/* * @author * * @version * 1.0 * @desc * * @remark * * @see * */ module TestCodec_Certificates { // LibCommon import from LibCommon_BasicTypesAndValues all; import from LibCommon_DataStrings all; // LibIts import from IEEE1609dot2BaseTypes language "ASN.1:1997" all; import from IEEE1609dot2 language "ASN.1:1997" all; import from EtsiTs103097Module language "ASN.1:1997" all; // LibItsSecurity import from LibItsSecurity_EncdecDeclarations all; import from LibItsSecurity_TypesAndValues all; import from LibItsSecurity_Templates all; import from LibItsSecurity_Functions all; import from LibItsSecurity_Pixits all; // TestCodec import from TestCodec_TestAndSystem all; testcase tc_root_certificate_1() runs on TCType system TCType { var template (value) EtsiTs103097Certificate v_cert; // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 1 var charstring v_certId := "STF528 Root Certificate"; var HashAlgorithm v_self := sha256; // ETSI TS 103 097 V1.3.1 Clause 7.2.3 Root CA certificates Bullet 1 var HashedId3 v_cracaId := '000000'O; // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 2 var CrlSeries v_crlSeries := 0; // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 3 var SequenceOfPsidSsp v_appPermissions := { // ETSI TS 102 965 Table A.1: ETSI ITS standardized ITS-AIDs valueof(m_appPermissions(36, { bitmapSsp := '830001'O })), valueof(m_appPermissions(37, { bitmapSsp := '830001'O })) }; var SequenceOfPsidSspRange v_certIssuePermissions := { // ETSI TS 103 097 V1.3.1 Clause 7.2.3 Root CA certificates Bullet 3 valueof(m_psidSspRange(1)) // FIXME What is the content of certIssuePermissions? }; var SequenceOfPsidSspRange v_certRequestPermissions := { // FIXME Could this componet be present? If yes, What is the content of certIssuePermissions? valueof(m_psidSspRange(2)) }; var octetstring v_private_key := ''O; var octetstring v_publicKeyX := ''O; var octetstring v_publicKeyY := ''O; var HashedId8 v_sha256AndDigest; var octetstring v_sig := ''O; var bitstring v_encMsg := ''B; // Generate Private/Public keys f_generate_key_pair(v_private_key, v_publicKeyX, v_publicKeyX); // Store Private key in binary format //f_save_key(v_private_key); // Fill Certificate template with the public key v_cert := m_etsiTs103097Certificate( m_issuerIdentifier_self(v_self), m_toBeSignedCertificate( { name := v_certId }, v_cracaId, v_crlSeries, v_appPermissions, { m_psidGroupPermissions( m_subjectPermissions_explicit( v_certIssuePermissions )) }, m_verificationKeyIndicator_verificationKey( // FIXME Do we use it? If so what is the content? m_publicVerificationKey_ecdsaNistP256( m_eccP256CurvePoint_uncompressed( v_publicKeyX, v_publicKeyY ))), { m_psidGroupPermissions( m_subjectPermissions_explicit( v_certRequestPermissions )) } ) ); // Encode it ==> Get octetstring log("Encode template ", valueof(v_cert)); v_encMsg := encvalue(v_cert.toBeSigned); // Sign the certificate using ECDSA/SHA-256 (NIST p-256) v_sig := f_signWithEcdsaNistp256WithSha256(bit2oct(v_encMsg), v_private_key); v_cert.signature_ := m_signature_ecdsaNistP256( m_ecdsaNistP256Signature( m_eccP256CurvePoint_uncompressed( v_publicKeyX, v_publicKeyY ), v_sig ) ); // Final certificate v_encMsg := encvalue(v_cert); setverdict(pass, "Encoding passed."); } // End of testcase tc_root_certificate_1 testcase tc_certificate_1() runs on TCType system TCType { var template (value) EtsiTs103097Certificate v_cert; var charstring v_certId := "vehicle-test.example.com"; var HashAlgorithm v_self := sha256; var HashedId3 v_cracaId := '5E6F5B'O; var CrlSeries v_crlSeries := 2; var octetstring v_private_key := ''O; var octetstring v_publicKeyX := ''O; var octetstring v_publicKeyY := ''O; var HashedId8 v_sha256AndDigest; var octetstring v_sig := ''O; var bitstring v_encMsg := ''B; // Generate Private/Public keys f_generate_key_pair(v_private_key, v_publicKeyX, v_publicKeyX); // Store Private key in binary format //f_save_key(v_private_key); // Fill Certificate template with the public key v_cert := m_etsiTs103097Certificate( m_issuerIdentifier_sha256AndDigest('AF232618BE5E6F55'O), m_toBeSignedCertificate( { name := v_certId }, v_cracaId, v_crlSeries, { valueof(m_appPermissions(35, { bitmapSsp := '830001'O })) }, { m_psidGroupPermissions( m_subjectPermissions_all, 2, 0, oct2bit('C0'O) ), m_psidGroupPermissions( m_subjectPermissions_explicit( { valueof(m_psidSspRange(35)), valueof(m_psidSspRange(256)) } )) }, m_verificationKeyIndicator_verificationKey( // FIXME Do we use it? If so what is the content? m_publicVerificationKey_ecdsaNistP256( m_eccP256CurvePoint_compressed_y_0( '08C3C070B040C040108033070D0501CE0C0A0806017B00F030D203EA04BE0903'O ))), -, m_validityPeriod( 17469212, m_duration_years(10) ), m_geographicRegion_identifiedRegion( { m_identifiedRegion_country_only(12), m_identifiedRegion_country_only(34) } ) ), m_signature_ecdsaNistP256( m_ecdsaNistP256Signature( m_eccP256CurvePoint_x_only( '08B2030104020A0D010C0105C0F80BB1460239348D17405C1A845151D4061200'O ), '2617CF4E6B25097F03F502AD0C6F2F125974700D31A60FD1EF12040E4D8231AB'O ) ) ); v_encMsg := encvalue(v_cert); setverdict(pass, "Encoding passed."); } // End of testcase tc_certificate_1 control { execute(tc_root_certificate_1()); } } // End of module TestCodec_Certificates