Newer
Older
/*
* @author
*
* @version
* 1.0
* @desc
*
* @remark
*
* @see
*
*/
module TestCodec_Pki {
// Libcommon
import from LibCommon_Time all;
import from LibCommon_VerdictControl all;
import from LibCommon_Sync all;
import from LibCommon_BasicTypesAndValues all;
// LibIts
import from IEEE1609dot2BaseTypes language "ASN.1:1997" all;
import from IEEE1609dot2 language "ASN.1:1997" all;
import from EtsiTs102941BaseTypes language "ASN.1:1997" all;
import from EtsiTs102941TypesEnrolment language "ASN.1:1997" all;
import from EtsiTs102941MessagesItss language "ASN.1:1997" all;
import from EtsiTs103097Module language "ASN.1:1997" all;
// LibItsCommon
import from LibItsCommon_TypesAndValues all;
import from LibItsCommon_TypesAndValues all;
import from LibItsCommon_ASN1_NamedNumbers all;
// LibItsSecurity
import from LibItsSecurity_TypesAndValues all;
import from LibItsSecurity_Templates all;
import from LibItsSecurity_Functions all;
// LibItsHttp
import from LibItsHttp_TypesAndValues all;
import from LibItsHttp_Templates all;
import from LibItsHttp_BinaryTemplates all;
import from LibItsHttp_Functions all;
// TestCodec
import from TestCodec_TestAndSystem all;
testcase tc_inner_ec_request_1() runs on TCType system TCType {
var integer v_res := 0;
var EtsiTs103097Certificate v_certificate;
var InnerEcRequest v_innerEcRequest;
var bitstring v_exp_enc_msg := oct2bit('0004544F444F01008083A72B88B6A1ADEEBA7FC18772952F053A81BD18635EE5AB08ED1376C107B5413968831874E3808466A8C0'O);
var bitstring v_enc_msg := oct2bit('8003008100288300000000001874e3808466a8c001018080010e80012482080301ffff0301ffff800125820a0401ffffff0401ffffff800189820a0401ffffff0401ffffff80018a820a0401ffffff0401ffffff80018b820a0401ffffff0401ffffff80018c820a0401ffffff0401ffffff00018d0001600001610001620001630001640001650001660102808083a72b88b6a1adeeba7fc18772952f053a81bd18635ee5ab08ed1376c107b541398080c0290e397381bf7502a0e6a6b271d8e2f18fc8311f591f0528a673ee5169f670e224ac455b5e67eb251cc1467f6ffc6840987c8c8eb9245c22be73322b64ca54'O); // CERT_IUT_A_RCA.oer
var Oct32 v_private_key := 'd79ef1d533b0385463a5d15708e94ff4f0d281cccbef504acd3afbb82dc0499f'O; // CERT_IUT_A_RCA.vkey
// Decode certificate
v_res := decvalue(v_enc_msg, v_certificate);
if (v_res == 0) {
log("Decoded message: ", v_certificate);
v_innerEcRequest := valueof(m_innerEcRequest(
"TODO",
m_publicKeys(
v_certificate.toBeSigned.verifyKeyIndicator.verificationKey,
v_certificate.toBeSigned.encryptionKey
),
m_certificateSubjectAttributes(
v_certificate.toBeSigned.appPermissions,
v_certificate.toBeSigned.validityPeriod,
v_certificate.toBeSigned.region,
v_certificate.toBeSigned.assuranceLevel
)));
v_enc_msg := encvalue(v_innerEcRequest);
log("Encoded message: ", bit2oct(v_enc_msg));
if (not isbound(v_enc_msg)) {
setverdict(fail, "Encoding InnerEcRequest failed!");
if (not match(v_enc_msg, v_exp_enc_msg)) {
log("Expected message: ", bit2oct(valueof(v_exp_enc_msg)));
setverdict(fail, "Encoding InnerEcRequest failed, not the expected result!");
v_res := decvalue(v_exp_enc_msg, v_exp_innerEcReq);
if (v_res == 0) {
log("Decoded message: ", v_certificate);
setverdict(pass, "Decoded succeed");
if (not match(v_innerEcRequest, v_exp_innerEcReq)) {
log("Expected message: ", bit2oct(valueof(v_exp_enc_msg)));
setverdict(fail, "Encoding failed, not the expected result!");
stop;
}
} else {
setverdict(fail, "Decoding failed");
testcase tc_inner_ec_request_2() runs on ItsPki system ItsPkiSystem {
// Local variables
var Oct32 v_private_key;
var Oct32 v_publicKeyX;
var Oct32 v_publicKeyY;
var Oct32 v_publicKeyCompressed;
var integer v_compressedMode;
var InnerEcRequest v_inner_ec_request;
if (not(PICS_SEC_FIXED_KEYS)) {
setverdict(inconc, "Please set PICS_SEC_FIXED_KEYS to true");
stop;
}
map(self:pkiPort, system:pkiPort);
// Create PKI InnerEcRequest request
if (f_generate_innerEcRequestSignedForPop(v_private_key, v_publicKeyX, v_publicKeyY, v_publicKeyCompressed, v_compressedMode, v_inner_ec_request) == false) {
setverdict(fail, "Failed to setup InnerEcRequestPoP message");
stop;
// Send message
pkiPort.send(v_inner_ec_request);
tc_ac.stop;
setverdict(pass, "Encoding passed.");
}
[] tc_ac.timeout {
setverdict(inconc, "No response");
}
} // End of 'alt' statement
testcase tc_inner_ec_request_3() runs on TCType system TCType {
var Oct32 v_private_key;
var Oct32 v_publicKeyX;
var Oct32 v_publicKeyY;
var Oct32 v_publicKeyCompressed;
var integer v_compressedMode;
var bitstring v_ieee1609dot2_signed_and_encrypted_data_msg := oct2bit('03820101837DA6A4D546B31E7B80835BE58FC39F42EB634104671FAF87C3B2C95193D88B0A8F68857C11227C01E908809ED0C1BB8223D5DA6E0B57FA978B23F273E0877B4780EEB550658E2AAF9245804DB1820F92F84641C310A5FD81DCCBA65FA91EB27DC56B378446A44D68AB3754A8555F2061BFD1CD0E39DB425D703FDE7C8237C29FDCB723A6EBAEAB689C359A30CFA282D29BFFF4973AA0D46CBAB91D30AC88FA50422F4366A38287BF5E12FEF76B9B792C49676E872DBCB41B339ECD3DB9739776421F8B1A96B209896B6BDB3C7902BABB74BB883066756B5BD8C19ACEDA91D6A28341BF98A357BCE602A0825BF254B1A15F5DF32D3CA874CC983D2AC23A2A6B79F5BB1B3CE8B8E4BA25DEF4B7D7ED1FCB2264E17838F5662059CA389D23E1F7DC507365297C7CCE31A818BE0328C1BCCC8E6DC4AF70'O);
var bitstring v_ieee1609dot2_signed_msg := oct2bit('0381004003807E000E43616E6F6E6963616C4974734964018080827029A9B20D22AE37B1344B7FCC2322C8F1E5ECE09C39CC289E500A9487298B9B0080827029A9B20D22AE37B1344B7FCC2322C8F1E5ECE09C39CC289E500A9487298B9B7C83010A8F1C86000A83010280000C800022C00102800124810403830001800125810403830001000230398280806A96FBF29077905A5A4C77868FD91384B0A68F98864B35D38ADF7B10D5A2CB4271DADB0EA31EFE47A50DA2F89F580DA6FCE20948E1D4C82A9A08AC6AEC17DA69'O);
var Ieee1609Dot2Data v_ieee1609dot2_signed_and_encrypted_data;
var Ieee1609Dot2Data v_ieee1609dot2_signed_data;
var integer v_result;
if (not(PICS_SEC_FIXED_KEYS)) {
setverdict(inconc, "Please set PICS_SEC_FIXED_KEYS to true");
f_generate_key_pair_nistp256(v_private_key, v_publicKeyX, v_publicKeyY, v_publicKeyCompressed, v_compressedMode);
// Decode encrypted InnerEcRequest
v_result := decvalue(v_ieee1609dot2_signed_and_encrypted_data_msg, v_ieee1609dot2_signed_and_encrypted_data);
if (v_result == 0) {
log("Decoded message: ", v_ieee1609dot2_signed_and_encrypted_data);
setverdict(pass, "Decoded succeed");
} else {
setverdict(fail, "Decoding failed");
// Decrypt InnerEcRequest
f_decrypt(v_private_key, v_ieee1609dot2_signed_and_encrypted_data, v_ieee1609dot2_signed_data);
log("v_ieee1609dot2_signed_data= ", v_ieee1609dot2_signed_data);
// Verify signature
// Extract InnerEcRequest
setverdict(pass);
testcase tc_inner_ec_response_1() runs on TCType system TCType {
var Oct32 v_private_key;
var Oct32 v_publicKeyX;
var Oct32 v_publicKeyY;
var Oct32 v_publicKeyCompressed;
var integer v_compressedMode;
var EccP256CurvePoint v_eccPoint;
var SequenceOfPsidSsp v_appPermissions := { // ETSI TS 102 965 Table A.1: ETSI ITS standardized ITS-AIDs
valueof(m_appPermissions(36, { bitmapSsp := '830001'O })),
valueof(m_appPermissions(37, { bitmapSsp := '830001'O }))
};
var octetstring v_inner_ec_request := '000E43616E6F6E6963616C4974734964018080827029A9B20D22AE37B1344B7FCC2322C8F1E5ECE09C39CC289E500A9487298B9B0080827029A9B20D22AE37B1344B7FCC2322C8F1E5ECE09C39CC289E500A9487298B9B7C83010A8F1C86000A83010280000C800022C00102800124810403830001800125810403830001'O;
var template (value) EtsiTs103097Certificate v_cert;
var bitstring v_tbs;
var Oct32 v_sig;
var bitstring v_enc_msg;
var integer v_res := 0;
var InnerEcResponse v_innerEcResponse;
if (not(PICS_SEC_FIXED_KEYS)) {
setverdict(inconc, "Please set PICS_SEC_FIXED_KEYS to true");
stop;
}
f_generate_key_pair_nistp256(v_private_key, v_publicKeyX, v_publicKeyY, v_publicKeyCompressed, v_compressedMode);
// Build certificate based on keys
if (v_compressedMode == 0) {
v_eccPoint := valueof(m_eccP256CurvePoint_compressed_y_0(v_publicKeyCompressed));
v_eccPoint := valueof(m_eccP256CurvePoint_compressed_y_1(v_publicKeyCompressed));
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
v_cert := m_etsiTs103097Certificate(
m_issuerIdentifier_sha256AndDigest(f_HashedId8FromSha256(f_hashWithSha256('616263'O))),
m_toBeSignedCertificate_at(
v_appPermissions,
m_verificationKeyIndicator_verificationKey(
m_publicVerificationKey_ecdsaNistP256(
v_eccPoint
)),
m_validityPeriod(
17469212,
m_duration_years(10)
),
m_geographicRegion_identifiedRegion(
{
m_identifiedRegion_country_only(12),
m_identifiedRegion_country_only(34)
}
)
)
);
// Encode it ==> Get octetstring
log("Encode template ", valueof(v_cert.toBeSigned));
v_tbs := encvalue(v_cert.toBeSigned);
// Sign the certificate using ECDSA/SHA-256 (NIST p-256)
v_sig := f_signWithEcdsaNistp256WithSha256(bit2oct(v_tbs), int2oct(11, 32), v_private_key);
v_cert.signature_ := m_signature_ecdsaNistP256(
m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(
substr(v_sig, 0, 32)
),
substr(v_sig, 32, 32)
)
);
log("v_cert= ", v_cert);
// Create InnerEcResponse request
v_innerEcResponse := valueof(m_innerEcResponse_ok(
substr(f_hashWithSha256(v_inner_ec_request), 0, 16),
v_cert
));
// Encode InnerEcResponse template
log("Encode template ", v_innerEcResponse);
v_enc_msg := encvalue(v_innerEcResponse);
log("Encoded message: ", bit2oct(v_enc_msg));
// Check result
if (not isbound(v_enc_msg)) {
setverdict(fail, "Encoding failed!");
stop;
}
setverdict(pass, "Encoding passed.");
} // End of testcase tc_inner_ec_response_1
control {
execute(tc_inner_ec_request_1());
execute(tc_inner_ec_request_2());