Skip to content
GitLab
Commit 102e454e authored by garciay's avatar garciay
Browse files

Validate signatures support

parent 8fb15219
Hide whitespace changes
Inline Side-by-side
ttcn/TestCodec/TestCodec_Certificates.ttcn
View file @ 102e454e
......@@ -45,20 +45,16 @@ module TestCodec_Certificates {
var SequenceOfPsidSspRange v_certRequestPermissions := { // FIXME Could this componet be present? If yes, What is the content of certIssuePermissions?
valueof(m_psidSspRange(2))
};
var octetstring v_private_key := ''O;
var octetstring v_publicKeyX := ''O;
var octetstring v_publicKeyY := ''O;
var Oct32 v_private_key;
var Oct32 v_publicKeyX;
var Oct32 v_publicKeyY;
var octetstring v_sig := ''O;
var bitstring v_encMsg := ''B;
var octetstring v_expMsg := '80030080B410FF61F20015AD14830000000000010A8F1C86000A01028001248104038300018001258104038300010101E080010180010281010101000080808449E507DAAF4491A8D0FC9C17F77C967DDD151486366BDC0E72D33080C2DA46FA16B287752B5A91FC51DD7A527C069F45D5A6E58F3AEE512721081714B2BE4EF680803EC42C4A802FA43A9146ECFEBA45C096E1761BAD2139B4138B5D02075E955D81E73DB92A3AA346F23A4964911F84E970C94B804517B363D5FEB70B6C47E8BB02'O
if (f_generate_key_pair(v_private_key, v_publicKeyX, v_publicKeyY) == false) {
setverdict(fail);
stop;
}
log("v_private_key = ", v_private_key);
log("v_public_key X= ", v_publicKeyX);
log("v_public_key Y= ", v_publicKeyY);
v_cert := m_etsiTs103097Certificate(
m_issuerIdentifier_sha256AndDigest(v_sha256AndDigest),
......@@ -70,7 +66,7 @@ module TestCodec_Certificates {
v_publicKeyX,
v_publicKeyY
))),
{
{
m_psidGroupPermissions(
m_subjectPermissions_explicit(
v_certRequestPermissions
......@@ -96,19 +92,92 @@ module TestCodec_Certificates {
substr(v_sig, 32, 32)
)
);
if (f_verifyWithEcdsaNistp256WithSha256(bit2oct(v_encMsg), v_sig, v_publicKeyX, v_publicKeyY) == false) {
// Final certificate
TestEtsiTs103097Certificate(v_cert, false);
} // End of testcase tc_at_certificate_sha256_1
/**
* @desc Authorisation Ticket certificate
* @see ETSI TS 103 097 V1.3.1 Clause 7.2.1 Authorization tickets
*/
testcase tc_at_certificate_sha256_2() runs on TCType system TCType {
var template (value) EtsiTs103097Certificate v_cert; // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 1
var EtsiTs103097Certificate v_cert_dec;
var HashedId8 v_sha256AndDigest := f_HashedId8FromSha256(f_hashWithSha256('616263'O)); // ETSI TS 103 097 V1.3.1 Clause 7.2.1 Authorization tickets #2
var SequenceOfPsidSsp v_appPermissions := { // ETSI TS 102 965 Table A.1: ETSI ITS standardized ITS-AIDs
valueof(m_appPermissions(36, { bitmapSsp := '830001'O })),
valueof(m_appPermissions(37, { bitmapSsp := '830001'O }))
};
var SequenceOfPsidSspRange v_certRequestPermissions := { // FIXME Could this componet be present? If yes, What is the content of certIssuePermissions?
valueof(m_psidSspRange(2))
};
var Oct32 v_private_key;
var Oct32 v_publicKeyX;
var Oct32 v_publicKeyY;
var octetstring v_sig := ''O;
var bitstring v_encMsg := ''B;
if (f_generate_key_pair(v_private_key, v_publicKeyX, v_publicKeyY) == false) {
setverdict(fail);
stop;
}
v_sig := '8c7680711d974eb007afe2acc820a5d2b71b34d29f04d0f9cbac9a545007a1acad504ab895e28e55f9f9ccda22bac976b8c63aff741c2aeb6805a6ffb334094e'O
if (f_verifyWithEcdsaNistp256WithSha256(bit2oct(v_encMsg), v_sig, v_publicKeyX, v_publicKeyY) == true) {
v_cert := m_etsiTs103097Certificate(
m_issuerIdentifier_sha256AndDigest(v_sha256AndDigest),
m_toBeSignedCertificate_at(
v_appPermissions,
m_verificationKeyIndicator_verificationKey( // FIXME Do we use it? If so what is the content?
m_publicVerificationKey_ecdsaNistP256(
m_eccP256CurvePoint_uncompressed(
v_publicKeyX,
v_publicKeyY
))),
{
m_psidGroupPermissions(
m_subjectPermissions_explicit(
v_certRequestPermissions
))
},
m_validityPeriod(
17469212,
m_duration_years(10)
)
)
);
// Encode it ==> Get octetstring
log("Encode template ", valueof(v_cert.toBeSigned));
v_encMsg := encvalue(v_cert.toBeSigned);
// Sign the certificate using ECDSA/SHA-256 (NIST p-256)
v_sig := f_signWithEcdsaNistp256WithSha256(bit2oct(v_encMsg), v_private_key);
v_cert.signature_ := m_signature_ecdsaNistP256(
m_ecdsaNistP256Signature(
m_eccP256CurvePoint_x_only(
substr(v_sig, 0, 32)
),
substr(v_sig, 32, 32)
)
);
// Final certificate
v_encMsg := TestEtsiTs103097Certificate(v_cert, false);
if (decvalue(v_encMsg, v_cert_dec) != 0) {
setverdict(fail);
stop;
}
// Final certificate
TestEtsiTs103097Certificate(v_cert, true, oct2bit(v_expMsg));
} // End of testcase tc_at_certificate_sha256_1
v_encMsg := encvalue(v_cert_dec.toBeSigned);
if (f_verifyWithEcdsaNistp256WithSha256(
bit2oct(v_encMsg),
v_cert_dec.signature_.ecdsaNistP256Signature.rSig.x_only & v_cert_dec.signature_.ecdsaNistP256Signature.sSig,
v_cert_dec.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.uncompressedP256.x,
v_cert_dec.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.uncompressedP256.y
) == false) {
setverdict(fail);
} else {
setverdict(pass)
}
} // End of testcase tc_at_certificate_sha256_2
testcase tc_root_certificate_1() runs on TCType system TCType {
var template (value) EtsiTs103097Certificate v_cert; // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 1
......@@ -250,7 +319,7 @@ module TestCodec_Certificates {
TestEtsiTs103097Certificate(v_cert, true, oct2bit(v_exp_enc_msg));
} // End of testcase tc_certificate_1
} // End of testcase tc_certificate_asn1c_1
group encdec_functions {
......@@ -258,7 +327,7 @@ module TestCodec_Certificates {
in template (value) EtsiTs103097Certificate p_cert,
in boolean p_decode := true,
in template (omit) bitstring p_expEncMsg := omit
) runs on TCType {
) runs on TCType return bitstring {
var bitstring v_encMsg;
var template (omit) TestRecord v_tr := { bs := p_expEncMsg };
var EtsiTs103097Certificate v_decMsg;
......@@ -302,12 +371,15 @@ module TestCodec_Certificates {
}
}
}
return v_encMsg;
}
} // End of group encdec_functions
control {
execute(tc_at_certificate_sha256_1());
execute(tc_at_certificate_sha256_2());
execute(tc_root_certificate_1());
execute(tc_certificate_asn1c_1());
}
} // End of module TestCodec_Certificates
ttcn/TestCodec/TestCodec_SecuredFuntions.ttcn
View file @ 102e454e
......@@ -33,7 +33,7 @@ module TestCodec_SecuredFuntions {
testcase tc_sha256_1() runs on TCType system TCType {
var octetstring v_test := '616263'O;
var octetstring v_exp_hash := 'ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad'O;
var Oct32 v_exp_hash := 'ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad'O;
var Oct32 v_hash;
v_hash := f_hashWithSha256(v_test);
......@@ -45,4 +45,184 @@ module TestCodec_SecuredFuntions {
}
} // End of test tc_sha256_1
testcase tc_sha384_1() runs on TCType system TCType {
var octetstring v_test := '616263'O;
var Oct48 v_exp_hash := 'CB00753F45A35E8BB5A03D699AC65007272C32AB0EDED1631A8B605A43FF5BED8086072BA1E7CC2358BAECA134C825A7'O;
var Oct48 v_hash;
v_hash := f_hashWithSha384(v_test);
if (match(v_hash, v_exp_hash) == false) {
setverdict(fail);
} else {
setverdict(pass);
}
} // End of test tc_sha384_1
testcase tc_f_generate_key_pair_1() runs on TCType system TCType {
var Oct32 v_private_key;
var Oct32 v_publicKeyX;
var Oct32 v_publicKeyY;
if (f_generate_key_pair(v_private_key, v_publicKeyX, v_publicKeyY) == false) {
setverdict(fail);
stop;
}
log("v_private_key = ", v_private_key);
log("v_public_key X= ", v_publicKeyX);
log("v_public_key Y= ", v_publicKeyY);
setverdict(pass);
} // End of test tc_f_generate_key_pair_1
testcase tc_f_signWithEcdsaNistp256WithSha256_1() runs on TCType system TCType {
var Oct32 v_private_key;
var Oct32 v_publicKeyX;
var Oct32 v_publicKeyY;
var octetstring v_encMsg := '0A0A0102030405060708090A0B0C0D0E0F0A0A'O;
var octetstring v_sig := ''O;
if (f_generate_key_pair(v_private_key, v_publicKeyX, v_publicKeyY) == false) {
setverdict(fail);
stop;
}
log("v_private_key = ", v_private_key);
log("v_public_key X= ", v_publicKeyX);
log("v_public_key Y= ", v_publicKeyY);
v_sig := f_signWithEcdsaNistp256WithSha256(v_encMsg, v_private_key);
if (lengthof(v_sig) == 0) {
setverdict(fail);
stop;
}
setverdict(pass);
} // End of test tc_f_signWithEcdsaNistp256WithSha256_1
testcase tc_f_verifyWithEcdsaNistp256WithSha256_1() runs on TCType system TCType {
var Oct32 v_private_key;
var Oct32 v_publicKeyX;
var Oct32 v_publicKeyY;
var octetstring v_encMsg := '0A0A0102030405060708090A0B0C0D0E0F0A0A'O;
var octetstring v_sig := ''O;
if (f_generate_key_pair(v_private_key, v_publicKeyX, v_publicKeyY) == false) {
setverdict(fail);
stop;
}
log("v_private_key = ", v_private_key);
log("v_public_key X= ", v_publicKeyX);
log("v_public_key Y= ", v_publicKeyY);
v_sig := f_signWithEcdsaNistp256WithSha256(v_encMsg, v_private_key);
if (lengthof(v_sig) == 0) {
setverdict(fail);
stop;
}
if (f_verifyWithEcdsaNistp256WithSha256(v_encMsg, v_sig, v_publicKeyX, v_publicKeyY) == false) {
setverdict(fail);
stop;
} else {
setverdict(pass);
}
} // End of test tc_f_verifyWithEcdsaNistp256WithSha256_1
testcase tc_f_verifyWithEcdsaNistp256WithSha256_2() runs on TCType system TCType {
var Oct32 v_private_key;
var Oct32 v_publicKeyX;
var Oct32 v_publicKeyY;
var Oct32 v_private_key_wrong;
var octetstring v_encMsg := '0A0A0102030405060708090A0B0C0D0E0F0A0A'O;
var octetstring v_sig := ''O;
if (f_generate_key_pair(v_private_key, v_publicKeyX, v_publicKeyY) == false) {
setverdict(fail);
stop;
}
log("v_private_key = ", v_private_key);
log("v_public_key X= ", v_publicKeyX);
log("v_public_key Y= ", v_publicKeyY);
v_private_key_wrong := v_private_key;
v_sig := f_signWithEcdsaNistp256WithSha256(v_encMsg, v_private_key);
if (lengthof(v_sig) == 0) {
setverdict(fail);
stop;
}
if (f_verifyWithEcdsaNistp256WithSha256(v_encMsg, v_sig, v_publicKeyX, v_publicKeyY) == false) {
setverdict(fail);
stop;
} else {
setverdict(pass);
}
v_private_key_wrong[2] := 'AA'O;
v_sig := f_signWithEcdsaNistp256WithSha256(v_encMsg, v_private_key_wrong);
if (lengthof(v_sig) == 0) {
setverdict(fail);
stop;
}
if (f_verifyWithEcdsaNistp256WithSha256(v_encMsg, v_sig, v_publicKeyX, v_publicKeyY) == true) {
setverdict(fail);
stop;
} else {
setverdict(pass);
}
} // End of test tc_f_verifyWithEcdsaNistp256WithSha256_2
testcase tc_f_verifyWithEcdsaNistp256WithSha256_3() runs on TCType system TCType {
var Oct32 v_private_key;
var Oct32 v_publicKeyX;
var Oct32 v_publicKeyY;
var octetstring v_encMsg := '0A0A0102030405060708090A0B0C0D0E0F0A0A'O;
var octetstring v_sig := ''O;
var octetstring v_sig_wrong := ''O;
var Oct32 v_publicKeyX_wrong;
var Oct32 v_publicKeyY_wrong;
if (f_generate_key_pair(v_private_key, v_publicKeyX, v_publicKeyY) == false) {
setverdict(fail);
stop;
}
log("v_private_key = ", v_private_key);
log("v_public_key X= ", v_publicKeyX);
log("v_public_key Y= ", v_publicKeyY);
v_sig := f_signWithEcdsaNistp256WithSha256(v_encMsg, v_private_key);
if (f_verifyWithEcdsaNistp256WithSha256(v_encMsg, v_sig, v_publicKeyX, v_publicKeyY) == false) {
setverdict(fail);
stop;
}
if (f_verifyWithEcdsaNistp256WithSha256('0A0A0A0A'O, v_sig, v_publicKeyX, v_publicKeyY) == true) {
setverdict(fail);
stop;
}
v_sig_wrong := v_sig;
v_sig_wrong[0] := 'FF'O;
if (f_verifyWithEcdsaNistp256WithSha256(v_encMsg, v_sig_wrong, v_publicKeyX, v_publicKeyY) == true) {
setverdict(fail);
stop;
}
v_publicKeyX_wrong := v_publicKeyX;
v_publicKeyX_wrong[0] := 'FF'O;
if (f_verifyWithEcdsaNistp256WithSha256(v_encMsg, v_sig, v_publicKeyX_wrong, v_publicKeyY) == true) {
setverdict(fail);
stop;
}
v_publicKeyY_wrong := v_publicKeyY;
v_publicKeyY_wrong[0] := 'FF'O;
if (f_verifyWithEcdsaNistp256WithSha256(v_encMsg, v_sig, v_publicKeyX, v_publicKeyY_wrong) == true) {
setverdict(fail);
stop;
}
setverdict(pass);
} // End of test tc_f_verifyWithEcdsaNistp256WithSha256_3
} // End of module TestCodec_SecuredFuntions
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment