Loading ttcn/Pki/LibItsPki_Functions.ttcn +7 −81 Original line number Original line Diff line number Diff line Loading @@ -61,27 +61,6 @@ module LibItsPki_Functions { group pkiConfigurationFunctions { group pkiConfigurationFunctions { /** * @desc Setups default configuration * @param p_certificateId The certificate identifier the TA shall use in case of secured IUT */ function f_cfUp( in charstring p_certificateId := "CERT_TS_A_EA", // TODO Use a constant in charstring p_peerCertificateId := "CERT_IUT_A_EA" ) runs on ItsPki /* TITAN TODO: system ItsPkiSystem */ { map(self:pkiPort, system:pkiPort); map(self:acPort, system:acPort); f_connect4SelfOrClientSync(); f_initialiseSecuredMode(p_certificateId, p_peerCertificateId); f_readCertificate(p_certificateId, vc_eaCertificate); f_getCertificateDigest(p_certificateId, vc_eaHashedId8); activate(a_default_pki()); } // End of function f_cfUp /** /** * @desc Setups default configuration * @desc Setups default configuration * @param p_certificateId The certificate identifier the TA shall use in case of secured IUT * @param p_certificateId The certificate identifier the TA shall use in case of secured IUT Loading Loading @@ -115,27 +94,15 @@ module LibItsPki_Functions { in charstring p_certificateId := "CERT_TS_A_EA" // TODO Use a constant in charstring p_certificateId := "CERT_TS_A_EA" // TODO Use a constant ) runs on ItsPkiItss /* TITAN TODO: system ItsPkiItssSystem */ { ) runs on ItsPkiItss /* TITAN TODO: system ItsPkiItssSystem */ { f_cfUp(); map(self:geoNetworkingPort, system:geoNetworkingPort); map(self:geoNetworkingPort, system:geoNetworkingPort); map(self:utPort, system:utPort); map(self:utPort, system:utPort); map(self:acPort, system:acPort); //map(self:acPort, system:acPort); f_initializeState(); f_initializeState(); activate(a_default_pki()); // activate(a_default_pki()); TOTO Defualt from geoNet } // End of function f_cfUp_itss } // End of function f_cfUp_itss /** * @desc Deletes default configuration */ function f_cfDown() runs on ItsPki /* TITAN TODO: system ItsPkiSystem */ { unmap(self:pkiPort, system:pkiPort); unmap(self:acPort, system:acPort); f_disconnect4SelfOrClientSync(); f_uninitialiseSecuredMode(); } // End of function f_cfDown /** /** * @desc Deletes default configuration * @desc Deletes default configuration */ */ Loading @@ -151,9 +118,8 @@ module LibItsPki_Functions { function f_cfDown_itss() runs on ItsPkiItss /* TITAN TODO: system ItsPkiItssSystem */ { function f_cfDown_itss() runs on ItsPkiItss /* TITAN TODO: system ItsPkiItssSystem */ { unmap(self:geoNetworkingPort, system:geoNetworkingPort); unmap(self:geoNetworkingPort, system:geoNetworkingPort); unmap(self:utPort, system:utPort); unmap(self:utPort, system:utPort); unmap(self:acPort, system:acPort); //unmap(self:acPort, system:acPort); f_cfDown(); } // End of function f_cfDown } // End of function f_cfDown /** /** Loading Loading @@ -192,40 +158,10 @@ module LibItsPki_Functions { } // End of pkiConfigurationFunctions } // End of pkiConfigurationFunctions group ac_port { function f_sendAcPkiPrimitive( in charstring p_certificate, in octetstring p_private_key, in octetstring p_publicKeyCompressed, in integer p_compressedMode ) runs on ItsPki { var AcSetSecurityData v_ac_set_security_data; v_ac_set_security_data := { p_certificate, PICS_IUT_CERTIFICATE_ID, p_private_key, p_publicKeyCompressed, p_compressedMode }; acPort.send(AcPkiPrimitive: { acSetSecurityData := v_ac_set_security_data }); tc_ac.start; alt { [] acPort.receive(AcPkiResponse: { result := true }) { tc_ac.stop; } [] acPort.receive(AcPkiResponse: { result := false }) { tc_ac.stop; log("*** f_sendAcPkiPrimitive: ERROR: Received unexpected message ***"); f_selfOrClientSyncAndVerdict("error", e_error); } [] tc_ac.timeout { log("*** f_sendAcPkiPrimitive: ERROR: Timeout while waiting for adapter control event result ***"); f_selfOrClientSyncAndVerdict("error", e_timeout); } } // End of 'alt' statement } // End of function f_sendAcPkiPrimitive } // End of group ac_port group ut_port { group ut_port { function f_utInitializeIut(template (value) UtPkiInitialize p_init) runs on ItsPkiItss { function f_utInitializeIut(template (value) UtPkiInitialize p_init) runs on ItsPkiItss { timer tc_wait := PX_TAC; utPort.send(p_init); utPort.send(p_init); tc_wait.start; tc_wait.start; Loading Loading @@ -298,8 +234,6 @@ module LibItsPki_Functions { out Ieee1609Dot2Data p_ieee1609dot2_signed_and_encrypted_data, out Ieee1609Dot2Data p_ieee1609dot2_signed_and_encrypted_data, out Oct32 p_hash_inner_ec_request_signed_for_pop out Oct32 p_hash_inner_ec_request_signed_for_pop ) runs on ItsPkiHttp { ) runs on ItsPkiHttp { var octetstring v_publicKeyX; var octetstring v_publicKeyY var InnerEcRequest v_inner_ec_request; var InnerEcRequest v_inner_ec_request; var Ieee1609Dot2Data v_inner_ec_request_signed_for_pop; var Ieee1609Dot2Data v_inner_ec_request_signed_for_pop; var bitstring v_inner_ec_request_signed_for_pop_msg; var bitstring v_inner_ec_request_signed_for_pop_msg; Loading Loading @@ -746,7 +680,7 @@ module LibItsPki_Functions { v_message_to_tag := v_message_to_tag & '03'O & p_publicEncKeyCompressed; v_message_to_tag := v_message_to_tag & '03'O & p_publicEncKeyCompressed; } } log("v_message_to_tag=", v_message_to_tag); log("v_message_to_tag=", v_message_to_tag); v_key_tag := fx_test_hmac_sha256(v_hmac_key, v_message_to_tag); // TODO Rename and use a wrapper function v_key_tag := fx_hmac_sha256(v_hmac_key, v_message_to_tag); // TODO Rename and use a wrapper function log("v_key_tag=", v_key_tag); log("v_key_tag=", v_key_tag); // Build the SharedAtRequest // Build the SharedAtRequest Loading Loading @@ -1118,7 +1052,7 @@ module LibItsPki_Functions { // TODO Check p_ieee1609dot2_encrypted_and_signed_data.content.encryptedData.recipients[0].pskRecipInfo. See IEEE Std 1609.2-2017 Clause 6.3.34 PreSharedKeyRecipientInfo // TODO Check p_ieee1609dot2_encrypted_and_signed_data.content.encryptedData.recipients[0].pskRecipInfo. See IEEE Std 1609.2-2017 Clause 6.3.34 PreSharedKeyRecipientInfo // 1. Decrypt the data // 1. Decrypt the data v_plain_message := fx_test_decrypt_aes_128_ccm_test(p_aes_sym_key, p_ieee1609dot2_encrypted_and_signed_data.content.encryptedData.ciphertext.aes128ccm.nonce, p_ieee1609dot2_encrypted_and_signed_data.content.encryptedData.ciphertext.aes128ccm.ccmCiphertext); v_plain_message := fx_decrypt_aes_128_ccm_test(p_aes_sym_key, p_ieee1609dot2_encrypted_and_signed_data.content.encryptedData.ciphertext.aes128ccm.nonce, p_ieee1609dot2_encrypted_and_signed_data.content.encryptedData.ciphertext.aes128ccm.ccmCiphertext); if (isbound(v_plain_message) == false) { if (isbound(v_plain_message) == false) { return false; return false; } } Loading Loading @@ -1284,14 +1218,6 @@ module LibItsPki_Functions { group altstes { group altstes { altstep a_default_pki() runs on ItsPki { [] pkiPort.receive { tc_ac.stop; log("*** a_default: ERROR: Unexpected PKI message received ***"); f_selfOrClientSyncAndVerdict("error", e_error); } } altstep a_default_pki_http() runs on ItsPkiHttp { altstep a_default_pki_http() runs on ItsPkiHttp { [] httpPort.receive( [] httpPort.receive( mw_http_response( mw_http_response( Loading ttcn/Pki/LibItsPki_TestSystem.ttcn +24 −49 Original line number Original line Diff line number Diff line Loading @@ -43,14 +43,6 @@ module LibItsPki_TestSystem { group portDefinitions { group portDefinitions { /** * @desc Adapter control port */ type port AdapterControlPkiPort message { out AcPkiPrimitive; in AcPkiResponse; } // End of AdapterControlPort /** /** * @desc Upper Tester port * @desc Upper Tester port */ */ Loading @@ -61,39 +53,17 @@ module LibItsPki_TestSystem { } // End of group portDefinitions } // End of group portDefinitions group interfacePorts { type port PkiPort message { inout InnerEcRequest, InnerEcResponse, AuthorizationValidationRequest, AuthorizationValidationResponse; } // End of PkiPort } // End of group interfacePorts group componentDefinitions { group componentDefinitions { type component ItsPkiSystem { /** port AdapterControlPkiPort acPort; * @desc System component port PkiPort pkiPort; */ } // End of component ItsPkiSystem type component ItsPkiHttpSystem extends HttpTestAdapter{ type component ItsPkiHttpSystem extends HttpTestAdapter{ } // End of component ItsPkiHttpSystem } // End of component ItsPkiHttpSystem type component ItsPkiItssSystem extends ItsPkiSystem { /** port UpperTesterPkiPort utPort; * @desc Test component for PKI entities execpt ITS-S port GeoNetworkingPort geoNetworkingPort; */ } // End of component ItsPkiItssSystem } // End of group componentDefinitions type component ItsPki extends ItsSecurityBaseComponent, ItsBaseMtc { port AdapterControlPkiPort acPort; port PkiPort pkiPort; var Certificate vc_eaCertificate; /** Test Adapter EA certificate */ var HashedId8 vc_eaHashedId8; /** Test Adapter EA HashedId8 for decryption of IUT's response */ } // End of component ItsPki type component ItsPkiHttp extends ItsSecurityBaseComponent, HttpComponent { type component ItsPkiHttp extends ItsSecurityBaseComponent, HttpComponent { var Certificate vc_eaCertificate; /** Test Adapter EA certificate */ var Certificate vc_eaCertificate; /** Test Adapter EA certificate */ var octetstring vc_eaPrivateKey; /** Test Adapter EA private key for signature */ var octetstring vc_eaPrivateKey; /** Test Adapter EA private key for signature */ Loading @@ -107,9 +77,14 @@ module LibItsPki_TestSystem { var octetstring vc_eaPeerWholeHash; /** IUT EA whole-hash for signature check */ var octetstring vc_eaPeerWholeHash; /** IUT EA whole-hash for signature check */ } // End of component ItsPki } // End of component ItsPki type component ItsPkiItss extends ItsPki { /** * @desc Test component for ITS-S entity */ type component ItsPkiItss extends ItsPkiHttp { port UpperTesterPkiPort utPort; port UpperTesterPkiPort utPort; port GeoNetworkingPort geoNetworkingPort; port GeoNetworkingPort geoNetworkingPort; } // End of component ItsPkiItss } // End of component ItsPkiItss } // End of group componentDefinitions } // End of module LibItsPki_TestSystem } // End of module LibItsPki_TestSystem ttcn/Security/LibItsSecurity_Functions.ttcn +25 −14 Original line number Original line Diff line number Diff line Loading @@ -56,7 +56,7 @@ module LibItsSecurity_Functions { } // End of function f_hashWithSha256 } // End of function f_hashWithSha256 /** /** * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature based on standard IEEE 1609.2 * @param p_toBeSignedSecuredMessage The data to be signed * @param p_toBeSignedSecuredMessage The data to be signed * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate * @param p_privateKey The private key for signature * @param p_privateKey The private key for signature Loading @@ -76,7 +76,7 @@ module LibItsSecurity_Functions { } // End of function f_signWithEcdsaNistp256WithSha256 } // End of function f_signWithEcdsaNistp256WithSha256 /** /** * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature based on standard IEEE 1609.2 * @param p_toBeSignedSecuredMessage The data to be signed * @param p_toBeSignedSecuredMessage The data to be signed * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate * @param p_privateKey The private key for signature * @param p_privateKey The private key for signature Loading @@ -96,7 +96,7 @@ module LibItsSecurity_Functions { } // End of function f_signWithEcdsaBrainpoolp256WithSha256 } // End of function f_signWithEcdsaBrainpoolp256WithSha256 /** /** * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature based on standard IEEE 1609.2 * @param p_toBeSignedSecuredMessage The data to be signed * @param p_toBeSignedSecuredMessage The data to be signed * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate * @param p_privateKey The private key for signature * @param p_privateKey The private key for signature Loading Loading @@ -2315,24 +2315,33 @@ module LibItsSecurity_Functions { */ */ external function fx_hashWithSha384(in octetstring p_toBeHashedData) return Oct48; external function fx_hashWithSha384(in octetstring p_toBeHashedData) return Oct48; external function fx_test_hmac_sha256(in octetstring p_k, in octetstring p_m) return octetstring; external function fx_hmac_sha256(in octetstring p_k, in octetstring p_m) return octetstring; /** /** * @desc Test function the validate AES128 CCM encryption based on IEEE Std 1609.2-20XX Annex D.6.1 AES-CCM-128 * @desc This function validates AES128 CCM encryption based on IEEE Std 1609.2-20XX Annex D.6.1 AES-CCM-128 * @return The encrypted test * @param[in] The symmetric AES 128 encryption key * @param[in] The initial vector (aka nonce) * @param[in] The raw payload * @return The encrypted payload */ */ external function fx_test_encrypt_aes_128_ccm_test(in octetstring p_k, in octetstring p_n, in octetstring p_pt) return octetstring; external function fx_encrypt_aes_128_ccm_test(in octetstring p_k, in octetstring p_n, in octetstring p_pt) return octetstring; /** /** * @desc Test function the validate AES128 CCM decryption based on IEEE Std 1609.2-20XX Annex D.6.1 AES-CCM-128 * @desc TThis function validates AES128 CCM encryption based on AES-GCM-256 * @return The decrypted test * @param[in] The symmetric AES 128 encryption key * @param[in] The initial vector (aka nonce) * @param[in] The raw payload * @return The encrypted payload */ */ external function fx_test_decrypt_aes_128_ccm_test(in octetstring p_k, in octetstring p_n, in octetstring p_pt) return octetstring; external function fx_encrypt_aes_128_gcm_test(in octetstring p_k, in octetstring p_n, in octetstring p_pt) return octetstring; /** /** * @desc Test function the validate AES128 CCM encryption based on AES-GCM-256 * @desc This function validates AES128 CCM decryption based on IEEE Std 1609.2-20XX Annex D.6.1 AES-CCM-128 * @return The decrypted test * @param[in] The symmetric AES 128 encryption key * @param[in] The initial vector (aka nonce) * @param[in] The cyphered payload * @return The raw payload */ */ external function fx_test_encrypt_aes_128_gcm_test(in octetstring p_k, in octetstring p_n, in octetstring p_pt) return octetstring; external function fx_decrypt_aes_128_ccm_test(in octetstring p_k, in octetstring p_n, in octetstring p_pt) return octetstring; /** /** * @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) encryption using Nist-P256 algorithm * @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) encryption using Nist-P256 algorithm Loading @@ -2349,6 +2358,7 @@ module LibItsSecurity_Functions { external function fx_encryptWithEciesNistp256WithSha256(in octetstring p_toBeEncryptedSecuredMessage, in Oct32 p_recipientsPublicKeyCompressed, in integer p_compressedMode, in octetstring p_salt, out Oct32 p_publicEphemeralKeyCompressed, out integer p_ephemeralKeyModeCompressed, out Oct16 p_aes_sym_key, out Oct16 p_encrypted_sym_key, out Oct16 p_authentication_vector, out Oct12 p_nonce, in boolean p_use_hardcoded_values := false) return octetstring; external function fx_encryptWithEciesNistp256WithSha256(in octetstring p_toBeEncryptedSecuredMessage, in Oct32 p_recipientsPublicKeyCompressed, in integer p_compressedMode, in octetstring p_salt, out Oct32 p_publicEphemeralKeyCompressed, out integer p_ephemeralKeyModeCompressed, out Oct16 p_aes_sym_key, out Oct16 p_encrypted_sym_key, out Oct16 p_authentication_vector, out Oct12 p_nonce, in boolean p_use_hardcoded_values := false) return octetstring; external function fx_test_encryptWithEciesNistp256WithSha256(in octetstring p_toBeEncryptedSecuredMessage, in Oct32 p_privateEphemeralKey, in Oct32 p_recipientPublicKeyX, in Oct32 p_recipientPublicKeyY, in octetstring p_salt, out Oct32 p_publicEphemeralKeyX, out Oct32 p_publicEphemeralKeyY, out Oct16 p_aes_sym_key, out Oct16 p_encrypted_sym_key, out Oct16 p_authentication_vector, out Oct12 p_nonce) return octetstring; external function fx_test_encryptWithEciesNistp256WithSha256(in octetstring p_toBeEncryptedSecuredMessage, in Oct32 p_privateEphemeralKey, in Oct32 p_recipientPublicKeyX, in Oct32 p_recipientPublicKeyY, in octetstring p_salt, out Oct32 p_publicEphemeralKeyX, out Oct32 p_publicEphemeralKeyY, out Oct16 p_aes_sym_key, out Oct16 p_encrypted_sym_key, out Oct16 p_authentication_vector, out Oct12 p_nonce) return octetstring; /** /** * @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) decryption using Nist-P256 algorithm * @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) decryption using Nist-P256 algorithm * @param p_encryptedSecuredMessage The data to be decrypted * @param p_encryptedSecuredMessage The data to be decrypted Loading Loading @@ -2395,6 +2405,7 @@ module LibItsSecurity_Functions { * @return The signature value * @return The signature value */ */ external function fx_signWithEcdsaNistp256WithSha256(in octetstring p_toBeSignedSecuredMessage, in Oct32 p_certificateIssuer, in Oct32 p_privateKey) return octetstring; external function fx_signWithEcdsaNistp256WithSha256(in octetstring p_toBeSignedSecuredMessage, in Oct32 p_certificateIssuer, in Oct32 p_privateKey) return octetstring; external function fx_test_signWithEcdsaNistp256WithSha256(in octetstring p_toBeSignedSecuredMessage, in Oct32 p_privateKey) return octetstring; external function fx_test_signWithEcdsaNistp256WithSha256(in octetstring p_toBeSignedSecuredMessage, in Oct32 p_privateKey) return octetstring; /** /** Loading Loading
ttcn/Pki/LibItsPki_Functions.ttcn +7 −81 Original line number Original line Diff line number Diff line Loading @@ -61,27 +61,6 @@ module LibItsPki_Functions { group pkiConfigurationFunctions { group pkiConfigurationFunctions { /** * @desc Setups default configuration * @param p_certificateId The certificate identifier the TA shall use in case of secured IUT */ function f_cfUp( in charstring p_certificateId := "CERT_TS_A_EA", // TODO Use a constant in charstring p_peerCertificateId := "CERT_IUT_A_EA" ) runs on ItsPki /* TITAN TODO: system ItsPkiSystem */ { map(self:pkiPort, system:pkiPort); map(self:acPort, system:acPort); f_connect4SelfOrClientSync(); f_initialiseSecuredMode(p_certificateId, p_peerCertificateId); f_readCertificate(p_certificateId, vc_eaCertificate); f_getCertificateDigest(p_certificateId, vc_eaHashedId8); activate(a_default_pki()); } // End of function f_cfUp /** /** * @desc Setups default configuration * @desc Setups default configuration * @param p_certificateId The certificate identifier the TA shall use in case of secured IUT * @param p_certificateId The certificate identifier the TA shall use in case of secured IUT Loading Loading @@ -115,27 +94,15 @@ module LibItsPki_Functions { in charstring p_certificateId := "CERT_TS_A_EA" // TODO Use a constant in charstring p_certificateId := "CERT_TS_A_EA" // TODO Use a constant ) runs on ItsPkiItss /* TITAN TODO: system ItsPkiItssSystem */ { ) runs on ItsPkiItss /* TITAN TODO: system ItsPkiItssSystem */ { f_cfUp(); map(self:geoNetworkingPort, system:geoNetworkingPort); map(self:geoNetworkingPort, system:geoNetworkingPort); map(self:utPort, system:utPort); map(self:utPort, system:utPort); map(self:acPort, system:acPort); //map(self:acPort, system:acPort); f_initializeState(); f_initializeState(); activate(a_default_pki()); // activate(a_default_pki()); TOTO Defualt from geoNet } // End of function f_cfUp_itss } // End of function f_cfUp_itss /** * @desc Deletes default configuration */ function f_cfDown() runs on ItsPki /* TITAN TODO: system ItsPkiSystem */ { unmap(self:pkiPort, system:pkiPort); unmap(self:acPort, system:acPort); f_disconnect4SelfOrClientSync(); f_uninitialiseSecuredMode(); } // End of function f_cfDown /** /** * @desc Deletes default configuration * @desc Deletes default configuration */ */ Loading @@ -151,9 +118,8 @@ module LibItsPki_Functions { function f_cfDown_itss() runs on ItsPkiItss /* TITAN TODO: system ItsPkiItssSystem */ { function f_cfDown_itss() runs on ItsPkiItss /* TITAN TODO: system ItsPkiItssSystem */ { unmap(self:geoNetworkingPort, system:geoNetworkingPort); unmap(self:geoNetworkingPort, system:geoNetworkingPort); unmap(self:utPort, system:utPort); unmap(self:utPort, system:utPort); unmap(self:acPort, system:acPort); //unmap(self:acPort, system:acPort); f_cfDown(); } // End of function f_cfDown } // End of function f_cfDown /** /** Loading Loading @@ -192,40 +158,10 @@ module LibItsPki_Functions { } // End of pkiConfigurationFunctions } // End of pkiConfigurationFunctions group ac_port { function f_sendAcPkiPrimitive( in charstring p_certificate, in octetstring p_private_key, in octetstring p_publicKeyCompressed, in integer p_compressedMode ) runs on ItsPki { var AcSetSecurityData v_ac_set_security_data; v_ac_set_security_data := { p_certificate, PICS_IUT_CERTIFICATE_ID, p_private_key, p_publicKeyCompressed, p_compressedMode }; acPort.send(AcPkiPrimitive: { acSetSecurityData := v_ac_set_security_data }); tc_ac.start; alt { [] acPort.receive(AcPkiResponse: { result := true }) { tc_ac.stop; } [] acPort.receive(AcPkiResponse: { result := false }) { tc_ac.stop; log("*** f_sendAcPkiPrimitive: ERROR: Received unexpected message ***"); f_selfOrClientSyncAndVerdict("error", e_error); } [] tc_ac.timeout { log("*** f_sendAcPkiPrimitive: ERROR: Timeout while waiting for adapter control event result ***"); f_selfOrClientSyncAndVerdict("error", e_timeout); } } // End of 'alt' statement } // End of function f_sendAcPkiPrimitive } // End of group ac_port group ut_port { group ut_port { function f_utInitializeIut(template (value) UtPkiInitialize p_init) runs on ItsPkiItss { function f_utInitializeIut(template (value) UtPkiInitialize p_init) runs on ItsPkiItss { timer tc_wait := PX_TAC; utPort.send(p_init); utPort.send(p_init); tc_wait.start; tc_wait.start; Loading Loading @@ -298,8 +234,6 @@ module LibItsPki_Functions { out Ieee1609Dot2Data p_ieee1609dot2_signed_and_encrypted_data, out Ieee1609Dot2Data p_ieee1609dot2_signed_and_encrypted_data, out Oct32 p_hash_inner_ec_request_signed_for_pop out Oct32 p_hash_inner_ec_request_signed_for_pop ) runs on ItsPkiHttp { ) runs on ItsPkiHttp { var octetstring v_publicKeyX; var octetstring v_publicKeyY var InnerEcRequest v_inner_ec_request; var InnerEcRequest v_inner_ec_request; var Ieee1609Dot2Data v_inner_ec_request_signed_for_pop; var Ieee1609Dot2Data v_inner_ec_request_signed_for_pop; var bitstring v_inner_ec_request_signed_for_pop_msg; var bitstring v_inner_ec_request_signed_for_pop_msg; Loading Loading @@ -746,7 +680,7 @@ module LibItsPki_Functions { v_message_to_tag := v_message_to_tag & '03'O & p_publicEncKeyCompressed; v_message_to_tag := v_message_to_tag & '03'O & p_publicEncKeyCompressed; } } log("v_message_to_tag=", v_message_to_tag); log("v_message_to_tag=", v_message_to_tag); v_key_tag := fx_test_hmac_sha256(v_hmac_key, v_message_to_tag); // TODO Rename and use a wrapper function v_key_tag := fx_hmac_sha256(v_hmac_key, v_message_to_tag); // TODO Rename and use a wrapper function log("v_key_tag=", v_key_tag); log("v_key_tag=", v_key_tag); // Build the SharedAtRequest // Build the SharedAtRequest Loading Loading @@ -1118,7 +1052,7 @@ module LibItsPki_Functions { // TODO Check p_ieee1609dot2_encrypted_and_signed_data.content.encryptedData.recipients[0].pskRecipInfo. See IEEE Std 1609.2-2017 Clause 6.3.34 PreSharedKeyRecipientInfo // TODO Check p_ieee1609dot2_encrypted_and_signed_data.content.encryptedData.recipients[0].pskRecipInfo. See IEEE Std 1609.2-2017 Clause 6.3.34 PreSharedKeyRecipientInfo // 1. Decrypt the data // 1. Decrypt the data v_plain_message := fx_test_decrypt_aes_128_ccm_test(p_aes_sym_key, p_ieee1609dot2_encrypted_and_signed_data.content.encryptedData.ciphertext.aes128ccm.nonce, p_ieee1609dot2_encrypted_and_signed_data.content.encryptedData.ciphertext.aes128ccm.ccmCiphertext); v_plain_message := fx_decrypt_aes_128_ccm_test(p_aes_sym_key, p_ieee1609dot2_encrypted_and_signed_data.content.encryptedData.ciphertext.aes128ccm.nonce, p_ieee1609dot2_encrypted_and_signed_data.content.encryptedData.ciphertext.aes128ccm.ccmCiphertext); if (isbound(v_plain_message) == false) { if (isbound(v_plain_message) == false) { return false; return false; } } Loading Loading @@ -1284,14 +1218,6 @@ module LibItsPki_Functions { group altstes { group altstes { altstep a_default_pki() runs on ItsPki { [] pkiPort.receive { tc_ac.stop; log("*** a_default: ERROR: Unexpected PKI message received ***"); f_selfOrClientSyncAndVerdict("error", e_error); } } altstep a_default_pki_http() runs on ItsPkiHttp { altstep a_default_pki_http() runs on ItsPkiHttp { [] httpPort.receive( [] httpPort.receive( mw_http_response( mw_http_response( Loading
ttcn/Pki/LibItsPki_TestSystem.ttcn +24 −49 Original line number Original line Diff line number Diff line Loading @@ -43,14 +43,6 @@ module LibItsPki_TestSystem { group portDefinitions { group portDefinitions { /** * @desc Adapter control port */ type port AdapterControlPkiPort message { out AcPkiPrimitive; in AcPkiResponse; } // End of AdapterControlPort /** /** * @desc Upper Tester port * @desc Upper Tester port */ */ Loading @@ -61,39 +53,17 @@ module LibItsPki_TestSystem { } // End of group portDefinitions } // End of group portDefinitions group interfacePorts { type port PkiPort message { inout InnerEcRequest, InnerEcResponse, AuthorizationValidationRequest, AuthorizationValidationResponse; } // End of PkiPort } // End of group interfacePorts group componentDefinitions { group componentDefinitions { type component ItsPkiSystem { /** port AdapterControlPkiPort acPort; * @desc System component port PkiPort pkiPort; */ } // End of component ItsPkiSystem type component ItsPkiHttpSystem extends HttpTestAdapter{ type component ItsPkiHttpSystem extends HttpTestAdapter{ } // End of component ItsPkiHttpSystem } // End of component ItsPkiHttpSystem type component ItsPkiItssSystem extends ItsPkiSystem { /** port UpperTesterPkiPort utPort; * @desc Test component for PKI entities execpt ITS-S port GeoNetworkingPort geoNetworkingPort; */ } // End of component ItsPkiItssSystem } // End of group componentDefinitions type component ItsPki extends ItsSecurityBaseComponent, ItsBaseMtc { port AdapterControlPkiPort acPort; port PkiPort pkiPort; var Certificate vc_eaCertificate; /** Test Adapter EA certificate */ var HashedId8 vc_eaHashedId8; /** Test Adapter EA HashedId8 for decryption of IUT's response */ } // End of component ItsPki type component ItsPkiHttp extends ItsSecurityBaseComponent, HttpComponent { type component ItsPkiHttp extends ItsSecurityBaseComponent, HttpComponent { var Certificate vc_eaCertificate; /** Test Adapter EA certificate */ var Certificate vc_eaCertificate; /** Test Adapter EA certificate */ var octetstring vc_eaPrivateKey; /** Test Adapter EA private key for signature */ var octetstring vc_eaPrivateKey; /** Test Adapter EA private key for signature */ Loading @@ -107,9 +77,14 @@ module LibItsPki_TestSystem { var octetstring vc_eaPeerWholeHash; /** IUT EA whole-hash for signature check */ var octetstring vc_eaPeerWholeHash; /** IUT EA whole-hash for signature check */ } // End of component ItsPki } // End of component ItsPki type component ItsPkiItss extends ItsPki { /** * @desc Test component for ITS-S entity */ type component ItsPkiItss extends ItsPkiHttp { port UpperTesterPkiPort utPort; port UpperTesterPkiPort utPort; port GeoNetworkingPort geoNetworkingPort; port GeoNetworkingPort geoNetworkingPort; } // End of component ItsPkiItss } // End of component ItsPkiItss } // End of group componentDefinitions } // End of module LibItsPki_TestSystem } // End of module LibItsPki_TestSystem
ttcn/Security/LibItsSecurity_Functions.ttcn +25 −14 Original line number Original line Diff line number Diff line Loading @@ -56,7 +56,7 @@ module LibItsSecurity_Functions { } // End of function f_hashWithSha256 } // End of function f_hashWithSha256 /** /** * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature based on standard IEEE 1609.2 * @param p_toBeSignedSecuredMessage The data to be signed * @param p_toBeSignedSecuredMessage The data to be signed * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate * @param p_privateKey The private key for signature * @param p_privateKey The private key for signature Loading @@ -76,7 +76,7 @@ module LibItsSecurity_Functions { } // End of function f_signWithEcdsaNistp256WithSha256 } // End of function f_signWithEcdsaNistp256WithSha256 /** /** * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature based on standard IEEE 1609.2 * @param p_toBeSignedSecuredMessage The data to be signed * @param p_toBeSignedSecuredMessage The data to be signed * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate * @param p_privateKey The private key for signature * @param p_privateKey The private key for signature Loading @@ -96,7 +96,7 @@ module LibItsSecurity_Functions { } // End of function f_signWithEcdsaBrainpoolp256WithSha256 } // End of function f_signWithEcdsaBrainpoolp256WithSha256 /** /** * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature based on standard IEEE 1609.2 * @param p_toBeSignedSecuredMessage The data to be signed * @param p_toBeSignedSecuredMessage The data to be signed * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate * @param p_privateKey The private key for signature * @param p_privateKey The private key for signature Loading Loading @@ -2315,24 +2315,33 @@ module LibItsSecurity_Functions { */ */ external function fx_hashWithSha384(in octetstring p_toBeHashedData) return Oct48; external function fx_hashWithSha384(in octetstring p_toBeHashedData) return Oct48; external function fx_test_hmac_sha256(in octetstring p_k, in octetstring p_m) return octetstring; external function fx_hmac_sha256(in octetstring p_k, in octetstring p_m) return octetstring; /** /** * @desc Test function the validate AES128 CCM encryption based on IEEE Std 1609.2-20XX Annex D.6.1 AES-CCM-128 * @desc This function validates AES128 CCM encryption based on IEEE Std 1609.2-20XX Annex D.6.1 AES-CCM-128 * @return The encrypted test * @param[in] The symmetric AES 128 encryption key * @param[in] The initial vector (aka nonce) * @param[in] The raw payload * @return The encrypted payload */ */ external function fx_test_encrypt_aes_128_ccm_test(in octetstring p_k, in octetstring p_n, in octetstring p_pt) return octetstring; external function fx_encrypt_aes_128_ccm_test(in octetstring p_k, in octetstring p_n, in octetstring p_pt) return octetstring; /** /** * @desc Test function the validate AES128 CCM decryption based on IEEE Std 1609.2-20XX Annex D.6.1 AES-CCM-128 * @desc TThis function validates AES128 CCM encryption based on AES-GCM-256 * @return The decrypted test * @param[in] The symmetric AES 128 encryption key * @param[in] The initial vector (aka nonce) * @param[in] The raw payload * @return The encrypted payload */ */ external function fx_test_decrypt_aes_128_ccm_test(in octetstring p_k, in octetstring p_n, in octetstring p_pt) return octetstring; external function fx_encrypt_aes_128_gcm_test(in octetstring p_k, in octetstring p_n, in octetstring p_pt) return octetstring; /** /** * @desc Test function the validate AES128 CCM encryption based on AES-GCM-256 * @desc This function validates AES128 CCM decryption based on IEEE Std 1609.2-20XX Annex D.6.1 AES-CCM-128 * @return The decrypted test * @param[in] The symmetric AES 128 encryption key * @param[in] The initial vector (aka nonce) * @param[in] The cyphered payload * @return The raw payload */ */ external function fx_test_encrypt_aes_128_gcm_test(in octetstring p_k, in octetstring p_n, in octetstring p_pt) return octetstring; external function fx_decrypt_aes_128_ccm_test(in octetstring p_k, in octetstring p_n, in octetstring p_pt) return octetstring; /** /** * @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) encryption using Nist-P256 algorithm * @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) encryption using Nist-P256 algorithm Loading @@ -2349,6 +2358,7 @@ module LibItsSecurity_Functions { external function fx_encryptWithEciesNistp256WithSha256(in octetstring p_toBeEncryptedSecuredMessage, in Oct32 p_recipientsPublicKeyCompressed, in integer p_compressedMode, in octetstring p_salt, out Oct32 p_publicEphemeralKeyCompressed, out integer p_ephemeralKeyModeCompressed, out Oct16 p_aes_sym_key, out Oct16 p_encrypted_sym_key, out Oct16 p_authentication_vector, out Oct12 p_nonce, in boolean p_use_hardcoded_values := false) return octetstring; external function fx_encryptWithEciesNistp256WithSha256(in octetstring p_toBeEncryptedSecuredMessage, in Oct32 p_recipientsPublicKeyCompressed, in integer p_compressedMode, in octetstring p_salt, out Oct32 p_publicEphemeralKeyCompressed, out integer p_ephemeralKeyModeCompressed, out Oct16 p_aes_sym_key, out Oct16 p_encrypted_sym_key, out Oct16 p_authentication_vector, out Oct12 p_nonce, in boolean p_use_hardcoded_values := false) return octetstring; external function fx_test_encryptWithEciesNistp256WithSha256(in octetstring p_toBeEncryptedSecuredMessage, in Oct32 p_privateEphemeralKey, in Oct32 p_recipientPublicKeyX, in Oct32 p_recipientPublicKeyY, in octetstring p_salt, out Oct32 p_publicEphemeralKeyX, out Oct32 p_publicEphemeralKeyY, out Oct16 p_aes_sym_key, out Oct16 p_encrypted_sym_key, out Oct16 p_authentication_vector, out Oct12 p_nonce) return octetstring; external function fx_test_encryptWithEciesNistp256WithSha256(in octetstring p_toBeEncryptedSecuredMessage, in Oct32 p_privateEphemeralKey, in Oct32 p_recipientPublicKeyX, in Oct32 p_recipientPublicKeyY, in octetstring p_salt, out Oct32 p_publicEphemeralKeyX, out Oct32 p_publicEphemeralKeyY, out Oct16 p_aes_sym_key, out Oct16 p_encrypted_sym_key, out Oct16 p_authentication_vector, out Oct12 p_nonce) return octetstring; /** /** * @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) decryption using Nist-P256 algorithm * @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) decryption using Nist-P256 algorithm * @param p_encryptedSecuredMessage The data to be decrypted * @param p_encryptedSecuredMessage The data to be decrypted Loading Loading @@ -2395,6 +2405,7 @@ module LibItsSecurity_Functions { * @return The signature value * @return The signature value */ */ external function fx_signWithEcdsaNistp256WithSha256(in octetstring p_toBeSignedSecuredMessage, in Oct32 p_certificateIssuer, in Oct32 p_privateKey) return octetstring; external function fx_signWithEcdsaNistp256WithSha256(in octetstring p_toBeSignedSecuredMessage, in Oct32 p_certificateIssuer, in Oct32 p_privateKey) return octetstring; external function fx_test_signWithEcdsaNistp256WithSha256(in octetstring p_toBeSignedSecuredMessage, in Oct32 p_privateKey) return octetstring; external function fx_test_signWithEcdsaNistp256WithSha256(in octetstring p_toBeSignedSecuredMessage, in Oct32 p_privateKey) return octetstring; /** /** Loading
