Newer
Older
// LibCommon
import from LibCommon_BasicTypesAndValues all;
import from LibCommon_DataStrings all;
// LibIts
import from IEEE1609dot2BaseTypes language "ASN.1:1997" all;
import from IEEE1609dot2 language "ASN.1:1997" all;
import from EtsiTs103097Module language "ASN.1:1997" all;
// LibItsGeoNetworking
import from LibItsGeoNetworking_EncdecDeclarations all;
import from LibItsGeoNetworking_TypesAndValues all;
import from LibItsGeoNetworking_Templates all;
// LibItsSecurity
import from LibItsSecurity_EncdecDeclarations all;
import from LibItsSecurity_TypesAndValues all;
import from LibItsSecurity_Templates all;
import from LibItsSecurity_Functions all;
import from LibItsSecurity_Pixits all;
// AtsGenCert
import from ItsGenCert_TypeAndValues all;
import from ItsGenCert_Functions all;
import from ItsGenCert_TestSystem all;
import from ItsGenCert_Pics all;
modulepar boolean PX_VALIDATE_CERTIFICATES_ONLY := false;
testcase TC_GEN_CERT() runs on TCType system TCType {
var certificate_details_list v_certificate_details_list := {};
var integer v_idx := 0;
for (var integer v_counter := 0; v_counter < lengthof(PICS_CERTFICATES); v_counter := v_counter + 1) {
var certificate_details v_details;
var template (value) EtsiTs103097Certificate v_certificate;
var certificate_params v_certificate_params;
var certificate_details v_issuer_certificate_details;
var integer v_counter1;
// Setup
v_certificate_params := PICS_CERTFICATES[v_counter];
v_details := { v_certificate_params.certificate_id, {}, ''O, ''O, ''O, ''O, ''O, 0, ''O, '0000000000000000'O, '0000000000000000'O, omit, omit, omit, omit, omit };
// Generate Private/Public signing and encryption keys for the certificate
if (f_generate_signing_keys(v_certificate_params, v_details) == -1) {
setverdict(fail, "Unsupported curve");
stop;
}
// Build the certificate templates
if (f_fill_certificate(v_certificate_params, v_details) == -1) {
setverdict(fail, "Failed to build the certificate templates");
stop;
}
// Generate the certificate
// 1. Find the issuer
for (v_counter1 := 0; v_counter1 < lengthof(v_certificate_details_list); v_counter1 := v_counter1 + 1) {
if (v_certificate_params.signed_by == v_certificate_details_list[v_counter1].certificate_id) {
log("Issuer for ", v_certificate_params.certificate_id, " is ", v_certificate_details_list[v_counter1].certificate_id);
v_issuer_certificate_details := v_certificate_details_list[v_counter1];
break;
}
} // End of 'for' statement
if (v_counter1 == lengthof(v_certificate_details_list)) {
v_issuer_certificate_details := v_details;
}
// 2. Generate the certificate, including the signature
if (f_generate_certificate(v_certificate_params, v_issuer_certificate_details, v_details) == -1) {
setverdict(fail, "Failed to generate the certificate");
stop;
}
// Fianlyse certificate
if (f_finalyse_certificate(v_certificate_params, v_certificate_details_list, v_details) == -1) {
setverdict(fail, "Failed to finalyse the certificate");
stop;
}
v_certificate_details_list[v_idx] := v_details;
log("v_certificate_details_list = ", v_certificate_details_list);
// Store them
if (f_store_certificates(v_certificate_details_list) == -1) {
setverdict(fail, "Failed to finalyse the certificate");
stop;
} else {
setverdict(pass);
}
} // End of testcase TC_GEN_CERT
testcase TC_VALIDATE_CERT() runs on TCType system TCType {
var SequenceOfCertificate v_certificate_list;
var integer v_idx := 0;
// 1. Load certificates
fx_loadCertificates(PX_CERTIFICATE_POOL_PATH, PX_IUT_SEC_CONFIG_NAME);
// 2. Create the list of certificates
for (var integer v_counter := 0; v_counter < lengthof(PICS_CERTFICATES); v_counter := v_counter + 1) {
var EtsiTs103097Certificate v_certificate;
if (f_readCertificate(PICS_CERTFICATES[v_counter].certificate_id, v_certificate) == false) {
setverdict(fail, "Failed to read certificate ", PICS_CERTFICATES[v_counter].certificate_id);
stop;
} else {
v_certificate_list[v_idx] := v_certificate;
v_idx := v_idx + 1;
log("TC_VALIDATE_CERT: v_certificate_list = ", v_certificate_list);
// 3. Check signature
for (var integer v_counter := 0; v_counter < lengthof(v_certificate_list); v_counter := v_counter + 1) {
var EtsiTs103097Certificate v_certificate := v_certificate_list[v_counter];
log("TC_VALIDATE_CERT: Processing certificate ", v_certificate.toBeSigned.id.name, " - ", v_certificate.issuer);
if (ischosen(v_certificate.issuer.self_)) {
if (f_verifyCertificateSignatureWithIssuingCertificate(v_certificate, v_certificate) == false) {
setverdict(fail, "Failed to verify signature for CA certificate ", v_certificate.toBeSigned.id.name);
stop;
}
var EtsiTs103097Certificate v_issuing_certificate;
var HashedId8 v_issuer;
if (ischosen(v_certificate.issuer.sha256AndDigest)) {
v_issuer := v_certificate.issuer.sha256AndDigest;
} else if (ischosen(v_certificate.issuer.sha384AndDigest)) {
v_issuer := v_certificate.issuer.sha384AndDigest;
} else {
setverdict(fail, "Unsupported issuer");
stop;
}
if (f_getCertificateFromDigest(v_issuer, v_issuing_certificate, v_certificate_id) == false) {
setverdict(fail, "Failed to get certificate from digest ", v_issuer);
stop;
}
if (f_verifyCertificateSignatureWithIssuingCertificate(v_certificate, v_issuing_certificate) == false) {
setverdict(fail, "Failed to verify signature for CA certificate ", v_certificate.toBeSigned.id.name);
stop;
}
}
} // End of 'for' statement
setverdict(pass);
} // End of testcase TC_VALIDATE_CERT
control {
if (PX_VALIDATE_CERTIFICATES_ONLY == false) {
execute(TC_GEN_CERT(), 1.0);
}
execute(TC_VALIDATE_CERT(), 1.0);
} // End of 'control' statement
} // End of module ItsGencert_TestCases