Control: Add support for HSM

Add dycrypt and encrypt support

Co-authored-by: Tehila Aharonovich <[email protected]>

Author: MiryamBenHaim

control/CMakeLists.txt

@@ -18,6 +18,8 @@ include_directories(${BSON_INCLUDE_DIRS})
 file(GLOB SOURCES "src/*.cpp")
 list(REMOVE_ITEM SOURCES "${CMAKE_SOURCE_DIR}/src/main.cpp")
 
+# Path to local communication directory
+
 file(GLOB SOURCES_COMMUNICATION "../communication/src/*.cpp")
 file(GLOB HEADERS_COMMUNICATION "../communication/include/*.h")
 file(GLOB SOCKETS_COMMUNICATIONS "../communication/sockets/*.*" )
@@ -27,12 +29,25 @@ file(GLOB PARSER "../parser_json/src/*.*")
 file(GLOB LOGGER "../logger/*.*")
 
 # Main executable
-add_executable(${PROJECT_NAME} ${SOURCES} ${PARSER} ${SOURCES_COMMUNICATION} ${HEADERS_COMMUNICATION} ${SOCKETS_COMMUNICATIONS} ${LOGGER} src/main.cpp)
+add_executable(${PROJECT_NAME} ${SOURCES} ${PARSER} ${SOURCES_COMMUNICATION} ${HEADERS_COMMUNICATION} ${SOCKETS_COMMUNICATIONS} ${LOGGER}   src/main.cpp )
 target_include_directories(${PROJECT_NAME} PRIVATE ${CMAKE_SOURCE_DIR}/include)
-target_link_libraries(${PROJECT_NAME} PRIVATE ${BSON_LIBRARIES})
+target_link_libraries(${PROJECT_NAME} PRIVATE ${BSON_LIBRARIES} )
 
 # Test executable, including additional source files
 file(GLOB TEST_SOURCES "test/*.cpp")
-add_executable(RunTests ${SOURCES} ${PARSER} ${SOURCES_COMMUNICATION} ${HEADERS_COMMUNICATION} ${SOCKETS_COMMUNICATIONS} ${LOGGER} ${TEST_SOURCES})
+add_executable(RunTests ${SOURCES} ${PARSER} ${SOURCES_COMMUNICATION} ${HEADERS_COMMUNICATION} ${SOCKETS_COMMUNICATIONS} ${LOGGER} ${TEST_SOURCES}  )
 target_include_directories(RunTests PRIVATE ${CMAKE_SOURCE_DIR}/include)
-target_link_libraries(RunTests PRIVATE ${BSON_LIBRARIES} ${GTEST_LIBRARIES} pthread)
+target_link_libraries(RunTests PRIVATE ${BSON_LIBRARIES} ${GTEST_LIBRARIES} pthread)
+
+
+include(../hsm-client/use_hsm_client.cmake)
+find_library(HSM_CLIENT_LIB hsm_client_lib PATHS ${HSM_CLIENT_LIB_PATH})
+if(HSM_CLIENT_LIB)
+    message(STATUS "Found hsm_client_lib: ${HSM_CLIENT_LIB}")
+    target_link_libraries(${PROJECT_NAME} PRIVATE ${HSM_CLIENT_LIB} ${HSM_CLIENT_LIB_DEPS})
+    target_link_libraries(RunTests PRIVATE ${HSM_CLIENT_LIB} ${HSM_CLIENT_LIB_DEPS})
+    target_include_directories(${PROJECT_NAME} PRIVATE ${HSM_CLIENT_INCLUDE_DIRS})
+    target_include_directories(RunTests PRIVATE ${HSM_CLIENT_INCLUDE_DIRS})
+else()
+    message(FATAL_ERROR "Could not find hsm_client_lib at ${HSM_CLIENT_LIB_PATH}")
+endif()

control/camera.json

@@ -0,0 +1,48 @@
+{
+    "endianness": "little",
+    "fields": [
+        {
+            "fields": [
+                {
+                    "name": "MessageType",
+                    "size": 1,
+                    "type": "unsigned_int",
+                    "defaultValue": 1
+                },
+                {
+                    "name": "Level",
+                    "size": 3,
+                    "type": "unsigned_int",
+                    "defaultValue": 1
+                },
+                {
+                    "name": "ObjectType",
+                    "size": 4,
+                    "type": "unsigned_int",
+                    "defaultValue": 1
+                }
+            ],
+            "name": "AlertDetails",
+            "size": 8,
+            "type": "bit_field"
+        },
+        {
+            "name": "ObjectDistance",
+            "size": 32,
+            "type": "float_fixed",
+            "defaultValue": 100.0
+        },
+        {
+            "name": "CarSpeed",
+            "size": 32,
+            "type": "unsigned_int",
+            "defaultValue": 100
+        },
+        {
+            "name": "ObjectSpeed",
+            "size": 32,
+            "type": "unsigned_int",
+            "defaultValue": 100
+        }
+    ]
+}

control/include/full_condition.h

@@ -14,6 +14,7 @@
 #include "basic_condition.h"
 #include "root.h"
 #include "condition_factory.h"
+#include "hsm_support.h"
 
 class Root;
 

control/include/global_properties.h

@@ -13,6 +13,8 @@
 #include "input.h"
 #include "full_condition.h"
 #include "sensor.h"
+#include "crypto_api.h"
+#include "hsm_support.h"
 
 #include "../../communication/include/communication.h"
 #include "../../logger/logger.h"
@@ -23,6 +25,8 @@ class FullCondition;
 // Forward declaration instead of #include
 class Sensor;
 
+#define BITS_IN_BYTE 8
+
 // Singleton class managing global properties
 class GlobalProperties {
 private:
@@ -48,6 +52,8 @@ class GlobalProperties {
     uint32_t srcID = 1;
     // Creating the communication object with the callback function to process the data
     Communication *comm;
+
+    CryptoClient client;
 
     static logger controlLogger;
 };

control/include/hsm_support.h

@@ -0,0 +1,11 @@
+#ifndef __HSM_SUPPORT__
+#define __HSM_SUPPORT__
+
+#include "global_properties.h"
+
+bool decryptData(void *data, int dataLen, uint32_t senderId);
+
+bool encryptData(const void *data, int dataLen, uint8_t *encryptedData,
+                 size_t encryptedLength, uint32_t receiverId);
+
+#endif // __HSM_SUPPORT__

control/include/sensor.h

@@ -23,6 +23,8 @@ class Sensor {
     std::string name;
     PacketParser *parser;
     std::map<std::string, Field> fieldsMap;
+    int msgLength;
+    bool isUsingHSM;
 
     // Variables for the timer functions
     int timeForUpdate;

control/src/full_condition.cpp

@@ -22,18 +22,23 @@ void defineCurrentSensor(const string &condition, int &index)
     index = closeBracket + 1;
     currentSensor = instanceGP.sensors[id];
 
-    GlobalProperties::controlLogger.logMessage(logger::LogLevel::DEBUG, "The current sensor id is: " + to_string(currentSensor->id));
+    GlobalProperties::controlLogger.logMessage(
+        logger::LogLevel::DEBUG,
+        "The current sensor id is: " + to_string(currentSensor->id));
 }
 
 // Recursively builds the condition tree from the condition string.
 Condition *FullCondition::buildNode(const string &condition, int &index,
                                     map<int, int> bracketIndexes)
 {
-    GlobalProperties::controlLogger.logMessage(logger::LogLevel::DEBUG, "Entering buildNode function, condition[index] = " + condition[index]);
+    GlobalProperties::controlLogger.logMessage(
+        logger::LogLevel::DEBUG,
+        "Entering buildNode function, condition[index] = " + condition[index]);
     GlobalProperties &instanceGP = GlobalProperties::getInstance();
 
     if (condition.empty())
-        GlobalProperties::controlLogger.logMessage(logger::LogLevel::ERROR, "Condition string is empty");
+        GlobalProperties::controlLogger.logMessage(logger::LogLevel::ERROR,
+                                                   "Condition string is empty");
 
     // Handling sensor reference
     if (condition[index] == '[')
@@ -48,11 +53,13 @@ Condition *FullCondition::buildNode(const string &condition, int &index,
         (currentSensor ? to_string(currentSensor->id) : "-") +
         condition.substr(index, bracketIndexes[openBracketIndex] - index + 1);
 
-    GlobalProperties::controlLogger.logMessage(logger::LogLevel::DEBUG, "Generated condition key: " + key);
+    GlobalProperties::controlLogger.logMessage(
+        logger::LogLevel::DEBUG, "Generated condition key: " + key);
 
     // Check if the key already exists in the existingConditions map
     if (s_existingConditions.find(key) != s_existingConditions.end()) {
-        instanceGP.controlLogger.logMessage(logger::LogLevel::DEBUG, "Condition key already exists: " + key);
+        instanceGP.controlLogger.logMessage(
+            logger::LogLevel::DEBUG, "Condition key already exists: " + key);
 
         index = bracketIndexes[openBracketIndex] + 1;
         if (condition[index] == ',')
@@ -65,7 +72,9 @@ Condition *FullCondition::buildNode(const string &condition, int &index,
     OperatorTypes operatorType = convertStringToOperatorTypes(
         condition.substr(index, openBracketIndex - index));
 
-    GlobalProperties::controlLogger.logMessage(logger::LogLevel::DEBUG, "Operator type: " + std::to_string(operatorType));
+    GlobalProperties::controlLogger.logMessage(
+        logger::LogLevel::DEBUG,
+        "Operator type: " + std::to_string(operatorType));
 
     Condition *conditionPtr = createCondition(operatorType);
 
@@ -111,7 +120,8 @@ Condition *FullCondition::buildNode(const string &condition, int &index,
         string name = condition.substr(openBracketIndex + 1,
                                        commaIndex - openBracketIndex - 1);
 
-        GlobalProperties::controlLogger.logMessage(logger::LogLevel::DEBUG, "Field name: " + name);
+        GlobalProperties::controlLogger.logMessage(logger::LogLevel::DEBUG,
+                                                   "Field name: " + name);
 
         int closeBracket = bracketIndexes[openBracketIndex];
 
@@ -139,7 +149,8 @@ Condition *FullCondition::buildNode(const string &condition, int &index,
 // Maps the positions of opening bracket indexes to their corresponding closing bracket indexes
 map<int, int> findBrackets(string condition)
 {
-    GlobalProperties::controlLogger.logMessage(logger::LogLevel::DEBUG, "Generate a map with the brackets indexes");
+    GlobalProperties::controlLogger.logMessage(
+        logger::LogLevel::DEBUG, "Generate a map with the brackets indexes");
     map<int, int> mapIndexes;
     stack<int> stackIndexes;
     // Scans the input string for brackets and uses a stack to keep track of their positions
@@ -172,7 +183,8 @@ FullCondition::FullCondition(string condition,
         this->buildNode(condition, index, bracketsIndexes);
     root = new Root(this->id, firstCondition);
 
-    GlobalProperties::controlLogger.logMessage(logger::LogLevel::DEBUG, "The tree created successfully ");
+    GlobalProperties::controlLogger.logMessage(
+        logger::LogLevel::DEBUG, "The tree created successfully ");
 
     firstCondition->parents.push_back(root);
     currentSensor = nullptr;
@@ -188,7 +200,26 @@ void FullCondition::activateActions()
         const char *message = action.second.c_str();
         size_t dataSize = strlen(message) + 1;
         uint32_t destID = action.first;
-        instanceGP.comm->sendMessage((void *)message, dataSize, destID,
-                                     instanceGP.srcID, false);
+
+        if (instanceGP.sensors[destID]->isUsingHSM){
+            // Get the length of the encrypted data
+            size_t encryptedLength =
+                instanceGP.client.getEncryptedLen(instanceGP.srcID, dataSize);
+            uint8_t encryptedData[encryptedLength];
+
+            if (encryptData((const void *)message, dataSize, encryptedData,
+                            encryptedLength, destID))
+                instanceGP.controlLogger.logMessage(
+                    logger::LogLevel::INFO, "The message encrypted successfully");
+            else
+                instanceGP.controlLogger.logMessage(
+                    logger::LogLevel::ERROR, "The message encryption failed");
+
+            instanceGP.comm->sendMessage(encryptedData, encryptedLength, destID,
+                                            instanceGP.srcID, false);
+        }
+        else
+            instanceGP.comm->sendMessage((void*)message, dataSize, destID,
+                                            instanceGP.srcID, false);
     }
 }

control/src/global_properties.cpp

@@ -1,15 +1,28 @@
 #include "global_properties.h"
 using namespace std;
 
-void handleMesseage(uint32_t senderId,void *data)
+
+void handleMesseage(uint32_t senderId, void *data)
 {
     GlobalProperties &instanceGP = GlobalProperties::getInstance();
 
     GlobalProperties::controlLogger.logMessage(logger::LogLevel::INFO, "Received message from id " + senderId);
 
-    char * msg = "I got message";
+    const char *msg = "I got message";
     size_t dataSize = strlen(msg) + 1;
-    instanceGP.comm->sendMessage((void*)msg, dataSize, senderId, instanceGP.srcID, false);
+    // instanceGP.comm->sendMessage((void *)msg, dataSize, senderId,
+    //                              instanceGP.srcID, false);
+
+    if (decryptData(data, instanceGP.sensors[senderId]->msgLength / BITS_IN_BYTE, senderId)){
+        instanceGP.controlLogger.logMessage(
+                    logger::LogLevel::INFO, "The message dycrypted successfully");
+        instanceGP.sensors[senderId]->isUsingHSM = true;
+    }
+    else {
+        instanceGP.controlLogger.logMessage(logger::LogLevel::ERROR,
+                                            "The message dycryption failed");
+    }
+
     instanceGP.sensors[senderId]->handleMessage(data);
 
     for (int cId : instanceGP.trueConditions)
@@ -25,30 +38,35 @@ int readIdFromJson()
 
     // Check if the input is correct
     if (!f.is_open())
-        GlobalProperties::controlLogger.logMessage(logger::LogLevel::ERROR, "Failed to open config.json");
+        GlobalProperties::controlLogger.logMessage(
+            logger::LogLevel::ERROR, "Failed to open config.json");
     json *data = NULL;
 
     // Try parse to json type
     try {
         data = new json(json::parse(f));
         f.close();
-        GlobalProperties::controlLogger.logMessage(logger::LogLevel::INFO, "The id was successfully read from config.json");
+        GlobalProperties::controlLogger.logMessage(
+            logger::LogLevel::INFO,
+            "The id was successfully read from config.json");
     }
     catch (exception e) {
-        GlobalProperties::controlLogger.logMessage(logger::LogLevel::ERROR, e.what());
+        GlobalProperties::controlLogger.logMessage(logger::LogLevel::ERROR,
+                                                   e.what());
     }
 
     return (*data)["ID"];
 }
 
 // Initializes the sensors based on a JSON file
-GlobalProperties::GlobalProperties()
+GlobalProperties::GlobalProperties() : client(srcID)
 {
     controlLogger.logMessage(logger::LogLevel::INFO, "Initializing...");
-    
+
     // Build the sensors according the json file
     Input::s_buildSensors(sensors);
-    controlLogger.logMessage(logger::LogLevel::INFO, "Sensors built successfully");
+    controlLogger.logMessage(logger::LogLevel::INFO,
+                             "Sensors built successfully");
 
     srcID = readIdFromJson();
     // Creating the communication object with the callback function to process the data

control/src/hsm_support.cpp

@@ -0,0 +1,36 @@
+#include "hsm_support.h"
+
+bool decryptData(void *data, int dataLen, uint32_t senderId)
+{
+    GlobalProperties &instanceGP = GlobalProperties::getInstance();
+
+    size_t encryptedLength =
+        instanceGP.client.getEncryptedLen(senderId, dataLen);
+    size_t decryptedLength =
+        instanceGP.client.getEncryptedLen(senderId, encryptedLength);
+
+    uint8_t decryptedData[decryptedLength];
+
+    CK_RV decryptResult = instanceGP.client.decrypt(
+        senderId, data, encryptedLength, decryptedData, decryptedLength);
+
+    if (decryptResult != CKR_OK || decryptedLength != dataLen)
+        return false;
+
+    memcpy(data, decryptedData, decryptedLength);
+    return true;
+}
+
+bool encryptData(const void *data, int dataLen, uint8_t *encryptedData,
+                 size_t encryptedLength, uint32_t receiverId)
+{
+    GlobalProperties &instanceGP = GlobalProperties::getInstance();
+
+    // Encrypt the data
+    CK_RV encryptResult = instanceGP.client.encrypt(
+        receiverId, data, dataLen, encryptedData, encryptedLength);
+    // Check if encryption was successful
+    if (encryptResult != CKR_OK)
+        return false;
+    return true;
+}

control/src/main.cpp

@@ -4,7 +4,7 @@
 #include "input.h"
 #include "full_condition.h"
 #include "global_properties.h"
-// #include "../parser_json/src/packet_parser.h"
+
 using namespace std;
 
 int main()
@@ -13,7 +13,9 @@ int main()
     // Build the conditions from the bson file
     Input::s_buildConditions();
 
-    GlobalProperties::controlLogger.logMessage(logger::LogLevel::INFO, "Initialized successfully, Starting Communication...");
+    GlobalProperties::controlLogger.logMessage(
+        logger::LogLevel::INFO,
+        "Initialized successfully, Starting Communication...");
     // Starting communication with the server
     instanceGP.comm->startConnection();