Loading ttcn/AtsSecurity/ItsSecurity_Functions.ttcn +72 −72 Original line number Diff line number Diff line Loading @@ -51,23 +51,23 @@ module ItsSecurity_Functions { /** * @desc Prepare a secured CAM * @param p_configId The configuration identifier to be used * @param p_headerFields HeaderFields to be inserted in the message * @param p_signerInfoType Add digest or AT certificate or certificate chain * @param p_headerFields HeaderInfo to be inserted in the message * @param p_issuerIdentifier Add digest or AT certificate or certificate chain * @param p_addMissingHeaders Whether to add mandatory headers not present in p_headerFields * @return Secured GeoNetworking packet containing a CAM */ function f_prepareSecuredCam( in charstring p_configId, in template (omit) HeaderFields p_headerFields := omit, in SignerInfoType p_signerInfoType := e_certificate_digest_with_sha256, in template (omit) HeaderInfo p_headerFields := omit, in SignerIdentifier p_issuerIdentifier := e_certificate_digest_with_sha256, in boolean p_addMissingHeaders := true ) runs on ItsGeoNetworking return GeoNetworkingPdu { // Local variables var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var template (value) SecuredMessage v_securedMessage; var template (value) Ieee1609Dot2Data v_securedMessage; // Build signed SecuredMessage // Build signed Ieee1609Dot2Data v_gnNonSecuredPacket := valueof(m_geoNwShbPacket( f_getPosition(c_compNodeC) )); Loading @@ -93,7 +93,7 @@ module ItsSecurity_Functions { f_buildGnSecuredCam( v_securedMessage, m_payload_signed(v_gnPayload), p_signerInfoType, p_issuerIdentifier, p_headerFields, p_configId, p_addMissingHeaders Loading @@ -111,8 +111,8 @@ module ItsSecurity_Functions { * <li>0 for no trailer</li> * <li>1 for invalid trailer</li> * <li>2 for duplicated trailer</li> * @param p_headerFields HeaderFields to be inserted in the message * @param p_signerInfoType Add digest or AT certificate or certificate chain * @param p_headerFields HeaderInfo to be inserted in the message * @param p_issuerIdentifier Add digest or AT certificate or certificate chain * @param p_addMissingHeaders Whether to add mandatory headers not present in p_headerFields * @param p_alterATCertificateSignature Set to true to alter the AT certificate signature * @param p_alterAACertificateSignature Set to true to alter the AA certificate signature Loading @@ -122,8 +122,8 @@ module ItsSecurity_Functions { in charstring p_configId, in UInt8 p_protocolVersion := c_protocol_version, in integer p_trailerStatus := 0, in template (omit) HeaderFields p_headerFields := omit, in SignerInfoType p_signerInfoType := e_certificate_digest_with_sha256, in template (omit) HeaderInfo p_headerFields := omit, in SignerIdentifier p_issuerIdentifier := e_certificate_digest_with_sha256, in boolean p_addMissingHeaders := true, in boolean p_alterATCertificateSignature := false, in boolean p_alterAACertificateSignature := false Loading @@ -131,9 +131,9 @@ module ItsSecurity_Functions { // Local variables var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var template (value) SecuredMessage v_securedMessage; var template (value) Ieee1609Dot2Data v_securedMessage; // Build signed SecuredMessage // Build signed Ieee1609Dot2Data v_gnNonSecuredPacket := valueof(m_geoNwShbPacket( f_getPosition(c_compNodeC) )); Loading Loading @@ -161,7 +161,7 @@ module ItsSecurity_Functions { p_protocolVersion, p_trailerStatus, m_payload_signed(v_gnPayload), p_signerInfoType, p_issuerIdentifier, p_headerFields, p_configId, p_addMissingHeaders, Loading @@ -177,18 +177,18 @@ module ItsSecurity_Functions { /** * @desc Sends a secured CAM * @param p_configId The configuration identifier to be used * @param p_headerFields Additional HeaderFields * @param p_signerInfoType Add digest or AT certificate or certificate chain * @param p_headerFields Additional HeaderInfo * @param p_issuerIdentifier Add digest or AT certificate or certificate chain * @return GeoNetworking payload */ function f_sendSecuredCam( in charstring p_configId, in template (omit) HeaderFields p_headerFields := omit, in SignerInfoType p_signerInfoType := e_certificate_digest_with_sha256 in template (omit) HeaderInfo p_headerFields := omit, in SignerIdentifier p_issuerIdentifier := e_certificate_digest_with_sha256 ) runs on ItsGeoNetworking return GeoNetworkingPdu { // Local variables var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredCam(p_configId, p_headerFields, p_signerInfoType); var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredCam(p_configId, p_headerFields, p_issuerIdentifier); f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); Loading @@ -204,20 +204,20 @@ module ItsSecurity_Functions { * <li>0 for no trailer</li> * <li>1 for invalid trailer</li> * <li>2 for duplicated trailer</li> * @param p_headerFields Additional HeaderFields * @param p_signerInfoType Add digest or AT certificate or certificate chain * @param p_headerFields Additional HeaderInfo * @param p_issuerIdentifier Add digest or AT certificate or certificate chain * @return GeoNetworking payload */ function f_sendSecuredCam_Bo( in charstring p_configId, in UInt8 p_protocolVersion := c_protocol_version, in integer p_trailerStatus := 1, in template (omit) HeaderFields p_headerFields := omit, in SignerInfoType p_signerInfoType := e_certificate_digest_with_sha256 in template (omit) HeaderInfo p_headerFields := omit, in SignerIdentifier p_issuerIdentifier := e_certificate_digest_with_sha256 ) runs on ItsGeoNetworking return GeoNetworkingPdu { // Local variables var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredCam_Bo(p_configId, p_protocolVersion, p_trailerStatus, p_headerFields, p_signerInfoType); var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredCam_Bo(p_configId, p_protocolVersion, p_trailerStatus, p_headerFields, p_issuerIdentifier); // log("v_securedGnPdu = ", v_securedGnPdu); f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); Loading @@ -233,25 +233,25 @@ module ItsSecurity_Functions { /** * @desc Prepare a secured DENM * @param p_configId The configuration identifier to be used * @param p_headerFields HeaderFields to be inserted in the message * @param p_signerInfoType Add digest or AT certificate or certificate chain * @param p_headerFields HeaderInfo to be inserted in the message * @param p_issuerIdentifier Add digest or AT certificate or certificate chain * @param p_addMissingHeaders Whether to add mandatory headers not present in p_headerFields * @return Secured GeoNetworking packet containing a CAM */ function f_prepareSecuredDenm( in charstring p_configId, in template (omit) HeaderFields p_headerFields := omit, in SignerInfoType p_signerInfoType := e_certificate, in template (omit) HeaderInfo p_headerFields := omit, in SignerIdentifier p_issuerIdentifier := e_certificate, in boolean p_addMissingHeaders := true ) runs on ItsGeoNetworking return GeoNetworkingPdu { // Local variables var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var template (value) SecuredMessage v_securedMessage; var template (value) Ieee1609Dot2Data v_securedMessage; var template (value) SituationContainer v_situation := m_situation(LibItsCommon_ASN1_NamedNumbers.CauseCodeType_vehicleBreakdown_, LibItsCommon_ASN1_NamedNumbers.VehicleBreakdownSubCauseCode_unavailable_); // Build signed SecuredMessage // Build signed Ieee1609Dot2Data v_gnNonSecuredPacket := valueof( m_geoNwBroadcastPacket( v_longPosVectorNodeB, Loading Loading @@ -284,7 +284,7 @@ module ItsSecurity_Functions { f_buildGnSecuredDenm( v_securedMessage, m_payload_signed(v_gnPayload), p_signerInfoType, p_issuerIdentifier, valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, Loading @@ -307,8 +307,8 @@ module ItsSecurity_Functions { * <li>0 for no trailer</li> * <li>1 for invalid trailer</li> * <li>2 for duplicated trailer</li> * @param p_headerFields HeaderFields to be inserted in the message * @param p_signerInfoType Add digest or AT certificate or certificate chain * @param p_headerFields HeaderInfo to be inserted in the message * @param p_issuerIdentifier Add digest or AT certificate or certificate chain * @param p_addMissingHeaders Whether to add mandatory headers not present in p_headerFields * @return Secured GeoNetworking packet containing a CAM */ Loading @@ -316,18 +316,18 @@ module ItsSecurity_Functions { in charstring p_configId, in UInt8 p_protocolVersion := c_protocol_version, in integer p_trailerStatus := 0, in template (omit) HeaderFields p_headerFields := omit, in SignerInfoType p_signerInfoType := e_certificate, in template (omit) HeaderInfo p_headerFields := omit, in SignerIdentifier p_issuerIdentifier := e_certificate, in boolean p_addMissingHeaders := true ) runs on ItsGeoNetworking return GeoNetworkingPdu { // Local variables var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var template (value) SecuredMessage v_securedMessage; var template (value) Ieee1609Dot2Data v_securedMessage; var template (value) SituationContainer v_situation := m_situation(LibItsCommon_ASN1_NamedNumbers.CauseCodeType_vehicleBreakdown_, LibItsCommon_ASN1_NamedNumbers.VehicleBreakdownSubCauseCode_unavailable_); // Build signed SecuredMessage // Build signed Ieee1609Dot2Data v_gnNonSecuredPacket := valueof( m_geoNwBroadcastPacket( v_longPosVectorNodeB, Loading Loading @@ -362,7 +362,7 @@ module ItsSecurity_Functions { p_protocolVersion, p_trailerStatus, m_payload_signed(v_gnPayload), p_signerInfoType, p_issuerIdentifier, valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, Loading @@ -380,17 +380,17 @@ module ItsSecurity_Functions { /** * @desc Sends a secured DENM * @param p_configId The configuration identifier to be used * @param p_headerFields Additional HeaderFields * @param p_signerInfoType Add digest or AT certificate or certificate chain * @param p_headerFields Additional HeaderInfo * @param p_issuerIdentifier Add digest or AT certificate or certificate chain * @return GeoNetworking payload */ function f_sendSecuredDenm( in charstring p_configId, in template (omit) HeaderFields p_headerFields := omit, in SignerInfoType p_signerInfoType := e_certificate_digest_with_sha256 in template (omit) HeaderInfo p_headerFields := omit, in SignerIdentifier p_issuerIdentifier ) runs on ItsGeoNetworking return GeoNetworkingPdu { // Local variables var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredDenm(p_configId, p_headerFields, p_signerInfoType); var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredDenm(p_configId, p_headerFields, p_issuerIdentifier); f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); Loading @@ -406,19 +406,19 @@ module ItsSecurity_Functions { * <li>0 for no trailer</li> * <li>1 for invalid trailer</li> * <li>2 for duplicated trailer</li> * @param p_headerFields Additional HeaderFields * @param p_signerInfoType Add digest or AT certificate or certificate chain * @param p_headerFields Additional HeaderInfo * @param p_issuerIdentifier Add digest or AT certificate or certificate chain * @return GeoNetworking payload */ function f_sendSecuredDenm_Bo( in charstring p_configId, in UInt8 p_protocolVersion := c_protocol_version, in integer p_trailerStatus := 1, in template (omit) HeaderFields p_headerFields := omit, in SignerInfoType p_signerInfoType := e_certificate_digest_with_sha256 in template (omit) HeaderInfo p_headerFields := omit, in SignerIdentifier p_issuerIdentifier := e_certificate_digest_with_sha256 ) runs on ItsGeoNetworking return GeoNetworkingPdu { // Local variables var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredDenm_Bo(p_configId, p_protocolVersion, p_trailerStatus, p_headerFields, p_signerInfoType); var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredDenm_Bo(p_configId, p_protocolVersion, p_trailerStatus, p_headerFields, p_issuerIdentifier); f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); Loading @@ -433,24 +433,24 @@ module ItsSecurity_Functions { /** * @desc Prepare a secured Beacon * @param p_configId The configuration identifier to be used * @param p_headerFields HeaderFields to be inserted in the message * @param p_signerInfoType Add digest or AT certificate or certificate chain * @param p_headerFields HeaderInfo to be inserted in the message * @param p_issuerIdentifier Add digest or AT certificate or certificate chain * @param p_addMissingHeaders Whether to add mandatory headers not present in p_headerFields * @return Secured GeoNetworking packet containing a CAM */ function f_prepareSecuredBeacon( in charstring p_configId, in template (omit) HeaderFields p_headerFields := omit, in SignerInfoType p_signerInfoType := e_certificate, in template (omit) HeaderInfo p_headerFields := omit, in SignerIdentifier p_issuerIdentifier := e_certificate, in boolean p_addMissingHeaders := true ) runs on ItsGeoNetworking return GeoNetworkingPdu { // Local variables var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var template (value) SecuredMessage v_securedMessage; var template (value) Ieee1609Dot2Data v_securedMessage; // Build signed SecuredMessage // Build signed Ieee1609Dot2Data v_gnNonSecuredPacket := valueof( m_geoNwBroadcastPacket( v_longPosVectorNodeB, Loading @@ -468,7 +468,7 @@ module ItsSecurity_Functions { f_buildGnSecuredOtherMessage( v_securedMessage, m_payload_signed(v_gnPayload), p_signerInfoType, p_issuerIdentifier, valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, Loading @@ -491,8 +491,8 @@ module ItsSecurity_Functions { * <li>0 for no trailer</li> * <li>1 for invalid trailer</li> * <li>2 for duplicated trailer</li> * @param p_headerFields HeaderFields to be inserted in the message * @param p_signerInfoType Add digest or AT certificate or certificate chain * @param p_headerFields HeaderInfo to be inserted in the message * @param p_issuerIdentifier Add digest or AT certificate or certificate chain * @param p_addMissingHeaders Whether to add mandatory headers not present in p_headerFields * @return Secured GeoNetworking packet containing a CAM */ Loading @@ -500,17 +500,17 @@ module ItsSecurity_Functions { in charstring p_configId, in UInt8 p_protocolVersion := c_protocol_version, in integer p_trailerStatus := 0, in template (omit) HeaderFields p_headerFields := omit, in SignerInfoType p_signerInfoType := e_certificate, in template (omit) HeaderInfo p_headerFields := omit, in SignerIdentifier p_issuerIdentifier := e_certificate, in boolean p_addMissingHeaders := true ) runs on ItsGeoNetworking return GeoNetworkingPdu { // Local variables var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var template (value) SecuredMessage v_securedMessage; var template (value) Ieee1609Dot2Data v_securedMessage; // Build signed SecuredMessage // Build signed Ieee1609Dot2Data v_gnNonSecuredPacket := valueof( m_geoNwBroadcastPacket( v_longPosVectorNodeB, Loading @@ -530,7 +530,7 @@ module ItsSecurity_Functions { p_protocolVersion, p_trailerStatus, m_payload_signed(v_gnPayload), p_signerInfoType, p_issuerIdentifier, valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, Loading @@ -548,17 +548,17 @@ module ItsSecurity_Functions { /** * @desc Sends a secured Beacon * @param p_configId The configuration identifier to be used * @param p_headerFields Additional HeaderFields * @param p_signerInfoType Add digest or AT certificate or certificate chain * @param p_headerFields Additional HeaderInfo * @param p_issuerIdentifier Add digest or AT certificate or certificate chain * @return GeoNetworking payload */ function f_sendSecuredBeacon( in charstring p_configId, in template (omit) HeaderFields p_headerFields := omit, in SignerInfoType p_signerInfoType := e_certificate_digest_with_sha256 in template (omit) HeaderInfo p_headerFields := omit, in SignerIdentifier p_issuerIdentifier := e_certificate_digest_with_sha256 ) runs on ItsGeoNetworking return GeoNetworkingPdu { // Local variables var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredBeacon(p_configId, p_headerFields, p_signerInfoType); var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredBeacon(p_configId, p_headerFields, p_issuerIdentifier); f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); Loading @@ -574,19 +574,19 @@ module ItsSecurity_Functions { * <li>0 for no trailer</li> * <li>1 for invalid trailer</li> * <li>2 for duplicated trailer</li> * @param p_headerFields Additional HeaderFields * @param p_signerInfoType Add digest or AT certificate or certificate chain * @param p_headerFields Additional HeaderInfo * @param p_issuerIdentifier Add digest or AT certificate or certificate chain * @return GeoNetworking payload */ function f_sendSecuredBeacon_Bo( in charstring p_configId, in UInt8 p_protocolVersion := c_protocol_version, in integer p_trailerStatus := 1, in template (omit) HeaderFields p_headerFields := omit, in SignerInfoType p_signerInfoType := e_certificate_digest_with_sha256 in template (omit) HeaderInfo p_headerFields := omit, in SignerIdentifier p_issuerIdentifier := e_certificate_digest_with_sha256 ) runs on ItsGeoNetworking return GeoNetworkingPdu { // Local variables var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredBeacon_Bo(p_configId, p_protocolVersion, p_trailerStatus, p_headerFields, p_signerInfoType); var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredBeacon_Bo(p_configId, p_protocolVersion, p_trailerStatus, p_headerFields, p_issuerIdentifier); f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); Loading ttcn/AtsSecurity/ItsSecurity_TestCases.ttcn +927 −924 File changed.Preview size limit exceeded, changes collapsed. Show changes ttcn/TestCodec/TestCodec_Certificates.ttcn +19 −342 Original line number Diff line number Diff line Loading @@ -11,6 +11,7 @@ * */ module TestCodec_Certificates { // LibCommon import from LibCommon_BasicTypesAndValues all; import from LibCommon_DataStrings all; Loading @@ -22,202 +23,14 @@ module TestCodec_Certificates { // LibItsSecurity import from LibItsSecurity_EncdecDeclarations all; //import from LibItsSecurity_Templates all; //import from LibItsSecurity_Pixits all; import from LibItsSecurity_TypesAndValues all; import from LibItsSecurity_Templates all; import from LibItsSecurity_Functions all; import from LibItsSecurity_Pixits all; // TestCodec import from TestCodec_TestAndSystem all; template (omit) EtsiTs103097Certificate m_etsiTs103097Certificate( in template (value) IssuerIdentifier p_issuer, in template (value) ToBeSignedCertificate p_toBeSigned, in template (omit) Signature p_signature_ := omit ) := { version := 3, type_ := explicit, issuer := p_issuer, toBeSigned := p_toBeSigned, signature_ := p_signature_ } // End of template m_etsiTs103097Certificate template (value) IssuerIdentifier m_issuerIdentifier_self( in template (value) HashAlgorithm p_self ) := { self_ := p_self } // End of template m_issuerIdentifier_self template (value) IssuerIdentifier m_issuerIdentifier_sha256AndDigest( in template (value) HashedId8 p_sha256AndDigest ) := { sha256AndDigest := p_sha256AndDigest } // End of template m_issuerIdentifier_sha256AndDigest template (value) IssuerIdentifier m_issuerIdentifier_sha384AndDigest( in template (value) HashedId8 p_sha384AndDigest ) := { sha384AndDigest := p_sha384AndDigest } // End of template m_issuerIdentifier_sha384AndDigest template (omit) ToBeSignedCertificate m_toBeSignedCertificate( in template (value) CertificateId p_id, in template (value) HashedId3 p_cracaId, in template (value) CrlSeries p_crlSeries, in template (value) SequenceOfPsidSsp p_appPermissions, in template (value) SequenceOfPsidGroupPermissions p_certIssuePermissions, in template (value) VerificationKeyIndicator p_verifyKeyIndicator, in template (omit) SequenceOfPsidGroupPermissions p_certRequestPermissions := omit, in template (omit) ValidityPeriod p_validityPeriod := omit, in template (omit) GeographicRegion p_region := omit, in template (omit) SubjectAssurance p_assuranceLevel := omit, in template (omit) PublicEncryptionKey p_encryptionKey := omit ) := { id := p_id, cracaId := p_cracaId, crlSeries := p_crlSeries, validityPeriod := p_validityPeriod, region := p_region, assuranceLevel := p_assuranceLevel, appPermissions := p_appPermissions, certIssuePermissions := p_certIssuePermissions, certRequestPermissions := p_certRequestPermissions, canRequestRollover := omit, encryptionKey := p_encryptionKey, verifyKeyIndicator := p_verifyKeyIndicator } // End of template m_toBeSignedCertificate template (value) ValidityPeriod m_validity_period( in Time32 p_start_, in Duration p_duration ) := { start_ := p_start_, duration := p_duration } // End of template m_validity_period template (value) GeographicRegion m_geographicRegion_identifiedRegion( in template (value) SequenceOfIdentifiedRegion p_identifiedRegion ) := { identifiedRegion := p_identifiedRegion } template (value) IdentifiedRegion m_identifiedRegion( in template (value) CountryOnly p_countryOnly ) := { countryOnly := p_countryOnly } template (omit) PsidSsp m_appPermissions( in template (value) Psid p_psid, in template (omit) ServiceSpecificPermissions p_ssp := omit ) := { psid := p_psid, ssp := p_ssp } // End of template m_appPermissions template (value) PsidSspRange m_psidSspRange( in Psid p_psid, in template (value) SspRange p_sspRange := m_SspRange_all ) := { psid := p_psid, sspRange := p_sspRange } // End of template m_psidSspRange template (value) SspRange m_SspRange_all := { all_ := NULL } // End of template m_SspRange_all template (value) SspRange m_SspRange_opaque( in template (value) SequenceOfOctetString p_opaque ) := { opaque := p_opaque } // End of template m_SspRange_opaque template (value) SspRange m_SspRange_bitmapSspRange( in template (value) BitmapSspRange p_bitmapSspRange ) := { bitmapSspRange := p_bitmapSspRange } // End of template m_SspRange_bitmapSspRange template (value) PsidGroupPermissions m_psidGroupPermissions( in template (value) SubjectPermissions p_subjectPermissions, in integer p_minChainLength := 1, in integer p_chainLengthRange := 0, in EndEntityType p_eeType := oct2bit('00'O) ) := { subjectPermissions := p_subjectPermissions, minChainLength := p_minChainLength, chainLengthRange := p_chainLengthRange, eeType := p_eeType } // End of template m_psidGroupPermissions template (value) SubjectPermissions m_subjectPermissions_explicit( in SequenceOfPsidSspRange p_certIssuePermissions ) := { explicit := p_certIssuePermissions } // End of template m_subjectPermissions_explicit template (value) SubjectPermissions m_subjectPermissions_all := { all_ := NULL } // End of template m_subjectPermissions_all template (value) VerificationKeyIndicator m_verificationKeyIndicator_verificationKey( in template (value) PublicVerificationKey p_verificationKey ) := { verificationKey := p_verificationKey } // End of template m_verificationKeyIndicator_verificationKey template (value) VerificationKeyIndicator m_verificationKeyIndicator_reconstructionValue( in template (value) EccP256CurvePoint p_reconstructionValue ) := { reconstructionValue := p_reconstructionValue } // End of template m_verificationKeyIndicator_reconstructionValue template (value) PublicVerificationKey m_publicVerificationKey_ecdsaNistP256( in template (value) EccP256CurvePoint p_ecdsaNistP256 ) := { ecdsaNistP256 := p_ecdsaNistP256 } // End of template m_publicVerificationKey_ecdsaNistP256 template (value) EccP256CurvePoint m_eccP256CurvePoint_compressed_y_0( in Oct32 p_compressed_y_0 ) := { compressed_y_0 := p_compressed_y_0 } // End of template m_eccP256CurvePoint_compressed_y_0 template (value) EccP256CurvePoint m_eccP256CurvePoint_compressed_x_only( in Oct32 p_x_only ) := { x_only := p_x_only } // End of template m_eccP256CurvePoint_compressed_x_only template (value) Signature m_signature_ecdsaNistP256( in template (value) EcdsaP256Signature p_ecdsaNistP256Signature ) := { ecdsaNistP256Signature := p_ecdsaNistP256Signature } template (value) EcdsaP256Signature m_ecdsaNistP256Signature( in template (value) EccP256CurvePoint p_rSig, in template (value) Oct32 p_sSig ) := { rSig := p_rSig, sSig := p_sSig } template (value) EccP256CurvePoint m_eccP256CurvePoint_compressed_y( in template (value) Oct32 p_y ) := { compressed_y_0 := p_y } template (value) EccP256CurvePoint m_eccP256CurvePoint_x_y( in template (value) octetstring p_x, in template (value) octetstring p_y ) := { uncompressedP256 := { x := p_x, y := p_y } } testcase tc_root_certificate_1() runs on TCType system TCType { var template (value) EtsiTs103097Certificate v_cert; // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 1 var charstring v_certId := "STF528 Root Certificate"; Loading Loading @@ -261,7 +74,7 @@ module TestCodec_Certificates { }, m_verificationKeyIndicator_verificationKey( // FIXME Do we use it? If so what is the content? m_publicVerificationKey_ecdsaNistP256( m_eccP256CurvePoint_x_y( m_eccP256CurvePoint_uncompressed( v_publicKeyX, v_publicKeyY ))), Loading @@ -280,7 +93,7 @@ module TestCodec_Certificates { v_sig := f_signWithEcdsaNistp256WithSha256(bit2oct(v_encMsg), v_private_key); v_cert.signature_ := m_signature_ecdsaNistP256( m_ecdsaNistP256Signature( m_eccP256CurvePoint_x_y( m_eccP256CurvePoint_uncompressed( v_publicKeyX, v_publicKeyY ), Loading Loading @@ -339,20 +152,20 @@ module TestCodec_Certificates { '08C3C070B040C040108033070D0501CE0C0A0806017B00F030D203EA04BE0903'O ))), -, m_validity_period( m_validityPeriod( 17469212, { years := 10 } m_duration_years(10) ), m_geographicRegion_identifiedRegion( { m_identifiedRegion(12), m_identifiedRegion(34) m_identifiedRegion_country_only(12), m_identifiedRegion_country_only(34) } ) ), m_signature_ecdsaNistP256( m_ecdsaNistP256Signature( m_eccP256CurvePoint_compressed_x_only( m_eccP256CurvePoint_x_only( '08B2030104020A0D010C0105C0F80BB1460239348D17405C1A845151D4061200'O ), '2617CF4E6B25097F03F502AD0C6F2F125974700D31A60FD1EF12040E4D8231AB'O Loading @@ -365,142 +178,6 @@ module TestCodec_Certificates { setverdict(pass, "Encoding passed."); } // End of testcase tc_certificate_1 group helpersFunctions { group signing { /** * @desc Produces a 256-bit (32-byte) hash value * @param p_toBeHashedData Data to be used to calculate the hash value * @return The hash value */ external function fx_hashWithSha256(in octetstring p_toBeHashedData) return Oct32; /** * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signaturee * @param p_toBeSignedSecuredMessage The data to be signed * @param p_privateKey The private key * @return The signature value */ external function fx_signWithEcdsaNistp256WithSha256(in octetstring p_toBeSignedSecuredMessage, in octetstring/*UInt64*/ p_privateKey) return octetstring; /** * @desc Verify the signature of the specified data * @param p_toBeVerifiedData The data to be verified * @param p_signature The signature * @param p_ecdsaNistp256PublicKeyX The public key (x coordinate) * @param p_ecdsaNistp256PublicKeyY The public key (y coordinate) * @return true on success, false otherwise */ external function fx_verifyWithEcdsaNistp256WithSha256(in octetstring p_toBeVerifiedData, in octetstring p_signature, in octetstring p_ecdsaNistp256PublicKeyX, in octetstring p_ecdsaNistp256PublicKeyY) return boolean; /** * @desc Produce a new public/private key pair based on Elliptic Curve Digital Signature Algorithm (ECDSA) algorithm. * This function should not be used by the ATS * @param p_privateKey The new private key value * @param p_publicKeyX The new public key value (x coordinate) * @param p_publicKeyX The new public key value (y coordinate) * @return true on success, false otherwise */ external function fx_generateKeyPair(out octetstring/*UInt64*/ p_privateKey, out octetstring p_publicKeyX, out octetstring p_publicKeyY) return boolean; } // End of group signing /** * @desc Produces a 256-bit (32-byte) hash value * @param p_toBeHashedData Data to be used to calculate the hash value * @return The hash value */ function f_hashWithSha256( in octetstring p_toBeHashedData ) return Oct32 { return fx_hashWithSha256(p_toBeHashedData); } // End of function f_hashWithSha256 /** * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signaturee * @param p_toBeSignedSecuredMessage The data to be signed * @return The signature value */ function f_signWithEcdsaNistp256WithSha256( in octetstring p_toBeSignedSecuredMessage, in Oct32 p_privateKey ) return octetstring { return fx_signWithEcdsaNistp256WithSha256( p_toBeSignedSecuredMessage, p_privateKey ); } // End of function f_signWithEcdsaNistp256WithSha256 /** * @desc Compute the HashedId8 value from the hash value * @param p_hash The hash value * @return The HashedId8 value * @verdict */ function f_HashedId8FromSha256( in Oct32 p_hash ) return HashedId8 { return substr(p_hash, lengthof(p_hash) - 8, 8); } // End of function f_HashedId8FromSha256 /** * @desc Compute the HashedId3 value from the HashedId8 value * @param p_hashp_hashedId8 The HashedId8 value * @return The HashedId3 value * @verdict Unchanged */ function f_HashedId3FromHashedId8( in HashedId8 p_hashedId8 ) return HashedId3 { return substr(p_hashedId8, lengthof(p_hashedId8) - 3, 3); } // End of function f_HashedId3FromHashedId8 /** * @desc Verify the signature of the specified data * @param p_toBeVerifiedData The data to be verified * @param p_signature The signature * @param p_ecdsaNistp256PublicKeyX The public key (x coordinate) * @param p_ecdsaNistp256PublicKeyY The public key (y coordinate) * @return true on success, false otherwise */ function f_verifyWithEcdsaNistp256WithSha256( in octetstring p_toBeVerifiedData, in octetstring p_signature, in octetstring p_ecdsaNistp256PublicKeyX, in octetstring p_ecdsaNistp256PublicKeyY ) return boolean { // log("f_verifyWithEcdsaNistp256WithSha256: toBeVerifiedData", p_toBeVerifiedData); // log("f_verifyWithEcdsaNistp256WithSha256: toBeVerifiedData length", lengthof(p_toBeVerifiedData)); // log("f_verifyWithEcdsaNistp256WithSha256: signature", p_signature); // log("f_verifyWithEcdsaNistp256WithSha256: ecdsaNistp256PublicKeyX", p_ecdsaNistp256PublicKeyX); // log("f_verifyWithEcdsaNistp256WithSha256: ecdsaNistp256PublicKeyY", p_ecdsaNistp256PublicKeyY); return fx_verifyWithEcdsaNistp256WithSha256( p_toBeVerifiedData, p_signature, p_ecdsaNistp256PublicKeyX, p_ecdsaNistp256PublicKeyY); } // End of function f_verifyWithEcdsaNistp256WithSha256 /** * @desc Produce a new public/private key pair based on Elliptic Curve Digital Signature Algorithm (ECDSA) algorithm. * This function should not be used by the ATS * @param p_privateKey The new private key value * @param p_publicKeyX The new public key value (x coordinate) * @param p_publicKeyX The new public key value (y coordinate) * @return true on success, false otherwise */ function f_generate_key_pair( out octetstring p_privateKey, out octetstring p_publicKeyX, out octetstring p_publicKeyY ) return boolean { return fx_generateKeyPair(p_privateKey, p_publicKeyX, p_publicKeyY); } } control { execute(tc_root_certificate_1()); } Loading Loading
ttcn/AtsSecurity/ItsSecurity_Functions.ttcn +72 −72 Original line number Diff line number Diff line Loading @@ -51,23 +51,23 @@ module ItsSecurity_Functions { /** * @desc Prepare a secured CAM * @param p_configId The configuration identifier to be used * @param p_headerFields HeaderFields to be inserted in the message * @param p_signerInfoType Add digest or AT certificate or certificate chain * @param p_headerFields HeaderInfo to be inserted in the message * @param p_issuerIdentifier Add digest or AT certificate or certificate chain * @param p_addMissingHeaders Whether to add mandatory headers not present in p_headerFields * @return Secured GeoNetworking packet containing a CAM */ function f_prepareSecuredCam( in charstring p_configId, in template (omit) HeaderFields p_headerFields := omit, in SignerInfoType p_signerInfoType := e_certificate_digest_with_sha256, in template (omit) HeaderInfo p_headerFields := omit, in SignerIdentifier p_issuerIdentifier := e_certificate_digest_with_sha256, in boolean p_addMissingHeaders := true ) runs on ItsGeoNetworking return GeoNetworkingPdu { // Local variables var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var template (value) SecuredMessage v_securedMessage; var template (value) Ieee1609Dot2Data v_securedMessage; // Build signed SecuredMessage // Build signed Ieee1609Dot2Data v_gnNonSecuredPacket := valueof(m_geoNwShbPacket( f_getPosition(c_compNodeC) )); Loading @@ -93,7 +93,7 @@ module ItsSecurity_Functions { f_buildGnSecuredCam( v_securedMessage, m_payload_signed(v_gnPayload), p_signerInfoType, p_issuerIdentifier, p_headerFields, p_configId, p_addMissingHeaders Loading @@ -111,8 +111,8 @@ module ItsSecurity_Functions { * <li>0 for no trailer</li> * <li>1 for invalid trailer</li> * <li>2 for duplicated trailer</li> * @param p_headerFields HeaderFields to be inserted in the message * @param p_signerInfoType Add digest or AT certificate or certificate chain * @param p_headerFields HeaderInfo to be inserted in the message * @param p_issuerIdentifier Add digest or AT certificate or certificate chain * @param p_addMissingHeaders Whether to add mandatory headers not present in p_headerFields * @param p_alterATCertificateSignature Set to true to alter the AT certificate signature * @param p_alterAACertificateSignature Set to true to alter the AA certificate signature Loading @@ -122,8 +122,8 @@ module ItsSecurity_Functions { in charstring p_configId, in UInt8 p_protocolVersion := c_protocol_version, in integer p_trailerStatus := 0, in template (omit) HeaderFields p_headerFields := omit, in SignerInfoType p_signerInfoType := e_certificate_digest_with_sha256, in template (omit) HeaderInfo p_headerFields := omit, in SignerIdentifier p_issuerIdentifier := e_certificate_digest_with_sha256, in boolean p_addMissingHeaders := true, in boolean p_alterATCertificateSignature := false, in boolean p_alterAACertificateSignature := false Loading @@ -131,9 +131,9 @@ module ItsSecurity_Functions { // Local variables var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var template (value) SecuredMessage v_securedMessage; var template (value) Ieee1609Dot2Data v_securedMessage; // Build signed SecuredMessage // Build signed Ieee1609Dot2Data v_gnNonSecuredPacket := valueof(m_geoNwShbPacket( f_getPosition(c_compNodeC) )); Loading Loading @@ -161,7 +161,7 @@ module ItsSecurity_Functions { p_protocolVersion, p_trailerStatus, m_payload_signed(v_gnPayload), p_signerInfoType, p_issuerIdentifier, p_headerFields, p_configId, p_addMissingHeaders, Loading @@ -177,18 +177,18 @@ module ItsSecurity_Functions { /** * @desc Sends a secured CAM * @param p_configId The configuration identifier to be used * @param p_headerFields Additional HeaderFields * @param p_signerInfoType Add digest or AT certificate or certificate chain * @param p_headerFields Additional HeaderInfo * @param p_issuerIdentifier Add digest or AT certificate or certificate chain * @return GeoNetworking payload */ function f_sendSecuredCam( in charstring p_configId, in template (omit) HeaderFields p_headerFields := omit, in SignerInfoType p_signerInfoType := e_certificate_digest_with_sha256 in template (omit) HeaderInfo p_headerFields := omit, in SignerIdentifier p_issuerIdentifier := e_certificate_digest_with_sha256 ) runs on ItsGeoNetworking return GeoNetworkingPdu { // Local variables var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredCam(p_configId, p_headerFields, p_signerInfoType); var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredCam(p_configId, p_headerFields, p_issuerIdentifier); f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); Loading @@ -204,20 +204,20 @@ module ItsSecurity_Functions { * <li>0 for no trailer</li> * <li>1 for invalid trailer</li> * <li>2 for duplicated trailer</li> * @param p_headerFields Additional HeaderFields * @param p_signerInfoType Add digest or AT certificate or certificate chain * @param p_headerFields Additional HeaderInfo * @param p_issuerIdentifier Add digest or AT certificate or certificate chain * @return GeoNetworking payload */ function f_sendSecuredCam_Bo( in charstring p_configId, in UInt8 p_protocolVersion := c_protocol_version, in integer p_trailerStatus := 1, in template (omit) HeaderFields p_headerFields := omit, in SignerInfoType p_signerInfoType := e_certificate_digest_with_sha256 in template (omit) HeaderInfo p_headerFields := omit, in SignerIdentifier p_issuerIdentifier := e_certificate_digest_with_sha256 ) runs on ItsGeoNetworking return GeoNetworkingPdu { // Local variables var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredCam_Bo(p_configId, p_protocolVersion, p_trailerStatus, p_headerFields, p_signerInfoType); var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredCam_Bo(p_configId, p_protocolVersion, p_trailerStatus, p_headerFields, p_issuerIdentifier); // log("v_securedGnPdu = ", v_securedGnPdu); f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); Loading @@ -233,25 +233,25 @@ module ItsSecurity_Functions { /** * @desc Prepare a secured DENM * @param p_configId The configuration identifier to be used * @param p_headerFields HeaderFields to be inserted in the message * @param p_signerInfoType Add digest or AT certificate or certificate chain * @param p_headerFields HeaderInfo to be inserted in the message * @param p_issuerIdentifier Add digest or AT certificate or certificate chain * @param p_addMissingHeaders Whether to add mandatory headers not present in p_headerFields * @return Secured GeoNetworking packet containing a CAM */ function f_prepareSecuredDenm( in charstring p_configId, in template (omit) HeaderFields p_headerFields := omit, in SignerInfoType p_signerInfoType := e_certificate, in template (omit) HeaderInfo p_headerFields := omit, in SignerIdentifier p_issuerIdentifier := e_certificate, in boolean p_addMissingHeaders := true ) runs on ItsGeoNetworking return GeoNetworkingPdu { // Local variables var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var template (value) SecuredMessage v_securedMessage; var template (value) Ieee1609Dot2Data v_securedMessage; var template (value) SituationContainer v_situation := m_situation(LibItsCommon_ASN1_NamedNumbers.CauseCodeType_vehicleBreakdown_, LibItsCommon_ASN1_NamedNumbers.VehicleBreakdownSubCauseCode_unavailable_); // Build signed SecuredMessage // Build signed Ieee1609Dot2Data v_gnNonSecuredPacket := valueof( m_geoNwBroadcastPacket( v_longPosVectorNodeB, Loading Loading @@ -284,7 +284,7 @@ module ItsSecurity_Functions { f_buildGnSecuredDenm( v_securedMessage, m_payload_signed(v_gnPayload), p_signerInfoType, p_issuerIdentifier, valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, Loading @@ -307,8 +307,8 @@ module ItsSecurity_Functions { * <li>0 for no trailer</li> * <li>1 for invalid trailer</li> * <li>2 for duplicated trailer</li> * @param p_headerFields HeaderFields to be inserted in the message * @param p_signerInfoType Add digest or AT certificate or certificate chain * @param p_headerFields HeaderInfo to be inserted in the message * @param p_issuerIdentifier Add digest or AT certificate or certificate chain * @param p_addMissingHeaders Whether to add mandatory headers not present in p_headerFields * @return Secured GeoNetworking packet containing a CAM */ Loading @@ -316,18 +316,18 @@ module ItsSecurity_Functions { in charstring p_configId, in UInt8 p_protocolVersion := c_protocol_version, in integer p_trailerStatus := 0, in template (omit) HeaderFields p_headerFields := omit, in SignerInfoType p_signerInfoType := e_certificate, in template (omit) HeaderInfo p_headerFields := omit, in SignerIdentifier p_issuerIdentifier := e_certificate, in boolean p_addMissingHeaders := true ) runs on ItsGeoNetworking return GeoNetworkingPdu { // Local variables var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var template (value) SecuredMessage v_securedMessage; var template (value) Ieee1609Dot2Data v_securedMessage; var template (value) SituationContainer v_situation := m_situation(LibItsCommon_ASN1_NamedNumbers.CauseCodeType_vehicleBreakdown_, LibItsCommon_ASN1_NamedNumbers.VehicleBreakdownSubCauseCode_unavailable_); // Build signed SecuredMessage // Build signed Ieee1609Dot2Data v_gnNonSecuredPacket := valueof( m_geoNwBroadcastPacket( v_longPosVectorNodeB, Loading Loading @@ -362,7 +362,7 @@ module ItsSecurity_Functions { p_protocolVersion, p_trailerStatus, m_payload_signed(v_gnPayload), p_signerInfoType, p_issuerIdentifier, valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, Loading @@ -380,17 +380,17 @@ module ItsSecurity_Functions { /** * @desc Sends a secured DENM * @param p_configId The configuration identifier to be used * @param p_headerFields Additional HeaderFields * @param p_signerInfoType Add digest or AT certificate or certificate chain * @param p_headerFields Additional HeaderInfo * @param p_issuerIdentifier Add digest or AT certificate or certificate chain * @return GeoNetworking payload */ function f_sendSecuredDenm( in charstring p_configId, in template (omit) HeaderFields p_headerFields := omit, in SignerInfoType p_signerInfoType := e_certificate_digest_with_sha256 in template (omit) HeaderInfo p_headerFields := omit, in SignerIdentifier p_issuerIdentifier ) runs on ItsGeoNetworking return GeoNetworkingPdu { // Local variables var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredDenm(p_configId, p_headerFields, p_signerInfoType); var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredDenm(p_configId, p_headerFields, p_issuerIdentifier); f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); Loading @@ -406,19 +406,19 @@ module ItsSecurity_Functions { * <li>0 for no trailer</li> * <li>1 for invalid trailer</li> * <li>2 for duplicated trailer</li> * @param p_headerFields Additional HeaderFields * @param p_signerInfoType Add digest or AT certificate or certificate chain * @param p_headerFields Additional HeaderInfo * @param p_issuerIdentifier Add digest or AT certificate or certificate chain * @return GeoNetworking payload */ function f_sendSecuredDenm_Bo( in charstring p_configId, in UInt8 p_protocolVersion := c_protocol_version, in integer p_trailerStatus := 1, in template (omit) HeaderFields p_headerFields := omit, in SignerInfoType p_signerInfoType := e_certificate_digest_with_sha256 in template (omit) HeaderInfo p_headerFields := omit, in SignerIdentifier p_issuerIdentifier := e_certificate_digest_with_sha256 ) runs on ItsGeoNetworking return GeoNetworkingPdu { // Local variables var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredDenm_Bo(p_configId, p_protocolVersion, p_trailerStatus, p_headerFields, p_signerInfoType); var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredDenm_Bo(p_configId, p_protocolVersion, p_trailerStatus, p_headerFields, p_issuerIdentifier); f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); Loading @@ -433,24 +433,24 @@ module ItsSecurity_Functions { /** * @desc Prepare a secured Beacon * @param p_configId The configuration identifier to be used * @param p_headerFields HeaderFields to be inserted in the message * @param p_signerInfoType Add digest or AT certificate or certificate chain * @param p_headerFields HeaderInfo to be inserted in the message * @param p_issuerIdentifier Add digest or AT certificate or certificate chain * @param p_addMissingHeaders Whether to add mandatory headers not present in p_headerFields * @return Secured GeoNetworking packet containing a CAM */ function f_prepareSecuredBeacon( in charstring p_configId, in template (omit) HeaderFields p_headerFields := omit, in SignerInfoType p_signerInfoType := e_certificate, in template (omit) HeaderInfo p_headerFields := omit, in SignerIdentifier p_issuerIdentifier := e_certificate, in boolean p_addMissingHeaders := true ) runs on ItsGeoNetworking return GeoNetworkingPdu { // Local variables var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var template (value) SecuredMessage v_securedMessage; var template (value) Ieee1609Dot2Data v_securedMessage; // Build signed SecuredMessage // Build signed Ieee1609Dot2Data v_gnNonSecuredPacket := valueof( m_geoNwBroadcastPacket( v_longPosVectorNodeB, Loading @@ -468,7 +468,7 @@ module ItsSecurity_Functions { f_buildGnSecuredOtherMessage( v_securedMessage, m_payload_signed(v_gnPayload), p_signerInfoType, p_issuerIdentifier, valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, Loading @@ -491,8 +491,8 @@ module ItsSecurity_Functions { * <li>0 for no trailer</li> * <li>1 for invalid trailer</li> * <li>2 for duplicated trailer</li> * @param p_headerFields HeaderFields to be inserted in the message * @param p_signerInfoType Add digest or AT certificate or certificate chain * @param p_headerFields HeaderInfo to be inserted in the message * @param p_issuerIdentifier Add digest or AT certificate or certificate chain * @param p_addMissingHeaders Whether to add mandatory headers not present in p_headerFields * @return Secured GeoNetworking packet containing a CAM */ Loading @@ -500,17 +500,17 @@ module ItsSecurity_Functions { in charstring p_configId, in UInt8 p_protocolVersion := c_protocol_version, in integer p_trailerStatus := 0, in template (omit) HeaderFields p_headerFields := omit, in SignerInfoType p_signerInfoType := e_certificate, in template (omit) HeaderInfo p_headerFields := omit, in SignerIdentifier p_issuerIdentifier := e_certificate, in boolean p_addMissingHeaders := true ) runs on ItsGeoNetworking return GeoNetworkingPdu { // Local variables var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var template (value) SecuredMessage v_securedMessage; var template (value) Ieee1609Dot2Data v_securedMessage; // Build signed SecuredMessage // Build signed Ieee1609Dot2Data v_gnNonSecuredPacket := valueof( m_geoNwBroadcastPacket( v_longPosVectorNodeB, Loading @@ -530,7 +530,7 @@ module ItsSecurity_Functions { p_protocolVersion, p_trailerStatus, m_payload_signed(v_gnPayload), p_signerInfoType, p_issuerIdentifier, valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, Loading @@ -548,17 +548,17 @@ module ItsSecurity_Functions { /** * @desc Sends a secured Beacon * @param p_configId The configuration identifier to be used * @param p_headerFields Additional HeaderFields * @param p_signerInfoType Add digest or AT certificate or certificate chain * @param p_headerFields Additional HeaderInfo * @param p_issuerIdentifier Add digest or AT certificate or certificate chain * @return GeoNetworking payload */ function f_sendSecuredBeacon( in charstring p_configId, in template (omit) HeaderFields p_headerFields := omit, in SignerInfoType p_signerInfoType := e_certificate_digest_with_sha256 in template (omit) HeaderInfo p_headerFields := omit, in SignerIdentifier p_issuerIdentifier := e_certificate_digest_with_sha256 ) runs on ItsGeoNetworking return GeoNetworkingPdu { // Local variables var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredBeacon(p_configId, p_headerFields, p_signerInfoType); var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredBeacon(p_configId, p_headerFields, p_issuerIdentifier); f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); Loading @@ -574,19 +574,19 @@ module ItsSecurity_Functions { * <li>0 for no trailer</li> * <li>1 for invalid trailer</li> * <li>2 for duplicated trailer</li> * @param p_headerFields Additional HeaderFields * @param p_signerInfoType Add digest or AT certificate or certificate chain * @param p_headerFields Additional HeaderInfo * @param p_issuerIdentifier Add digest or AT certificate or certificate chain * @return GeoNetworking payload */ function f_sendSecuredBeacon_Bo( in charstring p_configId, in UInt8 p_protocolVersion := c_protocol_version, in integer p_trailerStatus := 1, in template (omit) HeaderFields p_headerFields := omit, in SignerInfoType p_signerInfoType := e_certificate_digest_with_sha256 in template (omit) HeaderInfo p_headerFields := omit, in SignerIdentifier p_issuerIdentifier := e_certificate_digest_with_sha256 ) runs on ItsGeoNetworking return GeoNetworkingPdu { // Local variables var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredBeacon_Bo(p_configId, p_protocolVersion, p_trailerStatus, p_headerFields, p_signerInfoType); var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredBeacon_Bo(p_configId, p_protocolVersion, p_trailerStatus, p_headerFields, p_issuerIdentifier); f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); Loading
ttcn/AtsSecurity/ItsSecurity_TestCases.ttcn +927 −924 File changed.Preview size limit exceeded, changes collapsed. Show changes
ttcn/TestCodec/TestCodec_Certificates.ttcn +19 −342 Original line number Diff line number Diff line Loading @@ -11,6 +11,7 @@ * */ module TestCodec_Certificates { // LibCommon import from LibCommon_BasicTypesAndValues all; import from LibCommon_DataStrings all; Loading @@ -22,202 +23,14 @@ module TestCodec_Certificates { // LibItsSecurity import from LibItsSecurity_EncdecDeclarations all; //import from LibItsSecurity_Templates all; //import from LibItsSecurity_Pixits all; import from LibItsSecurity_TypesAndValues all; import from LibItsSecurity_Templates all; import from LibItsSecurity_Functions all; import from LibItsSecurity_Pixits all; // TestCodec import from TestCodec_TestAndSystem all; template (omit) EtsiTs103097Certificate m_etsiTs103097Certificate( in template (value) IssuerIdentifier p_issuer, in template (value) ToBeSignedCertificate p_toBeSigned, in template (omit) Signature p_signature_ := omit ) := { version := 3, type_ := explicit, issuer := p_issuer, toBeSigned := p_toBeSigned, signature_ := p_signature_ } // End of template m_etsiTs103097Certificate template (value) IssuerIdentifier m_issuerIdentifier_self( in template (value) HashAlgorithm p_self ) := { self_ := p_self } // End of template m_issuerIdentifier_self template (value) IssuerIdentifier m_issuerIdentifier_sha256AndDigest( in template (value) HashedId8 p_sha256AndDigest ) := { sha256AndDigest := p_sha256AndDigest } // End of template m_issuerIdentifier_sha256AndDigest template (value) IssuerIdentifier m_issuerIdentifier_sha384AndDigest( in template (value) HashedId8 p_sha384AndDigest ) := { sha384AndDigest := p_sha384AndDigest } // End of template m_issuerIdentifier_sha384AndDigest template (omit) ToBeSignedCertificate m_toBeSignedCertificate( in template (value) CertificateId p_id, in template (value) HashedId3 p_cracaId, in template (value) CrlSeries p_crlSeries, in template (value) SequenceOfPsidSsp p_appPermissions, in template (value) SequenceOfPsidGroupPermissions p_certIssuePermissions, in template (value) VerificationKeyIndicator p_verifyKeyIndicator, in template (omit) SequenceOfPsidGroupPermissions p_certRequestPermissions := omit, in template (omit) ValidityPeriod p_validityPeriod := omit, in template (omit) GeographicRegion p_region := omit, in template (omit) SubjectAssurance p_assuranceLevel := omit, in template (omit) PublicEncryptionKey p_encryptionKey := omit ) := { id := p_id, cracaId := p_cracaId, crlSeries := p_crlSeries, validityPeriod := p_validityPeriod, region := p_region, assuranceLevel := p_assuranceLevel, appPermissions := p_appPermissions, certIssuePermissions := p_certIssuePermissions, certRequestPermissions := p_certRequestPermissions, canRequestRollover := omit, encryptionKey := p_encryptionKey, verifyKeyIndicator := p_verifyKeyIndicator } // End of template m_toBeSignedCertificate template (value) ValidityPeriod m_validity_period( in Time32 p_start_, in Duration p_duration ) := { start_ := p_start_, duration := p_duration } // End of template m_validity_period template (value) GeographicRegion m_geographicRegion_identifiedRegion( in template (value) SequenceOfIdentifiedRegion p_identifiedRegion ) := { identifiedRegion := p_identifiedRegion } template (value) IdentifiedRegion m_identifiedRegion( in template (value) CountryOnly p_countryOnly ) := { countryOnly := p_countryOnly } template (omit) PsidSsp m_appPermissions( in template (value) Psid p_psid, in template (omit) ServiceSpecificPermissions p_ssp := omit ) := { psid := p_psid, ssp := p_ssp } // End of template m_appPermissions template (value) PsidSspRange m_psidSspRange( in Psid p_psid, in template (value) SspRange p_sspRange := m_SspRange_all ) := { psid := p_psid, sspRange := p_sspRange } // End of template m_psidSspRange template (value) SspRange m_SspRange_all := { all_ := NULL } // End of template m_SspRange_all template (value) SspRange m_SspRange_opaque( in template (value) SequenceOfOctetString p_opaque ) := { opaque := p_opaque } // End of template m_SspRange_opaque template (value) SspRange m_SspRange_bitmapSspRange( in template (value) BitmapSspRange p_bitmapSspRange ) := { bitmapSspRange := p_bitmapSspRange } // End of template m_SspRange_bitmapSspRange template (value) PsidGroupPermissions m_psidGroupPermissions( in template (value) SubjectPermissions p_subjectPermissions, in integer p_minChainLength := 1, in integer p_chainLengthRange := 0, in EndEntityType p_eeType := oct2bit('00'O) ) := { subjectPermissions := p_subjectPermissions, minChainLength := p_minChainLength, chainLengthRange := p_chainLengthRange, eeType := p_eeType } // End of template m_psidGroupPermissions template (value) SubjectPermissions m_subjectPermissions_explicit( in SequenceOfPsidSspRange p_certIssuePermissions ) := { explicit := p_certIssuePermissions } // End of template m_subjectPermissions_explicit template (value) SubjectPermissions m_subjectPermissions_all := { all_ := NULL } // End of template m_subjectPermissions_all template (value) VerificationKeyIndicator m_verificationKeyIndicator_verificationKey( in template (value) PublicVerificationKey p_verificationKey ) := { verificationKey := p_verificationKey } // End of template m_verificationKeyIndicator_verificationKey template (value) VerificationKeyIndicator m_verificationKeyIndicator_reconstructionValue( in template (value) EccP256CurvePoint p_reconstructionValue ) := { reconstructionValue := p_reconstructionValue } // End of template m_verificationKeyIndicator_reconstructionValue template (value) PublicVerificationKey m_publicVerificationKey_ecdsaNistP256( in template (value) EccP256CurvePoint p_ecdsaNistP256 ) := { ecdsaNistP256 := p_ecdsaNistP256 } // End of template m_publicVerificationKey_ecdsaNistP256 template (value) EccP256CurvePoint m_eccP256CurvePoint_compressed_y_0( in Oct32 p_compressed_y_0 ) := { compressed_y_0 := p_compressed_y_0 } // End of template m_eccP256CurvePoint_compressed_y_0 template (value) EccP256CurvePoint m_eccP256CurvePoint_compressed_x_only( in Oct32 p_x_only ) := { x_only := p_x_only } // End of template m_eccP256CurvePoint_compressed_x_only template (value) Signature m_signature_ecdsaNistP256( in template (value) EcdsaP256Signature p_ecdsaNistP256Signature ) := { ecdsaNistP256Signature := p_ecdsaNistP256Signature } template (value) EcdsaP256Signature m_ecdsaNistP256Signature( in template (value) EccP256CurvePoint p_rSig, in template (value) Oct32 p_sSig ) := { rSig := p_rSig, sSig := p_sSig } template (value) EccP256CurvePoint m_eccP256CurvePoint_compressed_y( in template (value) Oct32 p_y ) := { compressed_y_0 := p_y } template (value) EccP256CurvePoint m_eccP256CurvePoint_x_y( in template (value) octetstring p_x, in template (value) octetstring p_y ) := { uncompressedP256 := { x := p_x, y := p_y } } testcase tc_root_certificate_1() runs on TCType system TCType { var template (value) EtsiTs103097Certificate v_cert; // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 1 var charstring v_certId := "STF528 Root Certificate"; Loading Loading @@ -261,7 +74,7 @@ module TestCodec_Certificates { }, m_verificationKeyIndicator_verificationKey( // FIXME Do we use it? If so what is the content? m_publicVerificationKey_ecdsaNistP256( m_eccP256CurvePoint_x_y( m_eccP256CurvePoint_uncompressed( v_publicKeyX, v_publicKeyY ))), Loading @@ -280,7 +93,7 @@ module TestCodec_Certificates { v_sig := f_signWithEcdsaNistp256WithSha256(bit2oct(v_encMsg), v_private_key); v_cert.signature_ := m_signature_ecdsaNistP256( m_ecdsaNistP256Signature( m_eccP256CurvePoint_x_y( m_eccP256CurvePoint_uncompressed( v_publicKeyX, v_publicKeyY ), Loading Loading @@ -339,20 +152,20 @@ module TestCodec_Certificates { '08C3C070B040C040108033070D0501CE0C0A0806017B00F030D203EA04BE0903'O ))), -, m_validity_period( m_validityPeriod( 17469212, { years := 10 } m_duration_years(10) ), m_geographicRegion_identifiedRegion( { m_identifiedRegion(12), m_identifiedRegion(34) m_identifiedRegion_country_only(12), m_identifiedRegion_country_only(34) } ) ), m_signature_ecdsaNistP256( m_ecdsaNistP256Signature( m_eccP256CurvePoint_compressed_x_only( m_eccP256CurvePoint_x_only( '08B2030104020A0D010C0105C0F80BB1460239348D17405C1A845151D4061200'O ), '2617CF4E6B25097F03F502AD0C6F2F125974700D31A60FD1EF12040E4D8231AB'O Loading @@ -365,142 +178,6 @@ module TestCodec_Certificates { setverdict(pass, "Encoding passed."); } // End of testcase tc_certificate_1 group helpersFunctions { group signing { /** * @desc Produces a 256-bit (32-byte) hash value * @param p_toBeHashedData Data to be used to calculate the hash value * @return The hash value */ external function fx_hashWithSha256(in octetstring p_toBeHashedData) return Oct32; /** * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signaturee * @param p_toBeSignedSecuredMessage The data to be signed * @param p_privateKey The private key * @return The signature value */ external function fx_signWithEcdsaNistp256WithSha256(in octetstring p_toBeSignedSecuredMessage, in octetstring/*UInt64*/ p_privateKey) return octetstring; /** * @desc Verify the signature of the specified data * @param p_toBeVerifiedData The data to be verified * @param p_signature The signature * @param p_ecdsaNistp256PublicKeyX The public key (x coordinate) * @param p_ecdsaNistp256PublicKeyY The public key (y coordinate) * @return true on success, false otherwise */ external function fx_verifyWithEcdsaNistp256WithSha256(in octetstring p_toBeVerifiedData, in octetstring p_signature, in octetstring p_ecdsaNistp256PublicKeyX, in octetstring p_ecdsaNistp256PublicKeyY) return boolean; /** * @desc Produce a new public/private key pair based on Elliptic Curve Digital Signature Algorithm (ECDSA) algorithm. * This function should not be used by the ATS * @param p_privateKey The new private key value * @param p_publicKeyX The new public key value (x coordinate) * @param p_publicKeyX The new public key value (y coordinate) * @return true on success, false otherwise */ external function fx_generateKeyPair(out octetstring/*UInt64*/ p_privateKey, out octetstring p_publicKeyX, out octetstring p_publicKeyY) return boolean; } // End of group signing /** * @desc Produces a 256-bit (32-byte) hash value * @param p_toBeHashedData Data to be used to calculate the hash value * @return The hash value */ function f_hashWithSha256( in octetstring p_toBeHashedData ) return Oct32 { return fx_hashWithSha256(p_toBeHashedData); } // End of function f_hashWithSha256 /** * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signaturee * @param p_toBeSignedSecuredMessage The data to be signed * @return The signature value */ function f_signWithEcdsaNistp256WithSha256( in octetstring p_toBeSignedSecuredMessage, in Oct32 p_privateKey ) return octetstring { return fx_signWithEcdsaNistp256WithSha256( p_toBeSignedSecuredMessage, p_privateKey ); } // End of function f_signWithEcdsaNistp256WithSha256 /** * @desc Compute the HashedId8 value from the hash value * @param p_hash The hash value * @return The HashedId8 value * @verdict */ function f_HashedId8FromSha256( in Oct32 p_hash ) return HashedId8 { return substr(p_hash, lengthof(p_hash) - 8, 8); } // End of function f_HashedId8FromSha256 /** * @desc Compute the HashedId3 value from the HashedId8 value * @param p_hashp_hashedId8 The HashedId8 value * @return The HashedId3 value * @verdict Unchanged */ function f_HashedId3FromHashedId8( in HashedId8 p_hashedId8 ) return HashedId3 { return substr(p_hashedId8, lengthof(p_hashedId8) - 3, 3); } // End of function f_HashedId3FromHashedId8 /** * @desc Verify the signature of the specified data * @param p_toBeVerifiedData The data to be verified * @param p_signature The signature * @param p_ecdsaNistp256PublicKeyX The public key (x coordinate) * @param p_ecdsaNistp256PublicKeyY The public key (y coordinate) * @return true on success, false otherwise */ function f_verifyWithEcdsaNistp256WithSha256( in octetstring p_toBeVerifiedData, in octetstring p_signature, in octetstring p_ecdsaNistp256PublicKeyX, in octetstring p_ecdsaNistp256PublicKeyY ) return boolean { // log("f_verifyWithEcdsaNistp256WithSha256: toBeVerifiedData", p_toBeVerifiedData); // log("f_verifyWithEcdsaNistp256WithSha256: toBeVerifiedData length", lengthof(p_toBeVerifiedData)); // log("f_verifyWithEcdsaNistp256WithSha256: signature", p_signature); // log("f_verifyWithEcdsaNistp256WithSha256: ecdsaNistp256PublicKeyX", p_ecdsaNistp256PublicKeyX); // log("f_verifyWithEcdsaNistp256WithSha256: ecdsaNistp256PublicKeyY", p_ecdsaNistp256PublicKeyY); return fx_verifyWithEcdsaNistp256WithSha256( p_toBeVerifiedData, p_signature, p_ecdsaNistp256PublicKeyX, p_ecdsaNistp256PublicKeyY); } // End of function f_verifyWithEcdsaNistp256WithSha256 /** * @desc Produce a new public/private key pair based on Elliptic Curve Digital Signature Algorithm (ECDSA) algorithm. * This function should not be used by the ATS * @param p_privateKey The new private key value * @param p_publicKeyX The new public key value (x coordinate) * @param p_publicKeyX The new public key value (y coordinate) * @return true on success, false otherwise */ function f_generate_key_pair( out octetstring p_privateKey, out octetstring p_publicKeyX, out octetstring p_publicKeyY ) return boolean { return fx_generateKeyPair(p_privateKey, p_publicKeyX, p_publicKeyY); } } control { execute(tc_root_certificate_1()); } Loading
