Loading ccsrc/Protocols/Security/security_services.cc +12 −19 Original line number Diff line number Diff line Loading @@ -3,6 +3,7 @@ #include "security_services.hh" using namespace std; #include "EtsiTs103097Codec_ToBeSignedData.hh" #include "EtsiTs103097Codec_Data.hh" #include "EtsiTs103097Codec_Certificate.hh" Loading Loading @@ -70,7 +71,7 @@ int security_services::store_certificate(const CHARSTRING& p_cert_id, const OCTE return _security_db.get()->store_certificate(p_cert_id, p_cert, p_private_key, p_public_key_x, p_public_key_y, p_hashid8, p_issuer, p_private_enc_key, p_public_enc_key_x, p_public_enc_key_y); } int security_services::verify_and_extract_gn_payload(const OCTETSTRING& p_secured_gn_payload, const bool p_verify, IEEE1609dot2::Ieee1609Dot2Data& p_ieee_1609dot2_data, OCTETSTRING& p_unsecured_gn_payload, Params& p_params) { int security_services::verify_and_extract_gn_payload(const OCTETSTRING& p_secured_gn_payload, const bool p_verify, OCTETSTRING& p_unsecured_gn_payload, Params& p_params) { loggers::get_instance().log_msg(">>> security_services::verify_and_extract_gn_payload: ", p_secured_gn_payload); // Sanity checks Loading @@ -79,19 +80,20 @@ int security_services::verify_and_extract_gn_payload(const OCTETSTRING& p_secure } // Decode the secured message (OER encoding) IEEE1609dot2::Ieee1609Dot2Data ieee_1609dot2_data; EtsiTs103097Codec_Data codec; codec.decode(p_secured_gn_payload, p_ieee_1609dot2_data, &p_params); codec.decode(p_secured_gn_payload, ieee_1609dot2_data, &p_params); // Sanity checks if (!p_ieee_1609dot2_data.is_bound()) { if (!ieee_1609dot2_data.is_bound()) { loggers::get_instance().warning("security_services::verify_and_extract_gn_payload: Unbound value, discard it"); return -1; } if (p_verify && ((unsigned int)(int)p_ieee_1609dot2_data.protocolVersion() != security_services::ProtocolVersion)) { if (p_verify && ((unsigned int)(int)ieee_1609dot2_data.protocolVersion() != security_services::ProtocolVersion)) { loggers::get_instance().warning("security_services::verify_and_extract_gn_payload: Wrong version protocol, discard it"); return -1; } return process_ieee_1609_dot2_content(p_ieee_1609dot2_data.content(), p_verify, p_unsecured_gn_payload, p_params); return process_ieee_1609_dot2_content(ieee_1609dot2_data.content(), p_verify, p_unsecured_gn_payload, p_params); } // End of method verify_and_extract_gn_payload int security_services::process_ieee_1609_dot2_content(const IEEE1609dot2::Ieee1609Dot2Content& p_ieee_1609_dot2_content, const bool p_verify, OCTETSTRING& p_unsecured_payload, Params& p_params) { Loading @@ -102,25 +104,18 @@ int security_services::process_ieee_1609_dot2_content(const IEEE1609dot2::Ieee16 } else if (p_ieee_1609_dot2_content.ischosen(IEEE1609dot2::Ieee1609Dot2Content::ALT_signedData)) { const IEEE1609dot2::SignedData& signedData = p_ieee_1609_dot2_content.signedData(); if (process_ieee_1609_dot2_signed_data(signedData, p_verify, p_unsecured_payload, p_params) != 0) { if (p_verify) { return -1; } } } else if (p_ieee_1609_dot2_content.ischosen(IEEE1609dot2::Ieee1609Dot2Content::ALT_encryptedData)) { const IEEE1609dot2::EncryptedData& encrypted_data = p_ieee_1609_dot2_content.encryptedData(); OCTETSTRING signed_payload; if (security_services::process_ieee_1609_dot2_encrypted_data(encrypted_data, p_verify, signed_payload, p_params) != 0) { if (p_verify) { return -1; } } loggers::get_instance().log_msg("security_services::process_ieee_1609_dot2_content: Decrypted payload: ", signed_payload); IEEE1609dot2::Ieee1609Dot2Data ieee_1609dot2_data; // TODO Check if it could be reused if (verify_and_extract_gn_payload(signed_payload, p_verify, ieee_1609dot2_data, p_unsecured_payload, p_params) != 0) { if (p_verify) { if (verify_and_extract_gn_payload(signed_payload, p_verify, p_unsecured_payload, p_params) != 0) { return -1; } } } else if (p_ieee_1609_dot2_content.ischosen(IEEE1609dot2::Ieee1609Dot2Content::ALT_signedCertificateRequest)) { // Reset certificate timer loggers::get_instance().log("security_services::process_ieee_1609_dot2_content: Set Certificate re-transmission flag and reset timer"); Loading @@ -128,10 +123,8 @@ int security_services::process_ieee_1609_dot2_content(const IEEE1609dot2::Ieee16 return 0; } else { // Shall never be reached loggers::get_instance().warning("security_services::process_ieee_1609_dot2_content: Undefined IEEE 1609.2 Content, discard it"); if (p_verify) { return -1; } } loggers::get_instance().log_msg("<<< security_services::process_ieee_1609_dot2_content: ", p_unsecured_payload); return 0; Loading etc/AtsGenCert/AtsGenCert.cfg +1 −1 Original line number Diff line number Diff line Loading @@ -2,7 +2,7 @@ # This section shall contain the values of all parameters that are defined in your TTCN-3 modules. # Root path to access certificate stored in files, identified by certficate ID LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp"; LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/ubuntu/tmp"; # Configuration sub-directory to access certificate stored in files LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "test_01"; Loading etc/AtsRSUsSimulator/AtsRSUSimulator.cfg +2 −2 Original line number Diff line number Diff line Loading @@ -41,8 +41,8 @@ ItsRSUsSimulator_Pixits.PICS_GENERATE_SSEM := false LogFile := "../logs/%e.%h-%r.%s" #FileMask := LOG_ALL | USER | DEBUG | MATCHING #ConsoleMask := LOG_ALL | USER | DEBUG | MATCHING FileMask := ERROR | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP ConsoleMask := ERROR | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP FileMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP ConsoleMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP LogSourceInfo := Stack LogEntityName:= Yes LogEventTypes:= Yes Loading Loading
ccsrc/Protocols/Security/security_services.cc +12 −19 Original line number Diff line number Diff line Loading @@ -3,6 +3,7 @@ #include "security_services.hh" using namespace std; #include "EtsiTs103097Codec_ToBeSignedData.hh" #include "EtsiTs103097Codec_Data.hh" #include "EtsiTs103097Codec_Certificate.hh" Loading Loading @@ -70,7 +71,7 @@ int security_services::store_certificate(const CHARSTRING& p_cert_id, const OCTE return _security_db.get()->store_certificate(p_cert_id, p_cert, p_private_key, p_public_key_x, p_public_key_y, p_hashid8, p_issuer, p_private_enc_key, p_public_enc_key_x, p_public_enc_key_y); } int security_services::verify_and_extract_gn_payload(const OCTETSTRING& p_secured_gn_payload, const bool p_verify, IEEE1609dot2::Ieee1609Dot2Data& p_ieee_1609dot2_data, OCTETSTRING& p_unsecured_gn_payload, Params& p_params) { int security_services::verify_and_extract_gn_payload(const OCTETSTRING& p_secured_gn_payload, const bool p_verify, OCTETSTRING& p_unsecured_gn_payload, Params& p_params) { loggers::get_instance().log_msg(">>> security_services::verify_and_extract_gn_payload: ", p_secured_gn_payload); // Sanity checks Loading @@ -79,19 +80,20 @@ int security_services::verify_and_extract_gn_payload(const OCTETSTRING& p_secure } // Decode the secured message (OER encoding) IEEE1609dot2::Ieee1609Dot2Data ieee_1609dot2_data; EtsiTs103097Codec_Data codec; codec.decode(p_secured_gn_payload, p_ieee_1609dot2_data, &p_params); codec.decode(p_secured_gn_payload, ieee_1609dot2_data, &p_params); // Sanity checks if (!p_ieee_1609dot2_data.is_bound()) { if (!ieee_1609dot2_data.is_bound()) { loggers::get_instance().warning("security_services::verify_and_extract_gn_payload: Unbound value, discard it"); return -1; } if (p_verify && ((unsigned int)(int)p_ieee_1609dot2_data.protocolVersion() != security_services::ProtocolVersion)) { if (p_verify && ((unsigned int)(int)ieee_1609dot2_data.protocolVersion() != security_services::ProtocolVersion)) { loggers::get_instance().warning("security_services::verify_and_extract_gn_payload: Wrong version protocol, discard it"); return -1; } return process_ieee_1609_dot2_content(p_ieee_1609dot2_data.content(), p_verify, p_unsecured_gn_payload, p_params); return process_ieee_1609_dot2_content(ieee_1609dot2_data.content(), p_verify, p_unsecured_gn_payload, p_params); } // End of method verify_and_extract_gn_payload int security_services::process_ieee_1609_dot2_content(const IEEE1609dot2::Ieee1609Dot2Content& p_ieee_1609_dot2_content, const bool p_verify, OCTETSTRING& p_unsecured_payload, Params& p_params) { Loading @@ -102,25 +104,18 @@ int security_services::process_ieee_1609_dot2_content(const IEEE1609dot2::Ieee16 } else if (p_ieee_1609_dot2_content.ischosen(IEEE1609dot2::Ieee1609Dot2Content::ALT_signedData)) { const IEEE1609dot2::SignedData& signedData = p_ieee_1609_dot2_content.signedData(); if (process_ieee_1609_dot2_signed_data(signedData, p_verify, p_unsecured_payload, p_params) != 0) { if (p_verify) { return -1; } } } else if (p_ieee_1609_dot2_content.ischosen(IEEE1609dot2::Ieee1609Dot2Content::ALT_encryptedData)) { const IEEE1609dot2::EncryptedData& encrypted_data = p_ieee_1609_dot2_content.encryptedData(); OCTETSTRING signed_payload; if (security_services::process_ieee_1609_dot2_encrypted_data(encrypted_data, p_verify, signed_payload, p_params) != 0) { if (p_verify) { return -1; } } loggers::get_instance().log_msg("security_services::process_ieee_1609_dot2_content: Decrypted payload: ", signed_payload); IEEE1609dot2::Ieee1609Dot2Data ieee_1609dot2_data; // TODO Check if it could be reused if (verify_and_extract_gn_payload(signed_payload, p_verify, ieee_1609dot2_data, p_unsecured_payload, p_params) != 0) { if (p_verify) { if (verify_and_extract_gn_payload(signed_payload, p_verify, p_unsecured_payload, p_params) != 0) { return -1; } } } else if (p_ieee_1609_dot2_content.ischosen(IEEE1609dot2::Ieee1609Dot2Content::ALT_signedCertificateRequest)) { // Reset certificate timer loggers::get_instance().log("security_services::process_ieee_1609_dot2_content: Set Certificate re-transmission flag and reset timer"); Loading @@ -128,10 +123,8 @@ int security_services::process_ieee_1609_dot2_content(const IEEE1609dot2::Ieee16 return 0; } else { // Shall never be reached loggers::get_instance().warning("security_services::process_ieee_1609_dot2_content: Undefined IEEE 1609.2 Content, discard it"); if (p_verify) { return -1; } } loggers::get_instance().log_msg("<<< security_services::process_ieee_1609_dot2_content: ", p_unsecured_payload); return 0; Loading
etc/AtsGenCert/AtsGenCert.cfg +1 −1 Original line number Diff line number Diff line Loading @@ -2,7 +2,7 @@ # This section shall contain the values of all parameters that are defined in your TTCN-3 modules. # Root path to access certificate stored in files, identified by certficate ID LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp"; LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/ubuntu/tmp"; # Configuration sub-directory to access certificate stored in files LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "test_01"; Loading
etc/AtsRSUsSimulator/AtsRSUSimulator.cfg +2 −2 Original line number Diff line number Diff line Loading @@ -41,8 +41,8 @@ ItsRSUsSimulator_Pixits.PICS_GENERATE_SSEM := false LogFile := "../logs/%e.%h-%r.%s" #FileMask := LOG_ALL | USER | DEBUG | MATCHING #ConsoleMask := LOG_ALL | USER | DEBUG | MATCHING FileMask := ERROR | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP ConsoleMask := ERROR | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP FileMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP ConsoleMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP LogSourceInfo := Stack LogEntityName:= Yes LogEventTypes:= Yes Loading
