Newer
Older
6002
6003
6004
6005
6006
6007
6008
6009
6010
6011
6012
6013
6014
6015
6016
6017
6018
6019
6020
6021
6022
6023
6024
6025
6026
6027
6028
6029
6030
6031
6032
6033
6034
6035
6036
6037
6038
6039
6040
6041
6042
6043
6044
6045
6046
6047
6048
6049
6050
6051
6052
6053
6054
6055
6056
6057
6058
6059
6060
6061
6062
6063
6064
6065
6066
6067
6068
6069
6070
6071
6072
6073
6074
6075
6076
6077
6078
function f_read_pki_request_message(
in Ieee1609Dot2Data p_encrypted_message,
in Oct32 p_private_enc_key,
in Oct32 p_salt,
out Oct16 p_request_hash,
out Oct16 p_aes_enc_key,
out Ieee1609Dot2Data p_decrypted_message,
out EtsiTs102941Data p_etsi_ts_102941_data
) return boolean {
var octetstring v_msg;
var boolean v_return_code := true;
// 1. Calculate the request Hash
v_msg := bit2oct(encvalue(p_encrypted_message));
log("f_read_pki_request_message: Encoded request: ", v_msg);
p_request_hash := substr(f_hashWithSha256(v_msg), 0, 16);
log("f_read_pki_request_message: p_request_hash= ", p_request_hash);
// 2. Decrypt message
log("f_read_pki_request_message: p_private_enc_key= ", p_private_enc_key);
if (false == f_decrypt(p_private_enc_key, p_encrypted_message, p_salt, p_decrypted_message, p_aes_enc_key)) {
log("f_read_pki_request_message: Failed to decrypt message");
return false;
}
log("f_read_pki_request_message: v_ieee1609dot2_signed_data= ", p_decrypted_message);
log("f_read_pki_request_message: p_aes_enc_key= ", p_aes_enc_key);
// 3. get TS 102 941 data
select(p_decrypted_message) {
case (mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload
)))) {
var bitstring v_msg_bit;
v_msg_bit := oct2bit(p_decrypted_message.content.signedData.tbsData.payload.data.content.unsecuredData);
if (decvalue(v_msg_bit, p_etsi_ts_102941_data) != 0) {
v_return_code := false;
}
}
case else {
v_return_code := false;
}
} // End of 'select' statement
return v_return_code;
} // End of function f_read_pki_request_message
function f_read_ec_request_from_iut_itss(
in Ieee1609Dot2Data p_encrypted_message,
out Oct16 p_request_hash,
out Oct16 p_aes_enc_key,
out Ieee1609Dot2Data p_decrypted_message,
out EtsiTs102941Data p_etsi_ts_102941_data,
out InnerEcRequest p_inner_ec_request
) runs on ItsPkiHttp return boolean {
// Local variables
var PublicVerificationKey v_canonical_key;
var EtsiTs103097Certificate v_ec_certificate;
var HashedId8 v_ec_certificate_hashed_id8;
var InnerEcResponse v_inner_ec_response;
if (f_read_pki_request_message(p_encrypted_message, vc_eaPrivateEncKey, vc_eaWholeHash/*salt*/,
p_request_hash, p_aes_enc_key,
p_decrypted_message,
p_etsi_ts_102941_data)) {
// decode InnerEcRequest
var bitstring v_msg_bit := oct2bit(p_etsi_ts_102941_data.content.enrolmentRequest.content.signedData.tbsData.payload.data.content.unsecuredData);
if (decvalue(v_msg_bit, p_inner_ec_request) != 0) {
log("f_read_ec_request_from_iut_itss: Failed to decode InnerEcRequest");
}
return true;
}
return false;
} // End of function f_read_ec_request_from_iut_itss
/**
* @desc Verify the protocol element of the Pki message.
* If p_check_security is set to false, only decryption and decoding of the outer message are verified.
* @param p_private_enc_key Private key for decryption
* @param p_salt
* @param p_p_ieee1609dot2_encrypted_and_signed_data
* @param p_check_security Set to true to verify PKI protocol element such as signatures...
* @param p_request_hash The request hash for to be used to build the response
* @param p_etsi_ts_102941_data The EtsiTs102941Data message
* @param p_aes_enc_key The AES 128 encrytion key to be used to encrypt the response
* @return true on success, false otherwise
*/
function f_verify_pki_request_message(
in Oct32 p_private_enc_key,
in Oct32 p_salt,
in octetstring p_issuer_hash,
in template (omit) PublicVerificationKey p_verification_key,
in Ieee1609Dot2Data p_ieee1609dot2_encrypted_and_signed_data,
in boolean p_check_security := true,
out Oct16 p_request_hash,
out EtsiTs102941Data p_etsi_ts_102941_data,
out Oct16 p_aes_enc_key
) return boolean {
// Local variables
var bitstring v_msg_bit;
var octetstring v_msg;
var Ieee1609Dot2Data v_ieee1609dot2_signed_data;
var Certificate v_certificate;
var charstring v_certificate_id;
log(">>> f_verify_pki_request_message: p_private_enc_key= ", p_private_enc_key);
log(">>> f_verify_pki_request_message: p_salt= ", p_salt);
log(">>> f_verify_pki_request_message: p_issuer_hash= ", p_issuer_hash);
log(">>> f_verify_pki_request_message: p_verification_key= ", p_verification_key);
log(">>> f_verify_pki_request_message: p_ieee1609dot2_encrypted_and_signed_data= ", p_ieee1609dot2_encrypted_and_signed_data);
// 1. Calculate the request Hash
v_msg := bit2oct(encvalue(p_ieee1609dot2_encrypted_and_signed_data));
log("f_verify_pki_request_message: Encoded request: ", v_msg);
v_hash := f_hashWithSha256(v_msg);
p_request_hash := substr(v_hash, 0, 16);
//p_bfk_request_hash := f_hashedId8FromSha256(v_hash);
log("f_verify_pki_request_message: p_request_hash= ", p_request_hash);
// 2. Decrypt the InnerEcRequest
log("f_verify_pki_request_message: p_private_enc_key= ", p_private_enc_key);
if (f_decrypt(p_private_enc_key, p_ieee1609dot2_encrypted_and_signed_data, p_salt, v_ieee1609dot2_signed_data, p_aes_enc_key) == false) {
log("f_verify_pki_request_message: Failed to decrypt message");
return false;
}
log("f_verify_pki_request_message: v_ieee1609dot2_signed_data= ", v_ieee1609dot2_signed_data);
log("f_verify_pki_request_message: p_aes_enc_key= ", p_aes_enc_key);
// 3. Check basics security
log(
match(
v_ieee1609dot2_signed_data,
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
YannGarcia
committed
mw_ieee1609Dot2_headerInfo(c_its_aid_SCR)
)
)
)));
if (match(v_ieee1609dot2_signed_data, mw_etsiTs103097Data_signed(mw_signedData(-, mw_toBeSignedData(mw_signedDataPayload)))) == false) {
log("f_verify_pki_request_message: Failed to check basic security");
if (p_check_security == true) {
return false;
}
}
// 4. Verifiy signature
log("f_verify_pki_request_message: v_ieee1609dot2_signed_data.content.signedData.tbsData= ", v_ieee1609dot2_signed_data.content.signedData.tbsData);
v_msg := bit2oct(encvalue(v_ieee1609dot2_signed_data.content.signedData.tbsData));
log("f_verify_pki_request_message: v_msg= ", v_msg);
if (not ispresent(p_verification_key)) {
var EtsiTs103097Certificate v_cert;
var charstring v_cert_id;
if (ischosen(v_ieee1609dot2_signed_data.content.signedData.signer.digest)) {
if (not f_getCertificateFromDigest(v_ieee1609dot2_signed_data.content.signedData.signer.digest, v_cert, v_cert_id)){
if (p_check_security == true) {
return false;
}
if (ischosen(v_ieee1609dot2_signed_data.content.signedData.signer.certificate)) {
if(lengthof(v_ieee1609dot2_signed_data.content.signedData.signer.certificate) > 0) {
v_cert := v_ieee1609dot2_signed_data.content.signedData.signer.certificate[0];
if (isbound(v_cert)) {
if(ischosen(v_cert.toBeSigned.verifyKeyIndicator.verificationKey)){
p_verification_key := v_cert.toBeSigned.verifyKeyIndicator.verificationKey;
}
if (ispresent(p_verification_key)) {
if (false == f_verifyEcdsa(v_msg, int2oct(0, 32), v_ieee1609dot2_signed_data.content.signedData.signature_, valueof(p_verification_key))) {
if (p_check_security == true) {
return false;
}
}
}
// 5. Return the PKI message
log("f_verify_pki_request_message: v_ieee1609dot2_signed_data.content.signedData.tbsData.payload.data.content.unsecuredData= ", v_ieee1609dot2_signed_data.content.signedData.tbsData.payload.data.content.unsecuredData);
v_msg_bit := oct2bit(v_ieee1609dot2_signed_data.content.signedData.tbsData.payload.data.content.unsecuredData);
if (decvalue(v_msg_bit, p_etsi_ts_102941_data) != 0) {
if (p_check_security == true) {
return false;
}
}
if (p_etsi_ts_102941_data.version != PkiProtocolVersion) {
if (p_check_security == true) {
return false;
}
}
log("<<< f_verify_pki_request_message: true");
return true;
} // End of function f_verify_pki_request_message
YannGarcia
committed
6205
6206
6207
6208
6209
6210
6211
6212
6213
6214
6215
6216
6217
6218
6219
6220
6221
6222
6223
6224
6225
6226
6227
6228
6229
6230
6231
6232
6233
6234
6235
6236
6237
6238
6239
6240
6241
6242
6243
6244
6245
6246
6247
6248
6249
6250
6251
6252
6253
6254
6255
6256
6257
6258
6259
6260
6261
6262
6263
6264
6265
6266
6267
6268
6269
6270
6271
6272
6273
6274
6275
6276
6277
6278
6279
6280
6281
6282
6283
6284
6285
6286
6287
6288
6289
6290
6291
6292
6293
6294
6295
6296
6297
6298
6299
6300
6301
6302
6303
6304
6305
6306
6307
/**
* @desc Verify the protocol element of the Pki message.
* If p_check_security is set to false, only decryption and decoding of the outer message are verified.
* @param p_private_enc_key Private key for decryption
* @param p_salt
* @param p_p_ieee1609dot2_encrypted_and_signed_data
* @param p_check_security Set to true to verify PKI protocol element such as signatures...
* @param p_request_hash The request hash for to be used to build the response
* @param p_etsi_ts_102941_data The EtsiTs102941Data message
* @param p_aes_enc_key The AES 128 encrytion key to be used to encrypt the response
* @return true on success, false otherwise
*/
function f_verify_pki_request_message_with_certificate(
in Oct32 p_private_enc_key,
in Oct32 p_salt,
in EtsiTs103097Certificate p_signer_certificate,
in Ieee1609Dot2Data p_ieee1609dot2_encrypted_and_signed_data,
in boolean p_check_security := true,
out Oct16 p_request_hash,
out HashedId8 p_bfk_request_hash,
out EtsiTs102941Data p_etsi_ts_102941_data,
out Oct16 p_aes_enc_key
) return boolean {
// Local variables
var bitstring v_msg_bit;
var octetstring v_msg;
var Oct32 v_hash;
var Ieee1609Dot2Data v_ieee1609dot2_signed_data;
log(">>> f_verify_pki_request_message_with_certificate: p_private_enc_key= ", p_private_enc_key);
log(">>> f_verify_pki_request_message_with_certificate: p_salt= ", p_salt);
log(">>> f_verify_pki_request_message_with_certificate: p_signer_certificate= ", p_signer_certificate);
log(">>> f_verify_pki_request_message_with_certificate: p_ieee1609dot2_encrypted_and_signed_data= ", p_ieee1609dot2_encrypted_and_signed_data);
// 1. Calculate the request Hash
v_msg := bit2oct(encvalue(p_ieee1609dot2_encrypted_and_signed_data));
log("f_verify_pki_request_message_with_certificate: Encoded request: ", v_msg);
v_hash := f_hashWithSha256(v_msg);
p_request_hash := substr(v_hash, 0, 16);
//p_bfk_request_hash := f_hashedId8FromSha256(v_hash);
log("f_verify_pki_request_message_with_certificate: p_request_hash= ", p_request_hash);
// 2. Decrypt the InnerEcRequest
log("f_verify_pki_request_message_with_certificate: p_private_enc_key= ", p_private_enc_key);
if (f_decrypt(p_private_enc_key, p_ieee1609dot2_encrypted_and_signed_data, p_salt, v_ieee1609dot2_signed_data, p_aes_enc_key) == false) {
log("f_verify_pki_request_message_with_certificate: Failed to decrypt message");
return false;
}
log("f_verify_pki_request_message_with_certificate: v_ieee1609dot2_signed_data= ", v_ieee1609dot2_signed_data);
log("f_verify_pki_request_message_with_certificate: p_aes_enc_key= ", p_aes_enc_key);
// 3. Check basics security
log(
match(
v_ieee1609dot2_signed_data,
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_ieee1609Dot2_headerInfo(c_its_aid_SCR)
)
)
)));
if (match(v_ieee1609dot2_signed_data, mw_etsiTs103097Data_signed(mw_signedData(-, mw_toBeSignedData(mw_signedDataPayload)))) == false) {
log("f_verify_pki_request_message_with_certificate: Failed to check basic security");
if (p_check_security == true) {
return false;
}
}
// 4. Verifiy signature
log("f_verify_pki_request_message_with_certificate: v_ieee1609dot2_signed_data.content.signedData.tbsData= ", v_ieee1609dot2_signed_data.content.signedData.tbsData);
v_msg := bit2oct(encvalue(v_ieee1609dot2_signed_data.content.signedData.tbsData));
log("f_verify_pki_request_message_with_certificate: v_msg= ", v_msg);
var octetstring v_enc := bit2oct(encvalue(p_signer_certificate));
var Oct32 v_issuer := f_hashWithSha256(v_enc);
log("f_verify_pki_request_message_with_certificate: signing issuer= ", v_issuer);
if (f_verifyEcdsa(v_msg, v_issuer, v_ieee1609dot2_signed_data.content.signedData.signature_, p_signer_certificate.toBeSigned.verifyKeyIndicator.verificationKey) == false) {
if (p_check_security == true) {
return false;
}
}
// 4. Return the PKI message
log("f_verify_pki_request_message_with_certificate: v_ieee1609dot2_signed_data.content.signedData.tbsData.payload.data.content.unsecuredData= ", v_ieee1609dot2_signed_data.content.signedData.tbsData.payload.data.content.unsecuredData);
v_msg_bit := oct2bit(v_ieee1609dot2_signed_data.content.signedData.tbsData.payload.data.content.unsecuredData);
if (decvalue(v_msg_bit, p_etsi_ts_102941_data) != 0) {
if (p_check_security == true) {
return false;
}
}
if (p_etsi_ts_102941_data.version != PkiProtocolVersion) {
if (p_check_security == true) {
return false;
}
}
log("<<< f_verify_pki_request_message_with_certificate: true");
return true;
} // End of function f_verify_pki_request_message_with_certificate_with_certificate
6308
6309
6310
6311
6312
6313
6314
6315
6316
6317
6318
6319
6320
6321
6322
6323
6324
6325
6326
6327
6328
6329
6330
6331
6332
6333
6334
6335
6336
6337
6338
6339
6340
6341
/**
* @desc Verify the protocol element of the Pki message.
* If p_check_security is set to false, only decryption and decoding of the outer message are verified.
* @param p_private_key Private key for decryption
* @param p_publicEphemeralCompressedKey
* @param p_publicEphemeralCompressedKeyMode
* @param p_issuer Issuer
* @param p_certificate Certificate to use for verification key
* @param p_ieee1609dot2_encrypted_and_signed_data The received encrypted and signed data
* @param p_check_security Set to true to verify PKI protocol element such as signatures...
* @param p_response_type Response type (0: InnerEcResponse, 1: InnerAtResponse...). Default: 0
* @param p_etsi_ts_102941_data The EtsiTs102941Data message
* @return true on success, false otherwise
*/
function f_verify_pki_response_message(
in octetstring p_private_enc_key,
in Oct16 p_aes_sym_key,
in Oct16 p_authentication_vector, // TODO Tobe removed
in octetstring p_issuer,
in Ieee1609Dot2Data p_ieee1609dot2_encrypted_and_signed_data,
in boolean p_check_security := true,
in integer p_response_type := 0,
out EtsiTs102941Data p_etsi_ts_102941_data
) return boolean {
// Local variables
var octetstring v_public_enc_key;
var integer v_compressed_enc_key_mode;
var octetstring v_plain_message;
var Ieee1609Dot2Data v_ieee1609dot2_signed_data;
var Certificate v_certificate;
var charstring v_certificate_id;
var bitstring v_etsi_ts_102941_data_msg;
var bitstring v_tbs;
var boolean v_ret;
log(">>> f_verify_pki_response_message: p_private_enc_key= ", p_private_enc_key);
log(">>> f_verify_pki_response_message: p_aes_sym_key= ", p_aes_sym_key);
log(">>> f_verify_pki_response_message: p_authentication_vector= ", p_authentication_vector);
log(">>> f_verify_pki_response_message: p_issuer= ", p_issuer);
log(">>> f_verify_pki_response_message: p_check_security= ", p_check_security);
log(">>> f_verify_pki_response_message: p_response_type= ", p_response_type);
// TODO Check p_ieee1609dot2_encrypted_and_signed_data.content.encryptedData.recipients[0].pskRecipInfo. See IEEE Std 1609.2-2017 Clause 6.3.34 PreSharedKeyRecipientInfo
// 1. Decrypt the data
v_plain_message := fx_decrypt_aes_128_ccm_test(p_aes_sym_key, p_ieee1609dot2_encrypted_and_signed_data.content.encryptedData.ciphertext.aes128ccm.nonce, p_ieee1609dot2_encrypted_and_signed_data.content.encryptedData.ciphertext.aes128ccm.ccmCiphertext);
if (isbound(v_plain_message) == false) {
return false;
}
log("f_verify_pki_response_message: v_plain_message= ", v_plain_message);
// 2. Decode it
v_tbs := oct2bit(v_plain_message);
if (decvalue(v_tbs, v_ieee1609dot2_signed_data) != 0) {
return false;
}
log("f_verify_pki_response_message: v_ieee1609dot2_signed_data= ", v_ieee1609dot2_signed_data);
6366
6367
6368
6369
6370
6371
6372
6373
6374
6375
6376
6377
6378
6379
6380
6381
6382
6383
6384
6385
6386
6387
6388
6389
// 3. Check the signature
log("f_verify_pki_response_message: v_ieee1609dot2_signed_data.content.signedData.tbsData= ", v_ieee1609dot2_signed_data.content.signedData.tbsData);
v_tbs := encvalue(v_ieee1609dot2_signed_data.content.signedData.tbsData);
if (f_getCertificateFromDigest(v_ieee1609dot2_signed_data.content.signedData.signer.digest, v_certificate, v_certificate_id) == false) {
if (p_check_security == true) {
return false;
}
}
if (f_verifyEcdsa(bit2oct(v_tbs), p_issuer, v_ieee1609dot2_signed_data.content.signedData.signature_, v_certificate.toBeSigned.verifyKeyIndicator.verificationKey) == false) {
if (p_check_security == true) {
return false;
}
}
// 4. Verify EtsiTs103097Data-Signed HeaderInfo
// TODO Parameter p_response_type seems to be useless
if ((p_response_type == 0) or (p_response_type == 1)) { // InnerEcResponse & InnerAtResponse
log("f_verify_pki_response_message: headerInfo matching= ", match(v_ieee1609dot2_signed_data.content.signedData.tbsData.headerInfo, mw_headerInfo_inner_pki_response));
if (match(v_ieee1609dot2_signed_data.content.signedData.tbsData.headerInfo, mw_headerInfo_inner_pki_response) == false) {
if (p_check_security == true) {
return false;
}
}
} // else, no check
// 5. Return the PKI message
log("f_verify_pki_response_message: v_ieee1609dot2_signed_data.content.signedData.tbsData.payload.data.content.unsecuredData= ", v_ieee1609dot2_signed_data.content.signedData.tbsData.payload.data.content.unsecuredData);
v_etsi_ts_102941_data_msg := oct2bit(v_ieee1609dot2_signed_data.content.signedData.tbsData.payload.data.content.unsecuredData);
if (decvalue(v_etsi_ts_102941_data_msg, p_etsi_ts_102941_data) != 0) {
return false;
}
if (p_etsi_ts_102941_data.version != PkiProtocolVersion) {
return false;
}
return true;
} // End of function f_verify_pki_response_message
YannGarcia
committed
function f_verify_repeated_request(
in HttpMessage p_request_1,
in HttpMessage p_request_2
) return boolean {
return false;
} // End of function f_verify_repeated_request
/**
* @desc Verify the EC certificate generated by the EA entity
* @param p_ec_certificate The new EC certificate
* @param p_ea_certificate The certificate issuer
* @param p_public_key_compressed The public compressed key (canonical form) generated for the InnerEcRequest
* @param p_compressed_mode The public compressed key mode
* @return true on success, false otherwise
*/
function f_verify_ec_certificate(
in Certificate p_ec_certificate,
in Certificate p_ea_certificate,
in HashedId8 p_ea_hashed_id8,
in octetstring p_public_key_compressed,
in integer p_compressed_mode,
out HashedId8 p_ec_cert_hashed_id8
// Calculate the HashedId8 of the whole certificate
v_encoded_cert := encvalue(p_ec_certificate);
v_ec_cert_hash_256 := f_hashWithSha256(bit2oct(v_encoded_cert));
log("f_verify_ec_certificate: ==> EC certificate Hash: ", v_ec_cert_hash_256);
p_ec_cert_hashed_id8 := f_hashedId8FromSha256(v_ec_cert_hash_256);
log("f_verify_ec_certificate: ==> EC certificate HashedId8: ", p_ec_cert_hashed_id8);
// Check the signer
log("f_verify_ec_certificate: Check the signer: ", match(p_ec_certificate.issuer, m_issuerIdentifier_sha256AndDigest(p_ea_hashed_id8)));
log("f_verify_ec_certificate: Check the signer: ", match(p_ec_certificate.issuer, m_issuerIdentifier_sha384AndDigest(p_ea_hashed_id8)));
if (
(match(p_ec_certificate.issuer, m_issuerIdentifier_sha256AndDigest(p_ea_hashed_id8)) == false) and
(match(p_ec_certificate.issuer, m_issuerIdentifier_sha384AndDigest(p_ea_hashed_id8)) == false)
) {
log("f_verify_ec_certificate: Wrong issuer");
return false;
}
// Check EC certificate signature
if (f_verifyCertificateSignatureWithPublicKey(p_ec_certificate, p_ea_certificate.toBeSigned.verifyKeyIndicator.verificationKey) == false) {
log("f_verify_ec_certificate: Signature not verified");
return false;
}
if (f_verifySspPermissions(p_ec_certificate.toBeSigned.appPermissions, p_ea_certificate.toBeSigned.appPermissions) == false) {
log("f_verify_ec_certificate: Ssp permissions not verified");
return false;
}
return true;
} // End of function f_verify_ec_certificate
/**
* @desc Verify the generated AT certificate
* @param p_at_certificate The new AT certificate
* @param p_ea_certificate The certificate issuer
* @param p_public_key_compressed The public compressed key (canonical form) generated for the InnerAtRequest
* @param p_compressed_mode The public compressed key mode
* @return true on success, false otherwise
*/
function f_verify_at_certificate(
in Certificate p_at_certificate,
in Certificate p_aa_certificate,
in octetstring p_public_key_compressed,
in integer p_compressed_mode
) return boolean {
var bitstring v_encoded_cert;
var HashedId8 v_at_cert_hashed_id8;
// Calculate the HashedId8 of the whole certificate
v_encoded_cert := encvalue(p_at_certificate);
v_at_cert_hashed_id8 := f_hashedId8FromSha256(f_hashWithSha256(bit2oct(v_encoded_cert)));
log("f_verify_at_certificate: EC certificate HashedId8: ", v_at_cert_hashed_id8);
// Check the signer
log("f_verify_at_certificate: ", match(p_at_certificate.issuer, mw_issuerIdentifier_self()));
if (match(p_at_certificate.issuer, mw_issuerIdentifier_self)) {
return false;
}
// Check EC certificate signature
if (f_verifyCertificateSignatureWithPublicKey(p_at_certificate, p_aa_certificate.toBeSigned.verifyKeyIndicator.verificationKey) == false) {
log("f_verify_at_certificate: Signature not verified");
return false;
}
if (f_verifySspPermissions(p_aa_certificate.toBeSigned.appPermissions, p_at_certificate.toBeSigned.appPermissions) == false) {
log("f_verify_at_certificate: Ssp permissions not verified");
return true;
} // End of function f_verify_at_certificate
altstep a_default_pki_http() runs on ItsPkiHttp {
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive(
mw_http_response(
mw_http_response_ko
)) {
tc_ac.stop;
6521
6522
6523
6524
6525
6526
6527
6528
6529
6530
6531
6532
6533
6534
6535
6536
6537
6538
6539
6540
6541
6542
6543
log("*** " & testcasename() & ": FAIL: Unexpected message received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive(mw_http_request) {
tc_ac.stop;
log("*** a_default: ERROR: Unexpected HTTP Request received ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive(mw_http_response) {
tc_ac.stop;
log("*** a_default: ERROR: Unexpected HTTP Response received ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive {
tc_ac.stop;
log("*** a_default: ERROR: Unexpected HTTP message received ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[] a_shutdown() {
log("*** a_default: INFO: TEST COMPONENT NOW STOPPING ITSELF! ***");
stop;
}
} // End of altstep a_default_pki_http
altstep a_default_pki_http_ec() runs on ItsPkiHttp {
[PICS_MULTIPLE_END_POINT] httpEcPort.receive(
mw_http_response(
mw_http_response_ko
)) {
tc_ac.stop;
6552
6553
6554
6555
6556
6557
6558
6559
6560
6561
6562
6563
6564
6565
6566
6567
6568
6569
6570
6571
6572
6573
6574
log("*** " & testcasename() & ": FAIL: Unexpected message received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[PICS_MULTIPLE_END_POINT] httpEcPort.receive(mw_http_request) {
tc_ac.stop;
log("*** a_default: ERROR: Unexpected HTTP Request received ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[PICS_MULTIPLE_END_POINT] httpEcPort.receive(mw_http_response) {
tc_ac.stop;
log("*** a_default: ERROR: Unexpected HTTP Response received ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[PICS_MULTIPLE_END_POINT] httpEcPort.receive {
tc_ac.stop;
log("*** a_default: ERROR: Unexpected HTTP message received ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[] a_shutdown() {
log("*** a_default: INFO: TEST COMPONENT NOW STOPPING ITSELF! ***");
stop;
}
} // End of altstep a_default_pki_http_ec
altstep a_default_pki_http_atv() runs on ItsPkiHttp {
[PICS_MULTIPLE_END_POINT] httpAtVPort.receive(
mw_http_response(
mw_http_response_ko
)) {
tc_ac.stop;
6583
6584
6585
6586
6587
6588
6589
6590
6591
6592
6593
6594
6595
6596
6597
6598
6599
6600
6601
6602
6603
6604
6605
log("*** " & testcasename() & ": FAIL: Unexpected message received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[PICS_MULTIPLE_END_POINT] httpAtVPort.receive(mw_http_request) {
tc_ac.stop;
log("*** a_default: ERROR: Unexpected HTTP Request received ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[PICS_MULTIPLE_END_POINT] httpAtVPort.receive(mw_http_response) {
tc_ac.stop;
log("*** a_default: ERROR: Unexpected HTTP Response received ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[PICS_MULTIPLE_END_POINT] httpAtVPort.receive {
tc_ac.stop;
log("*** a_default: ERROR: Unexpected HTTP message received ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[] a_shutdown() {
log("*** a_default: INFO: TEST COMPONENT NOW STOPPING ITSELF! ***");
stop;
}
} // End of altstep a_default_pki_http_atv
altstep a_default_pki_http_at() runs on ItsPkiHttp {
[PICS_MULTIPLE_END_POINT] httpAtPort.receive(
mw_http_response(
mw_http_response_ko
)) {
tc_ac.stop;
6614
6615
6616
6617
6618
6619
6620
6621
6622
6623
6624
6625
6626
6627
6628
6629
6630
6631
6632
6633
6634
6635
6636
6637
6638
6639
6640
6641
6642
6643
log("*** " & testcasename() & ": FAIL: Unexpected message received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[PICS_MULTIPLE_END_POINT] httpAtPort.receive(mw_http_request) {
tc_ac.stop;
log("*** a_default: ERROR: Unexpected HTTP Request received ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[PICS_MULTIPLE_END_POINT] httpAtPort.receive(mw_http_response) {
tc_ac.stop;
log("*** a_default: ERROR: Unexpected HTTP Response received ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[PICS_MULTIPLE_END_POINT] httpAtPort.receive {
tc_ac.stop;
log("*** a_default: ERROR: Unexpected HTTP message received ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[] a_shutdown() {
log("*** a_default: INFO: TEST COMPONENT NOW STOPPING ITSELF! ***");
stop;
}
} // End of altstep a_default_pki_http_at
altstep a_default_pki_http_ca() runs on ItsPkiHttp {
[PICS_MULTIPLE_END_POINT] httpCaPort.receive(
mw_http_response(
mw_http_response_ko
)) {
tc_ac.stop;
6645
6646
6647
6648
6649
6650
6651
6652
6653
6654
6655
6656
6657
6658
6659
6660
6661
6662
6663
6664
6665
6666
6667
6668
6669
6670
6671
6672
6673
6674
log("*** " & testcasename() & ": FAIL: Unexpected message received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[PICS_MULTIPLE_END_POINT] httpCaPort.receive(mw_http_request) {
tc_ac.stop;
log("*** a_default: ERROR: Unexpected HTTP Request received ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[PICS_MULTIPLE_END_POINT] httpCaPort.receive(mw_http_response) {
tc_ac.stop;
log("*** a_default: ERROR: Unexpected HTTP Response received ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[PICS_MULTIPLE_END_POINT] httpCaPort.receive {
tc_ac.stop;
log("*** a_default: ERROR: Unexpected HTTP message received ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[] a_shutdown() {
log("*** a_default: INFO: TEST COMPONENT NOW STOPPING ITSELF! ***");
stop;
}
} // End of altstep a_default_pki_http_ca
altstep a_default_pki_http_tlm() runs on ItsPkiHttp {
[PICS_MULTIPLE_END_POINT] httpTlmPort.receive(
mw_http_response(
mw_http_response_ko
)) {
tc_ac.stop;
6676
6677
6678
6679
6680
6681
6682
6683
6684
6685
6686
6687
6688
6689
6690
6691
6692
6693
6694
6695
6696
6697
6698
6699
6700
6701
log("*** " & testcasename() & ": FAIL: Unexpected message received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[PICS_MULTIPLE_END_POINT] httpTlmPort.receive(mw_http_request) {
tc_ac.stop;
log("*** a_default: ERROR: Unexpected HTTP Request received ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[PICS_MULTIPLE_END_POINT] httpTlmPort.receive(mw_http_response) {
tc_ac.stop;
log("*** a_default: ERROR: Unexpected HTTP Response received ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[PICS_MULTIPLE_END_POINT] httpTlmPort.receive {
tc_ac.stop;
log("*** a_default: ERROR: Unexpected HTTP message received ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[] a_shutdown() {
log("*** a_default: INFO: TEST COMPONENT NOW STOPPING ITSELF! ***");
stop;
}
} // End of altstep a_default_pki_http_tlm
altstep a_await_ec_http_request_from_iut(
template HttpMessage p_http_message,
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive(p_http_message) -> value p_request {
log("a_await_ec_http_request_from_iut: Received message on httpPort");
}
[PICS_MULTIPLE_END_POINT] httpEcPort.receive(p_http_message) -> value p_request {
log("a_await_ec_http_request_from_iut: Received message on httpEcPort");
}
} // End of altstep a_await_ec_http_request_from_iut
altstep a_await_ec_http_response_from_iut(
template HttpMessage p_http_message,
out HttpMessage p_response
) runs on ItsPkiHttp {
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive(p_http_message) -> value p_response {
log("a_await_ec_http_response_from_iut: Received message on httpPort");
}
[PICS_MULTIPLE_END_POINT] httpEcPort.receive(p_http_message) -> value p_response {
log("a_await_ec_http_response_from_iut: Received message on httpEcPort");
}
} // End of altstep a_await_ec_http_response_from_iut
altstep a_await_at_http_request_from_iut(
template HttpMessage p_http_message,
out HttpMessage p_request
) runs on ItsPkiHttp {
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive(p_http_message) -> value p_request {
log("a_await_at_http_request_from_iut: Received message on httpPort");
}
[PICS_MULTIPLE_END_POINT] httpAtPort.receive(p_http_message) -> value p_request {
log("a_await_at_http_request_from_iut: Received message on httpAtPort");
}
} // End of altstep a_await_at_http_request_from_iut
altstep a_await_at_http_response_from_iut(
template HttpMessage p_http_message,
out HttpMessage p_response
) runs on ItsPkiHttp {
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive(p_http_message) -> value p_response {
log("a_await_at_http_response_from_iut: Received message on httpPort");
}
[PICS_MULTIPLE_END_POINT] httpAtPort.receive(p_http_message) -> value p_response {
log("a_await_at_http_response_from_iut: Received message on httpAtPort");
}
} // End of altstep a_await_at_http_response_from_iut
altstep a_await_atv_http_request_from_iut(
template HttpMessage p_http_message,
out HttpMessage p_request
) runs on ItsPkiHttp {
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive(p_http_message) -> value p_request {
log("a_await_atv_http_request_from_iut: Received message on httpPort");
}
[PICS_MULTIPLE_END_POINT] httpAtVPort.receive(p_http_message) -> value p_request {
log("a_await_avt_http_request_from_iut: Received message on httpAtVPort");
}
} // End of altstep a_await_atv_http_request_from_iut
altstep a_await_atv_http_response_from_iut(
template HttpMessage p_http_message,
out HttpMessage p_response
) runs on ItsPkiHttp {
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive(p_http_message) -> value p_response {
log("a_await_atv_http_response_from_iut: Received message on httpPort");
}
[PICS_MULTIPLE_END_POINT] httpAtVPort.receive(p_http_message) -> value p_response {
log("a_await_avt_http_response_from_iut: Received message on httpAtVPort");
}
} // End of altstep a_await_atv_http_response_from_iut
altstep a_await_dc_http_request_from_iut(
template HttpMessage p_http_message,
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive(p_http_message) -> value p_request {
log("a_await_dc_http_request_from_iut: Received message on httpPort");
}
[PICS_MULTIPLE_END_POINT] httpCaPort.receive(p_http_message) -> value p_request {
log("a_await_dc_http_request_from_iut: Received message on httpCaPort");
altstep a_await_ctl_http_request_from_iut(
template HttpMessage p_http_message,
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive(p_http_message) -> value p_request {
log("a_await_ctl_http_request_from_iut: Received message on httpPort");
}
[PICS_MULTIPLE_END_POINT] httpCaPort.receive(p_http_message) -> value p_request {
log("a_await_ctl_http_request_from_iut: Received message on httpCaPort");
}
} // End of altstep a_await_ctl_http_request_from_iut
altstep a_await_crl_http_request_from_iut(
template HttpMessage p_http_message,
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive(p_http_message) -> value p_request {
log("a_await_crl_http_request_from_iut: Received message on httpPort");
}
[PICS_MULTIPLE_END_POINT] httpCaPort.receive(p_http_message) -> value p_request {
log("a_await_crl_http_request_from_iut: Received message on httpCaPort");
}
} // End of altstep a_await_crl_http_request_from_iut
YannGarcia
committed
altstep a_await_cpoc_http_request_from_iut(
template HttpMessage p_http_message,
YannGarcia
committed
) runs on ItsPkiHttp {
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive(p_http_message) -> value p_request {
YannGarcia
committed
log("a_await_cpoc_http_request_from_iut: Received message on httpPort");
}
[PICS_MULTIPLE_END_POINT] httpCaPort.receive(p_http_message) -> value p_request {
log("a_await_cpoc_http_request_from_iut: Received message on httpCaPort");
YannGarcia
committed
}
} // End of altstep a_await_cpoc_http_request_from_iut
altstep a_await_any_http_request_from_iut(
template HttpMessage p_http_message,
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive(p_http_message) -> value p_request {
log("a_await_any_http_request_from_iut: Received message on httpPort");
}
[PICS_MULTIPLE_END_POINT] httpCaPort.receive(p_http_message) -> value p_request {
log("a_await_any_http_request_from_iut: Received message on httpEcPort");
}
} // End of altstep a_await_any_http_request_from_iut