Newer
Older
--***************************************************************************--
-- IEEE Std 1609.2.1: ACA - EE Interface --
--***************************************************************************--
/**
* @brief NOTE: Section references in this file are to clauses in IEEE Std
* 1609.2.1 unless indicated otherwise. Full forms of acronyms and
* abbreviations used in this file are specified in 3.2.
*/
Ieee1609Dot2Dot1AcaEeInterface {iso(1) identified-organization(3) ieee(111)
standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
extension-standards(255) dot1(1) interfaces(1) aca-ee(1) major-version-2(2)
DEFINITIONS AUTOMATIC TAGS ::= BEGIN
EXPORTS ALL;
IMPORTS
Time32,
Uint8
FROM Ieee1609Dot2BaseTypes {iso(1) identified-organization(3) ieee(111)
standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
base(1) base-types(2) major-version-2(2) minor-version-4(4)}
--WITH SUCCESSORSthe
Certificate
FROM Ieee1609Dot2 {iso(1) identified-organization(3) ieee(111)
standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
base(1) schema(1) major-version-2(2) minor-version-6(6)}
--WITH SUCCESSORSthe
;
/**
* @class AcaEeInterfacePdu
*
* @brief This is the parent structure for all structures exchanged between
* the ACA and the EE. The ACA � EE interface is a logical interface rather
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
* than a direct communications interface in that there is no direct message
* flow between the ACA and the EE: Messages from the ACA are stored
* by the RA and subsequently forwarded to the EE. The PDUs are identified as
* ACA-EE PDUs even though the RA acts as a forwarder for them because those
* PDUs are created by the ACA and encrypted for the EE, and not modified and
* frequently not read by the RA. An overview of this structure is as follows:
*
* @param acaEeCertResponse contains the ACA's response to
* RaAcaCertRequestSPDU, which is meant for the EE and sent via the RA.
*/
AcaEeInterfacePdu ::= CHOICE {
acaEeCertResponse AcaEeCertResponse,
...
}
/**
* @class AcaEeCertResponse
*
* @brief This structure contains a certificate and associated data as
* generated by the ACA for the EE that will be the holder of that
* certificate. An overview of this structure is as follows:
*
* <br><br>NOTE: In the case where the butterfly expansion function is used
* to set certEncKey in RaAcaCertRequest, the value j is not communicated to
* the ACA. However, the EE that receives the certificate response can only
* decrypt the response if it knows j. The RA is therefore anticipated to
* store j so that it can be associated with the appropriate certificate
* response. The RA encodes j in the filename.
*
* @param version contains the current version of the structure.
*
* @param generationTime contains the generation time of AcaEeCertResponse.
*
* @param certificate contains an authorization certificate generated by the
* ACA. It is of the type indicated by the type field in the corresponding
* request (if the requester requested an incorrect type, the response would
* be an error not an instance of this structure).
*
* @param privateKeyInfo is an optional field that is as follows:
* <ol>
* <li> Present and contains the private key randomization value, if the
* field certificate.type is explicit and the butterfly key mechanism was used
* to generate the certificate. This is used by the EE in deriving the
* butterfly private key for explicit certificates as specified in 9.3.</li>
*
* <li> Present and contains the private key reconstruction value, if the
* field certificate.type is implicit. This is used by the EE as specified in
* 5.3.2 of IEEE Std 1609.2a-2017 (also 9.3 if the butterfly key mechanism is
* used).</li>
*
* <li> Absent otherwise.</li>
* </ol>
*/
AcaEeCertResponse ::= SEQUENCE {
version Uint8 (2),
generationTime Time32,
certificate Certificate,
privateKeyInfo OCTET STRING (SIZE (32)) OPTIONAL,
...
}
END