Commit 11b20e3a authored by YannGarcia's avatar YannGarcia
Browse files

Enhance AtsPki

parent 2c43ed71
......@@ -1135,6 +1135,123 @@ namespace LibItsSecurity__Functions
return TRUE;
}
BOOLEAN fx__get__uncompressed__key__nistp256(
const OCTETSTRING& p__privateKey,
const OCTETSTRING& p__publicKeyCompressed,
const INTEGER& p__compressedMode,
OCTETSTRING& p__publicKeyY
) {
security_ecc k(ec_elliptic_curves::nist_p_256, p__privateKey);
// Sanity checks
if (k.private_key().lengthof() != 32) {
loggers::get_instance().error("fx__get__uncompressed__key__nistp256: Invalid private key size");
return FALSE;
}
if (k.public_key_x().lengthof() != 32) {
loggers::get_instance().error("fx__get__uncompressed__key__nistp256: Invalid public key X-coordonate size");
return FALSE;
}
if (k.public_key_y().lengthof() != 32) {
loggers::get_instance().error("fx__get__uncompressed__key__nistp256: Invalid public key Y-coordonate size");
return FALSE;
}
if (k.public_key_compressed().lengthof() != 32) {
loggers::get_instance().error("fx__get__uncompressed__key__nistp256: Invalid public compressed key size");
return FALSE;
}
// if (p__compressedMode != INTEGER((int)k.public_key_compressed_mode())) {
// loggers::get_instance().error("fx__get__uncompressed__key__nistp256: Invalid public compressed mode");
// return FALSE;
// }
// if (p__publicKeyCompressed != k.public_key_compressed()) {
// loggers::get_instance().error("fx__get__uncompressed__key__nistp256: Invalid public compressed key value");
// return FALSE;
// }
p__publicKeyY = k.public_key_y();
return TRUE;
}
BOOLEAN fx__get__uncompressed__key__brainpoolp256r1(
const OCTETSTRING& p__privateKey,
const OCTETSTRING& p__publicKeyCompressed,
const INTEGER& p__compressedMode,
OCTETSTRING& p__publicKeyY
) {
security_ecc k(ec_elliptic_curves::brainpool_p_256_r1, p__privateKey);
// Sanity checks
if (k.private_key().lengthof() != 32) {
loggers::get_instance().error("fx__get__uncompressed__key__brainpoolp256r1: Invalid private key size");
return FALSE;
}
if (k.public_key_x().lengthof() != 32) {
loggers::get_instance().error("fx__get__uncompressed__key__brainpoolp256r1: Invalid public key X-coordonate size");
return FALSE;
}
if (k.public_key_y().lengthof() != 32) {
loggers::get_instance().error("fx__get__uncompressed__key__brainpoolp256r1: Invalid public key Y-coordonate size");
return FALSE;
}
if (k.public_key_compressed().lengthof() != 32) {
loggers::get_instance().error("fx__get__uncompressed__key__brainpoolp256r1: Invalid public compressed key size");
return FALSE;
}
// if (p__compressedMode != INTEGER((int)k.public_key_compressed_mode())) {
// loggers::get_instance().error("fx__get__uncompressed__key__brainpoolp256r1: Invalid public compressed mode");
// return FALSE;
// }
// if (p__publicKeyCompressed != k.public_key_compressed()) {
// loggers::get_instance().error("fx__get__uncompressed__key__brainpoolp256r1: Invalid public compressed key value");
// return FALSE;
// }
p__publicKeyY = k.public_key_y();
return TRUE;
}
BOOLEAN fx__get__uncompressed__key__brainpoolp384r1(
const OCTETSTRING& p__privateKey,
const OCTETSTRING& p__publicKeyCompressed,
const INTEGER& p__compressedMode,
OCTETSTRING& p__publicKeyY
) {
security_ecc k(ec_elliptic_curves::brainpool_p_384_r1, p__privateKey);
// Sanity checks
if (k.private_key().lengthof() != 48) {
loggers::get_instance().error("fx__get__uncompressed__key__brainpoolp384r1: Invalid private key size");
return FALSE;
}
if (k.public_key_x().lengthof() != 48) {
loggers::get_instance().error("fx__get__uncompressed__key__brainpoolp384r1: Invalid public key X-coordonate size");
return FALSE;
}
if (k.public_key_y().lengthof() != 48) {
loggers::get_instance().error("fx__get__uncompressed__key__brainpoolp384r1: Invalid public key Y-coordonate size");
return FALSE;
}
if (k.public_key_compressed().lengthof() != 48) {
loggers::get_instance().error("fx__get__uncompressed__key__brainpoolp384r1: Invalid public compressed key size");
return FALSE;
}
// if (p__compressedMode != INTEGER((int)k.public_key_compressed_mode())) {
// loggers::get_instance().error("fx__get__uncompressed__key__brainpoolp384r1: Invalid public compressed mode");
// return FALSE;
// }
// if (p__publicKeyCompressed != k.public_key_compressed()) {
// loggers::get_instance().error("fx__get__uncompressed__key__brainpoolp384r1: Invalid public compressed key value");
// return FALSE;
// }
p__publicKeyY = k.public_key_y();
return TRUE;
}
// group encryption
// group certificatesLoader
......
......@@ -552,10 +552,10 @@ int security_services::sign_payload(const OCTETSTRING& p_unsecured_gn_payload, O
return -1;
}
IEEE1609dot2::SignerIdentifier signer;
loggers::get_instance().log("security_services::sign_payload: us = %d - _last_generation_time = %ld - us - _last_generation_time = %ld", us, _last_generation_time, us - _last_generation_time);
loggers::get_instance().log("security_services::sign_payload: us = %ld - _last_generation_time = %ld - us - _last_generation_time = %ld", us, _last_generation_time, us - _last_generation_time);
std::string certificate_id = p_params[params::certificate];
loggers::get_instance().log("security_services::sign_payload: certificate_id = %s", certificate_id.c_str());
if ((unsigned int)(us - _last_generation_time) >= 1000 * 0.95) { // Need to add certificate
if ((unsigned int)(us - _last_generation_time) >= 1000000 * 0.95) { // Need to add certificate every 1s
loggers::get_instance().log("security_services::sign_payload: Need to add certificate");
IEEE1609dot2::CertificateBase cert;
if (_security_db->get_certificate(certificate_id, cert) != 0) {
......
......@@ -43,7 +43,7 @@ ItsRSUsSimulator_Pics.PICS_GENERATE_MAPEM := false
ItsRSUsSimulator_Pics.PICS_GENERATE_SPATEM := false
ItsRSUsSimulator_Pics.PICS_GENERATE_SSEM := false
ItsRSUsSimulator_Pics.PICS_ITS_S_ROLE := false;
ItsRSUsSimulator_Pics.PICS_ITS_S_ROLE := true;
ItsRSUsSimulator_Pics.PICS_PKI_SUPPORT := true
ItsRSUsSimulator_Pics.PICS_BEACON_FREQUENCY := 1.0
......@@ -57,14 +57,14 @@ ItsRSUsSimulator_Pics.PICS_SEND_DENM_INDICATION := true
# Enable Security support
LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true
# Root path to access certificate stored in files, identified by certficate ID
LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/yann/tmp"
LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp"
# Configuration sub-directory to access certificate stored in files
LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert"
LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request"
LibItsHttp_Pics.PICS_HEADER_HOST := "192.168.42.25"
LibItsPki_Pics.PICS_HTTP_POST_URI := "/ea/enrolment"
LibItsHttp_Pics.PICS_HEADER_HOST := "192.168.42.252"
LibItsPki_Pics.PICS_HTTP_POST_URI := "/ea/enrolment"
LibItsPki_Pics.PICS_MULTIPLE_END_POINT := false
LibItsPki_Pics.PICS_HTTP_POST_URI_EC := "/ea/enrolment"
LibItsPki_Pics.PICS_HTTP_POST_URI_AT := "/aa/authorization"
......@@ -163,22 +163,20 @@ LogEventTypes:= Yes
# its_aid=36: CAM
# its_aid=37: DENM
# its_aid=141: GeoMet
system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EB,latitude=43551050,longitude=10298730,its_aid=36,secured_mode=1,certificate=CERT_IUT_A_AT,sec_db_path=/home/yann/tmp/asn1c_cert)/ETH(mac_src=080027128a53)/PCAP(mac_src=080027128a53,nic=wlan0,filter=and ether proto 0x8947)"
system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EB,latitude=43551050,longitude=10298730,its_aid=36,secured_mode=1,certificate=CERT_IUT_A_AT,sec_db_path=/home/vagrant/tmp/asn1c_cert)/ETH(mac_src=080027128a53)/PCAP(mac_src=080027128a53,nic=eth1,filter=and ether proto 0x8947)"
# Commsignia
#system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EB,latitude=43551050,longitude=10298730,its_aid=37,secured_mode=0,encrypted_mode=0,certificate=CERT_IUT_A_AT,peer_certificate=CERT_TS_A_AT,sec_db_path=/home/yann/tmp/asn1c_cert)/COMMSIGNIA(xport_mode=LTE-V2X,mac_src=080027F44E7D,interface_id=2,target_host=192.168.0.54)/UDP(dst_ip=192.168.0.54,src_port=9091,dst_port=7946)"
#system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EB,latitude=43551050,longitude=10298730,its_aid=37,secured_mode=0,encrypted_mode=0,certificate=CERT_IUT_A_AT,peer_certificate=CERT_TS_A_AT,sec_db_path=/home/vagrant/tmp/asn1c_cert)/COMMSIGNIA(xport_mode=LTE-V2X,mac_src=080027F44E7D,interface_id=2,target_host=192.168.0.54)/UDP(dst_ip=192.168.0.54,src_port=9091,dst_port=7946)"
# Qualcom
#system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EB,latitude=36747486,longitude=-4556772,distanceA=25,distanceB=25,its_aid=37,secured_mode=1,encrypted_mode=0,certificate=CERT_MICROSEC_AT_01,peer_certificate=CERT_TS_A_AT,sec_db_path=/home/yann/tmp/asn1c_cert)/QUALCOMM/UDP(dst_ip=10.200.1.113,src_port=9091,dst_port=4041)"
#system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EB,latitude=36747486,longitude=-4556772,distanceA=25,distanceB=25,its_aid=37,secured_mode=1,encrypted_mode=0,certificate=CERT_MICROSEC_AT_01,peer_certificate=CERT_TS_A_AT,sec_db_path=/home/vagrant/tmp/asn1c_cert)/QUALCOMM/UDP(dst_ip=10.200.1.113,src_port=9091,dst_port=4041)"
#system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=192.168.42.25,port=80)"
#system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=192.168.1.25,port=80)"
system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=192.168.1.39,port=8080)"
# Config port based on UDP
#system.cfPort.params := "CF(ut=pki)/UDP(dst_ip=192.168.42.25,src_port=12345)"
#system.cfPort.params := "CF(ut=cam)/UDP(dst_ip=192.168.1.39,src_port=12345)"
#system.cfPort.params := "CF(ut=cam)/UDP(dst_ip=172.28.4.87,src_port=12345,reuse_incoming_source_adddress=1)"
#system.cfPort.params := "CF(ut=denm)/UDP(dst_ip=172.28.4.87,src_port=12345,reuse_incoming_source_adddress=1)"
#system.cfPort.params := "CF(ut=gn)/UDP(dst_ip=192.168.1.39,src_port=12345,reuse_incoming_source_adddress=1)"
#system.cfPort.params := "CF(ut=cam)/UDP(src_port=12345,reuse_incoming_source_adddress=1)"
#system.cfPort.params := "CF(ut=denm)/UDP(src_port=12345,reuse_incoming_source_adddress=1)"
#system.cfPort.params := "CF(ut=gn)/UDP(src_port=12345,reuse_incoming_source_adddress=1)"
system.cfPort.params := "CF(ut=pki)/UDP(src_port=12345,reuse_incoming_source_adddress=1)"
[EXECUTE]
......
......@@ -572,7 +572,7 @@ module ItsRSUsSimulator_Functions {
);
vc_denmEventCounter := (vc_denmEventCounter + 1) mod lengthof(vc_rsuMessagesValueList[vc_rsu_id].denms);
log("f_prepare_denm: ", p_payload);
//log("f_prepare_denm: ", p_payload);
} // End of function f_prepare_denm
function f_prepare_mapem(
......@@ -1390,6 +1390,7 @@ module ItsRSUsSimulator_Functions {
vc_ec_counter := vc_ec_counter + 1;
vc_reenrolment := true;
vc_security_state := 1; // 1:enrolled
setverdict(pass);
}
[] tc_wait.timeout {
log("a_process_cf_ut_command: Failed to retrieve EcData");
......@@ -1420,6 +1421,7 @@ module ItsRSUsSimulator_Functions {
vc_at_certificates[vc_at_counter] := v_at_data;
vc_at_counter := vc_at_counter + 1;
vc_security_state := 2; // 2: authorization
setverdict(pass);
}
[] tc_wait.timeout {
log("a_process_cf_ut_command: Failed to retrieve AtData");
......@@ -1430,13 +1432,164 @@ module ItsRSUsSimulator_Functions {
v_pki.done;
v_pki.kill;
if (vc_security_state == 2) {
var octetstring v_cert := bit2oct(encvalue(vc_at_certificates[0].certificate, "", "LibItsSecurity_asn1"));
var Oct32 v_wholeHash := f_hashWithSha256(v_cert);
var HashedId8 v_hashedId8_sha256 := f_hashedId8FromSha256(v_wholeHash);
var charstring v_cert_id;
var HashedId8 v_hashedId8;
var HashedId8 v_issuer;
var octetstring v_public_key_x := ''O;
var octetstring v_public_key_y := ''O;
var octetstring v_public_key_compressed;
var integer v_verify_compressed_mode;
var template (omit) octetstring v_public_enc_key_x := omit;
var template (omit) octetstring v_public_enc_key_y := omit;
var template (omit) octetstring v_public_enc_compressed_key := omit;
var template (omit) integer v_public_enc_key_compressed_mode := omit;
log("a_process_cf_ut_command: triggerAuthorizationRequest: vc_at_counter=", vc_at_counter);
log("a_process_cf_ut_command: triggerAuthorizationRequest: vc_at_certificates=", vc_at_certificates);
// TODO Store the new certificate
// TODO Update the Test System
// Enrolled & Authorize, start CAM emission
// Prepare to store the new certificate
if (ischosen(vc_at_certificates[0].certificate.issuer.sha256AndDigest)) {
v_hashedId8 := v_hashedId8_sha256;
v_issuer := vc_at_certificates[0].certificate.issuer.sha256AndDigest;
} else if (ischosen(vc_at_certificates[0].certificate.issuer.sha384AndDigest)) {
v_hashedId8 := f_hashedId8FromSha384(f_hashWithSha384(v_cert));
v_issuer := vc_at_certificates[0].certificate.issuer.sha384AndDigest;
} else {
log("a_process_cf_ut_command: Wrong certificate format, self_ not expected as issuer, back to initial");
vc_security_state := 0; // 0: initial
vc_reenrolment := false;
vc_ec_counter := 0;
vc_ec_certificates := {};
vc_at_counter := 0;
vc_at_certificates := {};
repeat;
}
v_cert_id := hex2str(oct2hex(v_hashedId8));
log("a_process_cf_ut_command: Prepare to store new AT certificate: v_cert_id =", v_cert_id);
log("a_process_cf_ut_command: Prepare to store new AT certificate: v_cert =", v_cert);
log("a_process_cf_ut_command: Prepare to store new AT certificate: v_wholeHash =", v_wholeHash);
log("a_process_cf_ut_command: Prepare to store new AT certificate: v_hashedId8_sha256 =", v_hashedId8_sha256);
log("a_process_cf_ut_command: Prepare to store new AT certificate: v_hashedId8 =", v_hashedId8);
// Extract verification keys
if (ischosen(vc_at_certificates[0].certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256)) {
if (ischosen(vc_at_certificates[0].certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.compressed_y_0)) {
v_public_key_compressed := vc_at_certificates[0].certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.compressed_y_0;
v_verify_compressed_mode := 0;
} else if (ischosen(vc_at_certificates[0].certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.compressed_y_1)) {
v_public_key_compressed := vc_at_certificates[0].certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.compressed_y_1;
v_verify_compressed_mode := 1;
} else { // TODO
}
if (lengthof(v_public_key_x) == 0) {
v_public_key_x := v_public_key_compressed; // Key X-Coordinate
fx_get_uncompressed_key_nistp256(vc_at_certificates[0].private_key, v_public_key_compressed, v_verify_compressed_mode, v_public_key_y); // Key Y-Coordinate
}
} else if (ischosen(vc_at_certificates[0].certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1)) {
if (ischosen(vc_at_certificates[0].certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1.compressed_y_0)) {
v_public_key_compressed := vc_at_certificates[0].certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1.compressed_y_0;
v_verify_compressed_mode := 0;
} else if (ischosen(vc_at_certificates[0].certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1.compressed_y_1)) {
v_public_key_compressed := vc_at_certificates[0].certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1.compressed_y_1;
v_verify_compressed_mode := 1;
} else { // TODO
}
if (lengthof(v_public_key_x) == 0) {
v_public_key_x := v_public_key_compressed; // Key X-Coordinate
fx_get_uncompressed_key_brainpoolp256r1(vc_at_certificates[0].private_key, v_public_key_compressed, v_verify_compressed_mode, v_public_key_y); // Key Y-Coordinate
}
} else if (ischosen(vc_at_certificates[0].certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP384r1)) {
if (ischosen(vc_at_certificates[0].certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP384r1.compressed_y_0)) {
v_public_key_compressed := vc_at_certificates[0].certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP384r1.compressed_y_0;
v_verify_compressed_mode := 0;
} else if (ischosen(vc_at_certificates[0].certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP384r1.compressed_y_1)) {
v_public_key_compressed := vc_at_certificates[0].certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP384r1.compressed_y_1;
v_verify_compressed_mode := 1;
} else { // TODO
}
if (lengthof(v_public_key_x) == 0) {
v_public_key_x := v_public_key_compressed; // Key X-Coordinate
fx_get_uncompressed_key_brainpoolp384r1(vc_at_certificates[0].private_key, v_public_key_compressed, v_verify_compressed_mode, v_public_key_y); // Key Y-Coordinate
}
} else {
log("a_process_cf_ut_command: Wrong certificate format, invalid verification key, back to initial");
vc_security_state := 0; // 0: initial
vc_reenrolment := false;
vc_ec_counter := 0;
vc_ec_certificates := {};
vc_at_counter := 0;
vc_at_certificates := {};
repeat;
}
log("a_process_cf_ut_command: Prepare to store new AT certificate: v_public_key_x =", v_public_key_x);
log("a_process_cf_ut_command: Prepare to store new AT certificate: v_public_key_y =", v_public_key_y);
log("a_process_cf_ut_command: Prepare to store new AT certificate: v_public_key_compressed =", v_public_key_compressed);
log("a_process_cf_ut_command: Prepare to store new AT certificate: v_verify_compressed_mode=", v_verify_compressed_mode);
// Extract encryption key
if (ispresent(vc_at_certificates[0].certificate.toBeSigned.encryptionKey)) {
if (ischosen(vc_at_certificates[0].certificate.toBeSigned.encryptionKey.publicKey.eciesNistP256)) {
if (ischosen(vc_at_certificates[0].certificate.toBeSigned.encryptionKey.publicKey.eciesNistP256.compressed_y_0)) {
v_public_enc_compressed_key := vc_at_certificates[0].certificate.toBeSigned.encryptionKey.publicKey.eciesNistP256.compressed_y_0;
v_public_enc_key_compressed_mode := 0;
} else if (ischosen(vc_at_certificates[0].certificate.toBeSigned.encryptionKey.publicKey.eciesNistP256.compressed_y_1)) {
v_public_enc_compressed_key := vc_at_certificates[0].certificate.toBeSigned.encryptionKey.publicKey.eciesNistP256.compressed_y_1;
v_public_enc_key_compressed_mode := 1;
} else { // TODO
}
if (not(ispresent(v_public_enc_key_x))) {
var octetstring v_key;
v_public_enc_key_x := v_public_enc_compressed_key; // Key X-Coordinate
fx_get_uncompressed_key_nistp256(vc_at_certificates[0].private_enc_key, valueof(v_public_enc_compressed_key), valueof(v_public_enc_key_compressed_mode), v_key); // Key Y-Coordinate
v_public_enc_key_y := v_key;
}
} else if (ischosen(vc_at_certificates[0].certificate.toBeSigned.encryptionKey.publicKey.eciesBrainpoolP256r1)) {
if (ischosen(vc_at_certificates[0].certificate.toBeSigned.encryptionKey.publicKey.eciesBrainpoolP256r1.compressed_y_0)) {
v_public_enc_compressed_key := vc_at_certificates[0].certificate.toBeSigned.encryptionKey.publicKey.eciesBrainpoolP256r1.compressed_y_0;
v_public_enc_key_compressed_mode := 0;
} else if (ischosen(vc_at_certificates[0].certificate.toBeSigned.encryptionKey.publicKey.eciesBrainpoolP256r1.compressed_y_1)) {
v_public_enc_compressed_key := vc_at_certificates[0].certificate.toBeSigned.encryptionKey.publicKey.eciesBrainpoolP256r1.compressed_y_1;
v_public_enc_key_compressed_mode := 1;
} else { // TODO
}
if (not(ispresent(v_public_enc_key_x))) {
var octetstring v_key;
v_public_enc_key_x := v_public_enc_compressed_key; // Key X-Coordinate
fx_get_uncompressed_key_brainpoolp256r1(vc_at_certificates[0].private_enc_key, valueof(v_public_enc_compressed_key), valueof(v_public_enc_key_compressed_mode), v_key); // Key Y-Coordinate
v_public_enc_key_y := v_key;
}
} else {
log("a_process_cf_ut_command: Wrong certificate format, invalid verification key, back to initial");
vc_security_state := 0; // 0: initial
vc_reenrolment := false;
vc_ec_counter := 0;
vc_ec_certificates := {};
vc_at_counter := 0;
vc_at_certificates := {};
repeat;
}
}
log("a_process_cf_ut_command: Prepare to store new AT certificate: v_public_enc_key_x =", v_public_enc_key_x);
log("a_process_cf_ut_command: Prepare to store new AT certificate: v_public_enc_key_y =", v_public_enc_key_y);
log("a_process_cf_ut_command: Prepare to store new AT certificate: v_public_enc_compressed_key =", v_public_enc_compressed_key);
log("a_process_cf_ut_command: Prepare to store new AT certificate: v_public_enc_key_compressed_mode=", v_public_enc_key_compressed_mode);
// Store the certificate
log("a_process_cf_ut_command: Store new AT certificate");
if (fx_store_certificate(v_cert_id, v_cert, vc_at_certificates[0].private_key, v_public_key_x, v_public_key_y, v_public_key_compressed, v_verify_compressed_mode, v_wholeHash, v_hashedId8_sha256, v_hashedId8, v_issuer, vc_at_certificates[0].private_enc_key, v_public_enc_key_x, v_public_enc_key_y, v_public_enc_compressed_key, v_public_enc_key_compressed_mode) == false) {
log("a_process_cf_ut_command: Failed to store certificate, back to initial");
vc_security_state := 0; // 0: initial
vc_reenrolment := false;
vc_ec_counter := 0;
vc_ec_certificates := {};
vc_at_counter := 0;
vc_at_certificates := {};
repeat;
}
// Update the Test System
log("a_process_cf_ut_command (pki): Change certificate to ", v_cert_id);
f_acTriggerSecEvent(m_acEnableSecurity(v_cert_id));
// Enrolled & Authorized, start CAM emission
tc_cam.start(vc_cam_timer_value);
}
repeat;
......@@ -1617,6 +1770,7 @@ module ItsRSUsSimulator_Functions {
log("f_trigger_enrolment_request_await_response: p_inner_at_response= ", v_inner_at_response);
// Send the new certificate for storing
v_at_data.private_key := v_private_key_at;
v_at_data.private_enc_key := v_private_enc_key_at;
v_at_data.aes_sym_key := v_aes_sym_key;
v_at_data.certificate := v_inner_at_response.certificate;
log("f_trigger_enrolment_request_await_response: send v_at_data=", v_at_data);
......
......@@ -95,6 +95,7 @@ module ItsRSUsSimulator_TypesAndValues {
type record AtData {
octetstring private_key,
octetstring private_enc_key optional,
Certificate certificate,
Oct16 aes_sym_key
}
......
Subproject commit 9fd3f291599a06ba28b36128afe7dff953310fb8
Subproject commit ee2c278910c882b90b8fbea6bee5be70ec92aa83
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment