Skip to content
GitLab
Commit eb8bd36b authored by Yann Garcia's avatar Yann Garcia
Browse files

Bug fixed in Ats Security

parent d0692d41
Hide whitespace changes
Inline Side-by-side
ttcn/Pki/LibItsPki_Functions.ttcn
View file @ eb8bd36b
...@@ -253,6 +253,9 @@ module LibItsPki_Functions { ...@@ -253,6 +253,9 @@ module LibItsPki_Functions {
log("*** f_http_build_inner_ec_request: ERROR: Failed to generate InnerEcRequest ***"); log("*** f_http_build_inner_ec_request: ERROR: Failed to generate InnerEcRequest ***");
f_selfOrClientSyncAndVerdict("error", e_error); f_selfOrClientSyncAndVerdict("error", e_error);
} }
log ("f_http_build_enrolment_request: EC verification private key: ", p_private_key);
log ("f_http_build_enrolment_request: EC verification public compressed key: ", p_public_key_compressed);
log ("f_http_build_enrolment_request: EC verification public compressed mode: ", p_compressed_mode);
// Generate InnerEcRequestSignedForPoP // Generate InnerEcRequestSignedForPoP
if (f_generate_inner_ec_request_signed_for_pop(p_private_key, v_inner_ec_request, v_inner_ec_request_signed_for_pop) == false) { if (f_generate_inner_ec_request_signed_for_pop(p_private_key, v_inner_ec_request, v_inner_ec_request_signed_for_pop) == false) {
log("*** f_http_build_inner_ec_request: ERROR: Failed to generate InnerEcRequestSignedForPop ***"); log("*** f_http_build_inner_ec_request: ERROR: Failed to generate InnerEcRequestSignedForPop ***");
...@@ -276,10 +279,9 @@ module LibItsPki_Functions { ...@@ -276,10 +279,9 @@ module LibItsPki_Functions {
if (PX_FIRST_ENROLMENT == true) { // This is the first enrolment, we used Factory keys if (PX_FIRST_ENROLMENT == true) { // This is the first enrolment, we used Factory keys
v_ret_code := f_build_pki_secured_request_message_signed_with_pop(PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY, valueof(m_signerIdentifier_self), vc_eaHashedId8/*recipientId*/, v_public_enc_key, v_compressed_enc_key_mode, p_salt, bit2oct(encvalue(m_etsiTs102941Data_inner_ec_request_signed_for_pop(v_inner_ec_request_signed_for_pop))), p_ieee1609dot2_signed_and_encrypted_data, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce, p_request_hash); v_ret_code := f_build_pki_secured_request_message_signed_with_pop(PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY, valueof(m_signerIdentifier_self), vc_eaHashedId8/*recipientId*/, v_public_enc_key, v_compressed_enc_key_mode, p_salt, bit2oct(encvalue(m_etsiTs102941Data_inner_ec_request_signed_for_pop(v_inner_ec_request_signed_for_pop))), p_ieee1609dot2_signed_and_encrypted_data, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce, p_request_hash);
} else { // We use last valid EC certificate } else { // We use last valid EC certificate
var Oct32 v_ec_private_key; var Oct32 v_ec_private_key := PX_EC_PRIVATE_KEY;
var HashedId8 v_ec_hashed_id8; var HashedId8 v_ec_hashed_id8 := PX_EC_HASHED_ID8;
// Retrieve EC certificate from the first enrolment // Retrieve EC certificate from the first enrolment
// TODO Set v_ec_private_key & v_ec_hashed_id8
v_ret_code := f_build_pki_secured_request_message_signed_with_pop(v_ec_private_key, valueof(m_signerIdentifier_digest(v_ec_hashed_id8)), v_ec_hashed_id8/*recipientId*/, v_public_enc_key, v_compressed_enc_key_mode, p_salt, bit2oct(encvalue(m_etsiTs102941Data_inner_ec_request_signed_for_pop(v_inner_ec_request_signed_for_pop))), p_ieee1609dot2_signed_and_encrypted_data, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce, p_request_hash); v_ret_code := f_build_pki_secured_request_message_signed_with_pop(v_ec_private_key, valueof(m_signerIdentifier_digest(v_ec_hashed_id8)), v_ec_hashed_id8/*recipientId*/, v_public_enc_key, v_compressed_enc_key_mode, p_salt, bit2oct(encvalue(m_etsiTs102941Data_inner_ec_request_signed_for_pop(v_inner_ec_request_signed_for_pop))), p_ieee1609dot2_signed_and_encrypted_data, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce, p_request_hash);
} }
if (v_ret_code == false) { if (v_ret_code == false) {
...@@ -312,6 +314,9 @@ module LibItsPki_Functions { ...@@ -312,6 +314,9 @@ module LibItsPki_Functions {
log("*** f_http_build_invalid_enrolment_request: ERROR: Failed to generate InnerEcRequest ***"); log("*** f_http_build_invalid_enrolment_request: ERROR: Failed to generate InnerEcRequest ***");
f_selfOrClientSyncAndVerdict("error", e_error); f_selfOrClientSyncAndVerdict("error", e_error);
} }
log ("f_http_build_invalid_enrolment_request: EC verification private key: ", p_private_key);
log ("f_http_build_invalid_enrolment_request: EC verification public compressed key: ", p_public_key_compressed);
log ("f_http_build_invalid_enrolment_request: EC verification public compressed mode: ", p_compressed_mode);
// Generate InnerEcRequestSignedForPoP // Generate InnerEcRequestSignedForPoP
if (f_generate_inner_ec_request_signed_for_pop(p_private_key, v_inner_ec_request, v_inner_ec_request_signed_for_pop) == false) { if (f_generate_inner_ec_request_signed_for_pop(p_private_key, v_inner_ec_request, v_inner_ec_request_signed_for_pop) == false) {
log("*** f_http_build_invalid_enrolment_request: ERROR: Failed to generate InnerEcRequestSignedForPop ***"); log("*** f_http_build_invalid_enrolment_request: ERROR: Failed to generate InnerEcRequestSignedForPop ***");
...@@ -384,6 +389,9 @@ module LibItsPki_Functions { ...@@ -384,6 +389,9 @@ module LibItsPki_Functions {
f_selfOrClientSyncAndVerdict("error", e_error); f_selfOrClientSyncAndVerdict("error", e_error);
return; return;
} }
log ("f_http_build_authorization_request: AT verification private key: ", p_private_key);
log ("f_http_build_authorization_request: AT verification public compressed key: ", p_public_key_compressed);
log ("f_http_build_authorization_request: AT verification public compressed mode: ", p_compressed_mode);
// Generate encryption keys for the certificate to be requested // Generate encryption keys for the certificate to be requested
if (PX_INCLUDE_ENCRYPTION_KEYS) { if (PX_INCLUDE_ENCRYPTION_KEYS) {
if (f_generate_key_pair_nistp256(p_private_enc_key, v_public_enc_key_x, v_public_enc_key_y, p_public_compressed_enc_key, p_compressedEncMode) == false) { if (f_generate_key_pair_nistp256(p_private_enc_key, v_public_enc_key_x, v_public_enc_key_y, p_public_compressed_enc_key, p_compressedEncMode) == false) {
...@@ -620,7 +628,6 @@ module LibItsPki_Functions { ...@@ -620,7 +628,6 @@ module LibItsPki_Functions {
} else { } else {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(p_public_key_compressed)); v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(p_public_key_compressed));
} }
log ("f_generate_inner_ec_request: ", v_eccP256_curve_point);
// Build the Proof of Possession InnerEcRequest // Build the Proof of Possession InnerEcRequest
p_inner_ec_request := valueof( p_inner_ec_request := valueof(
m_innerEcRequest( m_innerEcRequest(
...@@ -942,9 +949,9 @@ module LibItsPki_Functions { ...@@ -942,9 +949,9 @@ module LibItsPki_Functions {
group awaiting_messages { group awaiting_messages {
function f_await_http_inner_ec_request_response( function f_await_http_inner_ec_request_response(
out Oct32 p_private_key, out Oct32 p_private_key,
out Oct32 p_compressed_public_key, out Oct32 p_compressed_public_key,
out integer p_compressed_mode, out integer p_compressed_mode,
out InnerEcResponse p_inner_ec_response out InnerEcResponse p_inner_ec_response
) runs on ItsPkiHttp return boolean { ) runs on ItsPkiHttp return boolean {
var HeaderLines v_headers; var HeaderLines v_headers;
...@@ -991,13 +998,14 @@ module LibItsPki_Functions { ...@@ -991,13 +998,14 @@ module LibItsPki_Functions {
// Verify the received EC certificate // Verify the received EC certificate
log("f_await_http_inner_ec_request_response: match ", match(v_etsi_ts_102941_data.content, mw_enrolmentResponse(mw_innerEcResponse_ok(substr(v_request_hash, 0, 16), mw_etsiTs103097Certificate(-, mw_toBeSignedCertificate_ec, -)))), " ***"); // TODO In TITAN, this is the only way to get the unmatching in log log("f_await_http_inner_ec_request_response: match ", match(v_etsi_ts_102941_data.content, mw_enrolmentResponse(mw_innerEcResponse_ok(substr(v_request_hash, 0, 16), mw_etsiTs103097Certificate(-, mw_toBeSignedCertificate_ec, -)))), " ***"); // TODO In TITAN, this is the only way to get the unmatching in log
if (match(v_etsi_ts_102941_data.content, mw_enrolmentResponse(mw_innerEcResponse_ok(substr(v_request_hash, 0, 16), mw_etsiTs103097Certificate(-, mw_toBeSignedCertificate_ec, -))))) { if (match(v_etsi_ts_102941_data.content, mw_enrolmentResponse(mw_innerEcResponse_ok(substr(v_request_hash, 0, 16), mw_etsiTs103097Certificate(-, mw_toBeSignedCertificate_ec, -))))) {
if (f_verify_ec_certificate(v_etsi_ts_102941_data.content.enrolmentResponse.certificate, p_compressed_public_key, p_compressed_mode)) { p_inner_ec_response := v_etsi_ts_102941_data.content.enrolmentResponse;
p_inner_ec_response := v_etsi_ts_102941_data.content.enrolmentResponse; if (f_verify_ec_certificate(v_etsi_ts_102941_data.content.enrolmentResponse.certificate, vc_eaCertificate, p_compressed_public_key, p_compressed_mode)) {
log("f_await_http_inner_ec_request_response: Well-secured EA certificate received ***"); log("f_await_http_inner_ec_request_response: Well-secured EA certificate received ***");
log("p_inner_ec_response= ", p_inner_ec_response); log("p_inner_ec_response= ", p_inner_ec_response);
return true; return true;
} else { } else {
log("f_await_http_inner_ec_request_response: Cannot verify EC certificate signature ***"); log("f_await_http_inner_ec_request_response: Cannot verify EC certificate signature ***");
return true; // For debug mode only
} }
} else { } else {
log("f_await_http_inner_ec_request_response: Unexpected message received ***"); log("f_await_http_inner_ec_request_response: Unexpected message received ***");
...@@ -1434,16 +1442,24 @@ module LibItsPki_Functions { ...@@ -1434,16 +1442,24 @@ module LibItsPki_Functions {
/** /**
* @desc Verify the EC certificate generated by the EA entity * @desc Verify the EC certificate generated by the EA entity
* @param p_ec_certificate The new EC certificate * @param p_ec_certificate The new EC certificate
* @param p_public_key_compressed The public compressed key (canonical form) for signature check * @param p_ea_certificate The certificate issuer
* @param p_public_key_compressed The public compressed key (canonical form) generated for the InnerEcRequest
* @param p_compressed_mode The public compressed key mode * @param p_compressed_mode The public compressed key mode
* @return true on success, false otherwise * @return true on success, false otherwise
*/ */
function f_verify_ec_certificate( function f_verify_ec_certificate(
in Certificate p_ec_certificate, in Certificate p_ec_certificate,
in Certificate p_ea_certificate,
in octetstring p_public_key_compressed, in octetstring p_public_key_compressed,
in integer p_compressed_mode in integer p_compressed_mode
) return boolean { ) return boolean {
var bitstring v_encoded_tbs; var bitstring v_encoded_cert;
var HashedId8 v_ec_cert_hashed_id8;
// Calculate the HashedId8 of the whole certificate
v_encoded_cert := encvalue(p_ec_certificate);
v_ec_cert_hashed_id8 := f_HashedId8FromSha256(f_hashWithSha256(bit2oct(v_encoded_cert)));
log("f_verify_ec_certificate: EC certificate HashedId8: ", v_ec_cert_hashed_id8);
// Check the signer // Check the signer
log("f_verify_ec_certificate: ", match(p_ec_certificate.issuer, mw_issuerIdentifier_self())); log("f_verify_ec_certificate: ", match(p_ec_certificate.issuer, mw_issuerIdentifier_self()));
...@@ -1453,44 +1469,51 @@ module LibItsPki_Functions { ...@@ -1453,44 +1469,51 @@ module LibItsPki_Functions {
// Check EC certificate signature // Check EC certificate signature
// TODO Who sign the EC certificate? // TODO Who sign the EC certificate?
/*if (f_verifyCertificateSignatureWithPublicKey(p_ec_certificate, p_ec_certificate.toBeSigned.verifyKeyIndicator.verificationKey) == false) { if (f_verifyCertificateSignatureWithPublicKey(p_ec_certificate, p_ea_certificate.toBeSigned.verifyKeyIndicator.verificationKey) == false) {
log("f_verify_ec_certificate: Signature not verified"); log("f_verify_ec_certificate: Signature not verified");
return false; return false;
}*/ }
return true; return true;
} // End of function f_verify_ec_certificate } // End of function f_verify_ec_certificate
/** /**
* @desc Verify the generated AA certificate * @desc Verify the generated AT certificate
* @param p_aa_certificate The new EA certificate * @param p_at_certificate The new AT certificate
* @param p_public_key_compressed The public compressed key (canonical form) for signature check * @param p_ea_certificate The certificate issuer
* @param p_compressed_mode The public compressed key mode * @param p_public_key_compressed The public compressed key (canonical form) generated for the InnerAtRequest
* @param p_compressed_mode The public compressed key mode
* @return true on success, false otherwise * @return true on success, false otherwise
*/ */
function f_verify_aa_certificate( function f_verify_at_certificate(
in Certificate p_at_certificate,
in Certificate p_aa_certificate, in Certificate p_aa_certificate,
in octetstring p_public_key_compressed, in octetstring p_public_key_compressed,
in integer p_compressed_mode in integer p_compressed_mode
) return boolean { ) return boolean {
var bitstring v_encoded_tbs; var bitstring v_encoded_cert;
var boolean v_result; var HashedId8 v_at_cert_hashed_id8;
// Calculate the HashedId8 of the whole certificate
v_encoded_cert := encvalue(p_at_certificate);
v_at_cert_hashed_id8 := f_HashedId8FromSha256(f_hashWithSha256(bit2oct(v_encoded_cert)));
log("f_verify_at_certificate: EC certificate HashedId8: ", v_at_cert_hashed_id8);
// Check certificate format
v_result := match(p_aa_certificate, mw_etsiTs103097Certificate(mw_issuerIdentifier_self, mw_toBeSignedCertificate_aa, -));
// Check the signer // Check the signer
log("f_verify_at_certificate: ", match(p_at_certificate.issuer, mw_issuerIdentifier_self()));
if (match(p_at_certificate.issuer, mw_issuerIdentifier_self)) {
return false;
}
// Check EA certificate signature // Check EC certificate signature
v_encoded_tbs := encvalue(p_aa_certificate.toBeSigned); // TODO Who sign the EC certificate?
v_result := v_result and f_verifyWithEcdsaNistp256WithSha256( if (f_verifyCertificateSignatureWithPublicKey(p_at_certificate, p_aa_certificate.toBeSigned.verifyKeyIndicator.verificationKey) == false) {
bit2oct(v_encoded_tbs), log("f_verify_at_certificate: Signature not verified");
int2oct(0, 32), // self return false;
p_aa_certificate.signature_.ecdsaNistP256Signature.rSig.x_only & p_aa_certificate.signature_.ecdsaNistP256Signature.sSig, }
p_public_key_compressed,
p_compressed_mode);
return v_result; return true;
} // End of function f_verify_aa_certificate } // End of function f_verify_at_certificate
} // End of group inner_ec_xxx } // End of group inner_ec_xxx
......
ttcn/Pki/LibItsPki_Pixits.ttcn
View file @ eb8bd36b
module LibItsPki_Pixits { module LibItsPki_Pixits {
// LibCommon
import from LibCommon_BasicTypesAndValues all;
import from LibCommon_DataStrings all;
// LibIts
import from IEEE1609dot2BaseTypes language "ASN.1:1997" all;
/** /**
* @desc Is the first enrolment? * @desc Is the first enrolment?
*/ */
...@@ -14,5 +21,14 @@ module LibItsPki_Pixits { ...@@ -14,5 +21,14 @@ module LibItsPki_Pixits {
* @desc Do the Authorization Request use SignedWithPop mechanism? * @desc Do the Authorization Request use SignedWithPop mechanism?
*/ */
modulepar boolean PX_AUTHORIZATION_REQUEST_WITH_POP := true; modulepar boolean PX_AUTHORIZATION_REQUEST_WITH_POP := true;
/**
* @desc Contains the private key for the EC certificate, used in case of re-enrolment
*/
modulepar Oct32 PX_EC_PRIVATE_KEY := int2oct(0, 32);
/**
* @desc Contains the hashed id8 of the EC certificate, used in case of re-enrolment
*/
modulepar HashedId8 PX_EC_HASHED_ID8 := int2oct(0, 8);
} // End of module LibItsPki_Pixits } // End of module LibItsPki_Pixits
ttcn/Security/LibItsSecurity_Functions.ttcn
View file @ eb8bd36b
...@@ -795,7 +795,8 @@ module LibItsSecurity_Functions { ...@@ -795,7 +795,8 @@ module LibItsSecurity_Functions {
var octetstring v_certificateIssuer; var octetstring v_certificateIssuer;
var octetstring v_privateKey; var octetstring v_privateKey;
//log(">>> f_buildGnSecuredMessage: p_securedMessage=", p_securedMessage); log(">>> f_buildGnSecuredMessage: p_securedMessage=", p_securedMessage);
log(">>> f_buildGnSecuredMessage: p_payloadField=", p_payloadField);
// Prepare payload to be signed // Prepare payload to be signed
v_toBeSignedData := valueof(p_payloadField); v_toBeSignedData := valueof(p_payloadField);
...@@ -814,44 +815,44 @@ module LibItsSecurity_Functions { ...@@ -814,44 +815,44 @@ module LibItsSecurity_Functions {
f_getCertificateHash(p_certificateName, v_certificateIssuer); f_getCertificateHash(p_certificateName, v_certificateIssuer);
if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature)) { if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature)) {
v_signature := f_signWithEcdsaNistp256WithSha256( v_signature := f_signWithEcdsaNistp256WithSha256(
v_secPayload, v_secPayload,
v_certificateIssuer, v_certificateIssuer,
v_privateKey v_privateKey
); );
p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaNistP256( p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaNistP256(
m_ecdsaP256Signature( m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(substr(v_signature, 0, 32)), m_eccP256CurvePoint_x_only(substr(v_signature, 0, 32)),
substr(v_signature, 32, 32) substr(v_signature, 32, 32)
) )
)); ));
} else if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP256r1Signature)) { } else if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP256r1Signature)) {
v_signature := f_signWithEcdsaBrainpoolp256WithSha256( v_signature := f_signWithEcdsaBrainpoolp256WithSha256(
v_secPayload, v_secPayload,
v_certificateIssuer, v_certificateIssuer,
v_privateKey v_privateKey
); );
p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP256r1( p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP256r1(
m_ecdsaP256Signature( m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(substr(v_signature, 0, 32)), m_eccP256CurvePoint_x_only(substr(v_signature, 0, 32)),
substr(v_signature, 32, 32) substr(v_signature, 32, 32)
) )
)); ));
} else if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP384r1Signature)) { } else if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP384r1Signature)) {
v_signature := f_signWithEcdsaBrainpoolp384WithSha384( v_signature := f_signWithEcdsaBrainpoolp384WithSha384(
v_secPayload, v_secPayload,
v_certificateIssuer, v_certificateIssuer,
v_privateKey v_privateKey
); );
p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP384r1( p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP384r1(
m_ecdsaP384Signature( m_ecdsaP384Signature(
m_eccP384CurvePoint_x_only(substr(v_signature, 0, 32)), m_eccP384CurvePoint_x_only(substr(v_signature, 0, 32)),
substr(v_signature, 32, 32) substr(v_signature, 32, 32)
) )
)); ));
} // TODO To be continued } // TODO To be continued
//log("<<< f_buildGnSecuredMessage: p_securedMessage=", p_securedMessage); log("<<< f_buildGnSecuredMessage: p_securedMessage=", p_securedMessage);
return true; return true;
} // End of function f_buildGnSecuredMessage } // End of function f_buildGnSecuredMessage
...@@ -1068,7 +1069,10 @@ module LibItsSecurity_Functions { ...@@ -1068,7 +1069,10 @@ module LibItsSecurity_Functions {
) runs on ItsSecurityBaseComponent return boolean { ) runs on ItsSecurityBaseComponent return boolean {
// Local variables // Local variables
var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; var EtsiTs103097Certificate v_aaCertificate, v_atCertificate;
log(">>> f_buildGnSecuredCam: p_securedMessage= ", p_securedMessage);
log(">>> f_buildGnSecuredCam: p_payloadField= ", p_payloadField);
// Load certificates if required // Load certificates if required
if (f_prepareCertificates(p_certificateName, v_aaCertificate, v_atCertificate) == false) { if (f_prepareCertificates(p_certificateName, v_aaCertificate, v_atCertificate) == false) {
return false; return false;
...@@ -1077,17 +1081,17 @@ module LibItsSecurity_Functions { ...@@ -1077,17 +1081,17 @@ module LibItsSecurity_Functions {
// Fill the structure with default values, these values will be updated later // Fill the structure with default values, these values will be updated later
p_securedMessage := valueof(m_etsiTs103097Data_signed( p_securedMessage := valueof(m_etsiTs103097Data_signed(
m_signedData( m_signedData(
sha256, sha256,
p_payloadField, p_payloadField,
m_signerIdentifier_self, m_signerIdentifier_self,
m_signature_ecdsaNistP256( m_signature_ecdsaNistP256(
m_ecdsaP256Signature( m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(int2oct(0, 32)), m_eccP256CurvePoint_x_only(int2oct(0, 32)),
int2oct(0, 32) int2oct(0, 32)
) )
) )
) )
)); ));
// Prepare mandatory headers // Prepare mandatory headers
//log("f_buildGnSecuredCam: p_signerIdentifierType=", p_signerIdentifierType); //log("f_buildGnSecuredCam: p_signerIdentifierType=", p_signerIdentifierType);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment