypes::PublicKeys& p_public_keys) {
+    loggers::get_instance().log_msg(">>> fx__dec__PublicKeys: ", b);
+
+    etsi_ts102941_base_types_public_keys codec;
+    OCTETSTRING is = bit2oct(b);
+    if (codec.decode(is, p_public_keys) == -1) {
+      loggers::get_instance().warning("fx__dec__PublicKeys: -1 result code was returned");
+      return -1;
+    }
+
+    loggers::get_instance().log_msg("<<< fx__dec__PublicKeys: ", p_public_keys);
+    return 0;
+  }
+  
+  BITSTRING fx__enc__PublicVerificationKey(IEEE1609dot2BaseTypes::PublicVerificationKey const& p_public_verification_key) {
+    loggers::get_instance().log_msg(">>> fx__enc__PublicVerificationKey: ", p_public_verification_key);
+
+    ieee_1609dot2_base_types_public_verification_key codec;
+    OCTETSTRING os;
+    if (codec.encode(p_public_verification_key, os) == -1) {
+      loggers::get_instance().warning("fx__enc__PublicVerificationKey: -1 result code was returned");
+      return int2bit(0, 1);
+    }
+
+    return oct2bit(os);
+  }
+  
+  INTEGER fx__dec__PublicVerificationKey(BITSTRING& b, IEEE1609dot2BaseTypes::PublicVerificationKey& p_public_verification_key) {
+    loggers::get_instance().log_msg(">>> fx__dec__PublicVerificationKey: ", b);
+
+    ieee_1609dot2_base_types_public_verification_key codec;
+    OCTETSTRING is = bit2oct(b);
+    if (codec.decode(is, p_public_verification_key) == -1) {
+      loggers::get_instance().warning("fx__dec__PublicVerificationKey: -1 result code was returned");
+      return -1;
+    }
+
+    loggers::get_instance().log_msg("<<< fx__dec__PublicVerificationKey: ", p_public_verification_key);
+    return 0;
+  }
+  
+  BITSTRING fx__enc__PublicEncryptionKey(IEEE1609dot2BaseTypes::PublicEncryptionKey const& p_public_encryption_key) {
+    loggers::get_instance().log_msg(">>> fx__enc__PublicEncryptionKey: ", p_public_encryption_key);
+
+    ieee_1609dot2_base_types_public_encryption_key codec;
+    OCTETSTRING os;
+    if (codec.encode(p_public_encryption_key, os) == -1) {
+      loggers::get_instance().warning("fx__enc__PublicEncryptionKey: -1 result code was returned");
+      return int2bit(0, 1);
+    }
+
+    return oct2bit(os);
+  }
+  
+  INTEGER fx__dec__PublicEncryptionKey(BITSTRING& b, IEEE1609dot2BaseTypes::PublicEncryptionKey& p_public_encryption_key) {
+    loggers::get_instance().log_msg(">>> fx__dec__PublicEncryptionKey: ", b);
+
+    ieee_1609dot2_base_types_public_encryption_key codec;
+    OCTETSTRING is = bit2oct(b);
+    if (codec.decode(is, p_public_encryption_key) == -1) {
+      loggers::get_instance().warning("fx__dec__PublicEncryptionKey: -1 result code was returned");
+      return -1;
+    }
+
+    loggers::get_instance().log_msg("<<< fx__dec__PublicEncryptionKey: ", p_public_encryption_key);
+    return 0;
+  }
+  
 } // End of namespace LibItsPki__EncdecDeclarations

ccsrc/Protocols/Security/etsi_ts102941_base_types_public_keys.cc

+#include "etsi_ts102941_base_types_public_keys.hh"
+
+#include "loggers.hh"
+
+int etsi_ts102941_base_types_public_keys::encode (const EtsiTs102941BaseTypes::PublicKeys& p_public_keys, OCTETSTRING& p_data)
+{
+  loggers::get_instance().log(">>> etsi_ts102941_base_types_public_keys::encode: %s", p_public_keys.get_descriptor()->name);
+
+  BITSTRING b;
+  TTCN_EncDec::clear_error();
+  TTCN_Buffer buffer;
+  p_public_keys.encode(*p_public_keys.get_descriptor(), buffer, TTCN_EncDec::CT_OER);
+  p_data = OCTETSTRING(buffer.get_len(), buffer.get_data());
+  loggers::get_instance().log_msg("etsi_ts102941_base_types_public_keys::encode: ", p_data);
+
+  return 0;
+}
+
+int etsi_ts102941_base_types_public_keys::decode (const OCTETSTRING& p_data, EtsiTs102941BaseTypes::PublicKeys& p_public_keys, params* p_params)
+{
+  loggers::get_instance().log_msg(">>> etsi_ts102941_base_types_public_keys::decode: ", p_data);
+
+  TTCN_EncDec::clear_error();
+  TTCN_Buffer decoding_buffer(p_data);
+  //  _params = params;
+  p_public_keys.decode(*p_public_keys.get_descriptor(), decoding_buffer, TTCN_EncDec::CT_OER);
+
+  loggers::get_instance().log_msg("<<< etsi_ts102941_base_types_public_keys::decode: ", (const Base_Type&)p_public_keys);
+  return 0;
+}

ccsrc/Protocols/Security/etsi_ts102941_base_types_public_keys.hh

+#pragma once
+
+#include "codec.hh"
+#include "params.hh"
+
+#include "EtsiTs102941BaseTypes.hh"
+
+class etsi_ts102941_base_types_public_keys : public codec<EtsiTs102941BaseTypes::PublicKeys, EtsiTs102941BaseTypes::PublicKeys>
+{
+public:
+  explicit etsi_ts102941_base_types_public_keys() : codec<EtsiTs102941BaseTypes::PublicKeys, EtsiTs102941BaseTypes::PublicKeys>() { };
+  virtual ~etsi_ts102941_base_types_public_keys() { };
+
+  virtual int encode (const EtsiTs102941BaseTypes::PublicKeys& p_public_keys, OCTETSTRING& p_data);
+  virtual int decode (const OCTETSTRING& p_data, EtsiTs102941BaseTypes::PublicKeys& p_public_keys, params* p_params = NULL);
+}; // End of class etsi_ts102941_base_types_public_keys
+

ccsrc/Protocols/Security/ieee_1609dot2_base_types_public_encryption_key.cc

+#include "ieee_1609dot2_base_types_public_encryption_key.hh"
+
+#include "loggers.hh"
+
+int ieee_1609dot2_base_types_public_encryption_key::encode (const IEEE1609dot2BaseTypes::PublicEncryptionKey& p_public_encryption_key, OCTETSTRING& p_data)
+{
+  loggers::get_instance().log(">>> ieee_1609dot2_base_types_public_encryption_key::encode: %s", p_public_encryption_key.get_descriptor()->name);
+
+  BITSTRING b;
+  TTCN_EncDec::clear_error();
+  TTCN_Buffer buffer;
+  p_public_encryption_key.encode(*p_public_encryption_key.get_descriptor(), buffer, TTCN_EncDec::CT_OER);
+  p_data = OCTETSTRING(buffer.get_len(), buffer.get_data());
+  loggers::get_instance().log_msg("ieee_1609dot2_base_types_public_encryption_key::encode: ", p_data);
+
+  return 0;
+}
+
+int ieee_1609dot2_base_types_public_encryption_key::decode (const OCTETSTRING& p_data, IEEE1609dot2BaseTypes::PublicEncryptionKey& p_public_encryption_key, params* p_params)
+{
+  loggers::get_instance().log_msg(">>> ieee_1609dot2_base_types_public_encryption_key::decode: ", p_data);
+
+  TTCN_EncDec::clear_error();
+  TTCN_Buffer decoding_buffer(p_data);
+  //  _params = params;
+  p_public_encryption_key.decode(*p_public_encryption_key.get_descriptor(), decoding_buffer, TTCN_EncDec::CT_OER);
+
+  loggers::get_instance().log_msg("<<< ieee_1609dot2_base_types_public_encryption_key::decode: ", (const Base_Type&)p_public_encryption_key);
+  return 0;
+}

ccsrc/Protocols/Security/ieee_1609dot2_base_types_public_encryption_key.hh

+#pragma once
+
+#include "codec.hh"
+#include "params.hh"
+
+#include "IEEE1609dot2BaseTypes.hh"
+
+class ieee_1609dot2_base_types_public_encryption_key : public codec<IEEE1609dot2BaseTypes::PublicEncryptionKey, IEEE1609dot2BaseTypes::PublicEncryptionKey>
+{
+public:
+  explicit ieee_1609dot2_base_types_public_encryption_key() : codec<IEEE1609dot2BaseTypes::PublicEncryptionKey, IEEE1609dot2BaseTypes::PublicEncryptionKey>() { };
+  virtual ~ieee_1609dot2_base_types_public_encryption_key() { };
+
+  virtual int encode (const IEEE1609dot2BaseTypes::PublicEncryptionKey& p_public_encryption_key, OCTETSTRING& p_data);
+  virtual int decode (const OCTETSTRING& p_data, IEEE1609dot2BaseTypes::PublicEncryptionKey& p_public_encryption_key, params* p_params = NULL);
+}; // End of class ieee_1609dot2_base_types_public_encryption_key
+

ccsrc/Protocols/Security/ieee_1609dot2_base_types_public_verification_key.cc

+#include "ieee_1609dot2_base_types_public_verification_key.hh"
+
+#include "loggers.hh"
+
+int ieee_1609dot2_base_types_public_verification_key::encode (const IEEE1609dot2BaseTypes::PublicVerificationKey& p_public_verification_key, OCTETSTRING& p_data)
+{
+  loggers::get_instance().log(">>> ieee_1609dot2_base_types_public_verification_key::encode: %s", p_public_verification_key.get_descriptor()->name);
+
+  BITSTRING b;
+  TTCN_EncDec::clear_error();
+  TTCN_Buffer buffer;
+  p_public_verification_key.encode(*p_public_verification_key.get_descriptor(), buffer, TTCN_EncDec::CT_OER);
+  p_data = OCTETSTRING(buffer.get_len(), buffer.get_data());
+  loggers::get_instance().log_msg("ieee_1609dot2_base_types_public_verification_key::encode: ", p_data);
+
+  return 0;
+}
+
+int ieee_1609dot2_base_types_public_verification_key::decode (const OCTETSTRING& p_data, IEEE1609dot2BaseTypes::PublicVerificationKey& p_public_verification_key, params* p_params)
+{
+  loggers::get_instance().log_msg(">>> ieee_1609dot2_base_types_public_verification_key::decode: ", p_data);
+
+  TTCN_EncDec::clear_error();
+  TTCN_Buffer decoding_buffer(p_data);
+  //  _params = params;
+  p_public_verification_key.decode(*p_public_verification_key.get_descriptor(), decoding_buffer, TTCN_EncDec::CT_OER);
+
+  loggers::get_instance().log_msg("<<< ieee_1609dot2_base_types_public_verification_key::decode: ", (const Base_Type&)p_public_verification_key);
+  return 0;
+}

ccsrc/Protocols/Security/ieee_1609dot2_base_types_public_verification_key.hh

+#pragma once
+
+#include "codec.hh"
+#include "params.hh"
+
+#include "IEEE1609dot2BaseTypes.hh"
+
+class ieee_1609dot2_base_types_public_verification_key : public codec<IEEE1609dot2BaseTypes::PublicVerificationKey, IEEE1609dot2BaseTypes::PublicVerificationKey>
+{
+public:
+  explicit ieee_1609dot2_base_types_public_verification_key() : codec<IEEE1609dot2BaseTypes::PublicVerificationKey, IEEE1609dot2BaseTypes::PublicVerificationKey>() { };
+  virtual ~ieee_1609dot2_base_types_public_verification_key() { };
+
+  virtual int encode (const IEEE1609dot2BaseTypes::PublicVerificationKey& p_public_verification_key, OCTETSTRING& p_data);
+  virtual int decode (const OCTETSTRING& p_data, IEEE1609dot2BaseTypes::PublicVerificationKey& p_public_verification_key, params* p_params = NULL);
+}; // End of class ieee_1609dot2_base_types_public_verification_key
+

etc/AtsPki/AtsPki_Commsignia.cfg_

@@ -33,10 +33,6 @@ LibItsPki_Pics.PICS_HTTP_POST_URI_ATV := "/aa/authorization"
 LibItsPki_Pics.PICS_IUT_ITS_S_ROLE     := true
 LibItsPki_Pics.PICS_SECPKI_ENROLMENT   := true
 
-LibItsPki_Pixits.PX_EC_PRIVATE_KEY     := '73AD688448117EFF50BCB044AA9CFD7932023B7A2C62887A1D3B99FED2B5237C'O
-LibItsPki_Pixits.PX_EC_HASH            := 'C4FD3EF2B51CFD605D7D40FA9C1C279B8B8C4D7CB9D40D6044C55F615D750502'O
-LibItsPki_Pixits.PX_EC_HASHED_ID8      := '44C55F615D750502'O
-
 LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY        := '5C25F97607DFC62972A147FAD8B7A7C939569F0F95ECD4C641724A68B51836E5'O;
 LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY         := '02834642E2E9B2EA1E6417D9D9ED1BA0BB84450781809AED15CB4BCB55DDCFD77B'O;
 LibItsPki_Pics.PICS_ITS_S_ENC_NITSP256_PRIVATE_KEY         := 'EDEBEADCAA9514CD4B30256126FB7DF958B911C6EB58CCF702983C3DCD3DECBD'O;
@@ -54,6 +50,14 @@ LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID                   := "CERT_TS_A_AA"
 
 #ItsPki_Pixits.PX_TRIGGER_EC_BEFORE_AT                      := false;
 
+#LibItsPki_Pixits.PX_INCLUDE_ENCRYPTION_KEYS := false # No encryption key in Authorization request
+#LibItsPki_Pixits.PICS_PKI_AUTH_POP          := false # Do not use Signed for PoP in Authorization requet
+
+#LibItsPki_Pics.PICS_SECPKI_REENROLMENT := false # Check in logs the pattern '==> EC ' to find the required information for re-enrolment
+#LibItsPki_Pixits.PX_EC_PRIVATE_KEY     := '170D1EA638C300BD16F0025768C0F1FAA6BE23963E46AD10F79103914265D294'O
+#LibItsPki_Pixits.PX_EC_HASH            := 'DFEFC2A74C8ADD0C8B74B958EE072229D25DEAAAE30D134193D091890E8F3C2C'O
+#LibItsPki_Pixits.PX_EC_HASHED_ID8      := '93D091890E8F3C2C'O
+
 [LOGGING]
 # In this section you can specify the name of the log file and the classes of events
 # you want to log into the file or display on console (standard error).

etc/AtsPki/AtsPki_Escrypt.cfg_

@@ -11,16 +11,27 @@ LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert"
 LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE  := "application/x-its-request"
 LibItsHttp_Pics.PICS_HEADER_HOST          := "test.bsi.v2x-pilot.escrypt.com"
 
-LibItsPki_Pics.PICS_HTTP_POST_URI_EC                 := "/ea/enrolment"
-LibItsPki_Pics.PICS_HTTP_POST_URI_AT                 := "/aa/authorize"
-LibItsPki_Pics.PICS_HTTP_POST_URI_ATV                := "/aa/authorize"
-LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY  := 'd526563de53303427595ad144042be0f9caa2501ff64c837a7832f969220cd25'O
-LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID               := '4553435259505400000000000000000F'O
-LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID             := "CERT_ESCRYPT_EA"
-LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID             := "CERT_ESCRYPT_AA"
+LibItsPki_Pics.PICS_HTTP_POST_URI_EC      := "/ea/enrolment"
+LibItsPki_Pics.PICS_HTTP_POST_URI_AT      := "/aa/authorization"
+LibItsPki_Pics.PICS_HTTP_POST_URI_ATV     := "/aa/authorize"
 
-LibItsPki_Pixits.PX_VE_ALG                           := e_brainpool_p256_r1
-LibItsPki_Pixits.PX_EC_ALG                           := e_brainpool_p256_r1
+LibItsPki_Pics.PICS_ITS_S_WITH_PRIVACY                    := false
+LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY       := '749509D6C5243059A9F73C26DAD46EAE30E3606D83413D94CF134FBA9071617F'O
+LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID                    := '45534352595054000000000000000011'O
+LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID                  := "CERT_ESCRYPT_EA"
+LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID                  := "CERT_ESCRYPT_AA"
+
+#LibItsPki_Pixits.PX_VE_ALG                               := e_brainpool_p256_r1
+LibItsPki_Pixits.PX_EC_ALG_FOR_EC                        := e_brainpool_p256_r1
+LibItsPki_Pixits.PX_EC_ALG_FOR_AT                        := e_nist_p256
+
+LibItsPki_Pixits.PX_INCLUDE_ENCRYPTION_KEYS := false # No encryption key in Authorization request
+#LibItsPki_Pixits.PICS_PKI_AUTH_POP          := false # Do not use Signed for PoP in Authorization requet
+
+#LibItsPki_Pics.PICS_SECPKI_REENROLMENT := false # Check in logs the pattern '==> EC ' to find the required information for re-enrolment
+#LibItsPki_Pixits.PX_EC_PRIVATE_KEY     := '170D1EA638C300BD16F0025768C0F1FAA6BE23963E46AD10F79103914265D294'O
+#LibItsPki_Pixits.PX_EC_HASH            := 'DFEFC2A74C8ADD0C8B74B958EE072229D25DEAAAE30D134193D091890E8F3C2C'O
+#LibItsPki_Pixits.PX_EC_HASHED_ID8      := '93D091890E8F3C2C'O
 
 [LOGGING]
 # In this section you can specify the name of the log file and the classes of events
@@ -38,11 +49,11 @@ LogEventTypes:= Yes
 
 [TESTPORT_PARAMETERS]
 # Single HTTP component port
-system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=test.bsi.v2x-pilot.escrypt.com)"
+system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=test.bsi.v2x-pilot.escrypt.com)"
 
 [EXECUTE]
 # The EnrolmentResponse message shall be sent by the EA to the ITS-S across the interface at reference point S3 in response to a received EnrolmentRequest message
-ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV
+#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV
 # Check that EA doesn't accept Enrolment rekeying request when enrolment is not permitted by signing certificate
 #ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_02_BI
 
@@ -62,6 +73,8 @@ ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV
 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_AA_BV_01
 #ItsPki_TestCases.TC_SEC_PKI_SND_AA_BV_01
 
+ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_01_BV
+
 [MAIN_CONTROLLER]
 # The options herein control the behavior of MC.
 KillTimer := 10.0

etc/AtsPki/AtsPki_Gemalto.cfg_

@@ -25,8 +25,8 @@ LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID                     := '1B4CA1210123AE900
 LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID                   := "CERT_GEMALTO_EA"
 LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID                   := "CERT_GEMALTO_AA"
 
-LibItsPki_Pixits.PX_INCLUDE_ENCRYPTION_KEYS := false # No encryption key in AT request
-LibItsPki_Pixits.PICS_PKI_AUTH_POP          := false # Not private key available
+LibItsPki_Pixits.PX_INCLUDE_ENCRYPTION_KEYS := false # No encryption key in Authorization request
+LibItsPki_Pixits.PICS_PKI_AUTH_POP          := false # Do not use Signed for PoP in Authorization requet
 
 LibItsPki_Pics.PICS_SECPKI_REENROLMENT := false # Check in logs the pattern '==> EC ' to find the required information for re-enrolment
 LibItsPki_Pixits.PX_EC_PRIVATE_KEY     := '170D1EA638C300BD16F0025768C0F1FAA6BE23963E46AD10F79103914265D294'O

etc/AtsPki/AtsPki_Idnomic.cfg_

@@ -24,6 +24,14 @@ LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID               := '455453492d4954532d30303
 LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID             := "CERT_IDNOMIC_EA"
 LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID             := "CERT_IDNOMIC_AA"
 
+#LibItsPki_Pixits.PX_INCLUDE_ENCRYPTION_KEYS := false # No encryption key in Authorization request
+#LibItsPki_Pixits.PICS_PKI_AUTH_POP          := false # Do not use Signed for PoP in Authorization requet
+
+#LibItsPki_Pics.PICS_SECPKI_REENROLMENT := false # Check in logs the pattern '==> EC ' to find the required information for re-enrolment
+#LibItsPki_Pixits.PX_EC_PRIVATE_KEY     := '170D1EA638C300BD16F0025768C0F1FAA6BE23963E46AD10F79103914265D294'O
+#LibItsPki_Pixits.PX_EC_HASH            := 'DFEFC2A74C8ADD0C8B74B958EE072229D25DEAAAE30D134193D091890E8F3C2C'O
+#LibItsPki_Pixits.PX_EC_HASHED_ID8      := '93D091890E8F3C2C'O
+
 [LOGGING]
 # In this section you can specify the name of the log file and the classes of events
 # you want to log into the file or display on console (standard error).

LibIts @ d35994ab

-Subproject commit ec376d2696b590bef28271376d9be45b23f52277
+Subproject commit d35994abec9c87855fa869c8832b5be9bbea3d57