Skip to content
GitLab
Projects
Groups
Topics
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
SET - Secure Elements Technologies
ETSI TS 103 834 Part 2
Compare revisions
f7c2162c69f4aa22181eaf0d5916de435a40b09c...d72b0cda643604f39ca4428db07769443c7a0a6a
Commits (2)
initial commit
· 91a4cfa3
Alain Rhelimi
authored
Oct 19, 2022
91a4cfa3
Merge branch 'master' into 'main'
· d72b0cda
Alain Rhelimi
authored
Oct 19, 2022
initial commit See merge request
!1
d72b0cda
Hide whitespace changes
Inline
Side-by-side
README.md
0 → 100644
View file @
d72b0cda
# Draft TS 103 834 Part 2: Test Specification, SSP Test Tool Interface
## Licensing information
See LICENSE.
\ No newline at end of file
asn1/TS103834-2.asn
0 → 100644
View file @
d72b0cda
TTITestsDefinitions { itu-t (0) identified-organization (4) etsi (0) smart-secure-platform (3834) part1 (2) }
DEFINITIONS
AUTOMATIC TAGS
EXTENSIBILITY IMPLIED ::=
BEGIN
EXPORTS ALL;
/* Imports */
IMPORTS
AccessMode,
UUID,
SessionID,
AccessorRights,
AccessControl,
AccessorConditionsPIN,
AccessorConditions,
AAS-CONTROL-SERVICE-GATE-Commands,
AAS-CONTROL-SERVICE-GATE-Responses,
TTI-CONTROL-SERVICE-GATE-Commands,
TTI-CONTROL-SERVICE-GATE-Responses,
Certificate,
AuthenticationToken,
Version
FROM SSPDefinitions
ECDSA-Sig-Value,
id-ecPublicKey
FROM PKIX1Algorithms88;
eTTI-ID-CS UUID::='09560B78BED958B9A5FF6CAA8384D556'H -- ETSI TTI Control Service identifier
-- urn:etsi.org:asn.1:accessor:tti
eTTI-ACC UUID::='0F26EB7CEF785F8E84FCB64C9284638E'H
eTTI-ACC-ROOT UUID::='DD61116FF0DD57F48A4F52EE70276F24'H
eAS-ID-ASS-GateID_1 UUID::='AAAAAAAABBBBCCCCDDDDEEEEEEEEEEEE'H
eAS-ID-ASS-GateID_2 UUID::='AAAAAAAABBBBCCCCDDDDEEEEEEEEEEEA'H
eAS-Challenge UUID::='BA64E9EE888952F4891DA79401758FF4'H
-- urn:etsi.org:test:firmware-01
eTTI-FFI UUID::='FC4B3800094D523A9A5AD2E9FDFBCEEC'H
--eAASAccessRight-RequiresSecurePipe AccessorRights ::= { eRight-Bit1 }
--eAASAccessRight-Create AccessorRights ::= { eRight-Bit2 }
--eAASAccessRight-Delete AccessorRights ::= { eRight-Bit3 }
--eAASAccessRight-Update AccessorRights ::= { eRight-Bit4 }
--eAASAccessRight-UpdateACL AccessorRights ::= { eRight-Bit5 }
--eAASAccessRight-UpdateGroup AccessorRights ::= { eRight-Bit6 }
--eAASAccessRight-UpdateCredentialPolicy AccessorRights ::= { eRight-Bit7 }
--eAASAccessRight-UpdateCredentialStatus AccessorRights ::= { eRight-Bit8 }
-- The root accessor has all accessor rights
eTTI-ACL-ROOT AccessorRights ::= {
--eAASAccessRight-RequiresSecurePipe-- eRight-Bit1,
--eAASAccessRight-Create AccessorRights-- eRight-Bit2,
--eAASAccessRight-Delete-- eRight-Bit3,
--eAASAccessRight-Update AccessorRights-- eRight-Bit4,
--eAASAccessRight-UpdateACL-- eRight-Bit5,
--eAASAccessRight-UpdateGroup-- eRight-Bit6,
--eAASAccessRight-UpdateCredentialPolicy-- eRight-Bit7,
--eAASAccessRight-UpdateCredentialStatus-- eRight-Bit8
}
eTTI-ACL AccessorRights ::= {
--eAASAccessRight-RequiresSecurePipe-- eRight-Bit1,
--eAASAccessRight-Create AccessorRights-- eRight-Bit2,
--eAASAccessRight-Delete-- eRight-Bit3,
--eAASAccessRight-Update AccessorRights-- eRight-Bit4,
--eAASAccessRight-UpdateACL-- eRight-Bit5,
--eAASAccessRight-UpdateGroup-- eRight-Bit6,
--eAASAccessRight-UpdateCredentialPolicy-- eRight-Bit7,
--eAASAccessRight-UpdateCredentialStatus-- eRight-Bit8
}
eTTI-CS-ACL AccessorRights ::= {
--eTTIAccessRight-APDUGateAccessAllowed -- eRight-Bit5
}
eAS-ATK-01 AuthenticationToken::={
tbsToken {
version v1,
subjectPublicKeyInfo {
algorithm {
algorithm { 0 0 }
},
subjectPublicKey '0'B
},
aATK-Content {
aChallenge '00000000000000000000000000000000'H,
aKey-Size e128,
aStreamCipherIdentifier aAES-CGM-StreamCipherIdentifier
}
},
signatureAlgorithm {
algorithm { 0 0 }
},
signature {
r 0,
s 0
}
}
eAS-CERT-01 Certificate ::= {
tbsCertificate {
version v3,
serialNumber 1,
signature {
algorithm { 0 0 },
parameters OCTET STRING : '00'H
},
issuer rdnSequence : {
{
{
type { 0 0 },
value OCTET STRING : '00'H
}
}
},
validity {
notBefore utcTime : "000101000000Z",
notAfter utcTime : "000101000000Z"
},
subject rdnSequence : {
{
{
type { 0 0 },
value OCTET STRING : '00'H
}
}
},
subjectPublicKeyInfo {
algorithm {
algorithm id-ecPublicKey
},
subjectPublicKey '0'B
},
issuerUniqueID '0'B,
subjectUniqueID '0'B,
extensions {
{
extnID { 0 0 },
critical FALSE,
extnValue '00'H
}
}
},
signatureAlgorithm {
algorithm { 0 0 },
parameters OCTET STRING : '00'H
},
signature '0'B
}
aPTCS-003-command-01 AAS-CONTROL-SERVICE-GATE-Commands ::= aAAS-OP-GET-CHALLENGE-Service-Command : {}
aPTCS-003-response-01 AAS-CONTROL-SERVICE-GATE-Responses ::= aAAS-OP-GET-CHALLENGE-Service-Response : {
aAAS-Service-Response eAAS-OK,
aParameter {
aChallenge eAS-Challenge,
aCertificates {eAS-CERT-01}
}
}
aPTCS-003-command-02 AAS-CONTROL-SERVICE-GATE-Commands ::= aAAS-OP-AUTHENTICATE-ACCESSOR-Service-Command : {
aCredential aAccessorTokenCredential : {
aToken eAS-ATK-01, aTokenCertificationPath {eAS-CERT-01}
}
}
aPTCS-003-response-02 AAS-CONTROL-SERVICE-GATE-Commands ::= aAAS-OP-AUTHENTICATE-ACCESSOR-Service-Command : {
aCredential aAccessorTokenCredential : {
aToken eAS-ATK-01, aTokenCertificationPath {eAS-CERT-01}
}
}
aPTCS-004-command-01 AAS-CONTROL-SERVICE-GATE-Commands ::= aAAS-OP-ACCESS-SERVICE-Service-Command : {
aServiceIdentifier 'DD61116FF0DD57F48A4F52EE70276F24 'H,
aUseSecurePipe TRUE
}
aPTCS-004-response-01 AAS-CONTROL-SERVICE-GATE-Responses ::= aAAS-OP-ACCESS-SERVICE-Service-Response : {
aAAS-Service-Response eAAS-OK,
aParameter {
aGateIdentifier eAS-ID-ASS-GateID_1 /* <STORE(eAS-ID-ASS-GateID_1)> */
}
}
aPTCS-0061-command-01 AAS-CONTROL-SERVICE-GATE-Commands ::= aAAS-ADMIN-CREATE-ACCESSOR-Service-Command : {
aAccessor aAccessorUser : {
aAccessorIdentity eTTI-ACC,
aAccessorConditions {
aAccessConditionsPIN ePinNumeric
},
aACL {
{
aAccessorIdentity eTTI-ACC-ROOT,
aAccessorRights eTTI-ACL-ROOT
},
{
aAccessorIdentity eTTI-ACC,
aAccessorRights eTTI-ACL
}
}
},
aCredential { aPinNumericCredential "1234" },
aCredentialsPolicy {
aPinNumericPolicy {
aIsDisableForbidden FALSE, aMinSize 4, aMaxSize 255, aMaxAttempts 3
}
},
aCredentialsStatus {
aPinNumericStatus {
aCommonStatus {
aIsDisabled FALSE
}
}
}
}
aPTCS-001-response-01 AAS-CONTROL-SERVICE-GATE-Responses ::= aAAS-ADMIN-CREATE-ACCESSOR-Service-Response : {
aAAS-Service-Response eAAS-OK
}
aTCS-003-command-01 AAS-CONTROL-SERVICE-GATE-Commands ::= aAAS-OP-AUTHENTICATE-ACCESSOR-Service-Command : {
aCredential aPinNumericCredential : "1234"
}
aTCS-003-response-01 AAS-CONTROL-SERVICE-GATE-Responses ::= aAAS-OP-AUTHENTICATE-ACCESSOR-Service-Response : {
aAAS-Service-Response eAAS-OK
}
aTCS-004-command-01 AAS-CONTROL-SERVICE-GATE-Commands ::= aAAS-OP-ACCESS-SERVICE-Service-Command : {
aServiceIdentifier eTTI-ID-CS,
aUseSecurePipe TRUE
}
aTCS-004-response-01 AAS-CONTROL-SERVICE-GATE-Responses ::= aAAS-OP-ACCESS-SERVICE-Service-Response : {
aAAS-Service-Response eAAS-OK,
aParameter {
aGateIdentifier eAS-ID-ASS-GateID_2 /* <STORE(eAS-ID-ASS-GateID_2)> */
}
}
aTCS-004011-command-01 AAS-CONTROL-SERVICE-GATE-Commands ::= aAAS-OP-ACCESS-SERVICE-Service-Command : {
aServiceIdentifier eTTI-ID-CS,
aUseSecurePipe TRUE
}
aTCS-004011-response-01 AAS-CONTROL-SERVICE-GATE-Responses ::= aAAS-OP-ACCESS-SERVICE-Service-Response : {
aAAS-Service-Response eAAS-OK,
aParameter {
aGateIdentifier eAS-ID-ASS-GateID_3 /* <STORE(eAS-ID-ASS-GateID_3)> */
}
}
aTTIC-TCS-001-command-01 TTI-SERVICE-GATE-Commands ::= aTTI-OP-GET-CAPABILITIES-Service-Command :{
}
aTTIC-TCS-001-response-01 TTI-SERVICE-GATE-Responses ::= aTTI-OP-GET-CAPABILITIES-Service-Response :
{
aTTI-Service-Response eTTI-OK,
aParameter {
aVersion '0000'H /*<COMPARE(TCSVERSION,GT,EQ)>*/
}
}
aTTIC-TCS-002-command-01 TTI-SERVICE-GATE-Commands ::= aTTI-ADMIN-IMPERSONATE-Service-Command : {
aFirmwareFamilyID eTTI-FFIUUID, -- Identifier of firmware family of the host to impersonate (REE host domain identifier)*/
aHostDomainID 'E7A14FE4378D51AC85C805F6504A7C91'H UUID -- Host domain identifier of the host to impersonate*/
}
aTTIC-TCS-002-response-01 TTI-SERVICE-GATE-Responses ::= aTTI-ADMIN-IMPERSONATE-Service-Response : {
aTTI-Service-Response eTTI-OK
}
aTTIC-TCS-003-command-01 TTI-SERVICE-GATE-Commands ::= aTTI-ADMIN-IMPERSONATE-Service-Command :{
}
aTTIC-TCS-003-response-01 TTI-SERVICE-GATE-Responses ::= aTTI-ADMIN-IMPERSONATE-Service-Response : {
aTTI-Service-Response eTTI-NOK
}
aTTIC-TCS-004-command-01 TTI-SERVICE-GATE-Commands ::= aTTI-ADMIN-UPDATE-ACL-Service-Command : {
aACL {
{
aAccessorIdentity eTTI-ACC,
aAccessorRights eTTI-CS-ACL
}
}
}
aTTIC-TCS-004-response-01 TTI-SERVICE-GATE-Responses ::= aTTI-ADMIN-UPDATE-ACL-Service-Response :{
aTTI-Service-Response eTTI-OK
}
aTTIC-TCS-005-command-01 TTI-SERVICE-GATE-Commands ::= aTTI-ADMIN-UPDATE-ACL-Service-Command : {
aACL {
{
aAccessorIdentity eTTI-ACC,
aAccessorRights eTTI-CS-ACL
}
}
}
aTTIC-TCS-005-response-01 TTI-SERVICE-GATE-Responses ::= aTTI-ADMIN-UPDATE-ACL-Service-Response :{
aTTI-Service-Response eTTI-NOK
}
aTTIC-TCS-006-command-01 TTI-SERVICE-GATE-Commands ::= aTTI-ADMIN-UPDATE-ACL-Service-Command : {
aACL {
{
aAccessorIdentity eTTI-ACC,
aAccessorRights '00000000000000000000000000000000'H
}
}
}
aTTIC-TCS-006-response-01 TTI-SERVICE-GATE-Responses ::= aTTI-ADMIN-UPDATE-ACL-Service-Response :{
aTTI-Service-Response eTTI-OK
}
aTCS-001-command-01 AAS-CONTROL-SERVICE-GATE-Commands ::= aAAS-OP-ACCESS-SERVICE-Service-Command : {
aServiceIdentifier eTTI-ID-CS,
aUseSecurePipe TRUE
}
aTCS-0001-response-01 AAS-CONTROL-SERVICE-GATE-Responses ::= aAAS-OP-ACCESS-SERVICE-Service-Response : {
aAAS-Service-Response eAAS-OK,
aParameter {
aGateIdentifier eAS-ID-ASS-GateID_2 /* <STORE(eAS-ID-ASS-GateID_2)> */
}
}
END
