Skip to content
GitLab
Commit b547d5ee authored by garciay's avatar garciay
Browse files

STF545: Add codecs for PKI

parent 1b604d88
Hide whitespace changes
Inline Side-by-side
ttcn/AtsGenCert/ItsGenCert_Functions.ttcn
View file @ b547d5ee
......@@ -171,7 +171,7 @@ module ItsGenCert_Functions {
// Sign the certificate using ECDSA/SHA-256 (NIST p-256)
if (p_certificate_params.curve == e_nist_p256) {
if (p_issuer_certificate_details.certificate_id != p_certificate_details.certificate_id) { // This is not a CA certificate
v_issuer := p_issuer_certificate_details.enc_cert;
v_issuer := f_hashWithSha256(p_issuer_certificate_details.enc_cert);
} else {
v_issuer := int2oct(0, 32);
}
......@@ -191,7 +191,7 @@ module ItsGenCert_Functions {
));
} else if (p_certificate_params.curve == e_brainpool_p256) {
if (p_issuer_certificate_details.issuer != p_issuer_certificate_details.hashid8) { // This is not a CA certificate
v_issuer := p_issuer_certificate_details.enc_cert;
v_issuer := f_hashWithSha256(p_issuer_certificate_details.enc_cert);
} else {
v_issuer := int2oct(0, 32);
}
......@@ -211,9 +211,9 @@ module ItsGenCert_Functions {
));
} else if (p_certificate_params.curve == e_brainpool_p384) {
if (p_issuer_certificate_details.issuer != p_issuer_certificate_details.hashid8) { // This is not a CA certificate
v_issuer := p_issuer_certificate_details.enc_cert;
v_issuer := f_hashWithSha384(p_issuer_certificate_details.enc_cert);
} else {
v_issuer := int2oct(0, 48);
v_issuer := int2oct(0, 48);
}
v_signature := f_signWithEcdsaBrainpoolp384WithSha384(bit2oct(v_enc_msg), v_issuer, p_issuer_certificate_details.private_key);
if (lengthof(v_signature) != 96) {
......@@ -269,7 +269,7 @@ module ItsGenCert_Functions {
}
// Encode the certificate
p_certificate_details.enc_cert := bit2oct(encvalue(p_certificate_details.certificate));
// Calculate the HashedId8
// Calculate the whole HashedId8 as defined in IEEE Std 1609.2-20XX Clause 6.4.3 CertificateBase
if (p_certificate_params.hash_algorithm == sha256) {
p_certificate_details.hashid8 := f_HashedId8FromSha256(f_hashWithSha256(p_certificate_details.enc_cert));
} else {
......
ttcn/AtsGenCert/ItsGenCert_TypeAndValues.ttcn
View file @ b547d5ee
......@@ -87,7 +87,13 @@ module ItsGenCert_TypeAndValues {
e_brainpool_p256,
e_brainpool_p384
} // End of type Curve
/**
* @desc Certificate description
* @member enc_cert The COER encoding of the whole certificate, including the signature
* @member hashid8 The whole certificate (including the signature) HashedId8, as defined in IEEE Std 1609.2-20XX Clause 6.4.3 CertificateBase
* @member issuer The HashedId8 of the certificate issuer or 0 in case of self signed certificate (root certificate)
*/
type record certificate_details {
charstring certificate_id,
EtsiTs103097Certificate certificate,
......
ttcn/AtsPki/ItsPki_Functions.ttcn
View file @ b547d5ee
......@@ -39,7 +39,6 @@ module ItsPki_Functions {
import from LibItsCam_TestSystem all;
// LibItsGeoNetworking
import from LibItsGeoNetworking_TestSystem all;
import from LibItsGeoNetworking_Functions all;
import from LibItsGeoNetworking_Templates all;
import from LibItsGeoNetworking_TypesAndValues all;
......@@ -48,7 +47,16 @@ module ItsPki_Functions {
import from LibItsSecurity_TypesAndValues all;
import from LibItsSecurity_Templates all;
import from LibItsSecurity_Functions all;
import from LibItsSecurity_TestSystem all;
// LibItsHttp
import from LibItsHttp_TypesAndValues all;
import from LibItsHttp_Templates all;
import from LibItsHttp_BinaryTemplates all;
import from LibItsHttp_Functions all;
// LibItsPki
import from LibItsPki_Templates all;
import from LibItsPki_TestSystem all;
function f_sendEnrollmentRequest(
in template (value) InnerEcRequest p_innerEcRequest,
......@@ -56,7 +64,7 @@ module ItsPki_Functions {
in template (value) HeaderInfo p_headerInfo,
in SignerIdentifier p_signerIdentifier,
in boolean p_addMissingHeaders := true
) runs on ItsGeoNetworking {
) runs on ItsPki {
// Local variables
var GnNonSecuredPacket v_gnNonSecuredPacket;
var GeoNetworkingPdu v_securedGnPdu;
......@@ -64,6 +72,7 @@ module ItsPki_Functions {
var octetstring v_gnPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
var EtsiTs103097Data v_securedMessage := {};
var HeaderLines v_headers;
// Encode the unsecured payload
v_encMsg := bit2oct(encvalue(valueof(p_innerEcRequest)));
......@@ -101,9 +110,12 @@ module ItsPki_Functions {
p_addMissingHeaders*/
);
// Return secured Gn packet
// Encode secured Gn packet
v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage));
f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)));
v_encMsg := bit2oct(encvalue(v_securedGnPdu));
// Send secured Gn packet
f_init_default_headers_list(v_headers);
httpPort.send(m_http_request(m_http_request_post("/", v_headers, m_http_message_body_binary(m_binary_body_raw(v_encMsg)))));
}
function f_buildGnSecuredPki(
......@@ -112,7 +124,7 @@ module ItsPki_Functions {
in SignerIdentifier p_signerIdentifierType,
in charstring p_certificateName := ""/*,
in boolean p_addMissingHeaders := true*/
) runs on ItsGeoNetworking return boolean {
) runs on ItsPki return boolean {
// Local variables
var EtsiTs103097Certificate v_aaCertificate, v_atCertificate;
......
ttcn/AtsPki/ItsPki_TestCases.ttcn
View file @ b547d5ee
......@@ -31,17 +31,13 @@ module ItsPki_TestCases {
import from LibItsCommon_ASN1_NamedNumbers all;
// LibItsGeoNetworking
import from LibItsGeoNetworking_TestSystem all;
import from LibItsGeoNetworking_TypesAndValues all;
import from LibItsGeoNetworking_Functions all;
import from LibItsGeoNetworking_Templates all;
import from LibItsGeoNetworking_TypesAndValues all;
import from LibItsGeoNetworking_Pics all;
// LibItsCam
import from LibItsCam_Templates all;
import from LibItsCam_Functions all;
import from LibItsCam_Templates all;
import from LibItsCam_Functions all;
import from LibItsCam_TestSystem all;
// LibItsDenm
......@@ -56,14 +52,18 @@ module ItsPki_TestCases {
import from LibItsSecurity_Pixits all;
import from LibItsSecurity_Pics all;
// LibItsHttp
import from LibItsHttp_Templates all;
import from LibItsHttp_BinaryTemplates all;
// LibItsPki
import from LibItsPki_Templates all;
import from LibItsPki_TestSystem all;
// AtsPki
import from ItsPki_Functions all;
import from ItsPki_TestSystem all;
testcase TC_SEC_PKI_SND_EA_01_BV() runs on ItsGeoNetworking system ItsPkiSystem {
testcase TC_SEC_PKI_SND_EA_01_BV() runs on ItsPki system ItsPkiSystem {
// Local variables
var LongPosVector v_longPosVectorIut;
......@@ -110,11 +110,15 @@ module ItsPki_TestCases {
);
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed
))) {
[] httpPort.receive(
mw_http_response(
mw_http_response_ok(
mw_http_message_body_binary(
mw_binary_body_raw
/*mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_innerEcResponse()))*/
)))) {
tc_ac.stop;
log("*** " & testcasename() & ": PASS: Security protocol version set to 3 ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
......
ttcn/TestCodec/TestCodec_Certificates.ttcn
View file @ b547d5ee
......@@ -770,107 +770,107 @@ module TestCodec_Certificates {
self_ := sha256
},
toBeSigned := {
id := {
none_ := NULL
},
cracaId := '000000'O,
crlSeries := 0,
validityPeriod := {
start_ := 410313600,
duration := {
hours := 26280
}
},
region := omit,
assuranceLevel := 'C0'O,
appPermissions := omit,
certIssuePermissions := {
{
subjectPermissions := {
explicit := {
{
psid := 36,
sspRange := {
bitmapSspRange := {
sspValue := '01FFFF'O,
sspBitmask := '01FFFF'O
}
}
},
{
psid := 37,
sspRange := {
bitmapSspRange := {
sspValue := '01FFFFFF'O,
sspBitmask := '01FFFFFF'O
}
}
},
{
psid := 137,
sspRange := {
bitmapSspRange := {
sspValue := '01FFFFFF'O,
sspBitmask := '01FFFFFF'O
}
}
},
{
psid := 138,
sspRange := {
bitmapSspRange := {
sspValue := '01FFFFFF'O,
sspBitmask := '01FFFFFF'O
}
}
},
{
psid := 139,
sspRange := {
bitmapSspRange := {
sspValue := '01FFFFFF'O,
sspBitmask := '01FFFFFF'O
}
}
},
{
psid := 140,
sspRange := {
bitmapSspRange := {
sspValue := '01FFFFFF'O,
sspBitmask := '01FFFFFF'O
}
}
},
{
psid := 141,
sspRange := omit
}
}
},
minChainLength := 0,
chainLengthRange := 0,
eeType := '00000000'B
}
},
certRequestPermissions := omit,
canRequestRollover := omit,
encryptionKey := omit,
verifyKeyIndicator := {
verificationKey := {
ecdsaNistP256 := {
compressed_y_0 := 'CB6D12F0886798E4C2FAC41E92E5CDF6C81682E705E0C2905B5AEACECA5BDDAE'O
id := {
none_ := NULL
},
cracaId := '000000'O,
crlSeries := 0,
validityPeriod := {
start_ := 410313600,
duration := {
hours := 26280
}
},
region := omit,
assuranceLevel := 'C0'O,
appPermissions := omit,
certIssuePermissions := {
{
subjectPermissions := {
explicit := {
{
psid := 36,
sspRange := {
bitmapSspRange := {
sspValue := '01FFFF'O,
sspBitmask := '01FFFF'O
}
}
},
{
psid := 37,
sspRange := {
bitmapSspRange := {
sspValue := '01FFFFFF'O,
sspBitmask := '01FFFFFF'O
}
}
},
{
psid := 137,
sspRange := {
bitmapSspRange := {
sspValue := '01FFFFFF'O,
sspBitmask := '01FFFFFF'O
}
}
},
{
psid := 138,
sspRange := {
bitmapSspRange := {
sspValue := '01FFFFFF'O,
sspBitmask := '01FFFFFF'O
}
}
},
{
psid := 139,
sspRange := {
bitmapSspRange := {
sspValue := '01FFFFFF'O,
sspBitmask := '01FFFFFF'O
}
}
},
{
psid := 140,
sspRange := {
bitmapSspRange := {
sspValue := '01FFFFFF'O,
sspBitmask := '01FFFFFF'O
}
}
},
{
psid := 141,
sspRange := omit
}
}
},
minChainLength := 1,
chainLengthRange := 0,
eeType := '00000000'B
}
},
certRequestPermissions := omit,
canRequestRollover := omit,
encryptionKey := omit,
verifyKeyIndicator := {
verificationKey := {
ecdsaNistP256 := {
compressed_y_0 := 'CB6D12F0886798E4C2FAC41E92E5CDF6C81682E705E0C2905B5AEACECA5BDDAE'O
}
}
}
},
signature_ := {
ecdsaNistP256Signature := {
rSig := {
x_only := '424789359DE2597AB0D78A17F08ACDEBB10D31D3F0A25B1362E0B56C1A508013'O
},
sSig := '5638E7E68C8BF24A0356E570DF6465B980ED52317DB89822D099C6E6EE72D39D'O
}
ecdsaNistP256Signature := {
rSig := {
x_only := '424789359DE2597AB0D78A17F08ACDEBB10D31D3F0A25B1362E0B56C1A508013'O
},
sSig := '5638E7E68C8BF24A0356E570DF6465B980ED52317DB89822D099C6E6EE72D39D'O
}
}
};
......@@ -878,12 +878,11 @@ module TestCodec_Certificates {
if (v_res == 0) {
log("Decoded message: ", v_cert_dec);
setverdict(pass, "Decoded succeed");
/* TODO Waiting for bug fixed from Ericson
if (not(match(v_cert_exp, v_cert_dec))) {
setverdict(fail, "Templates mismatch");
} else {
setverdict(pass, "Templates match");
}*/
}
} else {
setverdict(fail, "Decoding failed");
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment