/** * @author ETSI / STF544 * @version $URL$ * $Id$ * @desc Module containing functions for ITS PKI ATS * @copyright ETSI Copyright Notification * No part may be reproduced except as authorized by written permission. * The copyright and the foregoing restriction extend to reproduction in all media. * All rights reserved. * */ module ItsPki_Functions { // LibCommon import from LibCommon_BasicTypesAndValues all; import from LibCommon_Time all; // LibIts import from IEEE1609dot2BaseTypes language "ASN.1:1997" all; import from IEEE1609dot2 language "ASN.1:1997" all; import from EtsiTs102941BaseTypes language "ASN.1:1997" all; import from EtsiTs102941TypesEnrolment language "ASN.1:1997" all; import from EtsiTs102941MessagesItss language "ASN.1:1997" all; import from EtsiTs103097Module language "ASN.1:1997" all; // LibItsCommon import from LibItsCommon_TestSystem all; import from LibItsCommon_Functions all; import from LibItsCommon_ASN1_NamedNumbers all; // LibItsGeoNetworking //import from LibItsGeoNetworking_Functions all; //import from LibItsGeoNetworking_Templates all; //import from LibItsGeoNetworking_TypesAndValues all; // LibItsSecurity import from LibItsSecurity_TypesAndValues all; import from LibItsSecurity_Templates all; import from LibItsSecurity_Functions all; // LibItsHttp import from LibItsHttp_TypesAndValues all; import from LibItsHttp_Templates all; import from LibItsHttp_BinaryTemplates all; import from LibItsHttp_Functions all; // LibItsPki import from LibItsPki_Templates all; import from LibItsPki_TestSystem all; function f_sendEnrollmentRequest( in template (value) InnerEcRequest p_innerEcRequest, in charstring p_configId, in template (value) HeaderInfo p_headerInfo, in SignerIdentifier p_signerIdentifier ) runs on ItsPki { // Local variables var octetstring v_encMsg; var octetstring v_raw_payload_to_be_signed; var EtsiTs103097Data v_securedMessage := {}; var HeaderLines v_headers; // Encode the unsecured payload v_encMsg := bit2oct(encvalue(valueof(p_innerEcRequest))); v_raw_payload_to_be_signed := bit2oct(encvalue(valueof(p_innerEcRequest))); // Build signed Ieee1609Dot2Data f_buildSecuredPki( v_securedMessage, valueof(m_toBeSignedData( m_signedDataPayload( m_etsiTs103097Data_unsecured( v_raw_payload_to_be_signed )), p_headerInfo )), p_signerIdentifier, p_configId ); // Send HTTP request v_encMsg := bit2oct(encvalue(v_securedMessage)); f_init_default_headers_list(v_headers); httpPort.send(m_http_request(m_http_request_post("/", v_headers, m_http_message_body_binary(m_binary_body_raw(v_encMsg))))); } function f_buildSecuredPki( inout EtsiTs103097Data p_securedMessage, in ToBeSignedData p_payloadField, in SignerIdentifier p_signerIdentifierType, in charstring p_certificateName := ""/*, in boolean p_addMissingHeaders := true*/ ) runs on ItsPki return boolean { // Local variables var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; // Load certificates if required if (f_prepareCertificates(p_certificateName, v_aaCertificate, v_atCertificate) == false) { return false; } //log("f_buildSecuredPki: v_atCertificate = ", v_atCertificate); // Fill the structure with default values, these values will be updated later p_securedMessage := valueof(m_etsiTs103097Data_signed( m_signedData( sha256, p_payloadField, m_signerIdentifier_self, m_signature_ecdsaNistP256( m_ecdsaP256Signature( m_eccP256CurvePoint_x_only(int2oct(0, 32)), int2oct(0, 32) ) ) ) )); // Prepare mandatory headers //log("f_buildSecuredPki: p_signerIdentifierType=", p_signerIdentifierType); if (ischosen(p_signerIdentifierType.certificate)) { // Add the AT certificate log("*** " & testcasename() & "f_buildSecuredPki: TODO ***"); stop; /* TODO * v_signerInfo := valueof( m_header_info_signer_info( m_signerIdentifier_certificate( v_atCertificate ))); } else if (valueof(p_signerIdentifierType) == e_certificate_chain) { // Add the AT certificate + AA EtsiTs103097Certificate v_signerInfo := valueof( m_header_info_signer_info( m_signerIdentifier_certificates( { v_aaCertificate, v_atCertificate } ) ));*/ } else if (ischosen(p_signerIdentifierType.digest)) { // Add the AT certificate digest if (ischosen(v_atCertificate.issuer.sha256AndDigest)) { p_securedMessage.content.signedData.hashId := sha256; p_securedMessage.content.signedData.signer := valueof(m_signerIdentifier_digest( f_calculateDigestSha256FromCertificate(v_atCertificate) )); } else if (ischosen(v_atCertificate.issuer.sha384AndDigest)) { p_securedMessage.content.signedData.hashId := sha384; p_securedMessage.content.signedData.signer := valueof(m_signerIdentifier_digest( f_calculateDigestSha384FromCertificate(v_atCertificate) )); } } else { log("*** " & testcasename() & "f_buildSecuredPki: TODO ***"); stop; } if (ispresent(v_atCertificate.signature_)) { if (ischosen(v_atCertificate.signature_.ecdsaBrainpoolP256r1Signature)) { p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP256r1( m_ecdsaP256Signature( m_eccP256CurvePoint_x_only(int2oct(0, 32)), int2oct(0, 32) ) )); } else if (ischosen(v_atCertificate.signature_.ecdsaBrainpoolP384r1Signature)) { p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP384r1( m_ecdsaP384Signature( m_eccP384CurvePoint_x_only(int2oct(0, 48)), int2oct(0, 48) ) )); } // else, m_signature_ecdsaNistP256 already chosen by default } log("f_buildSecuredPki: p_securedMessage = ", p_securedMessage); return true; } // End of function f_buildSecuredPki } // End of module ItsPki_Functions