Newer
Older
/**
* @author ETSI / STF481
* @version $URL$
* $Id$
* @desc Module containing types and values for Security Protocol
// LibCommon
import from LibCommon_BasicTypesAndValues {
type
UInt8, UInt16, UInt32, UInt64,
}
import from LibCommon_DataStrings {
type
Oct2, Oct3, Oct8, Oct12, Oct20, Oct0to31
// // LibIts
// import from CAM_PDU_Descriptions language "ASN.1:1997" {
// type CAM
// }
// import from DENM_PDU_Descriptions language "ASN.1:1997" {
// type DENM
// }
//
group basicFormatElements {
/**
* @desc an integer of variable length
* @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.1 IntX
*/
type integer IntX with { variant "IntX" };
/**
* @desc List of supported algorithms based on public key cryptography
* @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.2 PublicKeyAlgorithm
*/
type enumerated PublicKeyAlgorithm {
e_ecdsa_nistp256_with_sha256 (0),
e_ecies_nistp256 (1)
} with { variant "8 bit" }
/**
* @desc List of supported algorithms based on symmetric key cryptography
* @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.3 SymmetricAlgorithm
*/
type enumerated SymmetricAlgorithm {
} with { variant "8 bit" }
/**
* @desc Wrapper for public keys by specifying the used algorithm
* @member algorithm Specifying the used algorithm
* @member public_key The public key structure
* @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.4 PublicKey
*/
type record PublicKey {
PublicKeyAlgorithm algorithm,
PublicKeyContainer public_key
} // End of type PublicKey
/**
* @desc Information regarding AES CCM encryption
* @member supported_symm_alg The symmetric key algorithm
* @member eccPoint The EccPoint used in the PublicKey
SymmetricAlgorithm supported_symm_alg,
EccPoint eccPoint
} // End of typAesCcmsc
/**
* @desc Information regarding ECC contained in an EccPoint structure
* @member eccPoint Specific details regarding ECC contained in an EccPoint structure
* @member ecies_nistp256 Specific details regarding ECC contained in an EccPoint structure
* @member other_key Out of scope
*/
type union PublicKeyContainer {
EccPoint eccPoint,
octetstring other_key
} // End of type PublicKeyContainer
/**
* @desc Defines public key based on elliptic curve cryptography
* @member algorithm Specifying the used algorithm
* @member field_size The lengths of the vectors containing the raw keys
* @member type_ The ECC key types
* @member x The x coordinate
* @member y The y coordinate
* @remark In case of e_x_coordinate_only, e_compressed_lsb_y_0 and e_compressed_lsb_y_1, the field y shall not be present
* @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.5 EccPoint
* @see Draft ETSI TS 103 097 V1.1.6 Table 2: Derivation of field sizes depending on the used algorithm
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
*/
type record EccPoint {
PublicKeyAlgorithm algorithm,
UInt8 field_size,
EccPointType type_,
octetstring x,
EccPointContainer y optional
} // End of type EccPoint
/**
* @desc Defines a public key based on elliptic curve cryptography
* @member y The y coordinate
* @member data Out of scope
*/
type union EccPointContainer {
octetstring y,
octetstring data
} // End of type EccPointContainer
/**
* @desc List of supported ECC key types
* @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.6 EccPointType
*/
type enumerated EccPointType {
e_x_coordinate_only (0),
e_compressed_lsb_y_0 (2),
e_compressed_lsb_y_1 (3),
} with { variant "8 bit" }
/**
* @desc Parameters and additional data required for encryption and decryption of data using different symmetric encryption algorithms
* @member symm_algorithm The symmetric algorithm that shall be used with a public key for encryption
* @member public_key The public key for encryption
* @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.7 EncryptionParameters
*/
type record EncryptionParameters {
SymmetricAlgorithm symm_algorithm,
EncryptionParametersContainer public_key
} // End of type EncryptionParameters
/**
* @desc Identifies a CRL series
* @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.8 CrlSeries
*/
type UInt32 CrlSeries; // TODO Not used ???
/**
* @desc
* @member nonce Data encryption with the Advanced Encryption Standard (AES) using a 128-bit key in Counter with cipher block chaining message authentication code (CCM) mode
* @member params Out of scope
*/
type union EncryptionParametersContainer {
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
octetstring params
} // End of type EncryptionParametersContainer
/**
* @desc Signatures based on public key cryptography
* @member algorithm Algorithm type
* @member signature_ The signature
* @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.7 EncryptionParameters
*/
type record Signature {
PublicKeyAlgorithm algorithm,
SignatureContainer signature_
} // End of type Signature
/**
* @desc
* @member algorithm The ECDSA based signature
* @member signature_ Out of scope
*/
type union SignatureContainer {
EcdsaSignature ecdsa_signature,
octetstring signature_
} // End of type SignatureContainer
/**
* @desc Description an ECDSA based signature
* @member algorithm
* @member field_size The 's' field length derived from the applied ECDSA algorithm
* @member r Coordinate of the elliptic curve point resulting from multiplying the generator element by the ephemeral private key
* @member s
* @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.10 EcdsaSignature
*/
type record EcdsaSignature {
PublicKeyAlgorithm algorithm,
UInt8 field_size,
EccPoint r,
octetstring s
} // End of type EcdsaSignature
/**
* @desc Information about the signer of a message
* @member type_ Signature algorithm type
* @member signerInfo Signature algorithm information. In case of self-signed, this field is not required because of no additional data shall be given
* @remark In case of e_self, the field signerInfo shall not be present
* @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.11 SignerInfo
*/
type record SignerInfo {
SignerInfoType type_,
SignerInfoContainer signerInfo optional
} // End of type SignerInfo
/**
* @desc
* @member digest The digest value
* @member certificate A certificate
* @member certificates A complete certificate chain
* @member certificateWithAlgo A certificate with a specific algorithm
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
* @member info TODO
*/
type union SignerInfoContainer {
HashedId8 digest,
Certificate certificate,
CertificateChain certificates,
CertificateWithAlgo certificateWithAlgo,
octetstring info
} // End of type SignerInfoContainer
/**
* @desc
* @member algorithm The public key algorithm
* @member digest The digest value
*/
type record CertificateWithAlgo {
PublicKeyAlgorithm algorithm,
HashedId8 digest
} // End of type CertificateWithAlgo
/**
* @desc The list of the methods to describe a message's signer
* @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.12 SignerInfoType
*/
type enumerated SignerInfoType {
e_self (0),
e_certificate_digest_with_ecdsap256 (1),
e_certificate (2),
e_certificate_chain (3),
e_certificate_digest_with_other_algorithm (4)
} // End of type SignerInfoContainer
/**
* @desc Indication on an identifier, where real identification is not required
* @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.14 HashedId3
* @see RFC2246 Clause 4.2. Miscellaneous
*/
/**
* @desc Identifies data such as a certificate
* @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.13 HashedId8
* @see RFC2246 Clause 4.2. Miscellaneous
*/
/**
* @desc The unsigned 32 bits number of International Atomic Time (TAI) microseconds since 00:00:00 UTC, 01 January 2004
* @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.16 Time64
*/
type UInt32 Time32;
/**
* @desc The unsigned 64 bits number of International Atomic Time (TAI) microseconds since 00:00:00 UTC, 01 January 2004
* @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.16 Time64
*/
type UInt64 Time64;
/**
* @desc The time along with the standard deviation of time values
* @member time The time being encoded
* @member log_std_dev The rounded up value of the log to the base 1,134666 of the implementation's estimate of the standard deviation in units of nanoseconds
* @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.17 Time64WithStandardDeviation
*/
type record Time64WithStandardDeviation {
Time64 time,
UInt8 log_std_dev
} // End of type Time64WithStandardDeviation
/**
* @desc Defines the duration of a time span (e.g. a certificate's validity)
* @member unit
* @member duration
* @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.18 Duration
*/
type record Duration {
DurationUnitType unit,
Int13 duration
} // End of type Duration
/**
* @desc List of supported duration unit
* @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.18 Duration
* @see Draft ETSI TS 103 097 V1.1.6 Table 3: Interpretation of duration unit bits
*/
type enumerated DurationUnitType {
e_seconds (0), // seconds
e_minutes (1), // minutes (60 seconds)
e_hours (2), // hours (3 600 seconds)
e_hoursBlock (3), // 60 hour blocks (216 000 seconds)
e_year (4) // years (31 556 925 seconds)
} with { variant "3 bit" }
/**
* @desc Specify a two dimensional location
* @member latitude Latitude in tenths of micro degrees relative to the World Geodetic System (WGS)-84 datum
* @member longitude Longitude in tenths of micro degrees relative to the World Geodetic System (WGS)-84 datum
* @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.19 TwoDLocation
*/
type record TwoDLocation {
Int32 latitude,
Int32 longitude
} // End of type TwoDLocation
/**
* @desc Specify a two dimensional location
* @member latitude Latitude in tenths of micro degrees relative to the World Geodetic System (WGS)-84 datum
* @member longitude Longitude in tenths of micro degrees relative to the World Geodetic System (WGS)-84 datum
* @member elevation Elevation relative to the WGS-84 ellipsoid in decimetres
* @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.20 ThreeDLocation
*/
type record ThreeDLocation {
Int32 latitude,
Int32 longitude,
Oct2 elevation // Due to physical meaning, it cannot be Oct0to2
} // End of type ThreeDLocation
/**
* @desc Defines geographic regions used to limit the validity of certificates
* @member region_type Region type
* @member region Region description
* @remark In case of e_none, the field region shall not be present
* @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.21 GeographicRegion
*/
type record GeographicRegion {
RegionType region_type,
GeographicRegionContainer region optional
} // End of type GeographicRegion
type union GeographicRegionContainer {
CircularRegion circular_region,
RectangularRegions rectangular_region,
PolygonalRegion polygonal_region,
IdentifiedRegion id_region,
octetstring other_region
} // End of type GeographicRegionContainer
/**
* @desc The list of the possible region types
* @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.22 RegionType
*/
type enumerated RegionType {
e_none (0),
e_circle (1),
e_rectangle (2),
e_polygon (3),
e_id (4)
} with { variant "8 bit" }
/**
* @desc Defines a circular region
* @member center Circular center
* @member radius Radius given in metres
* @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.23 CircularRegion
*/
type record CircularRegion {
TwoDLocation center,
UInt16 radius
} // End of type CircularRegion
/**
* @desc Defines a rectangular region by connecting the four points in the order (northwest.latitude, northwest.longitude), (northwest.longitude, southeast.longitude), (southeast.longitude, southeast.longitude), and (southeast.longitude, northwest.longitude)
* @member northwest Upper left corner
* @member southeast Lower rigth corner
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
* @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.24 RectangularRegion
*/
type record RectangularRegion {
TwoDLocation northwest,
TwoDLocation southeast
} // End of type RectangularRegion
type record of RectangularRegion RectangularRegions;
/**
* @desc a region by enumerating points on the region's boundary
*/
type record of TwoDLocation PolygonalRegion;
/**
* @desc Defines a predefined geographic region determined by the region dictionary and the region identifier
* @member region_dictionary The region dictionary
* @member region_identifier The region identifier
* @member local_region The whole region. 0 if the whole region is meant
* @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.26 IdentifiedRegion
*/
type record IdentifiedRegion {
RegionDictionary region_dictionary,
UInt16 region_identifier,
IntX local_region
} // End of type IdentifiedRegion
/**
* @desc The list of dictionaries containing two-octet records of globally defined regions
* @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.27 RegionDictionary
*/
type enumerated RegionDictionary {
} with { variant "8 bit" }
} // End of group basicFormatElements
group SecurityMessages {
/**
* @desc Generic secured message description
* @member protocol_version The applied protocol version
* @member security_profile The security profile for this secured message
* @member header_fields Multiple information fields of interest to the security layer
* @member payload_fields The message's payload
* @member trailer_fields Security information after the payload
*
* @see Draft ETSI TS 103 097 V1.1.6 Clause 5.1 SecuredMessage
*/
type record SecuredMessage {
UInt8 protocol_version,
UInt8 security_profile,
HeaderFields header_fields,
Payloads payload_fields optional, // Used by the codec to fill it with the plain text packet in case of 'omit' value
TrailerFields trailer_fields
} // End of type SecuredMessage
/**
* @desc Information of interest to the security layer
* @see Draft ETSI TS 103 097 V1.1.6 Clause 5.4 HeaderField
*/
type record HeaderField {
HeaderFieldType type_,
HeaderFieldContainer headerField
} // End of type HeaderField
/**
* @desc Supported types of header fields
* @see Draft ETSI TS 103 097 V1.1.6 Clause 5.5 HeaderFieldType
*/
type enumerated HeaderFieldType {
e_generation_time (0),
e_generation_time_standard_deviation (1),
e_expiration (2),
e_generation_location (3),
e_request_unrecognized_certificate (4),
e_message_type (5),
e_signer_info (128),
e_recipient_info (129),
} with { variant "8 bit" }
type union HeaderFieldContainer {
Time64 generation_time,
Time64WithStandardDeviation generation_time_with_standard_deviation,
Time32 expiry_time,
ThreeDLocation generation_location,
UInt16 message_type,
SignerInfo signer,
RecipientInfos recipients,
EncryptionParameters enc_params,
octetstring other_header
} // End of type HeaderFieldContainer
type record of HashedId3 HashedId3s;
type record of RecipientInfo RecipientInfos;
/**
* @desc Payload structure
* @member type_ Payload type
* @member payload Payload data
*
* @see Draft ETSI TS 103 097 V1.1.6 Clause 5.2 Payload
*/
type record Payload {
PayloadType type_,
octetstring data optional
// PayloadContainer data optional
} // End of type Payload
type record of Payload Payloads;
// /**
// * @desc Payload data container
// * @member camPayload CAM message
// * @member denmPayload DENM message
// * @member rawPayload Other message
// *
// * @see Draft ETSI TS 103 097 V1.1.6 Clause 5.2 Payload
// */
// type union PayloadContainer {
// CAM camPayload,
// DENM denmPayload,
// octetstring rawPayload
// } // End of type PayloadContainer
//
/**
* @desc Supported types of payloads
*
* @see Draft ETSI TS 103 097 V1.1.6 Clause 5.3 PayloadType
*/
type enumerated PayloadType {
e_unsecured (0),
e_signed (1),
e_encrypted (2),
e_signed_external (3),
} with { variant "8 bit" }
/**
* @desc Information used by the security layer after processing the payload
* @see Draft ETSI TS 103 097 V1.1.6 Clause 5.6 TrailerField
*/
type record TrailerField {
TrailerFieldType type_,
TrailerFieldContainer trailerField
} // End of type TrailerField
/**
* @desc
* @member signature_ The signature of the payload
* @member security_field Out of scope
*/
type union TrailerFieldContainer {
Signature signature_,
octetstring security_field
} // End of type TrailerFieldContainer
/**
* @desc Supported types of trailer fields
* @see Draft ETSI TS 103 097 V1.1.6 Clause 5.7 TrailerFieldType
*/
type enumerated TrailerFieldType {
} with { variant "8 bit" }
/**
* @desc Information for a message's recipient
* @member cert_id Identifier for the recipient's certificate
* @member pk_encryption Type of the recipient's certificate
* @member enc_key The recipient's certificate
* @see Draft ETSI TS 103 097 V1.1.6 Clause 5.8 RecipientInfo
*/
type record RecipientInfo {
HashedId8 cert_id,
PublicKeyAlgorithm pk_encryption,
RecipientInfoContainer enc_key
} // End of type RecipientInfo
/**
* @desc The recipient's certificate
* @member enc_key Identifier for the recipient's certificate
* @member enc_key_other Type of the recipient's certificate
*/
type union RecipientInfoContainer {
EciesEncryptedKey enc_key,
octetstring enc_key_other
} // End of type RecipientInfoContainer
/**
* @desc Defines an ECIES-encrypted symmetric key as defined in IEEE Std 1363a 2004
* @member symm_alg The algorithm
* @member symm_key_len The length of vector c containing the encrypted (AES) key
* @member v The sender's ECC ephemeral key used for the Elliptic Curve Encryption Scheme
* @member c The encrypted (AES) key
* @member t The authentication tag vector
* @see Draft ETSI TS 103 097 V1.1.6 Clause 5.9 EciesEncryptedKey
SymmetricAlgorithm symm_alg,
UInt32 symm_key_len,
EccPoint v,
octetstring c,
} // End of type EciesEncryptedKey
} // End of group SecurityMessages
group certificateSpecification {
/**
* @desc Certificate description
* @member version The certificate's version. Shall be set to 2
* @member signer_infos The certificate's signers
* @member subject_info Information on the certificate's subject
* @member subject_attributes The certificate's subject
* @member validity_restrictions Restrictions regarding the certificate's validity
* @member signature_ The signature of this certificate signed by the responsible CA
* @see Draft ETSI TS 103 097 V1.1.6 Clause 6.1 Certificate
*/
type record Certificate {
UInt8 version,
SubjectInfo subject_info,
SubjectAttributes subject_attributes,
ValidityRestrictions validity_restrictions,
Signature signature_
} // End of type Certificate
/**
* @desc Certificate description
* @member subject_type The type subjet
* @member subject_name The subject itself
* @see Draft ETSI TS 103 097 V1.1.6 Clause 6.2 SubjectInfo
* @remark The subject_name variable-length vector shall have a maximum length of 32 bytes
*/
type record SubjectInfo {
SubjectType subject_type,
Oct0to31 subject_name // The subject_name variable-length vector shall have a maximum length of 32 bytes
} // End of type SubjectInfo
/**
* @desc The list of the possible types of subjects
* @see Draft ETSI TS 103 097 V1.1.6 Clause 6.3 SubjectInfoType
*/
type enumerated SubjectType {
e_enrollment_credential (0),
e_authorization_ticket (1),
e_authorization_authority (2),
e_enrollment_authority (3),
e_root_ca (4),
} with { variant "8 bit" }
/**
* @desc Subject attribute description
* @member type_ The type of attribute
* @member attribute The attribute itself
* @see Draft ETSI TS 103 097 V1.1.6 Clause 6.4 SubjectAttribute
*/
type record SubjectAttribute {
SubjectAttributeType type_,
SubjectAttributeContainer attribute
} // End of type SubjectAttribute
/**
* @desc The attributes description
* @member key
* @member rv
* @member assurance_level
* @member its_aid_list
* @member its_aid_ssp_list
* @member other_attribute
*/
type union SubjectAttributeContainer {
PublicKey key,
EccPoint rv,
SubjectAssurance assurance_level,
IntXs its_aid_list,
ItsAidSsps its_aid_ssp_list,
octetstring other_attribute
} // End of type SubjectAttributeContainer
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
/**
* @desc The list of the possible types of attributes
* @see Draft ETSI TS 103 097 V1.1.6 Clause 6.5 SubjectAttributeType
*/
type enumerated SubjectAttributeType {
e_verification_key (0),
e_encryption_key (1),
e_assurance_level (2),
e_reconstruction_value (3),
e_its_aid_list (4),
e_its_aid_ssp_list (5)
} with { variant "8 bit" }
/**
* @desc The ITS S's assurance
* @member levels The assurance levels
* @member reserved Out of scope
* @member confidence The confidence
* @see Draft ETSI TS 103 097 V1.1.6 Clause 6.6 SubjectAssurance
* @see Draft ETSI TS 103 097 V1.1.6 Table 5: Bitwise encoding of subject assurance
*/
type record SubjectAssurance {
Bit3 levels,
Bit3 reserved,
Bit2 confidence
} // End of type SubjectAssurance
/**
* @desc Defines ways to restrict the validity restriction of the certificate
* @member type_ The type of validity restriction of the certificate
* @member validity The validity restriction of the certificate
* @see Draft ETSI TS 103 097 V1.1.6 Clause 6.6 SubjectAssurance
*/
type record ValidityRestriction {
ValidityRestrictionType type_,
ValidityRestrictionContainer validity
} // End of type ValidityRestriction
/**
* @desc Defines the validity restriction of the certificate
* @member end_validity Validity restriction till the end date
* @member time_start_and_end Validity restriction between into a range
* @member time_start_and_duration Validity restriction between into a range from a start date and inside a geographical aera
* @member region Validity restriction into a geographical area
* @member data TODO
*/
type union ValidityRestrictionContainer {
Time32 end_validity,
TimeStartEnd time_start_and_end,
TimeDuration time_start_and_duration,
} // End of type ValidityRestrictionContainer
/**
* @desc Defines the validity restriction between into a range
* @member start_validity Start date
* @member end_validity End date
*/
type record TimeStartEnd {
Time32 start_validity,
Time32 end_validity
} // End of type TimeStartEnd
/**
* @desc Defines the validity restriction between into a range from a start date and inside a geographical aera
* @member start_validity Start date
* @member duration Duration of the validity restriction from the start date
*/
type record TimeDuration {
Time32 start_validity,
} // End of type TimeDuration
/**
* @desc Type of validity restriction of a certificate
* @see Draft ETSI TS 103 097 V1.1.6 6.8 ValidityRestrictionType
*/
type enumerated ValidityRestrictionType {
e_time_end (0),
e_time_start_and_end (1),
e_time_start_and_duration (2),
} with { variant "8 bit" }
type record of ValidityRestriction ValidityRestrictions;
/**
* @desc ITS-AID description
* @member its_aid The ITS_AID identifier
* @member service_specific_permissions The associated Service Specific Permissions
* @see Draft ETSI TS 103 097 V1.1.6 Clause 6.9 ItsAidSsp
*/
type record ItsAidSsp {
IntX its_aid,
} // End of type ItsAidSsp
} // End of group certificateSpecification
group acPrimitives {
type union AcGnSecurityPrimitive {
} // End of type AcGnSecurityPrimitive
type union AcGnSecurityResponse {
} // End of type AcGnSecurityResponse
} // End of group acPrimitives
group utPrimitives {
}
with {
encode "UpperTester"
} // End of group utPrimitives
} // End of module LibItsSecurity_TypesAndValues