Skip to content
GitLab
Commit b1729a03 authored by Yann Garcia's avatar Yann Garcia
Browse files

Bug fixed in AtsSecurity

parent 5be823f1
Expand all Hide whitespace changes
Inline Side-by-side
ttcn/Pki/LibItsPki_Functions.ttcn
View file @ b1729a03
This diff is collapsed.
ttcn/Security/LibItsSecurity_Functions.ttcn
View file @ b1729a03
......@@ -119,7 +119,8 @@ module LibItsSecurity_Functions {
in octetstring p_encryptPrivateKey,
in EtsiTs103097Data p_encrypedSecuredMessage,
in octetstring p_salt,
out EtsiTs103097Data p_decrypedSecuredMessage
out EtsiTs103097Data p_decrypedSecuredMessage,
out octetstring p_aes_sym_enc_key
) return boolean {
if (ischosen(p_encrypedSecuredMessage.content.encryptedData)) {
var PKRecipientInfo v_pKRecipientInfo;
......@@ -155,7 +156,8 @@ module LibItsSecurity_Functions {
v_pKRecipientInfo.encKey.eciesNistP256.c,
v_pKRecipientInfo.encKey.eciesNistP256.t,
v_ciphertext.aes128ccm.nonce,
p_salt
p_salt,
p_aes_sym_enc_key
);
} else if (ischosen(v_pKRecipientInfo.encKey.eciesNistP256.v.compressed_y_1)) {
v_decryptedSecuredMessage := f_decryptWithEciesNistp256WithSha256(
......@@ -166,7 +168,8 @@ module LibItsSecurity_Functions {
v_pKRecipientInfo.encKey.eciesNistP256.c,
v_pKRecipientInfo.encKey.eciesNistP256.t,
v_ciphertext.aes128ccm.nonce,
p_salt
p_salt,
p_aes_sym_enc_key
);
} else {
log("*** " & testcasename() & ":ERROR: Non canonical ephemeral encryption keys ***");
......@@ -190,7 +193,8 @@ module LibItsSecurity_Functions {
0,
v_pKRecipientInfo.encKey.eciesBrainpoolP256r1.c,
v_pKRecipientInfo.encKey.eciesBrainpoolP256r1.t,
v_ciphertext.aes128ccm.nonce
v_ciphertext.aes128ccm.nonce,
p_salt, p_aes_sym_enc_key
);
} else if (ischosen(v_pKRecipientInfo.encKey.eciesBrainpoolP256r1.v.compressed_y_1)) {
v_decryptedSecuredMessage := f_decryptWithEciesBrainpoolp256WithSha256(
......@@ -200,7 +204,9 @@ module LibItsSecurity_Functions {
1,
v_pKRecipientInfo.encKey.eciesBrainpoolP256r1.c,
v_pKRecipientInfo.encKey.eciesBrainpoolP256r1.t,
v_ciphertext.aes128ccm.nonce
v_ciphertext.aes128ccm.nonce,
p_salt,
p_aes_sym_enc_key
);
} else {
log("*** " & testcasename() & ":ERROR: Non canonical ephemeral encryption keys ***");
......@@ -294,7 +300,8 @@ module LibItsSecurity_Functions {
in Oct16 p_encrypted_sym_key,
in Oct16 p_authentication_vector,
in Oct12 p_nonce,
in octetstring p_salt
in Oct32 p_salt,
out Oct16 p_aes_sym_enc_key
) return octetstring {
return fx_decryptWithEciesNistp256WithSha256(
p_encryptedSecuredMessage,
......@@ -304,7 +311,8 @@ module LibItsSecurity_Functions {
p_encrypted_sym_key,
p_authentication_vector,
p_nonce,
p_salt
p_salt,
p_aes_sym_enc_key
);
} // End of function f_decryptWithEcdsaNistp256WithSha256
......@@ -371,7 +379,9 @@ module LibItsSecurity_Functions {
in integer p_ephemeralKeyModeCompressed,
in Oct16 p_encrypted_sym_key,
in Oct16 p_authentication_vector,
in Oct12 p_nonce
in Oct12 p_nonce,
in Oct32 p_salt,
out Oct16 p_aes_sym_enc_key
) return octetstring {
return fx_decryptWithEciesBrainpoolp256WithSha256(
p_encryptedSecuredMessage,
......@@ -380,7 +390,9 @@ module LibItsSecurity_Functions {
p_ephemeralKeyModeCompressed,
p_encrypted_sym_key,
p_authentication_vector,
p_nonce
p_nonce,
p_salt,
p_aes_sym_enc_key
);
} // End of function f_decryptWithEcdsaBrainpoolp256WithSha256
......@@ -2374,7 +2386,7 @@ module LibItsSecurity_Functions {
* @param p_nonce The nonce vector of the AES 128 CCM symmetric key encryption
* @return The decrypted message
*/
external function fx_decryptWithEciesNistp256WithSha256(in octetstring p_encryptedSecuredMessage, in Oct32 p_privateEncKey, in Oct32 p_publicEphemeralKeyCompressed, in integer p_ephemeralKeyModeCompressed, in Oct16 p_encrypted_sym_key, in Oct16 p_authentication_vector, in Oct12 p_nonce, in octetstring p_salt) return octetstring;
external function fx_decryptWithEciesNistp256WithSha256(in octetstring p_encryptedSecuredMessage, in Oct32 p_privateEncKey, in Oct32 p_publicEphemeralKeyCompressed, in integer p_ephemeralKeyModeCompressed, in Oct16 p_encrypted_sym_key, in Oct16 p_authentication_vector, in Oct12 p_nonce, in Oct32 p_salt, out Oct16 p_aes_sym_enc_key) return octetstring;
/**
* @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) encryption using Brainpool-P256 algorithm
......@@ -2402,7 +2414,7 @@ module LibItsSecurity_Functions {
* @param p_nonce The nonce vector of the AES 128 CCM symmetric key encryption
* @return The decrypted message
*/
external function fx_decryptWithEciesBrainpoolp256WithSha256(in octetstring p_encryptedSecuredMessage, in Oct32 p_privateEncKey, in Oct32 p_publicEphemeralKeyCompressed, in integer p_ephemeralKeyModeCompressed, in Oct16 p_encrypted_sym_key, in Oct16 p_authentication_vector, in Oct12 p_nonce) return octetstring;
external function fx_decryptWithEciesBrainpoolp256WithSha256(in octetstring p_encryptedSecuredMessage, in Oct32 p_privateEncKey, in Oct32 p_publicEphemeralKeyCompressed, in integer p_ephemeralKeyModeCompressed, in Oct16 p_encrypted_sym_key, in Oct16 p_authentication_vector, in Oct12 p_nonce, in Oct32 p_salt, out Oct16 p_aes_sym_enc_key) return octetstring;
/**
* @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature
......
ttcn/Security/LibItsSecurity_TypesAndValues.ttcn
View file @ b1729a03
......@@ -22,11 +22,15 @@ module LibItsSecurity_TypesAndValues {
// Test Adapter certificates & private keys - Valid behavior
const charstring cc_taCert_A := "CERT_TS_A_AT"; /** Default certificate, without region validity restriction, to be used when secured messages are sent from TA to IUT */
const charstring cc_taCert_A1 := "CERT_TS_A_1_AT"; /** Default certificate, without region validity restriction, to be used when secured messages are sent from TA to IUT */
const charstring cc_taCert_A1 := "CERT_TS_A_A1_AT"; /** Default certificate, without region validity restriction, to be used when secured messages are sent from TA to IUT */
const charstring cc_taCert_A2 := "CERT_TS_A_A2_AT"; /** Default certificate, without region validity restriction, to be used when secured messages are sent from TA to IUT */
const charstring cc_taCert_A3 := "CERT_TS_A_A3_AT"; /** Default certificate, without region validity restriction, to be used when secured messages are sent from TA to IUT */
const charstring cc_taCert_B := "CERT_TS_B_AT"; /** Default certificate, with circular region, to be used when secured messages are sent from TA to IUT */
const charstring cc_taCert_B1 := "CERT_TS_B_1_AT";
const charstring cc_taCert_B_AA := "CERT_TS_B_1_AA";
const charstring cc_taCert_C := "CERT_TS_C_AT"; /** Certificate with a rectangular region, to be used when secured messages are sent from TA to IUT */
const charstring cc_taCert_C1 := "CERT_TS_C1_AT"; /** Certificate with a rectangular region, to be used when secured messages are sent from TA to IUT */
const charstring cc_taCert_CA1 := "CERT_TS_CA1_AT"; /** Certificate with a rectangular region, to be used when secured messages are sent from TA to IUT */
const charstring cc_taCert_D := "CERT_TS_D_AT"; /** Certificate with a polygonal region, to be used when secured messages are sent from TA to IUT */
const charstring cc_taCert_E := "CERT_TS_E_AT"; /** Certificate with a region identifier, to be used when secured messages are sent from TA to IUT */
const charstring cc_taCert_F := "CERT_TS_F_AT"; /** Certificate that can be used as an unknown certificate for IUT. */
......@@ -128,8 +132,8 @@ module LibItsSecurity_TypesAndValues {
const charstring cc_taCert1901_BO := "CERT_TS_19_01_BO_AT"; /** Check that IUT discards a SecuredMessage if the reserved region type has been used in region validity restriction of the AT certificate */
// IUT certificates & private keys
const charstring cc_taCert_CA1 := "CERT_IUT_CA1_AT";
const charstring cc_taCert_CA2 := "CERT_IUT_CA2_AT";
const charstring cc_taCert_CA3 := "CERT_IUT_CA3_AT";
const charstring cc_taCert_CC_AA := "CERT_IUT_CC_AA";
const charstring cc_iutCert_A := "CERT_IUT_A_AT"; /** Default certificate, without region validity restriction, to be used when secured messages are sent from TA to IUT */
const charstring cc_iutCert_B := "CERT_IUT_B_AT"; /** Default certificate, with circular region, to be used when secured messages are sent from TA to IUT */
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment