Commit afe73978 authored by Yann Garcia's avatar Yann Garcia
Browse files

Continue PKI ATS development

parent fe22336b
...@@ -51,7 +51,7 @@ commsignia_layer::commsignia_layer(const std::string & p_type, const std::string ...@@ -51,7 +51,7 @@ commsignia_layer::commsignia_layer(const std::string & p_type, const std::string
void commsignia_layer::send_data(OCTETSTRING& data, params& params) { void commsignia_layer::send_data(OCTETSTRING& data, params& params) {
loggers::get_instance().log_msg(">>> commsignia_layer::send_data: ", data); loggers::get_instance().log_msg(">>> commsignia_layer::send_data: ", data);
OCTETSTRING buffer(12, commsignia_layer::_fixed_header); OCTETSTRING buffer(10, commsignia_layer::_fixed_header);
if (_params[std::string("use_vpn")].compare("1") == 0) { if (_params[std::string("use_vpn")].compare("1") == 0) {
buffer += int2oct(1, 1); // Injection to software buffer += int2oct(1, 1); // Injection to software
} else { } else {
...@@ -61,21 +61,21 @@ void commsignia_layer::send_data(OCTETSTRING& data, params& params) { ...@@ -61,21 +61,21 @@ void commsignia_layer::send_data(OCTETSTRING& data, params& params) {
loggers::get_instance().log_msg("commsignia_layer::send_data: buffer: ", buffer); loggers::get_instance().log_msg("commsignia_layer::send_data: buffer: ", buffer);
buffer += int2oct(std::stoi(_params[params::interface_id]), 4); buffer += int2oct(std::stoi(_params[params::interface_id]), 4);
loggers::get_instance().log_msg("commsignia_layer::send_data: buffer: ", buffer); loggers::get_instance().log_msg("commsignia_layer::send_data: buffer: ", buffer);
buffer += int2oct(std::stoi(_params[std::string("data_rate")]), 4); buffer += int2oct(std::stoi(_params[std::string("data_rate")]), 2);
loggers::get_instance().log_msg("commsignia_layer::send_data: buffer: ", buffer); loggers::get_instance().log_msg("commsignia_layer::send_data: buffer: ", buffer);
buffer += int2oct(7, 1); // MAC user priority
buffer += int2oct(0x80000000 & std::stoi(_params[std::string("power_tx")]), 4); // Negative number buffer += int2oct(0x80000000 & std::stoi(_params[std::string("power_tx")]), 4); // Negative number
loggers::get_instance().log_msg("commsignia_layer::send_data: buffer: ", buffer); loggers::get_instance().log_msg("commsignia_layer::send_data: buffer: ", buffer);
buffer += int2oct(7, 1); // MAC user priority
// Destination MAC address // Destination MAC address
params::const_iterator it = params.find(params::mac_dst); // Find in provided parameters, params params::const_iterator it = params.find(params::mac_dst); // Find in provided parameters, params
if (it != params.cend()) { if (it != params.cend()) {
buffer = str2oct(CHARSTRING(it->second.c_str())); buffer += str2oct(CHARSTRING(it->second.c_str()));
} else { } else {
it = _params.find(params::mac_dst); it = _params.find(params::mac_dst);
if (it != _params.cend()) { if (it != _params.cend()) {
buffer = str2oct(CHARSTRING(it->second.c_str())); buffer += str2oct(CHARSTRING(it->second.c_str()));
} else { } else {
buffer = str2oct(CHARSTRING(_params[params::mac_bc].c_str())); buffer += str2oct(CHARSTRING(_params[params::mac_bc].c_str()));
} }
} }
loggers::get_instance().log_msg("commsignia_layer::send_data: buffer: ", buffer); loggers::get_instance().log_msg("commsignia_layer::send_data: buffer: ", buffer);
...@@ -84,7 +84,12 @@ void commsignia_layer::send_data(OCTETSTRING& data, params& params) { ...@@ -84,7 +84,12 @@ void commsignia_layer::send_data(OCTETSTRING& data, params& params) {
if (it != params.cend()) { if (it != params.cend()) {
buffer += str2oct(CHARSTRING(it->second.c_str())); buffer += str2oct(CHARSTRING(it->second.c_str()));
} else { } else {
buffer += str2oct(CHARSTRING(_params[params::mac_src].c_str())); it = _params.find(params::mac_src);
if (it != _params.cend()) {
buffer += str2oct(CHARSTRING(it->second.c_str()));
} else {
buffer += str2oct(CHARSTRING(_params[params::mac_src].c_str()));
}
} }
loggers::get_instance().log_msg("commsignia_layer::send_data: buffer: ", buffer); loggers::get_instance().log_msg("commsignia_layer::send_data: buffer: ", buffer);
buffer += int2oct(0, 2); // Fixed buffer += int2oct(0, 2); // Fixed
...@@ -101,14 +106,23 @@ void commsignia_layer::receive_data(OCTETSTRING& data, params& params) { ...@@ -101,14 +106,23 @@ void commsignia_layer::receive_data(OCTETSTRING& data, params& params) {
loggers::get_instance().log_msg(">>> commsignia_layer::receive_data: ", data); loggers::get_instance().log_msg(">>> commsignia_layer::receive_data: ", data);
const unsigned char* p = static_cast<const unsigned char *>(data); const unsigned char* p = static_cast<const unsigned char *>(data);
// Check the frame version
if (*p != 0x12) {
// Discard it, on;y use TX version
return;
}
const commsignia_layer::c2p_s_v1_tx_t* r = (const commsignia_layer::c2p_s_v1_tx_t*)p; const commsignia_layer::c2p_s_v1_tx_t* r = (const commsignia_layer::c2p_s_v1_tx_t*)p;
loggers::get_instance().log("commsignia_layer::receive_data: version=%02x", r->s_header.u8_ver_type); loggers::get_instance().log("commsignia_layer::receive_data: version=%02x", r->s_header.u8_ver_type);
loggers::get_instance().log("commsignia_layer::receive_data: timestamp1=%08x", ntohl(r->s_header.u32_tst_sec)); loggers::get_instance().log("commsignia_layer::receive_data: timestamp1=%08x", ntohl(r->s_header.u32_tst_sec));
loggers::get_instance().log("commsignia_layer::receive_data: timestamp2=%08x", ntohl(r->s_header.u32_tst_msec)); loggers::get_instance().log("commsignia_layer::receive_data: timestamp2=%08x", ntohl(r->s_header.u32_tst_msec));
loggers::get_instance().log("commsignia_layer::receive_data: primary_channel=%08x", ntohl(r->u8_primary_channel)); loggers::get_instance().log("commsignia_layer::receive_data: primary_channel=%08x", r->u8_primary_channel);
loggers::get_instance().log("commsignia_layer::receive_data: secondary_channel=%08x", ntohl(r->u8_secondary_channel)); loggers::get_instance().log("commsignia_layer::receive_data: secondary_channel=%08x", r->u8_secondary_channel);
loggers::get_instance().log("commsignia_layer::receive_data: antenna=%02x", r->u8_antenna); loggers::get_instance().log("commsignia_layer::receive_data: antenna=%02x", r->u8_antenna);
loggers::get_instance().log("commsignia_layer::receive_data: speed=%d", ntohs(r->u16_speed));
loggers::get_instance().log("commsignia_layer::receive_data: heading=%d", ntohs(r->u16_heading));
loggers::get_instance().log("commsignia_layer::receive_data: txp=%02x", r->s8_txp);
loggers::get_instance().log("commsignia_layer::receive_data: s8_tssi_ant_1=%d", r->s8_tssi_ant_1); loggers::get_instance().log("commsignia_layer::receive_data: s8_tssi_ant_1=%d", r->s8_tssi_ant_1);
loggers::get_instance().log("commsignia_layer::receive_data: s8_tssi_ant_2=%d", r->s8_tssi_ant_2); loggers::get_instance().log("commsignia_layer::receive_data: s8_tssi_ant_2=%d", r->s8_tssi_ant_2);
// Filtering on antenna index // Filtering on antenna index
...@@ -116,10 +130,10 @@ void commsignia_layer::receive_data(OCTETSTRING& data, params& params) { ...@@ -116,10 +130,10 @@ void commsignia_layer::receive_data(OCTETSTRING& data, params& params) {
if (r->u8_antenna != std::stoi(_params[params::interface_id])) { if (r->u8_antenna != std::stoi(_params[params::interface_id])) {
// Discard packet // Discard packet
loggers::get_instance().warning("commsignia_layer::receive_data: Discard packet due to wrong antenna id"); loggers::get_instance().warning("commsignia_layer::receive_data: Discard packet due to wrong antenna id");
return; // TODO return;
} // else, continue } // else, continue
const commsignia_layer::c2p_802_11p_hdr* h = (const commsignia_layer::c2p_802_11p_hdr*)(p + sizeof(commsignia_layer::c2p_s_v1_tx_t)); const commsignia_layer::c2p_802_11p_hdr* h = (const commsignia_layer::c2p_802_11p_hdr*)(p + sizeof(commsignia_layer::c2p_s_v1_tx_t) - 1);
loggers::get_instance().log("commsignia_layer::receive_data: frame_ctrl=%04x", ntohs(h->frame_ctrl)); loggers::get_instance().log("commsignia_layer::receive_data: frame_ctrl=%04x", ntohs(h->frame_ctrl));
OCTETSTRING dst = OCTETSTRING(6, (const unsigned char*)&h->dst_addr); OCTETSTRING dst = OCTETSTRING(6, (const unsigned char*)&h->dst_addr);
loggers::get_instance().log_msg("commsignia_layer::receive_data: dst: ", dst); loggers::get_instance().log_msg("commsignia_layer::receive_data: dst: ", dst);
...@@ -130,23 +144,30 @@ void commsignia_layer::receive_data(OCTETSTRING& data, params& params) { ...@@ -130,23 +144,30 @@ void commsignia_layer::receive_data(OCTETSTRING& data, params& params) {
if (!std::equal(_mac_src.cbegin(), _mac_src.cend(), static_cast<const unsigned char*>(src))) { if (!std::equal(_mac_src.cbegin(), _mac_src.cend(), static_cast<const unsigned char*>(src))) {
// Discard packet // Discard packet
loggers::get_instance().warning("commsignia_layer::receive_data: Discard packet due to wrong comparison"); loggers::get_instance().warning("commsignia_layer::receive_data: Discard packet due to wrong comparison");
return; //TODO return;
} // else, continue } // else, continue
const commsignia_layer::c2p_llc_hdr* l; const commsignia_layer::c2p_llc_hdr* l;
int length; int length;
if ((ntohs(h->frame_ctrl) & 0xf000) == 0x8000) { if ((ntohs(h->frame_ctrl) & 0xf000) == 0x8000) {
l = (const commsignia_layer::c2p_llc_hdr*)(p + sizeof(commsignia_layer::c2p_s_v1_tx_t) + sizeof(commsignia_layer::c2p_802_11p_hdr) + sizeof(commsignia_layer::c2p_qos_ctrl)); l = (const commsignia_layer::c2p_llc_hdr*)(p + sizeof(commsignia_layer::c2p_s_v1_tx_t) - 1 + sizeof(commsignia_layer::c2p_802_11p_hdr) + sizeof(commsignia_layer::c2p_qos_ctrl));
length = sizeof(commsignia_layer::c2p_s_v1_tx_t) + sizeof(commsignia_layer::c2p_802_11p_hdr) + sizeof(commsignia_layer::c2p_qos_ctrl) + sizeof(commsignia_layer::c2p_llc_hdr); length = sizeof(commsignia_layer::c2p_s_v1_tx_t) - 1 + sizeof(commsignia_layer::c2p_802_11p_hdr) + sizeof(commsignia_layer::c2p_qos_ctrl) + sizeof(commsignia_layer::c2p_llc_hdr);
} else { } else {
l = (const commsignia_layer::c2p_llc_hdr*)(p + sizeof(commsignia_layer::c2p_s_v1_tx_t) + sizeof(commsignia_layer::c2p_802_11p_hdr)); l = (const commsignia_layer::c2p_llc_hdr*)(p + sizeof(commsignia_layer::c2p_s_v1_tx_t) - 1 + sizeof(commsignia_layer::c2p_802_11p_hdr));
length = sizeof(commsignia_layer::c2p_s_v1_tx_t) + sizeof(commsignia_layer::c2p_802_11p_hdr) + sizeof(commsignia_layer::c2p_llc_hdr); length = sizeof(commsignia_layer::c2p_s_v1_tx_t) - 1 + sizeof(commsignia_layer::c2p_802_11p_hdr) + sizeof(commsignia_layer::c2p_llc_hdr);
} }
loggers::get_instance().log("commsignia_layer::receive_data: dsap=%02x", l->dsap); loggers::get_instance().log("commsignia_layer::receive_data: dsap=%02x", l->dsap);
loggers::get_instance().log("commsignia_layer::receive_data: ssap=%02x", l->ssap); loggers::get_instance().log("commsignia_layer::receive_data: ssap=%02x", l->ssap);
loggers::get_instance().log("commsignia_layer::receive_data: ssap=%02x", l->ctrl);
loggers::get_instance().log("commsignia_layer::receive_data: type=%04x", l->type); loggers::get_instance().log("commsignia_layer::receive_data: type=%04x", l->type);
length -= 4;
// Check ether type // Check ether type
if ((_eth_type[1] == (unsigned char)((l->type & 0xff00) >> 8)) && (_eth_type[0] == (unsigned char)(l->type & 0xff))) { // Warning: Network ordered bytes //if ((_eth_type[1] == (unsigned char)((l->type & 0xff00) >> 8)) && (_eth_type[0] == (unsigned char)(l->type & 0xff))) { // Warning: Network ordered bytes
// Extract payload // Extract payload
data = OCTETSTRING(data.lengthof() - length, length + static_cast<const unsigned char *>(data)); data = OCTETSTRING(data.lengthof() - length, length + static_cast<const unsigned char *>(data));
//loggers::get_instance().log_msg("commsignia_layer::receive_data: payload for upper layer:", data); //loggers::get_instance().log_msg("commsignia_layer::receive_data: payload for upper layer:", data);
...@@ -158,7 +179,11 @@ void commsignia_layer::receive_data(OCTETSTRING& data, params& params) { ...@@ -158,7 +179,11 @@ void commsignia_layer::receive_data(OCTETSTRING& data, params& params) {
params[params::mac_src] = std::string(static_cast<const char *>(s)); params[params::mac_src] = std::string(static_cast<const char *>(s));
receive_to_all_layers(data, params); receive_to_all_layers(data, params);
} // else, nothing to do /*} else {
// Discard packet
loggers::get_instance().warning("commsignia_layer::receive_data: Discard packet due to wrong ethernet type");
//TODO return;
}*/
} }
commsignia_layer_factory commsignia_layer_factory::_f; commsignia_layer_factory commsignia_layer_factory::_f;
...@@ -500,7 +500,7 @@ int security_services::sign_payload(const OCTETSTRING& p_unsecured_gn_payload, O ...@@ -500,7 +500,7 @@ int security_services::sign_payload(const OCTETSTRING& p_unsecured_gn_payload, O
INTEGER i; INTEGER i;
i.set_long_long_val(us); i.set_long_long_val(us);
header_info.generationTime() = OPTIONAL<INTEGER>(i); header_info.generationTime() = OPTIONAL<INTEGER>(i);
loggers::get_instance().log("security_services::sign_payload: Finame HeaderInfo timestamp: %ld", us); loggers::get_instance().log("security_services::sign_payload: Final HeaderInfo timestamp: %ld", us);
// Check if a certificate shall be requested // Check if a certificate shall be requested
if (_unknown_certificate.lengthof() == 3) { // HashedId3 if (_unknown_certificate.lengthof() == 3) { // HashedId3
IEEE1609dot2BaseTypes::SequenceOfHashedId3 s; IEEE1609dot2BaseTypes::SequenceOfHashedId3 s;
...@@ -540,11 +540,13 @@ int security_services::sign_payload(const OCTETSTRING& p_unsecured_gn_payload, O ...@@ -540,11 +540,13 @@ int security_services::sign_payload(const OCTETSTRING& p_unsecured_gn_payload, O
loggers::get_instance().warning("security_services:sign_payload: Failed to secure payload"); loggers::get_instance().warning("security_services:sign_payload: Failed to secure payload");
return -1; return -1;
} }
loggers::get_instance().log("security_services::sign_payload: cert= ", cert);
IEEE1609dot2::SequenceOfCertificate sequenceOfCertificate; IEEE1609dot2::SequenceOfCertificate sequenceOfCertificate;
sequenceOfCertificate[0] = cert; sequenceOfCertificate[0] = cert;
signer.certificate() = sequenceOfCertificate; signer.certificate() = sequenceOfCertificate;
// Reset send certificate timer // Reset send certificate timer
_last_generation_time = us; _last_generation_time = us;
loggers::get_instance().log("security_services::sign_payload: Reset send certificate timer, signer= ", signer);
} else { } else {
loggers::get_instance().log("security_services::sign_payload: Add digest"); loggers::get_instance().log("security_services::sign_payload: Add digest");
OCTETSTRING digest; OCTETSTRING digest;
......
[MODULE_PARAMETERS]
# This section shall contain the values of all parameters that are defined in your TTCN-3 modules.
# The GeoNetworking address of the IUT.
LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := {
typeOfAddress := e_initial,
stationType := e_passengerCar, #e_roadSideUnit,
stationCountryCode := 0, #33,
mid := '000000000011'O
} # Commsignia
LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB
LibItsBtp_Pixits.PX_DESTINATION_PORT := 2001
LibItsBtp_Pixits.PX_DESTINATION_PORT_INFO := 2001
# Enable Security support
LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true
LibItsGeoNetworking_Pixits.PX_NEIGHBOUR_DISCOVERY_DELAY := 2.0
# Root path to access certificate stored in files, identified by certficate ID
LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp"
# Configuration sub-directory to access certificate stored in files
LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert"
#LibItsSecurity_Pics.PICS_SEC_FIXED_KEYS := true # Seed
LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request"
LibItsHttp_Pics.PICS_HEADER_HOST := "192.168.0.252"
LibItsPki_Pics.PICS_HTTP_POST_URI_EC := "/ea/enrolment"
LibItsPki_Pics.PICS_HTTP_POST_URI_AT := "/ea/authval"
LibItsPki_Pics.PICS_HTTP_POST_URI_ATV := "/aa/authorization"
LibItsPki_Pics.PICS_IUT_ITS_S_ROLE := true
LibItsPki_Pics.PICS_SECPKI_ENROLMENT := true
LibItsPki_Pixits.PX_EC_PRIVATE_KEY := '73AD688448117EFF50BCB044AA9CFD7932023B7A2C62887A1D3B99FED2B5237C'O
LibItsPki_Pixits.PX_EC_HASH := 'C4FD3EF2B51CFD605D7D40FA9C1C279B8B8C4D7CB9D40D6044C55F615D750502'O
LibItsPki_Pixits.PX_EC_HASHED_ID8 := '44C55F615D750502'O
LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY := '5C25F97607DFC62972A147FAD8B7A7C939569F0F95ECD4C641724A68B51836E5'O;
LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '020144E5174B0AFDA86BDB8B643B68D40030F5BDB9A9F090C64852CC3C20C9D5AD'O;
LibItsPki_Pics.PICS_ITS_S_ENC_NITSP256_PRIVATE_KEY := 'EDEBEADCAA9514CD4B30256126FB7DF958B911C6EB58CCF702983C3DCD3DECBD'O;
LibItsPki_Pics.PICS_ITS_S_ENC_NISTP256_PUBLIC_KEY := '023A4ADDCDD5EE66DAB2116B0C3AB47CCEDAE92CD9ACE98A84B10EB63A9DCA798C'O;
LibItsPki_Pics.PICS_ITS_S_ENC_BRAINPOOLP256r1_PRIVATE_KEY := '9F155D40B6C920BA45D8027093C8ADADAF3AA6F9F71F0CC0F8279FF0146A8A48'O;
LibItsPki_Pics.PICS_ITS_S_ENC_BRAINPOOLP256r1_PUBLIC_KEY := '038602F468BD334EA4D2BA416295E204D58BD1F42C85FB9BE57237C74544F6A69A'O;
LibItsPki_Pics.PICS_ITS_S_SIGN_BRAINPOOLP256r1_PRIVATE_KEY := '6D585B716D06F75EC2B8A8ADEBFCE6ED35B0640C2AFBFF25FE48FC81A6732D4F'O;
LibItsPki_Pics.PICS_ITS_S_SIGN_BRAINPOOLP256r1_PUBLIC_KEY := '02A92BA3B770B040B8D958D5BD2CC9B537212D6963F50EA3E4784FEFA5D0454C12'O;
LibItsPki_Pics.PICS_ITS_S_ENC_BRAINPOOLP384r1_PRIVATE_KEY := '6B4B4392511B252C904801466F5DA0A7F28E038E6656800CBB0CDCB3D32F862CA4D59CBDC1A19E98E9191582AF1DB3D7'O;
LibItsPki_Pics.PICS_ITS_S_SIGN_BRAINPOOLP384r1_PRIVATE_KEY := '3CD977195A579787C84D5900F4CB6341E0C3D2750B140C5380E6F03CE3FBA0022F7541DEABDCED4790D313ED8F56ACA8'O;
LibItsPki_Pics.PICS_ITS_S_SIGN_BRAINPOOLP384r1_PUBLIC_KEY := '0243FF5C96984C2C3F5FD5C5F6551C90F5FAEE1E5E8301763E4AF1E9D627F3474E554B82EE98EC4B49808DFF61B35F8313'O;
LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '1B4CA1210123AE900BBE6C3EBAE7E87DA20DBDAB1E7B2EC0691C51C1021900AA'O;
LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "CERT_TS_A_EA"
LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA"
#ItsPki_Pixits.PX_TRIGGER_EC_BEFORE_AT := false;
[LOGGING]
# In this section you can specify the name of the log file and the classes of events
# you want to log into the file or display on console (standard error).
LogFile := "../logs/%e.%h-%r.%s"
FileMask := LOG_ALL | USER | DEBUG | MATCHING
ConsoleMask := LOG_ALL | USER | DEBUG | MATCHING
#FileMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP
#ConsoleMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP
LogSourceInfo := Stack
LogEntityName:= Yes
LogEventTypes:= Yes
#TimeStampFormat := DateTime
[TESTPORT_PARAMETERS]
# In this section you can specify parameters that are passed to Test Ports.
# CAM Layer
# next_header : btpA|btpB (overwrite BTP.type)
# header_type : tsb|gbc
# header_sub_type : sh (single hop)
# DENM Layer
# next_header : btpA|btpB (overwrite BTP.type)
# header_type : tsb|gbc
# BTP Layer
# type : btpA|btpB
# destination port: dst_port
# source port : src_port
# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU
# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU
# GN Layer
# ll_address : GeoNetworking address of the Test System
# latitude : latitude of the Test System
# longitude : longitude of the Test System
# beaconing : Set to 1 if GnLayer shall start beaconing
# Beaconing timer expiry: expiry (ms)
# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU
# secured_mode : Set to 1 if message exchanges shall be signed
# encrypted_mode : Set to 1 if message exchanges shall be encrypted
# NOTE: For signed & encrypted message exchanges, both secured_mode and encrypted_mode shall be set to 1
# sec_db_path : Path to the certificates and keys storage location
# hash : Hash algorithm to be used when secured mode is set
# Authorized values are SHA-256 or SHA-384
# Default: SHA-256
# signature : Signature algorithm to be used when secured mode is set
# Authorized values are NISTP-256, NISTP-384, BP-256 and BP-384
# Default: NISTP-256
# cypher : Cyphering algorithm to be used when secured mode is set
# Authorized values are NISTP-256, BP-256 and BP-384
# Default: NISTP-256
# Pki layer
# certificate : Certificate to be used by the Test System for signature and encryption. Default: CERT_TS_A_AT
# peer_certificate : Certificate to be used by the IUT for signature and encryption. Default: CERT_IUT_A_AT
# Ethernet layer
# mac_src :Source MAC address
# mac_bc :Broadcast address
# eth_type : Ethernet type
# Commsignia layer
# mac_src : Device MAC address, used to discard packets
# To indicate no filering, use the value 000000000000
# mac_bc : Broadcast address
# eth_type : Ethernet type, used to discard packets
# target_host : Device address
# target_port : Device port
# source_port : Test System port
# interface_id: Interface id, used to discard packets
# tx_power : TX power (dB)
# UDP layer (IP/UDP based on Pcap)
# dst_ip : destination IPv4 address (aa.bb.cc.dd)
# dst_port: destination port
# src_ip : source IPv4 address (aa.bb.cc.dd)
# src_port: source port
# Pcap layer
# mac_src : Source MAC address, used to exclude from capture the acket sent by the Test System
# filter : Pcap filter (compliant with tcpdump syntax)
# Online mode:
# nic: Local NIC
# If set, online mode is used
# Offline mode (nic is present but not set):
# file : File to read
# frame_offset: Frame offset, used to skip packets with frame number < frame_offset
# time_offset : Time offset, used to skip packets with time offset < time_offset
# save_mode : 1 to save sent packet, 0 otherwise
# Single GeoNetworking component port
# its_aid = 36 CAM
# its_aid = 37 DENM
system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EB,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=0,secured_mode=1,its_aid=36,certificate=CERT_TS_A_AT,sec_db_path=/home/vagrant/tmp/asn1c_cert)/COMMSIGNIA(mac_src=000000000011,use_vpn=1,target_host=10.8.0.1)/UDP(dst_ip=10.8.0.1,src_port=7943,dst_port=7943)"
# Single HTTP component port
system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server_mode=1,server=192.168.0.252,port=80,local_port=80,use_ssl=0)"
# GeoNetworking UpperTester port based on UDP
system.utPort.params := "UT_PKI/UDP(dst_ip=10.8.0.1,dst_port=56000)"
[EXECUTE]
# Check that IUT sends an enrolment request when triggered.
ItsPki_TestCases.TC_SECPKI_ITSS_ENR_01_BV
# If the enrolment request of the IUT is an initial enrolment request, the itsId (contained in the InnerECRequest) shall be set to the canonical identifier, the signer (contained in the outer EtsiTs1030971Data-Signed) shall be set to self and the outer signature shall be computed using the canonical private key.
#ItsPki_TestCases.TC_SECPKI_ITSS_ENR_02_BV
# In presence of a valid EC, the enrolment request of the IUT is a rekeying enrolment request with the itsId (contained in the InnerECRequest) and the SignerIdentifier (contained in the outer EtsiTs1030971Data-Signed) both declared as digest containing the HashedId8 of the EC and the outer signature computed using the current valid EC private key corresponding to the verification public key.
#ItsPki_TestCases.TC_SECPKI_ITSS_ENR_03_BV
#ItsPki_TestCases.TC_SECPKI_ITSS_ENR_06_BV
#ItsPki_TestCases.TC_SECPKI_ITSS_ENR_07_BV
[MAIN_CONTROLLER]
# The options herein control the behavior of MC.
KillTimer := 10.0
LocalAddress := 127.0.0.1
TCPPort := 12000
NumHCs := 1
...@@ -20,6 +20,7 @@ LibItsGeoNetworking_Pixits.PX_NEIGHBOUR_DISCOVERY_DELAY := 2.0 ...@@ -20,6 +20,7 @@ LibItsGeoNetworking_Pixits.PX_NEIGHBOUR_DISCOVERY_DELAY := 2.0
LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp" LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp"
# Configuration sub-directory to access certificate stored in files # Configuration sub-directory to access certificate stored in files
LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert" LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert"
#LibItsSecurity_Pics.PICS_SEC_FIXED_KEYS := true # Seed
LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request" LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request"
LibItsHttp_Pics.PICS_HEADER_HOST := "192.168.0.252" LibItsHttp_Pics.PICS_HEADER_HOST := "192.168.0.252"
...@@ -27,10 +28,12 @@ LibItsHttp_Pics.PICS_HEADER_HOST := "192.168.0.252" ...@@ -27,10 +28,12 @@ LibItsHttp_Pics.PICS_HEADER_HOST := "192.168.0.252"
LibItsPki_Pics.PICS_HTTP_POST_URI_EC := "/ea/enrolment" LibItsPki_Pics.PICS_HTTP_POST_URI_EC := "/ea/enrolment"
LibItsPki_Pics.PICS_HTTP_POST_URI_AT := "/ea/authval" LibItsPki_Pics.PICS_HTTP_POST_URI_AT := "/ea/authval"
LibItsPki_Pics.PICS_HTTP_POST_URI_ATV := "/aa/authorization" LibItsPki_Pics.PICS_HTTP_POST_URI_ATV := "/aa/authorization"
#LibItsSecurity_Pics.PICS_SEC_FIXED_KEYS := true # Seed
LibItsPki_Pics.PICS_IUT_ITS_S_ROLE := true LibItsPki_Pics.PICS_IUT_ITS_S_ROLE := true
LibItsPki_Pics.PICS_SECPKI_ENROLMENT := true LibItsPki_Pics.PICS_SECPKI_ENROLMENT := true
LibItsPki_Pixits.PX_EC_PRIVATE_KEY := '73AD688448117EFF50BCB044AA9CFD7932023B7A2C62887A1D3B99FED2B5237C'O
LibItsPki_Pixits.PX_EC_HASH := 'C4FD3EF2B51CFD605D7D40FA9C1C279B8B8C4D7CB9D40D6044C55F615D750502'O
LibItsPki_Pixits.PX_EC_HASHED_ID8 := '44C55F615D750502'O
LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY := '5C25F97607DFC62972A147FAD8B7A7C939569F0F95ECD4C641724A68B51836E5'O; LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY := '5C25F97607DFC62972A147FAD8B7A7C939569F0F95ECD4C641724A68B51836E5'O;
LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '020144E5174B0AFDA86BDB8B643B68D40030F5BDB9A9F090C64852CC3C20C9D5AD'O; LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '020144E5174B0AFDA86BDB8B643B68D40030F5BDB9A9F090C64852CC3C20C9D5AD'O;
...@@ -47,6 +50,8 @@ LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '1B4CA1210123AE900 ...@@ -47,6 +50,8 @@ LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '1B4CA1210123AE900
LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "CERT_TS_A_EA" LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "CERT_TS_A_EA"
LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA" LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA"
#ItsPki_Pixits.PX_TRIGGER_EC_BEFORE_AT := false;
[LOGGING] [LOGGING]
# In this section you can specify the name of the log file and the classes of events # In this section you can specify the name of the log file and the classes of events
# you want to log into the file or display on console (standard error). # you want to log into the file or display on console (standard error).
......
...@@ -16,18 +16,18 @@ ...@@ -16,18 +16,18 @@
# stationCountryCode := 0, #33, # stationCountryCode := 0, #33,
# mid := 'BA749705A41D'O # mid := 'BA749705A41D'O
#} # Nordsys #} # Nordsys
#LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := {
# typeOfAddress := e_initial,
# stationType := e_passengerCar, #e_roadSideUnit,
# stationCountryCode := 0, #33,
# mid := '000000000011'O
#} # Commsignia
LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := { LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := {
typeOfAddress := e_initial, typeOfAddress := e_initial,
stationType := e_unknown, #e_roadSideUnit, stationType := e_passengerCar, #e_roadSideUnit,
stationCountryCode := 0, #33, stationCountryCode := 0, #33,
mid := '4c5e0c14d2ea'O mid := '000000000011'O
} # Simu } # Commsignia
#LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := {
# typeOfAddress := e_initial,
# stationType := e_unknown, #e_roadSideUnit,
# stationCountryCode := 0, #33,
# mid := '4c5e0c14d2ea'O
#} # Simu
LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB
LibItsBtp_Pixits.PX_DESTINATION_PORT := 2001 LibItsBtp_Pixits.PX_DESTINATION_PORT := 2001
...@@ -123,8 +123,9 @@ LogEventTypes:= Yes ...@@ -123,8 +123,9 @@ LogEventTypes:= Yes
# Single GeoNetworking component port # Single GeoNetworking component port
# its_aid = 36 CAM # its_aid = 36 CAM
# its_aid = 37 DENM # its_aid = 37 DENM
system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EB,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=0,secured_mode=1,its_aid=36,certificate=CERT_TS_A_AT,sec_db_path=/home/vagrant/tmp/asn1c_cert)/ETH(mac_src=e2b7b30429eb)/PCAP(mac_src=e2b7b30429eb,nic=eth1,filter=and ether proto 0x8947)" # its_aid = 141 GeonNet mgnt
#system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EB,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=0,secured_mode=1,its_aid=36,certificate=CERT_TS_A_AT,sec_db_path=/home/vagrant/tmp/asn1c_cert)/COMMSIGNIA(mac_src=000000000011,use_vpn=1,target_host=10.8.0.1)/UDP(dst_ip=10.8.0.1,src_port=7943,dst_port=7943)" #system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EB,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=0,secu#red_mode=1,its_aid=36,certificate=CERT_TS_A_AT,sec_db_path=/home/vagrant/tmp/asn1c_cert)/ETH(mac_src=e2b7b30429eb)/PCAP(mac_src=e2b7b30429eb,nic=eth1,filter=and ether proto 0x8947)"
system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EB,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=0,secured_mode=1,its_aid=36,certificate=CERT_TS_A_AT,sec_db_path=/home/vagrant/tmp/asn1c_cert)/COMMSIGNIA(mac_src=000000000011,use_vpn=1,target_host=10.8.0.1)/UDP(dst_ip=10.8.0.1,src_port=7943,dst_port=7946)"
#system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EB,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=0,secured_mode=1,its_aid=36,certificate=CERT_TS_A_AT,sec_db_path=/home/vagrant/tmp/asn1c_cert)/COMMSIGNIA(mac_src=000000000011,target_host=10.8.0.1)/UDP_PCAP(dst_ip=10.8.0.1,dst_port=7943,src_ip=192.168.0.154,src_port=39474)/ETH(mac_src=0800275c4959,eth_type=0800)/PCAP(mac_src=0800275c4959,nic=tap0,filter=and (udp port 39474 or udp port 7943))" #system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EB,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=0,secured_mode=1,its_aid=36,certificate=CERT_TS_A_AT,sec_db_path=/home/vagrant/tmp/asn1c_cert)/COMMSIGNIA(mac_src=000000000011,target_host=10.8.0.1)/UDP_PCAP(dst_ip=10.8.0.1,dst_port=7943,src_ip=192.168.0.154,src_port=39474)/ETH(mac_src=0800275c4959,eth_type=0800)/PCAP(mac_src=0800275c4959,nic=tap0,filter=and (udp port 39474 or udp port 7943))"
#system.geoNetworkingPort.params := " #system.geoNetworkingPort.params := "
...@@ -138,17 +139,17 @@ system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EB,latitude=43551050 ...@@ -138,17 +139,17 @@ system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EB,latitude=43551050
# CAM UpperTester port based on UDP # CAM UpperTester port based on UDP
#system.camUtPort.params := "UT_CAM(loopback=1)" #system.camUtPort.params := "UT_CAM(loopback=1)"
system.denmUtPort.params := "UT_DENM/UDP(dst_ip=192.168.0.250)" # Simulator #system.denmUtPort.params := "UT_DENM/UDP(dst_ip=192.168.0.250)" # Simulator
system.camUtPort.params := "UT_CAM/UDP(dst_ip=192.168.0.250)" #system.camUtPort.params := "UT_CAM/UDP(dst_ip=192.168.0.250)"
system.utPort.params := "UT_GN/UDP(dst_ip=192.168.0.250,src_port=12345)" #system.utPort.params := "UT_GN/UDP(dst_ip=192.168.0.250,src_port=12345)"
#system.denmUtPort.params := "UT_DENM/UDP(dst_ip=172.23.0.1,dst_port=8000)" # Nordsys #system.denmUtPort.params := "UT_DENM/UDP(dst_ip=172.23.0.1,dst_port=8000)" # Nordsys
#system.utPort.params := "UT_CAM/UDP(dst_ip=172.28.128.4)" # Simulator Siemens #system.utPort.params := "UT_CAM/UDP(dst_ip=172.28.128.4)" # Simulator Siemens
#system.camUtPort.params := "UT_CAM/UDP(dst_ip=172.28.128.4)" # Simulator Siemens #system.camUtPort.params := "UT_CAM/UDP(dst_ip=172.28.128.4)" # Simulator Siemens
#system.utPort.params := "UT_CAM/UDP(dst_ip=10.8.0.1,dst_port=56000)" # Commsignia system.utPort.params := "UT_CAM/UDP(dst_ip=10.8.0.1,dst_port=56000)" # Commsignia
#system.camUtPort.params := "UT_CAM/UDP(dst_ip=10.8.0.1,dst_port=56000)" system.camUtPort.params := "UT_CAM/UDP(dst_ip=10.8.0.1,dst_port=56000)"
#system.denmUtPort.params := "UT_DENM/UDP(dst_ip=10.8.0.1,dst_port=56000)" system.denmUtPort.params := "UT_DENM/UDP(dst_ip=10.8.0.1,dst_port=56000)"
[EXECUTE] [EXECUTE]
...@@ -160,7 +161,7 @@ system.utPort.params := "UT_GN/UDP(dst_ip=192.168.0.250,src_port=12345)" ...@@ -160,7 +161,7 @@ system.utPort.params := "UT_GN/UDP(dst_ip=192.168.0.250,src_port=12345)"
# ------------------------- CAM --------------------------- # ------------------------- CAM ---------------------------
# Check that IUT sends the secured CAM using SignedData container. # Check that IUT sends the secured CAM using SignedData container.
ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_01_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_01_BV
# Check that IUT sends the secured CAM containing the HeaderInfo field psid set to 'AID_CAM'. # Check that IUT sends the secured CAM containing the HeaderInfo field psid set to 'AID_CAM'.
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_02_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_02_BV
...@@ -216,7 +217,7 @@ ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_01_BV ...@@ -216,7 +217,7 @@ ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_01_BV
# headerInfo field when it received a CAM containing a request for unrecognized certificate that # headerInfo field when it received a CAM containing a request for unrecognized certificate that
# matches with the currently used AA certificate ID of the IUT. # matches with the currently used AA certificate ID of the IUT.
# (PICS_SEC_P2P_AT_DISTRIBUTION) # (PICS_SEC_P2P_AT_DISTRIBUTION)
#ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_13_BV ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_13_BV
# Check that IUT sends the secured CAM containing the AA certificate in the requestedCertificate headerInfo # Check that IUT sends the secured CAM containing the AA certificate in the requestedCertificate headerInfo
# field when it received a CAM containing a request for unrecognized certificate that matches with the known # field when it received a CAM containing a request for unrecognized certificate that matches with the known
......
...@@ -318,6 +318,7 @@ system.pkiPort.params := "PKI/HTTP(device_mode=1,uri=/its/inner_ec_request,host= ...@@ -318,6 +318,7 @@ system.pkiPort.params := "PKI/HTTP(device_mode=1,uri=/its/inner_ec_request,host=
#TestCodec_Certificates.tc_certificate_asn1c_1 #TestCodec_Certificates.tc_certificate_asn1c_1
#TestCodec_Certificates.tc_certificate_asn1c_2 #TestCodec_Certificates.tc_certificate_asn1c_2
#TestCodec_Certificates.tc_certificate_gemalto_1 #TestCodec_Certificates.tc_certificate_gemalto_1
TestCodec_Certificates.tc_certificate_atos_1
# Secured messages # Secured messages
#TestCodec_SecuredMessages.tc_ssp_cam_1 #TestCodec_SecuredMessages.tc_ssp_cam_1
#TestCodec_SecuredMessages.tc_ssp_cam_2 #TestCodec_SecuredMessages.tc_ssp_cam_2
...@@ -353,7 +354,7 @@ system.pkiPort.params := "PKI/HTTP(device_mode=1,uri=/its/inner_ec_request,host= ...@@ -353,7 +354,7 @@ system.pkiPort.params := "PKI/HTTP(device_mode=1,uri=/its/inner_ec_request,host=
#TestCodec_SignedAndEncryptedMessages.tc_decrypted_signed_message_2 #TestCodec_SignedAndEncryptedMessages.tc_decrypted_signed_message_2
#TestCodec_SignedAndEncryptedMessages.tc_decrypted_signed_message_3 #TestCodec_SignedAndEncryptedMessages.tc_decrypted_signed_message_3
#TestCodec_SignedAndEncryptedMessages.tc_decrypted_signed_message_4 #TestCodec_SignedAndEncryptedMessages.tc_decrypted_signed_message_4
TestCodec_SignedAndEncryptedMessages.tc_decrypted_signed_message_5 #TestCodec_SignedAndEncryptedMessages.tc_decrypted_signed_message_5
# Pki # Pki
#TestCodec_Pki.tc_encode_inner_ec_response_1 #TestCodec_Pki.tc_encode_inner_ec_response_1
......
...@@ -151,47 +151,49 @@ module ItsPki_TestCases { ...@@ -151,47 +151,49 @@ module ItsPki_TestCases {
function f_verify_http_at_request_from_iut( function f_verify_http_at_request_from_iut(
in Request p_request, in Request p_request,
in HeaderLines p_headers, in HeaderLines p_headers,
in InnerEcResponse p_inner_ec_resonse, out InnerAtRequest p_inner_at_request,
out InnerAtRequest pinner_at_request,
out HttpMessage p_response, out HttpMessage p_response,
out integer p_result out integer p_result,
in template octetstring p_its_id := PICS_ITS_S_CANONICAL_ID,
in EnrolmentResponseCode p_force_response_code := ok
) runs on ItsPkiHttp { ) runs on ItsPkiHttp {
// Local variables // Local variables
var Ieee1609Dot2Data v_ieee1609dot2_signed_and_encrypted_data; var Ieee1609Dot2Data v_ieee1609dot2_signed_and_encrypted_data;
var EtsiTs102941Data v_etsi_ts_102941_data; var EtsiTs102941Data v_etsi_ts_102941_data;