Skip to content
GitLab
Projects
Groups
Topics
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
TTCN-3 Libraries
LibIts
Compare revisions
56d65ed3c8413efdfdd01fc6c6bcb1df5263fa65...aabcd1ceff5219dc4d53fda9db26d841e2dd6673
Commits (2)
STF545: Execute first EA tests
· 900b6d5f
garciay
authored
Oct 08, 2018
900b6d5f
Review Pki Test System
· aabcd1ce
Yann Garcia
authored
Oct 08, 2018
aabcd1ce
Hide whitespace changes
Inline
Side-by-side
ttcn/Pki/LibItsPki_Functions.ttcn
0 → 100644
View file @
aabcd1ce
/**
* @author ETSI / STF544
* @version $URL$
* $Id$
* @desc Module containing functions for ITS PKI ATS
* @copyright ETSI Copyright Notification
* No part may be reproduced except as authorized by written permission.
* The copyright and the foregoing restriction extend to reproduction in all media.
* All rights reserved.
*
*/
module
LibItsPki_Functions
{
// LibCommon
import
from
LibCommon_Time
all
;
import
from
LibCommon_VerdictControl
all
;
import
from
LibCommon_Sync
all
;
import
from
LibCommon_BasicTypesAndValues
all
;
import
from
LibCommon_DataStrings
all
;
// LibIts
import
from
IEEE1609dot2BaseTypes
language
"ASN.1:1997"
all
;
import
from
IEEE1609dot2
language
"ASN.1:1997"
all
;
import
from
EtsiTs102941BaseTypes
language
"ASN.1:1997"
all
;
import
from
EtsiTs102941TypesEnrolment
language
"ASN.1:1997"
all
;
import
from
EtsiTs102941MessagesItss
language
"ASN.1:1997"
all
;
import
from
EtsiTs103097Module
language
"ASN.1:1997"
all
;
import
from
ITS_Container
language
"ASN.1:1997"
all
;
import
from
CAM_PDU_Descriptions
language
"ASN.1:1997"
all
;
// LibItsCommon
import
from
LibItsCommon_TestSystem
all
;
import
from
LibItsCommon_Functions
all
;
import
from
LibItsCommon_ASN1_NamedNumbers
all
;
import
from
LibItsCommon_Pixits
all
;
// LibItsSecurity
import
from
LibItsSecurity_TypesAndValues
all
;
import
from
LibItsSecurity_Templates
all
;
import
from
LibItsSecurity_Functions
all
;
import
from
LibItsSecurity_Pixits
all
;
// LibItsHttp
import
from
LibItsHttp_TypesAndValues
all
;
import
from
LibItsHttp_TestSystem
all
;
// LibItsPki
import
from
LibItsPki_Templates
all
;
import
from
LibItsPki_TestSystem
all
;
group
pkiConfigurationFunctions
{
/**
* @desc Setups default configuration
* @param p_certificateId The certificate identifier the TA shall use in case of secured IUT
*/
function
f_cfUp
(
in
charstring
p_certificateId
:=
"CERT_TS_A_EA"
// TODO Use a constant
)
runs
on
ItsPki
/* TITAN TODO: system ItsPkiSystem */
{
map
(
self
:
pkiPort
,
system
:
pkiPort
);
f_connect4SelfOrClientSync
();
if
(
not
f_loadCertificates
(
PX_IUT_SEC_CONFIG_NAME
)
)
{
log
(
"*** INFO: TEST CASE NOW STOPPING ITSELF! ***"
);
stop
;
}
f_prepareCertificates
(
p_certificateId
,
vc_aaCertificate
,
vc_atCertificate
);
f_readCertificate
(
p_certificateId
,
vc_eaCertificate
);
}
// End of function f_cfUp
/**
* @desc Setups default configuration
* @param p_certificateId The certificate identifier the TA shall use in case of secured IUT
*/
function
f_cfHttpUp
(
in
charstring
p_certificateId
:=
"CERT_TS_A_EA"
// TODO Use a constant
)
runs
on
ItsPkiHttp
/* TITAN TODO: system ItsPkiHttpSystem */
{
map
(
self
:
httpPort
,
system
:
httpPort
);
f_connect4SelfOrClientSync
();
if
(
not
f_loadCertificates
(
PX_IUT_SEC_CONFIG_NAME
)
)
{
log
(
"*** INFO: TEST CASE NOW STOPPING ITSELF! ***"
);
stop
;
}
f_prepareCertificates
(
p_certificateId
,
vc_aaCertificate
,
vc_atCertificate
);
f_readCertificate
(
p_certificateId
,
vc_eaCertificate
);
}
// End of function f_cfHttpUp
/**
* @desc Deletes default configuration
*/
function
f_cfDown
()
runs
on
ItsPki
/* TITAN TODO: system ItsPkiSystem */
{
unmap
(
self
:
pkiPort
,
system
:
pkiPort
);
f_disconnect4SelfOrClientSync
();
}
// End of function f_cfDown
/**
* @desc Deletes default configuration
*/
function
f_cfHttpDown
()
runs
on
ItsPkiHttp
/* TITAN TODO: system ItsPkiHttpSystem */
{
unmap
(
self
:
httpPort
,
system
:
httpPort
);
f_disconnect4SelfOrClientSync
();
}
// End of function f_cfHttpDown
/**
* @desc Initialise secure mode if required
*/
function
f_initialiseSecuredMode
()
runs
on
ItsPki
{
// Local variables
// Load certificates
if
(
not
f_loadCertificates
(
PX_IUT_SEC_CONFIG_NAME
)
)
{
log
(
"*** INFO: TEST CASE NOW STOPPING ITSELF! ***"
);
stop
;
}
}
// End of function f_initialiseSecuredMode()
function
f_uninitialiseSecuredMode
()
runs
on
ItsPki
{
f_unloadCertificates
();
}
// End of function f_uninitialiseSecuredMode()
}
// End of pkiConfigurationFunctions
group
inner_ec_xxx
{
function
f_generate_innerEcRequestSignedForPop
(
out
Oct32
p_private_key
,
out
Oct32
p_publicKeyX
,
out
Oct32
p_publicKeyY
,
out
Oct32
p_publicKeyCompressed
,
out
integer
p_compressedMode
,
out
InnerEcRequest
p_inner_ec_request
)
return
boolean
{
// Local variables
var
template
(
value
)
EccP256CurvePoint
v_eccP256_curve_point
;
// Generate keys for the certificate to be requested
if
(
f_generate_key_pair_nistp256
(
p_private_key
,
p_publicKeyX
,
p_publicKeyY
,
p_publicKeyCompressed
,
p_compressedMode
)
==
false
)
{
return
false
;
}
log
(
"p_private_key = "
,
p_private_key
);
log
(
"p_public_key X= "
,
p_publicKeyX
);
log
(
"p_public_key Y= "
,
p_publicKeyY
);
log
(
"p_public_key compressed= "
,
p_publicKeyCompressed
,
p_compressedMode
);
if
(
p_compressedMode
==
0
)
{
v_eccP256_curve_point
:=
m_eccP256CurvePoint_compressed_y_0
(
p_publicKeyCompressed
);
}
else
{
v_eccP256_curve_point
:=
m_eccP256CurvePoint_compressed_y_1
(
p_publicKeyCompressed
);
}
// Build the Proof of Possession InnerEcRequestSignedForPop
p_inner_ec_request
:=
valueof
(
m_innerEcRequest
(
"CanonicalItsId"
,
m_publicKeys
(
m_publicVerificationKey_ecdsaNistP256
(
v_eccP256_curve_point
),
m_encryptionKey
(
-
,
m_publicEncryptionKey_ecdsaNistP256
(
v_eccP256_curve_point
)
)
),
m_certificateSubjectAttributes
(
{
// ETSI TS 102 965 Table A.1: ETSI ITS standardized ITS-AIDs
valueof
(
m_appPermissions
(
36
,
{
bitmapSsp
:=
'
830001
'
O
})),
valueof
(
m_appPermissions
(
37
,
{
bitmapSsp
:=
'
830001
'
O
}))
},
m_validityPeriod
(
17469212
,
m_duration_years
(
10
)
),
m_geographicRegion_identifiedRegion
(
{
m_identifiedRegion_country_only
(
12
),
m_identifiedRegion_country_only
(
34
)
}
),
'
C0
'
O
)
)
);
return
true
;
}
// End of function f_generate_innerEcRequestSignedForPop
function
f_buildPkiSecuredinnerEcRequestSignedForPop
(
in
Oct32
p_private_key
,
in
Oct32
p_publicKeyCompressed
,
in
integer
p_compressedMode
,
in
InnerEcRequest
p_inner_ec_request
,
out
Ieee1609Dot2Data
p_ieee1609dot2_signed_and_encrypted_data
)
return
boolean
{
// Local variables
var
template
(
value
)
EccP256CurvePoint
v_eccP256_curve_point
;
var
octetstring
v_encoded_inner_ec_request
;
var
template
(
value
)
ToBeSignedData
v_tbs
;
var
Oct32
v_tbs_signed
;
var
template
(
value
)
Ieee1609Dot2Data
v_ieee1609dot2_signed_data
;
var
Oct12
v_nonce
;
var
Oct16
v_authentication_vector
;
var
Oct16
v_encrypted_sym_key
;
var
Oct32
v_publicEphemeralKeyCompressed
;
var
integer
v_ephemeralKeyModeCompressed
;
var
HashedId8
v_recipientId
;
var
octetstring
v_encrypted_inner_ec_request
;
// Encode it
v_encoded_inner_ec_request
:=
bit2oct
(
encvalue
(
p_inner_ec_request
));
// Signed the encoded InnerEcRequestSignedForPop
v_tbs
:=
m_toBeSignedData
(
m_signedDataPayload
(
m_etsiTs103097Data_unsecured
(
v_encoded_inner_ec_request
)
),
m_headerInfo_inner_ec_request
(
12345
,
f_getCurrentTime
())
// TODO Use PIXIT
);
// Signed the encoded InnerEcRequestSignedForPop
v_tbs_signed
:=
fx_signWithEcdsaNistp256WithSha256
(
bit2oct
(
encvalue
(
v_tbs
)),
int2oct
(
0
,
32
),
p_private_key
);
// TODO Use wrapping function
// Finalyse signed InnerEcRequestSignedForPop
v_ieee1609dot2_signed_data
:=
m_etsiTs103097Data_signed
(
m_signedData
(
sha256
,
v_tbs
,
m_signerIdentifier_self
,
m_signature_ecdsaNistP256
(
m_ecdsaP256Signature
(
m_eccP256CurvePoint_x_only
(
substr
(
v_tbs_signed
,
0
,
32
)
),
substr
(
v_tbs_signed
,
32
,
32
)
)
)
)
);
// Encode InnerEcRequestSignedForPop
v_encoded_inner_ec_request
:=
bit2oct
(
encvalue
(
v_ieee1609dot2_signed_data
));
// Encrypt the encoded signed InnerEcRequestSignedForPop
v_encrypted_inner_ec_request
:=
f_encryptWithEciesNistp256WithSha256
(
v_encoded_inner_ec_request
,
p_publicKeyCompressed
,
p_compressedMode
,
v_publicEphemeralKeyCompressed
,
v_ephemeralKeyModeCompressed
,
v_encrypted_sym_key
,
v_authentication_vector
,
v_nonce
);
v_recipientId
:=
f_HashedId8FromSha256
(
f_hashWithSha256
(
v_encrypted_inner_ec_request
));
// IEEE Std 1609.2a-2017 Clause 6.3.34 PKRecipientInfo
// Fill Certificate template with the public compressed keys (canonical form)
if
(
v_ephemeralKeyModeCompressed
==
0
)
{
v_eccP256_curve_point
:=
valueof
(
m_eccP256CurvePoint_compressed_y_0
(
v_publicEphemeralKeyCompressed
));
}
else
{
v_eccP256_curve_point
:=
valueof
(
m_eccP256CurvePoint_compressed_y_1
(
v_publicEphemeralKeyCompressed
));
}
p_ieee1609dot2_signed_and_encrypted_data
:=
valueof
(
m_etsiTs103097Data_encrypted
(
m_encryptedData
(
{
m_recipientInfo_signedDataRecipInfo
(
m_pKRecipientInfo
(
v_recipientId
,
m_encryptedDataEncryptionKey_eciesNistP256
(
m_evciesP256EncryptedKey
(
v_eccP256_curve_point
,
v_encrypted_sym_key
,
v_authentication_vector
))))
},
m_SymmetricCiphertext_aes128ccm
(
m_aesCcmCiphertext
(
v_nonce
,
v_encrypted_inner_ec_request
)
)
)
)
);
return
true
;
}
// End of function f_buildPkiSecuredinnerEcRequestSignedForPop
}
// End of group inner_ec_xxx
}
// End of module LibItsPki_Functions
ttcn/Security/LibItsSecurity_Functions.ttcn
View file @
aabcd1ce
...
...
@@ -587,6 +587,15 @@ module LibItsSecurity_Functions {
out
Oct32
p_publicKeyCompressed
,
out
integer
p_compressedMode
)
return
boolean
{
if
(
PICS_SEC_FIXED_KEYS
)
{
p_privateKey
:=
'
F8EB15C001A03623A5B5E44D73869621877710712A498C98FF9E60EE10F390F8
'
O
;
p_publicKeyX
:=
'
7029
A9B20D22AE37B1344B7FCC2322C8F1E5ECE09C39CC289E500A9487298B9B
'
O
;
p_publicKeyY
:=
'
F9EFA8BCC4129BC43B640566A59AE5CED7106BBA76E5DC828AF37D315634D3DC
'
O
;
p_publicKeyCompressed
:=
'
7029
A9B20D22AE37B1344B7FCC2322C8F1E5ECE09C39CC289E500A9487298B9B
'
O
;
p_compressedMode
:=
0
;
return
true
;
}
return
fx_generateKeyPair_nistp256
(
p_privateKey
,
p_publicKeyX
,
p_publicKeyY
,
p_publicKeyCompressed
,
p_compressedMode
);
}
...
...
@@ -2359,9 +2368,6 @@ module LibItsSecurity_Functions {
*/
external
function
fx_signWithEcdsaNistp256WithSha256
(
in
octetstring
p_toBeSignedSecuredMessage
,
in
Oct32
p_certificateIssuer
,
in
Oct32
p_privateKey
)
return
octetstring
;
external
function
fx_signWithEcdsaNistp256WithSha256_1
(
in
octetstring
p_toBeSignedSecuredMessage
,
in
EccP256CurvePoint
p_curve_point
,
in
Oct32
p_privateKey
)
return
octetstring
;
external
function
fx_signWithEcdsaBrainpoolp256WithSha256_1
(
in
octetstring
p_toBeSignedSecuredMessage
,
in
EccP256CurvePoint
p_curve_point
,
in
Oct32
p_privateKey
)
return
octetstring
;
/**
* @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature
* @param p_toBeSignedSecuredMessage The data to be signed
...
...
ttcn/Security/LibItsSecurity_Pics.ttcn
View file @
aabcd1ce
...
...
@@ -98,5 +98,11 @@ module LibItsSecurity_Pics {
* Does the IUT support encryption data?
*/
modulepar
boolean
PICS_SEC_ENCRYPTION_SUPPORT
:=
true
;
/**
* @desc Generate fixed private/public keys.
Used for debug only
*/
modulepar
boolean
PICS_SEC_FIXED_KEYS
:=
false
;
}
// End of module LibItsSecurity_Pics
\ No newline at end of file
}
// End of module LibItsSecurity_Pics