/** * @author ETSI / STF481 * @version $URL$ * $Id$ * @desc Module containing types and values for Security Protocol * */ module LibItsSecurity_TypesAndValues { // LibCommon import from LibCommon_BasicTypesAndValues { type UInt8, UInt16, UInt32, UInt64, Int32 } import from LibCommon_DataStrings { type Oct2, Oct3, Oct8, Oct12, Oct1to255 } // LibIts import from CAM_PDU_Descriptions language "ASN.1:1997" { type CAM } import from DENM_PDU_Descriptions language "ASN.1:1997" { type DENM } group basicFormatElements { /** * @desc List of supported algorithms based on public key cryptography * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.2 PublicKeyAlgorithm */ type enumerated PublicKeyAlgorithm { e_ecdsa_nistp256_with_sha256 (0), e_ecies_nistp256 (1) } with { variant "unsigned 8 bit" } /** * @desc List of supported algorithms based on symmetric key cryptography * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.3 SymmetricAlgorithm */ type enumerated SymmetricAlgorithm { e_aes_128_ccm (0), e_unknown (255) } with { variant "unsigned 8 bit" } /** * @desc Wrapper for public keys by specifying the used algorithm * @member algorithm Specifying the used algorithm * @member public_key The public key structure * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.4 PublicKey */ type record PublicKey { PublicKeyAlgorithm algorithm, PublicKeyContainer public_key } // End of type PublicKey /** * @desc Information regarding ECC contained in an EccPoint structure * @member supported_symm_alg The symmetric key algorithm * @member public_key The EccPoint used in the PublicKey */ type record PublicKeyDesc { SymmetricAlgorithm supported_symm_alg, EccPoint public_key } // End of type PublicKeyDesc /** * @desc Information regarding ECC contained in an EccPoint structure * @member eccPoint Specific details regarding ECC contained in an EccPoint structure * @member ecies_nistp256 Specific details regarding ECC contained in an EccPoint structure * @member other_key Out of scope */ type union PublicKeyContainer { EccPoint eccPoint, PublicKeyDesc ecies_nistp256, octetstring other_key } // End of type PublicKeyContainer /** * @desc Defines public key based on elliptic curve cryptography * @member algorithm Specifying the used algorithm * @member field_size The lengths of the vectors containing the raw keys * @member type_ The ECC key types * @member x The x coordinate * @member y * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.5 EccPoint */ type record EccPoint { PublicKeyAlgorithm algorithm, UInt8 field_size, EccPointType type_, octetstring x, EccPointContainer y optional } // End of type EccPoint /** * @desc Defines a public key based on elliptic curve cryptography * @member y The y coordinate * @member data Out of scope */ type union EccPointContainer { octetstring y, octetstring data } // End of type EccPointContainer /** * @desc List of supported ECC key types * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.6 EccPointType */ type enumerated EccPointType { e_x_coordinate_only (0), e_compressed_lsb_y_0 (2), e_compressed_lsb_y_1 (3), e_uncompressed (4), e_unknown (255) } with { variant "unsigned 8 bit" } /** * @desc Parameters and additional data required for encryption and decryption of data using different symmetric encryption algorithms * @member symm_algorithm The symmetric algorithm that shall be used with a public key for encryption * @member public_key The public key for encryption * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.7 EncryptionParameters */ type record EncryptionParameters { SymmetricAlgorithm symm_algorithm, EncryptionParametersContainer public_key } // End of type EncryptionParameters /** * @desc * @member nonce Data encryption with the Advanced Encryption Standard (AES) using a 128-bit key in Counter with cipher block chaining message authentication code (CCM) mode * @member params Out of scope */ type union EncryptionParametersContainer { Oct12 nonce, octetstring params } // End of type EncryptionParametersContainer /** * @desc Signatures based on public key cryptography * @member algorithm Algorithm type * @member signature_ The signature * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.7 EncryptionParameters */ type record Signature { PublicKeyAlgorithm algorithm, SignatureContainer signature_ } // End of type Signature /** * @desc * @member algorithm The ECDSA based signature * @member signature_ Out of scope */ type union SignatureContainer { EcdsaSignature ecdsa_signature, octetstring signature_ } // End of type SignatureContainer /** * @desc Description an ECDSA based signature * @member algorithm * @member field_size The 's' field length derived from the applied ECDSA algorithm * @member r Coordinate of the elliptic curve point resulting from multiplying the generator element by the ephemeral private key * @member s * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.10 EcdsaSignature */ type record EcdsaSignature { PublicKeyAlgorithm algorithm, UInt8 field_size, EccPoint r, octetstring s } // End of type EcdsaSignature /** * @desc Information about the signer of a message * @member type_ Signature algorithm type * @member signerInfo Signature algorithm information. In case of self-signed, this field is not required because of no additional data shall be given * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.11 SignerInfo */ type record SignerInfo { SignerInfoType type_, SignerInfoContainer signerInfo optional } // End of type SignerInfo /** * @desc * @member digest The digest value * @member certificate A certificate * @member certificates A complete certificate chain * @member certificateWithAlgo TODO * @member info TODO */ type union SignerInfoContainer { HashedId8 digest, Certificate certificate, CertificateChain certificates, CertificateWithAlgo certificateWithAlgo, octetstring info } // End of type SignerInfoContainer /** * @desc * @member algorithm The public key algorithm * @member digest The digest value */ type record CertificateWithAlgo { PublicKeyAlgorithm algorithm, HashedId8 digest } // End of type CertificateWithAlgo /** * @desc The list of the methods to describe a message's signer * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.12 SignerInfoType */ type enumerated SignerInfoType { e_self (0), e_certificate_digest_with_ecdsap256 (1), e_certificate (2), e_certificate_chain (3), e_certificate_digest_with_other_algorithm (4), e_unknow (255) } // End of type SignerInfoContainer /** * @desc Indication on an identifier, where real identification is not required * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.14 HashedId3 * @see RFC2246 Clause 4.2. Miscellaneous */ type Oct3 HashedId3; /** * @desc Identifies data such as a certificate * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.13 HashedId8 * @see RFC2246 Clause 4.2. Miscellaneous */ type Oct8 HashedId8; /** * @desc The unsigned 32 bits number of International Atomic Time (TAI) microseconds since 00:00:00 UTC, 01 January 2004 * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.16 Time64 */ type UInt32 Time32; /** * @desc The unsigned 64 bits number of International Atomic Time (TAI) microseconds since 00:00:00 UTC, 01 January 2004 * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.16 Time64 */ type UInt64 Time64; /** * @desc The time along with the standard deviation of time values * @member time The time being encoded * @member log_std_dev The rounded up value of the log to the base 1,134666 of the implementation's estimate of the standard deviation in units of nanoseconds * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.17 Time64WithStandardDeviation */ type record Time64WithStandardDeviation { Time64 time, UInt8 log_std_dev } // End of type Time64WithStandardDeviation /** * @desc Specify a two dimensional location * @member latitude Latitude in tenths of micro degrees relative to the World Geodetic System (WGS)-84 datum * @member longitude Longitude in tenths of micro degrees relative to the World Geodetic System (WGS)-84 datum * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.19 TwoDLocation */ type record TwoDLocation { Int32 latitude, Int32 longitude } // End of type TwoDLocation /** * @desc Specify a two dimensional location * @member latitude Latitude in tenths of micro degrees relative to the World Geodetic System (WGS)-84 datum * @member longitude Longitude in tenths of micro degrees relative to the World Geodetic System (WGS)-84 datum * @member elevation Elevation relative to the WGS-84 ellipsoid in decimetres * @see Draft ETSI TS 103 097 V1.1.6 Clause 4.2.20 ThreeDLocation */ type record ThreeDLocation { Int32 latitude, Int32 longitude, Oct2 elevation } // End of type ThreeDLocation } // End of group basicFormatElements group SecurityMessages { /** * @desc Generic secured message description * @member protocol_version The applied protocol version * @member security_profile The security profile for this secured message * @member header_fields Multiple information fields of interest to the security layer * @member payload_fields The message's payload * @member trailer_fields Security information after the payload * * @see Draft ETSI TS 103 097 V1.1.6 Clause 5.1 SecuredMessage */ type record SecuredMessage { UInt8 protocol_version, UInt8 security_profile, HeaderFields header_fields, Payload payload_fields, TrailerFields trailer_fields } // End of type SecuredMessage type set of HeaderField HeaderFields; type record HeaderField { HeaderFieldType type_, HeaderFieldContainer headerField } // End of type HeaderField /** * @desc Supported types of header fields */ type enumerated HeaderFieldType { e_generation_time (0), e_generation_time_standard_deviation (1), e_expiration (2), e_generation_location (3), e_request_unrecognized_certificate (4), e_message_type (5), e_signer_info (128), e_recipient_info (129), e_encryption_parameters (130), e_unknown (255) } with { variant "unsigned 8 bit" } type union HeaderFieldContainer { Time64 generation_time, Time64WithStandardDeviation generation_time_with_standard_deviation, Time32 expiry_time, ThreeDLocation generation_location, HashedId3 digests, UInt16 message_type, SignerInfo signer, RecipientInfo recipient, EncryptionParameters enc_params, octetstring other_header } // End of type HeaderFieldContainer /** * @desc Payload structure * @member type_ Payload type * @member payload Payload data * * @see Draft ETSI TS 103 097 V1.1.6 Clause 5.2 Payload */ type record Payload { PayloadType type_, PayloadContainer payload } // End of type Payload /** * @desc Payload data container * @member camPayload CAM message * @member denmPayload DENM message * @member rawPayload Other message * * @see Draft ETSI TS 103 097 V1.1.6 Clause 5.2 Payload */ type union PayloadContainer { CAM camPayload, DENM denmPayload, octetstring rawPayload } // End of type PayloadContainer /** * @desc Supported types of payloads * * @see Draft ETSI TS 103 097 V1.1.6 Clause 5.3 Payload */ type enumerated PayloadType { e_unsecured (0), e_signed (1), e_encrypted (2), e_signed_external (3), e_signed_and_encrypted (4), e_unknown (255) } with { variant "unsigned 8 bit" } type set of TrailerField TrailerFields; /** * @desc Information used by the security layer after processing the payload * @see Draft ETSI TS 103 097 V1.1.6 Clause 5.6 TrailerField */ type record TrailerField { TrailerFieldType type_, TrailerFieldContainer trailerField } // End of type TrailerField /** * @desc * @member signature_ The signature of the payload * @member security_field Out of scope */ type union TrailerFieldContainer { Signature signature_, octetstring security_field } // End of type TrailerFieldContainer /** * @desc Supported types of trailer fields * @see Draft ETSI TS 103 097 V1.1.6 Clause 5.7 TrailerFieldType */ type enumerated TrailerFieldType { e_signature (1), e_unknown (255) } with { variant "unsigned 8 bit" } // FIXME To be fixed type octetstring RecipientInfo; } // End of group SecurityMessages group certificateSpecification { /** * @desc Certificate description * @member version The certificate's version. Shall be set to 2 * @member signer_info The certificate's signer * @member subject_info Information on the certificate's subject * @member subject_attributes The certificate's subject * @member validity_restrictions Restrictions regarding the certificate's validity * @member signature_ The signature of this certificate signed by the responsible CA * @see Draft ETSI TS 103 097 V1.1.6 Clause 6.1 Certificate */ type record Certificate { UInt8 version, SignerInfos signer_info, SubjectInfo subject_info, // SubjectAttributes subject_attributes, // ValidityRestrictions validity_restrictions, Signature signature_ } // End of type Certificate type set of SignerInfo SignerInfos; /** * @desc Certificate description * @member subject_type * @member subject_name * @see Draft ETSI TS 103 097 V1.1.6 Clause 6.2 SubjectInfo */ type record SubjectInfo { SubjectType subject_type, Oct1to255 subject_name } // End of type SubjectInfo /** * @desc The list of the possible types of subjects * @see Draft ETSI TS 103 097 V1.1.6 Clause 6.3 SubjectInfoType */ type enumerated SubjectType { e_enrollment_credential (0), e_authorization_ticket (1), e_authorization_authority (2), e_enrollment_authority (3), e_root_ca (4), e_crl_signer (5), e_unknown (255) } with { variant "unsigned 8 bit" } // type set of SubjectAttribute SubjectAttributes; // // type set of ValidityRestriction ValidityRestrictions; // type set of Certificate CertificateChain; } // End of group certificateSpecification } with { encode "LibItsSecurity" } // End of module LibItsSecurity_TypesAndValues