From b89ce8eb02f65124a98caed3f84a04fc24d6b482 Mon Sep 17 00:00:00 2001
From: YannGarcia <garcia.yann@gmail.com>
Date: Thu, 23 Feb 2023 14:00:18 +0100
Subject: [PATCH] Enhance X509 security support

---
 ccsrc/security/include/certs_cache.hh            | 6 +++---
 ccsrc/security/include/security_services.hh      | 2 +-
 ccsrc/security/src/security_externals.cc         | 4 ++--
 ccsrc/security/src/securty_services.cc           | 8 ++++----
 ttcn/LibHttp/module_cise.mk                      | 4 ++--
 ttcn/LibSecurity/ttcn/LibSecurity_Signature.ttcn | 6 +++---
 6 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/ccsrc/security/include/certs_cache.hh b/ccsrc/security/include/certs_cache.hh
index 085872a..5e55c71 100644
--- a/ccsrc/security/include/certs_cache.hh
+++ b/ccsrc/security/include/certs_cache.hh
@@ -83,11 +83,11 @@ public: /*! \publicsection */
    */
   virtual int clear();
 
-  void dump() const;
+  void dump() const; // For debug purpose. To be removed
 
-  const std::string cert_to_string(const std::string& p_certificate_id);
+  const std::string cert_to_string(const std::string& p_certificate_id); // For debug purpose. To be removed
 
-  int publickey_to_string(const EVP_PKEY* p_public_kep, std::vector<unsigned char>& p_buffer);
+  int publickey_to_string(const EVP_PKEY* p_public_kep, std::vector<unsigned char>& p_buffer); // For debug purpose. To be removed
 
 
 private: /*! \privatesection */
diff --git a/ccsrc/security/include/security_services.hh b/ccsrc/security/include/security_services.hh
index f8c7bf0..9c28a4d 100644
--- a/ccsrc/security/include/security_services.hh
+++ b/ccsrc/security/include/security_services.hh
@@ -48,7 +48,7 @@ public: /*! \publicsection */
    * \param[in] TODO The raw message to be signed
    * \return 0 on success, -1 otherwise
    */
-  int do_sign(const OCTETSTRING& p_encoded_message, const CHARSTRING& p_certificate_name, const CHARSTRING& p_private_key_name, const CHARSTRING& p_private_key_passwd, OCTETSTRING& p_signature, OCTETSTRING& p_digest, CHARSTRING& p_x509_certificate_subject, CHARSTRING& p_x509_certificate_pem, CHARSTRING& p_pull_request_signed_canonicalized);
+  int do_sign(const OCTETSTRING& p_encoded_message, const CHARSTRING& p_certificate_name, const CHARSTRING& p_private_key_name, const CHARSTRING& p_private_key_passwd, OCTETSTRING& p_signature, OCTETSTRING& p_digest, CHARSTRING& p_x509_certificate_subject, CHARSTRING& p_x509_certificate_pem, CHARSTRING& p_pull_request_canonicalized);
   /*!
    * \fn int build_path(const std::string& p_root_directory);
    * \brief Verify message signature
diff --git a/ccsrc/security/src/security_externals.cc b/ccsrc/security/src/security_externals.cc
index bc7446e..c8ec692 100644
--- a/ccsrc/security/src/security_externals.cc
+++ b/ccsrc/security/src/security_externals.cc
@@ -69,10 +69,10 @@ OCTETSTRING LibSecurity__Hash::fx__hash(const OCTETSTRING& p_to_be_hashed, const
   return hash;
 }
 
-INTEGER LibSecurity__Signature::fx__sign(const OCTETSTRING& p_encoded_message, const CHARSTRING& p_certificate_name, const CHARSTRING& p_private_key_name, const CHARSTRING& p_private_key_passwd, OCTETSTRING& p_signature, OCTETSTRING& p_digest, CHARSTRING& p_x509_certificate_subject, CHARSTRING& p_x509_certificate_pem, CHARSTRING& p_pull_request_signed_canonicalized) {
+INTEGER LibSecurity__Signature::fx__sign(const OCTETSTRING& p_encoded_message, const CHARSTRING& p_certificate_name, const CHARSTRING& p_private_key_name, const CHARSTRING& p_private_key_passwd, OCTETSTRING& p_signature, OCTETSTRING& p_digest, CHARSTRING& p_x509_certificate_subject, CHARSTRING& p_x509_certificate_pem, CHARSTRING& p_pull_request_canonicalized) {
   loggers::get_instance().log_msg(">>> fx__sign: ", p_encoded_message);
 
-  if (_security_services->do_sign(p_encoded_message, p_certificate_name, p_private_key_name, p_private_key_passwd, p_signature, p_digest, p_x509_certificate_subject, p_x509_certificate_pem, p_pull_request_signed_canonicalized) == -1) {
+  if (_security_services->do_sign(p_encoded_message, p_certificate_name, p_private_key_name, p_private_key_passwd, p_signature, p_digest, p_x509_certificate_subject, p_x509_certificate_pem, p_pull_request_canonicalized) == -1) {
     loggers::get_instance().log("fx__sign: Failed to signed message");
     return -1;
   }
diff --git a/ccsrc/security/src/securty_services.cc b/ccsrc/security/src/securty_services.cc
index aded5e9..7562e4e 100644
--- a/ccsrc/security/src/securty_services.cc
+++ b/ccsrc/security/src/securty_services.cc
@@ -38,7 +38,7 @@ int security_services::load_certificate(const std::string& p_certificate_name, c
   return _certs_db->get_certificate(p_certificate_name, p_private_key_name, p_private_key_passwd, p_certificate);
 }
 
-int security_services::do_sign(const OCTETSTRING& p_encoded_message, const CHARSTRING& p_certificate_name, const CHARSTRING& p_private_key_name, const CHARSTRING& p_private_key_passwd, OCTETSTRING& p_signature, OCTETSTRING& p_digest, CHARSTRING& p_x509_certificate_subject, CHARSTRING& p_x509_certificate_pem, CHARSTRING& p_pull_request_signed_canonicalized) {
+int security_services::do_sign(const OCTETSTRING& p_encoded_message, const CHARSTRING& p_certificate_name, const CHARSTRING& p_private_key_name, const CHARSTRING& p_private_key_passwd, OCTETSTRING& p_signature, OCTETSTRING& p_digest, CHARSTRING& p_x509_certificate_subject, CHARSTRING& p_x509_certificate_pem, CHARSTRING& p_pull_request_canonicalized) {
   loggers::get_instance().log_msg(">>> security_services::do_sign: ", p_encoded_message);
   loggers::get_instance().log_msg(">>> security_services::do_sign: ", p_certificate_name);
   loggers::get_instance().log_msg(">>> security_services::do_sign: ", p_private_key_name);
@@ -47,9 +47,9 @@ int security_services::do_sign(const OCTETSTRING& p_encoded_message, const CHARS
   // Canonicalization
   std::string canonicalized;
   xml_converters::get_instance().xml_canonicalization(std::string((const char*)(static_cast<const unsigned char*>(p_encoded_message)), p_encoded_message.lengthof()), canonicalized);
-  p_pull_request_signed_canonicalized = CHARSTRING(canonicalized.c_str());
-  OCTETSTRING encoded_message(char2oct(p_pull_request_signed_canonicalized));
-  loggers::get_instance().log_msg("security_services::do_sign: p_pull_request_signed_canonicalized: ", p_pull_request_signed_canonicalized);
+  p_pull_request_canonicalized = CHARSTRING(canonicalized.c_str());
+  OCTETSTRING encoded_message(char2oct(p_pull_request_canonicalized));
+  loggers::get_instance().log_msg("security_services::do_sign: p_pull_request_canonicalized: ", p_pull_request_canonicalized);
 
   // Retrieve certificate
   std::string certificate_id;
diff --git a/ttcn/LibHttp/module_cise.mk b/ttcn/LibHttp/module_cise.mk
index 516c376..4811675 100644
--- a/ttcn/LibHttp/module_cise.mk
+++ b/ttcn/LibHttp/module_cise.mk
@@ -2,8 +2,6 @@ sources := \
            ttcn/LibHttp_BinaryMessageBodyTypes.ttcn \
            ttcn/LibHttp_EncdecDeclarations.ttcn     \
            ttcn/LibHttp_Functions.ttcn              \
-           ttcn/LibHttp_JsonMessageBodyTypes.ttcn   \
-           ttcn/LibHttp_JsonTemplates.ttcn          \
            ttcn/LibHttp_JSONTypes.ttcn              \
            ttcn/LibHttp_MessageBodyTypes.ttcn       \
            ttcn/LibHttp_Pics.ttcn                   \
@@ -17,3 +15,5 @@ sources := \
 # Please, move and comment the module you need to overwrite tofit your project
 #           ttcn/LibHttp_XmlMessageBodyTypes.ttcn    \
 #           ttcn/LibHttp_XmlTemplates.ttcn
+#           ttcn/LibHttp_JsonMessageBodyTypes.ttcn   \
+#           ttcn/LibHttp_JsonTemplates.ttcn          \
diff --git a/ttcn/LibSecurity/ttcn/LibSecurity_Signature.ttcn b/ttcn/LibSecurity/ttcn/LibSecurity_Signature.ttcn
index 52bf3c5..74065a6 100644
--- a/ttcn/LibSecurity/ttcn/LibSecurity_Signature.ttcn
+++ b/ttcn/LibSecurity/ttcn/LibSecurity_Signature.ttcn
@@ -21,12 +21,12 @@ module LibSecurity_Signature {
                   out octetstring p_digest,
                   out charstring p_x509_certificate_subject,
                   out charstring p_x509_certificate_pem,
-                  out charstring p_pull_request_signed_canonicalized
+                  out charstring p_pull_request_canonicalized
                   ) return integer {
-    return fx_sign(p_encoded_message, p_certificate_name, p_private_key_name, p_private_key_passwd, p_signature, p_digest, p_x509_certificate_subject, p_x509_certificate_pem, p_pull_request_signed_canonicalized);
+    return fx_sign(p_encoded_message, p_certificate_name, p_private_key_name, p_private_key_passwd, p_signature, p_digest, p_x509_certificate_subject, p_x509_certificate_pem, p_pull_request_canonicalized);
   }
 
-  external function fx_sign(in octetstring p_encoded_message, in charstring p_certificate_name, in charstring p_private_key_name, in charstring p_private_key_passwd, out octetstring p_signature, out octetstring p_digest, out charstring p_x509_certificate_subject, out charstring p_x509_certificate_pem, out charstring p_pull_request_signed_canonicalized) return integer;
+  external function fx_sign(in octetstring p_encoded_message, in charstring p_certificate_name, in charstring p_private_key_name, in charstring p_private_key_passwd, out octetstring p_signature, out octetstring p_digest, out charstring p_x509_certificate_subject, out charstring p_x509_certificate_pem, out charstring p_pull_request_canonicalized) return integer;
 
   /**
    * @desc Verify signature
-- 
GitLab