Commits (1)
...@@ -48,7 +48,7 @@ PublicKeys ::= SEQUENCE { ...@@ -48,7 +48,7 @@ PublicKeys ::= SEQUENCE {
encryptionKey PublicEncryptionKey OPTIONAL encryptionKey PublicEncryptionKey OPTIONAL
} }
Version ::= INTEGER {v1(1)}(1..255) Version ::= INTEGER {v1(1)}
EtsiTs103097Data-Unsecured {ToBeSentDataContent} ::= EtsiTs103097Data (WITH COMPONENTS {..., EtsiTs103097Data-Unsecured {ToBeSentDataContent} ::= EtsiTs103097Data (WITH COMPONENTS {...,
content (WITH COMPONENTS { content (WITH COMPONENTS {
......
...@@ -66,7 +66,7 @@ CaCertificateRekeyingMessage ::= EtsiTs103097Data-Signed {EtsiTs103097Data-Signe ...@@ -66,7 +66,7 @@ CaCertificateRekeyingMessage ::= EtsiTs103097Data-Signed {EtsiTs103097Data-Signe
************/ ************/
EtsiTs102941Data::= SEQUENCE { EtsiTs102941Data::= SEQUENCE {
version INTEGER { v1(1) }(1..255), version Version (v1), --(1..255) Required for TITAN
content EtsiTs102941DataContent content EtsiTs102941DataContent
} }
......
...@@ -57,7 +57,7 @@ RcaCertificateTrustListMessage ::= EtsiTs103097Data-Signed{EtsiTs102941Data (WIT ...@@ -57,7 +57,7 @@ RcaCertificateTrustListMessage ::= EtsiTs103097Data-Signed{EtsiTs102941Data (WIT
************/ ************/
EtsiTs102941Data::= SEQUENCE { EtsiTs102941Data::= SEQUENCE {
version INTEGER { v1(1) }(1..255), version Version (v1), --(1..255) Required for TITAN
content EtsiTs102941DataContent content EtsiTs102941DataContent
} }
......
...@@ -58,7 +58,7 @@ RcaCertificateTrustListMessage ::= EtsiTs103097Data-Signed{EtsiTs102941Data (WIT ...@@ -58,7 +58,7 @@ RcaCertificateTrustListMessage ::= EtsiTs103097Data-Signed{EtsiTs102941Data (WIT
************/ ************/
EtsiTs102941Data::= SEQUENCE { EtsiTs102941Data::= SEQUENCE {
version INTEGER { v1(1) }(1..255), version Version,
content EtsiTs102941DataContent content EtsiTs102941DataContent
} }
......
...@@ -21,7 +21,7 @@ FROM EtsiTs102941BaseTypes ...@@ -21,7 +21,7 @@ FROM EtsiTs102941BaseTypes
-- CRL -- CRL
************/ ************/
ToBeSignedCrl ::= SEQUENCE { ToBeSignedCrl ::= SEQUENCE {
version INTEGER { v1(1) }(1..255), version Version,
thisUpdate Time32, thisUpdate Time32,
nextUpdate Time32, nextUpdate Time32,
entries SEQUENCE OF CrlEntry, entries SEQUENCE OF CrlEntry,
......
...@@ -115,17 +115,16 @@ module LibItsCam_Pics { ...@@ -115,17 +115,16 @@ module LibItsCam_Pics {
group radioComm { group radioComm {
/** type enumerated RadioAccess {
* @desc Does radio communication use G5? e_its_g5,
* @see ETSI TS 102 868-1 Table A.3 e_lte_cv2x
*/ }
modulepar boolean PICS_G5_RADIO_COMM := true;
/** /**
* @desc Does radio communication use LTE-V2X? * @desc Does radio communication use G5?
* @see ETSI TS 102 868-1 Table A.3 * @see ETSI TS 102 868-1 Table A.3
*/ */
modulepar boolean PICS_CV2X_RADIO_COMM := false; modulepar RadioAccess PICS_RADIO_COMM := e_its_g5;
} // End of group radioComm } // End of group radioComm
} // end LibItsCam_Pics } // end LibItsCam_Pics
...@@ -578,7 +578,7 @@ module LibItsDenm_Templates { ...@@ -578,7 +578,7 @@ module LibItsDenm_Templates {
eventPosition := ?, eventPosition := ?,
relevanceDistance := *, relevanceDistance := *,
relevanceTrafficDirection := *, relevanceTrafficDirection := *,
validityDuration := ?, // It seems that a default value can be omitted (asn1studio) validityDuration := ?,
transmissionInterval := *, transmissionInterval := *,
stationType := ? stationType := ?
} }
......
...@@ -185,7 +185,7 @@ module LibItsGeoNetworking_Functions { ...@@ -185,7 +185,7 @@ module LibItsGeoNetworking_Functions {
f_initialiseComponent(v_positionTable, v_areaTable, c_compNodeB); f_initialiseComponent(v_positionTable, v_areaTable, c_compNodeB);
} // end f_cf01Up } // End of group f_cf01Up
function f_cf01Down() runs on ItsGeoNetworking system ItsGeoNetworkingSystem { function f_cf01Down() runs on ItsGeoNetworking system ItsGeoNetworkingSystem {
......
...@@ -28,7 +28,7 @@ module LibItsGeoNetworking_Pics { ...@@ -28,7 +28,7 @@ module LibItsGeoNetworking_Pics {
modulepar GN_Address PICS_GN_LOCAL_GN_ADDR := { modulepar GN_Address PICS_GN_LOCAL_GN_ADDR := {
typeOfAddress := e_manual, typeOfAddress := e_manual,
stationType := e_passengerCar, stationType := e_passengerCar,
stationCountryCode := c_uInt10Zero, reserved := c_uInt10Zero,
mid := c_6ZeroBytes mid := c_6ZeroBytes
}; };
......
...@@ -29,7 +29,7 @@ module LibItsGeoNetworking_Pixits { ...@@ -29,7 +29,7 @@ module LibItsGeoNetworking_Pixits {
modulepar GN_Address PX_TS_NODE_A_LOCAL_GN_ADDR := { modulepar GN_Address PX_TS_NODE_A_LOCAL_GN_ADDR := {
typeOfAddress := e_manual, typeOfAddress := e_manual,
stationType := e_passengerCar, stationType := e_passengerCar,
stationCountryCode := c_uInt10Zero, reserved := c_uInt10Zero,
mid := int2oct(10,6) mid := int2oct(10,6)
}; };
...@@ -40,7 +40,7 @@ module LibItsGeoNetworking_Pixits { ...@@ -40,7 +40,7 @@ module LibItsGeoNetworking_Pixits {
modulepar GN_Address PX_TS_NODE_B_LOCAL_GN_ADDR := { modulepar GN_Address PX_TS_NODE_B_LOCAL_GN_ADDR := {
typeOfAddress := e_manual, typeOfAddress := e_manual,
stationType := e_passengerCar, stationType := e_passengerCar,
stationCountryCode := c_uInt10Zero, reserved := c_uInt10Zero,
mid := int2oct(11,6) mid := int2oct(11,6)
}; };
...@@ -51,7 +51,7 @@ module LibItsGeoNetworking_Pixits { ...@@ -51,7 +51,7 @@ module LibItsGeoNetworking_Pixits {
modulepar GN_Address PX_TS_NODE_C_LOCAL_GN_ADDR := { modulepar GN_Address PX_TS_NODE_C_LOCAL_GN_ADDR := {
typeOfAddress := e_manual, typeOfAddress := e_manual,
stationType := e_passengerCar, stationType := e_passengerCar,
stationCountryCode := c_uInt10Zero, reserved := c_uInt10Zero,
mid := int2oct(12,6) mid := int2oct(12,6)
}; };
...@@ -62,7 +62,7 @@ module LibItsGeoNetworking_Pixits { ...@@ -62,7 +62,7 @@ module LibItsGeoNetworking_Pixits {
modulepar GN_Address PX_TS_NODE_D_LOCAL_GN_ADDR := { modulepar GN_Address PX_TS_NODE_D_LOCAL_GN_ADDR := {
typeOfAddress := e_manual, typeOfAddress := e_manual,
stationType := e_passengerCar, stationType := e_passengerCar,
stationCountryCode := c_uInt10Zero, reserved := c_uInt10Zero,
mid := int2oct(13,6) mid := int2oct(13,6)
}; };
...@@ -73,7 +73,7 @@ module LibItsGeoNetworking_Pixits { ...@@ -73,7 +73,7 @@ module LibItsGeoNetworking_Pixits {
modulepar GN_Address PX_TS_NODE_E_LOCAL_GN_ADDR := { modulepar GN_Address PX_TS_NODE_E_LOCAL_GN_ADDR := {
typeOfAddress := e_manual, typeOfAddress := e_manual,
stationType := e_passengerCar, stationType := e_passengerCar,
stationCountryCode := c_uInt10Zero, reserved := c_uInt10Zero,
mid := int2oct(14,6) mid := int2oct(14,6)
}; };
...@@ -84,7 +84,7 @@ module LibItsGeoNetworking_Pixits { ...@@ -84,7 +84,7 @@ module LibItsGeoNetworking_Pixits {
modulepar GN_Address PX_TS_NODE_F_LOCAL_GN_ADDR := { modulepar GN_Address PX_TS_NODE_F_LOCAL_GN_ADDR := {
typeOfAddress := e_manual, typeOfAddress := e_manual,
stationType := e_passengerCar, stationType := e_passengerCar,
stationCountryCode := c_uInt10Zero, reserved := c_uInt10Zero,
mid := int2oct(15,6) mid := int2oct(15,6)
}; };
......
...@@ -1590,22 +1590,22 @@ module LibItsGeoNetworking_Templates { ...@@ -1590,22 +1590,22 @@ module LibItsGeoNetworking_Templates {
template GN_Address mw_gnAddressAny := { template GN_Address mw_gnAddressAny := {
typeOfAddress := ?, typeOfAddress := ?,
stationType := ?, stationType := ?,
stationCountryCode := ?, reserved := ?,
mid := ? mid := ?
} }
/** /**
* @desc Receive template for GN_Address * @desc Receive template for GN_Address
* @param p_stationType Station's type * @param p_stationType Station's type
* @param p_stationCountryCode Station's country code * @param p_reserved Station's country code
*/ */
template GN_Address mw_gnAddress( template GN_Address mw_gnAddress(
template (present) StationType p_stationType, template (present) StationType p_stationType,
template (present) UInt10 p_stationCountryCode template (present) UInt10 p_reserved
) := { ) := {
typeOfAddress := ?, typeOfAddress := ?,
stationType := p_stationType, stationType := p_stationType,
stationCountryCode := p_stationCountryCode, reserved := p_reserved,
mid := ? mid := ?
} }
...@@ -2265,7 +2265,7 @@ module LibItsGeoNetworking_Templates { ...@@ -2265,7 +2265,7 @@ module LibItsGeoNetworking_Templates {
) := { ) := {
typeOfAddress := ?, typeOfAddress := ?,
stationType := ?, stationType := ?,
stationCountryCode := ?, reserved := ?,
mid := p_mid mid := p_mid
} }
...@@ -2277,7 +2277,7 @@ module LibItsGeoNetworking_Templates { ...@@ -2277,7 +2277,7 @@ module LibItsGeoNetworking_Templates {
template (value) GN_Address m_dummyGnAddr := { template (value) GN_Address m_dummyGnAddr := {
typeOfAddress := e_manual, typeOfAddress := e_manual,
stationType := e_passengerCar, stationType := e_passengerCar,
stationCountryCode := c_uInt10Zero, reserved := c_uInt10Zero,
mid := c_6ZeroBytes mid := c_6ZeroBytes
} }
......
...@@ -826,7 +826,7 @@ module LibItsGeoNetworking_TypesAndValues { ...@@ -826,7 +826,7 @@ module LibItsGeoNetworking_TypesAndValues {
type record GN_Address { type record GN_Address {
TypeOfAddress typeOfAddress, TypeOfAddress typeOfAddress,
StationType stationType, StationType stationType,
UInt10 stationCountryCode, UInt10 reserved,
Oct6 mid Oct6 mid
} with { } with {
variant "FIELDORDER(msb)" variant "FIELDORDER(msb)"
......
...@@ -2351,7 +2351,7 @@ module LibItsPki_Functions { ...@@ -2351,7 +2351,7 @@ module LibItsPki_Functions {
m_signedData( m_signedData(
v_hashId, v_hashId,
v_tbs, v_tbs,
m_signerIdentifier_digest(v_ec_hashed_id8), // Signer is thehasheId8 of the EC certificate obtained from Enrolment request m_signerIdentifier_digest(v_ec_hashed_id8), // Signer is the hasheId8 of the EC certificate obtained from Enrolment request
v_signature v_signature
) )
) )
...@@ -2943,9 +2943,12 @@ module LibItsPki_Functions { ...@@ -2943,9 +2943,12 @@ module LibItsPki_Functions {
group dc { group dc {
function f_build_dc_ctl( function f_build_dc_ctl(
in octetstring p_private_key,
in octetstring p_issuer,
in charstring p_ea_certificate_id, in charstring p_ea_certificate_id,
in charstring p_aa_certificate_id, in charstring p_aa_certificate_id,
in charstring p_rca_certificate_id in charstring p_rca_certificate_id,
out Ieee1609Dot2Data p_ieee_1609Dot2_data
) { ) {
// Local variables // Local variables
var EtsiTs103097Certificate v_ea_certificate; var EtsiTs103097Certificate v_ea_certificate;
...@@ -2956,6 +2959,11 @@ module LibItsPki_Functions { ...@@ -2956,6 +2959,11 @@ module LibItsPki_Functions {
var EtsiTs102941Data v_etsi_ts_102941_data; var EtsiTs102941Data v_etsi_ts_102941_data;
var octetstring p_pki_message; var octetstring p_pki_message;
var ToBeSignedData v_tbs; var ToBeSignedData v_tbs;
var bitstring v_tbs_encoded;
var octetstring v_sig;
var Signature v_signature;
log(">>> f_build_dc_ctl");
// Load certificates // Load certificates
f_readCertificate(p_ea_certificate_id, v_ea_certificate); f_readCertificate(p_ea_certificate_id, v_ea_certificate);
...@@ -2981,6 +2989,51 @@ module LibItsPki_Functions { ...@@ -2981,6 +2989,51 @@ module LibItsPki_Functions {
m_headerInfo_inner_pki_response(-, (f_getCurrentTime() * 1000)/*us*/) m_headerInfo_inner_pki_response(-, (f_getCurrentTime() * 1000)/*us*/)
) )
); );
v_tbs_encoded := encvalue(v_tbs);
// Sign the certificate
v_sig := f_signWithEcdsa(bit2oct(v_tbs_encoded), p_issuer, p_private_key);
if ((PX_VE_ALG == e_nist_p256) or (PX_VE_ALG == e_brainpool_p256_r1)) {
v_signature := valueof(
m_signature_ecdsaNistP256(
m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(
substr(v_sig, 0, 32)
),
substr(v_sig, 32, 32)
)
));
p_ieee_1609Dot2_data := valueof(
m_etsiTs103097Data_signed(
m_signedData(
sha256,
v_tbs,
m_signerIdentifier_digest(p_issuer),
v_signature
)
)
);
} else if (PX_VE_ALG == e_brainpool_p384_r1) {
v_signature := valueof(
m_signature_ecdsaBrainpoolP384r1(
m_ecdsaP384Signature(
m_eccP384CurvePoint_x_only(
substr(v_sig, 0, 48)
),
substr(v_sig, 48, 48)
)
));
p_ieee_1609Dot2_data := valueof(
m_etsiTs103097Data_signed(
m_signedData(
sha384,
v_tbs,
m_signerIdentifier_digest(p_issuer),
v_signature
)
)
);
}
log("f_build_dc_ctl: p_ieee_1609Dot2_data= ", p_ieee_1609Dot2_data);
} // End of function f_build_dc_ctl } // End of function f_build_dc_ctl
...@@ -2989,7 +3042,7 @@ module LibItsPki_Functions { ...@@ -2989,7 +3042,7 @@ module LibItsPki_Functions {
group rca { group rca {
function f_verify_rca_ctl_response_message( function f_verify_rca_ctl_response_message(
in Ieee1609Dot2Data p_ieee1609dot2_signed_data, in EtsiTs103097Data p_etsi_ts_103097_signed_data,
in boolean p_check_security := true, in boolean p_check_security := true,
out ToBeSignedRcaCtl p_to_be_signed_rca_ctl out ToBeSignedRcaCtl p_to_be_signed_rca_ctl
) return boolean { ) return boolean {
...@@ -3000,24 +3053,25 @@ module LibItsPki_Functions { ...@@ -3000,24 +3053,25 @@ module LibItsPki_Functions {
var octetstring v_issuer; var octetstring v_issuer;
var EtsiTs102941Data v_etsi_ts_102941_data; var EtsiTs102941Data v_etsi_ts_102941_data;
log(">>> f_verify_rca_ctl_response_message: p_ieee1609dot2_signed_data= ", p_ieee1609dot2_signed_data); log(">>> f_verify_rca_ctl_response_message: p_etsi_ts_103097_signed_data= ", p_etsi_ts_103097_signed_data);
// 1. Verify signature // 1. Verify signature
log("f_verify_rca_ctl_response_message: p_ieee1609dot2_signed_data.content.signedData.tbsData= ", p_ieee1609dot2_signed_data.content.signedData.tbsData); log("f_verify_rca_ctl_response_message: p_etsi_ts_103097_signed_data.content.signedData.tbsData= ", p_etsi_ts_103097_signed_data.content.signedData.tbsData);
v_tbs := encvalue(p_ieee1609dot2_signed_data.content.signedData.tbsData); v_tbs := encvalue(p_etsi_ts_103097_signed_data.content.signedData.tbsData);
if (f_getCertificateFromDigest(p_ieee1609dot2_signed_data.content.signedData.signer.digest, v_certificate, v_certificate_id) == false) { if (f_getCertificateFromDigest(p_etsi_ts_103097_signed_data.content.signedData.signer.digest, v_certificate, v_certificate_id) == false) {
log("f_verify_rca_ctl_response_message: Failed to retrieve certificate from ", p_etsi_ts_103097_signed_data.content.signedData.signer.digest);
if (p_check_security == true) { if (p_check_security == true) {
return false; return false;
} }
} }
f_getCertificateHash(v_certificate_id, v_issuer); f_getCertificateHash(v_certificate_id, v_issuer);
if (f_verifyEcdsa(bit2oct(v_tbs), v_issuer, p_ieee1609dot2_signed_data.content.signedData.signature_, v_certificate.toBeSigned.verifyKeyIndicator.verificationKey) == false) { if (f_verifyEcdsa(bit2oct(v_tbs), v_issuer, p_etsi_ts_103097_signed_data.content.signedData.signature_, v_certificate.toBeSigned.verifyKeyIndicator.verificationKey) == false) {
log("f_verify_rca_ctl_response_message: Failed to verify signature"); log("f_verify_rca_ctl_response_message: Failed to verify signature");
if (p_check_security == true) { if (p_check_security == true) {
return false; return false;
} }
} }
v_etsi_ts_102941_data_msg := oct2bit(p_ieee1609dot2_signed_data.content.signedData.tbsData.payload.data.content.unsecuredData); v_etsi_ts_102941_data_msg := oct2bit(p_etsi_ts_103097_signed_data.content.signedData.tbsData.payload.data.content.unsecuredData);
if (decvalue(v_etsi_ts_102941_data_msg, v_etsi_ts_102941_data) != 0) { if (decvalue(v_etsi_ts_102941_data_msg, v_etsi_ts_102941_data) != 0) {
log("f_verify_rca_ctl_response_message: Failed to decode EtsiTs102941Data"); log("f_verify_rca_ctl_response_message: Failed to decode EtsiTs102941Data");
return false; return false;
...@@ -3028,10 +3082,11 @@ module LibItsPki_Functions { ...@@ -3028,10 +3082,11 @@ module LibItsPki_Functions {
log("f_verify_rca_ctl_response_message: Failed to decode certificateTrustListRca"); log("f_verify_rca_ctl_response_message: Failed to decode certificateTrustListRca");
return false; return false;
} else { } else {
var Time32 v_time := (f_getCurrentTime()/* - 1072915200000*/) / 1000;
p_to_be_signed_rca_ctl := v_etsi_ts_102941_data.content.certificateTrustListRca; p_to_be_signed_rca_ctl := v_etsi_ts_102941_data.content.certificateTrustListRca;
log("f_verify_rca_ctl_response_message: p_to_be_signed_rca_ctl= ", p_to_be_signed_rca_ctl); log("f_verify_rca_ctl_response_message: p_to_be_signed_rca_ctl= ", p_to_be_signed_rca_ctl);
if (p_to_be_signed_rca_ctl.nextUpdate <= f_getCurrentTime() / 1000) { if (p_to_be_signed_rca_ctl.nextUpdate <= v_time) {
log("f_verify_rca_ctl_response_message: Invalid nextUpdate value: compared values=", p_to_be_signed_rca_ctl.nextUpdate, "/", f_getCurrentTime() / 1000); log("f_verify_rca_ctl_response_message: Invalid nextUpdate value: compared values=", p_to_be_signed_rca_ctl.nextUpdate, "/", v_time);
return false; return false;
} }
} }
...@@ -3041,7 +3096,7 @@ module LibItsPki_Functions { ...@@ -3041,7 +3096,7 @@ module LibItsPki_Functions {
} }
function f_verify_rca_crl_response_message( function f_verify_rca_crl_response_message(
in Ieee1609Dot2Data p_ieee1609dot2_signed_data, in EtsiTs103097Data p_etsi_ts_103097_signed_data,
in boolean p_check_security := true, in boolean p_check_security := true,
out ToBeSignedCrl p_to_be_signed_crl out ToBeSignedCrl p_to_be_signed_crl
) return boolean { ) return boolean {
...@@ -3052,24 +3107,25 @@ module LibItsPki_Functions { ...@@ -3052,24 +3107,25 @@ module LibItsPki_Functions {
var octetstring v_issuer; var octetstring v_issuer;
var EtsiTs102941Data v_etsi_ts_102941_data; var EtsiTs102941Data v_etsi_ts_102941_data;
log(">>> f_verify_rca_crl_response_message: p_ieee1609dot2_signed_data= ", p_ieee1609dot2_signed_data); log(">>> f_verify_rca_crl_response_message: p_etsi_ts_103097_signed_data= ", p_etsi_ts_103097_signed_data);
// 1. Verify signature // 1. Verify signature
log("f_verify_rca_crl_response_message: p_ieee1609dot2_signed_data.content.signedData.tbsData= ", p_ieee1609dot2_signed_data.content.signedData.tbsData); log("f_verify_rca_crl_response_message: p_etsi_ts_103097_signed_data.content.signedData.tbsData= ", p_etsi_ts_103097_signed_data.content.signedData.tbsData);
v_tbs := encvalue(p_ieee1609dot2_signed_data.content.signedData.tbsData); v_tbs := encvalue(p_etsi_ts_103097_signed_data.content.signedData.tbsData);
if (f_getCertificateFromDigest(p_ieee1609dot2_signed_data.content.signedData.signer.digest, v_certificate, v_certificate_id) == false) { if (f_getCertificateFromDigest(p_etsi_ts_103097_signed_data.content.signedData.signer.digest, v_certificate, v_certificate_id) == false) {
log("f_verify_rca_crl_response_message: Failed to retrieve certificate from ", p_etsi_ts_103097_signed_data.content.signedData.signer.digest);
if (p_check_security == true) { if (p_check_security == true) {
return false; return false;
} }
} }
f_getCertificateHash(v_certificate_id, v_issuer); f_getCertificateHash(v_certificate_id, v_issuer);
if (f_verifyEcdsa(bit2oct(v_tbs), v_issuer, p_ieee1609dot2_signed_data.content.signedData.signature_, v_certificate.toBeSigned.verifyKeyIndicator.verificationKey) == false) { if (f_verifyEcdsa(bit2oct(v_tbs), v_issuer, p_etsi_ts_103097_signed_data.content.signedData.signature_, v_certificate.toBeSigned.verifyKeyIndicator.verificationKey) == false) {
log("f_verify_rca_crl_response_message: Failed to verify signature"); log("f_verify_rca_crl_response_message: Failed to verify signature");
if (p_check_security == true) { if (p_check_security == true) {
return false; return false;
} }
} }
v_etsi_ts_102941_data_msg := oct2bit(p_ieee1609dot2_signed_data.content.signedData.tbsData.payload.data.content.unsecuredData); v_etsi_ts_102941_data_msg := oct2bit(p_etsi_ts_103097_signed_data.content.signedData.tbsData.payload.data.content.unsecuredData);
if (decvalue(v_etsi_ts_102941_data_msg, v_etsi_ts_102941_data) != 0) { if (decvalue(v_etsi_ts_102941_data_msg, v_etsi_ts_102941_data) != 0) {
log("f_verify_rca_crl_response_message: Failed to decode EtsiTs102941Data"); log("f_verify_rca_crl_response_message: Failed to decode EtsiTs102941Data");
return false; return false;
...@@ -3080,7 +3136,7 @@ module LibItsPki_Functions { ...@@ -3080,7 +3136,7 @@ module LibItsPki_Functions {
log("f_verify_rca_crl_response_message: Failed to decode certificateRevocationList"); log("f_verify_rca_crl_response_message: Failed to decode certificateRevocationList");
return false; return false;
} else { } else {
var Time32 v_time := f_getCurrentTime() / 1000; var Time32 v_time := (f_getCurrentTime()/* - 1072915200000*/) / 1000;
p_to_be_signed_crl := v_etsi_ts_102941_data.content.certificateRevocationList; p_to_be_signed_crl := v_etsi_ts_102941_data.content.certificateRevocationList;
log("f_verify_rca_crl_response_message: p_to_be_signed_crl= ", p_to_be_signed_crl); log("f_verify_rca_crl_response_message: p_to_be_signed_crl= ", p_to_be_signed_crl);
if (p_to_be_signed_crl.thisUpdate >= v_time) { if (p_to_be_signed_crl.thisUpdate >= v_time) {
...@@ -3224,6 +3280,12 @@ module LibItsPki_Functions { ...@@ -3224,6 +3280,12 @@ module LibItsPki_Functions {
} else { } else {
// TODO Verify selsigned certificate // TODO Verify selsigned certificate
} }
} else if (ischosen(p_ctl_entry.dc)) {
if (match(p_ctl_entry.dc, mw_dc_entry) == false) {
return false;
} else {
// TODO Verify RCA certificate & signature
}
} else if (ischosen(p_ctl_entry.rca)) { } else if (ischosen(p_ctl_entry.rca)) {
if (match(p_ctl_entry.rca, mw_root_ca_entry(mw_etsiTs103097Certificate)) == false) { if (match(p_ctl_entry.rca, mw_root_ca_entry(mw_etsiTs103097Certificate)) == false) {
return false; return false;
...@@ -3242,7 +3304,7 @@ module LibItsPki_Functions { ...@@ -3242,7 +3304,7 @@ module LibItsPki_Functions {
group tlm { group tlm {
function f_verify_tlm_ectl_response_message( function f_verify_tlm_ectl_response_message(
in Ieee1609Dot2Data p_ieee1609dot2_signed_data, in EtsiTs103097Data p_etsi_ts_103097_signed_data,
in boolean p_check_security := true, in boolean p_check_security := true,
out ToBeSignedTlmCtl p_to_be_signed_tlm_ectl out ToBeSignedTlmCtl p_to_be_signed_tlm_ectl
) return boolean { ) return boolean {
...@@ -3250,26 +3312,36 @@ module LibItsPki_Functions { ...@@ -3250,26 +3312,36 @@ module LibItsPki_Functions {
var bitstring v_tbs; var bitstring v_tbs;
var Certificate v_certificate; var Certificate v_certificate;
var boolean v_result; var boolean v_result;
var Oct32 v_issuer;
var EtsiTs102941Data v_etsi_ts_102941_data; var EtsiTs102941Data v_etsi_ts_102941_data;
log(">>> f_verify_tlm_ectl_response_message: p_ieee1609dot2_signed_data= ", p_ieee1609dot2_signed_data); log(">>> f_verify_tlm_ectl_response_message: p_etsi_ts_103097_signed_data= ", p_etsi_ts_103097_signed_data);
// 1. Verify signature // 1. Verify signature
log("f_verify_tlm_ectl_response_message: p_ieee1609dot2_signed_data.content.signedData.tbsData= ", p_ieee1609dot2_signed_data.content.signedData.tbsData); log("f_verify_tlm_ectl_response_message: p_etsi_ts_103097_signed_data.content.signedData.tbsData= ", p_etsi_ts_103097_signed_data.content.signedData.tbsData);
v_tbs := encvalue(p_ieee1609dot2_signed_data.content.signedData.tbsData); v_tbs := encvalue(p_etsi_ts_103097_signed_data.content.signedData.tbsData);
v_certificate := p_ieee1609dot2_signed_data.content.signedData.signer.certificate[0]; if (ischosen(p_etsi_ts_103097_signed_data.content.signedData.signer.certificate)) {
if (ischosen(p_ieee1609dot2_signed_data.content.signedData.signature_.ecdsaBrainpoolP384r1Signature)) { v_certificate := p_etsi_ts_103097_signed_data.content.signedData.signer.certificate[0];
v_result := f_verifyEcdsa(bit2oct(v_tbs), int2oct(0, 48), p_ieee1609dot2_signed_data.content.signedData.signature_, v_certificate.toBeSigned.verifyKeyIndicator.verificationKey); } else {
var charstring v_certificate_id;
if (f_getCertificateFromDigest(p_etsi_ts_103097_signed_data.content.signedData.signer.digest, v_certificate, v_certificate_id) == false) {
log("f_verify_tlm_ectl_response_message: Failed to retrieve certificate from digest ", p_etsi_ts_103097_signed_data.content.signedData.signer.digest);
if (p_check_security == true) {
return false;
}
}
}
if (ischosen(p_etsi_ts_103097_signed_data.content.signedData.signature_.ecdsaBrainpoolP384r1Signature)) {
v_result := f_verifyEcdsa(bit2oct(v_tbs), int2oct(0, 48), p_etsi_ts_103097_signed_data.content.signedData.signature_, v_certificate.toBeSigned.verifyKeyIndicator.verificationKey);
} else { } else {
v_result := f_verifyEcdsa(bit2oct(v_tbs), int2oct(0, 32), p_ieee1609dot2_signed_data.content.signedData.signature_, v_certificate.toBeSigned.verifyKeyIndicator.verificationKey); v_result := f_verifyEcdsa(bit2oct(v_tbs), int2oct(0, 32), p_etsi_ts_103097_signed_data.content.signedData.signature_, v_certificate.toBeSigned.verifyKeyIndicator.verificationKey);
} }
if (v_result == false) { if (v_result == false) {
log("f_verify_tlm_ectl_response_message: Failed to verify signature");
if (p_check_security == true) { if (p_check_security == true) {
return false; return false;
} }
} }
v_etsi_ts_102941_data_msg := oct2bit(p_ieee1609dot2_signed_data.content.signedData.tbsData.payload.data.content.unsecuredData); v_etsi_ts_102941_data_msg := oct2bit(p_etsi_ts_103097_signed_data.content.signedData.tbsData.payload.data.content.unsecuredData);
if (decvalue(v_etsi_ts_102941_data_msg, v_etsi_ts_102941_data) != 0) { if (decvalue(v_etsi_ts_102941_data_msg, v_etsi_ts_102941_data) != 0) {
log("f_verify_tlm_ectl_response_message: Failed to decode EtsiTs102941Data"); log("f_verify_tlm_ectl_response_message: Failed to decode EtsiTs102941Data");
return false; return false;
...@@ -3280,10 +3352,11 @@ module LibItsPki_Functions { ...@@ -3280,10 +3352,11 @@ module LibItsPki_Functions {
log("f_verify_tlm_ectl_response_message: Failed to decode certificateTrustListTlm"); log("f_verify_tlm_ectl_response_message: Failed to decode certificateTrustListTlm");
return false; return false;
} else { } else {
var Time32 v_time := (f_getCurrentTime()/* - 1072915200000*/) / 1000;
p_to_be_signed_tlm_ectl := v_etsi_ts_102941_data.content.certificateTrustListTlm; p_to_be_signed_tlm_ectl := v_etsi_ts_102941_data.content.certificateTrustListTlm;
log("f_verify_tlm_ectl_response_message: p_to_be_signed_tlm_ectl= ", p_to_be_signed_tlm_ectl); log("f_verify_tlm_ectl_response_message: p_to_be_signed_tlm_ectl= ", p_to_be_signed_tlm_ectl);
if (p_to_be_signed_tlm_ectl.nextUpdate <= f_getCurrentTime() / 1000) { if (p_to_be_signed_tlm_ectl.nextUpdate <= v_time) {
log("f_verify_tlm_ectl_response_message: Invalid nextUpdate value: compared values=", p_to_be_signed_tlm_ectl.nextUpdate, "/", f_getCurrentTime() / 1000); log("f_verify_tlm_ectl_response_message: Invalid nextUpdate value: compared values=", p_to_be_signed_tlm_ectl.nextUpdate, "/", v_time);
return false; return false;
} }
// TODO Verify RCA certificate & signature // TODO Verify RCA certificate & signature
......