STF545: Add acPkiPort support for Pki. Conflict with acPort to be fixed

ttcn/Pki/LibItsPki_Functions.ttcn

@@ -59,6 +59,7 @@ module LibItsPki_Functions {
                    ) runs on ItsPki /* TITAN TODO: system ItsPkiSystem */ {
             
       map(self:pkiPort, system:pkiPort);
+      map(self:acPkiPort, system:acPkiPort);
       f_connect4SelfOrClientSync();
       
       if( not f_loadCertificates(PX_IUT_SEC_CONFIG_NAME) ) {
@@ -95,6 +96,7 @@ module LibItsPki_Functions {
      */
     function f_cfDown() runs on ItsPki /* TITAN TODO: system ItsPkiSystem */ {
       unmap(self:pkiPort, system:pkiPort);
+      unmap(self:acPkiPort, system:acPkiPort);
       f_disconnect4SelfOrClientSync();
     } // End of function f_cfDown
     
@@ -239,6 +241,8 @@ module LibItsPki_Functions {
     
     function f_build_pki_secured_message(
                                          in Oct32 p_private_key,
+                                         in SignerIdentifier p_signer_identifier,
+                                         in HashedId8 p_recipientId,
                                          in Oct32 p_publicKeyCompressed,
                                          in integer p_compressedMode,
                                          in octetstring p_pki_message, 
@@ -253,26 +257,33 @@ module LibItsPki_Functions {
       var Oct12 v_nonce;
       var Oct16 v_authentication_vector;
       var Oct16 v_encrypted_sym_key;
+      var HashedId8 v_recipientId;
       var Oct32 v_publicEphemeralKeyCompressed;
       var integer v_ephemeralKeyModeCompressed;
-      var HashedId8 v_recipientId;
       var octetstring v_encrypted_inner_ec_request;
       
-      // Signed the encoded InnerEcRequestSignedForPop
+      // Signed the encoded PKI message
       v_tbs := m_toBeSignedData(
                                 m_signedDataPayload(
                                                     m_etsiTs103097Data_unsecured(p_pki_message)
                                                    ),
                                 m_headerInfo_inner_ec_request(12345, f_getCurrentTime()) // TODO Use PIXIT
                                );
-      // Signed the encoded InnerEcRequestSignedForPop
-      v_tbs_signed := fx_signWithEcdsaNistp256WithSha256(bit2oct(encvalue(v_tbs)), int2oct(0, 32), p_private_key); // TODO Use wrapping function
-      // Finalyse signed InnerEcRequestSignedForPop
+      if (ischosen(p_signer_identifier.self_)) {
+        v_tbs_signed := f_signWithEcdsaNistp256WithSha256(bit2oct(encvalue(v_tbs)), int2oct(0, 32), p_private_key);
+      } else {
+        var charstring v_certificate_id;
+        var octetstring v_hash;
+        fx_readCertificateFromDigest(p_signer_identifier.digest, v_certificate_id); // TODO Add a wrapper function
+        f_getCertificateHash(v_certificate_id, v_hash);
+        v_tbs_signed := f_signWithEcdsaNistp256WithSha256(bit2oct(encvalue(v_tbs)), v_hash, p_private_key);
+      }
+      // Add the signature and create EtsiTs103097Data-Signed data structure
       v_ieee1609dot2_signed_data := m_etsiTs103097Data_signed(
                                                               m_signedData(
                                                                            sha256,
                                                                            v_tbs,
-                                                                           m_signerIdentifier_self, // TODO ETSI TS 102 941 Clause 6.2.3.2.1 bullet 5 dash 3: Using disgest of EC if non canonical indentifier
+                                                                           p_signer_identifier,
                                                                            m_signature_ecdsaNistP256(
                                                                                                      m_ecdsaP256Signature(
                                                                                                                           m_eccP256CurvePoint_x_only(
@@ -283,11 +294,19 @@ module LibItsPki_Functions {
                                                                                                      )
                                                                            )
                                                       );
-      // Encode InnerEcRequestSignedForPop
+      // Encode EtsiTs103097Data-Signed data structure
       v_encoded_inner_ec_request := bit2oct(encvalue(v_ieee1609dot2_signed_data));
-      // Encrypt the encoded signed InnerEcRequestSignedForPop
+      // Encrypt encode EtsiTs103097Data-Signed data structure
       v_encrypted_inner_ec_request := f_encryptWithEciesNistp256WithSha256(v_encoded_inner_ec_request, p_publicKeyCompressed, p_compressedMode, v_publicEphemeralKeyCompressed, v_ephemeralKeyModeCompressed, v_encrypted_sym_key, v_authentication_vector, v_nonce);
-      v_recipientId := f_HashedId8FromSha256(f_hashWithSha256(v_encrypted_inner_ec_request)); // IEEE Std 1609.2a-2017 Clause 6.3.34 PKRecipientInfo
+      log("p_recipientId=", p_recipientId);
+      if (p_recipientId == int2oct(0, 8)) {
+        log("v_encrypted_sym_key=", v_encrypted_sym_key);
+        log("f_hashWithSha256(v_encrypted_sym_key=", f_hashWithSha256(v_encrypted_sym_key));
+        v_recipientId := f_HashedId8FromSha256(f_hashWithSha256(v_encrypted_sym_key));
+      } else {
+        v_recipientId := p_recipientId;
+      }
+      log("v_recipientId=", v_recipientId);
       // Fill Certificate template with the public compressed keys (canonical form)
       if (v_ephemeralKeyModeCompressed == 0) {
         v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_publicEphemeralKeyCompressed));

ttcn/Pki/LibItsPki_TestSystem.ttcn

@@ -43,17 +43,17 @@ module LibItsPki_TestSystem {
   /**
    * @desc Adapter control port
    */
-  //  type port AdapterControlPort message {
-  //    out AcPkiPrimitive;
-  //    in AcPkiResponse;
-  //  } // End of AdapterControlPort
+  type port AdapterControlPkiPort message {
+    out AcPkiPrimitive;
+    in AcPkiResponse;
+  } // End of AdapterControlPkiPort
   
   type port PkiPort message {
     inout InnerEcRequest, InnerEcResponse;
   }
   
   type component ItsPkiSystem {
-    //    port LibItsPki_TestSystem.AdapterControlPort acPkiPort;
+    port AdapterControlPkiPort acPkiPort;
     port PkiPort pkiPort;
   } // End of component ItsPkiSystem
   
@@ -64,7 +64,7 @@ module LibItsPki_TestSystem {
   } // End of component ItsPkiItssSystem
   
   type component ItsPki extends ItsSecurityBaseComponent, ItsBaseMtc {
-    //    port LibItsPki_TestSystem.AdapterControlPort acPkiPort;
+    port AdapterControlPkiPort acPkiPort;
     port PkiPort pkiPort;
     
     var Certificate vc_eaCertificate;       /** Test Adapter EA certificate */
@@ -75,8 +75,8 @@ module LibItsPki_TestSystem {
   } // End of component ItsPki
   
   type component ItsPkiItss extends ItsGeoNetworking {
+    port AdapterControlPkiPort acPkiPort;
     port PkiPort pkiPort;
-    //    port LibItsPki_TestSystem.AdapterControlPort acPkiPort;
   } // End of component ItsPkiItss
   
 } // End of module LibItsPki_TestSystem 

ttcn/Pki/LibItsPki_TypesAndValues.ttcn

@@ -26,6 +26,8 @@ module LibItsPki_TypesAndValues {
      */
     type union AcPkiResponse {
       boolean     result
+    } with {
+      variant ""
     }
     
     type record AcSetSecurityData {