Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
TTCN-3 Libraries
LibIts
Commits
f69ead2f
Commit
f69ead2f
authored
Jul 02, 2020
by
Yann Garcia
Browse files
Merge branch 'TTF0002' of
https://forge.etsi.org/rep/LIBS/LibIts
into TTF0002
parents
41d34340
5d19fb46
Changes
3
Hide whitespace changes
Inline
Side-by-side
ttcn/Pki/LibItsPki_Functions.ttcn
View file @
f69ead2f
...
...
@@ -2940,6 +2940,52 @@ module LibItsPki_Functions {
}
// End of group authorization_validation_xxx
group
dc
{
function
f_build_dc_ctl
(
in
charstring
p_ea_certificate_id
,
in
charstring
p_aa_certificate_id
,
in
charstring
p_rca_certificate_id
)
{
// Local variables
var
EtsiTs103097Certificate
v_ea_certificate
;
var
EtsiTs103097Certificate
v_aa_certificate
;
var
EtsiTs103097Certificate
v_rca_certificate
;
var
CtlCommands
v_ctl_commands
;
var
ToBeSignedRcaCtl
v_to_be_signed_rca_ctl
;
var
EtsiTs102941Data
v_etsi_ts_102941_data
;
var
octetstring
p_pki_message
;
var
ToBeSignedData
v_tbs
;
// Load certificates
f_readCertificate
(
p_ea_certificate_id
,
v_ea_certificate
);
f_readCertificate
(
p_aa_certificate_id
,
v_aa_certificate
);
f_readCertificate
(
p_rca_certificate_id
,
v_rca_certificate
);
// Create ctrlCommnand list
v_ctl_commands
:=
{
{
add
:=
{
rca
:=
valueof
(
m_root_ca_entry
(
v_rca_certificate
))
}
},
{
add
:=
{
aa
:=
valueof
(
m_aa_entry
(
v_aa_certificate
,
"http://www.etsi.org"
))
}
},
{
add
:=
{
ea
:=
valueof
(
m_ea_entry
(
v_ea_certificate
,
"http://www.etsi.org"
))
}
}
};
// Build the main data structure
v_to_be_signed_rca_ctl
:=
valueof
(
m_to_be_signed_rca_full_ctl
(
1000
,
1
,
v_ctl_commands
));
// Encode the main data structure
v_etsi_ts_102941_data
:=
valueof
(
m_etsiTs102941Data_to_be_signed_rca_ctl
(
v_to_be_signed_rca_ctl
));
p_pki_message
:=
bit2oct
(
encvalue
(
v_etsi_ts_102941_data
));
// Signed the encoded PKI message
v_tbs
:=
valueof
(
m_toBeSignedData
(
m_signedDataPayload
(
m_etsiTs103097Data_unsecured
(
p_pki_message
)
),
m_headerInfo_inner_pki_response
(
-
,
(
f_getCurrentTime
()
*
1000
)
/*us*/
)
)
);
}
// End of function f_build_dc_ctl
}
// End of group dc
group
rca
{
function
f_verify_rca_ctl_response_message
(
...
...
@@ -2951,7 +2997,7 @@ module LibItsPki_Functions {
var
bitstring
v_tbs
;
var
Certificate
v_certificate
;
var
charstring
v_certificate_id
;
var
O
ct
32
v_issuer
;
var
o
ct
etstring
v_issuer
;
var
EtsiTs102941Data
v_etsi_ts_102941_data
;
log
(
">>> f_verify_rca_ctl_response_message: p_ieee1609dot2_signed_data= "
,
p_ieee1609dot2_signed_data
);
...
...
@@ -2964,8 +3010,9 @@ module LibItsPki_Functions {
return
false
;
}
}
f_getCertificateHash
256
(
v_certificate_id
,
v_issuer
);
f_getCertificateHash
(
v_certificate_id
,
v_issuer
);
if
(
f_verifyEcdsa
(
bit2oct
(
v_tbs
),
v_issuer
,
p_ieee1609dot2_signed_data
.
content
.
signedData
.
signature_
,
v_certificate
.
toBeSigned
.
verifyKeyIndicator
.
verificationKey
)
==
false
)
{
log
(
"f_verify_rca_ctl_response_message: Failed to verify signature"
);
if
(
p_check_security
==
true
)
{
return
false
;
}
...
...
@@ -3002,7 +3049,7 @@ module LibItsPki_Functions {
var
bitstring
v_tbs
;
var
Certificate
v_certificate
;
var
charstring
v_certificate_id
;
var
O
ct
32
v_issuer
;
var
o
ct
etstring
v_issuer
;
var
EtsiTs102941Data
v_etsi_ts_102941_data
;
log
(
">>> f_verify_rca_crl_response_message: p_ieee1609dot2_signed_data= "
,
p_ieee1609dot2_signed_data
);
...
...
@@ -3015,8 +3062,9 @@ module LibItsPki_Functions {
return
false
;
}
}
f_getCertificateHash
256
(
v_certificate_id
,
v_issuer
);
f_getCertificateHash
(
v_certificate_id
,
v_issuer
);
if
(
f_verifyEcdsa
(
bit2oct
(
v_tbs
),
v_issuer
,
p_ieee1609dot2_signed_data
.
content
.
signedData
.
signature_
,
v_certificate
.
toBeSigned
.
verifyKeyIndicator
.
verificationKey
)
==
false
)
{
log
(
"f_verify_rca_crl_response_message: Failed to verify signature"
);
if
(
p_check_security
==
true
)
{
return
false
;
}
...
...
@@ -3853,7 +3901,7 @@ module LibItsPki_Functions {
m_etsiTs103097Data_unsecured
(
p_pki_message
)
),
m_headerInfo_inner_pki_response
(
-
,
(
f_getCurrentTime
()
*
1000
)
/*us*/
)
);
);
if
(
ischosen
(
p_signer_identifier
.
self_
))
{
v_tbs_signed
:=
f_signWithEcdsaNistp256WithSha256
(
bit2oct
(
encvalue
(
v_tbs
)),
int2oct
(
0
,
32
),
p_private_key
);
}
else
{
...
...
ttcn/Pki/LibItsPki_Templates.ttcn
View file @
f69ead2f
...
...
@@ -151,6 +151,15 @@ module LibItsPki_Templates {
)
modifies
mw_etsiTs103097Data_encrypted
:=
{
}
// End of template mw_authorizationResponseMessage
template
(
value
)
EtsiTs102941Data
m_etsiTs102941Data_to_be_signed_rca_ctl
(
in
template
(
value
)
ToBeSignedRcaCtl
p_to_be_signed_rca_ctl
)
:=
{
version
:=
PkiProtocolVersion
,
content
:=
{
certificateTrustListRca
:=
p_to_be_signed_rca_ctl
}
}
// End of template m_etsiTs102941Data_to_be_signed_rca_ctl
template
(
present
)
EtsiTs102941Data
mw_etsiTs102941Data_to_be_signed_rca_ctl
(
template
(
present
)
ToBeSignedRcaCtl
p_to_be_signed_rca_ctl
:=
?
)
:=
{
...
...
@@ -548,6 +557,18 @@ module LibItsPki_Templates {
certIssuePermissions
:=
p_certIssuePermissions
}
// End of template mw_certificate_subject_attributes
template
(
value
)
ToBeSignedRcaCtl
m_to_be_signed_rca_full_ctl
(
in
Time32
p_next_update
,
in
UInt8
p_ctl_sequence
,
in
CtlCommands
p_ctl_commands
)
:=
{
version
:=
1
,
nextUpdate
:=
p_next_update
,
isFullCtl
:=
true
,
ctlSequence
:=
p_ctl_sequence
,
ctlCommands
:=
p_ctl_commands
}
// End of template m_to_be_signed_rca_ful_ctl
template
(
present
)
ToBeSignedRcaCtl
mw_to_be_signed_rca_full_ctl
:=
{
version
:=
1
,
nextUpdate
:=
?
,
...
...
@@ -564,6 +585,17 @@ module LibItsPki_Templates {
ctlCommands
:=
?
}
// End of template mw_to_be_signed_rca_delta_ctl
template
(
value
)
ToBeSignedCrl
m_to_be_signed_crl
(
in
Time32
p_this_update
,
in
Time32
p_next_update
,
in
CrlEntries
p_entries
)
:=
{
version
:=
1
,
thisUpdate
:=
p_this_update
,
nextUpdate
:=
p_next_update
,
entries
:=
p_entries
}
// End of template m_to_be_signed_crl
template
(
present
)
ToBeSignedCrl
mw_to_be_signed_crl
:=
{
version
:=
1
,
thisUpdate
:=
?
,
...
...
@@ -580,6 +612,13 @@ module LibItsPki_Templates {
accessPoint
:=
p_accessPoint
}
// End of template mw_tlm_entry
template
(
value
)
RootCaEntry
m_root_ca_entry
(
in
template
(
value
)
EtsiTs103097Certificate
p_selfsignedRootCa
)
:=
{
selfsignedRootCa
:=
p_selfsignedRootCa
,
linkRootCaCertificate
:=
omit
}
// End of template m_root_ca_entry
template
(
present
)
RootCaEntry
mw_root_ca_entry
(
template
(
present
)
EtsiTs103097Certificate
p_selfsignedRootCa
:=
?
)
:=
{
...
...
@@ -587,6 +626,15 @@ module LibItsPki_Templates {
linkRootCaCertificate
:=
*
}
// End of template mw_root_ca_entry
template
(
value
)
EaEntry
m_ea_entry
(
in
template
(
value
)
EtsiTs103097Certificate
p_eaCertificate
,
in
template
(
value
)
Url
p_aaAccessPoint
)
:=
{
eaCertificate
:=
p_eaCertificate
,
aaAccessPoint
:=
p_aaAccessPoint
,
itsAccessPoint
:=
omit
}
// End of template m_ea_entry
template
(
present
)
EaEntry
mw_ea_entry
(
template
(
present
)
EtsiTs103097Certificate
p_eaCertificate
:=
?
,
template
(
present
)
Url
p_aaAccessPoint
:=
?
...
...
@@ -594,7 +642,15 @@ module LibItsPki_Templates {
eaCertificate
:=
p_eaCertificate
,
aaAccessPoint
:=
p_aaAccessPoint
,
itsAccessPoint
:=
*
}
// End of linkRootCaCertificate mw_ea_entry
}
// End of template mw_ea_entry
template
(
value
)
AaEntry
m_aa_entry
(
in
template
(
value
)
EtsiTs103097Certificate
p_aaCertificate
,
in
template
(
value
)
Url
p_accessPoint
)
:=
{
aaCertificate
:=
p_aaCertificate
,
accessPoint
:=
p_accessPoint
}
// End of template m_aa_entry
template
(
present
)
AaEntry
mw_aa_entry
(
template
(
present
)
EtsiTs103097Certificate
p_aaCertificate
:=
?
,
...
...
ttcn/Pki/LibItsPki_TypesAndValues.ttcn
View file @
f69ead2f
...
...
@@ -17,6 +17,7 @@ module LibItsPki_TypesAndValues {
// LibIts
import
from
IEEE1609dot2BaseTypes
language
"ASN.1:1997"
all
;
import
from
EtsiTs103097Module
language
"ASN.1:1997"
all
;
import
from
EtsiTs102941TrustLists
language
"ASN.1:1997"
all
;
group
constants
{
...
...
@@ -135,7 +136,11 @@ module LibItsPki_TypesAndValues {
octetstring
hashed_id8
,
EtsiTs103097Certificate
at_certificate
}
// End of type InfoPortData
type
record
of
CrlEntry
CrlEntries
;
type
record
of
CtlCommand
CtlCommands
;
}
with
{
variant
""
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment