Skip to content

fix signature in MsgCertificateChain [GV2-193] #1307

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
Mar 17, 2023
Merged

fix signature in MsgCertificateChain [GV2-193] #1307

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
3accb4c
fix signature in MsgCertificateChain
notoriaga Mar 17, 2023
89ee372
remove old java test
notoriaga Mar 17, 2023
d0839db
fix c tests
notoriaga Mar 17, 2023
0b4d631
Update spec/yaml/swiftnav/sbp/signing.yaml
notoriaga Mar 17, 2023
b1bc0b3
gen
notoriaga Mar 17, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
112 changes: 93 additions & 19 deletions c/include/libsbp/cpp/message_traits.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1023,6 +1023,43 @@ struct MessageTraits<sbp_msg_cell_modem_status_t> {
}
};

template <>
struct MessageTraits<sbp_msg_certificate_chain_dep_t> {
static constexpr sbp_msg_type_t id = SbpMsgCertificateChainDep;
static constexpr const char *name = "MSG_CERTIFICATE_CHAIN_DEP";
static const sbp_msg_certificate_chain_dep_t &get(const sbp_msg_t &msg) {
return msg.certificate_chain_dep;
}
static sbp_msg_certificate_chain_dep_t &get(sbp_msg_t &msg) {
return msg.certificate_chain_dep;
}
static void to_sbp_msg(const sbp_msg_certificate_chain_dep_t &msg,
sbp_msg_t *sbp_msg) {
sbp_msg->certificate_chain_dep = msg;
}
static sbp_msg_t to_sbp_msg(const sbp_msg_certificate_chain_dep_t &msg) {
sbp_msg_t sbp_msg;
sbp_msg.certificate_chain_dep = msg;
return sbp_msg;
}
static s8 send(sbp_state_t *state, u16 sender_id,
const sbp_msg_certificate_chain_dep_t &msg,
sbp_write_fn_t write) {
return sbp_msg_certificate_chain_dep_send(state, sender_id, &msg, write);
}
static s8 encode(uint8_t *buf, uint8_t len, uint8_t *n_written,
const sbp_msg_certificate_chain_dep_t &msg) {
return sbp_msg_certificate_chain_dep_encode(buf, len, n_written, &msg);
}
static s8 decode(const uint8_t *buf, uint8_t len, uint8_t *n_read,
sbp_msg_certificate_chain_dep_t *msg) {
return sbp_msg_certificate_chain_dep_decode(buf, len, n_read, msg);
}
static size_t encoded_len(const sbp_msg_certificate_chain_dep_t &msg) {
return sbp_msg_certificate_chain_dep_encoded_len(&msg);
}
};

template <>
struct MessageTraits<sbp_msg_certificate_chain_t> {
static constexpr sbp_msg_type_t id = SbpMsgCertificateChain;
Expand Down Expand Up @@ -1476,39 +1513,76 @@ struct MessageTraits<sbp_msg_ecdsa_certificate_t> {
};

template <>
struct MessageTraits<sbp_msg_ecdsa_signature_dep_t> {
static constexpr sbp_msg_type_t id = SbpMsgEcdsaSignatureDep;
static constexpr const char *name = "MSG_ECDSA_SIGNATURE_DEP";
static const sbp_msg_ecdsa_signature_dep_t &get(const sbp_msg_t &msg) {
return msg.ecdsa_signature_dep;
struct MessageTraits<sbp_msg_ecdsa_signature_dep_a_t> {
static constexpr sbp_msg_type_t id = SbpMsgEcdsaSignatureDepA;
static constexpr const char *name = "MSG_ECDSA_SIGNATURE_DEP_A";
static const sbp_msg_ecdsa_signature_dep_a_t &get(const sbp_msg_t &msg) {
return msg.ecdsa_signature_dep_a;
}
static sbp_msg_ecdsa_signature_dep_a_t &get(sbp_msg_t &msg) {
return msg.ecdsa_signature_dep_a;
}
static void to_sbp_msg(const sbp_msg_ecdsa_signature_dep_a_t &msg,
sbp_msg_t *sbp_msg) {
sbp_msg->ecdsa_signature_dep_a = msg;
}
static sbp_msg_t to_sbp_msg(const sbp_msg_ecdsa_signature_dep_a_t &msg) {
sbp_msg_t sbp_msg;
sbp_msg.ecdsa_signature_dep_a = msg;
return sbp_msg;
}
static s8 send(sbp_state_t *state, u16 sender_id,
const sbp_msg_ecdsa_signature_dep_a_t &msg,
sbp_write_fn_t write) {
return sbp_msg_ecdsa_signature_dep_a_send(state, sender_id, &msg, write);
}
static s8 encode(uint8_t *buf, uint8_t len, uint8_t *n_written,
const sbp_msg_ecdsa_signature_dep_a_t &msg) {
return sbp_msg_ecdsa_signature_dep_a_encode(buf, len, n_written, &msg);
}
static s8 decode(const uint8_t *buf, uint8_t len, uint8_t *n_read,
sbp_msg_ecdsa_signature_dep_a_t *msg) {
return sbp_msg_ecdsa_signature_dep_a_decode(buf, len, n_read, msg);
}
static size_t encoded_len(const sbp_msg_ecdsa_signature_dep_a_t &msg) {
return sbp_msg_ecdsa_signature_dep_a_encoded_len(&msg);
}
};

template <>
struct MessageTraits<sbp_msg_ecdsa_signature_dep_b_t> {
static constexpr sbp_msg_type_t id = SbpMsgEcdsaSignatureDepB;
static constexpr const char *name = "MSG_ECDSA_SIGNATURE_DEP_B";
static const sbp_msg_ecdsa_signature_dep_b_t &get(const sbp_msg_t &msg) {
return msg.ecdsa_signature_dep_b;
}
static sbp_msg_ecdsa_signature_dep_t &get(sbp_msg_t &msg) {
return msg.ecdsa_signature_dep;
static sbp_msg_ecdsa_signature_dep_b_t &get(sbp_msg_t &msg) {
return msg.ecdsa_signature_dep_b;
}
static void to_sbp_msg(const sbp_msg_ecdsa_signature_dep_t &msg,
static void to_sbp_msg(const sbp_msg_ecdsa_signature_dep_b_t &msg,
sbp_msg_t *sbp_msg) {
sbp_msg->ecdsa_signature_dep = msg;
sbp_msg->ecdsa_signature_dep_b = msg;
}
static sbp_msg_t to_sbp_msg(const sbp_msg_ecdsa_signature_dep_t &msg) {
static sbp_msg_t to_sbp_msg(const sbp_msg_ecdsa_signature_dep_b_t &msg) {
sbp_msg_t sbp_msg;
sbp_msg.ecdsa_signature_dep = msg;
sbp_msg.ecdsa_signature_dep_b = msg;
return sbp_msg;
}
static s8 send(sbp_state_t *state, u16 sender_id,
const sbp_msg_ecdsa_signature_dep_t &msg,
const sbp_msg_ecdsa_signature_dep_b_t &msg,
sbp_write_fn_t write) {
return sbp_msg_ecdsa_signature_dep_send(state, sender_id, &msg, write);
return sbp_msg_ecdsa_signature_dep_b_send(state, sender_id, &msg, write);
}
static s8 encode(uint8_t *buf, uint8_t len, uint8_t *n_written,
const sbp_msg_ecdsa_signature_dep_t &msg) {
return sbp_msg_ecdsa_signature_dep_encode(buf, len, n_written, &msg);
const sbp_msg_ecdsa_signature_dep_b_t &msg) {
return sbp_msg_ecdsa_signature_dep_b_encode(buf, len, n_written, &msg);
}
static s8 decode(const uint8_t *buf, uint8_t len, uint8_t *n_read,
sbp_msg_ecdsa_signature_dep_t *msg) {
return sbp_msg_ecdsa_signature_dep_decode(buf, len, n_read, msg);
sbp_msg_ecdsa_signature_dep_b_t *msg) {
return sbp_msg_ecdsa_signature_dep_b_decode(buf, len, n_read, msg);
}
static size_t encoded_len(const sbp_msg_ecdsa_signature_dep_t &msg) {
return sbp_msg_ecdsa_signature_dep_encoded_len(&msg);
static size_t encoded_len(const sbp_msg_ecdsa_signature_dep_b_t &msg) {
return sbp_msg_ecdsa_signature_dep_b_encoded_len(&msg);
}
};

Expand Down
18 changes: 15 additions & 3 deletions c/include/libsbp/legacy/cpp/message_traits.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1186,23 +1186,35 @@ struct MessageTraits<msg_ecdsa_certificate_t> {


template<>
struct MessageTraits<msg_certificate_chain_t> {
struct MessageTraits<msg_certificate_chain_dep_t> {
static constexpr u16 id = 3077;
};


template<>
struct MessageTraits<msg_ecdsa_signature_dep_t> {
struct MessageTraits<msg_ecdsa_signature_dep_a_t> {
static constexpr u16 id = 3078;
};


template<>
struct MessageTraits<msg_ecdsa_signature_t> {
struct MessageTraits<msg_ecdsa_signature_dep_b_t> {
static constexpr u16 id = 3079;
};


template<>
struct MessageTraits<msg_ecdsa_signature_t> {
static constexpr u16 id = 3080;
};


template<>
struct MessageTraits<msg_certificate_chain_t> {
static constexpr u16 id = 3081;
};


template<>
struct MessageTraits<msg_fileio_config_req_t> {
static constexpr u16 id = 4097;
Expand Down
84 changes: 81 additions & 3 deletions c/include/libsbp/legacy/signing.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,14 @@ typedef struct SBP_ATTR_PACKED {
u32 ns; /**< nanoseconds of second (range 0-999999999) [nanoseconds] */
} utc_time_t;

typedef struct SBP_ATTR_PACKED {
u8 len; /**< Number of bytes to use of the signature field. The DER
encoded signature has a maximum size of 72 bytes but can
vary between 70 and 72 bytes in length. */
u8 data[72]; /**< DER encoded ECDSA signature for the messages using SHA-256
as the digest algorithm. */
} ecdsa_signature_t;

/** An ECDSA certificate split over multiple messages
*
* A DER encoded x.509 ECDSA-256 certificate (using curve secp256r1).
Expand All @@ -56,6 +64,41 @@ typedef struct SBP_ATTR_PACKED {
u8 certificate_bytes[0]; /**< DER encoded x.509 ECDSA certificate bytes */
} msg_ecdsa_certificate_t;

typedef struct SBP_ATTR_PACKED {
u8 root_certificate[20]; /**< SHA-1 fingerprint of the root
certificate */
u8 intermediate_certificate[20]; /**< SHA-1 fingerprint of the intermediate
certificate */
u8 corrections_certificate[20]; /**< SHA-1 fingerprint of the corrections
certificate */
utc_time_t expiration; /**< The time after which the
signature given is no longer
valid. Implementors should
consult a time source (such as
GNSS) to check if the current
time is later than the
expiration time, if the
condition is true, signatures
in the stream should not be
considered valid. */
ecdsa_signature_t signature; /**< Signature (created by
the root certificate)
over the concatenation
of the SBP payload bytes
preceding this field.
That is, the
concatenation of
`root_certificate`,
`intermediate_certificate`,
`corrections_certificate`
and `expiration`. This
certificate chain (allow
list) can also be
validated by fetching it
from
`http(s)://certs.swiftnav.com/chain`. */
} msg_certificate_chain_t;

typedef struct SBP_ATTR_PACKED {
u8 root_certificate[20]; /**< SHA-1 fingerprint of the root
certificate */
Expand All @@ -79,7 +122,42 @@ typedef struct SBP_ATTR_PACKED {
(allow list) can also be validated by
fetching it from
`http(s)://certs.swiftnav.com/chain`. */
} msg_certificate_chain_t;
} msg_certificate_chain_dep_t;

/** An ECDSA signature
*
* An ECDSA-256 signature using SHA-256 as the message digest algorithm.
*/

typedef struct SBP_ATTR_PACKED {
u8 flags; /**< Describes the format of the `signed\_messages`
field below. */
u8 stream_counter; /**< Signature message counter. Zero indexed and
incremented with each signature message. The
counter will not increment if this message was
in response to an on demand request. The
counter will roll over after 256 messages.
Upon connection, the value of the counter may
not initially be zero. */
u8 on_demand_counter; /**< On demand message counter. Zero indexed and
incremented with each signature message sent
in response to an on demand message. The
counter will roll over after 256 messages.
Upon connection, the value of the counter may
not initially be zero. */
u8 certificate_id[4]; /**< The last 4 bytes of the certificate's SHA-1
fingerprint */
ecdsa_signature_t signature; /**< Signature over the frames of
this message group. */
u8 signed_messages[0]; /**< CRCs of the messages covered by this
signature. For Skylark, which delivers SBP
messages wrapped in Swift's proprietary RTCM
message, these are the 24-bit CRCs from the
RTCM message framing. For SBP only streams,
this will be 16-bit CRCs from the SBP framing.
See the `flags` field to determine the type of
CRCs covered. */
} msg_ecdsa_signature_t;

/** An ECDSA signature
*
Expand Down Expand Up @@ -118,7 +196,7 @@ typedef struct SBP_ATTR_PACKED {
this will be 16-bit CRCs from the SBP framing.
See the `flags` field to determine the type of
CRCs covered. */
} msg_ecdsa_signature_t;
} msg_ecdsa_signature_dep_b_t;

/** An ECDSA signature
*
Expand Down Expand Up @@ -153,7 +231,7 @@ typedef struct SBP_ATTR_PACKED {
this will be 16-bit CRCs from the SBP framing.
See the `flags` field to determine the type of
CRCs covered. */
} msg_ecdsa_signature_dep_t;
} msg_ecdsa_signature_dep_a_t;

typedef struct SBP_ATTR_PACKED {
u8 n_msg; /**< Total number messages that make up the
Expand Down
4 changes: 3 additions & 1 deletion c/include/libsbp/sbp_msg_type.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80,6 +80,7 @@ typedef enum {
SbpMsgBootloaderHandshakeResp = SBP_MSG_BOOTLOADER_HANDSHAKE_RESP,
SbpMsgBootloaderJumpToApp = SBP_MSG_BOOTLOADER_JUMP_TO_APP,
SbpMsgCellModemStatus = SBP_MSG_CELL_MODEM_STATUS,
SbpMsgCertificateChainDep = SBP_MSG_CERTIFICATE_CHAIN_DEP,
SbpMsgCertificateChain = SBP_MSG_CERTIFICATE_CHAIN,
SbpMsgCommandOutput = SBP_MSG_COMMAND_OUTPUT,
SbpMsgCommandReq = SBP_MSG_COMMAND_REQ,
Expand All @@ -93,7 +94,8 @@ typedef enum {
SbpMsgDopsDepA = SBP_MSG_DOPS_DEP_A,
SbpMsgDops = SBP_MSG_DOPS,
SbpMsgEcdsaCertificate = SBP_MSG_ECDSA_CERTIFICATE,
SbpMsgEcdsaSignatureDep = SBP_MSG_ECDSA_SIGNATURE_DEP,
SbpMsgEcdsaSignatureDepA = SBP_MSG_ECDSA_SIGNATURE_DEP_A,
SbpMsgEcdsaSignatureDepB = SBP_MSG_ECDSA_SIGNATURE_DEP_B,
SbpMsgEcdsaSignature = SBP_MSG_ECDSA_SIGNATURE,
SbpMsgEd25519CertificateDep = SBP_MSG_ED25519_CERTIFICATE_DEP,
SbpMsgEd25519SignatureDepA = SBP_MSG_ED25519_SIGNATURE_DEP_A,
Expand Down
Loading