Change requestHash calculation as specified in CMS-ITS 6 ERRATA (4be38c82) · Commits · TTCN-3 Libraries / LibIts

ttcn/Pki/LibItsPki_Functions.ttcn

+134 −39

Original line number	Diff line number	Diff line
		@@ -274,13 +274,13 @@ module LibItsPki_Functions {
		log("*** f_http_build_inner_ec_request: First enrolment: ", PX_FIRST_ENROLMENT);
		p_salt := vc_eaWholeHash;
		if (PX_FIRST_ENROLMENT == true) { // This is the first enrolment, we used Factory keys
		v_ret_code := f_build_pki_secured_request_message(PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY, valueof(m_signerIdentifier_self), vc_eaHashedId8/recipientId/, v_public_enc_key, v_compressed_enc_key_mode, p_salt, bit2oct(encvalue(m_etsiTs102941Data_inner_ec_request_signed_for_pop(v_inner_ec_request_signed_for_pop))), p_ieee1609dot2_signed_and_encrypted_data, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce, p_request_hash);
		v_ret_code := f_build_pki_secured_request_message_signed_with_pop(PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY, valueof(m_signerIdentifier_self), vc_eaHashedId8/recipientId/, v_public_enc_key, v_compressed_enc_key_mode, p_salt, bit2oct(encvalue(m_etsiTs102941Data_inner_ec_request_signed_for_pop(v_inner_ec_request_signed_for_pop))), p_ieee1609dot2_signed_and_encrypted_data, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce, p_request_hash);
		} else { // We use last valid EC certificate
		var Oct32 v_ec_private_key;
		var HashedId8 v_ec_hashed_id8;
		// Retrieve EC certificate from the first enrolment
		// TODO Set v_ec_private_key & v_ec_hashed_id8
		v_ret_code := f_build_pki_secured_request_message(v_ec_private_key, valueof(m_signerIdentifier_digest(v_ec_hashed_id8)), v_ec_hashed_id8/recipientId/, v_public_enc_key, v_compressed_enc_key_mode, p_salt, bit2oct(encvalue(m_etsiTs102941Data_inner_ec_request_signed_for_pop(v_inner_ec_request_signed_for_pop))), p_ieee1609dot2_signed_and_encrypted_data, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce, p_request_hash);
		v_ret_code := f_build_pki_secured_request_message_signed_with_pop(v_ec_private_key, valueof(m_signerIdentifier_digest(v_ec_hashed_id8)), v_ec_hashed_id8/recipientId/, v_public_enc_key, v_compressed_enc_key_mode, p_salt, bit2oct(encvalue(m_etsiTs102941Data_inner_ec_request_signed_for_pop(v_inner_ec_request_signed_for_pop))), p_ieee1609dot2_signed_and_encrypted_data, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce, p_request_hash);
		}
		if (v_ret_code == false) {
		log("* f_http_build_inner_ec_request: ERROR: Failed to generate InnerEcRequestSignedForPop *");
		@@ -334,13 +334,13 @@ module LibItsPki_Functions {
		log("*** f_http_build_inner_ec_request: Public encryption key comp: ", v_compressed_enc_key_mode);
		p_salt := vc_eaWholeHash;
		if (PX_FIRST_ENROLMENT == true) { // This is the first enrolment, we used Factory keys
		v_ret_code := f_build_pki_secured_request_message(PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY, valueof(m_signerIdentifier_self), vc_eaHashedId8/recipientId/, v_public_enc_key, v_compressed_enc_key_mode, p_salt, bit2oct(encvalue(m_etsiTs102941Data_inner_ec_request_signed_for_pop(v_inner_ec_request_signed_for_pop))), p_ieee1609dot2_signed_and_encrypted_data, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce, p_request_hash);
		v_ret_code := f_build_pki_secured_request_message_signed_with_pop(PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY, valueof(m_signerIdentifier_self), vc_eaHashedId8/recipientId/, v_public_enc_key, v_compressed_enc_key_mode, p_salt, bit2oct(encvalue(m_etsiTs102941Data_inner_ec_request_signed_for_pop(v_inner_ec_request_signed_for_pop))), p_ieee1609dot2_signed_and_encrypted_data, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce, p_request_hash);
		} else { // We use last valid EC certificate
		var Oct32 v_ec_private_key;
		var HashedId8 v_ec_hashed_id8;
		// Retrieve EC certificate from the first enrolment
		// TODO Set v_ec_private_key & v_ec_hashed_id8
		v_ret_code := f_build_pki_secured_request_message(v_ec_private_key, valueof(m_signerIdentifier_digest(v_ec_hashed_id8)), v_ec_hashed_id8/recipientId/, v_public_enc_key, v_compressed_enc_key_mode, p_salt, bit2oct(encvalue(m_etsiTs102941Data_inner_ec_request_signed_for_pop(v_inner_ec_request_signed_for_pop))), p_ieee1609dot2_signed_and_encrypted_data, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce, p_request_hash);
		v_ret_code := f_build_pki_secured_request_message_signed_with_pop(v_ec_private_key, valueof(m_signerIdentifier_digest(v_ec_hashed_id8)), v_ec_hashed_id8/recipientId/, v_public_enc_key, v_compressed_enc_key_mode, p_salt, bit2oct(encvalue(m_etsiTs102941Data_inner_ec_request_signed_for_pop(v_inner_ec_request_signed_for_pop))), p_ieee1609dot2_signed_and_encrypted_data, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce, p_request_hash);
		}
		if (v_ret_code == false) {
		log("* f_http_build_invalid_enrolment_request: ERROR: Failed to generate InnerEcRequestSignedForPop *");
		@@ -400,10 +400,6 @@ module LibItsPki_Functions {
		}
		log("v_inner_at_request= ", v_inner_at_request);

		if (PX_AUTHORIZATION_REQUEST_WITH_POP) {
		// TODO Set Ieee1609Dot2Data p_inner_at_request_data
		} // else TODO Check what to do

		// Secure InnerAtRequest message
		if (f_extract_enc_key(vc_aaCertificate, v_public_enc_key, v_compressed_enc_key_mode) == false) {
		log("* f_http_build_inner_ec_request: ERROR: Non canonical AA certificate *");
		@@ -418,10 +414,18 @@ module LibItsPki_Functions {
		log("*** f_http_build_authorization_request: First enrolment: ", PX_FIRST_ENROLMENT);
		p_salt := vc_aaWholeHash;
		log("*** f_http_build_authorization_request: p_salt: ", p_salt);
		if(f_build_pki_secured_request_message(PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY, valueof(m_signerIdentifier_self), vc_aaHashedId8/recipientId/, v_public_enc_key, v_compressed_enc_key_mode, p_salt, bit2oct(encvalue(m_etsiTs102941Data_authorization_request(v_inner_at_request))), p_ieee1609dot2_signed_and_encrypted_data, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce, p_request_hash) == false) {
		if (PX_AUTHORIZATION_REQUEST_WITH_POP) {
		if(f_build_pki_secured_request_message_signed_with_pop(PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY, valueof(m_signerIdentifier_self), vc_aaHashedId8/recipientId/, v_public_enc_key, v_compressed_enc_key_mode, p_salt, bit2oct(encvalue(m_etsiTs102941Data_authorization_request(v_inner_at_request))), p_ieee1609dot2_signed_and_encrypted_data, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce, p_request_hash) == false) {
		log("* f_http_build_authorization_request: ERROR: Failed to generate Authorization Request *");
		f_selfOrClientSyncAndVerdict("error", e_error);
		}
		} else { // Only encryption of EtsiTs102941Data/InnerAtRequest
		log("*** f_http_build_authorization_request: POP signature not applied");
		if(f_build_pki_secured_request_message(vc_aaHashedId8/recipientId/, v_public_enc_key, v_compressed_enc_key_mode, p_salt, bit2oct(encvalue(m_etsiTs102941Data_authorization_request(v_inner_at_request))), p_ieee1609dot2_signed_and_encrypted_data, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce, p_request_hash) == false) {
		log("* f_http_build_authorization_request: ERROR: Failed to generate Authorization Request *");
		f_selfOrClientSyncAndVerdict("error", e_error);
		}
		}
		log("*** f_http_build_authorization_request: DEBUG: p_ieee1609dot2_signed_and_encrypted_data= ", p_ieee1609dot2_signed_and_encrypted_data);
		log("*** f_http_build_authorization_request: DEBUG: p_request_hash= ", p_request_hash);
		} // End of function f_http_build_authorization_request
		@@ -457,7 +461,7 @@ module LibItsPki_Functions {
		**/
		log("* f_http_build_inner_ec_request: ERROR: Need to add TestSystem variable vc_aa *");
		f_selfOrClientSyncAndVerdict("error", e_error);
		/* if (f_build_pki_secured_request_message(vc_aaPrivateKey, valueof(m_signerIdentifier_digest(vc_aaHashedId8)), vc_eaHashedId8/\recipientId\/, v_public_enc_key, v_compressed_enc_key_mode, vc_eaWholeHash, bit2oct(encvalue(m_etsiTs102941Data_authorization_validation_request(v_authorization_validation_request))), p_ieee1609dot2_signed_and_encrypted_data, p_request_hash) == false) { */
		/* if (f_build_pki_secured_request_message_signed_with_pop(vc_aaPrivateKey, valueof(m_signerIdentifier_digest(vc_aaHashedId8)), vc_eaHashedId8/\recipientId\/, v_public_enc_key, v_compressed_enc_key_mode, vc_eaWholeHash, bit2oct(encvalue(m_etsiTs102941Data_authorization_validation_request(v_authorization_validation_request))), p_ieee1609dot2_signed_and_encrypted_data, p_request_hash) == false) { */
		/* log("* f_http_build_authorization_validation_request: ERROR: Failed to generate InnerEcRequestSignedForPop "); /
		/* f_selfOrClientSyncAndVerdict("error", e_error); */
		/* } */
		@@ -833,7 +837,7 @@ module LibItsPki_Functions {
		var Oct16 v_encrypted_sym_key;
		var HashedId8 v_recipientId;
		var octetstring v_public_compressed_ephemeral_key;
		var integer v_ephemeralKeyModeCompressed;
		var integer v_public_compressed_ephemeral_mode;
		var octetstring v_enc_signed_ec_signature;

		// Use EA certificate for the encryption
		@@ -846,11 +850,11 @@ module LibItsPki_Functions {
		} else {
		return false;
		}
		v_enc_signed_ec_signature := f_encryptWithEciesNistp256WithSha256(bit2oct(encvalue(v_signed_ec_signature)), v_public_enc_key, v_compressed_mode, ''O, v_public_compressed_ephemeral_key, v_ephemeralKeyModeCompressed, v_aes_sym_key, v_encrypted_sym_key, v_authentication_vector, v_nonce, PICS_SEC_FIXED_KEYS);
		v_enc_signed_ec_signature := f_encryptWithEciesNistp256WithSha256(bit2oct(encvalue(v_signed_ec_signature)), v_public_enc_key, v_compressed_mode, ''O, v_public_compressed_ephemeral_key, v_public_compressed_ephemeral_mode, v_aes_sym_key, v_encrypted_sym_key, v_authentication_vector, v_nonce, PICS_SEC_FIXED_KEYS);
		v_recipientId := p_ea_hashed_id8; // RecipientId is the HashedId8 of the EA certificate
		log("v_recipientId= ", v_recipientId);
		// Fill Certificate template with the public compressed keys (canonical form)
		if (v_ephemeralKeyModeCompressed == 0) {
		if (v_public_compressed_ephemeral_mode == 0) {
		v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_public_compressed_ephemeral_key));
		} else {
		v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_public_compressed_ephemeral_key));
		@@ -1032,7 +1036,7 @@ module LibItsPki_Functions {
		* @param p_ieee1609dot2_signed_and_encrypted_data The secured message
		* @return true on success, false otherwise
		*/
		function f_build_pki_secured_request_message(
		function f_build_pki_secured_request_message_signed_with_pop(
		in octetstring p_private_key,
		in SignerIdentifier p_signer_identifier,
		in HashedId8 p_recipientId,
		@@ -1052,12 +1056,21 @@ module LibItsPki_Functions {
		var template (value) ToBeSignedData v_tbs;
		var octetstring v_tbs_signed;
		var template (value) Ieee1609Dot2Data v_ieee1609dot2_signed_data;
		var octetstring v_encoded_inner_ec_request;
		var octetstring v_encoded_request;
		var HashedId8 v_recipientId;
		var octetstring v_public_compressed_ephemeral_key;
		var integer v_ephemeralKeyModeCompressed;
		var octetstring v_encrypted_inner_ec_request;
		var integer v_public_compressed_ephemeral_mode;
		var octetstring v_encrypted_request;

		log(">>> f_build_pki_secured_request_message_signed_with_pop");

		// The 'p_request_hash' shall be the SHA256 digest of the OER representation of the topmost EtsiTs103097Data-Encoded structure
		if (PICS_SEC_FIXED_KEYS) {
		p_request_hash := '10ED97A2F2933DD3AC55F47022D125E18F5E1AA024613E616A75BA4979EFE318'O;
		} else {
		p_request_hash := f_hashWithSha256(p_pki_message);
		log("p_request_hash= ", p_request_hash);
		}
		// Signed the encoded PKI message
		v_tbs := m_toBeSignedData(
		m_signedDataPayload(
		@@ -1091,19 +1104,101 @@ module LibItsPki_Functions {
		)
		);
		// Encode EtsiTs103097Data-Signed data structure
		v_encoded_inner_ec_request := bit2oct(encvalue(v_ieee1609dot2_signed_data));
		// Calculate the SHA256 of v_encoded_inner_ec_request
		v_encoded_request := bit2oct(encvalue(v_ieee1609dot2_signed_data));
		// Encrypt encode EtsiTs103097Data-Signed data structure
		if (PICS_SEC_FIXED_KEYS) {
		p_salt := '77C0637C3558B3238FDE1EEC376DA080BE4076FB8491CA0F8C19FD34DF298CEB'O;
		}
		v_encrypted_request := f_encryptWithEciesNistp256WithSha256(v_encoded_request, p_public_key_compressed, p_compressed_mode, p_salt, v_public_compressed_ephemeral_key, v_public_compressed_ephemeral_mode, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce, PICS_SEC_FIXED_KEYS);
		log("p_aes_sym_key= ", p_aes_sym_key);
		log("p_encrypted_sym_key= ", p_encrypted_sym_key);
		log("p_authentication_vector= ", p_authentication_vector);
		log("p_nonce= ", p_nonce);
		log("p_recipientId= ", p_recipientId);
		if (p_recipientId == int2oct(0, 8)) {
		log("f_hashWithSha256(v_encrypted_sym_key)= ", f_hashWithSha256(p_encrypted_sym_key));
		v_recipientId := f_HashedId8FromSha256(f_hashWithSha256(p_encrypted_sym_key));
		} else {
		v_recipientId := p_recipientId;
		}
		log("v_recipientId= ", v_recipientId);
		// Fill Certificate template with the public compressed keys (canonical form)
		if (v_public_compressed_ephemeral_mode == 0) {
		v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_public_compressed_ephemeral_key));
		} else {
		v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_public_compressed_ephemeral_key));
		}
		p_ieee1609dot2_signed_and_encrypted_data := valueof(
		m_etsiTs103097Data_encrypted(
		m_encryptedData(
		{
		m_recipientInfo_signedDataRecipInfo(
		m_pKRecipientInfo(
		v_recipientId,
		m_encryptedDataEncryptionKey_eciesNistP256(
		m_evciesP256EncryptedKey(
		v_eccP256_curve_point,
		p_encrypted_sym_key,
		p_authentication_vector
		))))
		},
		m_SymmetricCiphertext_aes128ccm(
		m_aesCcmCiphertext(
		p_nonce,
		v_encrypted_request
		)
		)
		)
		)
		);

		return true;
		} // End of function f_build_pki_secured_request_message_signed_with_pop

		/**
		* @desc Build a signed and encrypted PKI request message without POP with signature
		* @param p_recipientId Recipient identifier to be inclued in encrypted layer.
		* If value is int2oct(0. 8), the recipient id is the HashedId8 of the symmetric key used by the sender to encrypt the message to which the response is built
		* @param p_public_key_compressed The public compressed key (canonical form) for encryption
		* @param p_compressed_mode The compressed mode of the public compressed key (canonical form) for encryption
		* @param p_pki_message The PKI message to be secured
		* @param p_ieee1609dot2_signed_and_encrypted_data The secured message
		* @return true on success, false otherwise
		*/
		function f_build_pki_secured_request_message(
		in HashedId8 p_recipientId,
		in octetstring p_public_key_compressed,
		in integer p_compressed_mode,
		in octetstring p_salt,
		in octetstring p_pki_message,
		out Ieee1609Dot2Data p_ieee1609dot2_signed_and_encrypted_data,
		out Oct16 p_aes_sym_key,
		out Oct16 p_encrypted_sym_key,
		out Oct16 p_authentication_vector,
		out Oct12 p_nonce,
		out Oct32 p_request_hash
		) return boolean {
		// Local variables
		var template (value) EccP256CurvePoint v_eccP256_curve_point;
		var HashedId8 v_recipientId;
		var octetstring v_public_compressed_ephemeral_key;
		var integer v_public_compressed_ephemeral_mode;
		var octetstring v_encrypted_request;

		log(">>> f_build_pki_secured_request_message");

		// The 'p_request_hash' shall be the SHA256 digest of the OER representation of the topmost EtsiTs103097Data-Encoded structure
		if (PICS_SEC_FIXED_KEYS) {
		p_request_hash := '10ED97A2F2933DD3AC55F47022D125E18F5E1AA024613E616A75BA4979EFE318'O;
		} else {
		p_request_hash := f_hashWithSha256(v_encoded_inner_ec_request);
		p_request_hash := f_hashWithSha256(p_pki_message);
		log("p_request_hash= ", p_request_hash);
		}
		// Encrypt encode EtsiTs103097Data-Signed data structure
		if (PICS_SEC_FIXED_KEYS) {
		p_salt := '77C0637C3558B3238FDE1EEC376DA080BE4076FB8491CA0F8C19FD34DF298CEB'O;
		}
		v_encrypted_inner_ec_request := f_encryptWithEciesNistp256WithSha256(v_encoded_inner_ec_request, p_public_key_compressed, p_compressed_mode, p_salt, v_public_compressed_ephemeral_key, v_ephemeralKeyModeCompressed, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce, PICS_SEC_FIXED_KEYS);
		v_encrypted_request := f_encryptWithEciesNistp256WithSha256(p_pki_message, p_public_key_compressed, p_compressed_mode, p_salt, v_public_compressed_ephemeral_key, v_public_compressed_ephemeral_mode, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce, PICS_SEC_FIXED_KEYS);
		log("p_aes_sym_key= ", p_aes_sym_key);
		log("p_encrypted_sym_key= ", p_encrypted_sym_key);
		log("p_authentication_vector= ", p_authentication_vector);
		@@ -1117,7 +1212,7 @@ module LibItsPki_Functions {
		}
		log("v_recipientId= ", v_recipientId);
		// Fill Certificate template with the public compressed keys (canonical form)
		if (v_ephemeralKeyModeCompressed == 0) {
		if (v_public_compressed_ephemeral_mode == 0) {
		v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_public_compressed_ephemeral_key));
		} else {
		v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_public_compressed_ephemeral_key));
		@@ -1139,7 +1234,7 @@ module LibItsPki_Functions {
		m_SymmetricCiphertext_aes128ccm(
		m_aesCcmCiphertext(
		p_nonce,
		v_encrypted_inner_ec_request
		v_encrypted_request
		)
		)
		)

Admin message