Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
--***************************************************************************--
-- IEEE Std 1609.2.1: ACA - EE Interface --
--***************************************************************************--
/**
* @brief NOTE: Section references in this file are to clauses in IEEE Std
* 1609.2.1 unless indicated otherwise. Full forms of acronyms and
* abbreviations used in this file are specified in 3.2.
*/
Ieee1609Dot2Dot1AcaEeInterface {iso(1) identified-organization(3) ieee(111)
standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
extension-standards(255) dot1(1) interfaces(1) aca-ee(1) major-version-2(2)
minor-version-2(2)
}
DEFINITIONS AUTOMATIC TAGS ::= BEGIN
EXPORTS ALL;
IMPORTS
Time32,
Uint8
FROM Ieee1609Dot2BaseTypes {iso(1) identified-organization(3) ieee(111)
standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
base(1) base-types(2) major-version-2(2) minor-version-2(2)}
Certificate
FROM Ieee1609Dot2 {iso(1) identified-organization(3) ieee(111)
standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
base(1) schema(1) major-version-2(2) minor-version-3(3)}
;
/**
* @class AcaEeInterfacePdu
*
* @brief This is the parent structure for all structures exchanged between
* the ACA and the EE. The ACA – EE interface is a logical interface rather
* than a direct communications interface in that there is no direct message
* flow between the ACA and the EE: Messages from the ACA are stored
* by the RA and subsequently forwarded to the EE. The PDUs are identified as
* ACA-EE PDUs even though the RA acts as a forwarder for them because those
* PDUs are created by the ACA and encrypted for the EE, and not modified and
* frequently not read by the RA. An overview of this structure is as follows:
*
* @param acaEeCertResponse contains the ACA's response to
* RaAcaCertRequestSPDU, which is meant for the EE and sent via the RA.
*/
AcaEeInterfacePdu ::= CHOICE {
acaEeCertResponse AcaEeCertResponse,
...
}
/**
* @class AcaEeCertResponse
*
* @brief This structure contains a certificate and associated data as
* generated by the ACA for the EE that will be the holder of that
* certificate. An overview of this structure is as follows:
*
* <br><br>NOTE: In the case where the butterfly expansion function is used
* to set certEncKey in RaAcaCertRequest, the value j is not communicated to
* the ACA. However, the EE that receives the certificate response can only
* decrypt the response if it knows j. The RA is therefore anticipated to
* store j so that it can be associated with the appropriate certificate
* response. The RA encodes j in the filename.
*
* @param version contains the current version of the structure.
*
* @param generationTime contains the generation time of AcaEeCertResponse.
*
* @param certificate contains an authorization certificate generated by the
* ACA. It is of the type indicated by the type field in the corresponding
* request (if the requester requested an incorrect type, the response would
* be an error not an instance of this structure).
*
* @param privateKeyInfo is an optional field that is as follows:
* <ol>
* <li> Present and contains the private key randomization value, if the
* field certificate.type is explicit and the butterfly key mechanism was used
* to generate the certificate. This is used by the EE in deriving the
* butterfly private key for explicit certificates as specified in 9.3.</li>
*
* <li> Present and contains the private key reconstruction value, if the
* field certificate.type is implicit. This is used by the EE as specified in
* 5.3.2 of IEEE Std 1609.2a-2017 (also 9.3 if the butterfly key mechanism is
* used).</li>
*
* <li> Absent otherwise.</li>
* </ol>
*/
AcaEeCertResponse ::= SEQUENCE {
version Uint8 (2),
generationTime Time32,
certificate Certificate,
privateKeyInfo OCTET STRING (SIZE (32)) OPTIONAL,
...
}
END