Bug fixed in f_generate_signed_mr_request function (fdc5adbb) · Commits · ITS - Intelligent Transport Systems / ttcn / MBR TS 103 759

lib_system/LibItsMbr_Functions.ttcn

+23 −10

Original line number	Original line	Diff line number	Diff line
	@@ -405,7 +405,8 @@ module LibItsMbr_Functions {
	var Signature v_signature;		var Signature v_signature;

	// Encode it		// Encode it
	log(">>> f_generate_signed_mr_request");		log(">>> f_generate_signed_mr_request: p_private_key= ", p_private_key);
			log(">>> f_generate_signed_mr_request: p_issuer= ", p_issuer);

	log("f_generate_signed_mr_request: encode ", p_etsi_ts_103759_data);		log("f_generate_signed_mr_request: encode ", p_etsi_ts_103759_data);
	v_inner_signed_mr_request := bit2oct(encvalue(p_etsi_ts_103759_data));		v_inner_signed_mr_request := bit2oct(encvalue(p_etsi_ts_103759_data));
	@@ -486,7 +487,7 @@ module LibItsMbr_Functions {
	m_signedData(		m_signedData(
	sha256,		sha256,
	v_tbs,		v_tbs,
	m_signerIdentifier_self,		m_signerIdentifier_digest(f_hashedId8FromSha256(p_issuer)),
	v_signature		v_signature
	)));		)));

	@@ -513,7 +514,7 @@ module LibItsMbr_Functions {

	p_result := 0;		p_result := 0;

	if (f_verify_mbr_request_message(vc_maPrivateEncKey, vc_maWholeHash/salt/, vc_atWholeHash, p_request.body.binary_body.ieee1609dot2_data, v_request_hash, p_etsiTs103759_data, v_aes_enc_key) == false) { // Cannot decrypt the message		if (f_verify_mbr_request_message(vc_maPrivateEncKey, vc_maWholeHash/salt/, p_request.body.binary_body.ieee1609dot2_data, v_request_hash, p_etsiTs103759_data, v_aes_enc_key) == false) { // Cannot decrypt the message
	// Send error message		// Send error message
	v_response := m_http_response(m_http_response_ko_no_body(p_headers, 400, "Bad request")); // Initialize v_reponse with an error message		v_response := m_http_response(m_http_response_ko_no_body(p_headers, 400, "Bad request")); // Initialize v_reponse with an error message
	// Set verdict		// Set verdict
	@@ -542,7 +543,6 @@ module LibItsMbr_Functions {
	function f_verify_mbr_request_message(		function f_verify_mbr_request_message(
	in Oct32 p_private_enc_key,		in Oct32 p_private_enc_key,
	in Oct32 p_salt,		in Oct32 p_salt,
	in octetstring p_issuer,
	in Ieee1609Dot2Data p_ieee1609dot2_encrypted_and_signed_data,		in Ieee1609Dot2Data p_ieee1609dot2_encrypted_and_signed_data,
	out Oct16 p_request_hash,		out Oct16 p_request_hash,
	out EtsiTs103759Data p_etsiTs103759_data,		out EtsiTs103759Data p_etsiTs103759_data,
	@@ -554,12 +554,12 @@ module LibItsMbr_Functions {
	var Ieee1609Dot2Data v_ieee1609dot2_signed_data;		var Ieee1609Dot2Data v_ieee1609dot2_signed_data;
	var Certificate v_certificate;		var Certificate v_certificate;
	var charstring v_certificate_id;		var charstring v_certificate_id;
			var Oct32 v_issuer;
	var Time64 v_curTime;		var Time64 v_curTime;
	const integer c_timeLimit := 2 * 60 * 1000000; // us		const integer c_timeLimit := 2 * 60 * 1000000; // us

	log(">>> f_verify_mbr_request_message: p_private_enc_key= ", p_private_enc_key);		log(">>> f_verify_mbr_request_message: p_private_enc_key= ", p_private_enc_key);
	log(">>> f_verify_mbr_request_message: p_salt= ", p_salt);		log(">>> f_verify_mbr_request_message: p_salt= ", p_salt);
	log(">>> f_verify_mbr_request_message: p_issuer= ", p_issuer);
	log(">>> f_verify_mbr_request_message: p_ieee1609dot2_encrypted_and_signed_data= ", p_ieee1609dot2_encrypted_and_signed_data);		log(">>> f_verify_mbr_request_message: p_ieee1609dot2_encrypted_and_signed_data= ", p_ieee1609dot2_encrypted_and_signed_data);

	// 1. Calculate the request Hash		// 1. Calculate the request Hash
	@@ -568,7 +568,7 @@ module LibItsMbr_Functions {
	p_request_hash := substr(f_hashWithSha256(v_msg), 0, 16);		p_request_hash := substr(f_hashWithSha256(v_msg), 0, 16);
	log("f_verify_mbr_request_message: p_request_hash= ", p_request_hash);		log("f_verify_mbr_request_message: p_request_hash= ", p_request_hash);

	// 2. Decrypt the InnerEcRequest		// 2. Decrypt the MR
	log("f_verify_mbr_request_message: p_private_enc_key= ", p_private_enc_key);		log("f_verify_mbr_request_message: p_private_enc_key= ", p_private_enc_key);
	if (f_decrypt(p_private_enc_key, p_ieee1609dot2_encrypted_and_signed_data, p_salt, v_ieee1609dot2_signed_data, p_aes_enc_key) == false) {		if (f_decrypt(p_private_enc_key, p_ieee1609dot2_encrypted_and_signed_data, p_salt, v_ieee1609dot2_signed_data, p_aes_enc_key) == false) {
	log("f_verify_mbr_request_message: Failed to decrypt message");		log("f_verify_mbr_request_message: Failed to decrypt message");
	@@ -585,14 +585,27 @@ module LibItsMbr_Functions {
	}		}

	// 4. Verifiy signature		// 4. Verifiy signature
			log("f_verify_mbr_request_message: v_ieee1609dot2_signed_data.content.signedData.signer= ", v_ieee1609dot2_signed_data.content.signedData.signer);
	log("f_verify_mbr_request_message: v_ieee1609dot2_signed_data.content.signedData.tbsData= ", v_ieee1609dot2_signed_data.content.signedData.tbsData);		log("f_verify_mbr_request_message: v_ieee1609dot2_signed_data.content.signedData.tbsData= ", v_ieee1609dot2_signed_data.content.signedData.tbsData);
	v_msg := bit2oct(encvalue(v_ieee1609dot2_signed_data.content.signedData.tbsData));		if (ischosen(v_ieee1609dot2_signed_data.content.signedData.signer.certificate)) {
	log("f_verify_mbr_request_message: v_msg= ", v_msg);		v_certificate := v_ieee1609dot2_signed_data.content.signedData.signer.certificate[0];
	if (f_getCertificateFromDigest(f_hashedId8FromSha256(p_issuer), v_certificate, v_certificate_id) == false) {		var octetstring v_enc := bit2oct(encvalue(v_certificate));
			v_issuer := f_hashWithSha256(v_enc);
			} else if (ischosen(v_ieee1609dot2_signed_data.content.signedData.signer.digest)) {
			if (f_getCertificateFromDigest(v_ieee1609dot2_signed_data.content.signedData.signer.digest, v_certificate, v_certificate_id) == false) {
			log("f_verify_mbr_request_message: Failed to retrieve certificate");
			return false;
			}
			f_getCertificateHash256(v_certificate_id, v_issuer);
			} else {
			log("f_verify_mbr_request_message: Unsupported signer variant");
	return false;		return false;
	}		}
			v_msg := bit2oct(encvalue(v_ieee1609dot2_signed_data.content.signedData.tbsData));
			log("f_verify_mbr_request_message: v_msg= ", v_msg);
			log("f_verify_mbr_request_message: v_issuer= ", v_issuer);
	log("f_verify_mbr_request_message: v_certificate= ", v_certificate);		log("f_verify_mbr_request_message: v_certificate= ", v_certificate);
	if (f_verifyEcdsa(v_msg, p_issuer, v_ieee1609dot2_signed_data.content.signedData.signature_, v_certificate.toBeSigned.verifyKeyIndicator.verificationKey) == false) {		if (f_verifyEcdsa(v_msg, v_issuer, v_ieee1609dot2_signed_data.content.signedData.signature_, v_certificate.toBeSigned.verifyKeyIndicator.verificationKey) == false) {
	return false;		return false;
	}		}