--***************************************************************************-- -- IEEE Std 1609.2.1: ACA - RA Interface -- --***************************************************************************-- /** * @brief NOTE: Section references in this file are to clauses in IEEE Std * 1609.2.1 unless indicated otherwise. Full forms of acronyms and * abbreviations used in this file are specified in 3.2. */ Ieee1609Dot2Dot1AcaRaInterface {iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) aca-ra(4) major-version-2(2) minor-version-2(2) } DEFINITIONS AUTOMATIC TAGS ::= BEGIN EXPORTS ALL; IMPORTS HashAlgorithm, HashedId8, LaId, PublicEncryptionKey, Time32, Uint8 FROM Ieee1609Dot2BaseTypes {iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base(1) base-types(2) major-version-2(2) minor-version-2(2)} CertificateType, ToBeSignedCertificate FROM Ieee1609Dot2 {iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base(1) schema(1) major-version-2(2) minor-version-3(3)} AcaEeCertResponsePlainSpdu, AcaEeCertResponsePrivateSpdu, AcaEeCertResponseCubkSpdu, Ieee1609Dot2Data-SymmEncryptedSingleRecipient FROM Ieee1609Dot2Dot1Protocol {iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) protocol(17) major-version-2(2) minor-version-2(2)} ; /** * @class AcaRaInterfacePDU * * @brief This is the parent structure for all structures exchanged between * the ACA and the RA. An overview of this structure is as follows: * * @param raAcaCertRequest contains the request for an authorization * certificate from the RA to the ACA on behalf of the EE. * * @param acaRaCertResponse contains the ACA's response to RaAcaCertRequest. */ AcaRaInterfacePdu ::= CHOICE { raAcaCertRequest RaAcaCertRequest, acaRaCertResponse AcaRaCertResponse, ... } /** * @class RaAcaCertRequest * * @brief This structure contains parameters needed to request an individual * authorization certificate. An overview of this structure is as follows: * *

NOTE 1: In the case where the butterfly key mechanism is used to set * certEncKey, the value of j is not communicated to the ACA. However, the EE * that receives the certificate response can only decrypt the response if it * knows j. The RA is therefore anticipated to store j so that it can be * associated with the appropriate certificate response. * *

NOTE 2: The cracaId and crlSeries are set to the indicated values * in the request. The ACA replaces these values with the appropriate values * in the response. * *

NOTE 3: The ACA is not bound by the contents of the request and can * issue certificates that are different from those requested, if so directed * by policy. * * @param version contains the current version of the structure. * * @param generationTime contains the generation time of RaAcaCertRequest. * * @param type indicates whether the request is for an explicit or implicit * certificate (see 4.1.1, 4.1.3.3.1). * * @param flags contains the flags related to the use of the butterfly key * mechanism, and provides the following instructions to the ACA as to how * to generate the response: *
    *
  1. If the flag butterflyExplicit is set, the request is valid only if * the type field is set to explicit. In this case, the ACA uses the * butterfly key derivation for explicit certificates as specified in 9.3. * The field tbsCert.verifyKeyIndicator.verificationKey is used by the ACA as * the cocoon public key for signing. The field privateKeyInfo in the * corresponding AcaEeCertResponse is used by the EE as the random integer to * recover the butterfly private key for signing.
    2. * *
  2. If the flag cubk is set, the request is valid only if the certEncKey * field is absent. In this case, the ACA uses the compact unified variation * of the butterfly key mechanism as specified in 9.3. This means that the * ACA generates an AcaEeCertResponseCubkSpdu instead of an * AcaEeCertResponsePrivateSpdu, and the response is valid only if the ACA * certificate has the flag cubk set.
    3. *
* * @param linkageInfo contains the encrypted prelinkage values needed to * generate the linkage value for the certificate. If linkageInfo is present, * the field tbsCert.id is of type LinkageData, where the iCert field is set * to the actual i-period value and the linkage-value field is set to a dummy * value to be replaced by the ACA with the actual linkage value. The * encrypted prelinkage values are encrypted for the ACA by the LAs. * * @param certEncKey is used in combination with flags.cubk to indicate * the type of response that is expected from the ACA. It is as follows: *
    *
  1. Absent and flags.cubk is not set if the ACA's response doesn't need * to be encrypted. In this case, the ACA responds with * AcaEeCertResponsePlainSpdu.
    2. * *
  2. Absent and flags.cubk is set if the ACA's response is to be encrypted * with the verification key from the request and not signed. In this case, * the ACA responds with AcaEeCertResponseCubkSpdu.
    3. * *
  3. Present and flags.cubk is not set if the ACA's response is to be * encrypted with certEncKey and then signed by the ACA. In this case, the * ACA responds with AcaEeCertResponsePrivateSpdu.
    4. *
* * @param tbsCert contains parameters of the requested certificate. The * certificate type depends on the field type, as follows: *
    *
  1. If type is explicit, the request is valid only if * tbsCert.verifyKeyIndicator is a verificationKey.
    2. * *
  2. If type is implicit, the request is valid only if * tbsCert.verifyKeyIndicator is a reconstructionValue.
    3. *
*/ RaAcaCertRequest ::= SEQUENCE { version Uint8 (2), generationTime Time32, type CertificateType, flags RaAcaCertRequestFlags, linkageInfo LinkageInfo OPTIONAL, certEncKey PublicEncryptionKey OPTIONAL, tbsCert ToBeSignedCertificate (WITH COMPONENTS { ..., cracaId ('000000'H), crlSeries (0), appPermissions PRESENT, certIssuePermissions ABSENT, certRequestPermissions ABSENT }), ... } /** * @class RaAcaCertRequestFlags * * @brief This structure is used to convey information from the RA to the ACA * about operations to be carried out when generating the certificate. For * more details see the specification of RaAcaCertRequest. An overview of * this structure is as follows: */ RaAcaCertRequestFlags ::= BIT STRING {butterflyExplicit (0), cubk (1)} (SIZE (8)) /** * @class LinkageInfo * * @brief This structure contains parameters needed to generate a linkage * value for a given (EE, i, j). An overview of this structure is as follows: * *

NOTE: See Annex D for further discussion of LAs. * * @param encPlv1 contains the EncryptedIndividualPLV from one of the LAs. * * @param encPlv2 contains the EncryptedIndividualPLV from the other LA. */ LinkageInfo ::= SEQUENCE { encPlv1 EncryptedIndividualPLV, encPlv2 EncryptedIndividualPLV, ... } /** * @class EncryptedIndividualPLV * * @brief This structure contains an individual prelinkage value encrypted by * the LA for the ACA using the shared secret key. An overview of this * structure is as follows: * *

NOTE: How the ACA obtains the shared symmetric key and how the RA * associates the encPlv1 and encPlv2 with the correct certificate request are * outside the scope of this document. * * @param version contains the current version of the structure. * * @param laId contains the ID of the LA that created the prelinkage value. * See Annex D for further discussion of LA IDs. * * @param encPlv contains the encrypted individual prelinkage value, that is, * the ciphertext field decrypts to a PreLinkageValue. It contains a pointer * (hash of the shared symmetric key) to the used shared secret encryption key. */ EncryptedIndividualPLV ::= SEQUENCE { version Uint8 (2), laId LaId, encPlv Ieee1609Dot2Data-SymmEncryptedSingleRecipient { PreLinkageValue } } /** * @class PreLinkageValue * * @brief This structure contains an individual prelinkage value. It is an * octet string of length 9 octets. */ PreLinkageValue ::= OCTET STRING (SIZE(9)) /** * @class AcaRaCertResponse * * @brief This structure contains a certificate response by the ACA, * encapsulated for consumption by the EE, as well as associated data for * consumption by the RA. The response is of form AcaEeCertResponsePlainSpdu, * AcaEeCertResponsePrivateSpdu, or AcaEeCertResponseCubkSpdu, and is * generated in response to a successful RaAcaCertRequestSpdu. In this * structure: * * @param version contains the current version of the structure. * * @param generationTime contains the generation time of AcaRaCertResponse. * * @param requestHash contains the hash of the corresponding * RaAcaCertRequestSPDU. * * @param acaResponse contains the certificate for the EE in a suitable form * as determined from the corresponding RaAcaCertRequestSPDU. */ AcaRaCertResponse ::= SEQUENCE { version Uint8 (2), generationTime Time32, requestHash HashedId8, acaResponse AcaResponse, ... } /** * @class AcaResponse * * @brief This structure contains the certificate for the EE in a suitable * form as determined from the corresponding RaAcaCertRequestSPDU. In this * structure: * * @param plain contains the certificate for the EE in plain, that is, without * encryption or signature. This choice is used only when the field * certEncKey is absent and flags.cubk is not set in the corresponding * RaAcaCertRequest. * * @param private contains the certificate for the EE in an encrypted then * signed form to protect the EE's privacy from the RA. This choice is used * only when the field certEncKey is present and flags.cubk is not set in the * corresponding RaAcaCertRequest. * * @param cubk contains the certificate for the EE in an encrypted form. This * choice is used only when the field certEncKey is absent and flags.cubk is * set in the corresponding RaAcaCertRequest. */ AcaResponse ::= CHOICE { plain AcaEeCertResponsePlainSpdu, private AcaEeCertResponsePrivateSpdu, cubk AcaEeCertResponseCubkSpdu, ... } END