Newer
Older
/**
* @author ETSI / STF544
* @version $Url$
* $Id$
* @desc Module containing functions for ITS PKI ATS
* @copyright ETSI Copyright Notification
* No part may be reproduced except as authorized by written permission.
* The copyright and the foregoing restriction extend to reproduction in all media.
* All rights reserved.
*
*/
module LibItsPki_Functions {
// LibCommon
import from LibCommon_Time all;
import from LibCommon_VerdictControl all;
import from LibCommon_Sync all;
import from LibCommon_BasicTypesAndValues all;
import from LibCommon_DataStrings all;
// LibHelpers
import from LibHelpers_Functions all;
// LibIts
import from Ieee1609Dot2BaseTypes language "ASN.1:1997" all;
import from Ieee1609Dot2 language "ASN.1:1997" all;
import from EtsiTs102941BaseTypes language "ASN.1:1997" all;
import from EtsiTs102941TypesEnrolment language "ASN.1:1997" all;
import from EtsiTs102941TypesAuthorization language "ASN.1:1997" all;
import from EtsiTs102941TypesAuthorizationValidation language "ASN.1:1997" all;
import from EtsiTs102941MessagesCa language "ASN.1:1997" all;
import from EtsiTs102941TrustLists language "ASN.1:1997" all;
import from EtsiTs103097Module language "ASN.1:1997" all;
import from Ieee1609Dot2Dot1EeRaInterface language "ASN.1:1997" all;
import from Ieee1609Dot2Dot1AcaRaInterface language "ASN.1:1997" all;
import from Ieee1609Dot2Dot1Acpc language "ASN.1:1997" all;
import from ETSI_ITS_CDD language "ASN.1:1997" all;
// LibItsCommon
import from LibItsCommon_TypesAndValues all;
import from LibItsCommon_Functions all;
import from LibItsCommon_ASN1_NamedNumbers all;
import from LibItsCommon_Pixits all;
// LibItsGeoNetworking
import from LibItsGeoNetworking_TypesAndValues all;
import from LibItsGeoNetworking_TestSystem all;
import from LibItsGeoNetworking_Pixits all;
// LibItsSecurity
import from LibItsSecurity_TypesAndValues all;
import from LibItsSecurity_Templates all;
import from LibItsSecurity_Functions all;
import from LibItsSecurity_Pics all;
import from LibItsSecurity_Pixits all;
import from LibItsSecurity_TestSystem all;
// LibHttp
import from LibHttp_TypesAndValues all;
import from LibHttp_Templates all;
import from LibHttp_Functions all;
import from LibHttp_TestSystem all;
import from LibHttp_Pics all;
// LibHttp
import from LibHttp_BinaryTemplates all;
// LibItsPki
import from LibItsPki_TypesAndValues all;
import from LibItsPki_Templates all;
import from LibItsPki_Pics all;
import from LibItsPki_Pixits all;
import from LibItsPki_TestSystem all;
group pkiConfigurationFunctions {
function f_cfMtcUp01(
out ItsPkiItss p_itss,
out ItsPkiHttp p_pki
) runs on ItsMtc {
p_itss := ItsPkiItss.create("ITS-S") alive;
p_pki := ItsPkiHttp.create("PKI") alive;
connect(self:syncPort, mtc:syncPort);
connect(p_itss:syncPort, self:syncPort);
connect(p_pki:syncPort, self:syncPort);
connect(p_pki:infoPort, p_itss:infoPort);
} // End of function f_cfMtcUp01
function f_cfMtcUp02(
out ItsPkiHttp p_itss,
out ItsPkiHttp p_ea
) runs on ServerSyncComp {
p_itss := ItsPkiItss.create("ITS-S") alive;
p_ea := ItsPkiHttp.create("EA") alive;
connect(self:syncPort, mtc:syncPort);
connect(p_itss:syncPort, self:syncPort);
connect(p_ea:syncPort, self:syncPort);
} // End of function f_cfMtcUp02
YannGarcia
committed
function f_cfMtcUp03(
out ItsPkiHttp p_itss,
out ItsPkiHttp p_tlm
) runs on ServerSyncComp {
p_itss := ItsPkiItss.create("ITS-S") alive;
p_tlm := ItsPkiHttp.create("TLM") alive;
YannGarcia
committed
connect(self:syncPort, mtc:syncPort);
connect(p_itss:syncPort, self:syncPort);
connect(p_tlm:syncPort, self:syncPort);
} // End of function f_cfMtcUp03
YannGarcia
committed
function f_cfMtcUp04(
out ItsPkiHttp p_itss,
out ItsPkiHttp p_dc
) runs on ServerSyncComp {
p_itss := ItsPkiItss.create("ITS-S") alive;
p_dc := ItsPkiHttp.create("DC") alive;
YannGarcia
committed
connect(self:syncPort, mtc:syncPort);
connect(p_itss:syncPort, self:syncPort);
connect(p_dc:syncPort, self:syncPort);
} // End of function f_cfMtcUp04
/**
* @desc Setups default configuration
* @param p_certificate_id The certificate identifier the TA shall use in case of secured IUT
*/
function f_cfHttpUp(
in charstring p_ea_certificate_id := "CERT_TS_A_EA", // TODO Use a constant
in charstring p_aa_certificate_id := "CERT_TS_A_AA"
) runs on ItsPkiHttp system ItsPkiHttpSystem {
if (PICS_MULTIPLE_END_POINT == false) {
map(self:httpPort, system:httpPort);
} else {
map(self:httpEcPort, system:httpEcPort);
map(self:httpAtVPort, system:httpAtVPort);
map(self:httpAtPort, system:httpAtPort);
}
f_connect4SelfOrClientSync();
f_initialiseSecuredMode(p_ea_certificate_id, p_aa_certificate_id); // TODO To be removed???
// TODO Duplicate code, use a function
// Setup EA certificate shared with PKI EA entity
f_readCertificate(p_ea_certificate_id, vc_eaCertificate);
f_readSigningKey(p_ea_certificate_id, vc_eaPrivateKey); // TODO To be removed
f_readEncryptingKey(p_ea_certificate_id, vc_eaPrivateEncKey);
f_getCertificateDigest(p_ea_certificate_id, vc_eaHashedId8);
f_getCertificateHash(p_ea_certificate_id, vc_eaWholeHash);
f_getCertificateHash256(p_ea_certificate_id, vc_eaWholeHash256);
log("f_cfHttpUp: vc_eaPrivateKey= ", vc_eaPrivateKey);
log("f_cfHttpUp: vc_eaPrivateEncKey= ", vc_eaPrivateEncKey);
log("f_cfHttpUp: vc_eaHashedId8= ", vc_eaHashedId8);
log("f_cfHttpUp: vc_eaWholeHash= ", vc_eaWholeHash);
log("f_cfHttpUp: vc_eaWholeHash256= ", vc_eaWholeHash256);
// Setup AA certificate shared with PKI AA entity
f_readCertificate(p_aa_certificate_id, vc_aaCertificate);
f_readSigningKey(p_aa_certificate_id, vc_aaPrivateKey); // Required for AuthorizationValidation request
f_readEncryptingKey(p_aa_certificate_id, vc_aaPrivateEncKey);
f_getCertificateDigest(p_aa_certificate_id, vc_aaHashedId8);
f_getCertificateHash(p_aa_certificate_id, vc_aaWholeHash);
f_getCertificateHash256(p_aa_certificate_id, vc_aaWholeHash256);
log("f_cfHttpUp: vc_aaPrivateKey= ", vc_aaPrivateKey);
log("f_cfHttpUp: vc_aaPrivateEncKey= ", vc_aaPrivateEncKey);
log("f_cfHttpUp: vc_aaHashedId8= ", vc_aaHashedId8);
log("f_cfHttpUp: vc_aaWholeHash= ", vc_aaWholeHash);
log("f_cfHttpUp: vc_aaWholeHash256= ", vc_aaWholeHash256);
// Storage of enrolment keys in case of re-enrolment
vc_ec_keys_counter := 0;
vc_ec_private_keys := {};
vc_ec_public_compressed_key := {};
vc_ec_compressed_modes := {};
vc_ec_hashed_id8 := {};
vc_ec_certificates := {};
if (PICS_MULTIPLE_END_POINT == false) {
activate(a_default_pki_http());
} else {
activate(a_default_pki_http_ec());
activate(a_default_pki_http_atv());
activate(a_default_pki_http_at());
}
} // End of function f_cfHttpUp
YannGarcia
committed
function f_cfHttpUp_ca() runs on ItsPkiHttp system ItsPkiHttpSystem { // FIXME Rename into f_cfHttpUp_rca_dc
if (PICS_MULTIPLE_END_POINT == false) {
map(self:httpPort, system:httpPort);
} else {
map(self:httpCaPort, system:httpCaPort);
}
f_connect4SelfOrClientSync();
f_initialiseSecuredMode();
if (PICS_MULTIPLE_END_POINT == false) {
activate(a_default_pki_http());
} else {
activate(a_default_pki_http_ca());
}
} // End of function f_cfHttpUp_ca
YannGarcia
committed
function f_cfHttpUp_tlm() runs on ItsPkiHttp system ItsPkiHttpSystem { // FIXME Rename into f_cfHttpUp_cpoc
if (PICS_MULTIPLE_END_POINT == false) {
map(self:httpPort, system:httpPort);
} else {
map(self:httpTlmPort, system:httpTlmPort);
}
f_connect4SelfOrClientSync();
f_initialiseSecuredMode();
if (PICS_MULTIPLE_END_POINT == false) {
activate(a_default_pki_http());
} else {
activate(a_default_pki_http_tlm());
}
} // End of function f_cfHttpUp_tlm
/**
* @desc Setups default configuration
* @param p_certificate_id The certificate identifier the TA shall use in case of secured IUT
*/
function f_cfHttpUp_itss(
in charstring p_ea_certificate_id := "CERT_TS_A_EA", // TODO Use a constant
in charstring p_aa_certificate_id := "CERT_TS_A_AA"
) runs on ItsPkiHttp system ItsPkiHttpSystem {
if (PICS_MULTIPLE_END_POINT == false) {
map(self:httpPort, system:httpPort);
} else {
map(self:httpAtPort, system:httpAtPort);
}
f_initialiseSecuredMode(p_ea_certificate_id, p_aa_certificate_id); // TODO To be removed???
// TODO Duplicate code, use a function
// Setup EA certificate shared with PKI EA entity
f_readCertificate(p_ea_certificate_id, vc_eaCertificate);
f_readSigningKey(p_ea_certificate_id, vc_eaPrivateKey); // TODO To be removed
f_readEncryptingKey(p_ea_certificate_id, vc_eaPrivateEncKey);
f_getCertificateDigest(p_ea_certificate_id, vc_eaHashedId8);
f_getCertificateHash(p_ea_certificate_id, vc_eaWholeHash);
f_getCertificateHash256(p_ea_certificate_id, vc_eaWholeHash256);
log("f_cfHttpUp_itss: vc_eaPrivateKey= ", vc_eaPrivateKey);
log("f_cfHttpUp_itss: vc_eaPrivateEncKey= ", vc_eaPrivateEncKey);
log("f_cfHttpUp_itss: vc_eaHashedId8= ", vc_eaHashedId8);
log("f_cfHttpUp_itss: vc_eaWholeHash= ", vc_eaWholeHash);
log("f_cfHttpUp: vc_eaWholeHash256= ", vc_eaWholeHash256);
// Setup AA certificate shared with PKI AA entity
f_readCertificate(p_aa_certificate_id, vc_aaCertificate);
f_readSigningKey(p_aa_certificate_id, vc_aaPrivateKey); // Required for AuthorizationValidation request
f_readEncryptingKey(p_aa_certificate_id, vc_aaPrivateEncKey);
f_getCertificateDigest(p_aa_certificate_id, vc_aaHashedId8);
f_getCertificateHash(p_aa_certificate_id, vc_aaWholeHash);
f_getCertificateHash256(p_aa_certificate_id, vc_aaWholeHash256);
log("f_cfHttpUp_itss: vc_aaPrivateKey= ", vc_aaPrivateKey);
log("f_cfHttpUp_itss: vc_aaPrivateEncKey= ", vc_aaPrivateEncKey);
log("f_cfHttpUp_itss: vc_aaHashedId8= ", vc_aaHashedId8);
log("f_cfHttpUp_itss: vc_aaWholeHash= ", vc_aaWholeHash);
log("f_cfHttpUp: vc_eaWholeHash256= ", vc_aaWholeHash256);
// Storage of enrolment keys in case of re-enrolment
vc_ec_keys_counter := 0;
vc_ec_private_keys := {};
vc_ec_public_compressed_key := {};
vc_ec_compressed_modes := {};
vc_ec_hashed_id8 := {};
vc_ec_certificates := {};
if (PICS_MULTIPLE_END_POINT == false) {
activate(a_default_pki_http());
} else {
activate(a_default_pki_http_at());
}
} // End of function f_cfHttpUp_itss
/**
* @desc Setups default configuration
* @param p_certificate_id The certificate identifier the TA shall use in case of secured IUT
*/
function f_cfHttpUp_ea(
in charstring p_ea_certificate_id := "CERT_TS_A_EA", // TODO Use a constant
in charstring p_aa_certificate_id := "CERT_TS_A_AA"
) runs on ItsPkiHttp system ItsPkiHttpSystem {
if (PICS_MULTIPLE_END_POINT == false) {
map(self:httpPort, system:httpPort);
} else {
map(self:httpAtVPort, system:httpAtVPort);
}
f_initialiseSecuredMode(p_ea_certificate_id, p_aa_certificate_id); // TODO To be removed???
// TODO Duplicate code, use a function
// Setup EA certificate shared with PKI EA entity
f_readCertificate(p_ea_certificate_id, vc_eaCertificate);
f_readSigningKey(p_ea_certificate_id, vc_eaPrivateKey); // TODO To be removed
f_readEncryptingKey(p_ea_certificate_id, vc_eaPrivateEncKey);
f_getCertificateDigest(p_ea_certificate_id, vc_eaHashedId8);
f_getCertificateHash(p_ea_certificate_id, vc_eaWholeHash);
f_getCertificateHash256(p_aa_certificate_id, vc_eaWholeHash256);
log("f_cfHttpUp_ea: vc_eaPrivateKey= ", vc_eaPrivateKey);
log("f_cfHttpUp_ea: vc_eaPrivateEncKey= ", vc_eaPrivateEncKey);
log("f_cfHttpUp_ea: vc_eaHashedId8= ", vc_eaHashedId8);
log("f_cfHttpUp_ea: vc_eaWholeHash= ", vc_eaWholeHash);
log("f_cfHttpUp: vc_aaWholeHash256= ", vc_eaWholeHash256);
// Setup AA certificate shared with PKI AA entity
f_readCertificate(p_aa_certificate_id, vc_aaCertificate);
f_readSigningKey(p_aa_certificate_id, vc_aaPrivateKey); // Required for AuthorizationValidation request
f_readEncryptingKey(p_aa_certificate_id, vc_aaPrivateEncKey);
f_getCertificateDigest(p_aa_certificate_id, vc_aaHashedId8);
f_getCertificateHash(p_aa_certificate_id, vc_aaWholeHash);
f_getCertificateHash256(p_aa_certificate_id, vc_aaWholeHash256);
log("f_cfHttpUp_ea: vc_aaPrivateKey= ", vc_aaPrivateKey);
log("f_cfHttpUp_ea: vc_aaPrivateEncKey= ", vc_aaPrivateEncKey);
log("f_cfHttpUp_ea: vc_aaHashedId8= ", vc_aaHashedId8);
log("f_cfHttpUp_ea: vc_aaWholeHash= ", vc_aaWholeHash);
log("f_cfHttpUp: vc_aaWholeHash256= ", vc_aaWholeHash256);
// Storage of enrolment keys in case of re-enrolment
vc_ec_keys_counter := 0;
vc_ec_private_keys := {};
vc_ec_public_compressed_key := {};
vc_ec_compressed_modes := {};
vc_ec_hashed_id8 := {};
vc_ec_certificates := {};
if (PICS_MULTIPLE_END_POINT == false) {
activate(a_default_pki_http());
} else {
activate(a_default_pki_http_atv());
activate(a_default_pki_http_at());
}
} // End of function f_cfHttpUp_ea
function f_cfUp_itss() runs on ItsPkiItss system ItsPkiItssSystem {
map(self:geoNetworkingPort, system:geoNetworkingPort);
map(self:utPort, system:utPort);
//map(self:acPort, system:acPort);
// activate(a_default_pki()); TOTO Defualt from geoNet
} // End of function f_cfUp_itss
/**
* @desc Deletes default configuration
*/
function f_cfMtcDown01(
inout ItsPkiItss p_itss,
inout ItsPkiHttp p_pki
) runs on ItsMtc {
disconnect(self:syncPort, mtc:syncPort);
disconnect(p_itss:syncPort, self:syncPort);
disconnect(p_pki:syncPort, self:syncPort);
function f_cfMtcDown02(
inout ItsPkiHttp p_itss,
inout ItsPkiHttp p_ea
) runs on ServerSyncComp {
disconnect(self:syncPort, mtc:syncPort);
disconnect(p_itss:syncPort, self:syncPort);
disconnect(p_ea:syncPort, self:syncPort);
YannGarcia
committed
function f_cfMtcDown03(
inout ItsPkiHttp p_itss,
inout ItsPkiHttp p_tlm
) runs on ServerSyncComp {
disconnect(self:syncPort, mtc:syncPort);
disconnect(p_itss:syncPort, self:syncPort);
disconnect(p_tlm:syncPort, self:syncPort);
YannGarcia
committed
p_itss.done;
p_tlm.done;
}
YannGarcia
committed
function f_cfMtcDown04(
inout ItsPkiHttp p_itss,
inout ItsPkiHttp p_dc
) runs on ServerSyncComp {
disconnect(self:syncPort, mtc:syncPort);
disconnect(p_itss:syncPort, self:syncPort);
disconnect(p_dc:syncPort, self:syncPort);
YannGarcia
committed
p_itss.done;
p_dc.done;
}
/**
* @desc Deletes default configuration
*/
function f_cfHttpDown() runs on ItsPkiHttp {
if (PICS_MULTIPLE_END_POINT == false) {
unmap(self:httpPort, system:httpPort);
} else {
unmap(self:httpEcPort, system:httpEcPort);
unmap(self:httpAtVPort, system:httpAtVPort);
unmap(self:httpAtPort, system:httpAtPort);
}
f_disconnect4SelfOrClientSync();
f_uninitialiseSecuredMode();
} // End of function f_cfHttpDown
/**
* @desc Deletes default configuration
*/
function f_cfHttpDown_ca() runs on ItsPkiHttp {
if (PICS_MULTIPLE_END_POINT == false) {
unmap(self:httpPort, system:httpPort);
} else {
unmap(self:httpCaPort, system:httpCaPort);
}
f_disconnect4SelfOrClientSync();
f_uninitialiseSecuredMode();
} // End of function f_cfHttpDown_ca
/**
* @desc Deletes default configuration
*/
function f_cfHttpDown_tlm() runs on ItsPkiHttp {
if (PICS_MULTIPLE_END_POINT == false) {
unmap(self:httpPort, system:httpPort);
} else {
unmap(self:httpTlmPort, system:httpTlmPort);
}
f_disconnect4SelfOrClientSync();
f_uninitialiseSecuredMode();
} // End of function f_cfHttpDown_tlm
/**
* @desc Deletes default configuration
*/
function f_cfHttpDown_itss() runs on ItsPkiHttp {
if (PICS_MULTIPLE_END_POINT == false) {
unmap(self:httpPort, system:httpPort);
} else {
unmap(self:httpAtPort, system:httpAtPort);
}
f_disconnect4SelfOrClientSync();
f_uninitialiseSecuredMode();
} // End of function f_cfHttpDown_itss
/**
* @desc Deletes default configuration
*/
function f_cfHttpDown_ea() runs on ItsPkiHttp {
if (PICS_MULTIPLE_END_POINT == false) {
unmap(self:httpPort, system:httpPort);
} else {
unmap(self:httpAtVPort, system:httpAtVPort);
}
f_disconnect4SelfOrClientSync();
f_uninitialiseSecuredMode();
} // End of function f_cfHttpDown_ea
/**
* @desc Deletes default configuration
*/
function f_cfDown_itss() runs on ItsPkiItss system ItsPkiItssSystem {
unmap(self:geoNetworkingPort, system:geoNetworkingPort);
unmap(self:utPort, system:utPort);
//unmap(self:acPort, system:acPort);
/**
* @desc Initialise secure mode if required
*/
function f_initialiseSecuredMode(
in charstring p_certificate_id := "CERT_TS_A_EA", // TODO Use a constant
in charstring p_peerCertificateId := "CERT_IUT_A_EA"
) runs on ItsSecurityBaseComponent {
if(not(f_loadCertificates(PX_IUT_SEC_CONFIG_NAME))) {
log("*** INFO: TEST CASE NOW STOPPING ITSELF! ***");
setverdict(inconc);
stop;
}
} // End of function f_initialiseSecuredMode()
function f_uninitialiseSecuredMode() runs on ItsSecurityBaseComponent {
f_unloadCertificates();
} // End of function f_uninitialiseSecuredMode()
function f_initializeState() runs on ItsPkiItss {
var Oct8 v_hashedId8ToBeUsed;
log(">>> f_initializeState: vc_hashedId8ToBeUsed= ", vc_hashedId8ToBeUsed);
v_hashedId8ToBeUsed := f_setupIutCertificate(vc_hashedId8ToBeUsed);
log("f_initializeState: v_hashedId8ToBeUsed= ", v_hashedId8ToBeUsed);
f_utInitializeIut(UtPkiInitialize: { v_hashedId8ToBeUsed } );
f_sleep(PX_NEIGHBOUR_DISCOVERY_DELAY);
// f_acLoadScenario(p_scenario);
// f_acStartScenario();
}
} // End of pkiConfigurationFunctions
group ut_port {
function f_utInitializeIut(template (value) UtPkiInitialize p_init) runs on ItsPkiItss {
utPort.send(p_init);
tc_wait.start;
alt {
[] utPort.receive(UtPkiResults: { utPkiInitializeResult := true }) {
tc_wait.stop;
log("*** f_utInitializeIut: INFO: IUT initialized ***");
}
[] utPort.receive {
tc_wait.stop;
log("*** f_utInitializeIut: INFO: IUT could not be initialized ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[] tc_wait.timeout {
log("*** f_utInitializeIut: INFO: IUT could not be initialized in time ***");
f_selfOrClientSyncAndVerdict("error", e_timeout);
}
}
function f_sendUtTriggerEnrolmentRequestPrimitive(
in octetstring p_canonical_id := ''O,
in Oct1 p_enc_algorithm := '00'O,
in octetstring p_private_key := ''O,
in octetstring p_public_key_compressed := ''O,
in integer p_compressed_mode := 0,
in boolean p_check_result := true
) runs on ItsPkiItss {
var TriggerEnrolmentRequest v_ut_trigger_enrolment_request;
var octetstring v_compressed_public_key;
if (p_compressed_mode == 2) { // TODO v_compressed_public_key := int2oct(p_compressed_mode, 1) & p_public_key_compressed?
v_compressed_public_key := '02'O & p_public_key_compressed;
} else {
v_compressed_public_key := '03'O & p_public_key_compressed;
}
v_ut_trigger_enrolment_request := { p_canonical_id, p_enc_algorithm, p_private_key, v_compressed_public_key };
utPort.send(UtPkiTrigger: { triggerEnrolmentRequest := v_ut_trigger_enrolment_request });
alt {
[] utPort.receive(UtPkiResults: { utPkiTriggerResult := true }) {
tc_ac.stop;
}
[] utPort.receive(UtPkiResults: { utPkiTriggerResult := false }) {
tc_ac.stop;
log("*** f_sendUtTriggerEnrolmentRequestPrimitive: ERROR: Unsuccessful trugger result received in UT port. Stop ***");
[] utPort.receive {
log("*** f_sendUtTriggerEnrolmentRequestPrimitive: INFO: Unexpected message received in UT Port. Keep waiting. ***");
if(p_check_result){
log("*** f_sendAcPkiPrimitive: ERROR: Timeout while waiting for adapter control event result ***");
f_selfOrClientSyncAndVerdict("error", e_timeout);
}else{
log("*** f_sendAcPkiPrimitive: INFO: Timeout while waiting for adapter control event result. Assume OK. ***");
}
}
} // End of 'alt' statement
} // End of function f_sendUtTriggerEnrolmentRequestPrimitive
function f_sendUtTriggerAuthorizationRequestPrimitive(
in octetstring p_canonical_id := ''O,
in Oct1 p_enc_algorithm := '00'O,
in octetstring p_private_key := ''O,
in octetstring p_public_key_compressed := ''O,
in integer p_compressed_mode := 0
) runs on ItsPkiItss {
var TriggerAuthorizationRequest v_ut_trigger_enrolment_request;
var octetstring v_compressed_public_key;
if (p_compressed_mode == 2) { // TODO v_compressed_public_key := int2oct(p_compressed_mode, 1) & p_public_key_compressed?
v_compressed_public_key := '02'O & p_public_key_compressed;
} else {
v_compressed_public_key := '03'O & p_public_key_compressed;
}
v_ut_trigger_enrolment_request := { p_canonical_id, p_enc_algorithm, p_private_key, v_compressed_public_key };
utPort.send(UtPkiTrigger: { triggerAuthorizationRequest := v_ut_trigger_enrolment_request });
tc_ac.start;
alt {
[] utPort.receive(UtPkiResults: { utPkiTriggerResult := true }) {
tc_ac.stop;
}
[] utPort.receive(UtPkiResults: { utPkiTriggerResult := false }) {
tc_ac.stop;
log("*** f_sendUtTriggerAuthorizationRequestPrimitive: ERROR: Received unexpected message ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[] utPort.receive(UtPkiTriggerInd:?) {
log("*** f_sendUtTriggerAuthorizationRequestPrimitive: INFO: Received UtPkiTriggerInd message ***");
repeat;
}
[] tc_ac.timeout {
log("*** f_sendAcPkiPrimitive: ERROR: Timeout while waiting for adapter control event result ***");
f_selfOrClientSyncAndVerdict("error", e_timeout);
}
} // End of 'alt' statement
} // End of function f_sendUtTriggerAuthorizationRequestPrimitive
YannGarcia
committed
function f_sendUtTriggerUpdateEctl(template (value) charstring p_ectl_uri) runs on ItsPkiItss {
utPort.send(UtPkiTrigger: { triggerUpdateEctl := { ectl_uri := p_ectl_uri } });
tc_wait.start;
alt {
[] utPort.receive(UtPkiResults: { utPkiTriggerResult := true }) {
tc_wait.stop;
log("*** f_sendUtTriggerUpdateEctl: INFO: IUT has updated ECTL ***");
}
[] utPort.receive {
tc_wait.stop;
log("*** f_sendUtTriggerUpdateEctl: INFO: IUT could not update ECTL ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[] tc_wait.timeout {
log("*** f_sendUtTriggerUpdateEctl: INFO: IUT could not update ECTL in time ***");
f_selfOrClientSyncAndVerdict("error", e_timeout);
}
}
YannGarcia
committed
} // End of function f_sendUtTriggerUpdateEctl
YannGarcia
committed
function f_sendUtTriggerRequestForTlmCtl(template (value) charstring p_tlm_ctl_uri) runs on ItsPkiItss {
utPort.send(UtPkiTrigger: { triggerRequestForTlmCtl := { tlm_ctl_uri := p_tlm_ctl_uri } });
tc_wait.start;
alt {
[] utPort.receive(UtPkiResults: { utPkiTriggerResult := true }) {
tc_wait.stop;
log("*** f_sendUtTriggerRequestForTlmCtl: INFO: IUT has updated ECTL ***");
}
[] utPort.receive {
tc_wait.stop;
log("*** f_sendUtTriggerRequestForTlmCtl: INFO: IUT could not update ECTL ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[] tc_wait.timeout {
log("*** f_sendUtTriggerRequestForTlmCtl: INFO: IUT could not update ECTL in time ***");
f_selfOrClientSyncAndVerdict("error", e_timeout);
}
}
YannGarcia
committed
} // End of function f_sendUtTriggerRequestForTlmCtl
YannGarcia
committed
function f_sendUtTriggerRequestForRcaCtl(template (value) charstring p_tlm_ctl_uri) runs on ItsPkiItss {
utPort.send(UtPkiTrigger: { triggerRequestForRcaCtl := { tlm_ctl_uri := p_tlm_ctl_uri } });
tc_wait.start;
alt {
[] utPort.receive(UtPkiResults: { utPkiTriggerResult := true }) {
tc_wait.stop;
log("*** f_sendUtTriggerRequestForRcaCtl: INFO: IUT has updated ECTL ***");
}
[] utPort.receive {
tc_wait.stop;
log("*** f_sendUtTriggerRequestForRcaCtl: INFO: IUT could not update ECTL ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[] tc_wait.timeout {
log("*** f_sendUtTriggerRequestForRcaCtl: INFO: IUT could not update ECTL in time ***");
f_selfOrClientSyncAndVerdict("error", e_timeout);
}
}
YannGarcia
committed
} // End of function f_sendUtTriggerRequestForRcaCtl
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
function f_decode_EccP256CurvePoint(
in octetstring buf,
out EccP256CurvePoint p
) runs on ItsPkiHttp return boolean {
var integer ptype := oct2int(buf[0] and4b '7F'O);
if(lengthof(buf) == 33){
if (ptype == 0) {p.x_only := substr(buf, 1, 32);}
else if (ptype == 2) {p.compressed_y_0 := substr(buf, 1, 32);}
else if (ptype == 3) {p.compressed_y_1 := substr(buf, 1, 32);}
else {
log("f_decode_EccP256CurvePoint: unsupported value for point type ", ptype);
return false;
}
}else if(lengthof(buf) == 65){
if (ptype == 4) {
p.uncompressedP256.x := substr(buf, 1, 32);
p.uncompressedP256.y := substr(buf, 33, 32);
}else{
log("f_decode_EccP256CurvePoint: unsupported value for point type ", ptype);
return false;
}
}else{
log("f_decode_EccP256CurvePoint: wrong buffer length ", lengthof(buf));
return false;
}
return true;
}
function f_decode_EccP384CurvePoint(
in octetstring buf,
out EccP384CurvePoint p
) runs on ItsPkiHttp return boolean {
var integer ptype := oct2int(buf[0] and4b '7F'O);
if(lengthof(buf) == 49){
if (ptype == 0) {p.x_only := substr(buf, 1, 48);}
else if (ptype == 2) {p.compressed_y_0 := substr(buf, 1, 48);}
else if (ptype == 3) {p.compressed_y_1 := substr(buf, 1, 48);}
else {
log("f_decode_EccP384CurvePoint: unsupported value for point type ", ptype);
return false;
}
}else if(lengthof(buf) == 97){
if (ptype == 4) {
p.uncompressedP384.x := substr(buf, 1, 48);
p.uncompressedP384.y := substr(buf, 49, 48);
}else{
log("f_decode_EccP256CurvePoint: unsupported value for point type ", ptype);
return false;
}
}else{
log("f_decode_EccP256CurvePoint: wrong buffer length ",lengthof(buf));
return false;
}
return true;
}
function f_get_canonical_itss_key(
out PublicVerificationKey p_key
) runs on ItsPkiHttp return boolean {
log("f_get_canonical_itss_key: PX_VE_ALG=", PX_VE_ALG);
if (PX_VE_ALG == e_nist_p256) {
return f_decode_EccP256CurvePoint(PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY, p_key.ecdsaNistP256);
} else if (PX_VE_ALG == e_brainpool_p256_r1) {
return f_decode_EccP256CurvePoint(PICS_ITS_S_SIGN_BRAINPOOLP256r1_PUBLIC_KEY, p_key.ecdsaNistP256);
} else if (PX_VE_ALG == e_brainpool_p384_r1) {
return f_decode_EccP384CurvePoint(PICS_ITS_S_SIGN_BRAINPOOLP384r1_PUBLIC_KEY, p_key.ecdsaNistP256);
}
return false;
}
function f_generate_key_pair(
out octetstring p_private_key,
out octetstring p_public_key_x,
out octetstring p_public_key_y,
out octetstring p_public_key_compressed,
out integer p_compressed_mode
) return boolean {
log(">>> f_generate_key_pair: PX_VE_ALG=", PX_VE_ALG);
if (PX_VE_ALG == e_nist_p256) {
f_generate_key_pair_nistp256(p_private_key, p_public_key_x, p_public_key_y, p_public_key_compressed, p_compressed_mode);
} else if (PX_VE_ALG == e_brainpool_p256_r1) {
f_generate_key_pair_brainpoolp256r1(p_private_key, p_public_key_x, p_public_key_y, p_public_key_compressed, p_compressed_mode);
} else if (PX_VE_ALG == e_sm2_p256) {
f_generate_key_pair_sm2p256(p_private_key, p_public_key_x, p_public_key_y, p_public_key_compressed, p_compressed_mode);
} else if (PX_VE_ALG == e_brainpool_p384_r1) {
f_generate_key_pair_brainpoolp384r1(p_private_key, p_public_key_x, p_public_key_y, p_public_key_compressed, p_compressed_mode);
} else if (PX_VE_ALG == e_nist_p384) {
f_generate_key_pair_nistp384(p_private_key, p_public_key_x, p_public_key_y, p_public_key_compressed, p_compressed_mode);
} else {
// error
return false;
}
log("<<< f_generate_key_pair: p_compressed_mode=", p_compressed_mode);
return true;
}
function f_generate_key_pair_for_encryption(
out octetstring p_private_key,
out octetstring p_public_key_x,
out octetstring p_public_key_y,
out octetstring p_public_key_compressed,
out integer p_compressed_mode
) return boolean {
if (p_algorithm == e_nist_p256) {
f_generate_key_pair_nistp256(p_private_key, p_public_key_x, p_public_key_y, p_public_key_compressed, p_compressed_mode);
} else if (p_algorithm == e_brainpool_p256_r1) {
f_generate_key_pair_brainpoolp256r1(p_private_key, p_public_key_x, p_public_key_y, p_public_key_compressed, p_compressed_mode);
} else if (p_algorithm == e_sm2_p256) {
f_generate_key_pair_sm2p256(p_private_key, p_public_key_x, p_public_key_y, p_public_key_compressed, p_compressed_mode);
} else {
// error
return false;
}
return true;
} // End of function f_generate_key_pair_for_encryption
function f_http_restart(
in charstring p_content_text
) runs on ItsPkiHttp {
if (not(PICS_MULTIPLE_END_POINT)) {
log("f_http_restart: restart httpPort");
httpPort.stop;
httpPort.start;
} else {
log("f_http_restart: restart httpPort with contentType ", p_content_text);
select(p_content_text){
case ("inner_ec_request"){
httpEcPort.stop;
httpEcPort.start;
}
case ("inner_atv_request"){
httpAtVPort.stop;
httpAtVPort.start;
}
}
}
} // End of function f_http_restart
function f_http_send(
in Headers p_headers,
in template (value) HttpMessage p_http_message
) runs on ItsPkiHttp {
log(">>> f_http_send: ", p_http_message);
if (not(PICS_MULTIPLE_END_POINT)) {
httpPort.send(p_http_message);
} else {
var charstring_list v_content_text;
f_get_header(p_headers, c_header_content_text, v_content_text);
if (not(isvalue(v_content_text))) {
log("f_http_send: Failed to send message: header not found: ", c_header_content_text);
return;
}
if (v_content_text == { "inner_ec_request" }) {
log("f_http_send: Send on EC end point");
f_set_headers_list({ c_header_host }, { PICS_HEADER_HOST_EC }, p_headers);
if (ischosen(p_http_message.request)) {
p_http_message.request.header := p_headers;
} else {
p_http_message.response.header := p_headers;
}
httpEcPort.send(p_http_message);
} else if (v_content_text == { "inner_atv_request" }) {
log("f_http_send: Send on ATV end point");
f_set_headers_list({ c_header_host }, { PICS_HEADER_HOST_ATV }, p_headers);
if (ischosen(p_http_message.request)) {
p_http_message.request.header := p_headers;
} else {
p_http_message.response.header := p_headers;
}
httpAtVPort.send(p_http_message);
} else if (v_content_text == { "inner_atv_response" }) {
log("f_http_send: Send on ATV end point");
f_set_headers_list({ c_header_host }, { PICS_HEADER_HOST_ATV }, p_headers);
if (ischosen(p_http_message.request)) {
p_http_message.request.header := p_headers;
} else {
p_http_message.response.header := p_headers;
}
httpAtVPort.send(p_http_message);
} else if (v_content_text == { "inner_at_request" }) {
log("f_http_send: Send on AT end point");
f_set_headers_list({ c_header_host }, { PICS_HEADER_HOST_AT }, p_headers);
if (ischosen(p_http_message.request)) {
p_http_message.request.header := p_headers;
} else {
p_http_message.response.header := p_headers;
}
httpAtPort.send(p_http_message);
} else if (v_content_text == { "bfk_auth_request" }) {
log("f_http_send: Send on EC end point");
f_set_headers_list({ c_header_host }, { PICS_HEADER_HOST_EC }, p_headers);
if (ischosen(p_http_message.request)) {
p_http_message.request.header := p_headers;
} else {
p_http_message.response.header := p_headers;
}
httpEcPort.send(p_http_message);
Yann Garcia
committed
} else if (v_content_text == { "bfk_cert_request" }) {
log("f_http_send: Send on AT end point");
f_set_headers_list({ c_header_host }, { PICS_HEADER_HOST_AT }, p_headers);
if (ischosen(p_http_message.request)) {
p_http_message.request.header := p_headers;
} else {
p_http_message.response.header := p_headers;
}
httpEcPort.send(p_http_message);
} else if (v_content_text == { "bfk_at_download_request" }) {
log("f_http_send: Send on EC end point");
f_set_headers_list({ c_header_host }, { PICS_HEADER_HOST_EC }, p_headers);
if (ischosen(p_http_message.request)) {
p_http_message.request.header := p_headers;
} else {
p_http_message.response.header := p_headers;
}
httpEcPort.send(p_http_message);
} else if (v_content_text == { "ca_request" }) {
log("f_http_send: Send on CA end point");
f_set_headers_list({ c_header_host }, { PICS_HEADER_HOST_CA }, p_headers);
if (ischosen(p_http_message.request)) {
p_http_message.request.header := p_headers;
} else {
p_http_message.response.header := p_headers;
}
httpCaPort.send(p_http_message);
} else if (v_content_text == { "ca_response" }) {
log("f_http_send: Send on CA end point");
f_set_headers_list({ c_header_host }, { PICS_HEADER_HOST_CA }, p_headers);
if (ischosen(p_http_message.request)) {
p_http_message.request.header := p_headers;
} else {
p_http_message.response.header := p_headers;
}
httpCaPort.send(p_http_message);
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
} else if (v_content_text == { "tlm_request" }) {
log("f_http_send: Send on TLM end point");
f_set_headers_list({ c_header_host }, { PICS_HEADER_HOST_TLM }, p_headers);
if (ischosen(p_http_message.request)) {
p_http_message.request.header := p_headers;
} else {
p_http_message.response.header := p_headers;
}
httpTlmPort.send(p_http_message);
} else {
log("f_http_send: Invalid header value: ", v_content_text);
}
}
} // End of function f_http_send
function f_generate_key_tag(
in octetstring p_public_key_compressed,
in integer p_compressed_key_mode,
in octetstring p_public_compressed_enc_key,
in integer p_compressed_enc_key_mode,
out octetstring p_encoded_tag
) return boolean {
// Local variables
var PublicVerificationKey v_verification_tag;
var PublicEncryptionKey v_encryption_tag;
log(">>> f_generate_key_tag: p_public_key_compressed=", p_public_key_compressed);
log(">>> f_generate_key_tag: p_public_compressed_enc_key=", p_public_compressed_enc_key);
if (PX_VE_ALG == e_nist_p256) {
if (p_compressed_key_mode == 0) {
v_verification_tag.ecdsaNistP256.compressed_y_0 := p_public_key_compressed;
} else {
v_verification_tag.ecdsaNistP256.compressed_y_1 := p_public_key_compressed;
}
} else if (PX_VE_ALG == e_brainpool_p256_r1) {
if (p_compressed_key_mode == 0) {
v_verification_tag.ecdsaBrainpoolP256r1.compressed_y_0 := p_public_key_compressed;
} else {
v_verification_tag.ecdsaBrainpoolP256r1.compressed_y_1 := p_public_key_compressed;
}
} else if (PX_VE_ALG == e_brainpool_p384_r1) {
if (p_compressed_key_mode == 0) {
v_verification_tag.ecdsaBrainpoolP384r1.compressed_y_0 := p_public_key_compressed;
} else {
v_verification_tag.ecdsaBrainpoolP384r1.compressed_y_1 := p_public_key_compressed;
}
} else if (PX_VE_ALG == e_nist_p384) {
if (p_compressed_key_mode == 0) {