Commit 82a921b2 authored by Yann Garcia's avatar Yann Garcia
Browse files

Add PKI support to RSU simumlator

parent e866dc65
......@@ -51,7 +51,7 @@ LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp"
LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert"
LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request"
LibItsHttp_Pics.PICS_HEADER_HOST := "192.168.0.252"
LibItsHttp_Pics.PICS_HEADER_HOST := "192.168.42.252"
LibItsPki_Pics.PICS_HTTP_POST_URI := "/ea/enrolment"
LibItsPki_Pics.PICS_MULTIPLE_END_POINT := false
......@@ -68,10 +68,10 @@ LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA"
# In this section you can specify the name of the log file and the classes of events
# you want to log into the file or display on console (standard error).
LogFile := "../logs/%e.%h-%r.%s"
FileMask := LOG_ALL | USER | DEBUG | MATCHING
ConsoleMask := LOG_ALL | USER | DEBUG | MATCHING
#FileMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP
#ConsoleMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP
#FileMask := LOG_ALL | USER | DEBUG | MATCHING
#ConsoleMask := LOG_ALL | USER | DEBUG | MATCHING
FileMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP
ConsoleMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP
LogSourceInfo := Stack
LogEntityName:= Yes
LogEventTypes:= Yes
......@@ -148,12 +148,14 @@ LogEventTypes:= Yes
# Single GeoNetworking component port
# its_aid=36: CAM
# its_aid=37: DENM
system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EB,latitude=43551050,longitude=10298730,its_aid=36,secured_mode=1,encrypted_mode=0,certificate=CERT_IUT_A_AT,peer_certifIcate=CERT_TS_A_AT,sec_db_path=/home/vagrant/tmp/asn1c_cert)/ETH(mac_src=080027500f9b)/PCAP(mac_src=080027500f9b,nic=eth1,filter=and ether proto 0x8947)"
system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EB,latitude=43551050,longitude=10298730,its_aid=36,secured_mode=1,encrypted_mode=0,certificate=CERT_IUT_A_AT,peer_certifIcate=CERT_TS_A_AT,sec_db_path=/home/vagrant/tmp/asn1c_cert)/ETH(mac_src=080027500f9b)/PCAP(mac_src=080027500f9b,nic=eth2,filter=and ether proto 0x8947)"
system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=192.168.0.252,port=80)"
#system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=192.168.42.252,port=80)"
system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=192.168.1.252,port=80)"
# Config port based on UDP
system.cfPort.params := "CF(ut=pki)/UDP(dst_ip=192.168.0.252,src_port=12345)"
#system.cfPort.params := "CF(ut=pki)/UDP(dst_ip=192.168.42.252,src_port=12345)"
system.cfPort.params := "CF(ut=cam)/UDP(dst_ip=192.168.1.252,src_port=12345)"
[EXECUTE]
ItsRSUsSimulator_TestCases.TC_RSUSIMU_BV_01
......
......@@ -1160,7 +1160,6 @@ module ItsRSUsSimulator_Functions {
if (f_verify_ec_certificate(v_etsi_ts_102941_data.content.enrolmentResponse.certificate, vc_eaCertificate, v_compressed_public_key, v_compressed_mode)) {
log("f_trigger_enrolment_request_await_response: Well-secured EA certificate received ***");
log("p_inner_ec_response= ", v_inner_ec_response);
p_reenrolment := true;
// Store the new certificate
p_ec_certificates[p_ec_counter].private_key := v_private_key;
p_ec_certificates[p_ec_counter].aes_sym_key := v_aes_sym_key;
......@@ -1243,14 +1242,14 @@ module ItsRSUsSimulator_Functions {
// Verify the received EC certificate
log("f_trigger_enrolment_request_await_response: match ", match(v_etsi_ts_102941_data.content, mw_enrolmentResponse(mw_innerEcResponse_ok(substr(v_request_hash, 0, 16), mw_etsiTs103097Certificate(-, mw_toBeSignedCertificate_ec, -)))), " ***"); // TODO In TITAN, this is the only way to get the unmatching in log
if (match(v_etsi_ts_102941_data.content, mw_enrolmentResponse(mw_innerEcResponse_ok(substr(v_request_hash, 0, 16), mw_etsiTs103097Certificate(-, mw_toBeSignedCertificate_ec, -))))) {
var InnerEcResponse v_inner_ec_response := v_etsi_ts_102941_data.content.enrolmentResponse;
if (f_verify_ec_certificate(v_etsi_ts_102941_data.content.enrolmentResponse.certificate, vc_eaCertificate, v_compressed_public_key, v_compressed_mode)) {
var InnerEcResponse v_inner_at_response := v_etsi_ts_102941_data.content.enrolmentResponse;
if (f_verify_at_certificate(v_etsi_ts_102941_data.content.enrolmentResponse.certificate, vc_eaCertificate, v_compressed_public_key, v_compressed_mode)) {
log("f_trigger_enrolment_request_await_response: Well-secured EA certificate received ***");
log("p_inner_ec_response= ", v_inner_ec_response);
log("p_inner_at_response= ", v_inner_at_response);
p_reenrolment := true;
// Store the new certificate
p_ec_certificates[p_ec_certificates_counter] := v_inner_ec_response.certificate;
p_ec_certificates_counter := p_ec_certificates_counter + 1;
p_at_certificates[p_at_certificates_counter] := v_inner_at_response.certificate;
p_at_certificates_counter := p_at_xscertificates_counter + 1;
} else {
log("f_trigger_enrolment_request_await_response: Cannot verify EC certificate signature ***");
}
......
Subproject commit c59baf961ec499e041a3224fd2308f9381791810
Subproject commit d58176fedb8e215882356c9efea6fd9bb7877422
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment