Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
/*
* @author
*
* @version
* 1.0
* @desc
*
* @remark
*
* @see
*
*/
module TestCodec_SignedAndEncryptedMessages {
// LibCommon
import from LibCommon_BasicTypesAndValues all;
import from LibCommon_DataStrings all;
// LibIts
import from IEEE1609dot2BaseTypes language "ASN.1:1997" all;
import from IEEE1609dot2 language "ASN.1:1997" all;
import from EtsiTs103097Module language "ASN.1:1997" all;
// LibItsGeoNetworking
import from LibItsGeoNetworking_EncdecDeclarations all;
import from LibItsGeoNetworking_TypesAndValues all;
import from LibItsGeoNetworking_Templates all;
// LibItsSecurity
import from LibItsSecurity_EncdecDeclarations all;
import from LibItsSecurity_TypesAndValues all;
import from LibItsSecurity_Templates all;
import from LibItsSecurity_Functions all;
import from LibItsSecurity_Pixits all;
// TestCodec
import from TestCodec_TestAndSystem all;
/**
* @desc Test HMAC-SH256 using test vectors provided by IEEE Std 1609.2-2017 Annex D
* @see IEEE Std 1609.2-2017 Clause 5.3.5 Public key encryption algorithms: ECIES
* @return The encrypted message
*/
testcase tc_test_hmac_sha256_test1() runs on TCType system TCType {
var octetstring v_k := '0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b'O;
var octetstring v_m := '4869205468657265'O;
var octetstring v_t := 'b0344c61d8db38535ca8afceaf0bf12b'O;
var octetstring v_result := fx_test_hmac_sha256(v_k, v_m);
if (match(v_t, v_result)) {
setverdict(pass);
} else {
setverdict(fail);
}
}
/**
* @desc Test HMAC-SH256 using test vectors provided by IEEE Std 1609.2-2017 Annex D
* @return The encrypted message
*/
testcase tc_test_hmac_sha256_test2() runs on TCType system TCType {
var octetstring v_k := '4a656665'O;
var octetstring v_m := '7768617420646f2079612077616e7420666f72206e6f7468696e673f'O;
var octetstring v_t := '5bdcc146bf60754e6a042426089575c7'O;
var octetstring v_result := fx_test_hmac_sha256(v_k, v_m);
if (match(v_t, v_result)) {
setverdict(pass);
} else {
setverdict(fail);
}
}
/**
* @desc Test HMAC-SH256 using test vectors provided by IEEE Std 1609.2-2017 Annex D
* @return The encrypted message
*/
testcase tc_test_hmac_sha256_test3() runs on TCType system TCType {
var octetstring v_k := 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'O;
var octetstring v_m := 'dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd'O;
var octetstring v_t := '773ea91e36800e46854db8ebd09181a7'O;
var octetstring v_result := fx_test_hmac_sha256(v_k, v_m);
if (match(v_t, v_result)) {
setverdict(pass);
} else {
setverdict(fail);
}
}
/**
* @desc Test AES 128 CCM using test vectors provided by IEEE Std 1609.2-2017 Annex D
* @return The encrypted message
*/
testcase tc_test_encrypt_aes_128_ccm_test_1() runs on TCType system TCType {
var octetstring v_k := 'E58D5C8F8C9ED9785679E08ABC7C8116'O;
var octetstring v_n := 'A9F593C09EAEEA8BF0C1CF6A'O;
var octetstring v_pt := '0653B5714D1357F4995BDDACBE10873951A1EBA663718D1AF35D2F0D52C79DE49BE622C4A6D90647BA2B004C3E8AE422FD27063AFA19AD883DCCBD97D98B8B0461B5671E75F19701C24042B8D3AF79B9FF62BC448EF9440B1EA3F7E5C0F4BFEFE3E326E62D5EE4CB4B4CFFF30AD5F49A7981ABF71617245B96E522E1ADD78A'O;
var octetstring v_ct := '5F82B9FCE34B94835395DD89D71FB758D2A3907FBF2FD58994A2B9CF8725AF26F0B23853C27A06E35EE72CAD827713C18FA5DDA971D9BAA7B42A301FF60C6E4AD651C1BB6ED4F25F7D0FF387A11627934CD11F86984EA3AC969DDA9A020AD6424B0D393E3FB4B1119ADF5CDB012A59753E41D47E5E5A8C3A118ED407049B56D53BF56CB38C0B20A2502D1DA70B9761'O;
var octetstring v_result := fx_test_encrypt_aes_128_ccm_test(v_k, v_n, v_pt);
if (match(v_ct, v_result)) {
setverdict(pass);
} else {
setverdict(fail);
}
v_result := fx_test_decrypt_aes_128_ccm_test(v_k, v_n, v_result);
if (match(v_pt, v_result)) {
setverdict(pass);
} else {
setverdict(fail);
}
}
/**
* @desc Test AES 128 CCM using test vectors provided by IEEE Std 1609.2-2017 Annex D
* @return The encrypted message
*/
testcase tc_test_encrypt_aes_128_ccm_test_2() runs on TCType system TCType {
var octetstring v_k := 'E58D5C8F8C9ED9785679E08ABC7C8116'O;
var octetstring v_n := 'A9F593C09EAEEA8BF0C1CF6A'O;
var octetstring v_pt := 'ACA650CCCCDA604E16A8B54A3335E0BC2FD9444F33E3D9B82AFE6F445357634974F0F1728CF113452321CBE5858304B01D4A14AE7F3B45980EE8033AD2A8599B78C29494C9E5F8945A8CADE3EB5A30D156C0D83271626DADDB650954093443FBAC9701C02E5A973F39C2E1761A4B48C764BF6DB215A54B285A06ECA3AF0A83F7'O;
var octetstring v_ct := 'F5775C416282A339DC66B56F5A3AD0DDACDB3F96EFBD812B4D01F98686B5518B1FA4EBE5E85213E1C7EDE704397EF3536FC8CF3DF4FB52B7870E8EB2FD2FBCD5CF263231D2C09DCAE5C31CDC99E36EFBE5737BF067D58A0A535B242BCBCA2A5604791E183CB0C2E5E851425E11B4E528237F123B5DE8E349DD6D1A4506465F7257001080003872271900D3F39C9661FD'O;
var octetstring v_result := fx_test_encrypt_aes_128_ccm_test(v_k, v_n, v_pt);
if (match(v_ct, v_result)) {
setverdict(pass);
} else {
setverdict(fail);
}
v_result := fx_test_decrypt_aes_128_ccm_test(v_k, v_n, v_result);
if (match(v_pt, v_result)) {
setverdict(pass);
} else {
setverdict(fail);
}
}
/**
* @desc Test AES 128 CCM using test vectors provided by IEEE Std 1609.2-2017 Annex D
* @see IEEE Std 1609.2-2017 Clause 5.3.5 Public key encryption algorithms: ECIES
* @return The encrypted message
*/
testcase tc_test_encrypt_aes_128_ccm_test_3() runs on TCType system TCType {
var octetstring v_wrong_k := 'A58D5C8F8C9ED9785679E08ABC7C8116'O;
var octetstring v_n := 'A9F593C09EAEEA8BF0C1CF6A'O;
var octetstring v_pt := 'ACA650CCCCDA604E16A8B54A3335E0BC2FD9444F33E3D9B82AFE6F445357634974F0F1728CF113452321CBE5858304B01D4A14AE7F3B45980EE8033AD2A8599B78C29494C9E5F8945A8CADE3EB5A30D156C0D83271626DADDB650954093443FBAC9701C02E5A973F39C2E1761A4B48C764BF6DB215A54B285A06ECA3AF0A83F7'O;
var octetstring v_ct := 'F5775C416282A339DC66B56F5A3AD0DDACDB3F96EFBD812B4D01F98686B5518B1FA4EBE5E85213E1C7EDE704397EF3536FC8CF3DF4FB52B7870E8EB2FD2FBCD5CF263231D2C09DCAE5C31CDC99E36EFBE5737BF067D58A0A535B242BCBCA2A5604791E183CB0C2E5E851425E11B4E528237F123B5DE8E349DD6D1A4506465F7257001080003872271900D3F39C9661FD'O;
var octetstring v_result := fx_test_encrypt_aes_128_ccm_test(v_wrong_k, v_n, v_pt);
if (match(v_ct, v_result)) {
setverdict(fail);
} else {
setverdict(pass);
}
}
/**
* @desc Test ECIES encryption using NIST-P256
* @see IEEE Std 1609.2-2017 Clause 5.3.5 Public key encryption algorithms: ECIES
* @see https://www.nominet.uk/researchblog/how-elliptic-curve-cryptography-encryption-works/
* @see http://digital.csic.es/bitstream/10261/32671/1/V2-I2-P7-13.pdf
* @return The encrypted message
*/
testcase tc_encrypted_signed_message_1() runs on TCType system TCType {
var template (value) EtsiTs103097Data v_signed_data;
var EtsiTs103097Data v_signed_data_dec;
var octetstring v_raw_payload_to_be_signed := 'CAFFEDECA0000001'O;
var HashedId8 v_digest := '0000000000000000'O;
var template (value) EtsiTs103097Data v_encrypted_data;
var EtsiTs103097Data v_encrypted_data_dec;
var bitstring v_encMsg;
var Oct32 v_obuPrivateKey, v_obuPublicKeyX, v_obuPublicKeyY;
var Oct32 v_obuPublicKeyCompressed;
var Oct32 v_tsPrivateKey, v_tsPublicKeyX, v_tsPublicKeyY;
var Oct32 v_tsPublicKeyCompressed;
var Oct32 v_publicEphemeralKeyCompressed;
var integer v_ephemeralKeyModeCompressed;
var integer v_obuCompressedMode;
var integer v_tsCompressedMode;
var EccP256CurvePoint v_eccPoint;
var Opaque v_cypheredPayload;
var Oct12 v_nonce;
var HashedId8 v_recipientId;
// Simulate OCU & Test System certificate, OBU and Test system exchange their public key
f_generate_key_pair_nistp256(v_obuPrivateKey, v_obuPublicKeyX, v_obuPublicKeyY, v_obuPublicKeyCompressed, v_obuCompressedMode);
f_generate_key_pair_nistp256(v_tsPrivateKey, v_tsPublicKeyX, v_tsPublicKeyY, v_tsPublicKeyCompressed, v_tsCompressedMode);
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
// The OBU is the sender, the Test System is te receiver
v_signed_data := m_etsiTs103097Data_signed(
m_signedData(
sha256,
m_toBeSignedData(
m_signedDataPayload(
m_etsiTs103097Data_unsecured(v_raw_payload_to_be_signed)
),
m_headerInfo_gn(
-,
12345
)
),
{ digest := v_digest },
m_signature_ecdsaNistP256(
m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(
'08B2030104020A0D010C0105C0F80BB1460239348D17405C1A845151D4061200'O
),
'2617CF4E6B25097F03F502AD0C6F2F125974700D31A60FD1EF12040E4D8231AB'O
)
)
)
);
log("v_signed_data = ", v_signed_data);
v_encMsg := encvalue(valueof(v_signed_data));
v_cypheredPayload := f_encryptWithEciesNistp256WithSha256(bit2oct(v_encMsg), v_tsPublicKeyCompressed, v_tsCompressedMode, v_publicEphemeralKeyCompressed, v_ephemeralKeyModeCompressed, v_encrypted_sym_key, v_authentication_vector, v_nonce);
v_recipientId := f_HashedId8FromSha256(f_hashWithSha256(bit2oct(v_encMsg))); // IEEE Std 1609.2a-2017 Clause 6.3.34 PKRecipientInfo
// Fill Certificate template with the public compressed keys (canonical form)
if (v_ephemeralKeyModeCompressed == 0) {
v_eccPoint := valueof(m_eccP256CurvePoint_compressed_y_0(v_publicEphemeralKeyCompressed));
} else {
v_eccPoint := valueof(m_eccP256CurvePoint_compressed_y_1(v_publicEphemeralKeyCompressed));
}
v_encrypted_data := m_etsiTs103097Data_encrypted(
m_encryptedData(
{
m_recipientInfo_signedDataRecipInfo(
m_pKRecipientInfo(
v_recipientId,
m_encryptedDataEncryptionKey_eciesNistP256(
m_evciesP256EncryptedKey(
))))
},
m_SymmetricCiphertext_aes128ccm(
m_aesCcmCiphertext(
v_nonce,
v_cypheredPayload
)
)
)
);
log("v_encrypted_data = ", v_encrypted_data);
v_encMsg := encvalue(valueof(v_encrypted_data));
setverdict(pass, "Encoding passed.");
if (decvalue(v_encMsg, v_encrypted_data_dec) != 0) {
} else if (not(match(valueof(v_encrypted_data), v_encrypted_data_dec))) {
setverdict(fail, "Encode/decode mismatch");
stop;
}
setverdict(pass, "Decoding passed.");
} // End of testcase tc_encrypted_signed_message_1
/**
* @desc Test ECIES encryption/decryption using NIST-P256
* The OBU is the sender, the Test System is te receiver
* @see IEEE Std 1609.2-2017 Clause 5.3.5 Public key encryption algorithms: ECIES
* @see https://www.nominet.uk/researchblog/how-elliptic-curve-cryptography-encryption-works/
* @see http://digital.csic.es/bitstream/10261/32671/1/V2-I2-P7-13.pdf
* @return The encrypted message
*/
testcase tc_decrypted_signed_message_1() runs on TCType system TCType {
var template (value) EtsiTs103097Data v_signed_data;
var EtsiTs103097Data v_signed_data_dec;
var octetstring v_raw_payload_to_be_signed := 'CAFFEDECA0000001'O;
var HashedId8 v_digest := '0000000000000000'O;
var template (value) EtsiTs103097Data v_encrypted_data;
var EtsiTs103097Data v_decrypted_data;
var bitstring v_encMsg;
var Oct32 v_obuPrivateKey, v_obuPublicKeyX, v_obuPublicKeyY;
var Oct32 v_obuPublicKeyCompressed;
var Oct32 v_tsPrivateKey, v_tsPublicKeyX, v_tsPublicKeyY;
var Oct32 v_tsPublicKeyCompressed;
var Oct32 v_publicEphemeralKeyCompressed;
var integer v_ephemeralKeyModeCompressed;
var integer v_obuCompressedMode;
var integer v_tsCompressedMode;
var EccP256CurvePoint v_eccPoint;
var Oct16 v_authentication_vector;
var Oct16 v_encrypted_sym_key;
var Opaque v_cypheredPayload;
var Oct12 v_nonce;
var HashedId8 v_recipientId;
// Simulate OCU & Test System certificate, OBU and Test system exchange their public key
f_generate_key_pair_nistp256(v_obuPrivateKey, v_obuPublicKeyX, v_obuPublicKeyY, v_obuPublicKeyCompressed, v_obuCompressedMode);
f_generate_key_pair_nistp256(v_tsPrivateKey, v_tsPublicKeyX, v_tsPublicKeyY, v_tsPublicKeyCompressed, v_tsCompressedMode);
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
// The OBU is the sender, the Test System is te receiver
v_signed_data := m_etsiTs103097Data_signed(
m_signedData(
sha256,
m_toBeSignedData(
m_signedDataPayload(
m_etsiTs103097Data_unsecured(v_raw_payload_to_be_signed)
),
m_headerInfo_gn(
-,
12345
)
),
{ digest := v_digest },
m_signature_ecdsaNistP256(
m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(
'08B2030104020A0D010C0105C0F80BB1460239348D17405C1A845151D4061200'O
),
'2617CF4E6B25097F03F502AD0C6F2F125974700D31A60FD1EF12040E4D8231AB'O
)
)
)
);
log("v_signed_data = ", v_signed_data);
v_encMsg := encvalue(valueof(v_signed_data));
v_cypheredPayload := f_encryptWithEciesNistp256WithSha256(bit2oct(v_encMsg), v_tsPublicKeyCompressed, v_tsCompressedMode, v_publicEphemeralKeyCompressed, v_ephemeralKeyModeCompressed, v_encrypted_sym_key, v_authentication_vector, v_nonce);
v_recipientId := f_HashedId8FromSha256(f_hashWithSha256(bit2oct(v_encMsg))); // IEEE Std 1609.2a-2017 Clause 6.3.34 PKRecipientInfo
// Fill Certificate template with the public compressed keys (canonical form)
if (v_ephemeralKeyModeCompressed == 0) {
v_eccPoint := valueof(m_eccP256CurvePoint_compressed_y_0(v_publicEphemeralKeyCompressed));
} else {
v_eccPoint := valueof(m_eccP256CurvePoint_compressed_y_1(v_publicEphemeralKeyCompressed));
}
v_encrypted_data := m_etsiTs103097Data_encrypted(
m_encryptedData(
{
m_recipientInfo_signedDataRecipInfo(
m_pKRecipientInfo(
v_recipientId,
m_encryptedDataEncryptionKey_eciesNistP256(
m_evciesP256EncryptedKey(
v_encrypted_sym_key,
v_authentication_vector
))))
},
m_SymmetricCiphertext_aes128ccm(
m_aesCcmCiphertext(
v_nonce,
v_cypheredPayload
)
)
)
);
log("v_encrypted_data = ", v_encrypted_data);
if (f_decrypt(v_tsPrivateKey, valueof(v_encrypted_data), v_decrypted_data) == false) {
setverdict(fail, "f_decrypt failed");
log("v_decrypted_data = ", v_decrypted_data);
if (not(match(valueof(v_signed_data), v_decrypted_data))) {
setverdict(fail, "Encode/decode mismatch");
}
setverdict(pass, "Full encryption/decryption passed.");
} // End of testcase tc_decrypted_signed_message_1
/**
* @desc Test ECIES encryption/decryption using NIST-P256
* The OBU is the sender, the Test System is te receiver
* @see IEEE Std 1609.2-2017 Clause 5.3.5 Public key encryption algorithms: ECIES
* @see https://www.nominet.uk/researchblog/how-elliptic-curve-cryptography-encryption-works/
* @see http://digital.csic.es/bitstream/10261/32671/1/V2-I2-P7-13.pdf
* @return The encrypted message
*/
testcase tc_decrypted_signed_message_2() runs on TCType system TCType {
var template (value) EtsiTs103097Data v_signed_data;
var EtsiTs103097Data v_signed_data_dec;
var octetstring v_raw_payload_to_be_signed := 'CAFFEDECA0000001'O;
var HashedId8 v_digest := '0000000000000000'O;
var template (value) EtsiTs103097Data v_encrypted_data;
var EtsiTs103097Data v_decrypted_data;
var bitstring v_encMsg;
var Oct32 v_obuPrivateKey, v_obuPublicKeyX, v_obuPublicKeyY;
var Oct32 v_obuPublicKeyCompressed;
var Oct32 v_tsPrivateKey, v_tsPublicKeyX, v_tsPublicKeyY;
var Oct32 v_tsPublicKeyCompressed;
var Oct32 v_publicEphemeralKeyCompressed;
var integer v_ephemeralKeyModeCompressed;
var integer v_obuCompressedMode;
var integer v_tsCompressedMode;
var EccP256CurvePoint v_eccPoint;
var Oct16 v_authentication_vector;
var Oct16 v_encrypted_sym_key;
var Opaque v_cypheredPayload;
var Oct12 v_nonce;
var HashedId8 v_recipientId;
// Simulate OCU & Test System certificate, OBU and Test system exchange their public key
f_generate_key_pair_nistp256(v_obuPrivateKey, v_obuPublicKeyX, v_obuPublicKeyY, v_obuPublicKeyCompressed, v_obuCompressedMode);
f_generate_key_pair_nistp256(v_tsPrivateKey, v_tsPublicKeyX, v_tsPublicKeyY, v_tsPublicKeyCompressed, v_tsCompressedMode);
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
// The OBU is the sender, the Test System is te receiver
v_signed_data := m_etsiTs103097Data_signed(
m_signedData(
sha256,
m_toBeSignedData(
m_signedDataPayload(
m_etsiTs103097Data_unsecured(v_raw_payload_to_be_signed)
),
m_headerInfo_gn(
-,
12345
)
),
{ digest := v_digest },
m_signature_ecdsaNistP256(
m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(
'08B2030104020A0D010C0105C0F80BB1460239348D17405C1A845151D4061200'O
),
'2617CF4E6B25097F03F502AD0C6F2F125974700D31A60FD1EF12040E4D8231AB'O
)
)
)
);
log("v_signed_data = ", v_signed_data);
v_encMsg := encvalue(valueof(v_signed_data));
v_cypheredPayload := f_encryptWithEciesNistp256WithSha256(bit2oct(v_encMsg), v_tsPublicKeyCompressed, v_tsCompressedMode, v_publicEphemeralKeyCompressed, v_ephemeralKeyModeCompressed, v_encrypted_sym_key, v_authentication_vector, v_nonce);
v_recipientId := f_HashedId8FromSha256(f_hashWithSha256(bit2oct(v_encMsg))); // IEEE Std 1609.2a-2017 Clause 6.3.34 PKRecipientInfo
// Fill Certificate template with the public compressed keys (canonical form)
if (v_ephemeralKeyModeCompressed == 0) {
v_eccPoint := valueof(m_eccP256CurvePoint_compressed_y_0(v_publicEphemeralKeyCompressed));
} else {
v_eccPoint := valueof(m_eccP256CurvePoint_compressed_y_1(v_publicEphemeralKeyCompressed));
}
v_encrypted_data := m_etsiTs103097Data_encrypted(
m_encryptedData(
{
m_recipientInfo_signedDataRecipInfo(
m_pKRecipientInfo(
v_recipientId,
m_encryptedDataEncryptionKey_eciesNistP256(
m_evciesP256EncryptedKey(
v_encrypted_sym_key,
v_authentication_vector
))))
},
m_SymmetricCiphertext_aes128ccm(
m_aesCcmCiphertext(
v_nonce,
v_cypheredPayload
)
)
)
);
log("v_encrypted_data = ", v_encrypted_data);
if (f_decrypt(v_tsPrivateKey, valueof(v_encrypted_data), v_decrypted_data) == false) {
setverdict(fail, "f_decrypt failed");
stop;
}
log("v_decrypted_data = ", v_decrypted_data);
if (not(match(valueof(v_signed_data), v_decrypted_data))) {
setverdict(fail, "Encode/decode mismatch");
stop;
}
setverdict(pass, "Full encryption/decryption passed.");
} // End of testcase tc_decrypted_signed_message_2
/**
* @desc Test ECIES encryption/decryption using BRAINPOOL-P256
* The OBU is the sender, the Test System is te receiver
* @see IEEE Std 1609.2-2017 Clause 5.3.5 Public key encryption algorithms: ECIES
* @see https://www.nominet.uk/researchblog/how-elliptic-curve-cryptography-encryption-works/
* @see http://digital.csic.es/bitstream/10261/32671/1/V2-I2-P7-13.pdf
* @return The encrypted message
*/
testcase tc_decrypted_signed_message_3() runs on TCType system TCType {
var template (value) EtsiTs103097Data v_signed_data;
var EtsiTs103097Data v_signed_data_dec;
var octetstring v_raw_payload_to_be_signed := 'CAFFEDECA0000001'O;
var HashedId8 v_digest := '0000000000000000'O;
var template (value) EtsiTs103097Data v_encrypted_data;
var EtsiTs103097Data v_decrypted_data;
var bitstring v_encMsg;
var Oct32 v_obuPrivateKey, v_obuPublicKeyX, v_obuPublicKeyY;
var Oct32 v_obuPublicKeyCompressed;
var Oct32 v_tsPrivateKey, v_tsPublicKeyX, v_tsPublicKeyY;
var Oct32 v_tsPublicKeyCompressed;
var Oct32 v_publicEphemeralKeyCompressed;
var integer v_ephemeralKeyModeCompressed;
var integer v_obuCompressedMode;
var integer v_tsCompressedMode;
var EccP256CurvePoint v_eccPoint;
var Oct16 v_authentication_vector;
var Oct16 v_encrypted_sym_key;
var Opaque v_cypheredPayload;
var Oct12 v_nonce;
var HashedId8 v_recipientId;
// Simulate OCU & Test System certificate, OBU and Test system exchange their public key
f_generate_key_pair_brainpoolp256(v_obuPrivateKey, v_obuPublicKeyX, v_obuPublicKeyY, v_obuPublicKeyCompressed, v_obuCompressedMode);
f_generate_key_pair_brainpoolp256(v_tsPrivateKey, v_tsPublicKeyX, v_tsPublicKeyY, v_tsPublicKeyCompressed, v_tsCompressedMode);
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
// The OBU is the sender, the Test System is te receiver
v_signed_data := m_etsiTs103097Data_signed(
m_signedData(
sha256,
m_toBeSignedData(
m_signedDataPayload(
m_etsiTs103097Data_unsecured(v_raw_payload_to_be_signed)
),
m_headerInfo_gn(
-,
12345
)
),
{ digest := v_digest },
m_signature_ecdsaBrainpoolP256r1(
m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(
'08B2030104020A0D010C0105C0F80BB1460239348D17405C1A845151D4061200'O
),
'2617CF4E6B25097F03F502AD0C6F2F125974700D31A60FD1EF12040E4D8231AB'O
)
)
)
);
log("v_signed_data = ", v_signed_data);
v_encMsg := encvalue(valueof(v_signed_data));
v_cypheredPayload := f_encryptWithEciesBrainpoolp256WithSha256(bit2oct(v_encMsg), v_tsPublicKeyCompressed, v_tsCompressedMode, v_publicEphemeralKeyCompressed, v_ephemeralKeyModeCompressed, v_encrypted_sym_key, v_authentication_vector, v_nonce);
v_recipientId := f_HashedId8FromSha256(f_hashWithSha256(bit2oct(v_encMsg))); // IEEE Std 1609.2a-2017 Clause 6.3.34 PKRecipientInfo
// Fill Certificate template with the public compressed keys (canonical form)
if (v_ephemeralKeyModeCompressed == 0) {
v_eccPoint := valueof(m_eccP256CurvePoint_compressed_y_0(v_publicEphemeralKeyCompressed));
} else {
v_eccPoint := valueof(m_eccP256CurvePoint_compressed_y_1(v_publicEphemeralKeyCompressed));
}
v_encrypted_data := m_etsiTs103097Data_encrypted(
m_encryptedData(
{
m_recipientInfo_signedDataRecipInfo(
m_pKRecipientInfo(
v_recipientId,
m_encryptedDataEncryptionKey_eciesBrainpoolP256r1(
m_evciesP256EncryptedKey(
v_encrypted_sym_key,
v_authentication_vector
))))
},
m_SymmetricCiphertext_aes128ccm(
m_aesCcmCiphertext(
v_nonce,
v_cypheredPayload
)
)
)
);
log("v_encrypted_data = ", v_encrypted_data);
if (f_decrypt(v_tsPrivateKey, valueof(v_encrypted_data), v_decrypted_data) == false) {
setverdict(fail, "f_decrypt failed");
log("v_decrypted_data = ", v_decrypted_data);
if (not(match(valueof(v_signed_data), v_decrypted_data))) {
setverdict(fail, "Encode/decode mismatch");
}
setverdict(pass, "Full encryption/decryption passed.");
}
} // End of testcase tc_decrypted_signed_message_3
/**
* @desc Test ECIES encryption/decryption using BRAINPOOL-P256
* The Test System is the sender, the OBU is te receiver
* @see IEEE Std 1609.2-2017 Clause 5.3.5 Public key encryption algorithms: ECIES
* @see https://www.nominet.uk/researchblog/how-elliptic-curve-cryptography-encryption-works/
* @see http://digital.csic.es/bitstream/10261/32671/1/V2-I2-P7-13.pdf
* @return The encrypted message
*/
testcase tc_decrypted_signed_message_4() runs on TCType system TCType {
var template (value) EtsiTs103097Data v_signed_data;
var EtsiTs103097Data v_signed_data_dec;
var octetstring v_raw_payload_to_be_signed := 'CAFFEDECA0000001'O;
var octetstring v_decrypted_data;
var HashedId8 v_digest := '0000000000000000'O;
var template (value) EtsiTs103097Data v_encrypted_data;
var bitstring v_encMsg;
var Oct32 v_obuPrivateKey, v_obuPublicKeyX, v_obuPublicKeyY;
var Oct32 v_obuPublicKeyCompressed;
var Oct32 v_tsPrivateKey, v_tsPublicKeyX, v_tsPublicKeyY;
var Oct32 v_tsPublicKeyCompressed;
var Oct32 v_publicEphemeralKeyCompressed;
var integer v_ephemeralKeyModeCompressed;
var integer v_obuCompressedMode;
var integer v_tsCompressedMode;
var EccP256CurvePoint v_eccPoint;
var Oct16 v_authentication_vector;
var Oct16 v_encrypted_sym_key;
var Opaque v_cypheredPayload;
var Oct12 v_nonce;
var HashedId8 v_recipientId;
// Simulate OCU & Test System certificate, OBU and Test system exchange their public key
f_generate_key_pair_brainpoolp256(v_obuPrivateKey, v_obuPublicKeyX, v_obuPublicKeyY, v_obuPublicKeyCompressed, v_obuCompressedMode);
f_generate_key_pair_brainpoolp256(v_tsPrivateKey, v_tsPublicKeyX, v_tsPublicKeyY, v_tsPublicKeyCompressed, v_tsCompressedMode);
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
// The OBU is the sender, the Test System is te receiver
v_signed_data := m_etsiTs103097Data_signed(
m_signedData(
sha256,
m_toBeSignedData(
m_signedDataPayload(
m_etsiTs103097Data_unsecured(v_raw_payload_to_be_signed)
),
m_headerInfo_gn(
-,
12345
)
),
{ digest := v_digest },
m_signature_ecdsaBrainpoolP256r1(
m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(
'08B2030104020A0D010C0105C0F80BB1460239348D17405C1A845151D4061200'O
),
'2617CF4E6B25097F03F502AD0C6F2F125974700D31A60FD1EF12040E4D8231AB'O
)
)
)
);
log("v_signed_data = ", v_signed_data);
v_encMsg := encvalue(valueof(v_signed_data));
v_cypheredPayload := f_encryptWithEciesBrainpoolp256WithSha256(bit2oct(v_encMsg), v_obuPublicKeyCompressed, v_obuCompressedMode, v_publicEphemeralKeyCompressed, v_ephemeralKeyModeCompressed, v_encrypted_sym_key, v_authentication_vector, v_nonce);
v_recipientId := f_HashedId8FromSha256(f_hashWithSha256(bit2oct(v_encMsg))); // IEEE Std 1609.2a-2017 Clause 6.3.34 PKRecipientInfo
// Fill Certificate template with the public compressed keys (canonical form)
if (v_ephemeralKeyModeCompressed == 0) {
v_eccPoint := valueof(m_eccP256CurvePoint_compressed_y_0(v_publicEphemeralKeyCompressed));
} else {
v_eccPoint := valueof(m_eccP256CurvePoint_compressed_y_1(v_publicEphemeralKeyCompressed));
}
v_encrypted_data := m_etsiTs103097Data_encrypted(
m_encryptedData(
{
m_recipientInfo_signedDataRecipInfo(
m_pKRecipientInfo(
v_recipientId,
m_encryptedDataEncryptionKey_eciesBrainpoolP256r1(
m_evciesP256EncryptedKey(
v_encrypted_sym_key,
v_authentication_vector
))))
},
m_SymmetricCiphertext_aes128ccm(
m_aesCcmCiphertext(
v_nonce,
v_cypheredPayload
)
)
)
);
log("v_encrypted_data = ", v_encrypted_data);
v_decrypted_data := ''O;
/* FIXME v_decrypted_data := f_decryptWithEciesBrainpoolp256WithSha256(
valueof(v_encrypted_data.content.encryptedData.ciphertext.aes128ccm.ccmCiphertext), // The encrypted message
valueof(v_encrypted_data.content.encryptedData.recipients[0].signedDataRecipInfo.encKey.eciesBrainpoolP256r1.v.uncompressedP256.x), // The public ephemeral key X-coordinate
valueof(v_encrypted_data.content.encryptedData.recipients[0].signedDataRecipInfo.encKey.eciesBrainpoolP256r1.v.uncompressedP256.y), // The public ephemeral key Y-coordinate
valueof(v_encrypted_data.content.encryptedData.recipients[0].signedDataRecipInfo.encKey.eciesBrainpoolP256r1.c), // The encrypted symmetric key
valueof(v_encrypted_data.content.encryptedData.recipients[0].signedDataRecipInfo.encKey.eciesBrainpoolP256r1.t), // The encrypted symmetric key tag
valueof(v_encrypted_data.content.encryptedData.ciphertext.aes128ccm.nonce) // The AES 128 nonce
v_encMsg := oct2bit(v_decrypted_data);
if (decvalue(v_encMsg, v_signed_data_dec) != 0) {
setverdict(fail, "decvalue failed");
stop;
} else {
log("v_decrypted_data = ", v_signed_data_dec);
if (not(match(valueof(v_signed_data), v_signed_data_dec))) {
setverdict(fail, "Encode/decode mismatch");
stop;
}
}
setverdict(pass, "Full encryption/decryption passed.");
} // End of testcase tc_decrypted_signed_message_4
control {
execute(tc_test_hmac_sha256_test1());
execute(tc_test_hmac_sha256_test2());
execute(tc_test_hmac_sha256_test3());
execute(tc_test_encrypt_aes_128_ccm_test_1());
execute(tc_test_encrypt_aes_128_ccm_test_2());
execute(tc_test_encrypt_aes_128_ccm_test_3());
execute(tc_encrypted_signed_message_1());
execute(tc_decrypted_signed_message_2());
execute(tc_decrypted_signed_message_3());
execute(tc_decrypted_signed_message_4());
}
} // End of module TestCodec_SignedAndEncryptedMessages