Merge security features - management of EC and AT.

.gitignore

@@ -10,3 +10,16 @@ nohup.out
 
 # "testing" test log file
 log_3000
+
+# Key files and certificates
+pskAT.bin
+pskEC.bin
+requestAA.bin
+requestEC.bin
+pkiReqRes/responseAT.bin
+pkiReqRes/responseEC.bin
+pkiReqRes/ephPKEY.pem
+pkiReqRes/ephPKEY2.pem
+pkiReqRes/ephSKEY.pem
+pkiReqRes/ephSKEY2.pem
+

Makefile

@@ -37,6 +37,16 @@ OBJ_ASN1CPP_DIR=obj/asn1cpp
 SRC_CESERIAL_DIR=ceSerial
 OBJ_CESERIAL_DIR=obj/ceSerial
 
+SRC_PKIREQRES_DIR=pkiReqRes
+OBJ_PKIREQRES_DIR=obj/pkiReqRes
+
+SRC_INI_DIR=iniReader
+OBJ_INI_DIR=obj/iniReader
+
+SRC_INICLIB_DIR=iniLibraryC
+OBJ_INICLIB_DIR=obj/iniLibraryC
+
+
 SRC=$(wildcard $(SRC_DIR)/*.cpp)
 SRC_GEOLIB_PORT=$(wildcard $(SRC_GEOLIB_PORT_DIR)/*.c)
 SRC_VEHVIS=$(wildcard $(SRC_VEHVIS_DIR)/*.cc)
@@ -46,6 +56,9 @@ SRC_JSON11=$(wildcard $(SRC_JSON11_DIR)/*.cpp)
 SRC_GPSC=$(wildcard $(SRC_GPSC_DIR)/*.cpp)
 SRC_ASN1CPP=$(wildcard $(SRC_ASN1CPP_DIR)/*.cpp)
 SRC_CESERIAL=$(wildcard $(SRC_CESERIAL_DIR)/*.cpp)
+SRC_PKIREQRES=$(wildcard $(SRC_PKIREQRES_DIR)/*.cpp)
+SRC_INI=$(wildcard $(SRC_INI_DIR)/*.cpp)
+SRC_INICLIB=$(wildcard $(SRC_INICLIB_DIR)/*.c)
 
 OBJ=$(SRC:$(SRC_DIR)/%.c=$(OBJ_DIR)/%.o)
 OBJ_GEOLIB_PORT=$(SRC_GEOLIB_PORT:$(SRC_GEOLIB_PORT_DIR)/%.c=$(OBJ_GEOLIB_PORT_DIR)/%.o)
@@ -56,6 +69,9 @@ OBJ_JSON11=$(SRC_JSON11:$(SRC_JSON11_DIR)/%.cpp=$(OBJ_JSON11_DIR)/%.o)
 OBJ_GPSC=$(SRC_GPSC:$(SRC_GPSC_DIR)/%.cpp=$(OBJ_GPSC_DIR)/%.o)
 OBJ_ASN1CPP=$(SRC_ASN1CPP:$(SRC_ASN1CPP_DIR)/%.cpp=$(OBJ_ASN1CPP_DIR)/%.o)
 OBJ_CESERIAL=$(SRC_CESERIAL:$(SRC_CESERIAL_DIR)/%.cpp=$(OBJ_CESERIAL_DIR)/%.o)
+OBJ_PKIREQRES=$(SRC_PKIREQRES:$(SRC_PKIREQRES_DIR)/%.cpp=$(OBJ_PKIREQRES_DIR)/%.o)
+OBJ_INI=$(SRC_INI:$(SRC_INI_DIR)/%.cpp=$(OBJ_INI_DIR)/%.o)
+OBJ_INICLIB=$(SRC_INICLIB:$(SRC_INICLIB_DIR)/%.c=$(OBJ_INICLIB_DIR)/%.o)
 
 OBJ_CC=$(OBJ)
 OBJ_CC+=$(OBJ_GEOLIB_PORT)
@@ -65,8 +81,11 @@ OBJ_CC+=$(OBJ_ETSI)
 OBJ_CC+=$(OBJ_JSON11)
 OBJ_CC+=$(OBJ_ASN1CPP)
 OBJ_CC+=$(OBJ_CESERIAL)
+OBJ_CC+=$(OBJ_PKIREQRES)
+OBJ_CC+=$(OBJ_INI)
+OBJ_CC+=$(OBJ_INICLIB)
 
-CXXFLAGS += -Wall -O3 -Iinclude -std=c++17 -Ivehicle-visualizer/include -Igeographiclib-port -Iasn1/include -I. -ITransportAndNetworking/include -Ijson11 -Iasn1cpp -IceSerial -I/usr/include/openssl
+CXXFLAGS += -Wall -O3 -Iinclude -std=c++17 -Ivehicle-visualizer/include -Igeographiclib-port -Iasn1/include -I. -ITransportAndNetworking/include -IhttpRest -IiniLibraryC -IiniReader -IpkiReqRes -Ijson11 -Iasn1cpp -IceSerial -I/usr/include/openssl
 CFLAGS += -Wall -O3 -Iinclude -Ioptions -Iasn1/include -Igeographiclib-port -I/usr/include/openssl
 LDLIBS += -lpthread -lm -lgps -latomic -lssl -lcrypto
 
@@ -122,7 +141,7 @@ $(OBJ_ASN1_DIR)/%.o: $(SRC_ASN1_DIR)/%.c
 $(OBJ_ETSI_DIR)/%.o: $(SRC_ETSI_DIR)/%.c
 	@ mkdir -p $(OBJ_ETSI_DIR)
 	$(CC) $(CFLAGS) -c $< -o $@
-	
+
 $(OBJ_JSON11_DIR)/%.o: $(SRC_JSON11_DIR)/%.cpp
 	@ mkdir -p $(OBJ_JSON11_DIR)
 	$(CXX) $(CXXFLAGS) -c $< -o $@
@@ -131,6 +150,18 @@ $(OBJ_CESERIAL_DIR)/%.o: $(SRC_CESERIAL_DIR)/%.cpp
 	@ mkdir -p $(OBJ_CESERIAL_DIR)
 	$(CXX) $(CXXFLAGS) -c $< -o $@
 
+$(OBJ_PKIREQRES_DIR)/%.o: $(SRC_PKIREQRES_DIR)/%.cpp
+	@ mkdir -p $(OBJ_PKIREQRES_DIR)
+	$(CXX) $(CXXFLAGS) -c $< -o $@
+
+$(OBJ_INI_DIR)/%.o: $(SRC_INI_DIR)/%.cpp
+	@ mkdir -p $(OBJ_INI_DIR)
+	$(CXX) $(CXXFLAGS) -c $< -o $@
+
+$(OBJ_INICLIB_DIR)/%.o: $(SRC_INICLIB_DIR)/%.c
+	@ mkdir -p $(OBJ_INICLIB_DIR)
+	$(CC) $(CFLAGS) -c $< -o $@
+
 clean:
 	$(RM) $(OBJ_DIR)/*.o $(OBJ_ASN1_DIR)/*.o
 	-rm -rf $(OBJ_DIR)
@@ -142,7 +173,11 @@ clean:
 	-rm -rf $(OBJ_GPSC_DIR)
 	-rm -rf $(OBJ_ASN1CPP_DIR)
 	-rm -rf $(OBJ_CESERIAL_DIR)
+	-rm -rf $(OBJ_PKIREQRES_DIR)
+	-rm -rf $(OBJ_INI_DIR)
+	-rm -rf $(OBJ_INICLIB_DIR)
+
 	-rm -f cachefile.sldmc
-	
+
 fullclean: clean
 	$(RM) $(EXECNAME)

PKI_info.ini

@@ -0,0 +1,23 @@
+
+[ECinfo]
+eaCert1 = 8003008208347a3b143c94c298198110305f41544f532d312d45412d415f4c3000000000001eb8038586000501018002026f810302010e0101008001018002026f82060201c002ff3f0080832b21e2b719f330f28158d161cf17f047a ; 185 char max
+eaCert2 = ad41134c13d257c15ec087128bcea9a8080829882b0c6a19899ed83f3e87fef27f3c1a6d01dbb372307574ce5d2ab526dbc8f82618062575412c55fb86829a30626c7406f0c98c6d57cbcccf90d31f122cd17f7abf5855d7bbfd78ce6 ; 185 char max
+eaCert3 = e4dbd7274ff38c926b25053e35c0dc9553ce4af58fa839822c9e5db0d1c19a4d2310353890f2990b73288a051c762c16fab6ef113a8c46d466 ; remaining characters
+itsID = INSERT HERE OWN ITS ID
+recipientID = D41845A1F71C356A
+bitmapEA = 01C0
+
+public_key_rfc =  INSERT HERE OWN PK IN RFC MODE; entire pk, 182 char is ok
+private_key_rfc1 =  INSERT HERE FIRST PART OF OWN SK IN RFC MODE; here 180 char max;
+private_key_rfc2 =  INSERT HERE SECOND PART OF OWN SK IN RFC MODE; remaining characters
+
+
+[ATinfo]
+recipientAA = A8AA9CAB63B783EE
+AAcert1 = 8003008208347a3b143c94c298198110305f41544f532d312d41412d415f4c3000000000001eb8038586000501018002026f810302013201010080010780012482080301fffc03ff0003800125820a0401ffffff04ff0000008001898 ; 185 char max
+AAcert2 = 2060201e002ff1f80018a82060201c002ff3f80018b820e0601fffffffff806ff000000000780018c820a0402ffffe004ff00001f00018d008082a6703bf2d5dd609df2ab801f569d006aa415e02bef021f57f328a8ed4809b8aa8080 ; 185 char max
+AAcert3 = 82bfd435934f1bacafbacb0e861c080aa6b3a585d483d2d7f684ad3df21b091dbe826180635a699d9ec110c229c4efb1a819c66d531d189cc44293ce46f9deb8e745e6def142a7bda97d7f5b2703b75d516ae1bd684cf079e3d048101 ; 185 char max
+AAcert4 = f9ab1f45fa535e683267c02453ea5fb21b0e04060d84d218cd2f3253dfbbc7aafb00df21b8e40ef ; remaining characters
+bitmapCAM = 01FFFC
+bitmapDENM = 01FFFFFF
+eaIDstring = D41845A1F71C356A

README.md

@@ -2,7 +2,7 @@
 
 <img height="179.7" src="logo/OScar_logo_v1_subtitle.png" width="511.5"/>
 
-Contacts: Francesco RAVIGLIONE [[email protected]], Marco RAPELLI [[email protected]], Carlos Mateo RISMA CARLETTI [[email protected]], Alessandro GENOVESE [[email protected]], Claudio CASETTI [[email protected]]
+Contacts: Francesco RAVIGLIONE [[email protected]], Marco RAPELLI [[email protected]], Carlos Mateo RISMA CARLETTI [[email protected]], Alessandro GENOVESE [[email protected]], Claudio CASETTI [[email protected]], Alessandro GIACCAGLINI [[email protected]]
 
 This project is licensed under a GPL-2.0 License. Please see also the `LICENSE` file for more details.
 
@@ -191,3 +191,7 @@ logread
 This project uses internally the _TCLAP - Templatized Command Line Argument Parser_ library (v1.2), available [here](https://tclap.sourceforge.net/), and included in the `tclap` directory.
 
 It also includes a porting and C adaptation of a part of [_GeographicLib_](https://geographiclib.sourceforge.io/) for the computation of Transverse Mercator projections, included in the `geographiclib-port` directory.
+
+It uses the library available [here](https://github.com/benhoyt/inih), included in the `iniLibraryC` and `iniReader` directories, for reading INI configuration files.
+
+Then it uses the library available [here](https://github.com/elnormous/HTTPRequest), included in the `httpRest` directory, for sending HTTP requests.

TransportAndNetworking/include/geonet.h

@@ -16,6 +16,7 @@
 #include "commonHeader.h"
 #include "shbHeader.h"
 #include "gbcHeader.h"
+#include "ATManager.h"
 
 
 
@@ -42,6 +43,9 @@ class GeoNet {
 		int openUDPsocket(std::string udp_sock_addr,std::string interface_ip,bool extra_position_udp=false);
 		void closeUDPsocket();
         void setSecurity(bool security){enableSecurity = security;  m_security = Security();}
+        void setMessageType(int type){m_messageType = type;}
+        void setATmanager(ATManager *atm){m_atmanager = atm;};
+
 	private:
 		typedef struct _extralatlon_t {
 			int32_t lat;
@@ -65,8 +69,10 @@ class GeoNet {
 		int m_socket_tx=-1;
 
         Security m_security;
+        ATManager *m_atmanager;
         bool enableSecurity;
 		bool isCertificate;
+        int m_messageType;
 
         FILE* f_out = nullptr; // Log file pointer
         std::string m_log_filename2 = "dis";

TransportAndNetworking/include/security.h

@@ -17,6 +17,7 @@
 #include <vector>
 #include <map>
 #include <fstream>
+#include <ATManager.h>
 #include <stdexcept>
 
 extern "C" {
@@ -140,56 +141,27 @@ class Security
   Security();
   virtual ~Security();
 
-  void setProtocolVersion(long protocolVersion){m_protocolVersion = protocolVersion;};
 
-  void setHashId(long hashId){m_hashId = hashId;};
-
-  void setPsid(unsigned long psid){m_psid = psid;};
-
-  void setPsid2(unsigned long psid2){m_psid2 = psid2;};
-
-  void setGenerationTime(uint64_t generationTime){m_generationTime = generationTime;};
-
-  void setDigest(std::string digest){m_digest = digest;};
-
-  void setVersion(long version){m_version = version;};
-
-  void setType(long type){m_type = type;};
-
-  void setIssuer(std::string issuer){m_issuer = issuer;};
-
-  void setId(int id){m_id = id;};
-
-  void setCracaId(std::string cracaId){m_cracaId = cracaId;};
-
-  void setCrlSeries(uint16_t crlSeries){m_crlSeries = crlSeries;};
-
-  void setValidityPeriod_start(uint32_t validityPeriod_start){m_validityPeriod_start = validityPeriod_start;};
-
-  void setValidityPeriod_duration(long validityPeriod_duration){m_validityPeriod_duration = validityPeriod_duration;};
-
-  void setBitmapSsp(std::string bitmapSsp){m_bitmapSsp = bitmapSsp;};
-
-  void setBitmapSsp2(std::string bitmapSsp2){m_bitmapSsp2 = bitmapSsp2;};
-
-  void setP256_compressed_x_only(std::string p256_x_only){m_p256_x_only_Cert = p256_x_only;};
-
-  void setSsig(std::string Ssig){m_SsigCert = Ssig;};
+  void setATmanager(ATManager *atm){m_atmanager = atm;};
+  void setMessageType(int type){m_messageType = type;}
 
 
 
 private:
 
-
+  std::string to_hex(const std::string& input);
   std::vector<unsigned char> hexStringToBytes(const std::string& hex);
   void computeSHA256(const std::vector<unsigned char>& data, unsigned char hash[SHA256_DIGEST_LENGTH]);
   std::vector<unsigned char> concatenateHashes(const unsigned char hash1[SHA256_DIGEST_LENGTH], const unsigned char hash2[SHA256_DIGEST_LENGTH]);
   void print_openssl_error();
-  GNpublicKey generateECKeyPair();
+  //GNpublicKey generateECKeyPair();
   ECDSA_SIG* signHash(const unsigned char* hash, EC_KEY* ec_key);
   GNsignMaterial signatureCreation( const std::string& tbsData_hex,  const std::string& certificate_hex);
   bool signatureVerification( const std::string& tbsData_hex,  const std::string& certificate_hex, const GNsgtrDC& signatureRS, const std::string& verifyKeyIndicator);
   void mapCleaner();
+  EC_KEY* loadECKeyFromFile(const std::string &private_key_file, const std::string &public_key_file);
+  void recoverECKeyPair();
+  uint64_t getCurrentTimestamp();
 
   //EventId m_eventCleaner;
 
@@ -200,27 +172,16 @@ class Security
   GNpublicKey publicKey;
   bool validSignature;
 
+  ATManager *m_atmanager;
 
   // Ieee1609Dot2Data fields
 
+  int m_messageType;
   long m_protocolVersion;
   long m_hashId;
   unsigned long m_psid;
-  unsigned long m_psid2;
   uint64_t m_generationTime;
   std::string m_digest;
-  long m_version;
-  long m_type;
-  std::string m_issuer;
-  int m_id;
-  std::string m_cracaId;
-  uint16_t m_crlSeries;
-  uint32_t m_validityPeriod_start;
-  long m_validityPeriod_duration;
-  std::string m_bitmapSsp;
-  std::string m_bitmapSsp2;
-  std::string m_p256_x_only_Cert;
-  std::string m_SsigCert;
 
 
 

TransportAndNetworking/src/geonet.cpp

@@ -405,7 +405,8 @@ GeoNet::sendSHB (GNDataRequest_t dataRequest,commonHeader commonHeader,basicHead
         if (f_out != nullptr) {
             fprintf(f_out, "[ENCODE] Start time: %ld us, ", start_us);
         }
-
+        m_security.setATmanager(m_atmanager);
+        m_security.setMessageType(m_messageType);
         dataRequest = m_security.createSecurePacket (dataRequest, isCertificate);
 
         long int end_us = std::chrono::duration_cast<std::chrono::microseconds>(std::chrono::high_resolution_clock::now().time_since_epoch()).count();