Skip to content
LibItsSecurity_TypesAndValues.ttcn3 33.2 KiB
Newer Older
garciay's avatar
garciay committed
/**
 *  @author   ETSI / STF481
 *  @version  $URL$
 *            $Id$
 *  @desc     Module containing types and values for Security Protocol
garciay's avatar
garciay committed
 *  @see Draft ETSI TS 103 097 V1.1.6
garciay's avatar
garciay committed
 */
garciay's avatar
garciay committed
module LibItsSecurity_TypesAndValues {
garciay's avatar
garciay committed
    
    // LibCommon
    import from LibCommon_BasicTypesAndValues all;
    import from LibCommon_DataStrings all;
garciay's avatar
garciay committed
    
    group basicFormatElements {
        
garciay's avatar
garciay committed
         * @desc An integer of variable length
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.1   IntX
         */
        type integer IntX with { variant "IntX" };
        
        /**
         * @desc List of supported algorithms based on public key cryptography
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.2   PublicKeyAlgorithm
         */
        type enumerated PublicKeyAlgorithm {
            e_ecdsa_nistp256_with_sha256    (0),
            e_ecies_nistp256                (1)
        } with { variant "8 bit" }
        
        /**
         * @desc List of supported algorithms based on symmetric key cryptography
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.3   SymmetricAlgorithm
         */
        type enumerated SymmetricAlgorithm {
            e_aes_128_ccm   (0)
        } with { variant "8 bit" }
        
        /**
         * @desc Wrapper for public keys by specifying the used algorithm
         * @member algorithm    Specifying the used algorithm 
         * @member public_key   The public key structure
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.4   PublicKey
         */
        type record PublicKey {
            PublicKeyAlgorithm  algorithm,
            PublicKeyContainer  public_key
        } // End of type PublicKey
        
        /**
         * @desc Information regarding ECC contained in an EccPoint structure
         * @member eccPoint         Specific details regarding ECC contained in an EccPoint structure
         * @member ecies_nistp256   Specific details regarding ECC contained in an EccPoint structure
         * @member other_key        Out of scope
         */
        type union PublicKeyContainer { 
            EccPoint        eccPoint,
            AesCcm          aesCcm,
            octetstring     other_key
        } // End of type PublicKeyContainer
        
garciay's avatar
garciay committed
        /**
         * @desc Information regarding AES CCM encryption
         * @member supported_symm_alg   The symmetric key algorithm
         * @member eccPoint             The EccPoint used in the PublicKey
         */
        type record AesCcm {
            SymmetricAlgorithm  supported_symm_alg,
            EccPoint            eccPoint
        } // End of type AesCcmsc
        
        /**
         * @desc Defines public key based on elliptic curve cryptography
garciay's avatar
garciay committed
//         * @member algorithm    Specifying the used algorithm 
//         * @member field_size   The lengths of the vectors containing the raw keys 
         * @member type_        The ECC key types
         * @member x            The x coordinate 
garciay's avatar
garciay committed
         * @member y            The y coordinate
         * @remark In case of e_x_coordinate_only, e_compressed_lsb_y_0 and e_compressed_lsb_y_1, the field y shall not be present
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.5   EccPoint
         * @see Draft ETSI TS 103 097 V1.1.6 Table 2: Derivation of field sizes depending on the used algorithm
         */
        type record EccPoint {
            EccPointType        type_,
            octetstring         x,
            EccPointContainer   y optional
        } // End of type EccPoint
        
        /**
         * @desc Defines a public key based on elliptic curve cryptography
         * @member y    The y coordinate
         * @member data Out of scope
         */
        type union EccPointContainer {
            octetstring y,
            octetstring data
        } // End of type EccPointContainer
        
        /**
         * @desc List of supported ECC key types
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.6   EccPointType
         */
        type enumerated EccPointType { 
            e_x_coordinate_only     (0),
            e_compressed_lsb_y_0    (2),
            e_compressed_lsb_y_1    (3),
garciay's avatar
garciay committed
            e_uncompressed          (4)
        } with { variant "8 bit" }
        
        /**
         * @desc Parameters and additional data required for encryption and decryption of data using different symmetric encryption algorithms
         * @member symm_algorithm   The symmetric algorithm that shall be used with a public key for encryption 
         * @member public_key       The public key for encryption 
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.7   EncryptionParameters
         */
        type record EncryptionParameters {
            SymmetricAlgorithm              symm_algorithm,
            EncryptionParametersContainer   public_key
        } // End of type EncryptionParameters
        
garciay's avatar
garciay committed
        /**
         * @desc Identifies a CRL series
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.8   CrlSeries
         */
        type UInt32 CrlSeries; // TODO Not used ???
        
        /**
         * @desc 
         * @member nonce    Data encryption with the Advanced Encryption Standard (AES) using a 128-bit key in Counter with cipher block chaining message authentication code (CCM) mode
         * @member params   Out of scope
         */
        type union EncryptionParametersContainer {
garciay's avatar
garciay committed
            Oct12       nonce,
            octetstring params
        } // End of type EncryptionParametersContainer
        
        /**
         * @desc Signatures based on public key cryptography
         * @member algorithm    Algorithm type
         * @member signature_   The signature
garciay's avatar
garciay committed
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.9   Signature
         */
        type record Signature {
            PublicKeyAlgorithm  algorithm,
            SignatureContainer  signature_
        } // End of type Signature
        
        /**
         * @desc 
         * @member algorithm    The ECDSA based signature
         * @member signature_   Out of scope
         */
        type union SignatureContainer {
            EcdsaSignature  ecdsa_signature,
            octetstring     signature_
        } // End of type SignatureContainer
        
        /**
         * @desc Description an ECDSA based signature
         * @member r            Coordinate of the elliptic curve point resulting from multiplying the generator element by the ephemeral private key
garciay's avatar
garciay committed
         * @member s            TODO
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.10  EcdsaSignature
         */
        type record EcdsaSignature {
            EccPoint            r,
            octetstring         s
        } // End of type EcdsaSignature
        
        
        /**
         * @desc Information about the signer of a message
         * @member type_        Signature algorithm type
         * @member signerInfo   Signature algorithm information. In case of self-signed, this field is not required because of no additional data shall be given
garciay's avatar
garciay committed
         * @remark In case of e_self, the field signerInfo shall not be present
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.11  SignerInfo
         */
        type record SignerInfo {
            SignerInfoType type_,
            SignerInfoContainer signerInfo optional 
        } // End of type SignerInfo
        
        /**
         * @desc 
         * @member digest               The digest value
         * @member certificate          A certificate
         * @member certificates         A complete certificate chain
garciay's avatar
garciay committed
         * @member certificateWithAlgo  A certificate with a specific algorithm
         * @member info                 TODO
         */
        type union SignerInfoContainer {
            HashedId8           digest,
            Certificate         certificate,
            CertificateChain    certificates,
            CertificateWithAlgo certificateWithAlgo,
            octetstring         info
        } // End of type SignerInfoContainer
        
        /**
         * @desc 
         * @member algorithm    The public key algorithm 
         * @member digest       The digest value
         */
        type record CertificateWithAlgo {
            PublicKeyAlgorithm  algorithm,
            HashedId8           digest
        } // End of type CertificateWithAlgo
        
        /**
         * @desc The list of the methods to describe a message's signer
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.12  SignerInfoType
         */
        type enumerated SignerInfoType {
            e_self                                      (0),
            e_certificate_digest_with_ecdsap256         (1),
            e_certificate                               (2),
            e_certificate_chain                         (3),
            e_certificate_digest_with_other_algorithm   (4)
        } // End of type SignerInfoContainer
        
        /**
         * @desc Indication on an identifier, where real identification is not required
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.14  HashedId3
         * @see RFC2246 Clause 4.2. Miscellaneous
         */
garciay's avatar
garciay committed
        type Oct3 HashedId3;
        
        /**
         * @desc Identifies data such as a certificate
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.13  HashedId8
         * @see RFC2246 Clause 4.2. Miscellaneous
         */
garciay's avatar
garciay committed
        type Oct8 HashedId8;
        
        /**
         * @desc The unsigned 32 bits number of International Atomic Time (TAI) microseconds since 00:00:00 UTC, 01 January 2004
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.16  Time64
         */
        type UInt32 Time32;
        
        /**
         * @desc The unsigned 64 bits number of International Atomic Time (TAI) microseconds since 00:00:00 UTC, 01 January 2004
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.16  Time64
         */
        type UInt64 Time64;
        
        /**
         * @desc The time along with the standard deviation of time values
         * @member time         The time being encoded
         * @member log_std_dev  The rounded up value of the log to the base 1,134666 of the implementation's estimate of the standard deviation in units of nanoseconds
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.17  Time64WithStandardDeviation
         */
        type record Time64WithStandardDeviation {
            Time64  time,
            UInt8   log_std_dev
        } // End of type Time64WithStandardDeviation
        
        /**
         * @desc Defines the duration of a time span (e.g. a certificate's validity)
         * @member unit
         * @member duration
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.18  Duration
         */
        type record Duration {
            DurationUnitType    unit,
            Int13               duration
        } // End of type Duration
        
        /**
         * @desc List of supported duration unit
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.18  Duration
         * @see Draft ETSI TS 103 097 V1.1.6 Table 3: Interpretation of duration unit bits
         */
        type enumerated DurationUnitType {
            e_seconds       (0), // seconds
            e_minutes       (1), // minutes (60 seconds)
            e_hours         (2), // hours (3 600 seconds)
            e_hoursBlock    (3), // 60 hour blocks (216 000 seconds)
            e_year          (4)  // years (31 556 925 seconds)
        } with { variant "3 bit" }
        
        /**
         * @desc Specify a two dimensional location
         * @member latitude     Latitude in tenths of micro degrees relative to the World Geodetic System (WGS)-84 datum 
         * @member longitude    Longitude in tenths of micro degrees relative to the World Geodetic System (WGS)-84 datum 
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.19  TwoDLocation
         */
        type record TwoDLocation {
            Int32   latitude,
            Int32   longitude
        } // End of type TwoDLocation
        
        /**
         * @desc Specify a two dimensional location
         * @member latitude     Latitude in tenths of micro degrees relative to the World Geodetic System (WGS)-84 datum 
         * @member longitude    Longitude in tenths of micro degrees relative to the World Geodetic System (WGS)-84 datum 
         * @member elevation    Elevation relative to the WGS-84 ellipsoid in decimetres
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.20  ThreeDLocation
         */
        type record ThreeDLocation {
            Int32   latitude,
            Int32   longitude,
garciay's avatar
garciay committed
            Oct2    elevation // Due to physical meaning, it cannot be Oct0to2
        } // End of type ThreeDLocation
        
        type record of ThreeDLocation ThreeDLocations; // FIXME To be removed after creation of the configuration structure to unify all PIXITs into one configuration PIXIT record of
        
        /**
         * @desc Defines geographic regions used to limit the validity of certificates
         * @member region_type  Region type 
         * @member region       Region description
garciay's avatar
garciay committed
         * @remark In case of e_none, the field region shall not be present
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.21  GeographicRegion
         */
        type record GeographicRegion {
            RegionType                  region_type,
            GeographicRegionContainer   region optional 
        } // End of type GeographicRegion
        
        type union GeographicRegionContainer {
            CircularRegion      circular_region,
            RectangularRegions  rectangular_region,
            PolygonalRegion     polygonal_region,
            IdentifiedRegion    id_region,
            octetstring         other_region
        } // End of type GeographicRegionContainer
        
        /**
         * @desc The list of the possible region types
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.22  RegionType
         */
        type enumerated RegionType {
garciay's avatar
garciay committed
            e_none      (0),
            e_circle    (1),
            e_rectangle (2),
            e_polygon   (3),
            e_id        (4)
        } with { variant "8 bit" }
        
        /**
         * @desc Defines a circular region
         * @member center   Circular center
         * @member radius   Radius given in metres
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.23  CircularRegion
         */
        type record CircularRegion {
            TwoDLocation    center,
            UInt16          radius 
        } // End of type CircularRegion
        
        /**
         * @desc Defines a rectangular region by connecting the four points in the order (northwest.latitude, northwest.longitude), (northwest.longitude, southeast.longitude), (southeast.longitude, southeast.longitude), and (southeast.longitude, northwest.longitude)
garciay's avatar
garciay committed
         * @member northwest   Upper left corner
         * @member southeast   Lower rigth corner
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.24  RectangularRegion
         */
        type record RectangularRegion {
            TwoDLocation    northwest,
            TwoDLocation    southeast
        } // End of type RectangularRegion
        
        type record of RectangularRegion RectangularRegions;
        
        /**
         * @desc a region by enumerating points on the region's boundary
         */
        type record of TwoDLocation PolygonalRegion;
        
        /**
         * @desc Defines a predefined geographic region determined by the region dictionary and the region identifier
         * @member region_dictionary   The region dictionary
         * @member region_identifier   The region identifier
         * @member local_region        The whole region. 0 if the whole region is meant
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.26  IdentifiedRegion
         */
        type record IdentifiedRegion {
            RegionDictionary    region_dictionary,
            UInt16              region_identifier,
            IntX                local_region
        } // End of type IdentifiedRegion
        
        /**
         * @desc The list of dictionaries containing two-octet records of globally defined regions
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.27  RegionDictionary
         */
        type enumerated RegionDictionary {
garciay's avatar
garciay committed
            e_iso_3166_1  (0),
            e_un_stats    (1)
        } with { variant "8 bit" }
        
    } // End of group basicFormatElements
         * @desc Secured message description, part to be signed
         * @member protocol_version The applied protocol version
         * @member security_profile The security profile for this secured message
         * @member header_fields    Multiple information fields of interest to the security layer
         * @member payload_fields   The message's payload
         * @member trailer_fields   Security information after the payload
         * 
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 5.1 SecuredMessage
         * @see Draft ETSI TS 103 097 V1.1.6 Table 5
         */
        type record ToBeSignedSecuredMessage {
            UInt8               protocol_version,
            UInt8               security_profile,
            HeaderFields        header_fields,
            SecPayloads         payload_fields optional, // Used by the codec to fill it with the secured packet in case of 'omit' value
            TrailerFieldType    trailerFieldType
        } // End of type ToBeSignedSecuredMessage
         * @member protocol_version The applied protocol version
         * @member security_profile The security profile for this secured message
         * @member header_fields    Multiple information fields of interest to the security layer
         * @member payload_fields   The message's payload
         * @member trailer_fields   Security information after the payload
         * 
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 5.1 SecuredMessage
         */
        type record SecuredMessage {
            UInt8           protocol_version,
            UInt8           security_profile,
            HeaderFields    header_fields,
berge's avatar
berge committed
            SecPayloads     payload_fields optional, // Used by the codec to fill it with the secured packet in case of 'omit' value
            TrailerFields   trailer_fields
        } // End of type SecuredMessage
        
garciay's avatar
garciay committed
        type record of HeaderField HeaderFields;
garciay's avatar
garciay committed
        /**
         * @desc Information of interest to the security layer
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 5.4    HeaderField
         */
        type record HeaderField {
            HeaderFieldType         type_,
            HeaderFieldContainer    headerField
        } // End of type HeaderField
        
        /**
         * @desc Supported types of header fields
garciay's avatar
garciay committed
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 5.5    HeaderFieldType
         */
        type enumerated HeaderFieldType {
            e_generation_time                       (0),
            e_generation_time_standard_deviation    (1),
            e_expiration                            (2),
            e_generation_location                   (3),
            e_request_unrecognized_certificate      (4),
            e_message_type                          (5),
            e_signer_info                           (128),
            e_recipient_info                        (129),
garciay's avatar
garciay committed
            e_encryption_parameters                 (130)
        } with { variant "8 bit" }
        
        type union HeaderFieldContainer {
            Time64                          generation_time,
            Time64WithStandardDeviation     generation_time_with_standard_deviation,
            Time32                          expiry_time,
            ThreeDLocation                  generation_location,
            HashedId3s                      digests,
            UInt16                          message_type,
            SignerInfo                      signer,
            RecipientInfos                  recipients,
            EncryptionParameters            enc_params,
            octetstring                     other_header
        } // End of type HeaderFieldContainer
        
        type record of HashedId3 HashedId3s;
        
        type record of RecipientInfo RecipientInfos;
        
        /**
         * @desc Payload structure
         * @member type_    Payload type
         * @member payload  Payload data
         * 
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 5.2 Payload
         */
berge's avatar
berge committed
        type record SecPayload {
            SecPayloadType  type_,
            octetstring     data optional
berge's avatar
berge committed
        type record of SecPayload SecPayloads;
        /**
         * @desc Supported types of payloads
         * 
garciay's avatar
garciay committed
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 5.3 PayloadType
berge's avatar
berge committed
        type enumerated SecPayloadType {
            e_unsecured             (0),
            e_signed                (1),
            e_encrypted             (2),
            e_signed_external       (3),
garciay's avatar
garciay committed
            e_signed_and_encrypted  (4)
        } with { variant "8 bit" }
garciay's avatar
garciay committed
        type record of TrailerField TrailerFields;
        
        /**
         * @desc Information used by the security layer after processing the payload
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 5.6 TrailerField
         */
        type record TrailerField {
            TrailerFieldType        type_,
            TrailerFieldContainer   trailerField
        } // End of type TrailerField 
        
        /**
         * @desc 
         * @member signature_       The signature of the payload
         * @member security_field   Out of scope
         */
        type union TrailerFieldContainer {
            Signature   signature_,
            octetstring security_field
        } // End of type TrailerFieldContainer
        
        /**
         * @desc Supported types of trailer fields
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 5.7 TrailerFieldType
         */
        type enumerated TrailerFieldType {
garciay's avatar
garciay committed
            e_signature     (1)
        } with { variant "8 bit" }
        
        /**
         * @desc Information for a message's recipient
         * @member cert_id          Identifier for the recipient's certificate
         * @member pk_encryption    Type of the recipient's certificate
         * @member enc_key          The recipient's certificate
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 5.8 RecipientInfo
         */
        type record RecipientInfo {
            HashedId8               cert_id,
            PublicKeyAlgorithm      pk_encryption,
            RecipientInfoContainer  enc_key
        } // End of type RecipientInfo
        
        /**
         * @desc The recipient's certificate
         * @member enc_key          Identifier for the recipient's certificate
         * @member enc_key_other    Type of the recipient's certificate
         */
        type union RecipientInfoContainer {
            EciesEncryptedKey   enc_key,
            octetstring         enc_key_other
        } // End of type RecipientInfoContainer
        
garciay's avatar
garciay committed
        /**
         * @desc Defines an ECIES-encrypted symmetric key as defined in IEEE Std 1363a 2004 
         * @member v            The sender's ECC ephemeral key used for the Elliptic Curve Encryption Scheme
         * @member c            The encrypted (AES) key 
         * @member t            The authentication tag vector
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 5.9 EciesEncryptedKey
garciay's avatar
garciay committed
         */
garciay's avatar
garciay committed
         type record EciesEncryptedKey {
            EccPoint             v,
            octetstring          c,
garciay's avatar
garciay committed
            Oct20                t
        }  // End of type EciesEncryptedKey
        
    } // End of group SecurityMessages
    group certificateSpecification {
        
        /**
         * @desc Certificate description, part to be signed
         * @member version                  The certificate's version. Shall be set to 2
         * @member signer_infos             The certificate's signers 
         * @member subject_info             Information on the certificate's subject
         * @member subject_attributes       The certificate's subject
         * @member validity_restrictions    Restrictions regarding the certificate's validity
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 6.1 Certificate
         */
        type record ToBeSignedCertificate {
            UInt8                   version,
            SignerInfos             signer_infos,
            SubjectInfo             subject_info,
            SubjectAttributes       subject_attributes,
            ValidityRestrictions    validity_restrictions
        } // End of type ToBeSignedCertificate
        
        /**
         * @desc Certificate description
         * @member version                  The certificate's version. Shall be set to 2
         * @member signer_infos             The certificate's signers 
         * @member subject_info             Information on the certificate's subject
         * @member subject_attributes       The certificate's subject
         * @member validity_restrictions    Restrictions regarding the certificate's validity
         * @member signature_               The signature of this certificate signed by the responsible CA
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 6.1 Certificate
         */
        type record Certificate {
            UInt8                   version,
            SignerInfos             signer_infos,
            SubjectInfo             subject_info,
            SubjectAttributes       subject_attributes,
            ValidityRestrictions    validity_restrictions,
            Signature               signature_
        } // End of type Certificate
        
garciay's avatar
garciay committed
        type record of Certificate CertificateChain;
garciay's avatar
garciay committed
        type record of SignerInfo SignerInfos;
        
        /**
         * @desc Certificate description
         * @member subject_type The type subjet
         * @member subject_name The subject itself
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 6.2 SubjectInfo
         * @remark The subject_name variable-length vector shall have a maximum length of 32 bytes
         */
        type record SubjectInfo {
            SubjectType subject_type,
            Oct0to31    subject_name // The subject_name variable-length vector shall have a maximum length of 32 bytes 
        } // End of type SubjectInfo
        
        /**
         * @desc The list of the possible types of subjects
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 6.3 SubjectInfoType
         */
        type enumerated SubjectType {
            e_enrollment_credential     (0),
            e_authorization_ticket      (1),
            e_authorization_authority   (2),
            e_enrollment_authority      (3),
            e_root_ca                   (4),
garciay's avatar
garciay committed
            e_crl_signer                (5)
        } with { variant "8 bit" }
        /**
         * @desc Subject attribute description
         * @member type_        The type of attribute
         * @member attribute    The attribute itself
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 6.4 SubjectAttribute
         */
        type record SubjectAttribute {
            SubjectAttributeType        type_,
            SubjectAttributeContainer   attribute
        } // End of type SubjectAttribute
        /**
         * @desc The attributes description
         * @member key              
         * @member rv               
         * @member assurance_level  
         * @member its_aid_list     
         * @member its_aid_ssp_list 
         * @member other_attribute  
         */
        type union SubjectAttributeContainer {
            PublicKey           key,
            EccPoint            rv,
            SubjectAssurance    assurance_level,
            IntXs               its_aid_list,
            ItsAidSsps          its_aid_ssp_list,
            octetstring         other_attribute
        } // End of type SubjectAttributeContainer
        
garciay's avatar
garciay committed
        type record of SubjectAttribute SubjectAttributes;
garciay's avatar
garciay committed
        type record of IntX IntXs;
garciay's avatar
garciay committed
        type record of ItsAidSsp ItsAidSsps;
        
        /**
         * @desc The list of the possible types of attributes
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 6.5 SubjectAttributeType
         */
        type enumerated SubjectAttributeType {
            e_verification_key      (0),
            e_encryption_key        (1),
            e_assurance_level       (2),
            e_reconstruction_value  (3),
garciay's avatar
garciay committed
            e_its_aid_list          (32),
            e_its_aid_ssp_list      (33)
        } with { variant "8 bit" }
        
        /**
         * @desc The ITS S's assurance
         * @member levels   The assurance levels
         * @member reserved Out of scope
         * @member confidence The confidence
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 6.6 SubjectAssurance
         * @see Draft ETSI TS 103 097 V1.1.6 Table 5: Bitwise encoding of subject assurance
         */
        type record SubjectAssurance {
            Bit3    levels,
            Bit3    reserved,
            Bit2    confidence
garciay's avatar
garciay committed
        } with { variant "8 bit" } // End of type SubjectAssurance
        
        /**
         * @desc Defines ways to restrict the validity restriction of the certificate
         * @member type_    The type of validity restriction of the certificate
         * @member validity The validity restriction of the certificate
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 6.6 SubjectAssurance
         */
        type record ValidityRestriction {
            ValidityRestrictionType         type_,
            ValidityRestrictionContainer    validity
        } // End of type ValidityRestriction
        
        /**
         * @desc Defines the validity restriction of the certificate
         * @member end_validity             Validity restriction till the end date
         * @member time_start_and_end       Validity restriction between into a range
garciay's avatar
garciay committed
         * @member time_start_and_duration  Validity restriction between into a range from a start date and inside a geographical aera
         * @member region                   Validity restriction into a geographical area
         * @member region                   Validity restriction into a geographical area
         * @member data                     TODO
         */
        type union ValidityRestrictionContainer {
garciay's avatar
garciay committed
            Time32              end_validity,
            TimeStartEnd        time_start_and_end,
            TimeDuration        time_start_and_duration,
            GeographicRegion    region,
garciay's avatar
garciay committed
            octetstring         data
        } // End of type ValidityRestrictionContainer
        
        /**
         * @desc Defines the validity restriction between into a range
         * @member start_validity   Start date
         * @member end_validity     End date
         */
        type record TimeStartEnd {
            Time32  start_validity,
            Time32  end_validity
        } // End of type TimeStartEnd
        
        /**
         * @desc Defines the validity restriction between into a range from a start date and inside a geographical aera
         * @member start_validity   Start date
         * @member duration         Duration of the validity restriction from the start date
         */
        type record TimeDuration {
            Time32              start_validity,
            Duration            duration
        } // End of type TimeDuration
        
        /**
         * @desc Type of validity restriction of a certificate
         * @see Draft ETSI TS 103 097 V1.1.6 6.8    ValidityRestrictionType
         */
        type enumerated ValidityRestrictionType {
            e_time_end                  (0),
            e_time_start_and_end        (1),
            e_time_start_and_duration   (2),
garciay's avatar
garciay committed
            e_region                    (3)
        } with { variant "8 bit" }
        
garciay's avatar
garciay committed
        type record of ValidityRestriction ValidityRestrictions;
        
        /**
         * @desc ITS-AID  description
         * @member its_aid                      The ITS_AID identifier
         * @member service_specific_permissions The associated Service Specific Permissions 
         * @see Draft ETSI TS 103 097 V1.1.6 Clause 6.9 ItsAidSsp
         */
        type record ItsAidSsp {
            IntX        its_aid,
garciay's avatar
garciay committed
            Oct0to31    service_specific_permissions
        } // End of type ItsAidSsp
        
    } // End of group certificateSpecification
    group taPrimitives {
garciay's avatar
garciay committed
        
        /**
         * @desc    Primitive used to activate security support
         */
        type record AcEnableSecurity {
            Oct32       signingPrivateKey,
            Oct32       signingPublicKeyX,
            Oct32       signingPublicKeyY,
            Oct32       encryptPrivateKey,
            Oct32       encryptPublicKeyX,
            Oct32       encryptPublicKeyY,
            octetstring ToBeSignedSecuredMessageTemplate
        } // End of type AcEnableSecurity
garciay's avatar
garciay committed
        
        /**
         * @desc    Primitive used to deactiate security support
         */
        type record AcDisableSecurity {
            boolean disable
        } // End of type AcDisableSecurity
garciay's avatar
garciay committed
        
    } // End of group taPrimitives
garciay's avatar
garciay committed
    
    group utPrimitives {
        
    }
    with {
        encode "UpperTester"
    } // End of group utPrimitives
    
    type set of Oct32 KeyX;
garciay's avatar
garciay committed
} with {
    encode "LibItsSecurity"
} // End of module LibItsSecurity_TypesAndValues