Loading ttcn/GeoNetworking/LibItsGeoNetworking_Functions.ttcn +16 −17 Original line number Diff line number Diff line Loading @@ -829,7 +829,22 @@ module LibItsGeoNetworking_Functions { * @desc Initialise secure mode if required */ function f_initialiseSecuredMode() runs on ItsBaseGeoNetworking { if ((PICS_GN_SECURITY == true) or (PICS_IS_IUT_SECURED == true)) { // Local variables // Load certificates if (PICS_GN_SECURITY == true) { if( not f_loadCertificates(PX_IUT_SEC_CONFIG_NAME) ) { log("*** INFO: TEST CASE NOW STOPPING ITSELF! ***"); stop; } // Initialize vc_location f_setGenerationLocation( f_getTsLatitude(), f_getTsLongitude() ); } else if (PICS_IS_IUT_SECURED == true) { if(e_success != f_acEnableSecurity()){ log("*** INFO: TEST CASE NOW STOPPING ITSELF! ***"); stop; Loading Loading @@ -1833,22 +1848,6 @@ module LibItsGeoNetworking_Functions { * @return FncRetCode */ function f_acEnableSecurity() runs on ItsBaseGeoNetworking return FncRetCode { // Local variables // Load certificates if (PICS_GN_SECURITY) { if( not f_loadCertificates(PX_IUT_SEC_CONFIG_NAME) ) { return e_error; } // Initialize vc_location f_setGenerationLocation( f_getTsLatitude(), f_getTsLongitude() ); return f_acTriggerSecEvent(m_acEnableSecurity(cc_taCert_A)); } return f_acTriggerSecEvent(m_acEnableSecurity(PX_CERT_FOR_TS)); } Loading ttcn/Security/LibItsSecurity_Functions.ttcn +50 −33 Original line number Diff line number Diff line Loading @@ -711,13 +711,27 @@ module LibItsSecurity_Functions { out EtsiTs103097Certificate p_aaCertificate, out EtsiTs103097Certificate p_atCertificate ) runs on ItsSecurityBaseComponent return boolean { //log(">>> f_prepareCertificates: ", p_certificateName); // Load certificates if required if (/*Spirent change*/lengthof(p_certificateName)>0 and (valueof(p_certificateName) != cc_taCert_A)) { if ((lengthof(p_certificateName) > 0) and (valueof(p_certificateName) != cc_taCert_A)) { var HashedId8 v_digest; var charstring v_cert; if (f_readCertificate(valueof(p_certificateName), p_atCertificate) == false){ log("f_prepareCertificates: Failed to read certificate ", p_certificateName); return false; } if (ischosen(p_atCertificate.issuer.sha256AndDigest)) { v_digest := p_atCertificate.issuer.sha256AndDigest; } else if (ischosen(p_atCertificate.issuer.sha384AndDigest)) { v_digest := p_atCertificate.issuer.sha384AndDigest; } else { log("f_prepareCertificates: Invalid certificate issuer ", p_atCertificate.issuer); return false; } if (f_readCertificate(oct2str(p_atCertificate.toBeSigned.cracaId), p_aaCertificate) == false) { if (f_getCertificateFromDigest(v_digest, p_aaCertificate) == false) { log("f_prepareCertificates: Failed to read certificate issuer ", v_digest); return false; } } else { Loading @@ -740,7 +754,7 @@ module LibItsSecurity_Functions { * @return true on success, false otherwise */ function f_buildGnSecuredMessage( out template (value) EtsiTs103097Data p_securedMessage, inout EtsiTs103097Data p_securedMessage, in charstring p_certificateName, in ToBeSignedData p_payloadField ) runs on ItsSecurityBaseComponent return boolean { Loading @@ -752,6 +766,8 @@ module LibItsSecurity_Functions { var octetstring v_certificateHash; var octetstring v_privateKey; //log(">>> f_buildGnSecuredMessage: p_securedMessage=", p_securedMessage); // Prepare payload to be signed v_toBeSignedData := valueof(p_payloadField); v_secPayload := bit2oct(encvalue(v_toBeSignedData)); Loading @@ -774,38 +790,39 @@ module LibItsSecurity_Functions { v_certificateHash, v_privateKey ); p_securedMessage.content.signedData.signature_ := m_signature_ecdsaNistP256( p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaNistP256( m_ecdsaP256Signature( m_eccP256CurvePoint_x_only(substr(v_signature, 0, 32)), substr(v_signature, 32, 32) ) ); )); } else if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP256r1Signature)) { v_signature := f_signWithEcdsaBrainpoolp256WithSha256( v_secPayload, v_certificateHash, v_privateKey ); p_securedMessage.content.signedData.signature_ := m_signature_ecdsaBrainpoolP256r1( p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP256r1( m_ecdsaP256Signature( m_eccP256CurvePoint_x_only(substr(v_signature, 0, 32)), substr(v_signature, 32, 32) ) ); )); } else if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP384r1Signature)) { v_signature := f_signWithEcdsaBrainpoolp384WithSha384( v_secPayload, v_certificateHash, v_privateKey ); p_securedMessage.content.signedData.signature_ := m_signature_ecdsaBrainpoolP384r1( p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP384r1( m_ecdsaP384Signature( m_eccP384CurvePoint_x_only(substr(v_signature, 0, 32)), substr(v_signature, 32, 32) ) ); )); } // TODO To be continued //log("<<< f_buildGnSecuredMessage: p_securedMessage=", p_securedMessage); return true; } // End of function f_buildGnSecuredMessage Loading @@ -825,7 +842,7 @@ module LibItsSecurity_Functions { * @return true on success, false otherwise */ function f_buildGnSecuredMessage_Bo( out template (value) EtsiTs103097Data p_securedMessage, inout EtsiTs103097Data p_securedMessage, in template (value) charstring p_certificateName, in UInt8 p_protocolVersion := c_protocol_version, in integer p_trailerStatus := 0, Loading Loading @@ -1016,13 +1033,12 @@ module LibItsSecurity_Functions { * @see Draft ETSI TS 103 097 V1.1.14 Clause 7.1 Security profile for CAMs */ function f_buildGnSecuredCam( out template (value) EtsiTs103097Data p_securedMessage, inout EtsiTs103097Data p_securedMessage, in ToBeSignedData p_payloadField, in SignerIdentifier p_signerIdentifierType, in charstring p_certificateName := ""/*, in boolean p_addMissingHeaders := true*/ ) runs on ItsSecurityBaseComponent return boolean { // Local variables var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; Loading @@ -1030,10 +1046,10 @@ module LibItsSecurity_Functions { if (f_prepareCertificates(p_certificateName, v_aaCertificate, v_atCertificate) == false) { return false; } log("v_atCertificate = ", v_atCertificate); //log("f_buildGnSecuredCam: v_atCertificate = ", v_atCertificate); // Fill sta structure with default values, these values will be updated later p_securedMessage := m_etsiTs103097Data_signed( // Fill the structure with default values, these values will be updated later p_securedMessage := valueof(m_etsiTs103097Data_signed( m_signedData( sha256, p_payloadField, Loading @@ -1045,10 +1061,11 @@ module LibItsSecurity_Functions { ) ) ) ); )); // Prepare mandatory headers //log("f_buildGnSecuredCam: p_signerIdentifierType=", p_signerIdentifierType); if (ischosen(p_signerIdentifierType.certificate)) { // Add the AT certificate log("*** " & testcasename() & ": TODO ***"); log("*** " & testcasename() & "f_buildGnSecuredCam: TODO ***"); stop; /* TODO * v_signerInfo := valueof( Loading @@ -1069,37 +1086,37 @@ module LibItsSecurity_Functions { } else if (ischosen(p_signerIdentifierType.digest)) { // Add the AT certificate digest if (ischosen(v_atCertificate.issuer.sha256AndDigest)) { p_securedMessage.content.signedData.hashId := sha256; p_securedMessage.content.signedData.signer := m_signerIdentifier_digest( p_securedMessage.content.signedData.signer := valueof(m_signerIdentifier_digest( f_calculateDigestSha256FromCertificate(v_atCertificate) ); )); } else if (ischosen(v_atCertificate.issuer.sha384AndDigest)) { p_securedMessage.content.signedData.hashId := sha384; p_securedMessage.content.signedData.signer := m_signerIdentifier_digest( p_securedMessage.content.signedData.signer := valueof(m_signerIdentifier_digest( f_calculateDigestSha384FromCertificate(v_atCertificate) ); )); } } else { log("*** " & testcasename() & ": TODO ***"); log("*** " & testcasename() & "f_buildGnSecuredCam: TODO ***"); stop; } if (ispresent(v_atCertificate.signature_)) { if (ischosen(v_atCertificate.signature_.ecdsaBrainpoolP256r1Signature)) { p_securedMessage.content.signedData.signature_ := m_signature_ecdsaBrainpoolP256r1( p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP256r1( m_ecdsaP256Signature( m_eccP256CurvePoint_x_only(int2oct(0, 32)), int2oct(0, 32) ) ); )); } else if (ischosen(v_atCertificate.signature_.ecdsaBrainpoolP384r1Signature)) { p_securedMessage.content.signedData.signature_ := m_signature_ecdsaBrainpoolP384r1( p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP384r1( m_ecdsaP384Signature( m_eccP384CurvePoint_x_only(int2oct(0, 48)), int2oct(0, 48) ) ); )); } // else, m_signature_ecdsaNistP256 already chosen by default } log("p_securedMessage = ", p_securedMessage); //log("f_buildGnSecuredCam: p_securedMessage = ", p_securedMessage); return f_buildGnSecuredMessage(p_securedMessage, p_certificateName, p_payloadField/*, v_mandatoryHeaders*/); Loading @@ -1126,7 +1143,7 @@ module LibItsSecurity_Functions { * @see Draft ETSI TS 103 097 V1.1.14 Clause 7.1 Security profile for CAMs */ function f_buildGnSecuredCam_Bo( out template (value) EtsiTs103097Data p_securedMessage, inout EtsiTs103097Data p_securedMessage, in UInt8 p_protocolVersion := c_protocol_version, in integer p_trailerStatus := 0, in ToBeSignedData p_payloadField, Loading Loading @@ -1204,7 +1221,7 @@ module LibItsSecurity_Functions { * @return true on success, false otherwise */ function f_buildGnSecuredDenm( out template (value) EtsiTs103097Data p_securedMessage, inout EtsiTs103097Data p_securedMessage, in ToBeSignedData p_payloadField, in SignerIdentifier p_signerIdentifierType, in ThreeDLocation p_threeDLocation, Loading Loading @@ -1279,7 +1296,7 @@ module LibItsSecurity_Functions { * @return true on success, false otherwise */ function f_buildGnSecuredDenm_Bo( out template (value) EtsiTs103097Data p_securedMessage, inout EtsiTs103097Data p_securedMessage, in UInt8 p_protocolVersion := c_protocol_version, in integer p_trailerStatus := 0, in ToBeSignedData p_payloadField, Loading Loading @@ -1351,7 +1368,7 @@ module LibItsSecurity_Functions { * @return true on success, false otherwise */ function f_buildGnSecuredOtherMessage( out template (value) EtsiTs103097Data p_securedMessage, inout EtsiTs103097Data p_securedMessage, in ToBeSignedData p_payloadField, in SignerIdentifier p_signerIdentifierType, // FIXME To be reviewed in ThreeDLocation p_threeDLocation, Loading Loading @@ -1424,7 +1441,7 @@ module LibItsSecurity_Functions { * @return true on success, false otherwise */ function f_buildGnSecuredOtherMessage_Bo( out template (value) EtsiTs103097Data p_securedMessage, inout EtsiTs103097Data p_securedMessage, in UInt8 p_protocolVersion := c_protocol_version, in integer p_trailerStatus := 0, in ToBeSignedData p_payloadField, Loading Loading
ttcn/GeoNetworking/LibItsGeoNetworking_Functions.ttcn +16 −17 Original line number Diff line number Diff line Loading @@ -829,7 +829,22 @@ module LibItsGeoNetworking_Functions { * @desc Initialise secure mode if required */ function f_initialiseSecuredMode() runs on ItsBaseGeoNetworking { if ((PICS_GN_SECURITY == true) or (PICS_IS_IUT_SECURED == true)) { // Local variables // Load certificates if (PICS_GN_SECURITY == true) { if( not f_loadCertificates(PX_IUT_SEC_CONFIG_NAME) ) { log("*** INFO: TEST CASE NOW STOPPING ITSELF! ***"); stop; } // Initialize vc_location f_setGenerationLocation( f_getTsLatitude(), f_getTsLongitude() ); } else if (PICS_IS_IUT_SECURED == true) { if(e_success != f_acEnableSecurity()){ log("*** INFO: TEST CASE NOW STOPPING ITSELF! ***"); stop; Loading Loading @@ -1833,22 +1848,6 @@ module LibItsGeoNetworking_Functions { * @return FncRetCode */ function f_acEnableSecurity() runs on ItsBaseGeoNetworking return FncRetCode { // Local variables // Load certificates if (PICS_GN_SECURITY) { if( not f_loadCertificates(PX_IUT_SEC_CONFIG_NAME) ) { return e_error; } // Initialize vc_location f_setGenerationLocation( f_getTsLatitude(), f_getTsLongitude() ); return f_acTriggerSecEvent(m_acEnableSecurity(cc_taCert_A)); } return f_acTriggerSecEvent(m_acEnableSecurity(PX_CERT_FOR_TS)); } Loading
ttcn/Security/LibItsSecurity_Functions.ttcn +50 −33 Original line number Diff line number Diff line Loading @@ -711,13 +711,27 @@ module LibItsSecurity_Functions { out EtsiTs103097Certificate p_aaCertificate, out EtsiTs103097Certificate p_atCertificate ) runs on ItsSecurityBaseComponent return boolean { //log(">>> f_prepareCertificates: ", p_certificateName); // Load certificates if required if (/*Spirent change*/lengthof(p_certificateName)>0 and (valueof(p_certificateName) != cc_taCert_A)) { if ((lengthof(p_certificateName) > 0) and (valueof(p_certificateName) != cc_taCert_A)) { var HashedId8 v_digest; var charstring v_cert; if (f_readCertificate(valueof(p_certificateName), p_atCertificate) == false){ log("f_prepareCertificates: Failed to read certificate ", p_certificateName); return false; } if (ischosen(p_atCertificate.issuer.sha256AndDigest)) { v_digest := p_atCertificate.issuer.sha256AndDigest; } else if (ischosen(p_atCertificate.issuer.sha384AndDigest)) { v_digest := p_atCertificate.issuer.sha384AndDigest; } else { log("f_prepareCertificates: Invalid certificate issuer ", p_atCertificate.issuer); return false; } if (f_readCertificate(oct2str(p_atCertificate.toBeSigned.cracaId), p_aaCertificate) == false) { if (f_getCertificateFromDigest(v_digest, p_aaCertificate) == false) { log("f_prepareCertificates: Failed to read certificate issuer ", v_digest); return false; } } else { Loading @@ -740,7 +754,7 @@ module LibItsSecurity_Functions { * @return true on success, false otherwise */ function f_buildGnSecuredMessage( out template (value) EtsiTs103097Data p_securedMessage, inout EtsiTs103097Data p_securedMessage, in charstring p_certificateName, in ToBeSignedData p_payloadField ) runs on ItsSecurityBaseComponent return boolean { Loading @@ -752,6 +766,8 @@ module LibItsSecurity_Functions { var octetstring v_certificateHash; var octetstring v_privateKey; //log(">>> f_buildGnSecuredMessage: p_securedMessage=", p_securedMessage); // Prepare payload to be signed v_toBeSignedData := valueof(p_payloadField); v_secPayload := bit2oct(encvalue(v_toBeSignedData)); Loading @@ -774,38 +790,39 @@ module LibItsSecurity_Functions { v_certificateHash, v_privateKey ); p_securedMessage.content.signedData.signature_ := m_signature_ecdsaNistP256( p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaNistP256( m_ecdsaP256Signature( m_eccP256CurvePoint_x_only(substr(v_signature, 0, 32)), substr(v_signature, 32, 32) ) ); )); } else if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP256r1Signature)) { v_signature := f_signWithEcdsaBrainpoolp256WithSha256( v_secPayload, v_certificateHash, v_privateKey ); p_securedMessage.content.signedData.signature_ := m_signature_ecdsaBrainpoolP256r1( p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP256r1( m_ecdsaP256Signature( m_eccP256CurvePoint_x_only(substr(v_signature, 0, 32)), substr(v_signature, 32, 32) ) ); )); } else if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP384r1Signature)) { v_signature := f_signWithEcdsaBrainpoolp384WithSha384( v_secPayload, v_certificateHash, v_privateKey ); p_securedMessage.content.signedData.signature_ := m_signature_ecdsaBrainpoolP384r1( p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP384r1( m_ecdsaP384Signature( m_eccP384CurvePoint_x_only(substr(v_signature, 0, 32)), substr(v_signature, 32, 32) ) ); )); } // TODO To be continued //log("<<< f_buildGnSecuredMessage: p_securedMessage=", p_securedMessage); return true; } // End of function f_buildGnSecuredMessage Loading @@ -825,7 +842,7 @@ module LibItsSecurity_Functions { * @return true on success, false otherwise */ function f_buildGnSecuredMessage_Bo( out template (value) EtsiTs103097Data p_securedMessage, inout EtsiTs103097Data p_securedMessage, in template (value) charstring p_certificateName, in UInt8 p_protocolVersion := c_protocol_version, in integer p_trailerStatus := 0, Loading Loading @@ -1016,13 +1033,12 @@ module LibItsSecurity_Functions { * @see Draft ETSI TS 103 097 V1.1.14 Clause 7.1 Security profile for CAMs */ function f_buildGnSecuredCam( out template (value) EtsiTs103097Data p_securedMessage, inout EtsiTs103097Data p_securedMessage, in ToBeSignedData p_payloadField, in SignerIdentifier p_signerIdentifierType, in charstring p_certificateName := ""/*, in boolean p_addMissingHeaders := true*/ ) runs on ItsSecurityBaseComponent return boolean { // Local variables var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; Loading @@ -1030,10 +1046,10 @@ module LibItsSecurity_Functions { if (f_prepareCertificates(p_certificateName, v_aaCertificate, v_atCertificate) == false) { return false; } log("v_atCertificate = ", v_atCertificate); //log("f_buildGnSecuredCam: v_atCertificate = ", v_atCertificate); // Fill sta structure with default values, these values will be updated later p_securedMessage := m_etsiTs103097Data_signed( // Fill the structure with default values, these values will be updated later p_securedMessage := valueof(m_etsiTs103097Data_signed( m_signedData( sha256, p_payloadField, Loading @@ -1045,10 +1061,11 @@ module LibItsSecurity_Functions { ) ) ) ); )); // Prepare mandatory headers //log("f_buildGnSecuredCam: p_signerIdentifierType=", p_signerIdentifierType); if (ischosen(p_signerIdentifierType.certificate)) { // Add the AT certificate log("*** " & testcasename() & ": TODO ***"); log("*** " & testcasename() & "f_buildGnSecuredCam: TODO ***"); stop; /* TODO * v_signerInfo := valueof( Loading @@ -1069,37 +1086,37 @@ module LibItsSecurity_Functions { } else if (ischosen(p_signerIdentifierType.digest)) { // Add the AT certificate digest if (ischosen(v_atCertificate.issuer.sha256AndDigest)) { p_securedMessage.content.signedData.hashId := sha256; p_securedMessage.content.signedData.signer := m_signerIdentifier_digest( p_securedMessage.content.signedData.signer := valueof(m_signerIdentifier_digest( f_calculateDigestSha256FromCertificate(v_atCertificate) ); )); } else if (ischosen(v_atCertificate.issuer.sha384AndDigest)) { p_securedMessage.content.signedData.hashId := sha384; p_securedMessage.content.signedData.signer := m_signerIdentifier_digest( p_securedMessage.content.signedData.signer := valueof(m_signerIdentifier_digest( f_calculateDigestSha384FromCertificate(v_atCertificate) ); )); } } else { log("*** " & testcasename() & ": TODO ***"); log("*** " & testcasename() & "f_buildGnSecuredCam: TODO ***"); stop; } if (ispresent(v_atCertificate.signature_)) { if (ischosen(v_atCertificate.signature_.ecdsaBrainpoolP256r1Signature)) { p_securedMessage.content.signedData.signature_ := m_signature_ecdsaBrainpoolP256r1( p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP256r1( m_ecdsaP256Signature( m_eccP256CurvePoint_x_only(int2oct(0, 32)), int2oct(0, 32) ) ); )); } else if (ischosen(v_atCertificate.signature_.ecdsaBrainpoolP384r1Signature)) { p_securedMessage.content.signedData.signature_ := m_signature_ecdsaBrainpoolP384r1( p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP384r1( m_ecdsaP384Signature( m_eccP384CurvePoint_x_only(int2oct(0, 48)), int2oct(0, 48) ) ); )); } // else, m_signature_ecdsaNistP256 already chosen by default } log("p_securedMessage = ", p_securedMessage); //log("f_buildGnSecuredCam: p_securedMessage = ", p_securedMessage); return f_buildGnSecuredMessage(p_securedMessage, p_certificateName, p_payloadField/*, v_mandatoryHeaders*/); Loading @@ -1126,7 +1143,7 @@ module LibItsSecurity_Functions { * @see Draft ETSI TS 103 097 V1.1.14 Clause 7.1 Security profile for CAMs */ function f_buildGnSecuredCam_Bo( out template (value) EtsiTs103097Data p_securedMessage, inout EtsiTs103097Data p_securedMessage, in UInt8 p_protocolVersion := c_protocol_version, in integer p_trailerStatus := 0, in ToBeSignedData p_payloadField, Loading Loading @@ -1204,7 +1221,7 @@ module LibItsSecurity_Functions { * @return true on success, false otherwise */ function f_buildGnSecuredDenm( out template (value) EtsiTs103097Data p_securedMessage, inout EtsiTs103097Data p_securedMessage, in ToBeSignedData p_payloadField, in SignerIdentifier p_signerIdentifierType, in ThreeDLocation p_threeDLocation, Loading Loading @@ -1279,7 +1296,7 @@ module LibItsSecurity_Functions { * @return true on success, false otherwise */ function f_buildGnSecuredDenm_Bo( out template (value) EtsiTs103097Data p_securedMessage, inout EtsiTs103097Data p_securedMessage, in UInt8 p_protocolVersion := c_protocol_version, in integer p_trailerStatus := 0, in ToBeSignedData p_payloadField, Loading Loading @@ -1351,7 +1368,7 @@ module LibItsSecurity_Functions { * @return true on success, false otherwise */ function f_buildGnSecuredOtherMessage( out template (value) EtsiTs103097Data p_securedMessage, inout EtsiTs103097Data p_securedMessage, in ToBeSignedData p_payloadField, in SignerIdentifier p_signerIdentifierType, // FIXME To be reviewed in ThreeDLocation p_threeDLocation, Loading Loading @@ -1424,7 +1441,7 @@ module LibItsSecurity_Functions { * @return true on success, false otherwise */ function f_buildGnSecuredOtherMessage_Bo( out template (value) EtsiTs103097Data p_securedMessage, inout EtsiTs103097Data p_securedMessage, in UInt8 p_protocolVersion := c_protocol_version, in integer p_trailerStatus := 0, in ToBeSignedData p_payloadField, Loading
