Commit b9b1f6fd authored by mullers's avatar mullers
Browse files

Merged revision(s) 1925-2226 from branches/STF484_VALIDATION

parent 9bdb3b4a
@echo off
REM Output path
REM Path where certificates must be stored
SET OUTPATH=certificates
REM IUT public key file
REM Set it for IUTs which store private keys internally
REM SET IUT_PUBLIC_KEY=<path>
REM Certificate generator path
REM Visual studio
SET CERTGEN=..\tools\itscertgen\build\msvc\Debug\itscertgen.exe
REM MINGW32
REM SET CERTGEN=..\tools\itscertgen\build\mingw32-d\itscertgen.exe
REM ---------------------------------------------------------------
if DEFINED IUT_PUBLIC_KEY (
IF NOT EXIST %IUT_PUBLIC_KEY% (^
echo %IUT_PUBLIC_KEY%: IUT public key file not found
exit 1
)
)
if not exist %OUTPATH% md %OUTPATH%
REM Generate Generic TS certificates
for %%f in ( profiles\CERT_*_ROOT.xml ^
profiles\CERT_TS_?_EA.xml profiles\CERT_TS_??_EA.xml ^
profiles\CERT_TS_?_AA.xml profiles\CERT_TS_??_AA.xml ^
profiles\CERT_TS_?_EC.xml profiles\CERT_TS_??_EC.xml ^
profiles\CERT_TS_?_AT.xml profiles\CERT_TS_??_AT.xml ) DO (
echo %%f:
%CERTGEN% -C gencerts.cfg -o %OUTPATH% %%f
)
REM Generate various valid or invalid TS certificates
for %%f in ( profiles\CERT_*_BO_CA.xml profiles\CERT_*_BV_CA.xml ^
profiles\CERT_*_BO_AA.xml profiles\CERT_*_BV_AA.xml ^
profiles\CERT_*_BO_EA.xml profiles\CERT_*_BV_EA.xml ^
profiles\CERT_*_BO_EC.xml profiles\CERT_*_BV_EC.xml ^
profiles\CERT_*_BO_AT.xml profiles\CERT_*_BV_AT.xml ) DO (
echo %%f:
%CERTGEN% -C gencerts.cfg -o %OUTPATH% %%f
)
REM Generate IUT certificates
for %%f in (profiles\CERT_IUT_*.xml) DO (
echo %%f:
if DEFINED IUT_PUBLIC_KEY (
%CERTGEN% -C gencerts.cfg -o %OUTPATH% -v %IUT_PUBLIC_KEY% %%f
) ELSE (
%CERTGEN% -C gencerts.cfg -o %OUTPATH% %%f
)
)
# Reuse already existing private and public keys if exists
reuse=yes
# Certificates and keys are provided as hexadecimal streams
format=hex
# Reference time point. The begining of the current year is used by default
#reftime=2015-01-01
# location of the IUT position
reflocation=51.4744200:5.6240500
#!/bin/sh
# Output path
# Path where certificates must be stored
OUTPATH=certificates
# IUT public key file
# Set it for IUTs which store private keys internally
# IUT_PUBLIC_KEY=<path>
# Certificate generator path
CERTGEN=../tools/itscertgen/build/itscertgen
#CERTGEN=../tools/itscertgen/build/msvc/Debug/itscertgen.exe
# ---------------------------------------------------------------
if ! [ -x "$CERTGEN" ]; then
echo "$CERTGEN: generator not found"
exit 1
fi
IUT_PARAMS=
if [ "x" != "x$IUT_PUBLIC_KEY" ]; then
[ -f "$IUT_PUBLIC_KEY" ] || ( echo "$IUT_PUBLIC_KEY: public key file not found" ; exit 1 )
IUT_PARAMS="-v \"$IUT_PUBLIC_KEY\""
fi
mkdir -p "$OUTPATH"
function generate()
{
echo "$1:"
"${CERTGEN}" -C gencerts.cfg -o "$OUTPATH" $IUT_PARAMS "$1" || exit 1
}
# Generate Generic Root certificates
ls -1 profiles/CERT_*_ROOT.xml 2>/dev/null | while read F; do generate "$F"; done
# Generate Generic authority certificates
ls -1 profiles/CERT_TS_?_CA.xml profiles/CERT_TS_??_CA.xml \
profiles/CERT_TS_?_EA.xml profiles/CERT_TS_??_EA.xml \
profiles/CERT_TS_?_AA.xml profiles/CERT_TS_??_AA.xml 2>/dev/null | while read F; do generate "$F"; done
# Generate Generic authorization tickets
ls -1 profiles/CERT_TS_?_AT.xml profiles/CERT_TS_??_AT.xml 2>/dev/null | while read F; do generate "$F"; done
# Generate various valid or invalid authority certificates
ls -1 profiles/CERT_*_BO_CA.xml profiles/CERT_*_BV_CA.xml 2>/dev/null | while read F; do generate "$F"; done
ls -1 profiles/CERT_*_BO_AA.xml profiles/CERT_*_BV_AA.xml 2>/dev/null | while read F; do generate "$F"; done
ls -1 profiles/CERT_*_BO_EA.xml profiles/CERT_*_BV_EA.xml 2>/dev/null | while read F; do generate "$F"; done
ls -1 profiles/CERT_*_BO_EC.xml profiles/CERT_*_BV_EC.xml 2>/dev/null | while read F; do generate "$F"; done
ls -1 profiles/CERT_*_BO_AT.xml profiles/CERT_*_BV_AT.xml 2>/dev/null | while read F; do generate "$F"; done
# Generate IUT certificates
[ -n "$IUT_PUBLIC_KEY" ] && IUT_PARAMS="-v \"$IUT_PUBLIC_KEY\""
ls -1 profiles/CERT_IUT_*.xml 2>/dev/null | while read F; do generate "$F" ; done
<certificate name="CERT_IUT_A_AT">
<version>2</version>
<signer type="digest" name="CERT_TS_A_AA"/>
<subject type="AT" name="">
<!-- verification_key -->
<attribute type="verification_key">
<public_key algorythm="0">
<ecc_point type="uncompressed"/>
</public_key>
</attribute>
<!-- assurance_level -->
<attribute type="assurance_level">
<assurance level="3"/>
</attribute>
<!-- its_aid_ssp_list -->
<attribute type="its_aid_ssp_list">
<ssp aid="36">&#01;&#xFF;&#xFF;</ssp> <!-- CAM -->
<ssp aid="37">&#01;&#xFF;&#xFF;&#xFF;</ssp> <!-- DENM -->
</attribute>
</subject>
<validity>
<restriction type="time" start="2015-01-01" end="2015-04-30"/>
<restriction type="region">
<none/>
</restriction>
</validity>
<signature algorithm="0"/>
</certificate>
<certificate name="CERT_IUT_B_AT">
<version>2</version>
<signer type="digest" name="CERT_TS_B_AA"/>
<subject type="AT" name="">
<!-- verification_key -->
<attribute type="verification_key">
<public_key algorythm="0">
<ecc_point type="uncompressed"/>
</public_key>
</attribute>
<!-- assurance_level -->
<attribute type="assurance_level">
<assurance level="3"/>
</attribute>
<!-- its_aid_ssp_list -->
<attribute type="its_aid_ssp_list">
<ssp aid="36">&#01;&#xFF;&#xFF;</ssp> <!-- CAM -->
<ssp aid="37">&#01;&#xFF;&#xFF;&#xFF;</ssp> <!-- DENM -->
</attribute>
</subject>
<validity>
<restriction type="time" start="2015-01-01" end="2015-04-30"/>
<restriction type="region">
<circle latitude="0.0" longitude="0.0" radius="5000"/>
</restriction>
</validity>
<signature algorithm="0"/>
</certificate>
<!-- Authorization ticket certificate with a rectangular region restriction
centered in ETSI coordinates and having a side length of 10 km
-->
<certificate name="CERT_IUT_C_AT">
<version>2</version>
<signer type="digest" name="CERT_TS_C_AA"/>
<subject type="AT" name="">
<!-- verification_key -->
<attribute type="verification_key">
<public_key algorythm="0">
<ecc_point type="uncompressed"/>
</public_key>
</attribute>
<!-- assurance_level -->
<attribute type="assurance_level">
<assurance level="3"/>
</attribute>
<!-- its_aid_ssp_list -->
<attribute type="its_aid_ssp_list">
<ssp aid="36">&#01;&#xFF;&#xFF;</ssp> <!-- CAM -->
<ssp aid="37">&#01;&#xFF;&#xFF;&#xFF;</ssp> <!-- DENM -->
</attribute>
</subject>
<validity>
<restriction type="time" start="2015-01-01" end="2015-04-30"/>
<restriction type="region">
<rectangle>
<location latitude="0.044949" longitude="-0.062157"/>
<location latitude="-0.044983" longitude="0.062064" />
</rectangle>
</restriction>
</validity>
<signature algorithm="0"/>
</certificate>
<!-- Authorization ticket certificate with a polygonal region restriction
representing a square centered at ETSI coordinates and having a side length of 10km
-->
<certificate name="CERT_IUT_D_AT">
<version>2</version>
<signer type="digest" name="CERT_TS_D_AA"/>
<subject type="AT" name="">
<!-- verification_key -->
<attribute type="verification_key">
<public_key algorythm="0">
<ecc_point type="uncompressed"/>
</public_key>
</attribute>
<!-- assurance_level -->
<attribute type="assurance_level">
<assurance level="3"/>
</attribute>
<!-- its_aid_ssp_list -->
<attribute type="its_aid_ssp_list">
<ssp aid="36">&#01;&#xFF;&#xFF;</ssp> <!-- CAM -->
<ssp aid="37">&#01;&#xFF;&#xFF;&#xFF;</ssp> <!-- DENM -->
</attribute>
</subject>
<validity>
<restriction type="time" start="2015-01-01" end="2015-04-30"/>
<restriction type="region">
<polygon>
<location latitude="0.044949" longitude="-0.062157"/>
<location latitude="0.044949" longitude="0.062064"/>
<location latitude="-0.044983" longitude="0.062064"/>
<location latitude="-0.044983" longitude="-0.062157"/>
</polygon>
</restriction>
</validity>
<signature algorithm="0"/>
</certificate>
<certificate name="CERT_IUT_E_AT">
<version>2</version>
<signer type="digest" name="CERT_TS_E_AA"/>
<subject type="AT" name="">
<!-- verification_key -->
<attribute type="verification_key">
<public_key algorythm="0">
<ecc_point type="uncompressed"/>
</public_key>
</attribute>
<!-- assurance_level -->
<attribute type="assurance_level">
<assurance level="3"/>
</attribute>
<!-- its_aid_ssp_list -->
<attribute type="its_aid_ssp_list">
<ssp aid="36">&#01;&#xFF;&#xFF;</ssp> <!-- CAM -->
<ssp aid="37">&#01;&#xFF;&#xFF;&#xFF;</ssp> <!-- DENM -->
</attribute>
</subject>
<validity>
<restriction type="time" start="2015-01-01" end="2015-04-30"/>
<restriction type="region">
<id dictionary="iso_3166_1" id="528" local="0"/> <!-- NL -->
</restriction>
</validity>
<signature algorithm="0"/>
</certificate>
<certificate name="CERT_TEST_ROOT" keep-existing="yes">
<version>2</version>
<signer type="self"></signer>
<subject type="ROOT" name="">
<!-- verification_key -->
<attribute type="verification_key">
<public_key algorythm="ecdsa_nistp256_with_sha256">
<ecc_point type="uncompressed"/>
</public_key>
</attribute>
<!-- assurance_level -->
<attribute type="assurance_level">
<assurance level="6" confidence="0"/>
</attribute>
<!-- its_aid_list -->
<attribute type="its_aid_list">
<aid value="36"/> <!-- CAM -->
<aid value="37"/> <!-- DENM -->
</attribute>
</subject>
<validity>
<restriction type="time" start="2015-01-01" end="2016-01-01"/>
<restriction type="region">
<none/>
</restriction>
</validity>
<signature algorithm="0"/>
</certificate>
<certificate name="CERT_TS_01_01_BO_AT">
<version>3</version>
<signer type="digest" name="CERT_TS_A_AA"/>
<subject type="AT" name="">
<!-- verification_key -->
<attribute type="verification_key">
<public_key algorythm="ecdsa_nistp256_with_sha256">
<ecc_point type="uncompressed"/>
</public_key>
</attribute>
<!-- assurance_level -->
<attribute type="assurance_level">
<assurance level="3"/>
</attribute>
<!-- its_aid_ssp_list -->
<attribute type="its_aid_ssp_list">
<ssp aid="36">&#01;&#xFF;&#xFF;</ssp> <!-- CAM -->
<ssp aid="37">&#01;&#xFF;&#xFF;&#xFF;</ssp> <!-- DENM -->
</attribute>
</subject>
<validity>
<restriction type="time" start="2015-01-01" end="2015-04-30"/>
<restriction type="region">
<none/>
</restriction>
</validity>
<signature algorithm="0"/>
</certificate>
<certificate name="CERT_TS_01_02_BO_AT">
<version>1</version>
<signer type="digest" name="CERT_TS_A_AA"/>
<subject type="AT" name="">
<!-- verification_key -->
<attribute type="verification_key">
<public_key algorythm="ecdsa_nistp256_with_sha256">
<ecc_point type="uncompressed"/>
</public_key>
</attribute>
<!-- assurance_level -->
<attribute type="assurance_level">
<assurance level="3"/>
</attribute>
<!-- its_aid_ssp_list -->
<attribute type="its_aid_ssp_list">
<ssp aid="36">&#01;&#xFF;&#xFF;</ssp> <!-- CAM -->
<ssp aid="37">&#01;&#xFF;&#xFF;&#xFF;</ssp> <!-- DENM -->
</attribute>
</subject>
<validity>
<restriction type="time" start="2015-01-01" end="2015-04-30"/>
<restriction type="region">
<none/>
</restriction>
</validity>
<signature algorithm="0"/>
</certificate>
<!-- Authorization authority certificate with version = 3 -->
<certificate name="CERT_TS_01_03_BO_AA">
<version>3</version>
<signer type="digest" name="CERT_TEST_ROOT"/>
<subject type="AA" name="">
<!-- verification_key -->
<attribute type="verification_key">
<public_key algorythm="ecdsa_nistp256_with_sha256">
<ecc_point type="uncompressed"/>
</public_key>
</attribute>
<!-- assurance_level -->
<attribute type="assurance_level">
<assurance level="4" confidence="0"/>
</attribute>
<!-- its_aid_list -->
<attribute type="its_aid_list">
<aid value="36"/> <!-- CAM -->
<aid value="37"/> <!-- DENM -->
</attribute>
</subject>
<validity>
<restriction type="time" start="2015-01-01" end="2015-04-30"/>
<restriction type="region">
<none/>
</restriction>
</validity>
<signature algorithm="0"/>
</certificate>
<certificate name="CERT_TS_01_03_BO_AT">
<version>2</version>
<signer type="digest" name="CERT_TS_01_03_BO_AA"/>
<subject type="AT" name="">
<!-- verification_key -->
<attribute type="verification_key">
<public_key algorythm="ecdsa_nistp256_with_sha256">
<ecc_point type="uncompressed"/>
</public_key>
</attribute>
<!-- assurance_level -->
<attribute type="assurance_level">
<assurance level="3"/>
</attribute>
<!-- its_aid_ssp_list -->
<attribute type="its_aid_ssp_list">
<ssp aid="36">&#01;&#xFF;&#xFF;</ssp> <!-- CAM -->
<ssp aid="37">&#01;&#xFF;&#xFF;&#xFF;</ssp> <!-- DENM -->
</attribute>
</subject>
<validity>
<restriction type="time" start="2015-01-01" end="2015-04-30"/>
<restriction type="region">
<none/>
</restriction>
</validity>
<signature algorithm="0"/>
</certificate>
<!-- Authorization authority certificate with version = 1 -->
<certificate name="CERT_TS_01_04_BO_AA">
<version>1</version>
<signer type="digest" name="CERT_TEST_ROOT"/>
<subject type="AA" name="">
<!-- verification_key -->
<attribute type="verification_key">
<public_key algorythm="ecdsa_nistp256_with_sha256">
<ecc_point type="uncompressed"/>
</public_key>
</attribute>
<!-- assurance_level -->
<attribute type="assurance_level">
<assurance level="4" confidence="0"/>
</attribute>
<!-- its_aid_list -->
<attribute type="its_aid_list">
<aid value="36"/> <!-- CAM -->
<aid value="37"/> <!-- DENM -->
</attribute>
</subject>
<validity>
<restriction type="time" start="2015-01-01" end="2015-04-30"/>
<restriction type="region">
<none/>
</restriction>
</validity>
<signature algorithm="0"/>
</certificate>
<certificate name="CERT_TS_01_04_BO_AT">
<version>2</version>
<signer type="digest" name="CERT_TS_01_04_BO_AA"/>
<subject type="AT" name="">
<!-- verification_key -->
<attribute type="verification_key">
<public_key algorythm="ecdsa_nistp256_with_sha256">
<ecc_point type="uncompressed"/>
</public_key>
</attribute>
<!-- assurance_level -->
<attribute type="assurance_level">
<assurance level="3"/>
</attribute>
<!-- its_aid_ssp_list -->
<attribute type="its_aid_ssp_list">
<ssp aid="36">&#01;&#xFF;&#xFF;</ssp> <!-- CAM -->
<ssp aid="37">&#01;&#xFF;&#xFF;&#xFF;</ssp> <!-- DENM -->
</attribute>
</subject>
<validity>
<restriction type="time" start="2015-01-01" end="2015-04-30"/>
<restriction type="region">
<none/>
</restriction>
</validity>
<signature algorithm="0"/>
</certificate>
<!-- AT certificate signed by EA cert -->
<certificate name="CERT_TS_02_01_BO_AT">
<version>2</version>
<signer type="digest" name="CERT_TS_A_EA"/>
<subject type="AT" name="">
<!-- verification_key -->
<attribute type="verification_key">
<public_key algorythm="ecdsa_nistp256_with_sha256">
<ecc_point type="uncompressed"/>
</public_key>
</attribute>
<!-- assurance_level -->
<attribute type="assurance_level">
<assurance level="3"/>
</attribute>
<!-- its_aid_ssp_list -->
<attribute type="its_aid_ssp_list">
<ssp aid="36">&#01;&#xFF;&#xFF;</ssp> <!-- CAM -->
<ssp aid="37">&#01;&#xFF;&#xFF;&#xFF;</ssp> <!-- DENM -->
</attribute>
</subject>
<validity>
<restriction type="time" start="2015-01-01" end="2015-04-30"/>
<restriction type="region">
<none/>
</restriction>
</validity>
<signature algorithm="0"/>
</certificate>
<!-- AA certificate signed by EA cert -->
<certificate name="CERT_TS_02_02_BO_AA">
<version>2</version>
<signer type="digest" name="CERT_TS_A_EA"/>
<subject type="AA" name="">
<!-- verification_key -->
<attribute type="verification_key">
<public_key algorythm="ecdsa_nistp256_with_sha256">
<ecc_point type="uncompressed"/>
</public_key>
</attribute>
<!-- assurance_level -->
<attribute type="assurance_level">
<assurance level="4" confidence="0"/>
</attribute>
<!-- its_aid_list -->
<attribute type="its_aid_list">
<aid value="36"/> <!-- CAM -->
<aid value="37"/> <!-- DENM -->
</attribute>
</subject>
<validity>
<restriction type="time" start="2015-01-01" end="2015-04-30"/>
<restriction type="region">
<none/>
</restriction>
</validity>
<signature algorithm="0"/>
</certificate>
<!-- AT certificate signed by AA which is signed by EA -->
<certificate name="CERT_TS_02_02_BO_AT">
<version>2</version>
<signer type="digest" name="CERT_TS_02_02_BO_AA"/>
<subject type="AT" name="">
<!-- verification_key -->
<attribute type="verification_key">
<public_key algorythm="ecdsa_nistp256_with_sha256">
<ecc_point type="uncompressed"/>
</public_key>
</attribute>
<!-- assurance_level -->
<attribute type="assurance_level">
<assurance level="3"/>
</attribute>
<!-- its_aid_ssp_list -->
<attribute type="its_aid_ssp_list">
<ssp aid="36">&#01;&#xFF;&#xFF;</ssp> <!-- CAM -->
<ssp aid="37">&#01;&#xFF;&#xFF;&#xFF;</ssp> <!-- DENM -->
</attribute>
</subject>
<validity>
<restriction type="time" start="2015-01-01" end="2015-04-30"/>
<restriction type="region">
<none/>
</restriction>
</validity>
<signature algorithm="0"/>
</certificate>
<!-- AT certificate used to sign other AT cert -->
<certificate name="CERT_TS_03_01_BO_AA">
<version>2</version>
<signer type="digest" name="CERT_TS_A_AA"/>
<subject type="AT" name="">
<!-- verification_key -->
<attribute type="verification_key">
<public_key algorythm="ecdsa_nistp256_with_sha256">
<ecc_point type="uncompressed"/>
</public_key>
</attribute>
<!-- assurance_level -->
<attribute type="assurance_level">
<assurance level="3"/>
</attribute>
<!-- its_aid_ssp_list -->
<attribute type="its_aid_ssp_list">
<ssp aid="36">&#01;&#xFF;&#xFF;</ssp> <!-- CAM -->
<ssp aid="37">&#01;&#xFF;&#xFF;&#xFF;</ssp> <!-- DENM -->
</attribute>
</subject>
<validity>
<restriction type="time" start="2015-01-01" end="2015-04-30"/>
<restriction type="region">