Loading ttcn/Pki/LibItsPki_Functions.ttcn +118 −49 Original line number Diff line number Diff line Loading @@ -716,8 +716,10 @@ module LibItsPki_Functions { // Modify signature to get an error if (ischosen(v_inner_ec_request_signed_for_pop.content.signedData.signature_.ecdsaNistP256Signature)) { v_inner_ec_request_signed_for_pop.content.signedData.signature_.ecdsaNistP256Signature.sSig[1] := bit2oct('10101010'B xor4b oct2bit(v_inner_ec_request_signed_for_pop.content.signedData.signature_.ecdsaNistP256Signature.sSig[1])); } else { } else if (ischosen(v_inner_ec_request_signed_for_pop.content.signedData.signature_.ecdsaBrainpoolP256r1Signature)) { v_inner_ec_request_signed_for_pop.content.signedData.signature_.ecdsaBrainpoolP256r1Signature.sSig[1] := bit2oct('10101010'B xor4b oct2bit(v_inner_ec_request_signed_for_pop.content.signedData.signature_.ecdsaBrainpoolP256r1Signature.sSig[1])); } else { v_inner_ec_request_signed_for_pop.content.signedData.signature_.ecdsaBrainpoolP384r1Signature.sSig[1] := bit2oct('10101010'B xor4b oct2bit(v_inner_ec_request_signed_for_pop.content.signedData.signature_.ecdsaBrainpoolP384r1Signature.sSig[1])); } // Secure InnerEcRequestSignedForPoP message Loading Loading @@ -1640,7 +1642,7 @@ module LibItsPki_Functions { // Local variables var Oct32 v_public_key_x; var Oct32 v_public_key_y; var EccP256CurvePoint v_eccP256_curve_point; var PublicVerificationKey v_public_verification_key; log (">>> f_generate_inner_ec_request"); // Generate keys for the certificate to be requested Loading @@ -1648,17 +1650,37 @@ module LibItsPki_Functions { log ("f_generate_inner_ec_request: failed to generate keys"); return false; } // Build the Proof of Possession InnerEcRequest if (PX_VE_ALG == e_nist_p256) { var EccP256CurvePoint v_eccP256_curve_point; if (p_compressed_mode == 0) { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(p_public_key_compressed)); } else { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(p_public_key_compressed)); } // Build the Proof of Possession InnerEcRequest v_public_verification_key := valueof(m_publicVerificationKey_ecdsaNistP256(v_eccP256_curve_point)); } else if (PX_VE_ALG == e_brainpool_p256_r1) { var EccP256CurvePoint v_eccP256_curve_point; if (p_compressed_mode == 0) { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(p_public_key_compressed)); } else { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(p_public_key_compressed)); } v_public_verification_key := valueof(m_publicVerificationKey_ecdsaBrainpoolP256r1(v_eccP256_curve_point)); } else { var EccP384CurvePoint v_eccP384_curve_point; if (p_compressed_mode == 0) { v_eccP384_curve_point := valueof(m_eccP384CurvePoint_compressed_y_0(p_public_key_compressed)); } else { v_eccP384_curve_point := valueof(m_eccP384CurvePoint_compressed_y_1(p_public_key_compressed)); } v_public_verification_key := valueof(m_publicVerificationKey_ecdsaBrainpoolP384r1(v_eccP384_curve_point)); } p_inner_ec_request := valueof( m_innerEcRequest( PICS_ITS_S_CANONICAL_ID, m_publicKeys( m_publicVerificationKey_ecdsaNistP256(v_eccP256_curve_point) v_public_verification_key ), m_certificateSubjectAttributes_id_name( oct2char(PICS_ITS_S_CANONICAL_ID), Loading Loading @@ -1702,7 +1724,10 @@ module LibItsPki_Functions { // Local variables var Oct32 v_public_key_x; var Oct32 v_public_key_y; var EccP256CurvePoint v_eccP256_curve_point; var octetstring v_private_key; var octetstring v_public_key_compressed; var integer v_compressed_mode; var PublicVerificationKey v_public_verification_key; log (">>> f_generate_inner_ec_request_with_wrong_parameters"); // Generate keys for the certificate to be requested Loading @@ -1711,33 +1736,47 @@ module LibItsPki_Functions { return false; } if (p_alter_private_key == false) { if (p_compressed_mode == 0) { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(p_public_key_compressed)); v_private_key := p_private_key; v_public_key_compressed := p_public_key_compressed; v_compressed_mode := p_compressed_mode; } else { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(p_public_key_compressed)); } } else { var octetstring v_private_key; var octetstring v_public_key_compressed; var integer v_compressed_mode; log ("f_generate_inner_ec_request_with_wrong_parameters: Alter verify private key"); if (f_generate_key_pair(v_private_key, v_public_key_x, v_public_key_y, v_public_key_compressed, v_compressed_mode) == false) { log ("f_generate_inner_ec_request_with_wrong_parameters: failed to generate keys"); return false; } } // Build the Proof of Possession InnerEcRequest if (PX_VE_ALG == e_nist_p256) { var EccP256CurvePoint v_eccP256_curve_point; if (v_compressed_mode == 0) { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_public_key_compressed)); } else { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_public_key_compressed)); } v_public_verification_key := valueof(m_publicVerificationKey_ecdsaNistP256(v_eccP256_curve_point)); } else if (PX_VE_ALG == e_brainpool_p256_r1) { var EccP256CurvePoint v_eccP256_curve_point; if (v_compressed_mode == 0) { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_public_key_compressed)); } else { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_public_key_compressed)); } v_public_verification_key := valueof(m_publicVerificationKey_ecdsaBrainpoolP256r1(v_eccP256_curve_point)); } else { var EccP384CurvePoint v_eccP384_curve_point; if (v_compressed_mode == 0) { v_eccP384_curve_point := valueof(m_eccP384CurvePoint_compressed_y_0(v_public_key_compressed)); } else { v_eccP384_curve_point := valueof(m_eccP384CurvePoint_compressed_y_1(v_public_key_compressed)); } v_public_verification_key := valueof(m_publicVerificationKey_ecdsaBrainpoolP384r1(v_eccP384_curve_point)); } // Build the Proof of Possession InnerEcRequest p_inner_ec_request := valueof( m_innerEcRequest( PICS_ITS_S_CANONICAL_ID, m_publicKeys( m_publicVerificationKey_ecdsaNistP256(v_eccP256_curve_point) v_public_verification_key ), m_certificateSubjectAttributes_id_name( oct2char(p_canonical_id), Loading Loading @@ -1912,6 +1951,7 @@ module LibItsPki_Functions { var octetstring v_public_enc_key_y; var bitstring v_enc_value; var octetstring v_ec_hash; var PublicVerificationKey v_public_verification_key; var Oct8 v_ec_hashed_id8; var octetstring public_enc_key_x; var octetstring public_enc_key_y; Loading @@ -1925,7 +1965,6 @@ module LibItsPki_Functions { var octetstring v_tbs_signed; var Ieee1609Dot2Data v_signed_at_signature; var template (value) EccP256CurvePoint v_eccP256_curve_point; var template (value) EccP256CurvePoint v_enc_eccP256_curve_point; var HashAlgorithm v_hashId; var Signature v_signature; var SequenceOfPsidSsp v_appPermissions := { // ETSI TS 102 965 Table A.1: ETSI ITS standardized ITS-AIDs Loading Loading @@ -2019,7 +2058,6 @@ module LibItsPki_Functions { log("f_generate_inner_at_request: v_tbs= ", v_tbs); // Signed ToBeSigned payload using the private key of EC certificate obtained from Enrolment request // In case of ITS-S privacy, v_signed_at_signature contained the data to be encrypted // TODO Simplify with f_signWithEcdsa if (ischosen(p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP384r1)) { v_hashId := sha384; v_tbs_signed := f_signWithEcdsaBrainpoolp384WithSha384(bit2oct(encvalue(v_tbs)), v_ec_hash, p_ec_private_key); Loading Loading @@ -2172,22 +2210,40 @@ module LibItsPki_Functions { p_inner_at_request.ecSignature := valueof(m_ec_signature_ext_payload(v_signed_at_signature)); } // Build the InnerAtRequest, EcSignature field is already set if (ischosen(p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256)) { if (p_compressed_key_mode == 0) { v_eccP256_curve_point := m_eccP256CurvePoint_compressed_y_0(v_public_key_x); v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_public_key_x)); } else { v_eccP256_curve_point := m_eccP256CurvePoint_compressed_y_1(v_public_key_x); v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_public_key_x)); } v_public_verification_key := valueof(m_publicVerificationKey_ecdsaNistP256(v_eccP256_curve_point)); } else if (ischosen(p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1)) { if (p_compressed_key_mode == 0) { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_public_key_x)); } else { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_public_key_x)); } v_public_verification_key := valueof(m_publicVerificationKey_ecdsaBrainpoolP256r1(v_eccP256_curve_point)); } else { var EccP384CurvePoint v_eccP384_curve_point; if (p_compressed_key_mode == 0) { v_eccP384_curve_point := valueof(m_eccP384CurvePoint_compressed_y_0(v_public_key_x)); } else { v_eccP384_curve_point := valueof(m_eccP384CurvePoint_compressed_y_1(v_public_key_x)); } v_public_verification_key := valueof(m_publicVerificationKey_ecdsaBrainpoolP384r1(v_eccP384_curve_point)); } if (PX_INCLUDE_ENCRYPTION_KEYS) { var template (value) EccP256CurvePoint v_enc_eccP256_curve_point; if (p_compressed_enc_key_mode == 0) { v_enc_eccP256_curve_point := m_eccP256CurvePoint_compressed_y_0(v_public_enc_key_x); } else { v_enc_eccP256_curve_point := m_eccP256CurvePoint_compressed_y_1(v_public_enc_key_x); } if (PX_INCLUDE_ENCRYPTION_KEYS) { p_inner_at_request.publicKeys := valueof( // The freshly generated public verification & encrypition keys to be used for the requested AT certificate m_publicKeys( m_publicVerificationKey_ecdsaNistP256( v_eccP256_curve_point ), v_public_verification_key, m_encryptionKey( // FIXME Encryption keys could be optional -, m_publicEncryptionKey_ecdsaNistP256(v_enc_eccP256_curve_point) Loading @@ -2197,9 +2253,7 @@ module LibItsPki_Functions { } else { p_inner_at_request.publicKeys := valueof( // The freshly generated public verification keys to be used for the requested AT certificate m_publicKeys( m_publicVerificationKey_ecdsaNistP256( v_eccP256_curve_point ) v_public_verification_key ) ); } Loading Loading @@ -2236,6 +2290,7 @@ module LibItsPki_Functions { var octetstring v_public_enc_key_y; var bitstring v_enc_value; var octetstring v_ec_hash; var PublicVerificationKey v_public_verification_key; var Oct8 v_ec_hashed_id8; var octetstring public_enc_key_x; var octetstring public_enc_key_y; Loading Loading @@ -2521,22 +2576,38 @@ module LibItsPki_Functions { p_inner_at_request.ecSignature := valueof(m_ec_signature_ext_payload(v_signed_at_signature)); } // Build the InnerAtRequest, EcSignature field is already set if (ischosen(p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256)) { if (p_compressed_key_mode == 0) { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_public_key_x)); } else { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_public_key_x)); } v_public_verification_key := valueof(m_publicVerificationKey_ecdsaNistP256(v_eccP256_curve_point)); } else if (ischosen(p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1)) { if (p_compressed_key_mode == 0) { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_public_key_x)); } else { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_public_key_x)); } v_public_verification_key := valueof(m_publicVerificationKey_ecdsaBrainpoolP256r1(v_eccP256_curve_point)); } else { var EccP384CurvePoint v_eccP384_curve_point; if (p_compressed_key_mode == 0) { v_eccP256_curve_point := m_eccP256CurvePoint_compressed_y_0(v_public_key_x); v_eccP384_curve_point := valueof(m_eccP384CurvePoint_compressed_y_0(v_public_key_x)); } else { v_eccP256_curve_point := m_eccP256CurvePoint_compressed_y_1(v_public_key_x); v_eccP384_curve_point := valueof(m_eccP384CurvePoint_compressed_y_1(v_public_key_x)); } v_public_verification_key := valueof(m_publicVerificationKey_ecdsaBrainpoolP384r1(v_eccP384_curve_point)); } if (PX_INCLUDE_ENCRYPTION_KEYS) { if (p_compressed_enc_key_mode == 0) { v_enc_eccP256_curve_point := m_eccP256CurvePoint_compressed_y_0(v_public_enc_key_x); } else { v_enc_eccP256_curve_point := m_eccP256CurvePoint_compressed_y_1(v_public_enc_key_x); } if (PX_INCLUDE_ENCRYPTION_KEYS) { p_inner_at_request.publicKeys := valueof( // The freshly generated public verification & encrypition keys to be used for the requested AT certificate m_publicKeys( m_publicVerificationKey_ecdsaNistP256( v_eccP256_curve_point ), v_public_verification_key, m_encryptionKey( // FIXME Encryption keys could be optional -, m_publicEncryptionKey_ecdsaNistP256(v_enc_eccP256_curve_point) Loading @@ -2546,9 +2617,7 @@ module LibItsPki_Functions { } else { p_inner_at_request.publicKeys := valueof( // The freshly generated public verification keys to be used for the requested AT certificate m_publicKeys( m_publicVerificationKey_ecdsaNistP256( v_eccP256_curve_point ) v_public_verification_key ) ); } Loading ttcn/Pki/LibItsPki_Pixits.ttcn +3 −3 Original line number Diff line number Diff line Loading @@ -31,15 +31,15 @@ module LibItsPki_Pixits { modulepar Oct32 PX_EC_HASH := int2oct(0, 32); /** * @desc Indicate which encryption algorithem to be used * @desc Indicate which encryption algorithem to be used for Enrolment Credencial */ modulepar SecurityAlg PX_EC_ALG_FOR_EC := e_nist_p256; // TODO Use RCA to determine encryption algorithm? /** * @desc Indicate which encryption algorithem to be used * @desc Indicate which encryption algorithem to be used for Authorization Request */ modulepar SecurityAlg PX_EC_ALG_FOR_AT := e_nist_p256; /** * @desc Indicate which encryption algorithem to be used * @desc Indicate which encryption algorithem to be used for Authorization Validation Request */ modulepar SecurityAlg PX_EC_ALG_FOR_ATV := e_nist_p256; Loading Loading
ttcn/Pki/LibItsPki_Functions.ttcn +118 −49 Original line number Diff line number Diff line Loading @@ -716,8 +716,10 @@ module LibItsPki_Functions { // Modify signature to get an error if (ischosen(v_inner_ec_request_signed_for_pop.content.signedData.signature_.ecdsaNistP256Signature)) { v_inner_ec_request_signed_for_pop.content.signedData.signature_.ecdsaNistP256Signature.sSig[1] := bit2oct('10101010'B xor4b oct2bit(v_inner_ec_request_signed_for_pop.content.signedData.signature_.ecdsaNistP256Signature.sSig[1])); } else { } else if (ischosen(v_inner_ec_request_signed_for_pop.content.signedData.signature_.ecdsaBrainpoolP256r1Signature)) { v_inner_ec_request_signed_for_pop.content.signedData.signature_.ecdsaBrainpoolP256r1Signature.sSig[1] := bit2oct('10101010'B xor4b oct2bit(v_inner_ec_request_signed_for_pop.content.signedData.signature_.ecdsaBrainpoolP256r1Signature.sSig[1])); } else { v_inner_ec_request_signed_for_pop.content.signedData.signature_.ecdsaBrainpoolP384r1Signature.sSig[1] := bit2oct('10101010'B xor4b oct2bit(v_inner_ec_request_signed_for_pop.content.signedData.signature_.ecdsaBrainpoolP384r1Signature.sSig[1])); } // Secure InnerEcRequestSignedForPoP message Loading Loading @@ -1640,7 +1642,7 @@ module LibItsPki_Functions { // Local variables var Oct32 v_public_key_x; var Oct32 v_public_key_y; var EccP256CurvePoint v_eccP256_curve_point; var PublicVerificationKey v_public_verification_key; log (">>> f_generate_inner_ec_request"); // Generate keys for the certificate to be requested Loading @@ -1648,17 +1650,37 @@ module LibItsPki_Functions { log ("f_generate_inner_ec_request: failed to generate keys"); return false; } // Build the Proof of Possession InnerEcRequest if (PX_VE_ALG == e_nist_p256) { var EccP256CurvePoint v_eccP256_curve_point; if (p_compressed_mode == 0) { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(p_public_key_compressed)); } else { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(p_public_key_compressed)); } // Build the Proof of Possession InnerEcRequest v_public_verification_key := valueof(m_publicVerificationKey_ecdsaNistP256(v_eccP256_curve_point)); } else if (PX_VE_ALG == e_brainpool_p256_r1) { var EccP256CurvePoint v_eccP256_curve_point; if (p_compressed_mode == 0) { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(p_public_key_compressed)); } else { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(p_public_key_compressed)); } v_public_verification_key := valueof(m_publicVerificationKey_ecdsaBrainpoolP256r1(v_eccP256_curve_point)); } else { var EccP384CurvePoint v_eccP384_curve_point; if (p_compressed_mode == 0) { v_eccP384_curve_point := valueof(m_eccP384CurvePoint_compressed_y_0(p_public_key_compressed)); } else { v_eccP384_curve_point := valueof(m_eccP384CurvePoint_compressed_y_1(p_public_key_compressed)); } v_public_verification_key := valueof(m_publicVerificationKey_ecdsaBrainpoolP384r1(v_eccP384_curve_point)); } p_inner_ec_request := valueof( m_innerEcRequest( PICS_ITS_S_CANONICAL_ID, m_publicKeys( m_publicVerificationKey_ecdsaNistP256(v_eccP256_curve_point) v_public_verification_key ), m_certificateSubjectAttributes_id_name( oct2char(PICS_ITS_S_CANONICAL_ID), Loading Loading @@ -1702,7 +1724,10 @@ module LibItsPki_Functions { // Local variables var Oct32 v_public_key_x; var Oct32 v_public_key_y; var EccP256CurvePoint v_eccP256_curve_point; var octetstring v_private_key; var octetstring v_public_key_compressed; var integer v_compressed_mode; var PublicVerificationKey v_public_verification_key; log (">>> f_generate_inner_ec_request_with_wrong_parameters"); // Generate keys for the certificate to be requested Loading @@ -1711,33 +1736,47 @@ module LibItsPki_Functions { return false; } if (p_alter_private_key == false) { if (p_compressed_mode == 0) { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(p_public_key_compressed)); v_private_key := p_private_key; v_public_key_compressed := p_public_key_compressed; v_compressed_mode := p_compressed_mode; } else { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(p_public_key_compressed)); } } else { var octetstring v_private_key; var octetstring v_public_key_compressed; var integer v_compressed_mode; log ("f_generate_inner_ec_request_with_wrong_parameters: Alter verify private key"); if (f_generate_key_pair(v_private_key, v_public_key_x, v_public_key_y, v_public_key_compressed, v_compressed_mode) == false) { log ("f_generate_inner_ec_request_with_wrong_parameters: failed to generate keys"); return false; } } // Build the Proof of Possession InnerEcRequest if (PX_VE_ALG == e_nist_p256) { var EccP256CurvePoint v_eccP256_curve_point; if (v_compressed_mode == 0) { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_public_key_compressed)); } else { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_public_key_compressed)); } v_public_verification_key := valueof(m_publicVerificationKey_ecdsaNistP256(v_eccP256_curve_point)); } else if (PX_VE_ALG == e_brainpool_p256_r1) { var EccP256CurvePoint v_eccP256_curve_point; if (v_compressed_mode == 0) { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_public_key_compressed)); } else { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_public_key_compressed)); } v_public_verification_key := valueof(m_publicVerificationKey_ecdsaBrainpoolP256r1(v_eccP256_curve_point)); } else { var EccP384CurvePoint v_eccP384_curve_point; if (v_compressed_mode == 0) { v_eccP384_curve_point := valueof(m_eccP384CurvePoint_compressed_y_0(v_public_key_compressed)); } else { v_eccP384_curve_point := valueof(m_eccP384CurvePoint_compressed_y_1(v_public_key_compressed)); } v_public_verification_key := valueof(m_publicVerificationKey_ecdsaBrainpoolP384r1(v_eccP384_curve_point)); } // Build the Proof of Possession InnerEcRequest p_inner_ec_request := valueof( m_innerEcRequest( PICS_ITS_S_CANONICAL_ID, m_publicKeys( m_publicVerificationKey_ecdsaNistP256(v_eccP256_curve_point) v_public_verification_key ), m_certificateSubjectAttributes_id_name( oct2char(p_canonical_id), Loading Loading @@ -1912,6 +1951,7 @@ module LibItsPki_Functions { var octetstring v_public_enc_key_y; var bitstring v_enc_value; var octetstring v_ec_hash; var PublicVerificationKey v_public_verification_key; var Oct8 v_ec_hashed_id8; var octetstring public_enc_key_x; var octetstring public_enc_key_y; Loading @@ -1925,7 +1965,6 @@ module LibItsPki_Functions { var octetstring v_tbs_signed; var Ieee1609Dot2Data v_signed_at_signature; var template (value) EccP256CurvePoint v_eccP256_curve_point; var template (value) EccP256CurvePoint v_enc_eccP256_curve_point; var HashAlgorithm v_hashId; var Signature v_signature; var SequenceOfPsidSsp v_appPermissions := { // ETSI TS 102 965 Table A.1: ETSI ITS standardized ITS-AIDs Loading Loading @@ -2019,7 +2058,6 @@ module LibItsPki_Functions { log("f_generate_inner_at_request: v_tbs= ", v_tbs); // Signed ToBeSigned payload using the private key of EC certificate obtained from Enrolment request // In case of ITS-S privacy, v_signed_at_signature contained the data to be encrypted // TODO Simplify with f_signWithEcdsa if (ischosen(p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP384r1)) { v_hashId := sha384; v_tbs_signed := f_signWithEcdsaBrainpoolp384WithSha384(bit2oct(encvalue(v_tbs)), v_ec_hash, p_ec_private_key); Loading Loading @@ -2172,22 +2210,40 @@ module LibItsPki_Functions { p_inner_at_request.ecSignature := valueof(m_ec_signature_ext_payload(v_signed_at_signature)); } // Build the InnerAtRequest, EcSignature field is already set if (ischosen(p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256)) { if (p_compressed_key_mode == 0) { v_eccP256_curve_point := m_eccP256CurvePoint_compressed_y_0(v_public_key_x); v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_public_key_x)); } else { v_eccP256_curve_point := m_eccP256CurvePoint_compressed_y_1(v_public_key_x); v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_public_key_x)); } v_public_verification_key := valueof(m_publicVerificationKey_ecdsaNistP256(v_eccP256_curve_point)); } else if (ischosen(p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1)) { if (p_compressed_key_mode == 0) { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_public_key_x)); } else { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_public_key_x)); } v_public_verification_key := valueof(m_publicVerificationKey_ecdsaBrainpoolP256r1(v_eccP256_curve_point)); } else { var EccP384CurvePoint v_eccP384_curve_point; if (p_compressed_key_mode == 0) { v_eccP384_curve_point := valueof(m_eccP384CurvePoint_compressed_y_0(v_public_key_x)); } else { v_eccP384_curve_point := valueof(m_eccP384CurvePoint_compressed_y_1(v_public_key_x)); } v_public_verification_key := valueof(m_publicVerificationKey_ecdsaBrainpoolP384r1(v_eccP384_curve_point)); } if (PX_INCLUDE_ENCRYPTION_KEYS) { var template (value) EccP256CurvePoint v_enc_eccP256_curve_point; if (p_compressed_enc_key_mode == 0) { v_enc_eccP256_curve_point := m_eccP256CurvePoint_compressed_y_0(v_public_enc_key_x); } else { v_enc_eccP256_curve_point := m_eccP256CurvePoint_compressed_y_1(v_public_enc_key_x); } if (PX_INCLUDE_ENCRYPTION_KEYS) { p_inner_at_request.publicKeys := valueof( // The freshly generated public verification & encrypition keys to be used for the requested AT certificate m_publicKeys( m_publicVerificationKey_ecdsaNistP256( v_eccP256_curve_point ), v_public_verification_key, m_encryptionKey( // FIXME Encryption keys could be optional -, m_publicEncryptionKey_ecdsaNistP256(v_enc_eccP256_curve_point) Loading @@ -2197,9 +2253,7 @@ module LibItsPki_Functions { } else { p_inner_at_request.publicKeys := valueof( // The freshly generated public verification keys to be used for the requested AT certificate m_publicKeys( m_publicVerificationKey_ecdsaNistP256( v_eccP256_curve_point ) v_public_verification_key ) ); } Loading Loading @@ -2236,6 +2290,7 @@ module LibItsPki_Functions { var octetstring v_public_enc_key_y; var bitstring v_enc_value; var octetstring v_ec_hash; var PublicVerificationKey v_public_verification_key; var Oct8 v_ec_hashed_id8; var octetstring public_enc_key_x; var octetstring public_enc_key_y; Loading Loading @@ -2521,22 +2576,38 @@ module LibItsPki_Functions { p_inner_at_request.ecSignature := valueof(m_ec_signature_ext_payload(v_signed_at_signature)); } // Build the InnerAtRequest, EcSignature field is already set if (ischosen(p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256)) { if (p_compressed_key_mode == 0) { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_public_key_x)); } else { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_public_key_x)); } v_public_verification_key := valueof(m_publicVerificationKey_ecdsaNistP256(v_eccP256_curve_point)); } else if (ischosen(p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1)) { if (p_compressed_key_mode == 0) { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_public_key_x)); } else { v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_public_key_x)); } v_public_verification_key := valueof(m_publicVerificationKey_ecdsaBrainpoolP256r1(v_eccP256_curve_point)); } else { var EccP384CurvePoint v_eccP384_curve_point; if (p_compressed_key_mode == 0) { v_eccP256_curve_point := m_eccP256CurvePoint_compressed_y_0(v_public_key_x); v_eccP384_curve_point := valueof(m_eccP384CurvePoint_compressed_y_0(v_public_key_x)); } else { v_eccP256_curve_point := m_eccP256CurvePoint_compressed_y_1(v_public_key_x); v_eccP384_curve_point := valueof(m_eccP384CurvePoint_compressed_y_1(v_public_key_x)); } v_public_verification_key := valueof(m_publicVerificationKey_ecdsaBrainpoolP384r1(v_eccP384_curve_point)); } if (PX_INCLUDE_ENCRYPTION_KEYS) { if (p_compressed_enc_key_mode == 0) { v_enc_eccP256_curve_point := m_eccP256CurvePoint_compressed_y_0(v_public_enc_key_x); } else { v_enc_eccP256_curve_point := m_eccP256CurvePoint_compressed_y_1(v_public_enc_key_x); } if (PX_INCLUDE_ENCRYPTION_KEYS) { p_inner_at_request.publicKeys := valueof( // The freshly generated public verification & encrypition keys to be used for the requested AT certificate m_publicKeys( m_publicVerificationKey_ecdsaNistP256( v_eccP256_curve_point ), v_public_verification_key, m_encryptionKey( // FIXME Encryption keys could be optional -, m_publicEncryptionKey_ecdsaNistP256(v_enc_eccP256_curve_point) Loading @@ -2546,9 +2617,7 @@ module LibItsPki_Functions { } else { p_inner_at_request.publicKeys := valueof( // The freshly generated public verification keys to be used for the requested AT certificate m_publicKeys( m_publicVerificationKey_ecdsaNistP256( v_eccP256_curve_point ) v_public_verification_key ) ); } Loading
ttcn/Pki/LibItsPki_Pixits.ttcn +3 −3 Original line number Diff line number Diff line Loading @@ -31,15 +31,15 @@ module LibItsPki_Pixits { modulepar Oct32 PX_EC_HASH := int2oct(0, 32); /** * @desc Indicate which encryption algorithem to be used * @desc Indicate which encryption algorithem to be used for Enrolment Credencial */ modulepar SecurityAlg PX_EC_ALG_FOR_EC := e_nist_p256; // TODO Use RCA to determine encryption algorithm? /** * @desc Indicate which encryption algorithem to be used * @desc Indicate which encryption algorithem to be used for Authorization Request */ modulepar SecurityAlg PX_EC_ALG_FOR_AT := e_nist_p256; /** * @desc Indicate which encryption algorithem to be used * @desc Indicate which encryption algorithem to be used for Authorization Validation Request */ modulepar SecurityAlg PX_EC_ALG_FOR_ATV := e_nist_p256; Loading
