Skip to content
GitLab
Commit 5534c135 authored by garciay's avatar garciay
Browse files

Add support of AcSecPrimitive for CAM & DENM

parent b0371c51
Hide whitespace changes
Inline Side-by-side
ccsrc/Ports/LibIts_ports/CAM_ports/AdapterControlPort_CAM.partC
View file @ 5534c135
#include <TTCN3.hh>
#include "loggers.hh"
#include "registration.hh"
#include "cam_layer.hh"
//=============================================================================
namespace LibItsCam__TestSystem {
......@@ -63,9 +70,36 @@ void AdapterControlPort::outgoing_send(const LibItsCommon__TypesAndValues::AcGns
}
void AdapterControlPort::outgoing_send(const LibItsCommon__TypesAndValues::AcSecPrimitive& /*send_par*/)
void AdapterControlPort::outgoing_send(const LibItsCommon__TypesAndValues::AcSecPrimitive& send_par)
{
loggers::get_instance().log_msg(">>> AdapterControlPort::outgoing_send: ", send_par);
// Register this object for AdapterControlPort
cam_layer* p = registration<cam_layer>::get_instance().get_item(std::string("CAM"));
if (p != NULL) {
loggers::get_instance().log("AdapterControlPort::outgoing_send: Got GN layer %p", p);
LibItsCommon__TypesAndValues::AdapterControlResults response;
response.acSecResponse() = BOOLEAN(true);
if (send_par.ischosen(LibItsCommon__TypesAndValues::AcSecPrimitive::ALT_acEnableSecurity)) {
loggers::get_instance().log("AdapterControlPort::outgoing_send: Enable secured mode");
std::string str(static_cast<const char*>(send_par.acEnableSecurity().certificateId()));
if (p->enable_secured_mode(str, send_par.acEnableSecurity().enforceSecurity()) == -1) {
response.acSecResponse() = BOOLEAN(false);
}
} else if (send_par.ischosen(LibItsCommon__TypesAndValues::AcSecPrimitive::ALT_acDisableSecurity)) {
loggers::get_instance().log("AdapterControlPort::outgoing_send: Disable secured mode");
if (p->disable_secured_mode() == -1) {
response.acSecResponse() = BOOLEAN(false);
}
} else {
response.acSecResponse() = BOOLEAN(false);
}
// Send response
loggers::get_instance().log_msg("AdapterControlPort::outgoing_send: Send response: ", response);
incoming_message(response);
} else {
loggers::get_instance().error("AdapterControlPort::outgoing_send: %s not registered", "geoNetworkingPort");
}
}
} /* end of namespace */
ccsrc/Ports/LibIts_ports/DENM_ports/AdapterControlPort_DENM.partC
View file @ 5534c135
#include <TTCN3.hh>
#include "loggers.hh"
#include "registration.hh"
#include "denm_layer.hh"
//=============================================================================
namespace LibItsDenm__TestSystem {
......@@ -63,8 +70,35 @@ void AdapterControlPort::outgoing_send(const LibItsCommon__TypesAndValues::AcGns
}
void AdapterControlPort::outgoing_send(const LibItsCommon__TypesAndValues::AcSecPrimitive& /*send_par*/)
{
void AdapterControlPort::outgoing_send(const LibItsCommon__TypesAndValues::AcSecPrimitive& send_par)
{ loggers::get_instance().log_msg(">>> AdapterControlPort::outgoing_send: ", send_par);
// Register this object for AdapterControlPort
denm_layer* p = registration<denm_layer>::get_instance().get_item(std::string("DENM"));
if (p != NULL) {
loggers::get_instance().log("AdapterControlPort::outgoing_send: Got GN layer %p", p);
LibItsCommon__TypesAndValues::AdapterControlResults response;
response.acSecResponse() = BOOLEAN(true);
if (send_par.ischosen(LibItsCommon__TypesAndValues::AcSecPrimitive::ALT_acEnableSecurity)) {
loggers::get_instance().log("AdapterControlPort::outgoing_send: Enable secured mode");
std::string str(static_cast<const char*>(send_par.acEnableSecurity().certificateId()));
if (p->enable_secured_mode(str, send_par.acEnableSecurity().enforceSecurity()) == -1) {
response.acSecResponse() = BOOLEAN(false);
}
} else if (send_par.ischosen(LibItsCommon__TypesAndValues::AcSecPrimitive::ALT_acDisableSecurity)) {
loggers::get_instance().log("AdapterControlPort::outgoing_send: Disable secured mode");
if (p->disable_secured_mode() == -1) {
response.acSecResponse() = BOOLEAN(false);
}
} else {
response.acSecResponse() = BOOLEAN(false);
}
// Send response
loggers::get_instance().log_msg("AdapterControlPort::outgoing_send: Send response: ", response);
incoming_message(response);
} else {
loggers::get_instance().error("AdapterControlPort::outgoing_send: %s not registered", "geoNetworkingPort");
}
}
......
ccsrc/Protocols/CAM/cam_layer.cc
View file @ 5534c135
......@@ -2,6 +2,8 @@
#include "cam_layer_factory.hh"
#include "registration.hh"
#include "loggers.hh"
cam_layer::cam_layer(const std::string & p_type, const std::string & param) : t_layer<LibItsCam__TestSystem::CamPort>(p_type), _params(), _codec() {
......@@ -10,6 +12,10 @@ cam_layer::cam_layer(const std::string & p_type, const std::string & param) : t_
params::convert(_params, param);
_params.insert(std::make_pair<std::string, std::string>("its_aid", "36")); // ETSI TS 102 965 V1.2.1 (2015-06)
_params.insert(std::make_pair<std::string, std::string>("payload_type", "2")); // CA message id - See ETSI TS 102 894
// Register this object for AdapterControlPort
loggers::get_instance().log("cam_layer::cam_layer: Register %s/%p", p_type.c_str(), this);
registration<cam_layer>::get_instance().add_item(p_type, this);
}
void cam_layer::sendMsg(const LibItsCam__TestSystem::CamReq& p, params& params){
......@@ -120,4 +126,16 @@ void cam_layer::receive_data(OCTETSTRING& data, params& params)
to_all_upper_ports(p, params);
}
int cam_layer::enable_secured_mode(const std::string& p_certificate_id, const boolean p_enforce_security) {
loggers::get_instance().log(">>> cam_layer::enable_secured_mode: '%s' - %x", p_certificate_id.c_str(), p_enforce_security);
return 0;
}
int cam_layer::disable_secured_mode() {
loggers::get_instance().log(">>> cam_layer::disable_secured_mode");
return 0;
}
cam_layer_factory cam_layer_factory::_f;
ccsrc/Protocols/CAM/cam_layer.hh
View file @ 5534c135
......@@ -68,5 +68,10 @@ public: //! \publicsection
* \param[in] p_params Some lower layers parameters values when data was received
*/
virtual void receive_data(OCTETSTRING& data, params& info);
int enable_secured_mode(const std::string& p_certificate_id, const boolean p_enforce_security);
int disable_secured_mode();
}; // End of class cam_layer
ccsrc/Protocols/DENM/denm_layer.cc
View file @ 5534c135
......@@ -2,6 +2,8 @@
#include "denm_layer_factory.hh"
#include "registration.hh"
#include "loggers.hh"
denm_layer::denm_layer(const std::string & p_type, const std::string & param) : t_layer<LibItsDenm__TestSystem::DenmPort>(p_type), _params(), _codec() {
......@@ -10,6 +12,10 @@ denm_layer::denm_layer(const std::string & p_type, const std::string & param) :
params::convert(_params, param);
_params.insert(std::make_pair<std::string, std::string>("its_aid", "37")); // ETSI TS 102 965 V1.2.1 (2015-06)
_params.insert(std::make_pair<std::string, std::string>("payload_type", "1")); // DE message id - See ETSI TS 102 894
// Register this object for AdapterControlPort
loggers::get_instance().log("denm_layer::denm_layer: Register %s/%p", p_type.c_str(), this);
registration<denm_layer>::get_instance().add_item(p_type, this);
}
void denm_layer::sendMsg(const LibItsDenm__TestSystem::DenmReq& p, params& params){
......@@ -119,4 +125,16 @@ void denm_layer::receive_data(OCTETSTRING& data, params& params)
to_all_upper_ports(p, params);
}
int denm_layer::enable_secured_mode(const std::string& p_certificate_id, const boolean p_enforce_security) {
loggers::get_instance().log(">>> denm_layer::enable_secured_mode: '%s' - %x", p_certificate_id.c_str(), p_enforce_security);
return 0;
}
int denm_layer::disable_secured_mode() {
loggers::get_instance().log(">>> denm_layer::disable_secured_mode");
return 0;
}
denm_layer_factory denm_layer_factory::_f;
ccsrc/Protocols/DENM/denm_layer.hh
View file @ 5534c135
......@@ -68,5 +68,10 @@ public: //! \publicsection
* \param[in] p_params Some lower layers parameters values when data was received
*/
virtual void receive_data(OCTETSTRING& data, params& info);
int enable_secured_mode(const std::string& p_certificate_id, const boolean p_enforce_security);
int disable_secured_mode();
}; // End of class denm_layer
ttcn/AtsPki/ItsPki_TestCases.ttcn
View file @ 5534c135
......@@ -107,7 +107,6 @@ module ItsPki_TestCases {
}
// Test component configuration
//f_cfUp_itss();
v_itss.start(f_TC_SEC_PKI_ITSS_ENR_BV_01_itss(cc_taCert_A));
v_ea.start(f_TC_SEC_PKI_ITSS_ENR_BV_01_pki(cc_taCert_A));
......@@ -116,7 +115,6 @@ module ItsPki_TestCases {
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
//f_cfDown_itss();
} // End of testcase TC_SEC_PKI_ITSS_ENR_BV_01
......@@ -125,25 +123,15 @@ module ItsPki_TestCases {
function f_TC_SEC_PKI_ITSS_ENR_BV_01_itss(in charstring p_certificate_id) runs on ItsPkiItss /*system ItsPkiItssSystem*/ {
// Local variables
var LongPosVector v_longPosVectorIut;
var GeoNetworkingInd v_response;
var EtsiTs103097Certificate v_initial_certificate;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA
v_longPosVectorIut := f_getPosition(c_compIut);
f_cfUp_itss();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
// Wait for current certificate
tc_ac.start;
alt {
......@@ -246,9 +234,7 @@ module ItsPki_TestCases {
} // End of 'alt' statement
// Postamble
f_acTriggerEvent(m_stopPassBeaconing);
f_poNeighbour();
f_cf01Down();
f_cfDown_itss();
} // End of testcase f_TC_SEC_PKI_ITSS_ENR_BV_01_itss
function f_TC_SEC_PKI_ITSS_ENR_BV_01_pki(in charstring p_certificate_id) runs on ItsPki /*system ItsPkiItssSystem*/ {
......@@ -270,11 +256,6 @@ module ItsPki_TestCases {
log("*** " & testcasename() & ": INFO: InnerEcResponse received ***");
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
}
[] pkiPort.receive { // FIXME Use altstep
tc_ac.stop;
log("*** " & testcasename() & ": INCONC: Unexpected message received ***");
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_prDone, e_timeout);
......@@ -363,11 +344,6 @@ module ItsPki_TestCases {
log("*** " & testcasename() & ": PASS: InnerEcResponse received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] pkiPort.receive { // FIXME Use altstep
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: Unexpected message received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
......@@ -386,10 +362,6 @@ module ItsPki_TestCases {
* the outer signature shall be computed using the canonical private key.
* <pre>
* Pics Selection:
* Initial conditions:
* with {
* the IUT being in the "operational state"
* }
* Expected behaviour:
* ensure that {
* when {
......@@ -411,7 +383,7 @@ module ItsPki_TestCases {
* }
* </pre>
*
* @see ETSI TS ITS-00546v006 TP 20
* @see ETSI TS ITS-00546v006 TP 22
* @reference ETSI TS 102 941, clause 6.2.3.2.2
*/
testcase TC_SEC_PKI_SND_EA_BV_02() runs on ItsPkiHttp system ItsPkiHttpSystem {
......@@ -481,6 +453,116 @@ module ItsPki_TestCases {
}
}
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_cfHttpDown();
} // End of testcase TC_SEC_PKI_SND_EA_BV_02
/**
* @desc The outermost structure is an EtsiTs103097Data-Encrypted structure containing the component recipients
* containing one instance of RecipientInfo of choice pskRecipInfo, which contains the HashedId8 of the
* symmetric key used by the ITS-S to encrypt the EnrolmentRequest message to which the response is
* built and containing the component ciphertext, once decrypted, contains an EtsiTs103097Data-Signed
* structure.
* <pre>
* Pics Selection:
* Expected behaviour:
* ensure that {
* when {
* the IUT sends an EnrolmentResponseMessage as an answer for an EnrolmentRequestMessage
* }
* then {
* the IUT sends an EtsiTs103097Data-Encrypted
* containing an encrypted EtsiTs103097Data-Signed
* containing EtsiTs103097Data
* containing InnerECRequestSignedForPOP
* containing InnerEcRequest
* containing itsId
* indicating the canonical identifier of the ITS-S
* and containing signer
* declared as self
* and containing signature
* computed using the canonical private key
* }
* }
* </pre>
*
* @see ETSI TS ITS-00546v006 TP 24
* @reference ETSI TS 102 941, clause 6.2.3.2.2
*/
testcase TC_SEC_PKI_SND_EA_BV_03() runs on ItsPkiHttp system ItsPkiHttpSystem {
// Local variables
var Oct32 v_private_key;
var Oct32 v_publicKeyX;
var Oct32 v_publicKeyY;
var Oct32 v_publicKeyCompressed;
var integer v_compressedMode;
var Ieee1609Dot2Data v_ieee1609dot2_signed_and_encrypted_data;
var HeaderLines v_headers;
var HttpMessage v_response;
var EtsiTs102941Data v_etsi_ts_102941_data;
// Test control
if (not PICS_IUT_EA_ROLE) {
log("*** " & testcasename() & ": PICS_IUT_EA_ROLE required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cfHttpUp(); // Default value: CERT_TS_A_EA
// Test adapter configuration
// Preamble
f_http_build_enrolment_request(v_private_key, v_publicKeyX, v_publicKeyY, v_publicKeyCompressed, v_compressedMode, v_ieee1609dot2_signed_and_encrypted_data);
f_init_default_headers_list(v_headers);
httpPort.send(
m_http_request(
m_http_request_get(
"/its/inner_ec_request",
v_headers,
m_http_message_body_binary(
m_binary_body_ieee1609dot2_data(
v_ieee1609dot2_signed_and_encrypted_data
)))));
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] httpPort.receive(
mw_http_response(
mw_http_response_ok(
mw_http_message_body_binary(
mw_binary_body_ieee1609dot2_data(
mw_enrolmentResponseMessage(
mw_encryptedData(
-,
mw_SymmetricCiphertext_aes128ccm
))))))) -> value v_response {
tc_ac.stop;
if (f_verify_pki_message(vc_eaPrivateEncKey, vc_eaPeerWholeHash, vc_eaCertificate, v_response.response.body.binary_body.ieee1609dot2_data, false, v_etsi_ts_102941_data) == false) {
log("*** " & testcasename() & ": FAIL: Failed to verify PKI message ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
} else {
log("*** " & testcasename() & ": LOG: Receive ", v_etsi_ts_102941_data, " ***");
if (not(match(v_etsi_ts_102941_data.content, mw_enrolmentResponse))) {
log("*** " & testcasename() & ": FAIL: Unexpected message received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
} else {
log("*** " & testcasename() & ": PASS: InnerEcResponse received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
}
}
[] httpPort.receive( // FIXME Use altstep
mw_http_response(
mw_http_response_ko
......@@ -503,7 +585,7 @@ module ItsPki_TestCases {
// Postamble
f_cfHttpDown();
} // End of testcase TC_SEC_PKI_SND_EA_BV_02
} // End of testcase TC_SEC_PKI_SND_EA_BV_03
} // End of group ea_behavior
......
LibIts @ 919a3f42
Compare b8fe1ca2...919a3f42
Subproject commit b8fe1ca2e826050cb7de7c354e5c15c27e0f68f0
Subproject commit 919a3f4268398c424b892ce4b7bc79f88f3baa3f
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment