Commit 11b20e3a authored by YannGarcia's avatar YannGarcia

Enhance AtsPki

parent 2c43ed71
......@@ -1135,6 +1135,123 @@ namespace LibItsSecurity__Functions
return TRUE;
}
BOOLEAN fx__get__uncompressed__key__nistp256(
const OCTETSTRING& p__privateKey,
const OCTETSTRING& p__publicKeyCompressed,
const INTEGER& p__compressedMode,
OCTETSTRING& p__publicKeyY
) {
security_ecc k(ec_elliptic_curves::nist_p_256, p__privateKey);
// Sanity checks
if (k.private_key().lengthof() != 32) {
loggers::get_instance().error("fx__get__uncompressed__key__nistp256: Invalid private key size");
return FALSE;
}
if (k.public_key_x().lengthof() != 32) {
loggers::get_instance().error("fx__get__uncompressed__key__nistp256: Invalid public key X-coordonate size");
return FALSE;
}
if (k.public_key_y().lengthof() != 32) {
loggers::get_instance().error("fx__get__uncompressed__key__nistp256: Invalid public key Y-coordonate size");
return FALSE;
}
if (k.public_key_compressed().lengthof() != 32) {
loggers::get_instance().error("fx__get__uncompressed__key__nistp256: Invalid public compressed key size");
return FALSE;
}
// if (p__compressedMode != INTEGER((int)k.public_key_compressed_mode())) {
// loggers::get_instance().error("fx__get__uncompressed__key__nistp256: Invalid public compressed mode");
// return FALSE;
// }
// if (p__publicKeyCompressed != k.public_key_compressed()) {
// loggers::get_instance().error("fx__get__uncompressed__key__nistp256: Invalid public compressed key value");
// return FALSE;
// }
p__publicKeyY = k.public_key_y();
return TRUE;
}
BOOLEAN fx__get__uncompressed__key__brainpoolp256r1(
const OCTETSTRING& p__privateKey,
const OCTETSTRING& p__publicKeyCompressed,
const INTEGER& p__compressedMode,
OCTETSTRING& p__publicKeyY
) {
security_ecc k(ec_elliptic_curves::brainpool_p_256_r1, p__privateKey);
// Sanity checks
if (k.private_key().lengthof() != 32) {
loggers::get_instance().error("fx__get__uncompressed__key__brainpoolp256r1: Invalid private key size");
return FALSE;
}
if (k.public_key_x().lengthof() != 32) {
loggers::get_instance().error("fx__get__uncompressed__key__brainpoolp256r1: Invalid public key X-coordonate size");
return FALSE;
}
if (k.public_key_y().lengthof() != 32) {
loggers::get_instance().error("fx__get__uncompressed__key__brainpoolp256r1: Invalid public key Y-coordonate size");
return FALSE;
}
if (k.public_key_compressed().lengthof() != 32) {
loggers::get_instance().error("fx__get__uncompressed__key__brainpoolp256r1: Invalid public compressed key size");
return FALSE;
}
// if (p__compressedMode != INTEGER((int)k.public_key_compressed_mode())) {
// loggers::get_instance().error("fx__get__uncompressed__key__brainpoolp256r1: Invalid public compressed mode");
// return FALSE;
// }
// if (p__publicKeyCompressed != k.public_key_compressed()) {
// loggers::get_instance().error("fx__get__uncompressed__key__brainpoolp256r1: Invalid public compressed key value");
// return FALSE;
// }
p__publicKeyY = k.public_key_y();
return TRUE;
}
BOOLEAN fx__get__uncompressed__key__brainpoolp384r1(
const OCTETSTRING& p__privateKey,
const OCTETSTRING& p__publicKeyCompressed,
const INTEGER& p__compressedMode,
OCTETSTRING& p__publicKeyY
) {
security_ecc k(ec_elliptic_curves::brainpool_p_384_r1, p__privateKey);
// Sanity checks
if (k.private_key().lengthof() != 48) {
loggers::get_instance().error("fx__get__uncompressed__key__brainpoolp384r1: Invalid private key size");
return FALSE;
}
if (k.public_key_x().lengthof() != 48) {
loggers::get_instance().error("fx__get__uncompressed__key__brainpoolp384r1: Invalid public key X-coordonate size");
return FALSE;
}
if (k.public_key_y().lengthof() != 48) {
loggers::get_instance().error("fx__get__uncompressed__key__brainpoolp384r1: Invalid public key Y-coordonate size");
return FALSE;
}
if (k.public_key_compressed().lengthof() != 48) {
loggers::get_instance().error("fx__get__uncompressed__key__brainpoolp384r1: Invalid public compressed key size");
return FALSE;
}
// if (p__compressedMode != INTEGER((int)k.public_key_compressed_mode())) {
// loggers::get_instance().error("fx__get__uncompressed__key__brainpoolp384r1: Invalid public compressed mode");
// return FALSE;
// }
// if (p__publicKeyCompressed != k.public_key_compressed()) {
// loggers::get_instance().error("fx__get__uncompressed__key__brainpoolp384r1: Invalid public compressed key value");
// return FALSE;
// }
p__publicKeyY = k.public_key_y();
return TRUE;
}
// group encryption
// group certificatesLoader
......
......@@ -552,10 +552,10 @@ int security_services::sign_payload(const OCTETSTRING& p_unsecured_gn_payload, O
return -1;
}
IEEE1609dot2::SignerIdentifier signer;
loggers::get_instance().log("security_services::sign_payload: us = %d - _last_generation_time = %ld - us - _last_generation_time = %ld", us, _last_generation_time, us - _last_generation_time);
loggers::get_instance().log("security_services::sign_payload: us = %ld - _last_generation_time = %ld - us - _last_generation_time = %ld", us, _last_generation_time, us - _last_generation_time);
std::string certificate_id = p_params[params::certificate];
loggers::get_instance().log("security_services::sign_payload: certificate_id = %s", certificate_id.c_str());
if ((unsigned int)(us - _last_generation_time) >= 1000 * 0.95) { // Need to add certificate
if ((unsigned int)(us - _last_generation_time) >= 1000000 * 0.95) { // Need to add certificate every 1s
loggers::get_instance().log("security_services::sign_payload: Need to add certificate");
IEEE1609dot2::CertificateBase cert;
if (_security_db->get_certificate(certificate_id, cert) != 0) {
......
......@@ -43,7 +43,7 @@ ItsRSUsSimulator_Pics.PICS_GENERATE_MAPEM := false
ItsRSUsSimulator_Pics.PICS_GENERATE_SPATEM := false
ItsRSUsSimulator_Pics.PICS_GENERATE_SSEM := false
ItsRSUsSimulator_Pics.PICS_ITS_S_ROLE := false;
ItsRSUsSimulator_Pics.PICS_ITS_S_ROLE := true;
ItsRSUsSimulator_Pics.PICS_PKI_SUPPORT := true
ItsRSUsSimulator_Pics.PICS_BEACON_FREQUENCY := 1.0
......@@ -57,14 +57,14 @@ ItsRSUsSimulator_Pics.PICS_SEND_DENM_INDICATION := true
# Enable Security support
LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true
# Root path to access certificate stored in files, identified by certficate ID
LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/yann/tmp"
LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp"
# Configuration sub-directory to access certificate stored in files
LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert"
LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request"
LibItsHttp_Pics.PICS_HEADER_HOST := "192.168.42.25"
LibItsPki_Pics.PICS_HTTP_POST_URI := "/ea/enrolment"
LibItsHttp_Pics.PICS_HEADER_HOST := "192.168.42.252"
LibItsPki_Pics.PICS_HTTP_POST_URI := "/ea/enrolment"
LibItsPki_Pics.PICS_MULTIPLE_END_POINT := false
LibItsPki_Pics.PICS_HTTP_POST_URI_EC := "/ea/enrolment"
LibItsPki_Pics.PICS_HTTP_POST_URI_AT := "/aa/authorization"
......@@ -163,22 +163,20 @@ LogEventTypes:= Yes
# its_aid=36: CAM
# its_aid=37: DENM
# its_aid=141: GeoMet
system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EB,latitude=43551050,longitude=10298730,its_aid=36,secured_mode=1,certificate=CERT_IUT_A_AT,sec_db_path=/home/yann/tmp/asn1c_cert)/ETH(mac_src=080027128a53)/PCAP(mac_src=080027128a53,nic=wlan0,filter=and ether proto 0x8947)"
system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EB,latitude=43551050,longitude=10298730,its_aid=36,secured_mode=1,certificate=CERT_IUT_A_AT,sec_db_path=/home/vagrant/tmp/asn1c_cert)/ETH(mac_src=080027128a53)/PCAP(mac_src=080027128a53,nic=eth1,filter=and ether proto 0x8947)"
# Commsignia
#system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EB,latitude=43551050,longitude=10298730,its_aid=37,secured_mode=0,encrypted_mode=0,certificate=CERT_IUT_A_AT,peer_certificate=CERT_TS_A_AT,sec_db_path=/home/yann/tmp/asn1c_cert)/COMMSIGNIA(xport_mode=LTE-V2X,mac_src=080027F44E7D,interface_id=2,target_host=192.168.0.54)/UDP(dst_ip=192.168.0.54,src_port=9091,dst_port=7946)"
#system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EB,latitude=43551050,longitude=10298730,its_aid=37,secured_mode=0,encrypted_mode=0,certificate=CERT_IUT_A_AT,peer_certificate=CERT_TS_A_AT,sec_db_path=/home/vagrant/tmp/asn1c_cert)/COMMSIGNIA(xport_mode=LTE-V2X,mac_src=080027F44E7D,interface_id=2,target_host=192.168.0.54)/UDP(dst_ip=192.168.0.54,src_port=9091,dst_port=7946)"
# Qualcom
#system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EB,latitude=36747486,longitude=-4556772,distanceA=25,distanceB=25,its_aid=37,secured_mode=1,encrypted_mode=0,certificate=CERT_MICROSEC_AT_01,peer_certificate=CERT_TS_A_AT,sec_db_path=/home/yann/tmp/asn1c_cert)/QUALCOMM/UDP(dst_ip=10.200.1.113,src_port=9091,dst_port=4041)"
#system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EB,latitude=36747486,longitude=-4556772,distanceA=25,distanceB=25,its_aid=37,secured_mode=1,encrypted_mode=0,certificate=CERT_MICROSEC_AT_01,peer_certificate=CERT_TS_A_AT,sec_db_path=/home/vagrant/tmp/asn1c_cert)/QUALCOMM/UDP(dst_ip=10.200.1.113,src_port=9091,dst_port=4041)"
#system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=192.168.42.25,port=80)"
#system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=192.168.1.25,port=80)"
system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=192.168.1.39,port=8080)"
# Config port based on UDP
#system.cfPort.params := "CF(ut=pki)/UDP(dst_ip=192.168.42.25,src_port=12345)"
#system.cfPort.params := "CF(ut=cam)/UDP(dst_ip=192.168.1.39,src_port=12345)"
#system.cfPort.params := "CF(ut=cam)/UDP(dst_ip=172.28.4.87,src_port=12345,reuse_incoming_source_adddress=1)"
#system.cfPort.params := "CF(ut=denm)/UDP(dst_ip=172.28.4.87,src_port=12345,reuse_incoming_source_adddress=1)"
#system.cfPort.params := "CF(ut=gn)/UDP(dst_ip=192.168.1.39,src_port=12345,reuse_incoming_source_adddress=1)"
#system.cfPort.params := "CF(ut=cam)/UDP(src_port=12345,reuse_incoming_source_adddress=1)"
#system.cfPort.params := "CF(ut=denm)/UDP(src_port=12345,reuse_incoming_source_adddress=1)"
#system.cfPort.params := "CF(ut=gn)/UDP(src_port=12345,reuse_incoming_source_adddress=1)"
system.cfPort.params := "CF(ut=pki)/UDP(src_port=12345,reuse_incoming_source_adddress=1)"
[EXECUTE]
......
......@@ -95,6 +95,7 @@ module ItsRSUsSimulator_TypesAndValues {
type record AtData {
octetstring private_key,
octetstring private_enc_key optional,
Certificate certificate,
Oct16 aes_sym_key
}
......
Subproject commit 9fd3f291599a06ba28b36128afe7dff953310fb8
Subproject commit ee2c278910c882b90b8fbea6bee5be70ec92aa83
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment