Loading ttcn/Pki/LibItsPki_Functions.ttcn +28 −9 Original line number Diff line number Diff line Loading @@ -59,6 +59,7 @@ module LibItsPki_Functions { ) runs on ItsPki /* TITAN TODO: system ItsPkiSystem */ { map(self:pkiPort, system:pkiPort); map(self:acPkiPort, system:acPkiPort); f_connect4SelfOrClientSync(); if( not f_loadCertificates(PX_IUT_SEC_CONFIG_NAME) ) { Loading Loading @@ -95,6 +96,7 @@ module LibItsPki_Functions { */ function f_cfDown() runs on ItsPki /* TITAN TODO: system ItsPkiSystem */ { unmap(self:pkiPort, system:pkiPort); unmap(self:acPkiPort, system:acPkiPort); f_disconnect4SelfOrClientSync(); } // End of function f_cfDown Loading Loading @@ -239,6 +241,8 @@ module LibItsPki_Functions { function f_build_pki_secured_message( in Oct32 p_private_key, in SignerIdentifier p_signer_identifier, in HashedId8 p_recipientId, in Oct32 p_publicKeyCompressed, in integer p_compressedMode, in octetstring p_pki_message, Loading @@ -253,26 +257,33 @@ module LibItsPki_Functions { var Oct12 v_nonce; var Oct16 v_authentication_vector; var Oct16 v_encrypted_sym_key; var HashedId8 v_recipientId; var Oct32 v_publicEphemeralKeyCompressed; var integer v_ephemeralKeyModeCompressed; var HashedId8 v_recipientId; var octetstring v_encrypted_inner_ec_request; // Signed the encoded InnerEcRequestSignedForPop // Signed the encoded PKI message v_tbs := m_toBeSignedData( m_signedDataPayload( m_etsiTs103097Data_unsecured(p_pki_message) ), m_headerInfo_inner_ec_request(12345, f_getCurrentTime()) // TODO Use PIXIT ); // Signed the encoded InnerEcRequestSignedForPop v_tbs_signed := fx_signWithEcdsaNistp256WithSha256(bit2oct(encvalue(v_tbs)), int2oct(0, 32), p_private_key); // TODO Use wrapping function // Finalyse signed InnerEcRequestSignedForPop if (ischosen(p_signer_identifier.self_)) { v_tbs_signed := f_signWithEcdsaNistp256WithSha256(bit2oct(encvalue(v_tbs)), int2oct(0, 32), p_private_key); } else { var charstring v_certificate_id; var octetstring v_hash; fx_readCertificateFromDigest(p_signer_identifier.digest, v_certificate_id); // TODO Add a wrapper function f_getCertificateHash(v_certificate_id, v_hash); v_tbs_signed := f_signWithEcdsaNistp256WithSha256(bit2oct(encvalue(v_tbs)), v_hash, p_private_key); } // Add the signature and create EtsiTs103097Data-Signed data structure v_ieee1609dot2_signed_data := m_etsiTs103097Data_signed( m_signedData( sha256, v_tbs, m_signerIdentifier_self, // TODO ETSI TS 102 941 Clause 6.2.3.2.1 bullet 5 dash 3: Using disgest of EC if non canonical indentifier p_signer_identifier, m_signature_ecdsaNistP256( m_ecdsaP256Signature( m_eccP256CurvePoint_x_only( Loading @@ -283,11 +294,19 @@ module LibItsPki_Functions { ) ) ); // Encode InnerEcRequestSignedForPop // Encode EtsiTs103097Data-Signed data structure v_encoded_inner_ec_request := bit2oct(encvalue(v_ieee1609dot2_signed_data)); // Encrypt the encoded signed InnerEcRequestSignedForPop // Encrypt encode EtsiTs103097Data-Signed data structure v_encrypted_inner_ec_request := f_encryptWithEciesNistp256WithSha256(v_encoded_inner_ec_request, p_publicKeyCompressed, p_compressedMode, v_publicEphemeralKeyCompressed, v_ephemeralKeyModeCompressed, v_encrypted_sym_key, v_authentication_vector, v_nonce); v_recipientId := f_HashedId8FromSha256(f_hashWithSha256(v_encrypted_inner_ec_request)); // IEEE Std 1609.2a-2017 Clause 6.3.34 PKRecipientInfo log("p_recipientId=", p_recipientId); if (p_recipientId == int2oct(0, 8)) { log("v_encrypted_sym_key=", v_encrypted_sym_key); log("f_hashWithSha256(v_encrypted_sym_key=", f_hashWithSha256(v_encrypted_sym_key)); v_recipientId := f_HashedId8FromSha256(f_hashWithSha256(v_encrypted_sym_key)); } else { v_recipientId := p_recipientId; } log("v_recipientId=", v_recipientId); // Fill Certificate template with the public compressed keys (canonical form) if (v_ephemeralKeyModeCompressed == 0) { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_publicEphemeralKeyCompressed)); Loading ttcn/Pki/LibItsPki_TestSystem.ttcn +7 −7 Original line number Diff line number Diff line Loading @@ -43,17 +43,17 @@ module LibItsPki_TestSystem { /** * @desc Adapter control port */ // type port AdapterControlPort message { // out AcPkiPrimitive; // in AcPkiResponse; // } // End of AdapterControlPort type port AdapterControlPkiPort message { out AcPkiPrimitive; in AcPkiResponse; } // End of AdapterControlPkiPort type port PkiPort message { inout InnerEcRequest, InnerEcResponse; } type component ItsPkiSystem { // port LibItsPki_TestSystem.AdapterControlPort acPkiPort; port AdapterControlPkiPort acPkiPort; port PkiPort pkiPort; } // End of component ItsPkiSystem Loading @@ -64,7 +64,7 @@ module LibItsPki_TestSystem { } // End of component ItsPkiItssSystem type component ItsPki extends ItsSecurityBaseComponent, ItsBaseMtc { // port LibItsPki_TestSystem.AdapterControlPort acPkiPort; port AdapterControlPkiPort acPkiPort; port PkiPort pkiPort; var Certificate vc_eaCertificate; /** Test Adapter EA certificate */ Loading @@ -75,8 +75,8 @@ module LibItsPki_TestSystem { } // End of component ItsPki type component ItsPkiItss extends ItsGeoNetworking { port AdapterControlPkiPort acPkiPort; port PkiPort pkiPort; // port LibItsPki_TestSystem.AdapterControlPort acPkiPort; } // End of component ItsPkiItss } // End of module LibItsPki_TestSystem ttcn/Pki/LibItsPki_TypesAndValues.ttcn +2 −0 Original line number Diff line number Diff line Loading @@ -26,6 +26,8 @@ module LibItsPki_TypesAndValues { */ type union AcPkiResponse { boolean result } with { variant "" } type record AcSetSecurityData { Loading Loading
ttcn/Pki/LibItsPki_Functions.ttcn +28 −9 Original line number Diff line number Diff line Loading @@ -59,6 +59,7 @@ module LibItsPki_Functions { ) runs on ItsPki /* TITAN TODO: system ItsPkiSystem */ { map(self:pkiPort, system:pkiPort); map(self:acPkiPort, system:acPkiPort); f_connect4SelfOrClientSync(); if( not f_loadCertificates(PX_IUT_SEC_CONFIG_NAME) ) { Loading Loading @@ -95,6 +96,7 @@ module LibItsPki_Functions { */ function f_cfDown() runs on ItsPki /* TITAN TODO: system ItsPkiSystem */ { unmap(self:pkiPort, system:pkiPort); unmap(self:acPkiPort, system:acPkiPort); f_disconnect4SelfOrClientSync(); } // End of function f_cfDown Loading Loading @@ -239,6 +241,8 @@ module LibItsPki_Functions { function f_build_pki_secured_message( in Oct32 p_private_key, in SignerIdentifier p_signer_identifier, in HashedId8 p_recipientId, in Oct32 p_publicKeyCompressed, in integer p_compressedMode, in octetstring p_pki_message, Loading @@ -253,26 +257,33 @@ module LibItsPki_Functions { var Oct12 v_nonce; var Oct16 v_authentication_vector; var Oct16 v_encrypted_sym_key; var HashedId8 v_recipientId; var Oct32 v_publicEphemeralKeyCompressed; var integer v_ephemeralKeyModeCompressed; var HashedId8 v_recipientId; var octetstring v_encrypted_inner_ec_request; // Signed the encoded InnerEcRequestSignedForPop // Signed the encoded PKI message v_tbs := m_toBeSignedData( m_signedDataPayload( m_etsiTs103097Data_unsecured(p_pki_message) ), m_headerInfo_inner_ec_request(12345, f_getCurrentTime()) // TODO Use PIXIT ); // Signed the encoded InnerEcRequestSignedForPop v_tbs_signed := fx_signWithEcdsaNistp256WithSha256(bit2oct(encvalue(v_tbs)), int2oct(0, 32), p_private_key); // TODO Use wrapping function // Finalyse signed InnerEcRequestSignedForPop if (ischosen(p_signer_identifier.self_)) { v_tbs_signed := f_signWithEcdsaNistp256WithSha256(bit2oct(encvalue(v_tbs)), int2oct(0, 32), p_private_key); } else { var charstring v_certificate_id; var octetstring v_hash; fx_readCertificateFromDigest(p_signer_identifier.digest, v_certificate_id); // TODO Add a wrapper function f_getCertificateHash(v_certificate_id, v_hash); v_tbs_signed := f_signWithEcdsaNistp256WithSha256(bit2oct(encvalue(v_tbs)), v_hash, p_private_key); } // Add the signature and create EtsiTs103097Data-Signed data structure v_ieee1609dot2_signed_data := m_etsiTs103097Data_signed( m_signedData( sha256, v_tbs, m_signerIdentifier_self, // TODO ETSI TS 102 941 Clause 6.2.3.2.1 bullet 5 dash 3: Using disgest of EC if non canonical indentifier p_signer_identifier, m_signature_ecdsaNistP256( m_ecdsaP256Signature( m_eccP256CurvePoint_x_only( Loading @@ -283,11 +294,19 @@ module LibItsPki_Functions { ) ) ); // Encode InnerEcRequestSignedForPop // Encode EtsiTs103097Data-Signed data structure v_encoded_inner_ec_request := bit2oct(encvalue(v_ieee1609dot2_signed_data)); // Encrypt the encoded signed InnerEcRequestSignedForPop // Encrypt encode EtsiTs103097Data-Signed data structure v_encrypted_inner_ec_request := f_encryptWithEciesNistp256WithSha256(v_encoded_inner_ec_request, p_publicKeyCompressed, p_compressedMode, v_publicEphemeralKeyCompressed, v_ephemeralKeyModeCompressed, v_encrypted_sym_key, v_authentication_vector, v_nonce); v_recipientId := f_HashedId8FromSha256(f_hashWithSha256(v_encrypted_inner_ec_request)); // IEEE Std 1609.2a-2017 Clause 6.3.34 PKRecipientInfo log("p_recipientId=", p_recipientId); if (p_recipientId == int2oct(0, 8)) { log("v_encrypted_sym_key=", v_encrypted_sym_key); log("f_hashWithSha256(v_encrypted_sym_key=", f_hashWithSha256(v_encrypted_sym_key)); v_recipientId := f_HashedId8FromSha256(f_hashWithSha256(v_encrypted_sym_key)); } else { v_recipientId := p_recipientId; } log("v_recipientId=", v_recipientId); // Fill Certificate template with the public compressed keys (canonical form) if (v_ephemeralKeyModeCompressed == 0) { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_publicEphemeralKeyCompressed)); Loading
ttcn/Pki/LibItsPki_TestSystem.ttcn +7 −7 Original line number Diff line number Diff line Loading @@ -43,17 +43,17 @@ module LibItsPki_TestSystem { /** * @desc Adapter control port */ // type port AdapterControlPort message { // out AcPkiPrimitive; // in AcPkiResponse; // } // End of AdapterControlPort type port AdapterControlPkiPort message { out AcPkiPrimitive; in AcPkiResponse; } // End of AdapterControlPkiPort type port PkiPort message { inout InnerEcRequest, InnerEcResponse; } type component ItsPkiSystem { // port LibItsPki_TestSystem.AdapterControlPort acPkiPort; port AdapterControlPkiPort acPkiPort; port PkiPort pkiPort; } // End of component ItsPkiSystem Loading @@ -64,7 +64,7 @@ module LibItsPki_TestSystem { } // End of component ItsPkiItssSystem type component ItsPki extends ItsSecurityBaseComponent, ItsBaseMtc { // port LibItsPki_TestSystem.AdapterControlPort acPkiPort; port AdapterControlPkiPort acPkiPort; port PkiPort pkiPort; var Certificate vc_eaCertificate; /** Test Adapter EA certificate */ Loading @@ -75,8 +75,8 @@ module LibItsPki_TestSystem { } // End of component ItsPki type component ItsPkiItss extends ItsGeoNetworking { port AdapterControlPkiPort acPkiPort; port PkiPort pkiPort; // port LibItsPki_TestSystem.AdapterControlPort acPkiPort; } // End of component ItsPkiItss } // End of module LibItsPki_TestSystem
ttcn/Pki/LibItsPki_TypesAndValues.ttcn +2 −0 Original line number Diff line number Diff line Loading @@ -26,6 +26,8 @@ module LibItsPki_TypesAndValues { */ type union AcPkiResponse { boolean result } with { variant "" } type record AcSetSecurityData { Loading