--***************************************************************************--
-- IEEE Std 1609.2.1: ACA - RA Interface --
--***************************************************************************--
/**
* @brief NOTE: Section references in this file are to clauses in IEEE Std
* 1609.2.1 unless indicated otherwise. Full forms of acronyms and
* abbreviations used in this file are specified in 3.2.
*/
Ieee1609Dot2Dot1AcaRaInterface {iso(1) identified-organization(3) ieee(111)
standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
extension-standards(255) dot1(1) interfaces(1) aca-ra(4) major-version-2(2)
minor-version-2(2)
}
DEFINITIONS AUTOMATIC TAGS ::= BEGIN
EXPORTS ALL;
IMPORTS
HashAlgorithm,
HashedId8,
LaId,
PublicEncryptionKey,
Time32,
Uint8
FROM Ieee1609Dot2BaseTypes {iso(1) identified-organization(3) ieee(111)
standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
base(1) base-types(2) major-version-2(2) minor-version-3(3)}
CertificateType,
ToBeSignedCertificate
FROM Ieee1609Dot2 {iso(1) identified-organization(3) ieee(111)
standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
base(1) schema(1) major-version-2(2) minor-version-4(4)}
AcaEeCertResponsePlainSpdu,
AcaEeCertResponsePrivateSpdu,
AcaEeCertResponseCubkSpdu,
Ieee1609Dot2Data-SymmEncryptedSingleRecipient
FROM Ieee1609Dot2Dot1Protocol {iso(1) identified-organization(3) ieee(111)
standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
extension-standards(255) dot1(1) interfaces(1) protocol(17)
major-version-2(2) minor-version-2(2)}
;
/**
* @class AcaRaInterfacePDU
*
* @brief This is the parent structure for all structures exchanged between
* the ACA and the RA. An overview of this structure is as follows:
*
* @param raAcaCertRequest contains the request for an authorization
* certificate from the RA to the ACA on behalf of the EE.
*
* @param acaRaCertResponse contains the ACA's response to RaAcaCertRequest.
*/
AcaRaInterfacePdu ::= CHOICE {
raAcaCertRequest RaAcaCertRequest,
acaRaCertResponse AcaRaCertResponse,
...
}
/**
* @class RaAcaCertRequest
*
* @brief This structure contains parameters needed to request an individual
* authorization certificate. An overview of this structure is as follows:
*
*
NOTE 1: In the case where the butterfly key mechanism is used to set
* certEncKey, the value of j is not communicated to the ACA. However, the EE
* that receives the certificate response can only decrypt the response if it
* knows j. The RA is therefore anticipated to store j so that it can be
* associated with the appropriate certificate response.
*
*
NOTE 2: The cracaId and crlSeries are set to the indicated values
* in the request. The ACA replaces these values with the appropriate values
* in the response.
*
*
NOTE 3: The ACA is not bound by the contents of the request and can
* issue certificates that are different from those requested, if so directed
* by policy.
*
* @param version contains the current version of the structure.
*
* @param generationTime contains the generation time of RaAcaCertRequest.
*
* @param type indicates whether the request is for an explicit or implicit
* certificate (see 4.1.1, 4.1.3.3.1).
*
* @param flags contains the flags related to the use of the butterfly key
* mechanism, and provides the following instructions to the ACA as to how
* to generate the response:
*
* - If the flag butterflyExplicit is set, the request is valid only if
* the type field is set to explicit. In this case, the ACA uses the
* butterfly key derivation for explicit certificates as specified in 9.3.
* The field tbsCert.verifyKeyIndicator.verificationKey is used by the ACA as
* the cocoon public key for signing. The field privateKeyInfo in the
* corresponding AcaEeCertResponse is used by the EE as the random integer to
* recover the butterfly private key for signing.
*
* - If the flag cubk is set, the request is valid only if the certEncKey
* field is absent. In this case, the ACA uses the compact unified variation
* of the butterfly key mechanism as specified in 9.3. This means that the
* ACA generates an AcaEeCertResponseCubkSpdu instead of an
* AcaEeCertResponsePrivateSpdu, and the response is valid only if the ACA
* certificate has the flag cubk set.
*
*
* @param linkageInfo contains the encrypted prelinkage values needed to
* generate the linkage value for the certificate. If linkageInfo is present,
* the field tbsCert.id is of type LinkageData, where the iCert field is set
* to the actual i-period value and the linkage-value field is set to a dummy
* value to be replaced by the ACA with the actual linkage value. The
* encrypted prelinkage values are encrypted for the ACA by the LAs.
*
* @param certEncKey is used in combination with flags.cubk to indicate
* the type of response that is expected from the ACA. It is as follows:
*
* - Absent and flags.cubk is not set if the ACA's response doesn't need
* to be encrypted. In this case, the ACA responds with
* AcaEeCertResponsePlainSpdu.
*
* - Absent and flags.cubk is set if the ACA's response is to be encrypted
* with the verification key from the request and not signed. In this case,
* the ACA responds with AcaEeCertResponseCubkSpdu.
*
* - Present and flags.cubk is not set if the ACA's response is to be
* encrypted with certEncKey and then signed by the ACA. In this case, the
* ACA responds with AcaEeCertResponsePrivateSpdu.
*
*
* @param tbsCert contains parameters of the requested certificate. The
* certificate type depends on the field type, as follows:
*
* - If type is explicit, the request is valid only if
* tbsCert.verifyKeyIndicator is a verificationKey.
*
* - If type is implicit, the request is valid only if
* tbsCert.verifyKeyIndicator is a reconstructionValue.
*
*/
RaAcaCertRequest ::= SEQUENCE {
version Uint8 (2),
generationTime Time32,
type CertificateType,
flags RaAcaCertRequestFlags,
linkageInfo LinkageInfo OPTIONAL,
certEncKey PublicEncryptionKey OPTIONAL,
tbsCert ToBeSignedCertificate (WITH COMPONENTS {
...,
cracaId ('000000'H),
crlSeries (0),
appPermissions PRESENT,
certIssuePermissions ABSENT,
certRequestPermissions ABSENT
}),
...
}
/**
* @class RaAcaCertRequestFlags
*
* @brief This structure is used to convey information from the RA to the ACA
* about operations to be carried out when generating the certificate. For
* more details see the specification of RaAcaCertRequest. An overview of
* this structure is as follows:
*/
RaAcaCertRequestFlags ::=
BIT STRING {butterflyExplicit (0), cubk (1)} (SIZE (8))
/**
* @class LinkageInfo
*
* @brief This structure contains parameters needed to generate a linkage
* value for a given (EE, i, j). An overview of this structure is as follows:
*
*
NOTE: See Annex D for further discussion of LAs.
*
* @param encPlv1 contains the EncryptedIndividualPLV from one of the LAs.
*
* @param encPlv2 contains the EncryptedIndividualPLV from the other LA.
*/
LinkageInfo ::= SEQUENCE {
encPlv1 EncryptedIndividualPLV,
encPlv2 EncryptedIndividualPLV,
...
}
/**
* @class EncryptedIndividualPLV
*
* @brief This structure contains an individual prelinkage value encrypted by
* the LA for the ACA using the shared secret key. An overview of this
* structure is as follows:
*
*
NOTE: How the ACA obtains the shared symmetric key and how the RA
* associates the encPlv1 and encPlv2 with the correct certificate request are
* outside the scope of this document.
*
* @param version contains the current version of the structure.
*
* @param laId contains the ID of the LA that created the prelinkage value.
* See Annex D for further discussion of LA IDs.
*
* @param encPlv contains the encrypted individual prelinkage value, that is,
* the ciphertext field decrypts to a PreLinkageValue. It contains a pointer
* (hash of the shared symmetric key) to the used shared secret encryption key.
*/
EncryptedIndividualPLV ::= SEQUENCE {
version Uint8 (2),
laId LaId,
encPlv Ieee1609Dot2Data-SymmEncryptedSingleRecipient {
PreLinkageValue
}
}
/**
* @class PreLinkageValue
*
* @brief This structure contains an individual prelinkage value. It is an
* octet string of length 9 octets.
*/
PreLinkageValue ::= OCTET STRING (SIZE(9))
/**
* @class AcaRaCertResponse
*
* @brief This structure contains a certificate response by the ACA,
* encapsulated for consumption by the EE, as well as associated data for
* consumption by the RA. The response is of form AcaEeCertResponsePlainSpdu,
* AcaEeCertResponsePrivateSpdu, or AcaEeCertResponseCubkSpdu, and is
* generated in response to a successful RaAcaCertRequestSpdu. In this
* structure:
*
* @param version contains the current version of the structure.
*
* @param generationTime contains the generation time of AcaRaCertResponse.
*
* @param requestHash contains the hash of the corresponding
* RaAcaCertRequestSPDU.
*
* @param acaResponse contains the certificate for the EE in a suitable form
* as determined from the corresponding RaAcaCertRequestSPDU.
*/
AcaRaCertResponse ::= SEQUENCE {
version Uint8 (2),
generationTime Time32,
requestHash HashedId8,
acaResponse AcaResponse,
...
}
/**
* @class AcaResponse
*
* @brief This structure contains the certificate for the EE in a suitable
* form as determined from the corresponding RaAcaCertRequestSPDU. In this
* structure:
*
* @param plain contains the certificate for the EE in plain, that is, without
* encryption or signature. This choice is used only when the field
* certEncKey is absent and flags.cubk is not set in the corresponding
* RaAcaCertRequest.
*
* @param private contains the certificate for the EE in an encrypted then
* signed form to protect the EE's privacy from the RA. This choice is used
* only when the field certEncKey is present and flags.cubk is not set in the
* corresponding RaAcaCertRequest.
*
* @param cubk contains the certificate for the EE in an encrypted form. This
* choice is used only when the field certEncKey is absent and flags.cubk is
* set in the corresponding RaAcaCertRequest.
*/
AcaResponse ::= CHOICE {
plain AcaEeCertResponsePlainSpdu,
private AcaEeCertResponsePrivateSpdu,
cubk AcaEeCertResponseCubkSpdu,
...
}
END