Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
ITS - Intelligent Transport Systems
ITS
Commits
5534c135
Commit
5534c135
authored
Oct 19, 2018
by
garciay
Browse files
Add support of AcSecPrimitive for CAM & DENM
parent
b0371c51
Changes
8
Hide whitespace changes
Inline
Side-by-side
ccsrc/Ports/LibIts_ports/CAM_ports/AdapterControlPort_CAM.partC
View file @
5534c135
#include <TTCN3.hh>
#include "loggers.hh"
#include "registration.hh"
#include "cam_layer.hh"
//=============================================================================
namespace LibItsCam__TestSystem {
...
...
@@ -63,9 +70,36 @@ void AdapterControlPort::outgoing_send(const LibItsCommon__TypesAndValues::AcGns
}
void AdapterControlPort::outgoing_send(const LibItsCommon__TypesAndValues::AcSecPrimitive&
/*
send_par
*/
)
void AdapterControlPort::outgoing_send(const LibItsCommon__TypesAndValues::AcSecPrimitive& send_par)
{
loggers::get_instance().log_msg(">>> AdapterControlPort::outgoing_send: ", send_par);
// Register this object for AdapterControlPort
cam_layer* p = registration<cam_layer>::get_instance().get_item(std::string("CAM"));
if (p != NULL) {
loggers::get_instance().log("AdapterControlPort::outgoing_send: Got GN layer %p", p);
LibItsCommon__TypesAndValues::AdapterControlResults response;
response.acSecResponse() = BOOLEAN(true);
if (send_par.ischosen(LibItsCommon__TypesAndValues::AcSecPrimitive::ALT_acEnableSecurity)) {
loggers::get_instance().log("AdapterControlPort::outgoing_send: Enable secured mode");
std::string str(static_cast<const char*>(send_par.acEnableSecurity().certificateId()));
if (p->enable_secured_mode(str, send_par.acEnableSecurity().enforceSecurity()) == -1) {
response.acSecResponse() = BOOLEAN(false);
}
} else if (send_par.ischosen(LibItsCommon__TypesAndValues::AcSecPrimitive::ALT_acDisableSecurity)) {
loggers::get_instance().log("AdapterControlPort::outgoing_send: Disable secured mode");
if (p->disable_secured_mode() == -1) {
response.acSecResponse() = BOOLEAN(false);
}
} else {
response.acSecResponse() = BOOLEAN(false);
}
// Send response
loggers::get_instance().log_msg("AdapterControlPort::outgoing_send: Send response: ", response);
incoming_message(response);
} else {
loggers::get_instance().error("AdapterControlPort::outgoing_send: %s not registered", "geoNetworkingPort");
}
}
} /* end of namespace */
ccsrc/Ports/LibIts_ports/DENM_ports/AdapterControlPort_DENM.partC
View file @
5534c135
#include <TTCN3.hh>
#include "loggers.hh"
#include "registration.hh"
#include "denm_layer.hh"
//=============================================================================
namespace LibItsDenm__TestSystem {
...
...
@@ -63,8 +70,35 @@ void AdapterControlPort::outgoing_send(const LibItsCommon__TypesAndValues::AcGns
}
void AdapterControlPort::outgoing_send(const LibItsCommon__TypesAndValues::AcSecPrimitive& /*send_par*/)
{
void AdapterControlPort::outgoing_send(const LibItsCommon__TypesAndValues::AcSecPrimitive& send_par)
{ loggers::get_instance().log_msg(">>> AdapterControlPort::outgoing_send: ", send_par);
// Register this object for AdapterControlPort
denm_layer* p = registration<denm_layer>::get_instance().get_item(std::string("DENM"));
if (p != NULL) {
loggers::get_instance().log("AdapterControlPort::outgoing_send: Got GN layer %p", p);
LibItsCommon__TypesAndValues::AdapterControlResults response;
response.acSecResponse() = BOOLEAN(true);
if (send_par.ischosen(LibItsCommon__TypesAndValues::AcSecPrimitive::ALT_acEnableSecurity)) {
loggers::get_instance().log("AdapterControlPort::outgoing_send: Enable secured mode");
std::string str(static_cast<const char*>(send_par.acEnableSecurity().certificateId()));
if (p->enable_secured_mode(str, send_par.acEnableSecurity().enforceSecurity()) == -1) {
response.acSecResponse() = BOOLEAN(false);
}
} else if (send_par.ischosen(LibItsCommon__TypesAndValues::AcSecPrimitive::ALT_acDisableSecurity)) {
loggers::get_instance().log("AdapterControlPort::outgoing_send: Disable secured mode");
if (p->disable_secured_mode() == -1) {
response.acSecResponse() = BOOLEAN(false);
}
} else {
response.acSecResponse() = BOOLEAN(false);
}
// Send response
loggers::get_instance().log_msg("AdapterControlPort::outgoing_send: Send response: ", response);
incoming_message(response);
} else {
loggers::get_instance().error("AdapterControlPort::outgoing_send: %s not registered", "geoNetworkingPort");
}
}
...
...
ccsrc/Protocols/CAM/cam_layer.cc
View file @
5534c135
...
...
@@ -2,6 +2,8 @@
#include
"cam_layer_factory.hh"
#include
"registration.hh"
#include
"loggers.hh"
cam_layer
::
cam_layer
(
const
std
::
string
&
p_type
,
const
std
::
string
&
param
)
:
t_layer
<
LibItsCam__TestSystem
::
CamPort
>
(
p_type
),
_params
(),
_codec
()
{
...
...
@@ -10,6 +12,10 @@ cam_layer::cam_layer(const std::string & p_type, const std::string & param) : t_
params
::
convert
(
_params
,
param
);
_params
.
insert
(
std
::
make_pair
<
std
::
string
,
std
::
string
>
(
"its_aid"
,
"36"
));
// ETSI TS 102 965 V1.2.1 (2015-06)
_params
.
insert
(
std
::
make_pair
<
std
::
string
,
std
::
string
>
(
"payload_type"
,
"2"
));
// CA message id - See ETSI TS 102 894
// Register this object for AdapterControlPort
loggers
::
get_instance
().
log
(
"cam_layer::cam_layer: Register %s/%p"
,
p_type
.
c_str
(),
this
);
registration
<
cam_layer
>::
get_instance
().
add_item
(
p_type
,
this
);
}
void
cam_layer
::
sendMsg
(
const
LibItsCam__TestSystem
::
CamReq
&
p
,
params
&
params
){
...
...
@@ -120,4 +126,16 @@ void cam_layer::receive_data(OCTETSTRING& data, params& params)
to_all_upper_ports
(
p
,
params
);
}
int
cam_layer
::
enable_secured_mode
(
const
std
::
string
&
p_certificate_id
,
const
boolean
p_enforce_security
)
{
loggers
::
get_instance
().
log
(
">>> cam_layer::enable_secured_mode: '%s' - %x"
,
p_certificate_id
.
c_str
(),
p_enforce_security
);
return
0
;
}
int
cam_layer
::
disable_secured_mode
()
{
loggers
::
get_instance
().
log
(
">>> cam_layer::disable_secured_mode"
);
return
0
;
}
cam_layer_factory
cam_layer_factory
::
_f
;
ccsrc/Protocols/CAM/cam_layer.hh
View file @
5534c135
...
...
@@ -68,5 +68,10 @@ public: //! \publicsection
* \param[in] p_params Some lower layers parameters values when data was received
*/
virtual
void
receive_data
(
OCTETSTRING
&
data
,
params
&
info
);
int
enable_secured_mode
(
const
std
::
string
&
p_certificate_id
,
const
boolean
p_enforce_security
);
int
disable_secured_mode
();
};
// End of class cam_layer
ccsrc/Protocols/DENM/denm_layer.cc
View file @
5534c135
...
...
@@ -2,6 +2,8 @@
#include
"denm_layer_factory.hh"
#include
"registration.hh"
#include
"loggers.hh"
denm_layer
::
denm_layer
(
const
std
::
string
&
p_type
,
const
std
::
string
&
param
)
:
t_layer
<
LibItsDenm__TestSystem
::
DenmPort
>
(
p_type
),
_params
(),
_codec
()
{
...
...
@@ -10,6 +12,10 @@ denm_layer::denm_layer(const std::string & p_type, const std::string & param) :
params
::
convert
(
_params
,
param
);
_params
.
insert
(
std
::
make_pair
<
std
::
string
,
std
::
string
>
(
"its_aid"
,
"37"
));
// ETSI TS 102 965 V1.2.1 (2015-06)
_params
.
insert
(
std
::
make_pair
<
std
::
string
,
std
::
string
>
(
"payload_type"
,
"1"
));
// DE message id - See ETSI TS 102 894
// Register this object for AdapterControlPort
loggers
::
get_instance
().
log
(
"denm_layer::denm_layer: Register %s/%p"
,
p_type
.
c_str
(),
this
);
registration
<
denm_layer
>::
get_instance
().
add_item
(
p_type
,
this
);
}
void
denm_layer
::
sendMsg
(
const
LibItsDenm__TestSystem
::
DenmReq
&
p
,
params
&
params
){
...
...
@@ -119,4 +125,16 @@ void denm_layer::receive_data(OCTETSTRING& data, params& params)
to_all_upper_ports
(
p
,
params
);
}
int
denm_layer
::
enable_secured_mode
(
const
std
::
string
&
p_certificate_id
,
const
boolean
p_enforce_security
)
{
loggers
::
get_instance
().
log
(
">>> denm_layer::enable_secured_mode: '%s' - %x"
,
p_certificate_id
.
c_str
(),
p_enforce_security
);
return
0
;
}
int
denm_layer
::
disable_secured_mode
()
{
loggers
::
get_instance
().
log
(
">>> denm_layer::disable_secured_mode"
);
return
0
;
}
denm_layer_factory
denm_layer_factory
::
_f
;
ccsrc/Protocols/DENM/denm_layer.hh
View file @
5534c135
...
...
@@ -68,5 +68,10 @@ public: //! \publicsection
* \param[in] p_params Some lower layers parameters values when data was received
*/
virtual
void
receive_data
(
OCTETSTRING
&
data
,
params
&
info
);
int
enable_secured_mode
(
const
std
::
string
&
p_certificate_id
,
const
boolean
p_enforce_security
);
int
disable_secured_mode
();
};
// End of class denm_layer
ttcn/AtsPki/ItsPki_TestCases.ttcn
View file @
5534c135
...
...
@@ -107,7 +107,6 @@ module ItsPki_TestCases {
}
// Test component configuration
//f_cfUp_itss();
v_itss
.
start
(
f_TC_SEC_PKI_ITSS_ENR_BV_01_itss
(
cc_taCert_A
));
v_ea
.
start
(
f_TC_SEC_PKI_ITSS_ENR_BV_01_pki
(
cc_taCert_A
));
...
...
@@ -116,7 +115,6 @@ module ItsPki_TestCases {
f_serverSync2ClientsAndStop
({
c_prDone
,
c_tbDone
,
c_poDone
});
// Cleanup
//f_cfDown_itss();
}
// End of testcase TC_SEC_PKI_ITSS_ENR_BV_01
...
...
@@ -125,25 +123,15 @@ module ItsPki_TestCases {
function
f_TC_SEC_PKI_ITSS_ENR_BV_01_itss
(
in
charstring
p_certificate_id
)
runs
on
ItsPkiItss
/*system ItsPkiItssSystem*/
{
// Local variables
var
LongPosVector
v_longPosVectorIut
;
var
GeoNetworkingInd
v_response
;
var
EtsiTs103097Certificate
v_initial_certificate
;
// Test control
if
(
not
(
PICS_GN_SECURITY
))
{
log
(
"*** "
&
testcasename
()
&
":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"
);
stop
;
}
// Test component configuration
f_cf01Up
();
// Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA
v_longPosVectorIut
:=
f_getPosition
(
c_compIut
);
f_cfUp_itss
();
// Test adapter configuration
// Preamble
f_prNeighbour
();
f_acTriggerEvent
(
m_startPassBeaconing
(
m_beaconHeader
(
v_longPosVectorIut
).
beaconHeader
));
// Authorize the TA to forward the received beacons
// Wait for current certificate
tc_ac
.
start
;
alt
{
...
...
@@ -246,9 +234,7 @@ module ItsPki_TestCases {
}
// End of 'alt' statement
// Postamble
f_acTriggerEvent
(
m_stopPassBeaconing
);
f_poNeighbour
();
f_cf01Down
();
f_cfDown_itss
();
}
// End of testcase f_TC_SEC_PKI_ITSS_ENR_BV_01_itss
function
f_TC_SEC_PKI_ITSS_ENR_BV_01_pki
(
in
charstring
p_certificate_id
)
runs
on
ItsPki
/*system ItsPkiItssSystem*/
{
...
...
@@ -270,11 +256,6 @@ module ItsPki_TestCases {
log
(
"*** "
&
testcasename
()
&
": INFO: InnerEcResponse received ***"
);
f_selfOrClientSyncAndVerdictPreamble
(
c_prDone
,
e_success
);
}
[]
pkiPort
.
receive
{
// FIXME Use altstep
tc_ac
.
stop
;
log
(
"*** "
&
testcasename
()
&
": INCONC: Unexpected message received ***"
);
f_selfOrClientSyncAndVerdictPreamble
(
c_prDone
,
e_timeout
);
}
[]
tc_ac
.
timeout
{
log
(
"*** "
&
testcasename
()
&
": INCONC: Expected message not received ***"
);
f_selfOrClientSyncAndVerdictTestBody
(
c_prDone
,
e_timeout
);
...
...
@@ -363,11 +344,6 @@ module ItsPki_TestCases {
log
(
"*** "
&
testcasename
()
&
": PASS: InnerEcResponse received ***"
);
f_selfOrClientSyncAndVerdictTestBody
(
c_tbDone
,
e_success
);
}
[]
pkiPort
.
receive
{
// FIXME Use altstep
tc_ac
.
stop
;
log
(
"*** "
&
testcasename
()
&
": FAIL: Unexpected message received ***"
);
f_selfOrClientSyncAndVerdictTestBody
(
c_tbDone
,
e_error
);
}
[]
tc_ac
.
timeout
{
log
(
"*** "
&
testcasename
()
&
": INCONC: Expected message not received ***"
);
f_selfOrClientSyncAndVerdictTestBody
(
c_tbDone
,
e_timeout
);
...
...
@@ -386,10 +362,6 @@ module ItsPki_TestCases {
* the outer signature shall be computed using the canonical private key.
* <pre>
* Pics Selection:
* Initial conditions:
* with {
* the IUT being in the "operational state"
* }
* Expected behaviour:
* ensure that {
* when {
...
...
@@ -411,7 +383,7 @@ module ItsPki_TestCases {
* }
* </pre>
*
* @see ETSI TS ITS-00546v006 TP 2
0
* @see ETSI TS ITS-00546v006 TP 2
2
* @reference ETSI TS 102 941, clause 6.2.3.2.2
*/
testcase
TC_SEC_PKI_SND_EA_BV_02
()
runs
on
ItsPkiHttp
system
ItsPkiHttpSystem
{
...
...
@@ -481,6 +453,116 @@ module ItsPki_TestCases {
}
}
}
[]
tc_ac
.
timeout
{
log
(
"*** "
&
testcasename
()
&
": INCONC: Expected message not received ***"
);
f_selfOrClientSyncAndVerdictTestBody
(
c_tbDone
,
e_timeout
);
}
}
// End of 'alt' statement
// Postamble
f_cfHttpDown
();
}
// End of testcase TC_SEC_PKI_SND_EA_BV_02
/**
* @desc The outermost structure is an EtsiTs103097Data-Encrypted structure containing the component recipients
* containing one instance of RecipientInfo of choice pskRecipInfo, which contains the HashedId8 of the
* symmetric key used by the ITS-S to encrypt the EnrolmentRequest message to which the response is
* built and containing the component ciphertext, once decrypted, contains an EtsiTs103097Data-Signed
* structure.
* <pre>
* Pics Selection:
* Expected behaviour:
* ensure that {
* when {
* the IUT sends an EnrolmentResponseMessage as an answer for an EnrolmentRequestMessage
* }
* then {
* the IUT sends an EtsiTs103097Data-Encrypted
* containing an encrypted EtsiTs103097Data-Signed
* containing EtsiTs103097Data
* containing InnerECRequestSignedForPOP
* containing InnerEcRequest
* containing itsId
* indicating the canonical identifier of the ITS-S
* and containing signer
* declared as self
* and containing signature
* computed using the canonical private key
* }
* }
* </pre>
*
* @see ETSI TS ITS-00546v006 TP 24
* @reference ETSI TS 102 941, clause 6.2.3.2.2
*/
testcase
TC_SEC_PKI_SND_EA_BV_03
()
runs
on
ItsPkiHttp
system
ItsPkiHttpSystem
{
// Local variables
var
Oct32
v_private_key
;
var
Oct32
v_publicKeyX
;
var
Oct32
v_publicKeyY
;
var
Oct32
v_publicKeyCompressed
;
var
integer
v_compressedMode
;
var
Ieee1609Dot2Data
v_ieee1609dot2_signed_and_encrypted_data
;
var
HeaderLines
v_headers
;
var
HttpMessage
v_response
;
var
EtsiTs102941Data
v_etsi_ts_102941_data
;
// Test control
if
(
not
PICS_IUT_EA_ROLE
)
{
log
(
"*** "
&
testcasename
()
&
": PICS_IUT_EA_ROLE required for executing the TC ***"
);
setverdict
(
inconc
);
stop
;
}
// Test component configuration
f_cfHttpUp
();
// Default value: CERT_TS_A_EA
// Test adapter configuration
// Preamble
f_http_build_enrolment_request
(
v_private_key
,
v_publicKeyX
,
v_publicKeyY
,
v_publicKeyCompressed
,
v_compressedMode
,
v_ieee1609dot2_signed_and_encrypted_data
);
f_init_default_headers_list
(
v_headers
);
httpPort
.
send
(
m_http_request
(
m_http_request_get
(
"/its/inner_ec_request"
,
v_headers
,
m_http_message_body_binary
(
m_binary_body_ieee1609dot2_data
(
v_ieee1609dot2_signed_and_encrypted_data
)))));
f_selfOrClientSyncAndVerdictPreamble
(
c_prDone
,
e_success
);
// Test Body
tc_ac
.
start
;
alt
{
[]
httpPort
.
receive
(
mw_http_response
(
mw_http_response_ok
(
mw_http_message_body_binary
(
mw_binary_body_ieee1609dot2_data
(
mw_enrolmentResponseMessage
(
mw_encryptedData
(
-
,
mw_SymmetricCiphertext_aes128ccm
)))))))
->
value
v_response
{
tc_ac
.
stop
;
if
(
f_verify_pki_message
(
vc_eaPrivateEncKey
,
vc_eaPeerWholeHash
,
vc_eaCertificate
,
v_response
.
response
.
body
.
binary_body
.
ieee1609dot2_data
,
false
,
v_etsi_ts_102941_data
)
==
false
)
{
log
(
"*** "
&
testcasename
()
&
": FAIL: Failed to verify PKI message ***"
);
f_selfOrClientSyncAndVerdictTestBody
(
c_tbDone
,
e_error
);
}
else
{
log
(
"*** "
&
testcasename
()
&
": LOG: Receive "
,
v_etsi_ts_102941_data
,
" ***"
);
if
(
not
(
match
(
v_etsi_ts_102941_data
.
content
,
mw_enrolmentResponse
)))
{
log
(
"*** "
&
testcasename
()
&
": FAIL: Unexpected message received ***"
);
f_selfOrClientSyncAndVerdictTestBody
(
c_tbDone
,
e_error
);
}
else
{
log
(
"*** "
&
testcasename
()
&
": PASS: InnerEcResponse received ***"
);
f_selfOrClientSyncAndVerdictTestBody
(
c_tbDone
,
e_success
);
}
}
}
[]
httpPort
.
receive
(
// FIXME Use altstep
mw_http_response
(
mw_http_response_ko
...
...
@@ -503,7 +585,7 @@ module ItsPki_TestCases {
// Postamble
f_cfHttpDown
();
}
// End of testcase TC_SEC_PKI_SND_EA_BV_0
2
}
// End of testcase TC_SEC_PKI_SND_EA_BV_0
3
}
// End of group ea_behavior
...
...
LibIts
@
919a3f42
Compare
b8fe1ca2
...
919a3f42
Subproject commit
b8fe1ca2e826050cb7de7c354e5c15c27e0f68f0
Subproject commit
919a3f4268398c424b892ce4b7bc79f88f3baa3f
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment