Commit c4dd6c68 authored by garciay's avatar garciay
Browse files

Rename function f_calculateDigest into f_calculateDigestFromCertificate 

Add support of either certificate or digest in f_buildGnSecuredOtherMessage function
parent 1eb5dc77

ttcn/Security/LibItsSecurity_Functions.ttcn3

+167 −71
Original line number Diff line number Diff line
@@ -26,7 +26,9 @@ module LibItsSecurity_Functions { 
         * @param   p_toBeHashedData Data to be used to calculate the hash value

         * @return  The hash value

         */

        function f_hashWithSha256(in octetstring p_toBeHashedData) return Oct32 {

        function f_hashWithSha256(

                                  in octetstring p_toBeHashedData

        ) return Oct32 {

            return fx_hashWithSha256(p_toBeHashedData);

        } // End of function f_hashWithSha256
@@ -43,14 +45,29 @@ module LibItsSecurity_Functions { 
            

        } // End of function f_signWithEcdsaNistp256WithSha256

        

        function f_HashedId8FromSha256(in Oct32 p_hash)

        return HashedId8 {

            return substr(p_hash, 0, 8);

        /**

         * @desc Compute the HashedId8 value from the hash value

         * @param p_hash The hash value

         * @return The HashedId8 value

         * @verdict 

         */

        function f_HashedId8FromSha256(

                                       in Oct32 p_hash

        ) return HashedId8 {

            return substr(p_hash, lengthof(p_hash) - 8, 8);

        } // End of function f_HashedId8FromSha256 

        

        function f_HashedId3FromHashedId8 (in HashedId8 p_hash)

        return HashedId3 {

            return substr(p_hash, 0, 3);

        /**

         * @desc Compute the HashedId3 value from the HashedId8 value

         * @param p_hashp_hashedId8 The HashedId8 value

         * @return The HashedId3 value

         * @verdict 

         */



        function f_HashedId3FromHashedId8 (

                                           in HashedId8 p_hashedId8

        ) return HashedId3 {

            return substr(p_hashedId8, lengthof(p_hashedId8) - 3, 3);

        }  // End of function f_HashedId3FromHashedId8

        

        /**
@@ -80,7 +97,9 @@ module LibItsSecurity_Functions { 
         * @return  the digest

         * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.13   HashedId8

         */

        function f_calculateDigest(in Certificate p_cert) return HashedId8 {

        function f_calculateDigestFromCertificate(

                                                  in Certificate p_cert

        ) return HashedId8 {

            var octetstring v_toBeHashedData;

            var octetstring v_hash;

            var integer v_counter;
@@ -137,6 +156,7 @@ module LibItsSecurity_Functions { 
             * @param p_securedMessage      The signed  SecureMessage part

             * @param p_unsecuredPayload    The unsigned payload (e.g. a beacon)

             * @param p_threeDLocation      The ThreeDLocation value

             * @param p_addCertificate      Set to true to add the AT certificate in header fields. Otherwise, only the AA certificate digest will be added

             * @param p_headerFields        Additional HeaderFields

             * @return true on success, false otherwise

             * @verdict Unchanged
@@ -145,6 +165,7 @@ module LibItsSecurity_Functions { 
                                         out template (value) SecuredMessage p_securedMessage, 

                                         in octetstring p_unsecuredPayload, 

                                         in ThreeDLocation p_threeDLocation, 

                                         in template (omit) boolean p_addCertificate := false,

                                         in template (omit) HeaderFields p_headerFields := omit

            ) return boolean {
@@ -154,6 +175,7 @@ module LibItsSecurity_Functions { 
                var template (value) ToBeSignedSecuredMessage v_toBeSignedSecuredMessage;

                 

                // Create SecuredMessage payload to be signed

                if (p_addCertificate == true) { // Add the AA certificate

                    v_toBeSignedSecuredMessage := m_toBeSignedSecuredMessage(

                        c_security_profileCAMs,

                        { // Field HeaderFields
@@ -175,6 +197,29 @@ module LibItsSecurity_Functions { 
                        }, // End of field HeaderFields

                        e_signature

                    );

                } else { // Add the AA certificate digest

                    v_toBeSignedSecuredMessage := m_toBeSignedSecuredMessage(

                        c_security_profileCAMs,

                        { // Field HeaderFields

                            m_header_field_signer_info(

                                m_signerInfo_digest(

                                    PX_TA_CONFIGS[PX_CERTIFICATE_CONFIG_IDX].atCertificate.signer_infos[0].signerInfo.digest

                                ) // End of template m_signerInfo_digest 

                            ), // End of template m_header_field_digest

                            m_header_field_generation_time(f_getCurrentTime()),

                            m_header_field_generation_location(

                                p_threeDLocation

                            ),

                            m_header_field_message_type(c_messageType_CAM)

                        }, // End of field HeaderFields

                        {

                            m_payload_unsecured(

                                p_unsecuredPayload

                            )

                        }, // End of field HeaderFields

                        e_signature

                    );

                }

                log("v_toBeSignedSecuredMessage=", v_toBeSignedSecuredMessage);

                

                // Add additional header fields if any
@@ -226,6 +271,7 @@ module LibItsSecurity_Functions { 
             * @param p_securedMessage      The signed  SecureMessage part

             * @param p_unsecuredPayload    The unsigned payload (e.g. a beacon)

             * @param p_threeDLocation      The ThreeDLocation value

             * @param p_addCertificate      Set to true to add the AT certificate in header fields. Otherwise, only the AA certificate digest will be added

             * @param p_headerFields        Additional HeaderFields

             * @return true on success, false otherwise

             * @verdict Unchanged
@@ -234,6 +280,7 @@ module LibItsSecurity_Functions { 
                                          out template (value) SecuredMessage p_securedMessage, 

                                          in octetstring p_unsecuredPayload, 

                                          in ThreeDLocation p_threeDLocation, 

                                          in template (omit) boolean p_addCertificate := false,

                                          in template (omit) HeaderFields p_headerFields := omit

            ) return boolean {
@@ -243,6 +290,7 @@ module LibItsSecurity_Functions { 
                var template (value) ToBeSignedSecuredMessage v_toBeSignedSecuredMessage;

                 

                // Create SecuredMessage payload to be signed

                if (p_addCertificate == true) { // Add the AA certificate

                    v_toBeSignedSecuredMessage := m_toBeSignedSecuredMessage(

                        c_security_profileDENMs,

                        { // Field HeaderFields
@@ -264,6 +312,29 @@ module LibItsSecurity_Functions { 
                        }, // End of field HeaderFields

                        e_signature

                    );

                } else { // Add the AA certificate digest

                    v_toBeSignedSecuredMessage := m_toBeSignedSecuredMessage(

                        c_security_profileDENMs,

                        { // Field HeaderFields

                            m_header_field_signer_info(

                                m_signerInfo_digest(

                                    PX_TA_CONFIGS[PX_CERTIFICATE_CONFIG_IDX].atCertificate.signer_infos[0].signerInfo.digest

                                ) // End of template m_signerInfo_digest 

                            ), // End of template m_header_field_digest

                            m_header_field_generation_time(f_getCurrentTime()),

                            m_header_field_generation_location(

                                p_threeDLocation

                            ),

                            m_header_field_message_type(c_messageType_DENM)

                        }, // End of field HeaderFields

                        {

                            m_payload_unsecured(

                                p_unsecuredPayload

                            )

                        }, // End of field HeaderFields

                        e_signature

                    );

                }

                // Add additional header fields if any

                if (ispresent(p_headerFields) == true) {

                    var integer v_addItemIndex := lengthof(v_toBeSignedSecuredMessage.header_fields);
@@ -311,6 +382,7 @@ module LibItsSecurity_Functions { 
             * @param p_securedMessage      The signed  SecureMessage part

             * @param p_unsecuredPayload    The unsigned payload (e.g. a beacon)

             * @param p_threeDLocation      The ThreeDLocation value

             * @param p_addCertificate      Set to true to add the AT certificate in header fields. Otherwise, only the AA certificate digest will be added

             * @param p_headerFields        Additional HeaderFields

             * @return true on success, false otherwise

             * @verdict Unchanged
@@ -319,6 +391,7 @@ module LibItsSecurity_Functions { 
                                                  out template (value) SecuredMessage p_securedMessage, 

                                                  in octetstring p_unsecuredPayload, 

                                                  in ThreeDLocation p_threeDLocation, 

                                                  in template (omit) boolean p_addCertificate := false,

                                                  in template (omit) HeaderFields p_headerFields := omit

            ) return boolean {
@@ -328,6 +401,7 @@ module LibItsSecurity_Functions { 
                var template (value) ToBeSignedSecuredMessage v_toBeSignedSecuredMessage;

                 

                // Create SecuredMessage payload to be signed

                if (p_addCertificate == true) { // Add the AA certificate

                    v_toBeSignedSecuredMessage := m_toBeSignedSecuredMessage(

                        c_security_profileOthers,

                        { // Field HeaderFields
@@ -348,6 +422,28 @@ module LibItsSecurity_Functions { 
                        }, // End of field HeaderFields

                        e_signature

                    );

                } else { // Add the AA certificate digest

                    v_toBeSignedSecuredMessage := m_toBeSignedSecuredMessage(

                        c_security_profileOthers,

                        { // Field HeaderFields

                            m_header_field_signer_info(

                                m_signerInfo_digest(

                                    PX_TA_CONFIGS[PX_CERTIFICATE_CONFIG_IDX].atCertificate.signer_infos[0].signerInfo.digest

                                ) // End of template m_signerInfo_digest 

                            ), // End of template m_header_field_digest

                            m_header_field_generation_time(f_getCurrentTime()),

                            m_header_field_generation_location(

                                p_threeDLocation

                            )

                        }, // End of field HeaderFields

                        {

                            m_payload_unsecured(

                                p_unsecuredPayload

                            )

                        }, // End of field HeaderFields

                        e_signature

                    );

                }

                // Add additional header fields if any

                if (ispresent(p_headerFields) == true) {

                    var integer v_addItemIndex := lengthof(v_toBeSignedSecuredMessage.header_fields);