Skip to content
GitLab
Commit bc1f01cc authored by garciay's avatar garciay
Browse files

ATS security review

parent 6e69b09b
Expand all Hide whitespace changes
Inline Side-by-side
ttcn/AtsSecurity/ItsSecurity_TestCases.ttcn
View file @ bc1f01cc
This diff is collapsed.
ttcn/TestCodec/TestCodec_Certificates.ttcn
View file @ bc1f01cc
......@@ -83,7 +83,7 @@ module TestCodec_Certificates {
)
);
// Encode it ==> Get octetstring
log("Encode template ", valueof(v_cert));
log("Encode template ", valueof(v_cert.toBeSigned));
v_encMsg := encvalue(v_cert.toBeSigned);
// Sign the certificate using ECDSA/SHA-256 (NIST p-256)
v_sig := f_signWithEcdsaNistp256WithSha256(bit2oct(v_encMsg), v_private_key);
......@@ -98,26 +98,24 @@ module TestCodec_Certificates {
);
// Final certificate
v_encMsg := encvalue(v_cert);
setverdict(pass, "Encoding passed.");
// Decode and check signature
log("################", v_encMsg);
if (decvalue(v_encMsg, v_cert_dec) != 0) {
setverdict(fail);
stop;
}
v_encMsg := encvalue(v_cert_dec.toBeSigned);
v_encMsg := encvalue(v_cert_dec.toBeSigned);
if (f_verifyWithEcdsaNistp256WithSha256(
bit2oct(v_encMsg),
v_cert_dec.signature_.ecdsaNistP256Signature.rSig.x_only & v_cert_dec.signature_.ecdsaNistP256Signature.sSig,
v_cert_dec.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.uncompressedP256.x,
v_cert_dec.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.uncompressedP256.y
) == false) {
) == false) {
setverdict(fail);
} else {
setverdict(pass)
}
}
} // End of testcase tc_root_certificate_sha256_1
/**
......@@ -151,24 +149,28 @@ module TestCodec_Certificates {
v_cert := m_etsiTs103097Certificate(
m_issuerIdentifier_self(v_self),
m_toBeSignedCertificate_ca(
{ name := v_certId },
v_appPermissions,
{
m_psidGroupPermissions(
m_subjectPermissions_explicit(
v_certIssuePermissions
))
},
m_verificationKeyIndicator_verificationKey(
m_publicVerificationKey_ecdsaBrainpoolP256(
m_eccP256CurvePoint_uncompressed(
v_publicKeyX,
v_publicKeyY
)))
)
{ name := v_certId },
v_appPermissions,
{
m_psidGroupPermissions(
m_subjectPermissions_explicit(
v_certIssuePermissions
))
},
m_verificationKeyIndicator_verificationKey(
m_publicVerificationKey_ecdsaBrainpoolP256(
m_eccP256CurvePoint_uncompressed(
v_publicKeyX,
v_publicKeyY
))),
m_validityPeriod(
17469212,
m_duration_years(10)
)
)
);
// Encode it ==> Get octetstring
log("Encode template ", valueof(v_cert));
log("Encode template ", valueof(v_cert.toBeSigned));
v_encMsg := encvalue(v_cert.toBeSigned);
// Sign the certificate using ECDSA/SHA-256 (NIST p-256)
v_sig := f_signWithEcdsaBrainpoolp256WithSha256(bit2oct(v_encMsg), v_private_key);
......@@ -179,10 +181,9 @@ module TestCodec_Certificates {
),
substr(v_sig, 32, 32)
)
);
);
// Final certificate
v_encMsg := encvalue(v_cert);
setverdict(pass, "Encoding passed.");
// Decode and check signature
if (decvalue(v_encMsg, v_cert_dec) != 0) {
......@@ -195,12 +196,12 @@ module TestCodec_Certificates {
v_cert_dec.signature_.ecdsaBrainpoolP256r1Signature.rSig.x_only & v_cert_dec.signature_.ecdsaBrainpoolP256r1Signature.sSig,
v_cert_dec.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1.uncompressedP256.x,
v_cert_dec.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1.uncompressedP256.y
) == false) {
) == false) {
setverdict(fail);
} else {
setverdict(pass)
}
}
} // End of testcase tc_root_certificate_sha256_2
/**
......@@ -247,11 +248,15 @@ module TestCodec_Certificates {
m_eccP384CurvePoint_uncompressed(
v_publicKeyX,
v_publicKeyY
)))
)
))),
m_validityPeriod(
17469212,
m_duration_years(10)
)
)
);
// Encode it ==> Get octetstring
log("Encode template ", valueof(v_cert));
// Encode it ==> Get octetstring
log("Encode template ", valueof(v_cert.toBeSigned));
v_encMsg := encvalue(v_cert.toBeSigned);
// Sign the certificate
v_sig := f_signWithEcdsaBrainpoolp384WithSha384(bit2oct(v_encMsg), v_private_key);
......@@ -265,7 +270,6 @@ module TestCodec_Certificates {
);
// Final certificate
v_encMsg := encvalue(v_cert);
setverdict(pass, "Encoding passed.");
// Decode and check signature
if (decvalue(v_encMsg, v_cert_dec) != 0) {
......@@ -419,7 +423,7 @@ module TestCodec_Certificates {
v_encMsg := encvalue(v_cert.toBeSigned);
// Sign the certificate using ECDSA/SHA-256 (NIST p-256)
v_sig := f_signWithEcdsaNistp256WithSha256(bit2oct(v_encMsg), v_private_key);
log("v_sig = ", v_sig);
v_cert.signature_ := m_signature_ecdsaNistP256(
m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(
......@@ -429,7 +433,7 @@ module TestCodec_Certificates {
)
);
// Final certificate
TestEtsiTs103097Certificate(v_cert, false);
v_encMsg := TestEtsiTs103097Certificate(v_cert, false);
// Decode and check signature
if (decvalue(v_encMsg, v_cert_dec) != 0) {
setverdict(fail);
......@@ -480,11 +484,11 @@ module TestCodec_Certificates {
m_toBeSignedCertificate_at(
v_appPermissions,
m_verificationKeyIndicator_verificationKey(
m_publicVerificationKey_ecdsaNistP256(
m_eccP256CurvePoint_uncompressed(
v_publicKeyX,
v_publicKeyY
))),
m_publicVerificationKey_ecdsaBrainpoolP256(
m_eccP256CurvePoint_uncompressed(
v_publicKeyX,
v_publicKeyY
))),
m_validityPeriod(
17469212,
m_duration_years(10)
......@@ -494,7 +498,7 @@ module TestCodec_Certificates {
// Encode it ==> Get octetstring
log("Encode template ", valueof(v_cert.toBeSigned));
v_encMsg := encvalue(v_cert.toBeSigned);
// Sign the certificate using ECDSA/SHA-256 (NIST p-256)
// Sign the certificate using ECDSA/SHA-256 (BP p-256)
v_sig := f_signWithEcdsaBrainpoolp256WithSha256(bit2oct(v_encMsg), v_private_key);
v_cert.signature_ := m_signature_ecdsaBrainpoolP256r1(
......@@ -506,7 +510,7 @@ module TestCodec_Certificates {
)
);
// Final certificate
v_encMsg := TestEtsiTs103097Certificate(v_cert, false);
v_encMsg := TestEtsiTs103097Certificate(v_cert, false);
// Decode and check signature
if (decvalue(v_encMsg, v_cert_dec) != 0) {
setverdict(fail);
......@@ -514,10 +518,10 @@ module TestCodec_Certificates {
}
v_encMsg := encvalue(v_cert_dec.toBeSigned);
if (f_verifyWithEcdsaBrainpoolp256WithSha256(
bit2oct(v_encMsg),
v_cert_dec.signature_.ecdsaNistP256Signature.rSig.x_only & v_cert_dec.signature_.ecdsaNistP256Signature.sSig,
v_cert_dec.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.uncompressedP256.x,
v_cert_dec.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.uncompressedP256.y
bit2oct(v_encMsg),
v_cert_dec.signature_.ecdsaBrainpoolP256r1Signature.rSig.x_only & v_cert_dec.signature_.ecdsaBrainpoolP256r1Signature.sSig,
v_cert_dec.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1.uncompressedP256.x,
v_cert_dec.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1.uncompressedP256.y
) == false) {
setverdict(fail);
} else {
......@@ -537,7 +541,7 @@ module TestCodec_Certificates {
var Oct32 v_publicKeyY := int2oct(0, 32);
var HashedId8 v_sha256AndDigest;
var Oct32 v_sig := int2oct(0, 32);
var octetstring v_exp_enc_msg := '80030080AF232618BE5E6F55B0811876656869636C652D746573742E6578616D706C652E636F6D5E6F5B0002010A8F1C86000A83010280000C800022010180012381038300010102E08101020100C0E0800102800123818002010081010101000080808208C3C070B040C040108033070D0501CE0C0A0806017B00F030D203EA04BE0903808008B2030104020A0D010C0105C0F80BB1460239348D17405C1A845151D40612002617CF4E6B25097F03F502AD0C6F2F125974700D31A60FD1EF12040E4D8231AB'O;
var octetstring v_exp_enc_msg := '80030080AF232618BE5E6F5558811876656869636C652D746573742E6578616D706C652E636F6D5E6F5B0002010A8F1C86000A83010280000C80002201018001238104038300010102E08101020100C0E0800102800123818002010081010101000080808208C3C070B040C040108033070D0501CE0C0A0806017B00F030D203EA04BE0903808008B2030104020A0D010C0105C0F80BB1460239348D17405C1A845151D40612002617CF4E6B25097F03F502AD0C6F2F125974700D31A60FD1EF12040E4D8231AB'O;
// Generate Private/Public keys
f_generate_key_pair_nistp256(v_private_key, v_publicKeyX, v_publicKeyY);
......
ttcn/TestCodec/TestCodec_ChainOfCertificates.ttcn
View file @ bc1f01cc
......@@ -53,7 +53,7 @@ module TestCodec_ChainOfCertificates {
v_enc_msg := encvalue(v_chain_sec_info.ca.cert.toBeSigned);
if (f_verifyWithEcdsaNistp256WithSha256(
bit2oct(v_enc_msg),
v_chain_sec_info.ca.cert.signature_.ecdsaNistP256Signature.sSig,
v_chain_sec_info.ca.cert.signature_.ecdsaNistP256Signature.rSig.x_only & v_chain_sec_info.ca.cert.signature_.ecdsaNistP256Signature.sSig,
v_chain_sec_info.ca.cert.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.uncompressedP256.x,
v_chain_sec_info.ca.cert.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.uncompressedP256.y
) == false) {
......@@ -72,7 +72,7 @@ module TestCodec_ChainOfCertificates {
v_enc_msg := encvalue(v_chain_sec_info.aa.cert.toBeSigned);
if (f_verifyWithEcdsaNistp256WithSha256(
bit2oct(v_enc_msg),
v_chain_sec_info.aa.cert.signature_.ecdsaNistP256Signature.sSig,
v_chain_sec_info.aa.cert.signature_.ecdsaNistP256Signature.rSig.x_only & v_chain_sec_info.aa.cert.signature_.ecdsaNistP256Signature.sSig,
v_chain_sec_info.ca.cert.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.uncompressedP256.x,
v_chain_sec_info.ca.cert.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.uncompressedP256.y
) == false) {
......@@ -91,7 +91,7 @@ module TestCodec_ChainOfCertificates {
v_enc_msg := encvalue(v_chain_sec_info.at.cert.toBeSigned);
if (f_verifyWithEcdsaNistp256WithSha256(
bit2oct(v_enc_msg),
v_chain_sec_info.at.cert.signature_.ecdsaNistP256Signature.sSig,
v_chain_sec_info.at.cert.signature_.ecdsaNistP256Signature.rSig.x_only & v_chain_sec_info.at.cert.signature_.ecdsaNistP256Signature.sSig,
v_chain_sec_info.aa.cert.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.uncompressedP256.x,
v_chain_sec_info.aa.cert.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.uncompressedP256.y
) == false) {
......@@ -123,14 +123,15 @@ module TestCodec_ChainOfCertificates {
);
// Build the secured message and sign it
v_secured_data := f_build_and_sign_secured_message_nistP256_1(v_gnNonSecuredPacket, v_chain_sec_info.at);
//log("################", m_geoNwSecPdu(v_gnNonSecuredPacket, v_secured_data));
//v_gnSecuredPacket := m_geoNwSecPdu(v_gnNonSecuredPacket, v_secured_data);
//log("tc_full_check_certificate_1: Final GeoNetworking secured message: ", v_gnSecuredPacket);
// Finalyse the GeoNetworking message
v_gnSecuredPacket := m_geoNwSecPdu(v_gnNonSecuredPacket, v_secured_data);
log("tc_full_check_certificate_1: Final GeoNetworking secured message: ", v_gnSecuredPacket);
// Verify signature of AA certificate by CA certificate
// Verify signature of secured messagee by AT certificate
v_enc_msg := encvalue(v_secured_data.content.signedData.tbsData);
if (f_verifyWithEcdsaNistp256WithSha256(
valueof(v_gnSecuredPacket.gnPacket.securedMsg.content.signedData.tbsData.payload.data.content.unsecuredData),
valueof(v_gnSecuredPacket.gnPacket.securedMsg.content.signedData.signature_.ecdsaNistP256Signature.sSig),
bit2oct(v_enc_msg),
valueof(v_secured_data.content.signedData.signature_.ecdsaNistP256Signature.rSig.x_only & v_secured_data.content.signedData.signature_.ecdsaNistP256Signature.sSig),
v_chain_sec_info.at.cert.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.uncompressedP256.x,
v_chain_sec_info.at.cert.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.uncompressedP256.y
) == false) {
......@@ -139,6 +140,8 @@ module TestCodec_ChainOfCertificates {
setverdict(pass)
}
// Finalyse the GeoNetworking message
// TODO Create a chain of certificates
// TODO Add encryption support
......@@ -160,7 +163,7 @@ module TestCodec_ChainOfCertificates {
v_enc_msg := encvalue(v_chain_sec_info.ca.cert.toBeSigned);
if (f_verifyWithEcdsaBrainpoolp256WithSha256(
bit2oct(v_enc_msg),
v_chain_sec_info.ca.cert.signature_.ecdsaBrainpoolP256r1Signature.sSig,
v_chain_sec_info.ca.cert.signature_.ecdsaBrainpoolP256r1Signature.rSig.x_only & v_chain_sec_info.ca.cert.signature_.ecdsaBrainpoolP256r1Signature.sSig,
v_chain_sec_info.ca.cert.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1.uncompressedP256.x,
v_chain_sec_info.ca.cert.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1.uncompressedP256.y
) == false) {
......@@ -177,7 +180,7 @@ module TestCodec_ChainOfCertificates {
v_enc_msg := encvalue(v_chain_sec_info.aa.cert.toBeSigned);
if (f_verifyWithEcdsaBrainpoolp256WithSha256(
bit2oct(v_enc_msg),
v_chain_sec_info.aa.cert.signature_.ecdsaBrainpoolP256r1Signature.sSig,
v_chain_sec_info.aa.cert.signature_.ecdsaBrainpoolP256r1Signature.rSig.x_only & v_chain_sec_info.aa.cert.signature_.ecdsaBrainpoolP256r1Signature.sSig,
v_chain_sec_info.ca.cert.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1.uncompressedP256.x,
v_chain_sec_info.ca.cert.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1.uncompressedP256.y
) == false) {
......@@ -194,7 +197,7 @@ module TestCodec_ChainOfCertificates {
v_enc_msg := encvalue(v_chain_sec_info.at.cert.toBeSigned);
if (f_verifyWithEcdsaBrainpoolp256WithSha256(
bit2oct(v_enc_msg),
v_chain_sec_info.at.cert.signature_.ecdsaBrainpoolP256r1Signature.sSig,
v_chain_sec_info.at.cert.signature_.ecdsaBrainpoolP256r1Signature.rSig.x_only & v_chain_sec_info.at.cert.signature_.ecdsaBrainpoolP256r1Signature.sSig,
v_chain_sec_info.aa.cert.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1.uncompressedP256.x,
v_chain_sec_info.aa.cert.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1.uncompressedP256.y
) == false) {
......@@ -228,10 +231,11 @@ module TestCodec_ChainOfCertificates {
// Finalyse the GeoNetworking message
v_gnSecuredPacket := m_geoNwSecPdu(v_gnNonSecuredPacket, v_secured_data);
log("tc_full_check_certificate_2: Final GeoNetworking secured message: ", v_gnSecuredPacket);
// Verify signature of AA certificate by CA certificate
// Verify signature of Secured message by AT certificate
v_enc_msg := encvalue(v_gnSecuredPacket.gnPacket.securedMsg.content.signedData.tbsData);
if (f_verifyWithEcdsaBrainpoolp256WithSha256(
valueof(v_gnSecuredPacket.gnPacket.securedMsg.content.signedData.tbsData.payload.data.content.unsecuredData),
valueof(v_gnSecuredPacket.gnPacket.securedMsg.content.signedData.signature_.ecdsaBrainpoolP256r1Signature.sSig),
bit2oct(v_enc_msg),
valueof(v_gnSecuredPacket.gnPacket.securedMsg.content.signedData.signature_.ecdsaBrainpoolP256r1Signature.rSig.x_only & v_gnSecuredPacket.gnPacket.securedMsg.content.signedData.signature_.ecdsaBrainpoolP256r1Signature.sSig),
v_chain_sec_info.at.cert.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1.uncompressedP256.x,
v_chain_sec_info.at.cert.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1.uncompressedP256.y
) == false) {
......@@ -635,7 +639,7 @@ module TestCodec_ChainOfCertificates {
var octetstring v_raw_payload_to_be_signed;
var template (value) ToBeSignedData v_toBeSignedData;
var Oct32 v_sig := '0000000000000000000000000000000000000000000000000000000000000000'O;
var template (value) EtsiTs103097Data v_secured_data;
var EtsiTs103097Data v_secured_data;
// Build the message to be signed
v_raw_payload_to_be_signed := bit2oct(encvalue(p_gnNonSecuredPacket));
......@@ -653,24 +657,26 @@ module TestCodec_ChainOfCertificates {
v_raw_payload_to_be_signed := bit2oct(encvalue(v_toBeSignedData));
v_sig := f_signWithEcdsaNistp256WithSha256(v_raw_payload_to_be_signed, p_at_sec_info.private_key);
// Finalize the secured message
v_secured_data := m_etsiTs103097Data_signed(
m_signedData(
sha256,
v_toBeSignedData,
{ digest := p_at_sec_info.hashid8 },
m_signature_ecdsaNistP256(
m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(
substr(v_sig, 0, 32)
),
substr(v_sig, 32, 32)
)
)
)
);
v_secured_data := valueof(
m_etsiTs103097Data_signed(
m_signedData(
sha256,
v_toBeSignedData,
{ digest := p_at_sec_info.hashid8 },
m_signature_ecdsaNistP256(
m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(
substr(v_sig, 0, 32)
),
substr(v_sig, 32, 32)
)
)
)
)
);
log("f_build_and_sign_secured_message_nistP256_1: v_secured_data = ", v_secured_data);
return valueof(v_secured_data);
return v_secured_data;
} // End of function f_build_and_sign_secured_message_nistP256_1
function f_build_and_sign_secured_message_brainpoolP256_1(
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment