Skip to content
GitLab
Explore
Sign in
TTCN-3 Libraries
LibIts
Compare revisions
ee0529068f3ecf75f6845029f10935668a70340d to 119269254ac0b6bb4a5cdef3bd64ced8502353ce
Commits on Source (1)
AtsPki validation with Gemalto
· 11926925
garciay
authored
Nov 12, 2018
11926925
Hide whitespace changes
Inline
Side-by-side
ttcn/Pki/LibItsPki_Functions.ttcn
View file @
11926925
...
@@ -55,6 +55,7 @@ module LibItsPki_Functions {
...
@@ -55,6 +55,7 @@ module LibItsPki_Functions {
import
from
LibItsPki_TypesAndValues
all
;
import
from
LibItsPki_TypesAndValues
all
;
import
from
LibItsPki_Templates
all
;
import
from
LibItsPki_Templates
all
;
import
from
LibItsPki_Pics
all
;
import
from
LibItsPki_Pics
all
;
import
from
LibItsPki_Pixits
all
;
import
from
LibItsPki_TestSystem
all
;
import
from
LibItsPki_TestSystem
all
;
group
pkiConfigurationFunctions
{
group
pkiConfigurationFunctions
{
...
@@ -85,19 +86,23 @@ module LibItsPki_Functions {
...
@@ -85,19 +86,23 @@ module LibItsPki_Functions {
* @param p_certificateId The certificate identifier the TA shall use in case of secured IUT
* @param p_certificateId The certificate identifier the TA shall use in case of secured IUT
*/
*/
function
f_cfHttpUp
(
function
f_cfHttpUp
(
in
charstring
p_certificateId
:=
"CERT_TS_A_EA"
,
// TODO Use a constant
in
charstring
p_ea_certificate_id
:=
"CERT_TS_A_EA"
,
// TODO Use a constant
in
charstring
p_ec_certificate_id
:=
"CERT_TS_A_EC"
,
in
charstring
p_peerCertificateId
:=
"CERT_IUT_A_EA"
in
charstring
p_peerCertificateId
:=
"CERT_IUT_A_EA"
)
runs
on
ItsPkiHttp
/* TITAN TODO: system ItsPkiHttpSystem */
{
)
runs
on
ItsPkiHttp
/* TITAN TODO: system ItsPkiHttpSystem */
{
map
(
self
:
httpPort
,
system
:
httpPort
);
map
(
self
:
httpPort
,
system
:
httpPort
);
f_connect4SelfOrClientSync
();
f_connect4SelfOrClientSync
();
f_initialiseSecuredMode
(
p_certificate
I
d
,
p_peerCertificateId
);
f_initialiseSecuredMode
(
p_
ea_
certificate
_i
d
,
p_peerCertificateId
);
f_readCertificate
(
p_certificateId
,
vc_eaCertificate
);
f_readCertificate
(
p_ea_certificate_id
,
vc_eaCertificate
);
f_readSigningKey
(
p_certificateId
,
vc_eaPrivateKey
);
f_readSigningKey
(
p_ea_certificate_id
,
vc_eaPrivateKey
);
f_readEncryptingKey
(
p_certificateId
,
vc_eaPrivateEncKey
);
f_readCertificate
(
p_ec_certificate_id
,
vc_ecCertificate
);
f_getCertificateDigest
(
p_certificateId
,
vc_eaHashedId8
);
f_readSigningKey
(
p_ec_certificate_id
,
vc_ecPrivateKey
);
f_readEncryptingKey
(
p_ea_certificate_id
,
vc_eaPrivateEncKey
);
f_getCertificateDigest
(
p_ea_certificate_id
,
vc_eaHashedId8
);
f_getCertificateDigest
(
p_ec_certificate_id
,
vc_ecHashedId8
);
f_readCertificate
(
p_peerCertificateId
,
vc_peerEaCertificate
);
f_readCertificate
(
p_peerCertificateId
,
vc_peerEaCertificate
);
f_getCertificateHash
(
p_peerCertificateId
,
vc_eaPeerWholeHash
);
f_getCertificateHash
(
p_peerCertificateId
,
vc_eaPeerWholeHash
);
...
@@ -280,17 +285,20 @@ module LibItsPki_Functions {
...
@@ -280,17 +285,20 @@ module LibItsPki_Functions {
group
http
{
group
http
{
function
f_http_build_inner_ec_request
(
function
f_http_build_inner_ec_request
(
out
octetstring
p_private_key
,
out
octetstring
p_private_key
,
out
octetstring
p_publicKeyCompressed
,
out
octetstring
p_publicKeyCompressed
,
out
integer
p_compressedMode
,
out
integer
p_compressedMode
,
out
Ieee1609Dot2Data
p_ieee1609dot2_signed_and_encrypted_data
,
out
Ieee1609Dot2Data
p_ieee1609dot2_signed_and_encrypted_data
,
out
Oct32
p_hash_inner_ec_request_signed_for_pop
out
Oct32
p_hash_inner_ec_request_signed_for_pop
)
runs
on
ItsPkiHttp
{
)
runs
on
ItsPkiHttp
{
var
octetstring
v_publicKeyX
;
var
octetstring
v_publicKeyX
;
var
octetstring
v_publicKeyY
var
octetstring
v_publicKeyY
var
InnerEcRequest
v_inner_ec_request
;
var
InnerEcRequest
v_inner_ec_request
;
var
Ieee1609Dot2Data
v_inner_ec_request_signed_for_pop
;
var
Ieee1609Dot2Data
v_inner_ec_request_signed_for_pop
;
var
bitstring
v_inner_ec_request_signed_for_pop_msg
;
var
bitstring
v_inner_ec_request_signed_for_pop_msg
;
var
octetstring
v_public_enc_key
;
var
integer
v_compressed_enc_key_mode
;
var
boolean
v_ret_code
;
if
(
f_generate_inner_ec_request
(
p_private_key
,
p_publicKeyCompressed
,
p_compressedMode
,
v_inner_ec_request
)
==
false
)
{
if
(
f_generate_inner_ec_request
(
p_private_key
,
p_publicKeyCompressed
,
p_compressedMode
,
v_inner_ec_request
)
==
false
)
{
log
(
"*** f_http_build_inner_ec_request: ERROR: Failed to generate InnerEcRequest ***"
);
log
(
"*** f_http_build_inner_ec_request: ERROR: Failed to generate InnerEcRequest ***"
);
...
@@ -305,7 +313,20 @@ module LibItsPki_Functions {
...
@@ -305,7 +313,20 @@ module LibItsPki_Functions {
v_inner_ec_request_signed_for_pop_msg
:=
encvalue
(
m_etsiTs102941Data_inner_ec_request_signed_for_pop
(
v_inner_ec_request_signed_for_pop
));
v_inner_ec_request_signed_for_pop_msg
:=
encvalue
(
m_etsiTs102941Data_inner_ec_request_signed_for_pop
(
v_inner_ec_request_signed_for_pop
));
// Prepare for getting the 16 most bytes of SHA256 of InnerEcRequestSignedForPop
// Prepare for getting the 16 most bytes of SHA256 of InnerEcRequestSignedForPop
p_hash_inner_ec_request_signed_for_pop
:=
f_hashWithSha256
(
bit2oct
(
v_inner_ec_request_signed_for_pop_msg
));
p_hash_inner_ec_request_signed_for_pop
:=
f_hashWithSha256
(
bit2oct
(
v_inner_ec_request_signed_for_pop_msg
));
if
(
f_build_pki_secured_message
(
vc_eaPrivateKey
,
valueof
(
m_signerIdentifier_self
),
vc_eaHashedId8
,
p_publicKeyCompressed
,
p_compressedMode
,
bit2oct
(
v_inner_ec_request_signed_for_pop_msg
),
p_ieee1609dot2_signed_and_encrypted_data
)
==
false
)
{
// Secure the Pki message
if
(
f_extract_enc_key
(
vc_eaCertificate
,
v_public_enc_key
,
v_compressed_enc_key_mode
)
==
false
)
{
log
(
"*** f_http_build_inner_ec_request: ERROR: Non canonical EA certificate ***"
);
f_selfOrClientSyncAndVerdict
(
"error"
,
e_error
);
}
log
(
"*** f_http_build_inner_ec_request: Public encryption key: "
,
v_public_enc_key
);
log
(
"*** f_http_build_inner_ec_request: Public encryption key comp: "
,
v_compressed_enc_key_mode
);
log
(
"*** f_http_build_inner_ec_request: First enrolment: "
,
PX_FIRST_ENROLMENT
);
if
(
PX_FIRST_ENROLMENT
==
true
)
{
// This is the first enrolment, we used Factory keys
v_ret_code
:=
f_build_pki_secured_message
(
PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY
,
valueof
(
m_signerIdentifier_self
),
vc_eaHashedId8
/*recipientId*/
,
v_public_enc_key
,
v_compressed_enc_key_mode
,
bit2oct
(
v_inner_ec_request_signed_for_pop_msg
),
p_ieee1609dot2_signed_and_encrypted_data
);
}
else
{
// We use last valid EC certificate
v_ret_code
:=
f_build_pki_secured_message
(
vc_ecPrivateKey
,
valueof
(
m_signerIdentifier_digest
(
vc_ecHashedId8
)),
vc_eaHashedId8
/*recipientId*/
,
v_public_enc_key
,
v_compressed_enc_key_mode
,
bit2oct
(
v_inner_ec_request_signed_for_pop_msg
),
p_ieee1609dot2_signed_and_encrypted_data
);
}
if
(
v_ret_code
==
false
)
{
log
(
"*** f_http_build_inner_ec_request: ERROR: Failed to generate InnerEcRequestSignedForPop ***"
);
log
(
"*** f_http_build_inner_ec_request: ERROR: Failed to generate InnerEcRequestSignedForPop ***"
);
f_selfOrClientSyncAndVerdict
(
"error"
,
e_error
);
f_selfOrClientSyncAndVerdict
(
"error"
,
e_error
);
}
}
...
@@ -323,6 +344,9 @@ module LibItsPki_Functions {
...
@@ -323,6 +344,9 @@ module LibItsPki_Functions {
)
runs
on
ItsPkiHttp
{
)
runs
on
ItsPkiHttp
{
var
InnerEcRequest
v_inner_ec_request
;
var
InnerEcRequest
v_inner_ec_request
;
var
Ieee1609Dot2Data
v_inner_ec_request_signed_for_pop
;
var
Ieee1609Dot2Data
v_inner_ec_request_signed_for_pop
;
var
octetstring
v_public_enc_key
;
var
integer
v_compressed_enc_key_mode
;
var
boolean
v_ret_code
;
if
(
f_generate_inner_ec_request
(
p_private_key
,
p_publicKeyCompressed
,
p_compressedMode
,
v_inner_ec_request
)
==
false
)
{
if
(
f_generate_inner_ec_request
(
p_private_key
,
p_publicKeyCompressed
,
p_compressedMode
,
v_inner_ec_request
)
==
false
)
{
log
(
"*** f_http_build_invalid_enrolment_request: ERROR: Failed to generate InnerEcRequest ***"
);
log
(
"*** f_http_build_invalid_enrolment_request: ERROR: Failed to generate InnerEcRequest ***"
);
...
@@ -336,7 +360,19 @@ module LibItsPki_Functions {
...
@@ -336,7 +360,19 @@ module LibItsPki_Functions {
// Secure InnerEcRequestSignedForPoP message
// Secure InnerEcRequestSignedForPoP message
// Get 16 last byte of SHA256 of InnerEcRequestSignedForPop
// Get 16 last byte of SHA256 of InnerEcRequestSignedForPop
p_hash_inner_ec_request_signed_for_pop
:=
f_hashWithSha256
(
int2oct
(
12345
,
32
));
// Invalid InnseEcRequestSignedForPop
p_hash_inner_ec_request_signed_for_pop
:=
f_hashWithSha256
(
int2oct
(
12345
,
32
));
// Invalid InnseEcRequestSignedForPop
if
(
f_build_pki_secured_message
(
vc_eaPrivateKey
,
valueof
(
m_signerIdentifier_self
),
vc_eaHashedId8
,
p_publicKeyCompressed
,
p_compressedMode
,
bit2oct
(
encvalue
(
m_etsiTs102941Data_inner_ec_request_signed_for_pop
(
v_inner_ec_request_signed_for_pop
))),
p_ieee1609dot2_signed_and_encrypted_data
)
==
false
)
{
// Secure the Pki message
if
(
f_extract_enc_key
(
vc_eaCertificate
,
v_public_enc_key
,
v_compressed_enc_key_mode
)
==
false
)
{
log
(
"*** f_http_build_inner_ec_request: ERROR: Non canonical EA certificate ***"
);
f_selfOrClientSyncAndVerdict
(
"error"
,
e_error
);
}
log
(
"*** f_http_build_inner_ec_request: Public encryption key: "
,
v_public_enc_key
);
log
(
"*** f_http_build_inner_ec_request: Public encryption key comp: "
,
v_compressed_enc_key_mode
);
if
(
PX_FIRST_ENROLMENT
==
true
)
{
// This is the first enrolment, we used Factory keys
v_ret_code
:=
f_build_pki_secured_message
(
PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY
,
valueof
(
m_signerIdentifier_self
),
vc_eaHashedId8
/*recipientId*/
,
v_public_enc_key
,
v_compressed_enc_key_mode
,
bit2oct
(
encvalue
(
m_etsiTs102941Data_inner_ec_request_signed_for_pop
(
v_inner_ec_request_signed_for_pop
))),
p_ieee1609dot2_signed_and_encrypted_data
);
}
else
{
// We use last valid EC certificate
v_ret_code
:=
f_build_pki_secured_message
(
vc_ecPrivateKey
,
valueof
(
m_signerIdentifier_digest
(
vc_ecHashedId8
)),
vc_eaHashedId8
/*recipientId*/
,
v_public_enc_key
,
v_compressed_enc_key_mode
,
bit2oct
(
encvalue
(
m_etsiTs102941Data_inner_ec_request_signed_for_pop
(
v_inner_ec_request_signed_for_pop
))),
p_ieee1609dot2_signed_and_encrypted_data
);
}
if
(
v_ret_code
==
false
)
{
log
(
"*** f_http_build_invalid_enrolment_request: ERROR: Failed to generate InnerEcRequestSignedForPop ***"
);
log
(
"*** f_http_build_invalid_enrolment_request: ERROR: Failed to generate InnerEcRequestSignedForPop ***"
);
f_selfOrClientSyncAndVerdict
(
"error"
,
e_error
);
f_selfOrClientSyncAndVerdict
(
"error"
,
e_error
);
}
}
...
@@ -363,16 +399,32 @@ module LibItsPki_Functions {
...
@@ -363,16 +399,32 @@ module LibItsPki_Functions {
// Local variables
// Local variables
var
AuthorizationValidationRequest
v_authorization_validation_request
;
var
AuthorizationValidationRequest
v_authorization_validation_request
;
var
bitstring
v_authorization_validation_request_msg
;
var
bitstring
v_authorization_validation_request_msg
;
var
octetstring
v_public_enc_key
;
var
integer
v_compressed_enc_key_mode
;
if
(
f_generate_authorization_validation_request
(
vc_eaCertificate
,
vc_eaHashedId8
,
p_private_key
,
p_publicKeyCompressed
,
p_compressedMode
,
v_authorization_validation_request
)
==
false
)
{
if
(
f_generate_authorization_validation_request
(
vc_eaCertificate
,
vc_eaHashedId8
,
p_private_key
,
p_publicKeyCompressed
,
p_compressedMode
,
v_authorization_validation_request
)
==
false
)
{
log
(
"*** f_http_build_authorization_validation_request: ERROR: Failed to generate AuthorizationValidationRequest ***"
);
log
(
"*** f_http_build_authorization_validation_request: ERROR: Failed to generate AuthorizationValidationRequest ***"
);
f_selfOrClientSyncAndVerdict
(
"error"
,
e_error
);
f_selfOrClientSyncAndVerdict
(
"error"
,
e_error
);
}
}
// Secure the Pki message
if
(
f_
build_pki_secured_message
(
vc_eaPrivateKey
,
valueof
(
m_signerIdentifier_self
),
vc_eaHashedId8
,
p
_public
KeyCompressed
,
p
_compressed
Mode
,
bit2oct
(
encvalue
(
m_etsiTs102941Data_authorization_validation_request
(
v_authorization_validation_request
))),
p_ieee1609dot2_signed_and_encrypted_data
)
==
false
)
{
if
(
f_
extract_enc_key
(
vc_eaCertificate
,
v
_public
_enc_key
,
v
_compressed
_enc_key_mode
)
==
false
)
{
log
(
"*** f_http_build_
authorization_validation_request: ERROR: Failed to generate InnerEcRequestSignedForPop
***"
);
log
(
"*** f_http_build_
inner_ec_request: ERROR: Non canonical EA certificate
***"
);
f_selfOrClientSyncAndVerdict
(
"error"
,
e_error
);
f_selfOrClientSyncAndVerdict
(
"error"
,
e_error
);
}
}
log
(
"*** f_http_build_authorization_validation_request: Public encryption key: "
,
v_public_enc_key
);
log
(
"*** f_http_build_authorization_validation_request: Public encryption key comp: "
,
v_compressed_enc_key_mode
);
/**
TODO: Load certificate according to the IUT role
==> a complete fucntion which set up the TestSustem certificate,keyy... according to the IUT role
**/
log
(
"*** f_http_build_inner_ec_request: ERROR: Need to add TestSystem variable vc_aa ***"
);
f_selfOrClientSyncAndVerdict
(
"error"
,
e_error
);
/* if (f_build_pki_secured_message(vc_aaPrivateKey, valueof(m_signerIdentifier_digest(vc_aaHashedId8)), vc_eaHashedId8/\*recipientId*\/, v_public_enc_key, v_compressed_enc_key_mode, bit2oct(encvalue(m_etsiTs102941Data_authorization_validation_request(v_authorization_validation_request))), p_ieee1609dot2_signed_and_encrypted_data) == false) { */
/* log("*** f_http_build_authorization_validation_request: ERROR: Failed to generate InnerEcRequestSignedForPop ***"); */
/* f_selfOrClientSyncAndVerdict("error", e_error); */
/* } */
log
(
"*** f_http_build_authorization_validation_request: DEBUG: p_ieee1609dot2_signed_and_encrypted_data = "
,
p_ieee1609dot2_signed_and_encrypted_data
);
log
(
"*** f_http_build_authorization_validation_request: DEBUG: p_ieee1609dot2_signed_and_encrypted_data = "
,
p_ieee1609dot2_signed_and_encrypted_data
);
}
// End of function f_http_build_authorization_validation_request
}
// End of function f_http_build_authorization_validation_request
...
@@ -1127,6 +1179,45 @@ module LibItsPki_Functions {
...
@@ -1127,6 +1179,45 @@ module LibItsPki_Functions {
}
// End of function f_verify_aa_certificate
}
// End of function f_verify_aa_certificate
}
// End of group inner_ec_xxx
}
// End of group inner_ec_xxx
group
security_function
{
// TODO To be moved in LibItsSecurity_Function module
function
f_extract_enc_key
(
in
Certificate
p_certificate
,
out
octetstring
p_public_enc_key
,
out
integer
p_compressed_enc_key_mode
)
return
boolean
{
if
(
ischosen
(
p_certificate
.
toBeSigned
.
encryptionKey
.
publicKey
.
eciesNistP256
))
{
if
(
ischosen
(
p_certificate
.
toBeSigned
.
encryptionKey
.
publicKey
.
eciesNistP256
.
compressed_y_0
))
{
p_public_enc_key
:=
p_certificate
.
toBeSigned
.
encryptionKey
.
publicKey
.
eciesNistP256
.
compressed_y_0
;
p_compressed_enc_key_mode
:=
0
;
}
else
if
(
ischosen
(
p_certificate
.
toBeSigned
.
encryptionKey
.
publicKey
.
eciesNistP256
.
compressed_y_1
))
{
p_public_enc_key
:=
p_certificate
.
toBeSigned
.
encryptionKey
.
publicKey
.
eciesNistP256
.
compressed_y_1
;
p_compressed_enc_key_mode
:=
1
;
}
else
{
log
(
"f_extract_enc_key: Non canonical EA certificate"
);
return
false
;
}
}
else
if
(
ischosen
(
p_certificate
.
toBeSigned
.
encryptionKey
.
publicKey
.
eciesBrainpoolP256r1
))
{
if
(
ischosen
(
p_certificate
.
toBeSigned
.
encryptionKey
.
publicKey
.
eciesBrainpoolP256r1
.
compressed_y_0
))
{
p_public_enc_key
:=
p_certificate
.
toBeSigned
.
encryptionKey
.
publicKey
.
eciesBrainpoolP256r1
.
compressed_y_0
;
p_compressed_enc_key_mode
:=
0
;
}
else
if
(
ischosen
(
p_certificate
.
toBeSigned
.
encryptionKey
.
publicKey
.
eciesBrainpoolP256r1
.
compressed_y_1
))
{
p_public_enc_key
:=
p_certificate
.
toBeSigned
.
encryptionKey
.
publicKey
.
eciesBrainpoolP256r1
.
compressed_y_1
;
p_compressed_enc_key_mode
:=
0
;
}
else
{
log
(
"f_extract_enc_key: Non canonical EA certificate"
);
return
false
;
}
}
else
{
log
(
"f_extract_enc_key: Invalid EA certificate"
);
return
false
;
}
return
true
;
}
// End of function f_extract_enc_key
}
// End of group security_function
group
altstes
{
group
altstes
{
...
...
ttcn/Pki/LibItsPki_Pics.ttcn
View file @
11926925
...
@@ -50,9 +50,69 @@ module LibItsPki_Pics {
...
@@ -50,9 +50,69 @@ module LibItsPki_Pics {
*/
*/
modulepar
charstring
PICS_HTTP_GET_URI
:=
"/its/inner_ec_request"
;
modulepar
charstring
PICS_HTTP_GET_URI
:=
"/its/inner_ec_request"
;
/**
* @desc Factory private key for verification Nist P256
*/
modulepar
octetstring
PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY
:=
'
5
C25F97607DFC62972A147FAD8B7A7C939569F0F95ECD4C641724A68B51836E5
'
O
;
/**
* @desc Factory compressed public key for verification Nist P256
*/
modulepar
octetstring
PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY
:=
'
020144
E5174B0AFDA86BDB8B643B68D40030F5BDB9A9F090C64852CC3C20C9D5AD
'
O
;
/**
* @desc Factory private key for encryption Nist P256
*/
modulepar
octetstring
PICS_ITS_S_ENC_NITSP256_PRIVATE_KEY
:=
'
EDEBEADCAA9514CD4B30256126FB7DF958B911C6EB58CCF702983C3DCD3DECBD
'
O
;
/**
* @desc Factory compressed public key for encryption Nist P256
*/
modulepar
octetstring
PICS_ITS_S_ENC_NISTP256_PUBLIC_KEY
:=
'
023
A4ADDCDD5EE66DAB2116B0C3AB47CCEDAE92CD9ACE98A84B10EB63A9DCA798C
'
O
;
/**
* @desc Factory private key for encryption Brainpool P256 r1
*/
modulepar
octetstring
PICS_ITS_S_ENC_BRAINPOOLP256r1_PRIVATE_KEY
:=
'
9
F155D40B6C920BA45D8027093C8ADADAF3AA6F9F71F0CC0F8279FF0146A8A48
'
O
;
/**
* @desc Factory compressed public key for encryption Brainpool P256 r1
*/
modulepar
octetstring
PICS_ITS_S_ENC_BRAINPOOLP256r1_PUBLIC_KEY
:=
'
038602
F468BD334EA4D2BA416295E204D58BD1F42C85FB9BE57237C74544F6A69A
'
O
;
/**
* @desc Factory private key for verification Brainpool P256 r1
*/
modulepar
octetstring
PICS_ITS_S_SIGN_BRAINPOOLP256r1_PRIVATE_KEY
:=
'
6
D585B716D06F75EC2B8A8ADEBFCE6ED35B0640C2AFBFF25FE48FC81A6732D4F
'
O
;
/**
* @desc Factory compressed public key for verification Brainpool P256 r1
*/
modulepar
octetstring
PICS_ITS_S_SIGN_BRAINPOOLP256r1_PUBLIC_KEY
:=
'
02
A92BA3B770B040B8D958D5BD2CC9B537212D6963F50EA3E4784FEFA5D0454C12
'
O
;
/**
* @desc Factory private key for encryption Brainpool P384 r1
*/
modulepar
octetstring
PICS_ITS_S_ENC_BRAINPOOLP384r1_PRIVATE_KEY
:=
'
6
B4B4392511B252C904801466F5DA0A7F28E038E6656800CBB0CDCB3D32F862CA4D59CBDC1A19E98E9191582AF1DB3D7
'
O
;
/**
* @desc Factory compressed public key for encryption Brainpool P384 r1
*/
modulepar
octetstring
PICS_ITS_S_ENC_BRAINPOOLP384r1_PUBLIC_KEY
:=
'
027
BB3104998F30B86B0C7C6CC9BFAECA7F7E99E8CE575D07B550028CCB15E1C95581B9B8520D40A35256021DDA63B785C
'
O
;
/**
* @desc Factory private key for verification Brainpool P384 r1
*/
modulepar
octetstring
PICS_ITS_S_SIGN_BRAINPOOLP384r1_PRIVATE_KEY
:=
'
3
CD977195A579787C84D5900F4CB6341E0C3D2750B140C5380E6F03CE3FBA0022F7541DEABDCED4790D313ED8F56ACA8
'
O
;
/**
* @desc Factory compressed public key for verification Brainpool P384 r1
*/
modulepar
octetstring
PICS_ITS_S_SIGN_BRAINPOOLP384r1_PUBLIC_KEY
:=
'
0243
FF5C96984C2C3F5FD5C5F6551C90F5FAEE1E5E8301763E4AF1E9D627F3474E554B82EE98EC4B49808DFF61B35F8313
'
O
;
/**
/**
* @desc Canonical ITSS-S identifier
* @desc Canonical ITSS-S identifier
*/
*/
modulepar
charstring
PICS_ITS_S_CANONICAL_ID
:=
"
CanonicalItsId
"
;
modulepar
charstring
PICS_ITS_S_CANONICAL_ID
:=
"
1B4CA1210123AE900BBE6C3EBAE7E87DA20DBDAB1E7B2EC0691C51C1021900AA
"
;
}
// End of module LibItsPki_Pics
}
// End of module LibItsPki_Pics
ttcn/Pki/LibItsPki_Pixits.ttcn
View file @
11926925
module
LibItsPki_Pixits
{
module
LibItsPki_Pixits
{
modulepar
boolean
PX_FIRST_ENROLMENT
:=
true
;
}
// End of module LibItsPki_Pixits
}
// End of module LibItsPki_Pixits
ttcn/Pki/LibItsPki_TestSystem.ttcn
View file @
11926925
...
@@ -46,7 +46,7 @@ module LibItsPki_TestSystem {
...
@@ -46,7 +46,7 @@ module LibItsPki_TestSystem {
/**
/**
* @desc Adapter control port
* @desc Adapter control port
*/
*/
type
port
AdapterControlPort
message
{
type
port
AdapterControlP
kiP
ort
message
{
out
AcPkiPrimitive
;
out
AcPkiPrimitive
;
in
AcPkiResponse
;
in
AcPkiResponse
;
}
// End of AdapterControlPort
}
// End of AdapterControlPort
...
@@ -54,7 +54,7 @@ module LibItsPki_TestSystem {
...
@@ -54,7 +54,7 @@ module LibItsPki_TestSystem {
/**
/**
* @desc Upper Tester port
* @desc Upper Tester port
*/
*/
type
port
UpperTesterPort
message
{
type
port
UpperTesterP
kiP
ort
message
{
out
UtPkiInitialize
,
UtPkiTrigger
;
out
UtPkiInitialize
,
UtPkiTrigger
;
in
UtPkiResults
;
in
UtPkiResults
;
}
// End of UpperTesterPort
}
// End of UpperTesterPort
...
@@ -72,7 +72,7 @@ module LibItsPki_TestSystem {
...
@@ -72,7 +72,7 @@ module LibItsPki_TestSystem {
group
componentDefinitions
{
group
componentDefinitions
{
type
component
ItsPkiSystem
{
type
component
ItsPkiSystem
{
port
AdapterControlPort
acPort
;
port
AdapterControlP
kiP
ort
acPort
;
port
PkiPort
pkiPort
;
port
PkiPort
pkiPort
;
}
// End of component ItsPkiSystem
}
// End of component ItsPkiSystem
...
@@ -80,14 +80,14 @@ module LibItsPki_TestSystem {
...
@@ -80,14 +80,14 @@ module LibItsPki_TestSystem {
}
// End of component ItsPkiHttpSystem
}
// End of component ItsPkiHttpSystem
type
component
ItsPkiItssSystem
extends
ItsPkiSystem
{
type
component
ItsPkiItssSystem
extends
ItsPkiSystem
{
port
UpperTesterPort
utPort
;
port
UpperTesterP
kiP
ort
utPort
;
port
GeoNetworkingPort
geoNetworkingPort
;
port
GeoNetworkingPort
geoNetworkingPort
;
}
// End of component ItsPkiItssSystem
}
// End of component ItsPkiItssSystem
}
// End of group componentDefinitions
}
// End of group componentDefinitions
type
component
ItsPki
extends
ItsSecurityBaseComponent
,
ItsBaseMtc
{
type
component
ItsPki
extends
ItsSecurityBaseComponent
,
ItsBaseMtc
{
port
AdapterControlPort
acPort
;
port
AdapterControlP
kiP
ort
acPort
;
port
PkiPort
pkiPort
;
port
PkiPort
pkiPort
;
var
Certificate
vc_eaCertificate
;
/** Test Adapter EA certificate */
var
Certificate
vc_eaCertificate
;
/** Test Adapter EA certificate */
...
@@ -97,14 +97,17 @@ module LibItsPki_TestSystem {
...
@@ -97,14 +97,17 @@ module LibItsPki_TestSystem {
type
component
ItsPkiHttp
extends
ItsSecurityBaseComponent
,
HttpComponent
{
type
component
ItsPkiHttp
extends
ItsSecurityBaseComponent
,
HttpComponent
{
var
Certificate
vc_eaCertificate
;
/** Test Adapter EA certificate */
var
Certificate
vc_eaCertificate
;
/** Test Adapter EA certificate */
var
octetstring
vc_eaPrivateKey
;
/** Test Adapter EA private key for signature */
var
octetstring
vc_eaPrivateKey
;
/** Test Adapter EA private key for signature */
var
Certificate
vc_ecCertificate
;
/** Test Adapter EC certificate */
var
octetstring
vc_ecPrivateKey
;
/** Test Adapter EC private key for signature */
var
octetstring
vc_eaPrivateEncKey
;
/** Test Adapter EA private key for encryption */
var
octetstring
vc_eaPrivateEncKey
;
/** Test Adapter EA private key for encryption */
var
HashedId8
vc_eaHashedId8
;
/** Test Adapter EA HashedId8 for decryption of IUT's response */
var
HashedId8
vc_eaHashedId8
;
/** Test Adapter EA HashedId8 for decryption of IUT's response */
var
HashedId8
vc_ecHashedId8
;
/** Test Adapter EC HashedId8 for decryption of IUT's response */
var
Certificate
vc_peerEaCertificate
;
/** IUT EA certificate for signature check */
var
Certificate
vc_peerEaCertificate
;
/** IUT EA certificate for signature check */
var
octetstring
vc_eaPeerWholeHash
;
/** IUT EA whole-hash for signature check */
var
octetstring
vc_eaPeerWholeHash
;
/** IUT EA whole-hash for signature check */
}
// End of component ItsPki
}
// End of component ItsPki
type
component
ItsPkiItss
extends
ItsPki
{
type
component
ItsPkiItss
extends
ItsPki
{
port
UpperTesterPort
utPort
;
port
UpperTesterP
kiP
ort
utPort
;
port
GeoNetworkingPort
geoNetworkingPort
;
port
GeoNetworkingPort
geoNetworkingPort
;
}
// End of component ItsPkiItss
}
// End of component ItsPkiItss
...
...