Tools

The following documented tools are available here.

Versions of supported standards are listed on the Tools home page.

Certificate viewer

The purpose of this tool is to decode and display the content of ETSI certificates specified in ETSI TS 103 097 - Security header and certificate formats.

Request inputs

Input Field	Description
`Certificate Input format`	The certificate to be displayed can be provided under 4 different formats: `hexadecimal` or `base64` string to be pasted in the box below, `binary` file that can be either selected locally or dragged and dropped in the dedicated field or provided through its `URL`.
`Certificate intended usage`	The type of certificate `AT`, `EC`, `AA`, `EA`, `RCA` or `TLM` can be selected. If specified, the tool makes additional checks in relation to the type of certificate selected. This field is optional if no information is provided for the `Chain of authorities`.
`Predecessor certificate` (optional)	TLM and RCA certificates can be linked to ('successorTo') existing certificates that can be provided for additional checks. The predecessor certificate can be provided under 4 different formats: `hexadecimal` or `base64` string to be pasted in the box below, `binary` file that can be either selected locally or dragged and dropped in the dedicated field or provided through its `URL`.
`Chain of authorities` (optional)	Additional certificates composing the trust chain can be added for additional checks. For example, to display an AT certificate, the issuing AA and/or RCA can be provided; to display an EC certificate, the issuing EA and/or RCA can be provided. The `Certificate intended usage` of additional certificates is mandatory. The additional certificates can be provided under 4 different formats: `hexadecimal` or `base64` string to be pasted in the box below, `binary` file that can be either selected locally or dragged and dropped in the dedicated field or provided through its `URL`.

Once the information provided, the Decode & Check button is activated. The button may not be activated if the content provided is not complete (e.g. missing attribute).

Request outputs

Decoding: this panel displays the content of the certificate under a human readable format.

If the content of the certificate cannot be decoded, the message "Something went wrong, internal error" is displayed. If the errors don't prevent from decoding, errors may be listed in the Verifications panel.

If the Certificate intended usage has been provided, the tool makes additional verifications.

Verifications: this panel displays the result of verifications, warnings or errors. Examples:
- If no Chain of authorities is provided, the result displays a warning "Invalid issuer - Issuer not found".
- Errors can be due to a mismatch of permissions or validity periods between the certificate and its issuer.

Note: when the mouse is placed over a value, a tooltip indicates its type/format.

The Share certificate button provides a standalone URL that is always valid and that can easily be shared.

This URL embeds the certificate in binary format. Additional Chain of authorities information is not kept.

CTL/CRL viewer

The purpose of this tool is to decode and display the content of CTL and CRL specified in ETSI TS 102 941 - Trust and Privacy Management.

Request inputs

Input Field	Description
`CTL / CRL`	Selection of the input type. If `CTL` is selected, the type of CTL (`Full` or `Delta`) is required. Note: `CTL` may also be used to display the content of an ECTL provided by the European Commission, provided that it is based on the same version of the standard.
`Input format`	The list to be displayed can be provided under 4 different formats: `hexadecimal` or `base64` string to be pasted in the box below, `binary` file that can be either selected locally or dragged and dropped in the dedicated field or provided through its `URL`.
`Signer intended usage`	Mandatory information. RCA in case of `CTL` or `CRL`. TLM for an ECTL.
`Signer` (Optional)	The certificate of the signer can be provided for additional checks.

Once the information provided, the Decode & Check button is activated. The button may not be activated if the content provided is not complete (e.g. missing attribute).

Request outputs

Decoding: this panel displays the content of the list under a human readable format.

If the content of the certificate cannot be decoded, the message "Something went wrong, internal error" is displayed. If the errors don't prevent from decoding, errors may be listed in the Verifications panel.

Verifications: this panel displays the result of verifications, warnings or errors. Examples:
- If no Signer is provided, the result displays a warning "Invalid signed container - Signer not found or trusted".
- Errors can be due to a mismatch validity periods between the list and its signer.

The Share CTL/CRL button provides a standalone URL that is always valid and that can easily be shared.

This URL embeds the list in binary format. Additional Signer information is not kept.

Key converter

This tool allows to generate or convert cryptographic public keys in the RFC 5480 SubjectPublicKeyInfo format (e.g. required for C-ITS stations registration) and get X, Y, Y-Parity and Curve values.

Input Field	Description
`Auto generate new one`	To create a key pair (public and private) choosing the curve from `NIST 256`, `Brainpool 256` and `Brainpool 384` (default curve is `NIST 256`).
`From RFC 5480`	To check the key and display `X`, `Y`, `Y-Parity` and `Curve` values.
`From x bytes and y bytes`	To convert the key from its `X` and `Y` values. The selection of the `curve type` is mandatory (`NIST 256`, `Brainpool 256` or `Brainpool 384`). /!\ If an Hexadecimal value provided is not correct (e.g. does not follow the standard key format) or a wrong curve is selected, the message "Invalid public key string" is displayed.
`From x bytes and y parity`	To convert the key from its `X` and `Y-Parity` values. The selection of the `curve type` is mandatory (`NIST 256`, `Brainpool 256` or `Brainpool 384`). /!\ Be careful to make sure you choose the proper parity (`Y0 EVEN` or `Y1 ODD`). /!\ If an Hexadecimal value provided is not correct (e.g. does not follow the standard key format) or a wrong curve is selected, the message "Invalid public key string" is displayed.