Merge branch 'STF525' of https://forge.etsi.org/gitlab/ITS/ITS into STF525

b8076111 · Yann Garcia · 38f9ef28 · 7170f4fa · b8076111 · b8076111
Commit b8076111 authored Mar 24, 2020 by Yann Garcia
--- a/ccsrc/Externals/LibItsSecurity_externals.cc
+++ b/ccsrc/Externals/LibItsSecurity_externals.cc
@@ -1046,7 +1046,7 @@ namespace LibItsSecurity__Functions
    p__publicKeyY = k.public_key_y();
    p__publicKeyCompressed = k.public_key_compressed();
    p__compressedMode = INTEGER((int)k.public_key_compressed_mode());
-    
+
    return TRUE;
  }


--- a/ccsrc/Protocols/Security/security_ecc.cc
+++ b/ccsrc/Protocols/Security/security_ecc.cc
@@ -680,7 +680,11 @@ int security_ecc::encrypt(const encryption_algotithm p_enc_algorithm, const OCTE
 }

 int security_ecc::decrypt(const encryption_algotithm p_enc_algorithm, const OCTETSTRING& p_key, const OCTETSTRING& p_nonce, const OCTETSTRING& p_tag, const OCTETSTRING& p_enc_message, OCTETSTRING& p_message) {
-  loggers::get_instance().log(">>> security_ecc::decrypt: %d", p_enc_algorithm);
+  loggers::get_instance().log(">>> security_ecc::decrypt: p_enc_algorithm=%d", p_enc_algorithm);
+  loggers::get_instance().log_msg(">>> security_ecc::decrypt: p_key=", p_key);
+  loggers::get_instance().log_msg(">>> security_ecc::decrypt: p_nonce", p_nonce);
+  loggers::get_instance().log_msg(">>> security_ecc::decrypt: p_tag", p_tag);
+  loggers::get_instance().log_msg(">>> security_ecc::decrypt: p_enc_message", p_enc_message);

  _encryption_algotithm = p_enc_algorithm;
  _sym_key = p_key;

--- a/data/v3/asn1c_cert.tar.bz2
+++ b/data/v3/asn1c_cert.tar.bz2
--- a/etc/AtsPki/AtsPki_Idnomic.cfg_
+++ b/etc/AtsPki/AtsPki_Idnomic.cfg_
@@ -19,12 +19,14 @@ LibItsPki_Pics.PICS_HEADER_HOST_EC     := "ea.utopia.plugtests2019.innovation.ke
 LibItsPki_Pics.PICS_HEADER_HOST_ATV    := "ea.utopia.plugtests2019.innovation.keynectis.net"
 LibItsPki_Pics.PICS_HEADER_HOST_AT     := "aa.utopia.plugtests2019.innovation.keynectis.net"
 LibItsPki_Pics.PICS_HEADER_HOST_CA     := "dc.plugtests2019.innovation.keynectis.net"
+LibItsPki_Pics.PICS_HEADER_HOST_TLM    := "cpoc.jrc.ec.europa.eu"

 LibItsPki_Pics.PICS_HTTP_POST_URI_EC   := "/"
 LibItsPki_Pics.PICS_HTTP_POST_URI_AT   := "/"
 LibItsPki_Pics.PICS_HTTP_POST_URI_ATV  := "/"
 LibItsPki_Pics.PICS_HTTP_GET_URI_CTL   := "/getctl/1D3C7B499A054F8C";
 LibItsPki_Pics.PICS_HTTP_GET_URI_CRL   := "/getcrl/1D3C7B499A054F8C";
+LibItsPki_Pics.PICS_HTTP_GET_URI_ECTL  := "/data/certificates/ectl/ECTL_TEST_ETSI-PLUGTEST_6.0_2019-11-07.oer"

 LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY  := '5C25F97607DFC62972A147FAD8B7A7C939569F0F95ECD4C641724A68B51836E5'O
 LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY   := '020144E5174B0AFDA86BDB8B643B68D40030F5BDB9A9F090C64852CC3C20C9D5AD'O
@@ -72,11 +74,11 @@ system.httpAtVPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)
 #system.httpAtVPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server_mode=1,server=192.168.1.41,local_port=80)" # Multiple HTTP component ports specific to TC_SECPKI_AA_AUTHVAL_xx
 system.httpAtPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=aa.utopia.plugtests2019.innovation.keynectis.net)"
 system.httpCaPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=dc.plugtests2019.innovation.keynectis.net)"
-
+system.httpTlmPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=cpoc.jrc.ec.europa.eu,use_ssl=1)"

 [EXECUTE]
 # The EnrolmentResponse message shall be sent by the EA to the ITS-S across the interface at reference point S3 in response to a received EnrolmentRequest message
-#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV
+ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV

 # Check that EA doesn't accept Enrolment rekeying request when enrolment is not permitted by signing certificate (not containing an item of type PsidSsp)
 #ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_02_BI_01
@@ -184,9 +186,12 @@ system.httpCaPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/
 #ItsPki_TestCases.TC_SECPKI_AA_AUTHVAL_01_BV

 # Check that the RootCA generates the Full CTL when new EA is about to be added to the Root CTL
-ItsPki_TestCases.TC_RCA_CTLGEN_01_BV
+#ItsPki_TestCases.TC_RCA_CTLGEN_01_BV
 # Check that the RootCA generates the CRL when CA certificate is about to be revoked
-ItsPki_TestCases.TC_RCA_CRLGEN_02_BV
+#ItsPki_TestCases.TC_RCA_CRLGEN_02_BV
+
+# Check that the TLM generates the ECTL when new RootCA is about to be added
+#ItsPki_TestCases.TC_TLM_ECTLGEN_01_BV

 [MAIN_CONTROLLER]
 # The options herein control the behavior of MC.

--- a/etc/AtsRSUsSimulator/AtsRSUSimulator.cfg
+++ b/etc/AtsRSUsSimulator/AtsRSUSimulator.cfg
@@ -71,7 +71,7 @@ LibItsPki_Pics.PICS_HTTP_POST_URI_AT                 := "/aa/authorization"
 LibItsPki_Pics.PICS_HTTP_POST_URI_ATV                := "/ea/authval"
 LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY  := '5C25F97607DFC62972A147FAD8B7A7C939569F0F95ECD4C641724A68B51836E5'O
 LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY   := '020144E5174B0AFDA86BDB8B643B68D40030F5BDB9A9F090C64852CC3C20C9D5AD'O
-LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID               := '1B4CA1210123AE900BBE6C3EBAE7E87DA20DBDAB1E7B2EC0691C51C1021900AA'O
+LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID               := '455453492D4954532D303031'O
 LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID             := "CERT_TS_A_EA"
 LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID             := "CERT_TS_A_AA"


--- a/ttcn/AtsPki/ItsPki_TestCases.ttcn
+++ b/ttcn/AtsPki/ItsPki_TestCases.ttcn
@@ -58,6 +58,7 @@ module ItsPki_TestCases {
  import from LibItsHttp_BinaryTemplates all;
  import from LibItsHttp_Functions all;
  import from LibItsHttp_TestSystem all;
+  import from LibItsHttp_Pics all;
  
  // LibItsPki
  import from LibItsPki_TypesAndValues all;
@@ -8902,7 +8903,7 @@ module ItsPki_TestCases {
  group ca_behavior {
  
    group ctl {
-    
+      
      /**
       * @desc Check that the RootCA generates the Full CTL when new EA is about to be added to the Root CTL
       * <pre>
@@ -8949,7 +8950,7 @@ module ItsPki_TestCases {
        // Test adapter configuration
        
        // Preamble
-        f_init_default_headers_list(-, "ca_request", v_headers);
+        f_init_default_headers_list(PICS_HEADER_CTL_CONTENT_TYPE, "ca_request", v_headers);
        action("The RootCA is triggered to add new EA certificate (CERT_EA) in the CTL");
        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
        
@@ -9047,7 +9048,7 @@ module ItsPki_TestCases {
        // Test adapter configuration
        
        // Preamble
-        f_init_default_headers_list(-, "ca_request", v_headers);
+        f_init_default_headers_list(PICS_HEADER_CRL_CONTENT_TYPE, "ca_request", v_headers);
        action("the RootCA is triggered to add new CA certificate (CERT_CA) to the revocation list");
        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
        
@@ -9104,4 +9105,111 @@ module ItsPki_TestCases {
  
  } // End of group ca_behavior
  
+  group tlm_behavior {
+    
+    group ctl {
+
+      /**
+       * @desc Check that the TLM generates the ECTL when new RootCA is about to be added
+       * <pre>
+       * Pics Selection: PICS_IUT_CA_ROLE
+       * Initial conditions: 
+       *     }
+       * Expected behaviour:
+       *     ensure that {
+       *         when {
+       *             the TLM is triggered to add new RootCA certificate (CERT_RCA) in the CTL
+       *         }
+       *         then {
+       *             the IUT issue a new CTL of type CtlFormat
+       *                 containing isFullCtl
+       *                     indicating TRUE
+       *                 and containing ctlCommands
+       *                     containing CtlCommand
+       *                         containing add
+       *                             containing rca
+       *                                 containing selfsignedRootCa
+       *                                     indicating CERT_RCA
+       *         }
+       *     }
+       * </pre>
+       * 
+       * @see       ETSI TS 103 525-2 TP TLM_ECTLGEN_01_BV
+       * @reference ETSI TS 102 941, clause 6.3.1
+       */
+      testcase TC_TLM_ECTLGEN_01_BV() runs on ItsPkiHttp system ItsPkiHttpSystem {
+        // Local variables
+        var HeaderLines v_headers;
+        var HttpMessage v_response;
+        
+        // Test control
+        if (not PICS_IUT_CA_ROLE) {
+          log("*** " & testcasename() & ": PICS_IUT_CA_ROLE required for executing the TC ***");
+          setverdict(inconc);
+          stop;
+        }
+        
+        // Test component configuration
+        f_cfHttpUp_tlm();
+        
+        // Test adapter configuration
+        
+        // Preamble
+        f_init_default_headers_list(PICS_HEADER_CTL_CONTENT_TYPE, "tlm_request", v_headers);
+        action("The TLM is triggered to add new RootCA certificate (CERT_RCA) in the CTL");
+        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
+        
+        // Test Body
+        f_http_send(
+                    v_headers,
+                    m_http_request(
+                                   m_http_request_get(
+                                                      PICS_HTTP_GET_URI_ECTL,
+                                                      v_headers
+                                                      )));
+        tc_ac.start;
+        alt {
+          [] httpTlmPort.receive(
+                                 mw_http_response(
+                                                  mw_http_response_ok(
+                                                                      mw_http_message_body_binary(
+                                                                                                  mw_binary_body_ieee1609dot2_data(
+                                                                                                                                   mw_etsiTs103097Data_signed(
+                                                                                                                                                              mw_signedData(
+                                                                                                                                                                            -,
+                                                                                                                                                                            mw_toBeSignedData(                                                                                                                                                            mw_signedDataPayload                                                                                                                                        ),
+                                                                                                                                                                            mw_signerIdentifier_digest
+                                                                                                                                                                            ))))))) -> value v_response {
+            var ToBeSignedRcaCtl v_to_be_signed_tlm_ectl;
+
+            tc_ac.stop;
+
+            if (f_verify_rca_ctl_response_message(v_response.response.body.binary_body.ieee1609dot2_data, true, v_to_be_signed_tlm_ectl) == false) {
+              log("*** " & testcasename() & ": FAIL: Failed to verify RCA message ***");
+              f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+            } else {
+              if (f_verify_full_ectl(v_to_be_signed_tlm_ectl) == true) {
+                log("*** " & testcasename() & ": PASS: ToBeSignedRcaCtl received ***");
+                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
+              } else {
+                log("*** " & testcasename() & ": FAIL: Receive unexpected message ***");
+                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+              }
+            }
+          }
+          [] tc_ac.timeout {
+            log("*** " & testcasename() & ": INCONC: Expected message not received ***");
+            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
+          }
+        } // End of 'alt' statement
+
+        // Postamble
+        f_cfHttpDown_tlm();
+
+      } // End of testcase TC_TLM_ECTLGEN_01_BV
+
+    } // End of group ctl
+
+  } // End of group tlm_behavior
+
 } // End of module ItsPki_TestCases
--- a/ttcn/AtsRSUsSimulator/ItsRSUsSimulator_Functions.ttcn
+++ b/ttcn/AtsRSUsSimulator/ItsRSUsSimulator_Functions.ttcn
@@ -1389,7 +1389,6 @@ module ItsRSUsSimulator_Functions {
                                                                     vc_at_counter,
                                                                     vc_at_certificates
                                                                     ));
-          //v_pki.done;
          repeat;
        }
        [] cfPort.receive {

--- a/LibIts @ 63ccaf66
+++ b/LibIts @ 63ccaf66
-Subproject commit 85cb2b6c78a91a7d1370036baa632d557c509ed4
+Subproject commit 63ccaf6630a5e2f37f949f23cdeee2cfdbbe0f48