Newer
Older
3001
3002
3003
3004
3005
3006
3007
3008
3009
3010
3011
3012
3013
3014
3015
3016
3017
3018
3019
3020
3021
3022
3023
3024
3025
3026
3027
3028
3029
3030
3031
3032
3033
v_hmac_key := f_hashWithSha256(int2oct((f_getCurrentTimeUtc() * 1000), 12));
log("f_generate_inner_at_request: v_hmac_key= ", v_hmac_key);
// Generate tag based on the concatenation of verification keys & encryption keys
if (f_generate_key_tag(p_public_key_compressed, p_compressed_key_mode, p_public_compressed_enc_key, p_compressed_enc_key_mode, v_encoded_tag) == false) {
log("f_generate_inner_at_request: Failed to generate Key tag");
return false;
}
log("f_generate_inner_at_request: v_encoded_tag= ", v_encoded_tag);
v_key_tag := substr(
fx_hmac_sha256( // TODO Rename and use a wrapper function
v_hmac_key,
v_encoded_tag
),
0,
16); // Leftmost 128 bits of the HMAC-SHA256 tag computed previously
log("f_generate_inner_at_request: v_key_tag= ", v_key_tag);
// Build the SharedAtRequest
p_inner_at_request.sharedAtRequest := valueof(
m_shared_at_request(
p_ea_hashed_id8, // eaId identifies the EA certificate shared with EA entity
v_key_tag, // Calculated keyTag
valueof(
m_certificate_subject_attributes( // FIXME Review subjectPermissions
v_appPermissions,
p_ec_certificate.toBeSigned.certRequestPermissions,
-,//{ none_ := NULL },//p_ec_certificate.toBeSigned.id,
p_ec_certificate.toBeSigned.validityPeriod,
p_ec_certificate.toBeSigned.region,
p_ec_certificate.toBeSigned.assuranceLevel
))) // Desired attributes
);
// Calculate the hash of the SharedAtRequest
v_hash_shared_at_request := f_hashWithSha256(bit2oct(encvalue(p_inner_at_request.sharedAtRequest)));
log("f_generate_inner_at_request: v_hash_shared_at_request= ", v_hash_shared_at_request);
// Build the ETsiTs103097Data-SignedExternalPayload
v_tbs := m_toBeSignedData(
m_signedDataPayload_ext(v_hash_shared_at_request), // Payload containing extDataHash
m_headerInfo_inner_pki_request( // HeaderInfo
-,
(f_getCurrentTime()) * 1000) //us
);
log("f_generate_inner_at_request: v_tbs= ", v_tbs);
// Calculate the whole certificate SHA
v_enc_value := encvalue(p_ec_certificate);
if (ischosen(p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP384) or ischosen(p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP384r1)) {
v_ec_hash := f_hashWithSha384(bit2oct(v_enc_value));
v_ec_hashed_id8 := f_hashedId8FromSha384(v_ec_hash);
} else {
v_ec_hash := f_hashWithSha256(bit2oct(v_enc_value));
v_ec_hashed_id8 := f_hashedId8FromSha256(v_ec_hash);
}
log("f_generate_inner_at_request: v_ec_hash= ", v_ec_hash);
// Signed ToBeSigned payload using the private key of EC certificate obtained from Enrolment request
// In case of ITS-S privacy, v_signed_at_signature contained the data to be encrypted
if (ischosen(p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP384r1)) {
v_hashId := sha384;
v_tbs_signed := f_signWithEcdsaBrainpoolp384r1WithSha384(bit2oct(encvalue(v_tbs)), v_ec_hash, p_ec_private_key);
v_signature := valueof(
m_signature_ecdsaBrainpoolP384r1(
m_ecdsaP384Signature(
m_eccP384CurvePoint_x_only(
substr(v_tbs_signed, 0, 48)
),
substr(v_tbs_signed, 48, 48)
)
)
);
} else if (ischosen(p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP384)) {
v_hashId := sha384;
v_tbs_signed := f_signWithEcdsaNistp384WithSha384(bit2oct(encvalue(v_tbs)), v_ec_hash, p_ec_private_key);
v_signature := valueof(
m_signature_ecdsaNistP384(
m_ecdsaP384Signature(
m_eccP384CurvePoint_x_only(
substr(v_tbs_signed, 0, 48)
),
substr(v_tbs_signed, 48, 48)
)
)
);
3087
3088
3089
3090
3091
3092
3093
3094
3095
3096
3097
3098
3099
3100
3101
3102
3103
3104
3105
3106
3107
3108
3109
3110
3111
3112
3113
3114
3115
3116
3117
3118
3119
3120
3121
3122
3123
3124
3125
3126
3127
3128
3129
3130
} else {
v_hashId := sha256;
if (ischosen(p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1)) {
v_tbs_signed := f_signWithEcdsaBrainpoolp256r1WithSha256(bit2oct(encvalue(v_tbs)), v_ec_hash, p_ec_private_key);
v_signature := valueof(
m_signature_ecdsaBrainpoolP256r1(
m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(
substr(v_tbs_signed, 0, 32)
),
substr(v_tbs_signed, 32, 32)
)
)
);
} else if (ischosen(p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256)) {
v_tbs_signed := f_signWithEcdsaNistp256WithSha256(bit2oct(encvalue(v_tbs)), v_ec_hash, p_ec_private_key);
v_signature := valueof(
m_signature_ecdsaNistP256(
m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(
substr(v_tbs_signed, 0, 32)
),
substr(v_tbs_signed, 32, 32)
)
)
);
} else {
// Error
log("f_generate_inner_at_request: Failed to process signature");
return false;
}
}
v_signed_at_signature := valueof(
m_etsiTs103097Data_signed(
m_signedData(
v_hashId,
v_tbs,
m_signerIdentifier_digest(v_ec_hashed_id8), // Signer is the hasheId8 of the EC certificate obtained from Enrolment request
v_signature
)
)
);
log("f_generate_inner_at_request: v_signed_at_signature= ", v_signed_at_signature);
log("f_generate_inner_at_request: p_ea_certificate= ", p_ea_certificate);
if (PICS_ITS_S_WITH_PRIVACY) { // Build EtsiTs102097Data-Encrypted structure
var octetstring v_public_enc_key;
var integer v_compressed_mode;
var Oct12 v_nonce;
var Oct16 v_authentication_vector;
var Oct16 v_aes_sym_key;
var Oct16 v_encrypted_sym_key;
var HashedId8 v_recipientId;
var octetstring v_public_compressed_ephemeral_key;
var integer v_public_compressed_ephemeral_mode;
var octetstring v_enc_signed_ec_signature;
var EncryptedDataEncryptionKey v_encrypted_data_encryption_key;
3145
3146
3147
3148
3149
3150
3151
3152
3153
3154
3155
3156
3157
3158
3159
3160
3161
3162
3163
3164
3165
3166
3167
3168
3169
3170
3171
3172
3173
3174
3175
3176
3177
3178
3179
3180
3181
3182
3183
3184
3185
3186
3187
3188
3189
3190
3191
3192
3193
// Use EA certificate for the encryption
if (p_enc_algo == e_nist_p256) {
if (ischosen(p_ea_certificate.toBeSigned.encryptionKey.publicKey.eciesNistP256.compressed_y_0)) {
v_public_enc_key := p_ea_certificate.toBeSigned.encryptionKey.publicKey.eciesNistP256.compressed_y_0;
v_compressed_mode := 0;
} else if (ischosen(p_ea_certificate.toBeSigned.encryptionKey.publicKey.eciesNistP256.compressed_y_1)) {
v_public_enc_key := p_ea_certificate.toBeSigned.encryptionKey.publicKey.eciesNistP256.compressed_y_1;
v_compressed_mode := 1;
} else {
log("f_generate_inner_at_request: Wrong NistP256 encryption variant");
return false;
}
v_enc_signed_ec_signature := f_encryptWithEciesNistp256WithSha256(bit2oct(encvalue(v_signed_at_signature)), v_public_enc_key, v_compressed_mode, p_salt, v_public_compressed_ephemeral_key, v_public_compressed_ephemeral_mode, v_aes_sym_key, v_encrypted_sym_key, v_authentication_vector, v_nonce);
if (v_public_compressed_ephemeral_mode == 0) {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_public_compressed_ephemeral_key));
} else {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_public_compressed_ephemeral_key));
}
v_encrypted_data_encryption_key := valueof(
m_encryptedDataEncryptionKey_eciesNistP256(
m_evciesP256EncryptedKey(
v_eccP256_curve_point,
v_encrypted_sym_key,
v_authentication_vector
)));
} else if (p_enc_algo == e_brainpool_p256_r1) {
if (ischosen(p_ea_certificate.toBeSigned.encryptionKey.publicKey.eciesBrainpoolP256r1.compressed_y_0)) {
v_public_enc_key := p_ea_certificate.toBeSigned.encryptionKey.publicKey.eciesBrainpoolP256r1.compressed_y_0;
v_compressed_mode := 0;
} else if (ischosen(p_ea_certificate.toBeSigned.encryptionKey.publicKey.eciesBrainpoolP256r1.compressed_y_1)) {
v_public_enc_key := p_ea_certificate.toBeSigned.encryptionKey.publicKey.eciesBrainpoolP256r1.compressed_y_1;
v_compressed_mode := 1;
} else {
log("f_generate_inner_at_request: Wrong BrainpoolP256r1 encryption variant");
return false;
}
v_enc_signed_ec_signature := f_encryptWithEciesBrainpoolp256r1WithSha256(bit2oct(encvalue(v_signed_at_signature)), v_public_enc_key, v_compressed_mode, p_salt, v_public_compressed_ephemeral_key, v_public_compressed_ephemeral_mode, v_aes_sym_key, v_encrypted_sym_key, v_authentication_vector, v_nonce);
if (v_public_compressed_ephemeral_mode == 0) {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_public_compressed_ephemeral_key));
} else {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_public_compressed_ephemeral_key));
}
v_encrypted_data_encryption_key := valueof(
m_encryptedDataEncryptionKey_eciesBrainpoolP256r1(
m_evciesP256EncryptedKey(
v_eccP256_curve_point,
v_encrypted_sym_key,
v_authentication_vector
)));
} else if (PX_VE_ALG == e_sm2_p256) { // FIXME FSCOM
} else {
log("f_generate_inner_at_request: Wrong encryption variant");
return false;
}
log("f_generate_inner_at_request: v_encrypted_data_encryption_key= ", v_encrypted_data_encryption_key);
v_recipientId := p_ea_hashed_id8; // RecipientId is the HashedId8 of the EA certificate
log("f_generate_inner_at_request: v_recipientId= ", v_recipientId);
// Fill Certificate template with the public compressed keys (canonical form)
p_inner_at_request.ecSignature := valueof(
m_ec_signature(
m_etsiTs103097Data_encrypted(
m_encryptedData(
{
m_recipientInfo_certRecipInfo(
m_pKRecipientInfo(
v_recipientId,
m_symmetricCiphertext_aes128ccm(
m_aesCcmCiphertext(
v_nonce,
v_enc_signed_ec_signature
)
)
)
)
)
);
} else if (p_enc_algo == e_sm2_p256) { // FIXME FSCOM
3226
3227
3228
3229
3230
3231
3232
3233
3234
3235
3236
3237
3238
3239
3240
3241
3242
3243
3244
3245
3246
3247
3248
3249
3250
3251
3252
3253
3254
} else { // Skip the encryption, alowed to be re-identified by the AA
p_inner_at_request.ecSignature := valueof(m_ec_signature_ext_payload(v_signed_at_signature));
}
// Build the InnerAtRequest, EcSignature field is already set
if (ischosen(p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256)) {
if (p_compressed_key_mode == 0) {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_public_key_x));
} else {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_public_key_x));
}
v_public_verification_key := valueof(m_publicVerificationKey_ecdsaNistP256(v_eccP256_curve_point));
} else if (ischosen(p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1)) {
if (p_compressed_key_mode == 0) {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_public_key_x));
} else {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_public_key_x));
}
v_public_verification_key := valueof(m_publicVerificationKey_ecdsaBrainpoolP256r1(v_eccP256_curve_point));
} else {
var EccP384CurvePoint v_eccP384_curve_point;
if (p_compressed_key_mode == 0) {
v_eccP384_curve_point := valueof(m_eccP384CurvePoint_compressed_y_0(v_public_key_x));
} else {
v_eccP384_curve_point := valueof(m_eccP384CurvePoint_compressed_y_1(v_public_key_x));
}
v_public_verification_key := valueof(m_publicVerificationKey_ecdsaBrainpoolP384r1(v_eccP384_curve_point));
}
if (PX_INCLUDE_ENCRYPTION_KEYS) {
var template (value) EccP256CurvePoint v_enc_eccP256_curve_point;
if (p_compressed_enc_key_mode == 0) {
v_enc_eccP256_curve_point := m_eccP256CurvePoint_compressed_y_0(v_public_enc_key_x);
} else {
v_enc_eccP256_curve_point := m_eccP256CurvePoint_compressed_y_1(v_public_enc_key_x);
}
if (p_enc_algo == e_nist_p256) {
v_public_encryption_key := valueof(m_publicEncryptionKey_eciesNistP256(v_enc_eccP256_curve_point));
} else if (PX_VE_ALG == e_sm2_p256) { // FIXME FSCOM
3264
3265
3266
3267
3268
3269
3270
3271
3272
3273
3274
3275
3276
3277
3278
3279
3280
3281
3282
3283
3284
} else {
v_public_encryption_key := valueof(m_publicEncryptionKey_eciesBrainpoolP256r1(v_enc_eccP256_curve_point));
}
p_inner_at_request.publicKeys := valueof( // The freshly generated public verification & encrypition keys to be used for the requested AT certificate
m_publicKeys(
v_public_verification_key,
m_encryptionKey( // FIXME Encryption keys could be optional
-,
v_public_encryption_key
)
)
);
} else {
p_inner_at_request.publicKeys := valueof( // The freshly generated public verification keys to be used for the requested AT certificate
m_publicKeys(
v_public_verification_key
)
);
}
p_inner_at_request.hmacKey := v_hmac_key;
log("f_generate_inner_at_request: p_inner_at_request= ", p_inner_at_request);
return true;
} // End of function f_generate_inner_at_request
function f_generate_inner_at_request_with_wrong_parameters(
in Certificate p_aa_certificate,
in SignAlgorithm p_enc_algo := PX_EC_ALG_FOR_AT,
3292
3293
3294
3295
3296
3297
3298
3299
3300
3301
3302
3303
3304
3305
3306
3307
3308
3309
3310
3311
3312
3313
3314
3315
3316
3317
3318
3319
3320
3321
3322
3323
3324
3325
3326
3327
3328
3329
3330
3331
3332
3333
3334
3335
3336
3337
3338
3339
3340
3341
3342
3343
3344
3345
3346
3347
3348
3349
3350
3351
3352
3353
3354
3355
3356
3357
3358
3359
3360
3361
3362
3363
3364
3365
3366
3367
3368
3369
in Oct8 p_aa_hashed_id8,
in Certificate p_ea_certificate,
in octetstring p_salt,
in Oct8 p_ea_hashed_id8,
in Certificate p_ec_certificate,
in octetstring p_ec_private_key,
in boolean p_alter_hmac := false,
in boolean p_alter_signer_digest := false,
in template (omit) Time32 p_start := omit,
in template (omit) Duration p_duration := omit,
in template (omit) Time64 p_generation_time := omit,
out octetstring p_private_key,
out octetstring p_public_key_compressed,
out integer p_compressed_key_mode,
out octetstring p_private_enc_key,
out octetstring p_public_compressed_enc_key,
out integer p_compressed_enc_key_mode,
out InnerAtRequest p_inner_at_request
) return boolean {
// Local variables
var octetstring v_public_key_x;
var octetstring v_public_key_y;
var octetstring v_public_enc_key_x;
var octetstring v_public_enc_key_y;
var bitstring v_enc_value;
var octetstring v_ec_hash;
var PublicVerificationKey v_public_verification_key;
var BasePublicEncryptionKey v_public_encryption_key;
var Oct8 v_ec_hashed_id8;
var octetstring public_enc_key_x;
var octetstring public_enc_key_y;
var Oct32 v_hmac_key;
var PublicVerificationKey v_verification_tag;
var PublicEncryptionKey v_encryption_tag;
var octetstring v_encoded_tag;
var Oct16 v_key_tag;
var octetstring v_hash_shared_at_request;
var template (value) ToBeSignedData v_tbs;
var octetstring v_tbs_signed;
var Ieee1609Dot2Data v_signed_at_signature;
var template (value) EccP256CurvePoint v_eccP256_curve_point;
var template (value) EccP256CurvePoint v_enc_eccP256_curve_point;
var HashAlgorithm v_hashId;
var Signature v_signature;
var Time32 v_start;
var Duration v_duration;
var SequenceOfPsidSsp v_appPermissions := { // ETSI TS 102 965 Table A.1: ETSI ITS standardized ITS-AIDs
valueof(m_appPermissions(c_its_aid_CAM, { bitmapSsp := PX_INNER_AT_CERTFICATE_BITMAP_SSP_CAM })),
valueof(m_appPermissions(c_its_aid_DENM, { bitmapSsp := PX_INNER_AT_CERTFICATE_BITMAP_SSP_DENM }))
};
log("f_generate_inner_at_request_with_wrong_parameters: p_enc_algo=", p_enc_algo);
// Generate verification keys for the certificate to be requested
if (f_generate_key_pair(p_private_key, v_public_key_x, v_public_key_y, p_public_key_compressed, p_compressed_key_mode) == false) {
log("f_generate_inner_at_request_with_wrong_parameters: Failed to generate verification key");
return false;
}
log ("f_generate_inner_at_request_with_wrong_parameters: AT verification private key: ", p_private_key);
log ("f_generate_inner_at_request_with_wrong_parameters: AT verification public compressed key: ", p_public_key_compressed);
log ("f_generate_inner_at_request_with_wrong_parameters: AT verification public compressed mode: ", p_compressed_key_mode);
// Generate encryption keys for the certificate to be requested
if (PX_INCLUDE_ENCRYPTION_KEYS) {
if (f_generate_key_pair_for_encryption(p_enc_algo, p_private_enc_key, v_public_enc_key_x, v_public_enc_key_y, p_public_compressed_enc_key, p_compressed_enc_key_mode) == false) {
log("f_generate_inner_at_request_with_wrong_parameters: Failed to generate encryption key");
return false;
} else {
log ("f_generate_inner_at_request_with_wrong_parameters: AT encryption private key: ", p_private_enc_key);
log ("f_generate_inner_at_request_with_wrong_parameters: AT encryption public compressed key: ", p_public_compressed_enc_key);
log ("f_generate_inner_at_request_with_wrong_parameters: AT encryption public compressed mode: ", p_compressed_enc_key_mode);
}
} else {
p_private_enc_key := ''O;
v_public_enc_key_x := ''O;
v_public_enc_key_y := ''O;
p_public_compressed_enc_key := ''O;
p_compressed_enc_key_mode := -1;
}
// Calculate the whole certificate SHA
v_enc_value := encvalue(p_ec_certificate);
if (ischosen(p_ec_certificate.issuer.sha256AndDigest)) {
v_ec_hash := f_hashWithSha256(bit2oct(v_enc_value));
v_ec_hashed_id8 := f_hashedId8FromSha256(v_ec_hash);
} else {
v_ec_hash := f_hashWithSha384(bit2oct(v_enc_value));
v_ec_hashed_id8 := f_hashedId8FromSha384(v_ec_hash);
}
log("f_generate_inner_at_request_with_wrong_parameters: v_ec_hash= ", v_ec_hash);
log("f_generate_inner_at_request_with_wrong_parameters: v_ec_hashed_id8= ", v_ec_hashed_id8);
if (p_alter_signer_digest == true) {
v_ec_hashed_id8 := int2oct((f_getCurrentTimeUtc() * 1000), 8);
log("f_generate_inner_at_request_with_wrong_parameters: Altered v_ec_hashed_id8= ", v_ec_hashed_id8);
}
3387
3388
3389
3390
3391
3392
3393
3394
3395
3396
3397
3398
3399
3400
3401
3402
3403
3404
3405
3406
3407
3408
3409
3410
// Generate 32 octets length secret key
v_hmac_key := f_hashWithSha256(int2oct((f_getCurrentTimeUtc() * 1000), 12));
log("f_generate_inner_at_request_with_wrong_parameters: v_hmac_key= ", v_hmac_key);
// Generate tag based on the concatenation of verification keys & encryption keys
if (f_generate_key_tag(p_public_key_compressed, p_compressed_key_mode, p_public_compressed_enc_key, p_compressed_enc_key_mode, v_encoded_tag) == false) {
log("f_generate_inner_at_request_with_wrong_parameters: Failed to generate Key tag");
return false;
}
log("f_generate_inner_at_request_with_wrong_parameters: v_encoded_tag= ", v_encoded_tag);
// Generate hmac key
v_key_tag := substr(
fx_hmac_sha256( // TODO Rename and use a wrapper function
v_hmac_key,
v_encoded_tag
),
0,
16); // Leftmost 128 bits of the HMAC-SHA256 tag computed previously
log("f_generate_inner_at_request_with_wrong_parameters: v_key_tag= ", v_key_tag);
if (p_alter_hmac == true) {
v_hmac_key[0] := 'aa'O;
v_hmac_key[1] := 'bb'O;
log("f_generate_inner_at_request_with_wrong_parameters: Altered key_tag= ", v_hmac_key);
}
3412
3413
3414
3415
3416
3417
3418
3419
3420
3421
3422
3423
3424
3425
3426
3427
3428
3429
3430
3431
3432
3433
3434
3435
3436
3437
3438
// Build the SharedAtRequest
if (not(ispresent(p_start))) {
v_start := p_ec_certificate.toBeSigned.validityPeriod.start_;
} else {
v_start := valueof(p_start);
log("f_generate_inner_at_request_with_wrong_parameters: Altered ValidityPeriod.start= ", v_start);
}
if (not(ispresent(p_duration))) {
v_duration := p_ec_certificate.toBeSigned.validityPeriod.duration;
} else {
v_duration := valueof(p_duration);
log("f_generate_inner_at_request_with_wrong_parameters: Altered ValidityPeriod.duration= ", v_duration);
}
p_inner_at_request.sharedAtRequest := valueof(
m_shared_at_request(
p_ea_hashed_id8, // eaId identifies the EA certificate shared with EA entity
v_key_tag, // Calculated keyTag
valueof(
m_certificate_subject_attributes(
v_appPermissions,
p_ec_certificate.toBeSigned.certRequestPermissions,
{ none_ := NULL },//p_ec_certificate.toBeSigned.id,
m_validityPeriod(v_start, v_duration),
p_ec_certificate.toBeSigned.region,
p_ec_certificate.toBeSigned.assuranceLevel
))) // Desired attributes
);
// Calculate the hash of the SharedAtRequest
v_hash_shared_at_request := f_hashWithSha256(bit2oct(encvalue(p_inner_at_request.sharedAtRequest)));
log("f_generate_inner_at_request_with_wrong_parameters: v_hash_shared_at_request= ", v_hash_shared_at_request);
3444
3445
3446
3447
3448
3449
3450
3451
3452
3453
3454
3455
3456
3457
3458
3459
3460
3461
3462
3463
3464
3465
3466
3467
3468
3469
3470
3471
3472
3473
3474
3475
3476
3477
3478
3479
3480
3481
3482
3483
3484
3485
3486
3487
3488
3489
3490
3491
3492
3493
3494
3495
3496
3497
3498
3499
3500
3501
3502
3503
3504
3505
3506
3507
3508
3509
3510
3511
3512
3513
3514
3515
3516
3517
3518
3519
3520
// Build the ETsiTs103097Data-SignedExternalPayload
if (ispresent(p_generation_time)) {
v_tbs := m_toBeSignedData(
m_signedDataPayload_ext(v_hash_shared_at_request), // Payload containing extDataHash
m_headerInfo_inner_pki_request( // HeaderInfo
-,
valueof(p_generation_time) * 1000) //us
);
log("f_generate_inner_at_request_with_wrong_parameters: Altered generation time: v_tbs= ", v_tbs);
} else {
v_tbs := m_toBeSignedData(
m_signedDataPayload_ext(v_hash_shared_at_request), // Payload containing extDataHash
m_headerInfo_inner_pki_request( // HeaderInfo
-,
f_getCurrentTime() * 1000) //us
);
log("f_generate_inner_at_request_with_wrong_parameters: v_tbs= ", v_tbs);
}
// Signed ToBeSigned payload using the private key of EC certificate obtained from Enrolment request
// In case of ITS-S privacy, v_signed_at_signature contained the data to be encrypted
// TODO Simplify with f_signWithEcdsa
if (ischosen(p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP384r1)) {
v_hashId := sha384;
v_tbs_signed := f_signWithEcdsaBrainpoolp384r1WithSha384(bit2oct(encvalue(v_tbs)), v_ec_hash, p_ec_private_key);
v_signature := valueof(
m_signature_ecdsaBrainpoolP384r1(
m_ecdsaP384Signature(
m_eccP384CurvePoint_x_only(
substr(v_tbs_signed, 0, 48)
),
substr(v_tbs_signed, 48, 48)
)
)
);
} else {
v_hashId := sha256;
if (ischosen(p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1)) {
v_tbs_signed := f_signWithEcdsaBrainpoolp256r1WithSha256(bit2oct(encvalue(v_tbs)), v_ec_hash, p_ec_private_key);
v_signature := valueof(
m_signature_ecdsaBrainpoolP256r1(
m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(
substr(v_tbs_signed, 0, 32)
),
substr(v_tbs_signed, 32, 32)
)
)
);
} else if (ischosen(p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256)) {
v_tbs_signed := f_signWithEcdsaNistp256WithSha256(bit2oct(encvalue(v_tbs)), v_ec_hash, p_ec_private_key);
v_signature := valueof(
m_signature_ecdsaNistP256(
m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(
substr(v_tbs_signed, 0, 32)
),
substr(v_tbs_signed, 32, 32)
)
)
);
} else {
// Error
log("f_generate_inner_at_request_with_wrong_parameters: Failed to process signature");
return false;
}
}
v_signed_at_signature := valueof(
m_etsiTs103097Data_signed(
m_signedData(
v_hashId,
v_tbs,
m_signerIdentifier_digest(v_ec_hashed_id8), // Signer is the hasheId8 of the EC certificate obtained from Enrolment request
v_signature
)
)
);
log("f_generate_inner_at_request_with_wrong_parameters: v_signed_at_signature= ", v_signed_at_signature);
if (PICS_ITS_S_WITH_PRIVACY) { // Build EtsiTs102097Data-Encrypted structure
var octetstring v_public_enc_key;
var integer v_compressed_mode;
var Oct12 v_nonce;
var Oct16 v_authentication_vector;
var Oct16 v_aes_sym_key;
var Oct16 v_encrypted_sym_key;
var HashedId8 v_recipientId;
var octetstring v_public_compressed_ephemeral_key;
var integer v_public_compressed_ephemeral_mode;
var octetstring v_enc_signed_ec_signature;
var EncryptedDataEncryptionKey v_encrypted_data_encryption_key;
3535
3536
3537
3538
3539
3540
3541
3542
3543
3544
3545
3546
3547
3548
3549
3550
3551
3552
3553
3554
3555
3556
3557
3558
3559
3560
3561
3562
3563
3564
3565
3566
3567
3568
3569
3570
3571
3572
3573
3574
3575
3576
3577
3578
3579
3580
3581
3582
3583
// Use EA certificate for the encryption
if (p_enc_algo == e_nist_p256) {
if (ischosen(p_ea_certificate.toBeSigned.encryptionKey.publicKey.eciesNistP256.compressed_y_0)) {
v_public_enc_key := p_ea_certificate.toBeSigned.encryptionKey.publicKey.eciesNistP256.compressed_y_0;
v_compressed_mode := 0;
} else if (ischosen(p_ea_certificate.toBeSigned.encryptionKey.publicKey.eciesNistP256.compressed_y_1)) {
v_public_enc_key := p_ea_certificate.toBeSigned.encryptionKey.publicKey.eciesNistP256.compressed_y_1;
v_compressed_mode := 1;
} else {
log("f_generate_inner_at_request_with_wrong_parameters: Wrong NistP256 encryption variant");
return false;
}
v_enc_signed_ec_signature := f_encryptWithEciesNistp256WithSha256(bit2oct(encvalue(v_signed_at_signature)), v_public_enc_key, v_compressed_mode, p_salt, v_public_compressed_ephemeral_key, v_public_compressed_ephemeral_mode, v_aes_sym_key, v_encrypted_sym_key, v_authentication_vector, v_nonce);
if (v_public_compressed_ephemeral_mode == 0) {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_public_compressed_ephemeral_key));
} else {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_public_compressed_ephemeral_key));
}
v_encrypted_data_encryption_key := valueof(
m_encryptedDataEncryptionKey_eciesNistP256(
m_evciesP256EncryptedKey(
v_eccP256_curve_point,
v_encrypted_sym_key,
v_authentication_vector
)));
} else if (p_enc_algo == e_brainpool_p256_r1) {
if (ischosen(p_ea_certificate.toBeSigned.encryptionKey.publicKey.eciesBrainpoolP256r1.compressed_y_0)) {
v_public_enc_key := p_ea_certificate.toBeSigned.encryptionKey.publicKey.eciesBrainpoolP256r1.compressed_y_0;
v_compressed_mode := 0;
} else if (ischosen(p_ea_certificate.toBeSigned.encryptionKey.publicKey.eciesBrainpoolP256r1.compressed_y_1)) {
v_public_enc_key := p_ea_certificate.toBeSigned.encryptionKey.publicKey.eciesBrainpoolP256r1.compressed_y_1;
v_compressed_mode := 1;
} else {
log("f_generate_inner_at_request_with_wrong_parameters: Wrong BrainpoolP256r1 encryption variant");
return false;
}
v_enc_signed_ec_signature := f_encryptWithEciesBrainpoolp256r1WithSha256(bit2oct(encvalue(v_signed_at_signature)), v_public_enc_key, v_compressed_mode, p_salt, v_public_compressed_ephemeral_key, v_public_compressed_ephemeral_mode, v_aes_sym_key, v_encrypted_sym_key, v_authentication_vector, v_nonce);
if (v_public_compressed_ephemeral_mode == 0) {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_public_compressed_ephemeral_key));
} else {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_public_compressed_ephemeral_key));
}
v_encrypted_data_encryption_key := valueof(
m_encryptedDataEncryptionKey_eciesBrainpoolP256r1(
m_evciesP256EncryptedKey(
v_eccP256_curve_point,
v_encrypted_sym_key,
v_authentication_vector
)));
} else if (p_enc_algo == e_sm2_p256) { // FIXME FSCOM
} else {
log("f_generate_inner_at_request_with_wrong_parameters: Wrong encryption variant");
return false;
}
log("f_generate_inner_at_request_with_wrong_parameters: v_encrypted_data_encryption_key= ", v_encrypted_data_encryption_key);
v_recipientId := p_ea_hashed_id8; // RecipientId is the HashedId8 of the EA certificate
log("f_generate_inner_at_request_with_wrong_parameters: v_recipientId= ", v_recipientId);
// Fill Certificate template with the public compressed keys (canonical form)
p_inner_at_request.ecSignature := valueof(
m_ec_signature(
m_etsiTs103097Data_encrypted(
m_encryptedData(
{
m_recipientInfo_certRecipInfo(
m_pKRecipientInfo(
v_recipientId,
m_symmetricCiphertext_aes128ccm(
3606
3607
3608
3609
3610
3611
3612
3613
3614
3615
3616
3617
3618
3619
3620
3621
3622
3623
3624
3625
3626
3627
3628
3629
3630
3631
3632
3633
3634
3635
3636
3637
3638
3639
3640
3641
3642
3643
3644
3645
3646
3647
3648
3649
m_aesCcmCiphertext(
v_nonce,
v_enc_signed_ec_signature
)
)
)
)
)
);
} else { // Skip the encryption, alowed to be re-identified by the AA
p_inner_at_request.ecSignature := valueof(m_ec_signature_ext_payload(v_signed_at_signature));
}
// Build the InnerAtRequest, EcSignature field is already set
if (ischosen(p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256)) {
if (p_compressed_key_mode == 0) {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_public_key_x));
} else {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_public_key_x));
}
v_public_verification_key := valueof(m_publicVerificationKey_ecdsaNistP256(v_eccP256_curve_point));
} else if (ischosen(p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1)) {
if (p_compressed_key_mode == 0) {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_public_key_x));
} else {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_public_key_x));
}
v_public_verification_key := valueof(m_publicVerificationKey_ecdsaBrainpoolP256r1(v_eccP256_curve_point));
} else {
var EccP384CurvePoint v_eccP384_curve_point;
if (p_compressed_key_mode == 0) {
v_eccP384_curve_point := valueof(m_eccP384CurvePoint_compressed_y_0(v_public_key_x));
} else {
v_eccP384_curve_point := valueof(m_eccP384CurvePoint_compressed_y_1(v_public_key_x));
}
v_public_verification_key := valueof(m_publicVerificationKey_ecdsaBrainpoolP384r1(v_eccP384_curve_point));
}
if (PX_INCLUDE_ENCRYPTION_KEYS) {
if (p_compressed_enc_key_mode == 0) {
v_enc_eccP256_curve_point := m_eccP256CurvePoint_compressed_y_0(v_public_enc_key_x);
} else {
v_enc_eccP256_curve_point := m_eccP256CurvePoint_compressed_y_1(v_public_enc_key_x);
}
if (p_enc_algo == e_nist_p256) {
v_public_encryption_key := valueof(m_publicEncryptionKey_eciesNistP256(v_enc_eccP256_curve_point));
} else if (PX_VE_ALG == e_sm2_p256) { // FIXME FSCOM
3651
3652
3653
3654
3655
3656
3657
3658
3659
3660
3661
3662
3663
3664
3665
3666
3667
3668
3669
3670
3671
} else {
v_public_encryption_key := valueof(m_publicEncryptionKey_eciesBrainpoolP256r1(v_enc_eccP256_curve_point));
}
p_inner_at_request.publicKeys := valueof( // The freshly generated public verification & encrypition keys to be used for the requested AT certificate
m_publicKeys(
v_public_verification_key,
m_encryptionKey( // FIXME Encryption keys could be optional
-,
v_public_encryption_key
)
)
);
} else {
p_inner_at_request.publicKeys := valueof( // The freshly generated public verification keys to be used for the requested AT certificate
m_publicKeys(
v_public_verification_key
)
);
}
p_inner_at_request.hmacKey := v_hmac_key;
log("f_generate_inner_at_request_with_wrong_parameters: p_inner_at_request= ", p_inner_at_request);
return true;
} // End of function f_generate_inner_at_request_with_wrong_parameters
function f_verify_inner_at_request_signed_for_pop(
in EtsiTs102941Data p_etsi_ts_102941_data,
in template (omit) EtsiTs103097Certificate p_ec_certificate,
out InnerAtRequest p_inner_at_request
) return boolean {
var bitstring v_msg_bit;
log(">>> f_verify_inner_at_request_signed_for_pop: p_etsi_ts_102941_data=", p_etsi_ts_102941_data);
log(">>> f_verify_inner_at_request_signed_for_pop: p_ec_certificate=", p_ec_certificate);
// 1. Extract content
p_inner_at_request := p_etsi_ts_102941_data.content.authorizationRequest;
// 2. Verify the InnerEcRequestSignedForPop signature
// TODO
log("<<< f_verify_inner_at_request_signed_for_pop: ", p_inner_at_request);
return true;
} // End of function f_verify_inner_at_request_signed_for_pop
function f_generate_inner_at_response(
in octetstring p_authorization_request_hash,
in EtsiTs103097Certificate p_certificate,
out InnerAtResponse p_authorization_response
) return boolean {
// Local variables
// Build the Proof of Possession InnerEcResponse
p_authorization_response := valueof(
m_innerAtResponse_ok(
substr(p_authorization_request_hash, 0, 16),
p_certificate
)
);
return true;
} // End of function f_generate_inner_at_response
group bfk {
function f_generate_ee_ra_cert_request(
out octetstring p_caterpillar_private_key,
out octetstring p_caterpillar_public_key_compressed,
out integer p_caterpillar_compressed_mode,
Yann Garcia
committed
out octetstring p_caterpillar_enc_private_key,
out octetstring p_caterpillar_enc_public_key_compressed,
out integer p_caterpillar_enc_compressed_mode,
out EeRaCertRequest p_ee_ra_cert_request
) runs on ItsPkiHttp return boolean {
var octetstring v_public_key_x;
var octetstring v_public_key_y;
var EccP256CurvePoint v_ecc_p256_curve_point;
Yann Garcia
committed
var EccP256CurvePoint v_ecc_enc_p256_curve_point;
var SequenceOfPsidSsp v_appPermissions := { // ETSI TS 102 965 Table A.1: ETSI ITS standardized ITS-AIDs
valueof(m_appPermissions(36, { bitmapSsp := PX_INNER_EC_CERTFICATE_BITMAP_SSP_CAM })),
valueof(m_appPermissions(37, { bitmapSsp := PX_INNER_EC_CERTFICATE_BITMAP_SSP_DENM }))
};
var PublicVerificationKey v_public_verification_key;
var template (value) ToBeSignedCertificate v_tbs;
log (">>> f_generate_ee_ra_cert_request");
log("f_generate_ee_ra_cert_request: PX_VE_ALG=", PX_VE_ALG);
Yann Garcia
committed
// Generate caterpillar signing keys
if (PX_BFK_TEST_VECTORS) {
p_caterpillar_private_key := 'D418760F0CB2DCB856BC3C7217AD3AA36DB6742AE1DB655A3D28DF88CBBF84E1'O;
p_caterpillar_public_key_compressed := 'EE9CC7FBD9EDECEA41F7C8BD258E8D2E988E75BD069ADDCA1E5A38E534AC6818'O;
p_caterpillar_compressed_mode := 1;
} else {
if (f_generate_key_pair(p_caterpillar_private_key, v_public_key_x, v_public_key_y, p_caterpillar_public_key_compressed, p_caterpillar_compressed_mode) == false) {
log("f_generate_ee_ra_cert_request: Failed to generate caterpillar keys");
return false;
}
3750
3751
3752
3753
3754
3755
3756
3757
3758
3759
3760
3761
3762
3763
3764
3765
3766
3767
3768
3769
3770
3771
3772
3773
3774
3775
3776
3777
3778
3779
3780
3781
3782
3783
3784
3785
3786
3787
3788
3789
3790
3791
3792
3793
}
log ("f_generate_ee_ra_cert_request: Caterpillar private key: ", p_caterpillar_private_key);
log ("f_generate_ee_ra_cert_request: Caterpillar public compressed key: ", p_caterpillar_public_key_compressed);
log ("f_generate_ee_ra_cert_request: Caterpillar public compressed mode: ", p_caterpillar_compressed_mode);
if (p_caterpillar_compressed_mode == 0) {
v_ecc_p256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(p_caterpillar_public_key_compressed));
} else {
v_ecc_p256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(p_caterpillar_public_key_compressed));
}
if (PX_EC_ALG_FOR_EC == e_nist_p256) {
v_public_verification_key := valueof(
m_publicVerificationKey_ecdsaNistP256(
v_ecc_p256_curve_point
));
} else if (PX_EC_ALG_FOR_EC == e_nist_p384) { // FIXME FSCOM
// v_public_verification_key := valueof(
// m_publicVerificationKey_ecdsaNistP384(
// v_ecc_p384_curve_point
// ));
} else if (PX_EC_ALG_FOR_EC == e_brainpool_p256_r1) {
v_public_verification_key := valueof(
m_publicVerificationKey_ecdsaBrainpoolP256r1(
v_ecc_p256_curve_point
));
} else if (PX_EC_ALG_FOR_EC == e_brainpool_p384_r1) { // FIXME FSCOM
// v_public_verification_key := valueof(
// m_publicVerificationKey_ecdsaBrainpoolP384r1(
// v_ecc_p384_curve_point
// ));
} else if (PX_EC_ALG_FOR_EC == e_sm2_p256) { // FIXME FSCOM
} else {
log("f_generate_ee_ra_cert_request: Wrong encryption algorithm, check PX_EC_ALG_FOR_xx");
return false;
}
v_tbs := m_bfk_to_be_signed_certificate(
{ none_ := NULL },
v_appPermissions,
m_verificationKeyIndicator_verificationKey(
v_public_verification_key
),
m_validityPeriod(
f_getCurrentTime() / 1000,
m_duration_in_hours(PX_GENERATED_CERTIFICATE_DURATION - 1)
),
m_geographicRegion_identifiedRegion(
{
m_identifiedRegion_country_only(PX_GENERATED_CERTIFICATE_REGION_COUNTRY_2),
m_identifiedRegion_country_only(PX_GENERATED_CERTIFICATE_REGION_COUNTRY_2)
}
),
PX_GENERATED_CERTIFICATE_SUBJECT_ASSURENCE_LEVEL
);
Yann Garcia
committed
// Generate caterpillar encryption keys
if (PX_BFK_TEST_VECTORS) {
p_caterpillar_enc_private_key := '4840ed221502d9ab6786bf68fba9f210373bf2215a6709ea59ce8cfd8e09b24d'O;
p_caterpillar_enc_public_key_compressed := '9a2375d5631ca55a522d03fca8daa95a7978620d6798502b4fe4a006de2f7c19'O;
p_caterpillar_enc_compressed_mode := 0;
} else {
if (f_generate_key_pair_for_encryption(e_nist_p256, p_caterpillar_enc_private_key, v_public_key_x, v_public_key_y, p_caterpillar_enc_public_key_compressed, p_caterpillar_enc_compressed_mode) == false) {
log("f_generate_ee_ra_cert_request: Failed to generate caterpillar keys");
return false;
}
Yann Garcia
committed
}
log ("f_generate_ee_ra_cert_request: Caterpillar encryption private key: ", p_caterpillar_enc_private_key);
log ("f_generate_ee_ra_cert_request: Caterpillar encryption public compressed key: ", p_caterpillar_enc_public_key_compressed);
log ("f_generate_ee_ra_cert_request: Caterpillar encryption public compressed mode: ", p_caterpillar_enc_compressed_mode);
Yann Garcia
committed
if (p_caterpillar_enc_compressed_mode == 0) {
v_ecc_enc_p256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(p_caterpillar_enc_public_key_compressed));
} else {
v_ecc_enc_p256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(p_caterpillar_enc_public_key_compressed));
}
if (PICS_SECPKI_ORIGINAL_BFK_KEY) {
var Oct16 v_kS;
f_generate_bkf_signing_key_expension(v_kS);
log ("f_generate_ee_ra_cert_request: v_kS: ", v_kS);
var Oct16 v_kE;
f_generate_bkf_enc_key_expension(v_kE);
log ("f_generate_ee_ra_cert_request: v_kE: ", v_kE);
// For Debug purposes, to be removed later
// log ("f_generate_ee_ra_cert_request: v_signing_expansion_key: ", v_signing_expansion_key);
// var octetstring v_expanded_caterpillar_private_key;
// f_bfk_expend_private_key(v_signing_expansion_key, p_caterpillar_private_key, v_expanded_caterpillar_private_key);
// log ("f_generate_ee_ra_cert_request: v_expanded_caterpillar_private_key: ", v_expanded_caterpillar_private_key);
// var octetstring v_caterpillar_expended_public_key_compressed;
// var integer v_caterpillar_expended_compressed_mode;
// f_bfk_expend_public_key(v_signing_expansion_key, p_caterpillar_public_key_compressed, p_caterpillar_compressed_mode, v_caterpillar_expended_public_key_compressed, v_caterpillar_expended_compressed_mode);
// log ("f_generate_ee_ra_cert_request: v_caterpillar_expended_public_key_compressed: ", v_caterpillar_expended_public_key_compressed);
// log ("f_generate_ee_ra_cert_request: v_caterpillar_expended_compressed_mode: ", v_caterpillar_expended_compressed_mode);
// //v_expanded_caterpillar_private_key[5] := 'FF'O;
// var boolean v_verif := f_bfk_verify_expended_keys(v_expanded_caterpillar_private_key, v_caterpillar_expended_public_key_compressed, v_caterpillar_expended_compressed_mode);
// stop;
Yann Garcia
committed
p_ee_ra_cert_request := valueof(
m_ee_ra_cert_request(
f_getCurrentTime() / 1000,
explicit,
v_tbs,
m_additional_params_original(
m_butterfly_params_original(
m_butterfly_expansion_aes128(
v_kS
),
m_encryptionKey(
-,
m_publicEncryptionKey_eciesNistP256(
v_ecc_enc_p256_curve_point
)),
m_butterfly_expansion_aes128(
v_kE
Yann Garcia
committed
)))));
} else if (PICS_SECPKI_UNIFIED_BFK_KEY) {
var octetstring v_kS;
f_generate_bkf_signing_key_expension(v_kS);
log ("f_generate_ee_ra_cert_request: v_kS: ", v_kS);
Yann Garcia
committed
p_ee_ra_cert_request := valueof(
m_ee_ra_cert_request(
f_getCurrentTime(),
explicit,
v_tbs,
m_additional_params_unified(
m_butterfly_expansion_aes128(
v_kS
Yann Garcia
committed
))));
} else {
log("f_generate_ee_ra_cert_request: Wrong configuration, at least one (PICS_SECPKI_ORIGINAL_BFK_KEY, PICS_SECPKI_UNIFIED_BFK_KEY) of shall be set to true");
return false;
}
log("f_generate_ee_ra_cert_request: p_ee_ra_cert_request: ", p_ee_ra_cert_request);
return true;
} // End of function f_generate_ee_ra_cert_request
3884
3885
3886
3887
3888
3889
3890
3891
3892
3893
3894
3895
3896
3897
3898
3899
3900
3901
3902
3903
3904
3905
3906
3907
3908
3909
3910
3911
3912
3913
3914
3915
3916
3917
3918
3919
3920
3921
3922
3923
3924
3925
3926
3927
3928
3929
3930
3931
3932
3933
3934
3935
3936
3937
3938
3939
3940
3941
3942
3943
3944
3945
3946
3947
3948
3949
3950
3951
3952
3953
3954
3955
3956
3957
3958
3959
3960
3961
3962
3963
3964
3965
3966
3967
3968
3969
3970
3971
3972
3973
3974
3975
3976
3977
3978
3979
3980
3981
3982
3983
3984
3985
3986
3987
3988
3989
3990
3991
3992
3993
3994
3995
3996
3997
3998
3999
4000
function f_generate_bfk_batch(
in EeRaCertRequest p_ee_ra_cert_request,
out BfkCertificates p_bfk_batch_certificates,
out integer p_bfk_batch_counter
) return boolean {
log(">>> f_generate_bfk_batch: p_ee_ra_cert_request: ", p_ee_ra_cert_request);
p_bfk_batch_certificates := {};
p_bfk_batch_counter := 0;
if (ischosen(p_ee_ra_cert_request.additionalParams.original)) {
// Extract caterpillar public key
var octetstring v_caterpillar_public_key_compressed;
var integer v_caterpillar_compressed_mode;
if (ischosen(p_ee_ra_cert_request.tbsCert.verifyKeyIndicator.verificationKey.ecdsaNistP256)) {
if (ischosen(p_ee_ra_cert_request.tbsCert.verifyKeyIndicator.verificationKey.ecdsaNistP256.compressed_y_0)) {
v_caterpillar_public_key_compressed := p_ee_ra_cert_request.tbsCert.verifyKeyIndicator.verificationKey.ecdsaNistP256.compressed_y_0;
v_caterpillar_compressed_mode := 0;
} else if (ischosen(p_ee_ra_cert_request.tbsCert.verifyKeyIndicator.verificationKey.ecdsaNistP256.compressed_y_1)) {
v_caterpillar_public_key_compressed := p_ee_ra_cert_request.tbsCert.verifyKeyIndicator.verificationKey.ecdsaNistP256.compressed_y_1;
v_caterpillar_compressed_mode := 1;
} else {
log("f_generate_bfk_batch: Non canonicalized tbsCert");
return false;
}
}
// Extract encryprion expension key
var octetstring v_caterpillar_enc_public_key_compressed;
var integer v_caterpillar_enc_compressed_mode;
if (ischosen(p_ee_ra_cert_request.additionalParams.original.encryptionKey.publicKey.eciesNistP256.compressed_y_0)) {
v_caterpillar_enc_public_key_compressed := p_ee_ra_cert_request.additionalParams.original.encryptionKey.publicKey.eciesNistP256.compressed_y_0;
v_caterpillar_enc_compressed_mode := 0;
} else if (ischosen(p_ee_ra_cert_request.additionalParams.original.encryptionKey.publicKey.eciesNistP256.compressed_y_1)) {
v_caterpillar_enc_public_key_compressed := p_ee_ra_cert_request.additionalParams.original.encryptionKey.publicKey.eciesNistP256.compressed_y_1;
v_caterpillar_enc_compressed_mode := 1;
} else {
log("f_generate_bfk_batch: Non canonicalized tbsCert");
return false;
}
{ // Loop
// Create an expension key for both signing and encrytion
var octetstring v_signing_expension_key;
f_generate_bkf_signing_key_expension(v_signing_expension_key);
log("f_generate_bfk_batch: v_signing_expension_key: ", v_signing_expension_key);
var octetstring v_enc_expension_key;
f_generate_bkf_enc_key_expension(v_enc_expension_key);
log("f_generate_bfk_batch: v_enc_expension_key: ", v_enc_expension_key);
var octetstring v_caterpillar_expended_public_key_compressed;
var integer v_caterpillar_expended_compressed_mode;
f_bfk_expend_public_key(
v_signing_expension_key,
v_caterpillar_public_key_compressed, v_caterpillar_compressed_mode,
v_caterpillar_expended_public_key_compressed, v_caterpillar_expended_compressed_mode
);
log ("f_generate_bfk_batch: v_caterpillar_expended_public_key_compressed: ", v_caterpillar_expended_public_key_compressed);
log ("f_generate_bfk_batch: v_caterpillar_expended_compressed_mode: ", v_caterpillar_expended_compressed_mode);
var octetstring v_caterpillar_expended_enc_public_key_compressed;
var integer v_caterpillar_expended_enc_compressed_mode;
f_bfk_expend_public_key(
v_enc_expension_key,
v_caterpillar_enc_public_key_compressed, v_caterpillar_enc_compressed_mode,
v_caterpillar_expended_enc_public_key_compressed, v_caterpillar_expended_enc_compressed_mode
);
log ("f_generate_bfk_batch: v_caterpillar_enc_public_key_compressed: ", v_caterpillar_enc_public_key_compressed);
log ("f_generate_bfk_batch: v_caterpillar_expended_enc_compressed_mode: ", v_caterpillar_expended_enc_compressed_mode);
// The new verirfication key are the new coccon key - ETSI TS 102 941 V2.1.1 Clause 6.2.3.5.4 Butterfly certificate request
/*var EcdsaNistP256 v_signing_key;
if (v_caterpillar_expended_compressed_mode == 0) {
v_signing_key.compressed_y_0 := v_caterpillar_expended_public_key_compressed;
} else {
v_signing_key.compressed_y_1 := v_caterpillar_expended_public_key_compressed;
}
// The encryption key are the new enc derived key
var EciesNistP256 v_enc_key;
if (v_caterpillar_expended_enc_compressed_mode == 0) {
v_enc_key.compressed_y_0 := v_caterpillar_enc_public_key_compressed;
} else {
v_enc_key.compressed_y_1 := v_caterpillar_enc_public_key_compressed;
}
// Generate the certificate based on p_ee_ra_cert_request.content.butterflyAuthorizationRequest.tbsCert and enxpended keys
// TODO Load AA certificate
var EtsiTs103097Certificate v_cert := m_etsiTs103097Certificate(
in template (value) IssuerIdentifier p_issuer,
m_toBeSignedCertificate_at(
p_ee_ra_cert_request.tbsCert.appPermissions,
m_verificationKeyIndicator_verificationKey(
m_publicVerificationKey_ecdsaNistP256(
v_signing_key
)),
p_ee_ra_cert_request.tbsCert.region,
p_ee_ra_cert_request.tbsCert.assuranceLevel
m_encryptionKey(
-,
m_publicEncryptionKey_eciesNistP256(
v_enc_key
))),
-,
p_ee_ra_cert_request.type_
);
log("f_generate_bfk_batch: AT toBeSigned:", v_cert.toBeSigned);*/
// Signed certificate with AA certicate
// Encode certfificate
// Compute whole-hash SHA256
// Extract HashedId8
p_bfk_batch_certificates := {};
p_bfk_batch_counter := p_bfk_batch_counter + 1;
} // End of 'for' statement
} else {
log("f_generate_bfk_batch: Not implemented yet");
return false;
}
log("<<< f_generate_bfk_batch: p_bfk_batch_certificates: ", p_bfk_batch_certificates);
log("<<< f_generate_bfk_batch: p_bfk_batch_counter: ", p_bfk_batch_counter);