Remove TsSecuredMode flag from TA config, replace by ATS PICS + AcSecPrimitive

Add TsEnforceSecuredMode in TA to enable/disable security checks by the TA (message can be rejected)

Remove TsSecuredMode flag from TA config, replace by ATS PICS + AcSecPrimitive
Add TsEnforceSecuredMode in TA to enable/disable security checks by the TA (message can be rejected)
f4b960ed · garciay · 60ad3d03 · f4b960ed · f4b960ed
Commit f4b960ed authored Jul 28, 2016 by garciay
--- a/javasrc/adapter/org/etsi/its/adapter/Management.java
+++ b/javasrc/adapter/org/etsi/its/adapter/Management.java
@@ -66,9 +66,9 @@ public class Management implements IManagementTA, IManagementLayers {
    private static final int longitude = Integer.decode(((CharstringValue)TERFactory.getInstance().getTaParameter("TsLongitude")).getString());
    
    /**
-     * Secured mode status 
+     * Enforce secured mode status 
     */
-    private static final String TsSecuredMode = ((CharstringValue)TERFactory.getInstance().getTaParameter("TsSecuredMode")).getString();
+    private static final String TsEnforceSecuredMode = ((CharstringValue)TERFactory.getInstance().getTaParameter("TsEnforceSecuredMode")).getString();
    
    /**
     * Secured root path to access certificates & private keys 
@@ -142,11 +142,6 @@ public class Management implements IManagementTA, IManagementLayers {
     */
    private Management() {
        
-        // Check for secured mode settings in TestAdapter configuration file
-        if (TsSecuredMode.equals("true")) {
-            setupSecuredMode();
-        }
-        
        // For debug only:
        byte[] mid = new byte[] {(byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, 
                                 (byte)0x00, (byte)0x00};
@@ -233,7 +228,7 @@ public class Management implements IManagementTA, IManagementLayers {
    @Override
    public byte[] getLongPositionVector(byte[] targetGnAddress) {
        byte[] mid = ByteHelper.extract(targetGnAddress, 2, 6);
-//        System.out.println("getLongPositionVector: Looking for Loc Entry: " + ByteHelper.byteArrayToString(mid));
+        TERFactory.getInstance().logDebug("getLongPositionVector: Looking for Loc Entry: " + ByteHelper.byteArrayToString(mid));
        long key = ByteHelper.byteArrayToLong(mid);
        for(int i = 0; i < GET_LPV_TIMEOUT; ++i) {
            if (locTable.containsKey(key)) {
@@ -283,7 +278,7 @@ public class Management implements IManagementTA, IManagementLayers {
        long key = ByteHelper.byteArrayToLong(mid);
        ITuple<Long, byte[]> entry = locTable.get(key);
        if(entry == null || entry.getA() < timestamp) {
-//            System.out.println("gnUpdateLocTable: Adding Loc Entry for: " + ByteHelper.byteArrayToString(mid));
+//            TERFactory.getInstance().logDebug("gnUpdateLocTable: Adding Loc Entry for: " + ByteHelper.byteArrayToString(mid));
            locTable.put(key, new Tuple<Long, byte[]>(timestamp, lpv));
        }
    }
@@ -375,7 +370,7 @@ public class Management implements IManagementTA, IManagementLayers {
    
    @Override
    public boolean isEnforceSecuredModeSet() {
-        return TsSecuredMode.equals("true");
+        return TsEnforceSecuredMode.equals("true");
    }
    
    @Override
@@ -414,12 +409,12 @@ public class Management implements IManagementTA, IManagementLayers {
    }
    
    /**
-     * @desc This method setup secured mode according to the Test adapter settings (@see TsSecuredMode flags).
-     *       The secured mode could be overrided by test case secured mode configuration through AC primitives
+     * @desc This method setup secured mode according to ATS settings (AcSecPrimitive) and the Test adapter settings (TsEnforceSecuredMode flags)
+     * @see  TsEnforceSecuredMode flags.
     * @remark This method shall be called by the constructor only
     */
    private void setupSecuredMode() {
-//        System.out.println(">>> setupSecuredMode: " + certificateId);
+        TERFactory.getInstance().logDebug(">>> setupSecuredMode: " + certificateId);
        
        securedMode = true;
        ICertificatesIO _certCache = CertificatesIOFactory.getInstance();
@@ -430,26 +425,26 @@ public class Management implements IManagementTA, IManagementLayers {
            _certCache.readCertificate(certificateId, certificate);
            // Extract public keys
            atCertificate = certificate.toByteArray();
-//            System.out.println("Management.setupSecuredModeFromTaConfig: certificate=" + ByteHelper.byteArrayToString(atCertificate));
+            TERFactory.getInstance().logDebug("Management.setupSecuredModeFromTaConfig: certificate=" + ByteHelper.byteArrayToString(atCertificate));
            // Compute AT certificate digest
            byte[] atHash = CryptoLib.hashWithSha256(atCertificate);
            atCertificateDigest = ByteHelper.extract(atHash, atHash.length - 8, 8);
-//            System.out.println("Management.setupSecuredModeFromTaConfig: atCertificateDigest=" + ByteHelper.byteArrayToString(atCertificateDigest));
+            TERFactory.getInstance().logDebug("Management.setupSecuredModeFromTaConfig: atCertificateDigest=" + ByteHelper.byteArrayToString(atCertificateDigest));
            int offset = 16; // FIXME To be enhanced
            // KeyX
            signingPublicKeyX = new byte[32];
            System.arraycopy(atCertificate, offset, signingPublicKeyX, 0, 32);
            offset += 32;
-//            System.out.println("Management.setupSecuredModeFromTaConfig: signingPublicKeyX=" + ByteHelper.byteArrayToString(signingPublicKeyX));
+            TERFactory.getInstance().logDebug("Management.setupSecuredModeFromTaConfig: signingPublicKeyX=" + ByteHelper.byteArrayToString(signingPublicKeyX));
            // KeyY
            signingPublicKeyY = new byte[32];
            System.arraycopy(atCertificate, offset, signingPublicKeyY, 0, 32);
-//            System.out.println("Management.setupSecuredModeFromTaConfig: signingPublicKeyY=" + ByteHelper.byteArrayToString(signingPublicKeyY));
+            TERFactory.getInstance().logDebug("Management.setupSecuredModeFromTaConfig: signingPublicKeyY=" + ByteHelper.byteArrayToString(signingPublicKeyY));
            // Extract private keys
            ByteArrayOutputStream signingPrivateKey = new ByteArrayOutputStream();
            _certCache.readSigningKey(certificateId, signingPrivateKey);
            this.signingPrivateKey = signingPrivateKey.toByteArray().clone();
-//            System.out.println("Management.setupSecuredModeFromTaConfig: signingPrivateKey=" + ByteHelper.byteArrayToString(this.signingPrivateKey));
+            TERFactory.getInstance().logDebug("Management.setupSecuredModeFromTaConfig: signingPrivateKey=" + ByteHelper.byteArrayToString(this.signingPrivateKey));
            // TODO Add support of encryption
        }
    }

--- a/javasrc/tool/org/etsi/its/tool/elvior/res/ta.properties
+++ b/javasrc/tool/org/etsi/its/tool/elvior/res/ta.properties
@@ -56,10 +56,15 @@ TsBeaconInterval=1000
 TsLatitude=514787010
 # Longitude of Test System
 TsLongitude=56547460
+# ITS-AID for other profile
+TsItsAidOther=38
 # Secured mode status
-TsSecuredMode=false
-# Secured root path to access certificates and private keys
-TsSecuredPath=""
+UtSecuredMode=false
+# Enforce secured mode status
+TsEnforceSecuredMode=false
 # Secured configuration identifier
-TsSecuredConfiId=data/certificates
+TsSecuredRootPath=data/certificates
+# Secured root path to access certificates and private keys
+TsSecuredConfiId=
+