Loading ttcn/Security/LibItsSecurity_Functions.ttcn3 +58 −37 Original line number Original line Diff line number Diff line Loading @@ -31,12 +31,12 @@ module LibItsSecurity_Functions { /** /** * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signaturee * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signaturee * @param p_toBeSignedData The data to be signed * @param p_ToBeSignedSecuredMessage The data to be signed * @return The signature value * @return The signature value */ */ function f_signWithEcdsaNistp256WithSha256(in Oct32 p_toBeSignedData) return octetstring { function f_signWithEcdsaNistp256WithSha256(in Oct32 p_ToBeSignedSecuredMessage) return octetstring { return fx_signWithEcdsaNistp256WithSha256( return fx_signWithEcdsaNistp256WithSha256( p_toBeSignedData, p_ToBeSignedSecuredMessage, PX_PRIVATE_SIGNING_KEYS[PX_CERTIFICATE_CONFIG_IDX] PX_PRIVATE_SIGNING_KEYS[PX_CERTIFICATE_CONFIG_IDX] ); ); Loading Loading @@ -78,12 +78,12 @@ module LibItsSecurity_Functions { * @desc Build a template of a secured beacon to be used for the Test Adapter secured beaconing processing * @desc Build a template of a secured beacon to be used for the Test Adapter secured beaconing processing */ */ function f_buildSecuredMessagePayloadToBeSigned() function f_buildSecuredMessagePayloadToBeSigned() return ToBeSignedData { return ToBeSignedSecuredMessage { // Local variables // Local variables var template (value) ToBeSignedData v_toBeSignedData; var template (value) ToBeSignedSecuredMessage v_ToBeSignedSecuredMessage; // Build the beacon template // Build the beacon template v_toBeSignedData := m_toBeSignedData_profileOther( v_ToBeSignedSecuredMessage := m_ToBeSignedSecuredMessage_profileOther( { // Field HeaderFields { // Field HeaderFields m_header_field_signer_info( m_header_field_signer_info( m_signerInfo_certificate( m_signerInfo_certificate( Loading @@ -103,30 +103,32 @@ module LibItsSecurity_Functions { e_signature e_signature ); ); return v_toBeSignedData; return v_ToBeSignedSecuredMessage; } } /** /** * @desc This function build and sign the SecureMessage part covered by the signature process * @desc This function build and sign the SecureMessage part covered by the signature process * @param p_securedMessage The signed SecureMessage part * @param p_unsecuredPayload The unsigned payload (e.g. a beacon) * @param p_unsecuredPayload The unsigned payload (e.g. a beacon) * @param p_threeDLocation The ThreeDLocation value * @param p_threeDLocation The ThreeDLocation value * @param p_securedMessage The signed SecureMessage part * @param p_headerFileds Additional HeaderFields * @return true on success, false otherwise * @return true on success, false otherwise * @verdict Unchanged * @verdict Unchanged */ */ function f_buildGnSecuredCam( function f_buildGnSecuredCam( out template (value) SecuredMessage p_securedMessage, in octetstring p_unsecuredPayload, in octetstring p_unsecuredPayload, in ThreeDLocation p_threeDLocation, in ThreeDLocation p_threeDLocation, out template (value) SecuredMessage p_securedMessage in template (omit) HeaderFields p_headerFileds := omit ) return boolean { ) return boolean { // Local variables // Local variables var octetstring v_secPayload, v_signature; var octetstring v_secPayload, v_signature; var Oct32 v_hash; var Oct32 v_hash; var template (value) ToBeSignedData v_toBeSignedData; var template (value) ToBeSignedSecuredMessage v_ToBeSignedSecuredMessage; // Create SecuredMessage payload to be signed // Create SecuredMessage payload to be signed v_toBeSignedData := m_toBeSignedData_profileOther( v_ToBeSignedSecuredMessage := m_ToBeSignedSecuredMessage_profileOther( { // Field HeaderFields { // Field HeaderFields m_header_field_signer_info( m_header_field_signer_info( m_signerInfo_certificate( m_signerInfo_certificate( Loading @@ -147,7 +149,7 @@ module LibItsSecurity_Functions { e_signature e_signature ); ); v_secPayload := bit2oct(encvalue(v_toBeSignedData)); v_secPayload := bit2oct(encvalue(v_ToBeSignedSecuredMessage)); // Calculate the hash of the SecuredMessage payload to be signed // Calculate the hash of the SecuredMessage payload to be signed v_hash := f_hashWithSha256(v_secPayload); v_hash := f_hashWithSha256(v_secPayload); Loading @@ -158,8 +160,8 @@ module LibItsSecurity_Functions { ); ); p_securedMessage := m_securedMessage_profileOther( // See Clause 7.3 Generic security profile for other signed messages p_securedMessage := m_securedMessage_profileOther( // See Clause 7.3 Generic security profile for other signed messages v_toBeSignedData.header_fields, v_ToBeSignedSecuredMessage.header_fields, v_toBeSignedData.payload_fields, v_ToBeSignedSecuredMessage.payload_fields, { { m_trailer_field_signature( m_trailer_field_signature( m_signature( m_signature( Loading @@ -179,25 +181,27 @@ module LibItsSecurity_Functions { /** /** * @desc This function build and sign the SecureMessage part covered by the signature process * @desc This function build and sign the SecureMessage part covered by the signature process * @param p_securedMessage The signed SecureMessage part * @param p_unsecuredPayload The unsigned payload (e.g. a beacon) * @param p_unsecuredPayload The unsigned payload (e.g. a beacon) * @param p_threeDLocation The ThreeDLocation value * @param p_threeDLocation The ThreeDLocation value * @param p_securedMessage The signed SecureMessage part * @param p_headerFileds Additional HeaderFields * @return true on success, false otherwise * @return true on success, false otherwise * @verdict Unchanged * @verdict Unchanged */ */ function f_buildGnSecuredDenm( function f_buildGnSecuredDenm( out template (value) SecuredMessage p_securedMessage, in octetstring p_unsecuredPayload, in octetstring p_unsecuredPayload, in ThreeDLocation p_threeDLocation, in ThreeDLocation p_threeDLocation, out template (value) SecuredMessage p_securedMessage in template (omit) HeaderFields p_headerFileds := omit ) return boolean { ) return boolean { // Local variables // Local variables var octetstring v_secPayload, v_signature; var octetstring v_secPayload, v_signature; var Oct32 v_hash; var Oct32 v_hash; var template (value) ToBeSignedData v_toBeSignedData; var template (value) ToBeSignedSecuredMessage v_ToBeSignedSecuredMessage; // Create SecuredMessage payload to be signed // Create SecuredMessage payload to be signed v_toBeSignedData := m_toBeSignedData_profileOther( v_ToBeSignedSecuredMessage := m_ToBeSignedSecuredMessage_profileOther( { // Field HeaderFields { // Field HeaderFields m_header_field_signer_info( m_header_field_signer_info( m_signerInfo_certificate( m_signerInfo_certificate( Loading @@ -218,7 +222,7 @@ module LibItsSecurity_Functions { e_signature e_signature ); ); v_secPayload := bit2oct(encvalue(v_toBeSignedData)); v_secPayload := bit2oct(encvalue(v_ToBeSignedSecuredMessage)); // Calculate the hash of the SecuredMessage payload to be signed // Calculate the hash of the SecuredMessage payload to be signed v_hash := f_hashWithSha256(v_secPayload); v_hash := f_hashWithSha256(v_secPayload); Loading @@ -229,8 +233,8 @@ module LibItsSecurity_Functions { ); ); p_securedMessage := m_securedMessage_profileOther( // See Clause 7.3 Generic security profile for other signed messages p_securedMessage := m_securedMessage_profileOther( // See Clause 7.3 Generic security profile for other signed messages v_toBeSignedData.header_fields, v_ToBeSignedSecuredMessage.header_fields, v_toBeSignedData.payload_fields, v_ToBeSignedSecuredMessage.payload_fields, { { m_trailer_field_signature( m_trailer_field_signature( m_signature( m_signature( Loading @@ -250,25 +254,27 @@ module LibItsSecurity_Functions { /** /** * @desc This function build and sign the SecureMessage part covered by the signature process * @desc This function build and sign the SecureMessage part covered by the signature process * @param p_securedMessage The signed SecureMessage part * @param p_unsecuredPayload The unsigned payload (e.g. a beacon) * @param p_unsecuredPayload The unsigned payload (e.g. a beacon) * @param p_threeDLocation The ThreeDLocation value * @param p_threeDLocation The ThreeDLocation value * @param p_securedMessage The signed SecureMessage part * @param p_headerFileds Additional HeaderFields * @return true on success, false otherwise * @return true on success, false otherwise * @verdict Unchanged * @verdict Unchanged */ */ function f_buildGnSecuredOtherMessage( function f_buildGnSecuredOtherMessage( out template (value) SecuredMessage p_securedMessage, in octetstring p_unsecuredPayload, in octetstring p_unsecuredPayload, in ThreeDLocation p_threeDLocation, in ThreeDLocation p_threeDLocation, out template (value) SecuredMessage p_securedMessage in template (omit) HeaderFields p_headerFileds := omit ) return boolean { ) return boolean { // Local variables // Local variables var octetstring v_secPayload, v_signature; var octetstring v_secPayload, v_signature; var Oct32 v_hash; var Oct32 v_hash; var template (value) ToBeSignedData v_toBeSignedData; var template (value) ToBeSignedSecuredMessage v_ToBeSignedSecuredMessage; // Create SecuredMessage payload to be signed // Create SecuredMessage payload to be signed v_toBeSignedData := m_toBeSignedData_profileOther( v_ToBeSignedSecuredMessage := m_ToBeSignedSecuredMessage_profileOther( { // Field HeaderFields { // Field HeaderFields m_header_field_signer_info( m_header_field_signer_info( m_signerInfo_certificate( m_signerInfo_certificate( Loading @@ -288,7 +294,7 @@ module LibItsSecurity_Functions { e_signature e_signature ); ); v_secPayload := bit2oct(encvalue(v_toBeSignedData)); v_secPayload := bit2oct(encvalue(v_ToBeSignedSecuredMessage)); // Calculate the hash of the SecuredMessage payload to be signed // Calculate the hash of the SecuredMessage payload to be signed v_hash := f_hashWithSha256(v_secPayload); v_hash := f_hashWithSha256(v_secPayload); Loading @@ -299,8 +305,8 @@ module LibItsSecurity_Functions { ); ); p_securedMessage := m_securedMessage_profileOther( // See Clause 7.3 Generic security profile for other signed messages p_securedMessage := m_securedMessage_profileOther( // See Clause 7.3 Generic security profile for other signed messages v_toBeSignedData.header_fields, v_ToBeSignedSecuredMessage.header_fields, v_toBeSignedData.payload_fields, v_ToBeSignedSecuredMessage.payload_fields, { { m_trailer_field_signature( m_trailer_field_signature( m_signature( m_signature( Loading @@ -325,7 +331,7 @@ module LibItsSecurity_Functions { * @return true on success, false otherwise * @return true on success, false otherwise * @verdict * @verdict */ */ function f_verifyGnSecuredOtherMessage( function f_verifyGnSecuredOtherMessage( // TODO For debug purpose only, to be removed in template (value) SecuredMessage p_securedMessage in template (value) SecuredMessage p_securedMessage ) return boolean { ) return boolean { Loading @@ -335,16 +341,16 @@ module LibItsSecurity_Functions { var Oct32 v_hash; var Oct32 v_hash; var integer v_counter; var integer v_counter; var boolean v_result := false; var boolean v_result := false; var template (value) ToBeSignedData v_toBeSignedData; var template (value) ToBeSignedSecuredMessage v_ToBeSignedSecuredMessage; // Create SecuredMessage payload to be signed // Create SecuredMessage payload to be signed v_toBeSignedData := m_toBeSignedData_profileOther( v_ToBeSignedSecuredMessage := m_ToBeSignedSecuredMessage_profileOther( p_securedMessage.header_fields, p_securedMessage.header_fields, p_securedMessage.payload_fields, p_securedMessage.payload_fields, e_signature e_signature ); ); v_secPayload := bit2oct(encvalue(v_toBeSignedData)); v_secPayload := bit2oct(encvalue(v_ToBeSignedSecuredMessage)); // Calculate the hash of the SecuredMessage payload to be signed // Calculate the hash of the SecuredMessage payload to be signed v_hash := fx_hashWithSha256(v_secPayload); v_hash := fx_hashWithSha256(v_secPayload); Loading Loading @@ -375,6 +381,21 @@ module LibItsSecurity_Functions { group deviceSignatureHelpers { group deviceSignatureHelpers { /** * @desc Verify the signature of the provided secured message * @param p_aaCertifcate Certificate Authority certificate * @param p_atCertificate Authorization Ticket certificate * @return true on success, false otherwise * @verdict */ function f_verifyCertificateSignature( in template (value) Certificate p_aaCertifcate, in template (value) Certificate p_atCertificate ) return boolean { // TODO To be implemented return false; } /** /** * @desc Verify the signature of the provided secured message * @desc Verify the signature of the provided secured message * @param p_securedMessage * @param p_securedMessage Loading @@ -392,16 +413,16 @@ module LibItsSecurity_Functions { var Oct32 v_hash; var Oct32 v_hash; var integer v_counter; var integer v_counter; var boolean v_result := false; var boolean v_result := false; var template (value) ToBeSignedData v_toBeSignedData; var template (value) ToBeSignedSecuredMessage v_ToBeSignedSecuredMessage; // Create SecuredMessage payload to be signed // Create SecuredMessage payload to be signed v_toBeSignedData := m_toBeSignedData_profileOther( v_ToBeSignedSecuredMessage := m_ToBeSignedSecuredMessage_profileOther( p_securedMessage.header_fields, p_securedMessage.header_fields, p_securedMessage.payload_fields, p_securedMessage.payload_fields, e_signature e_signature ); ); v_secPayload := bit2oct(encvalue(v_toBeSignedData)); v_secPayload := bit2oct(encvalue(v_ToBeSignedSecuredMessage)); // Calculate the hash of the SecuredMessage payload to be signed // Calculate the hash of the SecuredMessage payload to be signed v_hash := fx_hashWithSha256(v_secPayload); v_hash := fx_hashWithSha256(v_secPayload); Loading Loading @@ -524,11 +545,11 @@ module LibItsSecurity_Functions { /** /** * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signaturee * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signaturee * @param p_toBeSignedData The data to be signed * @param p_ToBeSignedSecuredMessage The data to be signed * @param p_privateKey The private key * @param p_privateKey The private key * @return The signature value * @return The signature value */ */ external function fx_signWithEcdsaNistp256WithSha256(in octetstring p_toBeSignedData, in octetstring/*UInt64*/ p_privateKey) return octetstring; external function fx_signWithEcdsaNistp256WithSha256(in octetstring p_ToBeSignedSecuredMessage, in octetstring/*UInt64*/ p_privateKey) return octetstring; /** /** * @desc Verify the signature of the specified data * @desc Verify the signature of the specified data Loading Loading
ttcn/Security/LibItsSecurity_Functions.ttcn3 +58 −37 Original line number Original line Diff line number Diff line Loading @@ -31,12 +31,12 @@ module LibItsSecurity_Functions { /** /** * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signaturee * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signaturee * @param p_toBeSignedData The data to be signed * @param p_ToBeSignedSecuredMessage The data to be signed * @return The signature value * @return The signature value */ */ function f_signWithEcdsaNistp256WithSha256(in Oct32 p_toBeSignedData) return octetstring { function f_signWithEcdsaNistp256WithSha256(in Oct32 p_ToBeSignedSecuredMessage) return octetstring { return fx_signWithEcdsaNistp256WithSha256( return fx_signWithEcdsaNistp256WithSha256( p_toBeSignedData, p_ToBeSignedSecuredMessage, PX_PRIVATE_SIGNING_KEYS[PX_CERTIFICATE_CONFIG_IDX] PX_PRIVATE_SIGNING_KEYS[PX_CERTIFICATE_CONFIG_IDX] ); ); Loading Loading @@ -78,12 +78,12 @@ module LibItsSecurity_Functions { * @desc Build a template of a secured beacon to be used for the Test Adapter secured beaconing processing * @desc Build a template of a secured beacon to be used for the Test Adapter secured beaconing processing */ */ function f_buildSecuredMessagePayloadToBeSigned() function f_buildSecuredMessagePayloadToBeSigned() return ToBeSignedData { return ToBeSignedSecuredMessage { // Local variables // Local variables var template (value) ToBeSignedData v_toBeSignedData; var template (value) ToBeSignedSecuredMessage v_ToBeSignedSecuredMessage; // Build the beacon template // Build the beacon template v_toBeSignedData := m_toBeSignedData_profileOther( v_ToBeSignedSecuredMessage := m_ToBeSignedSecuredMessage_profileOther( { // Field HeaderFields { // Field HeaderFields m_header_field_signer_info( m_header_field_signer_info( m_signerInfo_certificate( m_signerInfo_certificate( Loading @@ -103,30 +103,32 @@ module LibItsSecurity_Functions { e_signature e_signature ); ); return v_toBeSignedData; return v_ToBeSignedSecuredMessage; } } /** /** * @desc This function build and sign the SecureMessage part covered by the signature process * @desc This function build and sign the SecureMessage part covered by the signature process * @param p_securedMessage The signed SecureMessage part * @param p_unsecuredPayload The unsigned payload (e.g. a beacon) * @param p_unsecuredPayload The unsigned payload (e.g. a beacon) * @param p_threeDLocation The ThreeDLocation value * @param p_threeDLocation The ThreeDLocation value * @param p_securedMessage The signed SecureMessage part * @param p_headerFileds Additional HeaderFields * @return true on success, false otherwise * @return true on success, false otherwise * @verdict Unchanged * @verdict Unchanged */ */ function f_buildGnSecuredCam( function f_buildGnSecuredCam( out template (value) SecuredMessage p_securedMessage, in octetstring p_unsecuredPayload, in octetstring p_unsecuredPayload, in ThreeDLocation p_threeDLocation, in ThreeDLocation p_threeDLocation, out template (value) SecuredMessage p_securedMessage in template (omit) HeaderFields p_headerFileds := omit ) return boolean { ) return boolean { // Local variables // Local variables var octetstring v_secPayload, v_signature; var octetstring v_secPayload, v_signature; var Oct32 v_hash; var Oct32 v_hash; var template (value) ToBeSignedData v_toBeSignedData; var template (value) ToBeSignedSecuredMessage v_ToBeSignedSecuredMessage; // Create SecuredMessage payload to be signed // Create SecuredMessage payload to be signed v_toBeSignedData := m_toBeSignedData_profileOther( v_ToBeSignedSecuredMessage := m_ToBeSignedSecuredMessage_profileOther( { // Field HeaderFields { // Field HeaderFields m_header_field_signer_info( m_header_field_signer_info( m_signerInfo_certificate( m_signerInfo_certificate( Loading @@ -147,7 +149,7 @@ module LibItsSecurity_Functions { e_signature e_signature ); ); v_secPayload := bit2oct(encvalue(v_toBeSignedData)); v_secPayload := bit2oct(encvalue(v_ToBeSignedSecuredMessage)); // Calculate the hash of the SecuredMessage payload to be signed // Calculate the hash of the SecuredMessage payload to be signed v_hash := f_hashWithSha256(v_secPayload); v_hash := f_hashWithSha256(v_secPayload); Loading @@ -158,8 +160,8 @@ module LibItsSecurity_Functions { ); ); p_securedMessage := m_securedMessage_profileOther( // See Clause 7.3 Generic security profile for other signed messages p_securedMessage := m_securedMessage_profileOther( // See Clause 7.3 Generic security profile for other signed messages v_toBeSignedData.header_fields, v_ToBeSignedSecuredMessage.header_fields, v_toBeSignedData.payload_fields, v_ToBeSignedSecuredMessage.payload_fields, { { m_trailer_field_signature( m_trailer_field_signature( m_signature( m_signature( Loading @@ -179,25 +181,27 @@ module LibItsSecurity_Functions { /** /** * @desc This function build and sign the SecureMessage part covered by the signature process * @desc This function build and sign the SecureMessage part covered by the signature process * @param p_securedMessage The signed SecureMessage part * @param p_unsecuredPayload The unsigned payload (e.g. a beacon) * @param p_unsecuredPayload The unsigned payload (e.g. a beacon) * @param p_threeDLocation The ThreeDLocation value * @param p_threeDLocation The ThreeDLocation value * @param p_securedMessage The signed SecureMessage part * @param p_headerFileds Additional HeaderFields * @return true on success, false otherwise * @return true on success, false otherwise * @verdict Unchanged * @verdict Unchanged */ */ function f_buildGnSecuredDenm( function f_buildGnSecuredDenm( out template (value) SecuredMessage p_securedMessage, in octetstring p_unsecuredPayload, in octetstring p_unsecuredPayload, in ThreeDLocation p_threeDLocation, in ThreeDLocation p_threeDLocation, out template (value) SecuredMessage p_securedMessage in template (omit) HeaderFields p_headerFileds := omit ) return boolean { ) return boolean { // Local variables // Local variables var octetstring v_secPayload, v_signature; var octetstring v_secPayload, v_signature; var Oct32 v_hash; var Oct32 v_hash; var template (value) ToBeSignedData v_toBeSignedData; var template (value) ToBeSignedSecuredMessage v_ToBeSignedSecuredMessage; // Create SecuredMessage payload to be signed // Create SecuredMessage payload to be signed v_toBeSignedData := m_toBeSignedData_profileOther( v_ToBeSignedSecuredMessage := m_ToBeSignedSecuredMessage_profileOther( { // Field HeaderFields { // Field HeaderFields m_header_field_signer_info( m_header_field_signer_info( m_signerInfo_certificate( m_signerInfo_certificate( Loading @@ -218,7 +222,7 @@ module LibItsSecurity_Functions { e_signature e_signature ); ); v_secPayload := bit2oct(encvalue(v_toBeSignedData)); v_secPayload := bit2oct(encvalue(v_ToBeSignedSecuredMessage)); // Calculate the hash of the SecuredMessage payload to be signed // Calculate the hash of the SecuredMessage payload to be signed v_hash := f_hashWithSha256(v_secPayload); v_hash := f_hashWithSha256(v_secPayload); Loading @@ -229,8 +233,8 @@ module LibItsSecurity_Functions { ); ); p_securedMessage := m_securedMessage_profileOther( // See Clause 7.3 Generic security profile for other signed messages p_securedMessage := m_securedMessage_profileOther( // See Clause 7.3 Generic security profile for other signed messages v_toBeSignedData.header_fields, v_ToBeSignedSecuredMessage.header_fields, v_toBeSignedData.payload_fields, v_ToBeSignedSecuredMessage.payload_fields, { { m_trailer_field_signature( m_trailer_field_signature( m_signature( m_signature( Loading @@ -250,25 +254,27 @@ module LibItsSecurity_Functions { /** /** * @desc This function build and sign the SecureMessage part covered by the signature process * @desc This function build and sign the SecureMessage part covered by the signature process * @param p_securedMessage The signed SecureMessage part * @param p_unsecuredPayload The unsigned payload (e.g. a beacon) * @param p_unsecuredPayload The unsigned payload (e.g. a beacon) * @param p_threeDLocation The ThreeDLocation value * @param p_threeDLocation The ThreeDLocation value * @param p_securedMessage The signed SecureMessage part * @param p_headerFileds Additional HeaderFields * @return true on success, false otherwise * @return true on success, false otherwise * @verdict Unchanged * @verdict Unchanged */ */ function f_buildGnSecuredOtherMessage( function f_buildGnSecuredOtherMessage( out template (value) SecuredMessage p_securedMessage, in octetstring p_unsecuredPayload, in octetstring p_unsecuredPayload, in ThreeDLocation p_threeDLocation, in ThreeDLocation p_threeDLocation, out template (value) SecuredMessage p_securedMessage in template (omit) HeaderFields p_headerFileds := omit ) return boolean { ) return boolean { // Local variables // Local variables var octetstring v_secPayload, v_signature; var octetstring v_secPayload, v_signature; var Oct32 v_hash; var Oct32 v_hash; var template (value) ToBeSignedData v_toBeSignedData; var template (value) ToBeSignedSecuredMessage v_ToBeSignedSecuredMessage; // Create SecuredMessage payload to be signed // Create SecuredMessage payload to be signed v_toBeSignedData := m_toBeSignedData_profileOther( v_ToBeSignedSecuredMessage := m_ToBeSignedSecuredMessage_profileOther( { // Field HeaderFields { // Field HeaderFields m_header_field_signer_info( m_header_field_signer_info( m_signerInfo_certificate( m_signerInfo_certificate( Loading @@ -288,7 +294,7 @@ module LibItsSecurity_Functions { e_signature e_signature ); ); v_secPayload := bit2oct(encvalue(v_toBeSignedData)); v_secPayload := bit2oct(encvalue(v_ToBeSignedSecuredMessage)); // Calculate the hash of the SecuredMessage payload to be signed // Calculate the hash of the SecuredMessage payload to be signed v_hash := f_hashWithSha256(v_secPayload); v_hash := f_hashWithSha256(v_secPayload); Loading @@ -299,8 +305,8 @@ module LibItsSecurity_Functions { ); ); p_securedMessage := m_securedMessage_profileOther( // See Clause 7.3 Generic security profile for other signed messages p_securedMessage := m_securedMessage_profileOther( // See Clause 7.3 Generic security profile for other signed messages v_toBeSignedData.header_fields, v_ToBeSignedSecuredMessage.header_fields, v_toBeSignedData.payload_fields, v_ToBeSignedSecuredMessage.payload_fields, { { m_trailer_field_signature( m_trailer_field_signature( m_signature( m_signature( Loading @@ -325,7 +331,7 @@ module LibItsSecurity_Functions { * @return true on success, false otherwise * @return true on success, false otherwise * @verdict * @verdict */ */ function f_verifyGnSecuredOtherMessage( function f_verifyGnSecuredOtherMessage( // TODO For debug purpose only, to be removed in template (value) SecuredMessage p_securedMessage in template (value) SecuredMessage p_securedMessage ) return boolean { ) return boolean { Loading @@ -335,16 +341,16 @@ module LibItsSecurity_Functions { var Oct32 v_hash; var Oct32 v_hash; var integer v_counter; var integer v_counter; var boolean v_result := false; var boolean v_result := false; var template (value) ToBeSignedData v_toBeSignedData; var template (value) ToBeSignedSecuredMessage v_ToBeSignedSecuredMessage; // Create SecuredMessage payload to be signed // Create SecuredMessage payload to be signed v_toBeSignedData := m_toBeSignedData_profileOther( v_ToBeSignedSecuredMessage := m_ToBeSignedSecuredMessage_profileOther( p_securedMessage.header_fields, p_securedMessage.header_fields, p_securedMessage.payload_fields, p_securedMessage.payload_fields, e_signature e_signature ); ); v_secPayload := bit2oct(encvalue(v_toBeSignedData)); v_secPayload := bit2oct(encvalue(v_ToBeSignedSecuredMessage)); // Calculate the hash of the SecuredMessage payload to be signed // Calculate the hash of the SecuredMessage payload to be signed v_hash := fx_hashWithSha256(v_secPayload); v_hash := fx_hashWithSha256(v_secPayload); Loading Loading @@ -375,6 +381,21 @@ module LibItsSecurity_Functions { group deviceSignatureHelpers { group deviceSignatureHelpers { /** * @desc Verify the signature of the provided secured message * @param p_aaCertifcate Certificate Authority certificate * @param p_atCertificate Authorization Ticket certificate * @return true on success, false otherwise * @verdict */ function f_verifyCertificateSignature( in template (value) Certificate p_aaCertifcate, in template (value) Certificate p_atCertificate ) return boolean { // TODO To be implemented return false; } /** /** * @desc Verify the signature of the provided secured message * @desc Verify the signature of the provided secured message * @param p_securedMessage * @param p_securedMessage Loading @@ -392,16 +413,16 @@ module LibItsSecurity_Functions { var Oct32 v_hash; var Oct32 v_hash; var integer v_counter; var integer v_counter; var boolean v_result := false; var boolean v_result := false; var template (value) ToBeSignedData v_toBeSignedData; var template (value) ToBeSignedSecuredMessage v_ToBeSignedSecuredMessage; // Create SecuredMessage payload to be signed // Create SecuredMessage payload to be signed v_toBeSignedData := m_toBeSignedData_profileOther( v_ToBeSignedSecuredMessage := m_ToBeSignedSecuredMessage_profileOther( p_securedMessage.header_fields, p_securedMessage.header_fields, p_securedMessage.payload_fields, p_securedMessage.payload_fields, e_signature e_signature ); ); v_secPayload := bit2oct(encvalue(v_toBeSignedData)); v_secPayload := bit2oct(encvalue(v_ToBeSignedSecuredMessage)); // Calculate the hash of the SecuredMessage payload to be signed // Calculate the hash of the SecuredMessage payload to be signed v_hash := fx_hashWithSha256(v_secPayload); v_hash := fx_hashWithSha256(v_secPayload); Loading Loading @@ -524,11 +545,11 @@ module LibItsSecurity_Functions { /** /** * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signaturee * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signaturee * @param p_toBeSignedData The data to be signed * @param p_ToBeSignedSecuredMessage The data to be signed * @param p_privateKey The private key * @param p_privateKey The private key * @return The signature value * @return The signature value */ */ external function fx_signWithEcdsaNistp256WithSha256(in octetstring p_toBeSignedData, in octetstring/*UInt64*/ p_privateKey) return octetstring; external function fx_signWithEcdsaNistp256WithSha256(in octetstring p_ToBeSignedSecuredMessage, in octetstring/*UInt64*/ p_privateKey) return octetstring; /** /** * @desc Verify the signature of the specified data * @desc Verify the signature of the specified data Loading
