Commit 3ee46626 authored by Yann Garcia's avatar Yann Garcia
Browse files

Add PKI support to RSU simumlator

parents 493000b8 e0eb25e1
......@@ -37,6 +37,8 @@ The ETSI ITS protocols project builds and tests regularly on the following platf
- Linux (Ubuntu)
Note: The [OpenSSL](https://www.openssl.org) version > 1.x is also required.
### Using Vagrant
Pre-requisites on your host machine:
......
......@@ -8,6 +8,8 @@
#include "converter.hh"
unsigned char commsignia_layer::_fixed_header[12] = { 0x11, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xAA, 0x0D, 0x00, 0x00 };
commsignia_layer::commsignia_layer(const std::string & p_type, const std::string & param) : layer(p_type), _params(), _c2p_recv{0}, _802_11p_hdr{0}, _c2p_llc_hdr{0}, _mac_src(), _eth_type() {
loggers::get_instance().log(">>> commsignia_layer::commsignia_layer: %s, %s", to_string().c_str(), param.c_str());
......@@ -31,12 +33,57 @@ commsignia_layer::commsignia_layer(const std::string & p_type, const std::string
if (it == _params.cend()) {
_params.insert(std::pair<std::string, std::string>(std::string("interface_id"), "1"));
}
it = _params.find(std::string("power_tx"));
if (it == _params.cend()) {
_params.insert(std::pair<std::string, std::string>(std::string("power_tx"), "20")); // 20db
}
it = _params.find(std::string("data_rate"));
if (it == _params.cend()) {
_params.insert(std::pair<std::string, std::string>(std::string("data_rate"), "12")); // 12 * 500Kbps = 6Mbps
}
//_params.log();
}
void commsignia_layer::send_data(OCTETSTRING& data, params& params) {
loggers::get_instance().log_msg(">>> commsignia_layer::send_data: ", data);
OCTETSTRING buffer(12, commsignia_layer::_fixed_header);
buffer += int2oct(std::stoi(_params[params::interface_id]), 4);
loggers::get_instance().log_msg("commsignia_layer::send_data: buffer: ", buffer);
buffer += int2oct(std::stoi(_params[std::string("data_rate")]), 4);
loggers::get_instance().log_msg("commsignia_layer::send_data: buffer: ", buffer);
buffer += int2oct(0x80000000 & std::stoi(_params[std::string("power_tx")]), 4); // Negative number
loggers::get_instance().log_msg("commsignia_layer::send_data: buffer: ", buffer);
buffer += int2oct(7, 1); // MAC user priority
// Destination MAC address
params::const_iterator it = params.find(params::mac_dst); // Find in provided parameters, params
if (it != params.cend()) {
buffer = str2oct(CHARSTRING(it->second.c_str()));
} else {
it = _params.find(params::mac_dst);
if (it != _params.cend()) {
buffer = str2oct(CHARSTRING(it->second.c_str()));
} else {
buffer = str2oct(CHARSTRING(_params[params::mac_bc].c_str()));
}
}
loggers::get_instance().log_msg("commsignia_layer::send_data: buffer: ", buffer);
// Source MAC address
it = params.find(params::mac_src); // Find in provided parameters, params
if (it != params.cend()) {
buffer += str2oct(CHARSTRING(it->second.c_str()));
} else {
buffer += str2oct(CHARSTRING(_params[params::mac_src].c_str()));
}
loggers::get_instance().log_msg("commsignia_layer::send_data: buffer: ", buffer);
buffer += int2oct(0, 2); // Fixed
loggers::get_instance().log_msg("commsignia_layer::send_data: buffer: ", buffer);
buffer += int2oct(data.lengthof(), 2);
loggers::get_instance().log_msg("commsignia_layer::send_data: buffer: ", buffer);
buffer += data;
loggers::get_instance().log_msg("commsignia_layer::send_data: ", buffer);
send_to_all_layers(buffer, params);
}
void commsignia_layer::receive_data(OCTETSTRING& data, params& params) {
......@@ -83,9 +130,9 @@ void commsignia_layer::receive_data(OCTETSTRING& data, params& params) {
l = (const commsignia_layer::c2p_llc_hdr*)(p + sizeof(commsignia_layer::c2p_recv) + sizeof(commsignia_layer::c2p_802_11p_hdr));
length = sizeof(commsignia_layer::c2p_recv) + sizeof(commsignia_layer::c2p_802_11p_hdr) + sizeof(commsignia_layer::c2p_llc_hdr);
}
//loggers::get_instance().log("commsignia_layer::receive_data: dsap=%02x", l->dsap);
//loggers::get_instance().log("commsignia_layer::receive_data: ssap=%02x", l->ssap);
//loggers::get_instance().log("commsignia_layer::receive_data: type=%04x", l->type);
loggers::get_instance().log("commsignia_layer::receive_data: dsap=%02x", l->dsap);
loggers::get_instance().log("commsignia_layer::receive_data: ssap=%02x", l->ssap);
loggers::get_instance().log("commsignia_layer::receive_data: type=%04x", l->type);
// Check ether type
if ((_eth_type[1] == (unsigned char)((l->type & 0xff00) >> 8)) && (_eth_type[0] == (unsigned char)(l->type & 0xff))) { // Warning: Network ordered bytes
// Extract payload
......
......@@ -78,6 +78,9 @@ class commsignia_layer : public layer {
c2p_llc_hdr _c2p_llc_hdr; //! \todo
std::vector<unsigned char> _mac_src; //! Used to optimize filtering on source mac address in \see commsignia_layer::receive_data method
std::vector<unsigned char> _eth_type; //! Used to optimize filtering on ethernet type in \see commsignia_layer::receive_data method
//! Fixed header for packet injection
static unsigned char _fixed_header[12];
public:
//! \publicsection
......
......@@ -213,7 +213,7 @@ int http_codec::encode_request(const LibItsHttp__TypesAndValues::Request& p_requ
if (_ec.is_content_length_present == 0x01) {
loggers::get_instance().log_msg("http_codec::encode_request: Add body ", os);
p_encoding_buffer.put_os(os);
p_encoding_buffer.put_cs("\r\n");
//FIXME For test With GEMALTO, comment to be removed, p_encoding_buffer.put_cs("\r\n");
}
loggers::get_instance().log_to_hexa("<<< http_codec::encode_request: ", p_encoding_buffer);
......@@ -403,16 +403,6 @@ int http_codec::encode_body(const LibItsHttp__MessageBodyTypes::HttpMessageBody&
if (it != _codecs.cend()) {
loggers::get_instance().log("http_codec::encode_body: Call '%s'", it->first.c_str());
_codecs["http_its"]->encode((Record_Type&)binary_body.ieee1609dot2__data(), p_encoding_buffer); // TODO Use params
#if defined(GEMALTO_FIX) // Temporary fix to be removed
// GEMALTO Encode in hex string
CHARSTRING buf = oct2str(p_encoding_buffer);
p_encoding_buffer = OCTETSTRING(buf.lengthof(), (const unsigned char*)(static_cast<const char*>(buf)));
loggers::get_instance().log_msg("http_codec::encode_body: Convert binary to string: ", p_encoding_buffer);
#endif
processed = true;
}
} // TODO Add new HTTP message codec here
......@@ -482,15 +472,6 @@ int http_codec::decode_body(TTCN_Buffer& decoding_buffer, LibItsHttp__MessageBod
OCTETSTRING s(decoding_buffer.get_len() - decoding_buffer.get_pos(), decoding_buffer.get_data() + decoding_buffer.get_pos());
loggers::get_instance().log_msg("http_codec::decode_body: raw body=", s);
#if defined(GEMALTO_FIX) // Temporary fix to be removed
// GEMALTO Encode in hex string
if ((s.lengthof() & 0x00000001) == 0x00000001) {
s = int2oct(0, 1) + s;
}
s = str2oct(CHARSTRING(s.lengthof(), (const char*)(static_cast<const unsigned char*>(s))));
loggers::get_instance().log_msg("http_codec::decode_body: Convert string to binary: ", s);
#endif
// Align the payload length with the specified Content-lenght value
loggers::get_instance().log("http_codec::decode_body: _dc.length=%d - body length=%d", _dc.length, s.lengthof());
OCTETSTRING body;
......
......@@ -33,7 +33,7 @@ udp_layer::udp_layer(const std::string & p_type, const std::string & param) : la
// Initialize the socket
_saddr.sin_family = AF_INET;
_saddr.sin_addr.s_addr = htonl(INADDR_ANY);
loggers::get_instance().log("udp_layer::udp_layer: Port tolisten=%d", std::atoi(_params["src_port"].c_str()));
loggers::get_instance().log("udp_layer::udp_layer: Port to listen=%d", std::atoi(_params["src_port"].c_str()));
_saddr.sin_port = htons(std::atoi(_params["src_port"].c_str()));
// Create socket
_fd = ::socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
......
......@@ -13,7 +13,7 @@ class TTCN_EncDec;
int uppertester_pki_codec::encode (const Record_Type& msg, OCTETSTRING& data)
{
loggers::get_instance().log_msg(">>> uppertester_pki_codec::encode: ", (const Record_Type&)msg);
loggers::get_instance().log_msg(">>> uppertester_pki_codec::encode (1): ", (const Record_Type&)msg);
TTCN_EncDec::clear_error();
TTCN_Buffer encoding_buffer;
......@@ -32,7 +32,7 @@ int uppertester_pki_codec::encode (const Record_Type& msg, OCTETSTRING& data)
int uppertester_pki_codec::encode (const LibItsPki__TypesAndValues::UtPkiTrigger& msg, OCTETSTRING& data)
{
loggers::get_instance().log_msg(">>> uppertester_pki_codec::encode: ", (const Record_Type&)msg);
loggers::get_instance().log_msg(">>> uppertester_pki_codec::encode (2): ", (const Record_Type&)msg);
TTCN_EncDec::clear_error();
TTCN_Buffer encoding_buffer;
......@@ -40,11 +40,12 @@ int uppertester_pki_codec::encode (const LibItsPki__TypesAndValues::UtPkiTrigger
const LibItsPki__TypesAndValues::UtPkiTrigger &u = static_cast<const LibItsPki__TypesAndValues::UtPkiTrigger &>(msg);
if (u.ischosen(LibItsPki__TypesAndValues::UtPkiTrigger::ALT_triggerEnrolmentRequest)) {
encoding_buffer.put_c(static_cast<const unsigned char>(uppertester_pki_codec::c_utPkiTriggerEnrolmentRequest));
encoding_buffer.put_c(static_cast<const unsigned char>(u.triggerEnrolmentRequest().cannonicalId().lengthof())); // Length of the string
/*encoding_buffer.put_c(static_cast<const unsigned char>(u.triggerEnrolmentRequest().cannonicalId().lengthof())); // Length of the string
encoding_buffer.put_string(u.triggerEnrolmentRequest().cannonicalId());
encoding_buffer.put_os(u.triggerEnrolmentRequest().encAlgorithm()); // One byte
encoding_buffer.put_os(u.triggerEnrolmentRequest().privateKey()); // 32 bytes
encoding_buffer.put_os(u.triggerEnrolmentRequest().compressedPublickey()); //33 bytes
*/
} else { // Error
data = OCTETSTRING(0, nullptr);
loggers::get_instance().warning("<<< uppertester_pki_codec::encode: Failed to encode UT message");
......@@ -80,6 +81,10 @@ int uppertester_pki_codec::encode_ (const Base_Type& type, const TTCN_Typedescri
} else {
std::string s(field_descriptor.name);
loggers::get_instance().log("uppertester_pki_codec::encode_: field to process %s", s.c_str());
loggers::get_instance().log("uppertester_pki_codec::encode_ (else): processing type %s/%s", type.get_descriptor()->name, field_descriptor.name);
type.encode(field_descriptor, encoding_buffer, TTCN_EncDec::CT_RAW);
/*if (
(s.rfind(".shape") != string::npos) ||
(s.rfind(".relevanceDistance") != string::npos) ||
......@@ -173,15 +178,13 @@ std::unique_ptr<Base_Type> uppertester_pki_codec::decode (const OCTETSTRING& dat
std::unique_ptr<Base_Type> result;
/*const unsigned char* ptr = static_cast<const unsigned char*>(data);
if (*ptr != uppertester_pki_codec::c_utPkiEventInd) {
LibItsPki__TypesAndValues::UtPkiResults res;
if (decode(data, res, params) == 0) {
result.reset((Base_Type *)res.clone());
} else {
result.reset(nullptr);
}
}*/
const unsigned char* ptr = static_cast<const unsigned char*>(data);
LibItsPki__TypesAndValues::UtPkiResults res;
if (decode(data, res, params) == 0) {
result.reset((Base_Type *)res.clone());
} else {
result.reset(nullptr);
}
return result;
}
......
......@@ -33,8 +33,8 @@ class uppertester_pki_codec: public codec <
public:
const unsigned char c_utPkiInitialize = 0x00;
const unsigned char c_utPkiInitializeResult = 0x01;
const unsigned char c_utPkiTriggerEnrolmentRequest = 0x01;
const unsigned char c_utPkiTriggerResult = 0x11;
const unsigned char c_utPkiTriggerEnrolmentRequest = 0xBB;
const unsigned char c_utPkiTriggerResult = 0xBC;
private:
int encode_ (const Base_Type& type, const TTCN_Typedescriptor_t& field_descriptor, TTCN_Buffer& encoding_buffer);
......
[MODULE_PARAMETERS]
# This section shall contain the values of all parameters that are defined in your TTCN-3 modules.
# The GeoNetworking address of the IUT.
LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := { typeOfAddress := e_manual,
stationType := e_passengerCar,
stationCountryCode := 0,
mid := '000000000001'O
# typeOfAddress := e_initial,
# stationType := e_unknown, #e_roadSideUnit,
# stationCountryCode := 0, #33,
# mid := '4C5E0C14D2EA'O
}
LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB
LibItsGeoNetworking_Pixits.PX_NEIGHBOUR_DISCOVERY_DELAY := 2.0
LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request"
# Gemalto
#LibItsHttp_Pics.PICS_HEADER_HOST := "etsi.ea.msi-dev.acloud.gemalto.com"
#LibItsPki_Pics.PICS_HTTP_POST_URI := "/"
# httpbin.org
LibItsHttp_Pics.PICS_HEADER_HOST := "httpbin.org"
LibItsPki_Pics.PICS_HTTP_POST_URI := "/its"
LibItsSecurity_Pics.PICS_SEC_FIXED_KEYS := true # Seed
# Enable Security support
LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true
# Root path to access certificate stored in files, identified by certficate ID
LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp"
# Configuration sub-directory to access certificate stored in files
LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert"
LibItsPki_Pics.PICS_IUT_COMBINED_EA_AA_ROLE := true
[LOGGING]
# In this section you can specify the name of the log file and the classes of events
# you want to log into the file or display on console (standard error).
LogFile := "../logs/%e.%h-%r.%s"
FileMask := LOG_ALL | USER | DEBUG | MATCHING
ConsoleMask := LOG_ALL | USER | DEBUG | MATCHING
#FileMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP
#ConsoleMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP
LogSourceInfo := Stack
LogEntityName:= Yes
LogEventTypes:= Yes
#TimeStampFormat := DateTime
[TESTPORT_PARAMETERS]
# In this section you can specify parameters that are passed to Test Ports.
# CAM Layer
# next_header : btpA|btpB (overwrite BTP.type)
# header_type : tsb|gbc
# header_sub_type : sh (single hop)
# DENM Layer
# next_header : btpA|btpB (overwrite BTP.type)
# header_type : tsb|gbc
# BTP Layer
# type : btpA|btpB
# destination port: dst_port
# source port : src_port
# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU
# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU
# GN Layer
# ll_address : GeoNetworking address of the Test System
# latitude : latitude of the Test System
# longitude : longitude of the Test System
# beaconing : Set to 1 if GnLayer shall start beaconing
# Beaconing timer expiry: expiry (ms)
# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU
# secured_mode : Set to 1 if message exchanges shall be signed
# encrypted_mode : Set to 1 if message exchanges shall be encrypted
# NOTE: For signed & encrypted message exchanges, both secured_mode and encrypted_mode shall be set to 1
# sec_db_path : Path to the certificates and keys storage location
# hash : Hash algorithm to be used when secured mode is set
# Authorized values are SHA-256 or SHA-384
# Default: SHA-256
# signature : Signature algorithm to be used when secured mode is set
# Authorized values are NISTP-256, NISTP-384, BP-256 and BP-384
# Default: NISTP-256
# cypher : Cyphering algorithm to be used when secured mode is set
# Authorized values are NISTP-256, BP-256 and BP-384
# Default: NISTP-256
# Pki layer
# certificate : Certificate to be used by the Test System for signature and encryption. Default: CERT_TS_A_AT
# peer_certificate : Certificate to be used by the IUT for signature and encryption. Default: CERT_IUT_A_AT
# Ethernet layer
# mac_src :Source MAC address
# mac_bc :Broadcast address
# eth_type : Ethernet type
# Commsignia layer
# mac_src : Device MAC address, used to discard packets
# To indicate no filering, use the value 000000000000
# mac_bc : Broadcast address
# eth_type : Ethernet type, used to discard packets
# target_host : Device address
# target_port : Device port
# source_port : Test System port
# interface_id: Interface id, used to discard packets
# tx_power : TX power (dB)
# UDP layer (IP/UDP based on Pcap)
# dst_ip : destination IPv4 address (aa.bb.cc.dd)
# dst_port: destination port
# src_ip : source IPv4 address (aa.bb.cc.dd)
# src_port: source port
# Pcap layer
# mac_src : Source MAC address, used to exclude from capture the acket sent by the Test System
# filter : Pcap filter (compliant with tcpdump syntax)
# Online mode:
# nic: Local NIC
# If set, online mode is used
# Offline mode (nic is present but not set):
# file : File to read
# frame_offset: Frame offset, used to skip packets with frame number < frame_offset
# time_offset : Time offset, used to skip packets with time offset < time_offset
# save_mode : 1 to save sent packet, 0 otherwise
# Single GeoNetworking component port
system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730)/ETH(mac_src=080027500f9b)/PCAP(mac_src=080027500f9b,nic=eth2)"
system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=75.75.74.66,port=8000,use_ssl=0)" # httpbin.org
#system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=52.85.200.75,port=80,use_ssl=0)" # Gemalto
#system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=etsi.ea.msi-dev.acloud.gemalto.com,port=80,use_ssl=0)" # Gemalto
# GeoNetworking UpperTester port based on UDP
system.utPort.params := "UT_PKI/UDP(dst_ip=172.23.0.1,dst_port=8000)"
[EXECUTE]
#ItsPki_TestCases.TC_SEC_PKI_ITSS_ENR_BV_01
#ItsPki_TestCases.TC_SEC_PKI_ITSS_ENR_BV_02
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_01
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_02
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_03
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_04
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_05
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_06
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_07
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_08
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_09
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_10
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_11
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_12
ItsPki_TestCases.TC_SEC_PKI_SND_EA_AA_BV_01
#ItsPki_TestCases.TC_SEC_PKI_SND_AA_BV_01
[MAIN_CONTROLLER]
# The options herein control the behavior of MC.
KillTimer := 10.0
LocalAddress := 127.0.0.1
TCPPort := 12000
NumHCs := 1
[MODULE_PARAMETERS]
# This section shall contain the values of all parameters that are defined in your TTCN-3 modules.
# The GeoNetworking address of the IUT.
LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := {
typeOfAddress := e_manual,
stationType := e_passengerCar,
stationCountryCode := 0,
mid := '000000000001'O
# typeOfAddress := e_initial,
# stationType := e_unknown, #e_roadSideUnit,
# stationCountryCode := 0, #33,
# mid := '4C5E0C14D2EA'O
}
LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB
LibItsGeoNetworking_Pixits.PX_NEIGHBOUR_DISCOVERY_DELAY := 2.0
# Enable Security support
LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true
# Root path to access certificate stored in files, identified by certficate ID
LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp"
# Configuration sub-directory to access certificate stored in files
LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert"
LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request"
LibItsPki_Pics.PICS_MULTIPLE_END_POINT := true
LibItsPki_Pics.PICS_HEADER_HOST_EC := "etsi.enrolment.ea.msi-dev.acloud.gemalto.com"
LibItsPki_Pics.PICS_HEADER_HOST_ATV := "etsi.authvalidation.ea.msi-dev.acloud.gemalto.com"
LibItsPki_Pics.PICS_HEADER_HOST_AT := "etsi.authorizationa.a.msi-dev.acloud.gemalto.com"
LibItsPki_Pics.PICS_HTTP_POST_URI_EC := "/";
LibItsPki_Pics.PICS_HTTP_POST_URI_AT := "/";
LibItsPki_Pics.PICS_HTTP_POST_URI_ATV := "/";
LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY := '5C25F97607DFC62972A147FAD8B7A7C939569F0F95ECD4C641724A68B51836E5'O
LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '020144E5174B0AFDA86BDB8B643B68D40030F5BDB9A9F090C64852CC3C20C9D5AD'O
LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '1B4CA1210123AE900BBE6C3EBAE7E87DA20DBDAB1E7B2EC0691C51C1021900AA'O
LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "CERT_GEMALTO_EA"
LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_GEMALTO_AA"
[LOGGING]
# In this section you can specify the name of the log file and the classes of events
# you want to log into the file or display on console (standard error).
LogFile := "../logs/%e.%h-%r.%s"
FileMask := LOG_ALL | USER | DEBUG | MATCHING
ConsoleMask := LOG_ALL | USER | DEBUG | MATCHING
#FileMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP
#ConsoleMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP
LogSourceInfo := Stack
LogEntityName:= Yes
LogEventTypes:= Yes
#TimeStampFormat := DateTime
[TESTPORT_PARAMETERS]
# Single GeoNetworkingPort component port
system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730)/ETH(mac_src=080027500f9b)/PCAP(mac_src=080027500f9b,nic=eth2)"
# Single HTTP component port
system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=etsi.enrolment.ea.msi-dev.acloud.gemalto.com,port=80,use_ssl=0)"
system.httpEcPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=etsi.enrolment.ea.msi-dev.acloud.gemalto.com,port=80,use_ssl=0)"
system.httpAtVPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=etsi.authvalidation.ea.msi-dev.acloud.gemalto.com,port=80,use_ssl=0)"
system.httpAtPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=etsi.authorization.aa.msi-dev.acloud.gemalto.com,port=80,use_ssl=0)"
# GeoNetworking UpperTester port based on UDP
system.utPort.params := "UT_PKI/UDP(dst_ip=172.23.0.1,dst_port=8000)"
[EXECUTE]
#ItsPki_TestCases.TC_SECPKI_ITSS_ENR_01_BV
#ItsPki_TestCases.TC_SECPKI_ITSS_ENR_02_BV
# The EnrolmentResponse message shall be sent by the EA to the ITS-S across the interface at reference point S3 in response to a received EnrolmentRequest message
#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV
# Check that EA doesn't accept Enrolment rekeying request when enrolment is not permitted by signing certificate
#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_02_BI
# The EnrolmentResponse message shall be encrypted using an ETSI TS 103 097 approved algorithm and the encryption shall be done with the same AES key as the one used by the ITS-S requestor for the encryption of the EnrolmentRequest message.
#ItsPki_TestCases.TC_SECPKI_EA_ENR_01_BV
# The EnrolmentResponse message shall be encrypted using an ETSI TS 103 097 approved algorithm and the encryption shall be done with the same AES key as the one used by the ITS-S requestor for the encryption of the EnrolmentRequest message
#ItsPki_TestCases.TC_SECPKI_EA_ENR_02_BV
# The outermost structure is an EtsiTs103097Data-Encrypted structure containing the component recipients containing one instance of RecipientInfo of choice pskRecipInfo, which contains the HashedId8 of the symmetric key used by the ITS-S to encrypt the EnrolmentRequest message to which the response is built and containing the component ciphertext, once decrypted, contains an EtsiTs103097Data-Signed structure
#ItsPki_TestCases.TC_SECPKI_EA_ENR_03_BV
# Within the headerInfo of the tbsData, the psid shall be set to secured certificate request� as assigned in ETSI TS 102 965 and the generationTime shall be present.
#ItsPki_TestCases.TC_SECPKI_EA_ENR_04_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_05_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_06_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_07_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_01_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_08_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_09_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_10_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_11_BV
ItsPki_TestCases.TC_SECPKI_SND_EA_AA_BV_01
#ItsPki_TestCases.TC_SEC_PKI_SND_AA_BV_01
[MAIN_CONTROLLER]
# The options herein control the behavior of MC.
KillTimer := 10.0
LocalAddress := 127.0.0.1
TCPPort := 12000
NumHCs := 1
[MODULE_PARAMETERS]
# This section shall contain the values of all parameters that are defined in your TTCN-3 modules.
# The GeoNetworking address of the IUT.
LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := { typeOfAddress := e_manual,
stationType := e_passengerCar,
stationCountryCode := 0,
mid := '000000000001'O
# typeOfAddress := e_initial,
# stationType := e_unknown, #e_roadSideUnit,
# stationCountryCode := 0, #33,
# mid := '4C5E0C14D2EA'O
}
LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB
LibItsGeoNetworking_Pixits.PX_NEIGHBOUR_DISCOVERY_DELAY := 2.0
LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request"
LibItsHttp_Pics.PICS_HEADER_HOST := "etsi.ea.msi-dev.acloud.gemalto.com"
LibItsPki_Pics.PICS_HTTP_POST_URI := "/"
LibItsPki_Pics.PICS_HTTP_POST_URI := "/its"
#LibItsSecurity_Pics.PICS_SEC_FIXED_KEYS := true # Seed
# Enable Security support
LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true
# Root path to access certificate stored in files, identified by certficate ID
......@@ -30,11 +8,18 @@ LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp"
# Configuration sub-directory to access certificate stored in files
LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert"
LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY := '5C25F97607DFC62972A147FAD8B7A7C939569F0F95ECD4C641724A68B51836E5'O
LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '020144E5174B0AFDA86BDB8B643B68D40030F5BDB9A9F090C64852CC3C20C9D5AD'O
LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '1B4CA1210123AE900BBE6C3EBAE7E87DA20DBDAB1E7B2EC0691C51C1021900AA'O
LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "CERT_ATOS_EA"
LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_ATOS_AA"
LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request"
LibItsHttp_Pics.PICS_HEADER_HOST := "horus-pki.com"
LibItsPki_Pics.PICS_HTTP_POST_URI_EC := "/enrol"
LibItsPki_Pics.PICS_HTTP_POST_URI_AT := "/authorize"
LibItsPki_Pics.PICS_HTTP_POST_URI_ATV := "/validate"
LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY := '5C25F97607DFC62972A147FAD8B7A7C939569F0F95ECD4C641724A68B51836E5'O
LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '020144E5174B0AFDA86BDB8B643B68D40030F5BDB9A9F090C64852CC3C20C9D5AD'O
LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '1B4CA1210123AE900BBE6C3EBAE7E87DA20DBDAB1E7B2EC0691C51C1021900AA'O
LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "CERT_ATOS_EA"
LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_ATOS_AA"
[LOGGING]
# In this section you can specify the name of the log file and the classes of events
......@@ -51,95 +36,31 @@ LogEventTypes:= Yes
#TimeStampFormat := DateTime
[TESTPORT_PARAMETERS]
# In this section you can specify parameters that are passed to Test Ports.
# CAM Layer
# next_header : btpA|btpB (overwrite BTP.type)
# header_type : tsb|gbc
# header_sub_type : sh (single hop)
# DENM Layer
# next_header : btpA|btpB (overwrite BTP.type)
# header_type : tsb|gbc
# BTP Layer
# type : btpA|btpB
# destination port: dst_port
# source port : src_port
# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU
# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU
# GN Layer
# ll_address : GeoNetworking address of the Test System
# latitude : latitude of the Test System
# longitude : longitude of the Test System
# beaconing : Set to 1 if GnLayer shall start beaconing
# Beaconing timer expiry: expiry (ms)
# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU
# secured_mode : Set to 1 if message exchanges shall be signed
# encrypted_mode : Set to 1 if message exchanges shall be encrypted
# NOTE: For signed & encrypted message exchanges, both secured_mode and encrypted_mode shall be set to 1
# sec_db_path : Path to the certificates and keys storage location
# hash : Hash algorithm to be used when secured mode is set
# Authorized values are SHA-256 or SHA-384
# Default: SHA-256
# signature : Signature algorithm to be used when secured mode is set
# Authorized values are NISTP-256, NISTP-384, BP-256 and BP-384
# Default: NISTP-256
# cypher : Cyphering algorithm to be used when secured mode is set
# Authorized values are NISTP-256, BP-256 and BP-384
# Default: NISTP-256
# Pki layer
# certificate : Certificate to be used by the Test System for signature and encryption. Default: CERT_TS_A_AT
# peer_certificate : Certificate to be used by the IUT for signature and encryption. Default: CERT_IUT_A_AT
# Ethernet layer
# mac_src :Source MAC address
# mac_bc :Broadcast address
# eth_type : Ethernet type
# Commsignia layer
# mac_src : Device MAC address, used to discard packets
# To indicate no filering, use the value 000000000000
# mac_bc : Broadcast address
# eth_type : Ethernet type, used to discard packets
# target_host : Device address
# target_port : Device port
# source_port : Test System port
# interface_id: Interface id, used to discard packets
# tx_power : TX power (dB)
# UDP layer (IP/UDP based on Pcap)
# dst_ip : destination IPv4 address (aa.bb.cc.dd)
# dst_port: destination port
# src_ip : source IPv4 address (aa.bb.cc.dd)
# src_port: source port
# Pcap layer
# mac_src : Source MAC address, used to exclude from capture the acket sent by the Test System
# filter : Pcap filter (compliant with tcpdump syntax)
# Online mode:
# nic: Local NIC
# If set, online mode is used
# Offline mode (nic is present but not set):
# file : File to read
# frame_offset: Frame offset, used to skip packets with frame number < frame_offset
# time_offset : Time offset, used to skip packets with time offset < time_offset
# save_mode : 1 to save sent packet, 0 otherwise
# Single GeoNetworking component port
system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=etsi.ea.msi-dev.acloud.gemalto.com,port=80,use_ssl=0)"
# Single HTTP component port
system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=horus-pki.com,port=80,use_ssl=0)"