Loading ItsSecurity_TestCases.ttcn +34 −24 Original line number Diff line number Diff line Loading @@ -4413,7 +4413,7 @@ module ItsSecurity_TestCases { /** * @desc Check that IUT accepts a valid secured CAM message signed with a known implicit certificate * <pre> * Pics Selection: PICS_GN_SECURITY * Pics Selection: PICS_GN_SECURITY and (PICS_SEC_NIST_P256 or PICS_SEC_BRAINPOOL_P256R1) * Config Id: CF01 * Initial conditions: * with { Loading Loading @@ -4451,13 +4451,14 @@ module ItsSecurity_TestCases { testcase TC_SEC_ITSS_RCV_IMPLICIT_CERT_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); if (not(PICS_GN_SECURITY and (PICS_SEC_NIST_P256 or PICS_SEC_BRAINPOOL_P256R1))) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and (PICS_SEC_NIST_P256 or PICS_SEC_BRAINPOOL_P256R1)' required for executing the TC ***"); stop; } Loading @@ -4469,13 +4470,14 @@ module ItsSecurity_TestCases { // Preamble f_prNeighbour(); f_prepareCertificates(cc_iutCert_A_IMP, v_aaCertificate, v_atCertificate); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam( cc_taCert_A, cc_iutCert_A_IMP, valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), valueof(m_signerIdentifier_certificate(vc_atCertificate)), valueof(m_signerIdentifier_certificate(v_atCertificate)), f_getTsStationId() ); Loading @@ -4501,7 +4503,7 @@ module ItsSecurity_TestCases { /** * @desc Check that IUT accepts a valid secured CAM message signed with an unknown implicit certificate * <pre> * Pics Selection: PICS_GN_SECURITY * Pics Selection: PICS_GN_SECURITY and (PICS_SEC_NIST_P256 or PICS_SEC_BRAINPOOL_P256R1) * Config Id: CF01 * Initial conditions: * with { Loading Loading @@ -4539,31 +4541,39 @@ module ItsSecurity_TestCases { testcase TC_SEC_ITSS_RCV_IMPLICIT_CERT_02_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var charstring v_certificate_id; var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); if (not(PICS_GN_SECURITY and (PICS_SEC_NIST_P256 or PICS_SEC_BRAINPOOL_P256R1))) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and (PICS_SEC_NIST_P256 or PICS_SEC_BRAINPOOL_P256R1)' required for executing the TC ***"); stop; } // Test component configuration vc_hashedId8ToBeUsed := "CERT_TS_F3_AT_IMP"; vc_hashedId8ToBeUsed := cc_iutCert_A_IMP; f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); if (PICS_SEC_NIST_P256) { v_certificate_id := "CERT_TS_F_AT_IMP"; } else { v_certificate_id := "CERT_TS_F3_AT_IMP"; } f_prepareCertificates(v_certificate_id, v_aaCertificate, v_atCertificate); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam( cc_taCert_A, v_certificate_id, valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), valueof(m_signerIdentifier_certificate(vc_atCertificate)), valueof(m_signerIdentifier_certificate(v_atCertificate)), f_getTsStationId() ); Loading @@ -4589,7 +4599,7 @@ module ItsSecurity_TestCases { /** * @desc Check that IUT discards a valid secured CAM message signed with implicit certificate containing signature * <pre> * Pics Selection: PICS_GN_SECURITY * Pics Selection: PICS_GN_SECURITY and (PICS_SEC_NIST_P256 or PICS_SEC_BRAINPOOL_P256R1) * Config Id: CF01 * Initial conditions: * with { Loading Loading @@ -4632,8 +4642,8 @@ module ItsSecurity_TestCases { var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); if (not(PICS_GN_SECURITY and (PICS_SEC_NIST_P256 or PICS_SEC_BRAINPOOL_P256R1))) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and (PICS_SEC_NIST_P256 or PICS_SEC_BRAINPOOL_P256R1)' required for executing the TC ***"); stop; } Loading @@ -4649,7 +4659,7 @@ module ItsSecurity_TestCases { // Test Body v_securedGnPdu := f_sendSecuredCam( cc_taCert_A, cc_iutCert_A_IMP_BO, valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), valueof(m_signerIdentifier_certificate(vc_atCertificate)), f_getTsStationId() Loading lib/LibItsSecurity_Templates.ttcn +12 −0 Original line number Diff line number Diff line Loading @@ -1121,6 +1121,18 @@ module LibItsSecurity_Templates { ecdsaNistP384Signature := p_ecdsaNistP384Signature } // End of template mw_signature_ecdsaNistP384 template (value) Signature m_signature_ecsigSm2( in template (value) EcsigP256Signature p_sm2Signature ) := { sm2Signature := p_sm2Signature } // End of template m_signature_ecsigSm2 template (present) Signature mw_signature_ecsigSm2( template (present) EcsigP256Signature p_sm2Signature := ? ) := { sm2Signature := p_sm2Signature } // End of template mw_signature_ecsigSm2 template (value) EcdsaP256Signature m_ecdsaP256Signature( in template (value) EccP256CurvePoint p_rSig, in template (value) Oct32 p_sSig Loading lib_system/LibItsSecurity_Functions.ttcn +88 −49 Original line number Diff line number Diff line Loading @@ -1457,12 +1457,13 @@ module LibItsSecurity_Functions { var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; log(">>> f_buildGnSecuredCam: p_payloadField= ", p_payloadField); log(">>> f_buildGnSecuredCam: p_certificateName= ", p_certificateName); // Load certificates if required if (f_prepareCertificates(p_certificateName, v_aaCertificate, v_atCertificate) == false) { return false; } //log("f_buildGnSecuredCam: v_atCertificate = ", v_atCertificate); log("f_buildGnSecuredCam: v_atCertificate = ", v_atCertificate); // Fill the structure with default values, these values will be updated later p_securedMessage := valueof( Loading @@ -1476,6 +1477,7 @@ module LibItsSecurity_Functions { )))); // Prepare mandatory headers log("f_buildGnSecuredCam: p_signerIdentifierType=", p_signerIdentifierType); if (v_atCertificate.type_ == explicit) { if (ischosen(p_signerIdentifierType.digest)) { // Add the AT certificate digest if(p_signerIdentifierType.digest == '0000000000000000'O) { if (ischosen(v_atCertificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256) or Loading @@ -1496,7 +1498,7 @@ module LibItsSecurity_Functions { p_securedMessage.content.signedData.hashId := f_getHashAlgorithmOfVerificationKeyIndicator(v_atCertificate.toBeSigned.verifyKeyIndicator); if (ischosen(v_atCertificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256)) { p_securedMessage.content.signedData.signature_ := valueof( mw_signature_ecdsaNistP256( p_securedMessage.content.signedData.signature_ := valueof( m_signature_ecdsaNistP256( m_ecdsaP256Signature( m_eccP256CurvePoint_x_only(int2oct(0, 32)), int2oct(0, 32) Loading Loading @@ -1525,9 +1527,46 @@ module LibItsSecurity_Functions { )); } } else { // Implicit certificate if (ischosen(p_signerIdentifierType.digest)) { // Add the AT certificate digest if(p_signerIdentifierType.digest == '0000000000000000'O) { p_signerIdentifierType.digest := f_calculateDigestSha256FromCertificate(v_atCertificate); } } else if (ischosen(p_signerIdentifierType.certificate)) { if(not(isvalue(p_signerIdentifierType.certificate))) { p_signerIdentifierType.certificate := valueof({v_atCertificate}); } } p_securedMessage.content.signedData.signer := valueof(p_signerIdentifierType); if (ischosen(v_aaCertificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256)) { p_securedMessage.content.signedData.hashId := sha256; p_securedMessage.content.signedData.signature_ := valueof( m_signature_ecdsaNistP256( m_ecdsaP256Signature( m_eccP256CurvePoint_x_only(int2oct(0, 32)), int2oct(0, 32) ) )); } else if (ischosen(v_aaCertificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1)) { p_securedMessage.content.signedData.hashId := sha256; p_securedMessage.content.signedData.signature_ := valueof( m_signature_ecdsaBrainpoolP256r1( m_ecdsaP256Signature( m_eccP256CurvePoint_x_only(int2oct(0, 32)), int2oct(0, 32) ) )); } else if (ischosen(v_aaCertificate.toBeSigned.verifyKeyIndicator.verificationKey.ecsigSm2)) { p_securedMessage.content.signedData.hashId := sm3; p_securedMessage.content.signedData.signature_ := valueof( m_signature_ecsigSm2( m_ecsigSm2P256Signature( int2oct(0, 32), int2oct(0, 32) ) )); } } log("f_buildGnSecuredCam: p_securedMessage = ", p_securedMessage); return f_buildGnSecuredMessage(p_securedMessage, p_certificateName, p_payloadField/*, v_mandatoryHeaders*/); return f_buildGnSecuredMessage(p_securedMessage, p_certificateName, p_payloadField); } // End of function f_buildGnSecuredCam Loading Loading
ItsSecurity_TestCases.ttcn +34 −24 Original line number Diff line number Diff line Loading @@ -4413,7 +4413,7 @@ module ItsSecurity_TestCases { /** * @desc Check that IUT accepts a valid secured CAM message signed with a known implicit certificate * <pre> * Pics Selection: PICS_GN_SECURITY * Pics Selection: PICS_GN_SECURITY and (PICS_SEC_NIST_P256 or PICS_SEC_BRAINPOOL_P256R1) * Config Id: CF01 * Initial conditions: * with { Loading Loading @@ -4451,13 +4451,14 @@ module ItsSecurity_TestCases { testcase TC_SEC_ITSS_RCV_IMPLICIT_CERT_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); if (not(PICS_GN_SECURITY and (PICS_SEC_NIST_P256 or PICS_SEC_BRAINPOOL_P256R1))) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and (PICS_SEC_NIST_P256 or PICS_SEC_BRAINPOOL_P256R1)' required for executing the TC ***"); stop; } Loading @@ -4469,13 +4470,14 @@ module ItsSecurity_TestCases { // Preamble f_prNeighbour(); f_prepareCertificates(cc_iutCert_A_IMP, v_aaCertificate, v_atCertificate); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam( cc_taCert_A, cc_iutCert_A_IMP, valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), valueof(m_signerIdentifier_certificate(vc_atCertificate)), valueof(m_signerIdentifier_certificate(v_atCertificate)), f_getTsStationId() ); Loading @@ -4501,7 +4503,7 @@ module ItsSecurity_TestCases { /** * @desc Check that IUT accepts a valid secured CAM message signed with an unknown implicit certificate * <pre> * Pics Selection: PICS_GN_SECURITY * Pics Selection: PICS_GN_SECURITY and (PICS_SEC_NIST_P256 or PICS_SEC_BRAINPOOL_P256R1) * Config Id: CF01 * Initial conditions: * with { Loading Loading @@ -4539,31 +4541,39 @@ module ItsSecurity_TestCases { testcase TC_SEC_ITSS_RCV_IMPLICIT_CERT_02_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var charstring v_certificate_id; var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); if (not(PICS_GN_SECURITY and (PICS_SEC_NIST_P256 or PICS_SEC_BRAINPOOL_P256R1))) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and (PICS_SEC_NIST_P256 or PICS_SEC_BRAINPOOL_P256R1)' required for executing the TC ***"); stop; } // Test component configuration vc_hashedId8ToBeUsed := "CERT_TS_F3_AT_IMP"; vc_hashedId8ToBeUsed := cc_iutCert_A_IMP; f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); if (PICS_SEC_NIST_P256) { v_certificate_id := "CERT_TS_F_AT_IMP"; } else { v_certificate_id := "CERT_TS_F3_AT_IMP"; } f_prepareCertificates(v_certificate_id, v_aaCertificate, v_atCertificate); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam( cc_taCert_A, v_certificate_id, valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), valueof(m_signerIdentifier_certificate(vc_atCertificate)), valueof(m_signerIdentifier_certificate(v_atCertificate)), f_getTsStationId() ); Loading @@ -4589,7 +4599,7 @@ module ItsSecurity_TestCases { /** * @desc Check that IUT discards a valid secured CAM message signed with implicit certificate containing signature * <pre> * Pics Selection: PICS_GN_SECURITY * Pics Selection: PICS_GN_SECURITY and (PICS_SEC_NIST_P256 or PICS_SEC_BRAINPOOL_P256R1) * Config Id: CF01 * Initial conditions: * with { Loading Loading @@ -4632,8 +4642,8 @@ module ItsSecurity_TestCases { var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); if (not(PICS_GN_SECURITY and (PICS_SEC_NIST_P256 or PICS_SEC_BRAINPOOL_P256R1))) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and (PICS_SEC_NIST_P256 or PICS_SEC_BRAINPOOL_P256R1)' required for executing the TC ***"); stop; } Loading @@ -4649,7 +4659,7 @@ module ItsSecurity_TestCases { // Test Body v_securedGnPdu := f_sendSecuredCam( cc_taCert_A, cc_iutCert_A_IMP_BO, valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), valueof(m_signerIdentifier_certificate(vc_atCertificate)), f_getTsStationId() Loading
lib/LibItsSecurity_Templates.ttcn +12 −0 Original line number Diff line number Diff line Loading @@ -1121,6 +1121,18 @@ module LibItsSecurity_Templates { ecdsaNistP384Signature := p_ecdsaNistP384Signature } // End of template mw_signature_ecdsaNistP384 template (value) Signature m_signature_ecsigSm2( in template (value) EcsigP256Signature p_sm2Signature ) := { sm2Signature := p_sm2Signature } // End of template m_signature_ecsigSm2 template (present) Signature mw_signature_ecsigSm2( template (present) EcsigP256Signature p_sm2Signature := ? ) := { sm2Signature := p_sm2Signature } // End of template mw_signature_ecsigSm2 template (value) EcdsaP256Signature m_ecdsaP256Signature( in template (value) EccP256CurvePoint p_rSig, in template (value) Oct32 p_sSig Loading
lib_system/LibItsSecurity_Functions.ttcn +88 −49 Original line number Diff line number Diff line Loading @@ -1457,12 +1457,13 @@ module LibItsSecurity_Functions { var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; log(">>> f_buildGnSecuredCam: p_payloadField= ", p_payloadField); log(">>> f_buildGnSecuredCam: p_certificateName= ", p_certificateName); // Load certificates if required if (f_prepareCertificates(p_certificateName, v_aaCertificate, v_atCertificate) == false) { return false; } //log("f_buildGnSecuredCam: v_atCertificate = ", v_atCertificate); log("f_buildGnSecuredCam: v_atCertificate = ", v_atCertificate); // Fill the structure with default values, these values will be updated later p_securedMessage := valueof( Loading @@ -1476,6 +1477,7 @@ module LibItsSecurity_Functions { )))); // Prepare mandatory headers log("f_buildGnSecuredCam: p_signerIdentifierType=", p_signerIdentifierType); if (v_atCertificate.type_ == explicit) { if (ischosen(p_signerIdentifierType.digest)) { // Add the AT certificate digest if(p_signerIdentifierType.digest == '0000000000000000'O) { if (ischosen(v_atCertificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256) or Loading @@ -1496,7 +1498,7 @@ module LibItsSecurity_Functions { p_securedMessage.content.signedData.hashId := f_getHashAlgorithmOfVerificationKeyIndicator(v_atCertificate.toBeSigned.verifyKeyIndicator); if (ischosen(v_atCertificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256)) { p_securedMessage.content.signedData.signature_ := valueof( mw_signature_ecdsaNistP256( p_securedMessage.content.signedData.signature_ := valueof( m_signature_ecdsaNistP256( m_ecdsaP256Signature( m_eccP256CurvePoint_x_only(int2oct(0, 32)), int2oct(0, 32) Loading Loading @@ -1525,9 +1527,46 @@ module LibItsSecurity_Functions { )); } } else { // Implicit certificate if (ischosen(p_signerIdentifierType.digest)) { // Add the AT certificate digest if(p_signerIdentifierType.digest == '0000000000000000'O) { p_signerIdentifierType.digest := f_calculateDigestSha256FromCertificate(v_atCertificate); } } else if (ischosen(p_signerIdentifierType.certificate)) { if(not(isvalue(p_signerIdentifierType.certificate))) { p_signerIdentifierType.certificate := valueof({v_atCertificate}); } } p_securedMessage.content.signedData.signer := valueof(p_signerIdentifierType); if (ischosen(v_aaCertificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256)) { p_securedMessage.content.signedData.hashId := sha256; p_securedMessage.content.signedData.signature_ := valueof( m_signature_ecdsaNistP256( m_ecdsaP256Signature( m_eccP256CurvePoint_x_only(int2oct(0, 32)), int2oct(0, 32) ) )); } else if (ischosen(v_aaCertificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1)) { p_securedMessage.content.signedData.hashId := sha256; p_securedMessage.content.signedData.signature_ := valueof( m_signature_ecdsaBrainpoolP256r1( m_ecdsaP256Signature( m_eccP256CurvePoint_x_only(int2oct(0, 32)), int2oct(0, 32) ) )); } else if (ischosen(v_aaCertificate.toBeSigned.verifyKeyIndicator.verificationKey.ecsigSm2)) { p_securedMessage.content.signedData.hashId := sm3; p_securedMessage.content.signedData.signature_ := valueof( m_signature_ecsigSm2( m_ecsigSm2P256Signature( int2oct(0, 32), int2oct(0, 32) ) )); } } log("f_buildGnSecuredCam: p_securedMessage = ", p_securedMessage); return f_buildGnSecuredMessage(p_securedMessage, p_certificateName, p_payloadField/*, v_mandatoryHeaders*/); return f_buildGnSecuredMessage(p_securedMessage, p_certificateName, p_payloadField); } // End of function f_buildGnSecuredCam Loading
