Newer
Older
)
);
} else {
p_inner_at_request.publicKeys := valueof( // The freshly generated public verification keys to be used for the requested AT certificate
m_publicKeys(
)
);
}
p_inner_at_request.hmacKey := v_hmac_key;
log("f_generate_inner_at_request_with_wrong_parameters: p_inner_at_request= ", p_inner_at_request);
} // End of function f_generate_inner_at_request_with_wrong_parameters
function f_verify_inner_at_request_signed_for_pop(
in EtsiTs102941Data p_etsi_ts_102941_data,
out InnerAtRequest p_inner_at_request
) return boolean {
var bitstring v_msg_bit;
log(">>> f_verify_inner_at_request_signed_for_pop: p_etsi_ts_102941_data=", p_etsi_ts_102941_data);
log(">>> f_verify_inner_at_request_signed_for_pop: p_ec_certificate=", p_ec_certificate);
// 1. Extract content
p_inner_at_request := p_etsi_ts_102941_data.content.authorizationRequest;
// 2. Verify the InnerEcRequestSignedForPop signature
// TODO
log("<<< f_verify_inner_at_request_signed_for_pop: ", p_inner_at_request);
return true;
} // End of function f_verify_inner_at_request_signed_for_pop
function f_generate_inner_at_response(
in octetstring p_authorization_request_hash,
in EtsiTs103097Certificate p_certificate,
out InnerAtResponse p_authorization_response
) return boolean {
// Local variables
// Build the Proof of Possession InnerEcResponse
p_authorization_response := valueof(
m_innerAtResponse_ok(
substr(p_authorization_request_hash, 0, 16),
} // End of function f_generate_inner_at_response
} // End of group inner_at_xxx
group authorization_validation_xxx {
} // End of group authorization_validation_xxx
group dc {
function f_build_dc_ctl(
in charstring p_ea_certificate_id,
in charstring p_aa_certificate_id,
out ToBeSignedRcaCtl p_to_be_signed_rca_ctl
) {
// Local variables
var EtsiTs103097Certificate v_ea_certificate;
var EtsiTs103097Certificate v_aa_certificate;
var EtsiTs103097Certificate v_rca_certificate;
var CtlCommands v_ctl_commands;
var ToBeSignedRcaCtl v_to_be_signed_rca_ctl;
// Load certificates
f_readCertificate(p_ea_certificate_id, v_ea_certificate);
f_readCertificate(p_aa_certificate_id, v_aa_certificate);
f_readCertificate(p_rca_certificate_id, v_rca_certificate);
// Create ctrlCommnand list
v_ctl_commands := {
{ add := { rca := valueof(m_root_ca_entry(v_rca_certificate)) } },
{ add := { aa := valueof(m_aa_entry(v_aa_certificate, "http://www.etsi.org")) } },
{ add := { ea := valueof(m_ea_entry(v_ea_certificate, "http://www.etsi.org")) } }
};
log("f_build_dc_ctl: v_ctl_commands= ", v_ctl_commands);
3091
3092
3093
3094
3095
3096
3097
3098
3099
3100
3101
3102
3103
3104
3105
3106
3107
3108
3109
3110
3111
3112
3113
p_to_be_signed_rca_ctl := valueof(m_to_be_signed_rca_full_ctl(1000, 1, v_ctl_commands));
log("<<< f_build_dc_ctl: p_to_be_signed_rca_ctl= ", p_to_be_signed_rca_ctl);
} // End of function f_build_dc_ctl
function f_sign_dc_ctl(
in charstring p_issuer_certificate_id,
in ToBeSignedRcaCtl p_to_be_signed_rca_ctl,
out Ieee1609Dot2Data p_ieee_1609Dot2_signed_data
) {
// Local variables
var EtsiTs103097Certificate v_certificate;
var EtsiTs102941Data v_etsi_ts_102941_data;
var octetstring v_pki_message;
var ToBeSignedData v_tbs;
var octetstring v_private_key;
var octetstring v_issuer;
var bitstring v_tbs_encoded;
var octetstring v_sig;
var Signature v_signature;
log(">>> f_sign_dc_ctl");
f_readSigningKey(p_issuer_certificate_id, v_private_key);
f_getCertificateHash(p_issuer_certificate_id, v_issuer);
v_etsi_ts_102941_data := valueof(m_etsiTs102941Data_to_be_signed_rca_ctl(p_to_be_signed_rca_ctl));
v_pki_message := bit2oct(encvalue(v_etsi_ts_102941_data));
// Signed the encoded PKI message
v_tbs := valueof(
m_toBeSignedData(
m_signedDataPayload(
m_etsiTs103097Data_unsecured(v_pki_message)
),
m_headerInfo_inner_pki_response(-, (f_getCurrentTime() * 1000)/*us*/)
)
);
v_tbs_encoded := encvalue(v_tbs);
// Sign the certificate
v_sig := f_signWithEcdsa(bit2oct(v_tbs_encoded), v_issuer, v_private_key);
if ((PX_VE_ALG == e_nist_p256) or (PX_VE_ALG == e_brainpool_p256_r1)) {
v_signature := valueof(
m_signature_ecdsaNistP256(
m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(
substr(v_sig, 0, 32)
),
substr(v_sig, 32, 32)
)
));
p_ieee_1609Dot2_signed_data := valueof(
m_etsiTs103097Data_signed(
m_signedData(
sha256,
v_tbs,
m_signerIdentifier_digest(v_issuer),
v_signature
)
)
);
} else if (PX_VE_ALG == e_brainpool_p384_r1) {
v_signature := valueof(
m_signature_ecdsaBrainpoolP384r1(
m_ecdsaP384Signature(
m_eccP384CurvePoint_x_only(
substr(v_sig, 0, 48)
),
substr(v_sig, 48, 48)
)
));
p_ieee_1609Dot2_signed_data := valueof(
m_etsiTs103097Data_signed(
m_signedData(
sha384,
v_tbs,
m_signerIdentifier_digest(v_issuer),
v_signature
)
)
);
}
log("<<< f_sign_dc_ctl: p_ieee_1609Dot2_signed_data= ", p_ieee_1609Dot2_signed_data);
} // End of function f_sign_dc_ctl
in EtsiTs103097Data p_etsi_ts_103097_signed_data,
in boolean p_check_security := true,
out ToBeSignedRcaCtl p_to_be_signed_rca_ctl
) return boolean {
var bitstring v_etsi_ts_102941_data_msg;
var bitstring v_tbs;
var Certificate v_certificate;
var charstring v_certificate_id;
log(">>> f_verify_rca_ctl_response_message: p_etsi_ts_103097_signed_data= ", p_etsi_ts_103097_signed_data);
log("f_verify_rca_ctl_response_message: p_etsi_ts_103097_signed_data.content.signedData.tbsData= ", p_etsi_ts_103097_signed_data.content.signedData.tbsData);
v_tbs := encvalue(p_etsi_ts_103097_signed_data.content.signedData.tbsData);
if (f_getCertificateFromDigest(p_etsi_ts_103097_signed_data.content.signedData.signer.digest, v_certificate, v_certificate_id) == false) {
log("f_verify_rca_ctl_response_message: Failed to retrieve certificate from ", p_etsi_ts_103097_signed_data.content.signedData.signer.digest);
if (p_check_security == true) {
return false;
}
}
f_getCertificateHash(v_certificate_id, v_issuer);
if (f_verifyEcdsa(bit2oct(v_tbs), v_issuer, p_etsi_ts_103097_signed_data.content.signedData.signature_, v_certificate.toBeSigned.verifyKeyIndicator.verificationKey) == false) {
log("f_verify_rca_ctl_response_message: Failed to verify signature");
if (p_check_security == true) {
return false;
}
}
v_etsi_ts_102941_data_msg := oct2bit(p_etsi_ts_103097_signed_data.content.signedData.tbsData.payload.data.content.unsecuredData);
if (decvalue(v_etsi_ts_102941_data_msg, v_etsi_ts_102941_data) != 0) {
log("f_verify_rca_ctl_response_message: Failed to decode EtsiTs102941Data");
log("f_verify_rca_ctl_response_message: v_etsi_ts_102941_data= ", v_etsi_ts_102941_data);
log("f_verify_pki_response_message: RcaCertificateTrustListMessage matching= ", match(v_etsi_ts_102941_data, mw_etsiTs102941Data_to_be_signed_rca_ctl));
if (match(v_etsi_ts_102941_data, mw_etsiTs102941Data_to_be_signed_rca_ctl) == false) {
log("f_verify_rca_ctl_response_message: Failed to decode certificateTrustListRca");
var Time32 v_time := (f_getCurrentTime()/* - 1072915200000*/) / 1000;
p_to_be_signed_rca_ctl := v_etsi_ts_102941_data.content.certificateTrustListRca;
log("f_verify_rca_ctl_response_message: p_to_be_signed_rca_ctl= ", p_to_be_signed_rca_ctl);
if (p_to_be_signed_rca_ctl.nextUpdate <= v_time) {
log("f_verify_rca_ctl_response_message: Invalid nextUpdate value: compared values=", p_to_be_signed_rca_ctl.nextUpdate, "/", v_time);
}
}
return true;
}
function f_verify_rca_crl_response_message(
in EtsiTs103097Data p_etsi_ts_103097_signed_data,
in boolean p_check_security := true,
out ToBeSignedCrl p_to_be_signed_crl
) return boolean {
var bitstring v_etsi_ts_102941_data_msg;
var bitstring v_tbs;
var Certificate v_certificate;
var charstring v_certificate_id;
log(">>> f_verify_rca_crl_response_message: p_etsi_ts_103097_signed_data= ", p_etsi_ts_103097_signed_data);
log("f_verify_rca_crl_response_message: p_etsi_ts_103097_signed_data.content.signedData.tbsData= ", p_etsi_ts_103097_signed_data.content.signedData.tbsData);
v_tbs := encvalue(p_etsi_ts_103097_signed_data.content.signedData.tbsData);
if (f_getCertificateFromDigest(p_etsi_ts_103097_signed_data.content.signedData.signer.digest, v_certificate, v_certificate_id) == false) {
log("f_verify_rca_crl_response_message: Failed to retrieve certificate from ", p_etsi_ts_103097_signed_data.content.signedData.signer.digest);
if (p_check_security == true) {
return false;
}
}
f_getCertificateHash(v_certificate_id, v_issuer);
if (f_verifyEcdsa(bit2oct(v_tbs), v_issuer, p_etsi_ts_103097_signed_data.content.signedData.signature_, v_certificate.toBeSigned.verifyKeyIndicator.verificationKey) == false) {
log("f_verify_rca_crl_response_message: Failed to verify signature");
if (p_check_security == true) {
return false;
}
}
v_etsi_ts_102941_data_msg := oct2bit(p_etsi_ts_103097_signed_data.content.signedData.tbsData.payload.data.content.unsecuredData);
if (decvalue(v_etsi_ts_102941_data_msg, v_etsi_ts_102941_data) != 0) {
log("f_verify_rca_crl_response_message: Failed to decode EtsiTs102941Data");
return false;
} else {
log("f_verify_rca_crl_response_message: v_etsi_ts_102941_data= ", v_etsi_ts_102941_data);
log("f_verify_pki_response_message: CertificateRevocationList matching= ", match(v_etsi_ts_102941_data, mw_etsiTs102941Data_to_be_signed_crl));
if (match(v_etsi_ts_102941_data, mw_etsiTs102941Data_to_be_signed_crl) == false) {
log("f_verify_rca_crl_response_message: Failed to decode certificateRevocationList");
return false;
} else {
var Time32 v_time := (f_getCurrentTime()/* - 1072915200000*/) / 1000;
p_to_be_signed_crl := v_etsi_ts_102941_data.content.certificateRevocationList;
log("f_verify_rca_crl_response_message: p_to_be_signed_crl= ", p_to_be_signed_crl);
if (p_to_be_signed_crl.thisUpdate >= v_time) {
log("f_verify_rca_crl_response_message: Invalid thisUpdate value");
return false;
}
if (p_to_be_signed_crl.nextUpdate <= v_time) {
log("f_verify_rca_crl_response_message: Invalid nextUpdate value");
return false;
}
3288
3289
3290
3291
3292
3293
3294
3295
3296
3297
3298
3299
3300
3301
3302
3303
3304
3305
3306
3307
3308
3309
3310
3311
3312
3313
}
}
return true;
}
function f_verify_full_ctl(
in ToBeSignedRcaCtl p_to_be_signed_rca_ctl
) return boolean {
log(">>> f_verify_full_ctl: p_to_be_signed_rca_ctl= ", p_to_be_signed_rca_ctl);
// 1. Check mandatory fields
log("f_verify_full_ctl matching= ", match(p_to_be_signed_rca_ctl, mw_to_be_signed_rca_full_ctl));
if (match(p_to_be_signed_rca_ctl, mw_to_be_signed_rca_full_ctl) == false) {
return false;
}
log("f_verify_full_ctl: ctlCommands length: ", lengthof(p_to_be_signed_rca_ctl.ctlCommands));
for (var integer v_i := 0; v_i < lengthof(p_to_be_signed_rca_ctl.ctlCommands); v_i := v_i + 1) {
var CtlCommand v_ctl_command := p_to_be_signed_rca_ctl.ctlCommands[v_i];
if (ischosen(v_ctl_command.delete)) {
log("f_verify_full_ctl: ctlCommands shall not contains 'delete' variant");
return false;
} else {
if (f_verify_ctl_entry(v_ctl_command.add) == false) {
log("f_verify_full_ctl: ctlCommands contains invalid entries");
return false;
}
}
} // End of 'for' statements
return true;
}
3323
3324
3325
3326
3327
3328
3329
3330
3331
3332
3333
3334
3335
3336
3337
3338
3339
3340
3341
3342
3343
function f_verify_full_crl(
in ToBeSignedCrl p_to_be_signed_crl
) return boolean {
log(">>> f_verify_full_crl: p_to_be_signed_crl= ", p_to_be_signed_crl);
// 1. Check mandatory fields
log("f_verify_full_crl matching= ", match(p_to_be_signed_crl, mw_to_be_signed_crl));
if (match(p_to_be_signed_crl, mw_to_be_signed_crl) == false) {
return false;
}
log("f_verify_full_crl: entries length: ", lengthof(p_to_be_signed_crl.entries));
for (var integer v_i := 0; v_i < lengthof(p_to_be_signed_crl.entries); v_i := v_i + 1) {
var CrlEntry v_crl_entry := p_to_be_signed_crl.entries[v_i];
log("f_verify_full_crl: crlEntry: v_crl_entry");
} // End of 'for' statements
return true;
}
function f_verify_full_ectl(
in ToBeSignedRcaCtl p_to_be_signed_tlm_ectl
) return boolean {
log(">>> f_verify_full_ectl: p_to_be_signed_tlm_ectl= ", p_to_be_signed_tlm_ectl);
// 1. Check mandatory fields
log("f_verify_full_ectl matching= ", match(p_to_be_signed_tlm_ectl, mw_to_be_signed_rca_full_ctl));
if (match(p_to_be_signed_tlm_ectl, mw_to_be_signed_rca_full_ctl) == false) {
return false;
}
log("f_verify_full_ectl: ctlCommands length: ", lengthof(p_to_be_signed_tlm_ectl.ctlCommands));
for (var integer v_i := 0; v_i < lengthof(p_to_be_signed_tlm_ectl.ctlCommands); v_i := v_i + 1) {
var CtlCommand v_ectl_command := p_to_be_signed_tlm_ectl.ctlCommands[v_i];
if (ischosen(v_ectl_command.delete)) {
log("f_verify_full_ectl: ctlCommands shall not contains 'delete' variant");
return false;
} else {
if (f_verify_ectl_entry(v_ectl_command.add) == false) {
log("f_verify_full_ectl: ctlCommands contains invalid entries");
return false;
}
}
} // End of 'for' statements
function f_verify_ctl_entry(
in CtlEntry p_ctl_entry
) return boolean {
log(">>> f_verify_ctl_entry: p_ctl_entry=", p_ctl_entry);
if (ischosen(p_ctl_entry.rca)) {
if (match(p_ctl_entry.rca, mw_root_ca_entry(mw_etsiTs103097Certificate)) == false) {
return false;
}
} else if (ischosen(p_ctl_entry.ea)) {
if (match(p_ctl_entry.ea, mw_ea_entry(mw_etsiTs103097Certificate)) == false) {
return false;
}
} else if (ischosen(p_ctl_entry.aa)) {
if (match(p_ctl_entry.aa, mw_aa_entry(mw_etsiTs103097Certificate)) == false) {
return false;
}
} else if (ischosen(p_ctl_entry.dc)) {
if (match(p_ctl_entry.dc, mw_dc_entry) == false) {
return false;
} else {
return false;
}
return true;
}
function f_verify_ectl_entry(
in CtlEntry p_ctl_entry
) return boolean {
log(">>> f_verify_ectl_entry: p_ctl_entry=", p_ctl_entry);
if (match(p_ctl_entry.tlm, mw_tlm_entry(mw_etsiTs103097Certificate)) == false) {
return false;
} else if (ischosen(p_ctl_entry.dc)) {
if (match(p_ctl_entry.dc, mw_dc_entry) == false) {
return false;
} else {
// TODO Verify RCA certificate & signature
}
} else if (ischosen(p_ctl_entry.rca)) {
if (match(p_ctl_entry.rca, mw_root_ca_entry(mw_etsiTs103097Certificate)) == false) {
return false;
} else {
// TODO Verify RCA certificate & signature
}
} else {
return false;
}
return true;
}
group tlm {
function f_verify_tlm_ectl_response_message(
in EtsiTs103097Data p_etsi_ts_103097_signed_data,
in boolean p_check_security := true,
out ToBeSignedTlmCtl p_to_be_signed_tlm_ectl
) return boolean {
var bitstring v_etsi_ts_102941_data_msg;
var bitstring v_tbs;
var Certificate v_certificate;
var boolean v_result;
var EtsiTs102941Data v_etsi_ts_102941_data;
log(">>> f_verify_tlm_ectl_response_message: p_etsi_ts_103097_signed_data= ", p_etsi_ts_103097_signed_data);
log("f_verify_tlm_ectl_response_message: p_etsi_ts_103097_signed_data.content.signedData.tbsData= ", p_etsi_ts_103097_signed_data.content.signedData.tbsData);
v_tbs := encvalue(p_etsi_ts_103097_signed_data.content.signedData.tbsData);
if (ischosen(p_etsi_ts_103097_signed_data.content.signedData.signer.certificate)) {
v_certificate := p_etsi_ts_103097_signed_data.content.signedData.signer.certificate[0];
} else {
var charstring v_certificate_id;
if (f_getCertificateFromDigest(p_etsi_ts_103097_signed_data.content.signedData.signer.digest, v_certificate, v_certificate_id) == false) {
log("f_verify_tlm_ectl_response_message: Failed to retrieve certificate from digest ", p_etsi_ts_103097_signed_data.content.signedData.signer.digest);
if (p_check_security == true) {
return false;
}
}
}
if (ischosen(p_etsi_ts_103097_signed_data.content.signedData.signature_.ecdsaBrainpoolP384r1Signature)) {
v_result := f_verifyEcdsa(bit2oct(v_tbs), int2oct(0, 48), p_etsi_ts_103097_signed_data.content.signedData.signature_, v_certificate.toBeSigned.verifyKeyIndicator.verificationKey);
v_result := f_verifyEcdsa(bit2oct(v_tbs), int2oct(0, 32), p_etsi_ts_103097_signed_data.content.signedData.signature_, v_certificate.toBeSigned.verifyKeyIndicator.verificationKey);
log("f_verify_tlm_ectl_response_message: Failed to verify signature");
if (p_check_security == true) {
return false;
}
}
v_etsi_ts_102941_data_msg := oct2bit(p_etsi_ts_103097_signed_data.content.signedData.tbsData.payload.data.content.unsecuredData);
if (decvalue(v_etsi_ts_102941_data_msg, v_etsi_ts_102941_data) != 0) {
log("f_verify_tlm_ectl_response_message: Failed to decode EtsiTs102941Data");
return false;
} else {
log("f_verify_tlm_ectl_response_message: v_etsi_ts_102941_data= ", v_etsi_ts_102941_data);
log("f_verify_pki_response_message: TlmCertificateTrustListMessage matching= ", match(v_etsi_ts_102941_data, mw_etsiTs102941Data_to_be_signed_tlm_ctl));
if (match(v_etsi_ts_102941_data, mw_etsiTs102941Data_to_be_signed_tlm_ctl) == false) {
log("f_verify_tlm_ectl_response_message: Failed to decode certificateTrustListTlm");
return false;
} else {
var Time32 v_time := (f_getCurrentTime()/* - 1072915200000*/) / 1000;
p_to_be_signed_tlm_ectl := v_etsi_ts_102941_data.content.certificateTrustListTlm;
log("f_verify_tlm_ectl_response_message: p_to_be_signed_tlm_ectl= ", p_to_be_signed_tlm_ectl);
if (p_to_be_signed_tlm_ectl.nextUpdate <= v_time) {
log("f_verify_tlm_ectl_response_message: Invalid nextUpdate value: compared values=", p_to_be_signed_tlm_ectl.nextUpdate, "/", v_time);
return false;
}
// TODO Verify RCA certificate & signature
}
}
return true;
}
} // End of group tlm
function f_await_http_inner_ec_request_response(
out Oct32 p_private_key,
out Oct32 p_compressed_public_key,
out integer p_compressed_mode,
out InnerEcResponse p_inner_ec_response,
in boolean p_strict_checks := true
var Oct32 v_request_hash;
var Oct16 v_encrypted_sym_key;
var Oct16 v_aes_sym_key;
var HashedId8 v_aes_sym_key_hashed_id8;
var Oct16 v_authentication_vector;
var Oct12 v_nonce;
var octetstring v_salt;
var Ieee1609Dot2Data v_ieee1609dot2_signed_and_encrypted_data;
var EtsiTs102941Data v_etsi_ts_102941_data;
var HttpMessage v_response;
log(">>> f_await_http_inner_ec_request_response: p_strict_checks=", p_strict_checks);
f_http_build_inner_ec_request(p_private_key, p_compressed_public_key, p_compressed_mode, v_aes_sym_key, v_encrypted_sym_key, v_authentication_vector, v_nonce, v_salt, v_ieee1609dot2_signed_and_encrypted_data, v_request_hash);
v_aes_sym_key_hashed_id8 := f_hashedId8FromSha256(f_hashWithSha256('80'O & v_aes_sym_key)); // Used to macth the response
f_init_default_headers_list(-, "inner_ec_request", v_headers);
f_http_send(
v_headers,
m_http_request(
m_http_request_post(
PICS_HTTP_POST_URI_EC,
v_headers,
m_http_message_body_binary(
m_binary_body_ieee1609dot2_data(
v_ieee1609dot2_signed_and_encrypted_data
)))));
[] a_await_ec_http_request_from_iut(
mw_http_response(
mw_http_response_ok(
mw_http_message_body_binary(
mw_binary_body_ieee1609dot2_data(
mw_enrolmentResponseMessage(
mw_encryptedData(
{ *, mw_recipientInfo_pskRecipInfo(v_aes_sym_key_hashed_id8), * },
mw_SymmetricCiphertext_aes128ccm
)))))),
v_response
) {
if (f_verify_pki_response_message(p_private_key, v_aes_sym_key, v_authentication_vector, vc_eaWholeHash, v_response.response.body.binary_body.ieee1609dot2_data, p_strict_checks, -, v_etsi_ts_102941_data) == false) {
log("f_await_http_inner_ec_request_response: Failed to verify PKI message ***");
log("f_await_http_inner_ec_request_response: Receive ", v_etsi_ts_102941_data, " ***");
// Verify the received EC certificate
log("f_await_http_inner_ec_request_response: match ", match(v_etsi_ts_102941_data.content, mw_enrolmentResponse(mw_innerEcResponse_ok(substr(v_request_hash, 0, 16), mw_etsiTs103097Certificate(-, mw_toBeSignedCertificate_ec)))), " ***"); // TODO In TITAN, this is the only way to get the unmatching in log
if (match(v_etsi_ts_102941_data.content, mw_enrolmentResponse(mw_innerEcResponse_ok(?/*FIXME YANN Blackberry substr(v_request_hash, 0, 16)*/, mw_etsiTs103097Certificate(-, mw_toBeSignedCertificate_ec)))) == false) {
log("f_await_http_inner_ec_request_response: Unexpected message received ***");
if (p_strict_checks) {
return false;
}
}
Yann Garcia
committed
if (ischosen(v_etsi_ts_102941_data.content.enrolmentResponse) and ispresent(v_etsi_ts_102941_data.content.enrolmentResponse.certificate)) {
if (f_verify_ec_certificate(v_etsi_ts_102941_data.content.enrolmentResponse.certificate, vc_eaCertificate, vc_eaHashedId8, p_compressed_public_key, p_compressed_mode) == false) {
log("f_await_http_inner_ec_request_response: Cannot verify EC certificate signature ***");
if (p_strict_checks) {
return false;
p_inner_ec_response := v_etsi_ts_102941_data.content.enrolmentResponse;
log("f_await_http_inner_ec_request_response: Well-secured EA certificate received ***");
log("p_inner_ec_response= ", p_inner_ec_response);
} else {
log("f_await_http_inner_ec_request_response: Invalid message received ***");
return false;
}
[] tc_ac.timeout {
log("f_await_http_inner_ec_request_response: Expected message not received ***");
}
} // End of 'alt' statement
} // End of function f_await_http_inner_ec_request_response
function f_await_ec_request_send_response(
out InnerEcResponse p_inner_ec_response
) runs on ItsPkiHttp return boolean {
var HttpMessage v_request;
var boolean v_result := false;
log(">>> f_await_ec_request_send_response");
tc_ac.start;
alt {
[] a_await_ec_http_request_from_iut(
mw_http_request(
mw_http_request_post(
PICS_HTTP_POST_URI_EC,
-,
mw_http_message_body_binary(
mw_binary_body_ieee1609dot2_data(
mw_enrolmentRequestMessage(
mw_encryptedData(
-,
mw_SymmetricCiphertext_aes128ccm
)))))),
v_request
) {
var Ieee1609Dot2Data v_ieee1609dot2_signed_and_encrypted_data;
var EtsiTs102941Data v_etsi_ts_102941_data;
var Oct16 v_request_hash;
var Oct16 v_aes_enc_key;
var InnerEcRequest v_inner_ec_request;
var template (value) HttpMessage v_response;
tc_ac.stop;
f_init_default_headers_list(-, "inner_ec_response", v_headers);
if (f_verify_pki_request_message(vc_eaPrivateEncKey, vc_eaWholeHash/*salt*/, ''O, v_request.request.body.binary_body.ieee1609dot2_data, false, v_request_hash, v_etsi_ts_102941_data, v_aes_enc_key) == false) { // Cannot decrypt the message
log("f_await_ec_request_send_response: Failed to verify PKI message ***");
// Send error message
v_response := m_http_response(m_http_response_ko(m_http_message_body_binary(m_binary_body_ieee1609dot2_data(v_ieee1609dot2_signed_and_encrypted_data)), v_headers, 400, "Bad request")); // Initialize v_reponse with an error message
} else {
log("f_await_ec_request_send_response: Receive ", v_etsi_ts_102941_data, " ***");
if (f_verify_inner_ec_request_signed_for_pop(v_etsi_ts_102941_data, v_inner_ec_request) == false) {
log("f_await_ec_request_send_response: Failed to verify PKI message ***");
// Send error message
f_http_build_inner_ec_response(v_inner_ec_request/*Not required*/, cantparse, v_request_hash, -, -, v_aes_enc_key, p_inner_ec_response, v_ieee1609dot2_signed_and_encrypted_data);
v_response := m_http_response(m_http_response_ok(m_http_message_body_binary(m_binary_body_ieee1609dot2_data(v_ieee1609dot2_signed_and_encrypted_data)), v_headers));
} else {
f_http_build_inner_ec_response(v_inner_ec_request, ok, v_request_hash, vc_eaPrivateKey, vc_eaWholeHash, v_aes_enc_key, p_inner_ec_response, v_ieee1609dot2_signed_and_encrypted_data);
v_response := m_http_response(m_http_response_ok(m_http_message_body_binary(m_binary_body_ieee1609dot2_data(v_ieee1609dot2_signed_and_encrypted_data)), v_headers));
}
}
[] tc_ac.timeout {
log("f_await_ec_request_send_response: Expected message not received ***");
}
} // End of 'alt' statement
return v_result;
} // End of function f_await_ec_request_send_response
3661
3662
3663
3664
3665
3666
3667
3668
3669
3670
3671
3672
3673
3674
3675
3676
3677
3678
3679
3680
3681
3682
3683
3684
3685
3686
3687
3688
3689
3690
3691
3692
3693
3694
3695
3696
3697
3698
3699
3700
3701
3702
3703
3704
3705
3706
3707
3708
3709
3710
3711
function f_await_dc_request_send_response(
in charstring p_rca_certificate_id,
in charstring p_aa_certificate_id,
in charstring p_ea_certificate_id,
out ToBeSignedRcaCtl p_ctl
) runs on ItsPkiHttp return boolean {
var HttpMessage v_request;
var boolean v_result := false;
log(">>> f_await_dc_request_send_response");
tc_ac.start;
alt {
[] a_await_dc_http_request_from_iut(
mw_http_request(
mw_http_request_post(
PICS_HTTP_POST_URI_DC
)),
v_request
) {
var Ieee1609Dot2Data v_ieee1609dot2_signed_and_encrypted_data;
var ToBeSignedRcaCtl p_to_be_signed_rca_ctl;
var EtsiTs102941Data v_etsi_ts_102941_data;
var Oct16 v_request_hash;
var Oct16 v_aes_enc_key;
var template (value) HttpMessage v_response;
var Headers v_headers;
tc_ac.stop;
f_init_default_headers_list(-, "inner_dc_response", v_headers);
// Send message
f_build_dc_ctl(
p_rca_certificate_id,
p_aa_certificate_id,
p_ea_certificate_id,
p_to_be_signed_rca_ctl
);
f_sign_dc_ctl(p_rca_certificate_id, p_to_be_signed_rca_ctl, v_ieee1609dot2_signed_and_encrypted_data);
v_response := m_http_response(m_http_response_ok(m_http_message_body_binary(m_binary_body_ieee1609dot2_data(v_ieee1609dot2_signed_and_encrypted_data)), v_headers));
f_http_send(v_headers, v_response);
v_result := true;
}
[] tc_ac.timeout {
log("f_await_dc_request_send_response: Expected message not received ***");
}
} // End of 'alt' statement
return v_result;
} // End of function f_await_dc_request_send_response
* @desc Build a signed and encrypted PKI request message
* @param p_private_key Private key for signature
* @param p_signer_identifier Signer identifier for signature, could be self or certificate HashedId8
* @param p_recipientId Recipient identifier to be inclued in encrypted layer.
* If value is int2oct(0. 8), the recipient id is the HashedId8 of the symmetric key used by the sender to encrypt the message to which the response is built
* @param p_public_key_compressed The public compressed key (canonical form) for encryption
* @param p_compressed_mode The compressed mode of the public compressed key (canonical form) for encryption
* @param p_pki_message The PKI message to be secured
* @param p_ieee1609dot2_signed_and_encrypted_data The secured message
* @return true on success, false otherwise
*/
function f_build_pki_secured_request_message_signed_with_pop(
in octetstring p_private_key,
in SignerIdentifier p_signer_identifier,
in HashedId8 p_recipientId,
in octetstring p_public_key_compressed,
in integer p_compressed_mode,
in octetstring p_salt,
in octetstring p_pki_message,
in SecurityAlg p_enc_algorithm, // TODO Use RCA to check encryption alg
in boolean p_alter_signature := false,
out Ieee1609Dot2Data p_ieee1609dot2_signed_and_encrypted_data,
out Oct16 p_aes_sym_key,
out Oct16 p_encrypted_sym_key,
out Oct16 p_authentication_vector,
out Oct12 p_nonce,
out Oct32 p_request_hash
) return boolean {
// Local variables
var template (value) EccP256CurvePoint v_eccP256_curve_point;
var template (value) ToBeSignedData v_tbs;
var octetstring v_tbs_signed;
var Signature v_signature;
var template (value) Ieee1609Dot2Data v_ieee1609dot2_signed_data;
var octetstring v_encoded_request;
var HashedId8 v_recipientId;
var octetstring v_public_compressed_ephemeral_key;
var integer v_public_compressed_ephemeral_mode;
var octetstring v_encrypted_request;
var EncryptedDataEncryptionKey v_encrypted_data_encryption_key;
log(">>> f_build_pki_secured_request_message_signed_with_pop: p_private_key= ", p_private_key);
log(">>> f_build_pki_secured_request_message_signed_with_pop: p_signer_identifier= ", p_signer_identifier);
log(">>> f_build_pki_secured_request_message_signed_with_pop: p_recipientId= ", p_recipientId);
log(">>> f_build_pki_secured_request_message_signed_with_pop: p_public_key_compressed= ", p_public_key_compressed);
log(">>> f_build_pki_secured_request_message_signed_with_pop: p_compressed_mode= ", p_compressed_mode);
log(">>> f_build_pki_secured_request_message_signed_with_pop: p_salt= ", p_salt);
log(">>> f_build_pki_secured_request_message_signed_with_pop: p_pki_message= ", p_pki_message);
log(">>> f_build_pki_secured_request_message_signed_with_pop: p_enc_algorithm= ", p_enc_algorithm);
log(">>> f_build_pki_secured_request_message_signed_with_pop: p_alter_signature= ", p_alter_signature);
// Signed the encoded PKI message
v_tbs := m_toBeSignedData(
m_signedDataPayload(
m_headerInfo_inner_pki_request(-, (f_getCurrentTime() * 1000)/*us*/)
log("f_build_pki_secured_request_message_signed_with_pop: v_tbs: ", v_tbs);
v_tbs_signed := f_signWithEcdsa(bit2oct(encvalue(v_tbs)), int2oct(0, 32), p_private_key);
} else {
var octetstring v_hash;
// FIXME Huge issue, certificate is BP256 and PX_VE_ALG is e_brainpool_p384_r1, so v_hash & p_private_key are 32 bytes length not 48
// ==> Need to sign with v_certificate_id capabilities not with PX_VE_ALG :(
fx_readCertificateFromDigest(p_signer_identifier.digest, v_certificate_id); // TODO Add a wrapper function
f_getCertificateHash(v_certificate_id, v_hash);
v_tbs_signed := f_signWithEcdsa(bit2oct(encvalue(v_tbs)), v_hash, p_private_key);
log("f_build_pki_secured_request_message_signed_with_pop: lengthof(v_tbs_signed)= ", lengthof(v_tbs_signed));
log("f_build_pki_secured_request_message_signed_with_pop: v_tbs_signed= ", v_tbs_signed);
if (p_alter_signature == true) {
v_tbs_signed[0] := '0A'O;
v_tbs_signed[1] := '0A'O;
log("f_build_pki_secured_request_message_signed_with_pop: Altered signature= ", v_tbs_signed);
}
// Add the signature and create EtsiTs103097Data-Signed data structure
log("f_build_pki_secured_request_message_signed_with_pop: PX_VE_ALG=", PX_VE_ALG);
3797
3798
3799
3800
3801
3802
3803
3804
3805
3806
3807
3808
3809
3810
3811
3812
3813
3814
3815
3816
3817
3818
3819
3820
3821
3822
3823
3824
3825
3826
3827
3828
3829
3830
3831
if (PX_VE_ALG == e_nist_p256) {
v_signature := valueof(
m_signature_ecdsaNistP256(
m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(
substr(v_tbs_signed, 0, 32)
),
substr(v_tbs_signed, 32, 32)
)
)
);
} else if (PX_VE_ALG == e_brainpool_p256_r1) {
v_signature := valueof(
m_signature_ecdsaBrainpoolP256r1(
m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(
substr(v_tbs_signed, 0, 32)
),
substr(v_tbs_signed, 32, 32)
)
)
);
} else if (PX_VE_ALG == e_brainpool_p384_r1) {
v_signature := valueof(
m_signature_ecdsaBrainpoolP384r1(
m_ecdsaP384Signature(
m_eccP384CurvePoint_x_only(
substr(v_tbs_signed, 0, 48)
),
substr(v_tbs_signed, 48, 48)
)
)
);
}
log("f_build_pki_secured_request_message_signed_with_pop: v_signature= ", v_signature);
v_ieee1609dot2_signed_data := m_etsiTs103097Data_signed(
m_signedData(
sha256,
v_tbs,
p_signer_identifier,
// Encode EtsiTs103097Data-Signed data structure
v_encoded_request := bit2oct(encvalue(v_ieee1609dot2_signed_data));
log("f_build_pki_secured_request_message_signed_with_pop: v_encoded_request= ", v_encoded_request);
// Encrypt encode EtsiTs103097Data-Signed data structure
v_encrypted_request := f_encryptWithEciesNistp256WithSha256(v_encoded_request, p_public_key_compressed, p_compressed_mode, p_salt, v_public_compressed_ephemeral_key, v_public_compressed_ephemeral_mode, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce);
} else if (p_enc_algorithm == e_brainpool_p256_r1) {
v_encrypted_request := f_encryptWithEciesBrainpoolp256r1WithSha256(v_encoded_request, p_public_key_compressed, p_compressed_mode, p_salt, v_public_compressed_ephemeral_key, v_public_compressed_ephemeral_mode, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce);
} else {
log("f_build_pki_secured_request_message_signed_with_pop: Wrong encryption variant");
return false;
}
log("f_build_pki_secured_request_message_signed_with_pop: p_aes_sym_key= ", p_aes_sym_key);
log("f_build_pki_secured_request_message_signed_with_pop: p_encrypted_sym_key= ", p_encrypted_sym_key);
log("f_build_pki_secured_request_message_signed_with_pop: p_authentication_vector= ", p_authentication_vector);
log("f_build_pki_secured_request_message_signed_with_pop: p_nonce= ", p_nonce);
log("f_build_pki_secured_request_message_signed_with_pop: p_recipientId= ", p_recipientId);
if (p_recipientId == int2oct(0, 8)) {
log("f_build_pki_secured_request_message_signed_with_pop: f_hashWithSha256(v_encrypted_sym_key)= ", f_hashWithSha256(p_encrypted_sym_key));
v_recipientId := f_hashedId8FromSha256(f_hashWithSha256(p_encrypted_sym_key));
} else {
v_recipientId := p_recipientId;
}
log("f_build_pki_secured_request_message_signed_with_pop: v_recipientId= ", v_recipientId);
// Fill Certificate template with the public compressed keys (canonical form)
if (v_public_compressed_ephemeral_mode == 0) {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_public_compressed_ephemeral_key));
} else {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_public_compressed_ephemeral_key));
}
v_encrypted_data_encryption_key := valueof(
m_encryptedDataEncryptionKey_eciesNistP256(
m_evciesP256EncryptedKey(
v_eccP256_curve_point,
p_encrypted_sym_key,
p_authentication_vector
)));
} else if (p_enc_algorithm == e_brainpool_p256_r1) {
v_encrypted_data_encryption_key := valueof(
m_encryptedDataEncryptionKey_eciesBrainpoolP256r1(
m_evciesP256EncryptedKey(
v_eccP256_curve_point,
p_encrypted_sym_key,
p_authentication_vector
)));
} else {
log("f_build_pki_secured_request_message_signed_with_pop: Wrong encryption variant");
return false;
}
p_ieee1609dot2_signed_and_encrypted_data := valueof(
m_etsiTs103097Data_encrypted(
m_encryptedData(
{
m_recipientInfo_certRecipInfo(
m_pKRecipientInfo(
v_recipientId,
v_encrypted_data_encryption_key
))
},
m_SymmetricCiphertext_aes128ccm(
m_aesCcmCiphertext(
p_nonce,
v_encrypted_request
)
)
// The 'p_request_hash' shall be the SHA256 digest of the OER representation of the topmost EtsiTs103097Data-Encoded structure
v_enc_value := encvalue(p_ieee1609dot2_signed_and_encrypted_data);
p_request_hash := f_hashWithSha256(bit2oct(v_enc_value));
log("f_build_pki_secured_request_message_signed_with_pop: p_request_hash= ", p_request_hash);
log("<<< f_build_pki_secured_request_message_signed_with_pop: ", p_pki_message);
return true;
} // End of function f_build_pki_secured_request_message_signed_with_pop
/**
* @desc Build a signed and encrypted PKI request message without POP with signature
* @param p_recipientId Recipient identifier to be inclued in encrypted layer.
* If value is int2oct(0. 8), the recipient id is the HashedId8 of the symmetric key used by the sender to encrypt the message to which the response is built
* @param p_public_key_compressed The public compressed key (canonical form) for encryption
* @param p_compressed_mode The compressed mode of the public compressed key (canonical form) for encryption
* @param p_pki_message The PKI message to be secured
* @param p_ieee1609dot2_signed_and_encrypted_data The secured message
* @return true on success, false otherwise
*/
function f_build_pki_secured_request_message(
in HashedId8 p_recipientId,
in octetstring p_public_key_compressed,
in integer p_compressed_mode,
in octetstring p_salt,
in octetstring p_pki_message,
out Ieee1609Dot2Data p_ieee1609dot2_signed_and_encrypted_data,
out Oct16 p_aes_sym_key,
out Oct16 p_encrypted_sym_key,
out Oct16 p_authentication_vector,
out Oct12 p_nonce,
out Oct32 p_request_hash
) return boolean {
// Local variables
var template (value) EccP256CurvePoint v_eccP256_curve_point;
var HashedId8 v_recipientId;
var octetstring v_public_compressed_ephemeral_key;
var integer v_public_compressed_ephemeral_mode;
var octetstring v_encrypted_request;
var EncryptedDataEncryptionKey v_encrypted_data_encryption_key;
log(">>> f_build_pki_secured_request_message");
// Encrypt encode EtsiTs103097Data-Signed data structure
v_encrypted_request := f_encryptWithEciesNistp256WithSha256(p_pki_message, p_public_key_compressed, p_compressed_mode, p_salt, v_public_compressed_ephemeral_key, v_public_compressed_ephemeral_mode, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce);
} else if (p_enc_algorithm == e_brainpool_p256_r1) {
v_encrypted_request := f_encryptWithEciesBrainpoolp256r1WithSha256(p_pki_message, p_public_key_compressed, p_compressed_mode, p_salt, v_public_compressed_ephemeral_key, v_public_compressed_ephemeral_mode, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce);
} else {
log("f_build_pki_secured_request_message: Wrong encryption variant");
return false;
}
log("f_build_pki_secured_request_message: p_aes_sym_key= ", p_aes_sym_key);
log("f_build_pki_secured_request_message: p_encrypted_sym_key= ", p_encrypted_sym_key);
log("f_build_pki_secured_request_message: p_authentication_vector= ", p_authentication_vector);
log("f_build_pki_secured_request_message: p_nonce= ", p_nonce);
log("f_build_pki_secured_request_message: p_recipientId= ", p_recipientId);
if (p_recipientId == int2oct(0, 8)) {
log("f_build_pki_secured_request_message: f_hashWithSha256(v_encrypted_sym_key)= ", f_hashWithSha256(p_encrypted_sym_key));
v_recipientId := f_hashedId8FromSha256(f_hashWithSha256(p_encrypted_sym_key));
} else {
v_recipientId := p_recipientId;
}
log("f_build_pki_secured_request_message: v_recipientId= ", v_recipientId);
// Fill Certificate template with the public compressed keys (canonical form)
if (v_public_compressed_ephemeral_mode == 0) {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_public_compressed_ephemeral_key));
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_public_compressed_ephemeral_key));
v_encrypted_data_encryption_key := valueof(
m_encryptedDataEncryptionKey_eciesNistP256(
m_evciesP256EncryptedKey(
v_eccP256_curve_point,
p_encrypted_sym_key,
p_authentication_vector
)));
} else if (p_enc_algorithm == e_brainpool_p256_r1) {
v_encrypted_data_encryption_key := valueof(
m_encryptedDataEncryptionKey_eciesBrainpoolP256r1(
m_evciesP256EncryptedKey(
v_eccP256_curve_point,
p_encrypted_sym_key,
p_authentication_vector
)));
}
p_ieee1609dot2_signed_and_encrypted_data := valueof(