Specification of Cryptography for Adaptive Platform AUTOSAR AP R20-11 Specification of Cryptography for Document Title Adaptive Platform Document Owner AUTOSAR Document Responsibility AUTOSAR Document Identification No 883 Document Status published Part of AUTOSAR Standard Adaptive Platform Part of Standard Release R20-11 Document Change History Date Release Changed by Description AUTOSAR • Rewrote the document to align with 2020-11-30 R20-11 Release AUTOSAR standard Management • Update of Crypto API according to WG-SEC feedback • "Direct" prefix of Crypto API is removed, because now it is single • All bugs found after R18-03 are fixed AUTOSAR • Crypto API is converted for usage of 2019-03-29 19-03 Release basic ara::core types Management • Crypto API is converted for support of the "Exception-less" approach • Detalization of Crypto API specification is extended AUTOSAR 2018-08-20 18-10 Release • Removed crypto API introduced in Management release 17-10 • Crypto API introduced at previous AUTOSAR release is renamed to Modeled API, 2018-03-29 18-03 Release chapter 7 is updated Management • Added specification of additional Direct Crypto API (chapter 9) AUTOSAR 2017-10-27 17-10 Release • Initial release Management 1 of 331 Document ID 883: AUTOSAR_SWS_Cryptography Specification of Cryptography for Adaptive Platform AUTOSAR AP R20-11 Disclaimer This work (specification and/or software implementation) and the material contained in it, as released by AUTOSAR, is for the purpose of information only. AUTOSAR and the companies that have contributed to it shall not be liable for any use of the work. The material contained in this work is protected by copyright and other types of intel- lectual property rights. The commercial exploitation of the material contained in this work requires a license to such intellectual property rights. This work may be utilized or reproduced without any modification, in any form or by any means, for informational purposes only. For any other purpose, no part of the work may be utilized or reproduced, in any form or by any means, without permission in writing from the publisher. The work has been developed for automotive applications only. It has neither been developed, nor tested for non-automotive applications. The word AUTOSAR and the AUTOSAR logo are registered trademarks. 2 of 331 Document ID 883: AUTOSAR_SWS_Cryptography Specification of Cryptography for Adaptive Platform AUTOSAR AP R20-11 Table of Contents 1 Introduction and functional overview5 2 Acronyms and Abbreviations6 3 Related documentation 10 3.1 Input documents & related standards and norms............ 10 3.2 Further applicable specification...................... 13 4 Constraints and assumptions 14 4.1 Constraints................................. 14 4.2 Assumptions................................ 14 4.3 Known limitations.............................. 14 4.4 Applicability to car domains........................ 15 5 Dependencies to other functional clusters 16 5.1 Protocol layer dependencies........................ 16 6 Requirements Tracing 17 7 Functional specification 39 7.1 Functional Cluster Lifecycle........................ 39 7.1.1 Startup.............................. 39 7.1.2 Shutdown............................. 39 7.2 Architectural concepts........................... 40 7.2.1 Integration with Identity and Access Management...... 42 7.2.2 Integration into AUTOSAR................... 43 7.2.3 Application level......................... 45 7.2.4 System service level....................... 46 7.2.5 Bridging domains: the IOInterface............... 46 7.3 Crypto API structure............................ 47 7.4 Crypto API elements............................ 48 7.4.1 Crypto Provider......................... 48 7.4.1.1 Random Number Generator (RNG).......... 49 7.4.1.2 Key Derivation Function (KDF)............ 50 7.4.1.3 Hashing......................... 52 7.4.1.4 Message Authentication Code (MAC)......... 54 7.4.1.5 Symmetric encryption................. 57 7.4.1.6 Authenticated Encryption............... 60 7.4.1.7 Key Wrapping...................... 61 7.4.1.8 Digital signatures.................... 62 7.4.1.9 Asymmetric encryption................. 66 7.4.1.10 Key Encapsulation Mechanism (KEM)........ 68 7.4.1.11 Key Exchange Protocol, Key Exchange Mechanism, and Key Exchange Scheme.............. 69 7.4.1.12 Identification of cryptographic primitives and using one 72 3 of 331 Document ID 883: AUTOSAR_SWS_Cryptography Specification of Cryptography for Adaptive Platform AUTOSAR AP R20-11 7.4.1.13 Support on internal elements (Loading, Update, Im- port, and Export).................... 73 7.4.2 Key Storage Provider...................... 74 7.4.2.1 Serializable interface.................. 76 7.4.2.2 Key Generation..................... 77 7.4.2.3 Exporting and Importing of Key Material....... 78 7.4.3 Certificate handling (X.509 Provider).............. 78 7.4.3.1 Certificate Signing Request.............. 82 7.4.3.2 Using Certificates.................... 82 7.4.3.3 Revocation of certificates............... 86 7.5 Cryptographic Primitives Naming Convention.............. 87 8 API specification 91 8.1 C++ language binding Crypto Provider.................. 91 8.2 C++ language binding Key Storage Provider............... 224 8.3 C++ language binding X509 Certificate Management Provider..... 243 8.4 API Common Data Types......................... 283 8.5 API Reference............................... 291 9 Service Interfaces 322 9.1 Type definitions............................... 322 9.2 Provided Service Interfaces........................ 322 9.3 Required Service Interfaces........................ 322 9.4 Application Errors.............................. 322 A Mentioned Manifest Elements 323 B Interfaces to other Functional Clusters (informative) 330 B.1 Overview................................... 330 B.2 Interface Tables............................... 330 C History of Constraints and Specification Items 331 C.1 Constraint and Specification Item History of this document according to AUTOSAR Release yy-mm....................... 331 4 of 331 Document ID 883: AUTOSAR_SWS_Cryptography Specification of Cryptography for Adaptive Platform AUTOSAR AP R20-11 1 Introduction and functional overview This specification describes the functionality and the configuration for the Adaptive AUTOSAR Functional Cluster Cryptography (FC Crypto) and its API (CryptoAPI, which is part of the AUTOSAR Adaptive Platform Foundation. The FC Crypto offers applications and other Adaptive AUTOSAR Functional Clus- ter a standardized interface, which provides operations for cryptographic and related calculations. These operations include cryptographic operations, key management, and certificate handling. FC Crypto manages the actual implementations of all op- erations, the configuration, and the brokering of operations from applications to imple- mentations. The standardized interface is exposed by the CryptoAPI. The FC Crypto and its CryptoAPI supports both public-key and symmetric-key cryp- tography. It allows applications to use mechanisms such as authentication, encryption, and decryption for automotive services. 5 of 331 Document ID 883: AUTOSAR_SWS_Cryptography Specification of Cryptography for Adaptive Platform AUTOSAR AP R20-11 2 Acronyms and Abbreviations The glossary below includes acronyms and abbreviations relevant to the FC Crypto module that are not included in the [1, AUTOSAR glossary]. Abbreviation / Acronym: Description: ACL Access Control List AE Authenticated Encryption AEAD Authenticated Encryption with Associated Data – Encryption scheme which simultaneously provides confidentiality and au- thenticity of data as well as additional authenticated but not en- crypted data. AES Advanced Encryption Standard – A block cipher for the symmet- ric encryption of electronic data. API Abstract Programming Interface ARA Autosar Runtime Environment for Adaptive Applications ASN.1 Abstract Syntax Notation One, as defined in the ASN.1 standards BER Basic Encoding Rules BLOB Binary Large Object – A Binary Large OBject (BLOB) is a collec- tion of binary data stored as a single entity. CA Certificate Authority or Certification Authority is an entity that is- sues digital certificates. CBC Cipher Block Chaining Mode – A mode of operation for symmetric ciphers (e.g. AES) that supports encryption. CBC-MAC Cipher Block Chaining Message Authentication Mode – A mode of operation for symmetric ciphers (e.g. AES) that supports au- thentication. CCM Counter Mode with CBC-MAC – An AEAD operation mode (en- cryption and authentication) for AES. CMAC Cipher-based Message Authentication Code – A mode of opera- tion for symmetric ciphers (e.g. AES) that supports authentication and is similar but advanced to CBC-MAC. CMP X.509 Certificate Management Provider. CO Cryptographic Object COUID Cryptographic Object Unique Identifier CRL Certificate Revocation Lists is a list of digital certificates that have been revoked before their expiration date was reached. This list contains all the serial numbers of the revoked certificates and the revoked data. CSR Certificate Signing Request CTL Certificate Trust List is a list of digital certificates that are explic- itly trusted in this environment. This list contains all the serial numbers of the explicitly trusted certificates. DER Distinguished Encoding Rules as defined in [2] DH Diffie-Hellman (key exchange method) ECC Elliptic Curve Cryptography – Public-key cryptography based on the structure of elliptic curves. ECDH Elliptic Curve Diffie-Hellman – An ECC