/** * @author ETSI / STF544 * @version $URL$ * $Id$ * @desc Module containing functions for ITS PKI ATS * @copyright ETSI Copyright Notification * No part may be reproduced except as authorized by written permission. * The copyright and the foregoing restriction extend to reproduction in all media. * All rights reserved. * */ module ItsPki_Functions { // LibCommon import from LibCommon_BasicTypesAndValues all; import from LibCommon_Time all; // LibIts import from IEEE1609dot2BaseTypes language "ASN.1:1997" all; import from IEEE1609dot2 language "ASN.1:1997" all; import from EtsiTs102941BaseTypes language "ASN.1:1997" all; import from EtsiTs102941TypesEnrolment language "ASN.1:1997" all; import from EtsiTs102941MessagesItss language "ASN.1:1997" all; import from EtsiTs103097Module language "ASN.1:1997" all; // LibItsCommon import from LibItsCommon_TestSystem all; import from LibItsCommon_Functions all; import from LibItsCommon_ASN1_NamedNumbers all; // LibItsDenm import from LibItsDenm_Templates all; import from LibItsDenm_Functions all; import from LibItsDenm_TestSystem all; // LibItsCam import from LibItsCam_Templates all; import from LibItsCam_Functions all; import from LibItsCam_TestSystem all; // LibItsGeoNetworking import from LibItsGeoNetworking_TestSystem all; import from LibItsGeoNetworking_Functions all; import from LibItsGeoNetworking_Templates all; import from LibItsGeoNetworking_TypesAndValues all; // LibItsSecurity import from LibItsSecurity_TypesAndValues all; import from LibItsSecurity_Templates all; import from LibItsSecurity_Functions all; import from LibItsSecurity_TestSystem all; function f_sendEnrollmentRequest( in template (value) InnerEcRequest p_innerEcRequest, in charstring p_configId, in template (value) HeaderInfo p_headerInfo, in SignerIdentifier p_signerIdentifier, in boolean p_addMissingHeaders := true ) runs on ItsGeoNetworking return GeoNetworkingPdu { // Local variables var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_encMsg; var octetstring v_gnPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var EtsiTs103097Data v_securedMessage := {}; // Encode the unsecured payload v_encMsg := bit2oct(encvalue(valueof(p_innerEcRequest))); v_gnPayload := bit2oct(encvalue(valueof(p_innerEcRequest))); // Build signed Ieee1609Dot2Data v_gnNonSecuredPacket := valueof( m_geoNwUnicastPacket_with_payload( v_longPosVectorNodeB, f_getIutShortPosVector(), vc_localSeqNumber, c_defaultHopLimit, m_trafficClass, v_gnPayload )); // Encode it v_gnPayload := bit2oct( encvalue( v_gnNonSecuredPacket ) ); f_buildGnSecuredPki( v_securedMessage, valueof(m_toBeSignedData( m_signedDataPayload( m_etsiTs103097Data_unsecured( v_gnPayload )), p_headerInfo )), p_signerIdentifier, p_configId/*, p_addMissingHeaders*/ ); // Return secured Gn packet return valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); } function f_buildGnSecuredPki( inout EtsiTs103097Data p_securedMessage, in ToBeSignedData p_payloadField, in SignerIdentifier p_signerIdentifierType, in charstring p_certificateName := ""/*, in boolean p_addMissingHeaders := true*/ ) runs on ItsSecurityBaseComponent return boolean { // Local variables var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; // Load certificates if required if (f_prepareCertificates(p_certificateName, v_aaCertificate, v_atCertificate) == false) { return false; } //log("f_buildGnSecuredPki: v_atCertificate = ", v_atCertificate); // Fill the structure with default values, these values will be updated later p_securedMessage := valueof(m_etsiTs103097Data_signed( m_signedData( sha256, p_payloadField, m_signerIdentifier_self, m_signature_ecdsaNistP256( m_ecdsaP256Signature( m_eccP256CurvePoint_x_only(int2oct(0, 32)), int2oct(0, 32) ) ) ) )); // Prepare mandatory headers //log("f_buildGnSecuredPki: p_signerIdentifierType=", p_signerIdentifierType); if (ischosen(p_signerIdentifierType.certificate)) { // Add the AT certificate log("*** " & testcasename() & "f_buildGnSecuredPki: TODO ***"); stop; /* TODO * v_signerInfo := valueof( m_header_info_signer_info( m_signerIdentifier_certificate( v_atCertificate ))); } else if (valueof(p_signerIdentifierType) == e_certificate_chain) { // Add the AT certificate + AA EtsiTs103097Certificate v_signerInfo := valueof( m_header_info_signer_info( m_signerIdentifier_certificates( { v_aaCertificate, v_atCertificate } ) ));*/ } else if (ischosen(p_signerIdentifierType.digest)) { // Add the AT certificate digest if (ischosen(v_atCertificate.issuer.sha256AndDigest)) { p_securedMessage.content.signedData.hashId := sha256; p_securedMessage.content.signedData.signer := valueof(m_signerIdentifier_digest( f_calculateDigestSha256FromCertificate(v_atCertificate) )); } else if (ischosen(v_atCertificate.issuer.sha384AndDigest)) { p_securedMessage.content.signedData.hashId := sha384; p_securedMessage.content.signedData.signer := valueof(m_signerIdentifier_digest( f_calculateDigestSha384FromCertificate(v_atCertificate) )); } } else { log("*** " & testcasename() & "f_buildGnSecuredPki: TODO ***"); stop; } if (ispresent(v_atCertificate.signature_)) { if (ischosen(v_atCertificate.signature_.ecdsaBrainpoolP256r1Signature)) { p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP256r1( m_ecdsaP256Signature( m_eccP256CurvePoint_x_only(int2oct(0, 32)), int2oct(0, 32) ) )); } else if (ischosen(v_atCertificate.signature_.ecdsaBrainpoolP384r1Signature)) { p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP384r1( m_ecdsaP384Signature( m_eccP384CurvePoint_x_only(int2oct(0, 48)), int2oct(0, 48) ) )); } // else, m_signature_ecdsaNistP256 already chosen by default } //log("f_buildGnSecuredPki: p_securedMessage = ", p_securedMessage); return f_buildGnSecuredMessage(p_securedMessage, p_certificateName, p_payloadField/*, v_mandatoryHeaders*/); } // End of function f_buildGnSecuredPki } // End of module ItsPki_Functions