Skip to content
GitLab
Commit 7fe37cfe authored by Yann Garcia's avatar Yann Garcia
Browse files

Validating ERRATA changes

parent 214bddfe
Show whitespace changes
Inline Side-by-side
etc/AtsPki/AtsPki.cfg
View file @ 7fe37cfe
[MODULE_PARAMETERS] [MODULE_PARAMETERS]
# This section shall contain the values of all parameters that are defined in your TTCN-3 modules. # This section shall contain the values of all parameters that are defined in your TTCN-3 modules.
# The GeoNetworking address of the IUT. # The GeoNetworking address of the IUT.
LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := { typeOfAddress := e_manual, LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := {
typeOfAddress := e_manual,
stationType := e_passengerCar, stationType := e_passengerCar,
stationCountryCode := 0, stationCountryCode := 0,
mid := '000000000001'O mid := '000000000001'O
...@@ -17,17 +16,6 @@ LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := { ...@@ -17,17 +16,6 @@ LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := {
LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB
LibItsGeoNetworking_Pixits.PX_NEIGHBOUR_DISCOVERY_DELAY := 2.0 LibItsGeoNetworking_Pixits.PX_NEIGHBOUR_DISCOVERY_DELAY := 2.0
LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request"
# Gemalto
#LibItsHttp_Pics.PICS_HEADER_HOST := "etsi.ea.msi-dev.acloud.gemalto.com"
#LibItsPki_Pics.PICS_HTTP_POST_URI := "/"
# httpbin.org
LibItsHttp_Pics.PICS_HEADER_HOST := "httpbin.org"
LibItsPki_Pics.PICS_HTTP_POST_URI := "/its"
LibItsSecurity_Pics.PICS_SEC_FIXED_KEYS := true # Seed
# Enable Security support # Enable Security support
LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true
# Root path to access certificate stored in files, identified by certficate ID # Root path to access certificate stored in files, identified by certficate ID
...@@ -35,7 +23,22 @@ LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp" ...@@ -35,7 +23,22 @@ LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp"
# Configuration sub-directory to access certificate stored in files # Configuration sub-directory to access certificate stored in files
LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert" LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert"
LibItsPki_Pics.PICS_IUT_COMBINED_EA_AA_ROLE := true LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request"
LibItsPki_Pics.PICS_MULTIPLE_END_POINT := true
LibItsPki_Pics.PICS_HEADER_HOST_EC := "etsi.enrolment.ea.msi-dev.acloud.gemalto.com"
LibItsPki_Pics.PICS_HEADER_HOST_ATV := "etsi.authvalidation.ea.msi-dev.acloud.gemalto.com"
LibItsPki_Pics.PICS_HEADER_HOST_AT := "etsi.authorizationa.a.msi-dev.acloud.gemalto.com"
LibItsPki_Pics.PICS_HTTP_POST_URI_EC := "/";
LibItsPki_Pics.PICS_HTTP_POST_URI_AT := "/";
LibItsPki_Pics.PICS_HTTP_POST_URI_ATV := "/";
LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY := '5C25F97607DFC62972A147FAD8B7A7C939569F0F95ECD4C641724A68B51836E5'O
LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '020144E5174B0AFDA86BDB8B643B68D40030F5BDB9A9F090C64852CC3C20C9D5AD'O
LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '1B4CA1210123AE900BBE6C3EBAE7E87DA20DBDAB1E7B2EC0691C51C1021900AA'O
LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "CERT_GEMALTO_EA"
LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_GEMALTO_AA"
[LOGGING] [LOGGING]
# In this section you can specify the name of the log file and the classes of events # In this section you can specify the name of the log file and the classes of events
...@@ -52,99 +55,43 @@ LogEventTypes:= Yes ...@@ -52,99 +55,43 @@ LogEventTypes:= Yes
#TimeStampFormat := DateTime #TimeStampFormat := DateTime
[TESTPORT_PARAMETERS] [TESTPORT_PARAMETERS]
# In this section you can specify parameters that are passed to Test Ports. # Single GeoNetworkingPort component port
# CAM Layer
# next_header : btpA|btpB (overwrite BTP.type)
# header_type : tsb|gbc
# header_sub_type : sh (single hop)
# DENM Layer
# next_header : btpA|btpB (overwrite BTP.type)
# header_type : tsb|gbc
# BTP Layer
# type : btpA|btpB
# destination port: dst_port
# source port : src_port
# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU
# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU
# GN Layer
# ll_address : GeoNetworking address of the Test System
# latitude : latitude of the Test System
# longitude : longitude of the Test System
# beaconing : Set to 1 if GnLayer shall start beaconing
# Beaconing timer expiry: expiry (ms)
# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU
# secured_mode : Set to 1 if message exchanges shall be signed
# encrypted_mode : Set to 1 if message exchanges shall be encrypted
# NOTE: For signed & encrypted message exchanges, both secured_mode and encrypted_mode shall be set to 1
# sec_db_path : Path to the certificates and keys storage location
# hash : Hash algorithm to be used when secured mode is set
# Authorized values are SHA-256 or SHA-384
# Default: SHA-256
# signature : Signature algorithm to be used when secured mode is set
# Authorized values are NISTP-256, NISTP-384, BP-256 and BP-384
# Default: NISTP-256
# cypher : Cyphering algorithm to be used when secured mode is set
# Authorized values are NISTP-256, BP-256 and BP-384
# Default: NISTP-256
# Pki layer
# certificate : Certificate to be used by the Test System for signature and encryption. Default: CERT_TS_A_AT
# peer_certificate : Certificate to be used by the IUT for signature and encryption. Default: CERT_IUT_A_AT
# Ethernet layer
# mac_src :Source MAC address
# mac_bc :Broadcast address
# eth_type : Ethernet type
# Commsignia layer
# mac_src : Device MAC address, used to discard packets
# To indicate no filering, use the value 000000000000
# mac_bc : Broadcast address
# eth_type : Ethernet type, used to discard packets
# target_host : Device address
# target_port : Device port
# source_port : Test System port
# interface_id: Interface id, used to discard packets
# tx_power : TX power (dB)
# UDP layer (IP/UDP based on Pcap)
# dst_ip : destination IPv4 address (aa.bb.cc.dd)
# dst_port: destination port
# src_ip : source IPv4 address (aa.bb.cc.dd)
# src_port: source port
# Pcap layer
# mac_src : Source MAC address, used to exclude from capture the acket sent by the Test System
# filter : Pcap filter (compliant with tcpdump syntax)
# Online mode:
# nic: Local NIC
# If set, online mode is used
# Offline mode (nic is present but not set):
# file : File to read
# frame_offset: Frame offset, used to skip packets with frame number < frame_offset
# time_offset : Time offset, used to skip packets with time offset < time_offset
# save_mode : 1 to save sent packet, 0 otherwise
# Single GeoNetworking component port
system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730)/ETH(mac_src=080027500f9b)/PCAP(mac_src=080027500f9b,nic=eth2)" system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730)/ETH(mac_src=080027500f9b)/PCAP(mac_src=080027500f9b,nic=eth2)"
system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=75.75.74.66,port=8000,use_ssl=0)" # httpbin.org # Single HTTP component port
#system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=52.85.200.75,port=80,use_ssl=0)" # Gemalto system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=etsi.enrolment.ea.msi-dev.acloud.gemalto.com,port=80,use_ssl=0)"
#system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=etsi.ea.msi-dev.acloud.gemalto.com,port=80,use_ssl=0)" # Gemalto system.httpEcPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=etsi.enrolment.ea.msi-dev.acloud.gemalto.com,port=80,use_ssl=0)"
system.httpAtVPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=etsi.authvalidation.ea.msi-dev.acloud.gemalto.com,port=80,use_ssl=0)"
system.httpAtPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=etsi.authorization.aa.msi-dev.acloud.gemalto.com,port=80,use_ssl=0)"
# GeoNetworking UpperTester port based on UDP # GeoNetworking UpperTester port based on UDP
system.utPort.params := "UT_PKI/UDP(dst_ip=172.23.0.1,dst_port=8000)" system.utPort.params := "UT_PKI/UDP(dst_ip=172.23.0.1,dst_port=8000)"
[EXECUTE] [EXECUTE]
#ItsPki_TestCases.TC_SEC_PKI_ITSS_ENR_BV_01 #ItsPki_TestCases.TC_SECPKI_ITSS_ENR_01_BV
#ItsPki_TestCases.TC_SEC_PKI_ITSS_ENR_BV_02 #ItsPki_TestCases.TC_SECPKI_ITSS_ENR_02_BV
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_01
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_02 # The EnrolmentResponse message shall be sent by the EA to the ITS-S across the interface at reference point S3 in response to a received EnrolmentRequest message
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_03 #ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_04 # Check that EA doesn't accept Enrolment rekeying request when enrolment is not permitted by signing certificate
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_05 #ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_02_BI
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_06
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_07 # The EnrolmentResponse message shall be encrypted using an ETSI TS 103 097 approved algorithm and the encryption shall be done with the same AES key as the one used by the ITS-S requestor for the encryption of the EnrolmentRequest message.
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_08 #ItsPki_TestCases.TC_SECPKI_EA_ENR_01_BV
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_09 # The EnrolmentResponse message shall be encrypted using an ETSI TS 103 097 approved algorithm and the encryption shall be done with the same AES key as the one used by the ITS-S requestor for the encryption of the EnrolmentRequest message
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_10 #ItsPki_TestCases.TC_SECPKI_EA_ENR_02_BV
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_11 # The outermost structure is an EtsiTs103097Data-Encrypted structure containing the component recipients containing one instance of RecipientInfo of choice pskRecipInfo, which contains the HashedId8 of the symmetric key used by the ITS-S to encrypt the EnrolmentRequest message to which the response is built and containing the component ciphertext, once decrypted, contains an EtsiTs103097Data-Signed structure
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_12 #ItsPki_TestCases.TC_SECPKI_EA_ENR_03_BV
ItsPki_TestCases.TC_SEC_PKI_SND_EA_AA_BV_01 # Within the headerInfo of the tbsData, the psid shall be set to secured certificate request� as assigned in ETSI TS 102 965 and the generationTime shall be present.
#ItsPki_TestCases.TC_SECPKI_EA_ENR_04_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_05_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_06_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_07_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_01_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_08_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_09_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_10_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_11_BV
ItsPki_TestCases.TC_SECPKI_SND_EA_AA_BV_01
#ItsPki_TestCases.TC_SEC_PKI_SND_AA_BV_01 #ItsPki_TestCases.TC_SEC_PKI_SND_AA_BV_01
[MAIN_CONTROLLER] [MAIN_CONTROLLER]
......
etc/AtsPki/AtsPki_Atos.cfg_
View file @ 7fe37cfe
...@@ -15,14 +15,6 @@ LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := { ...@@ -15,14 +15,6 @@ LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := {
LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB
LibItsGeoNetworking_Pixits.PX_NEIGHBOUR_DISCOVERY_DELAY := 2.0 LibItsGeoNetworking_Pixits.PX_NEIGHBOUR_DISCOVERY_DELAY := 2.0
LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request"
LibItsHttp_Pics.PICS_HEADER_HOST := "etsi.ea.msi-dev.acloud.gemalto.com"
LibItsPki_Pics.PICS_HTTP_POST_URI := "/"
LibItsPki_Pics.PICS_HTTP_POST_URI := "/its"
#LibItsSecurity_Pics.PICS_SEC_FIXED_KEYS := true # Seed
# Enable Security support # Enable Security support
LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true
# Root path to access certificate stored in files, identified by certficate ID # Root path to access certificate stored in files, identified by certficate ID
...@@ -30,6 +22,12 @@ LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp" ...@@ -30,6 +22,12 @@ LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp"
# Configuration sub-directory to access certificate stored in files # Configuration sub-directory to access certificate stored in files
LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert" LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert"
LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request"
LibItsHttp_Pics.PICS_HEADER_HOST := "horus-pki.com"
LibItsPki_Pics.PICS_HTTP_POST_URI_EC := "/enrol"
LibItsPki_Pics.PICS_HTTP_POST_URI_AT := "/authorize"
LibItsPki_Pics.PICS_HTTP_POST_URI_ATV := "/validate"
LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY := '5C25F97607DFC62972A147FAD8B7A7C939569F0F95ECD4C641724A68B51836E5'O LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY := '5C25F97607DFC62972A147FAD8B7A7C939569F0F95ECD4C641724A68B51836E5'O
LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '020144E5174B0AFDA86BDB8B643B68D40030F5BDB9A9F090C64852CC3C20C9D5AD'O LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '020144E5174B0AFDA86BDB8B643B68D40030F5BDB9A9F090C64852CC3C20C9D5AD'O
LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '1B4CA1210123AE900BBE6C3EBAE7E87DA20DBDAB1E7B2EC0691C51C1021900AA'O LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '1B4CA1210123AE900BBE6C3EBAE7E87DA20DBDAB1E7B2EC0691C51C1021900AA'O
...@@ -120,26 +118,35 @@ LogEventTypes:= Yes ...@@ -120,26 +118,35 @@ LogEventTypes:= Yes
# save_mode : 1 to save sent packet, 0 otherwise # save_mode : 1 to save sent packet, 0 otherwise
# Single GeoNetworking component port # Single GeoNetworking component port
system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=etsi.ea.msi-dev.acloud.gemalto.com,port=80,use_ssl=0)" system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730)/ETH(mac_src=080027500f9b)/PCAP(mac_src=080027500f9b,nic=eth2)"
# Single HTTP component port
system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=horus-pki.com,port=80,use_ssl=0)"
# GeoNetworking UpperTester port based on UDP # GeoNetworking UpperTester port based on UDP
system.utPort.params := "UT_PKI/UDP(dst_ip=172.23.0.1,dst_port=8000)" system.utPort.params := "UT_PKI/UDP(dst_ip=172.23.0.1,dst_port=8000)"
[EXECUTE] [EXECUTE]
#ItsPki_TestCases.TC_SEC_PKI_ITSS_ENR_BV_01 #ItsPki_TestCases.TC_SECPKI_ITSS_ENR_01_BV
#ItsPki_TestCases.TC_SEC_PKI_ITSS_ENR_BV_02 #ItsPki_TestCases.TC_SECPKI_ITSS_ENR_02_BV
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_01
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_02 # The EnrolmentResponse message shall be sent by the EA to the ITS-S across the interface at reference point S3 in response to a received EnrolmentRequest message
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_03 ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_04 # Check that EA doesn't accept Enrolment rekeying request when enrolment is not permitted by signing certificate
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_05 #ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_02_BI
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_06
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_07 # The EnrolmentResponse message shall be encrypted using an ETSI TS 103 097 approved algorithm and the encryption shall be done with the same AES key as the one used by the ITS-S requestor for the encryption of the EnrolmentRequest message.
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_08 #ItsPki_TestCases.TC_SECPKI_EA_ENR_01_BV
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_09 #ItsPki_TestCases.TC_SECPKI_EA_ENR_02_BV
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_10 #ItsPki_TestCases.TC_SECPKI_EA_ENR_03_BV
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_11 #ItsPki_TestCases.TC_SECPKI_EA_ENR_04_BV
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_BV_12 #ItsPki_TestCases.TC_SECPKI_EA_ENR_05_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_06_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_07_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_01_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_08_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_09_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_10_BV
#ItsPki_TestCases.TC_SECPKI_EA_ENR_11_BV
#ItsPki_TestCases.TC_SEC_PKI_SND_EA_AA_BV_01 #ItsPki_TestCases.TC_SEC_PKI_SND_EA_AA_BV_01
#ItsPki_TestCases.TC_SEC_PKI_SND_AA_BV_01 #ItsPki_TestCases.TC_SEC_PKI_SND_AA_BV_01
......
etc/AtsPki/AtsPki_Escrypt.cfg_
View file @ 7fe37cfe
...@@ -15,11 +15,6 @@ LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := { ...@@ -15,11 +15,6 @@ LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := {
LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB
LibItsGeoNetworking_Pixits.PX_NEIGHBOUR_DISCOVERY_DELAY := 2.0 LibItsGeoNetworking_Pixits.PX_NEIGHBOUR_DISCOVERY_DELAY := 2.0
LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request"
LibItsHttp_Pics.PICS_HEADER_HOST := "test.bsi.v2x-pilot.escrypt.com"
LibItsPki_Pics.PICS_HTTP_POST_URI := "/ea/enrolment"
# Enable Security support # Enable Security support
LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true
# Root path to access certificate stored in files, identified by certficate ID # Root path to access certificate stored in files, identified by certficate ID
...@@ -27,6 +22,12 @@ LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp" ...@@ -27,6 +22,12 @@ LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp"
# Configuration sub-directory to access certificate stored in files # Configuration sub-directory to access certificate stored in files
LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert" LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert"
LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request"
LibItsHttp_Pics.PICS_HEADER_HOST := "test.bsi.v2x-pilot.escrypt.com"
LibItsPki_Pics.PICS_HTTP_POST_URI_EC := "/ea/enrolment"
LibItsPki_Pics.PICS_HTTP_POST_URI_AT := "/aa/authorize"
LibItsPki_Pics.PICS_HTTP_POST_URI_ATV := "/aa/authorize"
LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY := '5C25F97607DFC62972A147FAD8B7A7C939569F0F95ECD4C641724A68B51836E5'O LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY := '5C25F97607DFC62972A147FAD8B7A7C939569F0F95ECD4C641724A68B51836E5'O
LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '020144E5174B0AFDA86BDB8B643B68D40030F5BDB9A9F090C64852CC3C20C9D5AD'O LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '020144E5174B0AFDA86BDB8B643B68D40030F5BDB9A9F090C64852CC3C20C9D5AD'O
LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '45545349504C55470000000000000000'O LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '45545349504C55470000000000000000'O
...@@ -119,7 +120,9 @@ LogEventTypes:= Yes ...@@ -119,7 +120,9 @@ LogEventTypes:= Yes
# time_offset : Time offset, used to skip packets with time offset < time_offset # time_offset : Time offset, used to skip packets with time offset < time_offset
# save_mode : 1 to save sent packet, 0 otherwise # save_mode : 1 to save sent packet, 0 otherwise
# Single GeoNetworking component port # Single GeoNetworkingPort component port
system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730)/ETH(mac_src=080027500f9b)/PCAP(mac_src=080027500f9b,nic=eth2)"
# Single HTTP component port
system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=test.bsi.v2x-pilot.escrypt.com,use_ssl=0)" system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=test.bsi.v2x-pilot.escrypt.com,use_ssl=0)"
# PKI UpperTester port based on UDP # PKI UpperTester port based on UDP
......
etc/TestCodec/TestCodec.cfg
View file @ 7fe37cfe
...@@ -286,6 +286,8 @@ system.pkiPort.params := "PKI/HTTP(device_mode=1,uri=/its/inner_ec_request,host= ...@@ -286,6 +286,8 @@ system.pkiPort.params := "PKI/HTTP(device_mode=1,uri=/its/inner_ec_request,host=
# Security tests # Security tests
# Security Functions # Security Functions
#TestCodec_SecuredFuntions.tc_sha256_1 #TestCodec_SecuredFuntions.tc_sha256_1
#TestCodec_SecuredFuntions.tc_sha256_2
TestCodec_SecuredFuntions.tc_sha256_3
#TestCodec_SecuredFuntions.tc_sha384_1 #TestCodec_SecuredFuntions.tc_sha384_1
#TestCodec_SecuredFuntions.tc_f_generate_key_pair_1 #TestCodec_SecuredFuntions.tc_f_generate_key_pair_1
#TestCodec_SecuredFuntions.tc_f_generate_key_pair_2 #TestCodec_SecuredFuntions.tc_f_generate_key_pair_2
...@@ -332,7 +334,7 @@ system.pkiPort.params := "PKI/HTTP(device_mode=1,uri=/its/inner_ec_request,host= ...@@ -332,7 +334,7 @@ system.pkiPort.params := "PKI/HTTP(device_mode=1,uri=/its/inner_ec_request,host=
#TestCodec_SecuredFuntions.tc_read_certificate_1 #TestCodec_SecuredFuntions.tc_read_certificate_1
#TestCodec_SecuredFuntions.tc_read_certificate_2 #TestCodec_SecuredFuntions.tc_read_certificate_2
#TestCodec_SecuredFuntions.tc_read_certificate_digest #TestCodec_SecuredFuntions.tc_read_certificate_digest
TestCodec_SecuredFuntions.tc_read_certificate_hashed_id3 #TestCodec_SecuredFuntions.tc_read_certificate_hashed_id3
#TestCodec_SecuredFuntions.tc_read_certificate_hash #TestCodec_SecuredFuntions.tc_read_certificate_hash
# Encryption # Encryption
#TestCodec_SignedAndEncryptedMessages.tc_test_hmac_sha256_test1 #TestCodec_SignedAndEncryptedMessages.tc_test_hmac_sha256_test1
......
scripts/update_its_project.bash
View file @ 7fe37cfe
...@@ -173,6 +173,7 @@ do ...@@ -173,6 +173,7 @@ do
fi fi
cp ${TTCN_3_ORG_PATH}/$i/*.ttcn ${TTCN_3_DST_PATH}/$i/ttcn cp ${TTCN_3_ORG_PATH}/$i/*.ttcn ${TTCN_3_DST_PATH}/$i/ttcn
cp ${TTCN_3_ORG_PATH}/../etc/$i/*.cfg ${TTCN_3_DST_PATH}/$i/etc cp ${TTCN_3_ORG_PATH}/../etc/$i/*.cfg ${TTCN_3_DST_PATH}/$i/etc
cp ${TTCN_3_ORG_PATH}/../etc/$i/*.cfg_ ${TTCN_3_DST_PATH}/$i/etc
cp ${TTCN_3_ORG_PATH}/../docs/$i/o2.cfg ${TTCN_3_DST_PATH}/$i/docs cp ${TTCN_3_ORG_PATH}/../docs/$i/o2.cfg ${TTCN_3_DST_PATH}/$i/docs
done done
......
ttcn/AtsPki/ItsPki_TestCases.ttcn
View file @ 7fe37cfe
...@@ -176,7 +176,7 @@ module ItsPki_TestCases { ...@@ -176,7 +176,7 @@ module ItsPki_TestCases {
// Test Body // Test Body
tc_ac.start; tc_ac.start;
alt { alt {
[] httpPort.receive( [not(PICS_MULTIPLE_END_POINT)] httpPort.receive(
mw_http_response( mw_http_response(
mw_http_response_ok( mw_http_response_ok(
mw_http_message_body_binary( mw_http_message_body_binary(
...@@ -329,7 +329,7 @@ module ItsPki_TestCases { ...@@ -329,7 +329,7 @@ module ItsPki_TestCases {
// Test Body // Test Body
tc_ac.start; tc_ac.start;
alt { alt {
[] httpPort.receive( [not(PICS_MULTIPLE_END_POINT)] httpPort.receive(
mw_http_response( mw_http_response(
mw_http_response_ok( mw_http_response_ok(
mw_http_message_body_binary( mw_http_message_body_binary(
...@@ -483,7 +483,7 @@ module ItsPki_TestCases { ...@@ -483,7 +483,7 @@ module ItsPki_TestCases {
// Test Body // Test Body
tc_ac.start; tc_ac.start;
alt { alt {
[] httpPort.receive( [not(PICS_MULTIPLE_END_POINT)] httpPort.receive(
mw_http_response( mw_http_response(
mw_http_response_ok( mw_http_response_ok(
mw_http_message_body_binary( mw_http_message_body_binary(
...@@ -711,7 +711,7 @@ module ItsPki_TestCases { ...@@ -711,7 +711,7 @@ module ItsPki_TestCases {
// Test Body // Test Body
tc_ac.start; tc_ac.start;
alt { alt {
[] httpPort.receive( [not(PICS_MULTIPLE_END_POINT)] httpPort.receive(
mw_http_response( mw_http_response(
mw_http_response_ok( mw_http_response_ok(
mw_http_message_body_binary( mw_http_message_body_binary(
...@@ -857,7 +857,7 @@ module ItsPki_TestCases { ...@@ -857,7 +857,7 @@ module ItsPki_TestCases {
// Test Body // Test Body
tc_ac.start; tc_ac.start;
alt { alt {
[] httpPort.receive( [not(PICS_MULTIPLE_END_POINT)] httpPort.receive(
mw_http_response( mw_http_response(
mw_http_response_ok( mw_http_response_ok(
mw_http_message_body_binary( mw_http_message_body_binary(
...@@ -1009,7 +1009,7 @@ module ItsPki_TestCases { ...@@ -1009,7 +1009,7 @@ module ItsPki_TestCases {
// Test Body // Test Body
tc_ac.start; tc_ac.start;
alt { alt {
[] httpPort.receive( [not(PICS_MULTIPLE_END_POINT)] httpPort.receive(
mw_http_response( mw_http_response(
mw_http_response_ok( mw_http_response_ok(
mw_http_message_body_binary( mw_http_message_body_binary(
...@@ -1161,7 +1161,7 @@ module ItsPki_TestCases { ...@@ -1161,7 +1161,7 @@ module ItsPki_TestCases {
// Test Body // Test Body
tc_ac.start; tc_ac.start;
alt { alt {
[] httpPort.receive( [not(PICS_MULTIPLE_END_POINT)] httpPort.receive(
mw_http_response( mw_http_response(
mw_http_response_ok( mw_http_response_ok(
mw_http_message_body_binary( mw_http_message_body_binary(
...@@ -1315,7 +1315,7 @@ module ItsPki_TestCases { ...@@ -1315,7 +1315,7 @@ module ItsPki_TestCases {
// Test Body // Test Body
tc_ac.start; tc_ac.start;
alt { alt {
[] httpPort.receive( [not(PICS_MULTIPLE_END_POINT)] httpPort.receive(
mw_http_response( mw_http_response(
mw_http_response_ok( mw_http_response_ok(
mw_http_message_body_binary( mw_http_message_body_binary(
...@@ -1467,7 +1467,7 @@ module ItsPki_TestCases { ...@@ -1467,7 +1467,7 @@ module ItsPki_TestCases {
// Test Body // Test Body
tc_ac.start; tc_ac.start;
alt { alt {
[] httpPort.receive( [not(PICS_MULTIPLE_END_POINT)] httpPort.receive(
mw_http_response( mw_http_response(
mw_http_response_ok( mw_http_response_ok(
mw_http_message_body_binary( mw_http_message_body_binary(
...@@ -1620,7 +1620,7 @@ module ItsPki_TestCases { ...@@ -1620,7 +1620,7 @@ module ItsPki_TestCases {
// Test Body // Test Body
tc_ac.start; tc_ac.start;
alt { alt {
[] httpPort.receive( [not(PICS_MULTIPLE_END_POINT)] httpPort.receive(
mw_http_response( mw_http_response(
mw_http_response_ok( mw_http_response_ok(
mw_http_message_body_binary( mw_http_message_body_binary(
...@@ -1839,10 +1839,11 @@ module ItsPki_TestCases { ...@@ -1839,10 +1839,11 @@ module ItsPki_TestCases {
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body // Test Body
httpPort.send( f_http_send(
v_headers,
m_http_request( m_http_request(
m_http_request_post( m_http_request_post(
PICS_HTTP_POST_URI, PICS_HTTP_POST_URI_EC,
v_headers, v_headers,
m_http_message_body_binary( m_http_message_body_binary(
m_binary_body_ieee1609dot2_data( m_binary_body_ieee1609dot2_data(
...@@ -1850,7 +1851,7 @@ module ItsPki_TestCases { ...@@ -1850,7 +1851,7 @@ module ItsPki_TestCases {
))))); )))));
tc_ac.start; tc_ac.start;
alt { alt {
[] httpPort.receive( [not(PICS_MULTIPLE_END_POINT)] httpPort.receive(
mw_http_response( mw_http_response(
mw_http_response_ok( mw_http_response_ok(
mw_http_message_body_binary( mw_http_message_body_binary(
...@@ -1870,14 +1871,25 @@ module ItsPki_TestCases { ...@@ -1870,14 +1871,25 @@ module ItsPki_TestCases {
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
} }
} }
[] httpPort.receive( [PICS_MULTIPLE_END_POINT] httpEcPort.receive(
mw_http_response( mw_http_response(
mw_http_response_ko mw_http_response_ok(
)) { mw_http_message_body_binary(
mw_binary_body_ieee1609dot2_data(
mw_enrolmentResponseMessage(
mw_encryptedData(
-,
mw_SymmetricCiphertext_aes128ccm
))))))) -> value v_response {
tc_ac.stop; tc_ac.stop;
log("*** " & testcasename() & ": FAIL: Unexpected message received ***"); if (f_verify_pki_message(v_private_key, v_aes_sym_key, v_authentication_vector, vc_eaWholeHash, vc_eaCertificate, v_response.response.body.binary_body.ieee1609dot2_data, false, v_etsi_ts_102941_data) == false) {
log("*** " & testcasename() & ": FAIL: Failed to verify PKI message ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
} else {
log("*** " & testcasename() & ": PASS: InnerEcResponse received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
} }
[] tc_ac.timeout { [] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected message not received ***"); log("*** " & testcasename() & ": INCONC: Expected message not received ***");
...@@ -1891,7 +1903,7 @@ module ItsPki_TestCases { ...@@ -1891,7 +1903,7 @@ module ItsPki_TestCases {
} // End of testcase TC_SECPKI_EA_ENR_RCV_01_BV } // End of testcase TC_SECPKI_EA_ENR_RCV_01_BV
/** /**
* @desc Check that EA doesn’t accept Enrolment rekeying request when enrolment is not permitted * @desc Check that EA doesn't accept Enrolment rekeying request when enrolment is not permitted
* by signing certificate. * by signing certificate.
* <pre> * <pre>
* Pics Selection: PICS_IUT_EA_ROLE * Pics Selection: PICS_IUT_EA_ROLE
...@@ -1970,7 +1982,7 @@ module ItsPki_TestCases { ...@@ -1970,7 +1982,7 @@ module ItsPki_TestCases {
httpPort.send( httpPort.send(
m_http_request( m_http_request(
m_http_request_post( m_http_request_post(
PICS_HTTP_POST_URI, PICS_HTTP_POST_URI_EC,
v_headers, v_headers,
m_http_message_body_binary( m_http_message_body_binary(
m_binary_body_ieee1609dot2_data( m_binary_body_ieee1609dot2_data(
...@@ -1978,7 +1990,7 @@ module ItsPki_TestCases { ...@@ -1978,7 +1990,7 @@ module ItsPki_TestCases {
))))); )))));
tc_ac.start; tc_ac.start;
alt { alt {
[] httpPort.receive( [not(PICS_MULTIPLE_END_POINT)] httpPort.receive(
mw_http_response( mw_http_response(
mw_http_response_ok( mw_http_response_ok(
mw_http_message_body_binary(