Newer
Older
/**
* @author ETSI / STF544
* @version $URL$
* $Id$
* @desc Module containing functions for ITS PKI ATS
* @copyright ETSI Copyright Notification
* No part may be reproduced except as authorized by written permission.
* The copyright and the foregoing restriction extend to reproduction in all media.
* All rights reserved.
*
*/
module LibItsPki_Functions {
// LibCommon
import from LibCommon_Time all;
import from LibCommon_VerdictControl all;
import from LibCommon_Sync all;
import from LibCommon_BasicTypesAndValues all;
import from LibCommon_DataStrings all;
// LibIts
import from IEEE1609dot2BaseTypes language "ASN.1:1997" all;
import from IEEE1609dot2 language "ASN.1:1997" all;
import from EtsiTs102941BaseTypes language "ASN.1:1997" all;
import from EtsiTs102941TypesEnrolment language "ASN.1:1997" all;
import from EtsiTs102941TypesAuthorization language "ASN.1:1997" all;
import from EtsiTs102941TypesAuthorizationValidation language "ASN.1:1997" all;
import from EtsiTs102941MessagesCa language "ASN.1:1997" all;
import from EtsiTs103097Module language "ASN.1:1997" all;
import from ITS_Container language "ASN.1:1997" all;
import from CAM_PDU_Descriptions language "ASN.1:1997" all;
// LibItsCommon
import from LibItsCommon_Functions all;
import from LibItsCommon_ASN1_NamedNumbers all;
import from LibItsCommon_Pixits all;
// LibItsGeoNetworking
import from LibItsGeoNetworking_Pixits all;
// LibItsSecurity
import from LibItsSecurity_TypesAndValues all;
import from LibItsSecurity_Templates all;
import from LibItsSecurity_Functions all;
import from LibItsSecurity_TestSystem all;
// LibItsHttp
import from LibItsHttp_TypesAndValues all;
import from LibItsHttp_Templates all;
* @desc Setups default configuration
* @param p_certificateId The certificate identifier the TA shall use in case of secured IUT
*/
function f_cfHttpUp(
in charstring p_ea_certificate_id := "CERT_TS_A_EA", // TODO Use a constant
in charstring p_ec_certificate_id := "CERT_TS_A_EC",
in charstring p_peerCertificateId := "CERT_IUT_A_EA"
) runs on ItsPkiHttp /* TITAN TODO: system ItsPkiHttpSystem */ {
map(self:httpPort, system:httpPort);
f_connect4SelfOrClientSync();
f_initialiseSecuredMode(p_ea_certificate_id, p_peerCertificateId);
f_readCertificate(p_ea_certificate_id, vc_eaCertificate);
f_readSigningKey(p_ea_certificate_id, vc_eaPrivateKey);
f_readCertificate(p_ec_certificate_id, vc_ecCertificate);
f_readSigningKey(p_ec_certificate_id, vc_ecPrivateKey);
f_readEncryptingKey(p_ea_certificate_id, vc_eaPrivateEncKey);
f_getCertificateDigest(p_ea_certificate_id, vc_eaHashedId8);
f_getCertificateHash(p_ea_certificate_id, vc_eaWholeHash);
f_getCertificateDigest(p_ec_certificate_id, vc_ecHashedId8);
f_readCertificate(p_peerCertificateId, vc_peerEaCertificate);
f_getCertificateHash(p_peerCertificateId, vc_eaPeerWholeHash);
activate(a_default_pki_http());
function f_cfUp_itss(
in charstring p_certificateId := "CERT_TS_A_EA" // TODO Use a constant
) runs on ItsPkiItss /* TITAN TODO: system ItsPkiItssSystem */ {
map(self:geoNetworkingPort, system:geoNetworkingPort);
map(self:utPort, system:utPort);
f_initializeState();
// activate(a_default_pki()); TOTO Defualt from geoNet
/**
* @desc Deletes default configuration
*/
function f_cfHttpDown() runs on ItsPkiHttp /* TITAN TODO: system ItsPkiHttpSystem */ {
unmap(self:httpPort, system:httpPort);
f_disconnect4SelfOrClientSync();
f_uninitialiseSecuredMode();
/**
* @desc Deletes default configuration
*/
function f_cfDown_itss() runs on ItsPkiItss /* TITAN TODO: system ItsPkiItssSystem */ {
unmap(self:geoNetworkingPort, system:geoNetworkingPort);
unmap(self:utPort, system:utPort);
} // End of function f_cfDown
/**
* @desc Initialise secure mode if required
*/
function f_initialiseSecuredMode(
in charstring p_certificateId := "CERT_TS_A_EA", // TODO Use a constant
in charstring p_peerCertificateId := "CERT_IUT_A_EA"
) runs on ItsSecurityBaseComponent {
// Local variables
// Load certificates
if( not f_loadCertificates(PX_IUT_SEC_CONFIG_NAME) ) {
log("*** INFO: TEST CASE NOW STOPPING ITSELF! ***");
setverdict(inconc);
f_prepareCertificates(p_certificateId, vc_aaCertificate, vc_atCertificate);
function f_uninitialiseSecuredMode() runs on ItsSecurityBaseComponent {
f_unloadCertificates();
} // End of function f_uninitialiseSecuredMode()
function f_initializeState() runs on ItsPkiItss {
var Oct8 v_hashedId8ToBeUsed := f_setupIutCertificate(vc_hashedId8ToBeUsed);
f_utInitializeIut(UtPkiInitialize: { v_hashedId8ToBeUsed } );
f_sleep(PX_NEIGHBOUR_DISCOVERY_DELAY);
// f_acLoadScenario(p_scenario);
// f_acStartScenario();
}
group ut_port {
function f_utInitializeIut(template (value) UtPkiInitialize p_init) runs on ItsPkiItss {
utPort.send(p_init);
tc_wait.start;
alt {
[] utPort.receive(UtPkiResults: { utPkiInitializeResult := true }) {
tc_wait.stop;
log("*** f_utInitializeIut: INFO: IUT initialized ***");
}
[] utPort.receive {
tc_wait.stop;
log("*** f_utInitializeIut: INFO: IUT could not be initialized ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[] tc_wait.timeout {
log("*** f_utInitializeIut: INFO: IUT could not be initialized in time ***");
f_selfOrClientSyncAndVerdict("error", e_timeout);
}
}
} // End of function f_utInitializeIut
function f_sendUtTriggerPrimitive(
in charstring p_cannonicalId,
in Oct1 p_encAlgorithm,
in octetstring p_private_key,
in octetstring p_publicKeyCompressed,
in integer p_compressedMode
) runs on ItsPkiItss {
var TriggerEnrolmentRequest v_ut_trigger_enrolment_request;
var octetstring v_compressed_public_key;
if (p_compressedMode == 2) { // TODO v_compressed_public_key := int2oct(p_compressedMode, 1) & p_publicKeyCompressed?
v_compressed_public_key := '02'O & p_publicKeyCompressed;
} else {
v_compressed_public_key := '03'O & p_publicKeyCompressed;
}
v_ut_trigger_enrolment_request := { p_cannonicalId, p_encAlgorithm, p_private_key, v_compressed_public_key };
utPort.send(UtPkiTrigger: { triggerEnrolmentRequest := v_ut_trigger_enrolment_request });
tc_ac.start;
alt {
[] utPort.receive(UtPkiResults: { utPkiTriggerResult := true }) {
tc_ac.stop;
}
[] utPort.receive(UtPkiResults: { utPkiTriggerResult := false }) {
tc_ac.stop;
log("*** f_sendUtTriggerPrimitive: ERROR: Received unexpected message ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[] tc_ac.timeout {
log("*** f_sendAcPkiPrimitive: ERROR: Timeout while waiting for adapter control event result ***");
f_selfOrClientSyncAndVerdict("error", e_timeout);
}
} // End of 'alt' statement
} // End of function f_sendUtTriggerPrimitive
} // End of group ut_port
group http {
function f_http_build_inner_ec_request( // TODO Cleanup parameters
out octetstring p_private_key,
out octetstring p_publicKeyCompressed,
out integer p_compressedMode,
out Oct16 p_aes_sym_key,
out Oct16 p_encrypted_sym_key,
out Oct16 p_authentication_vector,
out Oct12 p_nonce,
out octetstring p_salt,
out Ieee1609Dot2Data p_ieee1609dot2_signed_and_encrypted_data,
var InnerEcRequest v_inner_ec_request;
var Ieee1609Dot2Data v_inner_ec_request_signed_for_pop;
var octetstring v_public_enc_key;
var integer v_compressed_enc_key_mode;
var boolean v_ret_code;
if (f_generate_inner_ec_request(p_private_key, p_publicKeyCompressed, p_compressedMode, v_inner_ec_request) == false) {
log("*** f_http_build_inner_ec_request: ERROR: Failed to generate InnerEcRequest ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
// Generate InnerEcRequestSignedForPoP
if (f_generate_inner_ec_request_signed_for_pop(p_private_key, v_inner_ec_request, v_inner_ec_request_signed_for_pop) == false) {
log("*** f_http_build_inner_ec_request: ERROR: Failed to generate InnerEcRequestSignedForPop ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
log("v_inner_ec_request_signed_for_pop= ", v_inner_ec_request_signed_for_pop);
// Secure InnerEcRequestSignedForPoP message
if (f_extract_enc_key(vc_eaCertificate, v_public_enc_key, v_compressed_enc_key_mode) == false) {
log("*** f_http_build_inner_ec_request: ERROR: Non canonical EA certificate ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
log("*** f_http_build_inner_ec_request: Public encryption key: ", v_public_enc_key);
log("*** f_http_build_inner_ec_request: Public encryption key comp: ", v_compressed_enc_key_mode);
log("*** f_http_build_inner_ec_request: First enrolment: ", PX_FIRST_ENROLMENT);
if (PX_FIRST_ENROLMENT == true) { // This is the first enrolment, we used Factory keys
v_ret_code := f_build_pki_secured_message(PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY, valueof(m_signerIdentifier_self), vc_eaHashedId8/*recipientId*/, v_public_enc_key, v_compressed_enc_key_mode, p_salt, bit2oct(encvalue(m_etsiTs102941Data_inner_ec_request_signed_for_pop(v_inner_ec_request_signed_for_pop))), p_ieee1609dot2_signed_and_encrypted_data, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce, p_request_hash);
v_ret_code := f_build_pki_secured_message(vc_ecPrivateKey, valueof(m_signerIdentifier_digest(vc_ecHashedId8)), vc_eaHashedId8/*recipientId*/, v_public_enc_key, v_compressed_enc_key_mode, p_salt, bit2oct(encvalue(m_etsiTs102941Data_inner_ec_request_signed_for_pop(v_inner_ec_request_signed_for_pop))), p_ieee1609dot2_signed_and_encrypted_data, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce, p_request_hash);
log("*** f_http_build_inner_ec_request: ERROR: Failed to generate InnerEcRequestSignedForPop ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
log("*** f_http_build_inner_ec_request: DEBUG: p_ieee1609dot2_signed_and_encrypted_data= ", p_ieee1609dot2_signed_and_encrypted_data);
log("*** f_http_build_inner_ec_request: DEBUG: p_request_hash= ", p_request_hash);
function f_http_build_invalid_enrolment_request(
out octetstring p_private_key,
out octetstring p_publicKeyCompressed,
out integer p_compressedMode,
out Oct16 p_aes_sym_key,
out Oct16 p_encrypted_sym_key,
out Oct16 p_authentication_vector,
out Oct12 p_nonce,
out octetstring p_salt,
out Ieee1609Dot2Data p_ieee1609dot2_signed_and_encrypted_data,
) runs on ItsPkiHttp {
var InnerEcRequest v_inner_ec_request;
var Ieee1609Dot2Data v_inner_ec_request_signed_for_pop;
var octetstring v_public_enc_key;
var integer v_compressed_enc_key_mode;
var boolean v_ret_code;
if (f_generate_inner_ec_request(p_private_key, p_publicKeyCompressed, p_compressedMode, v_inner_ec_request) == false) {
log("*** f_http_build_invalid_enrolment_request: ERROR: Failed to generate InnerEcRequest ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
// Generate InnerEcRequestSignedForPoP
if (f_generate_inner_ec_request_signed_for_pop(p_private_key, v_inner_ec_request, v_inner_ec_request_signed_for_pop) == false) {
log("*** f_http_build_invalid_enrolment_request: ERROR: Failed to generate InnerEcRequestSignedForPop ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
log("v_inner_ec_request_signed_for_pop= ", v_inner_ec_request_signed_for_pop);
// Secure InnerEcRequestSignedForPoP message
if (f_extract_enc_key(vc_eaCertificate, v_public_enc_key, v_compressed_enc_key_mode) == false) {
log("*** f_http_build_inner_ec_request: ERROR: Non canonical EA certificate ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
log("*** f_http_build_inner_ec_request: Public encryption key: ", v_public_enc_key);
log("*** f_http_build_inner_ec_request: Public encryption key comp: ", v_compressed_enc_key_mode);
if (PX_FIRST_ENROLMENT == true) { // This is the first enrolment, we used Factory keys
v_ret_code := f_build_pki_secured_message(PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY, valueof(m_signerIdentifier_self), vc_eaHashedId8/*recipientId*/, v_public_enc_key, v_compressed_enc_key_mode, p_salt, bit2oct(encvalue(m_etsiTs102941Data_inner_ec_request_signed_for_pop(v_inner_ec_request_signed_for_pop))), p_ieee1609dot2_signed_and_encrypted_data, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce, p_request_hash);
v_ret_code := f_build_pki_secured_message(vc_ecPrivateKey, valueof(m_signerIdentifier_digest(vc_ecHashedId8)), vc_eaHashedId8/*recipientId*/, v_public_enc_key, v_compressed_enc_key_mode, p_salt, bit2oct(encvalue(m_etsiTs102941Data_inner_ec_request_signed_for_pop(v_inner_ec_request_signed_for_pop))), p_ieee1609dot2_signed_and_encrypted_data, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce, p_request_hash);
log("*** f_http_build_invalid_enrolment_request: ERROR: Failed to generate InnerEcRequestSignedForPop ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
log("*** f_http_build_invalid_enrolment_request: DEBUG: p_ieee1609dot2_signed_and_encrypted_data = ", p_ieee1609dot2_signed_and_encrypted_data);
} // End of function f_http_build_invalid_enrolment_request
function f_http_build_inner_at_request(
out octetstring p_private_key,
out octetstring p_publicKeyCompressed,
out integer p_compressedMode,
out Ieee1609Dot2Data p_ieee1609dot2_signed_and_encrypted_data,
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
// Local variables
var InnerAtRequest v_authorization_request;
var bitstring v_authorization_request_msg;
var octetstring v_public_enc_key;
var integer v_compressed_enc_key_mode;
if (f_generate_authorization_request(vc_eaCertificate, vc_eaHashedId8, p_private_key, p_publicKeyCompressed, p_compressedMode, v_authorization_request) == false) {
log("*** f_http_build_authorization_request: ERROR: Failed to generate AuthorizationValidationRequest ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
// Secure the Pki message
if (f_extract_enc_key(vc_eaCertificate, v_public_enc_key, v_compressed_enc_key_mode) == false) {
log("*** f_http_build_inner_ec_request: ERROR: Non canonical EA certificate ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
log("*** f_http_build_authorization_request: Public encryption key: ", v_public_enc_key);
log("*** f_http_build_authorization_request: Public encryption key comp: ", v_compressed_enc_key_mode);
/**
TODO: Load certificate according to the IUT role
==> a complete fucntion which set up the TestSustem certificate,keyy... according to the IUT role
**/
log("*** f_http_build_inner_ec_request: ERROR: Need to add TestSystem variable vc_aa ***");
f_selfOrClientSyncAndVerdict("error", e_error);
/* if (f_build_pki_secured_message(vc_aaPrivateKey, valueof(m_signerIdentifier_digest(vc_aaHashedId8)), vc_eaHashedId8/\*recipientId*\/, v_public_enc_key, v_compressed_enc_key_mode, vc_eaWholeHash, bit2oct(encvalue(m_etsiTs102941Data_authorization_request(v_authorization_request))), p_ieee1609dot2_signed_and_encrypted_data, p_request_hash) == false) { */
/* log("*** f_http_build_authorization_request: ERROR: Failed to generate InnerEcRequestSignedForPop ***"); */
/* f_selfOrClientSyncAndVerdict("error", e_error); */
/* } */
log("*** f_http_build_authorization_request: DEBUG: p_ieee1609dot2_signed_and_encrypted_data = ", p_ieee1609dot2_signed_and_encrypted_data);
out octetstring p_private_key,
out octetstring p_publicKeyCompressed,
out integer p_compressedMode,
out Ieee1609Dot2Data p_ieee1609dot2_signed_and_encrypted_data
) runs on ItsPkiHttp {
// Local variables
var AuthorizationValidationRequest v_authorization_validation_request;
var bitstring v_authorization_validation_request_msg;
var octetstring v_public_enc_key;
var integer v_compressed_enc_key_mode;
if (f_generate_authorization_validation_request(vc_eaCertificate, vc_eaHashedId8, p_private_key, p_publicKeyCompressed, p_compressedMode, v_authorization_validation_request) == false) {
log("*** f_http_build_authorization_validation_request: ERROR: Failed to generate AuthorizationValidationRequest ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
// Secure the Pki message
if (f_extract_enc_key(vc_eaCertificate, v_public_enc_key, v_compressed_enc_key_mode) == false) {
log("*** f_http_build_inner_ec_request: ERROR: Non canonical EA certificate ***");
log("*** f_http_build_authorization_validation_request: Public encryption key: ", v_public_enc_key);
log("*** f_http_build_authorization_validation_request: Public encryption key comp: ", v_compressed_enc_key_mode);
/**
TODO: Load certificate according to the IUT role
==> a complete fucntion which set up the TestSustem certificate,keyy... according to the IUT role
**/
log("*** f_http_build_inner_ec_request: ERROR: Need to add TestSystem variable vc_aa ***");
f_selfOrClientSyncAndVerdict("error", e_error);
/* if (f_build_pki_secured_message(vc_aaPrivateKey, valueof(m_signerIdentifier_digest(vc_aaHashedId8)), vc_eaHashedId8/\*recipientId*\/, v_public_enc_key, v_compressed_enc_key_mode, vc_eaWholeHash, bit2oct(encvalue(m_etsiTs102941Data_authorization_validation_request(v_authorization_validation_request))), p_ieee1609dot2_signed_and_encrypted_data, p_request_hash) == false) { */
/* log("*** f_http_build_authorization_validation_request: ERROR: Failed to generate InnerEcRequestSignedForPop ***"); */
/* f_selfOrClientSyncAndVerdict("error", e_error); */
/* } */
log("*** f_http_build_authorization_validation_request: DEBUG: p_ieee1609dot2_signed_and_encrypted_data = ", p_ieee1609dot2_signed_and_encrypted_data);
} // End of function f_http_build_authorization_validation_request
} // End of group http
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
group generate_certificates {
function f_generate_ec_certificate(
in octetstring p_private_key,
in InnerEcRequest p_inner_ec_request,
out Certificate p_ec_certificate
) return boolean {
var SequenceOfPsidSsp v_appPermissions := { // ETSI TS 102 965 Table A.1: ETSI ITS standardized ITS-AIDs
valueof(m_appPermissions(36, { bitmapSsp := '830001'O })),
valueof(m_appPermissions(37, { bitmapSsp := '830001'O }))
};
var template (value) EtsiTs103097Certificate v_cert;
var bitstring v_tbs;
var Oct32 v_sig;
var bitstring v_enc_msg;
v_cert := m_etsiTs103097Certificate(
m_issuerIdentifier_sha256AndDigest(f_HashedId8FromSha256(f_hashWithSha256('616263'O))),
m_toBeSignedCertificate_at(
v_appPermissions,
m_verificationKeyIndicator_verificationKey(
m_publicVerificationKey_ecdsaNistP256(
p_inner_ec_request.publicKeys.verificationKey.ecdsaNistP256
)),
m_validityPeriod(
17469212,
m_duration_years(10)
),
m_geographicRegion_identifiedRegion(
{
m_identifiedRegion_country_only(12),
m_identifiedRegion_country_only(34)
}
)
)
);
// Encode it ==> Get octetstring
v_tbs := encvalue(v_cert.toBeSigned);
// Sign the certificate using ECDSA/SHA-256 (NIST p-256)
v_sig := f_signWithEcdsaNistp256WithSha256(bit2oct(v_tbs), int2oct(11, 32), p_private_key);
v_cert.signature_ := m_signature_ecdsaNistP256(
m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(
substr(v_sig, 0, 32)
),
substr(v_sig, 32, 32)
)
);
log("v_cert= ", v_cert);
p_ec_certificate := valueof(v_cert);
return true;
} // End of function f_generate_ec_certificate
function f_generate_at_certificate(
in octetstring p_private_key,
in InnerEcRequest p_inner_ec_request,
out Certificate p_at_certificate
) return boolean {
var SequenceOfPsidSsp v_appPermissions := { // ETSI TS 102 965 Table A.1: ETSI ITS standardized ITS-AIDs
valueof(m_appPermissions(36, { bitmapSsp := '830001'O })),
valueof(m_appPermissions(37, { bitmapSsp := '830001'O }))
};
var template (value) EtsiTs103097Certificate v_cert;
var bitstring v_tbs;
var Oct32 v_sig;
var bitstring v_enc_msg;
v_cert := m_etsiTs103097Certificate(
m_issuerIdentifier_sha256AndDigest(f_HashedId8FromSha256(f_hashWithSha256('616263'O))),
m_toBeSignedCertificate_at(
v_appPermissions,
m_verificationKeyIndicator_verificationKey(
m_publicVerificationKey_ecdsaNistP256(
p_inner_ec_request.publicKeys.verificationKey.ecdsaNistP256
)),
m_validityPeriod(
17469212,
m_duration_years(10)
),
m_geographicRegion_identifiedRegion(
{
m_identifiedRegion_country_only(12),
m_identifiedRegion_country_only(34)
}
)
)
);
// Encode it ==> Get octetstring
v_tbs := encvalue(v_cert.toBeSigned);
// Sign the certificate using ECDSA/SHA-256 (NIST p-256)
v_sig := f_signWithEcdsaNistp256WithSha256(bit2oct(v_tbs), int2oct(11, 32), p_private_key);
v_cert.signature_ := m_signature_ecdsaNistP256(
m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(
substr(v_sig, 0, 32)
),
substr(v_sig, 32, 32)
)
);
log("v_cert= ", v_cert);
p_at_certificate := valueof(v_cert);
return true;
} // End of function f_generate_at_certificate
} // End of group generate_certificates
out octetstring p_private_key,
out octetstring p_publicKeyCompressed,
out integer p_compressedMode,
out InnerEcRequest p_inner_ec_request
) return boolean {
var EccP256CurvePoint v_eccP256_curve_point;
log (">>> f_generate_inner_ec_request");
// Generate keys for the certificate to be requested
if (f_generate_key_pair_nistp256(p_private_key, v_publicKeyX, v_publicKeyY, p_publicKeyCompressed, p_compressedMode) == false) {
log ("f_generate_inner_ec_request: failed to generate keys");
return false;
}
if (p_compressedMode == 0) {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(p_publicKeyCompressed));
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(p_publicKeyCompressed));
log ("f_generate_inner_ec_request: ", v_eccP256_curve_point);
// Build the Proof of Possession InnerEcRequest
p_inner_ec_request := valueof(
m_innerEcRequest(
m_publicVerificationKey_ecdsaNistP256(v_eccP256_curve_point)
),
m_certificateSubjectAttributes(
{ // ETSI TS 102 965 Table A.1: ETSI ITS standardized ITS-AIDs
valueof(m_appPermissions(623, { bitmapSsp := '00C0'O }))
f_getCurrentTime() / 1000,
m_duration_years(1) // TODO Use PIXIT
{
m_identifiedRegion_country_only(12), // TODO Use PIXIT
m_identifiedRegion_country_only(34) // TODO Use PIXIT
}
),
log ("f_generate_inner_ec_request: ", p_inner_ec_request);
} // End of function f_generate_inner_ec_request
function f_generate_inner_ec_request_signed_for_pop(
in octetstring p_private_key,
in InnerEcRequest p_inner_ec_request,
out Ieee1609Dot2Data p_inner_ec_request_signed_for_pop
) return boolean {
// Local variables
var template (value) EccP256CurvePoint v_eccP256_curve_point;
var octetstring v_encoded_inner_ec_request;
var template (value) ToBeSignedData v_tbs;
var octetstring v_tbs_signed;
// Encode it
v_encoded_inner_ec_request := bit2oct(encvalue(p_inner_ec_request));
// Signed the encoded InnerEcRequestSignedForPop
v_tbs := m_toBeSignedData(
m_signedDataPayload(
m_etsiTs103097Data_unsecured(
v_encoded_inner_ec_request
)
),
m_headerInfo_inner_ec_request(
c_its_aid_SCR,
f_getCurrentTimeUtc()
)
);
// Signed the encoded InnerEcRequestSignedForPop
v_tbs_signed := f_signWithEcdsaNistp256WithSha256(bit2oct(encvalue(v_tbs)), int2oct(0, 32), p_private_key);
// Finalyse signed InnerEcRequestSignedForPop
p_inner_ec_request_signed_for_pop := valueof(
m_etsiTs103097Data_signed(
m_signedData(
sha256,
v_tbs,
m_signerIdentifier_self,
m_signature_ecdsaNistP256(
m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(
substr(v_tbs_signed, 0, 32)
),
substr(v_tbs_signed, 32, 32)
)
)
)
)
);
return true;
} // End of function f_generate_inner_ec_request_signed_for_pop
function f_generate_inner_ec_response(
in octetstring p_inner_ec_request_hash,
in EtsiTs103097Certificate p_certificate,
out InnerEcResponse p_inner_ec_response
) return boolean {
// Local variables
// Build the Proof of Possession InnerEcResponse
p_inner_ec_response := valueof(
m_innerEcResponse_ok(
substr(p_inner_ec_request_hash, 0, 16),
p_certificate
)
);
return true;
} // End of function f_generate_inner_ec_response
group inner_at_xxx {
function f_generate_inner_at_request(
in Certificate p_ec_certificate,
in octetstring p_private_key,
in Certificate p_ea_certificate,
in HashedId8 p_eaHashedId8,
in boolean p_itss_privacy,
out octetstring p_private_enc_key,
out octetstring p_publicEncKeyCompressed,
out integer p_compressedMode,
out InnerAtRequest p_inner_at_request,
out Ieee1609Dot2Data p_inner_at_request_data
) return boolean {
// Local variables
var octetstring public_enc_key_x;
var octetstring public_enc_key_y;
var template (value) EccP256CurvePoint v_eccP256_curve_point;
var Oct32 v_hmac_key;
var octetstring v_message_to_tag;
var Oct16 v_key_tag;
var octetstring v_whole_certificate_hash;
var octetstring v_hash_shared_at_request;
var template (value) ToBeSignedData v_tbs;
var octetstring v_tbs_signed;
var Ieee1609Dot2Data v_signed_ec_signature;
// Generate encryption keys for the certificate to be requested
if (f_generate_key_pair_nistp256(p_private_enc_key, public_enc_key_x, public_enc_key_y, p_publicEncKeyCompressed, p_compressedMode) == false) {
return false;
}
if (p_compressedMode == 0) {
v_eccP256_curve_point := m_eccP256CurvePoint_compressed_y_0(p_publicEncKeyCompressed);
} else {
v_eccP256_curve_point := m_eccP256CurvePoint_compressed_y_1(p_publicEncKeyCompressed);
}
// Generate 32 octets length secret key
v_hmac_key := f_hashWithSha256(int2oct(f_getCurrentTime(), 12));
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
log("v_hmac_key=", v_hmac_key);
// Generate tag based on the concatenation of ???
if (ischosen(p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey)) {
if (ischosen(p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256)) {
if (ischosen(p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.compressed_y_0)) {
v_message_to_tag := '02'O & p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.compressed_y_0;
} else {
v_message_to_tag := '03'O & p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.compressed_y_1;
}
} else {
// TODO
/* if (ischosen(p_ec_certificate.verifyKeyIndicator.ecdsaBrainpoolP256.compressed_y_0)) { */
/* v_message_to_tag := '02'O & p_ec_certificate.verifyKeyIndicator.ecdsaBrainpoolP256.compressed_y_0; */
/* } else { */
/* v_message_to_tag := '03'O & p_ec_certificate.verifyKeyIndicator.ecdsaBrainpoolP256.compressed_y_1; */
/* } */
}
} else {
return false;
}
if (p_compressedMode == 0) {
v_message_to_tag := v_message_to_tag & '02'O & p_publicEncKeyCompressed;
} else {
v_message_to_tag := v_message_to_tag & '03'O & p_publicEncKeyCompressed;
}
log("v_message_to_tag=", v_message_to_tag);
v_key_tag := fx_hmac_sha256(v_hmac_key, v_message_to_tag); // TODO Rename and use a wrapper function
log("v_key_tag=", v_key_tag);
// Build the SharedAtRequest
p_inner_at_request.publicKeys := valueof(
m_publicKeys(
m_publicVerificationKey_ecdsaNistP256(
p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256
),
m_encryptionKey(
-,
m_publicEncryptionKey_ecdsaNistP256(v_eccP256_curve_point)
)
)
);
p_inner_at_request.hmacKey := v_hmac_key;
p_inner_at_request.sharedAtRequest := valueof(
m_shared_at_request(
p_eaHashedId8,
v_key_tag,
valueof(
m_certificate_subject_attributes( // FIXME Review subjectPermissions
p_ec_certificate.toBeSigned.appPermissions,
{ { subjectPermissions := { all_ := NULL }, minChainLength := 1, chainLengthRange := 0, eeType := '00000000'B } },
p_ec_certificate.toBeSigned.id,
p_ec_certificate.toBeSigned.validityPeriod,
p_ec_certificate.toBeSigned.region,
p_ec_certificate.toBeSigned.assuranceLevel
))));
v_hash_shared_at_request := f_hashWithSha256(bit2oct(encvalue(p_inner_at_request.sharedAtRequest)));
log("v_hash_shared_at_request=", v_hash_shared_at_request);
// Build the ToBeSigned payload
v_tbs := m_toBeSignedData(
m_signedDataPayload_ext(v_hash_shared_at_request),
m_headerInfo_inner_ec_request(
c_its_aid_SCR,
f_getCurrentTimeUtc())
);
// Signed ToBeSigned payload
v_whole_certificate_hash := f_hashWithSha256(bit2oct(encvalue(p_ec_certificate)));
log("v_whole_certificate_hash=", v_whole_certificate_hash);
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
v_tbs_signed := f_signWithEcdsaNistp256WithSha256(bit2oct(encvalue(v_tbs)), v_whole_certificate_hash, p_private_key);
v_signed_ec_signature := valueof(
m_etsiTs103097Data_signed(
m_signedData(
sha256,
v_tbs,
m_signerIdentifier_digest(
f_HashedId8FromSha256(
v_whole_certificate_hash
)
),
m_signature_ecdsaNistP256(
m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(
substr(v_tbs_signed, 0, 32)
),
substr(v_tbs_signed, 32, 32)
)
)
)
)
);
// Encrypt EcSignature with EA certificate
if (p_itss_privacy) {
var octetstring v_public_enc_key;
var integer v_compressed_mode;
var Oct12 v_nonce;
var Oct16 v_authentication_vector;
var Oct16 v_encrypted_sym_key;
var HashedId8 v_recipientId;
var octetstring v_publicEphemeralKeyCompressed;
var integer v_ephemeralKeyModeCompressed;
var octetstring v_enc_signed_ec_signature;
if (ischosen(p_ea_certificate.toBeSigned.encryptionKey.publicKey.eciesNistP256.compressed_y_0)) {
v_public_enc_key := p_ea_certificate.toBeSigned.encryptionKey.publicKey.eciesNistP256.compressed_y_0;
v_compressed_mode := 0;
} else if (ischosen(p_ea_certificate.toBeSigned.encryptionKey.publicKey.eciesNistP256.compressed_y_1)) {
v_public_enc_key := p_ea_certificate.toBeSigned.encryptionKey.publicKey.eciesNistP256.compressed_y_1;
v_compressed_mode := 1;
} else {
return false;
}
v_enc_signed_ec_signature := f_encryptWithEciesNistp256WithSha256(bit2oct(encvalue(v_signed_ec_signature)), v_public_enc_key, v_compressed_mode, ''O, v_publicEphemeralKeyCompressed, v_ephemeralKeyModeCompressed, v_aes_sym_key, v_encrypted_sym_key, v_authentication_vector, v_nonce);
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
v_recipientId := p_eaHashedId8;
log("v_recipientId=", v_recipientId);
// Fill Certificate template with the public compressed keys (canonical form)
if (v_ephemeralKeyModeCompressed == 0) {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_publicEphemeralKeyCompressed));
} else {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_publicEphemeralKeyCompressed));
}
p_inner_at_request.ecSignature := valueof(
m_ec_signature(
m_etsiTs103097Data_encrypted(
m_encryptedData(
{
m_recipientInfo_signedDataRecipInfo(
m_pKRecipientInfo(
v_recipientId,
m_encryptedDataEncryptionKey_eciesNistP256(
m_evciesP256EncryptedKey(
v_eccP256_curve_point,
v_encrypted_sym_key,
v_authentication_vector
))))
},
m_SymmetricCiphertext_aes128ccm(
m_aesCcmCiphertext(
v_nonce,
v_enc_signed_ec_signature
)
)
)
)
)
);
} else {
p_inner_at_request.ecSignature := valueof(m_ec_signature_ext_payload(v_signed_ec_signature));
}
log("p_inner_at_request=", p_inner_at_request);
return true;
} // End of function f_generate_inner_at_request
function f_generate_inner_at_response(
in Certificate p_ec_certificate,
in octetstring p_private_key,
in HashedId8 p_eaHashedId8,
out octetstring p_private_enc_key,
out octetstring p_publicEncKeyX,
out octetstring p_publicEncKeyY,
out octetstring p_publicEncKeyCompressed,
out integer p_compressedMode,
out InnerAtRequest p_inner_at_request,
out Ieee1609Dot2Data p_inner_at_request_data
) return boolean {
// Local variables
return false;
} // End of function f_generate_inner_at_response
} // End of group inner_at_xxx
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
group authorization_xxx {
function f_generate_authorization_request(
in Certificate p_ea_certificate,
in HashedId8 p_ea_certificate_hashed_id8,
out octetstring p_private_key,
out octetstring p_publicKeyCompressed,
out integer p_compressedMode,
out InnerAtRequest p_authorization_request
) return boolean {
// Local variables
var octetstring v_private_enc_key;
var Oct32 v_publicEncKeyCompressed;
var integer v_compressedMode;
var InnerEcRequest v_inner_ec_request;
var Certificate v_ec_certificate;
var InnerAtRequest v_inner_at_request;
var Ieee1609Dot2Data v_inner_at_request_data;
if (f_generate_inner_ec_request(p_private_key, p_publicKeyCompressed, p_compressedMode, v_inner_ec_request) == false) {
return false;
}
if (f_generate_ec_certificate(p_private_key, v_inner_ec_request, v_ec_certificate) == false) {
return false;
}
if (f_generate_inner_at_request(v_ec_certificate, p_private_key, p_ea_certificate, p_ea_certificate_hashed_id8, true, v_private_enc_key, v_publicEncKeyCompressed, v_compressedMode, v_inner_at_request, v_inner_at_request_data) == false) {
return false;
}
p_authorization_request.sharedAtRequest := v_inner_at_request.sharedAtRequest;
p_authorization_request.ecSignature := v_inner_at_request.ecSignature;
log("f_generate_authorization_request: ", p_authorization_request);
return true;
} // End of function f_generate_authorization_request
function f_generate_authorization_response(
in octetstring p_authorization_request_hash,
in CertificateSubjectAttributes p_Certificate_subject_attributes,
out InnerAtResponse p_authorization_response
) return boolean {
// Local variables
// Build the Proof of Possession InnerAtResponse
/*p_authorization_response := valueof(
m_innerAtResponse_ok(
p_authorization_request_hash,
p_Certificate_subject_attributes
)
);*/
return true;
} // End of function f_generate_authorization_response
} // End of group authorization_xxx
group authorization_validation_xxx {
function f_generate_authorization_validation_request(
in Certificate p_ea_certificate,
in HashedId8 p_ea_certificate_hashed_id8,
out octetstring p_private_key,
out octetstring p_publicKeyCompressed,
out integer p_compressedMode,
out AuthorizationValidationRequest p_authorization_validation_request
) return boolean {
// Local variables
var octetstring v_private_enc_key;
var Oct32 v_publicEncKeyCompressed;
var integer v_compressedMode;
var InnerEcRequest v_inner_ec_request;
var Certificate v_ec_certificate;
var InnerAtRequest v_inner_at_request;
var Ieee1609Dot2Data v_inner_at_request_data;
if (f_generate_inner_ec_request(p_private_key, p_publicKeyCompressed, p_compressedMode, v_inner_ec_request) == false) {
return false;
}
if (f_generate_ec_certificate(p_private_key, v_inner_ec_request, v_ec_certificate) == false) {
return false;
}
if (f_generate_inner_at_request(v_ec_certificate, p_private_key, p_ea_certificate, p_ea_certificate_hashed_id8, true, v_private_enc_key, v_publicEncKeyCompressed, v_compressedMode, v_inner_at_request, v_inner_at_request_data) == false) {
return false;
}
p_authorization_validation_request.sharedAtRequest := v_inner_at_request.sharedAtRequest;
p_authorization_validation_request.ecSignature := v_inner_at_request.ecSignature;
log("f_generate_authorization_validation_request: ", p_authorization_validation_request);
} // End of function f_generate_authorization_validation_request
function f_generate_authorization_validation_response(
in octetstring p_authorization_validation_request_hash,
in CertificateSubjectAttributes p_Certificate_subject_attributes,
out AuthorizationValidationResponse p_authorization_validation_response
// Local variables
// Build the Proof of Possession InnerEcResponse
p_authorization_validation_response := valueof(
m_authorizationValidationResponse_ok(
substr(p_authorization_validation_request_hash, 0, 16),
p_Certificate_subject_attributes
)
);
return true;
} // End of function f_generate_authorization_validation_response
} // End of group authorization_validation_xxx
/**
* @desc Build a signed and encrypted PKI message
* @param p_private_key Private key for signature
* @param p_signer_identifier Signer identifier for signature, could be self or certificate HashedId8
* @param p_recipientId Recipient identifier to be inclued in encrypted layer.
* If value is int2oct(0. 8), the recipient id is the HashedId8 of the symmetric key used by the sender to encrypt the message to which the response is built
* @param p_publicKeyCompressed The public compressed key (canonical form) for encryption
* @param p_compressedMode The compressed mode of the public compressed key (canonical form) for encryption
* @param p_pki_message The PKI message to be secured
* @param p_ieee1609dot2_signed_and_encrypted_data The secured message
* @return true on success, false otherwise
*/
in SignerIdentifier p_signer_identifier,
in HashedId8 p_recipientId,
in octetstring p_publicKeyCompressed,
in octetstring p_salt,
out Ieee1609Dot2Data p_ieee1609dot2_signed_and_encrypted_data,
out Oct16 p_aes_sym_key,
out Oct16 p_encrypted_sym_key,
out Oct16 p_authentication_vector,
out Oct12 p_nonce,
out Oct32 p_request_hash
) return boolean {
// Local variables
var template (value) EccP256CurvePoint v_eccP256_curve_point;
var template (value) ToBeSignedData v_tbs;
var octetstring v_tbs_signed;
var template (value) Ieee1609Dot2Data v_ieee1609dot2_signed_data;
var HashedId8 v_recipientId;
var octetstring v_publicEphemeralKeyCompressed;
var integer v_ephemeralKeyModeCompressed;
var octetstring v_encrypted_inner_ec_request;
// Signed the encoded PKI message
v_tbs := m_toBeSignedData(
m_signedDataPayload(
m_headerInfo_inner_ec_request(c_its_aid_SCR, f_getCurrentTimeUtc())
if (ischosen(p_signer_identifier.self_)) {
v_tbs_signed := f_signWithEcdsaNistp256WithSha256(bit2oct(encvalue(v_tbs)), int2oct(0, 32), p_private_key);
} else {
var charstring v_certificate_id;
var octetstring v_hash;
fx_readCertificateFromDigest(p_signer_identifier.digest, v_certificate_id); // TODO Add a wrapper function
f_getCertificateHash(v_certificate_id, v_hash);
v_tbs_signed := f_signWithEcdsaNistp256WithSha256(bit2oct(encvalue(v_tbs)), v_hash, p_private_key);
}
// Add the signature and create EtsiTs103097Data-Signed data structure
v_ieee1609dot2_signed_data := m_etsiTs103097Data_signed(
m_signedData(
sha256,
v_tbs,
p_signer_identifier,
m_signature_ecdsaNistP256(
m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(
substr(v_tbs_signed, 0, 32)
),
substr(v_tbs_signed, 32, 32)
)
)
)
);
// Encode EtsiTs103097Data-Signed data structure
v_encoded_inner_ec_request := bit2oct(encvalue(v_ieee1609dot2_signed_data));
// Calculate the SHA256 of v_encoded_inner_ec_request
p_request_hash := f_hashWithSha256(v_encoded_inner_ec_request);
log("p_request_hash= ", p_request_hash);
// Encrypt encode EtsiTs103097Data-Signed data structure
if (PICS_SEC_FIXED_KEYS) {
p_publicKeyCompressed := '8C5E20FE31935F6FA682A1F6D46E4468534FFEA1A698B14B0B12513EED8DEB11'O;
p_compressedMode := 0;
p_salt := '9169155B08B07674CBADF75FB46A7B0D'O;
}
v_encrypted_inner_ec_request := f_encryptWithEciesNistp256WithSha256(v_encoded_inner_ec_request, p_publicKeyCompressed, p_compressedMode, p_salt, v_publicEphemeralKeyCompressed, v_ephemeralKeyModeCompressed, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce, PICS_SEC_FIXED_KEYS);
log("p_aes_sym_key=", p_aes_sym_key);
log("p_encrypted_sym_key=", p_encrypted_sym_key);
log("p_authentication_vector=", p_authentication_vector);
log("p_nonce=", p_nonce);
log("p_recipientId=", p_recipientId);
if (p_recipientId == int2oct(0, 8)) {
log("f_hashWithSha256(v_encrypted_sym_key)=", f_hashWithSha256(p_encrypted_sym_key));
v_recipientId := f_HashedId8FromSha256(f_hashWithSha256(p_encrypted_sym_key));
} else {
v_recipientId := p_recipientId;
}
log("v_recipientId=", v_recipientId);
// Fill Certificate template with the public compressed keys (canonical form)
if (v_ephemeralKeyModeCompressed == 0) {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_publicEphemeralKeyCompressed));
} else {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_publicEphemeralKeyCompressed));
}
p_ieee1609dot2_signed_and_encrypted_data := valueof(
m_etsiTs103097Data_encrypted(
m_encryptedData(
{
m_recipientInfo_signedDataRecipInfo(
m_pKRecipientInfo(
v_recipientId,
m_encryptedDataEncryptionKey_eciesNistP256(
m_evciesP256EncryptedKey(
v_eccP256_curve_point,
p_encrypted_sym_key,
p_authentication_vector
))))
},
m_SymmetricCiphertext_aes128ccm(
m_aesCcmCiphertext(
v_encrypted_inner_ec_request
)
)
)
)
);
return true;
} // End of function f_build_pki_secured_message
* @desc Verify the protocol element of the Pki message.
* If p_check_security is set to false, only decryption and decoding of the outer message are verified.
* @param p_private_key Private key for decryption
* @param p_publicEphemeralCompressedKey
* @param p_publicEphemeralCompressedKeyMode
* @param p_issuer Issuer
* @param p_certificate Certificate to use for verification key
* @param p_ieee1609dot2_encrypted_and_signed_data The received encrypted and signed data
* @param p_check_security Set to true to verify PKI protocol element such as signatures...
* @param p_etsi_ts_102941_data The EtsiTs102941Data message
* @return true on success, false otherwise
*/
function f_verify_pki_message(
in octetstring p_private_enc_key,
in Oct16 p_aes_sym_key,
in Oct16 p_authentication_vector, // TODO Tobe removed
in octetstring p_issuer,
in Certificate p_certificate, // TODO Tobe removed
in Ieee1609Dot2Data p_ieee1609dot2_encrypted_and_signed_data,
in boolean p_check_security := true,
out EtsiTs102941Data p_etsi_ts_102941_data
) return boolean {
var octetstring v_public_enc_key;
var integer v_compressed_enc_key_mode;
var octetstring v_plain_message;
var Ieee1609Dot2Data v_ieee1609dot2_signed_data;
var bitstring v_etsi_ts_102941_data_msg;
var bitstring v_tbs;
var boolean v_ret;
log(">>> f_verify_pki_message: p_private_enc_key= ", p_private_enc_key);
log(">>> f_verify_pki_message: p_aes_sym_key=", p_aes_sym_key);
log(">>> f_verify_pki_message: p_authentication_vector=", p_authentication_vector);
log(">>> f_verify_pki_message: p_issuer=", p_issuer);
// TODO Check p_ieee1609dot2_encrypted_and_signed_data.content.encryptedData.recipients[0].pskRecipInfo. See IEEE Std 1609.2-2017 Clause 6.3.34 PreSharedKeyRecipientInfo
// 1. Decrypt the data
v_plain_message := fx_decrypt_aes_128_ccm_test(p_aes_sym_key, p_ieee1609dot2_encrypted_and_signed_data.content.encryptedData.ciphertext.aes128ccm.nonce, p_ieee1609dot2_encrypted_and_signed_data.content.encryptedData.ciphertext.aes128ccm.ccmCiphertext);
if (isbound(v_plain_message) == false) {
return false;
}
log("v_plain_message= ", v_plain_message);
// 2. Decode it
v_tbs := oct2bit(v_plain_message);
if (decvalue(v_tbs, v_ieee1609dot2_signed_data) != 0) {
}
log("v_ieee1609dot2_signed_data= ", v_ieee1609dot2_signed_data);
// 3. Check the signature
log("v_ieee1609dot2_signed_data.content.signedData.tbsData= ", v_ieee1609dot2_signed_data.content.signedData.tbsData);
v_tbs := encvalue(v_ieee1609dot2_signed_data.content.signedData.tbsData);
if (f_getCertificateFromDigest(v_ieee1609dot2_signed_data.content.signedData.signer.digest, v_certificate) == false) {
if (p_check_security == true) {
return false;
}
}
//log("v_certificate= ", v_certificate);
if (ischosen(v_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.compressed_y_0)) {
v_ret := f_verifyWithEcdsaNistp256WithSha256(
bit2oct(v_tbs),
p_issuer,
v_ieee1609dot2_signed_data.content.signedData.signature_.ecdsaNistP256Signature.rSig.x_only & v_ieee1609dot2_signed_data.content.signedData.signature_.ecdsaNistP256Signature.sSig,
v_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.compressed_y_0,
0);
} else {
v_ret := f_verifyWithEcdsaNistp256WithSha256(
bit2oct(v_tbs),
p_issuer,
v_ieee1609dot2_signed_data.content.signedData.signature_.ecdsaNistP256Signature.rSig.x_only & v_ieee1609dot2_signed_data.content.signedData.signature_.ecdsaNistP256Signature.sSig,
v_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.compressed_y_1,
1);
}
if (v_ret == false) {
if (p_check_security == true) {
return false;
}
// 4. Return the PKI message
log("v_ieee1609dot2_signed_data.content.signedData.tbsData.payload.data.content.unsecuredData= ", v_ieee1609dot2_signed_data.content.signedData.tbsData.payload.data.content.unsecuredData);
v_etsi_ts_102941_data_msg := oct2bit(v_ieee1609dot2_signed_data.content.signedData.tbsData.payload.data.content.unsecuredData);
if (decvalue(v_etsi_ts_102941_data_msg, p_etsi_ts_102941_data) != 0) {
return false;
}
if (p_etsi_ts_102941_data.version != PkiProtocolVersion) {
if (p_check_security == true) {
return false;
}
} // End of function f_verify_pki_message
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
/**
* @desc Verify the generated EA certificate
* @param p_ea_certificate The new EA certificate
* @param p_publicKeyCompressed The public compressed key (canonical form) for signature check
* @param p_compressedMode The public compressed key mode
* @return true on success, false otherwise
*/
function f_verify_ea_certificate(
in Certificate p_ea_certificate,
in octetstring p_publicKeyCompressed,
in integer p_compressedMode
) return boolean {
var bitstring v_encoded_tbs;
var boolean v_result;
// Check certificate format
v_result := match(p_ea_certificate, mw_etsiTs103097Certificate(mw_issuerIdentifier_self, mw_toBeSignedCertificate_ea, -));
// Check the signer
// Check EA certificate signature
v_encoded_tbs := encvalue(p_ea_certificate.toBeSigned);
v_result := v_result and f_verifyWithEcdsaNistp256WithSha256(
bit2oct(v_encoded_tbs),
int2oct(0, 32), // self
p_ea_certificate.signature_.ecdsaNistP256Signature.rSig.x_only & p_ea_certificate.signature_.ecdsaNistP256Signature.sSig,
p_publicKeyCompressed,
p_compressedMode);
return v_result;
} // End of function f_verify_ea_certificate
/**
* @desc Verify the generated AA certificate
* @param p_aa_certificate The new EA certificate
* @param p_publicKeyCompressed The public compressed key (canonical form) for signature check
* @param p_compressedMode The public compressed key mode
* @return true on success, false otherwise
*/
function f_verify_aa_certificate(
in Certificate p_aa_certificate,
in octetstring p_publicKeyCompressed,
in integer p_compressedMode
) return boolean {
var bitstring v_encoded_tbs;
var boolean v_result;
// Check certificate format
v_result := match(p_aa_certificate, mw_etsiTs103097Certificate(mw_issuerIdentifier_self, mw_toBeSignedCertificate_aa, -));
// Check the signer
// Check EA certificate signature
v_encoded_tbs := encvalue(p_aa_certificate.toBeSigned);
v_result := v_result and f_verifyWithEcdsaNistp256WithSha256(
bit2oct(v_encoded_tbs),
int2oct(0, 32), // self
p_aa_certificate.signature_.ecdsaNistP256Signature.rSig.x_only & p_aa_certificate.signature_.ecdsaNistP256Signature.sSig,
p_publicKeyCompressed,
p_compressedMode);
return v_result;
} // End of function f_verify_aa_certificate
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
group security_function { // TODO To be moved in LibItsSecurity_Function module
function f_extract_enc_key(
in Certificate p_certificate,
out octetstring p_public_enc_key,
out integer p_compressed_enc_key_mode
) return boolean {
if (ischosen(p_certificate.toBeSigned.encryptionKey.publicKey.eciesNistP256)) {
if (ischosen(p_certificate.toBeSigned.encryptionKey.publicKey.eciesNistP256.compressed_y_0)) {
p_public_enc_key := p_certificate.toBeSigned.encryptionKey.publicKey.eciesNistP256.compressed_y_0;
p_compressed_enc_key_mode := 0;
} else if (ischosen(p_certificate.toBeSigned.encryptionKey.publicKey.eciesNistP256.compressed_y_1)) {
p_public_enc_key := p_certificate.toBeSigned.encryptionKey.publicKey.eciesNistP256.compressed_y_1;
p_compressed_enc_key_mode := 1;
} else {
log("f_extract_enc_key: Non canonical EA certificate");
return false;
}
} else if (ischosen(p_certificate.toBeSigned.encryptionKey.publicKey.eciesBrainpoolP256r1)) {
if (ischosen(p_certificate.toBeSigned.encryptionKey.publicKey.eciesBrainpoolP256r1.compressed_y_0)) {
p_public_enc_key := p_certificate.toBeSigned.encryptionKey.publicKey.eciesBrainpoolP256r1.compressed_y_0;
p_compressed_enc_key_mode := 0;
} else if (ischosen(p_certificate.toBeSigned.encryptionKey.publicKey.eciesBrainpoolP256r1.compressed_y_1)) {
p_public_enc_key := p_certificate.toBeSigned.encryptionKey.publicKey.eciesBrainpoolP256r1.compressed_y_1;
p_compressed_enc_key_mode := 0;
} else {
log("f_extract_enc_key: Non canonical EA certificate");
return false;
}
} else {
log("f_extract_enc_key: Invalid EA certificate");
return false;
}
return true;
} // End of function f_extract_enc_key
} // End of group security_function
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
group altstes {
altstep a_default_pki_http() runs on ItsPkiHttp {
[] httpPort.receive(
mw_http_response(
mw_http_response_ko
)) {
tc_ac.stop;
log("*** a_default: ERROR: HTTP Server error ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[] httpPort.receive(mw_http_request) {
tc_ac.stop;
log("*** a_default: ERROR: Unexpected HTTP Request received ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[] httpPort.receive(mw_http_response) {
tc_ac.stop;
log("*** a_default: ERROR: Unexpected HTTP Response received ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[] httpPort.receive {
tc_ac.stop;
log("*** a_default: ERROR: Unexpected HTTP message received ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
}
}