Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
--***************************************************************************--
-- IEEE Std 1609.2.1: ACPC --
--***************************************************************************--
/**
* @brief NOTE: Section references in this file are to clauses in IEEE Std
* 1609.2.1 unless indicated otherwise. Full forms of acronyms and
* abbreviations used in this file are specified in 3.2.
*/
Ieee1609Dot2Dot1Acpc {iso(1) identified-organization(3) ieee(111)
standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
extension-standards(255) dot1(1) interfaces(1) acpc(18) major-version-1(1)
minor-version-2(2)
}
DEFINITIONS AUTOMATIC TAGS ::= BEGIN
EXPORTS ALL;
IMPORTS
HashAlgorithm,
IValue,
Psid,
Time32,
Uint8
FROM Ieee1609Dot2BaseTypes {iso(1) identified-organization(3) ieee(111)
standards-association-numbered-series-standards(2) wave-stds(1609)
dot2(2) base(1) base-types(2) major-version-2(2) minor-version-2(2)}
Ieee1609Dot2Data-Unsecured,
Ieee1609Dot2Data-Signed
FROM Ieee1609Dot2Dot1Protocol {iso(1) identified-organization(3) ieee(111)
standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
extension-standards(255) dot1(1) interfaces(1) protocol(17)
major-version-2(2) minor-version-2(2)}
;
/**
* @class AcpcPdu
*
* @brief This structure contains an APrV structure produced by the CAM. An
* overview of this structure is as follows:
*
* @param tree contains an AprvBinaryTree.
*
* @param aprv contains a single IndividualAprv.
*/
AcpcPdu ::= CHOICE {
tree AprvBinaryTree,
aprv IndividualAprv,
...
}
/**
* @class AprvBinaryTree
*
* @brief This structure encodes a binary tree. An overview of this structure
* is as follows:
*
* @param version contains the current version of the structure.
*
* @param generationTime contains the generation time of AprvBinaryTree.
*
* @param currentI contains the i-value associated with the batch of
* certificates.
*
* @param acpcTreeId contains an identifier for the CAM creating this binary
* tree.
*
* @param hashAlgorithmId contains the identifier of the hash algorithm used
* inside the binary tree.
*
* @param tree contains a bit string indicating which nodes of the tree are
* present. It is calculated as specified in 9.5.4.2, and can be used by the
* EE to determine which entry in nodeValueList to use to derive that EE's
* APrV as specified in 9.5.2.
*
* @param nodeValueList contains the values of the nodes that are present in
* the order indicated by tree.
*/
AprvBinaryTree ::= SEQUENCE {
version Uint8 (2),
generationTime Time32,
currentI IValue,
acpcTreeId AcpcTreeId,
hashAlgorithmId HashAlgorithm,
tree BIT STRING,
nodeValueList SEQUENCE (SIZE (1..MAX)) OF AcpcNodeValue,
...
}
/**
* @class AcpcPsid
*
* @brief This is the PSID used to indicate activities in ACPC as specified in
* this document.
*/
AcpcPsid ::= Psid(2113696)
/**
* @class UnsecuredAprvBinaryTree
*
* @brief This is used to wrap an AprvBinaryTree in an Ieee1609Dot2Data for
* transmission if the policy is that the AprvBinaryTree need not be signed.
* See 9.5.6 for discussion.
*/
UnsecuredAprvBinaryTree ::= Ieee1609Dot2Data-Unsecured {
AcpcPdu (WITH COMPONENTS {tree})
}
/**
* @class SignedAprvBinaryTree
*
* @brief This is used to wrap an AprvBinaryTree in an Ieee1609Dot2Data for
* transmission if the policy is that the AprvBinaryTree be signed. See 9.5.6
* for discussion.
*/
SignedAprvBinaryTree ::= Ieee1609Dot2Data-Signed {
AcpcPdu (WITH COMPONENTS {tree}), AcpcPsid
}
/**
* @class IndividualAprv
*
* @brief This structure contains an individual APrV. An overview of this
* structure is as follows:
*
* @param version contains the current version of the structure.
*
* @param generationTime contains the generation time of IndividualAprv.
*
* @param currentI contains the i-value associated with the batch of
* certificates.
*
* @param acpcTreeId contains an identifier for the CAM creating this binary
* tree.
*
* @param nodeId contains the identifier of the node.
*
* @param nodeValue contains the value of the node.
*/
IndividualAprv ::= SEQUENCE {
version Uint8 (2),
generationTime Time32,
currentI IValue,
acpcTreeId AcpcTreeId,
nodeId BIT STRING,
nodeValue AcpcNodeValue,
...
}
/**
* @class SignedIndividualAprv
*
* @brief This is used to wrap an IndividualAprv in an Ieee1609Dot2Data for
* transmission if the policy is that the IndividualAprv be signed. See 9.5.6
* for discussion.
*/
SignedIndividualAprv ::= Ieee1609Dot2Data-Signed {
AcpcPdu (WITH COMPONENTS {aprv}), AcpcPsid
}
/**
* @class AcpcTreeId
*
* @brief This is an 8 byte string that identifies an ACPC tree series. It is
* required to be globally unique within the system and is the same for all
* ACPC tree instances within the ACPC tree series. Registration of AcpcTreeId
* values is managed by the IEEE RA; see http://standards.ieee.org/regauth. A
* list of assigned AcpcTreeId values is provided in L.2.
*/
AcpcTreeId ::= OCTET STRING (SIZE(8))
/**
* @class AcpcNodeValue
*
* @brief This is a 16 byte string that represents the value of a node in the
* ACPC tree.
*/
AcpcNodeValue ::= OCTET STRING (SIZE(16))
/**
* @class AprvHashCalculationInput
*
* @brief This structure, C-OER encoded, is the input to the hash function to
* calculate child node values from a parent node. By including the ID fields
* it "firewalls" the hash function so that an attacker who inverts the hash
* has only found the hash preimage for a specific node, in a specific tree,
* for a specific time period. An overview of this structure is as follows:
*
* @param version contains the current version of the structure.
*
* @param acpcTreeId contains an identifier for this ACPC tree series.
*
* @param acpcPeriod contains an identifier for the time period for this tree.
* If the certificates for which this set of APrVs are intended have an IValue
* field, acpcPeriod in this structure shall be equal to the IValue field in
* the certificates. How the RA and the CAM synchronize on this value is
* outside the scope of this document.
*
* @param childNodeId contains a bit string of length l encoding the node
* location within the l'th level.
*
* @param parentNodeValue contains the value of the parent node.
*/
AprvHashCalculationInput ::= SEQUENCE {
version Uint8 (2),
acpcTreeId AcpcTreeId,
acpcPeriod IValue,
childNodeId BIT STRING,
parentNodeValue OCTET STRING (SIZE(16)),
...
}
END