AtsPki validation: minor bugs fixed (419abe76) · Commits · TTCN-3 Libraries / LibIts

ttcn/Pki/LibItsPki_EncdecDeclarations.ttcn

+7 −0

Original line number	Original line	Diff line number	Diff line
	@@ -17,6 +17,13 @@ module LibItsPki_EncdecDeclarations {
	external function fx_dec_EtsiTs102941Data(inout bitstring b, out EtsiTs102941MessagesCa.EtsiTs102941Data p_etsi_ts_102941_data)return integer		external function fx_dec_EtsiTs102941Data(inout bitstring b, out EtsiTs102941MessagesCa.EtsiTs102941Data p_etsi_ts_102941_data)return integer
	with {extension "prototype(sliding) decode(PER)"}		with {extension "prototype(sliding) decode(PER)"}

			external function fx_enc_EtsiTs102941DataContent(in EtsiTs102941MessagesCa.EtsiTs102941DataContent p_etsi_ts_102941_data) return bitstring
			with {extension "prototype(convert) encode(PER)"}


			external function fx_dec_EtsiTs102941DataContent(inout bitstring b, out EtsiTs102941MessagesCa.EtsiTs102941DataContent p_etsi_ts_102941_data)return integer
			with {extension "prototype(sliding) decode(PER)"}

	/**		/**
	* @desc Encoding function for EtsiTs102941TypesEnrolment InnerEcRequest		* @desc Encoding function for EtsiTs102941TypesEnrolment InnerEcRequest
	* @param p The certificate to encode		* @param p The certificate to encode

ttcn/Pki/LibItsPki_Functions.ttcn

+17 −12

Original line number	Original line	Diff line number	Diff line
	@@ -317,7 +317,10 @@ module LibItsPki_Functions {
	f_selfOrClientSyncAndVerdict("error", e_error);		f_selfOrClientSyncAndVerdict("error", e_error);
	}		}
	// Secure InnerEcRequestSignedForPoP message		// Secure InnerEcRequestSignedForPoP message
			log("v_inner_ec_request_signed_for_pop= ", v_inner_ec_request_signed_for_pop);
	v_inner_ec_request_signed_for_pop_msg := encvalue(m_etsiTs102941Data_inner_ec_request_signed_for_pop(v_inner_ec_request_signed_for_pop));		v_inner_ec_request_signed_for_pop_msg := encvalue(m_etsiTs102941Data_inner_ec_request_signed_for_pop(v_inner_ec_request_signed_for_pop));
			log("v_inner_ec_request_signed_for_pop_msg= ", v_inner_ec_request_signed_for_pop_msg);

	// Prepare for getting the 16 most bytes of SHA256 of InnerEcRequestSignedForPop		// Prepare for getting the 16 most bytes of SHA256 of InnerEcRequestSignedForPop
	p_hash_inner_ec_request_signed_for_pop := f_hashWithSha256(bit2oct(v_inner_ec_request_signed_for_pop_msg));		p_hash_inner_ec_request_signed_for_pop := f_hashWithSha256(bit2oct(v_inner_ec_request_signed_for_pop_msg));
	// Secure the Pki message		// Secure the Pki message
	@@ -591,8 +594,8 @@ module LibItsPki_Functions {
	valueof(m_appPermissions(37, { bitmapSsp := '830001'O })) // TODO Use PIXIT		valueof(m_appPermissions(37, { bitmapSsp := '830001'O })) // TODO Use PIXIT
	},		},
	m_validityPeriod(		m_validityPeriod(
	17469212,		f_getCurrentTime() / 1000,
	m_duration_years(10) // TODO Use PIXIT		m_duration_years(1) // TODO Use PIXIT
	),		),
	m_geographicRegion_identifiedRegion(		m_geographicRegion_identifiedRegion(
	{		{
	@@ -1092,7 +1095,7 @@ module LibItsPki_Functions {
	// in Oct12 p_nonce, // TODO Tobe removed		// in Oct12 p_nonce, // TODO Tobe removed
	// in octetstring p_salt,		// in octetstring p_salt,
	in octetstring p_issuer,		in octetstring p_issuer,
	in Certificate p_certificate, // TODO Perhaps the peer certificate will be required for signature		in Certificate p_certificate, // TODO Tobe removed
	in Ieee1609Dot2Data p_ieee1609dot2_encrypted_and_signed_data,		in Ieee1609Dot2Data p_ieee1609dot2_encrypted_and_signed_data,
	in boolean p_check_security := true,		in boolean p_check_security := true,
	out EtsiTs102941Data p_etsi_ts_102941_data		out EtsiTs102941Data p_etsi_ts_102941_data
	@@ -1102,19 +1105,15 @@ module LibItsPki_Functions {
	var integer v_compressed_enc_key_mode;		var integer v_compressed_enc_key_mode;
	var octetstring v_plain_message;		var octetstring v_plain_message;
	var Ieee1609Dot2Data v_ieee1609dot2_signed_data;		var Ieee1609Dot2Data v_ieee1609dot2_signed_data;
			var Certificate v_certificate;
	var bitstring v_etsi_ts_102941_data_msg;		var bitstring v_etsi_ts_102941_data_msg;
	var bitstring v_tbs;		var bitstring v_tbs;
	var boolean v_ret;		var boolean v_ret;

	//var octetstring v_cyphered_text;
	var Oct16 v_authentication_vector;

	log(">>> f_verify_pki_message: p_private_enc_key= ", p_private_enc_key);		log(">>> f_verify_pki_message: p_private_enc_key= ", p_private_enc_key);
	//log(">>> f_verify_pki_message: p_publicEphemeralCompressedKey= ", p_publicEphemeralCompressedKey);
	log(">>> f_verify_pki_message: p_aes_sym_key=", p_aes_sym_key);		log(">>> f_verify_pki_message: p_aes_sym_key=", p_aes_sym_key);
	log(">>> f_verify_pki_message: p_authentication_vector=", p_authentication_vector);		log(">>> f_verify_pki_message: p_authentication_vector=", p_authentication_vector);
	log(">>> f_verify_pki_message: p_issuer=", p_issuer);		log(">>> f_verify_pki_message: p_issuer=", p_issuer);
	//log(">>> f_verify_pki_message: p_salt=", p_salt);

	// TODO Check p_ieee1609dot2_encrypted_and_signed_data.content.encryptedData.recipients[0].pskRecipInfo. See IEEE Std 1609.2-2017 Clause 6.3.34 PreSharedKeyRecipientInfo		// TODO Check p_ieee1609dot2_encrypted_and_signed_data.content.encryptedData.recipients[0].pskRecipInfo. See IEEE Std 1609.2-2017 Clause 6.3.34 PreSharedKeyRecipientInfo

	@@ -1137,26 +1136,32 @@ module LibItsPki_Functions {
	// 3. Check the signature		// 3. Check the signature
	log("v_ieee1609dot2_signed_data.content.signedData.tbsData= ", v_ieee1609dot2_signed_data.content.signedData.tbsData);		log("v_ieee1609dot2_signed_data.content.signedData.tbsData= ", v_ieee1609dot2_signed_data.content.signedData.tbsData);
	v_tbs := encvalue(v_ieee1609dot2_signed_data.content.signedData.tbsData);		v_tbs := encvalue(v_ieee1609dot2_signed_data.content.signedData.tbsData);
	/*if (ischosen(p_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.compressed_y_0)) {		if (f_getCertificateFromDigest(v_ieee1609dot2_signed_data.content.signedData.signer.digest, v_certificate) == false) {
			if (p_check_security == true) {
			return false;
			}
			}
			log("v_certificate= ", v_certificate);
			if (ischosen(v_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.compressed_y_0)) {
	v_ret := f_verifyWithEcdsaNistp256WithSha256(		v_ret := f_verifyWithEcdsaNistp256WithSha256(
	bit2oct(v_tbs),		bit2oct(v_tbs),
	p_issuer,		p_issuer,
	v_ieee1609dot2_signed_data.content.signedData.signature_.ecdsaNistP256Signature.rSig.x_only & v_ieee1609dot2_signed_data.content.signedData.signature_.ecdsaNistP256Signature.sSig,		v_ieee1609dot2_signed_data.content.signedData.signature_.ecdsaNistP256Signature.rSig.x_only & v_ieee1609dot2_signed_data.content.signedData.signature_.ecdsaNistP256Signature.sSig,
	p_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.compressed_y_0, // TODO Use the signer digest to get the EA certificate		v_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.compressed_y_0,
	0);		0);
	} else {		} else {
	v_ret := f_verifyWithEcdsaNistp256WithSha256(		v_ret := f_verifyWithEcdsaNistp256WithSha256(
	bit2oct(v_tbs),		bit2oct(v_tbs),
	p_issuer,		p_issuer,
	v_ieee1609dot2_signed_data.content.signedData.signature_.ecdsaNistP256Signature.rSig.x_only & v_ieee1609dot2_signed_data.content.signedData.signature_.ecdsaNistP256Signature.sSig,		v_ieee1609dot2_signed_data.content.signedData.signature_.ecdsaNistP256Signature.rSig.x_only & v_ieee1609dot2_signed_data.content.signedData.signature_.ecdsaNistP256Signature.sSig,
	p_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.compressed_y_1, // TODO Use the signer digest to get the EA certificate		v_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256.compressed_y_1,
	1);		1);
	}		}
	if (v_ret == false) {		if (v_ret == false) {
	if (p_check_security == true) {		if (p_check_security == true) {
	return false;		return false;
	}		}
	}*/		}

	// 4. Return the PKI message		// 4. Return the PKI message
	log("v_ieee1609dot2_signed_data.content.signedData.tbsData.payload.data.content.unsecuredData= ", v_ieee1609dot2_signed_data.content.signedData.tbsData.payload.data.content.unsecuredData);		log("v_ieee1609dot2_signed_data.content.signedData.tbsData.payload.data.content.unsecuredData= ", v_ieee1609dot2_signed_data.content.signedData.tbsData.payload.data.content.unsecuredData);

Admin message