Skip to content
GitLab
Commits (1)
Hide whitespace changes
Inline Side-by-side
ttcn/CAM/LibItsCam_Functions.ttcn
View file @ b1e9bdd7
......@@ -136,12 +136,12 @@ module LibItsCam_Functions {
* @desc Initialise secure mode if required
*/
function f_initialiseSecuredMode(
in charstring p_certificateId := PX_CERT_FOR_TS
in charstring p_certificate_id := PX_CERT_FOR_TS
) runs on ItsCam {
if (PICS_IS_IUT_SECURED == true) {
if(e_success != f_acTriggerSecEvent(m_acEnableSecurity(p_certificateId))) {
if(e_success != f_acTriggerSecEvent(m_acEnableSecurity(p_certificate_id))) {
log("*** INFO: TEST CASE NOW STOPPING ITSELF! ***");
stop;
}
......@@ -293,10 +293,10 @@ module LibItsCam_Functions {
/**
* @desc Setups default configuration
* @param p_certificateId The certificate identifier the TA shall use in case of secured IUT
* @param p_certificate_id The certificate identifier the TA shall use in case of secured IUT
*/
function f_cfUp(
in charstring p_certificateId := PX_CERT_FOR_TS
in charstring p_certificate_id := PX_CERT_FOR_TS
) runs on ItsCam /* TITAN TODO: system ItsCamSystem */ {
map(self:utPort, system:utPort);
......@@ -305,7 +305,7 @@ module LibItsCam_Functions {
f_connect4SelfOrClientSync();
// Initialise secured mode
f_initialiseSecuredMode(p_certificateId);
f_initialiseSecuredMode(p_certificate_id);
} // End of function f_cfUp
......
ttcn/Common/LibItsCommon_Templates.ttcn
View file @ b1e9bdd7
......@@ -26,11 +26,11 @@ module LibItsCommon_Templates {
* @desc Enable security support
*/
template (value) AcSecPrimitive m_acEnableSecurity(
in charstring p_certificateId,
in charstring p_certificate_id,
in boolean p_enforceSecurity := false
) := {
acEnableSecurity := {
certificateId := p_certificateId,
certificateId := p_certificate_id,
enforceSecurity := p_enforceSecurity
}
} // End of template m_acEnableSecurity
......
ttcn/DENM/LibItsDenm_Functions.ttcn
View file @ b1e9bdd7
......@@ -237,12 +237,12 @@ module LibItsDenm_Functions {
* @desc Initialise secure mode if required
*/
function f_initialiseSecuredMode(
in charstring p_certificateId := PX_CERT_FOR_TS
in charstring p_certificate_id := PX_CERT_FOR_TS
) runs on ItsDenm {
if (PICS_IS_IUT_SECURED == true) {
if(e_success != f_acTriggerSecEvent(m_acEnableSecurity(p_certificateId))) {
if(e_success != f_acTriggerSecEvent(m_acEnableSecurity(p_certificate_id))) {
log("*** INFO: TEST CASE NOW STOPPING ITSELF! ***");
stop;
}
......@@ -382,10 +382,10 @@ module LibItsDenm_Functions {
/**
* @desc Setups default configuration
* @param p_certificateId The certificate identifier the TA shall use in case of secured IUT
* @param p_certificate_id The certificate identifier the TA shall use in case of secured IUT
*/
function f_cfUp(
in charstring p_certificateId := PX_CERT_FOR_TS
in charstring p_certificate_id := PX_CERT_FOR_TS
) runs on ItsDenm /* TITAN TODO: system ItsDenmSystem */ {
map(self:acPort, system:acPort);
......@@ -394,7 +394,7 @@ module LibItsDenm_Functions {
f_connect4SelfOrClientSync();
// Initialise secured mode
f_initialiseSecuredMode(p_certificateId);
f_initialiseSecuredMode(p_certificate_id);
} // End of function f_cfUp
......
ttcn/Http/LibItsHttp_Functions.ttcn
View file @ b1e9bdd7
......@@ -14,10 +14,10 @@ module LibItsHttp_Functions {
/**
* @desc Setups default configuration
* @param p_certificateId The certificate identifier the TA shall use in case of secured IUT
* @param p_certificate_id The certificate identifier the TA shall use in case of secured IUT
*/
function f_cfUp(
in charstring p_certificateId
in charstring p_certificate_id
) runs on HttpComponent /* TITAN TODO: system HttpTestAdapter */ {
map(self:httpPort, system:httpPort);
......
ttcn/IVIM/LibItsIvim_Functions.ttcn
View file @ b1e9bdd7
......@@ -187,12 +187,12 @@ module LibItsIvim_Functions {
* @desc Initialise secure mode if required
*/
function f_initialiseSecuredMode(
in charstring p_certificateId := PX_CERT_FOR_TS
in charstring p_certificate_id := PX_CERT_FOR_TS
) runs on ItsIvim {
if (PICS_IS_IUT_SECURED == true) {
if(e_success != f_acTriggerSecEvent(m_acEnableSecurity(p_certificateId))) {
if(e_success != f_acTriggerSecEvent(m_acEnableSecurity(p_certificate_id))) {
log("*** INFO: TEST CASE NOW STOPPING ITSELF! ***");
stop;
}
......@@ -242,10 +242,10 @@ module LibItsIvim_Functions {
/**
* @desc Setups default configuration
* @param p_certificateId The certificate identifier the TA shall use in case of secured IUT
* @param p_certificate_id The certificate identifier the TA shall use in case of secured IUT
*/
function f_cfUp(
in charstring p_certificateId := PX_CERT_FOR_TS
in charstring p_certificate_id := PX_CERT_FOR_TS
) runs on ItsIvim /* TITAN TODO: system ItsIvimSystem */{
map(self:acPort, system:acPort);
......@@ -254,7 +254,7 @@ module LibItsIvim_Functions {
f_connect4SelfOrClientSync();
// Initialise secured mode
f_initialiseSecuredMode(p_certificateId);
f_initialiseSecuredMode(p_certificate_id);
} // End of function f_cfUp
......
ttcn/MapemSpatem/LibItsMapemSpatem_Functions.ttcn
View file @ b1e9bdd7
......@@ -97,12 +97,12 @@ module LibItsMapemSpatem_Functions {
* @desc Initialise secure mode if required
*/
function f_initialiseSecuredMode(
in charstring p_certificateId := PX_CERT_FOR_TS
in charstring p_certificate_id := PX_CERT_FOR_TS
) runs on ItsMapemSpatem {
if (PICS_IS_IUT_SECURED == true) {
if(e_success != f_acTriggerSecEvent(m_acEnableSecurity(p_certificateId))) {
if(e_success != f_acTriggerSecEvent(m_acEnableSecurity(p_certificate_id))) {
log("*** INFO: TEST CASE NOW STOPPING ITSELF! ***");
stop;
}
......@@ -220,10 +220,10 @@ module LibItsMapemSpatem_Functions {
/**
* @desc Setups default configuration
* @param p_certificateId The certificate identifier the TA shall use in case of secured IUT
* @param p_certificate_id The certificate identifier the TA shall use in case of secured IUT
*/
function f_cfUp(
in charstring p_certificateId := PX_CERT_FOR_TS
in charstring p_certificate_id := PX_CERT_FOR_TS
) runs on ItsMapemSpatem /* TITAN TODO: system ItsMapemSpatemSystem */ {
map(self:acPort, system:acPort);
......@@ -235,7 +235,7 @@ module LibItsMapemSpatem_Functions {
activate(a_cf01Down());
// Initialise secured mode
f_initialiseSecuredMode(p_certificateId);
f_initialiseSecuredMode(p_certificate_id);
} // End of f_cfUp
......
ttcn/Pki/LibItsPki_Functions.ttcn
View file @ b1e9bdd7
......@@ -50,6 +50,8 @@ module LibItsPki_Functions {
// LibItsHttp
import from LibItsHttp_TypesAndValues all;
import from LibItsHttp_Templates all;
import from LibItsHttp_BinaryTemplates all;
import from LibItsHttp_Functions all;
import from LibItsHttp_TestSystem all;
// LibItsPki
......@@ -63,7 +65,7 @@ module LibItsPki_Functions {
/**
* @desc Setups default configuration
* @param p_certificateId The certificate identifier the TA shall use in case of secured IUT
* @param p_certificate_id The certificate identifier the TA shall use in case of secured IUT
*/
function f_cfHttpUp(
in charstring p_ea_certificate_id := "CERT_TS_A_EA", // TODO Use a constant
......@@ -97,7 +99,7 @@ module LibItsPki_Functions {
} // End of function f_cfHttpUp
function f_cfUp_itss(
in charstring p_certificateId := "CERT_TS_A_EA" // TODO Use a constant
in charstring p_certificate_id := "CERT_TS_A_EA" // TODO Use a constant
) runs on ItsPkiItss /* TITAN TODO: system ItsPkiItssSystem */ {
map(self:geoNetworkingPort, system:geoNetworkingPort);
......@@ -132,7 +134,7 @@ module LibItsPki_Functions {
* @desc Initialise secure mode if required
*/
function f_initialiseSecuredMode(
in charstring p_certificateId := "CERT_TS_A_EA", // TODO Use a constant
in charstring p_certificate_id := "CERT_TS_A_EA", // TODO Use a constant
in charstring p_peerCertificateId := "CERT_IUT_A_EA"
) runs on ItsSecurityBaseComponent {
// Local variables
......@@ -144,7 +146,7 @@ module LibItsPki_Functions {
stop;
}
// f_prepareCertificates(p_certificateId, vc_aaCertificate, vc_atCertificate);
// f_prepareCertificates(p_certificate_id, vc_aaCertificate, vc_atCertificate);
} // End of function f_initialiseSecuredMode()
function f_uninitialiseSecuredMode() runs on ItsSecurityBaseComponent {
......@@ -190,22 +192,22 @@ module LibItsPki_Functions {
} // End of function f_utInitializeIut
function f_sendUtTriggerPrimitive(
in charstring p_cannonicalId,
in Oct1 p_encAlgorithm,
in charstring p_canonical_id,
in Oct1 p_enc_algorithm,
in octetstring p_private_key,
in octetstring p_publicKeyCompressed,
in integer p_compressedMode
in octetstring p_public_key_compressed,
in integer p_compressed_mode
) runs on ItsPkiItss {
var TriggerEnrolmentRequest v_ut_trigger_enrolment_request;
var octetstring v_compressed_public_key;
if (p_compressedMode == 2) { // TODO v_compressed_public_key := int2oct(p_compressedMode, 1) & p_publicKeyCompressed?
v_compressed_public_key := '02'O & p_publicKeyCompressed;
if (p_compressed_mode == 2) { // TODO v_compressed_public_key := int2oct(p_compressed_mode, 1) & p_public_key_compressed?
v_compressed_public_key := '02'O & p_public_key_compressed;
} else {
v_compressed_public_key := '03'O & p_publicKeyCompressed;
v_compressed_public_key := '03'O & p_public_key_compressed;
}
v_ut_trigger_enrolment_request := { p_cannonicalId, p_encAlgorithm, p_private_key, v_compressed_public_key };
v_ut_trigger_enrolment_request := { p_canonical_id, p_enc_algorithm, p_private_key, v_compressed_public_key };
utPort.send(UtPkiTrigger: { triggerEnrolmentRequest := v_ut_trigger_enrolment_request });
tc_ac.start;
alt {
......@@ -226,12 +228,12 @@ module LibItsPki_Functions {
} // End of group ut_port
group http { // TODO Split into EinnerEc, Authorization & AuthorizationValidation
group http { // TODO Split into EnnerEc, Authorization & AuthorizationValidation
function f_http_build_inner_ec_request( // TODO Cleanup parameters
out octetstring p_private_key,
out octetstring p_publicKeyCompressed,
out integer p_compressedMode,
out octetstring p_public_key_compressed,
out integer p_compressed_mode,
out Oct16 p_aes_sym_key,
out Oct16 p_encrypted_sym_key,
out Oct16 p_authentication_vector,
......@@ -246,7 +248,7 @@ module LibItsPki_Functions {
var integer v_compressed_enc_key_mode;
var boolean v_ret_code;
if (f_generate_inner_ec_request(p_private_key, p_publicKeyCompressed, p_compressedMode, v_inner_ec_request) == false) {
if (f_generate_inner_ec_request(p_private_key, p_public_key_compressed, p_compressed_mode, v_inner_ec_request) == false) {
log("*** f_http_build_inner_ec_request: ERROR: Failed to generate InnerEcRequest ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
......@@ -289,8 +291,8 @@ module LibItsPki_Functions {
function f_http_build_invalid_enrolment_request(
out octetstring p_private_key,
out octetstring p_publicKeyCompressed,
out integer p_compressedMode,
out octetstring p_public_key_compressed,
out integer p_compressed_mode,
out Oct16 p_aes_sym_key,
out Oct16 p_encrypted_sym_key,
out Oct16 p_authentication_vector,
......@@ -305,7 +307,7 @@ module LibItsPki_Functions {
var integer v_compressed_enc_key_mode;
var boolean v_ret_code;
if (f_generate_inner_ec_request(p_private_key, p_publicKeyCompressed, p_compressedMode, v_inner_ec_request) == false) {
if (f_generate_inner_ec_request(p_private_key, p_public_key_compressed, p_compressed_mode, v_inner_ec_request) == false) {
log("*** f_http_build_invalid_enrolment_request: ERROR: Failed to generate InnerEcRequest ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
......@@ -351,10 +353,10 @@ module LibItsPki_Functions {
in Certificate p_ec_certificate, // Enrolment credentials certificate
in octetstring p_ec_private_key,
out octetstring p_private_key,
out octetstring p_publicKeyCompressed,
out integer p_compressedMode,
out octetstring p_public_key_compressed,
out integer p_compressed_mode,
out octetstring p_private_enc_key,
out octetstring p_publicEncKeyCompressed,
out octetstring p_public_compressed_enc_key,
out integer p_compressedEncMode,
out Oct16 p_aes_sym_key,
out Oct16 p_encrypted_sym_key,
......@@ -377,21 +379,21 @@ module LibItsPki_Functions {
var bitstring v_authorization_request_msg;
// Generate verification keys for the certificate to be requested
if (f_generate_key_pair_nistp256(p_private_key, v_public_key_x, v_public_key_y, p_publicKeyCompressed, p_compressedMode) == false) {
if (f_generate_key_pair_nistp256(p_private_key, v_public_key_x, v_public_key_y, p_public_key_compressed, p_compressed_mode) == false) {
log("*** f_http_build_authorization_request: ERROR: Failed to generate verification key ***");
f_selfOrClientSyncAndVerdict("error", e_error);
return;
}
// Generate encryption keys for the certificate to be requested
if (PX_INCLUDE_ENCRYPTION_KEYS) {
if (f_generate_key_pair_nistp256(p_private_enc_key, v_public_enc_key_x, v_public_enc_key_y, p_publicEncKeyCompressed, p_compressedEncMode) == false) {
if (f_generate_key_pair_nistp256(p_private_enc_key, v_public_enc_key_x, v_public_enc_key_y, p_public_compressed_enc_key, p_compressedEncMode) == false) {
log("*** f_http_build_authorization_request: ERROR: Failed to generate encryption key ***");
f_selfOrClientSyncAndVerdict("error", e_error);
return;
}
}
if (f_generate_inner_at_request(vc_eaCertificate, vc_eaHashedId8, p_ec_certificate, p_ec_private_key, p_private_key, v_public_key_x, v_public_key_y, p_compressedMode, p_private_enc_key, v_public_enc_key_x, v_public_enc_key_y, p_compressedEncMode, v_inner_at_request) == false) {
if (f_generate_inner_at_request(vc_eaCertificate, vc_eaHashedId8, p_ec_certificate, p_ec_private_key, p_private_key, v_public_key_x, v_public_key_y, p_compressed_mode, p_private_enc_key, v_public_enc_key_x, v_public_enc_key_y, p_compressedEncMode, v_inner_at_request) == false) {
log("*** f_http_build_authorization_request: ERROR: Failed to generate AuthorizationValidationRequest ***");
f_selfOrClientSyncAndVerdict("error", e_error);
return;
......@@ -426,8 +428,8 @@ module LibItsPki_Functions {
function f_http_build_authorization_validation_request(
out octetstring p_private_key,
out octetstring p_publicKeyCompressed,
out integer p_compressedMode,
out octetstring p_public_key_compressed,
out integer p_compressed_mode,
out Ieee1609Dot2Data p_ieee1609dot2_signed_and_encrypted_data
) runs on ItsPkiHttp {
// Local variables
......@@ -436,7 +438,7 @@ module LibItsPki_Functions {
var octetstring v_public_enc_key;
var integer v_compressed_enc_key_mode;
/* TODO if (f_generate_authorization_validation_request(vc_eaCertificate, vc_eaHashedId8, p_private_key, p_publicKeyCompressed, p_compressedMode, v_authorization_validation_request) == false) {
/* TODO if (f_generate_authorization_validation_request(vc_eaCertificate, vc_eaHashedId8, p_private_key, p_public_key_compressed, p_compressed_mode, v_authorization_validation_request) == false) {
log("*** f_http_build_authorization_validation_request: ERROR: Failed to generate AuthorizationValidationRequest ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}*/
......@@ -577,8 +579,8 @@ module LibItsPki_Functions {
function f_generate_inner_ec_request(
out octetstring p_private_key,
out octetstring p_publicKeyCompressed,
out integer p_compressedMode,
out octetstring p_public_key_compressed,
out integer p_compressed_mode,
out InnerEcRequest p_inner_ec_request
) return boolean {
// Local variables
......@@ -588,14 +590,14 @@ module LibItsPki_Functions {
log (">>> f_generate_inner_ec_request");
// Generate keys for the certificate to be requested
if (f_generate_key_pair_nistp256(p_private_key, v_publicKeyX, v_publicKeyY, p_publicKeyCompressed, p_compressedMode) == false) {
if (f_generate_key_pair_nistp256(p_private_key, v_publicKeyX, v_publicKeyY, p_public_key_compressed, p_compressed_mode) == false) {
log ("f_generate_inner_ec_request: failed to generate keys");
return false;
}
if (p_compressedMode == 0) {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(p_publicKeyCompressed));
if (p_compressed_mode == 0) {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(p_public_key_compressed));
} else {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(p_publicKeyCompressed));
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(p_public_key_compressed));
}
log ("f_generate_inner_ec_request: ", v_eccP256_curve_point);
// Build the Proof of Possession InnerEcRequest
......@@ -813,7 +815,7 @@ module LibItsPki_Functions {
var Oct16 v_aes_sym_key;
var Oct16 v_encrypted_sym_key;
var HashedId8 v_recipientId;
var octetstring v_publicEphemeralKeyCompressed;
var octetstring v_public_compressed_ephemeral_key;
var integer v_ephemeralKeyModeCompressed;
var octetstring v_enc_signed_ec_signature;
......@@ -827,14 +829,14 @@ module LibItsPki_Functions {
} else {
return false;
}
v_enc_signed_ec_signature := f_encryptWithEciesNistp256WithSha256(bit2oct(encvalue(v_signed_ec_signature)), v_public_enc_key, v_compressed_mode, ''O, v_publicEphemeralKeyCompressed, v_ephemeralKeyModeCompressed, v_aes_sym_key, v_encrypted_sym_key, v_authentication_vector, v_nonce, PICS_SEC_FIXED_KEYS);
v_enc_signed_ec_signature := f_encryptWithEciesNistp256WithSha256(bit2oct(encvalue(v_signed_ec_signature)), v_public_enc_key, v_compressed_mode, ''O, v_public_compressed_ephemeral_key, v_ephemeralKeyModeCompressed, v_aes_sym_key, v_encrypted_sym_key, v_authentication_vector, v_nonce, PICS_SEC_FIXED_KEYS);
v_recipientId := p_ea_hashed_id8; // RecipientId is the HashedId8 of the EA certificate
log("v_recipientId= ", v_recipientId);
// Fill Certificate template with the public compressed keys (canonical form)
if (v_ephemeralKeyModeCompressed == 0) {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_publicEphemeralKeyCompressed));
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_public_compressed_ephemeral_key));
} else {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_publicEphemeralKeyCompressed));
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_public_compressed_ephemeral_key));
}
p_inner_at_request.ecSignature := valueof(
m_ec_signature(
......@@ -912,14 +914,87 @@ module LibItsPki_Functions {
} // End of group inner_at_xxx
group authorization_xxx {
} // End of group authorization_xxx
group authorization_validation_xxx {
} // End of group authorization_validation_xxx
group awaiting_messages {
function f_await_http_inner_ec_request_response(
in Oct32 p_private_key,
in Oct32 p_compressed_public_key,
in integer p_compressed_mode,
out InnerEcResponse p_inner_ec_response
) runs on ItsPkiHttp return boolean {
var HeaderLines v_headers;
var Oct32 v_request_hash;
var Oct16 v_encrypted_sym_key;
var Oct16 v_aes_sym_key;
var Oct16 v_authentication_vector;
var Oct12 v_nonce;
var octetstring v_salt;
var Ieee1609Dot2Data v_ieee1609dot2_signed_and_encrypted_data;
var EtsiTs102941Data v_etsi_ts_102941_data;
var HttpMessage v_response;
f_http_build_inner_ec_request(p_private_key, p_compressed_public_key, p_compressed_mode, v_aes_sym_key, v_encrypted_sym_key, v_authentication_vector, v_nonce, v_salt, v_ieee1609dot2_signed_and_encrypted_data, v_request_hash);
f_init_default_headers_list(-, "inner_ec_request", v_headers);
httpPort.send(
m_http_request(
m_http_request_post(
PICS_HTTP_POST_URI,
v_headers,
m_http_message_body_binary(
m_binary_body_ieee1609dot2_data(
v_ieee1609dot2_signed_and_encrypted_data
)))));
tc_ac.start;
alt {
[] httpPort.receive(
mw_http_response(
mw_http_response_ok(
mw_http_message_body_binary(
mw_binary_body_ieee1609dot2_data(
mw_enrolmentResponseMessage(
mw_encryptedData(
-,
mw_SymmetricCiphertext_aes128ccm
))))))) -> value v_response {
tc_ac.stop;
if (f_verify_pki_message(p_private_key, v_aes_sym_key, v_authentication_vector, vc_eaWholeHash, vc_eaCertificate, v_response.response.body.binary_body.ieee1609dot2_data, false, v_etsi_ts_102941_data) == false) {
log("f_await_http_inner_ec_request_response: Failed to verify PKI message ***");
} else {
log("f_await_http_inner_ec_request_response: Receive ", v_etsi_ts_102941_data, " ***");
log("f_await_http_inner_ec_request_response: match ", match(v_etsi_ts_102941_data.content, mw_enrolmentResponse(mw_innerEcResponse_ok(substr(v_request_hash, 0, 16), mw_etsiTs103097Certificate(mw_issuerIdentifier_self, mw_toBeSignedCertificate_ea, mw_signature_ecdsaNistP256)))), " ***"); // TODO In TITAN, this is the only way to get the unmatching in log
if (match(v_etsi_ts_102941_data.content, mw_enrolmentResponse(mw_innerEcResponse_ok(substr(v_request_hash, 0, 16), mw_etsiTs103097Certificate(mw_issuerIdentifier_self, mw_toBeSignedCertificate_ea, mw_signature_ecdsaNistP256))))) {
p_inner_ec_response := v_etsi_ts_102941_data.content.enrolmentResponse;
log("f_await_http_inner_ec_request_response: Well-secured EA certificate received ***");
log("p_inner_ec_response= ", p_inner_ec_response);
return true;
} else {
log("f_await_http_inner_ec_request_response: Unexpected message received ***");
}
}
}
[] httpPort.receive(
mw_http_response(
mw_http_response_ko
)) {
tc_ac.stop;
log("f_await_http_inner_ec_request_response: Unexpected message received ***");
}
[] tc_ac.timeout {
log("f_await_http_inner_ec_request_response: Expected message not received ***");
}
} // End of 'alt' statement
return false;
} // End of function f_await_http_inner_ec_request_response
} // End of group awaiting_messages
group pki_functions {
/**
......@@ -928,8 +1003,8 @@ module LibItsPki_Functions {
* @param p_signer_identifier Signer identifier for signature, could be self or certificate HashedId8
* @param p_recipientId Recipient identifier to be inclued in encrypted layer.
* If value is int2oct(0. 8), the recipient id is the HashedId8 of the symmetric key used by the sender to encrypt the message to which the response is built
* @param p_publicKeyCompressed The public compressed key (canonical form) for encryption
* @param p_compressedMode The compressed mode of the public compressed key (canonical form) for encryption
* @param p_public_key_compressed The public compressed key (canonical form) for encryption
* @param p_compressed_mode The compressed mode of the public compressed key (canonical form) for encryption
* @param p_pki_message The PKI message to be secured
* @param p_ieee1609dot2_signed_and_encrypted_data The secured message
* @return true on success, false otherwise
......@@ -938,8 +1013,8 @@ module LibItsPki_Functions {
in octetstring p_private_key,
in SignerIdentifier p_signer_identifier,
in HashedId8 p_recipientId,
in octetstring p_publicKeyCompressed,
in integer p_compressedMode,
in octetstring p_public_key_compressed,
in integer p_compressed_mode,
in octetstring p_salt,
in octetstring p_pki_message,
out Ieee1609Dot2Data p_ieee1609dot2_signed_and_encrypted_data,
......@@ -956,7 +1031,7 @@ module LibItsPki_Functions {
var template (value) Ieee1609Dot2Data v_ieee1609dot2_signed_data;
var octetstring v_encoded_inner_ec_request;
var HashedId8 v_recipientId;
var octetstring v_publicEphemeralKeyCompressed;
var octetstring v_public_compressed_ephemeral_key;
var integer v_ephemeralKeyModeCompressed;
var octetstring v_encrypted_inner_ec_request;
......@@ -1005,7 +1080,7 @@ module LibItsPki_Functions {
if (PICS_SEC_FIXED_KEYS) {
p_salt := '77C0637C3558B3238FDE1EEC376DA080BE4076FB8491CA0F8C19FD34DF298CEB'O;
}
v_encrypted_inner_ec_request := f_encryptWithEciesNistp256WithSha256(v_encoded_inner_ec_request, p_publicKeyCompressed, p_compressedMode, p_salt, v_publicEphemeralKeyCompressed, v_ephemeralKeyModeCompressed, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce, PICS_SEC_FIXED_KEYS);
v_encrypted_inner_ec_request := f_encryptWithEciesNistp256WithSha256(v_encoded_inner_ec_request, p_public_key_compressed, p_compressed_mode, p_salt, v_public_compressed_ephemeral_key, v_ephemeralKeyModeCompressed, p_aes_sym_key, p_encrypted_sym_key, p_authentication_vector, p_nonce, PICS_SEC_FIXED_KEYS);
log("p_aes_sym_key= ", p_aes_sym_key);
log("p_encrypted_sym_key= ", p_encrypted_sym_key);
log("p_authentication_vector= ", p_authentication_vector);
......@@ -1020,9 +1095,9 @@ module LibItsPki_Functions {
log("v_recipientId= ", v_recipientId);
// Fill Certificate template with the public compressed keys (canonical form)
if (v_ephemeralKeyModeCompressed == 0) {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_publicEphemeralKeyCompressed));
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_0(v_public_compressed_ephemeral_key));
} else {
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_publicEphemeralKeyCompressed));
v_eccP256_curve_point := valueof(m_eccP256CurvePoint_compressed_y_1(v_public_compressed_ephemeral_key));
}
p_ieee1609dot2_signed_and_encrypted_data := valueof(
m_etsiTs103097Data_encrypted(
......@@ -1057,8 +1132,8 @@ module LibItsPki_Functions {
* @param p_signer_identifier Signer identifier for signature, could be self or certificate HashedId8
* @param p_recipientId Recipient identifier to be inclued in encrypted layer.
* If value is int2oct(0. 8), the recipient id is the HashedId8 of the symmetric key used by the sender to encrypt the message to which the response is built
* @param p_publicKeyCompressed The public compressed key (canonical form) for encryption
* @param p_compressedMode The compressed mode of the public compressed key (canonical form) for encryption
* @param p_public_key_compressed The public compressed key (canonical form) for encryption
* @param p_compressed_mode The compressed mode of the public compressed key (canonical form) for encryption
* @param p_pki_message The PKI message to be secured
* @param p_ieee1609dot2_signed_and_encrypted_data The secured message
* @return true on success, false otherwise
......@@ -1241,14 +1316,14 @@ module LibItsPki_Functions {
/**
* @desc Verify the generated EA certificate
* @param p_ea_certificate The new EA certificate
* @param p_publicKeyCompressed The public compressed key (canonical form) for signature check
* @param p_compressedMode The public compressed key mode
* @param p_public_key_compressed The public compressed key (canonical form) for signature check
* @param p_compressed_mode The public compressed key mode
* @return true on success, false otherwise
*/
function f_verify_ea_certificate(
in Certificate p_ea_certificate,
in octetstring p_publicKeyCompressed,
in integer p_compressedMode
in octetstring p_public_key_compressed,
in integer p_compressed_mode
) return boolean {
var bitstring v_encoded_tbs;
var boolean v_result;
......@@ -1263,8 +1338,8 @@ module LibItsPki_Functions {
bit2oct(v_encoded_tbs),
int2oct(0, 32), // self
p_ea_certificate.signature_.ecdsaNistP256Signature.rSig.x_only & p_ea_certificate.signature_.ecdsaNistP256Signature.sSig,
p_publicKeyCompressed,
p_compressedMode);
p_public_key_compressed,
p_compressed_mode);
return v_result;
} // End of function f_verify_ea_certificate
......@@ -1272,14 +1347,14 @@ module LibItsPki_Functions {
/**
* @desc Verify the generated AA certificate
* @param p_aa_certificate The new EA certificate
* @param p_publicKeyCompressed The public compressed key (canonical form) for signature check
* @param p_compressedMode The public compressed key mode
* @param p_public_key_compressed The public compressed key (canonical form) for signature check
* @param p_compressed_mode The public compressed key mode
* @return true on success, false otherwise
*/
function f_verify_aa_certificate(
in Certificate p_aa_certificate,
in octetstring p_publicKeyCompressed,
in integer p_compressedMode
in octetstring p_public_key_compressed,
in integer p_compressed_mode
) return boolean {
var bitstring v_encoded_tbs;
var boolean v_result;
......@@ -1294,8 +1369,8 @@ module LibItsPki_Functions {
bit2oct(v_encoded_tbs),
int2oct(0, 32), // self
p_aa_certificate.signature_.ecdsaNistP256Signature.rSig.x_only & p_aa_certificate.signature_.ecdsaNistP256Signature.sSig,
p_publicKeyCompressed,
p_compressedMode);
p_public_key_compressed,
p_compressed_mode);
return v_result;
} // End of function f_verify_aa_certificate
......
ttcn/Security/LibItsSecurity_Functions.ttcn
View file @ b1e9bdd7
......@@ -234,7 +234,7 @@ module LibItsSecurity_Functions {
* @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) encryption using Nist-P256 algorithm
* @param p_toBeEncryptedSecuredMessage The data to be encrypted
* @param p_recipientsPublicKeyCompressed The Recipient's compressed public key
* @param p_compressedMode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @param p_publicEphemeralKeyCompressed The generated ephemeral compressed key
* @param p_ephemeralKeyModeCompressed The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @param p_encrypted_sym_key The encrypted AES 128 CCM symmetric key
......@@ -248,7 +248,7 @@ module LibItsSecurity_Functions {
function f_encryptWithEciesNistp256WithSha256(
in octetstring p_toBeEncryptedSecuredMessage,
in Oct32 p_recipientsPublicKeyCompressed,
in integer p_compressedMode,
in integer p_compressed_mode,
in octetstring p_salt,
out Oct32 p_publicEphemeralKeyCompressed,
out integer p_ephemeralKeyModeCompressed,
......@@ -261,7 +261,7 @@ module LibItsSecurity_Functions {
return fx_encryptWithEciesNistp256WithSha256(
p_toBeEncryptedSecuredMessage,
p_recipientsPublicKeyCompressed,
p_compressedMode,
p_compressed_mode,
p_salt,
p_publicEphemeralKeyCompressed,
p_ephemeralKeyModeCompressed,
......@@ -312,7 +312,7 @@ module LibItsSecurity_Functions {
* @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) encryption using Brainpool-P256 algorithm
* @param p_toBeEncryptedSecuredMessage The data to be encrypted
* @param p_recipientsPublicKeyCompressed The Recipient's compressed public key
* @param p_compressedMode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @param p_publicEphemeralKeyCompressed The generated ephemeral compressed key
* @param p_ephemeralKeyModeCompressed The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @param p_encrypted_sym_key The encrypted AES 128 CCM symmetric key
......@@ -326,7 +326,7 @@ module LibItsSecurity_Functions {
function f_encryptWithEciesBrainpoolp256WithSha256(
in octetstring p_toBeEncryptedSecuredMessage,
in Oct32 p_recipientsPublicKeyX,
in integer p_compressedMode,
in integer p_compressed_mode,
out Oct32 p_publicEphemeralKeyCompressed,
out integer p_ephemeralKeyModeCompressed,
out Oct16 p_aes_sym_key,
......@@ -337,7 +337,7 @@ module LibItsSecurity_Functions {
return fx_encryptWithEciesBrainpoolp256WithSha256(
p_toBeEncryptedSecuredMessage,
p_recipientsPublicKeyX,
p_compressedMode,
p_compressed_mode,
p_publicEphemeralKeyCompressed,
p_ephemeralKeyModeCompressed,
p_aes_sym_key,
......@@ -422,7 +422,7 @@ module LibItsSecurity_Functions {
* @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate
* @param p_signature The signature
* @param p_ecdsaNistp256PublicKeyCompressed The compressed public key
* @param p_compressedMode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @return true on success, false otherwise
*/
function f_verifyWithEcdsaNistp256WithSha256(
......@@ -430,7 +430,7 @@ module LibItsSecurity_Functions {
in Oct32 p_certificateIssuer,
in Oct64 p_signature,
in Oct32 p_ecdsaNistp256PublicKeyCompressed,
in integer p_compressedMode
in integer p_compressed_mode
) return boolean {
// log("f_verifyWithEcdsaNistp256WithSha256: toBeVerifiedData", p_toBeVerifiedData);
// log("f_verifyWithEcdsaNistp256WithSha256: toBeVerifiedData length", lengthof(p_toBeVerifiedData));
......@@ -441,7 +441,7 @@ module LibItsSecurity_Functions {
p_certificateIssuer,
p_signature,
p_ecdsaNistp256PublicKeyCompressed,
p_compressedMode
p_compressed_mode
);
} // End of function f_verifyWithEcdsaNistp256WithSha256
......@@ -480,7 +480,7 @@ module LibItsSecurity_Functions {
* @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate
* @param p_signature The signature
* @param p_ecdsaBrainpoolp256PublicKeyCompressed The compressed public key
* @param p_compressedMode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @return true on success, false otherwise
*/
function f_verifyWithEcdsaBrainpoolp256WithSha256(
......@@ -488,7 +488,7 @@ module LibItsSecurity_Functions {
in Oct32 p_certificateIssuer,
in Oct64 p_signature,
in Oct32 p_ecdsaBrainpoolp256PublicKeyCompressed,
in integer p_compressedMode
in integer p_compressed_mode
) return boolean {
// log("f_verifyWithEcdsaBrainpoolp256WithSha256: toBeVerifiedData", p_toBeVerifiedData);
// log("f_verifyWithEcdsaBrainpoolp256WithSha256: toBeVerifiedData length", lengthof(p_toBeVerifiedData));
......@@ -499,7 +499,7 @@ module LibItsSecurity_Functions {
p_certificateIssuer,
p_signature,
p_ecdsaBrainpoolp256PublicKeyCompressed,
p_compressedMode
p_compressed_mode
);
} // End of function f_verifyWithEcdsaBrainpoolp256WithSha256
......@@ -539,7 +539,7 @@ module LibItsSecurity_Functions {
* @param p_signature The signature
* @param p_ecdsaBrainpoolp384PublicKeyX The public key (x coordinate)
* @param p_ecdsaBrainpoolp384PublicKeyY The public key (y coordinate)
* @param p_compressedMode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @return true on success, false otherwise
*/
function f_verifyWithEcdsaBrainpoolp384WithSha384(
......@@ -547,7 +547,7 @@ module LibItsSecurity_Functions {
in Oct48 p_certificateIssuer,
in Oct96 p_signature,
in Oct48 p_ecdsaBrainpoolp384PublicKeyCompressed,
in integer p_compressedMode
in integer p_compressed_mode
) return boolean {
// log("f_verifyWithEcdsaBrainpoolp384WithSha384: toBeVerifiedData", p_toBeVerifiedData);
// log("f_verifyWithEcdsaBrainpoolp384WithSha384: toBeVerifiedData length", lengthof(p_toBeVerifiedData));
......@@ -558,7 +558,7 @@ module LibItsSecurity_Functions {
p_certificateIssuer,
p_signature,
p_ecdsaBrainpoolp384PublicKeyCompressed,
p_compressedMode
p_compressed_mode
);
} // End of function f_verifyWithEcdsaBrainpoolp384WithSha384
......@@ -598,7 +598,7 @@ module LibItsSecurity_Functions {
* @param p_publicKeyX The new public key value (x coordinate)
* @param p_publicKeyX The new public key value (y coordinate)
* @param p_publicKeyCompressed The compressed public keys
* @param p_compressedMode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @return true on success, false otherwise
*/
function f_generate_key_pair_nistp256(
......@@ -606,18 +606,18 @@ module LibItsSecurity_Functions {
out Oct32 p_publicKeyX,
out Oct32 p_publicKeyY,
out Oct32 p_publicKeyCompressed,
out integer p_compressedMode
out integer p_compressed_mode
) return boolean {
if (PICS_SEC_FIXED_KEYS) { // Debug mode: Use fixed values
p_privateKey := '43481BC44C073C1432DB6EC4F0EF57062BEA08E4C19F811567325AD1FD1C6577'O;
p_publicKeyX := '0B5D74B033531C51D17B4F218DD4E39289AE4BF2EE3D7BAB7C07DAF0C14F0317'O;
p_publicKeyY := '5D49B139A9237832FDE24D77555878CE65D6C2284A1BDA4CE08ABDD4071E0255'O;
p_publicKeyCompressed := '0B5D74B033531C51D17B4F218DD4E39289AE4BF2EE3D7BAB7C07DAF0C14F0317'O;
p_compressedMode := 1;
p_compressed_mode := 1;
return true;
}
return fx_generateKeyPair_nistp256(p_privateKey, p_publicKeyX, p_publicKeyY, p_publicKeyCompressed, p_compressedMode);
return fx_generateKeyPair_nistp256(p_privateKey, p_publicKeyX, p_publicKeyY, p_publicKeyCompressed, p_compressed_mode);
}
/**
......@@ -627,7 +627,7 @@ module LibItsSecurity_Functions {
* @param p_publicKeyX The new public key value (x coordinate)
* @param p_publicKeyX The new public key value (y coordinate)
* @param p_publicKeyCompressed The compressed public keys
* @param p_compressedMode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @return true on success, false otherwise
*/
function f_generate_key_pair_brainpoolp256(
......@@ -635,9 +635,9 @@ module LibItsSecurity_Functions {
out Oct32 p_publicKeyX,
out Oct32 p_publicKeyY,
out Oct32 p_publicKeyCompressed,
out integer p_compressedMode
out integer p_compressed_mode
) return boolean {
return fx_generateKeyPair_brainpoolp256(p_privateKey, p_publicKeyX, p_publicKeyY, p_publicKeyCompressed, p_compressedMode);
return fx_generateKeyPair_brainpoolp256(p_privateKey, p_publicKeyX, p_publicKeyY, p_publicKeyCompressed, p_compressed_mode);
}
/**
......@@ -647,7 +647,7 @@ module LibItsSecurity_Functions {
* @param p_publicKeyX The new public key value (x coordinate)
* @param p_publicKeyX The new public key value (y coordinate)
* @param p_publicKeyCompressed The compressed public keys
* @param p_compressedMode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @return true on success, false otherwise
*/
function f_generate_key_pair_brainpoolp384(
......@@ -655,9 +655,9 @@ module LibItsSecurity_Functions {
out Oct48 p_publicKeyX,
out Oct48 p_publicKeyY,
out Oct48 p_publicKeyCompressed,
out integer p_compressedMode
out integer p_compressed_mode
) return boolean {
return fx_generateKeyPair_brainpoolp384(p_privateKey, p_publicKeyX, p_publicKeyY, p_publicKeyCompressed, p_compressedMode);
return fx_generateKeyPair_brainpoolp384(p_privateKey, p_publicKeyX, p_publicKeyY, p_publicKeyCompressed, p_compressed_mode);
}
/**
......@@ -2124,17 +2124,17 @@ module LibItsSecurity_Functions {
/**
* @desc Read the specified certificate
* @param p_certificateId the certificate identifier
* @param p_certificate_id the certificate identifier
* @param p_certificate the expected certificate
* @return true on success, false otherwise
*/
function f_readCertificate(
in charstring p_certificateId,
in charstring p_certificate_id,
out EtsiTs103097Certificate p_certificate
) return boolean {
var octetstring v_certificate;
if (fx_readCertificate(p_certificateId, v_certificate) == true) {
if (fx_readCertificate(p_certificate_id, v_certificate) == true) {
var bitstring v_oct2bit;
var integer v_result;
......@@ -2145,22 +2145,22 @@ module LibItsSecurity_Functions {
}
}
log("f_readCertificate: Failed to retrieve ", p_certificateId);
log("f_readCertificate: Failed to retrieve ", p_certificate_id);
return false;
} // End of function f_readCertificate
/**
* @desc Read the specified certificate
* @param p_certificateId the certificate identifier
* @param p_certificate_id the certificate identifier
* @param p_digest the digest of the certificate
* @return true on success, false otherwise
*/
function f_getCertificateDigest(
in charstring p_certificateId,
in charstring p_certificate_id,
out HashedId8 p_digest
) return boolean {
if (not fx_readCertificateDigest(p_certificateId, p_digest)){
log("f_getCertificateDigest: Failed to retrieve digest for ", p_certificateId);
if (not fx_readCertificateDigest(p_certificate_id, p_digest)){
log("f_getCertificateDigest: Failed to retrieve digest for ", p_certificate_id);
return false;
}
return true;
......@@ -2168,16 +2168,16 @@ module LibItsSecurity_Functions {
/**
* @desc Read the whole-hash of the certificate
* @param p_certificateId the certificate identifier
* @param p_certificate_id the certificate identifier
* @param p_hash the whole-hash of the certificate
* @return true on success, false otherwise
*/
function f_getCertificateHash(
in charstring p_certificateId,
in charstring p_certificate_id,
out octetstring p_hash
) return boolean {
if (not fx_readCertificateHash(p_certificateId, p_hash)){
log("f_getCertificateHash: Failed to retrieve digest for ", p_certificateId);
if (not fx_readCertificateHash(p_certificate_id, p_hash)){
log("f_getCertificateHash: Failed to retrieve digest for ", p_certificate_id);
return false;
}
return true;
......@@ -2347,7 +2347,7 @@ module LibItsSecurity_Functions {
* @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) encryption using Nist-P256 algorithm
* @param p_toBeEncryptedSecuredMessage The data to be encrypted
* @param p_recipientsPublicKeyCompressed The Recipient's compressed public key
* @param p_compressedMode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @param p_publicEphemeralKeyCompressed The generated ephemeral compressed key
* @param p_ephemeralKeyModeCompressed The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @param p_encrypted_sym_key The encrypted AES 128 CCM symmetric key
......@@ -2355,7 +2355,7 @@ module LibItsSecurity_Functions {
* @param p_nonce The nonce vector of the AES 128 CCM symmetric key encryption
* @return The encrypted message
*/
external function fx_encryptWithEciesNistp256WithSha256(in octetstring p_toBeEncryptedSecuredMessage, in Oct32 p_recipientsPublicKeyCompressed, in integer p_compressedMode, in octetstring p_salt, out Oct32 p_publicEphemeralKeyCompressed, out integer p_ephemeralKeyModeCompressed, out Oct16 p_aes_sym_key, out Oct16 p_encrypted_sym_key, out Oct16 p_authentication_vector, out Oct12 p_nonce, in boolean p_use_hardcoded_values := false) return octetstring;
external function fx_encryptWithEciesNistp256WithSha256(in octetstring p_toBeEncryptedSecuredMessage, in Oct32 p_recipientsPublicKeyCompressed, in integer p_compressed_mode, in octetstring p_salt, out Oct32 p_publicEphemeralKeyCompressed, out integer p_ephemeralKeyModeCompressed, out Oct16 p_aes_sym_key, out Oct16 p_encrypted_sym_key, out Oct16 p_authentication_vector, out Oct12 p_nonce, in boolean p_use_hardcoded_values := false) return octetstring;
external function fx_test_encryptWithEciesNistp256WithSha256(in octetstring p_toBeEncryptedSecuredMessage, in Oct32 p_privateEphemeralKey, in Oct32 p_recipientPublicKeyX, in Oct32 p_recipientPublicKeyY, in octetstring p_salt, out Oct32 p_publicEphemeralKeyX, out Oct32 p_publicEphemeralKeyY, out Oct16 p_aes_sym_key, out Oct16 p_encrypted_sym_key, out Oct16 p_authentication_vector, out Oct12 p_nonce) return octetstring;
......@@ -2375,7 +2375,7 @@ module LibItsSecurity_Functions {
* @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) encryption using Brainpool-P256 algorithm
* @param p_toBeEncryptedSecuredMessage The data to be encrypted
* @param p_recipientsPublicKeyCompressed The Recipient's compressed public key
* @param p_compressedMode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @param p_publicEphemeralKeyCompressed The generated ephemeral compressed key
* @param p_ephemeralKeyModeCompressed The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @param p_encrypted_sym_key The encrypted AES 128 CCM symmetric key
......@@ -2383,7 +2383,7 @@ module LibItsSecurity_Functions {
* @param p_nonce The nonce vector of the AES 128 CCM symmetric key encryption
* @return The encrypted message
*/
external function fx_encryptWithEciesBrainpoolp256WithSha256(in octetstring p_toBeEncryptedSecuredMessage, in Oct32 p_recipientsPublicKeyCompressed, in integer p_compressedMode, out Oct32 p_publicEphemeralKeyCompressed, out integer p_ephemeralKeyModeCompressed, out Oct16 p_aes_sym_key, out Oct16 p_encrypted_sym_key, out Oct16 p_authentication_vector, out Oct12 p_nonce) return octetstring;
external function fx_encryptWithEciesBrainpoolp256WithSha256(in octetstring p_toBeEncryptedSecuredMessage, in Oct32 p_recipientsPublicKeyCompressed, in integer p_compressed_mode, out Oct32 p_publicEphemeralKeyCompressed, out integer p_ephemeralKeyModeCompressed, out Oct16 p_aes_sym_key, out Oct16 p_encrypted_sym_key, out Oct16 p_authentication_vector, out Oct12 p_nonce) return octetstring;
/**
* @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) decryption using Brainpool-P256 algorithm
......@@ -2431,12 +2431,12 @@ module LibItsSecurity_Functions {
* @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate
* @param p_signature The signature
* @param p_ecdsaNistp256PublicKeyCompressed The compressed public key
* @param p_compressedMode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @return true on success, false otherwise
*/
external function fx_verifyWithEcdsaNistp256WithSha256(in octetstring p_toBeVerifiedData, in Oct32 p_certificateIssuer, in octetstring p_signature, in Oct32 p_ecdsaNistp256PublicKeyCompressed, in integer p_compressedMode) return boolean;
external function fx_verifyWithEcdsaNistp256WithSha256(in octetstring p_toBeVerifiedData, in Oct32 p_certificateIssuer, in octetstring p_signature, in Oct32 p_ecdsaNistp256PublicKeyCompressed, in integer p_compressed_mode) return boolean;
external function fx_test_verifyWithEcdsaNistp256WithSha256(in octetstring p_toBeVerifiedData, in octetstring p_signature, in Oct32 p_ecdsaNistp256PublicKeyCompressed, in integer p_compressedMode) return boolean;
external function fx_test_verifyWithEcdsaNistp256WithSha256(in octetstring p_toBeVerifiedData, in octetstring p_signature, in Oct32 p_ecdsaNistp256PublicKeyCompressed, in integer p_compressed_mode) return boolean;
/**
* @desc Verify the signature of the specified data
......@@ -2455,10 +2455,10 @@ module LibItsSecurity_Functions {
* @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate
* @param p_signature The signature
* @param p_ecdsaBrainpoolp256PublicKeyCompressed The compressed public key
* @param p_compressedMode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @return true on success, false otherwise
*/
external function fx_verifyWithEcdsaBrainpoolp256WithSha256(in octetstring p_toBeVerifiedData, in Oct32 p_certificateIssuer, in Oct64 p_signature, in Oct32 p_ecdsaBrainpoolp256PublicKeyCompressed, in integer p_compressedMode) return boolean;
external function fx_verifyWithEcdsaBrainpoolp256WithSha256(in octetstring p_toBeVerifiedData, in Oct32 p_certificateIssuer, in Oct64 p_signature, in Oct32 p_ecdsaBrainpoolp256PublicKeyCompressed, in integer p_compressed_mode) return boolean;
/**
* @desc Verify the signature of the specified data
......@@ -2477,10 +2477,10 @@ module LibItsSecurity_Functions {
* @param p_certificateIssuer The certificate issuer
* @param p_signature The signature
* @param p_ecdsaBrainpoolp384PublicKeyCompressed The compressed public key
* @param p_compressedMode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @return true on success, false otherwise
*/
external function fx_verifyWithEcdsaBrainpoolp384WithSha384(in octetstring p_toBeVerifiedData, in Oct48 p_certificateIssuer, in Oct96 p_signature, in Oct48 p_ecdsaBrainpoolp384PublicKeyCompressed, in integer p_compressedMode) return boolean;
external function fx_verifyWithEcdsaBrainpoolp384WithSha384(in octetstring p_toBeVerifiedData, in Oct48 p_certificateIssuer, in Oct96 p_signature, in Oct48 p_ecdsaBrainpoolp384PublicKeyCompressed, in integer p_compressed_mode) return boolean;
/**
* @desc Verify the signature of the specified data
......@@ -2500,10 +2500,10 @@ module LibItsSecurity_Functions {
* @param p_publicKeyX The new public key value (x coordinate)
* @param p_publicKeyX The new public key value (y coordinate)
* @param p_publicKeyCompressed The compressed public keys
* @param p_compressedMode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @return true on success, false otherwise
*/
external function fx_generateKeyPair_nistp256(out Oct32 p_privateKey, out Oct32 p_publicKeyX, out Oct32 p_publicKeyY, out Oct32 p_publicKeyCompressed, out integer p_compressedMode) return boolean;
external function fx_generateKeyPair_nistp256(out Oct32 p_privateKey, out Oct32 p_publicKeyX, out Oct32 p_publicKeyY, out Oct32 p_publicKeyCompressed, out integer p_compressed_mode) return boolean;
/**
* @desc Produce a new public/private key pair based on Elliptic Curve Digital Signature Algorithm (ECDSA) algorithm.
......@@ -2512,10 +2512,10 @@ module LibItsSecurity_Functions {
* @param p_publicKeyX The new public key value (x coordinate)
* @param p_publicKeyX The new public key value (y coordinate)
* @param p_publicKeyCompressed The compressed public keys
* @param p_compressedMode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @return true on success, false otherwise
*/
external function fx_generateKeyPair_brainpoolp256(out Oct32 p_privateKey, out Oct32 p_publicKeyX, out Oct32 p_publicKeyY, out Oct32 p_publicKeyCompressed, out integer p_compressedMode) return boolean;
external function fx_generateKeyPair_brainpoolp256(out Oct32 p_privateKey, out Oct32 p_publicKeyX, out Oct32 p_publicKeyY, out Oct32 p_publicKeyCompressed, out integer p_compressed_mode) return boolean;
/**
* @desc Produce a new public/private key pair based on Elliptic Curve Digital Signature Algorithm (ECDSA) algorithm.
......@@ -2524,10 +2524,10 @@ module LibItsSecurity_Functions {
* @param p_publicKeyX The new public key value (x coordinate)
* @param p_publicKeyX The new public key value (y coordinate)
* @param p_publicKeyCompressed The compressed public keys
* @param p_compressedMode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise
* @return true on success, false otherwise
*/
external function fx_generateKeyPair_brainpoolp384(out Oct48 p_privateKey, out Oct48 p_publicKeyX, out Oct48 p_publicKeyY, out Oct48 p_publicKeyCompressed, out integer p_compressedMode) return boolean;
external function fx_generateKeyPair_brainpoolp384(out Oct48 p_privateKey, out Oct48 p_publicKeyX, out Oct48 p_publicKeyY, out Oct48 p_publicKeyCompressed, out integer p_compressed_mode) return boolean;
} // End of group signing
......@@ -2555,29 +2555,29 @@ module LibItsSecurity_Functions {
/**
* @desc Read the specified certificate
* @param p_certificateId the certificate identifier
* @param p_certificate_id the certificate identifier
* @param p_certificate the expected certificate
* @return true on success, false otherwise
*/
external function fx_readCertificate(in charstring p_certificateId, out octetstring p_certificate) return boolean;
external function fx_readCertificate(in charstring p_certificate_id, out octetstring p_certificate) return boolean;
/**
* @desc Read the specified certificate digest
* @param p_certificateId the certificate identifier
* @param p_certificate_id the certificate identifier
* @param p_digest the expected certificate
* @return true on success, false otherwise
*/
external function fx_readCertificateDigest(in charstring p_certificateId, out HashedId8 p_digest) return boolean;
external function fx_readCertificateDigest(in charstring p_certificate_id, out HashedId8 p_digest) return boolean;
/**
* @desc Read the whole-hash of the specified certificate
* @param p_certificateId the certificate identifier
* @param p_certificate_id the certificate identifier
* @param p_hash the whole-hash of the certificate
* @return true on success, false otherwise
*/
external function fx_readCertificateHash(in charstring p_certificateId, out octetstring p_hash) return boolean;
external function fx_readCertificateHash(in charstring p_certificate_id, out octetstring p_hash) return boolean;
external function fx_readCertificateFromDigest(in HashedId8 p_digest, out charstring p_certificateId) return boolean;
external function fx_readCertificateFromDigest(in HashedId8 p_digest, out charstring p_certificate_id) return boolean;
/**
* @desc Read the private keys for the specified certificate
......
ttcn/SremSsem/LibItsSremSsem_Functions.ttcn
View file @ b1e9bdd7
......@@ -129,12 +129,12 @@ module LibItsSremSsem_Functions {
* @desc Initialise secure mode if required
*/
function f_initialiseSecuredMode(
in charstring p_certificateId := PX_CERT_FOR_TS
in charstring p_certificate_id := PX_CERT_FOR_TS
) runs on ItsSremSsem {
if (PICS_IS_IUT_SECURED == true) {
if(e_success != f_acTriggerSecEvent(m_acEnableSecurity(p_certificateId))) {
if(e_success != f_acTriggerSecEvent(m_acEnableSecurity(p_certificate_id))) {
log("*** INFO: TEST CASE NOW STOPPING ITSELF! ***");
stop;
}
......@@ -252,10 +252,10 @@ module LibItsSremSsem_Functions {
/**
* @desc Setups default configuration
* @param p_certificateId The certificate identifier the TA shall use in case of secured IUT
* @param p_certificate_id The certificate identifier the TA shall use in case of secured IUT
*/
function f_cfUp(
in charstring p_certificateId := PX_CERT_FOR_TS
in charstring p_certificate_id := PX_CERT_FOR_TS
) runs on ItsSremSsem /* TITAN TODO: system ItsSremSsemSystem */ {
map(self:acPort, system:acPort);
......@@ -267,7 +267,7 @@ module LibItsSremSsem_Functions {
activate(a_cf01Down());
// Initialise secured mode
f_initialiseSecuredMode(p_certificateId);
f_initialiseSecuredMode(p_certificate_id);
//Initialze the IUT
f_prInitialState();
......