.gitignore

@@ -4,3 +4,5 @@ config.mk
 data/certificates/*
 !data/certificates/profiles
 !data/certificates/Makefile
+package.yml
+.gitignore

Makefile

@@ -56,10 +56,10 @@ endif
 
 libs += -lssl -lcrypto -lxml2 -ljsoncpp -lzip
 
-$(eval $(call IncludeModule, $(TOPDIR)/ttcn/$(ATS)))
-
-outdir := $(TOPDIR)/build/$(ATS)
 bindir := $(TOPDIR)/bin
+outdir := $(TOPDIR)/build/$(ATS)
+
+$(eval $(call IncludeModule, $(TOPDIR)/ttcn/$(ATS)))
 
 sources     := $(all_sources)
 includes    := $(outdir) $(outdir)/.. $(outdir)/asn1 $(all_includes) $(NPCAP_INCLUDE)
@@ -91,9 +91,11 @@ gen_headers := $(gen_ttcn_headers) $(gen_ttcn3_headers) $(gen_asn_headers) $(gen
 gen_objects := $(patsubst %.cc, %.o, $(gen_sources))
 cc_objects  := $(patsubst  %.cc, $(outdir)/%.o, $(cc_sources))
 
-.PHONY: all FORCE echo
+outbin = $(bindir)/$(ATS)$(SUB_ATS)$(EXE)
+
+.PHONY: all FORCE echo postamble
 
-all: $(bindir) $(outdir) $(bindir)/$(ATS)$(SUB_ATS)$(EXE)
+all: $(bindir) $(outdir) $(outbin) postamble
 
 echo_sources:
 	@echo -e "$(addsuffix \n,$(all_sources))"
@@ -107,7 +109,7 @@ echo: echo_sources
 	@echo -e "defines: $(addsuffix \n, $(defines))"
 
 clean:
-	rm -f $(outdir)/$(ATS)$(SUB_ATS)$(EXE) $(gen_objects) $(gen_sources) $(gen_headers) $(cc_objects) $(outdir)/.generate $(outdir)/../libItsAsn.so
+	rm -f $(outbin) $(gen_objects) $(gen_sources) $(gen_headers) $(cc_objects) $(outdir)/.generate $(outdir)/../libItsAsn.so
 #	rm -f $(outdir)/asn1/*.so $(outdir)/asn1/*.o $(outdir)/asn1/*.c $(outdir)/asn1/*.h $(outdir)/asn1/Makefile.am.libasncodec
 
 regen: force_regen $(outdir)/.generate
@@ -129,7 +131,7 @@ t3d: all
 $(outdir) $(outdir)/asn1 $(bindir):
 	mkdir -p $@
 
-$(bindir)/$(ATS)$(SUB_ATS)$(EXE): $(outdir)/asn1/libItsAsn.a $(gen_objects) $(cc_objects) 
+$(outbin): $(outdir)/asn1/libItsAsn.a $(gen_objects) $(cc_objects) 
 	g++ -g -O0 -std=c++17 -o $@ $(LDFLAGS) $(gen_objects) $(cc_objects) $(outdir)/asn1/libItsAsn.a $(libs)
 
 $(gen_objects) :%.o :%.cc
@@ -169,3 +171,4 @@ $(foreach S, $(asn1_sources),  $(eval $(outdir)/$(notdir $(patsubst %.asn1, %.cc
 
 $(asn_sources) $(asn1_sources):
 
+postamble:

ccsrc/Protocols/Security/security_ecc.cc

@@ -48,6 +48,7 @@ security_ecc::security_ecc(const ec_elliptic_curves p_elliptic_curve, const OCTE
   loggers::get_instance().log(">>> security_ecc::security_ecc (1): %d", static_cast<int>(p_elliptic_curve));
 
   // Sanity checks
+  int fsize;
   if ((_elliptic_curve == ec_elliptic_curves::nist_p_256) || (_elliptic_curve == ec_elliptic_curves::brainpool_p_256_r1) || (_elliptic_curve == ec_elliptic_curves::sm2_p_256)) {
     if (p_private_key.lengthof() != 32) {
       loggers::get_instance().error("security_ecc::security_ecc (1): Invalid public keys size");
@@ -88,13 +89,8 @@ security_ecc::security_ecc(const ec_elliptic_curves p_elliptic_curve, const OCTE
     loggers::get_instance().error("security_ecc::security_ecc (1): Failed to generate xy coordinates, check algorithms");
   }
   loggers::get_instance().log("security_ecc::security_ecc (1): xy length: %d", BN_num_bytes(xy));
-  OCTETSTRING v = int2oct(0, BN_num_bytes(xy));
-  ::BN_bn2bin(xy, (unsigned char *)static_cast<const unsigned char *>(v));
-  if ((v.lengthof() % 2) != 0) {
-    // Remove first byte
-    loggers::get_instance().log_msg("security_ecc::security_ecc (1): Complete xy=", v);
-    v = OCTETSTRING(v.lengthof() - 1, 1 + static_cast<const unsigned char *>(v));
-  }
+  OCTETSTRING v = int2oct(0, _pri_key.lengthof());
+  ::BN_bn2binpad(xy, (unsigned char *)static_cast<const unsigned char *>(v), _pri_key.lengthof());
   ::BN_clear_free(xy);
   xy = nullptr;
 
@@ -832,6 +828,13 @@ int security_ecc::sign(const OCTETSTRING &p_data, OCTETSTRING &p_r_sig, OCTETSTR
   loggers::get_instance().log_msg(">>> security_ecc::sign: p_data: ", p_data);
 
   // Sanity checks
+  const EC_GROUP * g = ::EC_KEY_get0_group(_ec_key);
+  if(g == nullptr) {
+    loggers::get_instance().warning("security_ecc::sign: Uninitialized key");
+    return -1;
+  }
+  int fsize = (EC_GROUP_get_degree(g) + 7) / 8;
+
   if (_pri_key.lengthof() == 0) { // No private key
     return -1;
   }
@@ -855,13 +858,11 @@ int security_ecc::sign(const OCTETSTRING &p_data, OCTETSTRING &p_r_sig, OCTETSTR
   const BIGNUM *r = nullptr;
   const BIGNUM *s = nullptr;
   ::ECDSA_SIG_get0(signature, &r, &s);
-  loggers::get_instance().log("security_ecc::sign: r size: %d", BN_num_bytes(r));
-  p_r_sig = int2oct(0, BN_num_bytes(r));
-  ::BN_bn2bin(r, (unsigned char *)static_cast<const unsigned char *>(p_r_sig));
+  p_r_sig = int2oct(0, fsize);
+  ::BN_bn2binpad(r, (unsigned char *)static_cast<const unsigned char *>(p_r_sig), fsize);
   loggers::get_instance().log_msg("security_ecc::sign: r=", p_r_sig);
-  loggers::get_instance().log("security_ecc::sign: s size: %d", BN_num_bytes(s));
-  p_s_sig = int2oct(0, BN_num_bytes(s));
-  ::BN_bn2bin(s, (unsigned char *)static_cast<const unsigned char *>(p_s_sig));
+  p_s_sig = int2oct(0, fsize);
+  ::BN_bn2binpad(s, (unsigned char *)static_cast<const unsigned char *>(p_s_sig), fsize);
   loggers::get_instance().log_msg("security_ecc::sign: s=", p_s_sig);
 
   ::ECDSA_SIG_free(signature);

data/certificates/Makefile

@@ -17,6 +17,7 @@ depdir=temp
 keydir=certificates
 iutdir=iut
 
+base_time := $(shell date +%Y-01-01)
 asn1certgen=$(CERTGEN)/build/$(ARCH)/certgen
 asn1certidx=$(CERTGEN)/build/$(ARCH)/certidx -n
 
@@ -36,7 +37,7 @@ clean:
 	rm -f $(certificates_oer) $(certificates_xer)
 
 $(certificates_xer): $(xerdir)/%.xer : $(in)/%.xml
-	xsltproc $(xsl_cvt) $< | xmllint --format -o $@ -
+	xsltproc --param base-time "'$(base_time)'" $(xsl_cvt) $< | xmllint --format -o $@ -
 
 $(outdir)/index.lst: $(certificates_oer)
 	$(asn1certidx) -o $@ $^

titan-test-system-framework @ e27aaa84

-Subproject commit eb652d4fbd09a333332d4e2fb28aede6543d456b
+Subproject commit e27aaa847f49a1e459f427abc3620ef7a40223ca

LibCommon @ 149e7d5c

-Subproject commit 21bad7c51917d19bebdff5b36983e22922421976
+Subproject commit 149e7d5cc1fc2252f2100f25bb06c72245529143