Vanetza
Loading...
Searching...
No Matches
security Directory Reference
Directory dependency graph for security:

Directories

 		v2
 		v3

Files

 		backend.cpp
 		backend.hpp
 		backend_cryptopp.cpp
 		backend_cryptopp.hpp
 		backend_null.cpp
 		backend_null.hpp
 		backend_openssl.cpp
 		backend_openssl.hpp
 		cam_ssp.cpp
 		cam_ssp.hpp
 		certificate_validity.hpp
 		decap_service.cpp
 		decap_service.hpp
 		delegating_security_entity.cpp
 		delegating_security_entity.hpp
 		ecc_point.cpp
 		ecc_point.hpp
 		ecdsa256.cpp
 		ecdsa256.hpp
 		ecdsa_signature.hpp
 		encap_service.cpp
 		encap_service.hpp
 		exception.hpp
 		hash_algorithm.hpp
 		hashed_id.cpp
 		hashed_id.hpp
 		hmac.cpp
 		hmac.hpp
 		key_type.cpp
 		key_type.hpp
 		openssl_wrapper.cpp
 		openssl_wrapper.hpp
 		peer_request_tracker.cpp
 		peer_request_tracker.hpp
 		private_key.hpp
 		public_key.hpp
 		secured_message.cpp
 		secured_message.hpp
 		security_entity.hpp
 		sha.cpp
 		sha.hpp
 		sign_service.hpp
 		signature.cpp
 		signature.hpp
 		signing_policy.hpp
 		straight_verify_service.cpp
 		straight_verify_service.hpp
 		verify_service.cpp
 		verify_service.hpp

Detailed Description

This is the security module of Vanetza. It implements the ETSI C-ITS security extension of the GeoNetworking protocol based on:

Implemented Features

Most features are implemented, including:

  • Security profiles including the CAM and DENM profile
  • Certificate requests for unknown certificates of other stations
  • Certificate validation for incoming messages

Missing Features

There are a few missing features, but the overall implementation is in a working state to send and receive secured messages. It has been verified to work correctly by interoperability tests with other implementations.

  • Revocation checks for certificate authorities
    Certificates of CAs can be revoked via CRLs. There will be a new standard for the corresponding protocol in May 2018. It will be a new version of ETSI TS 102 941.
  • v2: region checks for polygonal and identified regions
    There are TODO notes in the code of region.cpp within the is_within() functions. Implementing these checks is non-trivial.
  • v2: region consistency checks for regions other than circular and none region restrictions
    There are TODO notes in the code of region.cpp within the is_within() functions. Implementing these checks is non-trivial.
  • v3: region checks for identified regions
  • Certificate requests
    Currently there's no support to request authorization tickets from an authorization authority or to do an enrolment.