Skip to content
GitLab
Commit 7fe37cfe authored by Yann Garcia's avatar Yann Garcia
Browse files

Validating ERRATA changes

parent 214bddfe
Hide whitespace changes
Inline Side-by-side
etc/AtsPki/AtsPki.cfg
View file @ 7fe37cfe
[MODULE_PARAMETERS]
# This section shall contain the values of all parameters that are defined in your TTCN-3 modules.
# The GeoNetworking address of the IUT.
LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := { typeOfAddress := e_manual,
stationType := e_passengerCar,
stationCountryCode := 0,
mid := '000000000001'O
# typeOfAddress := e_initial,
# stationType := e_unknown, #e_roadSideUnit,
# stationCountryCode := 0, #33,
# mid := '4C5E0C14D2EA'O
}
LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB
LibItsGeoNetworking_Pixits.PX_NEIGHBOUR_DISCOVERY_DELAY := 2.0
LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request"
# Gemalto
#LibItsHttp_Pics.PICS_HEADER_HOST := "etsi.ea.msi-dev.acloud.gemalto.com"
#LibItsPki_Pics.PICS_HTTP_POST_URI := "/"
# httpbin.org
LibItsHttp_Pics.PICS_HEADER_HOST := "httpbin.org"
LibItsPki_Pics.PICS_HTTP_POST_URI := "/its"
LibItsSecurity_Pics.PICS_SEC_FIXED_KEYS := true # Seed
# Enable Security support
LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true
# Root path to access certificate stored in files, identified by certficate ID
LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp"
# Configuration sub-directory to access certificate stored in files
LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert"
LibItsPki_Pics.PICS_IUT_COMBINED_EA_AA_ROLE := true
[LOGGING]
# In this section you can specify the name of the log file and the classes of events
# you want to log into the file or display on console (standard error).
LogFile := "../logs/%e.%h-%r.%s"
FileMask := LOG_ALL | USER | DEBUG | MATCHING
ConsoleMask := LOG_ALL | USER | DEBUG | MATCHING
#FileMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP
#ConsoleMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP
LogSourceInfo := Stack
LogEntityName:= Yes
LogEventTypes:= Yes
#TimeStampFormat := DateTime
[TESTPORT_PARAMETERS]
# In this section you can specify parameters that are passed to Test Ports.
# CAM Layer
# next_header : btpA|btpB (overwrite BTP.type)
# header_type : tsb|gbc
# header_sub_type : sh (single hop)
# DENM Layer
# next_header : btpA|btpB (overwrite BTP.type)
# header_type : tsb|gbc
# BTP Layer
# type : btpA|btpB
# destination port: dst_port
# source port : src_port
# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU
# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU
# GN Layer
# ll_address : GeoNetworking address of the Test System
# latitude : latitude of the Test System
# longitude : longitude of the Test System
# beaconing : Set to 1 if GnLayer shall start beaconing
# Beaconing timer expiry: expiry (ms)
# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU
# secured_mode : Set to 1 if message exchanges shall be signed
# encrypted_mode : Set to 1 if message exchanges shall be encrypted
# NOTE: For signed & encrypted message exchanges, both secured_mode and encrypted_mode shall be set to 1
# sec_db_path : Path to the certificates and keys storage location
# hash : Hash algorithm to be used when secured mode is set
# Authorized values are SHA-256 or SHA-384
# Default: SHA-256
# signature : Signature algorithm to be used when secured mode is set
# Authorized values are NISTP-256, NISTP-384, BP-256 and BP-384
# Default: NISTP-256
# cypher : Cyphering algorithm to be used when secured mode is set
# Authorized values are NISTP-256, BP-256 and BP-384
# Default: NISTP-256
# Pki layer
# certificate : Certificate to be used by the Test System for signature and encryption. Default: CERT_TS_A_AT
# peer_certificate : Certificate to be used by the IUT for signature and encryption. Default: CERT_IUT_A_AT
# Ethernet layer
# mac_src :Source MAC address
# mac_bc :Broadcast address
# eth_type : Ethernet type
# Commsignia layer
# mac_src : Device MAC address, used to discard packets
# To indicate no filering, use the value 000000000000
# mac_bc : Broadcast address
# eth_type : Ethernet type, used to discard packets
# target_host : Device address
# target_port : Device port
# source_port : Test System port
# interface_id: Interface id, used to discard packets
# tx_power : TX power (dB)
# UDP layer (IP/UDP based on Pcap)
# dst_ip : destination IPv4 address (aa.bb.cc.dd)
# dst_port: destination port
# src_ip : source IPv4 address (aa.bb.cc.dd)
# src_port: source port
# Pcap layer
# mac_src : Source MAC address, used to exclude from capture the acket sent by the Test System
# filter : Pcap filter (compliant with tcpdump syntax)
# Online mode:
# nic: Local NIC
# If set, online mode is used
# Offline mode (nic is present but not set):
# file : File to read
# frame_offset: Frame offset, used to skip packets with frame number < frame_offset
# time_offset : Time offset, used to skip packets with time offset < time_offset
# save_mode : 1 to save sent packet, 0 otherwise
# Single GeoNetworking component port
system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730)/ETH(mac_src=080027500f9b)/PCAP(mac_src=080027500f9b,nic=eth2)"
system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=75.75.74.66,port=8000,use_ssl=0)" # httpbin.org
#system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=52.85.200.75,port=80,use_ssl=0)" # Gemalto
#system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=etsi.ea.msi-dev.acloud.gemalto.com,port=80,use_ssl=0)" # Gemalto
# GeoNetworking UpperTester port based on UDP
system.utPort.params := "UT_PKI/UDP(dst_ip=172.23.0.1,dst_port=8000)"
[EXECUTE]
#ItsPki_TestCases.TC_SEC_PKI_ITSS_ENR_BV_01
#ItsPki_TestCases.TC_SEC_PKI_ITSS_ENR_BV_02
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_01
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_02
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_03
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_04
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_05
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_06
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_07
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_08
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_09
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_10
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_11
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_12
ItsPki_TestCases.TC_SEC_PKI_SND_EA_AA_BV_01
#ItsPki_TestCases.TC_SEC_PKI_SND_AA_BV_01
[MAIN_CONTROLLER]
# The options herein control the behavior of MC.
KillTimer := 10.0
LocalAddress := 127.0.0.1
TCPPort := 12000
NumHCs := 1
[MODULE_PARAMETERS]
# This section shall contain the values of all parameters that are defined in your TTCN-3 modules.
# The GeoNetworking address of the IUT.
LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := {
typeOfAddress := e_manual,
stationType := e_passengerCar,
stationCountryCode := 0,
mid := '000000000001'O
# typeOfAddress := e_initial,
# stationType := e_unknown, #e_roadSideUnit,
# stationCountryCode := 0, #33,
# mid := '4C5E0C14D2EA'O
}
LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB
LibItsGeoNetworking_Pixits.PX_NEIGHBOUR_DISCOVERY_DELAY := 2.0
# Enable Security support
LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true
# Root path to access certificate stored in files, identified by certficate ID
LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp"
# Configuration sub-directory to access certificate stored in files
LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert"
LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request"
LibItsPki_Pics.PICS_MULTIPLE_END_POINT := true
LibItsPki_Pics.PICS_HEADER_HOST_EC := "etsi.enrolment.ea.msi-dev.acloud.gemalto.com"
LibItsPki_Pics.PICS_HEADER_HOST_ATV := "etsi.authvalidation.ea.msi-dev.acloud.gemalto.com"
LibItsPki_Pics.PICS_HEADER_HOST_AT := "etsi.authorizationa.a.msi-dev.acloud.gemalto.com"
LibItsPki_Pics.PICS_HTTP_POST_URI_EC := "/";
LibItsPki_Pics.PICS_HTTP_POST_URI_AT := "/";
LibItsPki_Pics.PICS_HTTP_POST_URI_ATV := "/";
LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY := '5C25F97607DFC62972A147FAD8B7A7C939569F0F95ECD4C641724A68B51836E5'O
LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '020144E5174B0AFDA86BDB8B643B68D40030F5BDB9A9F090C64852CC3C20C9D5AD'O
LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '1B4CA1210123AE900BBE6C3EBAE7E87DA20DBDAB1E7B2EC0691C51C1021900AA'O
LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "CERT_GEMALTO_EA"
LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_GEMALTO_AA"
[LOGGING]
# In this section you can specify the name of the log file and the classes of events
# you want to log into the file or display on console (standard error).
LogFile := "../logs/%e.%h-%r.%s"
FileMask := LOG_ALL | USER | DEBUG | MATCHING
ConsoleMask := LOG_ALL | USER | DEBUG | MATCHING
#FileMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP
#ConsoleMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP
LogSourceInfo := Stack
LogEntityName:= Yes
LogEventTypes:= Yes
#TimeStampFormat := DateTime
[TESTPORT_PARAMETERS]
# Single GeoNetworkingPort component port
system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730)/ETH(mac_src=080027500f9b)/PCAP(mac_src=080027500f9b,nic=eth2)"
# Single HTTP component port
system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=etsi.enrolment.ea.msi-dev.acloud.gemalto.com,port=80,use_ssl=0)"
system.httpEcPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=etsi.enrolment.ea.msi-dev.acloud.gemalto.com,port=80,use_ssl=0)"
system.httpAtVPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=etsi.authvalidation.ea.msi-dev.acloud.gemalto.com,port=80,use_ssl=0)"
system.httpAtPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=etsi.authorization.aa.msi-dev.acloud.gemalto.com,port=80,use_ssl=0)"
# GeoNetworking UpperTester port based on UDP
system.utPort.params := "UT_PKI/UDP(dst_ip=172.23.0.1,dst_port=8000)"
[EXECUTE]
#ItsPki_TestCases.TC_SECPKI_ITSS_ENR_01_BV
#ItsPki_TestCases.TC_SECPKI_ITSS_ENR_02_BV
# The EnrolmentResponse message shall be sent by the EA to the ITS-S across the interface at reference point S3 in response to a received EnrolmentRequest message
#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV
# Check that EA doesn't accept Enrolment rekeying request when enrolment is not permitted by signing certificate
#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_02_BI
# The EnrolmentResponse message shall be encrypted using an ETSI TS 103 097 approved algorithm and the encryption shall be done with the same AES key as the one used by the ITS-S requestor for the encryption of the EnrolmentRequest message.
#ItsPki_TestCases.TC_SECPKI_EA_ENR_01_BV
# The EnrolmentResponse message shall be encrypted using an ETSI TS 103 097 approved algorithm and the encryption shall be done with the same AES key as the one used by the ITS-S requestor for the encryption of the EnrolmentRequest message
#ItsPki_TestCases.TC_SECPKI_EA_ENR_02_BV
# The outermost structure is an EtsiTs103097Data-Encrypted structure containing the component recipients containing one instance of RecipientInfo of choice pskRecipInfo, which contains the HashedId8 of the symmetric key used by the ITS-S to encrypt the EnrolmentRequest message to which the response is built and containing the component ciphertext, once decrypted, contains an EtsiTs103097Data-Signed structure
#ItsPki_TestCases.TC_SECPKI_EA_ENR_03_BV
# Within the headerInfo of the tbsData, the psid shall be set to secured certificate request� as assigned in ETSI TS 102 965 and the generationTime shall be present.
#ItsPki_TestCases.TC_SECPKI_EA_ENR_04_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_05_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_06_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_07_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_01_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_08_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_09_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_10_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_11_BV
ItsPki_TestCases.TC_SECPKI_SND_EA_AA_BV_01
#ItsPki_TestCases.TC_SEC_PKI_SND_AA_BV_01
[MAIN_CONTROLLER]
# The options herein control the behavior of MC.
KillTimer := 10.0
LocalAddress := 127.0.0.1
TCPPort := 12000
NumHCs := 1
etc/AtsPki/AtsPki_Atos.cfg_
View file @ 7fe37cfe
......@@ -15,14 +15,6 @@ LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := {
LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB
LibItsGeoNetworking_Pixits.PX_NEIGHBOUR_DISCOVERY_DELAY := 2.0
LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request"
LibItsHttp_Pics.PICS_HEADER_HOST := "etsi.ea.msi-dev.acloud.gemalto.com"
LibItsPki_Pics.PICS_HTTP_POST_URI := "/"
LibItsPki_Pics.PICS_HTTP_POST_URI := "/its"
#LibItsSecurity_Pics.PICS_SEC_FIXED_KEYS := true # Seed
# Enable Security support
LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true
# Root path to access certificate stored in files, identified by certficate ID
......@@ -30,11 +22,17 @@ LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp"
# Configuration sub-directory to access certificate stored in files
LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert"
LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY := '5C25F97607DFC62972A147FAD8B7A7C939569F0F95ECD4C641724A68B51836E5'O
LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '020144E5174B0AFDA86BDB8B643B68D40030F5BDB9A9F090C64852CC3C20C9D5AD'O
LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '1B4CA1210123AE900BBE6C3EBAE7E87DA20DBDAB1E7B2EC0691C51C1021900AA'O
LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "CERT_ATOS_EA"
LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_ATOS_AA"
LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request"
LibItsHttp_Pics.PICS_HEADER_HOST := "horus-pki.com"
LibItsPki_Pics.PICS_HTTP_POST_URI_EC := "/enrol"
LibItsPki_Pics.PICS_HTTP_POST_URI_AT := "/authorize"
LibItsPki_Pics.PICS_HTTP_POST_URI_ATV := "/validate"
LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY := '5C25F97607DFC62972A147FAD8B7A7C939569F0F95ECD4C641724A68B51836E5'O
LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '020144E5174B0AFDA86BDB8B643B68D40030F5BDB9A9F090C64852CC3C20C9D5AD'O
LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '1B4CA1210123AE900BBE6C3EBAE7E87DA20DBDAB1E7B2EC0691C51C1021900AA'O
LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "CERT_ATOS_EA"
LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_ATOS_AA"
[LOGGING]
# In this section you can specify the name of the log file and the classes of events
......@@ -120,26 +118,35 @@ LogEventTypes:= Yes
# save_mode : 1 to save sent packet, 0 otherwise
# Single GeoNetworking component port
system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=etsi.ea.msi-dev.acloud.gemalto.com,port=80,use_ssl=0)"
system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730)/ETH(mac_src=080027500f9b)/PCAP(mac_src=080027500f9b,nic=eth2)"
# Single HTTP component port
system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=horus-pki.com,port=80,use_ssl=0)"
# GeoNetworking UpperTester port based on UDP
system.utPort.params := "UT_PKI/UDP(dst_ip=172.23.0.1,dst_port=8000)"
[EXECUTE]
#ItsPki_TestCases.TC_SEC_PKI_ITSS_ENR_BV_01
#ItsPki_TestCases.TC_SEC_PKI_ITSS_ENR_BV_02
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_01
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_02
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_03
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_04
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_05
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_06
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_07
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_08
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_09
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_10
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_11
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_12
#ItsPki_TestCases.TC_SECPKI_ITSS_ENR_01_BV
#ItsPki_TestCases.TC_SECPKI_ITSS_ENR_02_BV
# The EnrolmentResponse message shall be sent by the EA to the ITS-S across the interface at reference point S3 in response to a received EnrolmentRequest message
ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV
# Check that EA doesn't accept Enrolment rekeying request when enrolment is not permitted by signing certificate
#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_02_BI
# The EnrolmentResponse message shall be encrypted using an ETSI TS 103 097 approved algorithm and the encryption shall be done with the same AES key as the one used by the ITS-S requestor for the encryption of the EnrolmentRequest message.
#ItsPki_TestCases.TC_SECPKI_EA_ENR_01_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_02_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_03_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_04_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_05_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_06_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_07_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_01_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_08_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_09_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_10_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_11_BV
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_AA_BV_01
#ItsPki_TestCases.TC_SEC_PKI_SND_AA_BV_01
......
etc/AtsPki/AtsPki_Escrypt.cfg_
View file @ 7fe37cfe
......@@ -15,11 +15,6 @@ LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := {
LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB
LibItsGeoNetworking_Pixits.PX_NEIGHBOUR_DISCOVERY_DELAY := 2.0
LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request"
LibItsHttp_Pics.PICS_HEADER_HOST := "test.bsi.v2x-pilot.escrypt.com"
LibItsPki_Pics.PICS_HTTP_POST_URI := "/ea/enrolment"
# Enable Security support
LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true
# Root path to access certificate stored in files, identified by certficate ID
......@@ -27,14 +22,20 @@ LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp"
# Configuration sub-directory to access certificate stored in files
LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert"
LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY := '5C25F97607DFC62972A147FAD8B7A7C939569F0F95ECD4C641724A68B51836E5'O
LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '020144E5174B0AFDA86BDB8B643B68D40030F5BDB9A9F090C64852CC3C20C9D5AD'O
LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '45545349504C55470000000000000000'O
LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "CERT_ESCRYPT_EA"
LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_ESCRYPT_AA"
LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request"
LibItsHttp_Pics.PICS_HEADER_HOST := "test.bsi.v2x-pilot.escrypt.com"
LibItsPki_Pics.PICS_HTTP_POST_URI_EC := "/ea/enrolment"
LibItsPki_Pics.PICS_HTTP_POST_URI_AT := "/aa/authorize"
LibItsPki_Pics.PICS_HTTP_POST_URI_ATV := "/aa/authorize"
LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY := '5C25F97607DFC62972A147FAD8B7A7C939569F0F95ECD4C641724A68B51836E5'O
LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '020144E5174B0AFDA86BDB8B643B68D40030F5BDB9A9F090C64852CC3C20C9D5AD'O
LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '45545349504C55470000000000000000'O
LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "CERT_ESCRYPT_EA"
LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_ESCRYPT_AA"
LibItsPki_Pixits.PX_VE_ALG := e_brainpool_p256_r1
LibItsPki_Pixits.PX_EC_ALG := e_brainpool_p256_r1
LibItsPki_Pixits.PX_VE_ALG := e_brainpool_p256_r1
LibItsPki_Pixits.PX_EC_ALG := e_brainpool_p256_r1
[LOGGING]
# In this section you can specify the name of the log file and the classes of events
......@@ -119,7 +120,9 @@ LogEventTypes:= Yes
# time_offset : Time offset, used to skip packets with time offset < time_offset
# save_mode : 1 to save sent packet, 0 otherwise
# Single GeoNetworking component port
# Single GeoNetworkingPort component port
system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730)/ETH(mac_src=080027500f9b)/PCAP(mac_src=080027500f9b,nic=eth2)"
# Single HTTP component port
system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=test.bsi.v2x-pilot.escrypt.com,use_ssl=0)"
# PKI UpperTester port based on UDP
......
etc/TestCodec/TestCodec.cfg
View file @ 7fe37cfe
......@@ -286,6 +286,8 @@ system.pkiPort.params := "PKI/HTTP(device_mode=1,uri=/its/inner_ec_request,host=
# Security tests
# Security Functions
#TestCodec_SecuredFuntions.tc_sha256_1
#TestCodec_SecuredFuntions.tc_sha256_2
TestCodec_SecuredFuntions.tc_sha256_3
#TestCodec_SecuredFuntions.tc_sha384_1
#TestCodec_SecuredFuntions.tc_f_generate_key_pair_1
#TestCodec_SecuredFuntions.tc_f_generate_key_pair_2
......@@ -332,7 +334,7 @@ system.pkiPort.params := "PKI/HTTP(device_mode=1,uri=/its/inner_ec_request,host=
#TestCodec_SecuredFuntions.tc_read_certificate_1
#TestCodec_SecuredFuntions.tc_read_certificate_2
#TestCodec_SecuredFuntions.tc_read_certificate_digest
TestCodec_SecuredFuntions.tc_read_certificate_hashed_id3
#TestCodec_SecuredFuntions.tc_read_certificate_hashed_id3
#TestCodec_SecuredFuntions.tc_read_certificate_hash
# Encryption
#TestCodec_SignedAndEncryptedMessages.tc_test_hmac_sha256_test1
......
scripts/update_its_project.bash
View file @ 7fe37cfe
......@@ -173,6 +173,7 @@ do
fi
cp ${TTCN_3_ORG_PATH}/$i/*.ttcn ${TTCN_3_DST_PATH}/$i/ttcn
cp ${TTCN_3_ORG_PATH}/../etc/$i/*.cfg ${TTCN_3_DST_PATH}/$i/etc
cp ${TTCN_3_ORG_PATH}/../etc/$i/*.cfg_ ${TTCN_3_DST_PATH}/$i/etc
cp ${TTCN_3_ORG_PATH}/../docs/$i/o2.cfg ${TTCN_3_DST_PATH}/$i/docs
done
......
ttcn/AtsPki/ItsPki_TestCases.ttcn
View file @ 7fe37cfe
......@@ -176,7 +176,7 @@ module ItsPki_TestCases {
// Test Body
tc_ac.start;
alt {
[] httpPort.receive(
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive(
mw_http_response(
mw_http_response_ok(
mw_http_message_body_binary(
......@@ -329,7 +329,7 @@ module ItsPki_TestCases {
// Test Body
tc_ac.start;
alt {
[] httpPort.receive(
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive(
mw_http_response(
mw_http_response_ok(
mw_http_message_body_binary(
......@@ -483,7 +483,7 @@ module ItsPki_TestCases {
// Test Body
tc_ac.start;
alt {
[] httpPort.receive(
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive(
mw_http_response(
mw_http_response_ok(
mw_http_message_body_binary(
......@@ -711,7 +711,7 @@ module ItsPki_TestCases {
// Test Body
tc_ac.start;
alt {
[] httpPort.receive(
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive(
mw_http_response(
mw_http_response_ok(
mw_http_message_body_binary(
......@@ -857,7 +857,7 @@ module ItsPki_TestCases {
// Test Body
tc_ac.start;
alt {
[] httpPort.receive(
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive(
mw_http_response(
mw_http_response_ok(
mw_http_message_body_binary(
......@@ -1009,7 +1009,7 @@ module ItsPki_TestCases {
// Test Body
tc_ac.start;
alt {
[] httpPort.receive(
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive(
mw_http_response(
mw_http_response_ok(
mw_http_message_body_binary(
......@@ -1161,7 +1161,7 @@ module ItsPki_TestCases {
// Test Body
tc_ac.start;
alt {
[] httpPort.receive(
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive(
mw_http_response(
mw_http_response_ok(
mw_http_message_body_binary(
......@@ -1315,7 +1315,7 @@ module ItsPki_TestCases {
// Test Body
tc_ac.start;
alt {
[] httpPort.receive(
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive(
mw_http_response(
mw_http_response_ok(
mw_http_message_body_binary(
......@@ -1467,7 +1467,7 @@ module ItsPki_TestCases {
// Test Body
tc_ac.start;
alt {
[] httpPort.receive(
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive(
mw_http_response(
mw_http_response_ok(
mw_http_message_body_binary(
......@@ -1620,7 +1620,7 @@ module ItsPki_TestCases {
// Test Body
tc_ac.start;
alt {
[] httpPort.receive(
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive(
mw_http_response(
mw_http_response_ok(
mw_http_message_body_binary(
......@@ -1781,7 +1781,7 @@ module ItsPki_TestCases {
group ea_behavior {
group enrolment_request_handling {
/**
* @desc The EnrolmentResponse message shall be sent by the EA to the ITS-S across the interface at
* reference point S3 in response to a received EnrolmentRequest message.
......@@ -1839,29 +1839,30 @@ module ItsPki_TestCases {
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
httpPort.send(
m_http_request(
m_http_request_post(
PICS_HTTP_POST_URI,
v_headers,
m_http_message_body_binary(
m_binary_body_ieee1609dot2_data(
v_ieee1609dot2_signed_and_encrypted_data
)))));
f_http_send(
v_headers,
m_http_request(
m_http_request_post(
PICS_HTTP_POST_URI_EC,
v_headers,
m_http_message_body_binary(
m_binary_body_ieee1609dot2_data(
v_ieee1609dot2_signed_and_encrypted_data
)))));
tc_ac.start;
alt {
[] httpPort.receive(
mw_http_response(
mw_http_response_ok(
mw_http_message_body_binary(
mw_binary_body_ieee1609dot2_data(
mw_enrolmentResponseMessage(
mw_encryptedData(
-,
mw_SymmetricCiphertext_aes128ccm
))))))) -> value v_response {
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive(
mw_http_response(
mw_http_response_ok(
mw_http_message_body_binary(
mw_binary_body_ieee1609dot2_data(
mw_enrolmentResponseMessage(
mw_encryptedData(
-,
mw_SymmetricCiphertext_aes128ccm
))))))) -> value v_response {
tc_ac.stop;
if (f_verify_pki_message(v_private_key, v_aes_sym_key, v_authentication_vector, vc_eaWholeHash, vc_eaCertificate, v_response.response.body.binary_body.ieee1609dot2_data, false, v_etsi_ts_102941_data) == false) {
log("*** " & testcasename() & ": FAIL: Failed to verify PKI message ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
......@@ -1870,14 +1871,25 @@ module ItsPki_TestCases {
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
}
[] httpPort.receive(
mw_http_response(
mw_http_response_ko
)) {
[PICS_MULTIPLE_END_POINT] httpEcPort.receive(
mw_http_response(
mw_http_response_ok(
mw_http_message_body_binary(
mw_binary_body_ieee1609dot2_data(
mw_enrolmentResponseMessage(
mw_encryptedData(
-,
mw_SymmetricCiphertext_aes128ccm
))))))) -> value v_response {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: Unexpected message received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
if (f_verify_pki_message(v_private_key, v_aes_sym_key, v_authentication_vector, vc_eaWholeHash, vc_eaCertificate, v_response.response.body.binary_body.ieee1609dot2_data, false, v_etsi_ts_102941_data) == false) {
log("*** " & testcasename() & ": FAIL: Failed to verify PKI message ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
} else {
log("*** " & testcasename() & ": PASS: InnerEcResponse received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
......@@ -1891,7 +1903,7 @@ module ItsPki_TestCases {
} // End of testcase TC_SECPKI_EA_ENR_RCV_01_BV
/**
* @desc Check that EA doesn’t accept Enrolment rekeying request when enrolment is not permitted
* @desc Check that EA doesn't accept Enrolment rekeying request when enrolment is not permitted
* by signing certificate.
* <pre>
* Pics Selection: PICS_IUT_EA_ROLE
......@@ -1970,7 +1982,7 @@ module ItsPki_TestCases {
httpPort.send(
m_http_request(
m_http_request_post(
PICS_HTTP_POST_URI,
PICS_HTTP_POST_URI_EC,
v_headers,
m_http_message_body_binary(
m_binary_body_ieee1609dot2_data(
......@@ -1978,7 +1990,7 @@ module ItsPki_TestCases {
)))));
tc_ac.start;
alt {
[] httpPort.receive(
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive(
mw_http_response(
mw_http_response_ok(
mw_http_message_body_binary(
......@@ -1998,7 +2010,7 @@ module ItsPki_TestCases {
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
}
[] httpPort.receive(
[not(PICS_MULTIPLE_END_POINT)] httpPort.receive(