AtsPki_Commsignia.cfg_ 9.71 KB
Newer Older
Yann Garcia's avatar
Yann Garcia committed
[MODULE_PARAMETERS]
# This section shall contain the values of all parameters that are defined in your TTCN-3 modules.

# The GeoNetworking address of the IUT.
LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := {
  typeOfAddress := e_initial,
  stationType := e_passengerCar, #e_roadSideUnit,
  stationCountryCode := 0, #33,
  mid := '000000000011'O
} # Commsignia

LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB
LibItsBtp_Pixits.PX_DESTINATION_PORT := 2001
LibItsBtp_Pixits.PX_DESTINATION_PORT_INFO := 2001

# Enable Security support
LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true
LibItsGeoNetworking_Pixits.PX_NEIGHBOUR_DISCOVERY_DELAY := 2.0
# Root path to access certificate stored in files, identified by certficate ID
LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp"
# Configuration sub-directory to access certificate stored in files
LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert"
#LibItsSecurity_Pics.PICS_SEC_FIXED_KEYS := true # Seed

LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request"
LibItsHttp_Pics.PICS_HEADER_HOST := "10.8.0.2"
Yann Garcia's avatar
Yann Garcia committed

LibItsPki_Pics.PICS_HTTP_POST_URI_EC := "/ea/enrolment"
LibItsPki_Pics.PICS_HTTP_POST_URI_AT := "/aa/authorization"

LibItsPki_Pics.PICS_IUT_ITS_S_ROLE     := true
LibItsPki_Pics.PICS_SECPKI_ENROLMENT   := true

Yann Garcia's avatar
Yann Garcia committed
LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY        := '5C25F97607DFC62972A147FAD8B7A7C939569F0F95ECD4C641724A68B51836E5'O;
LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY         := '02834642E2E9B2EA1E6417D9D9ED1BA0BB84450781809AED15CB4BCB55DDCFD77B'O;
Yann Garcia's avatar
Yann Garcia committed
LibItsPki_Pics.PICS_ITS_S_ENC_NITSP256_PRIVATE_KEY         := 'EDEBEADCAA9514CD4B30256126FB7DF958B911C6EB58CCF702983C3DCD3DECBD'O;
LibItsPki_Pics.PICS_ITS_S_ENC_NISTP256_PUBLIC_KEY          := '023A4ADDCDD5EE66DAB2116B0C3AB47CCEDAE92CD9ACE98A84B10EB63A9DCA798C'O;
LibItsPki_Pics.PICS_ITS_S_ENC_BRAINPOOLP256r1_PRIVATE_KEY  := '9F155D40B6C920BA45D8027093C8ADADAF3AA6F9F71F0CC0F8279FF0146A8A48'O;
LibItsPki_Pics.PICS_ITS_S_ENC_BRAINPOOLP256r1_PUBLIC_KEY   := '038602F468BD334EA4D2BA416295E204D58BD1F42C85FB9BE57237C74544F6A69A'O;
LibItsPki_Pics.PICS_ITS_S_SIGN_BRAINPOOLP256r1_PRIVATE_KEY := '6D585B716D06F75EC2B8A8ADEBFCE6ED35B0640C2AFBFF25FE48FC81A6732D4F'O;
LibItsPki_Pics.PICS_ITS_S_SIGN_BRAINPOOLP256r1_PUBLIC_KEY  := '02A92BA3B770B040B8D958D5BD2CC9B537212D6963F50EA3E4784FEFA5D0454C12'O;
LibItsPki_Pics.PICS_ITS_S_ENC_BRAINPOOLP384r1_PRIVATE_KEY  := '6B4B4392511B252C904801466F5DA0A7F28E038E6656800CBB0CDCB3D32F862CA4D59CBDC1A19E98E9191582AF1DB3D7'O;
LibItsPki_Pics.PICS_ITS_S_SIGN_BRAINPOOLP384r1_PRIVATE_KEY := '3CD977195A579787C84D5900F4CB6341E0C3D2750B140C5380E6F03CE3FBA0022F7541DEABDCED4790D313ED8F56ACA8'O;
LibItsPki_Pics.PICS_ITS_S_SIGN_BRAINPOOLP384r1_PUBLIC_KEY  := '0243FF5C96984C2C3F5FD5C5F6551C90F5FAEE1E5E8301763E4AF1E9D627F3474E554B82EE98EC4B49808DFF61B35F8313'O;
LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID                     := '434F4D4D5349470A0000000000000047'O;
Yann Garcia's avatar
Yann Garcia committed
LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID                   := "CERT_TS_A_EA"
LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID                   := "CERT_TS_A_AA"

#ItsPki_Pixits.PX_TRIGGER_EC_BEFORE_AT                      := false;

#LibItsPki_Pixits.PX_INCLUDE_ENCRYPTION_KEYS := false # No encryption key in Authorization request
#LibItsPki_Pixits.PICS_PKI_AUTH_POP          := false # Do not use Signed for PoP in Authorization requet

#LibItsPki_Pics.PICS_SECPKI_REENROLMENT := false # Check in logs the pattern '==> EC ' to find the required information for re-enrolment
#LibItsPki_Pixits.PX_EC_PRIVATE_KEY     := '170D1EA638C300BD16F0025768C0F1FAA6BE23963E46AD10F79103914265D294'O
#LibItsPki_Pixits.PX_EC_HASH            := 'DFEFC2A74C8ADD0C8B74B958EE072229D25DEAAAE30D134193D091890E8F3C2C'O
#LibItsPki_Pixits.PX_EC_HASHED_ID8      := '93D091890E8F3C2C'O

Yann Garcia's avatar
Yann Garcia committed
[LOGGING]
# In this section you can specify the name of the log file and the classes of events
# you want to log into the file or display on console (standard error).

LogFile := "../logs/%e.%h-%r.%s"
FileMask := LOG_ALL | USER | DEBUG | MATCHING
ConsoleMask := LOG_ALL | USER | DEBUG | MATCHING
#FileMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP
#ConsoleMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP
LogSourceInfo := Stack
LogEntityName:= Yes
LogEventTypes:= Yes
#TimeStampFormat := DateTime

[TESTPORT_PARAMETERS]
# In this section you can specify parameters that are passed to Test Ports.
# CAM Layer
#   next_header     : btpA|btpB (overwrite BTP.type)
#   header_type     : tsb|gbc
#   header_sub_type : sh (single hop)
# DENM Layer
#   next_header     : btpA|btpB (overwrite BTP.type)
#   header_type     : tsb|gbc
# BTP Layer
#   type            : btpA|btpB
#   destination port: dst_port
#   source port     : src_port
#   device_mode     : Set to 1 if the layer shall encapsulate upper layer PDU
#   device_mode     : Set to 1 if the layer shall encapsulate upper layer PDU
# GN Layer
#   ll_address             : GeoNetworking address of the Test System
#   latitude               : latitude of the Test System
#   longitude              : longitude of the Test System
#   beaconing              : Set to 1 if GnLayer shall start beaconing
#   Beaconing timer expiry: expiry (ms)
#   device_mode            : Set to 1 if the layer shall encapsulate upper layer PDU
#   secured_mode           : Set to 1 if message exchanges shall be signed
#   encrypted_mode         : Set to 1 if message exchanges shall be encrypted
#                            NOTE: For signed & encrypted message exchanges, both secured_mode and encrypted_mode shall be set to 1
#   sec_db_path            : Path to the certificates and keys storage location
#   hash                   : Hash algorithm to be used when secured mode is set
#                            Authorized values are SHA-256 or SHA-384
#                            Default: SHA-256
#   signature              : Signature algorithm to be used when secured mode is set
#                            Authorized values are NISTP-256, NISTP-384, BP-256 and BP-384
#                            Default: NISTP-256
#   cypher                 : Cyphering algorithm to be used when secured mode is set
#                            Authorized values are NISTP-256, BP-256 and BP-384
#                            Default: NISTP-256
# Pki layer
#   certificate            : Certificate to be used by the Test System for signature and encryption. Default: CERT_TS_A_AT
#   peer_certificate       : Certificate to be used by the IUT for signature and encryption. Default: CERT_IUT_A_AT
# Ethernet layer
#   mac_src  :Source MAC address
#   mac_bc   :Broadcast address
#   eth_type : Ethernet type
# Commsignia layer
#   mac_src     : Device MAC address, used to discard packets
#                 To indicate no filering, use the value 000000000000
#   mac_bc      : Broadcast address
#   eth_type    : Ethernet type, used to discard packets
#   target_host : Device address
#   target_port : Device port
#   source_port : Test System port
#   interface_id: Interface id, used to discard packets
#   tx_power    : TX power (dB)
# UDP layer (IP/UDP based on Pcap)
#   dst_ip  : destination IPv4 address (aa.bb.cc.dd)
#   dst_port: destination port
#   src_ip  : source IPv4 address (aa.bb.cc.dd)
#   src_port: source port
# Pcap layer
#   mac_src    : Source MAC address, used to exclude from capture the acket sent by the Test System
#   filter     : Pcap filter (compliant with tcpdump syntax) 
#   Online mode:
#     nic: Local NIC
#          If set, online mode is used
#   Offline mode (nic is present but not set):
#     file        : File to read
#     frame_offset: Frame offset, used to skip packets with frame number < frame_offset
#     time_offset : Time offset, used to skip packets with time offset < time_offset
#     save_mode   : 1 to save sent packet, 0 otherwise

# Single GeoNetworking component port
# its_aid = 36 CAM
# its_aid = 37 DENM
system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EB,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=0,secured_mode=1,its_aid=36,certificate=CERT_TS_A_AT,sec_db_path=/home/vagrant/tmp/asn1c_cert)/COMMSIGNIA(mac_src=000000000011,use_vpn=1,target_host=10.8.0.1)/UDP(dst_ip=10.8.0.1,src_port=7943,dst_port=7943)"

# Single HTTP component port
system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server_mode=1,server=10.8.0.2,port=80,local_port=80,use_ssl=0)"
Yann Garcia's avatar
Yann Garcia committed

# GeoNetworking UpperTester port based on UDP
system.utPort.params := "UT_PKI/UDP(dst_ip=10.8.0.1,dst_port=56000)"

[EXECUTE]

# Check that IUT sends an enrolment request when triggered.
ItsPki_TestCases.TC_SECPKI_ITSS_ENR_01_BV
# If the enrolment request of the IUT is an initial enrolment request, the itsId (contained in the InnerECRequest) shall be set to the canonical identifier, the signer (contained in the outer EtsiTs1030971Data-Signed) shall be set to self and the outer signature shall be computed using the canonical private key.
#ItsPki_TestCases.TC_SECPKI_ITSS_ENR_02_BV
# In presence of a valid EC, the enrolment request of the IUT is a rekeying enrolment request with the itsId (contained in the InnerECRequest) and the SignerIdentifier (contained in the outer EtsiTs1030971Data-Signed) both declared as digest containing the HashedId8 of the EC and the outer signature computed using the current valid EC private key corresponding to the verification public key.
#ItsPki_TestCases.TC_SECPKI_ITSS_ENR_03_BV
#ItsPki_TestCases.TC_SECPKI_ITSS_ENR_06_BV
#ItsPki_TestCases.TC_SECPKI_ITSS_ENR_07_BV


[MAIN_CONTROLLER]
# The options herein control the behavior of MC.
KillTimer := 10.0
LocalAddress := 127.0.0.1
TCPPort := 12000
NumHCs := 1