Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
/**
* @author ETSI / STF544
* @version $URL$
* $Id$
* @desc Module containing functions for ITS PKI ATS
* @copyright ETSI Copyright Notification
* No part may be reproduced except as authorized by written permission.
* The copyright and the foregoing restriction extend to reproduction in all media.
* All rights reserved.
*
*/
module ItsPki_Functions {
// LibCommon
import from LibCommon_BasicTypesAndValues all;
import from LibCommon_Time all;
// LibIts
import from IEEE1609dot2BaseTypes language "ASN.1:1997" all;
import from IEEE1609dot2 language "ASN.1:1997" all;
import from EtsiTs102941BaseTypes language "ASN.1:1997" all;
import from EtsiTs102941TypesEnrolment language "ASN.1:1997" all;
import from EtsiTs102941MessagesItss language "ASN.1:1997" all;
import from EtsiTs103097Module language "ASN.1:1997" all;
// LibItsCommon
import from LibItsCommon_TestSystem all;
import from LibItsCommon_Functions all;
import from LibItsCommon_ASN1_NamedNumbers all;
// LibItsDenm
import from LibItsDenm_Templates all;
import from LibItsDenm_Functions all;
import from LibItsDenm_TestSystem all;
// LibItsCam
import from LibItsCam_Templates all;
import from LibItsCam_Functions all;
import from LibItsCam_TestSystem all;
// LibItsGeoNetworking
import from LibItsGeoNetworking_TestSystem all;
import from LibItsGeoNetworking_Functions all;
import from LibItsGeoNetworking_Templates all;
import from LibItsGeoNetworking_TypesAndValues all;
// LibItsSecurity
import from LibItsSecurity_TypesAndValues all;
import from LibItsSecurity_Templates all;
import from LibItsSecurity_Functions all;
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
function f_sendEnrollmentRequest(
in template (value) InnerEcRequest p_innerEcRequest,
in charstring p_configId,
in template (value) HeaderInfo p_headerInfo,
in SignerIdentifier p_signerIdentifier,
in boolean p_addMissingHeaders := true
) runs on ItsGeoNetworking return GeoNetworkingPdu {
// Local variables
var GnNonSecuredPacket v_gnNonSecuredPacket;
var octetstring v_encMsg;
var octetstring v_gnPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
var EtsiTs103097Data v_securedMessage := {};
// Encode the unsecured payload
v_encMsg := bit2oct(encvalue(valueof(p_innerEcRequest)));
v_gnPayload := bit2oct(encvalue(valueof(p_innerEcRequest)));
// Build signed Ieee1609Dot2Data
v_gnNonSecuredPacket := valueof(
m_geoNwUnicastPacket_with_payload(
v_longPosVectorNodeB,
f_getIutShortPosVector(),
vc_localSeqNumber,
c_defaultHopLimit,
m_trafficClass,
v_gnPayload
));
// Encode it
v_gnPayload := bit2oct(
encvalue(
v_gnNonSecuredPacket
)
);
f_buildGnSecuredPki(
v_securedMessage,
valueof(m_toBeSignedData(
m_signedDataPayload(
m_etsiTs103097Data_unsecured(
v_gnPayload
)),
p_headerInfo
)),
p_signerIdentifier,
p_configId/*,
p_addMissingHeaders*/
);
// Return secured Gn packet
return valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage));
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
function f_buildGnSecuredPki(
inout EtsiTs103097Data p_securedMessage,
in ToBeSignedData p_payloadField,
in SignerIdentifier p_signerIdentifierType,
in charstring p_certificateName := ""/*,
in boolean p_addMissingHeaders := true*/
) runs on ItsSecurityBaseComponent return boolean {
// Local variables
var EtsiTs103097Certificate v_aaCertificate, v_atCertificate;
// Load certificates if required
if (f_prepareCertificates(p_certificateName, v_aaCertificate, v_atCertificate) == false) {
return false;
}
//log("f_buildGnSecuredPki: v_atCertificate = ", v_atCertificate);
// Fill the structure with default values, these values will be updated later
p_securedMessage := valueof(m_etsiTs103097Data_signed(
m_signedData(
sha256,
p_payloadField,
m_signerIdentifier_self,
m_signature_ecdsaNistP256(
m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(int2oct(0, 32)),
int2oct(0, 32)
)
)
)
));
// Prepare mandatory headers
//log("f_buildGnSecuredPki: p_signerIdentifierType=", p_signerIdentifierType);
if (ischosen(p_signerIdentifierType.certificate)) { // Add the AT certificate
log("*** " & testcasename() & "f_buildGnSecuredPki: TODO ***");
stop;
/* TODO
* v_signerInfo := valueof(
m_header_info_signer_info(
m_signerIdentifier_certificate(
v_atCertificate
)));
} else if (valueof(p_signerIdentifierType) == e_certificate_chain) { // Add the AT certificate + AA EtsiTs103097Certificate
v_signerInfo := valueof(
m_header_info_signer_info(
m_signerIdentifier_certificates(
{
v_aaCertificate,
v_atCertificate
}
)
));*/
} else if (ischosen(p_signerIdentifierType.digest)) { // Add the AT certificate digest
if (ischosen(v_atCertificate.issuer.sha256AndDigest)) {
p_securedMessage.content.signedData.hashId := sha256;
p_securedMessage.content.signedData.signer := valueof(m_signerIdentifier_digest(
f_calculateDigestSha256FromCertificate(v_atCertificate)
));
} else if (ischosen(v_atCertificate.issuer.sha384AndDigest)) {
p_securedMessage.content.signedData.hashId := sha384;
p_securedMessage.content.signedData.signer := valueof(m_signerIdentifier_digest(
f_calculateDigestSha384FromCertificate(v_atCertificate)
));
}
} else {
log("*** " & testcasename() & "f_buildGnSecuredPki: TODO ***");
stop;
}
if (ispresent(v_atCertificate.signature_)) {
if (ischosen(v_atCertificate.signature_.ecdsaBrainpoolP256r1Signature)) {
p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP256r1(
m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(int2oct(0, 32)),
int2oct(0, 32)
)
));
} else if (ischosen(v_atCertificate.signature_.ecdsaBrainpoolP384r1Signature)) {
p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP384r1(
m_ecdsaP384Signature(
m_eccP384CurvePoint_x_only(int2oct(0, 48)),
int2oct(0, 48)
)
));
} // else, m_signature_ecdsaNistP256 already chosen by default
}
//log("f_buildGnSecuredPki: p_securedMessage = ", p_securedMessage);
return f_buildGnSecuredMessage(p_securedMessage, p_certificateName, p_payloadField/*, v_mandatoryHeaders*/);
} // End of function f_buildGnSecuredPki
} // End of module ItsPki_Functions