Package org.bouncycastle.oer.its.template.etsi102941

Class EtsiTs102941TypesAuthorization

java.lang.Object
org.bouncycastle.oer.its.template.etsi102941.EtsiTs102941TypesAuthorization
public class EtsiTs102941TypesAuthorization extends Object

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final OERDefinition.Builder
    AuthorizationResponseCode
    ok(0), -- ITS->AA its-aa-cantparse, -- valid for any structure its-aa-badcontenttype, -- not encrypted, not signed, not authorizationrequest its-aa-imnottherecipient, -- the "recipients" of the outermost encrypted data doesn't include me its-aa-unknownencryptionalgorithm, -- either kexalg or contentencryptionalgorithm its-aa-decryptionfailed, -- works for ECIES-HMAC and AES-CCM its-aa-keysdontmatch, -- HMAC keyTag verification fails its-aa-incompleterequest, -- some elements are missing its-aa-invalidencryptionkey, -- the responseEncryptionKey is bad its-aa-outofsyncrequest, -- signingTime is outside acceptable limits its-aa-unknownea, -- the EA identified by eaId is unknown to me its-aa-invalidea, -- the EA certificate is revoked its-aa-deniedpermissions, -- I, the AA, deny the requested permissions -- AA->EA aa-ea-cantreachea, -- the EA is unreachable (network error?) -- EA->AA ea-aa-cantparse, -- valid for any structure ea-aa-badcontenttype, -- not encrypted, not signed, not authorizationrequest ea-aa-imnottherecipient, -- the "recipients" of the outermost encrypted data doesn't include me ea-aa-unknownencryptionalgorithm, -- either kexalg or contentencryptionalgorithm ea-aa-decryptionfailed, -- works for ECIES-HMAC and AES-CCM -- TODO: to be continued...
    static final OERDefinition.Builder
    InnerAtRequest
    InnerAtRequest ::= SEQUENCE { publicKeys PublicKeys, hmacKey OCTET STRING (SIZE(32)), sharedAtRequest SharedAtRequest, ecSignature EcSignature, ...
    static final OERDefinition.Builder
    InnerAtResponse
    InnerAtResponse ::= SEQUENCE { requestHash OCTET STRING (SIZE(16)), responseCode AuthorizationResponseCode, certificate EtsiTs103097Certificate OPTIONAL, ...
    static final OERDefinition.Builder
    SharedAtRequest
    SharedAtRequest ::= SEQUENCE { eaId HashedId8, keyTag OCTET STRING (SIZE(16)), certificateFormat CertificateFormat, requestedSubjectAttributes CertificateSubjectAttributes (WITH COMPONENTS{..., certIssuePermissions ABSENT}), ...

  • Constructor Summary

    Constructors
    Constructor
    Description
    EtsiTs102941TypesAuthorization()
     

  • Method Summary

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

    • AuthorizationResponseCode

      public static final OERDefinition.Builder AuthorizationResponseCode
      ok(0), -- ITS->AA its-aa-cantparse, -- valid for any structure its-aa-badcontenttype, -- not encrypted, not signed, not authorizationrequest its-aa-imnottherecipient, -- the "recipients" of the outermost encrypted data doesn't include me its-aa-unknownencryptionalgorithm, -- either kexalg or contentencryptionalgorithm its-aa-decryptionfailed, -- works for ECIES-HMAC and AES-CCM its-aa-keysdontmatch, -- HMAC keyTag verification fails its-aa-incompleterequest, -- some elements are missing its-aa-invalidencryptionkey, -- the responseEncryptionKey is bad its-aa-outofsyncrequest, -- signingTime is outside acceptable limits its-aa-unknownea, -- the EA identified by eaId is unknown to me its-aa-invalidea, -- the EA certificate is revoked its-aa-deniedpermissions, -- I, the AA, deny the requested permissions -- AA->EA aa-ea-cantreachea, -- the EA is unreachable (network error?) -- EA->AA ea-aa-cantparse, -- valid for any structure ea-aa-badcontenttype, -- not encrypted, not signed, not authorizationrequest ea-aa-imnottherecipient, -- the "recipients" of the outermost encrypted data doesn't include me ea-aa-unknownencryptionalgorithm, -- either kexalg or contentencryptionalgorithm ea-aa-decryptionfailed, -- works for ECIES-HMAC and AES-CCM -- TODO: to be continued... invalidaa, -- the AA certificate presented is invalid/revoked/whatever invalidaasignature, -- the AA certificate presented can't validate the request signature wrongea, -- the encrypted signature doesn't designate me as the EA unknownits, -- can't retrieve the EC/ITS in my DB invalidsignature, -- signature verification of the request by the EC fails invalidencryptionkey, -- signature is good, but the key is bad deniedpermissions, -- permissions not granted deniedtoomanycerts, -- parallel limit

    • InnerAtResponse

      public static final OERDefinition.Builder InnerAtResponse
      InnerAtResponse ::= SEQUENCE { requestHash OCTET STRING (SIZE(16)), responseCode AuthorizationResponseCode, certificate EtsiTs103097Certificate OPTIONAL, ... } (WITH COMPONENTS { responseCode (ok), certificate PRESENT } | WITH COMPONENTS { responseCode (ALL EXCEPT ok), certificate ABSENT } )

    • SharedAtRequest

      public static final OERDefinition.Builder SharedAtRequest
      SharedAtRequest ::= SEQUENCE { eaId HashedId8, keyTag OCTET STRING (SIZE(16)), certificateFormat CertificateFormat, requestedSubjectAttributes CertificateSubjectAttributes (WITH COMPONENTS{..., certIssuePermissions ABSENT}), ... }

    • InnerAtRequest

      public static final OERDefinition.Builder InnerAtRequest
      InnerAtRequest ::= SEQUENCE { publicKeys PublicKeys, hmacKey OCTET STRING (SIZE(32)), sharedAtRequest SharedAtRequest, ecSignature EcSignature, ... }

  • Constructor Details

    • EtsiTs102941TypesAuthorization

      public EtsiTs102941TypesAuthorization()