Newer
Older
[MODULE_PARAMETERS]
# This section shall contain the values of all parameters that are defined in your TTCN-3 modules.
# The GeoNetworking address of the IUT.
LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := {
typeOfAddress := e_initial,
}
LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB
# Enable Security support
LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true
# Root path to access certificate stored in files, identified by certficate ID
LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp"
# Configuration sub-directory to access certificate stored in files
LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert"
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
[LOGGING]
# In this section you can specify the name of the log file and the classes of events
# you want to log into the file or display on console (standard error).
LogFile := "../logs/%e.%h-%r.%s"
FileMask := LOG_ALL | USER | DEBUG | MATCHING
ConsoleMask := LOG_ALL | USER | DEBUG | MATCHING
#FileMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP
#ConsoleMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP
LogSourceInfo := Stack
LogEntityName:= Yes
LogEventTypes:= Yes
#TimeStampFormat := DateTime
[TESTPORT_PARAMETERS]
# In this section you can specify parameters that are passed to Test Ports.
# CAM Layer
# next_header : btpA|btpB (overwrite BTP.type)
# header_type : tsb|gbc
# header_sub_type : sh (single hop)
# DENM Layer
# next_header : btpA|btpB (overwrite BTP.type)
# header_type : tsb|gbc
# BTP Layer
# type : btpA|btpB
# destination port: dst_port
# source port : src_port
# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU
# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU
# GN Layer
# ll_address : GeoNetworking address of the Test System
# latitude : latitude of the Test System
# longitude : longitude of the Test System
# beaconing : Set to 1 if GnLayer shall start beaconing
# Beaconning timer expiry: expiry (ms)
# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU
# secured_mode : Set to 1 if message exchanges shall be signed
# encrypted_mode : Set to 1 if message exchanges shall be encrypted
# NOTE: For signed & encrypted message exchanges, both secured_mode and encrypted_mode shall be set to 1
# sec_db_path : Path to the certificates and keys storage location
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
# hash : Hash algorithm to be used when secured mode is set
# Authorized values are SHA-256 or SHA-384
# Default: SHA-256
# signature : Signature algorithm to be used when secured mode is set
# Authorized values are NISTP-256, NISTP-384, BP-256 and BP-384
# Default: NISTP-256
# cypher : Cyphering algorithm to be used when secured mode is set
# Authorized values are NISTP-256, BP-256 and BP-384
# Default: NISTP-256
# Ethernet layer
# mac_src :Source MAC address
# mac_bc :Broadcast address
# eth_type : Ethernet type
# Commsignia layer
# mac_src : Device MAC address, used to discard packets
# To indicate no filering, use the value 000000000000
# mac_bc : Broadcast address
# eth_type : Ethernet type, used to discard packets
# target_host : Device address
# target_port : Device port
# source_port : Test System port
# interface_id: Interface id, used to discard packets
# tx_power : TX power (dB)
# UDP layer (IP/UDP based on Pcap)
# dst_ip : destination IPv4 address (aa.bb.cc.dd)
# dst_port: destination port
# src_ip : source IPv4 address (aa.bb.cc.dd)
# src_port: source port
# Pcap layer
# mac_src : Source MAC address, used to exclude from capture the acket sent by the Test System
# filter : Pcap filter (compliant with tcpdump syntax)
# Online mode:
# nic: Local NIC
# If set, online mode is used
# Offline mode (nic is present but not set):
# file : File to read
# frame_offset: Frame offset, used to skip packets with frame number < frame_offset
# time_offset : Time offset, used to skip packets with time offset < time_offset
# save_mode : 1 to save sent packet, 0 otherwise
# Single GeoNetworking component port
system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=0,secured_mode=1,its_aid=141,secured_mode=1,certificate=CERT_TS_A_AT,sec_db_path=/home/vagrant/tmp/asn1c_cert)/ETH(mac_src=e2b7b30429eb)/PCAP(mac_src=e2b7b30429eb,nic=tap0,filter=and ether proto 0x8947)" # Nordsys
#system.geoNetworkingPort.params := "
# GN(ll_address=4C5E0C14D2EC,latitude=43551050,longitude=10298730,beaconing=0,expiry=1000)/
# ETH(mac_src=803f5d092bdc,mac_bc=FFFFFFFFFFFF,eth_type=8947)/
# PCAP_FILE(file=../testdata/TC_SEC_ITSS_SND_CAM_01_BV.pcap,realtime=yes, delay=5000)"
# GeoNetworking UpperTester port based on UDP
# CAM UpperTester port based on UDP
#system.camUtPort.params := "UT_CAM(loopback=1)"
system.utPort.params := "UT_CAM/UDP(dst_ip=172.23.0.1,dst_port=8000)" # Nordsys
system.camUtPort.params := "UT_CAM/UDP(dst_ip=172.23.0.1,dst_port=8000)" # Nordsys
#Check that ITS-S sends a Ieee1609Dot2Data containing protocol version set to 3
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_MSG_01_BV
# ------------------------- CAM ---------------------------
# Check that IUT sends the secured CAM using SignedData container.
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_01_BV
# Check that IUT sends the secured CAM containing the HeaderInfo field psid set to 'AID_CAM'.
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_02_BV
# Check that IUT sends the secured CAM with the HeaderInfo containing generationTime
# and doesn't containing expiryTime, generationLocation, encryptionKey, p2pcdLearningRequest, missingCrlIdentifier.
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_03_BV
# Check that IUT sends the secured CAM containing signer containing either certificate or digest;
# Check that signing certificate has permissions to sign CAM messages.
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_04_BV
# Check that IUT calculate the digest of certificate using proper hash algorithm;
# Check that IUT canonicalize certificates before hash calculation.
ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_05_BV
# Check that IUT sends the secured CAM containing the signing certificate when over the time of one
# second no other secured CAM contained the certificate was sent.
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_06_BV
# Check that IUT sends the secured CAM containing the signing certificate when the timeout of one second
# has been expired after the previous CAM containing the certificate.
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_07_BV
# Check that IUT sends the secured CAM containing the signing certificate when the IUT received CAM from an unknown ITS-S.
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_08_BV
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
# Check that IUT restarts the certificate sending timer when the certificate has been sent.
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_09_BV
# Check that the IUT sends certificate request when it receives secured CAM containing
# digest of unknown certificate as a message signer.
# (PICS_SEC_P2P_AT_DISTRIBUTION)
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_10_BV
# Check that the IUT sends certificate request when it receives secured CAM
# containing certificate signed by unknown AA certificate.
# (PICS_SEC_P2P_AT_DISTRIBUTION and PICS_SEC_SHA256)
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_11_01_BV
# Check that the IUT sends certificate request when it receives secured CAM
# containing certificate signed by unknown AA certificate.
# (PICS_SEC_P2P_AT_DISTRIBUTION and PICS_SEC_SHA384)
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_11_02_BV
# Check that IUT sends the secured CAM containing the signing certificate when it received
# a CAM containing a request for unrecognized certificate that matches with the currently
# used AT certificate ID of the IUT.
# (PICS_SEC_P2P_AT_DISTRIBUTION)
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_12_BV
# Check that IUT sends the secured CAM containing the AA certificate in the requestedCertificate
# headerInfo field when it received a CAM containing a request for unrecognized certificate that
# matches with the currently used AA certificate ID of the IUT.
# (PICS_SEC_P2P_AT_DISTRIBUTION)
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_13_BV
# Check that IUT sends the secured CAM containing the AA certificate in the requestedCertificate headerInfo
# field when it received a CAM containing a request for unrecognized certificate that matches with the known
# AA certificate ID which is not currently used by the IUT.
# (PICS_SEC_P2P_AA_DISTRIBUTION)
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_14_BV
# Check that the IUT doesn't send a secured CAM containing the AA certificate in the requestedCertificate
# headerInfo field when it was previously requested and already received from another ITS-S.
# (PICS_SEC_P2P_AA_DISTRIBUTION)
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_15_BV
# Check that the IUT doesn't send a secured CAM containing the AA certificate in the requestedCertificate
# headerInfo field when it contains certificate in the signer field.
# (PICS_SEC_P2P_AA_DISTRIBUTION)
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_16_BV
# Check that the IUT send a secured CAM containing the AA certificate in the
# requestedCertificate headerInfo field with the next CAM containing digest as a signer info.
# (PICS_SEC_P2P_AA_DISTRIBUTION)
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_17_BV
# Check that IUT sends the secured CAM containing generation time and this time is inside the validity period of the signing certificate;
# Check that message generation time value is realistic
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_18_BV
# Check that IUT sends the secured CAM containing the 'data' field in signed data payload,
# containing the EtsiTs103097Data of type unsecured, contained the CAM payload
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_19_BV
# Check that the IUT sends the secured CAM signed with the certificate containing appPermisions
# allowing to sign CA messages
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_20_BV
# Check that IUT sends the secured CAM containing signature;
# Check that the signature is calculated over the right fields
# and using right hash algorythm by cryptographically verifying the signature
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_21_BV
# Check that IUT sends the secured CAM containing signature containing the ECC point of type set to
# either compressed_lsb_y_0, compressed_lsb_y_1 or x_coordinate_only.
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_22_BV
# Check that IUT doesn't send secured CAMs if IUT is authorized with AT certificate doesn't allowing sending messages in this location.
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_23_BV
# Check that IUT doesn't send the secured CAM if IUT is configured to use an AT certificate without
# region validity restriction and generation location is outside of the region of the issuing AA certificate.
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_24_BV
# Check that IUT doesn't send secured CAMs if all AT certificates installed on the IUT was expired.
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_25_BV
# Check that IUT doesn't send secured CAMs if all AT certificates installed on the IUT have the starting time in the future.
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_26_BV
# Check that IUT doesn't send secured CAMs if IUT doesn't possess an AT certificate allowing sending CAM by its appPermissions.
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_27_BV
#--------------------------------------- DENM ------------------------------------------
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_01_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_02_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_03_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_04_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_05_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_06_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_07_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_08_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_09_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_10_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_11_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_12_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_13_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_14_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_15_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_16_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_17_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_18_BV
#--------------------------------------- OTHER MESSAGES ------------------------------------------
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_GENMSG_01_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_GENMSG_02_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_GENMSG_03_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_GENMSG_04_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_GENMSG_05_BV
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_GENMSG_06_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_GENMSG_07_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_GENMSG_08_BV
#--------------------------------------- ENCRYPTED MESSAGES ------------------------------------------
# (PICS_SEC_ENCRYPTION_SUPPORT)
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_ENC_01_BV
# (PICS_SEC_ENCRYPTION_SUPPORT)
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_ENC_02_BV
# (PICS_SEC_ENCRYPTION_SUPPORT)
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_ENC_03_BV
# (PICS_SEC_ENCRYPTION_SUPPORT)
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_ENC_04_BV
# (PICS_SEC_ENCRYPTION_SUPPORT)
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_ENC_05_BV
# (PICS_SEC_ENCRYPTION_SUPPORT)
#--------------------------------------- CERTIFICATE TESTING ------------------------------------------
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_01_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_02_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_03_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_04_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_05_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_06_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_07_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_08_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_09_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_10_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_11_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_12_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_13_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_14_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_15_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_16_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_17_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_18_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_19_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_20_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_21_BV
#--------------------------------------- Internal tests (to be removed) ------------------------------------------
#ItsSecurity_TestCases.TC_TEST_1