Commit ed2d2e21 authored by garciay's avatar garciay
Browse files

Start Security support in the TA 

Start ATS security review
Validation of TD_AUTO_IOT_DENM_RWW_BV_01 in progress
parent 446bbeba

ccsrc/EncDec/LibItsSecurity_Encdec.cc

+28 −0
Original line number Diff line number Diff line
@@ -3,6 +3,7 @@ 
#include "EtsiTs103097Codec_Certificate.hh"

#include "EtsiTs103097Codec_ToBeSignedCertificate.hh"

#include "EtsiTs103097Codec_Data.hh"

#include "EtsiTs103097Codec_ToBeSignedData.hh"



#include "loggers.hh"
@@ -75,6 +76,33 @@ namespace LibItsSecurity__EncdecDeclarations { 
    return 0;

  }

  

  BITSTRING fx__enc__Ieee1609Dot2ToBeSignedData(const IEEE1609dot2::ToBeSignedData& p__toBeSignedData) {

    loggers::get_instance().log_msg(">>> fx__enc__Ieee1609Dot2ToBeSignedData: ", p__toBeSignedData);



    EtsiTs103097Codec_ToBeSignedData codec;

    OCTETSTRING os;

    if (codec.encode(p__toBeSignedData, os) == -1) {

      loggers::get_instance().warning("fx__enc__Ieee1609Dot2ToBeSignedData: -1 result code was returned");

      return int2bit(0, 1);

    }

    

    return oct2bit(os);

  }

  

  INTEGER fx__dec__Ieee1609Dot2ToBeSignedData(BITSTRING& p__data, IEEE1609dot2::ToBeSignedData& p__toBeSignedData) {

    loggers::get_instance().log_msg(">>> fx__dec__Ieee1609Dot2ToBeSignedData: ", p__data);



    EtsiTs103097Codec_ToBeSignedData codec;

    OCTETSTRING is = bit2oct(p__data);

    if (codec.decode(is, p__toBeSignedData) == -1) {

      loggers::get_instance().warning("fx__dec__Ieee1609Dot2ToBeSignedData: -1 result code was returned");

      return -1;

    }

    

    loggers::get_instance().log_msg("<<< fx__dec__Ieee1609Dot2ToBeSignedData: ", p__toBeSignedData);

    return 0;

  }

  

  BITSTRING fx__enc__SspCAM(const LibItsSecurity__TypesAndValues::SspCAM& p__ssp) {

    loggers::get_instance().log_msg(">>> fx__enc__SspCAM: ", p__ssp);

ccsrc/Externals/LibItsSecurity_externals.cc

+3 −0
Original line number Diff line number Diff line
@@ -16,6 +16,9 @@ 


namespace LibItsSecurity__Functions 

{



  // FIXME Unify code with security_services

  

  /**

   * @desc    Produces a 256-bit (32-byte) hash value

   * @param   p_toBeHashedData Data to be used to calculate the hash value

ccsrc/Framework/LayerFactory.hh

+75 −2
Original line number Diff line number Diff line
@@ -23,8 +23,81 @@ 
 * \abstract

 */

class LayerFactory {

public:

public: //! \publicsection

  /*!

   * \fn Codec();

   * \brief  Default constructor

   * \todo Remove logs

   */

  LayerFactory() {};

  virtual Layer * createLayer(const std::string & type, const std::string & param) = 0;

  /*!

   * \fn Layer * createLayer(const std::string & type, const std::string & param);

   * \brief  Create the layers stack based on the provided layers stack description (cf. remark)

   * \param[in] p_type The provided layers stack description

   * \param[in] p_params Optional parameters

   * \return 0 on success, -1 otherwise

   * \remark The description below introduces layers stack in case of ITS project:

   *     CAM Layer

   *       next_header     : btpA|btpB (overwrite BTP.type)

   *       header_type     : tsb|gbc

   *       header_sub_type : sh (single hop)

   *     DENM Layer

   *       next_header     : btpA|btpB (overwrite BTP.type)

   *       header_type     : tsb|gbc

   *     BTP Layer

   *       type            : btpA|btpB

   *       destination port: dst_port

   *       source port     : src_port

   *       device_mode     : Set to 1 if the layer shall encapsulate upper layer PDU

   *       device_mode     : Set to 1 if the layer shall encapsulate upper layer PDU

   *     GN Layer

   *       ll_address             : GeoNetworking address of the Test System

   *       latitude               : latitude of the Test System

   *       longitude              : longitude of the Test System

   *       beaconing              : Set to 1 if GnLayer shall start beaconing

   *       Beaconning timer expiry: expiry (ms)

   *       device_mode            : Set to 1 if the layer shall encapsulate upper layer PDU

   *     Ethernet layer

   *       mac_src  :Source MAC address

   *       mac_bc   :Broadcast address

   *       eth_type : Ethernet type

   *     Commsignia layer

   *       mac_src     : Device MAC address, used to discard packets

   *                     To indicate no filering, use the value 000000000000

   *       mac_bc      : Broadcast address

   *       eth_type    : Ethernet type, used to discard packets

   *       target_host : Device address

   *       target_port : Device port

   *       source_port : Test System port

   *       interface_id: Interface id, used to discard packets

   *       tx_power    : TX power (dB)

   *     UDP layer (IP/UDP based on Pcap)

   *       dst_ip  : destination IPv4 address (aa.bb.cc.dd)

   *       dst_port: destination port

   *       src_ip  : source IPv4 address (aa.bb.cc.dd)

   *       src_port: source port

   *     Pcap layer

   *       mac_src    : Source MAC address, used to exclude from capture the acket sent by the Test System

   *       filter     : Pcap filter (compliant with tcpdump syntax) 

   *                    E.g. filter=and ether src 04e548000001

   *       Online mode:

   *         nic: Local NIC

   *              If set, online mode is used

   *       Offline mode (nic is present but not set):

   *         file        : File to read

   *         frame_offset: Frame offset, used to skip packets with frame number < frame_offset

   *         time_offset : Time offset, used to skip packets with time offset < time_offset

   *         save_mode   : 1 to save sent packet, 0 otherwise

   *     Here are some examples:

   *       Geonetworking multiple component case:

   *         NodeB.geoNetworkingPort.params := "GN(ll_address=04e548000001,latitude=43551050,longitude=10298730,beaconing=0,expiry=1000,its_aid=141)/COMMSIGNIA(mac_src=04e548000001,mac_bc=FFFFFFFFFFFF,eth_type=8947,target_host=10.200.1.101,target_port=7942,source_port=7943,its_aid=141,interface_id=2,tx_power=-32)/UDP(dst_ip=192.168.56.1,dst_port=12346,src_ip=192.168.156.4,src_port=12345)/ETH(mac_src=04e548000001,mac_dst=0A0027000011,eth_type=0800)/PCAP(mac_src=04e548000001,file=/home/vagrant/TriesAndDelete/etsi_its/testdata/TC_AUTO_IOT_DENM_RWW_BV_01_short.pcap,filter=and (udp port 30000 or udp port 7943))"

NodeC.geoNetworkingPort.params := "GN(ll_address=70b3d5791b48,latitude=43551050,longitude=10298730,beaconing=0,expiry=1000,its_aid=141)/COMMSIGNIA(mac_src=70b3d5791b48,mac_bc=FFFFFFFFFFFF,eth_type=8947,target_host=10.200.1.101,target_port=7942,source_port=7943,its_aid=141,interface_id=2,tx_power=-32)/UDP(dst_ip=192.168.56.1,dst_port=12346,src_ip=192.168.156.4,src_port=12345)/ETH(mac_src=70b3d5791b48,mac_dst=0A0027000011,eth_type=0800)/PCAP(mac_src=70b3d5791b48,file=/home/vagrant/TriesAndDelete/etsi_its/testdata/TC_AUTO_IOT_DENM_RWW_BV_01_short.pcap,filter=and (udp port 30000 or udp port 7943))"

   *         NodeB.geoNetworkingPort.params := "GN(ll_address=04e548000001,latitude=43551050,longitude=10298730,beaconing=0,expiry=1000,its_aid=141)/ETH(mac_src=04e548000001,mac_dst=0A0027000011,eth_type=0800)/PCAP(mac_src=04e548000001,file=/home/vagrant/TriesAndDelete/etsi_its/testdata/TC_AUTO_IOT_DENM_RWW_BV_01.pcap,filter=and ether src 04e548000001)"

#NodeC.geoNetworkingPort.params := "GN(ll_address=70b3d5791b48,latitude=43551050,longitude=10298730,beaconing=0,expiry=1000,its_aid=141)/ETH(mac_src=70b3d5791b48,mac_dst=0A0027000011,eth_type=0800)/PCAP(mac_src=70b3d5791b48,file=/home/vagrant/TriesAndDelete/etsi_its/testdata/TC_AUTO_IOT_DENM_RWW_BV_01.pcap,filter=and  ether src 70b3d5791b48)"

   *       UpperTester port based on UDP 

   *         ystem.utPort.params := "UT_GN/UDP(dst_ip=192.168.1.1,dst_port=12346,src_ip=192.168.156.4,src_port=12345)/ETH(mac_src=026f8338c1e5,mac_dst=0A0027000011,eth_type=0800)/PCAP(mac_src=0800275c4959,nic=enp0s8,filter=and udp port 12346)"

   * \pure

   */

  virtual Layer * createLayer(const std::string & p_type, const std::string & p_params) = 0;

}; // End of class LayerFactory

ccsrc/Framework/Params.hh

+13 −1
Original line number Diff line number Diff line
@@ -46,6 +46,13 @@ public: 
  static const std::string& expiry;                //! Test system GeoNetworking Lifetime parameter name (in ms)

  

  static const std::string& device_mode;           //! To indicate to the lower layer to act as a standalone device

  static const std::string& secured_mode;          //! To indicate to the lower layer to apply securty on message exchanges as defined in IEEE 1609.2 & ETSI TS 102 965

  static const std::string& enable_security_checks;//! To indicates if security check failures shall be treated as error or warning

  static const std::string& sec_db_path;

  static const std::string& certificate;

  static const std::string& hash;

  static const std::string& signature;

  static const std::string& cypher;

  static const std::string& distanceA;             //! Test system GeoNetworking DistanceA parameter name

  static const std::string& distanceB;             //! Test system GeoNetworking DistanceB parameter name

  static const std::string& angle;                 //! Test system GeoNetworking Angle parameter name
@@ -74,7 +81,12 @@ public: 
  virtual ~Params() { };



  /*!

   * \fn void log();

   * \fn void log() const;

   * \brief Provides a dump of the content of this instance

   */

  void log() const;

  /*!

   * \fn void log() const;

   * \brief Provides a dump of the content of this instance

   */

  void log();

ccsrc/Framework/src/Params.cc

+21 −1
Original line number Diff line number Diff line
@@ -39,6 +39,13 @@ const std::string& Params::ll_address = std::string("ll_address"); 
const std::string& Params::expiry = std::string("expiry");



const std::string& Params::device_mode = std::string("device_mode");

const std::string& Params::secured_mode = std::string("secured_mode");

const std::string& Params::enable_security_checks = std::string("enable_security_checks");

const std::string& Params::certificate = std::string("certificate");

const std::string& Params::sec_db_path = std::string("sec_db_path");

const std::string& Params::hash = std::string("hash");

const std::string& Params::signature = std::string("signature");

const std::string& Params::cypher = std::string("cypher");

const std::string& Params::distanceA = std::string("distanceA");

const std::string& Params::distanceB = std::string("distanceB");

const std::string& Params::angle = std::string("angle");
@@ -54,6 +61,7 @@ void Params::convert(Params& p_param, const std::string p_parameters) { 
  if (p_parameters.length() == 0) {

    return;

  }

  loggers::get_instance().log(">>> Params::convert: %s", p_parameters.c_str());

  // Extract parameters

  try {

    std::regex rgx ("(\\w+)=(.*?)(,|$)");
@@ -61,13 +69,25 @@ void Params::convert(Params& p_param, const std::string p_parameters) { 
    std::sregex_iterator end = std::sregex_iterator();

    for (std::sregex_iterator it = begin; it != end; ++it) {

      std::smatch m = *it;

      //loggers::get_instance().log("Params::convert: %d - %s - %s - %s - %s", m.size(), m[0].str().c_str(), m[1].str().c_str(), m[2].str().c_str(), m[3].str().c_str());

      loggers::get_instance().log("Params::convert: %d - %s - %s - %s - %s", m.size(), m[0].str().c_str(), m[1].str().c_str(), m[2].str().c_str(), m[3].str().c_str());

      p_param.insert(std::pair<std::string, std::string>(m[1].str(), m[2].str()));

    } // End of 'for' statement

  }

  catch(const std::logic_error& e){

    p_param.clear();

  }

  loggers::get_instance().log("<<< Params::convert");

}



void Params::log() const {

  loggers::get_instance().log("Params::log");

  if (size() == 0) {

    loggers::get_instance().log("\tEmpty");

  } else {

    for (const_iterator it = cbegin(); it != cend(); ++it) {

      loggers::get_instance().log("\t(%s, %s)", it->first.c_str(), it->second.c_str());

    } // End of 'for' statement

  }

}



void Params::log() {