Loading ttcn/Security/LibItsSecurity_Functions.ttcn3 +128 −41 Original line number Diff line number Diff line Loading @@ -18,6 +18,7 @@ module LibItsSecurity_Functions { import from LibItsSecurity_TypesAndValues all; import from LibItsSecurity_Templates all; import from LibItsSecurity_Pixits all; import from LibItsSecurity_TestSystem all; group helpersFunctions { Loading @@ -37,10 +38,12 @@ module LibItsSecurity_Functions { * @param p_toBeSignedSecuredMessage The data to be signed * @return The signature value */ function f_signWithEcdsaNistp256WithSha256(in Oct32 p_toBeSignedSecuredMessage) return octetstring { function f_signWithEcdsaNistp256WithSha256( in Oct32 p_toBeSignedSecuredMessage ) runs on ItsSecurityBaseComponent return octetstring { return fx_signWithEcdsaNistp256WithSha256( p_toBeSignedSecuredMessage, PX_TA_CONFIGS[PX_CERTIFICATE_CONFIG_IDX].signingPrivateKey vc_signingPrivateKey ); } // End of function f_signWithEcdsaNistp256WithSha256 Loading Loading @@ -122,8 +125,9 @@ module LibItsSecurity_Functions { /** * @desc Build a template of a secured beacon to be used for the Test Adapter secured beaconing processing */ function f_buildSecuredMessagePayloadToBeSigned(in boolean p_includeCertificate := false) return ToBeSignedSecuredMessage { function f_buildSecuredMessagePayloadToBeSigned( in boolean p_includeCertificate := false ) runs on ItsSecurityBaseComponent return ToBeSignedSecuredMessage { // Local variables var template (value) ToBeSignedSecuredMessage v_toBeSignedSecuredMessage; Loading @@ -134,12 +138,12 @@ module LibItsSecurity_Functions { { // Field HeaderFields m_header_field_signer_info( m_signerInfo_certificate( PX_TA_CONFIGS[PX_CERTIFICATE_CONFIG_IDX].atCertificate vc_atCertificate ) // End of template m_signerInfo_certificate ), // End of template m_header_field_signer_info m_header_field_generation_time(oct2int('BBBBBBBB'O)), // To be replaced by TA with generation time m_header_field_generation_location( PX_TA_CONFIGS[PX_CERTIFICATE_CONFIG_IDX].location vc_location ) }, // End of field HeaderFields { Loading @@ -155,12 +159,12 @@ module LibItsSecurity_Functions { { // Field HeaderFields m_header_field_signer_info( m_signerInfo_digest( PX_TA_CONFIGS[PX_CERTIFICATE_CONFIG_IDX].atCertificate.signer_infos[0].signerInfo.digest vc_atCertificate.signer_infos[0].signerInfo.digest ) // End of template m_signerInfo_certificate ), // End of template m_header_field_signer_info m_header_field_generation_time(oct2int('BBBBBBBB'O)), // To be replaced by TA with generation time m_header_field_generation_location( PX_TA_CONFIGS[PX_CERTIFICATE_CONFIG_IDX].location vc_location ) }, // End of field HeaderFields { Loading @@ -179,9 +183,9 @@ module LibItsSecurity_Functions { * @desc This function build and sign the SecureMessage part covered by the signature process * @param p_securedMessage The signed SecureMessage part * @param p_unsecuredPayload The unsigned payload (e.g. a beacon) * @param p_threeDLocation The ThreeDLocation value * @param p_signerInfoType Add digest or AT certificate or certificate chain * @param p_headerFields Additional HeaderFields * @param p_certificateName The certificate identifier to be used. Default: TA_CONFIG_A * @return true on success, false otherwise * @verdict Unchanged */ Loading @@ -190,18 +194,27 @@ module LibItsSecurity_Functions { in octetstring p_unsecuredPayload, in template (omit) SignerInfoType p_signerInfoType := e_certificate_digest_with_ecdsap256, in template (omit) HeaderFields p_headerFields := omit, in UInt p_configId := PX_CERTIFICATE_CONFIG_IDX ) return boolean { in template (omit) charstring p_certificateName := omit ) runs on ItsSecurityBaseComponent return boolean { // Local variables var Certificate v_aaCertificate, v_atCertificate; var octetstring v_secPayload, v_signature; var Oct32 v_hash; var template (value) ToBeSignedSecuredMessage v_toBeSignedSecuredMessage; // Sanity check if (not(p_configId < lengthof(PX_TA_CONFIGS)) ) { if (ispresent(p_certificateName) and (p_certificateName != "TA_CONFIG_A")) { if (f_readCertificate(p_certificateName & ".AA_CERT", v_aaCertificate) == false) { return false; } if (f_readCertificate(p_certificateName & ".AT_CERT", v_atCertificate) == false) { return false; } } else { v_aaCertificate := vc_aaCertificate; v_atCertificate := vc_atCertificate; } // Create SecuredMessage payload to be signed if (p_signerInfoType == e_certificate) { // Add the AT certificate Loading @@ -210,7 +223,7 @@ module LibItsSecurity_Functions { { // Field HeaderFields m_header_field_signer_info( m_signerInfo_certificate( PX_TA_CONFIGS[p_configId].atCertificate v_atCertificate ) // End of template m_signerInfo_certificate ), // End of template m_header_field_signer_info m_header_field_generation_time(f_getCurrentTime()), Loading @@ -231,8 +244,8 @@ module LibItsSecurity_Functions { m_header_field_signer_info( m_signerInfo_certificates( { PX_TA_CONFIGS[p_configId].aaCertificate, PX_TA_CONFIGS[p_configId].atCertificate v_aaCertificate, v_atCertificate } ) // End of template m_signerInfo_certificate ), // End of template m_header_field_signer_info Loading @@ -253,7 +266,7 @@ module LibItsSecurity_Functions { { // Field HeaderFields m_header_field_signer_info( m_signerInfo_digest( PX_TA_CONFIGS[p_configId].atCertificate.signer_infos[0].signerInfo.digest v_atCertificate.signer_infos[0].signerInfo.digest ) // End of template m_signerInfo_digest ), // End of template m_header_field_digest m_header_field_generation_time(f_getCurrentTime()), Loading Loading @@ -329,7 +342,7 @@ module LibItsSecurity_Functions { in ThreeDLocation p_threeDLocation, in template (omit) boolean p_addCertificate := false, in template (omit) HeaderFields p_headerFields := omit ) return boolean { ) runs on ItsSecurityBaseComponent return boolean { // Local variables var octetstring v_secPayload, v_signature; Loading @@ -343,7 +356,7 @@ module LibItsSecurity_Functions { { // Field HeaderFields m_header_field_signer_info( m_signerInfo_certificate( PX_TA_CONFIGS[PX_CERTIFICATE_CONFIG_IDX].atCertificate vc_atCertificate ) // End of template m_signerInfo_certificate ), // End of template m_header_field_signer_info m_header_field_generation_time(f_getCurrentTime()), Loading @@ -365,7 +378,7 @@ module LibItsSecurity_Functions { { // Field HeaderFields m_header_field_signer_info( m_signerInfo_digest( PX_TA_CONFIGS[PX_CERTIFICATE_CONFIG_IDX].atCertificate.signer_infos[0].signerInfo.digest vc_atCertificate.signer_infos[0].signerInfo.digest ) // End of template m_signerInfo_digest ), // End of template m_header_field_digest m_header_field_generation_time(f_getCurrentTime()), Loading Loading @@ -440,7 +453,7 @@ module LibItsSecurity_Functions { in ThreeDLocation p_threeDLocation, in template (omit) boolean p_addCertificate := false, in template (omit) HeaderFields p_headerFields := omit ) return boolean { ) runs on ItsSecurityBaseComponent return boolean { // Local variables var octetstring v_secPayload, v_signature; Loading @@ -454,7 +467,7 @@ module LibItsSecurity_Functions { { // Field HeaderFields m_header_field_signer_info( m_signerInfo_certificate( PX_TA_CONFIGS[PX_CERTIFICATE_CONFIG_IDX].atCertificate vc_atCertificate ) // End of template m_signerInfo_certificate ), // End of template m_header_field_signer_info m_header_field_generation_time(f_getCurrentTime()), Loading @@ -475,7 +488,7 @@ module LibItsSecurity_Functions { { // Field HeaderFields m_header_field_signer_info( m_signerInfo_digest( PX_TA_CONFIGS[PX_CERTIFICATE_CONFIG_IDX].atCertificate.signer_infos[0].signerInfo.digest vc_atCertificate.signer_infos[0].signerInfo.digest ) // End of template m_signerInfo_digest ), // End of template m_header_field_digest m_header_field_generation_time(f_getCurrentTime()), Loading Loading @@ -744,31 +757,74 @@ module LibItsSecurity_Functions { group certificateGetters { /** * @desc Set the gneration location ase defined in Draft ETSI TS 103 097 V1.1.6 * @param p_latitude The latitude value * @param p_longitude The longitude value * @param p_elevation The elevation value * @verdict Unchanged */ function f_setGenerationLocation( in WGSLatitude p_latitude, in WGSLongitude p_longitude, in Oct2 p_elevation := '0000'O ) runs on ItsSecurityBaseComponent { vc_location := { p_latitude, p_longitude, p_elevation } } // End of function f_setGenerationLocation /** * @desc Load in memory cache the certificates available * @param p_rootDirectory Root directory to access to the certificates identified by the certificate ID * @param p_configId A configuration identifier * @remark This method SHALL be call before any usage of certificates * @return true on success, false otherwise */ function f_loadCertificates( in charstring p_rootDirectory ) return boolean { return fx_loadCertificates(p_rootDirectory); in charstring p_configId ) runs on ItsSecurityBaseComponent return boolean { var boolean v_result; // Setup certificates memory cache if (fx_loadCertificates(PX_ROOT_PATH_FOR_SECURITY, p_configId) == true) { // Setup security component variables f_readCertificate("TA_CONFIG_A.AA_CERT", vc_aaCertificate); f_readCertificate("TA_CONFIG_A.AT_CERT", vc_atCertificate); f_readPrivateKeys("TA_CONFIG_A.PRIVATE_KEYS", vc_signingPrivateKey, vc_encryptPrivateKey); return true; } return false; } // End of function f_loadCertificates /** * @desc Unload from memory cache the certificates available * @return true on success, false otherwise */ function f_unloadCertificates() runs on ItsSecurityBaseComponent return boolean { // Reset security component variables vc_signingPrivateKey := '0000000000000000000000000000000000000000000000000000000000000000'O; vc_encryptPrivateKey := '0000000000000000000000000000000000000000000000000000000000000000'O; // Clear certificates memory cache return fx_unloadCertificates(); } // End of function f_unloadCertificates /** * @desc Read the specified certificate * @param p_hashedId8 the certificate ID to read * @param p_certificate the exoected certificate * @param p_certificateId the certificate identifier * @param p_certificate the expected certificate * @return true on success, false otherwise */ function f_readCertificate( in HashedId8 p_hashedId8, in charstring p_certificateId, out Certificate p_certificate ) return boolean { ) runs on ItsSecurityBaseComponent return boolean { var octetstring v_certificate; if (fx_readCertificate(p_hashedId8, v_certificate) == true) { if (fx_readCertificate(p_certificateId, v_certificate) == true) { var integer v_result := decvalue(oct2bit(v_certificate), p_certificate); if (v_result == 0) { return true; Loading @@ -776,7 +832,22 @@ module LibItsSecurity_Functions { } return false; } } // End of function f_readCertificate /** * @desc Read the private keys for the specified certificate * @param p_keysId the keys identifier * @param p_signingPrivateKey the signing private key * @param p_encryptPrivateKey the encrypt private key * @return true on success, false otherwise */ function f_readPrivateKeys( in charstring p_keysId, out Oct32 p_signingPrivateKey, out Oct32 p_encryptPrivateKey ) runs on ItsSecurityBaseComponent return boolean { return fx_readPrivateKeys(p_keysId, p_signingPrivateKey, p_encryptPrivateKey); } // End of function f_readPrivateKeys function f_getCertificateValidityRestriction( in template (value) Certificate p_cert, Loading @@ -790,7 +861,7 @@ module LibItsSecurity_Functions { } } return false; } } // End of function f_getCertificateValidityRestriction function f_getCertificateSignerInfo ( in template (value) Certificate p_cert, Loading Loading @@ -870,20 +941,36 @@ module LibItsSecurity_Functions { group certificatesLoader { /** * @desc Load in memory cache the certificates available * @desc Load in memory cache the certificates available in the specified directory * @param p_rootDirectory Root directory to access to the certificates identified by the certificate ID * @param p_configId A configuration identifier * @remark This method SHALL be call before any usage of certificates * @return true on success, false otherwise */ external function fx_loadCertificates(in charstring p_rootDirectory) return boolean; external function fx_loadCertificates(in charstring p_rootDirectory, in charstring p_configId) return boolean; /** * @desc Unload from memory cache the certificates * @return true on success, false otherwise */ external function fx_unloadCertificates() return boolean; /** * @desc Read the specified certificate * @param p_hashedId8 the certificate ID to read * @param p_certificate the exoected certificate * @param p_certificateId the certificate identifier * @param p_certificate the expected certificate * @return true on success, false otherwise */ external function fx_readCertificate(in charstring p_certificateId, out octetstring p_certificate) return boolean; /** * @desc Read the private keys for the specified certificate * @param p_keysId the keys identifier * @param p_signingPrivateKey the signing private key * @param p_encryptPrivateKey the encrypt private key * @return true on success, false otherwise */ external function fx_readCertificate(in HashedId8 p_hashedId8, out octetstring p_certificate) return boolean; external function fx_readPrivateKeys(in charstring p_keysId, out Oct32 p_signingPrivateKey, out Oct32 p_encryptPrivateKey) return boolean; } // End of group certificatesLoader Loading ttcn/Security/LibItsSecurity_Pixits.ttcn3 +2 −547 File changed.Preview size limit exceeded, changes collapsed. Show changes ttcn/Security/LibItsSecurity_TestSystem.ttcn3 +28 −0 Original line number Diff line number Diff line Loading @@ -6,4 +6,32 @@ * */ module LibItsSecurity_TestSystem { // LibCommon import from LibCommon_DataStrings all; // LibItsSecurity import from LibItsSecurity_TypesAndValues all; group componentDefinitions { /** * @desc ITS Security Component */ type component ItsSecurityBaseComponent { // Certificates var Certificate vc_aaCertificate; var Certificate vc_atCertificate; // Private keys var Oct32 vc_signingPrivateKey; var Oct32 vc_encryptPrivateKey; var ThreeDLocation vc_location; } // End of ItsSecurityBaseComponent } // End of group componentDefinitions } // End of module LibItsSecurity_TestSystem No newline at end of file ttcn/Security/LibItsSecurity_Templates.ttcn3 +1 −1 File changed.Contains only whitespace changes. Show changes Loading
ttcn/Security/LibItsSecurity_Functions.ttcn3 +128 −41 Original line number Diff line number Diff line Loading @@ -18,6 +18,7 @@ module LibItsSecurity_Functions { import from LibItsSecurity_TypesAndValues all; import from LibItsSecurity_Templates all; import from LibItsSecurity_Pixits all; import from LibItsSecurity_TestSystem all; group helpersFunctions { Loading @@ -37,10 +38,12 @@ module LibItsSecurity_Functions { * @param p_toBeSignedSecuredMessage The data to be signed * @return The signature value */ function f_signWithEcdsaNistp256WithSha256(in Oct32 p_toBeSignedSecuredMessage) return octetstring { function f_signWithEcdsaNistp256WithSha256( in Oct32 p_toBeSignedSecuredMessage ) runs on ItsSecurityBaseComponent return octetstring { return fx_signWithEcdsaNistp256WithSha256( p_toBeSignedSecuredMessage, PX_TA_CONFIGS[PX_CERTIFICATE_CONFIG_IDX].signingPrivateKey vc_signingPrivateKey ); } // End of function f_signWithEcdsaNistp256WithSha256 Loading Loading @@ -122,8 +125,9 @@ module LibItsSecurity_Functions { /** * @desc Build a template of a secured beacon to be used for the Test Adapter secured beaconing processing */ function f_buildSecuredMessagePayloadToBeSigned(in boolean p_includeCertificate := false) return ToBeSignedSecuredMessage { function f_buildSecuredMessagePayloadToBeSigned( in boolean p_includeCertificate := false ) runs on ItsSecurityBaseComponent return ToBeSignedSecuredMessage { // Local variables var template (value) ToBeSignedSecuredMessage v_toBeSignedSecuredMessage; Loading @@ -134,12 +138,12 @@ module LibItsSecurity_Functions { { // Field HeaderFields m_header_field_signer_info( m_signerInfo_certificate( PX_TA_CONFIGS[PX_CERTIFICATE_CONFIG_IDX].atCertificate vc_atCertificate ) // End of template m_signerInfo_certificate ), // End of template m_header_field_signer_info m_header_field_generation_time(oct2int('BBBBBBBB'O)), // To be replaced by TA with generation time m_header_field_generation_location( PX_TA_CONFIGS[PX_CERTIFICATE_CONFIG_IDX].location vc_location ) }, // End of field HeaderFields { Loading @@ -155,12 +159,12 @@ module LibItsSecurity_Functions { { // Field HeaderFields m_header_field_signer_info( m_signerInfo_digest( PX_TA_CONFIGS[PX_CERTIFICATE_CONFIG_IDX].atCertificate.signer_infos[0].signerInfo.digest vc_atCertificate.signer_infos[0].signerInfo.digest ) // End of template m_signerInfo_certificate ), // End of template m_header_field_signer_info m_header_field_generation_time(oct2int('BBBBBBBB'O)), // To be replaced by TA with generation time m_header_field_generation_location( PX_TA_CONFIGS[PX_CERTIFICATE_CONFIG_IDX].location vc_location ) }, // End of field HeaderFields { Loading @@ -179,9 +183,9 @@ module LibItsSecurity_Functions { * @desc This function build and sign the SecureMessage part covered by the signature process * @param p_securedMessage The signed SecureMessage part * @param p_unsecuredPayload The unsigned payload (e.g. a beacon) * @param p_threeDLocation The ThreeDLocation value * @param p_signerInfoType Add digest or AT certificate or certificate chain * @param p_headerFields Additional HeaderFields * @param p_certificateName The certificate identifier to be used. Default: TA_CONFIG_A * @return true on success, false otherwise * @verdict Unchanged */ Loading @@ -190,18 +194,27 @@ module LibItsSecurity_Functions { in octetstring p_unsecuredPayload, in template (omit) SignerInfoType p_signerInfoType := e_certificate_digest_with_ecdsap256, in template (omit) HeaderFields p_headerFields := omit, in UInt p_configId := PX_CERTIFICATE_CONFIG_IDX ) return boolean { in template (omit) charstring p_certificateName := omit ) runs on ItsSecurityBaseComponent return boolean { // Local variables var Certificate v_aaCertificate, v_atCertificate; var octetstring v_secPayload, v_signature; var Oct32 v_hash; var template (value) ToBeSignedSecuredMessage v_toBeSignedSecuredMessage; // Sanity check if (not(p_configId < lengthof(PX_TA_CONFIGS)) ) { if (ispresent(p_certificateName) and (p_certificateName != "TA_CONFIG_A")) { if (f_readCertificate(p_certificateName & ".AA_CERT", v_aaCertificate) == false) { return false; } if (f_readCertificate(p_certificateName & ".AT_CERT", v_atCertificate) == false) { return false; } } else { v_aaCertificate := vc_aaCertificate; v_atCertificate := vc_atCertificate; } // Create SecuredMessage payload to be signed if (p_signerInfoType == e_certificate) { // Add the AT certificate Loading @@ -210,7 +223,7 @@ module LibItsSecurity_Functions { { // Field HeaderFields m_header_field_signer_info( m_signerInfo_certificate( PX_TA_CONFIGS[p_configId].atCertificate v_atCertificate ) // End of template m_signerInfo_certificate ), // End of template m_header_field_signer_info m_header_field_generation_time(f_getCurrentTime()), Loading @@ -231,8 +244,8 @@ module LibItsSecurity_Functions { m_header_field_signer_info( m_signerInfo_certificates( { PX_TA_CONFIGS[p_configId].aaCertificate, PX_TA_CONFIGS[p_configId].atCertificate v_aaCertificate, v_atCertificate } ) // End of template m_signerInfo_certificate ), // End of template m_header_field_signer_info Loading @@ -253,7 +266,7 @@ module LibItsSecurity_Functions { { // Field HeaderFields m_header_field_signer_info( m_signerInfo_digest( PX_TA_CONFIGS[p_configId].atCertificate.signer_infos[0].signerInfo.digest v_atCertificate.signer_infos[0].signerInfo.digest ) // End of template m_signerInfo_digest ), // End of template m_header_field_digest m_header_field_generation_time(f_getCurrentTime()), Loading Loading @@ -329,7 +342,7 @@ module LibItsSecurity_Functions { in ThreeDLocation p_threeDLocation, in template (omit) boolean p_addCertificate := false, in template (omit) HeaderFields p_headerFields := omit ) return boolean { ) runs on ItsSecurityBaseComponent return boolean { // Local variables var octetstring v_secPayload, v_signature; Loading @@ -343,7 +356,7 @@ module LibItsSecurity_Functions { { // Field HeaderFields m_header_field_signer_info( m_signerInfo_certificate( PX_TA_CONFIGS[PX_CERTIFICATE_CONFIG_IDX].atCertificate vc_atCertificate ) // End of template m_signerInfo_certificate ), // End of template m_header_field_signer_info m_header_field_generation_time(f_getCurrentTime()), Loading @@ -365,7 +378,7 @@ module LibItsSecurity_Functions { { // Field HeaderFields m_header_field_signer_info( m_signerInfo_digest( PX_TA_CONFIGS[PX_CERTIFICATE_CONFIG_IDX].atCertificate.signer_infos[0].signerInfo.digest vc_atCertificate.signer_infos[0].signerInfo.digest ) // End of template m_signerInfo_digest ), // End of template m_header_field_digest m_header_field_generation_time(f_getCurrentTime()), Loading Loading @@ -440,7 +453,7 @@ module LibItsSecurity_Functions { in ThreeDLocation p_threeDLocation, in template (omit) boolean p_addCertificate := false, in template (omit) HeaderFields p_headerFields := omit ) return boolean { ) runs on ItsSecurityBaseComponent return boolean { // Local variables var octetstring v_secPayload, v_signature; Loading @@ -454,7 +467,7 @@ module LibItsSecurity_Functions { { // Field HeaderFields m_header_field_signer_info( m_signerInfo_certificate( PX_TA_CONFIGS[PX_CERTIFICATE_CONFIG_IDX].atCertificate vc_atCertificate ) // End of template m_signerInfo_certificate ), // End of template m_header_field_signer_info m_header_field_generation_time(f_getCurrentTime()), Loading @@ -475,7 +488,7 @@ module LibItsSecurity_Functions { { // Field HeaderFields m_header_field_signer_info( m_signerInfo_digest( PX_TA_CONFIGS[PX_CERTIFICATE_CONFIG_IDX].atCertificate.signer_infos[0].signerInfo.digest vc_atCertificate.signer_infos[0].signerInfo.digest ) // End of template m_signerInfo_digest ), // End of template m_header_field_digest m_header_field_generation_time(f_getCurrentTime()), Loading Loading @@ -744,31 +757,74 @@ module LibItsSecurity_Functions { group certificateGetters { /** * @desc Set the gneration location ase defined in Draft ETSI TS 103 097 V1.1.6 * @param p_latitude The latitude value * @param p_longitude The longitude value * @param p_elevation The elevation value * @verdict Unchanged */ function f_setGenerationLocation( in WGSLatitude p_latitude, in WGSLongitude p_longitude, in Oct2 p_elevation := '0000'O ) runs on ItsSecurityBaseComponent { vc_location := { p_latitude, p_longitude, p_elevation } } // End of function f_setGenerationLocation /** * @desc Load in memory cache the certificates available * @param p_rootDirectory Root directory to access to the certificates identified by the certificate ID * @param p_configId A configuration identifier * @remark This method SHALL be call before any usage of certificates * @return true on success, false otherwise */ function f_loadCertificates( in charstring p_rootDirectory ) return boolean { return fx_loadCertificates(p_rootDirectory); in charstring p_configId ) runs on ItsSecurityBaseComponent return boolean { var boolean v_result; // Setup certificates memory cache if (fx_loadCertificates(PX_ROOT_PATH_FOR_SECURITY, p_configId) == true) { // Setup security component variables f_readCertificate("TA_CONFIG_A.AA_CERT", vc_aaCertificate); f_readCertificate("TA_CONFIG_A.AT_CERT", vc_atCertificate); f_readPrivateKeys("TA_CONFIG_A.PRIVATE_KEYS", vc_signingPrivateKey, vc_encryptPrivateKey); return true; } return false; } // End of function f_loadCertificates /** * @desc Unload from memory cache the certificates available * @return true on success, false otherwise */ function f_unloadCertificates() runs on ItsSecurityBaseComponent return boolean { // Reset security component variables vc_signingPrivateKey := '0000000000000000000000000000000000000000000000000000000000000000'O; vc_encryptPrivateKey := '0000000000000000000000000000000000000000000000000000000000000000'O; // Clear certificates memory cache return fx_unloadCertificates(); } // End of function f_unloadCertificates /** * @desc Read the specified certificate * @param p_hashedId8 the certificate ID to read * @param p_certificate the exoected certificate * @param p_certificateId the certificate identifier * @param p_certificate the expected certificate * @return true on success, false otherwise */ function f_readCertificate( in HashedId8 p_hashedId8, in charstring p_certificateId, out Certificate p_certificate ) return boolean { ) runs on ItsSecurityBaseComponent return boolean { var octetstring v_certificate; if (fx_readCertificate(p_hashedId8, v_certificate) == true) { if (fx_readCertificate(p_certificateId, v_certificate) == true) { var integer v_result := decvalue(oct2bit(v_certificate), p_certificate); if (v_result == 0) { return true; Loading @@ -776,7 +832,22 @@ module LibItsSecurity_Functions { } return false; } } // End of function f_readCertificate /** * @desc Read the private keys for the specified certificate * @param p_keysId the keys identifier * @param p_signingPrivateKey the signing private key * @param p_encryptPrivateKey the encrypt private key * @return true on success, false otherwise */ function f_readPrivateKeys( in charstring p_keysId, out Oct32 p_signingPrivateKey, out Oct32 p_encryptPrivateKey ) runs on ItsSecurityBaseComponent return boolean { return fx_readPrivateKeys(p_keysId, p_signingPrivateKey, p_encryptPrivateKey); } // End of function f_readPrivateKeys function f_getCertificateValidityRestriction( in template (value) Certificate p_cert, Loading @@ -790,7 +861,7 @@ module LibItsSecurity_Functions { } } return false; } } // End of function f_getCertificateValidityRestriction function f_getCertificateSignerInfo ( in template (value) Certificate p_cert, Loading Loading @@ -870,20 +941,36 @@ module LibItsSecurity_Functions { group certificatesLoader { /** * @desc Load in memory cache the certificates available * @desc Load in memory cache the certificates available in the specified directory * @param p_rootDirectory Root directory to access to the certificates identified by the certificate ID * @param p_configId A configuration identifier * @remark This method SHALL be call before any usage of certificates * @return true on success, false otherwise */ external function fx_loadCertificates(in charstring p_rootDirectory) return boolean; external function fx_loadCertificates(in charstring p_rootDirectory, in charstring p_configId) return boolean; /** * @desc Unload from memory cache the certificates * @return true on success, false otherwise */ external function fx_unloadCertificates() return boolean; /** * @desc Read the specified certificate * @param p_hashedId8 the certificate ID to read * @param p_certificate the exoected certificate * @param p_certificateId the certificate identifier * @param p_certificate the expected certificate * @return true on success, false otherwise */ external function fx_readCertificate(in charstring p_certificateId, out octetstring p_certificate) return boolean; /** * @desc Read the private keys for the specified certificate * @param p_keysId the keys identifier * @param p_signingPrivateKey the signing private key * @param p_encryptPrivateKey the encrypt private key * @return true on success, false otherwise */ external function fx_readCertificate(in HashedId8 p_hashedId8, out octetstring p_certificate) return boolean; external function fx_readPrivateKeys(in charstring p_keysId, out Oct32 p_signingPrivateKey, out Oct32 p_encryptPrivateKey) return boolean; } // End of group certificatesLoader Loading
ttcn/Security/LibItsSecurity_Pixits.ttcn3 +2 −547 File changed.Preview size limit exceeded, changes collapsed. Show changes
ttcn/Security/LibItsSecurity_TestSystem.ttcn3 +28 −0 Original line number Diff line number Diff line Loading @@ -6,4 +6,32 @@ * */ module LibItsSecurity_TestSystem { // LibCommon import from LibCommon_DataStrings all; // LibItsSecurity import from LibItsSecurity_TypesAndValues all; group componentDefinitions { /** * @desc ITS Security Component */ type component ItsSecurityBaseComponent { // Certificates var Certificate vc_aaCertificate; var Certificate vc_atCertificate; // Private keys var Oct32 vc_signingPrivateKey; var Oct32 vc_encryptPrivateKey; var ThreeDLocation vc_location; } // End of ItsSecurityBaseComponent } // End of group componentDefinitions } // End of module LibItsSecurity_TestSystem No newline at end of file
ttcn/Security/LibItsSecurity_Templates.ttcn3 +1 −1 File changed.Contains only whitespace changes. Show changes
