Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
TTCN-3 Libraries
LibIts
Commits
a1a1ccbc
Commit
a1a1ccbc
authored
Nov 02, 2018
by
garciay
Browse files
Add first AA tests
parent
b31f565a
Changes
4
Hide whitespace changes
Inline
Side-by-side
ttcn/Pki/LibItsPki_EncdecDeclarations.ttcn
View file @
a1a1ccbc
...
...
@@ -50,4 +50,15 @@ module LibItsPki_EncdecDeclarations {
external
function
fx_dec_SharedAtRequest
(
inout
bitstring
b
,
out
EtsiTs102941TypesAuthorization
.
SharedAtRequest
p
)
return
integer
with
{
extension
"prototype(sliding) decode(PER)"
}
/**
* @desc Encoding function for EtsiTs102941TypesAuthorizationValidation AuthorizationValidationRequest
* @param p The certificate to encode
* @return The encode message in OER format
*/
external
function
fx_enc_AuthorizationValidationRequest
(
in
EtsiTs102941TypesAuthorizationValidation
.
AuthorizationValidationRequest
p
)
return
bitstring
with
{
extension
"prototype(convert) encode(PER)"
}
external
function
fx_dec_AuthorizationValidationRequest
(
inout
bitstring
b
,
out
EtsiTs102941TypesAuthorizationValidation
.
AuthorizationValidationRequest
p
)
return
integer
with
{
extension
"prototype(sliding) decode(PER)"
}
}
// End of module LibItsPki_EncdecDeclarations
ttcn/Pki/LibItsPki_Functions.ttcn
View file @
a1a1ccbc
...
...
@@ -303,7 +303,7 @@ module LibItsPki_Functions {
}
// Secure InnerEcRequestSignedForPoP message
v_inner_ec_request_signed_for_pop_msg
:=
encvalue
(
m_etsiTs102941Data_inner_ec_request_signed_for_pop
(
v_inner_ec_request_signed_for_pop
));
// Prepae for getting the 16 most bytes of SHA256 of InnerEcRequestSignedForPop
// Prepa
r
e for getting the 16 most bytes of SHA256 of InnerEcRequestSignedForPop
p_hash_inner_ec_request_signed_for_pop
:=
f_hashWithSha256
(
bit2oct
(
v_inner_ec_request_signed_for_pop_msg
));
if
(
f_build_pki_secured_message
(
vc_eaPrivateKey
,
valueof
(
m_signerIdentifier_self
),
vc_eaHashedId8
,
p_publicKeyCompressed
,
p_compressedMode
,
bit2oct
(
v_inner_ec_request_signed_for_pop_msg
),
p_ieee1609dot2_signed_and_encrypted_data
)
==
false
)
{
log
(
"*** f_http_build_inner_ec_request: ERROR: Failed to generate InnerEcRequestSignedForPop ***"
);
...
...
@@ -344,15 +344,41 @@ module LibItsPki_Functions {
}
log
(
"*** f_http_build_invalid_enrolment_request: DEBUG: p_ieee1609dot2_signed_and_encrypted_data = "
,
p_ieee1609dot2_signed_and_encrypted_data
);
}
// End of function f_http_build_invalid_enrolment_request
function
f_http_build_inner_at_request
(
out
octetstring
p_private_key
,
out
octetstring
p_publicKeyCompressed
,
out
integer
p_compressedMode
,
out
Ieee1609Dot2Data
p_ieee1609dot2_signed_and_encrypted_data
,
out
HashedId8
p_hash_inner_at_request
)
runs
on
ItsPkiHttp
{
// Local variables
}
// End of function f_http_build_inner_at_request
function
f_http_build_authorization_validation_request
(
out
octetstring
p_private_key
,
out
octetstring
p_publicKeyCompressed
,
out
integer
p_compressedMode
,
out
Ieee1609Dot2Data
p_ieee1609dot2_signed_and_encrypted_data
)
runs
on
ItsPkiHttp
{
log
(
"*** f_http_build_invalid_enrolment_request: DEBUG: p_ieee1609dot2_signed_and_encrypted_data = "
,
p_ieee1609dot2_signed_and_encrypted_data
);
}
out
octetstring
p_private_key
,
out
octetstring
p_publicKeyCompressed
,
out
integer
p_compressedMode
,
out
Ieee1609Dot2Data
p_ieee1609dot2_signed_and_encrypted_data
)
runs
on
ItsPkiHttp
{
// Local variables
var
AuthorizationValidationRequest
v_authorization_validation_request
;
if
(
f_generate_authorization_validation_request
(
vc_eaCertificate
,
vc_eaHashedId8
,
p_private_key
,
p_publicKeyCompressed
,
p_compressedMode
,
v_authorization_validation_request
)
==
false
)
{
log
(
"*** f_http_build_authorization_validation_request: ERROR: Failed to generate AuthorizationValidationRequest ***"
);
f_selfOrClientSyncAndVerdict
(
"error"
,
e_error
);
}
// FIXME Encapsulate v_authorization_validation_request into EtsiTs102941Data structure
if
(
f_build_pki_secured_message
(
vc_eaPrivateKey
,
valueof
(
m_signerIdentifier_self
),
vc_eaHashedId8
,
p_publicKeyCompressed
,
p_compressedMode
,
bit2oct
(
encvalue
(
v_authorization_validation_request
)),
p_ieee1609dot2_signed_and_encrypted_data
)
==
false
)
{
log
(
"*** f_http_build_authorization_validation_request: ERROR: Failed to generate InnerEcRequestSignedForPop ***"
);
f_selfOrClientSyncAndVerdict
(
"error"
,
e_error
);
}
log
(
"*** f_http_build_authorization_validation_request: DEBUG: p_ieee1609dot2_signed_and_encrypted_data = "
,
p_ieee1609dot2_signed_and_encrypted_data
);
}
// End of function f_http_build_authorization_validation_request
}
// End of group http
...
...
@@ -625,7 +651,7 @@ module LibItsPki_Functions {
}
// Generate 32 octets length secret key
v_hmac_key
:=
f_hashWithSha256
(
int2oct
(
f_getCurrentTime
(),
12
8
));
v_hmac_key
:=
f_hashWithSha256
(
int2oct
(
f_getCurrentTime
(),
12
));
log
(
"v_hmac_key="
,
v_hmac_key
);
// Generate tag based on the concatenation of ???
...
...
@@ -690,8 +716,10 @@ module LibItsPki_Functions {
c_its_aid_SCR
,
f_getCurrentTimeUtc
())
);
log
(
"v_tbs="
,
v_tbs
);
// Signed ToBeSigned payload
v_whole_certificate_hash
:=
f_hashWithSha256
(
bit2oct
(
encvalue
(
p_ec_certificate
)));
log
(
"v_whole_certificate_hash="
,
v_whole_certificate_hash
);
v_tbs_signed
:=
f_signWithEcdsaNistp256WithSha256
(
bit2oct
(
encvalue
(
v_tbs
)),
v_whole_certificate_hash
,
p_private_key
);
v_signed_ec_signature
:=
valueof
(
m_etsiTs103097Data_signed
(
...
...
@@ -726,6 +754,15 @@ module LibItsPki_Functions {
var
integer
v_ephemeralKeyModeCompressed
;
var
octetstring
v_enc_signed_ec_signature
;
if
(
ischosen
(
p_ea_certificate
.
toBeSigned
.
encryptionKey
.
publicKey
.
eciesNistP256
.
compressed_y_0
))
{
v_public_enc_key
:=
p_ea_certificate
.
toBeSigned
.
encryptionKey
.
publicKey
.
eciesNistP256
.
compressed_y_0
;
v_compressed_mode
:=
0
;
}
else
if
(
ischosen
(
p_ea_certificate
.
toBeSigned
.
encryptionKey
.
publicKey
.
eciesNistP256
.
compressed_y_1
))
{
v_public_enc_key
:=
p_ea_certificate
.
toBeSigned
.
encryptionKey
.
publicKey
.
eciesNistP256
.
compressed_y_1
;
v_compressed_mode
:=
1
;
}
else
{
return
false
;
}
v_enc_signed_ec_signature
:=
f_encryptWithEciesNistp256WithSha256
(
bit2oct
(
encvalue
(
v_signed_ec_signature
)),
v_public_enc_key
,
v_compressed_mode
,
v_publicEphemeralKeyCompressed
,
v_ephemeralKeyModeCompressed
,
v_encrypted_sym_key
,
v_authentication_vector
,
v_nonce
);
v_recipientId
:=
p_eaHashedId8
;
log
(
"v_recipientId="
,
v_recipientId
);
...
...
@@ -789,12 +826,36 @@ module LibItsPki_Functions {
group
authorization_validation_xxx
{
function
f_generate_authorization_validation_request
(
in
InnerAtRequest
p_inner_at_request
,
in
Certificate
p_certificate
,
in
Certificate
p_ea_certificate
,
in
HashedId8
p_ea_certificate_hashed_id8
,
out
octetstring
p_private_key
,
out
octetstring
p_publicKeyCompressed
,
out
integer
p_compressedMode
,
out
AuthorizationValidationRequest
p_authorization_validation_request
)
return
boolean
{
p_authorization_validation_request
.
sharedAtRequest
:=
p_inner_at_request
.
sharedAtRequest
;
p_authorization_validation_request
.
ecSignature
:=
p_inner_at_request
.
ecSignature
;
// Local variables
var
octetstring
v_private_enc_key
;
var
Oct32
v_publicEncKeyCompressed
;
var
integer
v_compressedMode
;
var
InnerEcRequest
v_inner_ec_request
;
var
Certificate
v_ec_certificate
;
var
InnerAtRequest
v_inner_at_request
;
var
Ieee1609Dot2Data
v_inner_at_request_data
;
if
(
f_generate_inner_ec_request
(
p_private_key
,
p_publicKeyCompressed
,
p_compressedMode
,
v_inner_ec_request
)
==
false
)
{
return
false
;
}
if
(
f_generate_ec_certificate
(
p_private_key
,
v_inner_ec_request
,
v_ec_certificate
)
==
false
)
{
return
false
;
}
if
(
f_generate_inner_at_request
(
v_ec_certificate
,
p_private_key
,
p_ea_certificate
,
p_ea_certificate_hashed_id8
,
true
,
v_private_enc_key
,
v_publicEncKeyCompressed
,
v_compressedMode
,
v_inner_at_request
,
v_inner_at_request_data
)
==
false
)
{
return
false
;
}
p_authorization_validation_request
.
sharedAtRequest
:=
v_inner_at_request
.
sharedAtRequest
;
p_authorization_validation_request
.
ecSignature
:=
v_inner_at_request
.
ecSignature
;
log
(
"f_generate_authorization_validation_request: "
,
p_authorization_validation_request
);
return
true
;
}
// End of function f_generate_authorization_validation_request
...
...
ttcn/Pki/LibItsPki_Pics.ttcn
View file @
a1a1ccbc
...
...
@@ -16,10 +16,20 @@ module LibItsPki_Pics {
modulepar
boolean
PICS_IUT_AA_ROLE
:=
false
;
/**
* @desc Certificate used by the IUT
* @desc Certificate used by the IUT
acting as ITS-S
*/
modulepar
charstring
PICS_IUT_CERTIFICATE_ID
:=
"CERT_IUT_A_EA"
;
/**
* @desc Certificate used by the IUT acting as EA
*/
modulepar
charstring
PICS_IUT_EA_CERTIFICATE_ID
:=
"CERT_IUT_A__EA_EA"
;
/**
* @desc Certificate used by the IUT acting as AA
*/
modulepar
charstring
PICS_IUT_AA_CERTIFICATE_ID
:=
"CERT_IUT_A_AA_EA"
;
/**
* @desc Certificate used by the Test System acting as ITS-S
*/
...
...
ttcn/Pki/LibItsPki_Templates.ttcn
View file @
a1a1ccbc
...
...
@@ -73,6 +73,16 @@ module LibItsPki_Templates {
}
}
// End of template m_etsiTs102941Data_inner_at_response
template
(
present
)
EnrolmentRequestMessage
mw_enrolmentRequestMessage
(
template
(
present
)
EncryptedData
p_encryptedData
:=
?
)
modifies
mw_etsiTs103097Data_encrypted
:=
{
}
// End of template mw_enrolmentRequestMessage
template
(
present
)
EnrolmentResponseMessage
mw_enrolmentResponseMessage
(
template
(
present
)
EncryptedData
p_encryptedData
:=
?
)
modifies
mw_etsiTs103097Data_encrypted
:=
{
}
// End of template mw_enrolmentResponseMessage
template
(
value
)
EtsiTs103097Data
m_authorizationValidationRequestMessage
(
in
template
(
value
)
EncryptedData
p_encryptedData
)
modifies
m_etsiTs103097Data_encrypted
:=
{
...
...
@@ -83,26 +93,26 @@ module LibItsPki_Templates {
)
modifies
mw_etsiTs103097Data_encrypted
:=
{
}
// End of template mw_authorizationValidationResponseMessage
template
(
present
)
EnrolmentRequestMessage
mw_enrolmentRequestMessage
(
template
(
present
)
EncryptedData
p_encryptedData
:=
?
)
modifies
mw_etsiTs103097Data_encrypted
:=
{
}
// End of template mw_enrolmentRequestMessage
template
(
present
)
EnrolmentRequestMessage
mw_enrolmentResponseMessage
(
template
(
present
)
EncryptedData
p_encryptedData
:=
?
)
modifies
mw_etsiTs103097Data_encrypted
:=
{
}
// End of template mw_enrolmentResponseMessage
template
(
value
)
AuthorizationRequestMessage
m_authorizationRequestMessage
(
in
template
(
value
)
EncryptedData
p_encryptedData
)
modifies
m_etsiTs103097Data_encrypted
:=
{
}
// End of template m_authorizationRequestMessage
template
(
present
)
AuthorizationRequestMessage
mw_authorizationRequestMessage
(
template
(
present
)
EncryptedData
p_encryptedData
:=
?
)
modifies
mw_etsiTs103097Data_encrypted
:=
{
}
// End of template mw_authorizationRequestMessage
template
(
value
)
AuthorizationResponseMessage
m_authorizationResponseMessage
(
in
template
(
value
)
EncryptedData
p_encryptedData
)
modifies
m_etsiTs103097Data_encrypted
:=
{
}
// End of template m_authorizationResponseMessage
template
(
present
)
AuthorizationResponseMessage
mw_authorizationResponseMessage
(
template
(
present
)
EncryptedData
p_encryptedData
:=
?
)
modifies
mw_etsiTs103097Data_encrypted
:=
{
}
// End of template mw_authorizationResponseMessage
template
(
value
)
EtsiTs102941DataContent
m_enrolmentRequest
(
in
template
(
value
)
InnerEcRequestSignedForPop
p_enrolmentRequest
)
:=
{
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment