Adding help function to build the SecuredMessage part covered by the signature process (d4c9ebc3) · Commits · TTCN-3 Libraries / LibIts

ttcn/GeoNetworking/LibItsGeoNetworking_Templates.ttcn

+2 −2

Original line number	Diff line number	Diff line
		@@ -496,8 +496,8 @@ module LibItsGeoNetworking_Templates {
		* @param p_secMsg Secured message
		*/
		template (value) GeoNetworkingPdu m_geoNwSecPdu(
		in template (value) SecuredMessage p_secMsg,
		in template (value) GnNonSecuredPacket p_packet
		in template (value) GnNonSecuredPacket p_packet,
		in template (value) SecuredMessage p_secMsg
		) := {
		basicHeader := m_securedBasicHeader(),
		gnPacket := {

ttcn/Security/LibItsSecurity_Functions.ttcn3

+119 −11

Original line number	Diff line number	Diff line
		@@ -8,19 +8,15 @@
		module LibItsSecurity_Functions {

		// Libcommon
		// import from LibCommon_BasicTypesAndValues all;
		// import from LibCommon_DataStrings all;
		// import from LibCommon_VerdictControl {type FncRetCode;}
		// import from LibCommon_Sync all;
		// import from LibCommon_Time all;
		import from LibCommon_DataStrings all;

		// LibIts
		// import from LibItsCommon_Functions all;
		// import from LibItsCommon_TestSystem all;
		// import from LibItsCommon_TypesAndValues all;
		// LibItsCommon
		import from LibItsCommon_Functions all;

		// LibItsSecurity
		import from LibItsSecurity_TypesAndValues all;
		import from LibItsSecurity_Templates all;
		import from LibItsSecurity_Pixits all;

		group helpersFunctions {

		@@ -47,8 +43,11 @@ module LibItsSecurity_Functions {
		* @param TODO
		* @return true on success, false otherwise
		*/
		function f_verifyWithEcdsaNistp256WithSha256() return boolean {
		return false;
		function f_verifyWithEcdsaNistp256WithSha256(
		in octetstring p_toBeHashedData,
		out Oct32 p_hashValue) return boolean {
		p_hashValue := fx_hashWithSha256(p_toBeHashedData);
		return true;
		}

		/**
		@@ -69,6 +68,115 @@ module LibItsSecurity_Functions {
		return '0000000000000000'O;
		}

		/**
		* @desc This function build and sign the SecureMessage part covered by the signature process
		* @param p_unsecuredPayload The unsigned payload (e.g. a beacon)
		* @param p_threeDLocation The ThreeDLocation value
		* @param p_securedMessage The signed SecureMessage part
		* @return true on success, false otherwise
		* @verdict Unchanged
		*/
		function f_buildGnSecuredCam(
		in octetstring p_unsecuredPayload,
		in ThreeDLocation p_threeDLocation,
		out template (value) SecuredMessage p_securedMessage)
		return boolean {
		return false; // TODO
		}

		/**
		* @desc This function build and sign the SecureMessage part covered by the signature process
		* @param p_unsecuredPayload The unsigned payload (e.g. a beacon)
		* @param p_threeDLocation The ThreeDLocation value
		* @param p_securedMessage The signed SecureMessage part
		* @return true on success, false otherwise
		* @verdict Unchanged
		*/
		function f_buildGnSecuredDenm(
		in octetstring p_unsecuredPayload,
		in ThreeDLocation p_threeDLocation,
		out template (value) SecuredMessage p_securedMessage)
		return boolean {
		return false; // TODO
		}

		/**
		* @desc This function build and sign the SecureMessage part covered by the signature process
		* @param p_unsecuredPayload The unsigned payload (e.g. a beacon)
		* @param p_threeDLocation The ThreeDLocation value
		* @param p_securedMessage The signed SecureMessage part
		* @return true on success, false otherwise
		* @verdict Unchanged
		*/
		function f_buildGnSecuredBeacon(
		in octetstring p_unsecuredPayload,
		in ThreeDLocation p_threeDLocation,
		out template (value) SecuredMessage p_securedMessage)
		return boolean {

		// Local variables
		var octetstring v_secPayload, v_signature;
		var Oct32 v_hash;
		var template (value) ToBeSignedData v_toBeSignedData;

		// Create SecuredMessage payload to be signed
		v_toBeSignedData := m_toBeSignedData_profileOther(
		{ // Field HeaderFields
		m_header_field_signer_info(
		m_signerInfo_certificate(
		PX_AT_CERTIFICATES[PX_CERTIFICATE_CONFIG_IDX]
		) // End of template m_signerInfo_certificate
		), // End of template m_header_field_signer_info
		m_header_field_generation_time(f_getCurrentTime()),
		m_header_field_generation_location(
		p_threeDLocation
		)
		}, // End of field HeaderFields
		{
		m_payload_unsecured(
		p_unsecuredPayload
		)
		}, // End of field HeaderFields
		e_signature
		);

		v_secPayload := bit2oct(encvalue(v_toBeSignedData));
		log("v_secPayload length: ", lengthof(v_secPayload));
		log("v_secPayload: ", v_secPayload);

		// Calculate the hash of the SecuredMessage payload to be signed
		v_hash := fx_hashWithSha256(v_secPayload);
		log("v_hash length: ", lengthof(v_hash));
		log("v_hash: ", v_hash);

		// Signed payload
		v_signature := fx_signWithEcdsaNistp256WithSha256(
		v_hash,
		PC_PRIVATE_KEYS[PX_CERTIFICATE_CONFIG_IDX]
		);
		log("v_signature length: ", lengthof(v_signature));
		log("v_signature: ", v_signature);

		p_securedMessage := m_securedMessage_profileOther( // See Clause 7.3 Generic security profile for other signed messages
		v_toBeSignedData.header_fields,
		v_toBeSignedData.payload_fields,
		{
		m_trailer_field_signature(
		m_signature(
		m_ecdsaSignature(
		m_eccPointecdsa_nistp256_with_sha256_y_coordinate_only(
		substr(v_signature, 2, 32)
		),
		substr(v_signature, 34, 32)
		)
		)
		)
		}
		); // End of template m_securedMessageBeacon

		return true;
		} // End of function f_buildGnSecuredBeacon

		group messageGetters {

		/**

ttcn/Security/LibItsSecurity_Pixits.ttcn3

+243 −39

Original line number	Diff line number	Diff line
		@@ -7,50 +7,254 @@
		*/
		module LibItsSecurity_Pixits {

		// LibCommon
		import from LibCommon_DataStrings {
		type
		Oct12
		}

		// LibItsSecurity
		import from LibItsSecurity_TypesAndValues {
		type HashedId8
		}

		/**
		* @desc TODO
		*/
		modulepar octetstring PX_ECDSA_X_COORDINATE := 'D89D70110B4AB76904CBD27578420F0814380A5E4183F42AE602BE903EE606F8'O;

		/**
		* @desc TODO
		*/
		modulepar octetstring PX_ECDSA_Y_COORDINATE := '639D5CB825989E92F0A77B31EF65DE5B3505C75FD7B12BA64DBA89897DCB4043'O;

		/**
		* @desc TODO
		*/
		modulepar octetstring PX_ECDSA_S := '00008A08AE40EC69030C056E48152F7A14F72BA4F305C2E6AA31997ABE93E7FD'O;

		/**
		* @desc TODO
		*/
		modulepar octetstring PX_AESCCM_X_COORDINATE := 'CAFEDECACAFEDECACAFEDECACAFEDECACAFEDECACAFEDECACAFEDECACAFEDECA'O;
		import from LibItsSecurity_TypesAndValues all;
		import from LibItsSecurity_Templates all;

		/**
		* @desc TODO
		* @desc Index on the certificate to be used. Default: configuration #0
		*/
		modulepar octetstring PX_AESCCM_Y_COORDINATE := 'CAFEDECACAFEDECACAFEDECACAFEDECACAFEDECACAFEDECACAFEDECACAFEDECA'O;
		modulepar integer PX_CERTIFICATE_CONFIG_IDX := 0;

		/**
		* @desc TODO
		*/
		modulepar HashedId8 PX_ECDSA_DIGEST := '0102030405060708'O;
		modulepar KeyX PC_PRIVATE_KEYS := {
		'00FB54F79EDA3F868E7DBC1F7F2F0FBF4C5D4FBEDABE0CE172C79F9FD6431D0160'O
		// TODO Add additional configurations
		};

		/**
		* @desc TODO
		*/
		modulepar Oct12 PX_AESCCM_NONCE := '010203040506070808080808'O;
		// /**
		// * @desc Certificate groups generated with the Preserve tool
		// */
		// modulepar CertificateChain PX_CA_CERTIFICATES := {
		// { // Config #0
		// version := 2,
		// signer_infos := {
		// m_SignerInfo_self
		// },
		// subject_info := m_subject_info_root_ca(
		// '455453495F506C7567746573745F526F6F74'O // ETSI_Plugtest_Root
		// ),
		// subject_attributes := {
		// m_subject_attribute_verification_key(
		// m_publicKey_eccPoint(
		// m_eccPointecdsa_nistp256_with_sha256_uncompressed(
		// '63EB5C4EA82BC6A6B27E5857A075DCE18F0E3CDC01D42896418B23F68872E41A'O,
		// 'D04F5DFCDC2BE224986E15147840FF21F709DCB6503A416207E1B8E1CE395C2A'O
		// )
		// )
		// ),
		// m_subject_attribute_encryption_key(
		// m_publicKey_aesccm(
		// m_aesccm(
		// m_eccPointecdsa_nistp256_with_sha256_uncompressed(
		// '4DFF56B92FCF680EE694EE58473F9F7D37516C3708F108A5185C185C5F159F02'O,
		// 'F47AA5D2514F593245DD6575613114182DC83EC67AC2A7B6726421D94C55184B'O
		// )
		// )
		// )
		// ),
		// m_subject_attribute_assurance_level(
		// m_subjectAssurance(
		// '001'B,
		// '00'B
		// )
		// ),
		// m_subject_attribute_its_aid_list(
		// {
		// 16512,
		// 16513
		// }
		// )
		// },
		// validity_restrictions := {
		// m_validity_restriction_time_start_and_end(
		// 1405173485,
		// 1513691885
		// ),
		// m_validity_restriction_region(
		// m_geographicRegion_polygonial(
		// {
		// {
		// latitude := 498716540,
		// longitude := 86382080
		// },
		// {
		// latitude := 498685550,
		// longitude := 86411050
		// },
		// {
		// latitude := 492040400,
		// longitude := 86475600
		// }
		// }
		// )
		// )
		// },
		// signature_ := m_signature(
		// m_ecdsaSignature(
		// m_eccPointecdsa_nistp256_with_sha256_x_coordinate_only(
		// 'D06FF2BAF762E9618CAC21BD110F271EA2A7C91355DCA14753FC9A0DDED1AB34'O
		// ),
		// '71DB2DD2BA840126E2904297F34386CCDFE86A0EBE0E585748517A5DA49808B4'O
		// )
		// )
		// } // End of Config #0
		// // TODO Add additional configurations
		// }; // End of pixit PX_CA_CERTIFICATES
		//
		// modulepar CertificateChain PX_AA_CERTIFICATES := {
		// {
		// version := 2,
		// signer_infos := {
		// m_signerInfo_certificate(
		// PX_CA_CERTIFICATES[PX_CERTIFICATE_CONFIG_IDX]
		// )
		// },
		// subject_info := m_subject_info_authorization_authority(
		// '455453495F506C7567746573745F4141'O // ETSI_Plugtest_Root
		// ),
		// subject_attributes := {
		// m_subject_attribute_verification_key(
		// m_publicKey_eccPoint(
		// m_eccPointecdsa_nistp256_with_sha256_uncompressed(
		// '9EB910179EFA0C5589F299A7AA7BFC061C1AC7F77892E9BB95C0CE510F6602EE'O,
		// '39480D3E93BACB08D691F2AD0F67861E7D8D950E3714E0C3518155CCC7D69243'O
		// )
		// )
		// ),
		// m_subject_attribute_encryption_key(
		// m_publicKey_aesccm(
		// m_aesccm(
		// m_eccPointecdsa_nistp256_with_sha256_uncompressed(
		// '413D68F76C6DB560A81E67951601A2DF01A1BB436CEB3B036BD2F8A676F9AAE2'O,
		// '413D68F76C6DB560A81E67951601A2DF01A1BB436CEB3B036BD2F8A676F9AAE2'O
		// )
		// )
		// )
		// ),
		// m_subject_attribute_assurance_level(
		// m_subjectAssurance(
		// '001'B,
		// '00'B
		// )
		// ),
		// m_subject_attribute_its_aid_list(
		// {
		// 16512,
		// 16513
		// }
		// )
		// },
		// validity_restrictions := {
		// m_validity_restriction_time_start_and_end(
		// 1405173485,
		// 1513691885
		// ),
		// m_validity_restriction_region(
		// m_geographicRegion_polygonial(
		// {
		// {
		// latitude := 498716540,
		// longitude := 86382080
		// },
		// {
		// latitude := 498685550,
		// longitude := 86411050
		// },
		// {
		// latitude := 492040400,
		// longitude := 86475600
		// }
		// }
		// )
		// )
		// },
		// signature_ := m_signature(
		// m_ecdsaSignature(
		// m_eccPointecdsa_nistp256_with_sha256_x_coordinate_only(
		// '453A255F64D21F7C2A514F3717781F328018151DC41D4696CC991279E60E094A'O
		// ),
		// 'C68355664CB8573AB589C7684ED660911C39F6702C781FF298CB78821A253214'O
		// )
		// )
		// } // End of Config #0
		// // TODO Add additional configurations
		// }; // End of pixit PX_AA_CERTIFICATES
		//
		modulepar CertificateChain PX_AT_CERTIFICATES := {
		{
		version := 2,
		signer_infos := {
		m_SignerInfo_digest(
		'0727A031EE3F372C'O
		)
		},
		subject_info := m_subject_info_authorization_ticket,
		subject_attributes := {
		m_subject_attribute_verification_key(
		m_publicKey_eccPoint(
		m_eccPointecdsa_nistp256_with_sha256_uncompressed(
		'EA807A2D6CC220D563C6C74047C764407AF5F21240C403A40697294A94CF3CF0'O,
		'846C8DF447DA62EAC49DBA51EEC4AF7C8B1E0BCC67822626B2112E2FC56BE4C1'O
		)
		)
		),
		m_subject_attribute_encryption_key(
		m_publicKey_aesccm(
		m_aesccm(
		m_eccPointecdsa_nistp256_with_sha256_uncompressed(
		'4F0CBC2A8AF10F5476AE4180828D9C62D82215E0EDCBDCAB74AA49C1B6D26045'O,
		'5E949EA97B9A98F64BDA55FA2441F4BE82BB45DB1B4F9B194B5471A6058F6E86'O
		)
		)
		)
		),
		m_subject_attribute_assurance_level(
		m_subjectAssurance(
		'001'B,
		'00'B
		)
		),
		m_subject_attribute_its_aid_list(
		{
		16512,
		16513
		}
		)
		},
		validity_restrictions := {
		m_validity_restriction_time_start_and_end(
		1405173485,
		1513691885
		),
		m_validity_restriction_region(
		m_geographicRegion_polygonial(
		{
		{
		latitude := 498716540,
		longitude := 86382080
		},
		{
		latitude := 498685550,
		longitude := 86411050
		},
		{
		latitude := 492040400,
		longitude := 86475600
		}
		}
		)
		)
		},
		signature_ := m_signature(
		m_ecdsaSignature(
		m_eccPointecdsa_nistp256_with_sha256_x_coordinate_only(
		'EBEECFB8A931E5FBA5138808836CEC66EE5C99095693DDFE235076B91C8E2B00'O
		),
		'13DEAEB76EC813F6C205333E0050434FE7F29F2980C352B7FB1578CE2AA6F394'O
		)
		)
		} // End of Config #0
		// TODO Add additional configurations
		}; // End of pixit PX_AT_CERTIFICATES

		} // End of module LibItsSecurity_Pixits
		No newline at end of file

ttcn/Security/LibItsSecurity_Templates.ttcn3

+115 −13

File changed.

Preview size limit exceeded, changes collapsed.

ttcn/Security/LibItsSecurity_TypesAndValues.ttcn3

+26 −15

Original line number	Diff line number	Diff line
		@@ -8,18 +8,8 @@
		module LibItsSecurity_TypesAndValues {

		// LibCommon
		import from LibCommon_BasicTypesAndValues {
		type
		UInt8, UInt16, UInt32, UInt64,
		Int13, Int32
		}
		import from LibCommon_DataStrings {
		type
		Bit2, Bit3,
		Oct2, Oct3, Oct8, Oct12, Oct20, Oct0to31
		}

		// LibIts
		import from LibCommon_BasicTypesAndValues all;
		import from LibCommon_DataStrings all;

		group basicFormatElements {

		@@ -400,7 +390,26 @@ module LibItsSecurity_TypesAndValues {
		group SecurityMessages {

		/**
		* @desc Generic secured message description
		* @desc Secured message description, part to be signed
		* @member protocol_version The applied protocol version
		* @member security_profile The security profile for this secured message
		* @member header_fields Multiple information fields of interest to the security layer
		* @member payload_fields The message's payload
		* @member trailer_fields Security information after the payload
		*
		* @see Draft ETSI TS 103 097 V1.1.6 Clause 5.1 SecuredMessage
		* @see Draft ETSI TS 103 097 V1.1.6 Table 5
		*/
		type record ToBeSignedData {
		UInt8 protocol_version,
		UInt8 security_profile,
		HeaderFields header_fields,
		SecPayloads payload_fields optional, // Used by the codec to fill it with the secured packet in case of 'omit' value
		TrailerFieldType trailerFieldType
		} // End of type ToBeSignedData

		/**
		* @desc Secured message description
		* @member protocol_version The applied protocol version
		* @member security_profile The security profile for this secured message
		* @member header_fields Multiple information fields of interest to the security layer
		@@ -760,6 +769,8 @@ module LibItsSecurity_TypesAndValues {
		encode "UpperTester"
		} // End of group utPrimitives

		type set of octetstring KeyX;

		} with {
		encode "LibItsSecurity"
		} // End of module LibItsSecurity_TypesAndValues