Commit db77b62a authored by Yann Garcia's avatar Yann Garcia
Browse files

Add BrainpoolP256r1 encryption support in AtsPki

parent 48352921
This diff is collapsed.
......@@ -19,6 +19,26 @@ module LibItsPki_Pics {
* @desc Does the IUT act as combined EA-AA device?
*/
modulepar boolean PICS_IUT_COMBINED_EA_AA_ROLE := false;
/**
* @desc Does the IUT support enrolment?
*/
modulepar boolean PICS_SECPKI_ENROLMENT := true;
/**
* @desc Does the IUT support autorization?
*/
modulepar boolean PICS_SECPKI_AUTHORIZATION := true;
/**
* @desc Is a re-enrolment request?
*/
modulepar boolean PICS_SECPKI_REENROLMENT := true;
/**
* @desc ?
*/
modulepar boolean PICS_SECPKI_CRL := false;
/**
* @desc Certificate used by the IUT acting as ITS-S
......@@ -105,11 +125,6 @@ module LibItsPki_Pics {
*/
modulepar octetstring PICS_ITS_S_ENC_BRAINPOOLP384r1_PRIVATE_KEY := '6B4B4392511B252C904801466F5DA0A7F28E038E6656800CBB0CDCB3D32F862CA4D59CBDC1A19E98E9191582AF1DB3D7'O;
/**
* @desc Factory compressed public key for encryption Brainpool P384 r1
*/
modulepar octetstring PICS_ITS_S_ENC_BRAINPOOLP384r1_PUBLIC_KEY := '027BB3104998F30B86B0C7C6CC9BFAECA7F7E99E8CE575D07B550028CCB15E1C95581B9B8520D40A35256021DDA63B785C'O;
/**
* @desc Factory private key for verification Brainpool P384 r1
*/
......
......@@ -6,11 +6,9 @@ module LibItsPki_Pixits {
// LibIts
import from IEEE1609dot2BaseTypes language "ASN.1:1997" all;
/**
* @desc Is the first enrolment?
*/
modulepar boolean PX_FIRST_ENROLMENT := true;
// LibItsPki
import from LibItsPki_TypesAndValues all;
/**
* @desc Do the encryption keys be included in Authorization Request?
......@@ -31,4 +29,15 @@ module LibItsPki_Pixits {
* @desc Contains the hashed id8 of the EC certificate, used in case of re-enrolment
*/
modulepar HashedId8 PX_EC_HASHED_ID8 := int2oct(0, 8);
/**
* @desc Indicate which encryption algorithem to be used
*/
modulepar SecurityAlg PX_EC_ALG := e_nist_p256;
/**
* @desc Indicate which verification algorithem to be used
*/
modulepar SecurityAlg PX_VE_ALG := e_nist_p256;
} // End of module LibItsPki_Pixits
......@@ -23,6 +23,12 @@ module LibItsPki_TypesAndValues {
} // End of group constants
type enumerated SecurityAlg {
e_nist_p256 (0),
e_brainpool_p256_r1 (1),
e_brainpool_p384_r1 (2)
} // End of type SecurityAlg
group utPrimitives {
/**
......@@ -50,7 +56,8 @@ module LibItsPki_TypesAndValues {
* @member triggerEnrolmentRequest Request to trigger an EnrolmentRequest
*/
type union UtPkiTrigger {
TriggerEnrolmentRequest triggerEnrolmentRequest
TriggerEnrolmentRequest triggerEnrolmentRequest,
TriggerAuthorizationRequest triggerAuthorizationRequest
} with {
variant ""
} // End of type UtPkiTrigger
......@@ -71,6 +78,15 @@ module LibItsPki_TypesAndValues {
variant "FIELDORDER(msb)"
} // End of type TriggerEnrolmentRequest
type record TriggerAuthorizationRequest {
octetstring cannonicalId,
Oct1 encAlgorithm,
octetstring privateKey,
octetstring compressedPublickey
} with {
variant "FIELDORDER(msb)"
} // End of type TriggerAuthorizationRequest
} with {
encode "UpperTester"
variant ""
......
......@@ -325,25 +325,29 @@ module LibItsSecurity_Functions {
*/
function f_encryptWithEciesBrainpoolp256WithSha256(
in octetstring p_toBeEncryptedSecuredMessage,
in Oct32 p_recipientsPublicKeyX,
in Oct32 p_recipientsPublicKeyCompressed,
in integer p_compressed_mode,
in octetstring p_salt,
out Oct32 p_publicEphemeralKeyCompressed,
out integer p_ephemeralKeyModeCompressed,
out Oct16 p_aes_sym_key,
out Oct16 p_encrypted_sym_key,
out Oct16 p_authentication_vector,
out Oct12 p_nonce
out Oct12 p_nonce,
in boolean p_use_hardcoded_values := false
) return octetstring {
return fx_encryptWithEciesBrainpoolp256WithSha256(
p_toBeEncryptedSecuredMessage,
p_recipientsPublicKeyX,
p_recipientsPublicKeyCompressed,
p_compressed_mode,
p_salt,
p_publicEphemeralKeyCompressed,
p_ephemeralKeyModeCompressed,
p_aes_sym_key,
p_encrypted_sym_key,
p_authentication_vector,
p_nonce
p_nonce,
p_use_hardcoded_values
);
} // End of function f_encryptWithEciesBrainpoolp256WithSha256
......@@ -2387,7 +2391,9 @@ module LibItsSecurity_Functions {
* @param p_nonce The nonce vector of the AES 128 CCM symmetric key encryption
* @return The encrypted message
*/
external function fx_encryptWithEciesBrainpoolp256WithSha256(in octetstring p_toBeEncryptedSecuredMessage, in Oct32 p_recipientsPublicKeyCompressed, in integer p_compressed_mode, out Oct32 p_publicEphemeralKeyCompressed, out integer p_ephemeralKeyModeCompressed, out Oct16 p_aes_sym_key, out Oct16 p_encrypted_sym_key, out Oct16 p_authentication_vector, out Oct12 p_nonce) return octetstring;
external function fx_encryptWithEciesBrainpoolp256WithSha256(in octetstring p_toBeEncryptedSecuredMessage, in Oct32 p_recipientsPublicKeyCompressed, in integer p_compressed_mode, in octetstring p_salt, out Oct32 p_publicEphemeralKeyCompressed, out integer p_ephemeralKeyModeCompressed, out Oct16 p_aes_sym_key, out Oct16 p_encrypted_sym_key, out Oct16 p_authentication_vector, out Oct12 p_nonce, in boolean p_use_hardcoded_values := false) return octetstring;
external function fx_test_encryptWithEciesBrainpoolp256WithSha256(in octetstring p_toBeEncryptedSecuredMessage, in Oct32 p_privateEphemeralKey, in Oct32 p_recipientPublicKeyX, in Oct32 p_recipientPublicKeyY, in octetstring p_salt, out Oct32 p_publicEphemeralKeyX, out Oct32 p_publicEphemeralKeyY, out Oct16 p_aes_sym_key, out Oct16 p_encrypted_sym_key, out Oct16 p_authentication_vector, out Oct12 p_nonce) return octetstring;
/**
* @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) decryption using Brainpool-P256 algorithm
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment