Commit 97625181 authored by vagrant's avatar vagrant
Browse files

AtsPki validation: major bugs fixed

parent f10fbd8c
......@@ -331,7 +331,37 @@ module LibItsPki_Functions {
out Oct32 p_request_hash
) runs on ItsPkiHttp {
// Local variables
// Local variables
var InnerAtRequest v_authorization_request;
var bitstring v_authorization_request_msg;
var octetstring v_public_enc_key;
var integer v_compressed_enc_key_mode;
if (f_generate_authorization_request(vc_eaCertificate, vc_eaHashedId8, p_private_key, p_publicKeyCompressed, p_compressedMode, v_authorization_request) == false) {
log("*** f_http_build_authorization_request: ERROR: Failed to generate AuthorizationValidationRequest ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
// Secure the Pki message
if (f_extract_enc_key(vc_eaCertificate, v_public_enc_key, v_compressed_enc_key_mode) == false) {
log("*** f_http_build_inner_ec_request: ERROR: Non canonical EA certificate ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
log("*** f_http_build_authorization_request: Public encryption key: ", v_public_enc_key);
log("*** f_http_build_authorization_request: Public encryption key comp: ", v_compressed_enc_key_mode);
/**
TODO: Load certificate according to the IUT role
==> a complete fucntion which set up the TestSustem certificate,keyy... according to the IUT role
**/
log("*** f_http_build_inner_ec_request: ERROR: Need to add TestSystem variable vc_aa ***");
f_selfOrClientSyncAndVerdict("error", e_error);
/* if (f_build_pki_secured_message(vc_aaPrivateKey, valueof(m_signerIdentifier_digest(vc_aaHashedId8)), vc_eaHashedId8/\*recipientId*\/, v_public_enc_key, v_compressed_enc_key_mode, vc_eaWholeHash, bit2oct(encvalue(m_etsiTs102941Data_authorization_request(v_authorization_request))), p_ieee1609dot2_signed_and_encrypted_data, p_request_hash) == false) { */
/* log("*** f_http_build_authorization_request: ERROR: Failed to generate InnerEcRequestSignedForPop ***"); */
/* f_selfOrClientSyncAndVerdict("error", e_error); */
/* } */
log("*** f_http_build_authorization_request: DEBUG: p_ieee1609dot2_signed_and_encrypted_data = ", p_ieee1609dot2_signed_and_encrypted_data);
} // End of function f_http_build_inner_at_request
function f_http_build_authorization_validation_request(
......@@ -517,8 +547,7 @@ module LibItsPki_Functions {
),
m_certificateSubjectAttributes(
{ // ETSI TS 102 965 Table A.1: ETSI ITS standardized ITS-AIDs
valueof(m_appPermissions(36, { bitmapSsp := '830001'O })), // TODO Use PIXIT
valueof(m_appPermissions(37, { bitmapSsp := '830001'O })) // TODO Use PIXIT
valueof(m_appPermissions(623, { bitmapSsp := '00C0'O }))
},
m_validityPeriod(
f_getCurrentTime() / 1000,
......@@ -819,6 +848,63 @@ module LibItsPki_Functions {
} // End of group inner_at_xxx
group authorization_xxx {
function f_generate_authorization_request(
in Certificate p_ea_certificate,
in HashedId8 p_ea_certificate_hashed_id8,
out octetstring p_private_key,
out octetstring p_publicKeyCompressed,
out integer p_compressedMode,
out InnerAtRequest p_authorization_request
) return boolean {
// Local variables
var octetstring v_private_enc_key;
var Oct32 v_publicEncKeyCompressed;
var integer v_compressedMode;
var InnerEcRequest v_inner_ec_request;
var Certificate v_ec_certificate;
var InnerAtRequest v_inner_at_request;
var Ieee1609Dot2Data v_inner_at_request_data;
if (f_generate_inner_ec_request(p_private_key, p_publicKeyCompressed, p_compressedMode, v_inner_ec_request) == false) {
return false;
}
if (f_generate_ec_certificate(p_private_key, v_inner_ec_request, v_ec_certificate) == false) {
return false;
}
if (f_generate_inner_at_request(v_ec_certificate, p_private_key, p_ea_certificate, p_ea_certificate_hashed_id8, true, v_private_enc_key, v_publicEncKeyCompressed, v_compressedMode, v_inner_at_request, v_inner_at_request_data) == false) {
return false;
}
p_authorization_request.sharedAtRequest := v_inner_at_request.sharedAtRequest;
p_authorization_request.ecSignature := v_inner_at_request.ecSignature;
log("f_generate_authorization_request: ", p_authorization_request);
return true;
} // End of function f_generate_authorization_request
function f_generate_authorization_response(
in octetstring p_authorization_request_hash,
in CertificateSubjectAttributes p_Certificate_subject_attributes,
out InnerAtResponse p_authorization_response
) return boolean {
// Local variables
// Build the Proof of Possession InnerAtResponse
/*p_authorization_response := valueof(
m_innerAtResponse_ok(
p_authorization_request_hash,
p_Certificate_subject_attributes
)
);*/
return true;
} // End of function f_generate_authorization_response
} // End of group authorization_xxx
group authorization_validation_xxx {
function f_generate_authorization_validation_request(
......
......@@ -15,6 +15,11 @@ module LibItsPki_Pics {
*/
modulepar boolean PICS_IUT_AA_ROLE := false;
/**
* @desc Does the IUT act as combined EA-AA device?
*/
modulepar boolean PICS_IUT_COMBINED_EA_AA_ROLE := true;
/**
* @desc Certificate used by the IUT acting as ITS-S
*/
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment