[MODULE_PARAMETERS] # This section shall contain the values of all parameters that are defined in your TTCN-3 modules. # The GeoNetworking address of the IUT. LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := { typeOfAddress := e_initial, stationType := e_passengerCar, #e_roadSideUnit, stationCountryCode := 0, #33, mid := 'BA749705A41D'O } LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB # Enable Security support LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true # Root path to access certificate stored in files, identified by certficate ID LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp" # Configuration sub-directory to access certificate stored in files LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert" [LOGGING] # In this section you can specify the name of the log file and the classes of events # you want to log into the file or display on console (standard error). LogFile := "../logs/%e.%h-%r.%s" FileMask := LOG_ALL | USER | DEBUG | MATCHING ConsoleMask := LOG_ALL | USER | DEBUG | MATCHING #FileMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP #ConsoleMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP LogSourceInfo := Stack LogEntityName:= Yes LogEventTypes:= Yes #TimeStampFormat := DateTime [TESTPORT_PARAMETERS] # In this section you can specify parameters that are passed to Test Ports. # CAM Layer # next_header : btpA|btpB (overwrite BTP.type) # header_type : tsb|gbc # header_sub_type : sh (single hop) # DENM Layer # next_header : btpA|btpB (overwrite BTP.type) # header_type : tsb|gbc # BTP Layer # type : btpA|btpB # destination port: dst_port # source port : src_port # device_mode : Set to 1 if the layer shall encapsulate upper layer PDU # device_mode : Set to 1 if the layer shall encapsulate upper layer PDU # GN Layer # ll_address : GeoNetworking address of the Test System # latitude : latitude of the Test System # longitude : longitude of the Test System # beaconing : Set to 1 if GnLayer shall start beaconing # Beaconning timer expiry: expiry (ms) # device_mode : Set to 1 if the layer shall encapsulate upper layer PDU # secured_mode : Set to 1 if message exchanges shall be signed # encrypted_mode : Set to 1 if message exchanges shall be encrypted # NOTE: For signed & encrypted message exchanges, both secured_mode and encrypted_mode shall be set to 1 # sec_db_path : Path to the certificates and keys storage location # hash : Hash algorithm to be used when secured mode is set # Authorized values are SHA-256 or SHA-384 # Default: SHA-256 # signature : Signature algorithm to be used when secured mode is set # Authorized values are NISTP-256, NISTP-384, BP-256 and BP-384 # Default: NISTP-256 # cypher : Cyphering algorithm to be used when secured mode is set # Authorized values are NISTP-256, BP-256 and BP-384 # Default: NISTP-256 # Ethernet layer # mac_src :Source MAC address # mac_bc :Broadcast address # eth_type : Ethernet type # Commsignia layer # mac_src : Device MAC address, used to discard packets # To indicate no filering, use the value 000000000000 # mac_bc : Broadcast address # eth_type : Ethernet type, used to discard packets # target_host : Device address # target_port : Device port # source_port : Test System port # interface_id: Interface id, used to discard packets # tx_power : TX power (dB) # UDP layer (IP/UDP based on Pcap) # dst_ip : destination IPv4 address (aa.bb.cc.dd) # dst_port: destination port # src_ip : source IPv4 address (aa.bb.cc.dd) # src_port: source port # Pcap layer # mac_src : Source MAC address, used to exclude from capture the acket sent by the Test System # filter : Pcap filter (compliant with tcpdump syntax) # Online mode: # nic: Local NIC # If set, online mode is used # Offline mode (nic is present but not set): # file : File to read # frame_offset: Frame offset, used to skip packets with frame number < frame_offset # time_offset : Time offset, used to skip packets with time offset < time_offset # save_mode : 1 to save sent packet, 0 otherwise # Single GeoNetworking component port system.geoNetworkingPort.params := "GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=0,secured_mode=1,its_aid=141,secured_mode=1,certificate=CERT_TS_A_AT,sec_db_path=/home/vagrant/tmp/asn1c_cert)/ETH(mac_src=e2b7b30429eb)/PCAP(mac_src=e2b7b30429eb,nic=tap0,filter=and ether proto 0x8947)" # Nordsys #system.geoNetworkingPort.params := " # GN(ll_address=4C5E0C14D2EC,latitude=43551050,longitude=10298730,beaconing=0,expiry=1000)/ # ETH(mac_src=803f5d092bdc,mac_bc=FFFFFFFFFFFF,eth_type=8947)/ # PCAP_FILE(file=../testdata/TC_SEC_ITSS_SND_CAM_01_BV.pcap,realtime=yes, delay=5000)" # GeoNetworking UpperTester port based on UDP #system.utPort.params := "UT_GN(loopback=1)" # CAM UpperTester port based on UDP #system.camUtPort.params := "UT_CAM(loopback=1)" system.utPort.params := "UT_CAM/UDP(dst_ip=172.23.0.1,dst_port=8000)" # Nordsys system.camUtPort.params := "UT_CAM/UDP(dst_ip=172.23.0.1,dst_port=8000)" # Nordsys [EXECUTE] #Check that ITS-S sends a Ieee1609Dot2Data containing protocol version set to 3 #ItsSecurity_TestCases.TC_SEC_ITSS_SND_MSG_01_BV # ------------------------- CAM --------------------------- # Check that IUT sends the secured CAM using SignedData container. #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_01_BV # Check that IUT sends the secured CAM containing the HeaderInfo field psid set to 'AID_CAM'. #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_02_BV # Check that IUT sends the secured CAM with the HeaderInfo containing generationTime # and doesn't containing expiryTime, generationLocation, encryptionKey, p2pcdLearningRequest, missingCrlIdentifier. #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_03_BV # Check that IUT sends the secured CAM containing signer containing either certificate or digest; # Check that signing certificate has permissions to sign CAM messages. #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_04_BV # Check that IUT calculate the digest of certificate using proper hash algorithm; # Check that IUT canonicalize certificates before hash calculation. ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_05_BV # Check that IUT sends the secured CAM containing the signing certificate when over the time of one # second no other secured CAM contained the certificate was sent. #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_06_BV # Check that IUT sends the secured CAM containing the signing certificate when the timeout of one second # has been expired after the previous CAM containing the certificate. #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_07_BV # Check that IUT sends the secured CAM containing the signing certificate when the IUT received CAM from an unknown ITS-S. #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_08_BV # Check that IUT restarts the certificate sending timer when the certificate has been sent. #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_09_BV # Check that the IUT sends certificate request when it receives secured CAM containing # digest of unknown certificate as a message signer. # (PICS_SEC_P2P_AT_DISTRIBUTION) #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_10_BV # Check that the IUT sends certificate request when it receives secured CAM # containing certificate signed by unknown AA certificate. # (PICS_SEC_P2P_AT_DISTRIBUTION and PICS_SEC_SHA256) #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_11_01_BV # Check that the IUT sends certificate request when it receives secured CAM # containing certificate signed by unknown AA certificate. # (PICS_SEC_P2P_AT_DISTRIBUTION and PICS_SEC_SHA384) #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_11_02_BV # Check that IUT sends the secured CAM containing the signing certificate when it received # a CAM containing a request for unrecognized certificate that matches with the currently # used AT certificate ID of the IUT. # (PICS_SEC_P2P_AT_DISTRIBUTION) #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_12_BV # Check that IUT sends the secured CAM containing the AA certificate in the requestedCertificate # headerInfo field when it received a CAM containing a request for unrecognized certificate that # matches with the currently used AA certificate ID of the IUT. # (PICS_SEC_P2P_AT_DISTRIBUTION) #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_13_BV # Check that IUT sends the secured CAM containing the AA certificate in the requestedCertificate headerInfo # field when it received a CAM containing a request for unrecognized certificate that matches with the known # AA certificate ID which is not currently used by the IUT. # (PICS_SEC_P2P_AA_DISTRIBUTION) #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_14_BV # Check that the IUT doesn't send a secured CAM containing the AA certificate in the requestedCertificate # headerInfo field when it was previously requested and already received from another ITS-S. # (PICS_SEC_P2P_AA_DISTRIBUTION) #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_15_BV # Check that the IUT doesn't send a secured CAM containing the AA certificate in the requestedCertificate # headerInfo field when it contains certificate in the signer field. # (PICS_SEC_P2P_AA_DISTRIBUTION) #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_16_BV # Check that the IUT send a secured CAM containing the AA certificate in the # requestedCertificate headerInfo field with the next CAM containing digest as a signer info. # (PICS_SEC_P2P_AA_DISTRIBUTION) #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_17_BV # Check that IUT sends the secured CAM containing generation time and this time is inside the validity period of the signing certificate; # Check that message generation time value is realistic #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_18_BV # Check that IUT sends the secured CAM containing the 'data' field in signed data payload, # containing the EtsiTs103097Data of type unsecured, contained the CAM payload #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_19_BV # Check that the IUT sends the secured CAM signed with the certificate containing appPermisions # allowing to sign CA messages #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_20_BV # Check that IUT sends the secured CAM containing signature; # Check that the signature is calculated over the right fields # and using right hash algorythm by cryptographically verifying the signature #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_21_BV # Check that IUT sends the secured CAM containing signature containing the ECC point of type set to # either compressed_lsb_y_0, compressed_lsb_y_1 or x_coordinate_only. #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_22_BV # Check that IUT doesn't send secured CAMs if IUT is authorized with AT certificate doesn't allowing sending messages in this location. #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_23_BV # Check that IUT doesn't send the secured CAM if IUT is configured to use an AT certificate without # region validity restriction and generation location is outside of the region of the issuing AA certificate. #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_24_BV # Check that IUT doesn't send secured CAMs if all AT certificates installed on the IUT was expired. #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_25_BV # Check that IUT doesn't send secured CAMs if all AT certificates installed on the IUT have the starting time in the future. #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_26_BV # Check that IUT doesn't send secured CAMs if IUT doesn't possess an AT certificate allowing sending CAM by its appPermissions. #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CAM_27_BV #--------------------------------------- DENM ------------------------------------------ #ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_01_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_02_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_03_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_04_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_05_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_06_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_07_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_08_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_09_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_10_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_11_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_12_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_13_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_14_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_15_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_16_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_17_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_DENM_18_BV #--------------------------------------- OTHER MESSAGES ------------------------------------------ #ItsSecurity_TestCases.TC_SEC_ITSS_SND_GENMSG_01_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_GENMSG_02_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_GENMSG_03_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_GENMSG_04_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_GENMSG_05_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_GENMSG_06_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_GENMSG_07_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_GENMSG_08_BV #--------------------------------------- ENCRYPTED MESSAGES ------------------------------------------ # (PICS_SEC_ENCRYPTION_SUPPORT) #ItsSecurity_TestCases.TC_SEC_ITSS_SND_ENC_01_BV # (PICS_SEC_ENCRYPTION_SUPPORT) #ItsSecurity_TestCases.TC_SEC_ITSS_SND_ENC_02_BV # (PICS_SEC_ENCRYPTION_SUPPORT) #ItsSecurity_TestCases.TC_SEC_ITSS_SND_ENC_03_BV # (PICS_SEC_ENCRYPTION_SUPPORT) #ItsSecurity_TestCases.TC_SEC_ITSS_SND_ENC_04_BV # (PICS_SEC_ENCRYPTION_SUPPORT) #ItsSecurity_TestCases.TC_SEC_ITSS_SND_ENC_05_BV # (PICS_SEC_ENCRYPTION_SUPPORT) #--------------------------------------- CERTIFICATE TESTING ------------------------------------------ #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_01_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_02_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_03_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_04_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_05_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_06_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_07_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_08_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_09_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_10_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_11_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_12_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_13_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_14_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_15_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_16_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_17_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_18_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_19_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_20_BV #ItsSecurity_TestCases.TC_SEC_ITSS_SND_CERT_21_BV #--------------------------------------- Internal tests (to be removed) ------------------------------------------ #ItsSecurity_TestCases.TC_TEST_1 [MAIN_CONTROLLER] # The options herein control the behavior of MC. KillTimer := 10.0 TCPPort := 0 LocalAddress := 127.0.0.1 TCPPort := 12000 NumHCs := 1