Skip to content
GitLab
Projects
Groups
Topics
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
TTCN-3 Libraries
LibIts
Compare revisions
6e0111d02cdab632db6ac26074214f15b57e395b...956ea968e8a7b3701c6fbb1386c3aac2e98c4d46
Commits (1)
Add TC_RCA_CRLGEN_02_BV
· 956ea968
YannGarcia
authored
Mar 16, 2020
956ea968
Hide whitespace changes
Inline
Side-by-side
ttcn/BTP/LibItsBtp_Functions.ttcn
View file @
956ea968
...
...
@@ -14,11 +14,8 @@
// LibCommon
import
from
LibCommon_Sync
all
;
// import from LibCommon_Time all;
// import from LibCommon_VerdictControl all;
// LibItsCommon
// import from LibItsCommon_Functions all;
import
from
LibItsCommon_TypesAndValues
all
;
// LibItsBtp
...
...
@@ -94,7 +91,7 @@
/**
* @desc Setups default configuration
*/
function
f_cfUp
()
runs
on
ItsBtp
/* TITAN TODO:
system ItsBtpSystem
*/
{
function
f_cfUp
()
runs
on
ItsBtp
system
ItsBtpSystem
{
map
(
self
:
utPort
,
system
:
utPort
);
map
(
self
:
btpPort
,
system
:
btpPort
);
...
...
@@ -105,7 +102,7 @@
/**
* @desc Deletes default configuration
*/
function
f_cfDown
()
runs
on
ItsBtp
/* TITAN TODO:
system ItsBtpSystem
*/
{
function
f_cfDown
()
runs
on
ItsBtp
system
ItsBtpSystem
{
unmap
(
self
:
utPort
,
system
:
utPort
);
unmap
(
self
:
btpPort
,
system
:
btpPort
);
...
...
ttcn/Http/LibItsHttp_Pics.ttcn
View file @
956ea968
...
...
@@ -19,7 +19,8 @@ module LibItsHttp_Pics {
* @desc
*/
modulepar
charstring
PICS_HEADER_CONTENT_TYPE
:=
"application/x-its-request"
;
modulepar
charstring
PICS_HEADER_CTL_CONTENT_TYPE
:=
"application/x-its-crl"
;
modulepar
charstring
PICS_HEADER_CTL_CONTENT_TYPE
:=
"application/x-its-ctl"
;
modulepar
charstring
PICS_HEADER_CRL_CONTENT_TYPE
:=
"application/x-its-crl"
;
/**
* @desc Set to false in TOKEN header shall not be used
...
...
ttcn/Pki/LibItsPki_Functions.ttcn
View file @
956ea968
...
...
@@ -2909,11 +2909,11 @@ module LibItsPki_Functions {
group
rca
{
function
f_verify_rca_response_message
(
in
Ieee1609Dot2Data
p_ieee1609dot2_signed_data
,
in
boolean
p_check_security
:=
true
,
out
ToBeSignedRcaCtl
p_to_be_signed_rca_ctl
)
return
boolean
{
function
f_verify_rca_
ctl_
response_message
(
in
Ieee1609Dot2Data
p_ieee1609dot2_signed_data
,
in
boolean
p_check_security
:=
true
,
out
ToBeSignedRcaCtl
p_to_be_signed_rca_ctl
)
return
boolean
{
var
bitstring
v_etsi_ts_102941_data_msg
;
var
bitstring
v_tbs
;
var
Certificate
v_certificate
;
...
...
@@ -2921,10 +2921,10 @@ module LibItsPki_Functions {
var
Oct32
v_issuer
;
var
EtsiTs102941Data
v_etsi_ts_102941_data
;
log
(
">>> f_verify_rca_response_message: p_ieee1609dot2_signed_data= "
,
p_ieee1609dot2_signed_data
);
log
(
">>> f_verify_rca_
ctl_
response_message: p_ieee1609dot2_signed_data= "
,
p_ieee1609dot2_signed_data
);
// 1. Verify signature
log
(
"f_verify_rca_response_message: p_ieee1609dot2_signed_data.content.signedData.tbsData= "
,
p_ieee1609dot2_signed_data
.
content
.
signedData
.
tbsData
);
log
(
"f_verify_rca_
ctl_
response_message: p_ieee1609dot2_signed_data.content.signedData.tbsData= "
,
p_ieee1609dot2_signed_data
.
content
.
signedData
.
tbsData
);
v_tbs
:=
encvalue
(
p_ieee1609dot2_signed_data
.
content
.
signedData
.
tbsData
);
if
(
f_getCertificateFromDigest
(
p_ieee1609dot2_signed_data
.
content
.
signedData
.
signer
.
digest
,
v_certificate
,
v_certificate_id
)
==
false
)
{
if
(
p_check_security
==
true
)
{
...
...
@@ -2939,17 +2939,77 @@ module LibItsPki_Functions {
}
v_etsi_ts_102941_data_msg
:=
oct2bit
(
p_ieee1609dot2_signed_data
.
content
.
signedData
.
tbsData
.
payload
.
data
.
content
.
unsecuredData
);
if
(
decvalue
(
v_etsi_ts_102941_data_msg
,
v_etsi_ts_102941_data
)
!=
0
)
{
log
(
"f_verify_rca_response_message: Failed to decode EtsiTs102941Data"
);
log
(
"f_verify_rca_
ctl_
response_message: Failed to decode EtsiTs102941Data"
);
return
false
;
}
else
{
log
(
"f_verify_rca_response_message: v_etsi_ts_102941_data= "
,
v_etsi_ts_102941_data
);
log
(
"f_verify_rca_
ctl_
response_message: v_etsi_ts_102941_data= "
,
v_etsi_ts_102941_data
);
log
(
"f_verify_pki_response_message: RcaCertificateTrustListMessage matching= "
,
match
(
v_etsi_ts_102941_data
,
mw_etsiTs102941Data_to_be_signed_rca_ctl
));
if
(
match
(
v_etsi_ts_102941_data
,
mw_etsiTs102941Data_to_be_signed_rca_ctl
)
==
false
)
{
log
(
"f_verify_rca_response_message: Failed to decode certificateTrustListRca"
);
log
(
"f_verify_rca_
ctl_
response_message: Failed to decode certificateTrustListRca"
);
return
false
;
}
else
{
p_to_be_signed_rca_ctl
:=
v_etsi_ts_102941_data
.
content
.
certificateTrustListRca
;
log
(
"f_verify_rca_response_message: p_to_be_signed_rca_ctl= "
,
p_to_be_signed_rca_ctl
);
log
(
"f_verify_rca_ctl_response_message: p_to_be_signed_rca_ctl= "
,
p_to_be_signed_rca_ctl
);
if
(
p_to_be_signed_rca_ctl
.
nextUpdate
<=
f_getCurrentTime
()
/
1000
)
{
log
(
"f_verify_rca_ctl_response_message: Invalid nextUpdate value: compared values="
,
p_to_be_signed_rca_ctl
.
nextUpdate
,
"/"
,
f_getCurrentTime
()
/
1000
);
return
false
;
}
}
}
return
true
;
}
function
f_verify_rca_crl_response_message
(
in
Ieee1609Dot2Data
p_ieee1609dot2_signed_data
,
in
boolean
p_check_security
:=
true
,
out
ToBeSignedCrl
p_to_be_signed_crl
)
return
boolean
{
var
bitstring
v_etsi_ts_102941_data_msg
;
var
bitstring
v_tbs
;
var
Certificate
v_certificate
;
var
charstring
v_certificate_id
;
var
Oct32
v_issuer
;
var
EtsiTs102941Data
v_etsi_ts_102941_data
;
log
(
">>> f_verify_rca_crl_response_message: p_ieee1609dot2_signed_data= "
,
p_ieee1609dot2_signed_data
);
// 1. Verify signature
log
(
"f_verify_rca_crl_response_message: p_ieee1609dot2_signed_data.content.signedData.tbsData= "
,
p_ieee1609dot2_signed_data
.
content
.
signedData
.
tbsData
);
v_tbs
:=
encvalue
(
p_ieee1609dot2_signed_data
.
content
.
signedData
.
tbsData
);
if
(
f_getCertificateFromDigest
(
p_ieee1609dot2_signed_data
.
content
.
signedData
.
signer
.
digest
,
v_certificate
,
v_certificate_id
)
==
false
)
{
if
(
p_check_security
==
true
)
{
return
false
;
}
}
f_getCertificateHash256
(
v_certificate_id
,
v_issuer
);
if
(
f_verifyEcdsa
(
bit2oct
(
v_tbs
),
v_issuer
,
p_ieee1609dot2_signed_data
.
content
.
signedData
.
signature_
,
v_certificate
.
toBeSigned
.
verifyKeyIndicator
.
verificationKey
)
==
false
)
{
if
(
p_check_security
==
true
)
{
return
false
;
}
}
v_etsi_ts_102941_data_msg
:=
oct2bit
(
p_ieee1609dot2_signed_data
.
content
.
signedData
.
tbsData
.
payload
.
data
.
content
.
unsecuredData
);
if
(
decvalue
(
v_etsi_ts_102941_data_msg
,
v_etsi_ts_102941_data
)
!=
0
)
{
log
(
"f_verify_rca_crl_response_message: Failed to decode EtsiTs102941Data"
);
return
false
;
}
else
{
log
(
"f_verify_rca_crl_response_message: v_etsi_ts_102941_data= "
,
v_etsi_ts_102941_data
);
log
(
"f_verify_pki_response_message: CertificateRevocationList matching= "
,
match
(
v_etsi_ts_102941_data
,
mw_etsiTs102941Data_to_be_signed_crl
));
if
(
match
(
v_etsi_ts_102941_data
,
mw_etsiTs102941Data_to_be_signed_crl
)
==
false
)
{
log
(
"f_verify_rca_crl_response_message: Failed to decode certificateRevocationList"
);
return
false
;
}
else
{
var
Time32
v_time
:=
f_getCurrentTime
()
/
1000
;
p_to_be_signed_crl
:=
v_etsi_ts_102941_data
.
content
.
certificateRevocationList
;
log
(
"f_verify_rca_crl_response_message: p_to_be_signed_crl= "
,
p_to_be_signed_crl
);
if
(
p_to_be_signed_crl
.
thisUpdate
>=
v_time
)
{
log
(
"f_verify_rca_crl_response_message: Invalid thisUpdate value"
);
return
false
;
}
if
(
p_to_be_signed_crl
.
nextUpdate
<=
v_time
)
{
log
(
"f_verify_rca_crl_response_message: Invalid nextUpdate value"
);
return
false
;
}
}
}
...
...
@@ -2985,6 +3045,27 @@ module LibItsPki_Functions {
return
true
;
}
function
f_verify_full_crl
(
in
ToBeSignedCrl
p_to_be_signed_crl
)
return
boolean
{
log
(
">>> f_verify_full_crl: p_to_be_signed_crl= "
,
p_to_be_signed_crl
);
// 1. Check mandatory fields
log
(
"f_verify_full_crl matching= "
,
match
(
p_to_be_signed_crl
,
mw_to_be_signed_crl
));
if
(
match
(
p_to_be_signed_crl
,
mw_to_be_signed_crl
)
==
false
)
{
return
false
;
}
log
(
"f_verify_full_crl: entries length: "
,
lengthof
(
p_to_be_signed_crl
.
entries
));
for
(
var
integer
v_i
:=
0
;
v_i
<
lengthof
(
p_to_be_signed_crl
.
entries
);
v_i
:=
v_i
+
1
)
{
var
CrlEntry
v_crl_entry
:=
p_to_be_signed_crl
.
entries
[
v_i
];
log
(
"f_verify_full_crl: crlEntry: v_crl_entry"
);
}
// End of 'for' statements
return
true
;
}
function
f_verify_ctl_entry
(
in
CtlEntry
p_ctl_entry
)
return
boolean
{
...
...
ttcn/Pki/LibItsPki_Pics.ttcn
View file @
956ea968
...
...
@@ -150,6 +150,11 @@ module LibItsPki_Pics {
* @desc HTTP GET URI for Certificate Trusted List
*/
modulepar
charstring
PICS_HTTP_GET_URI_CTL
:=
"/dc/getctl"
;
/**
* @desc HTTP GET URI for Certificate Trusted List
*/
modulepar
charstring
PICS_HTTP_GET_URI_CRL
:=
"/dc/getcrl"
;
/**
* @desc Factory private key for verification Nist P256
...
...
ttcn/Pki/LibItsPki_Templates.ttcn
View file @
956ea968
...
...
@@ -140,6 +140,15 @@ module LibItsPki_Templates {
}
}
// End of template mw_etsiTs102941Data_to_be_signed_rca_ctl
template
(
present
)
EtsiTs102941Data
mw_etsiTs102941Data_to_be_signed_crl
(
template
(
present
)
ToBeSignedCrl
p_to_be_signed_crl
:=
?
)
:=
{
version
:=
PkiProtocolVersion
,
content
:=
{
certificateRevocationList
:=
p_to_be_signed_crl
}
}
// End of template mw_etsiTs102941Data_to_be_signed_crl
template
(
value
)
AuthorizationRequestMessage
m_authorizationRequestMessage
(
in
template
(
value
)
EncryptedData
p_encryptedData
)
modifies
m_etsiTs103097Data_encrypted
:=
{
...
...
@@ -546,6 +555,13 @@ module LibItsPki_Templates {
ctlCommands
:=
?
}
// End of template mw_to_be_signed_rca_delta_ctl
template
(
present
)
ToBeSignedCrl
mw_to_be_signed_crl
:=
{
version
:=
1
,
thisUpdate
:=
?
,
nextUpdate
:=
?
,
entries
:=
?
}
// End of template mw_to_be_signed_crl
template
(
present
)
TlmEntry
mw_tlm_entry
(
template
(
present
)
EtsiTs103097Certificate
p_selfSignedTLMCertificate
:=
?
,
template
(
present
)
Url
p_accessPoint
:=
?
...
...