Skip to content
GitLab
Commit 14f7e3ae authored by Yann Garcia's avatar Yann Garcia
Browse files

Bug fixed in Ats Security

parent ab98e7bf
Hide whitespace changes
Inline Side-by-side
ccsrc/Protocols/GeoNetworking/geonetworking_codec.cc
View file @ 14f7e3ae
......@@ -13,7 +13,7 @@ class TTCN_EncDec;
int geonetworking_codec::encode (const LibItsGeoNetworking__TypesAndValues::GeoNetworkingPdu& msg, OCTETSTRING& data)
{
loggers::get_instance().log_msg(">>> geonetworking_codec::encode: ", (const Base_Type&)msg);
loggers::get_instance().log_msg(">>> geonetworking_codec::encode (1): ", (const Base_Type&)msg);
TTCN_EncDec::clear_error();
TTCN_Buffer encoding_buffer;
......@@ -39,8 +39,8 @@ int geonetworking_codec::encode (const LibItsGeoNetworking__TypesAndValues::GeoN
int geonetworking_codec::encode (const LibItsGeoNetworking__TypesAndValues::GnNonSecuredPacket& p_gnNonSecuredPacket, OCTETSTRING& data)
{
loggers::get_instance().log_msg(">>> geonetworking_codec::encode: ", (const Base_Type&)p_gnNonSecuredPacket);
loggers::get_instance().log_msg(">>> geonetworking_codec::encode (2): ", (const Base_Type&)p_gnNonSecuredPacket);
TTCN_EncDec::clear_error();
TTCN_Buffer encoding_buffer;
encode_(p_gnNonSecuredPacket, *p_gnNonSecuredPacket.get_descriptor(), encoding_buffer);
......@@ -104,7 +104,7 @@ int geonetworking_codec::encode_ (const Base_Type& type, const TTCN_Typedescript
}
} else if (std::string(field_descriptor.name).compare("@EtsiTs103097Module.EtsiTs103097Data") == 0) {
const EtsiTs103097Module::EtsiTs103097Data& ieee_1609dot2_data = static_cast<const EtsiTs103097Module::EtsiTs103097Data&>(type);
loggers::get_instance().log_msg("geonetworking_codec::encode_: Encode secured message = ", ieee_1609dot2_data);
loggers::get_instance().log_msg("geonetworking_codec::encode_: Encode secured message= ", ieee_1609dot2_data);
etsi_ts103097_data_codec codec;
OCTETSTRING os;
codec.encode(ieee_1609dot2_data, os);
......
ccsrc/Protocols/GeoNetworking/geonetworking_layer.cc
View file @ 14f7e3ae
......@@ -175,7 +175,7 @@ void geonetworking_layer::send_data(OCTETSTRING& data, params& params) {
return;
}
}
if (_secured_mode) { // Add signature support
if (_secured_mode) { // Add Security support
if (build_secured_pdu(data, params) != 0) {
return;
}
......@@ -493,7 +493,7 @@ void geonetworking_layer::send_beacon() {
_beacon->encode(*(_beacon->get_descriptor()), encoding_buffer, TTCN_EncDec::CT_RAW);
OCTETSTRING data(encoding_buffer.get_len(), encoding_buffer.get_data());
params params(_params);
if (_secured_mode) { // Apply signature
if (_secured_mode) { // Apply Security
if (build_secured_pdu(data, _params) != 0) {
return;
}
......@@ -1016,6 +1016,11 @@ int geonetworking_layer::build_secured_pdu(OCTETSTRING& data, params& params) {
LibItsGeoNetworking__TypesAndValues::BasicHeader basic_header;
decode_basic_header(data, basic_header);
if (basic_header.nextHeader() == BasicNextHeader::e__securedPacket) { // Already secured (ATS Security test suite/f_sendSecuredGn/Cam/Denm TTCN-3 functions
// Leave data unchanged
loggers::get_instance().log_msg("<<< geonetworking_layer::build_secured_pdu: Leave data unchanged: ", data);
return 0;
}
// Update security mode
unsigned int basic_header_len = 4;// FIXME How to retrive the BasicHeader length basic_header.get_descriptor()->raw->fieldlength / 8;
loggers::get_instance().log("geonetworking_layer::build_secured_pdu: basic_header_len = %d", basic_header_len);
......
ccsrc/Protocols/Security/security_services.cc
View file @ 14f7e3ae
......@@ -516,6 +516,7 @@ int security_services::sign_payload(const OCTETSTRING& p_unsecured_gn_payload, O
std::string certificate_id = p_params[params::certificate];
loggers::get_instance().log("security_services::sign_payload: certificate_id = %s", certificate_id.c_str());
if ((unsigned int)(ms - _last_generation_time) >= 1000 * 0.95) { // Need to add certificate
loggers::get_instance().log("security_services::sign_payload: Need to add certificate");
IEEE1609dot2::CertificateBase cert;
if (_security_db->get_certificate(certificate_id, cert) != 0) {
loggers::get_instance().warning("security_services:sign_payload: Failed to secure payload");
......@@ -527,6 +528,7 @@ int security_services::sign_payload(const OCTETSTRING& p_unsecured_gn_payload, O
// Reset send certificate timer
_last_generation_time = ms;
} else {
loggers::get_instance().log("security_services::sign_payload: Add digest");
OCTETSTRING digest;
if (_security_db->get_hashed_id(certificate_id, digest) != 0) {
loggers::get_instance().warning("security_services::sign_payload: Failed to secure payload");
......
ccsrc/Protocols/UDP/udp_layer.cc
View file @ 14f7e3ae
......@@ -33,7 +33,7 @@ udp_layer::udp_layer(const std::string & p_type, const std::string & param) : la
// Initialize the socket
_saddr.sin_family = AF_INET;
_saddr.sin_addr.s_addr = INADDR_ANY;
_saddr.sin_port = htons(std::atoi(_params["src_port"].c_str()));
_saddr.sin_port = htons(std::atoi(_params["dst_port"].c_str()));
// Create socket
_fd = ::socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
if (_fd == -1) {
......
etc/AtsPki/AtsPki.cfg
View file @ 14f7e3ae
......@@ -35,6 +35,7 @@ LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp"
# Configuration sub-directory to access certificate stored in files
LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert"
LibItsPki_Pics.PICS_IUT_COMBINED_EA_AA_ROLE := true
[LOGGING]
# In this section you can specify the name of the log file and the classes of events
......@@ -131,7 +132,7 @@ system.utPort.params := "UT_PKI/UDP(dst_ip=172.23.0.1,dst_port=8000)"
[EXECUTE]
#ItsPki_TestCases.TC_SEC_PKI_ITSS_ENR_BV_01
#ItsPki_TestCases.TC_SEC_PKI_ITSS_ENR_BV_02
ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_01
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_01
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_02
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_03
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_04
......@@ -143,7 +144,7 @@ ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_01
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_10
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_11
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_12
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_AA_BV_01
ItsPki_TestCases.TC_SEC_PKI_SND_EA_AA_BV_01
#ItsPki_TestCases.TC_SEC_PKI_SND_AA_BV_01
[MAIN_CONTROLLER]
......
etc/AtsRSUsSimulator/AtsRSUSimulator.cfg
View file @ 14f7e3ae
......@@ -23,13 +23,13 @@ ItsRSUsSimulator_Pixits.PX_RSU_ID := 8;
# UC7 (CAM only): PX_ETSI_USE_CASE_ID := 7
# UC8 (EVCSN only): PX_ETSI_USE_CASE_ID := 8
# UC9 (CAM only): PX_ETSI_USE_CASE_ID := 9
ItsRSUsSimulator_Pixits.PX_ETSI_USE_CASE_ID := 6
ItsRSUsSimulator_Pixits.PX_ETSI_USE_CASE_ID := 1
# Indicate which zone to simulate
ItsRSUsSimulator_Pixits.PX_ETSI_ZONE_ID := 1
ItsRSUsSimulator_Pics.PICS_GENERATE_BEACON := false
ItsRSUsSimulator_Pics.PICS_GENERATE_CAM := true
ItsRSUsSimulator_Pics.PICS_GENERATE_DENM := false
ItsRSUsSimulator_Pics.PICS_GENERATE_CAM := false
ItsRSUsSimulator_Pics.PICS_GENERATE_DENM := true
ItsRSUsSimulator_Pics.PICS_GENERATE_IVIM := false
ItsRSUsSimulator_Pics.PICS_GENERATE_MAPEM := false
ItsRSUsSimulator_Pics.PICS_GENERATE_SPATEM := false
......@@ -125,7 +125,7 @@ LogEventTypes:= Yes
# Single GeoNetworking component port
# its_aid=36: CAM
# its_aid=37: DENM
system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EB,latitude=43551050,longitude=10298730,its_aid=36,secured_mode=1,encrypted_mode=0,certificate=CERT_IUT_A_AT,peer_certificate=CERT_TS_A_AT,sec_db_path=/home/vagrant/tmp/asn1c_cert)/ETH(mac_src=080027500f9b)/PCAP(mac_src=080027500f9b,nic=eth2,filter=and ether proto 0x8947)"
system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EB,latitude=43551050,longitude=10298730,its_aid=37,secured_mode=1,encrypted_mode=0,certificate=CERT_IUT_A_AT,peer_certificate=CERT_TS_A_AT,sec_db_path=/home/vagrant/tmp/asn1c_cert)/ETH(mac_src=080027500f9b)/PCAP(mac_src=080027500f9b,nic=eth1,filter=and ether proto 0x8947)"
# Config port based on UDP
system.cfPort.params := "CF(ut=cam)/UDP(dst_ip=192.168.0.4)"
......
etc/AtsSecurity/AtsSecurity.cfg
View file @ 14f7e3ae
......@@ -4,13 +4,21 @@
# The GeoNetworking address of the IUT.
LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := {
typeOfAddress := e_initial,
stationType := e_passengerCar, #e_roadSideUnit,
typeOfAddress := e_initial, # e_manual(1)
stationType := e_unknown, #e_roadSideUnit,
stationCountryCode := 0, #33,
mid := 'BA749705A41D'O
}
mid := '4C5E0C14D2EA'O
} # Simu
#LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := {
# typeOfAddress := e_initial,
# stationType := e_passengerCar, #e_roadSideUnit,
# stationCountryCode := 0, #33,
# mid := 'BA749705A41D'O
#} # Nordsys
LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB
LibItsBtp_Pixits.PX_DESTINATION_PORT := 2001
LibItsBtp_Pixits.PX_DESTINATION_PORT_INFO := 2001
# Enable Security support
LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true
......@@ -100,7 +108,8 @@ LogEventTypes:= Yes
# save_mode : 1 to save sent packet, 0 otherwise
# Single GeoNetworking component port
system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=0,secured_mode=1,its_aid=141,secured_mode=1,certificate=CERT_TS_A_AT,sec_db_path=/home/vagrant/tmp/asn1c_cert)/ETH(mac_src=e2b7b30429eb)/PCAP(mac_src=e2b7b30429eb,nic=tap0,filter=and ether proto 0x8947)" # Nordsys
# its_aid = 36
system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EB,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=0,secured_mode=1,its_aid=36,certificate=CERT_TS_A_AT,sec_db_path=/home/vagrant/tmp/asn1c_cert)/ETH(mac_src=e2b7b30429eb)/PCAP(mac_src=e2b7b30429eb,nic=eth3,filter=and ether proto 0x8947)" # Nordsys
#system.geoNetworkingPort.params := "
# GN(ll_address=4C5E0C14D2EC,latitude=43551050,longitude=10298730,beaconing=0,expiry=1000)/
......@@ -112,8 +121,10 @@ system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EA,latitude=43551050
# CAM UpperTester port based on UDP
#system.camUtPort.params := "UT_CAM(loopback=1)"
system.utPort.params := "UT_CAM/UDP(dst_ip=172.23.0.1,dst_port=8000)" # Nordsys
system.camUtPort.params := "UT_CAM/UDP(dst_ip=172.23.0.1,dst_port=8000)" # Nordsys
#system.utPort.params := "UT_CAM/UDP(dst_ip=172.23.0.1,dst_port=8000)" # Nordsys
#system.camUtPort.params := "UT_CAM/UDP(dst_ip=172.23.0.1,dst_port=8000)" # Nordsys
system.utPort.params := "UT_CAM/UDP(dst_ip=192.168.9.20)" # Simu
system.camUtPort.params := "UT_CAM/UDP(dst_ip=192.168.9.20)" # Simu
[EXECUTE]
#Check that ITS-S sends a Ieee1609Dot2Data containing protocol version set to 3
......@@ -136,7 +147,7 @@ system.camUtPort.params := "UT_CAM/UDP(dst_ip=172.23.0.1,dst_port=8000)" # Nords
# Check that IUT calculate the digest of certificate using proper hash algorithm;
# Check that IUT canonicalize certificates before hash calculation.
ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_05_BV
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_05_BV
# Check that IUT sends the secured CAM containing the signing certificate when over the time of one
# second no other secured CAM contained the certificate was sent.
......@@ -171,7 +182,7 @@ ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_05_BV
# a CAM containing a request for unrecognized certificate that matches with the currently
# used AT certificate ID of the IUT.
# (PICS_SEC_P2P_AT_DISTRIBUTION)
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_12_BV
ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_12_BV
# Check that IUT sends the secured CAM containing the AA certificate in the requestedCertificate
# headerInfo field when it received a CAM containing a request for unrecognized certificate that
......
ttcn/AtsPki/ItsPki_TestCases.ttcn
View file @ 14f7e3ae
......@@ -815,7 +815,7 @@ module ItsPki_TestCases {
log("*** " & testcasename() & ": LOG: Receive ", v_etsi_ts_102941_data, " ***");
log("*** " & testcasename() & ": DEBUG: match ", match(v_etsi_ts_102941_data.content, mw_enrolmentResponse(mw_innerEcResponse_ok(substr(v_request_hash, 0, 16)))), " ***"); // TODO In TITAN, this is the only way to get the unmatching in log
if (match(v_etsi_ts_102941_data.content, mw_enrolmentResponse(mw_innerEcResponse_ok(substr(v_request_hash, 0, 16))))) {
if (f_verify_ec_certificate(v_etsi_ts_102941_data.content.enrolmentResponse.certificate, v_public_compressed_key, v_compressed_mode)) {
if (f_verify_ec_certificate(v_etsi_ts_102941_data.content.enrolmentResponse.certificate, vc_eaCertificate, v_public_compressed_key, v_compressed_mode)) {
log("*** " & testcasename() & ": PASS: Well-secured EA certificate received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
} else {
......@@ -928,11 +928,11 @@ module ItsPki_TestCases {
log("*** " & testcasename() & ": LOG: Receive ", v_etsi_ts_102941_data, " ***");
log("*** " & testcasename() & ": DEBUG: match ", match(v_etsi_ts_102941_data.content, mw_enrolmentResponse(mw_innerEcResponse_ok(substr(v_request_hash, 0, 16)))), " ***"); // TODO In TITAN, this is the only way to get the unmatching in log
if (match(v_etsi_ts_102941_data.content, mw_enrolmentResponse(mw_innerEcResponse_ok(substr(v_request_hash, 0, 16))))) {
if (f_verify_ec_certificate(v_etsi_ts_102941_data.content.enrolmentResponse.certificate, v_public_compressed_key, v_compressed_mode)) {
log("*** " & testcasename() & ": PASS: Well-secured EA certificate received ***");
if (f_verify_ec_certificate(v_etsi_ts_102941_data.content.enrolmentResponse.certificate, vc_eaCertificate, v_public_compressed_key, v_compressed_mode)) {
log("*** " & testcasename() & ": PASS: Well-secured EC certificate received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
} else {
log("*** " & testcasename() & ": FAIL: Cannot verify EA certificate signature ***");
log("*** " & testcasename() & ": FAIL: Cannot verify EC certificate signature ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} else {
......@@ -1040,11 +1040,11 @@ module ItsPki_TestCases {
log("*** " & testcasename() & ": LOG: Receive ", v_etsi_ts_102941_data, " ***");
log("*** " & testcasename() & ": DEBUG: match ", match(v_etsi_ts_102941_data.content, mw_enrolmentResponse(mw_innerEcResponse_ok(substr(v_request_hash, 0, 16)))), " ***"); // TODO In TITAN, this is the only way to get the unmatching in log
if (match(v_etsi_ts_102941_data.content, mw_enrolmentResponse(mw_innerEcResponse_ok(substr(v_request_hash, 0, 16))))) {
if (f_verify_ec_certificate(v_etsi_ts_102941_data.content.enrolmentResponse.certificate, v_public_compressed_key, v_compressed_mode)) {
log("*** " & testcasename() & ": PASS: Well-secured EA certificate received ***");
if (f_verify_ec_certificate(v_etsi_ts_102941_data.content.enrolmentResponse.certificate, vc_eaCertificate, v_public_compressed_key, v_compressed_mode)) {
log("*** " & testcasename() & ": PASS: Well-secured EC certificate received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
} else {
log("*** " & testcasename() & ": FAIL: Cannot verify EA certificate signature ***");
log("*** " & testcasename() & ": FAIL: Cannot verify EC certificate signature ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} else {
......@@ -1366,7 +1366,7 @@ module ItsPki_TestCases {
log("*** " & testcasename() & ": LOG: Receive ", v_etsi_ts_102941_data, " ***");
log("*** " & testcasename() & ": DEBUG: match ", match(v_etsi_ts_102941_data.content, mw_enrolmentResponse(mw_innerEcResponse_ok(substr(v_request_hash, 0, 16), mw_etsiTs103097Certificate(-, mw_toBeSignedCertificate_ec, -)))), " ***"); // TODO In TITAN, this is the only way to get the unmatching in log
if (match(v_etsi_ts_102941_data.content, mw_enrolmentResponse(mw_innerEcResponse_ok(substr(v_request_hash, 0, 16), mw_etsiTs103097Certificate(-, mw_toBeSignedCertificate_ec, -))))) {
if (f_verify_ec_certificate(v_etsi_ts_102941_data.content.enrolmentResponse.certificate, v_public_compressed_key, v_compressed_mode) == true) {
if (f_verify_ec_certificate(v_etsi_ts_102941_data.content.enrolmentResponse.certificate, vc_eaCertificate, v_public_compressed_key, v_compressed_mode) == true) {
log("*** " & testcasename() & ": PASS: Well-secured EC certificate received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
} else {
......@@ -1781,13 +1781,15 @@ module ItsPki_TestCases {
// Preamble
if (f_await_http_inner_ec_request_response(v_private_key_ec, v_public_compressed_key_ec, v_compressed_mode_ec, v_inner_ec_response) == true) {
log("*** " & testcasename() & ": INFO: Enrolment succeed ***");
f_selfOrClientSyncAndVerdictTestBody(c_prDone, e_success);
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
} else {
log("*** " & testcasename() & ": INCONC: Enrolment failed ***");
f_selfOrClientSyncAndVerdictTestBody(c_prDone, e_timeout);
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout);
}
// Test Body
log("*** " & testcasename() & ": DEBUG: v_inner_ec_response= ", v_inner_ec_response);
log("*** " & testcasename() & ": DEBUG: v_private_key_ec= ", v_private_key_ec);
f_http_build_authorization_request(v_inner_ec_response.certificate, v_private_key_ec, v_private_key_at, v_public_compressed_key_at, p_compressed_mode_at, v_private_enc_key_at, v_public_compressed_enc_key_at, v_compressed_enc_mode_at, v_aes_sym_key, v_encrypted_sym_key, v_authentication_vector, v_nonce, v_salt, v_ieee1609dot2_signed_and_encrypted_data, v_request_hash);
f_init_default_headers_list(-, "authorization_request", v_headers);
httpPort.send(
......
ttcn/AtsSecurity/ItsSecurity_Functions.ttcn
View file @ 14f7e3ae
......@@ -37,11 +37,15 @@ module ItsSecurity_Functions {
import from LibItsCam_Functions all;
import from LibItsCam_TestSystem all;
// LibItsBtp
import from LibItsBtp_Templates all;
// LibItsGeoNetworking
import from LibItsGeoNetworking_TestSystem all;
import from LibItsGeoNetworking_Functions all;
import from LibItsGeoNetworking_Templates all;
import from LibItsGeoNetworking_TypesAndValues all;
import from LibItsGeoNetworking_Pixits all;
// LibItsSecurity
import from LibItsSecurity_TypesAndValues all;
......@@ -70,42 +74,60 @@ module ItsSecurity_Functions {
var octetstring v_gnPayload;
var EtsiTs103097Data v_securedMessage := {};
log(">>> f_prepareSecuredCam");
// Build signed Ieee1609Dot2Data
v_gnNonSecuredPacket := valueof(m_geoNwShbPacket(
f_getPosition(c_compNodeC)
));
// Add CAM payload
v_gnNonSecuredPacket.payload := valueof(
valueof(
bit2oct(
encvalue(
m_camReq(
m_camMsg_vehicle_HF_BV(
f_getTsStationId(),
f_getCurrentTime() mod 65536, // See ETSI EN 302 637-2 V1.3.0 - Clause B.3 generationDelatTime
LibItsCam_Templates.m_tsPosition
))))));
f_getPosition(c_compNodeC)
));
// Encode CAM payload
v_gnPayload := valueof(
bit2oct(
encvalue(
m_camReq(
m_camMsg_vehicle_HF_BV(
f_getTsStationId(),
f_getCurrentTime() mod 65536, // See ETSI EN 302 637-2 V1.3.0 - Clause B.3 generationDelatTime
LibItsCam_Templates.m_tsPosition
)))));
// Add BTP/CAM payload
if (PX_GN_UPPER_LAYER == e_btpA) {
v_gnNonSecuredPacket.payload := valueof(
bit2oct(
encvalue(
m_btpA(
v_gnPayload))));
} else {
v_gnNonSecuredPacket.payload := valueof(
bit2oct(
encvalue(
m_btpB(
v_gnPayload))));
}
// Encode it
log("f_prepareSecuredCam: v_gnNonSecuredPacket= ", v_gnNonSecuredPacket);
v_gnPayload := bit2oct(
encvalue(
v_gnNonSecuredPacket
)
);
encvalue(
v_gnNonSecuredPacket
)
);
log("f_prepareSecuredCam: v_gnPayload= ", v_gnPayload);
f_buildGnSecuredCam(
v_securedMessage,
valueof(m_toBeSignedData(
m_signedDataPayload(
m_etsiTs103097Data_unsecured(
v_gnPayload
)),
p_headerInfo
)),
p_signerIdentifier,
p_configId/*,
p_addMissingHeaders*/
);
v_securedMessage,
valueof(m_toBeSignedData(
m_signedDataPayload(
m_etsiTs103097Data_unsecured(
v_gnPayload
)),
p_headerInfo
)),
p_signerIdentifier,
p_configId/*,
p_addMissingHeaders*/
);
// Return secured Gn packet
return valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage));
......@@ -143,20 +165,35 @@ module ItsSecurity_Functions {
// Build signed Ieee1609Dot2Data
v_gnNonSecuredPacket := valueof(m_geoNwShbPacket(
f_getPosition(c_compNodeC)
));
f_getPosition(c_compNodeC)
));
// Add CAM payload
v_gnNonSecuredPacket.payload := valueof(
valueof(
bit2oct(
encvalue(
m_camReq(
m_camMsg_vehicle_HF_BV(
f_getTsStationId(),
f_getCurrentTime() mod 65536, // See ETSI EN 302 637-2 V1.3.0 - Clause B.3 generationDelatTime
LibItsCam_Templates.m_tsPosition
))))));
v_gnPayload := valueof(
valueof(
bit2oct(
encvalue(
m_camReq(
m_camMsg_vehicle_HF_BV(
f_getTsStationId(),
f_getCurrentTime() mod 65536, // See ETSI EN 302 637-2 V1.3.0 - Clause B.3 generationDelatTime
LibItsCam_Templates.m_tsPosition
))))));
// Add BTP/CAM payload
if (PX_GN_UPPER_LAYER == e_btpA) {
v_gnNonSecuredPacket.payload := valueof(
bit2oct(
encvalue(
m_btpA(
v_gnPayload))));
} else {
v_gnNonSecuredPacket.payload := valueof(
bit2oct(
encvalue(
m_btpB(
v_gnPayload))));
}
// Encode it
v_gnPayload := bit2oct(
......@@ -197,7 +234,8 @@ module ItsSecurity_Functions {
// Local variables
var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredCam(p_configId, p_headerInfo, p_issuerIdentifier);
log("f_sendSecuredCam: v_securedGnPdu= ", v_securedGnPdu);
f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)));
return v_securedGnPdu;
......@@ -261,32 +299,46 @@ module ItsSecurity_Functions {
// Build signed Ieee1609Dot2Data
v_gnNonSecuredPacket := valueof(
m_geoNwBroadcastPacket(
v_longPosVectorNodeB,
vc_localSeqNumber,
f_getGeoBroadcastArea(
c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1)
)));
m_geoNwBroadcastPacket(
v_longPosVectorNodeB,
vc_localSeqNumber,
f_getGeoBroadcastArea(
c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1)
)));
// Add the DENM payload
v_gnNonSecuredPacket.payload := valueof(
valueof(
bit2oct(
encvalue(
m_denmReq(
m_denmPdu(
m_denm(
m_denmMgmtCon(
m_tsActionId
),
v_situation,
m_denmLocation_zeroDelta
)))))));
v_gnPayload := valueof(
bit2oct(
encvalue(
m_denmReq(
m_denmPdu(
m_denm(
m_denmMgmtCon(
m_tsActionId
),
v_situation,
m_denmLocation_zeroDelta
))))));
// Add BTP/CAM payload
if (PX_GN_UPPER_LAYER == e_btpA) {
v_gnNonSecuredPacket.payload := valueof(
bit2oct(
encvalue(
m_btpA(
v_gnPayload))));
} else {
v_gnNonSecuredPacket.payload := valueof(
bit2oct(
encvalue(
m_btpB(
v_gnPayload))));
}
// Encode it
v_gnPayload := bit2oct(
encvalue(
v_gnNonSecuredPacket
encvalue(
v_gnNonSecuredPacket
)
);
/*f_buildGnSecuredDenm(
......@@ -345,26 +397,40 @@ module ItsSecurity_Functions {
)));
// Add the DENM payload
v_gnNonSecuredPacket.payload := valueof(
valueof(
bit2oct(
encvalue(
m_denmReq(
m_denmPdu(
m_denm(
m_denmMgmtCon(
m_tsActionId
),
v_situation,
m_denmLocation_zeroDelta
)))))));
v_gnPayload := valueof(
bit2oct(
encvalue(
m_denmReq(
m_denmPdu(
m_denm(
m_denmMgmtCon(
m_tsActionId
),
v_situation,
m_denmLocation_zeroDelta
))))));
// Add BTP/CAM payload
if (PX_GN_UPPER_LAYER == e_btpA) {
v_gnNonSecuredPacket.payload := valueof(
bit2oct(
encvalue(
m_btpA(
v_gnPayload))));
} else {
v_gnNonSecuredPacket.payload := valueof(
bit2oct(
encvalue(
m_btpB(
v_gnPayload))));
}
// Encode it
v_gnPayload := bit2oct(
encvalue(
v_gnNonSecuredPacket
)
);
encvalue(
v_gnNonSecuredPacket
)
);
/*f_buildGnSecuredDenm_Bo(
v_securedMessage,
p_protocolVersion,
......@@ -460,19 +526,19 @@ module ItsSecurity_Functions {
// Build signed Ieee1609Dot2Data
v_gnNonSecuredPacket := valueof(
m_geoNwBroadcastPacket(
v_longPosVectorNodeB,
vc_localSeqNumber,
f_getGeoBroadcastArea(
c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1)
)));
m_geoNwBroadcastPacket(
v_longPosVectorNodeB,
vc_localSeqNumber,
f_getGeoBroadcastArea(
c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1)
)));
// Encode it
v_gnPayload := bit2oct(
encvalue(
v_gnNonSecuredPacket
)
);
encvalue(
v_gnNonSecuredPacket
)
);
/*f_buildGnSecuredOtherMessage(
v_securedMessage,
m_payload_signed(v_gnPayload),
......
ttcn/AtsSecurity/ItsSecurity_TestCases.ttcn
View file @ 14f7e3ae
......@@ -1915,20 +1915,20 @@ module ItsSecurity_TestCases {
// Send secured message with request for the currently used AT certificate
f_sendSecuredCam(
cc_taCert_A,
valueof(
m_headerInfo_cam(
-,
f_computeGnTimestamp(),
-,
{ f_HashedId3FromHashedId8(v_hashedId8) }
)),
valueof(
m_signerIdentifier_digest(
v_hashedId8
)