Skip to content
GitLab
Commits (1)
Hide whitespace changes
Inline Side-by-side
ttcn/Pki/LibItsPki_Functions.ttcn
View file @ a9d34302
......@@ -61,28 +61,7 @@ module LibItsPki_Functions {
group pkiConfigurationFunctions {
/**
* @desc Setups default configuration
* @param p_certificateId The certificate identifier the TA shall use in case of secured IUT
*/
function f_cfUp(
in charstring p_certificateId := "CERT_TS_A_EA", // TODO Use a constant
in charstring p_peerCertificateId := "CERT_IUT_A_EA"
) runs on ItsPki /* TITAN TODO: system ItsPkiSystem */ {
map(self:pkiPort, system:pkiPort);
map(self:acPort, system:acPort);
f_connect4SelfOrClientSync();
f_initialiseSecuredMode(p_certificateId, p_peerCertificateId);
f_readCertificate(p_certificateId, vc_eaCertificate);
f_getCertificateDigest(p_certificateId, vc_eaHashedId8);
activate(a_default_pki());
} // End of function f_cfUp
/**
/**
* @desc Setups default configuration
* @param p_certificateId The certificate identifier the TA shall use in case of secured IUT
*/
......@@ -115,27 +94,15 @@ module LibItsPki_Functions {
in charstring p_certificateId := "CERT_TS_A_EA" // TODO Use a constant
) runs on ItsPkiItss /* TITAN TODO: system ItsPkiItssSystem */ {
f_cfUp();
map(self:geoNetworkingPort, system:geoNetworkingPort);
map(self:utPort, system:utPort);
map(self:acPort, system:acPort);
//map(self:acPort, system:acPort);
f_initializeState();
activate(a_default_pki());
// activate(a_default_pki()); TOTO Defualt from geoNet
} // End of function f_cfUp_itss
/**
* @desc Deletes default configuration
*/
function f_cfDown() runs on ItsPki /* TITAN TODO: system ItsPkiSystem */ {
unmap(self:pkiPort, system:pkiPort);
unmap(self:acPort, system:acPort);
f_disconnect4SelfOrClientSync();
f_uninitialiseSecuredMode();
} // End of function f_cfDown
/**
* @desc Deletes default configuration
*/
......@@ -151,9 +118,8 @@ module LibItsPki_Functions {
function f_cfDown_itss() runs on ItsPkiItss /* TITAN TODO: system ItsPkiItssSystem */ {
unmap(self:geoNetworkingPort, system:geoNetworkingPort);
unmap(self:utPort, system:utPort);
unmap(self:acPort, system:acPort);
//unmap(self:acPort, system:acPort);
f_cfDown();
} // End of function f_cfDown
/**
......@@ -192,40 +158,10 @@ module LibItsPki_Functions {
} // End of pkiConfigurationFunctions
group ac_port {
function f_sendAcPkiPrimitive(
in charstring p_certificate,
in octetstring p_private_key,
in octetstring p_publicKeyCompressed,
in integer p_compressedMode
) runs on ItsPki {
var AcSetSecurityData v_ac_set_security_data;
v_ac_set_security_data := { p_certificate, PICS_IUT_CERTIFICATE_ID, p_private_key, p_publicKeyCompressed, p_compressedMode };
acPort.send(AcPkiPrimitive: { acSetSecurityData := v_ac_set_security_data });
tc_ac.start;
alt {
[] acPort.receive(AcPkiResponse: { result := true }) {
tc_ac.stop;
}
[] acPort.receive(AcPkiResponse: { result := false }) {
tc_ac.stop;
log("*** f_sendAcPkiPrimitive: ERROR: Received unexpected message ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[] tc_ac.timeout {
log("*** f_sendAcPkiPrimitive: ERROR: Timeout while waiting for adapter control event result ***");
f_selfOrClientSyncAndVerdict("error", e_timeout);
}
} // End of 'alt' statement
} // End of function f_sendAcPkiPrimitive
} // End of group ac_port
group ut_port {
function f_utInitializeIut(template (value) UtPkiInitialize p_init) runs on ItsPkiItss {
timer tc_wait := PX_TAC;
utPort.send(p_init);
tc_wait.start;
......@@ -298,8 +234,6 @@ module LibItsPki_Functions {
out Ieee1609Dot2Data p_ieee1609dot2_signed_and_encrypted_data,
out Oct32 p_hash_inner_ec_request_signed_for_pop
) runs on ItsPkiHttp {
var octetstring v_publicKeyX;
var octetstring v_publicKeyY
var InnerEcRequest v_inner_ec_request;
var Ieee1609Dot2Data v_inner_ec_request_signed_for_pop;
var bitstring v_inner_ec_request_signed_for_pop_msg;
......@@ -746,7 +680,7 @@ module LibItsPki_Functions {
v_message_to_tag := v_message_to_tag & '03'O & p_publicEncKeyCompressed;
}
log("v_message_to_tag=", v_message_to_tag);
v_key_tag := fx_test_hmac_sha256(v_hmac_key, v_message_to_tag); // TODO Rename and use a wrapper function
v_key_tag := fx_hmac_sha256(v_hmac_key, v_message_to_tag); // TODO Rename and use a wrapper function
log("v_key_tag=", v_key_tag);
// Build the SharedAtRequest
......@@ -1118,7 +1052,7 @@ module LibItsPki_Functions {
// TODO Check p_ieee1609dot2_encrypted_and_signed_data.content.encryptedData.recipients[0].pskRecipInfo. See IEEE Std 1609.2-2017 Clause 6.3.34 PreSharedKeyRecipientInfo
// 1. Decrypt the data
v_plain_message := fx_test_decrypt_aes_128_ccm_test(p_aes_sym_key, p_ieee1609dot2_encrypted_and_signed_data.content.encryptedData.ciphertext.aes128ccm.nonce, p_ieee1609dot2_encrypted_and_signed_data.content.encryptedData.ciphertext.aes128ccm.ccmCiphertext);
v_plain_message := fx_decrypt_aes_128_ccm_test(p_aes_sym_key, p_ieee1609dot2_encrypted_and_signed_data.content.encryptedData.ciphertext.aes128ccm.nonce, p_ieee1609dot2_encrypted_and_signed_data.content.encryptedData.ciphertext.aes128ccm.ccmCiphertext);
if (isbound(v_plain_message) == false) {
return false;
}
......@@ -1284,14 +1218,6 @@ module LibItsPki_Functions {
group altstes {
altstep a_default_pki() runs on ItsPki {
[] pkiPort.receive {
tc_ac.stop;
log("*** a_default: ERROR: Unexpected PKI message received ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
}
altstep a_default_pki_http() runs on ItsPkiHttp {
[] httpPort.receive(
mw_http_response(
......
ttcn/Pki/LibItsPki_TestSystem.ttcn
View file @ a9d34302
......@@ -43,14 +43,6 @@ module LibItsPki_TestSystem {
group portDefinitions {
/**
* @desc Adapter control port
*/
type port AdapterControlPkiPort message {
out AcPkiPrimitive;
in AcPkiResponse;
} // End of AdapterControlPort
/**
* @desc Upper Tester port
*/
......@@ -61,55 +53,38 @@ module LibItsPki_TestSystem {
} // End of group portDefinitions
group interfacePorts {
type port PkiPort message {
inout InnerEcRequest, InnerEcResponse, AuthorizationValidationRequest, AuthorizationValidationResponse;
} // End of PkiPort
} // End of group interfacePorts
group componentDefinitions {
type component ItsPkiSystem {
port AdapterControlPkiPort acPort;
port PkiPort pkiPort;
} // End of component ItsPkiSystem
/**
* @desc System component
*/
type component ItsPkiHttpSystem extends HttpTestAdapter{
} // End of component ItsPkiHttpSystem
type component ItsPkiItssSystem extends ItsPkiSystem {
/**
* @desc Test component for PKI entities execpt ITS-S
*/
type component ItsPkiHttp extends ItsSecurityBaseComponent, HttpComponent {
var Certificate vc_eaCertificate; /** Test Adapter EA certificate */
var octetstring vc_eaPrivateKey; /** Test Adapter EA private key for signature */
var Certificate vc_ecCertificate; /** Test Adapter EC certificate */
var octetstring vc_ecPrivateKey; /** Test Adapter EC private key for signature */
var octetstring vc_eaPrivateEncKey; /** Test Adapter EA private key for encryption */
var HashedId8 vc_eaHashedId8; /** Test Adapter EA HashedId8 for decryption of IUT's response */
var octetstring vc_eaWholeHash; /** TS EA whole-hash for signature check */
var HashedId8 vc_ecHashedId8; /** Test Adapter EC HashedId8 for decryption of IUT's response */
var Certificate vc_peerEaCertificate; /** IUT EA certificate for signature check */
var octetstring vc_eaPeerWholeHash; /** IUT EA whole-hash for signature check */
} // End of component ItsPki
/**
* @desc Test component for ITS-S entity
*/
type component ItsPkiItss extends ItsPkiHttp {
port UpperTesterPkiPort utPort;
port GeoNetworkingPort geoNetworkingPort;
} // End of component ItsPkiItssSystem
} // End of component ItsPkiItss
} // End of group componentDefinitions
type component ItsPki extends ItsSecurityBaseComponent, ItsBaseMtc {
port AdapterControlPkiPort acPort;
port PkiPort pkiPort;
var Certificate vc_eaCertificate; /** Test Adapter EA certificate */
var HashedId8 vc_eaHashedId8; /** Test Adapter EA HashedId8 for decryption of IUT's response */
} // End of component ItsPki
type component ItsPkiHttp extends ItsSecurityBaseComponent, HttpComponent {
var Certificate vc_eaCertificate; /** Test Adapter EA certificate */
var octetstring vc_eaPrivateKey; /** Test Adapter EA private key for signature */
var Certificate vc_ecCertificate; /** Test Adapter EC certificate */
var octetstring vc_ecPrivateKey; /** Test Adapter EC private key for signature */
var octetstring vc_eaPrivateEncKey; /** Test Adapter EA private key for encryption */
var HashedId8 vc_eaHashedId8; /** Test Adapter EA HashedId8 for decryption of IUT's response */
var octetstring vc_eaWholeHash; /** TS EA whole-hash for signature check */
var HashedId8 vc_ecHashedId8; /** Test Adapter EC HashedId8 for decryption of IUT's response */
var Certificate vc_peerEaCertificate; /** IUT EA certificate for signature check */
var octetstring vc_eaPeerWholeHash; /** IUT EA whole-hash for signature check */
} // End of component ItsPki
type component ItsPkiItss extends ItsPki {
port UpperTesterPkiPort utPort;
port GeoNetworkingPort geoNetworkingPort;
} // End of component ItsPkiItss
} // End of module LibItsPki_TestSystem
ttcn/Security/LibItsSecurity_Functions.ttcn
View file @ a9d34302
......@@ -56,7 +56,7 @@ module LibItsSecurity_Functions {
} // End of function f_hashWithSha256
/**
* @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature
* @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature based on standard IEEE 1609.2
* @param p_toBeSignedSecuredMessage The data to be signed
* @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate
* @param p_privateKey The private key for signature
......@@ -76,7 +76,7 @@ module LibItsSecurity_Functions {
} // End of function f_signWithEcdsaNistp256WithSha256
/**
* @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature
* @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature based on standard IEEE 1609.2
* @param p_toBeSignedSecuredMessage The data to be signed
* @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate
* @param p_privateKey The private key for signature
......@@ -96,7 +96,7 @@ module LibItsSecurity_Functions {
} // End of function f_signWithEcdsaBrainpoolp256WithSha256
/**
* @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature
* @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature based on standard IEEE 1609.2
* @param p_toBeSignedSecuredMessage The data to be signed
* @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate
* @param p_privateKey The private key for signature
......@@ -2315,24 +2315,33 @@ module LibItsSecurity_Functions {
*/
external function fx_hashWithSha384(in octetstring p_toBeHashedData) return Oct48;
external function fx_test_hmac_sha256(in octetstring p_k, in octetstring p_m) return octetstring;
external function fx_hmac_sha256(in octetstring p_k, in octetstring p_m) return octetstring;
/**
* @desc Test function the validate AES128 CCM encryption based on IEEE Std 1609.2-20XX Annex D.6.1 AES-CCM-128
* @return The encrypted test
* @desc This function validates AES128 CCM encryption based on IEEE Std 1609.2-20XX Annex D.6.1 AES-CCM-128
* @param[in] The symmetric AES 128 encryption key
* @param[in] The initial vector (aka nonce)
* @param[in] The raw payload
* @return The encrypted payload
*/
external function fx_test_encrypt_aes_128_ccm_test(in octetstring p_k, in octetstring p_n, in octetstring p_pt) return octetstring;
external function fx_encrypt_aes_128_ccm_test(in octetstring p_k, in octetstring p_n, in octetstring p_pt) return octetstring;
/**
* @desc Test function the validate AES128 CCM decryption based on IEEE Std 1609.2-20XX Annex D.6.1 AES-CCM-128
* @return The decrypted test
* @desc TThis function validates AES128 CCM encryption based on AES-GCM-256
* @param[in] The symmetric AES 128 encryption key
* @param[in] The initial vector (aka nonce)
* @param[in] The raw payload
* @return The encrypted payload
*/
external function fx_test_decrypt_aes_128_ccm_test(in octetstring p_k, in octetstring p_n, in octetstring p_pt) return octetstring;
external function fx_encrypt_aes_128_gcm_test(in octetstring p_k, in octetstring p_n, in octetstring p_pt) return octetstring;
/**
* @desc Test function the validate AES128 CCM encryption based on AES-GCM-256
* @return The decrypted test
* @desc This function validates AES128 CCM decryption based on IEEE Std 1609.2-20XX Annex D.6.1 AES-CCM-128
* @param[in] The symmetric AES 128 encryption key
* @param[in] The initial vector (aka nonce)
* @param[in] The cyphered payload
* @return The raw payload
*/
external function fx_test_encrypt_aes_128_gcm_test(in octetstring p_k, in octetstring p_n, in octetstring p_pt) return octetstring;
external function fx_decrypt_aes_128_ccm_test(in octetstring p_k, in octetstring p_n, in octetstring p_pt) return octetstring;
/**
* @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) encryption using Nist-P256 algorithm
......@@ -2349,6 +2358,7 @@ module LibItsSecurity_Functions {
external function fx_encryptWithEciesNistp256WithSha256(in octetstring p_toBeEncryptedSecuredMessage, in Oct32 p_recipientsPublicKeyCompressed, in integer p_compressedMode, in octetstring p_salt, out Oct32 p_publicEphemeralKeyCompressed, out integer p_ephemeralKeyModeCompressed, out Oct16 p_aes_sym_key, out Oct16 p_encrypted_sym_key, out Oct16 p_authentication_vector, out Oct12 p_nonce, in boolean p_use_hardcoded_values := false) return octetstring;
external function fx_test_encryptWithEciesNistp256WithSha256(in octetstring p_toBeEncryptedSecuredMessage, in Oct32 p_privateEphemeralKey, in Oct32 p_recipientPublicKeyX, in Oct32 p_recipientPublicKeyY, in octetstring p_salt, out Oct32 p_publicEphemeralKeyX, out Oct32 p_publicEphemeralKeyY, out Oct16 p_aes_sym_key, out Oct16 p_encrypted_sym_key, out Oct16 p_authentication_vector, out Oct12 p_nonce) return octetstring;
/**
* @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) decryption using Nist-P256 algorithm
* @param p_encryptedSecuredMessage The data to be decrypted
......@@ -2395,8 +2405,9 @@ module LibItsSecurity_Functions {
* @return The signature value
*/
external function fx_signWithEcdsaNistp256WithSha256(in octetstring p_toBeSignedSecuredMessage, in Oct32 p_certificateIssuer, in Oct32 p_privateKey) return octetstring;
external function fx_test_signWithEcdsaNistp256WithSha256(in octetstring p_toBeSignedSecuredMessage, in Oct32 p_privateKey) return octetstring;
/**
* @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature
* @param p_toBeSignedSecuredMessage The data to be signed
......