--***************************************************************************--
-- IEEE Std 1609.2.1: Protocol --
--***************************************************************************--
/**
* @brief NOTE: Section references in this file are to clauses in IEEE Std
* 1609.2.1 unless indicated otherwise. Full forms of acronyms and
* abbreviations used in this file are specified in 3.2.
*/
Ieee1609Dot2Dot1Protocol {iso(1) identified-organization(3) ieee(111)
standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
extension-standards(255) dot1(1) interfaces(1) protocol(17)
major-version-2(2) minor-version-2(2)}
DEFINITIONS AUTOMATIC TAGS ::= BEGIN
EXPORTS ALL;
IMPORTS
CrlSeries,
EccP256CurvePoint,
EccP384CurvePoint,
EcdsaP256Signature,
EcdsaP384Signature,
GeographicRegion,
HashAlgorithm,
HashedId3,
Psid,
PublicEncryptionKey,
SequenceOfPsid,
SequenceOfPsidSsp,
SubjectAssurance,
Uint8,
Uint16,
ValidityPeriod
FROM Ieee1609Dot2BaseTypes {iso(1) identified-organization(3) ieee(111)
standards-association-numbered-series-standards(2) wave-stds(1609)
dot2(2) base(1) base-types(2) major-version-2(2) minor-version-2(2)}
Certificate,
CertificateId,
Ieee1609Dot2Data,
SequenceOfCertificate,
SequenceOfPsidGroupPermissions,
SignerIdentifier,
VerificationKeyIndicator
FROM Ieee1609Dot2 {iso(1) identified-organization(3) ieee(111)
standards-association-numbered-series-standards(2) wave-stds(1609)
dot2(2) base(1) schema(1) major-version-2(2) minor-version-3(3)}
AcaEeInterfacePdu
FROM Ieee1609Dot2Dot1AcaEeInterface {iso(1) identified-organization(3)
ieee(111) standards-association-numbered-series-standards(2)
wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1)
aca-ee(1) major-version-2(2) minor-version-2(2)}
AcaLaInterfacePdu
FROM Ieee1609Dot2Dot1AcaLaInterface {iso(1) identified-organization(3)
ieee(111) standards-association-numbered-series-standards(2)
wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1)
aca-la(2) major-version-2(2)}
AcaMaInterfacePdu
FROM Ieee1609Dot2Dot1AcaMaInterface {iso(1) identified-organization(3)
ieee(111) standards-association-numbered-series-standards(2)
wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1)
aca-ma(3) major-version-2(2)}
AcaRaInterfacePdu
FROM Ieee1609Dot2Dot1AcaRaInterface {iso(1) identified-organization(3)
ieee(111) standards-association-numbered-series-standards(2)
wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1)
aca-ra(4) major-version-2(2) minor-version-2(2)}
AcpcTreeId
FROM Ieee1609Dot2Dot1Acpc {iso(1) identified-organization(3) ieee(111)
standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
extension-standards(255) dot1(1) interfaces(1) acpc(18) major-version-1(1) minor-version-2(2)}
CertManagementPdu
FROM Ieee1609Dot2Dot1CertManagement{iso(1) identified-organization(3) ieee(111)
standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
extension-standards(255) dot1(1) interfaces(1) cert-management(7)
major-version-2(2) minor-version-2(2)}
EcaEeInterfacePdu
FROM Ieee1609Dot2Dot1EcaEeInterface {iso(1) identified-organization(3)
ieee(111) standards-association-numbered-series-standards(2)
wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1)
eca-ee(9) major-version-2(2) minor-version-2(2)}
EeMaInterfacePdu
FROM Ieee1609Dot2Dot1EeMaInterface {iso(1) identified-organization(3) ieee(111)
standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
extension-standards(255) dot1(1) interfaces(1) ee-ma(10) major-version-2(2)}
EeRaInterfacePdu
FROM Ieee1609Dot2Dot1EeRaInterface {iso(1) identified-organization(3) ieee(111)
standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
extension-standards(255) dot1(1) interfaces(1) ee-ra(11) major-version-2(2) minor-version-2(2)}
LaMaInterfacePdu
FROM Ieee1609Dot2Dot1LaMaInterface {iso(1) identified-organization(3) ieee(111)
standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
extension-standards(255) dot1(1) interfaces(1) la-ma(12) major-version-2(2)}
LaRaInterfacePdu
FROM Ieee1609Dot2Dot1LaRaInterface {iso(1) identified-organization(3) ieee(111)
standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
extension-standards(255) dot1(1) interfaces(1) la-ra(13) major-version-2(2)}
MaRaInterfacePdu
FROM Ieee1609Dot2Dot1MaRaInterface {iso(1) identified-organization(3) ieee(111)
standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
extension-standards(255) dot1(1) interfaces(1) ma-ra(14) major-version-2(2)}
;
/**
* @class SecurityMgmtPsid
*
* @brief This PSID, 0x23, identifies security management activities as
* defined in this document.
*/
SecurityMgmtPsid ::= Psid (35)
/**
* @class ScmsPdu
*
* @brief This is the parent structure that encompasses all parent structures
* of interfaces defined in the SCMS. An overview of this structure is as
* follows:
*
* @param version contains the current version of the structure.
*
* @param aca-ee contains the interface structures defined for interaction
* between the ACA and the EE.
*
* @param aca-la contains the interface structures defined for interaction
* between the ACA and the LA.
*
* @param aca-ma contains the interface structures defined for interaction
* between the ACA and the MA.
*
* @param aca-ra contains the interface structures defined for interaction
* between the ACA and the RA.
*
* @param cert contains the interface structures defined for certificate
* management.
*
* @param eca-ee contains the interface structures defined for interaction
* between the ECA and the EE.
*
* @param ee-ma contains the interface structures defined for interaction
* between the EE and the MA.
*
* @param ee-ra contains the interface structures defined for interaction
* between the EE and the RA.
*
* @param la-ma contains the interface structures defined for interaction
* between the LA and the MA.
*
* @param la-ra contains the interface structures defined for interaction
* between the LA and the RA.
*
* @param ma-ra contains the interface structures defined for interactions
* between the MA and the RA.
*/
ScmsPdu ::= SEQUENCE {
version Uint8 (2),
content CHOICE {
aca-ee AcaEeInterfacePdu,
aca-la AcaLaInterfacePdu,
aca-ma AcaMaInterfacePdu,
aca-ra AcaRaInterfacePdu,
cert CertManagementPdu,
eca-ee EcaEeInterfacePdu,
ee-ma EeMaInterfacePdu,
ee-ra EeRaInterfacePdu,
la-ma LaMaInterfacePdu,
la-ra LaRaInterfacePdu,
ma-ra MaRaInterfacePdu,
...
}
}
--***************************************************************************--
-- Types from IEEE 1609.2 Redefined --
--***************************************************************************--
/**
* @class PublicVerificationKey
*
* @brief This structure represents a public key and states with what
* algorithm the public key is to be used. Cryptographic mechanisms are
* defined in 5.3 of IEEE Std 1609.2a-2017.
*
*
An EccP256CurvePoint or EccP384CurvePoint within a
* PublicVerificationKey structure is invalid if it indicates the choice
* x-only.
*
*
Critical information fields:
*
* - If present, this is a critical information field as defined in 5.2.6
* of IEEE Std 1609.2-2016. An implementation that does not recognize the
* indicated CHOICE when verifying a signed SPDU shall indicate that the
* signed SPDU is invalid.
*
*/
PublicVerificationKey ::= CHOICE {
ecdsaNistP256 EccP256CurvePoint,
ecdsaBrainpoolP256r1 EccP256CurvePoint,
... ,
ecdsaBrainpoolP384r1 EccP384CurvePoint,
ecdsaNistP384 EccP384CurvePoint
}
/**
* @class Signature
*
* @brief This structure represents a signature for a supported public key
* algorithm. It may be contained within SignedData or Certificate.
*/
Signature ::= CHOICE {
ecdsaNistP256Signature EcdsaP256Signature,
ecdsaBrainpoolP256r1Signature EcdsaP256Signature,
...,
ecdsaBrainpoolP384r1Signature EcdsaP384Signature,
ecdsaNistP384Signature EcdsaP384Signature
}
/**
* @class ToBeSignedCertificate
*
* @brief This is the ToBeSignedCertificate structure from IEEE Std 1609.2,
* extended to support operations in this document. The fields in this
* structure that are defined in IEEE Std 1609.2 have the same semantics in
* this document as they do in IEEE Std 1609.2. The new fields in this
* document are defined as follows:
*
* @param flags indicates additional yes/no properties of the certificate
* holder. The only bit with defined semantics in this string is cubk. If
* set, the cubk bit indicates that the certificate holder supports the
* compact unified butterfly key response. If this field is present at least
* one of the bits in the field shall be nonzero.
*/
ToBeSignedCertificate ::= SEQUENCE {
id CertificateId,
cracaId HashedId3,
crlSeries CrlSeries,
validityPeriod ValidityPeriod,
region GeographicRegion OPTIONAL,
assuranceLevel SubjectAssurance OPTIONAL,
appPermissions SequenceOfPsidSsp OPTIONAL,
certIssuePermissions SequenceOfPsidGroupPermissions OPTIONAL,
certRequestPermissions SequenceOfPsidGroupPermissions OPTIONAL,
canRequestRollover NULL OPTIONAL,
encryptionKey PublicEncryptionKey OPTIONAL,
verifyKeyIndicator VerificationKeyIndicator,
...,
flags BIT STRING {cubk (0)} (SIZE (8)) OPTIONAL
}
(WITH COMPONENTS { ..., appPermissions PRESENT} |
WITH COMPONENTS { ..., certIssuePermissions PRESENT} |
WITH COMPONENTS { ..., certRequestPermissions PRESENT})
--***************************************************************************--
-- Parameterized Types --
--***************************************************************************--
/**
* @class ScmsPdu-Scoped
*
* @brief This structure defines a parameterized type for creating a scoped
* data as a subtype of ScmsPdu.
*/
ScmsPdu-Scoped {Pdu} ::= ScmsPdu (WITH COMPONENTS {
...,
content (CONSTRAINED BY {
Pdu
})
})
/**
* @class Ieee1609Dot2Data-Unsecured
*
* @brief This structure defines a parameterized type for creating an
* unsecured data as a subtype of Ieee1609Dot2Data.
*/
Ieee1609Dot2Data-Unsecured {Tbu} ::= Ieee1609Dot2Data (WITH COMPONENTS {
content (WITH COMPONENTS {
...,
unsecuredData (CONTAINING Tbu)
})
})
/**
* @class Ieee1609Dot2Data-Signed
*
* @brief This structure defines a parameterized type for creating a signed
* data as a subtype of Ieee1609Dot2Data.
*/
Ieee1609Dot2Data-Signed {Tbs, Psid} ::=
Ieee1609Dot2Data (WITH COMPONENTS {
...,
content (WITH COMPONENTS {
...,
signedData (WITH COMPONENTS {
...,
tbsData (WITH COMPONENTS {
...,
payload (WITH COMPONENTS {
...,
data (WITH COMPONENTS {
...,
content (WITH COMPONENTS {
unsecuredData (CONTAINING Tbs)
})
})
}),
headerInfo (WITH COMPONENTS {
...,
psid (Psid),
generationTime PRESENT,
expiryTime ABSENT,
generationLocation ABSENT,
p2pcdLearningRequest ABSENT,
missingCrlIdentifier ABSENT,
encryptionKey ABSENT
})
}),
signer (SignerSingleCert)
})
})
})
/**
* @class Ieee1609Dot2Data-Encrypted
*
* @brief This structure defines a parameterized type for creating an
* encrypted data as a subtype of Ieee1609Dot2Data. An overview of this
* structure is as follows:
*
* @param Tbe is first encrypted and the resulting ciphertext is used as
* input to the encryptedData field.
*/
Ieee1609Dot2Data-Encrypted {Tbe} ::=
Ieee1609Dot2Data (WITH COMPONENTS {
...,
content (WITH COMPONENTS {
encryptedData (CONSTRAINED BY {
--encryption of-- Tbe
})
})
})
/**
* @class Ieee1609Dot2Data-EncryptedOpen
*
* @brief This structure defines a parameterized type for creating an
* encrypted data as a subtype of Ieee1609Dot2Data. This structure differs
* from Ieee1609Dot2Data-Encrypted in that it does not specify the contents
* of the encrypted data.
*/
Ieee1609Dot2Data-EncryptedOpen ::=
Ieee1609Dot2Data (WITH COMPONENTS {
...,
content (WITH COMPONENTS {
encryptedData
})
})
/**
* @class Ieee1609Dot2Data-SignedCertRequest
*
* @brief This structure defines a parameterized type for creating a signed
* certificate request as a subtype of Ieee1609Dot2Data.
*/
Ieee1609Dot2Data-SignedCertRequest {Tbscr, Signer} ::=
Ieee1609Dot2Data (WITH COMPONENTS {
...,
content (WITH COMPONENTS {
...,
signedCertificateRequest (CONTAINING
SignedCertificateRequest (WITH COMPONENTS {
...,
tbsRequest (Tbscr),
signer (Signer)
}))
})
})
/**
* @class X509Certificate
*
* @brief This structure is a wrapper for an ITU-T X.509 certificate.
*
*
NOTE: ITU-T X.509 certificates are encoded with the ASN.1 DER
* rather than the OER used in this document and so cannot be "directly"
* imported into these structures.
*/
X509Certificate ::= OCTET STRING
/**
* @class SequenceOfX509Certificate
*
* @brief This type is used for clarity of definitions.
*/
SequenceOfX509Certificate ::= SEQUENCE OF X509Certificate
/**
* @class X509SignerIdentifier
*
* @brief This structure identifies an ITU-T X.509 certificate used to sign a
* signed data structure. The only data structure currently defined that can
* be signed by an ITU-T X.509 certificate is SignedX509CertificateRequest.
*/
X509SignerIdentifier ::= CHOICE {
certificate SequenceOfX509Certificate,
...
}
/**
* @class Ieee1609Dot2Data-SignedX509AuthenticatedCertRequest
*
* @brief This structure defines a parameterized type for creating a
* certificate request, signed with an ITU-T X.509 certificate, as a subtype of
* Ieee1609Dot2Data. It makes use of the extension of Ieee1609Dot2Content
* defined in 11.2.3.
*/
Ieee1609Dot2Data-SignedX509AuthenticatedCertRequest {Tbscr, Signer}
::= Ieee1609Dot2Data (WITH COMPONENTS {
...,
content (WITH COMPONENTS {
...,
signedX509CertificateRequest (CONTAINING
SignedX509CertificateRequest (WITH COMPONENTS {
...,
tbsRequest (Tbscr),
signer (Signer)
}))
})
})
/**
* @class Ieee1609Dot2Data-SignedEncrypted
*
* @brief This structure defines a parameterized type for creating a signed
* then encrypted data as a subtype of Ieee1609Dot2Data.
*/
Ieee1609Dot2Data-SignedEncrypted {Tbse, Psid} ::=
Ieee1609Dot2Data-Encrypted {
Ieee1609Dot2Data-Signed {
Tbse,
Psid
}
}
/**
* @class Ieee1609Dot2Data-EncryptedSigned
*
* @brief This structure defines a parameterized type for creating an
* encrypted then signed data as a subtype of Ieee1609Dot2Data.
*/
Ieee1609Dot2Data-EncryptedSigned {Tbes, Psid} ::= Ieee1609Dot2Data-Signed {
Ieee1609Dot2Data-Encrypted {
Tbes
},
Psid
}
/**
* @class Ieee1609Dot2Data-EncryptedOpenSigned
*
* @brief This structure defines a parameterized type for creating an
* encrypted then signed data as a subtype of Ieee1609Dot2Data. Unlike
* Ieee1609Dot2Data-EncryptedSigned, this structure does not specify the
* contents to be encrypted. This structure is intended for use in
* misbehavior report upload where the encrypted data is received by the RA
* that does not know the contents.
*/
Ieee1609Dot2Data-EncryptedOpenSigned{Psid} ::=
Ieee1609Dot2Data-Signed {
Ieee1609Dot2Data-EncryptedOpen,
Psid
}
/**
* @class Ieee1609Dot2Data-SignedEncryptedCertRequest
*
* @brief This structure defines a parameterized type for creating a signed
* then encrypted certificate request as a subtype of Ieee1609Dot2Data.
*/
Ieee1609Dot2Data-SignedEncryptedCertRequest {Tbstecr, Signer} ::=
Ieee1609Dot2Data-Encrypted {
Ieee1609Dot2Data-SignedCertRequest {
Tbstecr,
Signer
}
}
/**
* @class Ieee1609Dot2Data-SymmEncryptedSingleRecipient
*
* @brief This structure defines a parameterized type for creating an
* encrypted data as a subtype of Ieee1609Dot2Data. An overview of this
* structure is as follows:
*
* @param Tbe is first encrypted and the resulting ciphertext is used as
* input to the encryptedData field.
*/
Ieee1609Dot2Data-SymmEncryptedSingleRecipient {Tbe} ::=
Ieee1609Dot2Data (WITH COMPONENTS {
...,
content (WITH COMPONENTS {
encryptedData (CONSTRAINED BY {
--contains only one RecipientInfo, of form symmRecipinfo
--symmetric encryption of-- Tbe
})
})
})
--***************************************************************************--
-- Signer Types --
--***************************************************************************--
/**
* @class SignerSingleCert
*
* @brief This structure is used to indicate a SignerIdentifier with a
* certificate chain of size 1.
*/
SignerSingleCert ::= SignerIdentifier(WITH COMPONENTS {
certificate (SequenceOfCertificate (SIZE (1)))
})
/**
* @class SignerSingleX509Cert
*
* @brief This structure is used to indicate an X509SignerIdentifier with a
* certificate chain of size 1.
*/
SignerSingleX509Cert ::= X509SignerIdentifier(WITH COMPONENTS {
certificate (SequenceOfX509Certificate (SIZE (1)))
})
/**
* @class SignerSelf
*
* @brief This structure is used to indicate a SignerIdentifier of type self.
*/
SignerSelf ::= SignerIdentifier(WITH COMPONENTS {
self
})
--***************************************************************************--
-- Certificate Requests --
--***************************************************************************--
/**
* @class ScopedCertificateRequest
*
* @brief This structure defines the all certificate request structures as a
* scoped version of the ScmsPdu.
*/
ScopedCertificateRequest ::= ScmsPdu (
ScmsPdu-Scoped {
AcaRaInterfacePdu (WITH COMPONENTS {
raAcaCertRequest
})
} |
ScmsPdu-Scoped {
EcaEeInterfacePdu (WITH COMPONENTS {
eeEcaCertRequest
})
} |
ScmsPdu-Scoped {
EeRaInterfacePdu (WITH COMPONENTS {
eeRaCertRequest
})
} |
ScmsPdu-Scoped {
EeRaInterfacePdu (WITH COMPONENTS {
eeRaSuccessorEnrollmentCertRequest
})
}
)
/**
* @class SignedCertificateRequest
*
* @brief This structure defines the format of a signed certificate request.
* An overview of this structure is as follows:
*
*
The signature is generated on the hash of this structure, obtained
* per the rules specified for hashing data objects in 5.3.1 of IEEE Std
* 1609.2a-2017, with the parameter Data Input equal to the C-OER
* encoding of tbsRequest, and the parameter Signer Identifier Input
* equal to the signer's enrollment certificate.
*
* @param hashAlgorithmId contains the identifier of the hash algorithm used
* inside the binary tree.
*
* @param tbsRequest contains the certificate request information that is
* signed by the recipient.
*
* @param signer denotes the signing entity's identifier.
*
* @param signature contains the request sender's signature.
*/
SignedCertificateRequest ::= SEQUENCE {
hashAlgorithmId HashAlgorithm,
tbsRequest ScopedCertificateRequest,
signer SignerIdentifier,
signature Signature
}
/**
* @class SignedX509CertificateRequest
*
* @brief This structure contains a certificate request signed with an ITU-T
* X.509 certificate. The only type of certificate request signed with an
* ITU-T X.509 certificate supported in this document is an authorization
* certificate request. An overview of this structure is as follows:
*
*
The signature is generated on the hash of this structure, obtained
* per the rules specified for hashing data objects in 5.3.1 of IEEE
* Std 1609.2a-2017, with the parameter Data Input equal to the C-OER
* encoding of tbsRequest, and the parameter Signer Identifier Input
* equal to the signer's certificate, that is, the ITU-T X.509 certificate
* contained in the OCTET STRING indicated by the first X509Certificate in
* signer.
*
* @param hashAlgorithmId contains the identifier of the hash algorithm used
* inside the binary tree.
*
* @param tbsRequest contains the certificate request information that is
* signed by the recipient.
*
* @param signer denotes the signing entity's identifier.
*
* @param signature contains the request sender's signature.
*/
SignedX509CertificateRequest ::= SEQUENCE {
hashAlgorithmId HashAlgorithm,
tbsRequest ScopedCertificateRequest,
signer X509SignerIdentifier,
signature Signature
}
--***************************************************************************--
-- ACA - EE Interface --
--***************************************************************************--
/**
* @class AcaEeCertResponsePlainSpdu
*
* @brief This structure contains a certificate response for consumption by
* the EE. In the architecture of this document, although it is created by the
* ACA, it is made available to the EE via the RA as described in 8.2.
*
*
The ACA creates this response when 1) the compact unified
* butterfly key mechanism is not being used (that is, some other flavor of
* butterfly key is being used, or butterfly keys are not being used) and 2)
* it is not necessary to protect the EE's privacy from the RA, for example,
* when the certificate being returned is not a pseudonym certificate.
*/
AcaEeCertResponsePlainSpdu ::= Ieee1609Dot2Data-Unsecured {
ScmsPdu-Scoped {
AcaEeInterfacePdu (WITH COMPONENTS {
acaEeCertResponse
})
}
}
/**
* @class AcaEeCertResponsePrivateSpdu
*
* @brief This structure contains a certificate response for consumption by
* the EE. In the architecture of this document, although it is created by the
* ACA, it is made available to the EE via the RA as described in 8.2.
*
*
The ACA creates this response when 1) the compact unified
* butterfly key mechanism is not being used (that is, some other flavor of
* butterfly key is being used, or butterfly keys are not being used) and 2)
* it is necessary to protect the EE's privacy from the RA, for example when
* the certificate being returned is a pseudonym certificate.
*
*
The structure consists of a signed SPDU containing an encrypted
* SPDU.
*
*
The encrypted SPDU is encrypted with the response
* encryption key that was provided to the ACA for that purpose. This key is
* determined as follows:
*
* - If the original EeRaCertRequest from the end entity indicated a single
* response encryption key, that is, if the additionalParams.encryptionKey
* field was present in the request, then the response is encrypted with that
* key.
*
*
* - If the original EeRaCertRequest from the end entity indicated a
* response encryption key generated with the “original” butterfly key
* mechanism, that is, the additionalParams.original field was provided in the
* request, then the response is encrypted with the cocoon encryption key
* derived from additionalParams.original.encryptionKey and
* additionalParams.original.encryptionExpansion as specified in 9.3.4.2
* and the corresponding decryption private key is derived as specified in
* 9.3.4.1.
*
* - If the original EeRaCertRequest from the end entity indicated a
* response encryption key generated with the “unified” butterfly key
* mechanism, that is, the additionalParams.unified field was provided in the
* request, then the response is encrypted with the cocoon encryption key
* derived from tbsCert.verifyKeyIndicator and additionalParams.unified as
* specified in 9.3.4.2 and the corresponding decryption private key is
* derived as specified in 9.3.4.1.
*
*
* See 9.3 for more material about butterfly keys.
*
*
The resulting Ieee1609Dot2Data of content type encryptedData is
* signed by the same ACA certificate that was used to issue the certificate
* field in the AcaEeCertResponse. If this structure is signed by a different
* ACA certificate, it is invalid. The ACA certificate shall follow the ACA
* certificate profile given in 7.7.3.2.
*
*
NOTE 1: Other potential responses to an authorization certificate
* request. If the original request indicated the use of “compact unified”
* butterfly key mechanism by including the additionalParams.compactUnified
* field, the response shall be a AcaEeCertResponseCubkSpdu, not a
* AcaEeCertResponsePrivateSpdu.
*
*
NOTE 2: How the ACA obtains the response encryption key. This
* document provides the RaAcaCertRequest structure to allow the RA to
* indicate whether the original or unified butterfly key mechanism is to be
* used via the flags field. The encryption key for encrypting
* AcaEeCertResponse is calculated by the indicated method even if the RA
* does not use an RaAcaCertRequest as defined in this document to
* communicate the certificate request to the ACA.
*
*
NOTE 3: Consistency between inner and outer signers, and the IEEE
* Std 1609.2 model. This SPDU introduces a new type of validity condition
* by requiring that the ACA that signs the outer signed SPDU is also the ACA
* that issued the certificate inside the encrypted SPDU. This requires that
* to verify the inner “SPDU”, that is, the certificate, the verifier
* needs to store the information from the outer SPDU. This is not a violation
* of the IEEE 1609.2 model: Subclause 4.2.2.3 of IEEE Std 1609.2 considers all
* operations carried out on received data to be atomic and does not put any
* restrictions on the information that is stored between operations. However,
* it should be noted that because the IEEE 1609.2 approach enables SPDUs to
* be nested within one another as Ieee1609Dot2Data, in principle an
* implementation could be built that iterated through the layers of a nested
* SPDU within a single call from the invoking application instance. (And it
* should also be noted that IEEE Std 1609.2 was consciously designed to
* enable this approach: Although the primitives provided in IEEE Std 1609.2
* only support the series-of-single-operations approach, an implementation
* could layer this “one-invocation processing” on top of the IEEE 1609.2
* interface as an optimization.) A “one-invocation processing” implementation
* of that type would have to anticipate situations of coupling between inner
* and outer SPDUs like the one created by this AcaEeCertResponsePrivateSpdu,
* and allow the invoking certificate management service to check consistency
* at the application layer, perhaps by (for example) returning the signing
* certificates for all nested signed SPDUs. How this is to be implemented is
* implementation specific; this note is intended as a notification of this
* potential issue to implementers planning to implement one-invocation
* processing.
*/
AcaEeCertResponsePrivateSpdu ::= Ieee1609Dot2Data-EncryptedSigned {
ScmsPdu-Scoped {
AcaEeInterfacePdu (WITH COMPONENTS {
acaEeCertResponse
})
},
SecurityMgmtPsid
}
/**
* @class AcaEeCertResponseCubkSpdu
*
* @brief This structure contains a certificate response for consumption by
* the EE. In the architecture of this document, although it is created by
* the ACA, it is made available to the EE via the RA as described in 8.2.
*
*
The ACA creates a certificate response in this form when the
* compact unified butterfly key mechanism is being used. If the
* RaAcaCertRequest structure was used to communicate between the RA and the
* ACA, the RA indicated use of compact unified butterfly keys by setting the
* cubk (1) bit in the bkType field in the corresponding RaAcaCertRequest.
*
*
The AcaEeCertResponse is encrypted by the ACA using the cocoon
* public key for encryption. See 9.3.4.2 for how the ACA derives the cocoon
* public key for encryption, using the tbsCert.verifyKeyIndicator field in the
* corresponding RaAcaCertRequest as the input cocoon public key for signing
* Bt. See 9.3.4.1 for how the EE derives the corresponding cocoon private
* key for encryption.
*/
AcaEeCertResponseCubkSpdu ::= Ieee1609Dot2Data-Encrypted {
ScmsPdu-Scoped {
AcaEeInterfacePdu (WITH COMPONENTS {
acaEeCertResponse
})
}
}
--***************************************************************************--
-- ACA - LA Interface --
--***************************************************************************--
--***************************************************************************--
-- ACA - MA Interface --
--***************************************************************************--
--***************************************************************************--
-- ACA - RA Interface --
--***************************************************************************--
/**
* @class RaAcaCertRequestSpdu
*
* @brief This structure is the SPDU used to send a signed RaAcaCertRequest.
* For the signature to be valid the signing certificate shall conform to the
* RA certificate profile given in 7.7.3.9, contain a PSID equal to
* SecurityMgmtPsid (0x23) and a corresponding SSP containing the C-OER
* encoding of an ScmsSsp indicating RaSsp. The
* toBeSigned.certRequestPermissions field of the RA certificate shall permit
* the requested permissions in the raAcaCertRequest.tbsCert.appPermissions
* field.
*/
RaAcaCertRequestSpdu ::= Ieee1609Dot2Data-SignedCertRequest {
ScmsPdu-Scoped {
AcaRaInterfacePdu (WITH COMPONENTS {
raAcaCertRequest
})
},
SignerSingleCert
}
/**
* @class AcaRaCertResponseSpdu
*
* @brief This structure is the SPDU used to send a signed AcaRaCertResponse.
* For the signature to be valid the signing certificate shall contain a PSID
* equal to SecurityMgmtPsid (0x23) and a corresponding SSP containing the
* C-OER encoding of an ScmsSsp indicating AcaSsp.
*/
AcaRaCertResponseSpdu ::= Ieee1609Dot2Data-Signed {
ScmsPdu-Scoped {
AcaRaInterfacePdu (WITH COMPONENTS {
acaRaCertResponse
})
},
SecurityMgmtPsid
}
--***************************************************************************--
-- Certificate Management --
--***************************************************************************--
/**
* @class CompositeCrlSpdu
*
* @brief This structure is the SPDU used to send an unsecured CompositeCrl.
* It is used to create composite CRL files as specified in 8.5.
*/
CompositeCrlSpdu ::= Ieee1609Dot2Data-Unsecured {
ScmsPdu-Scoped {
CertManagementPdu (WITH COMPONENTS {
compositeCrl
})
}
}
/**
* @class CertificateChainSpdu
*
* @brief This structure is the SPDU used to send an unsecured
* CertificateChain. It is used to create certificate chain files as
* specified in 8.4.
*/
CertificateChainSpdu ::= Ieee1609Dot2Data-Unsecured {
ScmsPdu-Scoped {
CertManagementPdu (WITH COMPONENTS {
certificateChain
})
}
}
/**
* @class MultiSignedCtlSpdu
*
* @brief This structure is the SPDU used to send an unsecured MultiSignedCtl.
*/
MultiSignedCtlSpdu ::= Ieee1609Dot2Data-Unsecured {
ScmsPdu-Scoped {
CertManagementPdu (WITH COMPONENTS {
multiSignedCtl
})
}
}
/**
* @class CtlSignatureSpdu
*
* @brief This structure is the SPDU used to send a signed
* ToBeSignedCtlSignature. For the signature to be valid, the signing
* certificate shall match the elector certificate profile in 7.7.3.7. This
* means that the signature is calculated as specified in IEEE Std 1609.2,
* with the data input to the hash process consisting of the C-OER encoding
* of the tbsData that includes the ToBeSignedCtlSignature.
*/
CtlSignatureSpdu ::= Ieee1609Dot2Data-Signed {
ScmsPdu-Scoped {
CertManagementPdu (WITH COMPONENTS {
tbsCtlSignature
})
},
SecurityMgmtPsid
}
/**
* @class CertificateManagementInformationStatusSpdu
*
* @brief This structure is the SPDU used to send a signed
* CertManagementInfoStatus. For the signature to be valid the signing
* certificate shall conform to the RA certificate profile given in 7.7.3.9 or
* the DC certificate profile given in 7.7.3.10.
*/
CertificateManagementInformationStatusSpdu ::=
Ieee1609Dot2Data-Signed {
ScmsPdu-Scoped {
CertManagementPdu (WITH COMPONENTS {
infoStatus
})
},
SecurityMgmtPsid
}
--***************************************************************************--
-- ECA - EE Interface --
--***************************************************************************--
/**
* @class EeEcaCertRequestSpdu
*
* @brief This structure is the SPDU used to send a signed EeEcaCertRequest,
* as follows:
*
* - If eeEcaCertRequest.canonicalId is not present, the EE signs this
* structure using the private key corresponding to the
* tbsCert.verifyKeyIndicator field of the EeEcaCertRequest.
*
* - If eeEcaCertRequest.canonicalId is present, the EE signs this
* structure using the canonical private key as specified in 4.1.4.2.
*
*/
EeEcaCertRequestSpdu ::= Ieee1609Dot2Data-SignedCertRequest {
ScmsPdu-Scoped {
EcaEeInterfacePdu (WITH COMPONENTS {
eeEcaCertRequest
})
},
SignerSelf
}
/**
* @class EcaEeCertResponseSpdu
*
* @brief This structure is the SPDU used to send a signed EcaEeCertResponse.
* For the signature to be valid, the signing certificate shall contain a PSID
* equal to SecurityMgmtPsid (0x23) and a corresponding SSP containing the
* C-OER encoding of an ScmsSsp indicating EcaSsp.
*/
EcaEeCertResponseSpdu ::= Ieee1609Dot2Data-Signed {
ScmsPdu-Scoped {
EcaEeInterfacePdu (WITH COMPONENTS {
ecaEeCertResponse
})
},
SecurityMgmtPsid
}
--***************************************************************************--
-- EE - MA Interface --
--***************************************************************************--
--***************************************************************************--
-- EE - RA Interface --
--***************************************************************************--
/**
* @class EeRaCertRequestSpdu
*
* @brief This structure is the SPDU used to send a signed then encrypted
* EeRaCertRequest. It is a choice of the IEEE 1609.2 authenticated
* certificate request, which may be any kind of EE-RA certificate request,
* and the ITU-T X.509 certificate request, which is required to be an
* authorization certificate request.
*/
EeRaCertRequestSpdu ::= Ieee1609Dot2Data (
EeRa1609Dot2AuthenticatedCertRequestSpdu |
EeRaX509AuthenticatedCertRequestSpdu
)
/**
* @class EeRa1609Dot2AuthenticatedCertRequestSpdu
*
* @brief This structure is the SPDU used to send a signed then encrypted IEEE
* 1609.2 authenticated certificate request. The EE signs this structure
* using its enrollment certificate. The enrollment certificate shall conform
* to the enrollment certificate profile given in 7.7.3.5. The EE encrypts
* the signed structure using the encryptionKey from the RA's certificate.
*/
EeRa1609Dot2AuthenticatedCertRequestSpdu ::=
Ieee1609Dot2Data-SignedEncryptedCertRequest {
ScmsPdu-Scoped {
EeRaInterfacePdu (WITH COMPONENTS {
eeRaCertRequest
})
},
SignerSingleCert
}
/**
* @class EeRaX509AuthenticatedCertRequestSpdu
*
* @brief This structure is the SPDU used to send a signed then encrypted ITU-T
* X.509authenticated certificate request. The EE signs this structure
* using its enrollment certificate. The enrollment certificate shall conform
* to the enrollment certificate profile given in 7.7.3.6. The EE encrypts
* the signed structure using the encryptionKey from the RA's certificate.
*/
EeRaX509AuthenticatedCertRequestSpdu ::= Ieee1609Dot2Data-Encrypted {
Ieee1609Dot2Data-SignedX509AuthenticatedCertRequest {
ScmsPdu-Scoped {
EeRaInterfacePdu (WITH COMPONENTS {
eeRaCertRequest
})
},
SignerSingleX509Cert
}
}
/**
* @class RaEeCertAckSpdu
*
* @brief This structure is the SPDU used to send a signed RaEeCertAck to
* acknowledge the receipt of an EeRaCertRequestSpdu. For the signature to be
* valid the signing certificate shall conform to the RA certificate profile
* given in 7.7.3.9.
*/
RaEeCertAckSpdu ::= Ieee1609Dot2Data-Signed {
ScmsPdu-Scoped {
EeRaInterfacePdu (WITH COMPONENTS {
raEeCertAck
})
},
SecurityMgmtPsid
}
/**
* @class RaEeCertInfoSpdu
*
* @brief This structure is the SPDU used to create an unsigned .info file
* to be included in a certificate batch zip file as specified in 8.2. This
* SPDU is used if the RaEeCertInfo does not contain an acpcTreeId field.
*/
RaEeCertInfoSpdu ::= Ieee1609Dot2Data-Unsecured {
ScmsPdu-Scoped {
EeRaInterfacePdu (WITH COMPONENTS {
raEeCertInfo (WITH COMPONENTS {
acpcTreeId ABSENT
})
})
}
}
/**
* @class RaEeCertAndAcpcInfoSpdu
*
* @brief This structure is the SPDU used to create a signed .info file to
* be included in a certificate batch zip file as specified in 8.2. This
* SPDU is used if the RaEeCertInfo contains an acpcTreeId field. For the
* signature to be valid the signing certificate shall conform to the RA
* certificate profile given in 7.7.3.9.
*/
RaEeCertAndAcpcInfoSpdu ::= Ieee1609Dot2Data-Signed {
ScmsPdu-Scoped {
EeRaInterfacePdu (WITH COMPONENTS {
raEeCertInfo (WITH COMPONENTS {
acpcTreeId PRESENT
})
})
},
SecurityMgmtPsid
}
/**
* @class EeRaDownloadRequestPlainSpdu
*
* @brief This structure is the SPDU used to send an unsecured
* EeRaDownloadRequest.
*/
EeRaDownloadRequestPlainSpdu ::= Ieee1609Dot2Data-Unsecured {
ScmsPdu-Scoped {
EeRaInterfacePdu (WITH COMPONENTS {
eeRaDownloadRequest
})
}
}
/**
* @class EeRaDownloadRequestSpdu
*
* @brief This structure is the SPDU used to send an signed then encrypted
* EeRaDownloadRequest. The EE signs this structure using its enrollment
* certificate. The enrollment certificate shall conform to the enrollment
* certificate profile given in 7.7.3.5. The EE encrypts the signed
* structure using the encryptionKey from the RA's certificate.
*/
EeRaDownloadRequestSpdu ::= Ieee1609Dot2Data-SignedEncrypted {
ScmsPdu-Scoped {
EeRaInterfacePdu (WITH COMPONENTS {
eeRaDownloadRequest
})
},
SecurityMgmtPsid
}
/**
* @class EeRaSuccessorEnrollmentCertRequestSpdu
*
* @brief This structure is the SPDU used to send a signed then encrypted
* EeEcaCertRequestSpdu. The EE signs this structure using its enrollment
* certificate. The enrollment certificate shall conform to the enrollment
* certificate profile given in 7.7.3.5. The EE encrypts the signed
* structure using the encryptionKey from the RA's certificate.
*/
EeRaSuccessorEnrollmentCertRequestSpdu ::=
Ieee1609Dot2Data-SignedEncryptedCertRequest {ScmsPdu-Scoped {
EeRaInterfacePdu (WITH COMPONENTS {
eeRaSuccessorEnrollmentCertRequest
})
},
SignerSingleCert
}
/**
* @class RaEeEnrollmentCertAckSpdu
*
* @brief This structure is the SPDU used to send a signed RaEeCertInfo. For
* the signature to be valid the signing certificate shall conform to the RA
* certificate profile given in 7.7.3.9.
*/
RaEeEnrollmentCertAckSpdu ::= Ieee1609Dot2Data-Signed {
ScmsPdu-Scoped {
EeRaInterfacePdu (WITH COMPONENTS {
raEeCertInfo (WITH COMPONENTS {
acpcTreeId ABSENT
})
})
},
SecurityMgmtPsid
}
/**
* @class EeRaEncryptedSignedMisbehaviorReportSpdu
*
* @brief This structure is used for misbehavior report upload when EE
* authentication is done at the SCMS REST API v2 level (see 6.3.5.6). The
* contents of the encrypted data are misbehavior report specific and
* outside the scope of this document. The contents are encrypted for the MA
* certificate.
*/
EeRaEncryptedSignedMisbehaviorReportSpdu ::=
Ieee1609Dot2Data-EncryptedOpenSigned {AnyMbrPsid}
/**
* @class EeRaEncryptedMisbehaviorReportSpdu
*
* @brief This structure is used for misbehavior report upload when EE
* authentication is done at the Web API level (see 6.3.5.6). The contents of
* the encrypted data are misbehavior report specific and outside the scope
* of this document. The contents are encrypted for the MA certificate.
*/
EeRaEncryptedMisbehaviorReportSpdu ::= Ieee1609Dot2Data-EncryptedOpen
/**
* @class AnyMbrPsid
*
* @brief This structure is a list of the PSIDs entitled to authorize
* misbehavior report upload. It currently only lists one PSID. It is
* intended to be extensible as additional misbehavior reporting PSIDs are
* defined and to take the form AnyMbrPsid = Psid (BaseMbrPsid | MbrPsid2 |
* MbrPsid3 | etc.).
*/
AnyMbrPsid ::= Psid(BaseMbrPsid)
/**
* @class BaseMbrPsid
*
* @brief This PSID identifies misbehavior reporting for a baseline set of
* applications. It is owned by CAMP.
*/
BaseMbrPsid ::= Psid(38)
--***************************************************************************--
-- LA - MA Interface --
--***************************************************************************--
--***************************************************************************--
-- LA - RA Interface --
--***************************************************************************--
--***************************************************************************--
-- MA - RA Interface --
--***************************************************************************--
--***************************************************************************--
-- Service Specific Permissions --
--***************************************************************************--
/**
* @class ScmsSsp
*
* @brief This parent structure defines the SSP for PSID 0x23 and encompasses
* all SSP structures defined in this document. An overview of this structure
* is as follows:
*
*
NOTE: The LOP is in the SSP for backward compatibility reasons,
* and in practice, in this design the LOP does not have a certificate.
*
* @param elector contains the SSP defined for an elector.
*
* @param root contains the SSP defined for a root CA.
*
* @param pg contains the SSP defined for a policy generator.
*
* @param ica contains the SSP defined for an intermediate CA.
*
* @param eca contains the SSP defined for an enrollment CA.
*
* @param aca contains the SSP defined for an authorization CA.
*
* @param crl contains the SSP defined for a CRL signer.
*
* @param dcm contains the SSP defined for a device configuration manager.
*
* @param la contains the SSP defined for a linkage authority.
*
* @param lop contains the SSP defined for a location obscurer proxy.
*
* @param ma contains the SSP defined for a misbehavior authority.
*
* @param ra contains the SSP defined for a registration authority.
*
* @param ee contains the SSP defined for an end entity.
*
* @param dc contains the SSP defined for a distribution center.
*/
ScmsSsp ::= CHOICE {
elector ElectorSsp,
root RootCaSsp,
pg PgSsp,
ica IcaSsp,
eca EcaSsp,
aca AcaSsp,
crl CrlSignerSsp,
dcm DcmSsp,
la LaSsp,
lop LopSsp,
ma MaSsp,
ra RaSsp,
ee EeSsp,
...,
dc DcSsp
}
/**
* @class ElectorSsp
*
* @brief This structure defines the SSP for an elector when it is
* authorizing Security Management messages (PSID 0x23). It has no
* parameters other than the version number.
*/
ElectorSsp ::= SEQUENCE {
version Uint8 (2),
...
}
/**
* @class RootCaSsp
*
* @brief This structure defines the SSP for a root CA when it is
* authorizing Security Management messages (PSID 0x23). It has no
* parameters other than the version number.
*/
RootCaSsp ::= SEQUENCE {
version Uint8 (2),
...
}
/**
* @class PgSsp
*
* @brief This structure defines the SSP for a policy generator when it is
* authorizing Security Management messages (PSID 0x23). It has no
* parameters other than the version number.
*/
PgSsp ::= SEQUENCE {
version Uint8 (2),
...
}
/**
* @class IcaSsp
*
* @brief This structure defines the SSP for an intermediate CA when it is
* authorizing Security Management messages (PSID 0x23). It has no
* parameters other than the version number.
*/
IcaSsp ::= SEQUENCE {
version Uint8 (2),
...
}
/**
* @class EcaSsp
*
* @brief This structure defines the SSP for an enrollment CA when it is
* authorizing Security Management messages (PSID 0x23). It has no
* parameters other than the version number.
*/
EcaSsp ::= SEQUENCE {
version Uint8 (2),
...
}
/**
* @class AcaSsp
*
* @brief This structure defines the SSP for an ACA when it is authorizing
* Security Management messages (PSID 0x23). It has no parameters other than
* the version number.
*/
AcaSsp ::= SEQUENCE {
version Uint8 (2),
...
}
/**
* @class CrlSignerSsp
*
* @brief This structure defines the SSP for a CRL signer when it is
* authorizing Security Management messages (PSID 0x23). It has no
* parameters other than the version number.
*
*
NOTE: The SSP for a CRL signer when signing CRLs is associated with
* PSID 0x0100 and is defined in IEEE Std 1609.2.
*/
CrlSignerSsp ::= SEQUENCE {
version Uint8 (2),
...
}
/**
* @class DcmSsp
*
* @brief This structure defines the SSP for a device configuration manager
* when it is authorizing Security Management messages (PSID 0x23). It has
* no parameters other than the version number.
*/
DcmSsp ::= SEQUENCE {
version Uint8 (2),
...
}
/**
* @class LaSsp
*
* @brief This structure defines the SSP for a linkage authority when it is
* authorizing Security Management messages (PSID 0x23). The SSP contains
* the 16 bit LA ID for that linkage authority.
*/
LaSsp ::= SEQUENCE {
version Uint8 (2),
laId Uint16,
...
}
/**
* @class LopSsp
*
* @brief This structure defines the SSP for a location obscurer proxy (LOP)
* when it is authorizing Security Management messages (PSID 0x23). It has
* no parameters other than the version number.
*
*
NOTE: The LOP is in the SSP for backward compatibility reasons, and
* in practice, in this design the LOP does not have a certificate.
*/
LopSsp ::= SEQUENCE {
version Uint8 (2),
...
}
/**
* @class MaSsp
*
* @brief This structure defines the SSP for a misbehavior authority when it
* is authorizing Security Management messages (PSID 0x23). Its parameters
* indicate the PSIDs associated with the misbehavior that is to be reported
* to that MA (see 4.1.5 for further details). The certificate containing
* this SSP is the MA Certificate to which an end entity should encrypt
* misbehavior reports related to the indicated PSIDs.
*/
MaSsp ::= SEQUENCE {
version Uint8 (2),
relevantPsids SequenceOfPsid,
...
}
/**
* @class RaSsp
*
* @brief This structure defines the SSP for an RA when it is authorizing
* Security Management messages (PSID 0x23). It has no parameters other than
* the version number.
*/
RaSsp ::= SEQUENCE {
version Uint8 (2),
...
}
/**
* @class EeSsp
*
* @brief This structure defines the SSP for an end entity when it is
* authorizing Security Management messages (PSID 0x23). It has no
* parameters other than the version number.
*/
EeSsp ::= SEQUENCE {
version Uint8(2),
...
}
/**
* @class AcpcSsp
*
* @brief This is a container for ACPC-related SSPs, specifying one SSP for
* each role. The only SSP defined in this document is the CamSsp, used in
* the CAM certificate that signs a SignedAprvBinaryTree or a
* SignedIndividualAprv. The SSP shall be C-OER encoded for inclusion in the
* CAM certificate. New versions of the CAM SSP should be handled by
* extending this structure rather than by use of a version number in the
* CamSsp structure.
*
*
The AcpcSsp is associated with the AcpcPsid in the CAM certificate's
* appPermissions field.
*/
AcpcSsp ::= CHOICE {
cam CamSsp,
...
}
/**
* @class CamSsp
*
* @brief This is a list of the ACPC Tree IDs for which the containing CAM
* certificate is entitled to sign a SignedAprvBinaryTree or a
* SignedIndividualAprv. The SSP entitles the certificate holder to sign
* either of these structures.
*/
CamSsp ::= SEQUENCE (SIZE(1..MAX)) OF AcpcTreeId
/**
* @class DcSsp
*
* @brief This structure defines the SSP for a distribution center when it is
* authorizing Security Management messages (PSID 0x23). It has no
* parameters other than the version number.
*/
DcSsp ::= SEQUENCE {
version Uint8(2),
...
}
END